./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2478157930 <...> Warning: Permanently added '10.128.1.73' (ED25519) to the list of known hosts. execve("./syz-executor2478157930", ["./syz-executor2478157930"], 0x7ffde1ca0d60 /* 10 vars */) = 0 brk(NULL) = 0x555589fcb000 brk(0x555589fcbd00) = 0x555589fcbd00 arch_prctl(ARCH_SET_FS, 0x555589fcb380) = 0 set_tid_address(0x555589fcb650) = 5836 set_robust_list(0x555589fcb660, 24) = 0 rseq(0x555589fcbca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2478157930", 4096) = 28 getrandom("\xdb\x2a\x32\xa9\xf2\x42\x98\xa4", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555589fcbd00 brk(0x555589fecd00) = 0x555589fecd00 brk(0x555589fed000) = 0x555589fed000 mprotect(0x7fbd5e910000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached , child_tidptr=0x555589fcb650) = 5837 [pid 5837] set_robust_list(0x555589fcb660, 24 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] <... set_robust_list resumed>) = 0 [pid 5837] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5838 attached , child_tidptr=0x555589fcb650) = 5839 ./strace-static-x86_64: Process 5839 attached [pid 5836] <... clone resumed>, child_tidptr=0x555589fcb650) = 5838 [pid 5838] set_robust_list(0x555589fcb660, 24 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] set_robust_list(0x555589fcb660, 24 [pid 5838] <... set_robust_list resumed>) = 0 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5840 attached ./strace-static-x86_64: Process 5841 attached ) = 0 [pid 5836] <... clone resumed>, child_tidptr=0x555589fcb650) = 5840 [pid 5841] set_robust_list(0x555589fcb660, 24 [pid 5838] <... clone resumed>, child_tidptr=0x555589fcb650) = 5841 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] set_robust_list(0x555589fcb660, 24 [pid 5839] setpgid(0, 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5842 attached [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] <... setpgid resumed>) = 0 [pid 5836] <... clone resumed>, child_tidptr=0x555589fcb650) = 5842 [pid 5841] <... prctl resumed>) = 0 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] setpgid(0, 0 [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] set_robust_list(0x555589fcb660, 24./strace-static-x86_64: Process 5843 attached [pid 5841] <... setpgid resumed>) = 0 [ 119.856839][ T30] audit: type=1400 audit(1742082899.438:88): avc: denied { execmem } for pid=5836 comm="syz-executor247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5844 attached [pid 5836] <... clone resumed>, child_tidptr=0x555589fcb650) = 5843 [pid 5843] set_robust_list(0x555589fcb660, 24 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5844] set_robust_list(0x555589fcb660, 24 [pid 5843] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5842] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] write(3, "1000", 4 [pid 5840] <... clone resumed>, child_tidptr=0x555589fcb650) = 5844 [pid 5839] write(3, "1000", 4./strace-static-x86_64: Process 5845 attached [pid 5844] <... set_robust_list resumed>) = 0 [pid 5841] <... write resumed>) = 4 ./strace-static-x86_64: Process 5846 attached [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... write resumed>) = 4 [pid 5841] close(3 [pid 5846] set_robust_list(0x555589fcb660, 24 [pid 5845] set_robust_list(0x555589fcb660, 24 [pid 5844] <... prctl resumed>) = 0 [pid 5843] <... clone resumed>, child_tidptr=0x555589fcb650) = 5845 [pid 5839] close(3 [pid 5841] <... close resumed>) = 0 [pid 5846] <... set_robust_list resumed>) = 0 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] setpgid(0, 0 [pid 5842] <... clone resumed>, child_tidptr=0x555589fcb650) = 5846 [pid 5839] <... close resumed>) = 0 [pid 5844] <... setpgid resumed>) = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] write(1, "executing program\n", 18executing program executing program [pid 5839] write(1, "executing program\n", 18 [pid 5846] <... prctl resumed>) = 0 [pid 5845] <... prctl resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5841] <... write resumed>) = 18 [pid 5839] <... write resumed>) = 18 [pid 5844] <... openat resumed>) = 3 [pid 5841] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT [pid 5839] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT [pid 