FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 16) FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 16) FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 16) FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 16) FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 16) INFO: task syz-executor2:15613 blocked for more than 140 seconds. Not tainted 4.9.116-g0137ea2 #18 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor2 D27160 15613 3885 0x00000004 ffff88019bdbc800 0000000000000000 ffff8801d3974540 ffffffff84629800 ffff8801db221c18 ffff88019aa57650 ffffffff839ead0d dffffc0000000000 ffff8801d9c58c10 ffff88019aa57610 00ff88019bdbd0c0 ffff8801db2224e8 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] d_wait_lookup fs/dcache.c:2455 [inline] [] d_alloc_parallel+0xeb2/0x17c0 fs/dcache.c:2537 [] lookup_slow+0x19c/0x470 fs/namei.c:1650 [] walk_component+0x716/0x1bb0 fs/namei.c:1784 [] lookup_last fs/namei.c:2266 [inline] [] path_lookupat.isra.41+0x186/0x410 fs/namei.c:2283 [] filename_lookup.part.55+0x177/0x370 fs/namei.c:2317 [] filename_lookup fs/namei.c:2310 [inline] [] user_path_at_empty+0x53/0x70 fs/namei.c:2578 [] user_path_at include/linux/namei.h:55 [inline] [] vfs_fstatat+0xc6/0x170 fs/stat.c:106 [] vfs_stat fs/stat.c:123 [inline] [] SYSC_newstat+0x86/0xf0 fs/stat.c:270 [] SyS_newstat+0x1d/0x30 fs/stat.c:266 [] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/519: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/3759: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor2/15613: #0: (&type->i_mutex_dir_key#4){++++++}, at: [] inode_lock_shared include/linux/fs.h:776 [inline] #0: (&type->i_mutex_dir_key#4){++++++}, at: [] lookup_slow+0x141/0x470 fs/namei.c:1645 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 519 Comm: khungtaskd Not tainted 4.9.116-g0137ea2 #18 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d8597d08 ffffffff81eb46a9 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff810b9bd0 ffff8801d8597d40 ffffffff81ebf9a7 0000000000000000 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.2+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6b4/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 15612 Comm: syz-executor2 Not tainted 4.9.116-g0137ea2 #18 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff88019bdbe000 task.stack: ffff8801d3668000 RIP: 0010:[] c [] atomic_inc arch/x86/include/asm/atomic.h:91 [inline] RIP: 0010:[] c [] __lock_acquire+0x192/0x4070 kernel/locking/lockdep.c:3237 RSP: 0018:ffff8801db307ad0 EFLAGS: 00000002 RAX: ffffffff855891b0 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 1ffffffff0b793ed RSI: 0000000000000000 RDI: ffffffff85bc9f68 RBP: ffff8801db307c80 R08: 0000000000000001 R09: 0000000000000001 R10: ffff88019bdbe000 R11: 0000000000000001 R12: 0000000000000001 R13: 0000000000000000 R14: ffffffff85bc9f60 R15: 0000000000000000 FS: 00007feba7d25700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc7aa144000 CR3: 00000001cf5b7000 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: 0000000000001704c 00000063c2229487c ffffffff855891b0c 0000000041b58ab3c 0000000000002e47c ffff88019bdbe958c ffff88019bdbe8b8c ffff88019bdbe960c ffff88019bdbe8c0c ffff88019bdbe8c8c 1ffff1003b660f66c ffffffff855581f8c Call Trace: [] lock_acquire+0x130/0x3e0 kernel/locking/lockdep.c:3756 [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:112 [inline] [] _raw_spin_lock_irqsave+0x4e/0x62 kernel/locking/spinlock.c:159 [] debug_object_deactivate+0xf7/0x340 lib/debugobjects.c:475 [] debug_hrtimer_deactivate kernel/time/hrtimer.c:403 [inline] [] debug_deactivate kernel/time/hrtimer.c:450 [inline] [] __run_hrtimer kernel/time/hrtimer.c:1224 [inline] [] __hrtimer_run_queues+0x222/0xe50 kernel/time/hrtimer.c:1319 [] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353 [] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:935 [] smp_apic_timer_interrupt+0x7c/0xa0 arch/x86/kernel/apic/apic.c:959 [] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:648 d [] ? arch_local_irq_restore arch/x86/include/asm/paravirt.h:768 [inline] d [] ? __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:162 [inline] d [] ? _raw_spin_unlock_irqrestore+0x5f/0x70 kernel/locking/spinlock.c:191 [] spin_unlock_irqrestore include/linux/spinlock.h:362 [inline] [] prepare_to_wait_event+0x1d9/0x450 kernel/sched/wait.c:238 [] request_wait_answer+0x22e/0x6e0 fs/fuse/dev.c:459 [] __fuse_request_send+0x109/0x1b0 fs/fuse/dev.c:480 [] fuse_request_send+0x5d/0x70 fs/fuse/dev.c:493 [] fuse_simple_request+0x2f4/0x660 fs/fuse/dev.c:551 [] fuse_lookup_name+0x253/0x5d0 fs/fuse/dir.c:369 [] fuse_lookup+0xed/0x3a0 fs/fuse/dir.c:406 [] lookup_slow+0x23e/0x470 fs/namei.c:1668 [] walk_component+0x716/0x1bb0 fs/namei.c:1784 [] lookup_last fs/namei.c:2266 [inline] [] path_lookupat.isra.41+0x186/0x410 fs/namei.c:2283 [] filename_lookup.part.55+0x177/0x370 fs/namei.c:2317 [] filename_lookup fs/namei.c:2310 [inline] [] user_path_at_empty+0x53/0x70 fs/namei.c:2578 [] user_path_at include/linux/namei.h:55 [inline] [] vfs_fstatat+0xc6/0x170 fs/stat.c:106 [] vfs_stat fs/stat.c:123 [inline] [] SYSC_newstat+0x86/0xf0 fs/stat.c:270 [] SyS_newstat+0x1d/0x30 fs/stat.c:266 [] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: cff cff c8b c8c c24 c88 c00 c00 c00 c48 c85 cc0 c44 c8b c84 c24 c80 c00 c00 c00 c44 c8b c4c c24 c78 c4c c8b c54 c24 c70 c0f c84 c2c c08 c00 c00 cf0 cff c80 c98 c01 c00 c00 c<49> c8d cba cc0 c08 c00 c00 c48 cba c00 c00 c00 c00 c00 cfc cff cdf c48 c89 cfe c48 c