./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3868323493

<...>
Warning: Permanently added '10.128.1.110' (ED25519) to the list of known hosts.
execve("./syz-executor3868323493", ["./syz-executor3868323493"], 0x7ffe98c34a70 /* 10 vars */) = 0
brk(NULL)                               = 0x55555660a000
brk(0x55555660ad00)                     = 0x55555660ad00
arch_prctl(ARCH_SET_FS, 0x55555660a380) = 0
set_tid_address(0x55555660a650)         = 5065
set_robust_list(0x55555660a660, 24)     = 0
rseq(0x55555660aca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3868323493", 4096) = 28
getrandom("\x25\x53\x28\xdc\xda\x13\xb5\xa3", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55555660ad00
brk(0x55555662bd00)                     = 0x55555662bd00
brk(0x55555662c000)                     = 0x55555662c000
mprotect(0x7fe55708f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached
, child_tidptr=0x55555660a650) = 5066
[pid  5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5066] set_robust_list(0x55555660a660, 24) = 0
./strace-static-x86_64: Process 5067 attached
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5067] set_robust_list(0x55555660a660, 24./strace-static-x86_64: Process 5068 attached
 <unfinished ...>
[pid  5065] <... clone resumed>, child_tidptr=0x55555660a650) = 5067
[pid  5066] <... clone resumed>, child_tidptr=0x55555660a650) = 5068
[pid  5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5068] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5067] <... set_robust_list resumed>) = 0
[  107.481370][   T27] audit: type=1400 audit(1700430292.839:83): avc:  denied  { execmem } for  pid=5065 comm="syz-executor386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid  5068] <... set_robust_list resumed>) = 0
[pid  5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5068] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5070 attached
./strace-static-x86_64: Process 5069 attached
) = 0
[pid  5065] <... clone resumed>, child_tidptr=0x55555660a650) = 5069
[pid  5070] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5069] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5068] setpgid(0, 0 <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x55555660a650) = 5070
[pid  5070] <... set_robust_list resumed>) = 0
[pid  5069] <... set_robust_list resumed>) = 0
[pid  5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5070] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5068] <... setpgid resumed>)      = 0
./strace-static-x86_64: Process 5071 attached
[pid  5065] <... clone resumed>, child_tidptr=0x55555660a650) = 5071
[pid  5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5072 attached
 <unfinished ...>
[pid  5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5071] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5070] <... prctl resumed>)        = 0
[pid  5069] <... clone resumed>, child_tidptr=0x55555660a650) = 5072
./strace-static-x86_64: Process 5073 attached
[pid  5072] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5071] <... set_robust_list resumed>) = 0
[pid  5070] setpgid(0, 0 <unfinished ...>
[pid  5068] <... openat resumed>)       = 3
[pid  5065] <... clone resumed>, child_tidptr=0x55555660a650) = 5073
[pid  5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5073] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5072] <... set_robust_list resumed>) = 0
[pid  5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5070] <... setpgid resumed>)      = 0
[pid  5068] write(3, "1000", 4 <unfinished ...>
[pid  5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5075 attached
./strace-static-x86_64: Process 5074 attached
 <unfinished ...>
[pid  5073] <... set_robust_list resumed>) = 0
[pid  5072] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5070] <... openat resumed>)       = 3
[pid  5068] <... write resumed>)        = 4
[pid  5075] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5074] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5072] <... prctl resumed>)        = 0
[pid  5071] <... clone resumed>, child_tidptr=0x55555660a650) = 5075
[pid  5065] <... clone resumed>, child_tidptr=0x55555660a650) = 5074
[pid  5070] write(3, "1000", 4 <unfinished ...>
[pid  5068] close(3 <unfinished ...>
[pid  5075] <... set_robust_list resumed>) = 0
[pid  5074] <... set_robust_list resumed>) = 0
[pid  5072] setpgid(0, 0 <unfinished ...>
[pid  5070] <... write resumed>)        = 4
./strace-static-x86_64: Process 5076 attached
[pid  5075] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5072] <... setpgid resumed>)      = 0
