./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2668415531 <...> Warning: Permanently added '10.128.0.12' (ED25519) to the list of known hosts. execve("./syz-executor2668415531", ["./syz-executor2668415531"], 0x7ffffa8b3ae0 /* 10 vars */) = 0 brk(NULL) = 0x555586250000 brk(0x555586250d40) = 0x555586250d40 arch_prctl(ARCH_SET_FS, 0x5555862503c0) = 0 set_tid_address(0x555586250690) = 5854 set_robust_list(0x5555862506a0, 24) = 0 rseq(0x555586250ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2668415531", 4096) = 28 getrandom("\x25\x22\xa9\x22\x01\x11\xdb\x80", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555586250d40 brk(0x555586271d40) = 0x555586271d40 brk(0x555586272000) = 0x555586272000 mprotect(0x7ff7ab474000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached [pid 5855] set_robust_list(0x5555862506a0, 24 [pid 5854] <... clone resumed>, child_tidptr=0x555586250690) = 5855 [pid 5855] <... set_robust_list resumed>) = 0 [pid 5855] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5854] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5856 attached [pid 5855] <... clone resumed>, child_tidptr=0x555586250690) = 5856 ./strace-static-x86_64: Process 5857 attached [pid 5856] set_robust_list(0x5555862506a0, 24 [pid 5857] set_robust_list(0x5555862506a0, 24 [pid 5856] <... set_robust_list resumed>) = 0 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5856] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5858 attached [pid 5854] <... clone resumed>, child_tidptr=0x555586250690) = 5857 [pid 5856] setpgid(0, 0 [pid 5857] <... clone resumed>, child_tidptr=0x555586250690) = 5858 [pid 5856] <... setpgid resumed>) = 0 [pid 5854] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5858] set_robust_list(0x5555862506a0, 24 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5859 attached [pid 5858] <... set_robust_list resumed>) = 0 [pid 5859] set_robust_list(0x5555862506a0, 24 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5856] write(3, "1000", 4 [pid 5854] <... clone resumed>, child_tidptr=0x555586250690) = 5859 [pid 5859] <... set_robust_list resumed>) = 0 [pid 5856] <... write resumed>) = 4 [pid 5854] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5859] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5858] <... prctl resumed>) = 0 [pid 5856] close(3 [pid 5858] setpgid(0, 0 [pid 5856] <... close resumed>) = 0 ./strace-static-x86_64: Process 5861 attached ./strace-static-x86_64: Process 5860 attached [pid 5858] <... setpgid resumed>) = 0 executing program [pid 5856] write(1, "executing program\n", 18 [pid 5854] <... clone resumed>, child_tidptr=0x555586250690) = 5860 [pid 5861] set_robust_list(0x5555862506a0, 24 [pid 5860] set_robust_list(0x5555862506a0, 24 [pid 5859] <... clone resumed>, child_tidptr=0x555586250690) = 5861 [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5856] <... write resumed>) = 18 [pid 5854] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5860] <... set_robust_list resumed>) = 0 [pid 5861] <... set_robust_list resumed>) = 0 [pid 5860] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5858] <... openat resumed>) = 3 [pid 5856] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5862 attached [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5858] write(3, "1000", 4 [pid 5856] <... futex resumed>) = 0 [pid 5861] <... prctl resumed>) = 0 [pid 5858] <... write resumed>) = 4 [pid 5856] rt_sigaction(SIGRT_1, {sa_handler=0x7ff7ab4164d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff7ab407b50}, ./strace-static-x86_64: Process 5863 attached [pid 5854] <... clone resumed>, child_tidptr=0x555586250690) = 5862 [pid 5861] setpgid(0, 0 [pid 5858] close(3 [pid 5856] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5862] set_robust_list(0x5555862506a0, 24 [pid 5861] <... setpgid resumed>) = 0 [pid 5862] <... set_robust_list resumed>) = 0 [pid 5858] <... close resumed>) = 0 [pid 5856] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5863] set_robust_list(0x5555862506a0, 24 [pid 5862] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5860] <... clone resumed>, child_tidptr=0x555586250690) = 5863 [pid 5858] write(1, "executing program\n", 18 [pid 5856] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5856] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5861] <... openat resumed>) = 3 [pid 5858] <... write resumed>) = 18 [pid 5856] <... mmap resumed>) = 0x7ff7ab389000 [pid 5858] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5864 