./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1763152870 <...> DUID 00:04:4f:52:9e:ef:28:bc:79:ad:2a:9e:d1:97:f2:e1:e7:a4 forked to background, child pid 4665 [ 20.120887][ T4666] 8021q: adding VLAN 0 to HW filter on device bond0 [ 20.130614][ T4666] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.49' (ECDSA) to the list of known hosts. execve("./syz-executor1763152870", ["./syz-executor1763152870"], 0x7ffe811a1d70 /* 10 vars */) = 0 brk(NULL) = 0x555556361000 brk(0x555556361c40) = 0x555556361c40 arch_prctl(ARCH_SET_FS, 0x555556361300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1763152870", 4096) = 28 brk(0x555556382c40) = 0x555556382c40 brk(0x555556383000) = 0x555556383000 mprotect(0x7ff20552a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4997 attached , child_tidptr=0x5555563615d0) = 4997 [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4996] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 4998 attached [pid 4998] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 4997] <... clone resumed>, child_tidptr=0x5555563615d0) = 4998 ./strace-static-x86_64: Process 4999 attached [pid 4996] <... clone resumed>, child_tidptr=0x5555563615d0) = 4999 [pid 4996] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] <... prctl resumed>) = 0 [pid 4998] setpgid(0, 0./strace-static-x86_64: Process 5000 attached [pid 4996] <... clone resumed>, child_tidptr=0x5555563615d0) = 5000 [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] <... setpgid resumed>) = 0 [pid 4998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 4996] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] <... openat resumed>) = 3 [pid 4998] write(3, "1000", 4) = 4 [pid 4998] close(3) = 0 [pid 4998] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 4996] <... clone resumed>, child_tidptr=0x5555563615d0) = 5001 [pid 4996] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4998] <... openat resumed>) = 3 [pid 4998] dup(3) = 4 [pid 4998] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 4996] <... clone resumed>, child_tidptr=0x5555563615d0) = 5002 [pid 4996] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 4999] <... clone resumed>, child_tidptr=0x5555563615d0) = 5003 [pid 4996] <... clone resumed>, child_tidptr=0x5555563615d0) = 5004 ./strace-static-x86_64: Process 5003 attached [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5001 attached [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5000] <... clone resumed>, child_tidptr=0x5555563615d0) = 5005 [pid 5003] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5005 attached [pid 5003] setpgid(0, 0) = 0 [pid 5003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5003] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5002 attached [pid 5005] setpgid(0, 0 [pid 5003] write(3, "1000", 4) = 4 [pid 5005] <... setpgid resumed>) = 0 [pid 5003] close(3 [pid 5005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5003] <... close resumed>) = 0 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5001] <... clone resumed>, child_tidptr=0x5555563615d0) = 5006 [pid 5003] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5005] <... openat resumed>) = 3 [pid 5003] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5004 attached [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5006 attached [pid 5003] dup(3 [pid 5005] write(3, "1000", 4) = 4 [pid 5003] <... dup resumed>) = 4 [pid 5003] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5006] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] close(3 [pid 5006] <... prctl resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5005] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5006] setpgid(0, 0 [pid 5005] <... openat resumed>) = 3 [pid 5006] <... setpgid resumed>) = 0 [pid 5005] dup(3 [pid 5006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5005] <... dup resumed>) = 4 ./strace-static-x86_64: Process 5007 attached [pid 5005] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5006] <... openat resumed>) = 3 [pid 5002] <... clone resumed>, child_tidptr=0x5555563615d0) = 5008 [pid 5006] write(3, "1000", 