./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2091688782 <...> Warning: Permanently added '10.128.1.101' (ED25519) to the list of known hosts. execve("./syz-executor2091688782", ["./syz-executor2091688782"], 0x7ffe2b1be7f0 /* 10 vars */) = 0 brk(NULL) = 0x5555596cb000 brk(0x5555596cbd00) = 0x5555596cbd00 arch_prctl(ARCH_SET_FS, 0x5555596cb380) = 0 set_tid_address(0x5555596cb650) = 5833 set_robust_list(0x5555596cb660, 24) = 0 rseq(0x5555596cbca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2091688782", 4096) = 28 getrandom("\xf9\x47\xa1\x99\xd5\x5c\x03\x02", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555596cbd00 brk(0x5555596ecd00) = 0x5555596ecd00 brk(0x5555596ed000) = 0x5555596ed000 mprotect(0x7f975284c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5834 attached [pid 5834] set_robust_list(0x5555596cb660, 24) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] <... clone resumed>, child_tidptr=0x5555596cb650) = 5834 ./strace-static-x86_64: Process 5835 attached [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached [pid 5836] set_robust_list(0x5555596cb660, 24 [pid 5835] set_robust_list(0x5555596cb660, 24 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5833] <... clone resumed>, child_tidptr=0x5555596cb650) = 5836 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... set_robust_list resumed>) = 0 [pid 5834] <... clone resumed>, child_tidptr=0x5555596cb650) = 5835 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5837 attached [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... prctl resumed>) = 0 [pid 5836] <... clone resumed>, child_tidptr=0x5555596cb650) = 5837 [pid 5835] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5838 attached [ 124.757281][ T29] audit: type=1400 audit(1735530234.551:88): avc: denied { execmem } for pid=5833 comm="syz-executor209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5837] set_robust_list(0x5555596cb660, 24 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] <... set_robust_list resumed>) = 0 [pid 5833] <... clone resumed>, child_tidptr=0x5555596cb650) = 5838 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] <... prctl resumed>) = 0 [pid 5838] set_robust_list(0x5555596cb660, 24 [pid 5837] setpgid(0, 0 [pid 5835] <... openat resumed>) = 3 [pid 5835] write(3, "1000", 4./strace-static-x86_64: Process 5839 attached executing program [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... setpgid resumed>) = 0 [pid 5835] <... write resumed>) = 4 [pid 5835] close(3 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... close resumed>) = 0 [pid 5835] write(1, "executing program\n", 18) = 18 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5835] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME./strace-static-x86_64: Process 5840 attached [pid 5833] <... clone resumed>, child_tidptr=0x5555596cb650) = 5839 [pid 5839] set_robust_list(0x5555596cb660, 24 [pid 5837] <... openat resumed>) = 3 [pid 5835] <... openat resumed>) = 3 [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... set_robust_list resumed>) = 0 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] write(3, "1000", 4 [pid 5835] dup(3) = 4 [pid 5835] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072 [pid 5837] <... write resumed>) = 4 executing program [pid 5838] <... clone resumed>, child_tidptr=0x5555596cb650) = 5840 [pid 5837] close(3) = 0 [pid 5837] write(1, "executing program\n", 18) = 18 [pid 5833] <... clone resumed>, child_tidptr=0x5555596cb650) = 5841 [pid 5837] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5837] dup(3) = 4 [pid 5837] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072 [pid 5839] <... clone resumed>, child_tidptr=0x5555596cb650) = 5842 [pid 5840] set_robust_list(0x5555596cb660, 24./strace-static-x86_64: Process 5842 attached ./strace-static-x86_64: Process 5841 attached [pid 5842] set_robust_list(0x5555596cb660, 24 [pid 5841] set_robust_list(0x5555596cb660, 24 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] <... prctl resumed>) = 0 [pid 5840] setpgid(0, 0./strace-static-x86_64: Process 5843 attached [pid 5842] <... prctl resumed>) = 0 [pid 5840] <... setpgid resumed>) = 0 [pid 5842] setpgid(0, 0 [pid 5843] set_robust_list(0x5555596cb660, 24 [pid 5842] <... setpgid resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5841] <... clone resumed>, child_tidptr=0x5555596cb650) = 5843 