./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1124263931 <...> Warning: Permanently added '10.128.1.117' (ED25519) to the list of known hosts. execve("./syz-executor1124263931", ["./syz-executor1124263931"], 0x7ffd89477460 /* 10 vars */) = 0 brk(NULL) = 0x555555990000 brk(0x555555990d00) = 0x555555990d00 arch_prctl(ARCH_SET_FS, 0x555555990380) = 0 set_tid_address(0x555555990650) = 5056 set_robust_list(0x555555990660, 24) = 0 rseq(0x555555990ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1124263931", 4096) = 28 getrandom("\x71\xa9\xa9\x6c\x1b\x32\x20\xb8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555990d00 brk(0x5555559b1d00) = 0x5555559b1d00 brk(0x5555559b2000) = 0x5555559b2000 mprotect(0x7f9035b55000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555990650) = 5057 ./strace-static-x86_64: Process 5057 attached [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5057] set_robust_list(0x555555990660, 24) = 0 ./strace-static-x86_64: Process 5058 attached [pid 5057] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5056] <... clone resumed>, child_tidptr=0x555555990650) = 5058 [pid 5058] set_robust_list(0x555555990660, 24./strace-static-x86_64: Process 5059 attached [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5057] <... clone resumed>, child_tidptr=0x555555990650) = 5059 ./strace-static-x86_64: Process 5060 attached [pid 5059] set_robust_list(0x555555990660, 24 [pid 5058] <... set_robust_list resumed>) = 0 [pid 5056] <... clone resumed>, child_tidptr=0x555555990650) = 5060 [pid 5060] set_robust_list(0x555555990660, 24 [pid 5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] <... set_robust_list resumed>) = 0 [pid 5059] <... set_robust_list resumed>) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached ./strace-static-x86_64: Process 5061 attached [pid 5056] <... clone resumed>, child_tidptr=0x555555990650) = 5062 [pid 5059] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5058] <... clone resumed>, child_tidptr=0x555555990650) = 5061 [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] set_robust_list(0x555555990660, 24./strace-static-x86_64: Process 5063 attached [pid 5061] set_robust_list(0x555555990660, 24 [pid 5059] <... prctl resumed>) = 0 [pid 5063] set_robust_list(0x555555990660, 24 [pid 5061] <... set_robust_list resumed>) = 0 [pid 5060] <... clone resumed>, child_tidptr=0x555555990650) = 5063 [pid 5059] setpgid(0, 0./strace-static-x86_64: Process 5064 attached [pid 5063] <... set_robust_list resumed>) = 0 [pid 5062] <... set_robust_list resumed>) = 0 [pid 5061] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5059] <... setpgid resumed>) = 0 [pid 5056] <... clone resumed>, child_tidptr=0x555555990650) = 5064 [pid 5064] set_robust_list(0x555555990660, 24 [pid 5063] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... prctl resumed>) = 0 [pid 5061] <... prctl resumed>) = 0 [pid 5059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... set_robust_list resumed>) = 0 [pid 5063] setpgid(0, 0 [pid 5061] setpgid(0, 0) = 0 [pid 5063] <... setpgid resumed>) = 0 [pid 5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5059] <... openat resumed>) = 3 [pid 5061] <... openat resumed>) = 3 [pid 5063] <... openat resumed>) = 3 [pid 5063] write(3, "1000", 4 [pid 5061] write(3, "1000", 4 [pid 5063] <... write resumed>) = 4 [pid 5061] <... write resumed>) = 4 [pid 5059] write(3, "1000", 4 [pid 5063] close(3 [pid 5061] close(3 [pid 5063] <... close resumed>) = 0 [pid 5061] <... close resumed>) = 0 [pid 5059] <... write resumed>) = 4 [pid 5063] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5061] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5059] close(3./strace-static-x86_64: Process 5065 attached ./strace-static-x86_64: Process 5067 attached ./strace-static-x86_64: Process 5066 attached [pid 5056] <... clone resumed>, child_tidptr=0x555555990650) = 5066 [pid 5059] <... close resumed>) = 0 [pid 5065] set_robust_list(0x555555990660, 24 [pid 5067] set_robust_list(0x555555990660, 24 [pid 5066] set_robust_list(0x555555990660, 24 [pid 5064] <... clone resumed>, child_tidptr=0x555555990650) = 5067 [pid 5063] <... openat