./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1354276114 <...> Warning: Permanently added '10.128.1.136' (ED25519) to the list of known hosts. execve("./syz-executor1354276114", ["./syz-executor1354276114"], 0x7ffc741bf290 /* 10 vars */) = 0 brk(NULL) = 0x5555567b6000 brk(0x5555567b6d00) = 0x5555567b6d00 arch_prctl(ARCH_SET_FS, 0x5555567b6380) = 0 set_tid_address(0x5555567b6650) = 5068 set_robust_list(0x5555567b6660, 24) = 0 rseq(0x5555567b6ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1354276114", 4096) = 28 getrandom("\x6a\x74\xa5\x14\x8b\x5f\x38\xf7", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555567b6d00 brk(0x5555567d7d00) = 0x5555567d7d00 brk(0x5555567d8000) = 0x5555567d8000 mprotect(0x7f76dc8ce000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5070 attached [pid 5070] set_robust_list(0x5555567b6660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x5555567b6650) = 5070 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] setpgid(0, 0) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] memfd_create("syzkaller", 0) = 3 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f76d4417000 [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5070] munmap(0x7f76d4417000, 138412032) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5070] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5070] close(3) = 0 [pid 5070] mkdir("./file1", 0777) = 0 [pid 5070] mount("/dev/loop0", "./file1", "jfs", 0, ",usrquota,iocharset=cp860,") = 0 [pid 5070] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5070] chdir("./file1") = 0 [pid 5070] ioctl(4, LOOP_CLR_FD) = 0 [pid 5070] close(4) = 0 [ 54.396570][ T5070] loop0: detected capacity change from 0 to 32768 [pid 5070] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5068] kill(-5070, SIGKILL) = 0 [pid 5068] kill(5070, SIGKILL) = 0 [pid 5068] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x5555567b76f0 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(3, 0x5555567b76f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [ 76.061966][ T8] cfg80211: failed to load regulatory.db [ 285.970853][ T29] INFO: task kworker/u4:6:1094 blocked for more than 143 seconds. [ 285.978815][ T29] Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0 [ 285.987588][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.996501][ T29] task:kworker/u4:6 state:D stack:25968 pid:1094 tgid:1094 ppid:2 flags:0x00004000 [ 286.006926][ T29] Workqueue: writeback wb_workfn (flush-7:0) [ 286.013185][ T29] Call Trace: [ 286.016470][ T29] [ 286.019401][ T29] __schedule+0xedb/0x5af0 [ 286.024365][ T29] ? blk_mq_try_issue_list_directly+0x590/0x590 [ 286.030639][ T29] ? io_schedule_timeout+0x150/0x150 [ 286.036315][ T29] ? schedule+0x1fc/0x270 [ 286.040658][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.046383][ T29] ? __mutex_lock+0x5b4/0x9d0 [ 286.051278][ T29] ? __mutex_trylock_common+0x78/0x250 [ 286.056756][ T29] schedule+0xe9/0x270 [ 286.061178][ T29] schedule_preempt_disabled+0x13/0x20 [ 286.066650][ T29] __mutex_lock+0x5b9/0x9d0 [ 286.071494][ T29] ? jfs_commit_inode+0x22f/0x570 [ 286.076531][ T29] ? mutex_trylock+0x130/0x130 [ 286.081667][ T29] ? txExit+0x40/0x40 [ 286.085664][ T29] ? lock_acquire+0x1ae/0x520 [ 286.090347][ T29] ? find_held_lock+0x2d/0x110 [ 286.095932][ T29] ? jfs_commit_inode+0x22f/0x570 [ 286.101217][ T29] jfs_commit_inode+0x22f/0x570 [ 286.106081][ T29] ? jfs_iget+0x4c0/0x4c0 [ 286.110408][ T29] ? do_raw_spin_lock+0x12e/0x2b0 [ 286.116637][ T29] ? spin_bug+0x1d0/0x1d0 [ 286.121189][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.126577][ T29] jfs_write_inode+0xfc/0x240 [ 286.131636][ T29] __writeback_single_inode+0xa91/0xe90 [ 286.137204][ T29] ? __mark_inode_dirty+0xd60/0xd60 [ 286.142587][ T29] ? _raw_spin_unlock+0x28/0x40 [ 286.147447][ T29] ? wbc_attach_and_unlock_inode+0x561/0x910 [ 286.153884][ T29] writeback_sb_inodes+0x599/0x1080 [ 286.159102][ T29] ? sync_inode_metadata+0xe0/0xe0 [ 286.164543][ T29] ? find_held_lock+0x59/0x110 [ 286.169326][ T29] ? move_expired_inodes+0x59e/0x850 [ 286.174906][ T29] __writeback_inodes_wb+0xff/0x2d0 [ 286.180115][ T29] ? writeback_sb_inodes+0x1080/0x1080 [ 286.185930][ T29] ? queue_io+0x3ed/0x4e0 [ 286.190276][ T29] wb_writeback+0x7f8/0xaa0 [ 286.195434][ T29] ? __writeback_inodes_wb+0x2d0/0x2d0 [ 286.201706][ T29] ? get_nr_dirty_inodes+0x176/0x1e0 [ 286.207007][ T29] wb_workfn+0x87c/0xfe0 [ 286.211592][ T29] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 286.217590][ T29] ? inode_wait_for_writeback+0x30/0x30 [ 286.223486][ T29] ? lock_sync+0x190/0x190 [ 286.227915][ T29] ? lock_sync+0x190/0x190 [ 286.232679][ T29] process_one_work+0x886/0x15d0 [ 286.237634][ T29] ? lock_sync+0x190/0x190 [ 286.242419][ T29] ? workqueue_congested+0x300/0x300 [ 286.247727][ T29] ? assign_work+0x1a0/0x250 [ 286.252709][ T29] worker_thread+0x8b9/0x1290 [ 286.257406][ T29] ? __kthread_parkme+0x14b/0x220 [ 286.262804][ T29] ? process_one_work+0x15d0/0x15d0 [ 286.268012][ T29] kthread+0x2c6/0x3a0 [ 286.272409][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.277614][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.283590][ T29] ret_from_fork+0x45/0x80 [ 286.288015][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.293984][ T29] ret_from_fork_asm+0x11/0x20 [ 286.298768][ T29] [ 286.302172][ T29] [ 286.302172][ T29] Showing all locks held in the system: [ 286.309887][ T29] 1 lock held by khungtaskd/29: [ 286.315502][ T29] #0: ffffffff8cfabbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 286.325603][ T29] 4 locks held by kworker/u4:6/1094: [ 286.331120][ T29] #0: ffff888140059138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x789/0x15d0 [ 286.341963][ T29] #1: ffffc900047c7d80 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7eb/0x15d0 [ 286.354034][ T29] #2: ffff8880294e00e0 (&type->s_umount_key#45){++++}-{3:3}, at: super_trylock_shared+0x1e/0xf0 [ 286.364815][ T29] #3: ffff8880751db008 (&jfs_ip->commit_mutex){+.+.}-{3:3}, at: jfs_commit_inode+0x22f/0x570 [ 286.375339][ T29] 2 locks held by getty/4821: [ 286.380013][ T29] #0: ffff888025d1c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 286.390111][ T29] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc6/0x1490 [ 286.400429][ T29] 4 locks held by syz-executor135/5070: [ 286.406215][ T29] [ 286.408541][ T29] ============================================= [ 286.408541][ T29] [ 286.417266][ T29] NMI backtrace for cpu 1 [ 286.421592][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0 [ 286.431386][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 286.441439][ T29] Call Trace: [ 286.444711][ T29] [ 286.447639][ T29] dump_stack_lvl+0xd9/0x1b0 [ 286.452231][ T29] nmi_cpu_backtrace+0x277/0x390 [ 286.457169][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.462372][ T29] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 286.468350][ T29] watchdog+0xf87/0x1210 [ 286.472599][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.478581][ T29] ? lockdep_hardirqs_on+0x7d/0x110 [ 286.483784][ T29] ? __kthread_parkme+0x14b/0x220 [ 286.488806][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.494792][ T29] kthread+0x2c6/0x3a0 [ 286.498859][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.504059][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.509694][ T29] ret_from_fork+0x45/0x80 [ 286.514113][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.519744][ T29] ret_from_fork_asm+0x11/0x20 [ 286.524523][ T29] [ 286.527626][ T29] Sending NMI from CPU 1 to CPUs 0: [ 286.532854][ C0] NMI backtrace for cpu 0 [ 286.532862][ C0] CPU: 0 PID: 5070 Comm: syz-executor135 Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0 [ 286.532876][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 286.532883][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x8/0x20 [ 286.532903][ C0] Code: 00 00 f3 0f 1e fa 48 8b 0c 24 0f b7 d6 0f b7 f7 bf 03 00 00 00 e9 c8 fe ff ff 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 8b 0c 24 <89> f2 89 fe bf 05 00 00 00 e9 aa fe ff ff 66 2e 0f 1f 84 00 00 00 [ 286.532914][ C0] RSP: 0018:ffffc90003a1f598 EFLAGS: 00000216 [ 286.532925][ C0] RAX: 0000000000000000 RBX: ffff88807894a000 RCX: ffffffff82fa6d03 [ 286.532933][ C0] RDX: ffff88807a911dc0 RSI: 0000000000000006 RDI: 00000000ffffffff [ 286.532941][ C0] RBP: ffff8880751db270 R08: 0000000000000005 R09: 00000000ffffffff [ 286.532949][ C0] R10: 0000000000000006 R11: 0000000000000000 R12: 0000000000000006 [ 286.532956][ C0] R13: ffff88807894a0c0 R14: 0000000000000080 R15: dffffc0000000000 [ 286.532969][ C0] FS: 00005555567b6380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 286.532982][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.532990][ C0] CR2: 000055597bc31fc8 CR3: 0000000077e2a000 