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5840] <... openat resumed>) = 3 [pid 5842] <... openat resumed>) = 3 [pid 5840] write(3, "1000", 4 [pid 5843] <... prctl resumed>) = 0 [pid 5840] <... write resumed>) = 4 [pid 5843] setpgid(0, 0 [pid 5842] write(3, "1000", 4executing program executing program [pid 5843] <... setpgid resumed>) = 0 [pid 5842] <... write resumed>) = 4 [pid 5840] close(3) = 0 [pid 5842] close(3 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] <... close resumed>) = 0 [pid 5842] write(1, "executing program\n", 18 [pid 5840] write(1, "executing program\n", 18 [pid 5843] <... openat resumed>) = 3 [pid 5842] <... write resumed>) = 18 [pid 5840] <... write resumed>) = 18 [pid 5843] write(3, "1000", 4 [pid 5840] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5843] <... write resumed>) = 4 [pid 5842] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5843] close(3 [pid 5842] <... openat resumed>) = 3 [pid 5840] <... openat resumed>) = 3 [pid 5843] <... close resumed>) = 0 [pid 5843] write(1, "executing program\n", 18 [pid 5842] dup(3 [pid 5840] dup(3 [pid 5842] <... dup resumed>) = 4 [pid 5842] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072 [pid 5840] <... dup resumed>) = 4 [pid 5840] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072executing program [pid 5843] <... write resumed>) = 18 [pid 5843] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5843] dup(3) = 4 [ 124.830743][ T29] audit: type=1400 audit(1735530234.621:89): avc: denied { read write } for pid=5835 comm="syz-executor209" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 124.854461][ T29] audit: type=1400 audit(1735530234.621:90): avc: denied { open } for pid=5835 comm="syz-executor209" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [pid 5843] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072 [pid 5834] kill(-5835, SIGKILL) = 0 [pid 5834] kill(5835, SIGKILL) = 0 [pid 5836] kill(-5837, SIGKILL) = 0 [pid 5836] kill(5837, SIGKILL) = 0 [pid 5838] kill(-5840, SIGKILL) = 0 [pid 5838] kill(5840, SIGKILL) = 0 [pid 5839] kill(-5842, SIGKILL) = 0 [pid 5839] kill(5842, SIGKILL) = 0 [pid 5841] kill(-5843, SIGKILL) = 0 [pid 5841] kill(5843, SIGKILL) = 0 [pid 5834] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5839] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5836] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5841] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5836] <... openat resumed>) = 3 [pid 5841] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5838] <... openat resumed>) = 3 [pid 5834] <... openat resumed>) = 3 [pid 5839] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5839] getdents64(3, 0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5839] getdents64(3, [pid 5841] newfstatat(3, "", [pid 5838] newfstatat(3, "", [pid 5836] newfstatat(3, "", [pid 5834] newfstatat(3, "", [pid 5841] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5836] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5836] getdents64(3, [pid 5834] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5841] getdents64(3, [pid 5836] <... getdents64 resumed>0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5841] <... getdents64 resumed>0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5836] getdents64(3, [pid 5841] getdents64(3, [pid 5836] <... getdents64 resumed>0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5841] <... getdents64 resumed>0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5836] close(3 [pid 5841] close(3 [pid 5836] <... close resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5839] <... getdents64 resumed>0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5834] getdents64(3, [pid 5838] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5834] <... getdents64 resumed>0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5839] close(3 [pid 5838] getdents64(3, [pid 5834] getdents64(3, [pid 5839] <... close resumed>) = 0 [pid 5838] <... getdents64 resumed>0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5834] <... getdents64 resumed>0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5838] getdents64(3, [pid 5834] close(3 [pid 5838] <... getdents64 resumed>0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5834] <... close resumed>) = 0 [pid 5838] close(3) = 0 [pid 5835] <... fallocate resumed>) = ? [pid 5835] +++ killed by SIGKILL +++ [pid 