./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4293594943

<...>
Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts.
execve("./syz-executor4293594943", ["./syz-executor4293594943"], 0x7ffda2c87f10 /* 10 vars */) = 0
brk(NULL)                               = 0x555556069000
brk(0x555556069d00)                     = 0x555556069d00
arch_prctl(ARCH_SET_FS, 0x555556069380) = 0
set_tid_address(0x555556069650)         = 5033
set_robust_list(0x555556069660, 24)     = 0
rseq(0x555556069ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor4293594943", 4096) = 28
getrandom("\x97\x49\x41\xae\xe3\x11\x79\x01", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556069d00
brk(0x55555608ad00)                     = 0x55555608ad00
brk(0x55555608b000)                     = 0x55555608b000
mprotect(0x7f320a98b000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556069650) = 5034
./strace-static-x86_64: Process 5034 attached
[pid  5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5034] set_robust_list(0x555556069660, 24) = 0
[pid  5034] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5035 attached
 <unfinished ...>
[pid  5033] <... clone resumed>, child_tidptr=0x555556069650) = 5035
[pid  5035] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5034] <... clone resumed>, child_tidptr=0x555556069650) = 5036
./strace-static-x86_64: Process 5036 attached
[pid  5035] <... set_robust_list resumed>) = 0
[pid  5035] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5037 attached
 <unfinished ...>
[pid  5036] set_robust_list(0x555556069660, 24) = 0
[pid  5033] <... clone resumed>, child_tidptr=0x555556069650) = 5037
[pid  5036] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5037] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5036] <... prctl resumed>)        = 0
./strace-static-x86_64: Process 5038 attached
[pid  5037] <... set_robust_list resumed>) = 0
[pid  5038] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5037] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5036] setpgid(0, 0 <unfinished ...>
[pid  5035] <... clone resumed>, child_tidptr=0x555556069650) = 5038
[pid  5038] <... set_robust_list resumed>) = 0
[pid  5036] <... setpgid resumed>)      = 0
[pid  5038] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5038] <... prctl resumed>)        = 0
[pid  5038] setpgid(0, 0./strace-static-x86_64: Process 5040 attached
./strace-static-x86_64: Process 5039 attached
 <unfinished ...>
[pid  5033] <... clone resumed>, child_tidptr=0x555556069650) = 5039
[pid  5037] <... clone resumed>, child_tidptr=0x555556069650) = 5040
[pid  5036] <... openat resumed>)       = 3
[pid  5040] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5039] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5038] <... setpgid resumed>)      = 0
[pid  5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5040] <... set_robust_list resumed>) = 0
[pid  5039] <... set_robust_list resumed>) = 0
[pid  5038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5036] write(3, "1000", 4 <unfinished ...>
[pid  5040] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5039] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5038] <... openat resumed>)       = 3
[pid  5036] <... write resumed>)        = 4
[pid  5038] write(3, "1000", 4 <unfinished ...>
[pid  5036] close(3 <unfinished ...>
[pid  5038] <... write resumed>)        = 4
[pid  5038] close(3)                    = 0
[pid  5038] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE) = 3
[pid  5038] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5040] <... prctl resumed>)        = 0
[pid  5040] setpgid(0, 0)               = 0
[pid  5040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5036] <... close resumed>)        = 0
./strace-static-x86_64: Process 5041 attached
[pid  5040] <... openat resumed>)       = 3
[pid  5036] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE./strace-static-x86_64: Process 5042 attached
 <unfinished ...>
[pid  5033] <... clone resumed>, child_tidptr=0x555556069650) = 5042
[pid  5041] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5040] write(3, "1000", 4 <unfinished ...>
[pid  5039] <... clone resumed>, child_tidptr=0x555556069650) = 5041
[pid  5036] <... openat resumed>)       = 3
[pid  5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5041] <... set_robust_list resumed>) = 0
[pid  5042] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5040] <... write resumed>)        = 4
[pid  5036] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5041] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5042] <... set_robust_list resumed>) = 0
[pid  5041] <... prctl resumed>)        = 0
[pid  5042] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5040] close(3./strace-static-x86_64: Process 5043 attached
 <unfinished ...>
[pid  5033] <... clone resumed>, child_tidptr=0x555556069650) = 5043
[pid  5041] setpgid(0, 0 <unfinished ...>
[pid  5040] <... close resumed>)        = 0
[pid  5043] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5041] <... setpgid resumed>)      = 0
