./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor819658240 <...> Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts. execve("./syz-executor819658240", ["./syz-executor819658240"], 0x7ffea404f8d0 /* 10 vars */) = 0 brk(NULL) = 0x55557e827000 brk(0x55557e827d00) = 0x55557e827d00 arch_prctl(ARCH_SET_FS, 0x55557e827380) = 0 set_tid_address(0x55557e827650) = 5082 set_robust_list(0x55557e827660, 24) = 0 rseq(0x55557e827ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor819658240", 4096) = 27 getrandom("\xa8\x3c\x64\x23\x32\x42\x42\xb0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557e827d00 brk(0x55557e848d00) = 0x55557e848d00 brk(0x55557e849000) = 0x55557e849000 mprotect(0x7f19db874000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5083 attached , child_tidptr=0x55557e827650) = 5083 [pid 5083] set_robust_list(0x55557e827660, 24) = 0 [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] memfd_create("syzkaller", 0) = 3 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19d3200000 [pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5083] munmap(0x7f19d3200000, 138412032) = 0 [pid 5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5083] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5083] close(3) = 0 [pid 5083] close(4) = 0 [pid 5083] mkdir("./file0", 0777) = 0 [ 77.633105][ T5083] loop0: detected capacity change from 0 to 32768 [ 77.721072][ T5083] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nocow [ 77.735236][ T5083] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 77.760258][ T5083] bcachefs (loop0): alloc_read... done [pid 5083] mount("/dev/loop0", "./file0", "bcachefs", MS_NODEV|MS_SYNCHRONOUS|MS_RELATIME|MS_STRICTATIME, "data_checksum=xxhash,spr_hash=siphash,data_checksum=xxhash,compression=zstd,") = 0 [pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5083] chdir("./file0") = 0 [pid 5083] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5083] ioctl(4, LOOP_CLR_FD) = 0 [pid 5083] close(4) = 0 [ 77.766162][ T5083] bcachefs (loop0): stripes_read... done [ 77.772245][ T5083] bcachefs (loop0): snapshots_read... done [ 77.782080][ T5083] bcachefs (loop0): journal_replay... done [ 77.787946][ T5083] bcachefs (loop0): resume_logged_ops... done [ 77.796088][ T5083] bcachefs (loop0): going read-write [ 77.804561][ T5083] bcachefs (loop0): done starting filesystem [pid 5083] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5083] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000) = 5 [pid 5083] ftruncate(5, 33587195) = 0 [pid 5083] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 5083] open("./bus", O_RDONLY) = 7 [ 77.879141][ T28] audit: type=1804 audit(1715222958.161:2): pid=5083 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor819" name="/root/file0/bus" dev="loop0" ino=4098 res=1 errno=0 [ 77.993792][ T1267] bcachefs (loop0 inum 1073741825 offset 0): data data checksum error, type chacha20_poly1305_80: got 6b55c2f38f6b316a4c68 should be 3f9e892ceabd1d47b0c2 [ 78.002072][ T2824] bcachefs (loop0 inum 1073741827 offset 0): data data checksum error, type chacha20_poly1305_80: got d7b7aa05396b21f13a2f should be 9894d374992ac97ed273 [ 78.010371][ T1267] bcachefs (loop0 inum 1073741825 offset 0): no device to read from [ 78.035016][ T2824] bcachefs (loop0 inum 1073741827 offset 0): no device to read from [ 78.045755][ T2824] bcachefs (loop0 inum 1073741825 offset 0): data data checksum error, type chacha20_poly1305_80: got 6b55c2f38f6b316a4c68 should be 3f9e892ceabd1d47b0c2 [ 78.049706][ T1267] bcachefs (loop0 inum 1073741827 offset 0): data data checksum error, type chacha20_poly1305_80: got d7b7aa05396b21f13a2f should be 9894d374992ac97ed273 [ 78.062002][ T2824] bcachefs (loop0 inum 1073741825 offset 0): no device to read from [ 78.078300][ T1267] bcachefs (loop0 inum 1073741827 offset 0): no device to read from [pid 5083] sendfile(6, 7, NULL, 281483568746501 [pid 5082] kill(-5083, SIGKILL) = 0 [pid 5082] kill(5083, SIGKILL) = 0 [pid 5082] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5082] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5082] getdents64(3, 