[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.2' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 693.486658] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 693.496079] audit: type=1800 audit(1621166539.571:2): pid=7974 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor397" name="file0" dev="loop0" ino=17 res=0 [ 857.991492] INFO: task syz-executor397:7974 blocked for more than 140 seconds. [ 857.998922] Not tainted 4.14.232-syzkaller #0 [ 858.004869] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 858.013052] syz-executor397 D27416 7974 7973 0x00000004 [ 858.018667] Call Trace: [ 858.021235] __schedule+0x88b/0x1de0 [ 858.025009] ? mark_held_locks+0xa6/0xf0 [ 858.029068] ? io_schedule_timeout+0x140/0x140 [ 858.033685] schedule+0x8d/0x1b0 [ 858.037048] io_schedule+0xb5/0x120 [ 858.040659] bit_wait_io+0x12/0x90 [ 858.044751] __wait_on_bit_lock+0xc2/0x1d0 [ 858.049093] ? bit_wait+0x90/0x90 [ 858.052608] ? mark_buffer_dirty_inode+0x2ce/0x3a0 [ 858.057539] out_of_line_wait_on_bit_lock+0xbc/0xd0 [ 858.062609] ? __wait_on_bit_lock+0x1d0/0x1d0 [ 858.067101] ? bit_waitqueue+0x30/0x30 [ 858.070967] __lock_buffer+0x43/0x50 [ 858.074711] __sync_dirty_buffer+0x214/0x290 [ 858.079125] __ext4_handle_dirty_metadata+0x169/0x480 [ 858.084509] ext4_convert_inline_data_nolock+0x4ce/0xb40 [ 858.089949] ? ext4_read_inline_page+0x560/0x560 [ 858.094735] ext4_convert_inline_data+0x2ae/0x300 [ 858.099587] ? ext4_inline_data_truncate+0x940/0x940 [ 858.104728] ? vfs_write+0x35d/0x4d0 [ 858.108431] ext4_fallocate+0x106/0x1d80 [ 858.112516] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 858.117955] ? ext4_insert_range+0x1340/0x1340 [ 858.122574] vfs_fallocate+0x346/0x790 [ 858.126453] SyS_fallocate+0x4a/0x80 [ 858.130149] ? compat_SyS_ftruncate+0x20/0x20 [ 858.134663] do_syscall_64+0x1d5/0x640 [ 858.138542] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 858.143769] RIP: 0033:0x4447b9 [ 858.146945] RSP: 002b:00007ffc71abfef8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 858.154672] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00000000004447b9 [ 858.161984] RDX: 000000000000048d RSI: 0000000000000000 RDI: 0000000000000003 [ 858.169237] RBP: 0000000000000000 R08: 00000000004b0080 R09: 00000000004b0080 [ 858.177028] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ffc71abff20 [ 858.184352] R13: 0000000000000000 R14: 431bde82d7b634db R15: 00000000004004a0 [ 858.191669] [ 858.191669] Showing all locks held in the system: [ 858.197976] 1 lock held by khungtaskd/1533: [ 858.202380] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a [ 858.211482] 1 lock held by in:imklog/7627: [ 858.215697] #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0x1fb/0x2b0 [ 858.224151] 2 locks held by syz-executor397/7974: [ 858.228974] #0: (sb_writers#3){.+.+}, at: [] vfs_fallocate+0x5c1/0x790 [ 858.240979] #1: (&ei->xattr_sem){++++}, at: [] ext4_convert_inline_data+0x19d/0x300 [ 858.250572] [ 858.252238] ============================================= [ 858.252238] [ 858.259325] NMI backtrace for cpu 1 [ 858.262987] CPU: 1 PID: 1533 Comm: khungtaskd Not tainted 4.14.232-syzkaller #0 [ 858.270416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.279748] Call Trace: [ 858.282319] dump_stack+0x1b2/0x281 [ 858.285923] nmi_cpu_backtrace.cold+0x57/0x93 [ 858.290391] ? irq_force_complete_move+0x350/0x350 [ 858.295295] nmi_trigger_cpumask_backtrace+0x13a/0x180 [ 858.300638] watchdog+0x5b9/0xb40 [ 858.304064] ? hungtask_pm_notify+0x50/0x50 [ 858.308369] kthread+0x30d/0x420 [ 858.311710] ? kthread_create_on_node+0xd0/0xd0 [ 858.316357] ret_from_fork+0x24/0x30 [ 858.320147] Sending NMI from CPU 1 to CPUs 0: [ 858.325198] NMI backtrace for cpu 0 [ 858.325202] CPU: 0 PID: 4624 Comm: systemd-journal Not tainted 4.14.232-syzkaller #0 [ 858.325206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.325208] task: ffff8880a106e140 task.stack: ffff8880a1070000 [ 858.325211] RIP: 0010:unwind_next_frame+0xfa6/0x17d0 [ 858.325213] RSP: 0018:ffff8880a1077740 EFLAGS: 00000206 [ 858.325218] RAX: 0000000000000005 RBX: 1ffff1101420eeef RCX: ffffffff8a731d9a [ 858.325221] RDX: ffff8880a1077840 RSI: 0000000000000000 RDI: ffffffff8a731d9c [ 858.325224] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 858.325227] R10: ffff8880a1077e50 R11: 