4) = 4 [pid 5007] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5006] close(3 [pid 5004] <... clone resumed>, child_tidptr=0x5555563615d0) = 5007 [pid 5006] <... close resumed>) = 0 [pid 5007] setpgid(0, 0 [pid 5006] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5007] <... setpgid resumed>) = 0 [pid 5006] <... openat resumed>) = 3 [pid 5006] dup(3 [pid 5007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5006] <... dup resumed>) = 4 [pid 5007] <... openat resumed>) = 3 [pid 5006] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5007] write(3, "1000", 4) = 4 [pid 5007] close(3) = 0 ./strace-static-x86_64: Process 5008 attached [pid 5007] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5008] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5007] <... openat resumed>) = 3 [pid 5008] <... prctl resumed>) = 0 [pid 5007] dup(3 [pid 5008] setpgid(0, 0 [pid 5007] <... dup resumed>) = 4 [pid 5008] <... setpgid resumed>) = 0 [pid 5007] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5008] write(3, "1000", 4) = 4 [pid 5008] close(3) = 0 [pid 5008] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5008] dup(3) = 4 [pid 5008] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 4997] kill(-4998, SIGKILL) = 0 [pid 4997] kill(4998, SIGKILL) = 0 [pid 4999] kill(-5003, SIGKILL) = 0 [pid 4999] kill(5003, SIGKILL) = 0 [pid 5000] kill(-5005, SIGKILL) = 0 [pid 5000] kill(5005, SIGKILL) = 0 [pid 5001] kill(-5006, SIGKILL) = 0 [pid 5001] kill(5006, SIGKILL) = 0 [pid 5002] kill(-5008, SIGKILL) = 0 [pid 5002] kill(5008, SIGKILL) = 0 [pid 5004] kill(-5007, SIGKILL) = 0 [pid 5004] kill(5007, SIGKILL) = 0 [pid 5000] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4997] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4999] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4997] <... openat resumed>) = 3 [pid 4999] <... openat resumed>) = 3 [pid 4999] fstat(3, [pid 5000] <... openat resumed>) = 3 [pid 4999] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 4999] getdents64(3, [pid 5000] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5000] getdents64(3, [pid 4999] <... getdents64 resumed>0x555556362620 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 4999] close(3) = 0 [pid 5000] <... getdents64 resumed>0x555556362620 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5004] fstat(3, [pid 4997] fstat(3, [pid 5002] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5004] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5002] <... openat resumed>) = 3 [pid 4997] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5002] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5004] getdents64(3, [pid 5002] getdents64(3, [pid 5004] <... getdents64 resumed>0x555556362620 /* 2 entries */, 32768) = 48 [pid 5002] <... getdents64 resumed>0x555556362620 /* 2 entries */, 32768) = 48 [pid 4997] getdents64(3, [pid 5004] getdents64(3, [pid 5002] getdents64(3, [pid 5004] <... getdents64 resumed>0x555556362620 /* 0 entries */, 32768) = 0 [pid 5002] <... getdents64 resumed>0x555556362620 /* 0 entries */, 32768) = 0 [pid 4997] <... getdents64 resumed>0x555556362620 /* 2 entries */, 32768) = 48 [pid 5002] close(3) = 0 [pid 5004] close(3 [pid 4997] getdents64(3, [pid 5004] <... close resumed>) = 0 [pid 5001] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 4997] <... getdents64 resumed>0x555556362620 /* 0 entries */, 32768) = 0 [pid 5001] <... openat resumed>) = 3 [pid 4997] close(3 [pid 5001] fstat(3, [pid 4997] <... close resumed>) = 0 [pid 5001] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5001] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 5001] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 5001] close(3) = 0 syzkaller login: [ 70.486065][ T1022] cfg80211: failed to load regulatory.db [pid 4998] <... fallocate resumed>) = ? [pid 4998] +++ killed by SIGKILL +++ [pid 4997] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=4998, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3347 /* 33.47 s */} --- [pid 4997] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563615d0) = 5019 ./strace-static-x86_64: Process 5019 attached [pid 5019] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5019] setpgid(0, 0) = 0 [pid 5019] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5019] write(3, "1000", 4) = 4 [pid 5019] close(3) = 0 [pid 5019] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5019] dup(3) = 4 [pid 5019] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 4997] kill(-5019, SIGKILL) = 0 [pid 4997] kill(5019, SIGKILL) = 0 [pid 4997] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4997] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 4997] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 4997] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 4997] close(3) = 0 [pid 5003] <... fallocate resumed>) = ? [pid 5003] +++ killed by SIGKILL +++ [pid 4999] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5003, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3322 /* 33.22 s */} --- [pid 4999] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563615d0) = 5026 ./strace-static-x86_64: Process 5026 attached [pid 5026] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5026] setpgid(0, 0) = 0 [pid 5026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5026] write(3, "1000", 4) = 4 [pid 5026] close(3) = 0 [pid 5026] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5026] dup(3) = 4 [pid 5026] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 4999] kill(-5026, SIGKILL) = 0 [pid 4999] kill(5026, SIGKILL) = 0 [pid 4999] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 4999] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 4999] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 4999] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 4999] close(3) = 0 [pid 5005] <... fallocate resumed>) = ? [pid 5005] +++ killed by SIGKILL +++ [pid 5000] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5005, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3295 /* 32.95 s */} --- [pid 5000] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5027 attached , child_tidptr=0x5555563615d0) = 5027 [pid 5027] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5027] setpgid(0, 0) = 0 [pid 5027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5027] write(3, "1000", 4) = 4 [pid 5027] close(3) = 0 [pid 5027] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5027] dup(3) = 4 [pid 5027] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5000] kill(-5027, SIGKILL) = 0 [pid 5000] kill(5027, SIGKILL) = 0 [pid 5000] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5000] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5000] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 5000] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 5000] close(3) = 0 [pid 5006] <... fallocate resumed>) = ? [pid 5006] +++ killed by SIGKILL +++ [pid 5001] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5006, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3309 /* 33.09 s */} --- [pid 5001] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563615d0) = 5034 ./strace-static-x86_64: Process 5034 attached [pid 5034] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5034] setpgid(0, 0) = 0 [pid 5034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5034] write(3, "1000", 4) = 4 [pid 5034] close(3) = 0 [pid 5034] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5034] dup(3) = 4 [pid 5034] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5001] kill(-5034, SIGKILL) = 0 [pid 5001] kill(5034, SIGKILL) = 0 [pid 5001] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5001] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5001] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 5001] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 5001] close(3) = 0 [pid 5007] <... fallocate resumed>) = ? [pid 5007] +++ killed by SIGKILL +++ [pid 5004] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5007, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3327 /* 33.27 s */} --- [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563615d0) = 5035 ./strace-static-x86_64: Process 5035 attached [pid 