./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor372926623 <...> forked to background, child pid 3187 no interfaces have a carrier [ 24.333939][ T3188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 24.344430][ T3188] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.51' (ECDSA) to the list of known hosts. execve("./syz-executor372926623", ["./syz-executor372926623"], 0x7ffd4d9ed3d0 /* 10 vars */) = 0 brk(NULL) = 0x555556d32000 brk(0x555556d32c40) = 0x555556d32c40 arch_prctl(ARCH_SET_FS, 0x555556d32300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor372926623", 4096) = 27 brk(0x555556d53c40) = 0x555556d53c40 brk(0x555556d54000) = 0x555556d54000 mprotect(0x7fd38a446000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached , child_tidptr=0x555556d325d0) = 3609 [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3610 attached ./strace-static-x86_64: Process 3611 attached [pid 3608] <... clone resumed>, child_tidptr=0x555556d325d0) = 3610 [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3609] <... clone resumed>, child_tidptr=0x555556d325d0) = 3611 ./strace-static-x86_64: Process 3612 attached [pid 3611] <... prctl resumed>) = 0 [pid 3611] setpgid(0, 0 [pid 3610] <... clone resumed>, child_tidptr=0x555556d325d0) = 3612 [pid 3611] <... setpgid resumed>) = 0 [pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3608] <... clone resumed>, child_tidptr=0x555556d325d0) = 3613 [pid 3611] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3613 attached [pid 3611] write(3, "1000", 4) = 4 [pid 3611] close(3) = 0 [pid 3611] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3611] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3613] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3612] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 3614 attached [pid 3608] <... clone resumed>, child_tidptr=0x555556d325d0) = 3614 ./strace-static-x86_64: Process 3615 attached [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3614] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3612] <... prctl resumed>) = 0 [pid 3613] <... clone resumed>, child_tidptr=0x555556d325d0) = 3615 [pid 3608] <... clone resumed>, child_tidptr=0x555556d325d0) = 3616 [pid 3614] <... clone resumed>, child_tidptr=0x555556d325d0) = 3617 [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3612] setpgid(0, 0) = 0 [pid 3615] <... prctl resumed>) = 0 [pid 3612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3615] setpgid(0, 0 [pid 3612] <... openat resumed>) = 3 [pid 3608] <... clone resumed>, child_tidptr=0x555556d325d0) = 3618 [pid 3615] <... setpgid resumed>) = 0 [pid 3612] write(3, "1000", 4 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3612] <... write resumed>) = 4 [pid 3615] <... openat resumed>) = 3 [pid 3612] close(3./strace-static-x86_64: Process 3618 attached ./strace-static-x86_64: Process 3617 attached ./strace-static-x86_64: Process 3616 attached [pid 3615] write(3, "1000", 4 [pid 3612] <... close resumed>) = 0 [pid 3615] <... write resumed>) = 4 [pid 3612] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY [pid 3615] close(3 [pid 3612] <... openat resumed>) = 3 [pid 3618] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3615] <... close resumed>) = 0 [pid 3612] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3615] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3615] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3617] setpgid(0, 0 [pid 3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3619 attached [pid 3618] <... clone resumed>, child_tidptr=0x555556d325d0) = 3619 [pid 3617] <... setpgid resumed>) = 0 [pid 3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3617] write(3, "1000", 4 [pid 3616] <... clone resumed>, child_tidptr=0x555556d325d0) = 3620 ./strace-static-x86_64: Process 3620 attached [pid 3619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3617] <... write resumed>) = 4 [pid 3617] close(3) = 0 [pid 3617] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3617] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3619] <... prctl resumed>) = 0 [pid 