5834] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5835, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=9205 /* 92.05 s */} --- [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x5555596cb660, 24 [pid 5834] <... clone resumed>, child_tidptr=0x5555596cb650) = 5850 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 executing program [pid 5850] close(3) = 0 [pid 5850] write(1, "executing program\n", 18) = 18 [pid 5850] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5850] dup(3) = 4 [pid 5850] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 70368760963072 [pid 5834] kill(-5850, SIGKILL) = 0 [pid 5834] kill(5850, SIGKILL) = 0 [pid 5834] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5834] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5834] getdents64(3, 0x5555596cc6f0 /* 2 entries */, 32768) = 48 [pid 5834] getdents64(3, 0x5555596cc6f0 /* 0 entries */, 32768) = 0 [pid 5834] close(3) = 0 [ 286.563152][ T30] INFO: task syz-executor209:5840 blocked for more than 143 seconds. [ 286.573965][ T30] Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 286.581634][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.598862][ T30] task:syz-executor209 state:D stack:28368 pid:5840 tgid:5840 ppid:5838 flags:0x00004006 [ 286.616772][ T30] Call Trace: [ 286.621594][ T30] [ 286.625778][ T30] __schedule+0xe58/0x5ad0 [ 286.631763][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.638606][ T30] ? mark_lock+0xb5/0xc60 [ 286.643113][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.649243][ T30] ? __pfx___schedule+0x10/0x10 [ 286.655144][ T30] ? schedule+0x298/0x350 [ 286.660324][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.665454][ T30] ? lock_acquire+0x2f/0xb0 [ 286.669988][ T30] ? schedule+0x1fd/0x350 [ 286.674422][ T30] schedule+0xe7/0x350 [ 286.678539][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.684207][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.689969][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.696282][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.702134][ T30] ? lock_acquire+0x2f/0xb0 [ 286.707516][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.713457][ T30] down_write+0x1d8/0x200 [ 286.718640][ T30] ? __pfx_down_write+0x10/0x10 [ 286.724533][ T30] ? inode_security+0x101/0x130 [ 286.730215][ T30] blkdev_fallocate+0x1da/0x390 [ 286.736150][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.742450][ T30] vfs_fallocate+0x459/0xf90 [ 286.747180][ T30] __x64_sys_fallocate+0xd5/0x150 [ 286.752243][ T30] do_syscall_64+0xcd/0x250 [ 286.756892][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.762875][ T30] RIP: 0033:0x7f97527d9b29 [ 286.767369][ T30] RSP: 002b:00007fff0fcb82d8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.776817][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f97527d9b29 [ 286.785668][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.794618][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.803745][ T30] R10: 0000400001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.812649][ T30] R13: 00007fff0fcb84f8 R14: 00007fff0fcb8300 R15: 00007fff0fcb82f0 [ 286.821600][ T30] [ 286.825630][ T30] INFO: task syz-executor209:5842 blocked for more than 143 seconds. [ 286.835222][ T30] Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 286.842986][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.851677][ T30] task:syz-executor209 state:D stack:28368 pid:5842 tgid:5842 ppid:5839 flags:0x00004006 [ 286.882922][ T30] Call Trace: [ 286.888707][ T30] [ 286.892906][ T30] __schedule+0xe58/0x5ad0 [ 286.897365][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.903392][ T30] ? mark_lock+0xb5/0xc60 [ 286.909431][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.929720][ T30] ? __pfx___schedule+0x10/0x10 [ 286.938645][ T30] ? schedule+0x298/0x350 [ 286.944357][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.951053][ T30] ? lock_acquire+0x2f/0xb0 [ 286.957267][ T30] ? schedule+0x1fd/0x350 [ 286.963087][ T30] schedule+0xe7/0x350 [ 286.970818][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.977719][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 287.001704][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.009657][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.016408][ T30] ? lock_acquire+0x2f/0xb0 [ 287.022225][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.029350][ T30] down_write+0x1d8/0x200 [ 287.036667][ T30] ? __pfx_down_write+0x10/0x10 [ 287.043244][ T30] ? inode_security+0x101/0x130 [ 287.050394][ T30] blkdev_fallocate+0x1da/0x390 [ 287.057295][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 287.067279][ T30] vfs_fallocate+0x459/0xf90 [ 287.071932][ T30] __x64_sys_fallocate+0xd5/0x150 [ 287.086949][ T30] do_syscall_64+0xcd/0x250 [ 287.092835][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.098776][ T30] RIP: 0033:0x7f97527d9b29 [ 287.103295][ T30] RSP: 002b:00007fff0fcb82d8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.111909][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f97527d9b29 [ 287.120806][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.129692][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.138921][ T30] R10: 0000400001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.147840][ T30] R13: 00007fff0fcb84f8 R14: 00007fff0fcb8300 R15: 00007fff0fcb82f0 [ 287.156601][ T30] [ 287.160476][ T30] INFO: task syz-executor209:5843 blocked for more than 143 seconds. [ 287.193588][ T30] Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 287.201267][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.244172][ T30] task:syz-executor209 state:D stack:27760 pid:5843 tgid:5843 ppid:5841 flags:0x00004006 [ 287.268003][ T30] Call Trace: [ 287.271329][ T30] [ 287.274327][ T30] __schedule+0xe58/0x5ad0 [ 287.278767][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.284011][ T30] ? mark_lock+0xb5/0xc60 [ 287.288359][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.294266][ T30] ? __pfx___schedule+0x10/0x10 [ 287.299857][ T30] ? schedule+0x298/0x350 [ 287.304926][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.310664][ T30] ? lock_acquire+0x2f/0xb0 [ 287.315928][ T30] ? schedule+0x1fd/0x350 [ 287.320980][ T30] schedule+0xe7/0x350 [ 287.325802][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.331993][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 287.337789][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.344034][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.349086][ T30] ? lock_acquire+0x2f/0xb0 [ 287.353992][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.359847][ T30] down_write+0x1d8/0x200 [ 287.364940][ T30] ? __pfx_down_write+0x10/0x10 [ 287.370559][ T30] ? inode_security+0x101/0x130 [ 287.376209][ T30] blkdev_fallocate+0x1da/0x390 [ 287.381955][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 287.388154][ T30] vfs_fallocate+0x459/0xf90 [ 287.393712][ T30] __x64_sys_fallocate+0xd5/0x150 [ 287.399540][ T30] do_syscall_64+0xcd/0x250 [ 287.404109][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.410026][ T30] RIP: 0033:0x7f97527d9b29 [ 287.414569][ T30] RSP: 002b:00007fff0fcb82d8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.423041][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f97527d9b29 [ 287.431868][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.440666][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.449581][ T30] R10: 0000400001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.458397][ T30] R13: 00007fff0fcb84f8 R14: 00007fff0fcb8300 R15: 00007fff0fcb82f0 [ 287.467626][ T30] [ 287.471480][ T30] [ 287.471480][ T30] Showing all locks held in the system: [ 287.479960][ T30] 1 lock held by khungtaskd/30: [ 287.484890][ T30] #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 287.495986][ T30] 2 locks held by getty/5572: [ 287.500698][ T30] #0: ffff88814d65b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.510542][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 287.520865][ T30] 1 lock held by syz-executor209/5837: [ 287.526395][ T30] 1 lock held by syz-executor209/5840: [ 287.531952][ T30] #0: ffff888148d142c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.542665][ T30] 1 lock held by syz-executor209/5842: [ 287.548192][ T30] #0: ffff888148d142c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.558909][ T30] 1 lock held by syz-executor209/5843: [ 287.565087][ T30] #0: ffff888148d142c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.576886][ T30] 1 lock held by syz-executor209/5850: [ 287.582368][ T30] #0: ffff888148d142c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.593094][ T30] [ 287.595427][ T30] ============================================= [ 287.595427][ T30] [ 287.612427][ T30] NMI backtrace for cpu 0 [ 