./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3371204639 <...> Warning: Permanently added '10.128.1.131' (ED25519) to the list of known hosts. execve("./syz-executor3371204639", ["./syz-executor3371204639"], 0x7ffd52a8e740 /* 10 vars */) = 0 brk(NULL) = 0x555571fde000 brk(0x555571fded40) = 0x555571fded40 arch_prctl(ARCH_SET_FS, 0x555571fde3c0) = 0 set_tid_address(0x555571fde690) = 5840 set_robust_list(0x555571fde6a0, 24) = 0 rseq(0x555571fdece0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3371204639", 4096) = 28 getrandom("\xb3\x94\xbb\xb7\x17\xc1\xe7\x17", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555571fded40 brk(0x555571fffd40) = 0x555571fffd40 brk(0x555572000000) = 0x555572000000 mprotect(0x7f49c63c0000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 mkdir("./syzkaller.lzQpCM", 0700) = 0 chmod("./syzkaller.lzQpCM", 0777) = 0 chdir("./syzkaller.lzQpCM") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5842 attached [pid 5842] set_robust_list(0x555571fde6a0, 24 [pid 5840] <... clone resumed>, child_tidptr=0x555571fde690) = 5842 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5842] chdir("./0") = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] setpgid(0, 0) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5842] write(3, "1000", 4) = 4 [pid 5842] close(3) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5842] write(1, "executing program\n", 18) = 18 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] rt_sigaction(SIGRT_1, {sa_handler=0x7f49c635eff0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f49c63501a0}, NULL, 8) = 0 [pid 5842] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f49c62cf000 [pid 5842] mprotect(0x7f49c62d0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f49c62ef990, parent_tid=0x7f49c62ef990, exit_signal=0, stack=0x7f49c62cf000, stack_size=0x20300, tls=0x7f49c62ef6c0}./strace-static-x86_64: Process 5843 attached => {parent_tid=[5843]}, 88) = 5843 [pid 5843] rseq(0x7f49c62effe0, 0x20, 0, 0x53053053) = 0 [pid 5843] set_robust_list(0x7f49c62ef9a0, 24) = 0 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5842] futex(0x7f49c63c66c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] memfd_create("syzkaller", 0) = 3 [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f49bde00000 [pid 5843] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5843] munmap(0x7f49bde00000, 138412032) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5843] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5843] close(3) = 0 [pid 5843] close(4) = 0 [pid 5843] mkdir("./file1", 0777) = 0 [ 121.916433][ T5843] loop0: detected capacity change from 0 to 32768 [ 121.983948][ T5843] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 121.998992][ T5843] bcachefs (loop0): initializing new filesystem [ 122.007367][ T5843] bcachefs (loop0): going read-write [ 122.015901][ T5843] bcachefs (loop0): marking superblocks [pid 5843] mount("/dev/loop0", "./file1", "bcachefs", MS_SYNCHRONOUS|MS_POSIXACL|MS_RELATIME|MS_LAZYTIME, "\xd4\x36\x80\x7c\xd2\x6c\x95\x29\xca\x7d\xb2\xa9\x34\x76\x53\x83\x4b\x9c\xd6\x29\xaf\xe8\x32\xf8\xd5\x62\xd4\x80\xd5\xa4\x84\x4a\xa3\xbb\x25\x10\x6b\x43\x69\x8a\xf8\x8e\x9a\xe4\xa9\xbb\x6e\x20\xc7\x91\x55\x31\x17\xa6\xe1\x55\x79\xe6\x9e\x35\x6a\x67\xf1\x44\x4f\xec\xd8\xc2\x2d\x47") = 0 [pid 5843] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 122.033859][ T5843] bcachefs (loop0): initializing freespace [ 122.040909][ T5843] bcachefs (loop0): done initializing freespace [ 122.048922][ T5843] bcachefs (loop0): reading snapshots table [ 122.055367][ T5843] bcachefs (loop0): reading snapshots done [ 122.075921][ T5843] bcachefs (loop0): done starting filesystem [pid 5843] chdir("./file1") = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5843] ioctl(4, LOOP_CLR_FD) = 0 [pid 5843] close(4) = 0 [pid 5843] futex(0x7f49c63c66cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5842] <... futex resumed>) = 0 [pid 5843] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT, 000 [pid 5842] futex(0x7f49c63c66c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] <... openat resumed>) = 