./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1570398831 <...> forked to background, child pid 3182 no interfaces have a carrier [ 18.441154][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0 [ 18.450035][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.71' (ECDSA) to the list of known hosts. execve("./syz-executor1570398831", ["./syz-executor1570398831"], 0x7ffcd88c2040 /* 10 vars */) = 0 brk(NULL) = 0x555555caa000 brk(0x555555caac40) = 0x555555caac40 arch_prctl(ARCH_SET_FS, 0x555555caa300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1570398831", 4096) = 28 brk(0x555555ccbc40) = 0x555555ccbc40 brk(0x555555ccc000) = 0x555555ccc000 mprotect(0x7f1ba3518000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3604 attached , child_tidptr=0x555555caa5d0) = 3604 [pid 3603] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3605 attached [pid 3603] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3605 ./strace-static-x86_64: Process 3606 attached [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3604] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3606 ./strace-static-x86_64: Process 3607 attached [pid 3603] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3608 attached [pid 3607] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3606] <... prctl resumed>) = 0 [pid 3605] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3607 [pid 3603] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3608 [pid 3607] <... prctl resumed>) = 0 [pid 3603] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3607] setpgid(0, 0) = 0 [pid 3606] setpgid(0, 0 [pid 3603] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3609 [pid 3607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3603] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3609 attached [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3606] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 3610 attached [pid 3607] <... openat resumed>) = 3 [pid 3603] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3610 [pid 3610] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3607] write(3, "1000", 4 [pid 3603] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3607] <... write resumed>) = 4 [pid 3610] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3611 [pid 3607] close(3 [pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3603] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3612 [pid 3607] <... close resumed>) = 0 [pid 3607] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3607] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3606] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3612 attached [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3608] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3613 [pid 3606] write(3, "1000", 4) = 4 [pid 3606] close(3) = 0 ./strace-static-x86_64: Process 3613 attached ./strace-static-x86_64: Process 3611 attached [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3606] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY./strace-static-x86_64: Process 3614 attached [pid 3613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3609] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3614 [pid 3606] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3615 attached [pid 3614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3613] <... prctl resumed>) = 0 [pid 3606] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3614] <... prctl resumed>) = 0 [pid 3613] setpgid(0, 0 [pid 3612] <... clone resumed>, child_tidptr=0x555555caa5d0) = 3615 [pid 3614] setpgid(0, 0 [pid 3613] <... setpgid resumed>) = 0 [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3614] <... setpgid resumed>) = 0 [pid 3613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3613] <... openat resumed>) = 3 [pid 3614] <... openat resumed>) = 3 [pid 3613] write(3, "1000", 4 [pid 3615] <... prctl resumed>) = 0 [pid 3614] write(3, "1000", 4 [pid 3613] <... write resumed>) = 4 [pid 3611] <... prctl resumed>) = 0 [pid 3615] setpgid(0, 0 [pid 3614] <... write resumed>) = 4 [pid 3613] close(3 [pid 3611] setpgid(0, 0 [pid 3615] <... setpgid resumed>) = 0 [pid 3614] close(3 [pid 3613] <... close resumed>) = 0 [pid 3611] <... setpgid resumed>) = 0 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3614] <... close resumed>) = 0 [pid 3613] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY [pid 3611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3615] <... openat resumed>) = 3 [pid 3614] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY [pid 