Extracting prog: 10m21.526581233s
Minimizing prog: 32m36.761553699s
Simplifying prog options: 19m26.168729589s
Extracting C: 6m56.761959772s
Simplifying C: 0s
extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program crashed: INFO: task hung in block_read_full_folio
program crashed: INFO: task hung in block_read_full_folio
single: successfully extracted reproducer
found reproducer with 2 syscalls
minimizing guilty program
testing program (duration=7m42.451273245s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
program crashed: lost connection to test machine
suppressed program crash: lost connection to test machine
testing program (duration=7m42.451273245s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdir
detailed listing:
executing program 0:
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program did not crash
testing program (duration=7m42.451273245s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(0x0, 0x0)
program did not crash
testing program (duration=7m42.451273245s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0\x00', 0x0)
program did not crash
extracting C reproducer
testing compiled C program (duration=7m42.451273245s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
simplifying guilty program options
testing program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program crashed: INFO: task hung in block_read_full_folio
extracting C reproducer
testing compiled C program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program did not crash
testing program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program crashed: INFO: task hung in block_read_full_folio
validation run: crashed=true
testing program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program crashed: INFO: task hung in block_read_full_folio
validation run: crashed=true
testing program (duration=7m42.451273245s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mkdir
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@block_validity}, {}, {@usrjquota}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
mkdir(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
program crashed: INFO: task hung in block_read_full_folio
validation run: crashed=true
reproducing took 1h24m38.857362531s
repro crashed as (corrupted=false):
INFO: task udevd:5869 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:udevd state:D stack:24576 pid:5869 tgid:5869 ppid:5160 task_flags:0x400140 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x14fb/0x52c0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
io_schedule+0x80/0xe0 kernel/sched/core.c:7831
bit_wait_io+0x11/0xd0 kernel/sched/wait_bit.c:250
__wait_on_bit_lock+0xe3/0x4b0 kernel/sched/wait_bit.c:93
out_of_line_wait_on_bit_lock+0x13b/0x190 kernel/sched/wait_bit.c:120
wait_on_bit_lock_io include/linux/wait_bit.h:221 [inline]
__lock_buffer fs/buffer.c:72 [inline]
lock_buffer include/linux/buffer_head.h:432 [inline]
block_read_full_folio+0x38f/0x830 fs/buffer.c:2436
filemap_read_folio+0x137/0x3b0 mm/filemap.c:2496
filemap_update_page mm/filemap.c:2583 [inline]
filemap_get_pages+0x16de/0x1ea0 mm/filemap.c:2713
filemap_read+0x44a/0x1240 mm/filemap.c:2800
blkdev_read_iter+0x311/0x440 block/fops.c:855
new_sync_read fs/read_write.c:493 [inline]
vfs_read+0x58b/0xa80 fs/read_write.c:574
ksys_read+0x156/0x270 fs/read_write.c:717
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f846a451407
RSP: 002b:00007ffe618cc880 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f846a363880 RCX: 00007f846a451407
RDX: 0000000000000200 RSI: 00007f8469a16000 RDI: 0000000000000009
RBP: 0000556ae3759050 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000018
R13: 0000000000001000 R14: 0000556ae3760e18 R15: 00007f846aba739c
INFO: task syz.3.285:6712 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.285 state:D stack:25664 pid:6712 tgid:6712 ppid:5941 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x14fb/0x52c0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
io_schedule+0x80/0xe0 kernel/sched/core.c:7831
folio_wait_bit_common+0x6dd/0xbc0 mm/filemap.c:1323
folio_lock include/linux/pagemap.h:1170 [inline]
__find_get_block_slow fs/buffer.c:206 [inline]
find_get_block_common+0x34f/0xe10 fs/buffer.c:1405
bdev_getblk+0x53/0x6e0 include/linux/gfp.h:-1
__getblk include/linux/buffer_head.h:380 [inline]
sb_getblk include/linux/buffer_head.h:386 [inline]
__ext4_get_inode_loc+0x7d8/0xfa0 fs/ext4/inode.c:4812
ext4_get_inode_loc fs/ext4/inode.c:4915 [inline]
ext4_reserve_inode_write+0x18b/0x360 fs/ext4/inode.c:6235
ext4_xattr_set_handle+0x537/0x14c0 fs/ext4/xattr.c:2397
ext4_initxattrs+0x9f/0x110 fs/ext4/xattr_security.c:44
security_inode_init_security+0x296/0x3d0 security/security.c:1344
__ext4_new_inode+0x332f/0x3d20 fs/ext4/ialloc.c:1324
ext4_mkdir+0x3da/0xbf0 fs/ext4/namei.c:3005
