audit: type=1804 audit(1601674646.311:110): pid=20116 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir370115067/syzkaller.bgMXz1/470/bus" dev="sda1" ino=17368 res=1 Unknown ioctl 1075883590 Unknown ioctl 1075883590 Unknown ioctl 1075883590 INFO: task syz-executor.3:13392 blocked for more than 140 seconds. Not tainted 4.19.149-syzkaller #0 Unknown ioctl 1075883590 Unknown ioctl 1075883590 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Unknown ioctl 1075883590 Unknown ioctl 1075883590 syz-executor.3 D29032 13392 9048 0x00000004 Unknown ioctl 1075883590 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x8e5/0x22e0 kernel/sched/core.c:3517 Unknown ioctl 1075883590 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 request_wait_answer+0x3dc/0x750 fs/fuse/dev.c:485 __fuse_request_send+0x123/0x1d0 fs/fuse/dev.c:505 fuse_simple_request+0x2d2/0x6f0 fs/fuse/dev.c:576 fuse_do_getattr+0x230/0xc40 fs/fuse/dir.c:927 fuse_update_get_attr fs/fuse/dir.c:960 [inline] fuse_getattr+0x2c1/0x380 fs/fuse/dir.c:1838 vfs_getattr_nosec+0xff/0x160 fs/stat.c:79 vfs_getattr fs/stat.c:116 [inline] vfs_statx+0x15a/0x210 fs/stat.c:189 vfs_stat include/linux/fs.h:3133 [inline] __do_sys_newstat fs/stat.c:337 [inline] __se_sys_newstat+0x96/0x120 fs/stat.c:333 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45dd99 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fa749343c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 RAX: ffffffffffffffda RBX: 0000000000035100 RCX: 000000000045dd99 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200004c0 RBP: 000000000118bf58 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffc90d204ef R14: 00007fa7493449c0 R15: 000000000118bf2c Showing all locks held in the system: 1 lock held by khungtaskd/1091: #0: 000000001e6bfa50 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x291 kernel/locking/lockdep.c:4440 1 lock held by in:imklog/6197: #0: 000000008d782187 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xe3/0x100 fs/file.c:767 2 locks held by syz-executor.4/20094: #0: 0000000047ade928 (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1823 [inline] #0: 0000000047ade928 (&rq->lock){-.-.}, at: __schedule+0x257/0x22e0 kernel/sched/core.c:3455 #1: 000000001e6bfa50 (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline] #1: 000000001e6bfa50 (rcu_read_lock){....}, at: update_curr+0x2c3/0x8b0 kernel/sched/fair.c:857 1 lock held by syz-executor.0/20116: 2 locks held by syz-executor.3/20124: 3 locks held by syz-executor.2/20125: 2 locks held by syz-executor.1/20126: Unknown ioctl 1075883590 Unknown ioctl 1075883590 #0: 0000000009d69fcb (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1823 [inline] #0: 0000000009d69fcb (&rq->lock){-.-.}, at: __schedule+0x257/0x22e0 kernel/sched/core.c:3455 overlayfs: option "workdir=." is useless in a non-upper mount, ignore Unknown ioctl 1075883590 Unknown ioctl 1075883590 #1: 000000001e6bfa50 (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline] #1: 000000001e6bfa50 (rcu_read_lock){....}, at: update_curr+0x2c3/0x8b0 kernel/sched/fair.c:857 Unknown ioctl 1075883590 overlayfs: at least 2 lowerdir are needed while upperdir nonexistent Unknown ioctl 1075883590 2 locks held by syz-executor.2/20138: Unknown ioctl 1075883590 Unknown ioctl 1075883590 ============================================= Unknown ioctl 1075883590 Unknown ioctl 1075883590 NMI backtrace for cpu 0 CPU: 0 PID: 1091 Comm: khungtaskd Not tainted 4.19.149-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x18/0x3d lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1a6/0x1eb lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0xa62/0x1020 kernel/hung_task.c:287 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 6200 Comm: rs:main Q:Reg Not tainted 4.19.149-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0033:0x555f35829714 Code: 72 24 00 85 c0 89 c5 0f 85 6a fc ff ff e9 0e ff ff ff 0f 1f 40 00 41 57 41 56 41 89 d7 41 55 41 54 55 53 48 83 ec 48 48 8b 1f <48> 89 74 24 18 89 54 24 2c 48 89 df e8 c3 da fb ff 48 8d 43 38 45 RSP: 002b:00007f789e78da80 EFLAGS: 00000202 RAX: 0000555f36466360 RBX: 0000555f3646be10 RCX: 0000555f35829700 RDX: 000000000000000d RSI: 00007f7894012ba0 RDI: 00007f78940022a0 RBP: 0000555f36466220 R08: 0000555f36466360 R09: 0000000000000000 R10: 0000555f35a6a280 R11: 0000000000000000 R12: 0000555f35a71bec R13: 0000000000000000 R14: 0000555f36466360 R15: 000000000000000d FS: 00007f789e78e700 GS: 0000000000000000