./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1403447172 <...> Warning: Permanently added '10.128.0.16' (ED25519) to the list of known hosts. execve("./syz-executor1403447172", ["./syz-executor1403447172"], 0x7ffef1233970 /* 10 vars */) = 0 brk(NULL) = 0x5555838ff000 brk(0x5555838ffd00) = 0x5555838ffd00 arch_prctl(ARCH_SET_FS, 0x5555838ff380) = 0 set_tid_address(0x5555838ff650) = 5840 set_robust_list(0x5555838ff660, 24) = 0 rseq(0x5555838ffca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1403447172", 4096) = 28 getrandom("\x35\x90\x33\xac\x3a\x61\x06\x22", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555838ffd00 brk(0x555583920d00) = 0x555583920d00 brk(0x555583921000) = 0x555583921000 mprotect(0x7f7145ecb000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.HjOJ5o", 0700) = 0 chmod("./syzkaller.HjOJ5o", 0777) = 0 chdir("./syzkaller.HjOJ5o") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached [pid 5841] set_robust_list(0x5555838ff660, 24 [pid 5840] <... clone resumed>, child_tidptr=0x5555838ff650) = 5841 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5841] chdir("./0") = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] write(3, "1000", 4) = 4 [pid 5841] close(3) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5841] write(1, "executing program\n", 18) = 18 [pid 5841] memfd_create("syzkaller", 0) = 3 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f713da00000 [pid 5841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5841] munmap(0x7f713da00000, 138412032) = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5841] close(3) = 0 [pid 5841] close(4) = 0 [pid 5841] mkdir("./file0", 0777) = 0 [ 117.960851][ T5841] loop0: detected capacity change from 0 to 32768 [ 118.047858][ T5841] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 118.063443][ T5841] bcachefs (loop0): recovering from clean shutdown, journal seq 13 [ 118.083349][ T5841] bcachefs (loop0): accounting_read... done [ 118.090125][ T5841] bcachefs (loop0): alloc_read... done [pid 5841] mount("/dev/loop0", "./file0", "bcachefs", 0, "\x10\xf7\xe7\xab\x27\x5e\x7b\x9e\xc1\x8a\x06\x63\x35\x54\xe2\xf6\xfa\xd2\xf9\xfb\xc1\x7a\x1b\x2f\xed\xc7\xf5\x95") = 0 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5841] chdir("./file0") = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 118.095732][ T5841] bcachefs (loop0): stripes_read... done [ 118.101616][ T5841] bcachefs (loop0): snapshots_read... done [ 118.109623][ T5841] bcachefs (loop0): journal_replay... done [ 118.115846][ T5841] bcachefs (loop0): resume_logged_ops... done [ 118.122115][ T5841] bcachefs (loop0): delete_dead_inodes... done [ 118.130677][ T5841] bcachefs (loop0): going read-write [ 118.141643][ T5841] bcachefs (loop0): done starting filesystem [pid 5841] ioctl(4, LOOP_CLR_FD) = 0 [pid 5841] close(4) = 0 [pid 5841] exit_group(0) = ? [pid 5841] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555839006f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 118.254679][ T5840] bcachefs (loop0): shutting down [ 118.260070][ T5840] bcachefs (loop0): going read-only [ 118.265591][ T5840] bcachefs (loop0): finished waiting for writes to stop [ 148.341763][ T5850] Allocator stuck? Waited for 30 seconds [ 148.341781][ T5850] Allocator debug: [ 148.341791][ T5850] capacity1536 [ 148.341800][ T5850] reserved 31232 [ 148.341810][ T5850] hidden 0 [ 148.341820][ T5850] btree 0 [ 148.341830][ T5850] data 0 [ 148.341839][ T5850] cached 0 [ 148.341849][ T5850] reserved 0 [ 148.341859][ T5850] online_reserved 24 [ 148.341868][ T5850] nr_inodes 0 [ 148.341878][ T5850] [ 148.341887][ T5850] freelist_wait waiting [ 148.341897][ T5850] open buckets allocated1 [ 148.341906][ T5850] open buckets total 1024 [ 148.341916][ T5850] open_buckets_wait empty [ 148.341926][ T5850] open_buckets_btree 0 [ 148.341936][ T5850] open_buckets_user 0 [ 148.341945][ T5850] btree reserve cache 0 [ 148.341955][ T5850] [ 148.341963][ T5850] Dev 0: [ 148.341972][ T5850] buckets sectors fragmented [ 148.341984][ T5850] free 0 0 0 [ 148.341995][ T5850] sb 0 0 0 [ 148.342007][ T5850] journal 0 0 0 [ 148.342019][ T5850] btree 0 0 0 [ 148.342030][ T5850] user 0 0 0 [ 148.342042][ T5850] cached 0 0 0 [ 148.342054][ T5850] parity 0 0 0 [ 148.342065][ T5850] stripe 0 0 0 [ 148.342077][ T5850] need_gc_gens 0 0 0 [ 148.342089][ T5850] need_discard 0 0 0 [ 148.342101][ T5850] unstriped 0 0 0 [ 148.342113][ T5850] capacity 128 [ 148.342136][ T5850] [ 148.342144][ T5850] reserves: [ 148.342153][ T5850] stripe 60 [ 148.342163][ T5850] normal 58 [ 148.342173][ T5850] copygc 56 [ 148.342183][ T5850] btree 28 [ 148.342193][ T5850] btree_copygc 0 [ 148.342202][ T5850] reclaim 0 [ 148.342212][ T5850] interior_updates 0 [ 148.342222][ T5850] [ 148.342231][ T5850] open buckets 0 [ 148.342240][ T5850] buckets to invalidate 0 [ 148.342250][ T5850] [ 148.342259][ T5850] Copygc debug: [ 148.342268][ T5850] running: 1 [ 148.342277][ T5850] copygc_wait:0 [ 148.342286][ T5850] copygc_wait_at:0 [ 148.342295][ T5850] Currently waiting for:0 B [ 148.342305][ T5850] Currently waiting since:640 KiB [ 148.342315][ T5850] Currently calculated wait:0 B [ 148.342325][ T5850] [ 148.342333][ T5850] Journal debug: [ 148.342343][ T5850] flags: replay_done,running,may_skip_flush,need_flush_write [ 148.342355][ T5850] dirty journal entries: 0/32768 [ 148.342366][ T5850] seq: 13 [ 148.342377][ T5850] seq_ondisk: 13 [ 148.342387][ T5850] last_seq: 14 [ 148.342397][ T5850] last_seq_ondisk: 14 [ 148.342406][ T5850] flushed_seq_ondisk: 13 [ 148.342416][ T5850] watermark: stripe [ 148.342427][ T5850] each entry reserved: 321 [ 148.342437][ T5850] nr flush writes: 0 [ 148.342446][ T5850] nr noflush writes: 0 [ 148.342456][ T5850] average write size: 0 B [ 148.342466][ T5850] nr direct reclaim: 0 [ 148.342476][ T5850] nr background reclaim: 0 [ 148.342486][ T5850] reclaim kicked: 0 [ 148.342496][ T5850] reclaim runs in: 0 ms [ 148.342506][ T5850] blocked: 0 [ 148.342520][ T5850] current entry sectors: 256 [ 148.342530][ T5850] current entry error: ok [ 148.342540][ T5850] current entry: closed [ 148.342550][ T5850] unwritten entries: [ 148.342559][ T5850] last buf closed [ 148.342568][ T5850] space: [ 148.342577][ T5850] discarded 256:1792 [ 148.342587][ T5850] clean ondisk 256:1792 [ 148.342597][ T5850] clean 256:1792 [ 148.342608][ T5850] total 256:2048 [ 148.342618][ T5850] dev 0: [ 148.342626][ T5850] nr 8 [ 148.342636][ T5850] bucket size 256 [ 148.342646][ T5850] available 6:256 [ 148.342656][ T5850] discard_idx 0 [ 148.342666][ T5850] dirty_ondisk 0 (seq 0) [ 148.342676][ T5850] dirty_idx 0 (seq 0) [ 148.342686][ T5850] cur_idx 0 (seq 0) [ 148.342697][ T5850] [ 285.931107][ T30] INFO: task syz-executor140:5840 blocked for more than 143 seconds. [ 285.939321][ T30] Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 285.947051][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.955774][ T30] task:syz-executor140 state:D stack:23840 pid:5840 tgid:5840 ppid:5837 flags:0x00004002 [ 285.966069][ T30] Call Trace: [ 285.969455][ T30] [ 285.972439][ T30] __schedule+0x1850/0x4c30 [ 285.977023][ T30] ? __pfx___schedule+0x10/0x10 [ 285.981932][ T30] ? __pfx_lock_release+0x10/0x10 [ 285.986999][ T30] ? schedule+0x90/0x320 [ 285.991305][ T30] schedule+0x14b/0x320 [ 285.995524][ T30] schedule_timeout+0xb0/0x290 [ 286.000292][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 286.005714][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.011802][ T30] ? wait_for_completion+0x2fe/0x620 [ 286.017118][ T30] ? wait_for_completion+0x2fe/0x620 [ 286.022515][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.027742][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.033428][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 286.038663][ T30] ? wait_for_completion+0x2fe/0x620 [ 286.044001][ T30] wait_for_completion+0x355/0x620 [ 286.049143][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.054847][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 286.060516][ T30] ? synchronize_rcu+0x11b/0x360 [ 286.065527][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.071208][ T30] ? kthread_unpark+0xd0/0x290 [ 286.075979][ T30] kthread_stop+0x19e/0x640 [ 286.080512][ T30] bch2_copygc_stop+0x4f/0x150 [ 286.085354][ T30] __bch2_fs_read_only+0x47/0x450 [ 286.090436][ T30] bch2_fs_read_only+0xb57/0x1200 [ 286.095570][ T30] ? __pfx_bch2_fs_read_only+0x10/0x10 [ 286.101109][ T30] ? __bch2_print+0x17a/0x220 [ 286.105822][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.111510][ T30] ? down_write+0x18c/0x220 [ 286.116121][ T30] ? __pfx_down_write+0x10/0x10 [ 286.121055][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.126713][ T30] ? hook_sb_delete+0xaa0/0xbd0 [ 286.131622][ T30] __bch2_fs_stop+0x105/0x5c0 [ 286.136339][ T30] ? __pfx___bch2_fs_stop+0x10/0x10 [ 286.141596][ T30] ? __pfx_evict_inodes+0x10/0x10 [ 286.146657][ T30] ? bch2_sync_fs+0x155/0x300 [ 286.151386][ T30] ? __pfx_bch2_put_super+0x10/0x10 [ 286.156613][ T30] generic_shutdown_super+0x13b/0x2d0 [ 286.162044][ T30] bch2_kill_sb+0x41/0x50 [ 286.166393][ T30] deactivate_locked_super+0xc6/0x130 [ 286.171842][ T30] cleanup_mnt+0x41f/0x4b0 [ 286.176296][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.181973][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 286.187208][ T30] task_work_run+0x251/0x310 [ 286.191858][ T30] ? __pfx_task_work_run+0x10/0x10 [ 286.197002][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.202679][ T30] ? path_umount+0x284/0xf70 [ 286.207299][ T30] ptrace_notify+0x2d2/0x380 [ 286.211951][ T30] ? __pfx_ptrace_notify+0x10/0x10 [ 286.217182][ T30] ? kmem_cache_free+0x195/0x410 [ 286.222209][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.227878][ T30] ? __x64_sys_umount+0x123/0x170 [ 286.233004][ T30] syscall_exit_work+0xc7/0x1d0 [ 286.237890][ T30] syscall_exit_to_user_mode+0x24a/0x340 [ 286.243603][ T30] do_syscall_64+0x100/0x230 [ 286.248234][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.254192][ T30] RIP: 0033:0x7f7145e49347 [ 286.258636][ T30] RSP: 002b:00007ffcff37f058 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 286.267101][ T30] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f7145e49347 [ 286.275126][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcff37f110 [ 286.283142][ T30] RBP: 00007ffcff37f110 R08: 0000000000000000 R09: 0000000000000000 [ 286.291158][ T30] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffcff380170 [ 286.299216][ T30] R13: 00005555839006c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 286.307289][ T30] [ 286.310338][ T30] [ 286.310338][ T30] Showing all locks held in the system: [ 286.318113][ T30] 1 lock held by khungtaskd/30: [ 286.323015][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 286.332998][ T30] 2 locks held by getty/5578: [ 286.337686][ T30] #0: ffff8880352c00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 286.347538][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 286.357807][ T30] 2 locks held by syz-executor140/5840: [ 286.363412][ T30] #0: ffff88807e29e0e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.373739][ T30] #1: ffff888074880278 (&c->state_lock){+.