./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor311257416 <...> Warning: Permanently added '10.128.0.13' (ED25519) to the list of known hosts. execve("./syz-executor311257416", ["./syz-executor311257416"], 0x7ffe367039f0 /* 10 vars */) = 0 brk(NULL) = 0x555555c38000 brk(0x555555c38d00) = 0x555555c38d00 arch_prctl(ARCH_SET_FS, 0x555555c38380) = 0 set_tid_address(0x555555c38650) = 5055 set_robust_list(0x555555c38660, 24) = 0 rseq(0x555555c38ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor311257416", 4096) = 27 getrandom("\xd6\x13\x7b\xcf\x88\x93\xf3\xd5", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555c38d00 brk(0x555555c59d00) = 0x555555c59d00 brk(0x555555c5a000) = 0x555555c5a000 mprotect(0x7f9707067000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5056 attached , child_tidptr=0x555555c38650) = 5056 [pid 5056] set_robust_list(0x555555c38660, 24) = 0 [pid 5056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5056] setpgid(0, 0) = 0 [pid 5056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5056] write(3, "1000", 4) = 4 [pid 5056] close(3) = 0 [pid 5056] memfd_create("syzkaller", 0) = 3 [pid 5056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f96fea00000 [pid 5056] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5056] munmap(0x7f96fea00000, 138412032) = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5056] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5056] close(3) = 0 [pid 5056] close(4) = 0 [pid 5056] mkdir("./file1", 0777) = 0 [pid 5056] mount("/dev/loop0", "./file1", "jfs", 0, ",usrquota,iocharset=cp860,") = 0 [pid 5056] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 70.428984][ T5056] loop0: detected capacity change from 0 to 32768 [pid 5056] chdir("./file1") = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5056] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5055] kill(-5056, SIGKILL) = 0 [pid 5055] kill(5056, SIGKILL) = 0 [pid 5055] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5055] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5055] getdents64(3, 0x555555c396f0 /* 2 entries */, 32768) = 48 [pid 5055] getdents64(3, 0x555555c396f0 /* 0 entries */, 32768) = 0 [pid 5055] close(3) = 0 [ 87.228259][ T8] cfg80211: failed to load regulatory.db [ 286.905731][ T29] INFO: task kworker/u4:3:49 blocked for more than 143 seconds. [ 286.913492][ T29] Not tainted 6.8.0-rc1-next-20240124-syzkaller #0 [ 286.920640][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.929370][ T29] task:kworker/u4:3 state:D stack:24824 pid:49 tgid:49 ppid:2 flags:0x00004000 [ 286.940044][ T29] Workqueue: writeback wb_workfn (flush-7:0) [ 286.946389][ T29] Call Trace: [ 286.949682][ T29] [ 286.952637][ T29] __schedule+0xf15/0x5ce0 [ 286.957542][ T29] ? __pfx_blk_mq_flush_plug_list.part.0+0x10/0x10 [ 286.964176][ T29] ? __pfx___schedule+0x10/0x10 [ 286.969097][ T29] ? schedule+0x298/0x350 [ 286.973451][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.978935][ T29] ? __mutex_trylock_common+0x78/0x250 [ 286.984441][ T29] schedule+0xe7/0x350 [ 286.988892][ T29] schedule_preempt_disabled+0x13/0x30 [ 286.994387][ T29] __mutex_lock+0x5b8/0x9c0 [ 286.999148][ T29] ? jfs_commit_inode+0x233/0x570 [ 287.004298][ T29] ? __pfx___mutex_lock+0x10/0x10 [ 287.009602][ T29] ? __pfx_txBegin+0x10/0x10 [ 287.014253][ T29] ? lock_acquire+0x1b1/0x540 [ 287.019234][ T29] ? find_held_lock+0x2d/0x110 [ 287.024029][ T29] ? jfs_commit_inode+0x233/0x570 [ 287.029313][ T29] jfs_commit_inode+0x233/0x570 [ 287.034198][ T29] ? __pfx_jfs_commit_inode+0x10/0x10 [ 287.040084][ T29] ? do_raw_spin_lock+0x12d/0x2c0 [ 287.045134][ T29] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 287.050900][ T29] ? wbc_attach_and_unlock_inode+0x561/0x910 [ 287.057305][ T29] jfs_write_inode+0x100/0x240 [ 287.062104][ T29] __writeback_single_inode+0xa9a/0xe90 [ 287.073003][ T29] ? __pfx___writeback_single_inode+0x10/0x10 [ 287.079447][ T29] ? _raw_spin_unlock+0x28/0x50 [ 287.084357][ T29] ? wbc_attach_and_unlock_inode+0x561/0x910 [ 287.090798][ T29] writeback_sb_inodes+0x5a6/0x1090 [ 287.096347][ T29] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 287.102010][ T29] ? find_held_lock+0x59/0x110 [ 287.107228][ T29] ? move_expired_inodes+0x59e/0x850 [ 287.112555][ T29] __writeback_inodes_wb+0xff/0x2e0 [ 287.118198][ T29] ? __pfx___writeback_inodes_wb+0x10/0x10 [ 287.124054][ T29] ? queue_io+0x3f8/0x4f0 [ 287.128921][ T29] wb_writeback+0x7fe/0xab0 [ 287.133475][ T29] ? __pfx_wb_writeback+0x10/0x10 [ 287.139011][ T29] ? get_nr_dirty_inodes+0x176/0x1f0 [ 287.144418][ T29] wb_workfn+0x876/0xfe0 [ 287.149184][ T29] ? __pfx___lock_acquire+0x10/0x10 [ 287.154436][ T29] ? __pfx_wb_workfn+0x10/0x10 [ 287.159675][ T29] ? __pfx_lock_acquire+0x10/0x10 [ 287.164737][ T29] ? __pfx_lock_acquire+0x10/0x10 [ 287.170398][ T29] process_one_work+0x8d5/0x16e0 [ 287.175608][ T29] ? __pfx_lock_acquire+0x10/0x10 [ 287.181100][ T29] ? __pfx_process_one_work+0x10/0x10 [ 287.186771][ T29] ? assign_work+0x1a0/0x250 [ 287.191406][ T29] worker_thread+0x8b6/0x1290 [ 287.196521][ T29] ? __pfx_worker_thread+0x10/0x10 [ 287.201657][ T29] kthread+0x2c1/0x3a0 [ 287.206132][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.211362][ T29] ? __pfx_kthread+0x10/0x10 [ 287.216450][ T29] ret_from_fork+0x45/0x80 [ 287.220928][ T29] ? __pfx_kthread+0x10/0x10 [ 287.225544][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.230992][ T29] [ 287.234096][ T29] [ 287.234096][ T29] Showing all locks held in the system: [ 287.242546][ T29] 1 lock held by khungtaskd/29: [ 287.247682][ T29] #0: ffffffff8d7b0c20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 287.257835][ T29] 4 locks held by kworker/u4:3/49: [ 287.262956][ T29] #0: ffff8880192d9538 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x7ba/0x16e0 [ 287.274101][ T29] #1: ffffc90000b9fd80 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x824/0x16e0 [ 287.286289][ T29] #2: ffff88802449e0e0 (&type->s_umount_key#42){.+.+}-{3:3}, at: super_trylock_shared+0x1e/0xf0 [ 287.297216][ T29] #3: ffff888077e39448 (&jfs_ip->commit_mutex){+.+.}-{3:3}, at: jfs_commit_inode+0x233/0x570 [ 287.307892][ T29] 2 locks held by getty/4808: [ 287.312581][ T29] #0: ffff88801e0e00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.322933][ T29] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 287.333349][ T29] 4 locks held by syz-executor311/5056: [ 287.339158][ T29] [ 287.341492][ T29] ============================================= [ 287.341492][ T29] [ 287.350463][ T29] NMI backtrace for cpu 1 [ 287.354794][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc1-next-20240124-syzkaller #0 [ 287.364101][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.374173][ T29] Call Trace: [ 287.377465][ T29] [ 287.380422][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.385125][ T29] nmi_cpu_backtrace+0x27b/0x390 [ 287.390139][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.396148][ T29] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 287.402141][ T29] watchdog+0xf86/0x1210 [ 287.406453][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.411139][ T29] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.416367][ T29] ? __kthread_parkme+0x148/0x220 [ 287.421397][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.426084][ T29] kthread+0x2c1/0x3a0 [ 287.430159][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.435367][ T29] ? __pfx_kthread+0x10/0x10 [ 287.439967][ T29] ret_from_fork+0x45/0x80 [ 287.444389][ T29] ? __pfx_kthread+0x10/0x10 [ 287.448986][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.453773][ T29] [ 287.456864][ T29] Sending NMI from CPU 1 to CPUs 0: [ 287.462083][ C0] NMI backtrace for cpu 0 [ 287.462092][ C0] CPU: 0 PID: 5056 Comm: syz-executor311 Not tainted 6.8.0-rc1-next-20240124-syzkaller #0 [ 287.462112][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.462122][ C0] RIP: 0010:write_comp_data+0x9/0x90 [ 287.462150][ C0] Code: 80 f0 15 00 00 c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 d2 49 89 f8 49 89 f1 <65> 48 8b 15 5f 9d 77 7e 65 8b 05 60 9d 77 7e a9 00 01 ff 00 74 0f [ 287.462167][ C0] RSP: 0018:ffffc9000362f580 EFLAGS: 00000246 [ 287.462182][ C0] RAX: 0000000000000000 RBX: ffff88802188a000 RCX: ffffffff830a6674 [ 287.462195][ C0] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000005 [ 287.462206][ C0] RBP: ffff888077e396b0 R08: 0000000000000005 R09: 0000000000000000 [ 287.462218][ C0] R10: 0000000000000006 R11: 006605ff00000020 R12: 0000000000000006 [ 287.462229][ C0] R13: ffff88802188a0c0 R14: 0000000000000080 R15: dffffc0000000000 [ 287.462242][ C0] FS: 0000555555c38380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 287.462262][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.462275][ C0] CR2: 00007ffff33bccfc CR3: 000000001e6f6000 CR4: 00000000003506f0 [ 