3619] setpgid(0, 0) = 0 [pid 3619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3619] write(3, "1000", 4 [pid 3620] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3619] <... write resumed>) = 4 [pid 3620] <... prctl resumed>) = 0 [pid 3619] close(3) = 0 [pid 3620] setpgid(0, 0) = 0 [pid 3619] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3619] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3620] <... openat resumed>) = 3 [pid 3620] write(3, "1000", 4) = 4 [pid 3620] close(3) = 0 [pid 3620] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3620] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3610] kill(-3612, SIGKILL [pid 3609] kill(-3611, SIGKILL [pid 3610] <... kill resumed>) = 0 [pid 3609] <... kill resumed>) = 0 [pid 3610] kill(3612, SIGKILL [pid 3609] kill(3611, SIGKILL [pid 3610] <... kill resumed>) = 0 [pid 3609] <... kill resumed>) = 0 [pid 3614] kill(-3617, SIGKILL) = 0 [pid 3614] kill(3617, SIGKILL) = 0 [pid 3613] kill(-3615, SIGKILL) = 0 [pid 3613] kill(3615, SIGKILL) = 0 [pid 3618] kill(-3619, SIGKILL) = 0 [pid 3618] kill(3619, SIGKILL) = 0 [pid 3616] kill(-3620, SIGKILL) = 0 [pid 3616] kill(3620, SIGKILL) = 0 [pid 3610] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3616] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3610] <... openat resumed>) = 3 [pid 3613] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3610] fstat(3, [pid 3613] <... openat resumed>) = 3 [pid 3616] fstat(3, [pid 3613] fstat(3, [pid 3610] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3613] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3616] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3616] getdents64(3, [pid 3613] getdents64(3, [pid 3614] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3616] <... getdents64 resumed>0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3613] <... getdents64 resumed>0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3614] <... openat resumed>) = 3 [pid 3613] getdents64(3, [pid 3614] fstat(3, [pid 3613] <... getdents64 resumed>0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3610] getdents64(3, [pid 3616] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3616] close(3 [pid 3614] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3613] close(3 [pid 3610] <... getdents64 resumed>0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3616] <... close resumed>) = 0 [pid 3614] getdents64(3, [pid 3613] <... close resumed>) = 0 [pid 3614] <... getdents64 resumed>0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3609] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3614] getdents64(3, [pid 3610] getdents64(3, [pid 3614] <... getdents64 resumed>0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3609] <... openat resumed>) = 3 [pid 3614] close(3 [pid 3610] <... getdents64 resumed>0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3609] fstat(3, [pid 3614] <... close resumed>) = 0 [pid 3610] close(3 [pid 3609] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3609] getdents64(3, [pid 3610] <... close resumed>) = 0 [pid 3609] <... getdents64 resumed>0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3609] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3609] close(3) = 0 [pid 3618] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3618] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3618] getdents64(3, 0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3618] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3618] close(3) = 0 syzkaller login: [ 76.211954][ T145] cfg80211: failed to load regulatory.db [pid 3611] <... fallocate resumed>) = ? [pid 3611] +++ killed by SIGKILL +++ [pid 3609] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3611, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4795} --- [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3637 attached [pid 3637] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3609] <... clone resumed>, child_tidptr=0x555556d325d0) = 3637 [pid 3637] <... prctl resumed>) = 0 [pid 3637] setpgid(0, 0) = 0 [pid 