[pid  5040] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE./strace-static-x86_64: Process 5044 attached
 <unfinished ...>
[pid  5043] <... set_robust_list resumed>) = 0
[pid  5041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5040] <... openat resumed>)       = 3
[pid  5043] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5041] <... openat resumed>)       = 3
[pid  5040] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5044] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5041] write(3, "1000", 4 <unfinished ...>
[pid  5042] <... clone resumed>, child_tidptr=0x555556069650) = 5044
[pid  5041] <... write resumed>)        = 4
[pid  5041] close(3 <unfinished ...>
[pid  5044] <... set_robust_list resumed>) = 0
[pid  5041] <... close resumed>)        = 0
[pid  5044] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5041] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE./strace-static-x86_64: Process 5045 attached
 <unfinished ...>
[pid  5044] <... prctl resumed>)        = 0
[pid  5043] <... clone resumed>, child_tidptr=0x555556069650) = 5045
[pid  5045] set_robust_list(0x555556069660, 24 <unfinished ...>
[pid  5041] <... openat resumed>)       = 3
[pid  5045] <... set_robust_list resumed>) = 0
[pid  5044] setpgid(0, 0)               = 0
[pid  5045] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5041] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5045] <... prctl resumed>)        = 0
[pid  5045] setpgid(0, 0 <unfinished ...>
[pid  5044] <... openat resumed>)       = 3
[pid  5045] <... setpgid resumed>)      = 0
[pid  5044] write(3, "1000", 4 <unfinished ...>
[pid  5045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5044] <... write resumed>)        = 4
[pid  5044] close(3)                    = 0
[pid  5045] <... openat resumed>)       = 3
[pid  5045] write(3, "1000", 4 <unfinished ...>
[pid  5044] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE <unfinished ...>
[pid  5045] <... write resumed>)        = 4
[pid  5044] <... openat resumed>)       = 3
[pid  5045] close(3 <unfinished ...>
[pid  5044] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5045] <... close resumed>)        = 0
[pid  5045] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE) = 3
[pid  5045] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5034] kill(-5036, SIGKILL)        = 0
[pid  5034] kill(5036, SIGKILL)         = 0
[pid  5035] kill(-5038, SIGKILL)        = 0
[pid  5035] kill(5038, SIGKILL <unfinished ...>
[pid  5037] kill(-5040, SIGKILL)        = 0
[pid  5037] kill(5040, SIGKILL)         = 0
[pid  5035] <... kill resumed>)         = 0
[pid  5039] kill(-5041, SIGKILL)        = 0
[pid  5039] kill(5041, SIGKILL)         = 0
[pid  5042] kill(-5044, SIGKILL)        = 0
[pid  5042] kill(5044, SIGKILL)         = 0
[pid  5043] kill(-5045, SIGKILL)        = 0
[pid  5043] kill(5045, SIGKILL)         = 0
[pid  5037] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5037] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5037] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5037] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5037] close(3)                    = 0
[pid  5039] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5039] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5039] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5039] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5039] close(3)                    = 0
[pid  5034] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5034] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5034] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5034] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5034] close(3)                    = 0
[pid  5043] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5043] newfstatat(3, "",  <unfinished ...>
[pid  5035] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  5043] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5035] <... openat resumed>)       = 3
[pid  5043] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5035] newfstatat(3, "",  <unfinished ...>
[pid  5043] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5035] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5043] close(3)                    = 0
[pid  5035] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5042] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5035] getdents64(3,  <unfinished ...>
[pid  5042] newfstatat(3, "",  <unfinished ...>
[pid  5035] <... getdents64 resumed>0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5042] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5035] close(3 <unfinished ...>
[pid  5042] getdents64(3,  <unfinished ...>
[pid  5035] <... close resumed>)        = 0
[pid  5042] <... getdents64 resumed>0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5042] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5042] close(3)                    = 0
[   86.727743][   T54] cfg80211: failed to load regulatory.db
[pid  5038] <... fallocate resumed>)    = ?