+.}-{4:4}, at: __bch2_fs_stop+0xfd/0x5c0 [ 286.383294][ T30] [ 286.385641][ T30] ============================================= [ 286.385641][ T30] [ 286.394158][ T30] NMI backtrace for cpu 0 [ 286.398496][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 286.408988][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 286.419127][ T30] Call Trace: [ 286.422419][ T30] [ 286.425353][ T30] dump_stack_lvl+0x241/0x360 [ 286.430043][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 286.435248][ T30] ? __pfx__printk+0x10/0x10 [ 286.439847][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 286.444788][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 286.450243][ T30] ? _printk+0xd5/0x120 [ 286.454400][ T30] ? __pfx__printk+0x10/0x10 [ 286.458990][ T30] ? __wake_up_klogd+0xcc/0x110 [ 286.463835][ T30] ? __pfx__printk+0x10/0x10 [ 286.468427][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 286.474410][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 286.480391][ T30] watchdog+0xff6/0x1040 [ 286.484631][ T30] ? watchdog+0x1ea/0x1040 [ 286.489047][ T30] ? __pfx_watchdog+0x10/0x10 [ 286.493720][ T30] kthread+0x2f2/0x390 [ 286.498308][ T30] ? __pfx_watchdog+0x10/0x10 [ 286.502981][ T30] ? __pfx_kthread+0x10/0x10 [ 286.507569][ T30] ret_from_fork+0x4d/0x80 [ 286.511980][ T30] ? __pfx_kthread+0x10/0x10 [ 286.516570][ T30] ret_from_fork_asm+0x1a/0x30 [ 286.521337][ T30] [ 286.524490][ T30] Sending NMI from CPU 0 to CPUs 1: [ 286.529755][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 [ 286.530784][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 286.545769][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 [ 286.556274][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 286.566331][ T30] Call Trace: [ 286.569608][ T30] [ 286.572541][ T30] dump_stack_lvl+0x241/0x360 [ 286.577239][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 286.582458][ T30] ? __pfx__printk+0x10/0x10 [ 286.587065][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.593063][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.598702][ T30] ? vscnprintf+0x5d/0x90 [ 286.603041][ T30] panic+0x349/0x880 [ 286.606948][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.612589][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 286.618754][ T30] ? __pfx_panic+0x10/0x10 [ 286.623183][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.628822][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.634463][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 286.639848][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 286.646011][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 286.652185][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.657821][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 286.664072][ T30] watchdog+0x1035/0x1040 [ 286.668415][ T30] ? watchdog+0x1ea/0x1040 [ 286.672847][ T30] ? __pfx_watchdog+0x10/0x10 [ 286.677534][ T30] kthread+0x2f2/0x390 [ 286.681617][ T30] ? __pfx_watchdog+0x10/0x10 [ 286.686303][ T30] ? __pfx_kthread+0x10/0x10 [ 286.690903][ T30] ret_from_fork+0x4d/0x80 [ 286.695332][ T30] ? __pfx_kthread+0x10/0x10 [ 286.699930][ T30] ret_from_fork_asm+0x1a/0x30 [ 286.704710][ T30] [ 286.707941][ T30] Kernel Offset: disabled [ 286.712262][ T30] Rebooting in 86400 seconds..