./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor395646889 <...> Warning: Permanently added '10.128.10.0' (ED25519) to the list of known hosts. execve("./syz-executor395646889", ["./syz-executor395646889"], 0x7fffe927cc80 /* 10 vars */) = 0 brk(NULL) = 0x555556c8b000 brk(0x555556c8bd00) = 0x555556c8bd00 arch_prctl(ARCH_SET_FS, 0x555556c8b380) = 0 set_tid_address(0x555556c8b650) = 5066 set_robust_list(0x555556c8b660, 24) = 0 rseq(0x555556c8bca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor395646889", 4096) = 27 getrandom("\x86\x1c\xc1\xfc\x84\x32\x33\xd6", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556c8bd00 brk(0x555556cacd00) = 0x555556cacd00 brk(0x555556cad000) = 0x555556cad000 mprotect(0x7f3abfff3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached , child_tidptr=0x555556c8b650) = 5067 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] set_robust_list(0x555556c8b660, 24) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached [pid 5066] <... clone resumed>, child_tidptr=0x555556c8b650) = 5068 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] set_robust_list(0x555556c8b660, 24./strace-static-x86_64: Process 5069 attached ) = 0 [pid 5069] set_robust_list(0x555556c8b660, 24 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] <... clone resumed>, child_tidptr=0x555556c8b650) = 5069 [pid 5069] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5070 attached [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... clone resumed>, child_tidptr=0x555556c8b650) = 5070 [pid 5070] set_robust_list(0x555556c8b660, 24 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5071 attached [pid 5071] set_robust_list(0x555556c8b660, 24 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] setpgid(0, 0 [pid 5068] <... clone resumed>, child_tidptr=0x555556c8b650) = 5071 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... setpgid resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5073 attached ./strace-static-x86_64: Process 5072 attached [pid 5071] <... prctl resumed>) = 0 [pid 5066] <... clone resumed>, child_tidptr=0x555556c8b650) = 5072 [pid 5072] set_robust_list(0x555556c8b660, 24 [pid 5069] <... openat resumed>) = 3 [pid 5073] set_robust_list(0x555556c8b660, 24 [pid 5072] <... set_robust_list resumed>) = 0 [pid 5071] setpgid(0, 0 [pid 5070] <... clone resumed>, child_tidptr=0x555556c8b650) = 5073 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5074 attached [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... setpgid resumed>) = 0 [pid 5069] write(3, "1000", 4 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... write resumed>) = 4 [pid 5069] close(3./strace-static-x86_64: Process 5075 attached [pid 5073] <... prctl resumed>) = 0 [pid 5075] set_robust_list(0x555556c8b660, 24 [pid 5073] setpgid(0, 0 [pid 5071] <... openat resumed>) = 3 [pid 5066] <... clone resumed>, child_tidptr=0x555556c8b650) = 5074 [pid 5075] <... set_robust_list resumed>) = 0 [pid 5074] set_robust_list(0x555556c8b660, 24 [pid 5073] <... setpgid resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... set_robust_list resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... clone resumed>, child_tidptr=0x555556c8b650) = 5075 [pid 5071] write(3, "1000", 4 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5075] <... prctl resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5075] setpgid(0, 0) = 0 [pid 5071] <... write resumed>) = 4 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4 [pid 5071] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5073] <... write resumed>) = 4 [pid 5075] write(3, "1000", 4 [pid 5073] close(3 [pid 5075] <... write resumed>) = 4 [pid 5073] <... close resumed>) = 0 [pid 5075] close(3 [pid 5073] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5071] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5071] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5069] dup(3./strace-static-x86_64: Process 5077 attached ./strace-static-x86_64: Process 5076 attached [pid 5075] <... openat resumed>) = 3 [pid 5073] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5069] <... dup resumed>) = 4 [pid 5066] <... clone resumed>, child_tidptr=0x555556c8b650) = 5077 [pid 5077] set_robust_list(0x555556c8b660, 24 [pid 5076] set_robust_list(0x555556c8b660, 24 [pid 5075] dup(3 [pid 5074] <... clone resumed>, child_tidptr=0x555556c8b650) = 5076 [pid 5073] dup(3 [pid 5071] dup(3 [pid 5069] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5077] <... set_robust_list resumed>) = 0 [pid 5076] <... set_robust_list resumed>) = 0 [pid 5075] <... dup