5035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5035] setpgid(0, 0) = 0 [pid 5035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5035] write(3, "1000", 4) = 4 [pid 5035] close(3) = 0 [pid 5035] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5035] dup(3) = 4 [pid 5035] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 281474993496064 [pid 5004] kill(-5035, SIGKILL) = 0 [pid 5004] kill(5035, SIGKILL) = 0 [pid 5004] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5004] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5004] getdents64(3, 0x555556362620 /* 2 entries */, 32768) = 48 [pid 5004] getdents64(3, 0x555556362620 /* 0 entries */, 32768) = 0 [pid 5004] close(3) = 0 [ 285.515650][ T27] INFO: task syz-executor176:5019 blocked for more than 143 seconds. [ 285.524128][ T27] Not tainted 6.3.0-syzkaller-11301-g1ae78a14516b #0 [ 285.531587][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.540300][ T27] task:syz-executor176 state:D stack:28240 pid:5019 ppid:4997 flags:0x00004004 [ 285.549724][ T27] Call Trace: [ 285.553193][ T27] [ 285.556398][ T27] __schedule+0xc9a/0x5880 [ 285.561071][ T27] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 285.567274][ T27] ? print_usage_bug.part.0+0x660/0x660 [ 285.573041][ T27] ? io_schedule_timeout+0x150/0x150 [ 285.578465][ T27] ? rwsem_down_write_slowpath+0x3b8/0x1220 [ 285.584603][ T27] schedule+0xde/0x1a0 [ 285.588891][ T27] schedule_preempt_disabled+0x13/0x20 [ 285.594543][ T27] rwsem_down_write_slowpath+0x3e2/0x1220 [ 285.600559][ T27] ? down_timeout+0x90/0x90 [ 285.605326][ T27] ? lock_sync+0x190/0x190 [ 285.610006][ T27] down_write+0x1d2/0x200 [ 285.614572][ T27] ? rwsem_down_write_slowpath+0x1220/0x1220 [ 285.620808][ T27] blkdev_fallocate+0x1e8/0x420 [ 285.625701][ T27] ? blkdev_writepage+0x30/0x30 [ 285.630790][ T27] vfs_fallocate+0x48b/0xe40 [ 285.635630][ T27] __x64_sys_fallocate+0xd3/0x140 [ 285.640860][ T27] do_syscall_64+0x39/0xb0 [ 285.645491][ T27] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 285.651629][ T27] RIP: 0033:0x7ff2054bde29 [ 285.656301][ T27] RSP: 002b:00007ffff23e9c98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 285.665124][ T27] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007ff2054bde29 [ 285.673424][ T27] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 285.681653][ T27] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 285.689851][ T27] R10: 0001000001002000 R11: 0000000000000246 R12: 000000000000999f [ 285.698157][ T27] R13: 00007ffff23e9cac R14: 00007ffff23e9cc0 R15: 00007ffff23e9cb0 [ 285.706440][ T27] [ 285.709670][ T27] INFO: task syz-executor176:5026 blocked for more than 143 seconds. [ 285.718059][ T27] Not tainted 6.3.0-syzkaller-11301-g1ae78a14516b #0 [ 285.725565][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.734443][ T27] task:syz-executor176 state:D stack:28088 pid:5026 ppid:4999 flags:0x00004004 [ 285.743900][ T27] Call Trace: [ 285.747441][ T27] [ 285.750590][ T27] __schedule+0xc9a/0x5880 [ 285.755332][ T27] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 285.761548][ T27] ? print_usage_bug.part.0+0x660/0x660 [ 285.767365][ T27] ? io_schedule_timeout+0x150/0x150 [ 285.772887][ T27] ? rwsem_down_write_slowpath+0x3b8/0x1220 [ 285.779016][ T27] schedule+0xde/0x1a0 [ 285.783101][ T27] schedule_preempt_disabled+0x13/0x20 [ 285.788904][ T27] rwsem_down_write_slowpath+0x3e2/0x1220 [ 285.794866][ T27] ? down_timeout+0x90/0x90 [ 285.799589][ T27] ? lock_sync+0x190/0x190 [ 285.804227][ T27] down_write+0x1d2/0x200 [ 285.809353][ T27] ? rwsem_down_write_slowpath+0x1220/0x1220 [ 285.815929][ T27] blkdev_fallocate+0x1e8/0x420 [ 285.821012][ T27] ? blkdev_writepage+0x30/0x30 [ 285.826136][ T27] vfs_fallocate+0x48b/0xe40 [ 285.830755][ T27] __x64_sys_fallocate+0xd3/0x140 [ 285.835831][ T27] do_syscall_64+0x39/0xb0 [ 285.840268][ T27] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 285.846222][ T27] RIP: 0033:0x7ff2054bde29 [ 285.850837][ T27] RSP: 002b:00007ffff23e9c98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 285.859598][ T27] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007ff2054bde29 [ 285.867639][ T27] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 285.876004][ T27] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 285.884267][ T27] R10: 0001000001002000 R11: 0000000000000246 R12: 00000000000099a6 [ 285.892509][ T27] R13: 00007ffff23e9cac R14: 00007ffff23e9cc0 R15: 00007ffff23e9cb0 [ 285.900574][ T27] [ 285.903647][ T27] [ 285.903647][ T27] Showing all locks held in the system: [ 285.911609][ T27] 1 lock held by rcu_tasks_kthre/13: [ 285.917423][ T27] #0: ffffffff8c799630 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 285.928095][ T27] 1 lock held by rcu_tasks_trace/14: [ 285.933572][ T27] #0: ffffffff8c799330 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 285.944957][ T27] 1 lock held by khungtaskd/27: [ 285.950047][ T27] #0: ffffffff8c79a240 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340 [ 285.960225][ T27] 2 locks held by getty/4756: [ 285.965096][ T27] #0: ffff88802883c098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 285.974938][ T27] #1: ffffc900015a02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 285.985328][ T27] 1 lock held by syz-executor176/5008: [ 285.990990][ T27] 1 lock held by syz-executor176/5019: [ 285.996799][ T27] #0: ffff888148c54ab0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e8/0x420 [ 286.007674][ T27] 1 lock held by syz-executor176/5026: [ 286.013317][ T27] #0: ffff888148c54ab0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e8/0x420 [ 286.024215][ T27] 1 lock held by syz-executor176/5027: [ 286.029922][ T27] #0: ffff888148c54ab0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e8/0x420 [ 286.040784][ T27] 1 lock held by syz-executor176/5034: [ 286.046369][ T27] #0: ffff888148c54ab0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e8/0x420 [ 286.057312][ T27] 1 lock held by syz-executor176/5035: [ 286.062962][ T27] #0: ffff888148c54ab0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e8/0x420 [ 286.073879][ T27] [ 286.076448][ T27] ============================================= [ 286.076448][ T27] [ 286.085046][ T27] NMI backtrace for cpu 1 [ 286.089385][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.3.0-syzkaller-11301-g1ae78a14516b #0 [ 286.098816][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 286.108850][ T27] Call Trace: [ 286.112108][ T27] [ 286.115019][ T27] dump_stack_lvl+0xd9/0x150 [ 286.119675][ T27] nmi_cpu_backtrace+0x29c/0x350 [ 286.124597][ T27] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.129875][ T27] nmi_trigger_cpumask_backtrace+0x2a4/0x300 [ 286.135845][ T27] watchdog+0xe16/0x1090 [ 286.140174][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.146147][ T27] kthread+0x344/0x440 [ 286.150208][ T27] ? kthread_complete_and_exit+0x40/0x40 [ 286.155830][ T27] ret_from_fork+0x1f/0x30 [ 286.160329][ T27] [ 286.163464][ T27] Sending NMI from CPU 1 to CPUs 0: [ 286.168700][ C0] NMI backtrace for cpu 0 [ 286.168707][ C0] CPU: 0 PID: 4441 Comm: klogd Not tainted 6.3.0-syzkaller-11301-g1ae78a14516b #0 [ 286.168719][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 286.168725][ C0] RIP: 0010:__lock_acquire+0x3a2/0x5df0 [ 286.168744][ C0] Code: 44 24 08 48 c1 ea 03 c1 e0 12 25 00 00 04 00 41 09 c6 8b 84 24 58 01 00 00 45 09 f7 45 09 cf c1 e0 15 41 09 c7 41 8b 44 24 20 <25> ff 1f 00 00 41 09 c7 48 b8 00 00 00 00 00 fc ff df 45 89 7c 24 [ 286.168754][ C0] RSP: 0018:ffffc9000318f3c8 EFLAGS: 00000006 [ 286.168764][ C0] RAX: 00000000000c0000 RBX: ffffffff91ff1e60 RCX: 0000000000000000 [ 286.168771][ C0] RDX: 1ffff1100fbef51a RSI: 0000000000000004 RDI: ffff88807df7a8d4 [ 286.168778][ C0] RBP: 0000000000000000 R08: 1ffff1100fbef515 R09: 0000000000000000 [ 286.168785][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807df7a8b0 [ 286.168791][ C0] R13: ffff88807df79dc0 R14: 0000000000040000 R15: 00000000000c0000 [ 286.168800][ C0] FS: 00007f0c89acd380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 286.168811][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.168819][ C0] CR2: 000055de612ad780 CR3: 0000000029fb1000 CR4: 0000000000350ef0 [ 286.168826][ C0] Call