3637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3637] write(3, "1000", 4) = 4 [pid 3637] close(3) = 0 [pid 3637] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3637] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3609] kill(-3637, SIGKILL) = 0 [pid 3609] kill(3637, SIGKILL) = 0 [pid 3609] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3609] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3609] getdents64(3, 0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3609] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3609] close(3) = 0 [pid 3612] <... fallocate resumed>) = ? [pid 3612] +++ killed by SIGKILL +++ [pid 3610] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3612, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4687} --- [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d325d0) = 3639 ./strace-static-x86_64: Process 3639 attached [pid 3639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3639] setpgid(0, 0) = 0 [pid 3639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3639] write(3, "1000", 4) = 4 [pid 3639] close(3) = 0 [pid 3639] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3639] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3610] kill(-3639, SIGKILL) = 0 [pid 3610] kill(3639, SIGKILL) = 0 [pid 3610] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3610] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3610] getdents64(3, 0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3610] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3610] close(3) = 0 [pid 3615] <... fallocate resumed>) = ? [pid 3615] +++ killed by SIGKILL +++ [pid 3613] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3615, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4718} --- [pid 3613] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556d325d0) = 3646 ./strace-static-x86_64: Process 3646 attached [pid 3646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3646] setpgid(0, 0) = 0 [pid 3646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3646] write(3, "1000", 4) = 4 [pid 3646] close(3) = 0 [pid 3646] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3646] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3613] kill(-3646, SIGKILL) = 0 [pid 3613] kill(3646, SIGKILL) = 0 [pid 3613] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3613] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3613] getdents64(3, 0x555556d33620 /* 2 entries */, 32768) = 48 [pid 3613] getdents64(3, 0x555556d33620 /* 0 entries */, 32768) = 0 [pid 3613] close(3) = 0 [ 286.110414][ T29] INFO: task syz-executor372:3619 blocked for more than 143 seconds. [ 286.118936][ T29] Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 286.126514][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.135228][ T29] task:syz-executor372 state:D stack:23536 pid: 3619 ppid: 3618 flags:0x00004004 [ 286.144509][ T29] Call Trace: [ 286.147804][ T29] [ 286.150781][ T29] __schedule+0x91f/0xdf0 [ 286.155395][ T29] ? release_firmware_map_entry+0x187/0x187 [ 286.161700][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.167595][ T29] ? _raw_spin_lock_irq+0xba/0xf0 [ 286.173393][ T29] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.178994][ T29] schedule+0xcb/0x190 [ 286.183489][ T29] rwsem_down_write_slowpath+0xf1c/0x1350 [ 286.189617][ T29] ? rwsem_down_read_slowpath+0x930/0x930 [ 286.195757][ T29] ? read_lock_is_recursive+0x10/0x10 [ 286.201544][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.207030][ T29] down_write+0x163/0x170 [ 286.211939][ T29] ? down_read_killable+0x80/0x80 [ 286.217356][ T29] blkdev_fallocate+0x21f/0x390 [ 286.222706][ T29] vfs_fallocate+0x515/0x670 [ 286.227769][ T29] __x64_sys_fallocate+0xb9/0x100 [ 286.233213][ T29] do_syscall_64+0x3d/0xb0 [ 286.238100][ T29] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.244413][ T29] RIP: 0033:0x7fd38a3d9e09 [ 286.249187][ T29] RSP: 002b:00007ffdf0659e18 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.257664][ T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fd38a3d9e09 [ 286.266156][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003 [ 286.274532][ T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 286.283264][ T29] R10: 0002000080000000 R11: 0000000000000246 R12: 00007fd38a39d5e0 [ 286.291604][ T29] R13: 0000000000000000 R14: 00007ffdf0659e40 R15: 00007ffdf0659e30 [ 286.300079][ T29] [ 286.303489][ T29] INFO: task syz-executor372:3620 blocked for more than 143 seconds. [ 286.311926][ T29] Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 286.319434][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.328551][ T29] task:syz-executor372 state:D stack:23192 pid: 3620 ppid: 3616 flags:0x00004004 [ 286.338197][ T29] Call Trace: [ 286.341875][ T29] [ 286.345171][ T29] __schedule+0x91f/0xdf0 [ 286.349915][ T29] ? release_firmware_map_entry+0x187/0x187 [ 286.356188][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.361783][ T29] ? _raw_spin_lock_irq+0xba/0xf0 [ 286.373131][ T29] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.378493][ T29] schedule+0xcb/0x190 [ 286.383457][ T29] rwsem_down_write_slowpath+0xf1c/0x1350 [ 286.391604][ T29] ? rwsem_down_read_slowpath+0x930/0x930 [ 286.400343][ T29] ? read_lock_is_recursive+0x10/0x10 [ 286.406060][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.412412][ T29] down_write+0x163/0x170 [ 286.417579][ T29] ? down_read_killable+0x80/0x80 [ 286.422690][ T29] blkdev_fallocate+0x21f/0x390 [ 286.427564][ T29] vfs_fallocate+0x515/0x670 [ 286.432684][ T29] __x64_sys_fallocate+0xb9/0x100 [ 286.438042][ T29] do_syscall_64+0x3d/0xb0 [ 286.443405][ T29] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.449931][ T29] RIP: 0033:0x7fd38a3d9e09 [ 286.454359][ T29] RSP: 002b:00007ffdf0659e18 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.464814][ T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fd38a3d9e09 [ 286.475991][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003 [ 286.484040][ T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 286.496190][ T29] R10: 0002000080000000 R11: 0000000000000246 R12: 00007fd38a39d5e0 [ 286.505091][ T29] R13: 0000000000000000 R14: 00007ffdf0659e40 R15: 00007ffdf0659e30 [ 286.513190][ T29] [ 286.516244][ T29] INFO: task syz-executor372:3637 blocked for more than 143 seconds. [ 286.524728][ T29] Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 286.532001][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.541049][ T29] task:syz-executor372 state:D stack:23192 pid: 3637 ppid: 3609 flags:0x00004004 [ 286.550714][ T29] Call Trace: [ 286.554373][ T29] [ 286.557675][ T29] __schedule+0x91f/0xdf0 [ 286.562419][ T29] ? release_firmware_map_entry+0x187/0x187 [ 286.568701][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.574589][ T29] ? _raw_spin_lock_irq+0xba/0xf0 [ 286.579640][ T29] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.585218][ T29] schedule+0xcb/0x190 [ 286.589643][ T29] rwsem_down_write_slowpath+0xf1c/0x1350 [ 286.595910][ T29] ? rwsem_down_read_slowpath+0x930/0x930 [ 286.602051][ T29] ? read_lock_is_recursive+0x10/0x10 [ 286.607816][ T29] ? print_irqtrace_events+0x220/0x220 [ 286.613688][ T29] down_write+0x163/0x170 [ 286.618349][ T29] ? down_read_killable+0x80/0x80 [ 286.623777][ T29] blkdev_fallocate+0x21f/0x390 [ 286.628744][ T29] vfs_fallocate+0x515/0x670 [ 286.633433][ T29] __x64_sys_fallocate+0xb9/0x100 [ 286.638828][ T29] do_syscall_64+0x3d/0xb0 [ 286.643652][ T29] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.652765][ T29] RIP: 0033:0x7fd38a3d9e09 [ 286.658003][ T29] RSP: 002b:00007ffdf0659e18 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.666794][ T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fd38a3d9e09 [ 286.675212][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003 [ 286.683607][ T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 286.692065][ T29] R10: 0002000080000000 R11: 0000000000000246 R12: 000000000000a7a3 [ 286.701006][ T29] R13: 00007ffdf0659e2c R14: 00007ffdf0659e40 R15: 00007ffdf0659e30 [ 286.709206][ T29] [ 286.712712][ T29] [ 286.712712][ T29] Showing all locks held in the system: [ 286.720989][ T29] 1 lock held by rcu_tasks_kthre/13: [ 286.726766][ T29] #0: ffffffff8cb21db0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.737724][ T29] 1 lock held by rcu_tasks_trace/14: [ 286.743403][ T29] #0: ffffffff8cb225b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.754800][ T29] 1 lock held by khungtaskd/29: [ 286.764236][ T29] #0: ffffffff8cb21be0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 286.774551][ T29] 1 lock held by klogd/2964: [ 286.780120][ T29] 2 locks held by getty/3285: [ 286.786490][ T29] #0: ffff888026380098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 286.799965][ T29] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x53b/0x1650 [ 286.811045][ T29] 1 lock held by syz-executor372/3617: [ 286.817293][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.828053][ T29] 1 lock held by syz-executor372/3619: [ 286.837820][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.849445][ T29] 1 lock held by syz-executor372/3620: [ 286.855758][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.870004][ T29] 1 lock held by syz-executor372/3637: [ 286.875974][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.886777][ T29] 1 lock held by syz-executor372/3639: [ 286.894060][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.909986][ T29] 1 lock held by syz-executor372/3646: [ 286.915757][ T29] #0: ffff88801242a9c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390 [ 286.928242][ T29] [ 286.931434][ T29] ============================================= [ 286.931434][ T29] [ 286.939907][ T29] NMI backtrace for cpu 1 [ 286.944246][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 286.953704][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 286.963756][ T29] Call Trace: [ 286.967019][ T29] [ 286.969949][ T29] dump_stack_lvl+0x1b1/0x28e [ 286.974629][ T29] ? preempt_schedule+0xb6/0xc0 [ 286.979463][ T29] ? fortify_panic+0x13/0x13 [ 286.984040][ T29] ? panic+0x715/0x715 [ 286.988105][ T29] ? console_unlock+0x6bd/0x6f0 [ 286.992970][ T29] ? console_trylock_spinning+0x410/0x410 [ 286.998673][ T29] ? nmi_cpu_backtrace+0x1e5/0x450 [ 287.003779][ T29] nmi_cpu_backtrace+0x425/0x450 [ 287.008700][ T29] ? vprintk_emit+0x109/0x1e0 [ 287.013362][ T29] ? nmi_trigger_cpumask_backtrace+0x280/0x280 [ 287.019495][ T29] ? _printk+0xc0/0x100 [ 287.023645][ T29] ? panic+0x715/0x715 [ 287.027702][ T29] ? __wake_up_klogd+0xcd/0x100 [ 287.032542][ T29] ? panic+0x715/0x715 [ 287.036600][ T29] ? __rcu_read_unlock+0x8f/0x100 [ 287.041699][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 287.047804][ T29] nmi_trigger_cpumask_backtrace+0x169/0x280 [ 287.053775][ T29] watchdog+0xcd5/0xd20 [ 287.057969][ T29] kthread+0x266/0x300 [ 287.062055][ T29] ? hungtask_pm_notify+0x50/0x50 [ 287.067070][ T29] ? kthread_blkcg+0xd0/0xd0 [ 287.071647][ T29] ret_from_fork+0x1f/0x30 [ 287.076078][ T29] [ 287.079284][ T29] Sending NMI from CPU 1 to CPUs 0: [ 287.084545][ C0] NMI backtrace for cpu 0 [ 287.084555][ C0] CPU: 0 PID: 2964 Comm: klogd Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 287.084570][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 287.084577][ C0] RIP: 0010:cmpxchg_double_slab+0x12d/0x310 [ 287.084624][ C0] Code: 02 00 00 0f 84 90 00 00 00 fb e9 8a 00 00 00 41 8d 46 20 a8 0f 0f 85 64 01 00 00 4c 89 f9 4c 89 e8 4c 89 e2 f0 49 0f c7 4e 20 01 75 67 eb 69 49 8b 46 08 a8 01 0f 85 77 01 00 00 0f 1f 44 00 [ 287.084635][ C0] RSP: 0018:ffffc9000317f4b8 EFLAGS: 00000246 [ 287.084648][ C0] RAX: ffff88808d85a200 RBX: ffff88808d85b300 RCX: 0000000080070003 [ 287.084658][ C0] RDX: 0000000080070004 RSI: ffffea0002361600 RDI: ffff888145863b40 [ 287.084668][ C0] RBP: 0000000080070003 R08: ffff88808d85b300 R09: 0000000080070003 [ 287.084677][ C0] R10: ffffed1017348069 R11: 1ffff11017348068 R12: 0000000080070004 [ 287.084687][ C0] R13: ffff88808d85a200 R14: ffffea0002361600 R15: 0000000080070003 [ 287.084697][ C0] FS: 00007f6944832800(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 287.084709][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.084718][ C0] CR2: 000055ce6e040990 CR3: 0000000026feb000 CR4: 00000000003506f0 [ 