blktrace: Concurrent blktraces are not allowed on loop3 VFS: Found a Xenix FS (block size = 512) on device loop0 BUG: sleeping function called from invalid context at fs/buffer.c:1381 blktrace: Concurrent blktraces are not allowed on loop5 in_atomic(): 1, irqs_disabled(): 0, pid: 10391, name: syz-executor.0 3 locks held by syz-executor.0/10391: #0: (sb_writers#18){.+.+}, at: [] sb_start_write include/linux/fs.h:1551 [inline] #0: (sb_writers#18){.+.+}, at: [] mnt_want_write+0x3a/0xb0 fs/namespace.c:386 #1: (&sb->s_type->i_mutex_key#25){+.+.}, at: [] inode_lock include/linux/fs.h:719 [inline] #1: (&sb->s_type->i_mutex_key#25){+.+.}, at: [] do_truncate+0xf0/0x1a0 fs/open.c:61 #2: (pointers_lock){.+.+}, at: [] get_block+0x153/0x1230 fs/sysv/itree.c:217 Preemption disabled at: [< (null)>] (null) CPU: 1 PID: 10391 Comm: syz-executor.0 Not tainted 4.14.304-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6041 __getblk_gfp fs/buffer.c:1381 [inline] __bread_gfp+0x3e/0x2e0 fs/buffer.c:1428 sb_bread include/linux/buffer_head.h:343 [inline] get_branch+0x2ac/0x600 fs/sysv/itree.c:104 get_block+0x176/0x1230 fs/sysv/itree.c:218 block_truncate_page+0x2a8/0x8f0 fs/buffer.c:2944 sysv_truncate+0x1c4/0xd70 fs/sysv/itree.c:383 sysv_setattr+0x115/0x180 fs/sysv/file.c:47 notify_change+0x56b/0xd10 fs/attr.c:315 do_truncate+0xff/0x1a0 fs/open.c:63 vfs_truncate+0x456/0x680 fs/open.c:120 do_sys_truncate.part.0+0xdc/0xf0 fs/open.c:143 do_sys_truncate fs/open.c:137 [inline] SYSC_truncate fs/open.c:155 [inline] SyS_truncate+0x23/0x40 fs/open.c:153 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f4de152c0c9 RSP: 002b:00007f4ddfa9e168 EFLAGS: 00000246 ORIG_RAX: 000000000000004c RAX: ffffffffffffffda RBX: 00007f4de164bf80 RCX: 00007f4de152c0c9 RDX: 0000000000000000 RSI: 000000000000317b RDI: 00000000200001c0 RBP: 00007f4de1587ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffcc496a68f R14: 00007f4ddfa9e300 R15: 0000000000022000 ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 ubi0: VID header offset: 64 (aligned 64), data offset: 128 ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2951058962 ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 ubi0: background thread "ubi_bgt0d" started, PID 10417 ubi: mtd0 is already attached to ubi0 ubi0: detaching mtd0 ubi0: mtd0 is detached F2FS-fs (loop1): Found nat_bits in checkpoint F2FS-fs (loop4): Found nat_bits in checkpoint F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 attempt to access beyond end of device F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 loop1: rw=2049, want=45104, limit=40427 audit: type=1804 audit(1675437041.658:6): pid=10424 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir3085688696/syzkaller.R3kUvp/13/file0/bus" dev="loop4" ino=10 res=1 audit: type=1804 audit(1675437041.658:7): pid=10424 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir3085688696/syzkaller.R3kUvp/13/file0/bus" dev="loop4" ino=10 res=1 attempt to access beyond end of device loop4: rw=2049, want=40432, limit=40427 ubi0: attaching mtd0 ubi0: scanning is finished VFS: Found a Xenix FS (block size = 512) on device loop0 BUG: sleeping function called from invalid context at fs/buffer.c:1381 in_atomic(): 1, irqs_disabled(): 0, pid: 10465, name: syz-executor.0 3 locks held by syz-executor.0/10465: #0: (sb_writers#18){.+.+}, at: [] sb_start_write include/linux/fs.h:1551 [inline] #0: (sb_writers#18){.+.+}, at: [] mnt_want_write+0x3a/0xb0 fs/namespace.c:386 #1: (&sb->s_type->i_mutex_key#25){+.+.}, at: [] inode_lock include/linux/fs.h:719 [inline] #1: (&sb->s_type->i_mutex_key#25){+.+.}, at: [] do_truncate+0xf0/0x1a0 fs/open.c:61 ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) #2: (pointers_lock){++++}, at: [] get_block+0x153/0x1230 fs/sysv/itree.c:217 Preemption disabled at: [< (null)>] (null) CPU: 1 PID: 10465 Comm: syz-executor.0 Tainted: G W 4.14.304-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6041 __getblk_gfp fs/buffer.c:1381 [inline] __bread_gfp+0x3e/0x2e0 fs/buffer.c:1428 sb_bread include/linux/buffer_head.h:343 [inline] get_branch+0x2ac/0x600 fs/sysv/itree.c:104 get_block+0x176/0x1230 fs/sysv/itree.c:218 ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes block_truncate_page+0x2a8/0x8f0 fs/buffer.c:2944 sysv_truncate+0x1c4/0xd70 fs/sysv/itree.c:383 sysv_setattr+0x115/0x180 fs/sysv/file.c:47 notify_change+0x56b/0xd10 fs/attr.c:315 ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 do_truncate+0xff/0x1a0 fs/open.c:63 vfs_truncate+0x456/0x680 fs/open.c:120 ubi0: VID header offset: 64 (aligned 64), data offset: 128 do_sys_truncate.part.0+0xdc/0xf0 fs/open.c:143 do_sys_truncate fs/open.c:137 [inline] SYSC_truncate fs/open.c:155 [inline] SyS_truncate+0x23/0x40 fs/open.c:153 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f4de152c0c9 RSP: 002b:00007f4ddfa9e168 EFLAGS: 00000246 ORIG_RAX: 000000000000004c RAX: ffffffffffffffda RBX: 00007f4de164bf80 RCX: 00007f4de152c0c9 RDX: 0000000000000000 RSI: 000000000000317b RDI: 00000000200001c0 RBP: 00007f4de1587ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffcc496a68f R14: 00007f4ddfa9e300 R15: 0000000000022000 ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2951058962 ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 ubi0: background thread "ubi_bgt0d" started, PID 10476 ubi0: detaching mtd0 ubi0: mtd0 is detached ntfs: volume version 3.1. VFS: Found a Xenix FS (block size = 512) on device loop0 VFS: Found a Xenix FS (block size = 512) on device loop0 F2FS-fs (loop4): Found nat_bits in checkpoint ntfs: volume version 3.1. F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 audit: type=1804 audit(1675437043.118:8): pid=10504 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir3085688696/syzkaller.R3kUvp/14/file0/bus" dev="loop4" ino=10 res=1 audit: type=1804 audit(1675437043.118:9): pid=10504 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir3085688696/syzkaller.R3kUvp/14/file0/bus" dev="loop4" ino=10 res=1 attempt to access beyond end of device loop4: rw=2049, want=40432, limit=40427 ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. ntfs: volume version 3.1. EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue new mount options do not match the existing superblock, will be ignored hub 5-0:1.0: USB hub found hub 5-0:1.0: 1 port detected new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue hub 5-0:1.0: USB hub found hub 5-0:1.0: 1 port detected new mount options do not match the existing superblock, will be ignored hub 5-0:1.0: USB hub found hub 5-0:1.0: 1 port detected