./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1123873447

<...>
DUID 00:04:d9:3a:76:1c:b4:63:be:bc:0b:c2:08:9c:83:36:98:31
forked to background, child pid 3209
[   37.307303][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.319135][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.47' (ECDSA) to the list of known hosts.
execve("./syz-executor1123873447", ["./syz-executor1123873447"], 0x7ffebb493000 /* 10 vars */) = 0
brk(NULL)                               = 0x55555653c000
brk(0x55555653cc40)                     = 0x55555653cc40
arch_prctl(ARCH_SET_FS, 0x55555653c300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1123873447", 4096) = 28
brk(0x55555655dc40)                     = 0x55555655dc40
brk(0x55555655e000)                     = 0x55555655e000
mprotect(0x7f3aaafd5000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555653c5d0) = 3636
./strace-static-x86_64: Process 3636 attached
[pid  3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3636] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3635] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3637
[pid  3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3636] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3638
./strace-static-x86_64: Process 3638 attached
./strace-static-x86_64: Process 3637 attached
[pid  3638] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3637] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3638] <... prctl resumed>)        = 0
[pid  3638] setpgid(0, 0)               = 0
[pid  3638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3635] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3639
[pid  3638] <... openat resumed>)       = 3
./strace-static-x86_64: Process 3640 attached
[pid  3638] write(3, "1000", 4)         = 4
[pid  3638] close(3 <unfinished ...>
[pid  3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3637] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3640
[pid  3638] <... close resumed>)        = 0
[pid  3638] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3638] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146./strace-static-x86_64: Process 3639 attached
 <unfinished ...>
[pid  3640] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3635] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3641
[pid  3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3641 attached
 <unfinished ...>
[pid  3640] <... prctl resumed>)        = 0
[pid  3639] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3640] setpgid(0, 0)               = 0
[pid  3635] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3642
[pid  3640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3641] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3640] write(3, "1000", 4)         = 4
[pid  3640] close(3)                    = 0
[pid  3635] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3643
[pid  3640] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC./strace-static-x86_64: Process 3642 attached
) = 3
./strace-static-x86_64: Process 3644 attached
./strace-static-x86_64: Process 3643 attached
[pid  3642] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3640] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146./strace-static-x86_64: Process 3645 attached
 <unfinished ...>
[pid  3644] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3643] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3641] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3644
./strace-static-x86_64: Process 3646 attached
[pid  3645] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3644] <... prctl resumed>)        = 0
[pid  3646] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3645] <... prctl resumed>)        = 0
[pid  3644] setpgid(0, 0 <unfinished ...>
[pid  3642] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3646
[pid  3639] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3645
./strace-static-x86_64: Process 3647 attached
[pid  3646] <... prctl resumed>)        = 0
[pid  3645] setpgid(0, 0 <unfinished ...>
[pid  3644] <... setpgid resumed>)      = 0
[pid  3643] <... clone resumed>, child_tidptr=0x55555653c5d0) = 3647
[pid  3646] setpgid(0, 0 <unfinished ...>
[pid  3645] <... setpgid resumed>)      = 0
[pid  3644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3647] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3646] <... setpgid resumed>)      = 0
[pid  3645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3647] <... prctl resumed>)        = 0
[pid  3646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3644] <... openat resumed>)       = 3
[pid  3647] setpgid(0, 0 <unfinished ...>
[pid  3646] <... openat resumed>)       = 3
[pid  3645] <... openat resumed>)       = 3
[pid  3644] write(3, "1000", 4 <unfinished ...>
[pid  3647] <... setpgid resumed>)      = 0
[pid  3646] write(3, "1000", 4 <unfinished ...>
[pid  3645] write(3, "1000", 4 <unfinished ...>
[pid  3644] <... write resumed>)        = 4
[pid  3647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3646] <... write resumed>)        = 4
[pid  3645] <... write resumed>)        = 4
[pid  3644] close(3 <unfinished ...>
[pid  3647] <... openat resumed>)       = 3
[pid  3646] close(3 <unfinished ...>
[pid  3645] close(3 <unfinished ...>
[pid  3644] <... close resumed>)        = 0
[pid  3647] write(3, "1000", 4 <unfinished ...>
[pid  3646] <... close resumed>)        = 0
[pid  3645] <... close resumed>)        = 0
[pid  3644] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3647] <... write resumed>)        = 4
[pid  3646] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3645] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3644] <... openat resumed>)       = 3
[pid  3647] close(3 <unfinished ...>
[pid  3646] <... openat resumed>)       = 3
[pid  3645] <... openat resumed>)       = 3