287.084733][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.084740][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.084748][ C0] Call Trace: [ 287.084752][ C0] [ 287.084760][ C0] __slab_free+0x95/0x280 [ 287.084778][ C0] ? __phys_addr+0xb5/0x160 [ 287.084828][ C0] qlist_free_all+0x2b/0x70 [ 287.084868][ C0] kasan_quarantine_reduce+0x169/0x180 [ 287.084889][ C0] __kasan_slab_alloc+0x2f/0xd0 [ 287.084904][ C0] ? rcu_read_lock_sched_held+0x87/0x110 [ 287.084921][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 287.084947][ C0] ? kmem_cache_alloc_node+0x44/0x350 [ 287.084965][ C0] ? __might_sleep+0xc0/0xc0 [ 287.085010][ C0] ? do_raw_spin_unlock+0x134/0x8a0 [ 287.085030][ C0] ? _raw_spin_unlock_irqrestore+0x8b/0x120 [ 287.085052][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 287.085074][ C0] kmem_cache_alloc_node+0x1cc/0x350 [ 287.085089][ C0] ? __alloc_skb+0xcf/0x2b0 [ 287.085136][ C0] __alloc_skb+0xcf/0x2b0 [ 287.085156][ C0] alloc_skb_with_frags+0xb4/0x780 [ 287.085173][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 287.085192][ C0] sock_alloc_send_pskb+0x938/0xa70 [ 287.085209][ C0] ? unix_dgram_sendmsg+0x381/0x2010 [ 287.085248][ C0] ? sock_kzfree_s+0x50/0x50 [ 287.085267][ C0] ? do_raw_spin_unlock+0x134/0x8a0 [ 287.085289][ C0] unix_dgram_sendmsg+0x5ab/0x2010 [ 287.085311][ C0] ? aa_sk_perm+0x89e/0x9e0 [ 287.085365][ C0] ? unix_dgram_poll+0x6c0/0x6c0 [ 287.085381][ C0] ? aa_sock_msg_perm+0x91/0x150 [ 287.085397][ C0] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 287.085424][ C0] ? security_socket_sendmsg+0x9d/0xb0 [ 287.085473][ C0] ? unix_dgram_poll+0x6c0/0x6c0 [ 287.085488][ C0] __sys_sendto+0x46e/0x5f0 [ 287.085524][ C0] ? __ia32_sys_getpeername+0x80/0x80 [ 287.085545][ C0] ? read_lock_is_recursive+0x10/0x10 [ 287.085561][ C0] ? __ct_user_exit+0x81/0xe0 [ 287.085576][ C0] ? __lock_acquire+0x1f60/0x1f60 [ 287.085611][ C0] __x64_sys_sendto+0xda/0xf0 [ 287.085631][ C0] do_syscall_64+0x3d/0xb0 [ 287.085652][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 287.085671][ C0] RIP: 0033:0x7f69449ce0ac [ 287.085682][ C0] Code: 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 19 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 64 c3 0f 1f 00 55 48 83 ec 20 48 89 54 24 10 [ 287.085692][ C0] RSP: 002b:00007ffde4beed28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.085706][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f69449ce0ac [ 287.085715][ C0] RDX: 000000000000003a RSI: 00005593dade5d70 RDI: 0000000000000003 [ 287.085723][ C0] RBP: 00005593dade1910 R08: 0000000000000000 R09: 0000000000000000 [ 287.085731][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000014 [ 287.085739][ C0] R13: 0000000000000001 R14: 00007f6944b4977d R15: 00007ffde4beee38 [ 287.085755][ C0] [ 287.085761][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.215 msecs [ 287.087297][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.500778][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-syzkaller-06475-g4c86114194e6 #0 [ 287.510211][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 287.520508][ T29] Call Trace: [ 287.523776][ T29] [ 287.526692][ T29] dump_stack_lvl+0x1b1/0x28e [ 287.531365][ T29] ? fortify_panic+0x13/0x13 [ 287.536024][ T29] ? panic+0x715/0x715 [ 287.540071][ T29] ? lockdep_hardirqs_on_prepare+0x428/0x790 [ 287.546039][ T29] ? vscnprintf+0x59/0x80 [ 287.550358][ T29] panic+0x2d6/0x715 [ 287.554234][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 287.559847][ T29] ? nmi_trigger_cpumask_backtrace+0x205/0x280 [ 287.565993][ T29] ? fb_is_primary_device+0xcc/0xcc [ 287.571171][ T29] ? __irq_work_queue_local+0x121/0x180 [ 287.576748][ T29] ? nmi_trigger_cpumask_backtrace+0x205/0x280 [ 287.582881][ T29] ? nmi_trigger_cpumask_backtrace+0x265/0x280 [ 287.589019][ T29] watchdog+0xd16/0xd20 [ 287.593167][ T29] kthread+0x266/0x300 [ 287.597255][ T29] ? hungtask_pm_notify+0x50/0x50 [ 287.602260][ T29] ? kthread_blkcg+0xd0/0xd0 [ 287.606830][ T29] ret_from_fork+0x1f/0x30 [ 287.611238][ T29] [ 287.614522][ T29] Kernel Offset: disabled [ 287.618845][ T29] Rebooting in 86400 seconds..