287.462287][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.462298][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.462309][ C0] Call Trace: [ 287.462315][ C0] [ 287.462322][ C0] ? show_regs+0x8e/0xa0 [ 287.462372][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 287.462400][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.462423][ C0] ? nmi_handle+0x1a9/0x580 [ 287.462449][ C0] ? write_comp_data+0x9/0x90 [ 287.462473][ C0] ? default_do_nmi+0x6a/0x160 [ 287.462498][ C0] ? exc_nmi+0x18a/0x210 [ 287.462522][ C0] ? end_repeat_nmi+0xf/0x5e [ 287.462605][ C0] ? dtSplitRoot+0x9d4/0x1760 [ 287.462630][ C0] ? write_comp_data+0x9/0x90 [ 287.462654][ C0] ? write_comp_data+0x9/0x90 [ 287.462679][ C0] ? write_comp_data+0x9/0x90 [ 287.462703][ C0] [ 287.462708][ C0] [ 287.462717][ C0] dtSplitRoot+0x9d4/0x1760 [ 287.462749][ C0] ? __pfx_dtSplitRoot+0x10/0x10 [ 287.462771][ C0] ? up_write+0x1b2/0x520 [ 287.462790][ C0] ? dbAlloc+0x43d/0xab0 [ 287.462814][ C0] dtSplitUp+0x129c/0x5850 [ 287.462842][ C0] ? save_trace+0x4e/0xb30 [ 287.462863][ C0] ? _find_first_zero_bit+0x94/0xb0 [ 287.462935][ C0] ? add_lock_to_list+0x17d/0x380 [ 287.462959][ C0] ? __pfx_dtSplitUp+0x10/0x10 [ 287.462981][ C0] ? __lock_acquire+0x1fb0/0x3b30 [ 287.463012][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 287.463042][ C0] ? lock_acquire+0x1b1/0x540 [ 287.463066][ C0] ? find_held_lock+0x2d/0x110 [ 287.463088][ C0] ? txLock+0x7f9/0x2120 [ 287.463107][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 287.463126][ C0] ? dtSearch+0x1a0f/0x2430 [ 287.463151][ C0] dtInsert+0x876/0xb00 [ 287.463176][ C0] ? __pfx_dtInsert+0x10/0x10 [ 287.463197][ C0] ? dtSearch+0x1a14/0x2430 [ 287.463219][ C0] ? __pfx_txLock+0x10/0x10 [ 287.463247][ C0] jfs_mkdir+0x669/0xb30 [ 287.463275][ C0] ? __pfx_jfs_mkdir+0x10/0x10 [ 287.463315][ C0] ? bpf_lsm_inode_permission+0x9/0x10 [ 287.463377][ C0] ? security_inode_permission+0xe6/0x120 [ 287.463432][ C0] ? inode_permission+0xdd/0x5f0 [ 287.463479][ C0] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 287.463501][ C0] vfs_mkdir+0x57d/0x820 [ 287.463542][ C0] do_mkdirat+0x301/0x3a0 [ 287.463561][ C0] ? __pfx_do_mkdirat+0x10/0x10 [ 287.463579][ C0] ? getname_flags.part.0+0x1e1/0x4f0 [ 287.463604][ C0] __x64_sys_mkdir+0xf1/0x140 [ 287.463623][ C0] do_syscall_64+0xd2/0x260 [ 287.463646][ C0] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 287.463689][ C0] RIP: 0033:0x7f9706fedad7 [ 287.463705][ C0] Code: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 287.463726][ C0] RSP: 002b:00007ffcd5e4eb58 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 287.463743][ C0] RAX: ffffffffffffffda RBX: 0000000020000500 RCX: 00007f9706fedad7 [ 287.463756][ C0] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000500 [ 287.463767][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 287.463778][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd5e4ebf0 [ 287.463789][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 287.463808][ C0] [ 287.463815][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.732 msecs [ 287.910781][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.917649][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc1-next-20240124-syzkaller #0 [ 287.926944][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.937004][ T29] Call Trace: [ 287.940288][ T29] [ 287.943228][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.947847][ T29] panic+0x6ee/0x7a0 [ 287.951800][ T29] ? __pfx_panic+0x10/0x10 [ 287.956230][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.961619][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.967615][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.973003][ T29] ? watchdog+0xd3d/0x1210 [ 287.977444][ T29] ? watchdog+0xd30/0x1210 [ 287.981885][ T29] watchdog+0xd4e/0x1210 [ 287.986163][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.990867][ T29] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.996088][ T29] ? __kthread_parkme+0x148/0x220 [ 288.001136][ T29] ? __pfx_watchdog+0x10/0x10 [ 288.005842][ T29] kthread+0x2c1/0x3a0 [ 288.009930][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.015151][ T29] ? __pfx_kthread+0x10/0x10 [ 288.019772][ T29] ret_from_fork+0x45/0x80 [ 288.024217][ T29] ? __pfx_kthread+0x10/0x10 [ 288.029298][ T29] ret_from_fork_asm+0x1a/0x30 [ 288.034192][ T29] [ 288.037396][ T29] Kernel Offset: disabled [ 288.041720][ T29] Rebooting in 86400 seconds..