new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
INFO: task syz-executor.5:16047 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5  D29920 16047   8140 0x00000004
Call Trace:
hfs: invalid gid -1
hfs: unable to parse mount options
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
 iterate_supers+0xdb/0x290 fs/super.c:631
 ksys_sync+0x86/0x150 fs/sync.c:113
hfs: uid requires an argument
hfs: unable to parse mount options
 __ia32_sys_sync+0xa/0x10 fs/sync.c:124
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fafcb80a0c9
Code: Bad RIP value.
RSP: 002b:00007fafc9d7c168 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
hfs: invalid gid -1
RAX: ffffffffffffffda RBX: 00007fafcb929f80 RCX: 00007fafcb80a0c9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
hfs: unable to parse mount options
RBP: 00007fafcb865ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff6bb89eaf R14: 00007fafc9d7c300 R15: 0000000000022000

Showing all locks held in the system:
1 lock held by khungtaskd/1570:
new mount options do not match the existing superblock, will be ignored
 #0: 000000000f29a81d (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441
1 lock held by systemd-udevd/4696:
hfs: uid requires an argument
1 lock held by in:imklog/7781:
hfs: invalid gid -1
 #0: 000000001dfb533b (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767
new mount options do not match the existing superblock, will be ignored
hfs: unable to parse mount options
new mount options do not match the existing superblock, will be ignored
hfs: unable to parse mount options
new mount options do not match the existing superblock, will be ignored
2 locks held by kworker/u4:5/8821:
3 locks held by kworker/1:2/11393:
 #0: 00000000218556c6 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
 #1: 000000007eba3768 (key_gc_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
 #2: 000000002daa78f5 (rcu_preempt_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:297 [inline]
 #2: 000000002daa78f5 (rcu_preempt_state.exp_mutex){+.+.}, at: _synchronize_rcu_expedited+0x4dc/0x6f0 kernel/rcu/tree_exp.h:667
4 locks held by kworker/u4:0/21175:
 #0: 000000004e840e4f (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1826 [inline]
 #0: 000000004e840e4f (&rq->lock){-.-.}, at: __schedule+0x1f9/0x2040 kernel/sched/core.c:3455
 #1: 000000000f29a81d (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline]
 #1: 000000000f29a81d (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857
 #2: 000000001a1967c0 (&wdev->mtx){+.+.}, at: sdata_lock net/mac80211/ieee80211_i.h:977 [inline]
 #2: 000000001a1967c0 (&wdev->mtx){+.+.}, at: ieee80211_ibss_work+0x85/0xe10 net/mac80211/ibss.c:1675
 #3: 000000000f29a81d (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline]
 #3: 000000000f29a81d (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857
2 locks held by kworker/1:4/18417:
 #0: 00000000f610076c ((wq_completion)"rcu_gp"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
 #1: 00000000f68d681f ((work_completion)(&rew.rew_work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
1 lock held by syz-executor.0/12036:
 #0: 0000000023972783 (&type->s_umount_key#50/1){+.+.}, at: alloc_super fs/super.c:226 [inline]
 #0: 0000000023972783 (&type->s_umount_key#50/1){+.+.}, at: sget_userns+0x20b/0xcd0 fs/super.c:519
1 lock held by syz-executor.0/12123:
 #0: 000000002daa78f5 (rcu_preempt_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline]
 #0: 000000002daa78f5 (rcu_preempt_state.exp_mutex){+.+.}, at: _synchronize_rcu_expedited+0x256/0x6f0 kernel/rcu/tree_exp.h:667
hfs: invalid gid -1
1 lock held by syz-executor.5/16047:
hfs: uid requires an argument
 #0: 0000000023972783 (&type->s_umount_key#52){++++}, at: iterate_supers+0xdb/0x290 fs/super.c:631
hfs: unable to parse mount options
1 lock held by syz-executor.1/23657:
hfs: unable to parse mount options
1 lock held by syz-executor.3/23661:
 #0: 000000004e840e4f (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1826 [inline]
 #0: 000000004e840e4f (&rq->lock){-.-.}, at: __schedule+0x1f9/0x2040 kernel/sched/core.c:3455
2 locks held by syz-executor.3/23666:
 #0: 00000000276d2aad (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1826 [inline]
 #0: 00000000276d2aad (&rq->lock){-.-.}, at: __schedule+0x1f9/0x2040 kernel/sched/core.c:3455
 #1: 000000000f29a81d (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline]
 #1: 000000000f29a81d (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857
1 lock held by syz-executor.3/23668:
 #0: 00000000c08acd02 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1570 Comm: khungtaskd Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
 watchdog+0x991/0xe60 kernel/hung_task.c:287
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 23672 Comm: syz-executor.0 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:__debug_check_no_obj_freed lib/debugobjects.c:779 [inline]
RIP: 0010:debug_check_no_obj_freed+0x101/0x490 lib/debugobjects.c:817
Code: 00 00 49 bc 00 02 00 00 00 00 ad de 4c 89 c0 31 ed 48 c1 e8 03 42 80 3c 38 00 0f 85 dd 00 00 00 49 8d 78 18 83 c5 01 4d 8b 30 <48> 89 f8 48 c1 e8 03 42 80 3c 38 00 0f 85 65 02 00 00 4d 8b 48 18
RSP: 0018:ffff888027f0f998 EFLAGS: 00000002
RAX: 1ffff11013a02596 RBX: 0000000000000000 RCX: ffffffff814bdebb
RDX: 1ffffffff1a89c1b RSI: 0000000000000004 RDI: ffff88809d012cc8
RBP: 0000000000000001 R08: ffff88809d012cb0 R09: fffffbfff1a89c19
R10: ffffffff8d44e0cb R11: 0000000000000000 R12: dead000000000200
R13: ffff888036c14000 R14: ffff8880939600e0 R15: dffffc0000000000
FS:  0000555556b00400(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffce93d1040 CR3: 000000009b75a000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 free_pages_prepare mm/page_alloc.c:1056 [inline]
 __free_pages_ok+0x22d/0xd30 mm/page_alloc.c:1279
 slab_destroy mm/slab.c:1713 [inline]
 slabs_destroy+0x90/0xd0 mm/slab.c:1729
 cache_flusharray mm/slab.c:3490 [inline]
 ___cache_free+0x295/0x3a0 mm/slab.c:3532
 qlink_free mm/kasan/quarantine.c:147 [inline]
 qlist_free_all+0x79/0x140 mm/kasan/quarantine.c:166
 quarantine_reduce+0x1a9/0x230 mm/kasan/quarantine.c:259
 kasan_kmalloc+0xa2/0x160 mm/kasan/kasan.c:538
 slab_post_alloc_hook mm/slab.h:445 [inline]
 slab_alloc mm/slab.c:3397 [inline]
 kmem_cache_alloc+0x110/0x370 mm/slab.c:3557
 getname_flags+0xce/0x590 fs/namei.c:140
 getname fs/namei.c:211 [inline]
 do_symlinkat+0x86/0x2c0 fs/namei.c:4145
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f57810d0a07
Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffce93d0f78 EFLAGS: 00000202 ORIG_RAX: 000000000000010a
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f57810d0a07
RDX: 00007f578112cb8a RSI: 00000000ffffff9c RDI: 00007f578112b713
RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffce93d09f0
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffce93d1040