attached [pid 5863] <... set_robust_list resumed>) = 0 [pid 5861] write(3, "1000", 4 [pid 5858] <... futex resumed>) = 0 [pid 5856] mprotect(0x7ff7ab38a000, 131072, PROT_READ|PROT_WRITE [pid 5864] set_robust_list(0x5555862506a0, 24 [pid 5862] <... clone resumed>, child_tidptr=0x555586250690) = 5864 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5861] <... write resumed>) = 4 [pid 5858] rt_sigaction(SIGRT_1, {sa_handler=0x7ff7ab4164d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff7ab407b50}, [pid 5856] <... mprotect resumed>) = 0 [pid 5864] <... prctl resumed>) = 0 [pid 5863] <... prctl resumed>) = 0 [pid 5861] close(3 [pid 5858] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5856] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5864] setpgid(0, 0 [pid 5863] setpgid(0, 0 [pid 5861] <... close resumed>) = 0 [pid 5858] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5864] <... setpgid resumed>) = 0 [pid 5863] <... setpgid resumed>) = 0 executing program [pid 5861] write(1, "executing program\n", 18 [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5856] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5861] <... write resumed>) = 18 [pid 5858] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5856] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab3a9990, parent_tid=0x7ff7ab3a9990, exit_signal=0, stack=0x7ff7ab389000, stack_size=0x20300, tls=0x7ff7ab3a96c0} [pid 5861] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... mmap resumed>) = 0x7ff7ab389000 [pid 5864] <... openat resumed>) = 3 [pid 5863] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5865 attached [pid 5864] write(3, "1000", 4 [pid 5861] <... futex resumed>) = 0 [pid 5858] mprotect(0x7ff7ab38a000, 131072, PROT_READ|PROT_WRITE [pid 5864] <... write resumed>) = 4 [pid 5861] rt_sigaction(SIGRT_1, {sa_handler=0x7ff7ab4164d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff7ab407b50}, [pid 5858] <... mprotect resumed>) = 0 [pid 5865] rseq(0x7ff7ab3a9fe0, 0x20, 0, 0x53053053 [pid 5864] close(3 [pid 5863] write(3, "1000", 4 [pid 5861] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5858] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5856] <... clone3 resumed> => {parent_tid=[5865]}, 88) = 5865 [pid 5865] <... rseq resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5863] <... write resumed>) = 4 [pid 5861] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5858] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], [pid 5865] set_robust_list(0x7ff7ab3a99a0, 24 [pid 5864] write(1, "executing program\n", 18 [pid 5863] close(3 [pid 5861] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab3a9990, parent_tid=0x7ff7ab3a9990, exit_signal=0, stack=0x7ff7ab389000, stack_size=0x20300, tls=0x7ff7ab3a96c0}executing program [pid 5856] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5866 attached [pid 5865] <... set_robust_list resumed>) = 0 [pid 5864] <... write resumed>) = 18 [pid 5863] <... close resumed>) = 0 [pid 5861] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5856] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5866] rseq(0x7ff7ab3a9fe0, 0x20, 0, 0x53053053 [pid 5865] rt_sigprocmask(SIG_SETMASK, [], [pid 5864] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] write(1, "executing program\n", 18 [pid 5861] <... mmap resumed>) = 0x7ff7ab389000 [pid 5856] <... futex resumed>) = 0 [pid 5858] <... clone3 resumed> => {parent_tid=[5866]}, 88) = 5866 [pid 5864] <... futex resumed>) = 0 [pid 5864] rt_sigaction(SIGRT_1, {sa_handler=0x7ff7ab4164d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff7ab407b50}, executing program NULL, 8) = 0 [pid 5866] <... rseq resumed>) = 0 [pid 5865] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5861] mprotect(0x7ff7ab38a000, 131072, PROT_READ|PROT_WRITE [pid 5858] rt_sigprocmask(SIG_SETMASK, [], [pid 5856] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5866] set_robust_list(0x7ff7ab3a99a0, 24 [pid 5864] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5863] <... write resumed>) = 18 [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5866] <... set_robust_list resumed>) = 0 [pid 5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5861] <... mprotect resumed>) = 0 [pid 5866] rt_sigprocmask(SIG_SETMASK, [], [pid 5865] io_uring_setup(269, {flags=IORING_SETUP_SUBMIT_ALL, sq_thread_cpu=0x10000000, sq_thread_idle=0 [pid 5864] <... mmap resumed>) = 0x7ff7ab389000 [pid 