[pid  5070] close(3 <unfinished ...>
[pid  5068] <... close resumed>)        = 0
[pid  5076] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5075] <... prctl resumed>)        = 0
[pid  5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5073] <... clone resumed>, child_tidptr=0x55555660a650) = 5076
[pid  5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5070] <... close resumed>)        = 0
[pid  5068] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME <unfinished ...>
[pid  5075] setpgid(0, 0 <unfinished ...>
[pid  5076] <... set_robust_list resumed>) = 0
[pid  5075] <... setpgid resumed>)      = 0
[pid  5072] <... openat resumed>)       = 3
[pid  5070] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME <unfinished ...>
[pid  5076] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5070] <... openat resumed>)       = 3
[pid  5076] <... prctl resumed>)        = 0
[pid  5072] write(3, "1000", 4 <unfinished ...>
[pid  5076] setpgid(0, 0 <unfinished ...>
[pid  5072] <... write resumed>)        = 4
[pid  5076] <... setpgid resumed>)      = 0
[pid  5072] close(3 <unfinished ...>
[pid  5070] dup(3 <unfinished ...>
[pid  5072] <... close resumed>)        = 0
[pid  5072] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME <unfinished ...>
[pid  5070] <... dup resumed>)          = 4
[pid  5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5072] <... openat resumed>)       = 3
[pid  5070] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5072] dup(3 <unfinished ...>
[pid  5076] write(3, "1000", 4 <unfinished ...>
[pid  5072] <... dup resumed>)          = 4
[pid  5076] <... write resumed>)        = 4
[pid  5072] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5076] close(3)                    = 0
[pid  5076] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3
[pid  5076] dup(3)                      = 4
[pid  5076] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656./strace-static-x86_64: Process 5077 attached
 <unfinished ...>
[pid  5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5068] <... openat resumed>)       = 3
[  107.611082][   T27] audit: type=1400 audit(1700430292.969:84): avc:  denied  { read write } for  pid=5068 comm="syz-executor386" name="nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  107.634734][   T27] audit: type=1400 audit(1700430292.969:85): avc:  denied  { open } for  pid=5068 comm="syz-executor386" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[pid  5068] dup(3 <unfinished ...>
[pid  5077] set_robust_list(0x55555660a660, 24 <unfinished ...>
[pid  5075] <... openat resumed>)       = 3
[pid  5074] <... clone resumed>, child_tidptr=0x55555660a650) = 5077
[pid  5068] <... dup resumed>)          = 4
[pid  5077] <... set_robust_list resumed>) = 0
[pid  5068] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5077] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5075] write(3, "1000", 4 <unfinished ...>
[pid  5077] <... prctl resumed>)        = 0
[pid  5075] <... write resumed>)        = 4
[pid  5075] close(3 <unfinished ...>
[pid  5077] setpgid(0, 0 <unfinished ...>
[pid  5075] <... close resumed>)        = 0
[pid  5077] <... setpgid resumed>)      = 0
[pid  5075] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME <unfinished ...>
[pid  5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5075] <... openat resumed>)       = 3
[pid  5077] <... openat resumed>)       = 3
[pid  5077] write(3, "1000", 4)         = 4
[pid  5077] close(3)                    = 0
[pid  5077] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3
[pid  5077] dup(3 <unfinished ...>
[pid  5075] dup(3 <unfinished ...>
[pid  5077] <... dup resumed>)          = 4
[pid  5077] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5075] <... dup resumed>)          = 4
[  107.662203][   T27] audit: type=1400 audit(1700430293.019:86): avc:  denied  { append } for  pid=4494 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  107.685449][   T27] audit: type=1400 audit(1700430293.019:87): avc:  denied  { open } for  pid=4494 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  107.708087][   T27] audit: type=1400 audit(1700430293.019:88): avc:  denied  { getattr } for  pid=4494 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[pid  5075] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5066] kill(-5068, SIGKILL)        = 0
[pid  5066] kill(5068, SIGKILL)         = 0
[pid  5067] kill(-5070, SIGKILL)        = 0
[pid  5067] kill(5070, SIGKILL)         = 0
[pid  5069] kill(-5072, SIGKILL)        = 0
[pid  5069] kill(5072, SIGKILL)         = 0