resumed>) = 4 [pid 5073] <... dup resumed>) = 4 [pid 5071] <... dup resumed>) = 4 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5073] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5071] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5076] <... prctl resumed>) = 0 [pid 5076] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5078 attached [pid 5077] <... clone resumed>, child_tidptr=0x555556c8b650) = 5078 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] set_robust_list(0x555556c8b660, 24 [pid 5076] <... openat resumed>) = 3 [pid 5078] <... set_robust_list resumed>) = 0 [pid 5076] write(3, "1000", 4) = 4 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] close(3) = 0 [pid 5076] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5078] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5078] setpgid(0, 0 [pid 5076] dup(3 [pid 5078] <... setpgid resumed>) = 0 [pid 5076] <... dup resumed>) = 4 [pid 5076] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1000", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5078] dup(3) = 4 [pid 5078] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5067] kill(-5069, SIGKILL) = 0 [pid 5067] kill(5069, SIGKILL) = 0 [pid 5068] kill(-5071, SIGKILL) = 0 [pid 5068] kill(5071, SIGKILL) = 0 [pid 5070] kill(-5073, SIGKILL) = 0 [pid 5070] kill(5073, SIGKILL) = 0 [pid 5072] kill(-5075, SIGKILL) = 0 [pid 5072] kill(5075, SIGKILL) = 0 [pid 5077] kill(-5078, SIGKILL [pid 5074] kill(-5076, SIGKILL [pid 5077] <... kill resumed>) = 0 [pid 5074] <... kill resumed>) = 0 [pid 5077] kill(5078, SIGKILL [pid 5074] kill(5076, SIGKILL [pid 5077] <... kill resumed>) = 0 [pid 5074] <... kill resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5067] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] getdents64(3, [pid 5070] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5067] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5067] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(3 [pid 5070] newfstatat(3, "", [pid 5067] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, [pid 5067] <... getdents64 resumed>0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5070] <... getdents64 resumed>0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(3, [pid 5070] getdents64(3, [pid 5067] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3 [pid 5070] close(3) = 0 [pid 5067] <... close resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5074] newfstatat(3, "", [pid 5068] newfstatat(3, "", [pid 5074] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5074] getdents64(3, [pid 5068] getdents64(3, [pid 5074] <... getdents64 resumed>0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5072] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5074] getdents64(3, [pid 5072] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5072] newfstatat(3, "", [pid 5068] getdents64(3, [pid 5074] close(3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5074] <... close resumed>) = 0 [pid 5072] getdents64(3, 0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5068] close(3 [pid 5072] getdents64(3, [pid 5068] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [ 87.006755][ T1783] cfg80211: failed to load regulatory.db [pid 5069] <... fallocate resumed>) = ? [pid 5069] +++ killed by SIGKILL +++ [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5069, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=7449 /* 74.49 s */} --- [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5097 attached , child_tidptr=0x555556c8b650) = 5097 [pid 5097] set_robust_list(0x555556c8b660, 24) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5097] dup(3) = 4 [pid 5097] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5067] kill(-5097, SIGKILL) = 0 [pid 5067] kill(5097, SIGKILL) = 0 [pid 5067] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5067] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5067] getdents64(3, 0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5067] getdents64(3, 0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5067] close(3) = 0 [pid 5071] <... fallocate resumed>) = ? [pid 5071] +++ killed by SIGKILL +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5071, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=7412 /* 74.12 s */} --- [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached [pid 5104] set_robust_list(0x555556c8b660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x555556c8b650) = 5104 [pid 5104] <... set_robust_list resumed>) = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5104] dup(3) = 4 [pid 