5863] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5866] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] mprotect(0x7ff7ab38a000, 131072, PROT_READ|PROT_WRITE [pid 5863] <... futex resumed>) = 0 [pid 5861] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5858] <... futex resumed>) = 0 [pid 5866] io_uring_setup(269, {flags=IORING_SETUP_SUBMIT_ALL, sq_thread_cpu=0x10000000, sq_thread_idle=0 [pid 5865] <... io_uring_setup resumed>, sq_entries=512, cq_entries=1024, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE|0x3e000, sq_off={head=0, tail=4, ring_mask=16, ring_entries=24, flags=36, dropped=32, array=16448}, cq_off={head=8, tail=12, ring_mask=20, ring_entries=28, overflow=44, cqes=64, flags=40}}) = 3 [pid 5864] <... mprotect resumed>) = 0 [pid 5863] rt_sigaction(SIGRT_1, {sa_handler=0x7ff7ab4164d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff7ab407b50}, [pid 5861] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5858] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5866] <... io_uring_setup resumed>, sq_entries=512, cq_entries=1024, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE|0x3e000, sq_off={head=0, tail=4, ring_mask=16, ring_entries=24, flags=36, dropped=32, array=16448}, cq_off={head=8, tail=12, ring_mask=20, ring_entries=28, overflow=44, cqes=64, flags=40}}) = 3 [pid 5865] mmap(NULL, 18496, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0 [pid 5864] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5863] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5861] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab3a9990, parent_tid=0x7ff7ab3a9990, exit_signal=0, stack=0x7ff7ab389000, stack_size=0x20300, tls=0x7ff7ab3a96c0} [pid 5864] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab3a9990, parent_tid=0x7ff7ab3a9990, exit_signal=0, stack=0x7ff7ab389000, stack_size=0x20300, tls=0x7ff7ab3a96c0} [pid 5865] <... mmap resumed>) = 0x7ff7ab384000 ./strace-static-x86_64: Process 5867 attached [pid 5866] mmap(NULL, 18496, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0 [pid 5863] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], ./strace-static-x86_64: Process 5868 attached [pid 5867] rseq(0x7ff7ab3a9fe0, 0x20, 0, 0x53053053 [pid 5866] <... mmap resumed>) = 0x7ff7ab384000 [pid 5864] <... clone3 resumed> => {parent_tid=[5868]}, 88) = 5868 [pid 5868] rseq(0x7ff7ab3a9fe0, 0x20, 0, 0x53053053 [pid 5867] <... rseq resumed>) = 0 [pid 5868] <... rseq resumed>) = 0 [pid 5868] set_robust_list(0x7ff7ab3a99a0, 24 [pid 5867] set_robust_list(0x7ff7ab3a99a0, 24 [pid 5864] rt_sigprocmask(SIG_SETMASK, [], [pid 5868] <... set_robust_list resumed>) = 0 [pid 5867] <... set_robust_list resumed>) = 0 [pid 5866] mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0x10000000 [pid 5864] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5868] rt_sigprocmask(SIG_SETMASK, [], [pid 5867] rt_sigprocmask(SIG_SETMASK, [], [pid 5866] <... mmap resumed>) = 0x7ff7ab37c000 [pid 5865] mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0x10000000 [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5868] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] <... clone3 resumed> => {parent_tid=[5867]}, 88) = 5867 [pid 5867] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5865] <... mmap resumed>) = 0x7ff7ab37c000 [pid 5863] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5861] rt_sigprocmask(SIG_SETMASK, [], [pid 5865] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] <... mmap resumed>) = 0x7ff7ab389000 [pid 5861] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5865] <... futex resumed>) = 1 [pid 5863] mprotect(0x7ff7ab38a000, 131072, PROT_READ|PROT_WRITE [pid 5861] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] <... futex resumed>) = 0 [pid 5865] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5863] <... mprotect resumed>) = 0 [pid 5861] <... futex resumed>) = 0 [pid 5856] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5866] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5865] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5863] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5861] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5856] <... futex resumed>) = 0 [pid 5868] io_uring_setup(269, {flags=IORING_SETUP_SUBMIT_ALL, sq_thread_cpu=0x10000000, sq_thread_idle=0 [pid 5867] io_uring_setup(269, {flags=IORING_SETUP_SUBMIT_ALL, sq_thread_cpu=0x10000000, sq_thread_idle=0 [pid 5866] <... futex resumed>) = 1 [pid 5865] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] <... futex