[ 7961] 0 7961 17585 8737 131072 0 0 syz-executor3 [ 7971] 0 7971 17585 8738 126976 0 0 syz-executor4 [ 7973] 0 7973 17585 8739 126976 0 0 syz-executor5 [ 7975] 0 7975 17585 8739 126976 0 0 syz-executor7 [ 7976] 0 7976 17585 8739 126976 0 0 syz-executor7 INFO: task syz-executor4:10308 blocked for more than 140 seconds. [ 7981] 0 7981 17585 8740 126976 0 0 syz-executor0 [ 7984] 0 7984 17585 8739 126976 0 0 syz-executor5 [ 7985] 0 7985 17585 8737 126976 0 0 syz-executor6 Not tainted 4.19.0-rc2-next-20180904+ #55 [ 7988] 0 7988 17618 8738 131072 0 0 syz-executor1 [ 7989] 0 7989 17618 8738 131072 0 0 syz-executor1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 7991] 0 7991 17585 8737 126976 0 0 syz-executor6 [ 7992] 0 7992 17585 8740 126976 0 0 syz-executor0 syz-executor4 D [ 7994] 0 7994 17585 8737 131072 0 0 syz-executor3 [ 7999] 0 7999 17585 8738 126976 0 0 syz-executor4 [ 8003] 0 8003 17585 8737 131072 0 0 syz-executor3 [ 8014] 0 8014 17585 8740 126976 0 0 syz-executor0 20536 10308 4703 0x00000000 [ 8017] 0 8017 17585 8739 126976 0 0 syz-executor7 Call Trace: [ 8018] 0 8018 17585 8737 126976 0 0 syz-executor6 [ 8020] 0 8020 17618 8741 126976 0 0 syz-executor5 [ 8021] 0 8021 17585 8740 126976 0 0 syz-executor0 context_switch kernel/sched/core.c:2825 [inline] __schedule+0x87c/0x1df0 kernel/sched/core.c:3473 [ 8022] 0 8022 17585 8739 126976 0 0 syz-executor7 [ 8023] 0 8023 17585 8737 126976 0 0 syz-executor6 [ 8024] 0 8024 17618 8741 126976 0 0 syz-executor5 [ 8030] 0 8030 17585 8738 126976 0 0 syz-executor4 [ 8034] 0 8034 17585 8737 131072 0 0 syz-executor3 [ 8037] 0 8037 17618 8738 131072 0 0 syz-executor1 [ 8039] 0 8039 17585 8737 131072 0 0 syz-executor3 [ 8040] 0 8040 17618 8738 131072 0 0 syz-executor1 schedule+0xfb/0x450 kernel/sched/core.c:3517 [ 8056] 0 8056 17585 8738 126976 0 0 syz-executor4 [ 8055] 0 8055 17618 8741 126976 0 0 syz-executor5 [ 8060] 0 8060 17585 8740 126976 0 0 syz-executor0 [ 8062] 0 8062 17585 8739 126976 0 0 syz-executor7 [ 8063] 0 8063 17618 8741 126976 0 0 syz-executor5 [ 8066] 0 8066 17585 8740 126976 0 0 syz-executor0 [ 8067] 0 8067 17585 8737 126976 0 0 syz-executor6 [ 8070] 0 8070 17618 8739 131072 0 0 syz-executor3 [ 8073] 0 8073 17618 8738 131072 0 0 syz-executor1 [ 8074] 0 8074 17585 8737 126976 0 0 syz-executor6 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:269 [inline] rwsem_down_read_failed+0x362/0x610 kernel/locking/rwsem-xadd.c:286 [ 8075] 0 8075 17618 8739 131072 0 0 syz-executor3 [ 8077] 0 8077 17618 8738 131072 0 0 syz-executor1 [ 8079] 0 8079 17585 8739 126976 0 0 syz-executor7 [ 8092] 0 8092 17618 8738 131072 0 0 syz-executor1 [ 8097] 0 8097 17585 8740 126976 0 0 syz-executor0 [ 8100] 0 8100 17585 8739 126976 0 0 syz-executor5 [ 8103] 0 8103 17585 8737 126976 0 0 syz-executor6 [ 8104] 0 8104 17585 8740 126976 0 0 syz-executor0 call_rwsem_down_read_failed+0x18/0x30 