5104] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 9007199271526400 [pid 5068] kill(-5104, SIGKILL) = 0 [pid 5068] kill(5104, SIGKILL) = 0 [pid 5068] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, 0x555556c8c6f0 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(3, 0x555556c8c6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [ 286.669712][ T29] INFO: task syz-executor395:5073 blocked for more than 143 seconds. [ 286.678450][ T29] Not tainted 6.7.0-rc7-syzkaller #0 [ 286.689248][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.710882][ T29] task:syz-executor395 state:D stack:28208 pid:5073 tgid:5073 ppid:5070 flags:0x00004006 [ 286.721940][ T29] Call Trace: [ 286.725684][ T29] [ 286.728975][ T29] __schedule+0xedb/0x5af0 [ 286.734975][ T29] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 286.743868][ T29] ? hlock_class+0x4e/0x130 [ 286.755193][ T29] ? mark_lock+0xb5/0xc50 [ 286.764379][ T29] ? io_schedule_timeout+0x150/0x150 [ 286.771615][ T29] ? schedule+0x1fc/0x270 [ 286.777036][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.783836][ T29] ? __down_write_common+0x899/0x1400 [ 286.790763][ T29] schedule+0xe9/0x270 [ 286.796309][ T29] schedule_preempt_disabled+0x13/0x20 [ 286.804609][ T29] __down_write_common+0x948/0x1400 [ 286.811326][ T29] ? aa_file_perm+0x4f2/0x1000 [ 286.827321][ T29] ? up_write+0x510/0x510 [ 286.831795][ T29] ? lock_sync+0x190/0x190 [ 286.836346][ T29] ? preempt_count_sub+0x160/0x160 [ 286.841568][ T29] ? ptrace_notify+0xf4/0x130 [ 286.846312][ T29] blkdev_fallocate+0x1e9/0x450 [ 286.862918][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 286.867992][ T29] vfs_fallocate+0x46c/0xe50 [ 286.873973][ T29] __x64_sys_fallocate+0xd5/0x140 [ 286.880367][ T29] do_syscall_64+0x40/0x110 [ 286.886223][ T29] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 286.893506][ T29] RIP: 0033:0x7f3abff80b29 [ 286.899263][ T29] RSP: 002b:00007ffd5407dd08 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.909088][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3abff80b29 [ 286.918262][ T29] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.927765][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.939966][ T29] R10: 0020000001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.947974][ T29] R13: 00007ffd5407df28 R14: 00007ffd5407dd30 R15: 00007ffd5407dd20 [ 286.957622][ T29] [ 286.961978][ T29] INFO: task syz-executor395:5076 blocked for more than 143 seconds. [ 286.972760][ T29] Not tainted 6.7.0-rc7-syzkaller #0 [ 286.979928][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.989558][ T29] task:syz-executor395 state:D stack:28208 pid:5076 tgid:5076 ppid:5074 flags:0x00004006 [ 286.999859][ T29] Call Trace: [ 287.003511][ T29] [ 287.006837][ T29] __schedule+0xedb/0x5af0 [ 287.011741][ T29] ? lockdep_hardirqs_on+0x7d/0x110 [ 287.017415][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.023253][ T29] ? schedule+0x1fc/0x270 [ 287.030126][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.035954][ T29] ? __down_write_common+0x899/0x1400 [ 287.041871][ T29] schedule+0xe9/0x270 [ 287.045988][ T29] schedule_preempt_disabled+0x13/0x20 [ 287.051573][ T29] __down_write_common+0x948/0x1400 [ 287.056818][ T29] ? aa_file_perm+0x4f2/0x1000 [ 287.061744][ T29] ? up_write+0x510/0x510 [ 287.066117][ T29] ? lock_sync+0x190/0x190 [ 287.071029][ T29] ? preempt_count_sub+0x160/0x160 [ 287.076596][ T29] ? ptrace_notify+0xf4/0x130 [ 287.081819][ T29] blkdev_fallocate+0x1e9/0x450 [ 287.087104][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 287.092625][ T29] vfs_fallocate+0x46c/0xe50 [ 287.097269][ T29] __x64_sys_fallocate+0xd5/0x140 [ 287.102928][ T29] do_syscall_64+0x40/0x110 [ 287.107479][ T29] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 287.113865][ T29] RIP: 0033:0x7f3abff80b29 [ 287.118308][ T29] RSP: 002b:00007ffd5407dd08 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.127278][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3abff80b29 [ 287.135353][ T29] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.143450][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.151602][ T29] R10: 0020000001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.159710][ T29] R13: 00007ffd5407df28 R14: 00007ffd5407dd30 R15: 00007ffd5407dd20 [ 287.168157][ T29] [ 287.171749][ T29] INFO: task syz-executor395:5078 blocked for more than 143 seconds. [ 287.180274][ T29] Not tainted 6.7.0-rc7-syzkaller #0 [ 287.186520][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.195871][ T29] task:syz-executor395 state:D stack:27920 pid:5078 