[pid  5038] +++ killed by SIGKILL +++
[pid  5035] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5038, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=7335 /* 73.35 s */} ---
[pid  5035] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5063 attached
, child_tidptr=0x555556069650) = 5063
[pid  5063] set_robust_list(0x555556069660, 24) = 0
[pid  5063] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5063] setpgid(0, 0)               = 0
[pid  5063] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5063] write(3, "1000", 4)         = 4
[pid  5063] close(3)                    = 0
[pid  5063] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE) = 3
[pid  5063] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5035] kill(-5063, SIGKILL)        = 0
[pid  5035] kill(5063, SIGKILL)         = 0
[pid  5035] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5035] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5035] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5035] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5035] close(3)                    = 0
[pid  5036] <... fallocate resumed>)    = ?
[pid  5036] +++ killed by SIGKILL +++
[pid  5034] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5036, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=7231 /* 72.31 s */} ---
[pid  5034] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5070 attached
, child_tidptr=0x555556069650) = 5070
[pid  5070] set_robust_list(0x555556069660, 24) = 0
[pid  5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5070] setpgid(0, 0)               = 0
[pid  5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5070] write(3, "1000", 4)         = 4
[pid  5070] close(3)                    = 0
[pid  5070] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_APPEND|O_LARGEFILE) = 3
[pid  5070] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 1099511627778 <unfinished ...>
[pid  5034] kill(-5070, SIGKILL)        = 0
[pid  5034] kill(5070, SIGKILL)         = 0
[pid  5034] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5034] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5034] getdents64(3, 0x55555606a6f0 /* 2 entries */, 32768) = 48
[pid  5034] getdents64(3, 0x55555606a6f0 /* 0 entries */, 32768) = 0
[pid  5034] close(3)                    = 0
[  286.395730][   T29] INFO: task syz-executor429:5041 blocked for more than 143 seconds.
[  286.405678][   T29]       Not tainted 6.6.0-rc2-syzkaller #0
[  286.411520][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.421432][   T29] task:syz-executor429 state:D stack:25904 pid:5041  ppid:5039   flags:0x00004006
[  286.431831][   T29] Call Trace:
[  286.435145][   T29]  <TASK>
[  286.439265][   T29]  __schedule+0x196c/0x4af0
[  286.446245][   T29]  ? release_firmware_map_entry+0x190/0x190
[  286.453219][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[  286.460350][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.474159][   T29]  ? _raw_spin_lock_irq+0xdf/0x120
[  286.483359][   T29]  schedule+0xc3/0x180
[  286.489928][   T29]  schedule_preempt_disabled+0x13/0x20
[  286.495525][   T29]  rwsem_down_write_slowpath+0xee6/0x13a0
[  286.501285][   T29]  ? rwsem_down_write_slowpath+0xa05/0x13a0
[  286.508312][   T29]  ? down_write_killable_nested+0x80/0x80
[  286.515175][   T29]  ? read_lock_is_recursive+0x20/0x20
[  286.521643][   T29]  __down_write_common+0x1aa/0x200
[  286.527878][   T29]  ? clear_nonspinnable+0x60/0x60
[  286.534056][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.545101][   T29]  blkdev_fallocate+0x21b/0x440
[  286.551643][   T29]  vfs_fallocate+0x551/0x6b0
[  286.557601][   T29]  __x64_sys_fallocate+0xbd/0x100
[  286.563717][   T29]  do_syscall_64+0x41/0xc0
[  286.569311][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.575525][   T29] RIP: 0033:0x7f320a918ae9
[  286.579974][   T29] RSP: 002b:00007fff4b4e33f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.589380][   T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f320a918ae9
[  286.597738][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.606160][   T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  286.614584][   T29] R10: 0000010000000002 R11: 0000000000000246 R12: 0000000000000001
[  286.623068][   T29] R13: 00007fff4b4e3618 R14: 00007fff4b4e3420 R15: 00007fff4b4e3410
[  286.631504][   T29]  </TASK>
[  286.634595][   T29] INFO: task syz-executor429:5044 blocked for more than 143 seconds.
