ieee802154 phy1 wpan1: encryption failed: -22 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 INFO: task systemd-udevd:8391 blocked for more than 140 seconds. Not tainted 4.19.207-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26624 8391 4700 0x00000100 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 io_schedule+0xb5/0x120 kernel/sched/core.c:5181 wait_on_page_bit_common mm/filemap.c:1123 [inline] wait_on_page_bit+0x2c5/0x3f0 mm/filemap.c:1156 wait_on_page_locked include/linux/pagemap.h:531 [inline] wait_on_page_read mm/filemap.c:2795 [inline] do_read_cache_page+0x8ed/0x1170 mm/filemap.c:2834 read_mapping_page include/linux/pagemap.h:402 [inline] read_dev_sector+0xbf/0x500 block/partition-generic.c:671 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x114/0xe70 block/partitions/acorn.c:366 check_partition+0x390/0x690 block/partitions/check.c:167 rescan_partitions+0x1b5/0x970 block/partition-generic.c:535 bdev_disk_changed+0x179/0x1b0 fs/block_dev.c:1435 __blkdev_get+0x1282/0x1480 fs/block_dev.c:1561 blkdev_get+0xb0/0x940 fs/block_dev.c:1627 blkdev_open+0x202/0x290 fs/block_dev.c:1788 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f290ecdb840 Code: Bad RIP value. RSP: 002b:00007fff318c4458 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 000056115d9a8dc0 RCX: 00007f290ecdb840 RDX: 000056115c5b5fe3 RSI: 00000000000a0800 RDI: 000056115d9bd7e0 RBP: 00007fff318c45d0 R08: 000056115c5b5670 R09: 0000000000000010 R10: 000056115c5b5d0c R11: 0000000000000246 R12: 00007fff318c4520 R13: 000056115d9bbf00 R14: 0000000000000003 R15: 000000000000000e INFO: task syz-executor.0:15386 blocked for more than 140 seconds. Not tainted 4.19.207-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28560 15386 1171 0x00000006 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 blkdev_put+0x30/0x520 fs/block_dev.c:1839 blkdev_close+0x86/0xb0 fs/block_dev.c:1888 __fput+0x2ce/0x890 fs/file_table.c:278 task_work_run+0x148/0x1c0 kernel/task_work.c:113 get_signal+0x1b64/0x1f70 kernel/signal.c:2400 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f797a50d709 Code: Bad RIP value. RSP: 002b:00007f7977a84188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: fffffffffffffe00 RBX: 00007f797a611f60 RCX: 00007f797a50d709 RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 RBP: 00007f797a567cb4 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc668ab3ef R14: 00007f7977a84300 R15: 0000000000022000 Showing all locks held in the system: 1 lock held by khungtaskd/1569: #0: 00000000953738ae (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 2 locks held by in:imklog/7844: #0: 0000000063bd5ad9 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767 #1: 00000000c6bec906 (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1826 [inline] #1: 00000000c6bec906 (&rq->lock){-.-.}, at: __schedule+0x1f9/0x2040 kernel/sched/core.c:3455 2 locks held by kworker/u4:4/18648: 1 lock held by syz-executor.0/23849: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/23876: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/23917: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/23954: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/23980: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24018: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24055: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24075: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24110: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24138: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24171: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24200: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24219: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24240: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24265: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24294: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24316: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24340: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24367: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24394: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24415: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24430: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24448: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24476: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24500: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24525: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24552: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24653: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24681: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24716: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24741: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24771: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24795: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24915: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24944: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24971: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/24998: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25028: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25056: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25079: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25099: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25131: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25161: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25186: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25204: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25233: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25260: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25294: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25325: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25349: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25379: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25409: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25435: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25460: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25486: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25512: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25535: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25556: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25578: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25602: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25625: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25644: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25672: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25695: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25713: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25735: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25761: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25779: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25798: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25820: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25845: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25864: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