[pid  3644] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3647] <... close resumed>)        = 0
[pid  3646] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3645] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3647] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3647] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3636] kill(-3638, SIGKILL <unfinished ...>
[pid  3637] kill(-3640, SIGKILL)        = 0
[pid  3636] <... kill resumed>)         = 0
[pid  3637] kill(3640, SIGKILL <unfinished ...>
[pid  3636] kill(3638, SIGKILL <unfinished ...>
[pid  3637] <... kill resumed>)         = 0
[pid  3636] <... kill resumed>)         = 0
[pid  3641] kill(-3644, SIGKILL <unfinished ...>
[pid  3642] kill(-3646, SIGKILL <unfinished ...>
[pid  3641] <... kill resumed>)         = 0
[pid  3639] kill(-3645, SIGKILL <unfinished ...>
[pid  3642] <... kill resumed>)         = 0
[pid  3641] kill(3644, SIGKILL <unfinished ...>
[pid  3639] <... kill resumed>)         = 0
[pid  3643] kill(-3647, SIGKILL <unfinished ...>
[pid  3642] kill(3646, SIGKILL <unfinished ...>
[pid  3641] <... kill resumed>)         = 0
[pid  3639] kill(3645, SIGKILL <unfinished ...>
[pid  3643] <... kill resumed>)         = 0
[pid  3642] <... kill resumed>)         = 0
[pid  3639] <... kill resumed>)         = 0
[pid  3643] kill(3647, SIGKILL)         = 0
[pid  3637] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3643] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3636] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3637] <... openat resumed>)       = 3
[pid  3636] <... openat resumed>)       = 3
[pid  3636] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3636] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3636] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3636] close(3)                    = 0
[pid  3637] fstat(3,  <unfinished ...>
[pid  3641] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3641] fstat(3,  <unfinished ...>
[pid  3637] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3641] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3641] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3641] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3642] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3641] close(3 <unfinished ...>
[pid  3637] getdents64(3,  <unfinished ...>
[pid  3642] <... openat resumed>)       = 3
[pid  3641] <... close resumed>)        = 0
[pid  3637] <... getdents64 resumed>0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3642] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3637] getdents64(3,  <unfinished ...>
[pid  3642] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3637] <... getdents64 resumed>0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3642] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3642] close(3)                    = 0
[pid  3643] <... openat resumed>)       = 3
[pid  3637] close(3)                    = 0
[pid  3643] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3643] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3643] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3639] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3643] close(3 <unfinished ...>
[pid  3639] <... openat resumed>)       = 3
[pid  3639] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3643] <... close resumed>)        = 0
[pid  3639] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3639] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3639] close(3)                    = 0
syzkaller login: [   81.679048][   T14] cfg80211: failed to load regulatory.db
[pid  3638] <... fallocate resumed>)    = ?
[pid  3638] +++ killed by SIGKILL +++
[pid  3636] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3638, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=5054} ---
[pid  3636] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555653c5d0) = 3665
./strace-static-x86_64: Process 3665 attached
[pid  3665] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3665] setpgid(0, 0)               = 0
[pid  3665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3665] write(3, "1000", 4)         = 4
[pid  3665] close(3)                    = 0
[pid  3665] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3665] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3636] kill(-3665, SIGKILL)        = 0
[pid  3636] kill(3665, SIGKILL)         = 0
[pid  3636] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3636] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3636] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3636] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3636] close(3)                    = 0
[pid  3640] <... fallocate resumed>)    = ?
[pid  3640] +++ killed by SIGKILL +++
[pid  3637] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3640, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4933} ---
[pid  3637] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555653c5d0) = 3666
./strace-static-x86_64: Process 3666 attached
[pid  3666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3666] setpgid(0, 0)               = 0
[pid  3666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3666] write(3, "1000", 4)         = 4
[pid  3666] close(3)                    = 0
[pid  3666] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3666] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3637] kill(-3666, SIGKILL)        = 0
[pid  3637] kill(3666, SIGKILL)         = 0
[pid  3637] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3637] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3637] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3637] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3637] close(3)                    = 0
[pid  3644] <... fallocate resumed>)    = ?