[pid  5073] kill(-5076, SIGKILL)        = 0
[pid  5073] kill(5076, SIGKILL)         = 0
[pid  5071] kill(-5075, SIGKILL)        = 0
[pid  5071] kill(5075, SIGKILL)         = 0
[pid  5074] kill(-5077, SIGKILL)        = 0
[pid  5074] kill(5077, SIGKILL)         = 0
[pid  5069] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  5071] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5071] newfstatat(3, "",  <unfinished ...>
[pid  5069] <... openat resumed>)       = 3
[pid  5071] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5069] newfstatat(3, "",  <unfinished ...>
[pid  5073] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  5069] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5073] <... openat resumed>)       = 3
[pid  5071] getdents64(3,  <unfinished ...>
[pid  5073] newfstatat(3, "",  <unfinished ...>
[pid  5069] getdents64(3,  <unfinished ...>
[pid  5073] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5071] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5069] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5073] getdents64(3,  <unfinished ...>
[pid  5069] getdents64(3,  <unfinished ...>
[pid  5073] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5067] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  5073] getdents64(3,  <unfinished ...>
[pid  5069] <... getdents64 resumed>0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5071] getdents64(3,  <unfinished ...>
[pid  5069] close(3 <unfinished ...>
[pid  5067] <... openat resumed>)       = 3
[pid  5067] newfstatat(3, "",  <unfinished ...>
[pid  5073] <... getdents64 resumed>0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5069] <... close resumed>)        = 0
[pid  5073] close(3 <unfinished ...>
[pid  5071] <... getdents64 resumed>0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5067] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5073] <... close resumed>)        = 0
[pid  5071] close(3 <unfinished ...>
[pid  5074] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5071] <... close resumed>)        = 0
[pid  5066] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  5074] newfstatat(3, "",  <unfinished ...>
[pid  5067] getdents64(3,  <unfinished ...>
[pid  5074] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5066] <... openat resumed>)       = 3
[pid  5074] getdents64(3,  <unfinished ...>
[pid  5066] newfstatat(3, "",  <unfinished ...>
[pid  5074] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5074] getdents64(3,  <unfinished ...>
[pid  5067] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5066] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5074] <... getdents64 resumed>0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5067] getdents64(3,  <unfinished ...>
[pid  5074] close(3 <unfinished ...>
[pid  5067] <... getdents64 resumed>0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5066] getdents64(3,  <unfinished ...>
[pid  5074] <... close resumed>)        = 0
[pid  5067] close(3 <unfinished ...>
[pid  5066] <... getdents64 resumed>0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5067] <... close resumed>)        = 0
[pid  5066] getdents64(3, 0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5066] close(3)                    = 0
[pid  5070] <... fallocate resumed>)    = ?
[pid  5070] +++ killed by SIGKILL +++
[pid  5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5070, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=12422 /* 124.22 s */} ---
[pid  5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached
, child_tidptr=0x55555660a650) = 5091
[pid  5091] set_robust_list(0x55555660a660, 24) = 0
[pid  5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5091] setpgid(0, 0)               = 0
[pid  5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5091] write(3, "1000", 4)         = 4
[pid  5091] close(3)                    = 0
[pid  5091] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3
[pid  5091] dup(3)                      = 4
[pid  5091] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 2251799830470656 <unfinished ...>
[pid  5067] kill(-5091, SIGKILL)        = 0
[pid  5067] kill(5091, SIGKILL)         = 0
[pid  5067] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5067] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5067] getdents64(3, 0x55555660b6f0 /* 2 entries */, 32768) = 48
[pid  5067] getdents64(3, 0x55555660b6f0 /* 0 entries */, 32768) = 0
[pid  5067] close(3)                    = 0
[  286.826039][   T28] INFO: task syz-executor386:5068 blocked for more than 143 seconds.
