./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2639164074 <...> Warning: Permanently added '10.128.0.157' (ED25519) to the list of known hosts. execve("./syz-executor2639164074", ["./syz-executor2639164074"], 0x7ffd80f29940 /* 10 vars */) = 0 brk(NULL) = 0x5555952af000 brk(0x5555952afd00) = 0x5555952afd00 arch_prctl(ARCH_SET_FS, 0x5555952af380) = 0 set_tid_address(0x5555952af650) = 5818 set_robust_list(0x5555952af660, 24) = 0 rseq(0x5555952afca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2639164074", 4096) = 28 getrandom("\xb5\xe1\xc7\x42\x74\x3e\xa8\xb1", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555952afd00 brk(0x5555952d0d00) = 0x5555952d0d00 brk(0x5555952d1000) = 0x5555952d1000 mprotect(0x7f8444716000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5819 attached [pid 5819] set_robust_list(0x5555952af660, 24 [pid 5818] <... clone resumed>, child_tidptr=0x5555952af650) = 5819 [pid 5819] <... set_robust_list resumed>) = 0 [pid 5818] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5819] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5821 attached ./strace-static-x86_64: Process 5820 attached [pid 5818] <... clone resumed>, child_tidptr=0x5555952af650) = 5820 [pid 5818] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5820] set_robust_list(0x5555952af660, 24./strace-static-x86_64: Process 5822 attached [pid 5821] set_robust_list(0x5555952af660, 24 [pid 5820] <... set_robust_list resumed>) = 0 [pid 5822] set_robust_list(0x5555952af660, 24 [pid 5821] <... set_robust_list resumed>) = 0 [pid 5818] <... clone resumed>, child_tidptr=0x5555952af650) = 5822 [pid 5822] <... set_robust_list resumed>) = 0 [pid 5821] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5820] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5819] <... clone resumed>, child_tidptr=0x5555952af650) = 5821 [pid 5818] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5822] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5821] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5823 attached ./strace-static-x86_64: Process 5825 attached ./strace-static-x86_64: Process 5824 attached [pid 5821] setpgid(0, 0 [pid 5820] <... clone resumed>, child_tidptr=0x5555952af650) = 5823 [pid 5823] set_robust_list(0x5555952af660, 24 [pid 5821] <... setpgid resumed>) = 0 [pid 5825] set_robust_list(0x5555952af660, 24 [pid 5823] <... set_robust_list resumed>) = 0 [pid 5822] <... clone resumed>, child_tidptr=0x5555952af650) = 5824 [pid 5821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5818] <... clone resumed>, child_tidptr=0x5555952af650) = 5825 [pid 5825] <... set_robust_list resumed>) = 0 [pid 5824] set_robust_list(0x5555952af660, 24 [pid 5823] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5818] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... set_robust_list resumed>) = 0 [pid 5823] <... prctl resumed>) = 0 [pid 5824] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5823] setpgid(0, 0 [pid 5821] <... openat resumed>) = 3 [pid 5821] write(3, "1000", 4./strace-static-x86_64: Process 5827 attached ./strace-static-x86_64: Process 5826 attached [pid 5824] <... prctl resumed>) = 0 [pid 5823] <... setpgid resumed>) = 0 [pid 5821] <... write resumed>) = 4 [pid 5827] set_robust_list(0x5555952af660, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555952af650) = 5827 [pid 5818] <... clone resumed>, child_tidptr=0x5555952af650) = 5826 [pid 5826] set_robust_list(0x5555952af660, 24 [pid 5824] setpgid(0, 0 [pid 5827] <... set_robust_list resumed>) = 0 [pid 5823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5821] close(3 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5824] <... setpgid resumed>) = 0 [pid 5827] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5821] <... close resumed>) = 0 [pid 5823] <... openat resumed>) = 3 executing program [pid 5827] <... prctl resumed>) = 0 [pid 5823] write(3, "1000", 4 [pid 5821] write(1, "executing program\n", 18 [pid 5827] setpgid(0, 0 [pid 5823] <... write resumed>) = 4 [pid 5821] <... write resumed>) = 18 [pid 5827] <... setpgid resumed>) = 0 [pid 5823] close(3 [pid 5821] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME./strace-static-x86_64: Process 5828 attached [pid 5823] <... close resumed>) = 0 [pid 5828] set_robust_list(0x5555952af660, 24 [pid 5827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... openat resumed>) = 3 [pid 5823] write(1, "executing program\n", 18 [pid 5821] <... openat resumed>) = 3 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... openat resumed>) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x5555952af650) = 5828 [pid 5828] <... prctl resumed>) = 0 [pid 5824] write(3, "1000", 