[pid  3644] +++ killed by SIGKILL +++
[pid  3641] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3644, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4794} ---
[pid  3641] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3673 attached
, child_tidptr=0x55555653c5d0) = 3673
[pid  3673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3673] setpgid(0, 0)               = 0
[pid  3673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3673] write(3, "1000", 4)         = 4
[pid  3673] close(3)                    = 0
[pid  3673] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3673] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3641] kill(-3673, SIGKILL)        = 0
[pid  3641] kill(3673, SIGKILL)         = 0
[pid  3641] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3641] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3641] getdents64(3, 0x55555653d620 /* 2 entries */, 32768) = 48
[pid  3641] getdents64(3, 0x55555653d620 /* 0 entries */, 32768) = 0
[pid  3641] close(3)                    = 0
[  286.468357][   T28] INFO: task syz-executor112:3645 blocked for more than 143 seconds.
[  286.477043][   T28]       Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  286.485067][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.494953][   T28] task:syz-executor112 state:D stack:26712 pid:3645  ppid:3639   flags:0x00004004
[  286.509709][   T28] Call Trace:
[  286.513036][   T28]  <TASK>
[  286.516092][   T28]  __schedule+0x8fc/0xda0
[  286.520600][   T28]  ? release_firmware_map_entry+0x183/0x183
[  286.526997][   T28]  ? print_irqtrace_events+0x220/0x220
[  286.533435][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  286.539130][   T28]  ? do_raw_spin_unlock+0x134/0x8a0
[  286.544753][   T28]  schedule+0xcb/0x190
[  286.549817][   T28]  rwsem_down_write_slowpath+0xfdc/0x14a0
[  286.555885][   T28]  ? __lock_acquire+0x1292/0x1f60
[  286.561365][   T28]  ? rwsem_down_read_slowpath+0x950/0x950
[  286.567482][   T28]  ? read_lock_is_recursive+0x10/0x10
[  286.572978][   T28]  ? print_irqtrace_events+0x220/0x220
[  286.578952][   T28]  ? ptrace_stop+0x74d/0x970
[  286.584033][   T28]  down_write+0x231/0x270
[  286.588807][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  286.594039][   T28]  ? down_read_killable+0x80/0x80
[  286.599526][   T28]  ? _raw_spin_unlock_irq+0x2a/0x40
[  286.605230][   T28]  ? ptrace_notify+0x245/0x340
[  286.610840][   T28]  blkdev_fallocate+0x21f/0x390
[  286.616190][   T28]  vfs_fallocate+0x515/0x670
[  286.621299][   T28]  __x64_sys_fallocate+0xb9/0x100
[  286.626357][   T28]  do_syscall_64+0x2b/0x70
[  286.631250][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.637544][   T28] RIP: 0033:0x7f3aaaf68e09
[  286.642647][   T28] RSP: 002b:00007fff08738568 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.651759][   T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f3aaaf68e09
[  286.659840][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.672387][   T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  286.681282][   T28] R10: 00400000000000a2 R11: 0000000000000246 R12: 00007f3aaaf2c5e0
[  286.690654][   T28] R13: 0000000000000000 R14: 00007fff08738590 R15: 00007fff08738580
[  286.699604][   T28]  </TASK>
[  286.703502][   T28] INFO: task syz-executor112:3647 blocked for more than 143 seconds.
[  286.711655][   T28]       Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  286.723764][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.733436][   T28] task:syz-executor112 state:D stack:27240 pid:3647  ppid:3643   flags:0x00004004
[  286.743532][   T28] Call Trace:
[  286.746828][   T28]  <TASK>
[  286.749887][   T28]  __schedule+0x8fc/0xda0
[  286.754271][   T28]  ? release_firmware_map_entry+0x183/0x183
[  286.760308][   T28]  ? print_irqtrace_events+0x220/0x220
[  286.765797][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  286.771402][   T28]  ? do_raw_spin_unlock+0x134/0x8a0
[  286.777189][   T28]  schedule+0xcb/0x190
[  286.781803][   T28]  rwsem_down_write_slowpath+0xfdc/0x14a0
[  286.787929][   T28]  ? __lock_acquire+0x1292/0x1f60
[  286.793464][   T28]  ? rwsem_down_read_slowpath+0x950/0x950
[  286.799686][   T28]  ? read_lock_is_recursive+0x10/0x10
[  286.805495][   T28]  ? print_irqtrace_events+0x220/0x220
[  286.811403][   T28]  ? ptrace_stop+0x74d/0x970
[  286.816030][   T28]  down_write+0x231/0x270
[  286.821560][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  286.827158][   T28]  ? down_read_killable+0x80/0x80
[  286.832666][   T28]  ? _raw_spin_unlock_irq+0x2a/0x40
[  286.839014][   T28]  ? ptrace_notify+0x245/0x340
[  286.844648][   T28]  blkdev_fallocate+0x21f/0x390
[  286.849599][   T28]  vfs_fallocate+0x515/0x670
[  286.854269][   T28]  __x64_sys_fallocate+0xb9/0x100
[  286.860577][   T28]  do_syscall_64+0x2b/0x70
[  286.865805][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.873191][   T28] RIP: 0033:0x7f3aaaf68e09
[  286.877693][   T28] RSP: 002b:00007fff08738568 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.888254][   T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f3aaaf68e09
[  286.896286][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.904653][   T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  286.913145][   T28] R10: 00400000000000a2 R11: 0000000000000246 R12: 00007f3aaaf2c5e0
[  286.921517][   T28] R13: 0000000000000000 R14: 00007fff08738590 R15: 00007fff08738580
[  286.930012][   T28]  </TASK>
[  286.933485][   T28] INFO: task syz-executor112:3665 blocked for more than 143 seconds.