resumed>) = 0 [pid 5858] <... futex resumed>) = 0 [pid 5856] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5866] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5865] <... futex resumed>) = 0 [pid 5863] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5858] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5867] <... io_uring_setup resumed>, sq_entries=512, cq_entries=1024, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE|0x3e000, sq_off={head=0, tail=4, ring_mask=16, ring_entries=24, flags=36, dropped=32, array=16448}, cq_off={head=8, tail=12, ring_mask=20, ring_entries=28, overflow=44, cqes=64, flags=40}}) = 3 [pid 5866] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5865] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5863] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab3a9990, parent_tid=0x7ff7ab3a9990, exit_signal=0, stack=0x7ff7ab389000, stack_size=0x20300, tls=0x7ff7ab3a96c0} [pid 5858] <... futex resumed>) = 0 [pid 5856] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] <... io_uring_setup resumed>, sq_entries=512, cq_entries=1024, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE|0x3e000, sq_off={head=0, tail=4, ring_mask=16, ring_entries=24, flags=36, dropped=32, array=16448}, cq_off={head=8, tail=12, ring_mask=20, ring_entries=28, overflow=44, cqes=64, flags=40}}) = 3 [pid 5867] mmap(NULL, 18496, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0 [pid 5866] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5865] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5858] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5856] <... futex resumed>) = 0 [pid 5865] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5856] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5865] io_uring_enter(3, 13590, 240, 0, NULL, 0 [pid 5858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5856] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5869 attached [pid 5868] mmap(NULL, 18496, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0 [pid 5867] <... mmap resumed>) = 0x7ff7ab384000 [pid 5866] <... futex resumed>) = 0 [pid 5863] <... clone3 resumed> => {parent_tid=[5869]}, 88) = 5869 [pid 5858] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5869] rseq(0x7ff7ab3a9fe0, 0x20, 0, 0x53053053 [pid 5868] <... mmap resumed>) = 0x7ff7ab384000 [pid 5867] mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0x10000000 [pid 5866] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... futex resumed>) = 0 [pid 5869] <... rseq resumed>) = 0 [pid 5868] mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0x10000000 [pid 5867] <... mmap resumed>) = 0x7ff7ab37c000 [pid 5866] <... futex resumed>) = 0 [pid 5863] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] set_robust_list(0x7ff7ab3a99a0, 24 [pid 5868] <... mmap resumed>) = 0x7ff7ab37c000 [pid 5867] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5866] io_uring_enter(3, 13590, 240, 0, NULL, 0 [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] <... futex resumed>) = 0 [pid 5869] <... set_robust_list resumed>) = 0 [pid 5867] <... futex resumed>) = 1 [pid 5861] <... futex resumed>) = 0 [pid 5858] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5861] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5868] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] rt_sigprocmask(SIG_SETMASK, [], [pid 5868] <... futex resumed>) = 1 [pid 5867] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] <... futex resumed>) = 0 [pid 5863] <... futex resumed>) = 0 [pid 5861] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5868] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5867] <... futex resumed>) = 0 [pid 5863] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5861] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5867] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] <... futex resumed>) = 0 [pid 5868] <... futex resumed>) = 0 [pid 5867] <... futex resumed>) = 0 [pid 5864] <... futex resumed>) = 1 [pid 5861] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5867] io_uring_enter(3, 13590, 240, 0, NULL, 0 [pid 5864] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5861] <... futex resumed>) = 0 [pid 5869] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5868] <... futex resumed>) = 0 [pid 5861] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5869] io_uring_setup(269, {flags=IORING_SETUP_SUBMIT_ALL, sq_thread_cpu=0x10000000, sq_thread_idle=0 [pid 5868] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5869] <... io_uring_setup resumed>, sq_entries=512, cq_entries=1024, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|IORING_FEAT_LINKED_FILE|0x3e000, sq_off={head=0, tail=4, ring_mask=16, ring_entries=24, flags=36, dropped=32, array=16448}, cq_off={head=8, tail=12, ring_mask=20, ring_entries=28, overflow=44, cqes=64, flags=40}}) = 3 [pid 5864] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5864] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] mmap(NULL, 18496, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0) = 0x7ff7ab384000 [pid 5869] mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_POPULATE, 3, 0x10000000) = 0x7ff7ab37c000 [pid 5869] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5869] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] <... futex resumed>) = 1 [pid 5868] <... futex resumed>) = 0 [pid 5868] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5868] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5863] <... futex resumed>) = 0 [pid 5868] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5864] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5863] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] <... futex resumed>) = 0 [pid 5868] io_uring_enter(3, 13590, 240, 0, NULL, 0 [pid 5863] <... futex resumed>) = 1 [pid 5869] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] futex(0x7ff7ab47a32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5863] futex(0x7ff7ab47a328, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5863] futex(0x7ff7ab47a33c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5869] <... futex resumed>) = 0 [pid 5863] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5869] futex(0x7ff7ab47a32c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] <... mmap resumed>) = 0x7ff7ab35b000 [pid 5869] <... futex resumed>) = 0 [pid 5863] mprotect(0x7ff7ab35c000, 131072, PROT_READ|PROT_WRITE [pid 5869] futex(0x7ff7ab47a328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5863] <... mprotect resumed>) = 0 [pid 5863] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5863] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff7ab37b990, parent_tid=0x7ff7ab37b990, exit_signal=0, stack=0x7ff7ab35b000, stack_size=0x20300, tls=0x7ff7ab37b6c0}./strace-static-x86_64: Process 5870 attached [pid 5858] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5856] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5870] rseq(0x7ff7ab37bfe0, 0x20, 0, 0x53053053 [pid 5863] <... clone3 resumed> => {parent_tid=[5870]}, 88) = 5870 [pid 5870] <... rseq resumed>) = 0 [pid 5863] rt_sigprocmask(SIG_SETMASK, [], [pid 5870] set_robust_list(0x7ff7ab37b9a0, 24 [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5870] <... set_robust_list resumed>) = 0 [pid 5863] futex(0x7ff7ab47a338, FUTEX_WAKE_PRIVATE, 1000000 [pid 5870] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5870] io_uring_enter(3, 13590, 240, 0, NULL, 0 [pid 5863] <... futex resumed>) = 0 [pid 5863] futex(0x7ff7ab47a33c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5861] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5864] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5863] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5861] exit_group(0) = ? [pid 5858] exit_group(0) = ? [pid 5856] exit_group(0) = ? [pid 5864] exit_group(0) = ? [pid 5863] exit_group(0 [pid 5869] <... futex resumed>) = ? [pid 5863] <... exit_group resumed>) = ? [pid 5855] kill(-5856, SIGKILL) = 0 [pid 5855] kill(5856, SIGKILL) = 0 [pid 5857] kill(-5858, SIGKILL) = 0 [pid 5857] kill(5858, SIGKILL) = 0 [pid 5860] kill(-5863, SIGKILL [pid 5859] kill(-5861, SIGKILL [pid 5860] <... kill resumed>) = 0 [pid 5859] <... kill resumed>) = 0 [pid 5860] kill(5863, SIGKILL [pid 5859] kill(5861, SIGKILL [pid 5860] <... kill resumed>) = 0 [pid 5859] <... kill resumed>) = 0 [pid 5862] kill(-5864, SIGKILL) = 0 [pid 5862] kill(5864, SIGKILL) = 0 [pid 5855] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5855] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5855] getdents64(3, 0x555586251730 /* 2 entries */, 32768) = 48 [pid 5855] getdents64(3, 0x555586251730 /* 0 entries */, 32768) = 0 [pid 5855] close(3) = 0 [pid 5857] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5857] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5857] getdents64(3, 0x555586251730 /* 2 entries */, 32768) = 48 [pid 5857] getdents64(3, 0x555586251730 /* 