[  286.834363][   T28]       Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  286.843915][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.854451][   T28] task:syz-executor386 state:D stack:27424 pid:5068  tgid:5068  ppid:5066   flags:0x00004006
[  286.881593][   T28] Call Trace:
[  286.895858][   T28]  <TASK>
[  286.898856][   T28]  __schedule+0xedb/0x5af0
[  286.903478][   T28]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  286.937526][   T28]  ? hlock_class+0x4e/0x130
[  286.942218][   T28]  ? mark_lock+0xb5/0xc50
[  286.957515][   T28]  ? io_schedule_timeout+0x150/0x150
[  286.964650][   T28]  ? schedule+0x1fc/0x270
[  286.977569][   T28]  ? reacquire_held_locks+0x4c0/0x4c0
[  286.983045][   T28]  ? __down_write_common+0x899/0x1400
[  287.018023][   T28]  schedule+0xe9/0x270
[  287.022191][   T28]  schedule_preempt_disabled+0x13/0x20
[  287.047545][   T28]  __down_write_common+0x948/0x1400
[  287.052851][   T28]  ? ptrace_stop.part.0+0x457/0x7a0
[  287.067419][   T28]  ? up_write+0x510/0x510
[  287.073558][   T28]  ? lock_sync+0x190/0x190
[  287.090147][   T28]  ? preempt_count_sub+0x160/0x160
[  287.095354][   T28]  blkdev_fallocate+0x1e9/0x450
[  287.124467][   T28]  ? file_to_blk_mode+0x1a0/0x1a0
[  287.131373][   T28]  vfs_fallocate+0x46c/0xe50
[  287.136175][   T28]  __x64_sys_fallocate+0xd5/0x140
[  287.141280][   T28]  do_syscall_64+0x40/0x110
[  287.145889][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  287.151964][   T28] RIP: 0033:0x7fe55701cb29
[  287.156699][   T28] RSP: 002b:00007ffc99618548 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  287.177543][   T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe55701cb29
[  287.185598][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004
[  287.197755][   T28] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  287.207578][   T28] R10: 0008000001002000 R11: 0000000000000246 R12: 0000000000000001
[  287.217424][   T28] R13: 00007ffc99618768 R14: 00007ffc99618570 R15: 00007ffc99618560
[  287.227470][   T28]  </TASK>
[  287.232398][   T28] INFO: task syz-executor386:5075 blocked for more than 143 seconds.