[  286.643125][   T29]       Not tainted 6.6.0-rc2-syzkaller #0
[  286.649410][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.658502][   T29] task:syz-executor429 state:D stack:26520 pid:5044  ppid:5042   flags:0x00004006
[  286.668148][   T29] Call Trace:
[  286.671456][   T29]  <TASK>
[  286.674421][   T29]  __schedule+0x196c/0x4af0
[  286.679039][   T29]  ? release_firmware_map_entry+0x190/0x190
[  286.684977][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[  286.691408][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.697322][   T29]  ? _raw_spin_lock_irq+0xdf/0x120
[  286.702858][   T29]  schedule+0xc3/0x180
[  286.707698][   T29]  schedule_preempt_disabled+0x13/0x20
[  286.713605][   T29]  rwsem_down_write_slowpath+0xee6/0x13a0
[  286.719773][   T29]  ? rwsem_down_write_slowpath+0xa05/0x13a0
[  286.726192][   T29]  ? down_write_killable_nested+0x80/0x80
[  286.732344][   T29]  ? read_lock_is_recursive+0x20/0x20
[  286.737808][   T29]  __down_write_common+0x1aa/0x200
[  286.742985][   T29]  ? clear_nonspinnable+0x60/0x60
[  286.748072][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.753314][   T29]  blkdev_fallocate+0x21b/0x440
[  286.758579][   T29]  vfs_fallocate+0x551/0x6b0
[  286.763597][   T29]  __x64_sys_fallocate+0xbd/0x100
[  286.769075][   T29]  do_syscall_64+0x41/0xc0
[  286.773922][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.780248][   T29] RIP: 0033:0x7f320a918ae9
[  286.785072][   T29] RSP: 002b:00007fff4b4e33f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.793940][   T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f320a918ae9
[  286.802367][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.810410][   T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  286.818744][   T29] R10: 0000010000000002 R11: 0000000000000246 R12: 0000000000000001
[  286.827166][   T29] R13: 00007fff4b4e3618 R14: 00007fff4b4e3420 R15: 00007fff4b4e3410
[  286.836036][   T29]  </TASK>
[  286.839118][   T29] INFO: task syz-executor429:5045 blocked for more than 143 seconds.
[  286.847671][   T29]       Not tainted 6.6.0-rc2-syzkaller #0
[  286.853861][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.862970][   T29] task:syz-executor429 state:D stack:26248 pid:5045  ppid:5043   flags:0x00004006
[  286.872680][   T29] Call Trace:
[  286.876423][   T29]  <TASK>
[  286.879762][   T29]  __schedule+0x196c/0x4af0
[  286.884338][   T29]  ? release_firmware_map_entry+0x190/0x190
[  286.890329][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[  286.896436][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.901943][   T29]  ? _raw_spin_lock_irq+0xdf/0x120
[  286.907388][   T29]  schedule+0xc3/0x180
[  286.915610][   T29]  schedule_preempt_disabled+0x13/0x20
[  286.921419][   T29]  rwsem_down_write_slowpath+0xee6/0x13a0
[  286.928085][   T29]  ? rwsem_down_write_slowpath+0xa05/0x13a0
[  286.934433][   T29]  ? down_write_killable_nested+0x80/0x80
[  286.940843][   T29]  ? read_lock_is_recursive+0x20/0x20
[  286.946367][   T29]  __down_write_common+0x1aa/0x200
[  286.951529][   T29]  ? clear_nonspinnable+0x60/0x60
[  286.957709][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.962973][   T29]  blkdev_fallocate+0x21b/0x440
[  286.968311][   T29]  vfs_fallocate+0x551/0x6b0
[  286.973247][   T29]  __x64_sys_fallocate+0xbd/0x100
[  286.978720][   T29]  do_syscall_64+0x41/0xc0
[  286.983528][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.989870][   T29] RIP: 0033:0x7f320a918ae9