5846] setpgid(0, 0) = 0 [pid 5845] setpgid(0, 0 [pid 5844] write(3, "1000", 4 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5845] <... setpgid resumed>) = 0 [pid 5841] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5844] <... write resumed>) = 4 [pid 5844] close(3 [pid 5846] <... openat resumed>) = 3 [pid 5845] <... openat resumed>) = 3 [pid 5844] <... close resumed>) = 0 executing program [pid 5844] write(1, "executing program\n", 18 [pid 5845] write(3, "1000", 4 [pid 5844] <... write resumed>) = 18 [pid 5846] write(3, "1000", 4 [pid 5845] <... write resumed>) = 4 [pid 5844] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT [pid 5846] <... write resumed>) = 4 [pid 5846] close(3 [pid 5845] close(3 [pid 5846] <... close resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5844] <... openat resumed>) = 3 [pid 5846] write(1, "executing program\n", 18executing program executing program [pid 5845] write(1, "executing program\n", 18 [pid 5844] dup(3 [pid 5846] <... write resumed>) = 18 [pid 5845] <... write resumed>) = 18 [pid 5844] <... dup resumed>) = 4 [pid 5846] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT [pid 5845] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT [pid 5846] <... openat resumed>) = 3 [pid 5845] <... openat resumed>) = 3 [pid 5844] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [pid 5846] dup(3 [pid 5845] dup(3 [pid 5846] <... dup resumed>) = 4 [pid 5845] <... dup resumed>) = 4 [pid 5846] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [pid 5845] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [pid 5841] dup(3 [pid 5839] dup(3 [pid 5841] <... dup resumed>) = 4 [pid 5839] <... dup resumed>) = 4 [pid 5841] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [ 119.943266][ T30] audit: type=1400 audit(1742082899.528:89): avc: denied { read write } for pid=5841 comm="syz-executor247" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 119.967747][ T30] audit: type=1400 audit(1742082899.528:90): avc: denied { open } for pid=5841 comm="syz-executor247" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [pid 5839] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [pid 5837] kill(-5839, SIGKILL) = 0 [pid 5837] kill(5839, SIGKILL [pid 5838] kill(-5841, SIGKILL [pid 5837] <... kill resumed>) = 0 [pid 5838] <... kill resumed>) = 0 [pid 5838] kill(5841, SIGKILL) = 0 [pid 5840] kill(-5844, SIGKILL) = 0 [pid 5840] kill(5844, SIGKILL) = 0 [pid 5843] kill(-5845, SIGKILL) = 0 [pid 5843] kill(5845, SIGKILL) = 0 [pid 5842] kill(-5846, SIGKILL) = 0 [pid 5842] kill(5846, SIGKILL) = 0 [pid 5843] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5837] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5843] <... openat resumed>) = 3 [pid 5842] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5843] newfstatat(3, "", [pid 5842] <... openat resumed>) = 3 [pid 5843] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] <... openat resumed>) = 3 [pid 5842] newfstatat(3, "", [pid 5838] <... openat resumed>) = 3 [pid 5837] <... openat resumed>) = 3 [pid 5843] getdents64(3, [pid 5837] newfstatat(3, "", [pid 5843] <... getdents64 resumed>0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5837] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] newfstatat(3, "", [pid 5838] newfstatat(3, "", [pid 5842] getdents64(3, 0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5840] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5838] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] getdents64(3, [pid 5840] getdents64(3, [pid 5838] getdents64(3, [pid 5842] <... getdents64 resumed>0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5842] close(3) = 0 [pid 5840] <... getdents64 resumed>0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, [pid 5838] <... getdents64 resumed>0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5840] <... getdents64 resumed>0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5838] getdents64(3, [pid 5840] close(3 [pid 5838] <... getdents64 resumed>0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5840] <... close resumed>) = 0 [pid 5838] close(3 [pid 5837] getdents64(3, [pid 5838] <... close resumed>) = 0 [pid 5843] getdents64(3, 