BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor.0 (16615) BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by systemd-udevd (8076) INFO: task syz-executor.3:8100 blocked for more than 140 seconds. BTRFS warning (device loop1): loop1 checksum verify failed on 5300224 wanted C6D916F8 found 7C9E6543 level 0 Not tainted 4.19.211-syzkaller #0 BTRFS warning (device loop1): failed to read fs tree: -5 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D24248 8100 8132 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 blkdev_get+0xb0/0x940 fs/block_dev.c:1627 blkdev_open+0x202/0x290 fs/block_dev.c:1788 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor.0 (16639) do_sys_open+0x3b3/0x520 fs/open.c:1085 BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by systemd-udevd (8089) do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc6ee862209 Code: Bad RIP value. RSP: 002b:00007fc6ed1b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007fc6ee975030 RCX: 00007fc6ee862209 RDX: 0000000000000018 RSI: 0000000020004280 RDI: ffffffffffffff9c RBP: 00007fc6ee8bc161 R08: 0000000000000000 R09: 0000000000000000 BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by systemd-udevd (8076) R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd78084e1f R14: 00007fc6ed1b6300 R15: 0000000000022000 INFO: task syz-executor.3:8117 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27280 8117 8132 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 BTRFS error (device loop1): open_ctree failed __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 syz-executor.5 (16587): drop_caches: 1 BTRFS info (device loop0): disabling disk space caching BTRFS info (device loop0): has skinny extents __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 __blkdev_get+0x84d/0x1480 fs/block_dev.c:1535 BTRFS error (device loop0): bad tree block start, want 5308416 have 0 BTRFS warning (device loop0): failed to read root (objectid=4): -5 blkdev_get+0xb0/0x940 fs/block_dev.c:1627 blkdev_open+0x202/0x290 fs/block_dev.c:1788 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc6ee862209 Code: Bad RIP value. RSP: 002b:00007fc6ed174168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007fc6ee9751d0 RCX: 00007fc6ee862209 RDX: 0000000000000018 RSI: 0000000020004280 RDI: ffffffffffffff9c RBP: 00007fc6ee8bc161 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd78084e1f R14: 00007fc6ed174300 R15: 0000000000022000 INFO: task systemd-udevd:8163 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D28424 8163 4699 0x00000100 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor.1 (16694) BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by systemd-udevd (8076) __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 blkdev_get+0xb0/0x940 fs/block_dev.c:1627 blkdev_open+0x202/0x290 fs/block_dev.c:1788 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f8cef8f6840 Code: Bad RIP value. RSP: 002b:00007ffda005d0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 000055942f2e9140 RCX: 00007f8cef8f6840 RDX: 000055942db21fe3 RSI: 00000000000a0800 RDI: 000055942f2e7840 RBP: 00007ffda005d270 R08: 000055942db21670 R09: 0000000000000010 R10: 000055942db21d0c R11: 0000000000000246 R12: 00007ffda005d1c0 R13: 000055942f2e4580 R14: 0000000000000003 R15: 000000000000000e Showing all locks held in the system: 1 lock held by khungtaskd/1571: #0: 0000000067c5bcc4 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 1 lock held by in:imklog/7798: #0: 00000000ab32a8cf (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767 3 locks held by kworker/u4:7/9432: 1 lock held by syz-executor.3/8100: #0: 000000007672b930 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 2 locks held by syz-executor.3/8117: #0: 000000007672b930 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 #1: 000000007672b930 (&bdev->bd_mutex/1){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 1 lock held by systemd-udevd/8163: #0: 000000007672b930 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478 2 locks held by syz-executor.5/16587: #0: 00000000a7c9a2dd (sb_writers#4){.+.+}, at: file_start_write include/linux/fs.h:2779 [inline] #0: 00000000a7c9a2dd (sb_writers#4){.+.+}, at: do_sendfile+0x97d/0xc30 fs/read_write.c:1446 #1: 0000000000755604 (&type->s_umount_key#88){++++}, at: iterate_supers+0xdb/0x290 fs/super.c:631 5 locks held by syz-executor.0/16661: BTRFS error (device loop0): open_ctree failed syz-executor.5 (16587): drop_caches: 1 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1571 Comm: khungtaskd Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0x991/0xe60 kernel/hung_task.c:287 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 4676 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 RIP: 0010:__orc_find+0xa/0xf0 arch/x86/kernel/unwind_orc.c:33 Code: fd ff ff e8 b8 ea 6e 00 e9 ea fc ff ff 48 8b 3c 24 e8 3a eb 6e 00 e9 7b fe ff ff 90 90 90 90 90 41 57 89 d0 41 56 41 55 41 54 <4c> 8d 64 87 fc 55 53 48 83 ec 10 85 d2 0f 84 95 00 00 00 4c 39 e7 RSP: 0018:ffff8880a18df980 EFLAGS: 00000206 RAX: 0000000000000011 RBX: 1ffff1101431bf3e RCX: ffffffff81a6c819 RDX: 0000000000000011 RSI: ffffffff8b9b0b9c RDI: ffffffff8b39ca1c RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8b9b0b9c R10: ffff8880a18dfb37 R11: 0000000000074071 R12: ffff8880a18dfb20 R13: ffff8880a18dfb0d R14: ffff8880a18dfad8 R15: ffffffff81a6c819 FS: 00007f1fbb8fe8c0(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f1fb9057000 CR3: 00000000a31dc000 CR4: 00000000003406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: orc_find arch/x86/kernel/unwind_orc.c:159 [inline] unwind_next_frame+0x339/0x1400 arch/x86/kernel/unwind_orc.c:422 __save_stack_trace+0x9f/0x190 arch/x86/kernel/stacktrace.c:44 save_stack mm/kasan/kasan.c:448 [inline] set_track mm/kasan/kasan.c:460 [inline] kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:553 kmem_cache_alloc+0x122/0x370 mm/slab.c:3559 getname_flags+0xce/0x590 fs/namei.c:140 user_path_at_empty+0x2a/0x50 fs/namei.c:2609 user_path_at include/linux/namei.h:57 [inline] do_faccessat+0x248/0x7a0 fs/open.c:397 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f1fbabb99c7 Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007ffcc5bbc258 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 RAX: ffffffffffffffda RBX: 00007ffcc5bbf280 RCX: 00007f1fbabb99c7 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005618a4af69a3 RBP: 00007ffcc5bbc3a0 R08: 00005618a4aec3e5 R09: 0000000000000018 R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00005618a55448a0 R15: 00007ffcc5bbc890