tgid:5078 ppid:5077 flags:0x00004006 [ 287.206513][ T29] Call Trace: [ 287.209925][ T29] [ 287.213313][ T29] __schedule+0xedb/0x5af0 [ 287.218197][ T29] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 287.224302][ T29] ? hlock_class+0x4e/0x130 [ 287.228842][ T29] ? mark_lock+0xb5/0xc50 [ 287.233298][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.238653][ T29] ? schedule+0x1fc/0x270 [ 287.243061][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.248895][ T29] ? __down_write_common+0x899/0x1400 [ 287.254794][ T29] schedule+0xe9/0x270 [ 287.259256][ T29] schedule_preempt_disabled+0x13/0x20 [ 287.265179][ T29] __down_write_common+0x948/0x1400 [ 287.270783][ T29] ? aa_file_perm+0x4f2/0x1000 [ 287.275956][ T29] ? up_write+0x510/0x510 [ 287.280761][ T29] ? lock_sync+0x190/0x190 [ 287.285557][ T29] ? preempt_count_sub+0x160/0x160 [ 287.290767][ T29] ? ptrace_notify+0xf4/0x130 [ 287.295482][ T29] blkdev_fallocate+0x1e9/0x450 [ 287.300827][ T29] ? file_to_blk_mode+0x1a0/0x1a0 [ 287.305873][ T29] vfs_fallocate+0x46c/0xe50 [ 287.310940][ T29] __x64_sys_fallocate+0xd5/0x140 [ 287.316358][ T29] do_syscall_64+0x40/0x110 [ 287.321315][ T29] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 287.327610][ T29] RIP: 0033:0x7f3abff80b29 [ 287.332528][ T29] RSP: 002b:00007ffd5407dd08 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.341327][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3abff80b29 [ 287.349794][ T29] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.357792][ T29] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.365816][ T29] R10: 0020000001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.373880][ T29] R13: 00007ffd5407df28 R14: 00007ffd5407dd30 R15: 00007ffd5407dd20 [ 287.382322][ T29] [ 287.385745][ T29] [ 287.385745][ T29] Showing all locks held in the system: [ 287.393965][ T29] 1 lock held by khungtaskd/29: [ 287.399187][ T29] #0: ffffffff8cfab760 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 287.409822][ T29] 2 locks held by getty/4825: [ 287.414512][ T29] #0: ffff888029ff20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.424972][ T29] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc6/0x1490 [ 287.435455][ T29] 1 lock held by syz-executor395/5073: [ 287.441453][ T29] #0: ffff88801b6759c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450 [ 287.452701][ T29] 1 lock held by syz-executor395/5075: [ 287.458534][ T29] 1 lock held by syz-executor395/5076: [ 287.464592][ T29] #0: ffff88801b6759c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450 [ 287.475829][ T29] 1 lock held by syz-executor395/5078: [ 287.481521][ T29] #0: ffff88801b6759c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450 [ 287.492492][ T29] 1 lock held by syz-executor395/5097: [ 287.497965][ T29] #0: ffff88801b6759c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450 [ 287.509256][ T29] 1 lock held by syz-executor395/5104: [ 287.515304][ T29] #0: ffff88801b6759c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x1e9/0x450 [ 287.526359][ T29] [ 287.528715][ T29] ============================================= [ 287.528715][ T29] [ 287.537971][ T29] NMI backtrace for cpu 1 [ 287.542309][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc7-syzkaller #0 [ 287.550358][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.560397][ T29] Call Trace: [ 287.563659][ T29] [ 287.566573][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.571198][ T29] nmi_cpu_backtrace+0x277/0x390 [ 287.576131][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.581332][ T29] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 287.587322][ T29] watchdog+0xf87/0x1210 [ 287.591580][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.597550][ T29] ? lockdep_hardirqs_on+0x7d/0x110 [ 287.602735][ T29] ? __kthread_parkme+0x14b/0x220 [ 287.607750][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.613721][ T29] kthread+0x2c6/0x3a0 [ 287.617777][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.623005][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.628627][ T29] ret_from_fork+0x45/0x80 [ 287.633070][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.638695][ T29] ret_from_fork_asm+0x11/0x20 [ 287.643475][ T29] [ 287.646931][ T29] Sending NMI from CPU 1 to CPUs 0: [ 287.652201][ C0] NMI backtrace for cpu 0 [ 287.652211][ C0] CPU: 0 PID: 987 Comm: kworker/u4:5 Not tainted 6.7.0-rc7-syzkaller #0 [ 287.652233][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.652245][ C0] Workqueue: events_unbound toggle_allocation_gate [ 287.652295][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 