vfs_mkdir+0x40b/0x630 fs/namei.c:5233
filename_mkdirat+0x289/0x520 fs/namei.c:5266
__do_sys_mkdir fs/namei.c:5293 [inline]
__se_sys_mkdir+0x34/0x150 fs/namei.c:5290
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3427c5c799
RSP: 002b:00007ffc3059b9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 00007f3427ed5fa0 RCX: 00007f3427c5c799
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000680
RBP: 00007f3427cf2bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f3427ed5fac R14: 00007f3427ed5fa0 R15: 00007f3427ed5fa0
Showing all locks held in the system:
1 lock held by khungtaskd/38:
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
3 locks held by kworker/u8:5/69:
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
#1: ffffc9000154fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
#1: ffffc9000154fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
#2: ffff88801b2800d0 (&type->s_umount_key#43){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
3 locks held by kworker/u8:11/4501:
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
#1: ffffc9001033fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
#1: ffffc9001033fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
#2: ffff88801b2800d0 (&type->s_umount_key#43){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
2 locks held by udevd/5160:
2 locks held by getty/5552:
#0: ffff8880370060a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0 drivers/tty/n_tty.c:2211
3 locks held by kworker/1:3/5827:
2 locks held by udevd/5869:
#0: ffff88802259eea8 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:1043 [inline]
#0: ffff88802259eea8 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: blkdev_read_iter+0x2ff/0x440 block/fops.c:854
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:1093 [inline]
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_update_page mm/filemap.c:2549 [inline]
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_get_pages+0x931/0x1ea0 mm/filemap.c:2713
2 locks held by udevd/5873:
#0: ffff88802259fb68 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:1043 [inline]
#0: ffff88802259fb68 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: blkdev_read_iter+0x2ff/0x440 block/fops.c:854
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:1093 [inline]
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_update_page mm/filemap.c:2549 [inline]
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_get_pages+0x931/0x1ea0 mm/filemap.c:2713
3 locks held by syz-executor/5938:
1 lock held by syz-executor/5945:
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: __super_lock_excl fs/super.c:73 [inline]
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: deactivate_super+0xa9/0xe0 fs/super.c:508
3 locks held by syz.3.285/6712:
#0: ffff888039ede480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:493
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1073 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: __start_dirop fs/namei.c:2923 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: start_dirop fs/namei.c:2934 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x200/0x370 fs/namei.c:4922
#2: ffff8880445b53d8 (&ei->xattr_sem){++++}-{4:4}, at: ext4_write_lock_xattr fs/ext4/xattr.h:157 [inline]
#2: ffff8880445b53d8 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0 fs/ext4/xattr.c:2372
3 locks held by syz.2.553/7363:
#0: ffff88803934c480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:493
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1073 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: __start_dirop fs/namei.c:2923 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: start_dirop fs/namei.c:2934 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x200/0x370 fs/namei.c:4922
#2: ffff88805db13038 (&ei->xattr_sem){++++}-{4:4}, at: ext4_write_lock_xattr fs/ext4/xattr.h:157 [inline]
#2: ffff88805db13038 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0 fs/ext4/xattr.c:2372
1 lock held by udevd/7749:
1 lock held by kmmpd-loop4/10407:
#0: ffff888033bdc480 (sb_writers#4){.+.+}-{0:0}, at: kmmpd+0x79f/0xa70 fs/ext4/mmp.c:242
1 lock held by syz.0.1827/10418:
=============================================
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x135/0x170 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xfd9/0x1030 kernel/hung_task.c:515
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5827 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: events_power_efficient wg_ratelimiter_gc_entries
RIP: 0010:reacquire_held_locks+0x153/0x190 kernel/locking/lockdep.c:5405
Code: 90 e8 21 62 f9 02 85 c0 74 1c 83 3d 3a bf c9 0d 00 75 13 48 8d 3d 3d d5 cc 0d 48 c7 c6 0a 93 73 8d 67 48 0f b9 3a 90 31 c0 5b <41> 5c 41 5e 41 5f 5d e9 51 16 85 09 cc 49 89 ff 48 c7 c7 70 ab c9