0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5837] <... getdents64 resumed>0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5837] getdents64(3, 0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5843] close(3 [pid 5837] close(3 [pid 5843] <... close resumed>) = 0 [pid 5837] <... close resumed>) = 0 [pid 5844] <... fallocate resumed>) = ? [pid 5844] +++ killed by SIGKILL +++ [pid 5840] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5844, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=8084 /* 80.84 s */} --- [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5853 attached [pid 5853] set_robust_list(0x555589fcb660, 24) = 0 [pid 5840] <... clone resumed>, child_tidptr=0x555589fcb650) = 5853 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5853] setpgid(0, 0) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3) = 0 executing program [pid 5853] write(1, "executing program\n", 18) = 18 [pid 5853] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_DIRECT) = 3 [pid 5853] dup(3) = 4 [pid 5853] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 17592202829824 [pid 5840] kill(-5853, SIGKILL) = 0 [pid 5840] kill(5853, SIGKILL) = 0 [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5840] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] getdents64(3, 0x555589fcc6f0 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, 0x555589fcc6f0 /* 0 entries */, 32768) = 0 [pid 5840] close(3) = 0 [ 286.109368][ T31] INFO: task syz-executor247:5839 blocked for more than 143 seconds. [ 286.119084][ T31] Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 286.128544][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.138560][ T31] task:syz-executor247 state:D stack:27280 pid:5839 tgid:5839 ppid:5837 task_flags:0x400040 flags:0x00004006 [ 286.151830][ T31] Call Trace: [ 286.156130][ T31] [ 286.160405][ T31] __schedule+0xf43/0x5890 [ 286.164853][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 286.171427][ T31] ? mark_lock+0xb5/0xc60 [ 286.182822][ T31] ? __pfx_mark_lock+0x10/0x10 [ 286.187613][ T31] ? __pfx___schedule+0x10/0x10 [ 286.199505][ T31] ? schedule+0x298/0x350 [ 286.204865][ T31] ? __pfx_lock_release+0x10/0x10 [ 286.211355][ T31] ? lock_acquire+0x2f/0xb0 [ 286.217183][ T31] ? schedule+0x1fd/0x350 [ 286.222560][ T31] schedule+0xe7/0x350 [ 286.226640][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.233484][ T31] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.240556][ T31] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.247731][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.262876][ T31] ? lock_acquire+0x2f/0xb0 [ 286.267404][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.273066][ T31] down_write+0x1d8/0x200 [ 286.277415][ T31] ? __pfx_down_write+0x10/0x10 [ 286.282924][ T31] ? inode_security+0x101/0x130 [ 286.288408][ T31] blkdev_fallocate+0x1d1/0x380 [ 286.293944][ T31] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.299960][ T31] vfs_fallocate+0x60d/0x10d0 [ 286.305291][ T31] ? __pfx_vfs_fallocate+0x10/0x10 [ 286.311113][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.316900][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.322142][ T31] __x64_sys_fallocate+0xd5/0x150 [ 286.327168][ T31] do_syscall_64+0xcd/0x250 [ 286.331728][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.337633][ T31] RIP: 0033:0x7fbd5e89db29 [ 286.342644][ T31] RSP: 002b:00007ffd41661538 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.351735][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbd5e89db29 [ 286.360304][ T31] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.368897][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.377524][ T31] R10: 0000100001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.386150][ T31] R13: 00007ffd41661758 R14: 00007ffd41661560 R15: 00007ffd41661550 [ 286.394889][ T31] [ 286.397928][ T31] INFO: task syz-executor247:5841 blocked for more than 143 seconds. [ 286.406815][ T31] Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 286.414495][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.423180][ T31] task:syz-executor247 state:D stack:27280 pid:5841 tgid:5841 ppid:5838 task_flags:0x400040 flags:0x00004006 [ 286.435148][ T31] Call Trace: [ 286.439008][ T31] [ 286.442025][ T31] __schedule+0xf43/0x5890 [ 286.446441][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 286.451753][ T31] ? mark_lock+0xb5/0xc60 [ 286.456091][ T31] ? __pfx_mark_lock+0x10/0x10 [ 286.461582][ T31] ? __pfx___schedule+0x10/0x10 [ 286.467059][ T31] ? schedule+0x298/0x350 [ 286.472057][ T31] ? __pfx_lock_release+0x10/0x10 [ 286.477716][ T31] ? lock_acquire+0x2f/0xb0 [ 286.482899][ T31] ? schedule+0x1fd/0x350 [ 286.487851][ T31] schedule+0xe7/0x350 [ 286.492586][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.498058][ T31] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.503876][ T31] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.510095][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.515758][ T31] ? lock_acquire+0x2f/0xb0 [ 286.520919][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.526566][ T31] down_write+0x1d8/0x200 [ 286.531571][ T31] ? __pfx_down_write+0x10/0x10 [ 286.537054][ T31] ? inode_security+0x101/0x130 [ 286.542567][ T31] blkdev_fallocate+0x1d1/0x380 [ 286.548063][ T31] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.554124][ T31] vfs_fallocate+0x60d/0x10d0 [ 286.558808][ T31] ? __pfx_vfs_fallocate+0x10/0x10 [ 286.563946][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.569184][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.574390][ T31] __x64_sys_fallocate+0xd5/0x150 [ 286.579446][ T31] do_syscall_64+0xcd/0x250 [ 286.583956][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.589889][ T31] RIP: 0033:0x7fbd5e89db29 [ 286.594938][ T31] RSP: 002b:00007ffd41661538 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.604018][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbd5e89db29 [ 286.612688][ T31] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.621307][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.629923][ T31] R10: 0000100001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.638510][ T31] R13: 00007ffd41661758 R14: 00007ffd41661560 R15: 00007ffd41661550 [ 286.647160][ T31] [ 286.651021][ T31] INFO: task syz-executor247:5846 blocked for more than 143 seconds. [ 286.659082][ T31] Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 286.667002][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.675732][ T31] task:syz-executor247 state:D stack:28368 pid:5846 tgid:5846 ppid:5842 task_flags:0x400040 flags:0x00004006 [ 286.687707][ T31] Call Trace: [ 286.691033][ T31] [ 286.693968][ T31] __schedule+0xf43/0x5890 [ 286.698392][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 286.704207][ T31] ? mark_lock+0xb5/0xc60 [ 286.708545][ T31] ? __pfx_mark_lock+0x10/0x10 [ 286.713383][ T31] ? __pfx___schedule+0x10/0x10 [ 286.718241][ T31] ? schedule+0x298/0x350 [ 286.723184][ T31] ? __pfx_lock_release+0x10/0x10 [ 286.728233][ T31] ? lock_acquire+0x2f/0xb0 [ 286.732796][ T31] ? schedule+0x1fd/0x350 [ 286.737707][ T31] schedule+0xe7/0x350 [ 286.742471][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.748575][ T31] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.755106][ T31] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.761947][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.767606][ T31] ? lock_acquire+0x2f/0xb0 [ 286.772179][ T31] ? blkdev_fallocate+0x1d1/0x380 [ 286.777213][ T31] down_write+0x1d8/0x200 [ 286.781582][ T31] ? __pfx_down_write+0x10/0x10 [ 286.786437][ T31] ? inode_security+0x101/0x130 [ 286.791965][ T31] blkdev_fallocate+0x1d1/0x380 [ 286.797430][ T31] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.803439][ T31] vfs_fallocate+0x60d/0x10d0 [ 286.808800][ T31] ? __pfx_vfs_fallocate+0x10/0x10 [ 286.814524][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.820410][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.826245][ T31] __x64_sys_fallocate+0xd5/0x150 [ 286.832027][ T31] do_syscall_64+0xcd/0x250 [ 286.836540][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.842474][ T31] RIP: 0033:0x7fbd5e89db29 [ 286.846886][ T31] RSP: 002b:00007ffd41661538 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.855359][ T31] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbd5e89db29 [ 286.863364][ T31] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.872004][ T31] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.880780][ T31] R10: 0000100001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.889445][ T31] R13: 00007ffd41661758 R14: 00007ffd41661560 R15: 00007ffd41661550 [ 286.898017][ T31] [ 286.901721][ T31] [ 286.901721][ T31] Showing all locks held in the system: [ 286.939303][ T31] 1 lock held by ksoftirqd/0/17: [ 286.944268][ T31] 1 lock held by khungtaskd/31: [ 286.959131][ T31] #0: ffffffff8e1bd140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 286.969067][ T31] 1 lock held by klogd/5183: [ 287.009167][ T31] 2 locks held by getty/5589: [ 287.013868][ T31] #0: ffff888035fca0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.054927][ T31] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 287.099747][ T31] 1 lock held by syz-executor247/5839: [ 287.105236][ T31] #0: ffff888023b670c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1d1/0x380 [ 287.149253][ T31] 1 lock held by syz-executor247/5841: [ 287.155357][ T31] #0: ffff888023b670c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1d1/0x380 [ 287.166705][ T31] 2 locks held by syz-executor247/5845: [ 287.172946][ T31] 1 lock held by syz-executor247/5846: [ 287.179128][ T31] #0: ffff888023b670c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1d1/0x380 [ 287.190622][ T31] 1 lock held by syz-executor247/5853: [ 287.196078][ T31] #0: ffff888023b670c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1d1/0x380 [ 287.206793][ T31] [ 287.211300][ T31] ============================================= [ 287.211300][ T31] [ 287.220321][ T31] NMI backtrace for cpu 0 [ 287.220331][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 287.220350][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.220359][ T31] Call Trace: [ 287.220363][ T31] [ 287.220370][ T31] dump_stack_lvl+0x116/0x1f0 [ 287.220396][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 287.220414][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.220437][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 287.220456][ T31] watchdog+0xf62/0x12b0 [ 287.220485][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.220508][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.220530][ T31] ? __kthread_parkme+0x148/0x220 [ 287.220547][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.220572][ T31] kthread+0x3af/0x750 [ 287.220592][ T31] ? __pfx_kthread+0x10/0x10 [ 287.220616][ T31] ? __pfx_kthread+0x10/0x10 [ 287.220636][ T31] ret_from_fork+0x45/0x80 [ 287.220657][ T31] ? __pfx_kthread+0x10/0x10 [ 287.220676][ T31] ret_from_fork_asm+0x1a/0x30 [ 287.220704][ T31] [ 287.220709][ T31] Sending NMI from CPU 0 to CPUs 1: [ 287.342629][ C1] NMI backtrace for cpu 1 [ 287.342641][ C1] CPU: 1 UID: 0 PID: 5183 Comm: klogd Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 287.342656][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.342663][ C1] RIP: 0010:check_preemption_disabled+0x8/0xe0 [ 287.342688][ C1] Code: aa 74 85 c0 74 04 90 0f 0b 90 e9 53 fc ff ff 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 55 53 48 83 ec 08 <65> 8b 1d 4d 4d ac 74 65 8b 05 42 4d ac 74 a9 ff ff ff 7f 74 0f 48 [ 287.342699][ C1] RSP: 0018:ffffc90003d4f758 EFLAGS: 00000092 [ 287.342710][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff81c1a755 [ 287.342718][ C1] RDX: fffffbfff20c4ca3 RSI: ffffffff8bd36b20 RDI: ffffffff8bd36b60 [ 287.342726][ C1] RBP: 000000000003d94c R08: 0000000000000000 R09: fffffbfff20c4ca2 [ 287.342733][ C1] R10: ffffffff90626517 R11: 0000000000000001 R12: ffffea000149e200 [ 287.342741][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88804e2d8000 [ 287.342749][ C1] FS: 00007fc7fe0dd500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 287.342762][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.342770][ C1] CR2: 0000555f71cab028 CR3: 000000007821e000 CR4: 00000000003526f0 [ 287.342778][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.342785][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.342793][ C1] Call Trace: [ 287.342797][ C1] [ 287.342802][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 287.342816][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.342832][ C1] ? nmi_handle+0x1ac/0x5d0 [ 287.342850][ C1] ? check_preemption_disabled+0x8/0xe0 [ 287.342866][ C1] ? default_do_nmi+0x6a/0x160 [ 287.342877][ C1] ? exc_nmi+0x170/0x1e0 [ 287.342888][ C1] ? end_repeat_nmi+0xf/0x53 [ 287.342906][ C1] ? trace_irq_disable.constprop.0+0x35/0x140 [ 287.342925][ C1] ? check_preemption_disabled+0x8/0xe0 [ 287.342942][ C1] ? check_preemption_disabled+0x8/0xe0 [ 287.342958][ C1] ? check_preemption_disabled+0x8/0xe0 [ 287.342974][ C1] [ 287.342977][ C1] [ 287.342982][ C1] rcu_is_watching+0x12/0xc0 [ 287.342995][ C1] trace_irq_disable.constprop.0+0xea/0x140 [ 287.343013][ C1] _raw_spin_lock_irqsave+0x52/0x60 [ 287.343027][ C1] __put_partials+0xc3/0x170 [ 287.343046][ C1] qlist_free_all+0x4e/0x120 [ 287.343058][ C1] kasan_quarantine_reduce+0x195/0x1e0 [ 287.343070][ C1] __kasan_kmalloc+0x8a/0xb0 [ 287.343083][ C1] __kmalloc_node_track_caller_noprof+0x222/0x510 [ 287.343097][ C1] ? rcu_watching_snap_stopped_since+0x71/0x110 [ 287.343110][ C1] ? __alloc_skb+0x164/0x380 [ 287.343128][ C1] kmalloc_reserve+0xef/0x2c0 [ 287.343141][ C1] __alloc_skb+0x164/0x380 [ 287.343157][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 287.343173][ C1] ? find_held_lock+0x2d/0x110 [ 287.343187][ C1] alloc_skb_with_frags+0xe4/0x850 [ 287.343199][ C1] ? __pfx_lock_release+0x10/0x10 [ 287.343214][ C1] ? trace_lock_acquire+0x14e/0x1f0 [ 287.343229][ C1] sock_alloc_send_pskb+0x7f1/0x980 [ 287.343247][ C1] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 287.343262][ C1] ? selinux_socket_getpeersec_dgram+0x1a5/0x370 [ 287.343279][ C1] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 287.343298][ C1] unix_dgram_sendmsg+0x45e/0x1880 [ 287.343319][ C1] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 287.343338][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 287.343353][ C1] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.343375][ C1] __sys_sendto+0x488/0x4f0 [ 287.343391][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 287.343409][ C1] ? rcu_is_watching+0x12/0xc0 [ 287.343424][ C1] ? xfd_validate_state+0x5d/0x180 [ 287.343440][ C1] ? rcu_is_watching+0x12/0xc0 [ 287.343453][ C1] __x64_sys_sendto+0xe0/0x1c0 [ 287.343468][ C1] ? do_syscall_64+0x91/0x250 [ 287.343483][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.343497][ C1] do_syscall_64+0xcd/0x250 [ 287.343513][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.343528][ C1] RIP: 0033:0x7fc7fe23f9b5 [ 287.343538][ C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.343555][ C1] RSP: 002b:00007ffd5f012628 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.343566][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc7fe23f9b5 [ 287.343574][ C1] RDX: 0000000000000050 RSI: 0000555f71ca9060 RDI: 0000000000000003 [ 287.343581][ C1] RBP: 0000555f71ca32c0 R08: 0000000000000000 R09: 0000000000000000 [ 287.343588][ C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.343595][ C1] R13: 00007fc7fe3cd212 R14: 00007ffd5f012728 R15: 0000000000000000 [ 287.343606][ C1] [ 287.344269][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 287.810643][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc6-syzkaller-00205-g3571e8b091f4 #0 [ 287.821118][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.831152][ T31] Call Trace: [ 287.834411][ T31] [ 287.837324][ T31] dump_stack_lvl+0x3d/0x1f0 [ 287.841903][ T31] panic+0x71d/0x800 [ 287.845781][ T31] ? __pfx_panic+0x10/0x10 [ 287.850179][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 287.855533][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.861502][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 287.866860][ T31] ? watchdog+0xdcc/0x12b0 [ 287.871262][ T31] ? watchdog+0xdbf/0x12b0 [ 287.875666][ T31] watchdog+0xddd/0x12b0 [ 287.879894][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.884555][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.889734][ T31] ? __kthread_parkme+0x148/0x220 [ 287.894736][ T31] ? __pfx_watchdog+0x10/0x10 [ 287.899397][ T31] kthread+0x3af/0x750 [ 287.903446][ T31] ? __pfx_kthread+0x10/0x10 [ 287.908019][ T31] ? __pfx_kthread+0x10/0x10 [ 287.912590][ T31] ret_from_fork+0x45/0x80 [ 287.916987][ T31] ? __pfx_kthread+0x10/0x10 [ 287.921557][ T31] ret_from_fork_asm+0x1a/0x30 [ 287.926308][ T31] [ 287.929482][ T31] Kernel Offset: disabled [ 287.933794][ T31] Rebooting in 86400 seconds..