[  286.994649][   T29] RSP: 002b:00007fff4b4e33f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  287.003464][   T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f320a918ae9
[  287.011553][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  287.025636][   T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0
[  287.033960][   T29] R10: 0000010000000002 R11: 0000000000000246 R12: 0000000000000001
[  287.042389][   T29] R13: 00007fff4b4e3618 R14: 00007fff4b4e3420 R15: 00007fff4b4e3410
[  287.050857][   T29]  </TASK>
[  287.054316][   T29] 
[  287.054316][   T29] Showing all locks held in the system:
[  287.062499][   T29] 1 lock held by khungtaskd/29:
[  287.067459][   T29]  #0: ffffffff8d32c4a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  287.077897][   T29] 2 locks held by getty/4786:
[  287.082980][   T29]  #0: ffff8880268010a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  287.093286][   T29]  #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b1/0x1dc0
[  287.103809][   T29] 1 lock held by syz-executor429/5040:
[  287.109675][   T29] 1 lock held by syz-executor429/5041:
[  287.115450][   T29]  #0: ffff88801ae20940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21b/0x440
[  287.126583][   T29] 1 lock held by syz-executor429/5044:
[  287.132381][   T29]  #0: ffff88801ae20940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21b/0x440
[  287.143134][   T29] 1 lock held by syz-executor429/5045:
[  287.148976][   T29]  #0: ffff88801ae20940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21b/0x440
[  287.160223][   T29] 1 lock held by syz-executor429/5063:
[  287.166175][   T29]  #0: ffff88801ae20940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21b/0x440
[  287.177318][   T29] 1 lock held by syz-executor429/5070:
[  287.182845][   T29]  #0: ffff88801ae20940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21b/0x440
[  287.194206][   T29] 
[  287.196853][   T29] =============================================
[  287.196853][   T29] 
[  287.205772][   T29] NMI backtrace for cpu 0
[  287.210150][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.6.0-rc2-syzkaller #0
[  287.218263][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  287.228320][   T29] Call Trace:
[  287.231598][   T29]  <TASK>
[  287.234531][   T29]  dump_stack_lvl+0x1e7/0x2d0
[  287.239211][   T29]  ? nf_tcp_handle_invalid+0x650/0x650
[  287.244667][   T29]  ? panic+0x770/0x770
[  287.248757][   T29]  ? vprintk_emit+0x607/0x720
[  287.253462][   T29]  ? printk_sprint+0x480/0x480
[  287.258243][   T29]  nmi_cpu_backtrace+0x498/0x4d0
[  287.263236][   T29]  ? nmi_trigger_cpumask_backtrace+0x310/0x310
[  287.269388][   T29]  ? _printk+0xd5/0x120
[  287.273540][   T29]  ? panic+0x770/0x770
[  287.277609][   T29]  ? __wake_up_klogd+0xcc/0x100
[  287.282461][   T29]  ? panic+0x770/0x770
[  287.286539][   T29]  ? __rcu_read_unlock+0x96/0x100
[  287.291600][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  287.297708][   T29]  nmi_trigger_cpumask_backtrace+0x198/0x310
[  287.303703][   T29]  watchdog+0xfa9/0xff0
[  287.307921][   T29]  ? watchdog+0x1e9/0xff0
[  287.312271][   T29]  kthread+0x2d3/0x370
[  287.316360][   T29]  ? hungtask_pm_notify+0x90/0x90
[  287.321395][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.325992][   T29]  ret_from_fork+0x48/0x80
[  287.330459][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.335073][   T29]  ret_from_fork_asm+0x11/0x20
[  287.339888][   T29]  </TASK>
[  287.343063][   T29] Sending NMI from CPU 0 to CPUs 1:
[  287.348350][    C1] NMI backtrace for cpu 1