resumed>) = 3 [pid 5062] <... clone resumed>, child_tidptr=0x555555990650) = 5065 [pid 5061] <... openat resumed>) = 3 [pid 5059] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5065] <... set_robust_list resumed>) = 0 [pid 5067] <... set_robust_list resumed>) = 0 [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... set_robust_list resumed>) = 0 [pid 5063] dup(3 [pid 5061] dup(3 [pid 5059] <... openat resumed>) = 3 [pid 5065] <... prctl resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] <... dup resumed>) = 4 [pid 5061] <... dup resumed>) = 4 [pid 5065] setpgid(0, 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5063] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5061] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5059] dup(3 [pid 5065] <... setpgid resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5059] <... dup resumed>) = 4 [pid 5067] <... prctl resumed>) = 0 [pid 5059] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5065] <... openat resumed>) = 3 [pid 5067] setpgid(0, 0 [pid 5065] write(3, "1000", 4) = 4 [pid 5067] <... setpgid resumed>) = 0 [pid 5065] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5065] dup(3 [pid 5067] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5068 attached [pid 5065] <... dup resumed>) = 4 [pid 5065] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5068] set_robust_list(0x555555990660, 24 [pid 5067] write(3, "1000", 4 [pid 5066] <... clone resumed>, child_tidptr=0x555555990650) = 5068 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5067] <... write resumed>) = 4 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5067] close(3 [pid 5068] <... prctl resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5068] setpgid(0, 0) = 0 [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... openat resumed>) = 3 [pid 5067] dup(3) = 4 [pid 5067] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5068] <... openat resumed>) = 3 [pid 5068] write(3, "1000", 4) = 4 [pid 5068] close(3) = 0 [pid 5068] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5068] dup(3) = 4 [pid 5068] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5057] kill(-5059, SIGKILL) = 0 [pid 5057] kill(5059, SIGKILL) = 0 [pid 5060] kill(-5063, SIGKILL [pid 5058] kill(-5061, SIGKILL [pid 5060] <... kill resumed>) = 0 [pid 5060] kill(5063, SIGKILL [pid 5058] <... kill resumed>) = 0 [pid 5060] <... kill resumed>) = 0 [pid 5058] kill(5061, SIGKILL) = 0 [pid 5064] kill(-5067, SIGKILL) = 0 [pid 5064] kill(5067, SIGKILL) = 0 [pid 5062] kill(-5065, SIGKILL) = 0 [pid 5062] kill(5065, SIGKILL) = 0 [pid 5066] kill(-5068, SIGKILL) = 0 [pid 5066] kill(5068, SIGKILL) = 0 [pid 5060] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5058] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5062] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5066] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5064] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5060] <... openat resumed>) = 3 [pid 5060] newfstatat(3, "", [pid 5064] <... openat resumed>) = 3 [pid 5064] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(3, [pid 5060] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5064] <... getdents64 resumed>0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(3, [pid 5060] getdents64(3, [pid 5064] <... getdents64 resumed>0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5060] <... getdents64 resumed>0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5064] close(3 [pid 5060] getdents64(3, [pid 5064] <... close resumed>) = 0 [pid 5060] <... getdents64 resumed>0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5060] close(3) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5066] newfstatat(3, "", [pid 5062] <... openat resumed>) = 3 [pid 5058] <... openat resumed>) = 3 [pid 5066] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5062] newfstatat(3, "", [pid 5066] getdents64(3, [pid 5062] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5058] newfstatat(3, "", [pid 5066] <... getdents64 resumed>0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5062] getdents64(3, [pid 5058] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5066] getdents64(3, [pid 