[  286.942172][   T28]       Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  286.950884][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.959687][   T28] task:syz-executor112 state:D stack:25632 pid:3665  ppid:3636   flags:0x00004004
[  286.969878][   T28] Call Trace:
[  286.973195][   T28]  <TASK>
[  286.976146][   T28]  __schedule+0x8fc/0xda0
[  286.981656][   T28]  ? release_firmware_map_entry+0x183/0x183
[  286.988161][   T28]  ? print_irqtrace_events+0x220/0x220
[  286.993652][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  287.003073][   T28]  ? do_raw_spin_unlock+0x134/0x8a0
[  287.009124][   T28]  schedule+0xcb/0x190
[  287.013249][   T28]  rwsem_down_write_slowpath+0xfdc/0x14a0
[  287.019185][   T28]  ? __lock_acquire+0x1292/0x1f60
[  287.024600][   T28]  ? rwsem_down_read_slowpath+0x950/0x950
[  287.034576][   T28]  ? read_lock_is_recursive+0x10/0x10
[  287.040449][   T28]  ? print_irqtrace_events+0x220/0x220
[  287.046384][   T28]  ? ptrace_stop+0x74d/0x970
[  287.051459][   T28]  down_write+0x231/0x270
[  287.056203][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  287.061959][   T28]  ? down_read_killable+0x80/0x80
[  287.067398][   T28]  ? _raw_spin_unlock_irq+0x2a/0x40
[  287.072734][   T28]  ? ptrace_notify+0x245/0x340
[  287.077869][   T28]  blkdev_fallocate+0x21f/0x390
[  287.083238][   T28]  vfs_fallocate+0x515/0x670
[  287.088336][   T28]  __x64_sys_fallocate+0xb9/0x100
[  287.093757][   T28]  do_syscall_64+0x2b/0x70
[  287.098664][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  287.105012][   T28] RIP: 0033:0x7f3aaaf68e09
[  287.109920][   T28] RSP: 002b:00007fff08738568 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  287.118902][   T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f3aaaf68e09
[  287.127084][   T28] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  287.135529][   T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  287.143978][   T28] R10: 00400000000000a2 R11: 0000000000000246 R12: 000000000000e597
[  287.152406][   T28] R13: 00007fff0873857c R14: 00007fff08738590 R15: 00007fff08738580
[  287.160587][   T28]  </TASK>
[  287.163711][   T28] 
[  287.163711][   T28] Showing all locks held in the system:
[  287.178245][   T28] 1 lock held by rcu_tasks_kthre/12:
[  287.183675][   T28]  #0: ffffffff8d323fb0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00
[  287.194661][   T28] 1 lock held by rcu_tasks_trace/13:
[  287.200064][   T28]  #0: ffffffff8d3247b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00
[  287.211476][   T28] 1 lock held by khungtaskd/28:
[  287.216665][   T28]  #0: ffffffff8d323de0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  287.226558][   T28] 2 locks held by getty/3313:
[  287.231703][   T28]  #0: ffff88814b369098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  287.241995][   T28]  #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6e8/0x1e50
[  287.252535][   T28] 1 lock held by syz-executor112/3645:
[  287.258395][   T28]  #0: ffff888140cdbfc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  287.269173][   T28] 1 lock held by syz-executor112/3646:
[  287.275032][   T28] 1 lock held by syz-executor112/3647:
[  287.280935][   T28]  #0: ffff888140cdbfc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  287.292164][   T28] 1 lock held by syz-executor112/3665:
[  287.297660][   T28]  #0: ffff888140cdbfc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  287.317446][   T28] 1 lock held by syz-executor112/3666:
[  287.325723][   T28]  #0: ffff888140cdbfc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  287.336538][   T28] 1 lock held by syz-executor112/3673:
[  287.342584][   T28]  #0: ffff888140cdbfc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  287.353362][   T28] 
[  287.356260][   T28] =============================================
[  287.356260][   T28] 
[  287.365525][   T28] NMI backtrace for cpu 0
[  287.369891][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  287.379704][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  287.389743][   T28] Call Trace:
[  287.393011][   T28]  <TASK>
[  287.395940][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  287.400612][   T28]  ? nf_tcp_handle_invalid+0x62e/0x62e
[  287.406069][   T28]  ? panic+0x766/0x766
[  287.410150][   T28]  ? console_unlock+0x311/0x6f0
[  287.414999][   T28]  ? nmi_cpu_backtrace+0x255/0x560
[  287.420098][   T28]  nmi_cpu_backtrace+0x4e3/0x560
[  287.425023][   T28]  ? vprintk_emit+0x109/0x1e0
[  287.429685][   T28]  ? nmi_trigger_cpumask_backtrace+0x3e0/0x3e0
[  287.435823][   T28]  ? _printk+0xcf/0x10f
[  287.439968][   T28]  ? panic+0x766/0x766
[  287.444024][   T28]  ? __wake_up_klogd+0xcd/0x100
[  287.448862][   T28]  ? panic+0x766/0x766
[  287.452921][   T28]  ? nmi_trigger_cpumask_backtrace+0xaa/0x3e0
[  287.458976][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  287.465092][   T28]  nmi_trigger_cpumask_backtrace+0x19b/0x3e0
[  287.471068][   T28]  watchdog+0xcf5/0xd40
[  287.475271][   T28]  kthread+0x266/0x300
[  287.479359][   T28]  ? hungtask_pm_notify+0x50/0x50
[  287.484380][   T28]  ? kthread_blkcg+0xd0/0xd0
[  287.488980][   T28]  ret_from_fork+0x1f/0x30
[  287.493425][   T28]  </TASK>
[  287.496574][   T28] Sending NMI from CPU 0 to CPUs 1:
[  287.501882][    C1] NMI backtrace for cpu 1
[  287.501893][    C1] CPU: 1 PID: 2986 Comm: klogd Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  287.501907][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  287.501920][    C1] RIP: 0010:find_buddy_page_pfn+0x70/0x1f0
[  287.501948][    C1] Code: 08 48 89 ef e8 71 99 0b 00 48 89 5d 00 4b 8d 6c 2c 30 48 89 e8 48 c1 e8 03 42 8a 04 38 84 c0 0f 85 ef 00 00 00 b8 80 00 00 f0 <23> 45 00 3d 00 00 00 f0 0f 85 cb 00 00 00 4b 8d 6c 2c 28 48 89 e8
[  287.501959][    C1] RSP: 0018:ffffc90002f6f408 EFLAGS: 00010046
[  287.501971][    C1] RAX: 00000000f0000080 RBX: 0000000000031a00 RCX: 0000000000000009
[  287.501980][    C1] RDX: 0000000000000009 RSI: 0000000000031800 RDI: ffffea0000c60000
[  287.501989][    C1] RBP: ffffea0000c68030 R08: dffffc0000000000 R09: fffff9400018c007
[  287.501998][    C1] R10: fffff9400018c007 R11: 1ffffd400018c006 R12: ffffea0000c60000
[  287.502008][    C1] R13: 0000000000008000 R14: 0000000000000009 R15: dffffc0000000000
[  287.502016][    C1] FS:  00007f6c5db63800(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  287.502028][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.502037][    C1] CR2: 000055555653c2c0 CR3: 000000007ec6f000 CR4: 00000000003506e0
[  287.502049][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.502056][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.502064][    C1] Call Trace:
[  287.502068][    C1]  <TASK>
[  287.502075][    C1]  __free_one_page+0x44b/0x990
[  287.502117][    C1]  ? del_page_from_free_list+0x2f0/0x2f0
[  287.502137][    C1]  free_pcppages_bulk+0x318/0x500
[  287.502160][    C1]  free_unref_page+0x33d/0x630
[  287.502179][    C1]  ? mark_free_pages+0x450/0x450
[  287.502194][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  287.502212][    C1]  ? _raw_spin_unlock+0x40/0x40
[  287.502229][    C1]  ? mod_node_page_state+0xe4/0x150
[  287.502265][    C1]  __unfreeze_partials+0x1ab/0x200
[  287.502296][    C1]  ? put_cpu_partial+0xe8/0x180