RSP: 0018:ffffc900049079e0 EFLAGS: 00000046
RAX: 0000000000000000 RBX: 0000000000000287 RCX: 0000000000000000
RDX: 00000000c2613405 RSI: 00000000c5d8f140 RDI: ffff888034601e40
RBP: 00000000ffffffff R08: ffffffff8b242250 R09: ffffffff8ddcd780
R10: 0000000000000000 R11: fffffbfff1ed4517 R12: 0000000000000003
R13: 0000000000000003 R14: ffff888034602a7c R15: 00000000ffffffff
FS: 0000000000000000(0000) GS:ffff888126443000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fda1c0f56b8 CR3: 0000000032f90000 CR4: 00000000003526f0
Call Trace:
__lock_release kernel/locking/lockdep.c:5574 [inline]
lock_release+0x199/0x3d0 kernel/locking/lockdep.c:5889
rt_spin_unlock+0x29/0x200 kernel/locking/spinlock_rt.c:80
spin_unlock include/linux/spinlock_rt.h:109 [inline]
wg_ratelimiter_gc_entries+0x3a8/0x480 drivers/net/wireguard/ratelimiter.c:76
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
final repro crashed as (corrupted=false):
INFO: task udevd:5869 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:udevd state:D stack:24576 pid:5869 tgid:5869 ppid:5160 task_flags:0x400140 flags:0x00080000
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x14fb/0x52c0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
io_schedule+0x80/0xe0 kernel/sched/core.c:7831
bit_wait_io+0x11/0xd0 kernel/sched/wait_bit.c:250
__wait_on_bit_lock+0xe3/0x4b0 kernel/sched/wait_bit.c:93
out_of_line_wait_on_bit_lock+0x13b/0x190 kernel/sched/wait_bit.c:120
wait_on_bit_lock_io include/linux/wait_bit.h:221 [inline]
__lock_buffer fs/buffer.c:72 [inline]
lock_buffer include/linux/buffer_head.h:432 [inline]
block_read_full_folio+0x38f/0x830 fs/buffer.c:2436
filemap_read_folio+0x137/0x3b0 mm/filemap.c:2496
filemap_update_page mm/filemap.c:2583 [inline]
filemap_get_pages+0x16de/0x1ea0 mm/filemap.c:2713
filemap_read+0x44a/0x1240 mm/filemap.c:2800
blkdev_read_iter+0x311/0x440 block/fops.c:855
new_sync_read fs/read_write.c:493 [inline]
vfs_read+0x58b/0xa80 fs/read_write.c:574
ksys_read+0x156/0x270 fs/read_write.c:717
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f846a451407
RSP: 002b:00007ffe618cc880 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 00007f846a363880 RCX: 00007f846a451407
RDX: 0000000000000200 RSI: 00007f8469a16000 RDI: 0000000000000009
RBP: 0000556ae3759050 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000018
R13: 0000000000001000 R14: 0000556ae3760e18 R15: 00007f846aba739c
INFO: task syz.3.285:6712 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.285 state:D stack:25664 pid:6712 tgid:6712 ppid:5941 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x14fb/0x52c0 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
io_schedule+0x80/0xe0 kernel/sched/core.c:7831
folio_wait_bit_common+0x6dd/0xbc0 mm/filemap.c:1323
folio_lock include/linux/pagemap.h:1170 [inline]
__find_get_block_slow fs/buffer.c:206 [inline]
find_get_block_common+0x34f/0xe10 fs/buffer.c:1405
bdev_getblk+0x53/0x6e0 include/linux/gfp.h:-1
__getblk include/linux/buffer_head.h:380 [inline]
sb_getblk include/linux/buffer_head.h:386 [inline]
__ext4_get_inode_loc+0x7d8/0xfa0 fs/ext4/inode.c:4812
ext4_get_inode_loc fs/ext4/inode.c:4915 [inline]
ext4_reserve_inode_write+0x18b/0x360 fs/ext4/inode.c:6235
ext4_xattr_set_handle+0x537/0x14c0 fs/ext4/xattr.c:2397
ext4_initxattrs+0x9f/0x110 fs/ext4/xattr_security.c:44
security_inode_init_security+0x296/0x3d0 security/security.c:1344
__ext4_new_inode+0x332f/0x3d20 fs/ext4/ialloc.c:1324
ext4_mkdir+0x3da/0xbf0 fs/ext4/namei.c:3005
vfs_mkdir+0x40b/0x630 fs/namei.c:5233
filename_mkdirat+0x289/0x520 fs/namei.c:5266
__do_sys_mkdir fs/namei.c:5293 [inline]
__se_sys_mkdir+0x34/0x150 fs/namei.c:5290
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3427c5c799
RSP: 002b:00007ffc3059b9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 00007f3427ed5fa0 RCX: 00007f3427c5c799
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000680
RBP: 00007f3427cf2bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f3427ed5fac R14: 00007f3427ed5fa0 R15: 00007f3427ed5fa0
Showing all locks held in the system:
1 lock held by khungtaskd/38:
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#0: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
3 locks held by kworker/u8:5/69:
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
#1: ffffc9000154fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
#1: ffffc9000154fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
#2: ffff88801b2800d0 (&type->s_umount_key#43){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
3 locks held by kworker/u8:11/4501:
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
#0: ffff88801eeb7938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