3613] <... openat resumed>) = 3 [pid 3611] <... openat resumed>) = 3 [pid 3615] write(3, "1000", 4 [pid 3614] <... openat resumed>) = 3 [pid 3613] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3611] write(3, "1000", 4 [pid 3615] <... write resumed>) = 4 [pid 3614] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3611] <... write resumed>) = 4 [pid 3615] close(3 [pid 3611] close(3 [pid 3615] <... close resumed>) = 0 [pid 3611] <... close resumed>) = 0 [pid 3615] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY [pid 3611] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY [pid 3615] <... openat resumed>) = 3 [pid 3611] <... openat resumed>) = 3 [pid 3615] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3611] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3605] kill(-3607, SIGKILL) = 0 [pid 3605] kill(3607, SIGKILL) = 0 [pid 3604] kill(-3606, SIGKILL) = 0 [pid 3604] kill(3606, SIGKILL) = 0 [pid 3610] kill(-3611, SIGKILL) = 0 [pid 3610] kill(3611, SIGKILL) = 0 [pid 3608] kill(-3613, SIGKILL) = 0 [pid 3608] kill(3613, SIGKILL) = 0 [pid 3609] kill(-3614, SIGKILL) = 0 [pid 3609] kill(3614, SIGKILL) = 0 [pid 3612] kill(-3615, SIGKILL) = 0 [pid 3612] kill(3615, SIGKILL) = 0 [pid 3610] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3610] fstat(3, [pid 3605] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3610] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3605] <... openat resumed>) = 3 [pid 3610] getdents64(3, [pid 3605] fstat(3, [pid 3610] <... getdents64 resumed>0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3605] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3610] getdents64(3, [pid 3605] getdents64(3, [pid 3610] <... getdents64 resumed>0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3605] <... getdents64 resumed>0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3610] close(3 [pid 3605] getdents64(3, [pid 3610] <... close resumed>) = 0 [pid 3605] <... getdents64 resumed>0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3605] close(3) = 0 [pid 3608] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3608] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3608] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3608] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3608] close(3) = 0 [pid 3604] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3604] fstat(3, [pid 3612] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3604] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3612] <... openat resumed>) = 3 [pid 3604] getdents64(3, [pid 3612] fstat(3, [pid 3604] <... getdents64 resumed>0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3612] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3612] getdents64(3, [pid 3604] getdents64(3, [pid 3612] <... getdents64 resumed>0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3604] <... getdents64 resumed>0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3612] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3604] close(3 [pid 3612] close(3) = 0 [pid 3604] <... close resumed>) = 0 [pid 3609] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3609] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3609] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3609] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3609] close(3) = 0 syzkaller login: [ 70.638005][ T142] cfg80211: failed to load regulatory.db [pid 3607] <... fallocate resumed>) = ? [pid 3607] +++ killed by SIGKILL +++ [pid 3605] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3607, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3248} --- [pid 3605] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555caa5d0) = 3628 ./strace-static-x86_64: Process 3628 attached [pid 3628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3628] setpgid(0, 0) = 0 [pid 3628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3628] write(3, "1000", 4) = 4 [pid 3628] close(3) = 0 [pid 3628] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3628] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3605] kill(-3628, SIGKILL) = 0 [pid 3605] kill(3628, SIGKILL) = 0 [pid 3605] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3605] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3605] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3605] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3605] close(3) = 0 [pid 3606] <... fallocate resumed>) = ? [pid 3606] +++ killed by SIGKILL +++ [pid 3604] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3606, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3101} --- [pid 