0x55557e8286f0 /* 2 entries */, 32768) = 48 [pid 5082] getdents64(3, 0x55557e8286f0 /* 0 entries */, 32768) = 0 [pid 5082] close(3) = 0 [ 87.201871][ T7] cfg80211: failed to load regulatory.db [ 286.880135][ T29] INFO: task syz-executor819:5083 blocked for more than 143 seconds. [ 286.888368][ T29] Not tainted 6.9.0-rc7-syzkaller-00023-g6d7ddd805123 #0 [ 286.896010][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.904896][ T29] task:syz-executor819 state:D stack:14064 pid:5083 tgid:5083 ppid:5082 flags:0x00004006 [ 286.915233][ T29] Call Trace: [ 286.918573][ T29] [ 286.921661][ T29] __schedule+0x1796/0x4a00 [ 286.926375][ T29] ? __pfx___schedule+0x10/0x10 [ 286.931352][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.936512][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.941626][ T29] ? schedule+0x90/0x320 [ 286.945924][ T29] schedule+0x14b/0x320 [ 286.950209][ T29] __closure_sync+0x259/0x2f0 [ 286.954990][ T29] ? __closure_sync+0x149/0x2f0 [ 286.959937][ T29] ? __pfx___closure_sync+0x10/0x10 [ 286.965181][ T29] __bch2_write+0x5458/0x5bd0 [ 286.970016][ T29] ? __pfx_validate_chain+0x10/0x10 [ 286.975267][ T29] ? trace_pelt_se_tp+0x3d/0x140 [ 286.980390][ T29] ? __pfx___bch2_write+0x10/0x10 [ 286.985474][ T29] ? bch2_write+0xf92/0x1590 [ 286.990167][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.995276][ T29] ? do_raw_spin_unlock+0x13c/0x8b0 [ 287.000605][ T29] bch2_write+0x947/0x1590 [ 287.005069][ T29] ? __pfx_bch2_write+0x10/0x10 [ 287.010073][ T29] ? iov_iter_revert+0x1be/0x390 [ 287.015161][ T29] ? bch2_direct_write+0x1160/0x3050 [ 287.020562][ T29] bch2_direct_write+0x1a52/0x3050 [ 287.025813][ T29] ? __pfx_bch2_direct_write+0x10/0x10 [ 287.031499][ T29] ? iter_file_splice_write+0x308/0x14e0 [ 287.037215][ T29] ? kasan_save_track+0x51/0x80 [ 287.042189][ T29] ? kasan_save_track+0x3f/0x80 [ 287.047098][ T29] ? __kasan_kmalloc+0x98/0xb0 [ 287.051999][ T29] ? __kmalloc+0x233/0x4a0 [ 287.056458][ T29] bch2_write_iter+0x206/0x2840 [ 287.061418][ T29] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.067727][ T29] ? __pfx_bch2_write_iter+0x10/0x10 [ 287.073133][ T29] ? splice_from_pipe_next+0x606/0x660 [ 287.078639][ T29] ? rcu_is_watching+0x15/0xb0 [ 287.083617][ T29] iter_file_splice_write+0xbd7/0x14e0 [ 287.089134][ T29] ? __pfx_iter_file_splice_write+0x10/0x10 [ 287.095153][ T29] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.100735][ T29] ? __pfx_iter_file_splice_write+0x10/0x10 [ 287.106643][ T29] direct_splice_actor+0x11e/0x220 [ 287.111861][ T29] splice_direct_to_actor+0x58e/0xc90 [ 287.117266][ T29] ? __lock_acquire+0x1346/0x1fd0 [ 287.122448][ T29] ? __pfx_direct_splice_actor+0x10/0x10 [ 287.128116][ T29] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 287.134176][ T29] do_splice_direct+0x28c/0x3e0 [ 287.139065][ T29] ? __pfx_do_splice_direct+0x10/0x10 [ 287.144537][ T29] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 287.150557][ T29] ? rw_verify_area+0x1d2/0x580 [ 287.155459][ T29] do_sendfile+0x56d/0xdc0 [ 287.159991][ T29] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.166360][ T29] ? __pfx_do_sendfile+0x10/0x10 [ 287.171430][ T29] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.176676][ T29] ? ptrace_notify+0x279/0x380 [ 287.181543][ T29] __se_sys_sendfile64+0x17c/0x1e0 [ 287.186701][ T29] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 287.192585][ T29] ? do_syscall_64+0x102/0x240 [ 287.197532][ T29] do_syscall_64+0xf5/0x240 [ 287.202139][ T29] ? clear_bhb_loop+0x35/0x90 [ 287.206860][ T29] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.212977][ T29] RIP: 0033:0x7f19db7efbd9 [ 287.217430][ T29] RSP: 002b:00007ffcaf821b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 287.226059][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f19db7efbd9 [ 287.234157][ T29] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 287.242201][ T29] RBP: 00007f19db8745f0 R08: 000055557e8284c0 R09: 000055557e8284c0 [ 287.250346][ T29] R10: 0001000200201005 R11: 0000000000000246 