arch/x86/lib/rwsem.S:94 [ 8106] 0 8106 17585 8739 126976 0 0 syz-executor5 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0xc3/0x1d0 kernel/locking/rwsem.c:26 [ 8107] 0 8107 17618 8738 131072 0 0 syz-executor1 [ 8109] 0 8109 17585 8737 126976 0 0 syz-executor6 [ 8117] 0 8117 17585 8737 131072 0 0 syz-executor3 [ 8119] 0 8119 17618 8741 126976 0 0 syz-executor7 [ 8120] 0 8120 17585 8737 131072 0 0 syz-executor3 [ 8124] 0 8124 17585 8737 126976 0 0 syz-executor6 ext4_da_map_blocks fs/ext4/inode.c:1814 [inline] ext4_da_get_block_prep+0x10a4/0x1b10 fs/ext4/inode.c:1946 [ 8126] 0 8126 17585 8737 126976 0 0 syz-executor6 [ 8127] 0 8127 17618 8741 126976 0 0 syz-executor7 [ 8135] 0 8135 17585 8740 126976 0 0 syz-executor0 [ 8137] 0 8137 17618 8741 126976 0 0 syz-executor5 [ 8139] 0 8139 17618 8738 131072 0 0 syz-executor1 [ 8140] 0 8140 17585 8740 126976 0 0 syz-executor0 [ 8146] 0 8146 17618 8738 131072 0 0 syz-executor1 ext4_block_write_begin+0x5e2/0x1580 fs/ext4/inode.c:1193 [ 8149] 0 8149 17585 8739 126976 0 0 syz-executor7 [ 8152] 0 8152 17585 8737 131072 0 0 syz-executor3 [ 8155] 0 8155 17585 8739 126976 0 0 syz-executor7 [ 8157] 0 8157 17618 8741 126976 0 0 syz-executor5 [ 8160] 0 8160 17585 8737 126976 0 0 syz-executor6 [ 8161] 0 8161 17585 8737 131072 0 0 syz-executor3 [ 8163] 0 8163 17585 8737 126976 0 0 syz-executor6 [ 8173] 0 8173 17618 8739 131072 0 0 syz-executor3 [ 8175] 0 8175 17618 8739 131072 0 0 syz-executor3 ext4_da_write_begin+0x410/0x11f0 fs/ext4/inode.c:3078 [ 8181] 0 8181 17585 8740 126976 0 0 syz-executor0 [ 8182] 0 8182 17618 8738 131072 0 0 syz-executor1 [ 8183] 0 8183 17618 8738 131072 0 0 syz-executor1 [ 8186] 0 8186 17585 8186 114688 0 0 syz-executor4 [ 8190] 0 8190 17585 8739 126976 0 0 syz-executor7 [ 8191] 0 8191 17585 8740 126976 0 0 syz-executor0 [ 8193] 0 8193 17585 8737 126976 0 0 syz-executor6 [ 8197] 0 8197 17585 8739 126976 0 0 syz-executor7 [ 8198] 0 8198 17585 8737 126976 0 0 syz-executor6 [ 8205] 0 8205 17618 8739 131072 0 0 syz-executor3 [ 8210] 0 8210 17618 8739 131072 0 0 syz-executor3 [ 8211] 0 8211 17585 8739 126976 0 0 syz-executor5 [ 8214] 0 8214 17618 8738 131072 0 0 syz-executor1 [ 8216] 0 8216 17618 8738 131072 0 0 syz-executor1 [ 8218] 0 8218 17585 8739 126976 0 0 syz-executor5 [ 8221] 0 8221 17585 8737 126976 0 0 syz-executor6 [ 8227] 0 8227 17585 8739 126976 0 0 syz-executor7 [ 8229] 0 8229 17585 8740 126976 0 0 syz-executor0 generic_perform_write+0x3ae/0x6c0 mm/filemap.c:3139 [ 8232] 0 8232 17585 8738 126976 0 0 syz-executor4 [ 8233] 0 8233 17585 8737 126976 0 0 syz-executor6 [ 8235] 0 8235 17585 8740 126976 0 0 syz-executor0 [ 8237] 0 8237 17585 8739 126976 0 0 syz-executor7 [ 8241] 0 8241 17618 8738 131072 0 0 syz-executor1 [ 8243] 0 8243 17585 8737 131072 0 0 syz-executor3 [ 8244] 0 8244 17585 8737 131072 0 0 syz-executor3 [ 8245] 0 8245 17618 8738 