4 [pid 5828] setpgid(0, 0 [pid 5827] write(3, "1000", 4 [pid 5824] <... write resumed>) = 4 [pid 5828] <... setpgid resumed>) = 0 [pid 5827] <... write resumed>) = 4 [pid 5824] close(3 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... close resumed>) = 0 [pid 5827] close(3executing program executing program ) = 0 [pid 5827] write(1, "executing program\n", 18 [pid 5824] write(1, "executing program\n", 18 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... write resumed>) = 18 [pid 5824] <... write resumed>) = 18 [pid 5827] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5824] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5828] write(3, "1000", 4 [pid 5827] <... openat resumed>) = 3 [pid 5824] <... openat resumed>) = 3 [pid 5828] <... write resumed>) = 4 [pid 5827] dup(3 [pid 5828] close(3 [pid 5827] <... dup resumed>) = 4 [ 90.592837][ T29] audit: type=1400 audit(1733633708.929:88): avc: denied { execmem } for pid=5818 comm="syz-executor263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5824] dup(3executing program executing program [pid 5828] <... close resumed>) = 0 [pid 5827] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5824] <... dup resumed>) = 4 [pid 5828] write(1, "executing program\n", 18) = 18 [pid 5824] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5828] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5828] dup(3) = 4 [pid 5828] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5823] <... write resumed>) = 18 [pid 5821] dup(3 [pid 5823] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5821] <... dup resumed>) = 4 [pid 5821] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5823] <... openat resumed>) = 3 [pid 5823] dup(3) = 4 [ 90.652381][ T29] audit: type=1400 audit(1733633708.989:89): avc: denied { read write } for pid=5821 comm="syz-executor263" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 90.675925][ T29] audit: type=1400 audit(1733633708.989:90): avc: denied { open } for pid=5821 comm="syz-executor263" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [pid 5823] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5819] kill(-5821, SIGKILL) = 0 [pid 5819] kill(5821, SIGKILL) = 0 [pid 5820] kill(-5823, SIGKILL [pid 5822] kill(-5824, SIGKILL [pid 5820] <... kill resumed>) = 0 [pid 5820] kill(5823, SIGKILL) = 0 [pid 5822] <... kill resumed>) = 0 [pid 5825] kill(-5827, SIGKILL [pid 5822] kill(5824, SIGKILL [pid 5825] <... kill resumed>) = 0 [pid 5822] <... kill resumed>) = 0 [pid 5825] kill(5827, SIGKILL) = 0 [pid 5826] kill(-5828, SIGKILL) = 0 [pid 5826] kill(5828, SIGKILL) = 0 [pid 5819] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5822] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5819] <... openat resumed>) = 3 [pid 5825] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5822] newfstatat(3, "", [pid 5825] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", [pid 5822] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5819] newfstatat(3, "", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5822] getdents64(3, [pid 5819] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5819] getdents64(3, [pid 5825] getdents64(3, [pid 5820] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5819] <... getdents64 resumed>0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5822] <... getdents64 resumed>0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5825] <... getdents64 resumed>0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5822] getdents64(3, [pid 5825] getdents64(3, [pid 5820] <... openat resumed>) = 3 [pid 5825] <... getdents64 resumed>0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5822] <... getdents64 resumed>0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5820] newfstatat(3, "", [pid 5825] close(3 [pid 5822] close(3 [pid 5820] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... close resumed>) = 0 [pid 5822] <... close resumed>) = 0 [pid 5820] getdents64(3, [pid 5819] getdents64(3, 0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5819] close(3 [pid 5820] <... getdents64 resumed>0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5819] <... close resumed>) = 0 [pid 5820] getdents64(3, 0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5820] close(3) = 0 [pid 5826] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(3, 0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5827] <... fallocate resumed>) = ? [pid 5827] +++ killed by SIGKILL +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5827, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=9164 /* 91.64 s */} --- [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached , child_tidptr=0x5555952af650) = 