device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 INFO: task syz-executor7:10928 blocked for more than 140 seconds. b_state=0x00000029, b_size=512 Not tainted 4.9.112-g9e79039 #7 device loop7 blocksize: 4096 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor7 D __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 29592 10928 3887 0x00000004 b_state=0x00000029, b_size=512 ffff88019dac0000 device loop7 blocksize: 4096 ffff8801b7051a40 ffff8801cd03d500__find_get_block_slow() failed. block=1, b_blocknr=8 ffff8801ccbf6000b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 ffff8801db321c18 ffff8801cb8c7978 __find_get_block_slow() failed. block=1, b_blocknr=8 ffffffff839e907db_state=0x00000029, b_size=512 ffff88019dac08c8device loop7 blocksize: 4096 ffffed0033b58118 ffff88019dac0000 __find_get_block_slow() failed. block=1, b_blocknr=8 00fffc0000000000b_state=0x00000029, b_size=512 ffff8801db3224e8device loop7 blocksize: 4096 Call Trace: __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] schedule+0x7f/0x1b0 kernel/sched/core.c:3557 device loop7 blocksize: 4096 [] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3590 __find_get_block_slow() failed. block=1, b_blocknr=8 [] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [] mutex_lock_nested+0x326/0x870 kernel/locking/mutex.c:621 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] lock_fat fs/fat/fatent.c:278 [inline] [] fat_count_free_clusters+0x122/0xa50 fs/fat/fatent.c:657 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] fat_statfs+0x394/0x4a0 fs/fat/inode.c:807 device loop7 blocksize: 4096 [] statfs_by_dentry+0x133/0x200 fs/statfs.c:60 __find_get_block_slow() failed. block=1, b_blocknr=8 [] vfs_statfs+0x43/0x220 fs/statfs.c:70 b_state=0x00000029, b_size=512 [] user_statfs+0xab/0x120 fs/statfs.c:85 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] SYSC_statfs+0x7f/0xf0 fs/statfs.c:175 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] SyS_statfs+0x1d/0x30 fs/statfs.c:172 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 [] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282 b_state=0x00000029, b_size=512 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb device loop7 blocksize: 4096 Showing all locks held in the system: __find_get_block_slow() failed. block=1, b_blocknr=8 2 locks held by khungtaskd/519: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (rcu_read_lock){......}__find_get_block_slow() failed. block=1, b_blocknr=8 , at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] , at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: device loop7 blocksize: 4096 (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 2 locks held by rs:main Q:Reg/3682: #0: __find_get_block_slow() failed. block=1, b_blocknr=8 (b_state=0x00000029, b_size=512 &f->f_pos_lockdevice loop7 blocksize: 4096 ){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 #1: b_state=0x00000029, b_size=512 (device loop7 blocksize: 4096 sb_writers#3){.+.+.+}__find_get_block_slow() failed. block=1, b_blocknr=8 , at: [] file_start_write include/linux/fs.h:2640 [inline] , at: [] vfs_write+0x3ae/0x530 fs/read_write.c:556 2 locks held by getty/3780: device loop7 blocksize: 4096 #0: (&tty->ldisc_sem __find_get_block_slow() failed. block=1, b_blocknr=8 ){++++++}b_state=0x00000029, b_size=512 , at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock __find_get_block_slow() failed. block=1, b_blocknr=8 ){+.+...}b_state=0x00000029, b_size=512 , at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor7/10928: __find_get_block_slow() failed. block=1, b_blocknr=8 #0: b_state=0x00000029, b_size=512 (device loop7 blocksize: 4096 &sbi->fat_lock){+.+...}, at: [] lock_fat fs/fat/fatent.c:278 [inline] &sbi->fat_lock){+.+...}, at: [] fat_count_free_clusters+0x122/0xa50 fs/fat/fatent.c:657 2 locks held by syz-executor7/10930: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (sb_writers#14){.+.+.+}__find_get_block_slow() failed. block=1, b_blocknr=8 , at: [] sb_start_write include/linux/fs.h:1573 [inline] , at: [] mnt_want_write+0x3f/0xb0 fs/namespace.c:391 #1: device loop7 blocksize: 4096 (&sb->s_type->i_mutex_key#20__find_get_block_slow() failed. block=1, b_blocknr=8 ){+.+.+.}b_state=0x00000029, b_size=512 , at: [] inode_lock include/linux/fs.h:766 [inline] , at: [] do_truncate2+0x128/0x1f0 fs/open.c:61 1 lock held by syz-executor7/10934: __find_get_block_slow() failed. block=1, b_blocknr=8 #0: b_state=0x00000029, b_size=512 (device loop7 blocksize: 4096 &sbi->fat_lock){+.+...}, at: [] lock_fat fs/fat/fatent.c:278 [inline] &sbi->fat_lock){+.+...}, at: [] fat_count_free_clusters+0x122/0xa50 fs/fat/fatent.c:657 2 locks held by syz-executor7/10936: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (sb_writers#14){.+.+.+}__find_get_block_slow() failed. block=1, b_blocknr=8 , at: [] sb_start_write include/linux/fs.h:1573 [inline] , at: [] mnt_want_write+0x3f/0xb0 fs/namespace.c:391 #1: device loop7 blocksize: 4096 (&sb->s_type->i_mutex_key#20){+.+.+.}__find_get_block_slow() failed. block=1, b_blocknr=8 , at: [] inode_lock include/linux/fs.h:766 [inline] , at: [] do_truncate2+0x128/0x1f0 fs/open.c:61 2 locks held by syz-executor7/10941: device loop7 blocksize: 4096 #0: (sb_writers#14 __find_get_block_slow() failed. block=1, b_blocknr=8 ){.