25884: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25915: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25941: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25965: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/25987: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26007: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26033: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26054: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26078: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26102: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26132: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26160: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26183: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26206: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26223: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26259: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26289: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26313: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26342: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26366: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26388: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26412: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26439: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26467: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26492: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26527: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26552: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26582: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26607: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26640: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26658: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26685: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26719: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26767: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26788: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26827: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26863: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26888: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26906: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26942: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26965: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/26996: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27011: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27029: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27050: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27075: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27099: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27121: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27144: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27167: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27185: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27209: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27243: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27282: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27306: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27327: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27358: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27375: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27399: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27422: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27444: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27465: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27493: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27513: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27542: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27565: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27594: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27617: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27649: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27667: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27695: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27716: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27746: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27775: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/27803: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by syz-executor.0/6444: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 1 lock held by systemd-udevd/8391: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 1 lock held by syz-executor.0/15386: #0: 0000000045eb6073 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1569 Comm: khungtaskd Not tainted 4.19.207-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0x991/0xe60 kernel/hung_task.c:287 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 4688 Comm: systemd-journal Not tainted 4.19.207-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:kasan_check_read+0x4/0x10 mm/kasan/kasan.c:272 Code: 89 d0 49 39 c1 75 11 49 0f be 01 41 83 e2 07 49 39 c2 0f 8c 4e ff ff ff 5b 44 89 c2 5d 41 5c e9 b2 18 00 00 66 90 48 8b 0c 24 <89> f6 31 d2 e9 83 fe ff ff 0f 1f 00 48 8b 0c 24 89 f6 ba 01 00 00 RSP: 0018:ffff8880a11e7cb8 EFLAGS: 00000293 RAX: ffff8880a11d8480 RBX: ffffffff89f50300 RCX: ffffffff83761e61 RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff89f50300 RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000000 R12: ffff8880a11e7db0 R13: 1ffff1101423cf99 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f7197cf88c0(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7194dc1028 CR3: 00000000a15b8000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: atomic_read include/asm-generic/atomic-instrumented.h:21 [inline] refcount_dec_not_one+0x71/0x1d0 lib/refcount.c:269 refcount_dec_and_lock_irqsave+0x25/0xe0 lib/refcount.c:368 free_uid+0x7e/0x230 kernel/user.c:172 put_cred_rcu+0x245/0x4a0 kernel/cred.c:124 __put_cred+0x1de/0x250 kernel/cred.c:151 put_cred include/linux/cred.h:276 [inline] do_faccessat+0x64e/0x7a0 fs/open.c:438 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f7196fb39c7 Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fff50d0ed98 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 RAX: ffffffffffffffda RBX: 00007fff50d11cb0 RCX: 00007f7196fb39c7 RDX: 00007f7197a24a00 RSI: 0000000000000000 RDI: 000055e9fa42f9a3 RBP: 00007fff50d0edd0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fff50d11cb0 R15: 00007fff50d0f2c0 ---------------- Code disassembly (best guess): 0: 89 d0 mov %edx,%eax 2: 49 39 c1 cmp %rax,%r9 5: 75 11 jne 0x18 7: 49 0f be 01 movsbq (%r9),%rax b: 41 83 e2 07 and $0x7,%r10d f: 49 39 c2 cmp %rax,%r10 12: 0f 8c 4e ff ff ff jl 0xffffff66 18: 5b pop %rbx 19: 44 89 c2 mov %r8d,%edx 1c: 5d pop %rbp 1d: 41 5c pop %r12 1f: e9 b2 18 00 00 jmpq 0x18d6 24: 66 90 xchg %ax,%ax 26: 48 8b 0c 24 mov (%rsp),%rcx * 2a: 89 f6 mov %esi,%esi <-- trapping instruction 2c: 31 d2 xor %edx,%edx 2e: e9 83 fe ff ff jmpq 0xfffffeb6 33: 0f 1f 00 nopl (%rax) 36: 48 8b 0c 24 mov (%rsp),%rcx 3a: 89 f6 mov %esi,%esi 3c: ba .byte 0xba 3d: 01 00 add %eax,(%rax)