./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3022085049 <...> Warning: Permanently added '10.128.0.250' (ED25519) to the list of known hosts. execve("./syz-executor3022085049", ["./syz-executor3022085049"], 0x7ffc87032140 /* 10 vars */) = 0 brk(NULL) = 0x55556daaa000 brk(0x55556daaad40) = 0x55556daaad40 arch_prctl(ARCH_SET_FS, 0x55556daaa3c0) = 0 set_tid_address(0x55556daaa690) = 5233 set_robust_list(0x55556daaa6a0, 24) = 0 rseq(0x55556daaace0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3022085049", 4096) = 28 getrandom("\x6e\x35\x22\xe1\x56\xc8\xea\xa6", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556daaad40 brk(0x55556dacbd40) = 0x55556dacbd40 brk(0x55556dacc000) = 0x55556dacc000 mprotect(0x7f597c1a7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5234 attached , child_tidptr=0x55556daaa690) = 5234 [pid 5234] set_robust_list(0x55556daaa6a0, 24 [pid 5233] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC [pid 5234] <... set_robust_list resumed>) = 0 [pid 5233] <... openat resumed>) = 3 [pid 5233] write(3, "10000000000", 11) = 11 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "20", 2) = 2 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "0", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "0", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "100", 3) = 3 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "0", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "0", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "7 4 1 3", 7) = 7 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "0", 1) = 1 [pid 5233] close(3) = 0 [pid 5233] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "5234", 4) = 4 [pid 5233] close(3) = 0 [pid 5233] kill(5234, SIGKILL) = 0 [pid 5234] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5234, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- mkdir("/syzcgroup", 0777) = 0 mkdir("/syzcgroup/unified", 0777) = 0 mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0 chmod("/syzcgroup/unified", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3 write(3, "+cpu", 4) = 4 write(3, "+io", 3) = 3 write(3, "+pids", 5) = 5 close(3) = 0 mkdir("/syzcgroup/net", 0777) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0 umount2("/syzcgroup/net", 0) = 0 [ 79.717630][ T5233] cgroup: Unknown subsys name 'net' mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = 0 chmod("/syzcgroup/net", 0777) = 0 mkdir("/syzcgroup/cpu", 0777) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) [ 79.863000][ T5233] cgroup: Unknown subsys name 'rlimit' mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,hugetlb,memory") = 0 chmod("/syzcgroup/cpu", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 mkdir("./syzkaller.wlrQvj", 0700) = 0 chmod("./syzkaller.wlrQvj", 0777) = 0 chdir("./syzkaller.wlrQvj") = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5235 attached , child_tidptr=0x55556daaa690) = 5235 [pid 5235] set_robust_list(0x55556daaa6a0, 24) = 0 [pid 5235] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5235] setsid() = 1 [pid 5235] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5235] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5235] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5235] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5235] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5235] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5235] unshare(CLONE_NEWNS) = 0 [pid 5235] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5235] unshare(CLONE_NEWIPC) = 0 [pid 5235] unshare(CLONE_NEWCGROUP) = 0 [pid 5235] unshare(CLONE_NEWUTS) = 0 [pid 5235] unshare(CLONE_SYSVSEM) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "16777216", 8) = 8 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "536870912", 9) = 9 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1024", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "8192", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1024", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1024", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5235] close(3) = 0 [pid 5235] getpid() = 1 [pid 5235] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5246] set_robust_list(0x55556daaa6a0, 24 [pid 5235] <... clone resumed>, child_tidptr=0x55556daaa690) = 2 [pid 5246] <... set_robust_list resumed>) = 0 [pid 5246] chdir("./0") = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5246] setpgid(0, 0) = 0 [pid 5246] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5246] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5246] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5246] write(3, "1000", 4) = 4 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5246] write(1, "executing program\n", 18) = 18 