0000000000000001 R12: ffff8880a1077835 [ 858.325230] R13: ffff8880a1077838 R14: ffff8880a1077850 R15: ffff8880a1077800 [ 858.325233] FS: 00007f3b9267d8c0(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 858.325235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 858.325238] CR2: 00007f3b8fa48000 CR3: 00000000a15a3000 CR4: 00000000001406f0 [ 858.325241] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 858.325244] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 858.325246] Call Trace: [ 858.325248] ? do_filp_open+0x179/0x3c0 [ 858.325250] ? deref_stack_reg+0x1a0/0x1a0 [ 858.325252] ? is_bpf_text_address+0xb8/0x150 [ 858.325254] ? kernel_text_address+0xbd/0xf0 [ 858.325256] ? lock_downgrade+0x740/0x740 [ 858.325258] ? do_filp_open+0x179/0x3c0 [ 858.325260] __save_stack_trace+0x90/0x160 [ 858.325262] ? do_sys_open+0x296/0x410 [ 858.325264] kasan_kmalloc+0xeb/0x160 [ 858.325266] ? kasan_kmalloc+0xeb/0x160 [ 858.325268] ? kmem_cache_alloc_trace+0x131/0x3d0 [ 858.325271] ? apparmor_file_alloc_security+0x129/0x800 [ 858.325273] ? security_file_alloc+0x66/0xa0 [ 858.325275] ? get_empty_filp+0x15c/0x3e0 [ 858.325277] ? path_openat+0x84/0x2970 [ 858.325278] ? do_filp_open+0x179/0x3c0 [ 858.325280] ? do_sys_open+0x296/0x410 [ 858.325282] ? do_syscall_64+0x1d5/0x640 [ 858.325285] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 858.325286] ? kasan_kmalloc+0x139/0x160 [ 858.325288] ? kasan_kmalloc+0xeb/0x160 [ 858.325290] ? kmem_cache_alloc+0x124/0x3c0 [ 858.325292] ? trace_hardirqs_on+0x10/0x10 [ 858.325294] ? do_sys_open+0x296/0x410 [ 858.325296] ? do_syscall_64+0x1d5/0x640 [ 858.325299] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 858.325301] ? unwind_next_frame+0xe54/0x17d0 [ 858.325303] ? trace_hardirqs_on+0x10/0x10 [ 858.325305] ? is_bpf_text_address+0x91/0x150 [ 858.325307] ? fs_reclaim_release+0xd0/0x110 [ 858.325310] ? kmem_cache_alloc_trace+0x2d4/0x3d0 [ 858.325312] kmem_cache_alloc_trace+0x131/0x3d0 [ 858.325314] apparmor_file_alloc_security+0x129/0x800 [ 858.325316] security_file_alloc+0x66/0xa0 [ 858.325318] ? selinux_is_enabled+0x5/0x50 [ 858.325320] get_empty_filp+0x15c/0x3e0 [ 858.325322] path_openat+0x84/0x2970 [ 858.325324] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 858.325326] ? putname+0xcd/0x110 [ 858.325328] ? path_lookupat+0x780/0x780 [ 858.325330] ? trace_hardirqs_on+0x10/0x10 [ 858.325332] ? getname+0x20/0x20 [ 858.325334] do_filp_open+0x179/0x3c0 [ 858.325336] ? may_open_dev+0xe0/0xe0 [ 858.325337] ? __alloc_fd+0x1be/0x490 [ 858.325340] ? lock_downgrade+0x740/0x740 [ 858.325342] ? do_raw_spin_unlock+0x164/0x220 [ 858.325344] ? _raw_spin_unlock+0x29/0x40 [ 858.325345] ? __alloc_fd+0x1be/0x490 [ 858.325347] do_sys_open+0x296/0x410 [ 858.325349] ? filp_open+0x60/0x60 [ 858.325351] ? do_syscall_64+0x4c/0x640 [ 858.325353] ? do_sys_open+0x410/0x410 [ 858.325355] do_syscall_64+0x1d5/0x640 [ 858.325357] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 858.325359] RIP: 0033:0x7f3b91c0c840 [ 858.325361] RSP: 002b:00007ffc825d65a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 858.325366] RAX: ffffffffffffffda RBX: 00007ffc825d68b0 RCX: 00007f3b91c0c840 [ 858.325369] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 000055f858cdb320 [ 858.325372] RBP: 000000000000000d R08: 0000000000000000 R09: 00000000ffffffff [ 858.325375] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 858.325378] R13: 000055f858cce040 R14: 00007ffc825d6870 R15: 000055f858cd9c10 [ 858.325379] Code: c1 49 c1 e9 03 41 0f b6 34 31 49 89 f9 41 83 e1 07 45 38 c8 41 0f 9e c1 45 84 c0 41 0f 95 c0 45 84 c1 0f 85 2e 04 00 00 83 e0 07 <40> 38 c6 41 0f 9e c0 40 84 f6 0f 95 c0 41 84 c0 0f 85 15 04 00 [ 858.326153] Kernel panic - not syncing: hung_task: blocked tasks [ 858.741094] CPU: 1 PID: 1533 Comm: khungtaskd Not tainted 4.14.232-syzkaller #0 [ 858.748512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.758284] Call Trace: [ 858.760854] dump_stack+0x1b2/0x281 [ 858.764456] panic+0x1f9/0x42d [ 858.767621] ? add_taint.cold+0x16/0x16 [ 858.771573] watchdog+0x5ca/0xb40 [ 858.775001] ? hungtask_pm_notify+0x50/0x50 [ 858.779295] kthread+0x30d/0x420 [ 858.782634] ? kthread_create_on_node+0xd0/0xd0 [ 858.787301] ret_from_fork+0x24/0x30 [ 858.791896] Kernel Offset: disabled [ 858.795509] Rebooting in 86400 seconds..