287.652324][ C0] Code: 36 5f da 02 66 0f 1f 44 00 00 f3 0f 1e fa 48 8b be b0 01 00 00 e8 b0 ff ff ff 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1e fa 65 48 8b 14 25 c0 bc 03 00 65 8b 05 e4 4a 7c 7e a9 00 [ 287.652343][ C0] RSP: 0018:ffffc9000468fa90 EFLAGS: 00000246 [ 287.652358][ C0] RAX: 0000000000000000 RBX: ffffffff90b3235a RCX: ffffffff812fd54d [ 287.652372][ C0] RDX: ffff88801e139dc0 RSI: 0000000000000005 RDI: 0000000000000004 [ 287.652386][ C0] RBP: 0000000000000005 R08: 0000000000000004 R09: 0000000000000005 [ 287.652398][ C0] R10: 0000000000000005 R11: 0000000000000006 R12: 00000000000000e9 [ 287.652410][ C0] R13: 0000000000000005 R14: dffffc0000000000 R15: 0000000000000005 [ 287.652423][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 287.652443][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.652458][ C0] CR2: 00007f3abffc901d CR3: 000000000cd77000 CR4: 00000000003506f0 [ 287.652471][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.652483][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.652496][ C0] Call Trace: [ 287.652502][ C0] [ 287.652509][ C0] ? show_regs+0x8f/0xa0 [ 287.652534][ C0] ? nmi_cpu_backtrace+0x1d4/0x390 [ 287.652562][ C0] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 287.652592][ C0] ? nmi_handle+0x1a6/0x570 [ 287.652623][ C0] ? kcov_close+0x20/0x20 [ 287.652646][ C0] ? default_do_nmi+0x6a/0x160 [ 287.652676][ C0] ? exc_nmi+0x186/0x200 [ 287.652704][ C0] ? end_repeat_nmi+0xf/0x2a [ 287.652729][ C0] ? text_poke_bp_batch+0x4ad/0x750 [ 287.652753][ C0] ? kcov_close+0x20/0x20 [ 287.652777][ C0] ? kcov_close+0x20/0x20 [ 287.652801][ C0] ? kcov_close+0x20/0x20 [ 287.652825][ C0] [ 287.652830][ C0] [ 287.652835][ C0] text_poke_bp_batch+0x530/0x750 [ 287.652860][ C0] ? __kmem_cache_alloc_node+0xc4/0x310 [ 287.652890][ C0] ? alternatives_enable_smp+0x400/0x400 [ 287.652913][ C0] ? __jump_label_patch+0x1db/0x400 [ 287.652941][ C0] ? text_poke_queue+0xef/0x180 [ 287.652966][ C0] ? arch_jump_label_transform_queue+0xc0/0x110 [ 287.653001][ C0] text_poke_finish+0x30/0x40 [ 287.653024][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 287.653055][ C0] jump_label_update+0x1d7/0x400 [ 287.653089][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 287.653118][ C0] static_key_enable+0x1a/0x20 [ 287.653143][ C0] toggle_allocation_gate+0xf4/0x250 [ 287.653168][ C0] ? wake_up_kfence_timer+0x30/0x30 [ 287.653198][ C0] process_one_work+0x886/0x15d0 [ 287.653230][ C0] ? lock_sync+0x190/0x190 [ 287.653260][ C0] ? workqueue_congested+0x300/0x300 [ 287.653292][ C0] ? assign_work+0x1a0/0x250 [ 287.653320][ C0] worker_thread+0x8b9/0x1290 [ 287.653352][ C0] ? __kthread_parkme+0x14b/0x220 [ 287.653376][ C0] ? process_one_work+0x15d0/0x15d0 [ 287.653403][ C0] kthread+0x2c6/0x3a0 [ 287.653427][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.653450][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 287.653477][ C0] ret_from_fork+0x45/0x80 [ 287.653501][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 287.653527][ C0] ret_from_fork_asm+0x11/0x20 [ 287.653562][ C0] [ 287.653570][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.369 msecs [ 288.005791][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 288.012656][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc7-syzkaller #0 [ 288.020746][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 288.030819][ T29] Call Trace: [ 288.034105][ T29] [ 288.037038][ T29] dump_stack_lvl+0xd9/0x1b0 [ 288.041649][ T29] panic+0x6dc/0x790 [ 288.045585][ T29] ? panic_smp_self_stop+0xa0/0xa0 [ 288.050721][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 288.056121][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 288.061339][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 288.066731][ T29] ? watchdog+0xd3e/0x1210 [ 288.071159][ T29] ? watchdog+0xd31/0x1210 [ 288.075593][ T29] watchdog+0xd4f/0x1210 [ 288.079856][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 288.085847][ T29] ? lockdep_hardirqs_on+0x7d/0x110 [ 288.091062][ T29] ? __kthread_parkme+0x14b/0x220 [ 288.096104][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 288.102096][ T29] kthread+0x2c6/0x3a0 [ 288.106169][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.111375][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 288.117017][ T29] ret_from_fork+0x45/0x80 [ 288.121445][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 288.127091][ T29] ret_from_fork_asm+0x11/0x20 [ 288.131879][ T29] [ 288.135079][ T29] Kernel Offset: disabled [ 288.139392][ T29] Rebooting in 86400 seconds..