131072 0 0 syz-executor1 __generic_file_write_iter+0x26e/0x630 mm/filemap.c:3264 [ 8252] 0 8252 17618 8233 126976 0 0 syz-executor5 ext4_file_write_iter+0x390/0x1450 fs/ext4/file.c:266 [ 8259] 0 8259 17618 8233 126976 0 0 syz-executor5 [ 8264] 0 8264 17585 8230 126976 0 0 syz-executor4 [ 8265] 0 8265 17585 8230 131072 0 0 syz-executor3 [ 8268] 0 8268 17585 8230 131072 0 0 syz-executor3 [ 8273] 0 8273 17585 8228 126976 0 0 syz-executor7 [ 8275] 0 8275 17585 8228 126976 0 0 syz-executor7 [ 8279] 0 8279 17618 8231 131072 0 0 syz-executor1 [ 8282] 0 8282 17585 8232 126976 0 0 syz-executor0 [ 8283] 0 8283 17585 8232 126976 0 0 syz-executor0 [ 8285] 0 8285 17585 8230 126976 0 0 syz-executor6 [ 8288] 0 8288 17585 8230 126976 0 0 syz-executor6 [ 8289] 0 8289 17618 8231 131072 0 0 syz-executor1 [ 8294] 0 8294 17585 8231 126976 0 0 syz-executor5 call_write_iter include/linux/fs.h:1826 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x6af/0x9d0 fs/read_write.c:487 [ 8296] 0 8296 17585 8231 126976 0 0 syz-executor5 [ 8302] 0 8302 17585 8230 126976 0 0 syz-executor4 [ 8304] 0 8304 17585 8230 131072 0 0 syz-executor3 [ 8305] 0 8305 17585 8230 131072 0 0 syz-executor3 [ 8309] 0 8309 17585 8230 126976 0 0 syz-executor6 vfs_write+0x1fc/0x560 fs/read_write.c:549 [ 8310] 0 8310 17585 8230 126976 0 0 syz-executor6 ksys_write+0x101/0x260 fs/read_write.c:598 [ 8316] 0 8316 17618 8230 126976 0 0 syz-executor7 [ 8317] 0 8317 17618 8230 126976 0 0 syz-executor7 [ 8321] 0 8321 17618 8231 131072 0 0 syz-executor1 [ 8328] 0 8328 17618 8231 131072 0 0 syz-executor1 __do_sys_write fs/read_write.c:610 [inline] __se_sys_write fs/read_write.c:607 [inline] __x64_sys_write+0x73/0xb0 fs/read_write.c:607 [ 8331] 0 8331 17618 8234 126976 0 0 syz-executor5 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 [ 8333] 0 8333 17585 8232 126976 0 0 syz-executor0 [ 8334] 0 8334 17585 8232 126976 0 0 syz-executor0 [ 8337] 0 8337 17618 8234 126976 0 0 syz-executor5 [ 8341] 0 8341 17585 8231 126976 0 0 syz-executor4 [ 8343] 0 8343 17585 8230 131072 0 0 syz-executor3 [ 8346] 0 8346 17585 8230 131072 0 0 syz-executor3 [ 8350] 0 8350 17618 8231 131072 0 0 syz-executor1 [ 8352] 0 8352 17618 8231 131072 0 0 syz-executor1 entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 8356] 0 8356 17618 8231 126976 0 0 syz-executor6 RIP: 0033:0x457099 [ 8357] 0 8357 17618 8231 126976 0 0 syz-executor6 Code: Bad RIP value. [ 8361] 0 8361 17585 8232 126976 0 0 syz-executor5 RSP: 002b:00007fb85f6d7c78 EFLAGS: 00000246 [ 8362] 0 8362 17585 8232 126976 0 0 syz-executor5 ORIG_RAX: 0000000000000001 [ 8373] 0 8373 17585 8230 131072 0 0 syz-executor3 RAX: ffffffffffffffda RBX: 00007fb85f6d86d4 RCX: 0000000000457099 [ 8374] 0 8374 17585 8232 126976 0 0 syz-executor0 RDX: 00000000fffffd97 RSI: 0000000020000180 RDI: 0000000000000005 [ 8378] 0 8378 17585 8232 126976 0 0 syz-executor0 RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 8379] 0 8379 17585 8230 131072 0 0 syz-executor3 R13: 00000000004d7e78 R14: 00000000004cab08 R15: 0000000000000000 [ 8382] 0 8382 17585 8232 126976 0 0 syz-executor4 Showing all locks held in the system: [ 8383] 0 8383 17585 8228 126976 0 0 syz-executor7 2 locks held by init/1: [ 8384] 0 8384 17585 8228 126976 0 0 syz-executor7 6 locks held by kworker/u4:2/54: [ 8395] 0 8395 17618 8230 131072 0 0 syz-executor1 1 lock held by khungtaskd/792: [ 8396] 0 8396 17585 8230 126976 0 0 syz-executor6 #0: 000000005727aed3 [ 8397] 0 8397 17618 8230 131072 0 0 syz-executor1 ( [ 8399] 0 8399 17585 8231 126976 0 0 syz-executor4 rcu_read_lock [ 8401] 0 8401 17585 8230 126976 0 0 syz-executor6 ){....} [ 8407] 0 8407 17585 8232 126976 0 0 syz-executor0 , at: debug_show_all_locks+0xd0/0x428 kernel/locking/lockdep.c:4436 1 lock held by kswapd0/1428: [ 8408] 0 8408 17585 8230 131072 0 0 syz-executor3 4 locks held by rs:main Q:Reg/4555: [ 8411] 0 8411 17585 8230 131072 0 0 syz-executor3 2 locks held by rsyslogd/4557: [ 8412] 0 8412 17585 8232 126976 0 0 syz-executor5 3 locks held by cron/4597: [ 8413] 0 8413 17585 8232 126976 0 0 syz-executor0 2 locks held by getty/4647: [ 8419] 0 8419 17585 8231 126976 0 0 syz-executor4 #0: [ 8422] 0 8422 17618 8230 126976 0 0 syz-executor7 00000000dffad8e1 [ 8423] 0 8423 17585 8232 126976 0 0 syz-executor5 ( [ 8424] 0 8424 17618 8230 126976 0 0 syz-executor7 &tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8436] 0 8436 17618 8231 131072 0 0 syz-executor1 #1: [ 8437] 0 8437 17618 8231 131072 0 0 syz-executor1 00000000ab93cb6f [ 8440] 0 8440 17585 8230 131072 0 0 syz-executor3 ( [ 8444] 0 8444 17585 8230 131072 0 0 syz-executor3 &ldata->atomic_read_lock [ 8446] 0 8446 17585 8230 126976 0 0 syz-executor6 ){+.+.} [ 8447] 0 8447 17585 8231 126976 0 0 syz-executor4 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8448] 0 8448 17585 8230 126976 0 0 syz-executor6 2 locks held by getty/4648: [ 8456] 0 8456 17585 8232 126976 0 0 syz-executor0 #0: [ 8457] 0 8457 17585 8228 126976 0 0 syz-executor7 00000000eff2032f [ 8458] 0 8458 17585 8232 126976 0 0 syz-executor0 (&tty->ldisc_sem [ 8460] 0 8460 17585 8228 126976 0 0 syz-executor7 ){++++} [ 8467] 0 8467 17585 8232 126976 0 0 syz-executor5 , at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8468] 0 8468 17585 8232 126976 0 0 syz-executor5 #1: 00000000828f9885 [ 8481] 0 8481 17585 8230 126976 0 0 syz-executor6 ( [ 8482] 0 8482 17618 8233 126976 0 0 syz-executor5 &ldata->atomic_read_lock [ 8484] 0 8484 17618 8230 131072 0 0 syz-executor1 ){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8486] 0 8486 17585 8231 126976 0 0 syz-executor4 [ 8489] 0 8489 17618 8233 126976 0 0 syz-executor5 2 locks held by getty/4649: [ 8490] 0 8490 17585 8230 126976 0 0 syz-executor6 #0: [ 8494] 0 8494 17585 8228 126976 