5062] <... getdents64 resumed>0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5066] <... getdents64 resumed>0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5062] getdents64(3, [pid 5058] getdents64(3, [pid 5066] close(3 [pid 5062] <... getdents64 resumed>0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5066] <... close resumed>) = 0 [pid 5062] close(3) = 0 [pid 5058] <... getdents64 resumed>0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5058] getdents64(3, [pid 5057] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5058] <... getdents64 resumed>0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5057] <... openat resumed>) = 3 [pid 5058] close(3 [pid 5057] newfstatat(3, "", [pid 5058] <... close resumed>) = 0 [pid 5057] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5057] getdents64(3, 0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5057] getdents64(3, 0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5057] close(3) = 0 [ 87.370500][ T782] cfg80211: failed to load regulatory.db [pid 5063] <... fallocate resumed>) = ? [pid 5063] +++ killed by SIGKILL +++ [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5063, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=6187 /* 61.87 s */} --- [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached , child_tidptr=0x555555990650) = 5085 [pid 5085] set_robust_list(0x555555990660, 24) = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5085] dup(3) = 4 [pid 5085] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5060] kill(-5085, SIGKILL) = 0 [pid 5060] kill(5085, SIGKILL) = 0 [pid 5060] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5060] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5060] getdents64(3, 0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5060] getdents64(3, 0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5060] close(3) = 0 [pid 5061] <... fallocate resumed>) = ? [pid 5061] +++ killed by SIGKILL +++ [pid 5058] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5061, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=6086 /* 60.86 s */} --- [pid 5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5086 attached [pid 5086] set_robust_list(0x555555990660, 24 [pid 5058] <... clone resumed>, child_tidptr=0x555555990650) = 5086 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setpgid(0, 0) = 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5086] dup(3) = 4 [pid 5086] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5058] kill(-5086, SIGKILL) = 0 [pid 5058] kill(5086, SIGKILL) = 0 [pid 5058] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5058] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5058] getdents64(3, 0x5555559916f0 /* 2 entries */, 32768) = 48 [pid 5058] getdents64(3, 0x5555559916f0 /* 0 entries */, 32768) = 0 [pid 5058] close(3) = 0 [ 287.010463][ T29] INFO: task syz-executor112:5067 blocked for more than 143 seconds. [ 287.018647][ T29] Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.025771][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.035639][ T29] task:syz-executor112 state:D stack:28120 pid:5067 tgid:5067 ppid:5064 flags:0x00004006 [ 287.047436][ T29] Call Trace: [ 287.052271][ T29] [ 287.056245][ T29] __schedule+0xf15/0x5c80 [ 287.062058][ T29] ? rcu_is_watching+0x12/0xb0 [ 287.068421][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.075294][ T29] ? lock_release+0x4c8/0x6a0 [ 287.088651][ T29] ? schedule+0x1fa/0x270 [ 287.093101][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.098513][ T29] ? __down_write_common+0x89d/0x13f0 [ 287.104251][ T29] ? do_raw_spin_lock+0x12d/0x2b0 [ 287.109304][ T29] ? spin_bug+0x1c0/0x1c0 [ 287.113721][ T29] schedule+0xe7/0x270 [ 287.117862][ T29] schedule_preempt_disabled+0x13/0x20 [ 287.124045][ T29] __down_write_common+0x94c/0x13f0 [ 287.129545][ T29] ? aa_file_perm+0x4f2/0x1000 [ 287.134646][ T29] ? up_write+0x510/0x510 [ 287.139267][ T29] ? rcu_is_watching+0x12/0xb0 [ 287.144480][ T29] ? lock_acquire+0x477/0x530 [ 287.149452][ T29] ? lock_sync+0x190/0x190 [ 287.153964][ T29] ? ptrace_stop.part.0+0x722/0x930 [ 287.159448][ T29] ? preempt_count_sub+0x160/0x160 [ 287.165253][ T29] ? trace_irq_enable.constprop.0+0xe0/0x110 [ 287.171609][ T29] blkdev_fallocate+0x1e9/0x450 [ 287.176497][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 287.181568][ T29] vfs_fallocate+0x4b4/0xf70 [ 287.186269][ T29] __x64_sys_fallocate+0xd5/0x140 [ 287.191639][ T29] do_syscall_64+0x40/0x110 [ 287.196459][ T29] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 287.202679][ T29] RIP: 0033:0x7f9035ae2b29 [ 287.207399][ T29] RSP: 002b:00007ffff69f6728 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.216241][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9035ae2b29 [ 287.224986][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.233327][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.241621][ T29] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 287.250345][ T29] R13: 00007ffff69f6948 R14: 00007ffff69f6750 R15: 00007ffff69f6740 [ 287.258354][ T29] [ 287.261454][ T29] INFO: task syz-executor112:5065 blocked for more than 143 seconds. [ 287.269812][ T29] Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.277218][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.286262][ T29] task:syz-executor112 state:D stack:28848 pid:5065 tgid:5065 ppid:5062 flags:0x00004006 [ 287.296756][ T29] Call Trace: [ 287.306366][ T29] [ 287.309347][ T29] __schedule+0xf15/0x5c80 [ 287.314804][ T29] ? xfd_validate_state+0x5d/0x180 [ 287.321073][ T29] ? trace_irq_enable.constprop.0+0xe0/0x110 [ 287.328133][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.333821][ T29] ? lock_release+0x4c8/0x6a0 [ 287.338522][ T29] ? schedule+0x1fa/0x270 [ 287.342942][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.348341][ T29] ? __down_write_common+0x89d/0x13f0 [ 287.354688][ T29] ? do_raw_spin_lock+0x12d/0x2b0 [ 287.360044][ T29] ? spin_bug+0x1c0/0x1c0 [ 287.364878][ T29] schedule+0xe7/0x270 [ 287.368988][ T29] schedule_preempt_disabled+0x13/0x20 [ 287.375165][ T29] __down_write_common+0x94c/0x13f0 [ 287.380754][ T29] ? aa_file_perm+0x4f2/0x1000 [ 287.385833][ T29] ? up_write+0x510/0x510 [ 287.390488][ T29] ? rcu_is_watching+0x12/0xb0 [ 287.395574][ T29] ? lock_acquire+0x477/0x530 [ 287.401049][ T29] ? lock_sync+0x190/0x190 [ 287.405541][ T29] ? ptrace_stop.part.0+0x722/0x930 [ 287.411150][ T29] ? preempt_count_sub+0x160/0x160 [ 287.416301][ T29] ? lock_release+0x4c8/0x6a0 [ 287.421340][ T29] ? ptrace_notify+0xf1/0x130 [ 287.426056][ T29] blkdev_fallocate+0x1e9/0x450 [ 287.431390][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 287.436715][ T29] vfs_fallocate+0x4b4/0xf70 [ 287.442020][ T29] __x64_sys_fallocate+0xd5/0x140 [ 287.447374][ T29] do_syscall_64+0x40/0x110 [ 287.452502][ T29] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 287.458728][ T29] RIP: 0033:0x7f9035ae2b29 [ 287.463672][ T29] RSP: 002b:00007ffff69f6728 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.472444][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9035ae2b29 [ 287.480922][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.488919][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.497561][ T29] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 287.506296][ T29] R13: 00007ffff69f6948 R14: 00007ffff69f6750 R15: 00007ffff69f6740 [ 287.515017][ T29] [ 287.518340][ T29] INFO: task syz-executor112:5068 blocked for more than 143 seconds. [ 287.527193][ T29] Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.534597][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.543993][ T29] task:syz-executor112 state:D stack:28544 pid:5068 tgid:5068 ppid:5066 flags:0x00004006 [ 287.554895][ T29] Call Trace: [ 287.558194][ T29] [ 287.561165][ T29] __schedule+0xf15/0x5c80 [ 287.565611][ T29] ? preempt_schedule_notrace+0x5e/0xe0 [ 287.571260][ T29] ? preempt_schedule_notrace_thunk+0x1a/0x30 [ 287.577394][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.583356][ T29] ? lock_release+0x4c8/0x6a0 [ 287.588366][ T29] ? schedule+0x1fa/0x270 [ 287.593450][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.599142][ T29] ? __down_write_common+0x89d/0x13f0 [ 287.605196][ T29] ? do_raw_spin_lock+0x12d/0x2b0 [ 287.610564][ T29] ? spin_bug+0x1c0/0x1c0 [ 287.614932][ T29] schedule+0xe7/0x270 [ 287.619039][ T29] schedule_preempt_disabled+0x13/0x20 [ 287.625292][ T29] __down_write_common+0x94c/0x13f0 [ 287.630891][ T29] ? aa_file_perm+0x4f2/0x1000 [ 287.635690][ T29] ? up_write+0x510/0x510 [ 287.640045][ T29] ? rcu_is_watching+0x12/0xb0 [ 287.645249][ T29] ? lock_acquire+0x477/0x530 [ 287.649964][ T29] ? lock_sync+0x190/0x190 [ 287.655115][ T29] ? ptrace_stop.part.0+0x722/0x930 [ 287.660636][ T29] ? preempt_count_sub+0x160/0x160 [ 287.666077][ T29] ? lock_release+0x4c8/0x6a0 [ 287.671120][ T29] ? ptrace_notify+0xf1/0x130 [ 287.676100][ T29] blkdev_fallocate+0x1e9/0x450 [ 287.681663][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 287.687018][ T29] vfs_fallocate+0x4b4/0xf70 [ 287.691902][ T29] __x64_sys_fallocate+0xd5/0x140 [ 287.696958][ T29] do_syscall_64+0x40/0x110 [ 287.701501][ T29] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 287.707421][ T29] RIP: 0033:0x7f9035ae2b29 [ 287.711892][ T29] RSP: 002b:00007ffff69f6728 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.720706][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9035ae2b29 [ 287.729045][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.737452][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.745747][ T29] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 287.754171][ T29] R13: 00007ffff69f6948 R14: 00007ffff69f6750 R15: 00007ffff69f6740 [ 287.762523][ T29] [ 287.765584][ T29] INFO: lockdep is turned off. [ 287.771031][ T29] NMI backtrace for cpu 0 [ 287.775382][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.784687][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.794765][ T29] Call Trace: [ 287.798065][ T29] [ 287.801005][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.805629][ T29] nmi_cpu_backtrace+0x277/0x390 [ 287.810594][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.815827][ T29] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 287.821840][ T29] watchdog+0xf86/0x1210 [ 287.826113][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.832110][ T29] ? __kthread_parkme+0x148/0x220 [ 287.837151][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.843152][ T29] kthread+0x2c1/0x3a0 [ 287.847235][ T29] ? trace_irq_enable.constprop.0+0xe0/0x110 [ 287.853242][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.858903][ T29] ret_from_fork+0x45/0x80 [ 287.863335][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.868989][ T29] ret_from_fork_asm+0x11/0x20 [ 287.873766][ T29] [ 287.876852][ T29] Sending NMI from CPU 0 to CPUs 1: [ 287.882515][ C1] NMI backtrace for cpu 1 [ 287.882527][ C1] CPU: 1 PID: 4500 Comm: klogd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.882549][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.882561][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x58/0x60 [ 287.882594][ C1] Code: 82 d8 15 00 00 83 f8 02 75 20 48 8b 8a e0 15 00 00 8b 92 dc 15 00 00 48 8b 01 48 83 c0 01 48 39 d0 73 07 48 89 01 48 89 34 c1 0f 1f 80 00 00 00 00 f3 0f 1e fa 41 57 41 56 49 89 d6 41 55 41 [ 287.882613][ C1] RSP: 0018:ffffc9000319f788 EFLAGS: 00000293 [ 287.882630][ C1] RAX: 0000000000000000 RBX: 0000000064c678c0 RCX: ffffffff813b8b2c [ 287.882643][ C1] RDX: ffff88807ce81dc0 RSI: ffffffff813b8b36 RDI: 0000000000000007 [ 287.882656][ C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 287.882667][ C1] R10: 0000000000000000 R11: ffffffff8ace32a0 R12: 0000000000000000 [ 287.882679][ C1] R13: ffffffff81df780c R14: ffff888017ef2640 R15: ffff888064c679e0 [ 287.882693][ C1] FS: 00007f433f0b4380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 287.882714][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.882728][ C1] CR2: 0000561329f42680 CR3: 000000002029d000 CR4: 00000000003506f0 [ 287.882740][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.882752][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.882764][ C1] Call Trace: [ 287.882770][ C1] [ 287.882776][ C1] ? show_regs+0x8e/0xa0 [ 287.882802][ C1] ? nmi_cpu_backtrace+0x1d4/0x390 [ 287.882835][ C1] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 287.882866][ C1] ? nmi_handle+0x1a6/0x580 [ 287.882891][ C1] ? __sanitizer_cov_trace_pc+0x58/0x60 [ 287.882918][ C1] ? default_do_nmi+0x6a/0x160 [ 287.882937][ C1] ? exc_nmi+0x186/0x200 [ 287.882955][ C1] ? end_repeat_nmi+0xf/0x2a [ 287.882980][ C1] ? qlist_free_all+0xbc/0x1e0 [ 287.883008][ C1] ? __phys_addr+0xbc/0x140 [ 287.883033][ C1] ? __phys_addr+0xc6/0x140 [ 287.883058][ C1] ? __sanitizer_cov_trace_pc+0x58/0x60 [ 287.883085][ C1] ? __sanitizer_cov_trace_pc+0x58/0x60 [ 287.883112][ C1] ? __sanitizer_cov_trace_pc+0x58/0x60 [ 287.883139][ C1] [ 287.883144][ C1] [ 287.883149][ C1] __phys_addr+0xc6/0x140 [ 287.883175][ C1] ___cache_free+0x24/0xf0 [ 287.883205][ C1] qlist_free_all+0xc1/0x1e0 [ 287.883231][ C1] kasan_quarantine_reduce+0x18e/0x1d0 [ 287.883259][ C1] __kasan_kmalloc+0x86/0xb0 [ 287.883280][ C1] __kmalloc_node_track_caller+0x220/0x470 [ 287.883310][ C1] ? __alloc_skb+0x12b/0x330 [ 287.883334][ C1] kmalloc_reserve+0xef/0x260 [ 287.883356][ C1] __alloc_skb+0x12b/0x330 [ 287.883377][ C1] ? __napi_build_skb+0x50/0x50 [ 287.883399][ C1] ? lock_repin_lock+0x320/0x350 [ 287.883431][ C1] alloc_skb_with_frags+0xe4/0x710 [ 287.883456][ C1] ? lock_release+0x4c8/0x6a0 [ 287.883476][ C1] sock_alloc_send_pskb+0x7e1/0x970 [ 287.883512][ C1] ? sock_wmalloc+0x120/0x120 [ 287.883539][ C1] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.883557][ C1] ? do_raw_spin_lock+0x12d/0x2b0 [ 287.883578][ C1] ? spin_bug+0x1c0/0x1c0 [ 287.883597][ C1] ? __rcu_read_unlock+0x2ac/0x570 [ 287.883628][ C1] unix_dgram_sendmsg+0x464/0x1ca0 [ 287.883662][ C1] ? aa_sk_perm+0x2f5/0xb40 [ 287.883687][ C1] ? unix_stream_recvmsg+0x1b0/0x1b0 [ 287.883717][ C1] ? aa_af_perm+0x250/0x250 [ 287.883743][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 287.883771][ C1] ? unix_stream_recvmsg+0x1b0/0x1b0 [ 287.883802][ C1] __sock_sendmsg+0xd5/0x180 [ 287.883828][ C1] __sys_sendto+0x225/0x310 [ 287.883850][ C1] ? __ia32_sys_getpeername+0xb0/0xb0 [ 287.883880][ C1] ? __rseq_handle_notify_resume+0x663/0x1030 [ 287.883927][ C1] __x64_sys_sendto+0xe0/0x1b0 [ 287.883950][ C1] ? syscall_enter_from_user_mode+0x7d/0x110 [ 287.883974][ C1] do_syscall_64+0x40/0x110 [ 287.884003][ C1] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 287.884027][ C1] RIP: 0033:0x7f433f2169b5 [ 287.884043][ C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.884061][ C1] RSP: 002b:00007fff40460618 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.884079][ C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f433f2169b5 [ 287.884092][ C1] RDX: 000000000000004c RSI: 000055f9b3a7bcc0 RDI: 0000000000000003 [ 287.884104][ C1] RBP: 000055f9b3a77910 R08: 0000000000000000 R09: 0000000000000000 [ 287.884116][ C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.884128][ C1] R13: 00007f433f3a4212 R14: 00007fff40460718 R15: 0000000000000000 [ 287.884148][ C1] [ 287.884154][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.640 msecs [ 287.951067][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.951081][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0 [ 287.951104][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.951116][ T29] Call Trace: [ 287.951123][ T29] [ 287.951131][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.951166][ T29] panic+0x6dc/0x790 [ 287.951193][ T29] ? panic_smp_self_stop+0xa0/0xa0 [ 287.951220][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.951253][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.951288][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.951319][ T29] ? watchdog+0xd3d/0x1210 [ 287.951344][ T29] ? watchdog+0xd30/0x1210 [ 287.951371][ T29] watchdog+0xd4e/0x1210 [ 287.951400][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.951429][ T29] ? __kthread_parkme+0x148/0x220 [ 287.951454][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.951482][ T29] kthread+0x2c1/0x3a0 [ 287.951504][ T29] ? trace_irq_enable.constprop.0+0xe0/0x110 [ 287.951536][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.951563][ T29] ret_from_fork+0x45/0x80 [ 287.951588][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.951614][ T29] ret_from_fork_asm+0x11/0x20 [ 287.951649][ T29] [ 287.954198][ T29] Kernel Offset: disabled [ 288.483878][ T29] Rebooting in 86400 seconds..