0 entries */, 32768) = 0 [pid 5857] close(3) = 0 [pid 5860] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5860] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5860] getdents64(3, 0x555586251730 /* 2 entries */, 32768) = 48 [pid 5860] getdents64(3, [pid 5859] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5860] <... getdents64 resumed>0x555586251730 /* 0 entries */, 32768) = 0 [pid 5859] <... openat resumed>) = 3 [pid 5860] close(3 [pid 5859] newfstatat(3, "", [pid 5860] <... close resumed>) = 0 [pid 5859] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5859] getdents64(3, 0x555586251730 /* 2 entries */, 32768) = 48 [pid 5859] getdents64(3, 0x555586251730 /* 0 entries */, 32768) = 0 [pid 5859] close(3) = 0 [pid 5862] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5862] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5862] getdents64(3, 0x555586251730 /* 2 entries */, 32768) = 48 [pid 5862] getdents64(3, 0x555586251730 /* 0 entries */, 32768) = 0 [pid 5862] close(3) = 0 [ 286.579276][ T31] INFO: task syz-executor266:5869 blocked for more than 143 seconds. [ 286.606677][ T31] Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 [ 286.614805][ T31] Blocked by coredump. [ 286.646634][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.655553][ T31] task:syz-executor266 state:D stack:26952 pid:5869 tgid:5863 ppid:5860 task_flags:0x400548 flags:0x00004002 [ 286.706665][ T31] Call Trace: [ 286.710036][ T31] [ 286.713003][ T31] __schedule+0x16f5/0x4d00 [ 286.736644][ T31] ? __lock_acquire+0xab9/0xd20 [ 286.741587][ T31] ? schedule+0x165/0x360 [ 286.745957][ T31] ? __pfx___schedule+0x10/0x10 [ 286.786634][ T31] ? schedule+0x91/0x360 [ 286.790978][ T31] schedule+0x165/0x360 [ 286.795174][ T31] schedule_preempt_disabled+0x13/0x30 [ 286.826624][ T31] __mutex_lock+0x724/0xe80 [ 286.831234][ T31] ? __mutex_lock+0x51b/0xe80 [ 286.836078][ T31] ? io_uring_del_tctx_node+0xf0/0x2c0 [ 286.866656][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 286.871781][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 286.906638][ T31] ? _raw_spin_unlock+0x3f/0x50 [ 286.911608][ T31] ? xa_erase+0xd5/0xf0 [ 286.915846][ T31] io_uring_del_tctx_node+0xf0/0x2c0 [ 286.946632][ T31] io_uring_clean_tctx+0xd4/0x1a0 [ 286.951845][ T31] ? __pfx_io_uring_clean_tctx+0x10/0x10 [ 286.986638][ T31] ? io_uring_drop_tctx_refs+0x108/0x1c0 [ 286.992394][ T31] io_uring_cancel_generic+0x68f/0x730 [ 287.026637][ T31] ? __pfx_io_uring_cancel_generic+0x10/0x10 [ 287.032745][ T31] ? __pfx_ptrace_notify+0x10/0x10 [ 287.056658][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 287.062815][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.096676][ T31] ? io_uring_unreg_ringfd+0x52f/0x540 [ 287.102350][ T31] do_exit+0x56a/0x2550 [ 287.106569][ T31] ? __lock_acquire+0xab9/0xd20 [ 287.131593][ T31] ? do_raw_spin_lock+0x121/0x290 [ 287.156671][ T31] ? __pfx_do_exit+0x10/0x10 [ 287.161456][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 287.186693][ T31] do_group_exit+0x21c/0x2d0 [ 287.191398][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.216630][ T31] get_signal+0x125e/0x1310 [ 287.221368][ T31] arch_do_signal_or_restart+0x9a/0x750 [ 287.246633][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.252056][ T31] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.276670][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 287.283034][ T31] ? exit_to_user_mode_loop+0x40/0x110 [ 287.316626][ T31] exit_to_user_mode_loop+0x75/0x110 [ 287.322016][ T31] do_syscall_64+0x2bd/0x3b0 [ 287.346645][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.351947][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.386665][ T31] ? clear_bhb_loop+0x60/0xb0 [ 287.391450][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.416647][ T31] RIP: 0033:0x7ff7ab3f0599 [ 287.421164][ T31] RSP: 002b:00007ff7ab3a9218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 287.456631][ T31] RAX: fffffffffffffe00 RBX: 00007ff7ab47a328 RCX: 00007ff7ab3f0599 [ 287.464788][ T31] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff7ab47a328 [ 287.496663][ T31] RBP: 00007ff7ab47a320 R08: 0000000000000000 R09: 0000000000000000 [ 287.504729][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 287.556629][ T31] R13: 00002000000000c0 R14: 0000200000000340 R15: 0000200000000980 [ 287.565185][ T31] [ 287.586634][ T31] [ 287.586634][ T31] Showing all locks held in the system: [ 287.594423][ T31] 5 locks held by kworker/u8:1/13: [ 