287.616823][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 287.627350][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.637438][ T30] Call Trace: [ 287.640738][ T30] [ 287.643692][ T30] dump_stack_lvl+0x116/0x1f0 [ 287.648405][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 287.653373][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.659382][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 287.665433][ T30] watchdog+0xf14/0x1240 [ 287.669727][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.674429][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.679670][ T30] ? __kthread_parkme+0x148/0x220 [ 287.684723][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.689427][ T30] kthread+0x2c1/0x3a0 [ 287.693524][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.698758][ T30] ? __pfx_kthread+0x10/0x10 [ 287.703382][ T30] ret_from_fork+0x45/0x80 [ 287.707816][ T30] ? __pfx_kthread+0x10/0x10 [ 287.712434][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.717244][ T30] [ 287.720536][ T30] Sending NMI from CPU 0 to CPUs 1: [ 287.725963][ C1] NMI backtrace for cpu 1 [ 287.725976][ C1] CPU: 1 UID: 0 PID: 5180 Comm: klogd Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 287.725999][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.726011][ C1] RIP: 0010:debug_check_no_obj_freed+0x215/0x600 [ 287.726040][ C1] Code: 27 03 00 00 48 89 c2 45 31 f6 4c 89 64 24 38 49 bd 22 01 00 00 00 00 ad de 48 c1 ea 03 4d 89 fc 80 3c 1a 00 0f 85 dc 00 00 00 <48> 8d 78 18 41 83 c6 01 4c 8b 38 48 89 fa 48 c1 ea 03 80 3c 1a 00 [ 287.726058][ C1] RSP: 0018:ffffc90000a18c70 EFLAGS: 00000046 [ 287.726075][ C1] RAX: ffff888043520a48 RBX: dffffc0000000000 RCX: ffffffff8177356d [ 287.726089][ C1] RDX: 1ffff110086a4149 RSI: 0000000000000004 RDI: ffffc90000a18be0 [ 287.726102][ C1] RBP: ffffc90000a18da8 R08: 0000000000000001 R09: fffff5200014317c [ 287.726122][ C1] R10: 0000000000000003 R11: 0000000000000002 R12: ffff8880679b5000 [ 287.726137][ C1] R13: dead000000000122 R14: 0000000000000000 R15: ffff8880679b5000 [ 287.726153][ C1] FS: 00007fd839d04500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 287.726174][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.726192][ C1] CR2: 000055c045530cc8 CR3: 000000007b2f8000 CR4: 00000000003526f0 [ 287.726206][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.726218][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.726230][ C1] Call Trace: [ 287.726236][ C1] [ 287.726243][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 287.726265][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.726286][ C1] ? nmi_handle+0x1ac/0x5d0 [ 287.726308][ C1] ? debug_check_no_obj_freed+0x215/0x600 [ 287.726332][ C1] ? default_do_nmi+0x6a/0x160 [ 287.726352][ C1] ? exc_nmi+0x170/0x1e0 [ 287.726370][ C1] ? end_repeat_nmi+0xf/0x53 [ 287.726402][ C1] ? do_raw_spin_lock+0x12d/0x2c0 [ 287.726429][ C1] ? debug_check_no_obj_freed+0x215/0x600 [ 287.726452][ C1] ? debug_check_no_obj_freed+0x215/0x600 [ 287.726476][ C1] ? debug_check_no_obj_freed+0x215/0x600 [ 287.726500][ C1] [ 287.726505][ C1] [ 287.726515][ C1] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 287.726545][ C1] ? page_ext_put+0x48/0xd0 [ 287.726570][ C1] free_unref_page+0x276/0x1080 [ 287.726600][ C1] ? rcu_core+0x79b/0x14d0 [ 287.726629][ C1] rcu_core+0x79d/0x14d0 [ 287.726657][ C1] ? __pfx_rcu_core+0x10/0x10 [ 287.726686][ C1] ? run_timer_base+0x121/0x190 [ 287.726708][ C1] ? __pfx_run_timer_base+0x10/0x10 [ 287.726731][ C1] handle_softirqs+0x213/0x8f0 [ 287.726759][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 287.726791][ C1] __irq_exit_rcu+0x109/0x170 [ 287.726818][ C1] irq_exit_rcu+0x9/0x30 [ 287.726849][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 287.726873][ C1] [ 287.726882][ C1] [ 287.726888][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 287.726918][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 [ 287.726944][ C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 56 71 4a f6 48 89 df e8 ae f0 4a f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 01 00 00 00 e8 95 d5 3b f6 65 8b 05 f6 90 d7 74 85 c0 74 16 5b [ 287.726962][ C1] RSP: 0018:ffffc9000428f668 EFLAGS: 00000246 [ 287.726977][ C1] RAX: 0000000000000006 RBX: ffffffff9a9e6930 RCX: 1ffffffff2dccabb [ 287.726990][ C1] RDX: 0000000000000000 RSI: ffffffff8b6cd9e0 RDI: ffffffff8bd1ede0 [ 287.727003][ C1] RBP: 0000000000000206 R08: 