5841 [pid 5841] set_robust_list(0x5555952af660, 24) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] write(3, "1000", 4executing program ) = 4 [pid 5841] close(3) = 0 [pid 5841] write(1, "executing program\n", 18) = 18 [pid 5841] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5841] dup(3) = 4 [pid 5841] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 9223372036854775807 [pid 5825] kill(-5841, SIGKILL) = 0 [pid 5825] kill(5841, SIGKILL) = 0 [pid 5825] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x5555952b06f0 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(3, 0x5555952b06f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [ 286.491344][ T30] INFO: task syz-executor263:5821 blocked for more than 143 seconds. [ 286.499619][ T30] Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 286.511190][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.519897][ T30] task:syz-executor263 state:D stack:27328 pid:5821 tgid:5821 ppid:5819 flags:0x00004006 [ 286.531029][ T30] Call Trace: [ 286.535069][ T30] [ 286.538709][ T30] __schedule+0xe58/0x5ad0 [ 286.543938][ T30] ? lock_acquire.part.0+0x155/0x380 [ 286.549951][ T30] ? __pfx___schedule+0x10/0x10 [ 286.555611][ T30] ? schedule+0x298/0x350 [ 286.560769][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.566749][ T30] ? lock_acquire+0x2f/0xb0 [ 286.571335][ T30] ? schedule+0x1fd/0x350 [ 286.575693][ T30] schedule+0xe7/0x350 [ 286.579786][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.585536][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.591317][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.597507][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.603428][ T30] ? lock_acquire+0x2f/0xb0 [ 286.608675][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.614554][ T30] down_write+0x1d8/0x200 [ 286.619641][ T30] ? __pfx_down_write+0x10/0x10 [ 286.625382][ T30] ? inode_security+0x101/0x130 [ 286.631066][ T30] blkdev_fallocate+0x1da/0x390 [ 286.636775][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.642987][ T30] vfs_fallocate+0x459/0xf90 [ 286.651145][ T30] __x64_sys_fallocate+0xd5/0x150 [ 286.656215][ T30] do_syscall_64+0xcd/0x250 [ 286.660751][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.681185][ T30] RIP: 0033:0x7f84446a3b29 [ 286.685654][ T30] RSP: 002b:00007ffc280be1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.694132][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f84446a3b29 [ 286.703049][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.711057][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.719860][ T30] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 286.728715][ T30] R13: 00007ffc280be3c8 R14: 00007ffc280be1d0 R15: 00007ffc280be1c0 [ 286.737562][ T30] [ 286.741393][ T30] INFO: task syz-executor263:5823 blocked for more than 143 seconds. [ 286.749478][ T30] Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 286.757182][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.766021][ T30] task:syz-executor263 state:D stack:28368 pid:5823 tgid:5823 ppid:5820 flags:0x00004006 [ 286.789742][ T30] Call Trace: [ 286.802116][ T30] [ 286.805093][ T30] __schedule+0xe58/0x5ad0 [ 286.819302][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.828185][ T30] ? mark_lock+0xb5/0xc60 [ 286.832585][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.837814][ T30] ? __pfx___schedule+0x10/0x10 [ 286.842700][ T30] ? schedule+0x298/0x350 [ 286.847041][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.852112][ T30] ? lock_acquire+0x2f/0xb0 [ 286.856632][ T30] ? schedule+0x1fd/0x350 [ 286.860995][ T30] schedule+0xe7/0x350 [ 286.873146][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.878668][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.897851][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.908084][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.913252][ T30] ? lock_acquire+0x2f/0xb0 [ 286.917774][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.922859][ T30] down_write+0x1d8/0x200 [ 286.941135][ T30] ? __pfx_down_write+0x10/0x10 [ 286.955003][ T30] ? inode_security+0x101/0x130 [ 286.959917][ T30] blkdev_fallocate+0x1da/0x390 [ 286.972500][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.977927][ T30] vfs_fallocate+0x459/0xf90 [ 286.982569][ T30] __x64_sys_fallocate+0xd5/0x150 [ 286.987618][ T30] do_syscall_64+0xcd/0x250 [ 286.992180][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.008960][ T30] RIP: 0033:0x7f84446a3b29 [ 287.014214][ T30] RSP: 002b:00007ffc280be1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.023501][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f84446a3b29 [ 