0 0 syz-executor7 000000006720244a [ 8495] 0 8495 17585 8228 126976 0 0 syz-executor7 (&tty->ldisc_sem [ 8499] 0 8499 17618 8230 131072 0 0 syz-executor1 ){++++}, at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8501] 0 8501 17585 8232 126976 0 0 syz-executor0 #1: 000000008f3e0751 [ 8502] 0 8502 17585 8230 131072 0 0 syz-executor3 ( [ 8503] 0 8503 17585 8232 126976 0 0 syz-executor0 &ldata->atomic_read_lock [ 8508] 0 8508 17585 8230 131072 0 0 syz-executor3 ){+.+.} [ 8512] 0 8512 17585 8228 126976 0 0 syz-executor7 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8516] 0 8516 17585 8228 126976 0 0 syz-executor7 2 locks held by getty/4650: [ 8519] 0 8519 17585 8232 126976 0 0 syz-executor0 #0: 0000000046d99145 [ 8521] 0 8521 17585 8230 126976 0 0 syz-executor6 (&tty->ldisc_sem [ 8522] 0 8522 17585 8230 126976 0 0 syz-executor6 ){++++}, at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8523] 0 8523 17585 8232 126976 0 0 syz-executor0 #1: 0000000085fc7bc4 ( [ 8526] 0 8526 17585 8232 126976 0 0 syz-executor4 &ldata->atomic_read_lock [ 8529] 0 8529 17585 8232 126976 0 0 syz-executor5 ){+.+.} [ 8533] 0 8533 17585 8230 131072 0 0 syz-executor3 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 2 locks held by getty/4651: [ 8535] 0 8535 17618 8231 131072 0 0 syz-executor1 #0: 00000000ec8b1337 [ 8537] 0 8537 17618 8231 131072 0 0 syz-executor1 ( [ 8540] 0 8540 17585 8230 131072 0 0 syz-executor3 &tty->ldisc_sem [ 8541] 0 8541 17585 8232 126976 0 0 syz-executor5 ){++++}, at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 #1: [ 8548] 0 8548 17585 8230 126976 0 0 syz-executor6 00000000289c58f3 [ 8552] 0 8552 17618 8230 126976 0 0 syz-executor7 ( [ 8555] 0 8555 17585 8231 126976 0 0 syz-executor4 &ldata->atomic_read_lock [ 8556] 0 8556 17585 8230 126976 0 0 syz-executor6 ){+.+.} [ 8561] 0 8561 17585 8232 126976 0 0 syz-executor0 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8562] 0 8562 17585 8232 126976 0 0 syz-executor0 2 locks held by getty/4652: [ 8565] 0 8565 17618 8230 126976 0 0 syz-executor7 #0: [ 8572] 0 8572 17585 8230 131072 0 0 syz-executor3 00000000da28219e [ 8574] 0 8574 17618 8231 131072 0 0 syz-executor1 ( [ 8577] 0 8577 17585 8231 126976 0 0 syz-executor4 &tty->ldisc_sem [ 8582] 0 8582 17618 8233 126976 0 0 syz-executor5 ){++++} [ 8583] 0 8583 17618 8231 131072 0 0 syz-executor1 , at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8585] 0 8585 17585 8230 131072 0 0 syz-executor3 #1: [ 8589] 0 8589 17585 8232 126976 0 0 syz-executor0 0000000000588cc9 [ 8590] 0 8590 17585 8232 126976 0 0 syz-executor0 ( [ 8591] 0 8591 17618 8233 126976 0 0 syz-executor5 &ldata->atomic_read_lock [ 8594] 0 8594 17585 8230 126976 0 0 syz-executor6 ){+.+.