[  287.242353][   T28]       Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  287.251913][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  287.262571][   T28] task:syz-executor386 state:D stack:28000 pid:5075  tgid:5075  ppid:5071   flags:0x00004006
[  287.292214][   T28] Call Trace:
[  287.295931][   T28]  <TASK>
[  287.298917][   T28]  __schedule+0xedb/0x5af0
[  287.303409][   T28]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  287.311389][   T28]  ? hlock_class+0x4e/0x130
[  287.317987][   T28]  ? mark_lock+0xb5/0xc50
[  287.324142][   T28]  ? io_schedule_timeout+0x150/0x150
[  287.331784][   T28]  ? schedule+0x1fc/0x270
[  287.356015][   T28]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.363521][   T28]  ? __down_write_common+0x899/0x1400
[  287.369049][   T28]  schedule+0xe9/0x270
[  287.373198][   T28]  schedule_preempt_disabled+0x13/0x20
[  287.380778][   T28]  __down_write_common+0x948/0x1400
[  287.387740][   T28]  ? ptrace_stop.part.0+0x457/0x7a0
[  287.394835][   T28]  ? up_write+0x510/0x510
[  287.401096][   T28]  ? lock_sync+0x190/0x190
[  287.407474][   T28]  ? preempt_count_sub+0x160/0x160
[  287.414371][   T28]  blkdev_fallocate+0x1e9/0x450
[  287.425918][   T28]  ? file_to_blk_mode+0x1a0/0x1a0
[  287.431197][   T28]  vfs_fallocate+0x46c/0xe50
[  287.442479][   T28]  __x64_sys_fallocate+0xd5/0x140
[  287.454503][   T28]  do_syscall_64+0x40/0x110
[  287.460959][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  287.468679][   T28] RIP: 0033:0x7fe55701cb29
[  287.475031][   T28] RSP: 002b:00007ffc99618548 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  287.485400][   T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe55701cb29
[  287.495412][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004
[  287.505485][   T28] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  287.515329][   T28] R10: 0008000001002000 R11: 0000000000000246 R12: 0000000000000001
[  287.542457][   T28] R13: 00007ffc99618768 R14: 00007ffc99618570 R15: 00007ffc99618560
[  287.552405][   T28]  </TASK>
[  287.561130][   T28] INFO: task syz-executor386:5076 blocked for more than 144 seconds.
[  287.571248][   T28]       Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  287.580701][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  287.591309][   T28] task:syz-executor386 state:D stack:28304 pid:5076  tgid:5076  ppid:5073   flags:0x00004006
[  287.620928][   T28] Call Trace:
[  287.626538][   T28]  <TASK>
[  287.629525][   T28]  __schedule+0xedb/0x5af0
[  287.634007][   T28]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  287.642099][   T28]  ? hlock_class+0x4e/0x130
[  287.648377][   T28]  ? mark_lock+0xb5/0xc50
[  287.654506][   T28]  ? io_schedule_timeout+0x150/0x150
[  287.661739][   T28]  ? schedule+0x1fc/0x270
[  287.697890][   T28]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.703367][   T28]  ? __down_write_common+0x899/0x1400
[  287.734130][   T28]  schedule+0xe9/0x270
[  287.745793][   T28]  schedule_preempt_disabled+0x13/0x20
[  287.751371][   T28]  __down_write_common+0x948/0x1400
[  287.771306][   T28]  ? ptrace_stop.part.0+0x457/0x7a0
[  287.795310][   T28]  ? up_write+0x510/0x510
[  287.817998][   T28]  ? lock_sync+0x190/0x190
[  287.822524][   T28]  ? preempt_count_sub+0x160/0x160
[  287.845788][   T28]  blkdev_fallocate+0x1e9/0x450
[  287.852402][   T28]  ? file_to_blk_mode+0x1a0/0x1a0
[  287.859366][   T28]  vfs_fallocate+0x46c/0xe50
[  287.864056][   T28]  __x64_sys_fallocate+0xd5/0x140
[  287.869619][   T28]  do_syscall_64+0x40/0x110
[  287.874212][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  287.880358][   T28] RIP: 0033:0x7fe55701cb29
[  287.884824][   T28] RSP: 002b:00007ffc99618548 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  287.893762][   T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe55701cb29
[  287.902443][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004
[  287.911203][   T28] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  287.919946][   T28] R10: 0008000001002000 R11: 0000000000000246 R12: 0000000000000001
[  287.928044][   T28] R13: 00007ffc99618768 R14: 00007ffc99618570 R15: 00007ffc99618560
[  287.936691][   T28]  </TASK>
[  287.940376][   T28] INFO: task syz-executor386:5077 blocked for more than 144 seconds.