3604] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555caa5d0) = 3634 ./strace-static-x86_64: Process 3634 attached [pid 3634] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3634] setpgid(0, 0) = 0 [pid 3634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3634] write(3, "1000", 4) = 4 [pid 3634] close(3) = 0 [pid 3634] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3634] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3604] kill(-3634, SIGKILL) = 0 [pid 3604] kill(3634, SIGKILL) = 0 [pid 3604] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3604] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3604] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3604] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3604] close(3) = 0 [pid 3613] <... fallocate resumed>) = ? [pid 3613] +++ killed by SIGKILL +++ [pid 3608] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3613, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3097} --- [pid 3608] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3635 attached , child_tidptr=0x555555caa5d0) = 3635 [pid 3635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3635] setpgid(0, 0) = 0 [pid 3635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3635] write(3, "1000", 4) = 4 [pid 3635] close(3) = 0 [pid 3635] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3635] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3608] kill(-3635, SIGKILL) = 0 [pid 3608] kill(3635, SIGKILL) = 0 [pid 3608] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3608] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3608] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3608] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3608] close(3) = 0 [pid 3614] <... fallocate resumed>) = ? [pid 3614] +++ killed by SIGKILL +++ [pid 3609] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3614, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3116} --- [pid 3609] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555caa5d0) = 3642 ./strace-static-x86_64: Process 3642 attached [pid 3642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3642] setpgid(0, 0) = 0 [pid 3642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3642] write(3, "1000", 4) = 4 [pid 3642] close(3) = 0 [pid 3642] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3642] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3609] kill(-3642, SIGKILL) = 0 [pid 3609] kill(3642, SIGKILL) = 0 [pid 3609] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3609] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3609] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3609] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3609] close(3) = 0 [pid 3615] <... fallocate resumed>) = ? [pid 3615] +++ killed by SIGKILL +++ [pid 3612] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3615, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3085} --- [pid 3612] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3643 attached , child_tidptr=0x555555caa5d0) = 3643 [pid 3643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3643] setpgid(0, 0) = 0 [pid 3643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3643] write(3, "1000", 4) = 4 [pid 3643] close(3) = 0 [pid 3643] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY) = 3 [pid 3643] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 562952100904960 [pid 3612] kill(-3643, SIGKILL) = 0 [pid 3612] kill(3643, SIGKILL) = 0 [pid 3612] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3612] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3612] getdents64(3, 0x555555cab620 /* 2 entries */, 32768) = 48 [pid 3612] getdents64(3, 0x555555cab620 /* 0 entries */, 32768) = 0 [pid 3612] close(3) = 0 [ 285.667686][ T29] INFO: task syz-executor157:3628 blocked for more than 143 seconds. [ 285.675895][ T29] Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0 [ 285.683246][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.692037][ T29] task:syz-executor157 state:D stack:28984 pid:3628 ppid:3605 flags:0x00004004 [ 285.701401][ T29] Call Trace: [ 285.704789][ T29] [ 285.707905][ T29] __schedule+0xadf/0x5270 [ 285.712443][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 285.718273][ T29] ? lock_release+0x560/0x780 [ 285.722964][ T29] ? lock_acquire+0x480/0x570 [ 285.727756][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 285.733329][ T29] ? lock_release+0x560/0x780 [ 285.738171][ T29] ? io_schedule_timeout+0x140/0x140 [ 285.743784][ T29] ? do_raw_spin_lock+0x120/0x2a0 [ 285.748996][ T29] ? rwlock_bug.part.0+0x90/0x90 [ 285.754044][ T29] ? lock_acquire+0x480/0x570 [ 285.758932][ T29] schedule+0xda/0x1b0 [ 285.763147][ T29] rwsem_down_write_slowpath+0x5fc/0x12d0 [ 285.769057][ T29] ? down_timeout+0x90/0x90 [ 285.773677][ T29] ? lock_acquire+0x480/0x570 [ 285.778543][ T29] ? lock_release+0x780/0x780 [ 285.783334][ T29] ? spin_bug+0xe0/0x100 [ 285.787766][ T29] down_write+0x1e4/0x220 [ 285.792221][ T29] ? down_write_killable_nested+0x250/0x250 [ 285.798321][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 285.803911][ T29] blkdev_fallocate+0x1e2/0x410 [ 285.808951][ T29] ? blkdev_writepage+0x30/0x30 [ 285.813927][ T29] vfs_fallocate+0x487/0xe00 [ 285.818717][ T29] __x64_sys_fallocate+0xcf/0x140 [ 285.823858][ T29] do_syscall_64+0x35/0xb0 [ 285.828559][ T29] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 285.834574][ T29] RIP: 0033:0x7f1ba34abe09 [ 285.839159][ T29] RSP: 002b:00007ffe2648cea8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 285.847705][ T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f1ba34abe09 [ 285.855781][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003 [ 285.863941][ T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 285.872034][ T29] R10: 0002000080000000 R11: 0000000000000246 R12: 000000000000ab36 [ 285.880194][ T29] R13: 00007ffe2648cebc R14: 00007ffe2648ced0 R15: 00007ffe2648cec0 [ 285.888378][ T29] [ 285.891498][ T29] INFO: task syz-executor157:3634 blocked for more than 143 seconds. [ 285.899772][ T29] Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0 [ 285.907092][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.916122][ T29] task:syz-executor157 state:D stack:28136 pid:3634 ppid:3604 flags:0x00004004 [ 285.925466][ T29] Call Trace: [ 285.928934][ T29] [ 285.932046][ T29] __schedule+0xadf/0x5270 [ 285.936585][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 285.942244][ T29] ? lock_release+0x560/0x780 [ 285.947148][ T29] ? lock_acquire+0x480/0x570 [ 285.952008][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 285.957660][ T29] ? lock_release+0x560/0x780 [ 285.962447][ T29] ? io_schedule_timeout+0x140/0x140 [ 285.967920][ T29] ? do_raw_spin_lock+0x120/0x2a0 [ 285.973058][ T29] ? rwlock_bug.part.0+0x90/0x90 [ 285.978269][ T29] ? lock_acquire+0x480/0x570 [ 285.983068][ T29] schedule+0xda/0x1b0 [ 285.987250][ T29] rwsem_down_write_slowpath+0x5fc/0x12d0 [ 285.993184][ T29] ? down_timeout+0x90/0x90 [ 285.997860][ T29] ? lock_acquire+0x480/0x570 [ 286.002698][ T29] ? lock_release+0x780/0x780 [ 286.007481][ T29] ? spin_bug+0xe0/0x100 [ 286.012013][ T29] down_write+0x1e4/0x220 [ 286.016471][ T29] ? down_write_killable_nested+0x250/0x250 [ 286.022566][ T29] ? rcu_read_lock_sched_held+0xd/0x70 [ 286.028175][ T29] blkdev_fallocate+0x1e2/0x410 [ 286.033151][ T29] ? blkdev_writepage+0x30/0x30 [ 286.038043][ T29] vfs_fallocate+0x487/0xe00 [ 286.042642][ T29] __x64_sys_fallocate+0xcf/0x140 [ 286.047682][ T29] do_syscall_64+0x35/0xb0 [ 286.052271][ T29] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.058289][ T29] RIP: 0033:0x7f1ba34abe09 [ 286.062804][ T29] RSP: 002b:00007ffe2648cea8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.071505][ T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f1ba34abe09 [ 286.079610][ T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003 [ 286.087768][ T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 286.095853][ T29] R10: 0002000080000000 R11: 0000000000000246 R12: 000000000000ab36 [ 286.103999][ T29] R13: 00007ffe2648cebc R14: 00007ffe2648ced0 R15: 00007ffe2648cec0 [ 286.112101][ T29] [ 286.115229][ T29] INFO: lockdep is turned off. [ 286.120190][ T29] NMI backtrace for cpu 1 [ 286.124510][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0 [ 286.133946][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 286.143977][ T29] Call Trace: [ 286.147233][ T29] [ 286.150143][ T29] dump_stack_lvl+0xcd/0x134 [ 286.154718][ T29] nmi_cpu_backtrace.cold+0x46/0x14f [ 286.159987][ T29] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.165180][ T29] nmi_trigger_cpumask_backtrace+0x206/0x250 [ 286.171332][ T29] watchdog+0xbf9/0xf30 [ 286.175570][ T29] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.181548][ T29] kthread+0x2e4/0x3a0 [ 286.185623][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.191331][ T29] ret_from_fork+0x1f/0x30 [ 286.195743][ T29] [ 286.198825][ T29] Sending NMI from CPU 1 to CPUs 0: [ 286.204037][ C0] NMI backtrace for cpu 0 [ 286.204047][ C0] CPU: 0 PID: 2959 Comm: klogd Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0 [ 286.204062][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 286.204070][ C0] RIP: 0010:qlist_free_all+0x39/0x170 [ 286.204089][ C0] Code: 8b 37 4d 85 f6 0f 84 11 01 00 00 49 bc 00 00 00 00 00 fc ff df 49 89 fd 48 89 f5 eb 4a 49 63 87 c0 00 00 00 4c 89 ff 49 8b 1e <49> 29 c6 4c 89 f6 e8 cc d9 ff ff 48 89 c1 0f 1f 44 00 00 4c 89 f0 [ 286.204102][ C0] RSP: 0018:ffffc9000312f8c8 EFLAGS: 00000202 [ 286.204113][ C0] RAX: 0000000000000000 RBX: ffff88808c66e600 RCX: 0000000000000000 [ 286.204122][ C0] RDX: 0000000000000000 RSI: ffffffff81364634 RDI: ffff8881401d9780 [ 286.204130][ C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 286.204138][ C0] R10: 0000000000000000 R11: 000000000008c000 R12: dffffc0000000000 [ 286.204146][ C0] R13: ffffc9000312f908 R14: ffff88808c66d500 R15: ffff8881401d9780 [ 286.204158][ C0] FS: 00007fc208b73800(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 286.204171][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.204180][ C0] CR2: 000055b4cac23990 CR3: 0000000026e56000 CR4: 0000000000350ef0 [ 286.204188][ C0] Call Trace: [ 286.204192][ C0] [ 286.204195][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 286.204218][ C0] kasan_quarantine_reduce+0x180/0x200 [ 286.204232][ C0] __kasan_kmalloc+0xbd/0xd0 [ 286.204250][ C0] __alloc_skb+0xd9/0x2f0 [ 286.204270][ C0] ? lock_acquire+0x480/0x570 [ 286.204285][ C0] alloc_skb_with_frags+0x93/0x6c0 [ 286.204299][ C0] ? lock_release+0x560/0x780 [ 286.204311][ C0] ? rcu_preempt_deferred_qs_irqrestore+0x57b/0xd60 [ 286.204329][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 286.204343][ C0] sock_alloc_send_pskb+0x7a3/0x930 [ 286.204364][ C0] ? task_cls_classid+0x370/0x370 [ 286.204381][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 286.204394][ C0] ? do_raw_spin_lock+0x120/0x2a0 [ 286.204408][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 286.204422][ C0] ? __rcu_read_unlock+0x29c/0x570 [ 286.204439][ C0] unix_dgram_sendmsg+0x415/0x1b50 [ 286.204460][ C0] ? aa_sk_perm+0x30f/0xaa0 [ 286.204478][ C0] ? unix_stream_sendpage+0xcc0/0xcc0 [ 286.204495][ C0] ? aa_af_perm+0x230/0x230 [ 286.204512][ C0] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 286.204532][ C0] ? unix_stream_sendpage+0xcc0/0xcc0 [ 286.204550][ C0] sock_sendmsg+0xcf/0x120 [ 286.204571][ C0] __sys_sendto+0x236/0x340 [ 286.204584][ C0] ? __ia32_sys_getpeername+0xb0/0xb0 [ 286.204601][ C0] ? lock_release+0x560/0x780 [ 286.204613][ C0] ? __ct_user_exit+0xff/0x150 [ 286.204626][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 286.204639][ C0] ? lock_downgrade+0x6e0/0x6e0 [ 286.204653][ C0] ? vtime_user_exit+0x218/0x6c0 [ 286.204673][ C0] __x64_sys_sendto+0xdd/0x1b0 [ 286.204686][ C0] ? syscall_enter_from_user_mode+0x22/0xb0 [ 286.204709][ C0] do_syscall_64+0x35/0xb0 [ 286.204726][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.204743][ C0] RIP: 0033:0x7fc208d0f0ac [ 286.204753][ C0] Code: 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 19 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 64 c3 0f 1f 00 55 48 83 ec 20 48 89 54 24 10 [ 286.204765][ C0] RSP: 002b:00007fffb0a2bbe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 286.204777][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc208d0f0ac [ 286.204785][ C0] RDX: 000000000000004d RSI: 0000555e841ccbc0 RDI: 0000000000000003 [ 286.204793][ C0] RBP: 0000555e841c8910 R08: 0000000000000000 R09: 0000000000000000 [ 286.204801][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000014 [ 286.204809][ C0] R13: 0000000000000001 R14: 00007fc208e8a77d R15: 00007fffb0a2bcf8 [ 286.204821][ C0] [ 286.205218][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 286.575533][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0 [ 286.584974][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 286.595011][ T29] Call Trace: [ 286.598274][ T29] [ 286.601191][ T29] dump_stack_lvl+0xcd/0x134 [ 286.605774][ T29] panic+0x2c8/0x622 [ 286.609663][ T29] ? panic_print_sys_info.part.0+0x10b/0x10b [ 286.615639][ T29] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.620829][ T29] ? preempt_schedule_thunk+0x16/0x18 [ 286.626196][ T29] ? watchdog.cold+0x130/0x158 [ 286.630955][ T29] watchdog.cold+0x141/0x158 [ 286.635538][ T29] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.641515][ T29] kthread+0x2e4/0x3a0 [ 286.645577][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.651285][ T29] ret_from_fork+0x1f/0x30 [ 286.655697][ T29] [ 286.659407][ T29] Kernel Offset: disabled [ 286.663713][ T29] Rebooting in 86400 seconds..