287.031525][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.039528][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.047563][ T30] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 287.056423][ T30] R13: 00007ffc280be3c8 R14: 00007ffc280be1d0 R15: 00007ffc280be1c0 [ 287.065284][ T30] [ 287.069166][ T30] INFO: task syz-executor263:5828 blocked for more than 143 seconds. [ 287.078057][ T30] Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 287.085760][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.094471][ T30] task:syz-executor263 state:D stack:28368 pid:5828 tgid:5828 ppid:5826 flags:0x00004006 [ 287.104716][ T30] Call Trace: [ 287.108004][ T30] [ 287.110939][ T30] __schedule+0xe58/0x5ad0 [ 287.115413][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.120645][ T30] ? mark_lock+0xb5/0xc60 [ 287.125728][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.130971][ T30] ? __pfx___schedule+0x10/0x10 [ 287.136594][ T30] ? schedule+0x298/0x350 [ 287.141771][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.147544][ T30] ? lock_acquire+0x2f/0xb0 [ 287.152107][ T30] ? schedule+0x1fd/0x350 [ 287.156463][ T30] schedule+0xe7/0x350 [ 287.160557][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.166080][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 287.171872][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.178086][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.183186][ T30] ? lock_acquire+0x2f/0xb0 [ 287.187715][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.192805][ T30] down_write+0x1d8/0x200 [ 287.197171][ T30] ? __pfx_down_write+0x10/0x10 [ 287.215813][ T30] ? inode_security+0x101/0x130 [ 287.220737][ T30] blkdev_fallocate+0x1da/0x390 [ 287.234565][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 287.240008][ T30] vfs_fallocate+0x459/0xf90 [ 287.244855][ T30] __x64_sys_fallocate+0xd5/0x150 [ 287.250022][ T30] do_syscall_64+0xcd/0x250 [ 287.254728][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.260653][ T30] RIP: 0033:0x7f84446a3b29 [ 287.265942][ T30] RSP: 002b:00007ffc280be1a8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.275201][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f84446a3b29 [ 287.283967][ T30] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.292677][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.302541][ T30] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 287.312234][ T30] R13: 00007ffc280be3c8 R14: 00007ffc280be1d0 R15: 00007ffc280be1c0 [ 287.321654][ T30] [ 287.327123][ T30] [ 287.327123][ T30] Showing all locks held in the system: [ 287.364087][ T30] 2 locks held by ksoftirqd/1/24: [ 287.369161][ T30] 1 lock held by khungtaskd/30: [ 287.392008][ T30] #0: ffffffff8e1bb500 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 287.432542][ T30] 2 locks held by klogd/5178: [ 287.440846][ T30] 2 locks held by getty/5570: [ 287.452324][ T30] #0: ffff8880364a20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.462231][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 287.472485][ T30] 1 lock held by syz-executor263/5821: [ 287.477962][ T30] #0: ffff888148d470c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.489407][ T30] 1 lock held by syz-executor263/5823: [ 287.495638][ T30] #0: ffff888148d470c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.507078][ T30] 1 lock held by syz-executor263/5824: [ 287.512601][ T30] 1 lock held by syz-executor263/5828: [ 287.518798][ T30] #0: ffff888148d470c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.530452][ T30] 1 lock held by syz-executor263/5841: [ 287.536656][ T30] #0: ffff888148d470c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.548125][ T30] [ 287.550466][ T30] ============================================= [ 287.550466][ T30] [ 287.560057][ T30] NMI backtrace for cpu 1 [ 287.564428][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 287.574950][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.585025][ T30] Call Trace: [ 287.588319][ T30] [ 287.591266][ T30] dump_stack_lvl+0x116/0x1f0 [ 287.595970][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 287.600931][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.606930][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 287.612935][ T30] watchdog+0xf14/0x1240 [ 287.617206][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.621904][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.627128][ T30] ? __kthread_parkme+0x148/0x220 [ 287.632175][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.636875][ T30] kthread+0x2c1/0x3a0 [ 287.640964][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.646179][ T30] ? __pfx_kthread+0x10/0x10 [ 287.650791][ T30] ret_from_fork+0x45/0x80 [ 287.655222][ T30] ? __pfx_kthread+0x10/0x10 [ 287.659835][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.664632][ T30] [ 287.667822][ T30] Sending NMI from CPU 1 to CPUs 0: [ 287.673086][ C0] NMI backtrace for cpu 0 [ 287.673099][ C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 287.673123][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.673135][ C0] RIP: 0010:debug_check_no_obj_freed+0x2eb/0x600 [ 287.673166][ C0] Code: b9 00 01 00 00 00 00 ad de 49 89 57 08 48 89 c7 48 89 08 4c 89 68 08 e8 b3 ca ff ff 4c 89 f8 48 89 c2 48 c1 ea 03 80 3c 1a 00 <0f> 84 24 ff ff ff 48 89 c7 48 89 44 24 10 e8 42 85 56 fd 48 8b 44 [ 287.673185][ C0] RSP: 0018:ffffc90000157b20 EFLAGS: 00000046 [ 287.673202][ C0] RAX: ffff8880402cdee0 RBX: dffffc0000000000 RCX: ffffffff8177273d [ 287.673217][ C0] RDX: 1ffff11008059bdc RSI: ffff88807d8f2000 RDI: ffff8880835601d8 [ 287.673231][ C0] RBP: ffffc90000157c58 R08: 0000000000000001 R09: fffff5200002af52 [ 287.673244][ C0] R10: 0000000000000003 R11: 0000000000000001 R12: ffff88807d8f1000 [ 287.673258][ C0] R13: dead000000000122 R14: 0000000000000002 R15: ffff8880402cdee0 [ 287.673272][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 287.673292][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.673306][ C0] CR2: 00007fe3b005d580 CR3: 000000007a7ec000 CR4: 00000000003526f0 [ 287.673320][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.673332][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.673345][ C0] Call Trace: [ 287.673351][ C0] [ 287.673358][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 287.673382][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.673403][ C0] ? nmi_handle+0x1ac/0x5d0 [ 287.673426][ C0] ? debug_check_no_obj_freed+0x2eb/0x600 [ 287.673452][ C0] ? default_do_nmi+0x6a/0x160 [ 287.673473][ C0] ? exc_nmi+0x170/0x1e0 [ 287.673492][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.673524][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 287.673552][ C0] ? debug_check_no_obj_freed+0x2eb/0x600 [ 287.673577][ C0] ? debug_check_no_obj_freed+0x2eb/0x600 [ 287.673604][ C0] ? debug_check_no_obj_freed+0x2eb/0x600 [ 287.673630][ C0] [ 287.673636][ C0] [ 287.673646][ C0] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 287.673674][ C0] ? page_ext_put+0x48/0xd0 [ 287.673700][ C0] free_unref_page+0x276/0x1080 [ 287.673725][ C0] ? rcu_core+0x79b/0x14d0 [ 287.673752][ C0] rcu_core+0x79d/0x14d0 [ 287.673781][ C0] ? __pfx_rcu_core+0x10/0x10 [ 287.673812][ C0] handle_softirqs+0x213/0x8f0 [ 287.673839][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 287.673865][ C0] ? rcu_is_watching+0x12/0xc0 [ 287.673895][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 287.673925][ C0] ? smpboot_thread_fn+0x59d/0xa30 [ 287.673952][ C0] run_ksoftirqd+0x3a/0x60 [ 287.673976][ C0] smpboot_thread_fn+0x661/0xa30 [ 287.674003][ C0] ? __kthread_parkme+0x148/0x220 [ 287.674032][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 287.674060][ C0] kthread+0x2c1/0x3a0 [ 287.674085][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.674109][ C0] ? __pfx_kthread+0x10/0x10 [ 287.674136][ C0] ret_from_fork+0x45/0x80 [ 287.674156][ C0] ? __pfx_kthread+0x10/0x10 [ 287.674183][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.674217][ C0] [ 287.674225][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.139 msecs [ 288.011158][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 288.018043][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 288.028558][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 288.038626][ T30] Call Trace: [ 288.041913][ T30] [ 288.044847][ T30] dump_stack_lvl+0x3d/0x1f0 [ 288.049461][ T30] panic+0x71d/0x800 [ 288.053380][ T30] ? __pfx_panic+0x10/0x10 [ 288.057814][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.063204][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.069195][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.074592][ T30] ? watchdog+0xd7e/0x1240 [ 288.079032][ T30] ? watchdog+0xd71/0x1240 [ 288.083473][ T30] watchdog+0xd8f/0x1240 [ 288.087736][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.092430][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 288.097650][ T30] ? __kthread_parkme+0x148/0x220 [ 288.102706][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.107400][ T30] kthread+0x2c1/0x3a0 [ 288.111493][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.116708][ T30] ? __pfx_kthread+0x10/0x10 [ 288.121320][ T30] ret_from_fork+0x45/0x80 [ 288.125750][ T30] ? __pfx_kthread+0x10/0x10 [ 288.130367][ T30] ret_from_fork_asm+0x1a/0x30 [ 288.135164][ T30] [ 288.138421][ T30] Kernel Offset: disabled [ 288.142745][ T30] Rebooting in 86400 seconds..