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5246] rt_sigaction(SIGRT_1, {sa_handler=0x7f597c14c170, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f597c13d320}, NULL, 8) = 0 [pid 5246] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5246] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f597c0b3000 [pid 5246] mprotect(0x7f597c0b4000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5246] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5246] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f597c0d3990, parent_tid=0x7f597c0d3990, exit_signal=0, stack=0x7f597c0b3000, stack_size=0x20300, tls=0x7f597c0d36c0}./strace-static-x86_64: Process 5247 attached => {parent_tid=[3]}, 88) = 3 [pid 5246] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5247] rseq(0x7f597c0d3fe0, 0x20, 0, 0x53053053) = 0 [pid 5247] set_robust_list(0x7f597c0d39a0, 24) = 0 [pid 5247] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5247] memfd_create("syzkaller", 0) = 3 [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5973c00000 [pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 5247] munmap(0x7f5973c00000, 138412032) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5247] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5247] close(3) = 0 [pid 5247] close(4) = 0 [pid 5247] mkdir("./file0", 0777) = 0 [ 86.914261][ T5247] loop0: detected capacity change from 0 to 2048 [pid 5247] mount("/dev/loop0", "./file0", "nilfs2", 0, "") = 0 [pid 5247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5247] chdir("./file0") = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5246] <... futex resumed>) = 0 [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5247] openat(AT_FDCWD, "blkio.bfq.io_queued_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5246] <... futex resumed>) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5247] <... openat resumed>) = 4 [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5246] <... futex resumed>) = 0 [pid 5247] <... futex resumed>) = 1 [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 4, 0) = 0x20000000 [pid 5246] <... futex resumed>) = 0 [ 86.966481][ T5248] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5246] <... futex resumed>) = 0 [pid 5247] ftruncate(4, 49530) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5246] <... futex resumed>) = 0 [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5246] <... futex resumed>) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5247] openat(AT_FDCWD, 0x20000040, O_RDONLY) = 5 [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5246] <... futex resumed>) = 0 [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5247] ioctl(5, IMADDTIMER, 0x20001b00 [pid 5246] <... futex resumed>) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5247] <... ioctl resumed>) = 0 [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5246] <... futex resumed>) = 0 [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5246] <... futex resumed>) = 0 [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5247] mkdir(0x20000100, 0777) = -1 EEXIST (File exists) [ 87.066924][ T5248] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 87.077951][ T5248] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 87.089166][ T5248] Remounting filesystem read-only [ 87.094984][ T1122] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 87.102365][ T1122] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 87.109642][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.119134][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.128177][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.137168][ T1122] NILFS (loop0): discard dirty page: offset=28672, ino=18 [ 87.144335][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.151582][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.159036][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.166315][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.174086][ T1122] NILFS (loop0): discard dirty page: offset=32768, ino=18 [ 87.181208][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.188724][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.195982][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.203218][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.210516][ T1122] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 87.217407][ T1122] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 87.224822][ T1122] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 87.233209][ T1122] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 87.240623][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.249907][ T1122] NILFS (loop0): discard dirty page: offset=65536, ino=3 [ 87.257360][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.266283][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.275230][ T1122] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 87.282490][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.291412][ T1122] NILFS (loop0): discard dirty page: offset=196608, ino=3 [ 87.298533][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.307454][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [pid 5247] mount(NULL, 0x20000100, 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "") = 0 [pid 5247] openat(AT_FDCWD, 0x20000100, O_RDONLY|O_DIRECTORY) = 6 [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5246] <... futex resumed>) = 0 [pid 5247] <... futex resumed>) = 1 [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 87.316354][ T1122] NILFS (loop0): discard dirty block: blocknr=49, size=1024 [ 87.323680][ T1122] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 87.332954][ T5247] NILFS (loop0): mounting fs with errors [ 87.355346][ T5247] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 87.365655][ T5247] Remounting filesystem read-only [ 87.370744][ T5247] NILFS (loop0): error -5 reading inode: ino=18 [ 87.377706][ T5247] NILFS (loop0): cannot mark inode dirty (ino=18): error -5 loading inode block [ 87.388562][ T5247] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 87.398626][ T5247] NILFS (loop0): error -5 reading inode: ino=18 [ 87.404944][ T5247] NILFS (loop0): cannot mark inode dirty (ino=18): error -5 loading inode block [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5246] futex(0x7f597c1b34fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5246] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f597c092000 [pid 5246] mprotect(0x7f597c093000, 131072, PROT_READ|PROT_WRITE) = 0 [ 87.414732][ T5247] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 87.424519][ T5247] NILFS (loop0): error -5 reading inode: ino=18 [ 87.431543][ T5247] NILFS (loop0): cannot mark inode dirty (ino=18): error -5 loading inode block [ 87.440764][ T5247] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 87.450554][ T5247] NILFS (loop0): error -5 reading inode: ino=18 [ 87.456844][ T5247] NILFS (loop0): cannot mark inode dirty (ino=18): error -5 loading inode block [pid 5246] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5246] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f597c0b2990, parent_tid=0x7f597c0b2990, exit_signal=0, stack=0x7f597c092000, stack_size=0x20300, tls=0x7f597c0b26c0} => {parent_tid=[4]}, 88) = 4 [pid 5246] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5246] futex(0x7f597c1b34f8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5249 attached [pid 5247] openat(AT_FDCWD, 0x20003bc0, O_RDONLY [pid 5246] <... futex resumed>) = 0 [pid 5249] rseq(0x7f597c0b2fe0, 0x20, 0, 0x53053053 [pid 5247] <... openat resumed>) = 7 [pid 5246] futex(0x7f597c1b34fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5249] <... rseq resumed>) = 0 [pid 5247] futex(0x7f597c1b34ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5249] set_robust_list(0x7f597c0b29a0, 24 [pid 5247] <... futex resumed>) = 0 [pid 5249] <... set_robust_list resumed>) = 0 [pid 5249] rt_sigprocmask(SIG_SETMASK, [], [pid 5247] futex(0x7f597c1b34e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] epoll_create(1) = 8 [pid 5249] futex(0x7f597c1b34fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5246] <... futex resumed>) = 0 [pid 5249] futex(0x7f597c1b34f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] futex(0x7f597c1b34e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5247] <... futex resumed>) = 0 [pid 5246] <... futex resumed>) = 1 [pid 5247] epoll_pwait(8, [ 87.466512][ T5247] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 87.476235][ T5247] NILFS (loop0): error -5 reading inode: ino=18 [ 87.482583][ T5247] NILFS (loop0): cannot mark inode dirty (ino=18): error -5 loading inode block [pid 5246] futex(0x7f597c1b34ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5246] futex(0x7f597c1b34f8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5249] <... futex resumed>) = 0 [pid 5246] futex(0x7f597c1b34fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5249] epoll_ctl(8, EPOLL_CTL_ADD, 7, 0x200000c0) = 0 [pid 5249] futex(0x7f597c1b34fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5246] <... futex resumed>) = 0 [pid 5249] <... futex resumed>) = 1 [pid 5249] futex(0x7f597c1b34f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] close(3) = 0 [pid 5246] close(4) = 0 [pid 5246] close(5) = 0 [pid 5246] close(6) = 0 [ 91.426342][ T25] cfg80211: failed to load regulatory.db [pid 5246] close(7 [pid 5235] kill(-2, SIGKILL [pid 5249] <... futex resumed>) = ? [pid 5249] +++ killed by SIGKILL +++ [pid 5235] <... kill resumed>) = 0 [pid 5235] kill(2, SIGKILL) = 0 [ 92.371731][ T1067] NILFS (loop0): discard dirty page: offset=0, ino=5 [ 92.381349][ T1067] NILFS (loop0): discard dirty block: blocknr=41, size=1024 [ 92.388658][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.398843][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.408207][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.419169][ T1067] NILFS (loop0): discard dirty page: offset=0, ino=4 [ 92.426746][ T1067] NILFS (loop0): discard dirty block: blocknr=40, size=1024 [ 92.436566][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.445947][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.457596][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.469033][ T1067] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 92.477630][ T1067] NILFS (loop0): discard dirty block: blocknr=35, size=1024 [ 92.485420][ T1067] NILFS (loop0): discard dirty block: blocknr=36, size=1024 [ 92.494323][ T1067] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 92.502096][ T1067] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 92.509903][ T1067] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 92.518191][ T1067] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 92.526006][ T1067] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 92.534912][ T1067] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 92.542693][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.553187][ T1067] NILFS (loop0): discard dirty page: offset=0, ino=18 [ 92.560429][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.568121][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.577113][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.586259][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.594802][ T1067] NILFS (loop0): discard dirty page: offset=12288, ino=18 [ 92.603544][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.611192][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.619024][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.628263][ T1067] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 92.636120][ T1067] NILFS (loop0): discard dirty page: offset=65536, ino=3 [ 92.645224][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.654870][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 92.665360][ T1067] NILFS (loop0): discard dirty block: blocknr=9223372036854775808, size=1024 [ 92.674933][ T1067] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [pid 5235] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5235] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5235] getdents64(3, 0x55556daab730 /* 2 entries */, 32768) = 48 [pid 5235] getdents64(3, 0x55556daab730 /* 0 entries */, 32768) = 0 [pid 5235] close(3) = 0 [ 243.091447][ T30] INFO: task syz-executor302:5246 blocked for more than 143 seconds. [ 243.099949][ T30] Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 243.111187][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.119947][ T30] task:syz-executor302 state:D stack:25880 pid:5246 tgid:5246 ppid:5235 flags:0x00004006 [ 243.132968][ T30] Call Trace: [ 243.136276][ T30] [ 243.139399][ T30] __schedule+0x1800/0x4a60 [ 243.144728][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.150407][ T30] ? __pfx___schedule+0x10/0x10 [ 243.156700][ T30] ? __pfx_lock_release+0x10/0x10 [ 243.161995][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 243.167506][ T30] ? schedule+0x90/0x320 [ 243.174373][ T30] schedule+0x14b/0x320 [ 243.178574][ T30] schedule_preempt_disabled+0x13/0x30 [ 243.185782][ T30] __mutex_lock+0x6a4/0xd70 [ 243.190323][ T30] ? __mutex_lock+0x527/0xd70 [ 243.196515][ T30] ? eventpoll_release_file+0xcb/0x1c0 [ 243.202298][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 243.207450][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.215117][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 243.220361][ T30] eventpoll_release_file+0xcb/0x1c0 [ 243.226025][ T30] __fput+0x6e0/0x8a0 [ 243.230066][ T30] __x64_sys_close+0x7f/0x110 [ 243.236339][ T30] do_syscall_64+0xf3/0x230 [ 243.240873][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.247963][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.254160][ T30] RIP: 0033:0x7f597c12319a [ 243.258594][ T30] RSP: 002b:00007ffd4a27f4d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 243.269307][ T30] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f597c12319a [ 243.277524][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 243.286877][ T30] RBP: 00007f597c0e7300 R08: 0000000000000000 R09: 00007f597c17720f [ 243.295079][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000155fa [ 243.304442][ T30] R13: 000000000001562c R14: 00007ffd4a27f5b0 R15: 00007ffd4a27f540 [ 243.312669][ T30] [ 243.315771][ T30] [ 243.315771][ T30] Showing all locks held in the system: [ 243.325584][ T30] 1 lock held by khungtaskd/30: [ 243.330451][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 243.340848][ T30] 1 lock held by syslogd/4664: [ 243.346966][ T30] 2 locks held by getty/4988: [ 243.352973][ T30] #0: ffff88803078b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 243.364167][ T30] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 243.374536][ T30] 1 lock held by syz-executor302/5246: [ 243.380005][ T30] #0: ffff8880328a7868 (&ep->mtx){+.