CR4: 0000000000350ef0 [ 286.532998][ C0] Call Trace: [ 286.533002][ C0] [ 286.533006][ C0] ? show_regs+0x8f/0xa0 [ 286.533022][ C0] ? nmi_cpu_backtrace+0x1d4/0x390 [ 286.533037][ C0] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 286.533055][ C0] ? nmi_handle+0x1a6/0x570 [ 286.533069][ C0] ? x86_pmu_event_mapped+0x1c0/0x1c0 [ 286.533088][ C0] ? __sanitizer_cov_trace_const_cmp4+0x8/0x20 [ 286.533104][ C0] ? default_do_nmi+0x6a/0x160 [ 286.533120][ C0] ? exc_nmi+0x186/0x200 [ 286.533135][ C0] ? end_repeat_nmi+0xf/0x2a [ 286.533149][ C0] ? dtSplitRoot+0x9d3/0x1760 [ 286.533163][ C0] ? __sanitizer_cov_trace_const_cmp4+0x8/0x20 [ 286.533178][ C0] ? __sanitizer_cov_trace_const_cmp4+0x8/0x20 [ 286.533194][ C0] ? __sanitizer_cov_trace_const_cmp4+0x8/0x20 [ 286.533210][ C0] [ 286.533213][ C0] [ 286.533216][ C0] dtSplitRoot+0x9d3/0x1760 [ 286.533233][ C0] ? dtSplitPage+0x3840/0x3840 [ 286.533244][ C0] ? up_write+0x1b3/0x510 [ 286.533260][ C0] ? dbAlloc+0x43d/0xaa0 [ 286.533273][ C0] dtSplitUp+0x1298/0x5850 [ 286.533288][ C0] ? save_trace+0x4e/0xb30 [ 286.533303][ C0] ? _find_first_zero_bit+0x94/0xb0 [ 286.533323][ C0] ? add_lock_to_list+0x17d/0x380 [ 286.533341][ C0] ? dtSplitRoot+0x1760/0x1760 [ 286.533352][ C0] ? __lock_acquire+0x1fc1/0x3b20 [ 286.533373][ C0] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 286.533394][ C0] ? lock_acquire+0x1ae/0x520 [ 286.533412][ C0] ? find_held_lock+0x2d/0x110 [ 286.533428][ C0] ? txLock+0x7f5/0x2120 [ 286.533443][ C0] ? spin_bug+0x1d0/0x1d0 [ 286.533457][ C0] dtInsert+0x872/0xb00 [ 286.533474][ C0] ? dtSearch+0x2450/0x2450 [ 286.533486][ C0] ? dtSearch+0x198b/0x2450 [ 286.533497][ C0] ? txEnd+0x5a0/0x5a0 [ 286.533516][ C0] jfs_mkdir+0x665/0xb30 [ 286.533534][ C0] ? jfs_create+0xb40/0xb40 [ 286.533558][ C0] ? bpf_lsm_inode_permission+0x9/0x10 [ 286.533571][ C0] ? security_inode_permission+0xd8/0x100 [ 286.533586][ C0] ? inode_permission+0xdd/0x5e0 [ 286.533600][ C0] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 286.533613][ C0] vfs_mkdir+0x577/0x820 [ 286.533629][ C0] do_mkdirat+0x2fd/0x3a0 [ 286.533646][ C0] ? __ia32_sys_mknod+0xb0/0xb0 [ 286.533663][ C0] ? getname_flags.part.0+0x1e2/0x4e0 [ 286.533678][ C0] __x64_sys_mkdir+0xf2/0x140 [ 286.533695][ C0] do_syscall_64+0x40/0x110 [ 286.533709][ C0] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 286.533728][ C0] RIP: 0033:0x7f76dc854a97 [ 286.533738][ C0] Code: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 286.533749][ C0] RSP: 002b:00007ffd2239c148 EFLAGS: 00000286 ORIG_RAX: 0000000000000053 [ 286.533760][ C0] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f76dc854a97 [ 286.533767][ C0] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000500 [ 286.533775][ C0] RBP: 00007ffd2239c1e0 R08: 0000000000000000 R09: 0000000000000000 [ 286.533782][ C0] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000500 [ 286.533789][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 286.533800][ C0] [ 286.539617][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 286.971792][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc3-syzkaller-00033-g3b47bc037bd4 #0 [ 286.981588][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 286.991630][ T29] Call Trace: [ 286.994897][ T29] [ 286.997819][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.002408][ T29] panic+0x6dc/0x790 [ 287.006316][ T29] ? panic_smp_self_stop+0xa0/0xa0 [ 287.011509][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.016883][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.022077][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.027447][ T29] ? watchdog+0xd3e/0x1210 [ 287.031858][ T29] ? watchdog+0xd31/0x1210 [ 287.036270][ T29] watchdog+0xd4f/0x1210 [ 287.040507][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.046479][ T29] ? lockdep_hardirqs_on+0x7d/0x110 [ 287.051678][ T29] ? __kthread_parkme+0x14b/0x220 [ 287.056695][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.062667][ T29] kthread+0x2c6/0x3a0 [ 287.066729][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.071917][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.077543][ T29] ret_from_fork+0x45/0x80 [ 287.081954][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.087580][ T29] ret_from_fork_asm+0x11/0x20 [ 287.092347][ T29] [ 287.095613][ T29] Kernel Offset: disabled [ 287.099916][ T29] Rebooting in 86400 seconds..