4 [pid 5843] futex(0x7f49c63c66cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... futex resumed>) = 0 [pid 5843] <... futex resumed>) = 1 [pid 5842] futex(0x7f49c63c66c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 0104 [pid 5842] <... futex resumed>) = 0 [pid 5843] <... open resumed>) = 5 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] futex(0x7f49c63c66cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5842] <... futex resumed>) = 0 [pid 5843] futex(0x7f49c63c66c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] futex(0x7f49c63c66c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] <... futex resumed>) = 0 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] ftruncate(5, 33587196) = 0 [pid 5843] futex(0x7f49c63c66cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] futex(0x7f49c63c66c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] <... futex resumed>) = 0 [pid 5843] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5842] futex(0x7f49c63c66c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] sendfile(5, 5, NULL, 34359738377 [pid 5842] <... futex resumed>) = 0 [pid 5842] futex(0x7f49c63c66cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5842] futex(0x7f49c63c66dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f49c62ae000 [pid 5842] mprotect(0x7f49c62af000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f49c62ce990, parent_tid=0x7f49c62ce990, exit_signal=0, stack=0x7f49c62ae000, stack_size=0x20300, tls=0x7f49c62ce6c0}./strace-static-x86_64: Process 5854 attached => {parent_tid=[5854]}, 88) = 5854 [pid 5854] rseq(0x7f49c62cefe0, 0x20, 0, 0x53053053 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... rseq resumed>) = 0 [pid 5854] set_robust_list(0x7f49c62ce9a0, 24) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5854] futex(0x7f49c63c66d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] futex(0x7f49c63c66d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5854] <... futex resumed>) = 0 [pid 5842] <... futex resumed>) = 1 [pid 5842] futex(0x7f49c63c66dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5854] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC, 000) = 6 [pid 5854] futex(0x7f49c63c66dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5842] <... futex resumed>) = 0 [pid 5854] futex(0x7f49c63c66d8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5842] futex(0x7f49c63c66d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5854] sendfile(6, 6, NULL, 238724842 [pid 5842] futex(0x7f49c63c66dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5842] exit_group(0) = ? [pid 5840] kill(-5842, SIGKILL) = 0 [pid 5840] kill(5842, SIGKILL) = 0 [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5840] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] getdents64(3, 0x555571fdf730 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, 0x555571fdf730 /* 0 entries */, 32768) = 0 [pid 5840] close(3) = 0 [ 286.861323][ T30] INFO: task syz-executor337:5843 blocked for more than 143 seconds. [ 286.869892][ T30] Not tainted 6.14.0-rc4-syzkaller-00169-g1e15510b71c9 #0 [ 286.877854][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.886646][ T30] task:syz-executor337 state:D stack:11416 pid:5843 tgid:5842 ppid:5840 task_flags:0x400140 flags:0x00004006 [ 286.898822][ T30] Call Trace: [ 286.902231][ T30] [ 286.905223][ T30] __schedule+0x18bc/0x4c40 [ 286.909973][ T30] ? __pfx___schedule+0x10/0x10 [ 286.914991][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.920225][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.926888][ T30] ? schedule+0x90/0x320 [ 286.931323][ T30] schedule+0x14b/0x320 [ 286.935643][ T30] io_schedule+0x8d/0x110 [ 286.940145][ T30] ? folio_wait_bit_common+0x850/0xee0 [ 286.945817][ T30] folio_wait_bit_common+0x839/0xee0 [ 286.951246][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 286.957307][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 286.963050][ T30] ? bch2_direct_write+0x5a6/0x3190 [ 286.968320][ T30] ? folio_mapped+0xe2/0x210 [ 286.973018][ T30] invalidate_inode_pages2_range+0x48f/0x960 [ 286.979094][ T30] ? __pfx_invalidate_inode_pages2_range+0x10/0x10 [ 286.985963][ T30] ? up_write+0x1a9/0x590 [ 286.990442][ T30] ? __asan_memset+0x23/0x50 [ 286.995305][ T30] bch2_write_invalidate_inode_pages_range+0xce/0x120 [ 287.002259][ T30] bch2_direct_write+0x2ebf/0x3190 [ 287.007621][ T30] ? preempt_count_add+0x93/0x190 [ 287.012796][ T30] ? is_bpf_text_address+0x285/0x2a0 [ 287.019105][ T30] ? is_bpf_text_address+0x26/0x2a0 [ 287.024444][ T30] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 287.030736][ T30] ? kernel_text_address+0xa7/0xe0 [ 287.035916][ T30] ? __kernel_text_address+0xd/0x40 [ 287.041191][ T30] ? unwind_get_return_address+0x4d/0x90 [ 287.046873][ T30] ? arch_stack_walk+0xfd/0x150 [ 287.051898][ T30] ? stack_trace_save+0x118/0x1d0 [ 287.057063][ T30] ? __pfx_bch2_direct_write+0x10/0x10 [ 287.063028][ T30] ? stack_depot_save_flags+0x37/0x940 [ 287.068972][ T30] bch2_write_iter+0x19d/0x2cd0 [ 287.074026][ T30] ? direct_splice_actor+0x11b/0x220 [ 287.079354][ T30] ? splice_direct_to_actor+0x586/0xc80 [ 287.085146][ T30] ? do_splice_direct+0x289/0x3e0 [ 287.090610][ T30] ? do_sendfile+0x564/0x8a0 [ 287.096131][ T30] ? __se_sys_sendfile64+0x17c/0x1e0 [ 287.101561][ T30] ? do_syscall_64+0xf3/0x230 [ 287.106304][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.112528][ T30] ? __pfx_bch2_write_iter+0x10/0x10 [ 287.117861][ T30] ? splice_from_pipe_next+0x606/0x660 [ 287.123406][ T30] iter_file_splice_write+0xbfa/0x1510 [ 287.129094][ T30] ? __pfx_iter_file_splice_write+0x10/0x10 [ 287.135309][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.140898][ T30] ? __pfx_iter_file_splice_write+0x10/0x10 [ 287.146838][ T30] direct_splice_actor+0x11b/0x220 [ 287.152091][ T30] splice_direct_to_actor+0x586/0xc80 [ 287.157526][ T30] ? __pfx_direct_splice_actor+0x10/0x10 [ 287.163684][ T30] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 287.170256][ T30] ? __fget_files+0x2a/0x410 [ 287.175155][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.180665][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 287.185821][ T30] do_splice_direct+0x289/0x3e0 [ 287.190895][ T30] ? __pfx_do_splice_direct+0x10/0x10 [ 287.196413][ T30] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 287.202456][ T30] ? rw_verify_area+0x243/0x630 [ 287.207389][ T30] do_sendfile+0x564/0x8a0 [ 287.212152][ T30] ? __pfx_do_sendfile+0x10/0x10 [ 287.217134][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.222920][ T30] ? ptrace_notify+0x27f/0x380 [ 287.227743][ T30] __se_sys_sendfile64+0x17c/0x1e0 [ 287.233080][ T30] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 287.238785][ T30] ? do_syscall_64+0x100/0x230 [ 287.243889][ T30] do_syscall_64+0xf3/0x230 [ 287.249212][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.254223][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.261638][ T30] RIP: 0033:0x7f49c6338bd9 [ 287.266715][ T30] RSP: 002b:00007f49c62ef218 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 287.275419][ T30] RAX: ffffffffffffffda RBX: 00007f49c63c66c8 RCX: 00007f49c6338bd9 [ 287.283780][ T30] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 287.291846][ T30] RBP: 00007f49c63c66c0 R08: 0000000000000000 R09: 0000000000000000 [ 287.300751][ T30] R10: 0000000800000009 R11: 0000000000000246 R12: 00007f49c6392ae4 [ 287.308769][ T30] R13: 0031656c69662f2e R14: 0000400000000240 R15: 0000400000000040 [ 287.316894][ T30] [ 287.320016][ T30] INFO: task syz-executor337:5854 blocked for more than 143 seconds. [ 287.328301][ T30] Not tainted 6.14.0-rc4-syzkaller-00169-g1e15510b71c9 #0 [ 287.336146][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.345333][ T30] task:syz-executor337 state:D stack:19160 pid:5854 tgid:5842 ppid:5840 task_flags:0x440140 flags:0x00004006 [ 287.357634][ T30] Call Trace: [ 287.361143][ T30] [ 287.364160][ T30] __schedule+0x18bc/0x4c40 [ 287.368677][ T30] ? __pfx___schedule+0x10/0x10 [ 287.373846][ T30] ? __blk_flush_plug+0x449/0x500 [ 287.378998][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.384223][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.390213][ T30] ? schedule+0x90/0x320 [ 287.394455][ T30] schedule+0x14b/0x320 [ 