+.}-{3:3}, at: eventpoll_release_file+0xcb/0x1c0 [ 243.391018][ T30] 3 locks held by syz-executor302/5247: [ 243.396759][ T30] [ 243.399094][ T30] ============================================= [ 243.399094][ T30] [ 243.408997][ T30] NMI backtrace for cpu 0 [ 243.413515][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 243.424025][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 243.434085][ T30] Call Trace: [ 243.437370][ T30] [ 243.440308][ T30] dump_stack_lvl+0x241/0x360 [ 243.445009][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.450223][ T30] ? __pfx__printk+0x10/0x10 [ 243.454823][ T30] ? vprintk_emit+0x667/0x7c0 [ 243.459520][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 243.464567][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 243.469538][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 243.475017][ T30] ? _printk+0xd5/0x120 [ 243.479181][ T30] ? __pfx__printk+0x10/0x10 [ 243.483784][ T30] ? __wake_up_klogd+0xcc/0x110 [ 243.488660][ T30] ? __pfx__printk+0x10/0x10 [ 243.493263][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.498923][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 243.503969][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 243.509972][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 243.515978][ T30] watchdog+0xff4/0x1040 [ 243.520247][ T30] ? watchdog+0x1ea/0x1040 [ 243.524697][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.529396][ T30] kthread+0x2f2/0x390 [ 243.533480][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.538182][ T30] ? __pfx_kthread+0x10/0x10 [ 243.542783][ T30] ret_from_fork+0x4d/0x80 [ 243.547226][ T30] ? __pfx_kthread+0x10/0x10 [ 243.551827][ T30] ret_from_fork_asm+0x1a/0x30 [ 243.556634][ T30] [ 243.559955][ T30] Sending NMI from CPU 0 to CPUs 1: [ 243.565205][ C1] NMI backtrace for cpu 1 [ 243.565219][ C1] CPU: 1 UID: 0 PID: 5247 Comm: syz-executor302 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 243.565244][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 243.565257][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 243.565293][ C1] Code: 8b 3d 6c 76 96 0c 48 89 de 5b e9 b3 99 5b 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 00 d7 03 00 65 8b 15 40 4a 70 7e 81 e2 00 01 ff 00 [ 243.565311][ C1] RSP: 0018:ffffc90004d876b8 EFLAGS: 00000202 [ 243.565330][ C1] RAX: ffffffff81e12736 RBX: 0000000000000001 RCX: ffff88802f810000 [ 243.565346][ C1] RDX: ffff88802f810000 RSI: ffffffff8c608e60 RDI: ffffffff8c608e20 [ 243.565363][ C1] RBP: ffffc90004d87790 R08: ffffffff81e12724 R09: 1ffffffff283c90e [ 243.565380][ C1] R10: dffffc0000000000 R11: fffffbfff283c90f R12: 0000000000000046 [ 243.565396][ C1] R13: ffffffff81e12474 R14: dffffc0000000000 R15: 1ffff920009b0edc [ 243.565416][ C1] FS: 00007f597c0d36c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 243.565436][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.565451][ C1] CR2: 0000000020008040 CR3: 000000007c01c000 CR4: 0000000000350ef0 [ 243.565469][ C1] Call Trace: [ 243.565478][ C1] [ 243.565486][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 243.565518][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 243.565553][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 243.565582][ C1] ? nmi_handle+0x2a/0x5a0 [ 243.565617][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 243.565646][ C1] ? nmi_handle+0x151/0x5a0 [ 243.565668][ C1] ? nmi_handle+0x2a/0x5a0 [ 243.565691][ C1] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 243.565722][ C1] ? default_do_nmi+0x63/0x160 [ 243.565757][ C1] ? exc_nmi+0x123/0x1f0 [ 243.565787][ C1] ? end_repeat_nmi+0xf/0x53 [ 243.565819][ C1] ? count_memcg_event_mm+0x94/0x420 [ 243.565852][ C1] ? count_memcg_event_mm+0x344/0x420 [ 243.565881][ C1] ? count_memcg_event_mm+0x356/0x420 [ 243.565913][ C1] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 243.565945][ C1] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 243.565978][ C1] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 243.566009][ C1] [ 243.566017][ C1] [ 243.566024][ C1] count_memcg_event_mm+0x356/0x420 [ 243.566056][ C1] ? count_memcg_event_mm+0x94/0x420 [ 243.566086][ C1] ? __pfx_count_memcg_event_mm+0x10/0x10 [ 243.566118][ C1] ? mt_find+0x226/0x850 [ 243.566140][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.566178][ C1] handle_mm_fault+0x16f7/0x1bc0 [ 243.566232][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 243.566264][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.566309][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.566346][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.566377][ C1] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 243.566412][ C1] exc_page_fault+0x2b9/0x8c0 [ 243.566453][ C1] asm_exc_page_fault+0x26/0x30 [ 243.566481][ C1] RIP: 0010:__put_user_nocheck_4+0x7/0x20 [ 243.566518][ C1] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca e9 ae a7 39 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca e9 88 a7 39 00 66 2e 0f 1f 84 00 00 00 00 00 [ 243.566535][ C1] RSP: 0018:ffffc90004d87b38 EFLAGS: 00050246 [ 243.566553][ C1] RAX: 0000000000000008 RBX: ffff8880279cf06c RCX: 0000000020008040 [ 243.566568][ C1] RDX: ffff88802f810000 RSI: 0000000000000008 RDI: 0000000000000000 [ 243.566582][ C1] RBP: ffffc90004d87db8 R08: ffffffff82232656 R09: 1ffff110049ee77b [ 243.566599][ C1] R10: dffffc0000000000 R11: ffffed10049ee77c R12: 0000000020008040 [ 243.566615][ C1] R13: 0000000000000000 R14: 0000000000000008 R15: 1ffff11004f39e0d [ 243.566635][ C1] ? do_epoll_wait+0xde6/0x2040 [ 243.566664][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.566696][ C1] do_epoll_wait+0xe3a/0x2040 [ 243.566743][ C1] ? __pfx_do_epoll_wait+0x10/0x10 [ 243.566767][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.566805][ C1] ? __pfx_ep_autoremove_wake_function+0x10/0x10 [ 243.566830][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.566864][ C1] ? timespec64_add_safe+0x1be/0x220 [ 243.566902][ C1] ? __pfx_timespec64_add_safe+0x10/0x10 [ 243.566941][ C1] do_epoll_pwait+0x56/0x1e0 [ 243.566966][ C1] __x64_sys_epoll_pwait+0x2b8/0x310 [ 243.567007][ C1] ? __pfx___x64_sys_epoll_pwait+0x10/0x10 [ 243.567043][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.567077][ C1] ? do_syscall_64+0x100/0x230 [ 243.567103][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.567139][ C1] do_syscall_64+0xf3/0x230 [ 243.567167][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.567195][ C1] RIP: 0033:0x7f597c124049 [ 243.567213][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1b 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 243.567230][ C1] RSP: 002b:00007f597c0d3208 EFLAGS: 00000246 ORIG_RAX: 0000000000000119 [ 243.567251][ C1] RAX: ffffffffffffffda RBX: 00007f597c1b34e8 RCX: 00007f597c124049 [ 243.567267][ C1] RDX: 0000000000000001 RSI: 0000000020008040 RDI: 0000000000000008 [ 243.567281][ C1] RBP: 00007f597c1b34e0 R08: 0000000000000000 R09: 0000000000000000 [ 243.567295][ C1] R10: 0000000000000401 R11: 0000000000000246 R12: 00007f597c179414 [ 243.567309][ C1] R13: 00007f597c177052 R14: 0000000000000000 R15: 7061632f7665642f [ 243.567337][ C1] [ 244.097016][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 244.103967][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 244.114481][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 244.124548][ T30] Call Trace: [ 244.127828][ T30] [ 244.130758][ T30] dump_stack_lvl+0x241/0x360 [ 244.135451][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.140655][ T30] ? __pfx__printk+0x10/0x10 [ 244.145244][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 244.151245][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 244.156923][ T30] ? vscnprintf+0x5d/0x90 [ 244.161277][ T30] panic+0x349/0x860 [ 244.165172][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 244.170811][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 244.176972][ T30] ? __pfx_panic+0x10/0x10 [ 244.181383][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 244.186757][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 244.192398][ T30] ? __irq_work_queue_local+0x137/0x410 [ 244.197956][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 244.203596][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 244.208972][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 244.215134][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 244.221296][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 244.227036][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 244.233210][ T30] watchdog+0x1033/0x1040 [ 244.237556][ T30] ? watchdog+0x1ea/0x1040 [ 244.241990][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.246678][ T30] kthread+0x2f2/0x390 [ 244.250744][ T30] ? __pfx_watchdog+0x10/0x10 [ 244.255434][ T30] ? __pfx_kthread+0x10/0x10 [ 244.260022][ T30] ret_from_fork+0x4d/0x80 [ 244.264448][ T30] ? __pfx_kthread+0x10/0x10 [ 244.269034][ T30] ret_from_fork_asm+0x1a/0x30 [ 244.273825][ T30] [ 244.277059][ T30] Kernel Offset: disabled [ 244.281372][ T30] Rebooting in 86400 seconds..