Trace: [ 286.168829][ C0] [ 286.168835][ C0] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.168852][ C0] ? print_usage_bug.part.0+0x660/0x660 [ 286.168868][ C0] lock_acquire+0x1b1/0x520 [ 286.168883][ C0] ? debug_check_no_obj_freed+0xcb/0x420 [ 286.168899][ C0] ? lock_sync+0x190/0x190 [ 286.168913][ C0] ? debug_check_no_obj_freed+0x210/0x420 [ 286.168927][ C0] ? lock_downgrade+0x690/0x690 [ 286.168942][ C0] ? _raw_spin_lock_irqsave+0x52/0x60 [ 286.168960][ C0] _raw_spin_lock_irqsave+0x3d/0x60 [ 286.168975][ C0] ? debug_check_no_obj_freed+0xcb/0x420 [ 286.168989][ C0] debug_check_no_obj_freed+0xcb/0x420 [ 286.169006][ C0] free_unref_page_prepare+0x202/0xcb0 [ 286.169024][ C0] free_unref_page+0x33/0x370 [ 286.169040][ C0] qlist_free_all+0x6a/0x170 [ 286.169053][ C0] kasan_quarantine_reduce+0x195/0x220 [ 286.169072][ C0] __kasan_slab_alloc+0x63/0x90 [ 286.169088][ C0] __kmem_cache_alloc_node+0x17c/0x320 [ 286.169104][ C0] ? __alloc_skb+0x129/0x330 [ 286.169117][ C0] ? __alloc_skb+0x129/0x330 [ 286.169128][ C0] __kmalloc_node_track_caller+0x4f/0x1a0 [ 286.169140][ C0] kmalloc_reserve+0xf0/0x270 [ 286.169152][ C0] __alloc_skb+0x129/0x330 [ 286.169163][ C0] ? __napi_build_skb+0x50/0x50 [ 286.169178][ C0] alloc_skb_with_frags+0x9a/0x6c0 [ 286.169192][ C0] ? print_usage_bug.part.0+0x660/0x660 [ 286.169208][ C0] sock_alloc_send_pskb+0x7a7/0x930 [ 286.169226][ C0] ? sk_dst_check+0x460/0x460 [ 286.169241][ C0] ? lock_downgrade+0x690/0x690 [ 286.169255][ C0] ? do_raw_spin_lock+0x124/0x2b0 [ 286.169270][ C0] ? spin_bug+0x1c0/0x1c0 [ 286.169286][ C0] unix_dgram_sendmsg+0x41b/0x1950 [ 286.169301][ C0] ? aa_sk_perm+0x31d/0xb10 [ 286.169312][ C0] ? unix_stream_sendpage+0xcc0/0xcc0 [ 286.169324][ C0] ? aa_af_perm+0x240/0x240 [ 286.169335][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 286.169347][ C0] ? unix_stream_sendpage+0xcc0/0xcc0 [ 286.169359][ C0] sock_sendmsg+0xde/0x190 [ 286.169370][ C0] __sys_sendto+0x23a/0x340 [ 286.169382][ C0] ? __ia32_sys_getpeername+0xb0/0xb0 [ 286.169395][ C0] ? lock_downgrade+0x690/0x690 [ 286.169411][ C0] ? rcu_is_watching+0x12/0xb0 [ 286.169428][ C0] ? __rseq_handle_notify_resume+0x5bd/0x10f0 [ 286.169443][ C0] ? __do_sys_rseq+0x7e0/0x7e0 [ 286.169455][ C0] ? unlock_page_memcg+0x2d0/0x2d0 [ 286.169471][ C0] ? security_capable+0x93/0xc0 [ 286.169484][ C0] __x64_sys_sendto+0xe1/0x1b0 [ 286.169496][ C0] ? syscall_enter_from_user_mode+0x26/0x80 [ 286.169510][ C0] do_syscall_64+0x39/0xb0 [ 286.169527][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.169543][ C0] RIP: 0033:0x7f0c89c2f9b5 [ 286.169552][ C0] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 286.169562][ C0] RSP: 002b:00007ffd0b7cf048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 286.169572][ C0] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0c89c2f9b5 [ 286.169579][ C0] RDX: 000000000000003d RSI: 0000558f3dc50a30 RDI: 0000000000000003 [ 286.169585][ C0] RBP: 0000558f3dc4c910 R08: 0000000000000000 R09: 0000000000000000 [ 286.169591][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 286.169598][ C0] R13: 00007f0c89dbd212 R14: 00007ffd0b7cf148 R15: 0000000000000000 [ 286.169608][ C0] [ 286.169961][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 286.623887][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.3.0-syzkaller-11301-g1ae78a14516b #0 [ 286.633327][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 286.643450][ T27] Call Trace: [ 286.646731][ T27] [ 286.649648][ T27] dump_stack_lvl+0xd9/0x150 [ 286.654223][ T27] panic+0x686/0x730 [ 286.658107][ T27] ? panic_smp_self_stop+0xa0/0xa0 [ 286.663206][ T27] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.668387][ T27] ? preempt_schedule_thunk+0x1a/0x20 [ 286.673757][ T27] ? watchdog+0xbe8/0x1090 [ 286.678199][ T27] watchdog+0xbf9/0x1090 [ 286.682567][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.688549][ T27] kthread+0x344/0x440 [ 286.692611][ T27] ? kthread_complete_and_exit+0x40/0x40 [ 286.698236][ T27] ret_from_fork+0x1f/0x30 [ 286.702651][ T27] [ 286.706602][ T27] Kernel Offset: disabled [ 286.710913][ T27] Rebooting in 86400 seconds..