287.398613][ T30] __bch2_two_state_lock+0x229/0x2c0 [ 287.403975][ T30] ? __pfx___bch2_two_state_lock+0x10/0x10 [ 287.410083][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 287.416273][ T30] ? __raw_spin_lock_init+0x45/0x100 [ 287.421760][ T30] ? blk_start_plug+0x53/0x1b0 [ 287.426853][ T30] bch2_readahead+0x9e1/0x1240 [ 287.431854][ T30] ? __pfx_bch2_readahead+0x10/0x10 [ 287.437459][ T30] ? __folio_batch_add_and_move+0x811/0xd70 [ 287.443454][ T30] ? folio_batch_move_lru+0x39a/0x420 [ 287.448888][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.454121][ T30] ? __filemap_add_folio+0xeeb/0x1320 [ 287.459549][ T30] ? blk_start_plug+0x70/0x1b0 [ 287.465241][ T30] read_pages+0x179/0x570 [ 287.469621][ T30] ? filemap_add_folio+0x24e/0x380 [ 287.474856][ T30] ? __pfx_read_pages+0x10/0x10 [ 287.479821][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.484913][ T30] page_cache_ra_order+0xa36/0xca0 [ 287.490318][ T30] filemap_get_pages+0x59a/0x1fb0 [ 287.495481][ T30] ? iter_file_splice_write+0x12ae/0x1510 [ 287.501288][ T30] ? direct_splice_actor+0x11b/0x220 [ 287.506727][ T30] ? splice_direct_to_actor+0x586/0xc80 [ 287.512500][ T30] ? __se_sys_sendfile64+0x17c/0x1e0 [ 287.517835][ T30] ? do_syscall_64+0xf3/0x230 [ 287.522700][ T30] ? __pfx_filemap_get_pages+0x10/0x10 [ 287.528258][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 287.533739][ T30] ? __pfx___might_resched+0x10/0x10 [ 287.539089][ T30] ? iter_file_splice_write+0x12ae/0x1510 [ 287.545056][ T30] filemap_splice_read+0x68e/0xef0 [ 287.550442][ T30] ? __pfx_filemap_splice_read+0x10/0x10 [ 287.556189][ T30] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 287.562361][ T30] ? __pfx_iter_file_splice_write+0x10/0x10 [ 287.568320][ T30] ? file_end_write+0x15b/0x250 [ 287.573283][ T30] ? direct_splice_actor+0x128/0x220 [ 287.578617][ T30] ? __pfx_filemap_splice_read+0x10/0x10 [ 287.584406][ T30] splice_direct_to_actor+0x4af/0xc80 [ 287.589967][ T30] ? __pfx_direct_splice_actor+0x10/0x10 [ 287.595801][ T30] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 287.602164][ T30] ? __fget_files+0x2a/0x410 [ 287.606964][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.612094][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 287.617267][ T30] do_splice_direct+0x289/0x3e0 [ 287.623250][ T30] ? __pfx_do_splice_direct+0x10/0x10 [ 287.629016][ T30] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 287.635387][ T30] ? rw_verify_area+0x243/0x630 [ 287.640744][ T30] do_sendfile+0x564/0x8a0 [ 287.647373][ T30] ? __pfx_do_sendfile+0x10/0x10 [ 287.653173][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.659118][ T30] ? ptrace_notify+0x27f/0x380 [ 287.664046][ T30] __se_sys_sendfile64+0x17c/0x1e0 [ 287.669403][ T30] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 287.675317][ T30] ? do_syscall_64+0x100/0x230 [ 287.680543][ T30] do_syscall_64+0xf3/0x230 [ 287.685619][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.690850][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.697256][ T30] RIP: 0033:0x7f49c6338bd9 [ 287.702964][ T30] RSP: 002b:00007f49c62ce218 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 287.712218][ T30] RAX: ffffffffffffffda RBX: 00007f49c63c66d8 RCX: 00007f49c6338bd9 [ 287.720700][ T30] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 287.728971][ T30] RBP: 00007f49c63c66d0 R08: 0000000000000000 R09: 0000000000000000 [ 287.737224][ T30] R10: 000000000e3aa6ea R11: 0000000000000246 R12: 00007f49c6392ae4 [ 287.745824][ T30] R13: 0031656c69662f2e R14: 0000400000000240 R15: 0000400000000040 [ 287.754620][ T30] [ 287.758081][ T30] [ 287.758081][ T30] Showing all locks held in the system: [ 287.766454][ T30] 1 lock held by khungtaskd/30: [ 287.773136][ T30] #0: ffffffff8eb38fa0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 287.783946][ T30] 2 locks held by getty/5583: [ 287.788664][ T30] #0: ffff88803112f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.798662][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770 [ 287.809034][ T30] 1 lock held by syz-executor337/5843: [ 287.814627][ T30] #0: ffff88807c384420 (sb_writers#9){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x220 [ 287.824758][ T30] 1 lock held by syz-executor337/5854: [ 287.830299][ T30] #0: ffff888077d68a80 (mapping.invalidate_lock#3){.