0000000000000001 R09: fffffbfff2dca39e [ 287.727015][ C1] R10: ffffffff96e51cf7 R11: 0000000000000001 R12: 0000000000000002 [ 287.727028][ C1] R13: ffffea0001bc6f10 R14: 1ffff92000851ed4 R15: ffffffff9a9e6928 [ 287.727047][ C1] debug_object_activate+0x2e6/0x4a0 [ 287.727071][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 287.727096][ C1] ? mark_held_locks+0x9f/0xe0 [ 287.727118][ C1] ? __pfx_rcu_free_slab+0x10/0x10 [ 287.727140][ C1] __call_rcu_common.constprop.0+0x2c/0x7a0 [ 287.727165][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 287.727190][ C1] __put_partials+0x14c/0x170 [ 287.727212][ C1] qlist_free_all+0x4e/0x120 [ 287.727234][ C1] kasan_quarantine_reduce+0x195/0x1e0 [ 287.727257][ C1] __kasan_slab_alloc+0x69/0x90 [ 287.727281][ C1] __kmalloc_node_track_caller_noprof+0x1d3/0x510 [ 287.727308][ C1] ? rcu_watching_snap_stopped_since+0x51/0x110 [ 287.727338][ C1] ? __alloc_skb+0x164/0x380 [ 287.727373][ C1] kmalloc_reserve+0xef/0x2c0 [ 287.727405][ C1] __alloc_skb+0x164/0x380 [ 287.727436][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 287.727465][ C1] ? hlock_class+0x4e/0x130 [ 287.727493][ C1] ? __lock_acquire+0x14e0/0x3c40 [ 287.727517][ C1] alloc_skb_with_frags+0xe4/0x850 [ 287.727546][ C1] sock_alloc_send_pskb+0x7f1/0x980 [ 287.727583][ C1] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 287.727622][ C1] ? __pfx_lock_release+0x10/0x10 [ 287.727647][ C1] ? do_raw_spin_lock+0x12d/0x2c0 [ 287.727675][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 287.727701][ C1] ? lock_acquire+0x2f/0xb0 [ 287.727730][ C1] ? unix_dgram_sendmsg+0x928/0x19e0 [ 287.727761][ C1] unix_dgram_sendmsg+0x4b8/0x19e0 [ 287.727796][ C1] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 287.727824][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 287.727851][ C1] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.727893][ C1] __sys_sendto+0x488/0x4f0 [ 287.727926][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 287.727961][ C1] ? rcu_is_watching+0x12/0xc0 [ 287.727993][ C1] ? xfd_validate_state+0x5d/0x180 [ 287.728013][ C1] ? rcu_is_watching+0x12/0xc0 [ 287.728042][ C1] __x64_sys_sendto+0xe0/0x1c0 [ 287.728071][ C1] ? do_syscall_64+0x91/0x250 [ 287.728098][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.728123][ C1] do_syscall_64+0xcd/0x250 [ 287.728150][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.728178][ C1] RIP: 0033:0x7fd839e669b5 [ 287.728193][ C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.728211][ C1] RSP: 002b:00007ffd20d6f508 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.728229][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd839e669b5 [ 287.728242][ C1] RDX: 0000000000000073 RSI: 0000564252633fa0 RDI: 0000000000000003 [ 287.728254][ C1] RBP: 000056425262e2c0 R08: 0000000000000000 R09: 0000000000000000 [ 287.728270][ C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.728287][ C1] R13: 00007fd839ff4212 R14: 00007ffd20d6f608 R15: 0000000000000000 [ 287.728305][ C1] [ 287.728313][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.350 msecs [ 288.374172][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 288.381039][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0 [ 288.391552][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 288.401706][ T30] Call Trace: [ 288.404997][ T30] [ 288.407936][ T30] dump_stack_lvl+0x3d/0x1f0 [ 288.412549][ T30] panic+0x71d/0x800 [ 288.416465][ T30] ? __pfx_panic+0x10/0x10 [ 288.420902][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.426303][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.432308][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.437716][ T30] ? watchdog+0xd7e/0x1240 [ 288.442185][ T30] ? watchdog+0xd71/0x1240 [ 288.446705][ T30] watchdog+0xd8f/0x1240 [ 288.450989][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.455694][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 288.460916][ T30] ? __kthread_parkme+0x148/0x220 [ 288.466005][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.470709][ T30] kthread+0x2c1/0x3a0 [ 288.474815][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.480130][ T30] ? __pfx_kthread+0x10/0x10 [ 288.484856][ T30] ret_from_fork+0x45/0x80 [ 288.489289][ T30] ? __pfx_kthread+0x10/0x10 [ 288.493923][ T30] ret_from_fork_asm+0x1a/0x30 [ 288.498731][ T30] [ 288.502007][ T30] Kernel Offset: disabled [ 288.506436][ T30] Rebooting in 86400 seconds..