[  287.502311][    C1]  put_cpu_partial+0x116/0x180
[  287.502328][    C1]  qlist_free_all+0x2b/0x70
[  287.502358][    C1]  kasan_quarantine_reduce+0x169/0x180
[  287.502374][    C1]  __kasan_kmalloc+0x1f/0xb0
[  287.502385][    C1]  ? alloc_skb_with_frags+0xb4/0x780
[  287.502427][    C1]  __kmalloc_node_track_caller+0xad/0x190
[  287.502460][    C1]  ? alloc_skb_with_frags+0xb4/0x780
[  287.502473][    C1]  __alloc_skb+0x11d/0x620
[  287.502492][    C1]  alloc_skb_with_frags+0xb4/0x780
[  287.502507][    C1]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  287.502525][    C1]  sock_alloc_send_pskb+0x930/0xa70
[  287.502539][    C1]  ? trace_lock_release+0x95/0x220
[  287.502561][    C1]  ? sock_kzfree_s+0x50/0x50
[  287.502578][    C1]  ? do_raw_spin_unlock+0x134/0x8a0
[  287.502597][    C1]  unix_dgram_sendmsg+0x5b3/0x2050
[  287.502657][    C1]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.502679][    C1]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  287.502727][    C1]  ? security_socket_sendmsg+0x9d/0xb0
[  287.502779][    C1]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.502796][    C1]  __sys_sendto+0x46d/0x5f0
[  287.502829][    C1]  ? __ia32_sys_getpeername+0x80/0x80
[  287.502865][    C1]  __x64_sys_sendto+0xda/0xf0
[  287.502884][    C1]  do_syscall_64+0x2b/0x70
[  287.502898][    C1]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  287.502916][    C1] RIP: 0033:0x7f6c5dcff0ac
[  287.502927][    C1] Code: 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 19 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 64 c3 0f 1f 00 55 48 83 ec 20 48 89 54 24 10
[  287.502937][    C1] RSP: 002b:00007ffd4133b498 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  287.502950][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6c5dcff0ac
[  287.502959][    C1] RDX: 000000000000003e RSI: 000055cfc1b4cd90 RDI: 0000000000000003
[  287.502967][    C1] RBP: 000055cfc1b48910 R08: 0000000000000000 R09: 0000000000000000
[  287.502975][    C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000014
[  287.502983][    C1] R13: 0000000000000001 R14: 00007f6c5de7a77d R15: 00007ffd4133b5a8
[  287.502999][    C1]  </TASK>
[  287.503005][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.122 msecs
[  287.504256][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  287.908283][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.0-rc7-syzkaller-00159-ga1e9185d20b5 #0
[  287.918080][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  287.928143][   T28] Call Trace:
[  287.931419][   T28]  <TASK>
[  287.934375][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  287.939340][   T28]  ? nf_tcp_handle_invalid+0x62e/0x62e
[  287.944901][   T28]  ? panic+0x766/0x766
[  287.948980][   T28]  ? llist_add_batch+0x13b/0x190
[  287.953954][   T28]  ? vscnprintf+0x59/0x80
[  287.958285][   T28]  panic+0x316/0x766
[  287.962188][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  287.967893][   T28]  ? nmi_trigger_cpumask_backtrace+0x2b0/0x3e0
[  287.974163][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[  287.979548][   T28]  ? nmi_trigger_cpumask_backtrace+0x2b0/0x3e0
[  287.985706][   T28]  ? nmi_trigger_cpumask_backtrace+0x32a/0x3e0
[  287.991859][   T28]  ? nmi_trigger_cpumask_backtrace+0x32f/0x3e0
[  287.998031][   T28]  watchdog+0xd35/0xd40
[  288.002280][   T28]  kthread+0x266/0x300
[  288.006357][   T28]  ? hungtask_pm_notify+0x50/0x50
[  288.011491][   T28]  ? kthread_blkcg+0xd0/0xd0
[  288.016103][   T28]  ret_from_fork+0x1f/0x30
[  288.020553][   T28]  </TASK>
[  288.023916][   T28] Kernel Offset: disabled
[  288.028239][   T28] Rebooting in 86400 seconds..