#1: ffffc9001033fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
#1: ffffc9001033fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
#2: ffff88801b2800d0 (&type->s_umount_key#43){.+.+}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
2 locks held by udevd/5160:
2 locks held by getty/5552:
#0: ffff8880370060a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0 drivers/tty/n_tty.c:2211
3 locks held by kworker/1:3/5827:
2 locks held by udevd/5869:
#0: ffff88802259eea8 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:1043 [inline]
#0: ffff88802259eea8 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: blkdev_read_iter+0x2ff/0x440 block/fops.c:854
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:1093 [inline]
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_update_page mm/filemap.c:2549 [inline]
#1: ffff88802259f078 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_get_pages+0x931/0x1ea0 mm/filemap.c:2713
2 locks held by udevd/5873:
#0: ffff88802259fb68 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:1043 [inline]
#0: ffff88802259fb68 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: blkdev_read_iter+0x2ff/0x440 block/fops.c:854
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:1093 [inline]
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_update_page mm/filemap.c:2549 [inline]
#1: ffff88802259fd38 (mapping.invalidate_lock){++++}-{4:4}, at: filemap_get_pages+0x931/0x1ea0 mm/filemap.c:2713
3 locks held by syz-executor/5938:
1 lock held by syz-executor/5945:
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: __super_lock_excl fs/super.c:73 [inline]
#0: ffff888033bdc0d0 (&type->s_umount_key#32){++++}-{4:4}, at: deactivate_super+0xa9/0xe0 fs/super.c:508
3 locks held by syz.3.285/6712:
#0: ffff888039ede480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:493
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1073 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: __start_dirop fs/namei.c:2923 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: start_dirop fs/namei.c:2934 [inline]
#1: ffff88805db663b0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x200/0x370 fs/namei.c:4922
#2: ffff8880445b53d8 (&ei->xattr_sem){++++}-{4:4}, at: ext4_write_lock_xattr fs/ext4/xattr.h:157 [inline]
#2: ffff8880445b53d8 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0 fs/ext4/xattr.c:2372
3 locks held by syz.2.553/7363:
#0: ffff88803934c480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:493
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1073 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: __start_dirop fs/namei.c:2923 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: start_dirop fs/namei.c:2934 [inline]
#1: ffff88805db14bf0 (&type->i_mutex_dir_key#3/1){+.+.}-{4:4}, at: filename_create+0x200/0x370 fs/namei.c:4922
#2: ffff88805db13038 (&ei->xattr_sem){++++}-{4:4}, at: ext4_write_lock_xattr fs/ext4/xattr.h:157 [inline]
#2: ffff88805db13038 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0 fs/ext4/xattr.c:2372
1 lock held by udevd/7749:
1 lock held by kmmpd-loop4/10407:
#0: ffff888033bdc480 (sb_writers#4){.+.+}-{0:0}, at: kmmpd+0x79f/0xa70 fs/ext4/mmp.c:242
1 lock held by syz.0.1827/10418:
=============================================
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x135/0x170 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xfd9/0x1030 kernel/hung_task.c:515
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5827 Comm: kworker/1:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: events_power_efficient wg_ratelimiter_gc_entries
RIP: 0010:reacquire_held_locks+0x153/0x190 kernel/locking/lockdep.c:5405
Code: 90 e8 21 62 f9 02 85 c0 74 1c 83 3d 3a bf c9 0d 00 75 13 48 8d 3d 3d d5 cc 0d 48 c7 c6 0a 93 73 8d 67 48 0f b9 3a 90 31 c0 5b <41> 5c 41 5e 41 5f 5d e9 51 16 85 09 cc 49 89 ff 48 c7 c7 70 ab c9
RSP: 0018:ffffc900049079e0 EFLAGS: 00000046
RAX: 0000000000000000 RBX: 0000000000000287 RCX: 0000000000000000
RDX: 00000000c2613405 RSI: 00000000c5d8f140 RDI: ffff888034601e40
RBP: 00000000ffffffff R08: ffffffff8b242250 R09: ffffffff8ddcd780
R10: 0000000000000000 R11: fffffbfff1ed4517 R12: 0000000000000003
R13: 0000000000000003 R14: ffff888034602a7c R15: 00000000ffffffff
FS: 0000000000000000(0000) GS:ffff888126443000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fda1c0f56b8 CR3: 0000000032f90000 CR4: 00000000003526f0
Call Trace:
__lock_release kernel/locking/lockdep.c:5574 [inline]
lock_release+0x199/0x3d0 kernel/locking/lockdep.c:5889
rt_spin_unlock+0x29/0x200 kernel/locking/spinlock_rt.c:80
spin_unlock include/linux/spinlock_rt.h:109 [inline]
wg_ratelimiter_gc_entries+0x3a8/0x480 drivers/net/wireguard/ratelimiter.c:76
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245