287.626690][ T31] #0: ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.656660][ T31] #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39e/0x6d0 [ 287.696620][ T31] #2: ffff8880b8725958 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x8ee/0xf30 [ 287.705716][ T31] #3: ffffffff99cfa278 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420 [ 287.756617][ T31] #4: ffffffff8dfe8928 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30 [ 287.786622][ T31] 1 lock held by khungtaskd/31: [ 287.791538][ T31] #0: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 287.826670][ T31] 2 locks held by getty/5589: [ 287.831416][ T31] #0: ffff888030bef0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.876625][ T31] #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 287.906639][ T31] 1 lock held by syz-executor266/5865: [ 287.912180][ T31] 1 lock held by syz-executor266/5866: [ 287.936642][ T31] 2 locks held by syz-executor266/5867: [ 287.942270][ T31] 1 lock held by syz-executor266/5869: [ 287.956633][ T31] #0: ffff8880781600a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_uring_del_tctx_node+0xf0/0x2c0 [ 287.976899][ T31] 2 locks held by syz-executor266/5870: [ 287.982495][ T31] 2 locks held by syz-executor266/5868: [ 287.997012][ T31] [ 287.999379][ T31] ============================================= [ 287.999379][ T31] [ 288.036638][ T31] NMI backtrace for cpu 1 [ 288.036675][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 288.036699][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.036712][ T31] Call Trace: [ 288.036721][ T31] [ 288.036730][ T31] dump_stack_lvl+0x189/0x250 [ 288.036767][ T31] ? __wake_up_klogd+0xd9/0x110 [ 288.036790][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.036820][ T31] ? __pfx__printk+0x10/0x10 [ 288.036854][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 288.036884][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 288.036906][ T31] ? _printk+0xcf/0x120 [ 288.036931][ T31] ? __pfx__printk+0x10/0x10 [ 288.036962][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.036990][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 288.037018][ T31] watchdog+0xfee/0x1030 [ 288.037045][ T31] ? watchdog+0x1de/0x1030 [ 288.037077][ T31] kthread+0x70e/0x8a0 [ 288.037101][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.037123][ T31] ? __pfx_kthread+0x10/0x10 [ 288.037145][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.037173][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.037200][ T31] ? __pfx_kthread+0x10/0x10 [ 288.037221][ T31] ret_from_fork+0x3fc/0x770 [ 288.037250][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.037282][ T31] ? __switch_to_asm+0x39/0x70 [ 288.037300][ T31] ? __switch_to_asm+0x33/0x70 [ 288.037317][ T31] ? __pfx_kthread+0x10/0x10 [ 288.037338][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.037375][ T31] [ 288.037382][ T31] Sending NMI from CPU 1 to CPUs 0: [ 288.195199][ C0] NMI backtrace for cpu 0 [ 288.195220][ C0] CPU: 0 UID: 0 PID: 5868 Comm: syz-executor266 Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 288.195241][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.195252][ C0] RIP: 0010:lock_release+0xaa/0x3e0 [ 288.195281][ C0] Code: 92 41 83 bf ec 0a 00 00 00 0f 85 1e 02 00 00 49 81 3e 80 f3 5c 93 0f 84 11 02 00 00 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 <48> 8b 5c 24 20 fa 48 c7 c7 0e 10 97 8d e8 94 56 c0 09 65 ff 05 8d [ 288.195296][ C0] RSP: 0018:ffffc900045ef3f0 EFLAGS: 00000202 [ 288.195312][ C0] RAX: 0000000000000000 RBX: 00007ff7ab47a301 RCX: 2c8b038b74fda600 [ 288.195325][ C0] RDX: ffffffff9025c800 RSI: ffffffff8be24de0 RDI: ffffffff8be24da0 [ 288.195337][ C0] RBP: dffffc0000000000 R08: 0000000000000022 R09: ffffffff81724865 [ 288.195349][ C0] R10: ffffc900045ef578 R11: ffffffff81ac98f0 R12: 00007ff7ab3a9208 [ 288.195361][ C0] R13: ffffffff81724865 R14: ffffffff8e13ccc0 R15: ffff888077b2da00 [ 288.195374][ C0] FS: 00007ff7ab3a96c0(0000) GS:ffff888125c8c000(0000) knlGS:0000000000000000 [ 288.195388][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 288.195400][ C0] CR2: 00007fd695af76c8 CR3: 000000007fa2e000 CR4: 00000000003526f0 [ 288.195415][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 288.195424][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 288.195435][ C0] Call Trace: [ 288.195441][ C0] [ 288.195453][ C0] ? unwind_next_frame+0xa5/0x2390 [ 288.195478][ C0] unwind_next_frame+0x19a9/0x2390 [ 288.195506][ C0] ? unwind_next_frame+0xa5/0x2390 [ 288.195528][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.195548][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 288.195577][ C0] arch_stack_walk+0x11c/0x150 [ 288.195608][ C0] stack_trace_save+0x9c/0xe0 [ 288.195633][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 288.195663][ C0] kasan_save_track+0x3e/0x80 [ 288.195681][ C0] ? kasan_save_track+0x3e/0x80 [ 288.195696][ C0] ? __kasan_kmalloc+0x93/0xb0 [ 288.195713][ C0] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 288.195733][ C0] ? io_manage_buffers_legacy+0x334/0xc90 [ 288.195749][ C0] ? __io_issue_sqe+0x17e/0x4b0 [ 288.195767][ C0] ? io_issue_sqe+0x165/0xfd0 [ 288.195785][ C0] ? io_submit_sqes+0xa38/0x1c50 [ 288.195803][ C0] ? __se_sys_io_uring_enter+0x2df/0x2b20 [ 288.195823][ C0] ? do_syscall_64+0xfa/0x3b0 [ 288.195849][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.195895][ C0] __kasan_kmalloc+0x93/0xb0 [ 288.195914][ C0] __kmalloc_cache_noprof+0x230/0x3d0 [ 288.195934][ C0] ? io_manage_buffers_legacy+0x334/0xc90 [ 288.195952][ C0] io_manage_buffers_legacy+0x334/0xc90 [ 288.195975][ C0] __io_issue_sqe+0x17e/0x4b0 [ 288.195997][ C0] io_issue_sqe+0x165/0xfd0 [ 288.196021][ C0] io_submit_sqes+0xa38/0x1c50 [ 288.196056][ C0] __se_sys_io_uring_enter+0x2df/0x2b20 [ 288.196078][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 288.196100][ C0] ? _raw_spin_lock_irq+0xae/0xf0 [ 288.196123][ C0] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 288.196147][ C0] ? __pfx___se_sys_io_uring_enter+0x10/0x10 [ 288.196172][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.196193][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.196217][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 288.196237][ C0] ? ptrace_notify+0x22d/0x2c0 [ 288.196262][ C0] ? __pfx_ptrace_notify+0x10/0x10 [ 288.196286][ C0] ? rcu_is_watching+0x15/0xb0 [ 288.196312][ C0] ? __x64_sys_io_uring_enter+0x21/0xf0 [ 288.196333][ C0] do_syscall_64+0xfa/0x3b0 [ 288.196357][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.196379][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.196395][ C0] ? clear_bhb_loop+0x60/0xb0 [ 288.196414][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.196430][ C0] RIP: 0033:0x7ff7ab3f0599 [ 288.196446][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 288.196459][ C0] RSP: 002b:00007ff7ab3a9208 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 288.196476][ C0] RAX: ffffffffffffffda RBX: 00007ff7ab47a328 RCX: 00007ff7ab3f0599 [ 288.196488][ C0] RDX: 00000000000000f0 RSI: 0000000000003516 RDI: 0000000000000003 [ 288.196498][ C0] RBP: 00007ff7ab47a320 R08: 0000000000000000 R09: 0000000000000000 [ 288.196508][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 288.196517][ C0] R13: 00002000000000c0 R14: 0000200000000340 R15: 0000200000000980 [ 288.196538][ C0] [ 288.196546][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.349 msecs [ 288.526638][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 288.526668][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-03589-gfeacb1774bd5 #0 PREEMPT(full) [ 288.526696][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.526711][ T31] Call Trace: [ 288.526721][ T31] [ 288.526733][ T31] dump_stack_lvl+0x99/0x250 [ 288.526775][ T31] ? __asan_memcpy+0x40/0x70 [ 288.526798][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.526830][ T31] ? __pfx__printk+0x10/0x10 [ 288.526867][ T31] panic+0x2db/0x790 [ 288.526905][ T31] ? __pfx_panic+0x10/0x10 [ 288.526933][ T31] ? tick_nohz_tick_stopped+0x86/0xb0 [ 288.716937][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 288.722366][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 288.728556][ T31] watchdog+0x102d/0x1030 [ 288.732922][ T31] ? watchdog+0x1de/0x1030 [ 288.737376][ T31] kthread+0x70e/0x8a0 [ 288.741477][ T31] ? __pfx_watchdog+0x10/0x10 [ 288.746203][ T31] ? __pfx_kthread+0x10/0x10 [ 288.750826][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.756141][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.761370][ T31] ? __pfx_kthread+0x10/0x10 [ 288.765986][ T31] ret_from_fork+0x3fc/0x770 [ 288.770613][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 288.775763][ T31] ? __switch_to_asm+0x39/0x70 [ 288.780559][ T31] ? __switch_to_asm+0x33/0x70 [ 288.785347][ T31] ? __pfx_kthread+0x10/0x10 [ 288.789962][ T31] ret_from_fork_asm+0x1a/0x30 [ 288.794771][ T31] [ 288.798160][ T31] Kernel Offset: disabled [ 288.802493][ T31] Rebooting in 86400 seconds..