[  287.348360][    C1] CPU: 1 PID: 4473 Comm: klogd Not tainted 6.6.0-rc2-syzkaller #0
[  287.348376][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  287.348385][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x90
[  287.348410][    C1] Code: 89 11 48 c7 44 0a 08 03 00 00 00 48 89 44 0a 10 48 89 74 0a 18 4c 89 44 0a 20 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <f3> 0f 1e fa 4c 8b 04 24 65 48 8b 15 00 aa 75 7e 65 8b 05 01 aa 75
[  287.348423][    C1] RSP: 0018:ffffc900031372f0 EFLAGS: 00000246
[  287.348437][    C1] RAX: 0000000000000001 RBX: ffffc90003137368 RCX: ffffffff8fe04000
[  287.348448][    C1] RDX: ffffffff8ff6ed01 RSI: 0000000000000001 RDI: 0000000000000000
[  287.348458][    C1] RBP: 0000000000000001 R08: ffffffff813d9df7 R09: ffffffff813db8d0
[  287.348468][    C1] R10: 0000000000000003 R11: ffff88807ee9bb80 R12: ffff88807ee9bb80
[  287.348479][    C1] R13: ffffffff817bb8f0 R14: dffffc0000000000 R15: 1ffff92000626e6d
[  287.348490][    C1] FS:  00007fa460976380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  287.348504][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.348514][    C1] CR2: 00005555560726f8 CR3: 000000007ef08000 CR4: 00000000003506e0
[  287.348528][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.348536][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.348546][    C1] Call Trace:
[  287.348551][    C1]  <NMI>
[  287.348557][    C1]  ? nmi_cpu_backtrace+0x3be/0x4d0
[  287.348575][    C1]  ? read_lock_is_recursive+0x20/0x20
[  287.348595][    C1]  ? nmi_trigger_cpumask_backtrace+0x310/0x310
[  287.348613][    C1]  ? nmi_handle+0x2a/0x570
[  287.348641][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  287.348662][    C1]  ? nmi_handle+0x14c/0x570
[  287.348680][    C1]  ? nmi_handle+0x2a/0x570
[  287.348700][    C1]  ? __sanitizer_cov_trace_const_cmp2+0x90/0x90
[  287.348720][    C1]  ? default_do_nmi+0x62/0x150
[  287.348778][    C1]  ? exc_nmi+0x11e/0x1f0
[  287.348794][    C1]  ? end_repeat_nmi+0x16/0x31
[  287.348811][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  287.348831][    C1]  ? unwind_next_frame+0x1970/0x29e0
[  287.348855][    C1]  ? unwind_get_return_address+0x37/0xc0
[  287.348879][    C1]  ? __init_begin+0x3f000/0x3f000
[  287.348962][    C1]  ? use_tsc_delay+0x21/0x30
[  287.348997][    C1]  ? __sanitizer_cov_trace_const_cmp2+0x90/0x90
[  287.349019][    C1]  ? __sanitizer_cov_trace_const_cmp2+0x90/0x90
[  287.349046][    C1]  ? use_tsc_delay+0x21/0x30
[  287.349065][    C1]  ? __sanitizer_cov_trace_const_cmp2+0x90/0x90
[  287.349087][    C1]  </NMI>
[  287.349091][    C1]  <TASK>
[  287.349096][    C1]  unwind_get_return_address+0x68/0xc0
[  287.349121][    C1]  ? unix_dgram_sendmsg+0x659/0x2070
[  287.349189][    C1]  arch_stack_walk+0x11f/0x1a0
[  287.349218][    C1]  ? __sys_sendto+0x484/0x640
[  287.349266][    C1]  stack_trace_save+0x117/0x1c0
[  287.349285][    C1]  ? verify_lock_unused+0x140/0x140
[  287.349302][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  287.349328][    C1]  kasan_set_track+0x4f/0x70
[  287.349387][    C1]  ? kasan_set_track+0x4f/0x70
[  287.349405][    C1]  ? __kasan_slab_alloc+0x66/0x70
[  287.349423][    C1]  ? slab_post_alloc_hook+0x67/0x3d0
[  287.349437][    C1]  ? kmem_cache_alloc_node+0x148/0x330
[  287.349451][    C1]  ? __alloc_skb+0x181/0x420
[  287.349469][    C1]  ? alloc_skb_with_frags+0xc3/0x780
[  287.349488][    C1]  ? sock_alloc_send_pskb+0x919/0xa50
[  287.349509][    C1]  ? unix_dgram_sendmsg+0x659/0x2070
[  287.349550][    C1]  __kasan_slab_alloc+0x66/0x70