[  287.949541][   T28]       Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  287.957221][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  287.975773][   T28] task:syz-executor386 state:D stack:28112 pid:5077  tgid:5077  ppid:5074   flags:0x00004006
[  287.988083][   T28] Call Trace:
[  287.991865][   T28]  <TASK>
[  287.995262][   T28]  __schedule+0xedb/0x5af0
[  288.000314][   T28]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  288.006470][   T28]  ? hlock_class+0x4e/0x130
[  288.011049][   T28]  ? mark_lock+0xb5/0xc50
[  288.016806][   T28]  ? io_schedule_timeout+0x150/0x150
[  288.022653][   T28]  ? schedule+0x1fc/0x270
[  288.028051][   T28]  ? reacquire_held_locks+0x4c0/0x4c0
[  288.033958][   T28]  ? __down_write_common+0x899/0x1400
[  288.040387][   T28]  schedule+0xe9/0x270
[  288.045056][   T28]  schedule_preempt_disabled+0x13/0x20
[  288.051602][   T28]  __down_write_common+0x948/0x1400
[  288.057013][   T28]  ? ptrace_stop.part.0+0x457/0x7a0
[  288.062763][   T28]  ? up_write+0x510/0x510
[  288.067925][   T28]  ? lock_sync+0x190/0x190
[  288.072989][   T28]  ? preempt_count_sub+0x160/0x160
[  288.078914][   T28]  blkdev_fallocate+0x1e9/0x450
[  288.083856][   T28]  ? file_to_blk_mode+0x1a0/0x1a0
[  288.090627][   T28]  vfs_fallocate+0x46c/0xe50
[  288.095339][   T28]  __x64_sys_fallocate+0xd5/0x140
[  288.100547][   T28]  do_syscall_64+0x40/0x110
[  288.105137][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  288.111384][   T28] RIP: 0033:0x7fe55701cb29
[  288.116329][   T28] RSP: 002b:00007ffc99618548 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  288.125260][   T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe55701cb29
[  288.134183][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004
[  288.142732][   T28] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  288.151340][   T28] R10: 0008000001002000 R11: 0000000000000246 R12: 0000000000000001
[  288.159862][   T28] R13: 00007ffc99618768 R14: 00007ffc99618570 R15: 00007ffc99618560
[  288.168543][   T28]  </TASK>
[  288.172107][   T28] 
[  288.172107][   T28] Showing all locks held in the system:
[  288.179948][   T28] 1 lock held by rcu_preempt/16:
[  288.184938][   T28]  #0: ffff8880b983c758 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  288.195533][   T28] 1 lock held by khungtaskd/28:
[  288.200961][   T28]  #0: ffffffff8cfa82a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340
[  288.211561][   T28] 2 locks held by getty/4818:
[  288.216830][   T28]  #0: ffff888027f900a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  288.227339][   T28]  #1: ffffc900020582f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc6/0x1490
[  288.238253][   T28] 1 lock held by syz-executor386/5068:
[  288.244217][   T28]  #0: ffff88801b562d40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450
[  288.255485][   T28] 1 lock held by syz-executor386/5072:
[  288.261035][   T28] 1 lock held by syz-executor386/5075:
[  288.267122][   T28]  #0: ffff88801b562d40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450
[  288.278371][   T28] 1 lock held by syz-executor386/5076:
[  288.284291][   T28]  #0: ffff88801b562d40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450
[  288.295886][   T28] 1 lock held by syz-executor386/5077:
[  288.301843][   T28]  #0: ffff88801b562d40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450
[  288.313091][   T28] 1 lock held by syz-executor386/5091:
[  288.319315][   T28]  #0: ffff88801b562d40 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450
[  288.330606][   T28] 
[  288.333388][   T28] =============================================
[  288.333388][   T28] 