} [ 8595] 0 8595 17585 8230 126976 0 0 syz-executor6 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8604] 0 8604 17585 8232 126976 0 0 syz-executor4 2 locks held by getty/4653: #0: [ 8606] 0 8606 17585 8232 126976 0 0 syz-executor0 000000002b36e385 [ 8607] 0 8607 17585 8232 126976 0 0 syz-executor0 ( [ 8609] 0 8609 17585 8228 126976 0 0 syz-executor7 &tty->ldisc_sem){++++} [ 8610] 0 8610 17585 8228 126976 0 0 syz-executor7 , at: ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:353 [ 8620] 0 8620 17585 8230 131072 0 0 syz-executor3 #1: [ 8616] 0 8616 17618 8230 131072 0 0 syz-executor1 0000000079a0803a [ 8621] 0 8621 17618 8230 131072 0 0 syz-executor1 ( [ 8624] 0 8624 17585 8230 131072 0 0 syz-executor3 &ldata->atomic_read_lock){+.+.} [ 8626] 0 8626 17585 8230 126976 0 0 syz-executor6 , at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140 [ 8630] 0 8630 17585 8230 126976 0 0 syz-executor6 3 locks held by syz-fuzzer/4671: [ 8637] 0 8637 17585 8228 126976 0 0 syz-executor4 3 locks held by syz-fuzzer/4673: [ 8640] 0 8640 17618 8233 126976 0 0 syz-executor5 2 locks held by syz-fuzzer/4675: 2 locks held by syz-fuzzer/4682: [ 8641] 0 8641 17585 8232 126976 0 0 syz-executor0 3 locks held by syz-fuzzer/4683: [ 8642] 0 8642 17585 8232 126976 0 0 syz-executor0 1 lock held by syz-executor3/4697: [ 8643] 0 8643 17618 8233 126976 0 0 syz-executor5 1 lock held by syz-executor7/4699: [ 8653] 0 8653 17585 8228 126976 0 0 syz-executor7 5 locks held by syz-executor2/4700: [ 8655] 0 8655 17585 8228 126976 0 0 syz-executor7 3 locks held by syz-executor5/4701: [ 8656] 0 8656 17585 8230 131072 0 0 syz-executor3 2 locks held by syz-executor4/4703: [ 8658] 0 8658 17585 8230 131072 0 0 syz-executor3 3 locks held by udevd/5431: [ 8664] 0 8664 17585 8230 126976 0 0 syz-executor6 1 lock held by syz-executor1/10300: [ 8667] 0 8667 17585 8232 126976 0 0 syz-executor4 #0: [ 8669] 0 8669 17585 8230 126976 0 0 syz-executor6 0000000096fcd8ef ( [ 8670] 0 8670 17618 8231 131072 0 0 syz-executor1 pcpu_drain_mutex [ 8671] 0 8671 17618 8231 131072 0 0 syz-executor1 ){+.+.} [ 8677] 0 8677 17585 8232 126976 0 0 syz-executor0 , at: drain_all_pages+0xa0/0x640 mm/page_alloc.c:2632 [ 8679] 0 8679 17585 8232 126976 0 0 syz-executor0 3 locks held by syz-executor4/10304: [ 8682] 0 8682 17618 8233 126976 0 0 syz-executor5 5 locks held by syz-executor4/10308: [ 8685] 0 8685 17585 8230 131072 0 0 syz-executor3 #0: [ 8686] 0 8686 17618 8233 126976 0 0 syz-executor5 00000000770b8dac [ 8688] 0 8688 17585 8230 131072 0 0 syz-executor3 ( [ 8697] 0 8697 17585 8228 126976 0 0 syz-executor7 &f->f_pos_lock [ 8699] 0 8699 17618 8231 131072 0 0 syz-executor1 ){+.+.} [ 8702] 0 8702 17585 8231 126976 0 0 syz-executor4 , at: __fdget_pos+0x1bb/0x200 fs/file.c:766 [ 8703] 0 8703 17618 8231 131072 0 0 syz-executor1 #1: [ 8704] 0 8704 17585 8228 126976 0 0 syz-executor7 00000000297509bb [ 8711] 0 8711 17585 8232 126976 0 0 syz-executor0 ( [ 8713] 0 8713 17585 8230 126976 0 0 syz-executor6 sb_writers [ 8715] 0 8715 17585 8232 126976 0 0 syz-executor0 #5){.