R12: 00007ffcaf821bb0 [ 287.258332][ T29] R13: 00007ffcaf821dd8 R14: 431bde82d7b634db R15: 00007f19db83803b [ 287.266400][ T29] [ 287.269458][ T29] [ 287.269458][ T29] Showing all locks held in the system: [ 287.277298][ T29] 1 lock held by khungtaskd/29: [ 287.282232][ T29] #0: ffffffff8e334da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 287.292255][ T29] 1 lock held by kworker/u8:8/1267: [ 287.297473][ T29] #0: ffff8880b953e658 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.307510][ T29] 2 locks held by getty/4836: [ 287.312335][ T29] #0: ffff88802ac7e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.322255][ T29] #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 287.332491][ T29] 1 lock held by syz-executor819/5083: [ 287.337951][ T29] #0: ffff888075d7a420 (sb_writers#9){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x220 [ 287.347713][ T29] [ 287.350112][ T29] ============================================= [ 287.350112][ T29] [ 287.358523][ T29] NMI backtrace for cpu 0 [ 287.362851][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00023-g6d7ddd805123 #0 [ 287.372658][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.382717][ T29] Call Trace: [ 287.386000][ T29] [ 287.388941][ T29] dump_stack_lvl+0x241/0x360 [ 287.393638][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.398846][ T29] ? __pfx__printk+0x10/0x10 [ 287.403476][ T29] ? vprintk_emit+0x631/0x770 [ 287.408200][ T29] ? __pfx_vprintk_emit+0x10/0x10 [ 287.413240][ T29] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.418272][ T29] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.423733][ T29] ? _printk+0xd5/0x120 [ 287.427910][ T29] ? __pfx__printk+0x10/0x10 [ 287.432535][ T29] ? __wake_up_klogd+0xcc/0x110 [ 287.437413][ T29] ? __pfx__printk+0x10/0x10 [ 287.442049][ T29] ? wq_watchdog_touch+0x72/0x110 [ 287.447107][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.453126][ T29] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.459120][ T29] watchdog+0xfde/0x1020 [ 287.463386][ T29] ? watchdog+0x1ea/0x1020 [ 287.467810][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.472494][ T29] kthread+0x2f0/0x390 [ 287.476571][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.481271][ T29] ? __pfx_kthread+0x10/0x10 [ 287.485875][ T29] ret_from_fork+0x4b/0x80 [ 287.490304][ T29] ? __pfx_kthread+0x10/0x10 [ 287.494900][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.499703][ T29] [ 287.502951][ T29] Sending NMI from CPU 0 to CPUs 1: [ 287.508208][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 [ 287.509275][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.524307][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00023-g6d7ddd805123 #0 [ 287.534144][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.544218][ T29] Call Trace: [ 287.547507][ T29] [ 287.550480][ T29] dump_stack_lvl+0x241/0x360 [ 287.555205][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.560426][ T29] ? __pfx__printk+0x10/0x10 [ 287.565040][ T29] ? vscnprintf+0x5d/0x90 [ 287.569386][ T29] panic+0x349/0x860 [ 287.573305][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.579483][ T29] ? __pfx_panic+0x10/0x10 [ 287.584021][ T29] ? nmi_backtrace_stall_check+0x431/0x440 [ 287.589896][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.595287][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.601456][ T29] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 287.607631][ T29] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 287.613807][ T29] watchdog+0x101d/0x1020 [ 287.618152][ T29] ? watchdog+0x1ea/0x1020 [ 287.622586][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.627275][ T29] kthread+0x2f0/0x390 [ 287.631363][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.636049][ T29] ? __pfx_kthread+0x10/0x10 [ 287.640657][ T29] ret_from_fork+0x4b/0x80 [ 287.645280][ T29] ? __pfx_kthread+0x10/0x10 [ 287.649890][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.654696][ T29] [ 287.657970][ T29] Kernel Offset: disabled [ 287.662300][ T29] Rebooting in 86400 seconds..