[  288.342109][   T28] NMI backtrace for cpu 1
[  288.346472][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  288.356303][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  288.366376][   T28] Call Trace:
[  288.369681][   T28]  <TASK>
[  288.372658][   T28]  dump_stack_lvl+0xd9/0x1b0
[  288.377334][   T28]  nmi_cpu_backtrace+0x277/0x390
[  288.382306][   T28]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  288.387556][   T28]  nmi_trigger_cpumask_backtrace+0x299/0x300
[  288.393585][   T28]  watchdog+0xf87/0x1210
[  288.397900][   T28]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.403919][   T28]  ? lockdep_hardirqs_on+0x7d/0x110
[  288.409160][   T28]  ? __kthread_parkme+0x14b/0x220
[  288.414211][   T28]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.420219][   T28]  kthread+0x2c6/0x3a0
[  288.424319][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  288.429546][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  288.435208][   T28]  ret_from_fork+0x45/0x80
[  288.439692][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  288.445360][   T28]  ret_from_fork_asm+0x11/0x20
[  288.450199][   T28]  </TASK>
[  288.453383][   T28] Sending NMI from CPU 1 to CPUs 0:
[  288.458676][    C0] NMI backtrace for cpu 0
[  288.458688][    C0] CPU: 0 PID: 1015 Comm: kworker/0:1H Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  288.458717][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  288.458732][    C0] Workqueue: kblockd blk_mq_run_work_fn
[  288.458834][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x70
[  288.458865][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 76 c8 e4 f6 48 89 df e8 de 3f e5 f6 f7 c5 00 02 00 00 75 1f 9c 58 f6 c4 02 75 2f <bf> 01 00 00 00 e8 f5 f4 d6 f6 65 8b 05 a6 7f 81 75 85 c0 74 12 5b
[  288.458889][    C0] RSP: 0018:ffffc900048a7628 EFLAGS: 00000046
[  288.458907][    C0] RAX: 0000000000000046 RBX: ffffffff929baff0 RCX: ffffffff81677d73
[  288.458923][    C0] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffffff929baff0
[  288.458939][    C0] RBP: 0000000000000082 R08: 0000000000000000 R09: fffffbfff25375fe
[  288.458954][    C0] R10: ffffffff929baff3 R11: 0000000000000003 R12: dffffc0000000000
[  288.458970][    C0] R13: 000000000000c468 R14: 0000000000000000 R15: 0000000000000000
[  288.458985][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  288.459009][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  288.459025][    C0] CR2: 000055b984431680 CR3: 000000007cdca000 CR4: 00000000003506f0
[  288.459041][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  288.459055][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  288.459070][    C0] Call Trace:
[  288.459078][    C0]  <NMI>
[  288.459085][    C0]  ? show_regs+0x8f/0xa0
[  288.459117][    C0]  ? nmi_cpu_backtrace+0x1d4/0x390
[  288.459143][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  288.459182][    C0]  ? nmi_handle+0x1a6/0x570
[  288.459213][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x70
[  288.459238][    C0]  ? default_do_nmi+0x6a/0x160
[  288.459269][    C0]  ? exc_nmi+0x186/0x200
[  288.459298][    C0]  ? end_repeat_nmi+0xf/0x2a
[  288.459345][    C0]  ? do_raw_spin_unlock+0x53/0x230
[  288.459385][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x70
[  288.459410][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x70
[  288.459436][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x70
[  288.459461][    C0]  </NMI>
[  288.459467][    C0]  <TASK>
[  288.459474][    C0]  debug_check_no_obj_freed+0x245/0x4c0
[  288.459561][    C0]  ? mempool_free+0xe7/0x3b0
[  288.459602][    C0]  kmem_cache_free+0x204/0x390