+.+.+}b_state=0x00000029, b_size=512 , at: [] sb_start_write include/linux/fs.h:1573 [inline] , at: [] vfs_fallocate+0x2fb/0x600 fs/open.c:328 #1: (&sb->s_type->i_mutex_key __find_get_block_slow() failed. block=1, b_blocknr=8 #20b_state=0x00000029, b_size=512 ){+.+.+.}device loop7 blocksize: 4096 , at: [] inode_lock include/linux/fs.h:766 [inline] , at: [] fat_fallocate+0x10e/0x2d0 fs/fat/file.c:249 1 lock held by init/10958: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2047 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x46c/0xe20 drivers/tty/tty_io.c:2125 1 lock held by init/10959: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2047 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x46c/0xe20 drivers/tty/tty_io.c:2125 1 lock held by init/10960: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2047 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x46c/0xe20 drivers/tty/tty_io.c:2125 1 lock held by init/10961: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2047 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x46c/0xe20 drivers/tty/tty_io.c:2125 1 lock held by init/10962: b_state=0x00000029, b_size=512 #0: device loop7 blocksize: 4096 (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2047 [inline] (tty_mutex){+.+.+.}, at: [] tty_open+0x46c/0xe20 drivers/tty/tty_io.c:2125 b_state=0x00000029, b_size=512 ============================================= device loop7 blocksize: 4096 NMI backtrace for cpu 0 CPU: 0 PID: 519 Comm: khungtaskd Not tainted 4.9.112-g9e79039 #7 __find_get_block_slow() failed. block=1, b_blocknr=8 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 b_state=0x00000029, b_size=512 ffff8801d905fd08 device loop7 blocksize: 4096 ffffffff81eb3249 0000000000000000 0000000000000000__find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 0000000000000000 device loop7 blocksize: 4096 0000000000000001 ffffffff810b9bd0 ffff8801d905fd40__find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 ffffffff81ebe547 device loop7 blocksize: 4096 0000000000000000 0000000000000000 0000000000000002__find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 Call Trace: device loop7 blocksize: 4096 [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] nmi_cpu_backtrace.cold.2+0x48/0x87 lib/nmi_backtrace.c:99 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 [] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60 b_state=0x00000029, b_size=512 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 device loop7 blocksize: 4096 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6b4/0xa20 kernel/hung_task.c:239 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 [] kthread+0x26d/0x300 kernel/kthread.c:211 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 b_state=0x00000029, b_size=512 Sending NMI from CPU 0 to CPUs 1: device loop7 blocksize: 4096 NMI backtrace for cpu 1 CPU: 1 PID: 5150 Comm: kworker/u4:7 Not tainted 4.9.112-g9e79039 #7 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: writeback wb_workfnc (flush-7:7)c task: ffff88019a066000 task.stack: ffff88019a0e0000 RIP: 0010:[] c [] find_get_entry+0xd/0x540 mm/filemap.c:1088 RSP: 0018:ffff88019a0e74a0 EFLAGS: 00000293 RAX: ffff88019a066000 RBX: ffff8801b6c1abc8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801b6c1abc8 RBP: ffff88019a0e74c8 R08: ffff88019a066938 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8801b6c1abc8 FS: 0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000023d0b10 CR3: 00000001d709c000 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8801b6c1abc8c 0000000000000001c dffffc0000000000c 0000000000000000c ffff8801b6c1abc8c ffff88019a0e7520c ffffffff8143a05bc 0000000000000002c ffff88019a0668c8c fffffbfff098c478c 0000000000000001c ffff8801b6c1abc8c Call Trace: [] pagecache_get_page+0x4b/0x720 mm/filemap.c:1203 [] find_get_page_flags include/linux/pagemap.h:264 [inline] [] __find_get_block_slow+0xc2/0x330 fs/buffer.c:212 [] __find_get_block+0x23e/0x4c0 fs/buffer.c:1360 [] __getblk_slow fs/buffer.c:1101 [inline] [] __getblk_gfp+0x189/0x710 fs/buffer.c:1386 [] __bread_gfp+0x2d/0x270 fs/buffer.c:1420 [] sb_bread include/linux/buffer_head.h:300 [inline] [] __fat_write_inode+0x2ab/0x980 fs/fat/inode.c:844 [] fat_write_inode+0x79/0x170 fs/fat/inode.c:893 [] write_inode fs/fs-writeback.c:1180 [inline] [] __writeback_single_inode+0x86d/0x1020 fs/fs-writeback.c:1379 [] writeback_sb_inodes+0x4ac/0xe70 fs/fs-writeback.c:1584 [] __writeback_inodes_wb+0xfb/0x1e0 fs/fs-writeback.c:1653 [] wb_writeback+0x512/0xbd0 fs/fs-writeback.c:1762 [] wb_check_old_data_flush fs/fs-writeback.c:1877 [inline] [] wb_do_writeback fs/fs-writeback.c:1901 [inline] [] wb_workfn+0x850/0xdb0 fs/fs-writeback.c:1930 [] process_one_work+0x7e1/0x1500 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x10a0 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Code: cef ce8 c58 c30 c10 c00 ceb c98 c4c c89 cef ce8 c4e c30 c10 c00 ce9 c2e cff cff cff c66 c0f c1f c84 c00 c00 c00 c00 c00 c55 c48 c89 ce5 c41 c57 c41 c56 c41 c55 c41 c54 c53 c<48> c89 cfb c48 c83 cec c30 c48 c89 c75 cc0 ce8 c73 c5e cf2 cff ce8 cee c29 ce4 cff c __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512 device loop7 blocksize: 4096 __find_get_block_slow() failed. block=1, b_blocknr=8 b_state=0x00000029, b_size=512