[  287.349570][    C1]  slab_post_alloc_hook+0x67/0x3d0
[  287.349589][    C1]  kmem_cache_alloc_node+0x148/0x330
[  287.349604][    C1]  ? __alloc_skb+0x181/0x420
[  287.349620][    C1]  __alloc_skb+0x181/0x420
[  287.349637][    C1]  ? napi_build_skb+0x270/0x270
[  287.349650][    C1]  ? rcu_preempt_deferred_qs_irqrestore+0x877/0xc50
[  287.349679][    C1]  alloc_skb_with_frags+0xc3/0x780
[  287.349706][    C1]  sock_alloc_send_pskb+0x919/0xa50
[  287.349736][    C1]  ? sock_kzfree_s+0x50/0x50
[  287.349759][    C1]  ? do_raw_spin_unlock+0x13b/0x8b0
[  287.349782][    C1]  unix_dgram_sendmsg+0x659/0x2070
[  287.349808][    C1]  ? tomoyo_socket_bind_permission+0x340/0x340
[  287.349874][    C1]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.349896][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  287.349962][    C1]  ? security_socket_sendmsg+0x81/0xa0
[  287.350014][    C1]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.350030][    C1]  __sys_sendto+0x484/0x640
[  287.350048][    C1]  ? __ia32_sys_getpeername+0x90/0x90
[  287.350079][    C1]  ? print_irqtrace_events+0x220/0x220
[  287.350099][    C1]  __x64_sys_sendto+0xde/0xf0
[  287.350116][    C1]  do_syscall_64+0x41/0xc0
[  287.350130][    C1]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  287.350145][    C1] RIP: 0033:0x7fa460ad89b5
[  287.350157][    C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83
[  287.350168][    C1] RSP: 002b:00007ffed9d000c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  287.350183][    C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa460ad89b5
[  287.350193][    C1] RDX: 0000000000000074 RSI: 000055ba90562d70 RDI: 0000000000000003
[  287.350202][    C1] RBP: 000055ba9055e910 R08: 0000000000000000 R09: 0000000000000000
[  287.350211][    C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013
[  287.350219][    C1] R13: 00007fa460c66212 R14: 00007ffed9d001c8 R15: 0000000000000000
[  287.350237][    C1]  </TASK>
[  287.350243][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.893 msecs
[  287.350729][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  287.890250][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.6.0-rc2-syzkaller #0
[  287.898326][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  287.908382][   T29] Call Trace:
[  287.911672][   T29]  <TASK>
[  287.914605][   T29]  dump_stack_lvl+0x1e7/0x2d0
[  287.919295][   T29]  ? nf_tcp_handle_invalid+0x650/0x650
[  287.924760][   T29]  ? panic+0x770/0x770
[  287.929363][   T29]  ? vscnprintf+0x5d/0x80
[  287.933705][   T29]  panic+0x30f/0x770
[  287.937623][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  287.943262][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x310
[  287.949423][   T29]  ? __memcpy_flushcache+0x2b0/0x2b0
[  287.954718][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  287.960803][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x310
[  287.966966][   T29]  ? nmi_trigger_cpumask_backtrace+0x2c5/0x310
[  287.973153][   T29]  ? nmi_trigger_cpumask_backtrace+0x2ca/0x310
[  287.979317][   T29]  watchdog+0xfe8/0xff0
[  287.983486][   T29]  ? watchdog+0x1e9/0xff0
[  287.987836][   T29]  kthread+0x2d3/0x370
[  287.991911][   T29]  ? hungtask_pm_notify+0x90/0x90
[  287.996966][   T29]  ? kthread_blkcg+0xd0/0xd0
[  288.001561][   T29]  ret_from_fork+0x48/0x80
[  288.006001][   T29]  ? kthread_blkcg+0xd0/0xd0
[  288.010599][   T29]  ret_from_fork_asm+0x11/0x20
[  288.015385][   T29]  </TASK>
[  288.018743][   T29] Kernel Offset: disabled
[  288.023070][   T29] Rebooting in 86400 seconds..