[  288.459643][    C0]  ? mempool_free+0x3b0/0x3b0
[  288.459678][    C0]  mempool_free+0xe7/0x3b0
[  288.459727][    C0]  bvec_free+0xfb/0x120
[  288.459752][    C0]  bio_free+0xaa/0x130
[  288.459775][    C0]  bio_put+0x2fb/0x650
[  288.459799][    C0]  bio_endio+0x33d/0x6a0
[  288.459824][    C0]  blk_update_request+0x67b/0x1700
[  288.459864][    C0]  blk_mq_end_request+0x57/0x520
[  288.459900][    C0]  end_cmd+0xfd/0x300
[  288.460034][    C0]  blk_mq_complete_request+0x8b/0xb0
[  288.460071][    C0]  null_handle_cmd+0x55d/0xa60
[  288.460102][    C0]  ? blk_mq_start_request+0x312/0x780
[  288.460138][    C0]  null_queue_rq+0x511/0x7a0
[  288.460169][    C0]  blk_mq_dispatch_rq_list+0x45b/0x1fd0
[  288.460214][    C0]  ? blk_mq_try_issue_directly+0x3b0/0x3b0
[  288.460255][    C0]  ? blk_mq_free_request+0x3e0/0x3e0
[  288.460292][    C0]  __blk_mq_sched_dispatch_requests+0x680/0x1620
[  288.460347][    C0]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  288.460385][    C0]  ? find_held_lock+0x2d/0x110
[  288.460418][    C0]  ? blk_mq_sched_tags_teardown+0x230/0x230
[  288.460449][    C0]  ? lock_sync+0x190/0x190
[  288.460482][    C0]  ? lock_sync+0x190/0x190
[  288.460516][    C0]  ? reacquire_held_locks+0x4c0/0x4c0
[  288.460553][    C0]  blk_mq_sched_dispatch_requests+0x104/0x180
[  288.460584][    C0]  blk_mq_run_work_fn+0x1ef/0x380
[  288.460621][    C0]  process_one_work+0x886/0x15d0
[  288.460655][    C0]  ? lock_sync+0x190/0x190
[  288.460688][    C0]  ? workqueue_congested+0x300/0x300
[  288.460722][    C0]  ? assign_work+0x1a0/0x250
[  288.460752][    C0]  worker_thread+0x8b9/0x1290
[  288.460785][    C0]  ? __kthread_parkme+0x14b/0x220
[  288.460810][    C0]  ? process_one_work+0x15d0/0x15d0
[  288.460843][    C0]  kthread+0x2c6/0x3a0
[  288.460869][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  288.460892][    C0]  ? kthread_complete_and_exit+0x40/0x40
[  288.460922][    C0]  ret_from_fork+0x45/0x80
[  288.460952][    C0]  ? kthread_complete_and_exit+0x40/0x40
[  288.460981][    C0]  ret_from_fork_asm+0x11/0x20
[  288.461020][    C0]  </TASK>
[  288.461029][    C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.353 msecs
[  288.461676][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  288.899682][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.7.0-rc1-syzkaller-00344-g037266a5f723 #0
[  288.909542][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  288.919620][   T28] Call Trace:
[  288.922938][   T28]  <TASK>
[  288.925892][   T28]  dump_stack_lvl+0xd9/0x1b0
[  288.930521][   T28]  panic+0x6dc/0x790
[  288.934450][   T28]  ? panic_smp_self_stop+0xa0/0xa0
[  288.939596][   T28]  ? kmsg_dump_get_line+0x350/0x350
[  288.944849][   T28]  ? __irq_work_queue_local+0x132/0x400
[  288.950545][   T28]  ? irq_work_queue+0x2a/0x70
[  288.955248][   T28]  ? watchdog+0xd3e/0x1210
[  288.959700][   T28]  ? watchdog+0xd31/0x1210
[  288.964182][   T28]  watchdog+0xd4f/0x1210
[  288.968461][   T28]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.974475][   T28]  ? lockdep_hardirqs_on+0x7d/0x110
[  288.979718][   T28]  ? __kthread_parkme+0x14b/0x220
[  288.984772][   T28]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.990828][   T28]  kthread+0x2c6/0x3a0
[  288.995020][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  289.000247][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  289.005916][   T28]  ret_from_fork+0x45/0x80
[  289.010373][   T28]  ? kthread_complete_and_exit+0x40/0x40
[  289.016041][   T28]  ret_from_fork_asm+0x11/0x20
[  289.020850][   T28]  </TASK>
[  289.024113][   T28] Kernel Offset: disabled
[  289.028450][   T28] Rebooting in 86400 seconds..