+.+} [ 8717] 0 8717 17585 8230 126976 0 0 syz-executor6 , at: file_start_write include/linux/fs.h:2786 [inline] , at: vfs_write+0x42a/0x560 fs/read_write.c:548 [ 8724] 0 8724 17585 8228 126976 0 0 syz-executor7 #2: [ 8727] 0 8727 17618 8231 131072 0 0 syz-executor1 00000000107f7248 [ 8728] 0 8728 17585 8228 126976 0 0 syz-executor7 ( [ 8729] 0 8729 17618 8231 131072 0 0 syz-executor1 &sb->s_type->i_mutex_key [ 8731] 0 8731 17618 8231 131072 0 0 syz-executor3 #13 [ 8732] 0 8732 17618 8231 131072 0 0 syz-executor3 ){++++} [ 8736] 0 8736 17585 8230 126976 0 0 syz-executor6 , at: inode_trylock include/linux/fs.h:771 [inline] , at: ext4_file_write_iter+0x2a1/0x1450 fs/ext4/file.c:232 [ 8738] 0 8738 17585 8230 126976 0 0 syz-executor6 #3: [ 8740] 0 8740 17618 8234 126976 0 0 syz-executor5 00000000f353d280 [ 8743] 0 8743 17585 8232 126976 0 0 syz-executor4 ( [ 8751] 0 8751 17618 8234 126976 0 0 syz-executor5 jbd2_handle){++++} [ 8754] 0 8754 17585 8232 126976 0 0 syz-executor0 , at: start_this_handle+0x589/0x1260 fs/jbd2/transaction.c:383 #4: [ 8756] 0 8756 17585 8232 126976 0 0 syz-executor0 00000000a9d45af0 [ 8764] 0 8764 17585 8230 131072 0 0 syz-executor3 ( [ 8767] 0 8767 17618 8231 131072 0 0 syz-executor1 &ei->i_data_sem [ 8769] 0 8769 17585 8228 126976 0 0 syz-executor7 ){++++} [ 8770] 0 8770 17618 8231 131072 0 0 syz-executor1 , at: ext4_da_map_blocks fs/ext4/inode.c:1814 [inline] , at: ext4_da_get_block_prep+0x10a4/0x1b10 fs/ext4/inode.c:1946 [ 8773] 0 8773 17585 8230 131072 0 0 syz-executor3 3 locks held by syz-executor5/10305: [ 8774] 0 8774 17618 8231 126976 0 0 syz-executor6 ============================================= [ 8775] 0 8775 17618 8231 126976 0 0 syz-executor6 NMI backtrace for cpu 1 [ 8777] 0 8777 17585 8228 126976 0 0 syz-executor7 CPU: 1 PID: 792 Comm: khungtaskd Not tainted 4.19.0-rc2-next-20180904+ #55 [ 8783] 0 8783 17585 8232 126976 0 0 syz-executor5 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113 [ 8784] 0 8784 17585 8232 126976 0 0 syz-executor5 [ 8792] 0 8792 17585 8232 126976 0 0 syz-executor0 nmi_cpu_backtrace.cold.3+0x48/0x88 lib/nmi_backtrace.c:101 [ 8793] 0 8793 17585 8232 126976 0 0 syz-executor0 nmi_trigger_cpumask_backtrace+0x151/0x192 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:144 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:204 [inline] watchdog+0xb39/0x1040 kernel/hung_task.c:265 [ 8794] 0 8794 17585 8232 126976 0 0 syz-executor4 [ 8800] 0 8800 17618 8230 131072 0 0 syz-executor1 [ 8801] 0 8801 17585 8230 131072 0 0 syz-executor3 [ 8803] 0 8803 17618 8232 126976 0 0 syz-executor6 [ 8804] 0 8804 17618 8230 131072 0 0 syz-executor1 kthread+0x35a/0x420 kernel/kthread.c:246 [ 8809] 0 8809 17585 8230 131072 0 0 syz-executor3 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 1 to CPUs 0: [ 8813] 0 8813 17585 8228 