+.+}-{4:4}, at: page_cache_ra_order+0x45d/0xca0 [ 287.841480][ T30] [ 287.843854][ T30] ============================================= [ 287.843854][ T30] [ 287.852368][ T30] NMI backtrace for cpu 0 [ 287.852390][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc4-syzkaller-00169-g1e15510b71c9 #0 [ 287.852405][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.852414][ T30] Call Trace: [ 287.852419][ T30] [ 287.852425][ T30] dump_stack_lvl+0x241/0x360 [ 287.852453][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.852467][ T30] ? __pfx__printk+0x10/0x10 [ 287.852495][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.852516][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.852529][ T30] ? _printk+0xd5/0x120 [ 287.852547][ T30] ? __pfx__printk+0x10/0x10 [ 287.852581][ T30] ? __wake_up_klogd+0xcc/0x110 [ 287.852599][ T30] ? __pfx__printk+0x10/0x10 [ 287.852618][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 287.852637][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.852656][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.852676][ T30] watchdog+0x1058/0x10a0 [ 287.852697][ T30] ? watchdog+0x1ea/0x10a0 [ 287.852720][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.852741][ T30] kthread+0x7a9/0x920 [ 287.852760][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852782][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.852801][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852819][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852841][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852860][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.852877][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 287.852895][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852914][ T30] ret_from_fork+0x4b/0x80 [ 287.852933][ T30] ? __pfx_kthread+0x10/0x10 [ 287.852954][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.852984][ T30] [ 287.852991][ T30] Sending NMI from CPU 0 to CPUs 1: [ 288.038412][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 [ 288.039397][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 288.039425][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc4-syzkaller-00169-g1e15510b71c9 #0 [ 288.039446][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 288.039457][ T30] Call Trace: [ 288.039471][ T30] [ 288.039482][ T30] dump_stack_lvl+0x241/0x360 [ 288.039506][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 288.039526][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.039542][ T30] ? __pfx__printk+0x10/0x10 [ 288.039563][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.039591][ T30] ? vscnprintf+0x5d/0x90 [ 288.039619][ T30] panic+0x349/0x880 [ 288.039643][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 288.039663][ T30] ? __pfx_panic+0x10/0x10 [ 288.039688][ T30] ? irq_work_queue+0xd1/0x150 [ 288.039719][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.039740][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.039759][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.039777][ T30] ? nmi_trigger_cpumask_backtrace+0x251/0x320 [ 288.039797][ T30] watchdog+0x1097/0x10a0 [ 288.039821][ T30] ? watchdog+0x1ea/0x10a0 [ 288.039845][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.039866][ T30] kthread+0x7a9/0x920 [ 288.039888][ T30] ? __pfx_kthread+0x10/0x10 [ 288.039914][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.039935][ T30] ? __pfx_kthread+0x10/0x10 [ 288.039954][ T30] ? __pfx_kthread+0x10/0x10 [ 288.039978][ T30] ? __pfx_kthread+0x10/0x10 [ 288.039997][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.040016][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 288.040035][ T30] ? __pfx_kthread+0x10/0x10 [ 288.040057][ T30] ret_from_fork+0x4b/0x80 [ 288.040076][ T30] ? __pfx_kthread+0x10/0x10 [ 288.040097][ T30] ret_from_fork_asm+0x1a/0x30 [ 288.040125][ T30] [ 288.239372][ T30] Kernel Offset: disabled [ 288.243835][ T30] Rebooting in 86400 seconds..