126976 0 0 syz-executor7 NMI backtrace for cpu 0 CPU: 0 PID: 4700 Comm: syz-executor2 Not tainted 4.19.0-rc2-next-20180904+ #55 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:memcpy include/linux/string.h:345 [inline] RIP: 0010:vsnprintf+0x527/0x1b60 lib/vsprintf.c:2260 Code: 39 e8 7e 08 e8 ca 37 a9 fa 49 63 d5 48 89 95 68 ff ff ff e8 bb 37 a9 fa 48 8b 95 68 ff ff ff 4c 89 e6 48 89 df e8 39 4a e8 fa a4 37 a9 fa 4c 89 f0 4c 89 f2 48 b9 00 00 00 00 00 fc ff df 48 RSP: 0000:ffff880194f06628 EFLAGS: 00000006 RAX: ffff880194efe580 RBX: 0000000000000006 RCX: ffffffff86d39b60 RDX: 0000000000000000 RSI: ffffffff86d39e6f RDI: 0000000000000001 RBP: ffff880194f066f8 R08: ffff880194efe580 R09: fffffbfff1031440 R10: fffffbfff1031440 R11: ffffffff8818a203 R12: ffffffff872b8865 R13: 0000000000000000 R14: ffffffff872b886e R15: ffff880194f066d0 FS: 0000000001830940(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000455176 CR3: 0000000194ef3000 CR4: 00000000001406f0 Call Trace: snprintf+0xae/0xe0 lib/vsprintf.c:2431 print_time kernel/printk/printk.c:1223 [inline] print_prefix+0x38e/0x3f0 kernel/printk/printk.c:1248 msg_print_text+0x85/0x1c0 kernel/printk/printk.c:1271 console_unlock+0x71c/0x10d0 kernel/printk/printk.c:2381 vprintk_emit+0x33a/0x910 kernel/printk/printk.c:1926 vprintk_default+0x28/0x30 kernel/printk/printk.c:1967 vprintk_func+0x7a/0x117 kernel/printk/printk_safe.c:398 printk+0xa7/0xcf kernel/printk/printk.c:2000 dump_tasks mm/oom_kill.c:420 [inline] dump_header+0xf0d/0xf70 mm/oom_kill.c:450 oom_kill_process.cold.28+0x10/0x95a mm/oom_kill.c:953 out_of_memory+0xa88/0x1430 mm/oom_kill.c:1120 __alloc_pages_may_oom mm/page_alloc.c:3529 [inline] __alloc_pages_slowpath+0x223f/0x2cb0 mm/page_alloc.c:4242 __alloc_pages_nodemask+0xa1b/0xd10 mm/page_alloc.c:4397 __alloc_pages include/linux/gfp.h:473 [inline] __alloc_pages_node include/linux/gfp.h:486 [inline] kmem_getpages mm/slab.c:1409 [inline] cache_grow_begin+0x91/0x710 mm/slab.c:2677 fallback_alloc+0x203/0x2c0 mm/slab.c:3219 ____cache_alloc_node+0x1c7/0x1e0 mm/slab.c:3287 __do_cache_alloc mm/slab.c:3356 [inline] slab_alloc mm/slab.c:3384 [inline] kmem_cache_alloc+0x1e5/0x710 mm/slab.c:3552 getname_flags+0xd0/0x5a0 fs/namei.c:140 getname+0x19/0x20 fs/namei.c:211 do_sys_open+0x3a2/0x720 fs/open.c:1057 __do_sys_open fs/open.c:1081 [inline] __se_sys_open fs/open.c:1076 [inline] __x64_sys_open+0x7e/0xc0 fs/open.c:1076 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4551a0 Code: Bad RIP value. RSP: 002b:00007fff55624020 EFLAGS: 00000202 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 000000000183199b RCX: 00000000004551a0 RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007fff556251d0 RBP: 000000000000070b R08: 0000000000000001 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff556251d0 R13: 00000000000e0d16 R14: 0000000000000000 R15: badc0ffeebadface