./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor907822732 <...> Warning: Permanently added '10.128.1.63' (ED25519) to the list of known hosts. execve("./syz-executor907822732", ["./syz-executor907822732"], 0x7fffb9deb240 /* 10 vars */) = 0 brk(NULL) = 0x55555e573000 brk(0x55555e573d00) = 0x55555e573d00 arch_prctl(ARCH_SET_FS, 0x55555e573380) = 0 set_tid_address(0x55555e573650) = 5232 set_robust_list(0x55555e573660, 24) = 0 rseq(0x55555e573ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor907822732", 4096) = 27 getrandom("\xba\xa0\xe1\xed\x48\x2d\x34\x6e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555e573d00 brk(0x55555e594d00) = 0x55555e594d00 brk(0x55555e595000) = 0x55555e595000 mprotect(0x7f3910784000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555e573650) = 5233 ./strace-static-x86_64: Process 5233 attached [pid 5232] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5233] set_robust_list(0x55555e573660, 24) = 0 ./strace-static-x86_64: Process 5234 attached [pid 5233] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5234] set_robust_list(0x55555e573660, 24./strace-static-x86_64: Process 5235 attached [pid 5232] <... clone resumed>, child_tidptr=0x55555e573650) = 5234 [pid 5232] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5234] <... set_robust_list resumed>) = 0 [pid 5235] set_robust_list(0x55555e573660, 24 [pid 5234] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5233] <... clone resumed>, child_tidptr=0x55555e573650) = 5235 [pid 5235] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5236 attached [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5237 attached [pid 5236] set_robust_list(0x55555e573660, 24 [pid 5235] setpgid(0, 0) = 0 [pid 5234] <... clone resumed>, child_tidptr=0x55555e573650) = 5237 [pid 5232] <... clone resumed>, child_tidptr=0x55555e573650) = 5236 [pid 5237] set_robust_list(0x55555e573660, 24 [pid 5236] <... set_robust_list resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5232] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5237] <... set_robust_list resumed>) = 0 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5235] <... openat resumed>) = 3 [pid 5235] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5238 attached [pid 5235] close(3 [pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5235] <... close resumed>) = 0 [pid 5235] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 5239 attached ) = 18 [pid 5239] set_robust_list(0x55555e573660, 24 [pid 5238] set_robust_list(0x55555e573660, 24 [pid 5237] <... prctl resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNC [pid 5232] <... clone resumed>, child_tidptr=0x55555e573650) = 5238 [pid 5239] <... set_robust_list resumed>) = 0 [pid 5238] <... set_robust_list resumed>) = 0 [pid 5237] setpgid(0, 0 [pid 5236] <... clone resumed>, child_tidptr=0x55555e573650) = 5239 [pid 5232] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5238] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5237] <... setpgid resumed>) = 0 [pid 5235] <... openat resumed>) = 3 [pid 5235] dup(3./strace-static-x86_64: Process 5241 attached ./strace-static-x86_64: Process 5240 attached [pid 5239] <... prctl resumed>) = 0 [pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5232] <... clone resumed>, child_tidptr=0x55555e573650) = 5240 [pid 5240] set_robust_list(0x55555e573660, 24 [pid 5239] setpgid(0, 0 [pid 5235] <... dup resumed>) = 4 [pid 5241] set_robust_list(0x55555e573660, 24 [pid 5240] <... set_robust_list resumed>) = 0 [pid 5239] <... setpgid resumed>) = 0 [pid 5238] <... clone resumed>, child_tidptr=0x55555e573650) = 5241 [pid 5237] <... openat resumed>) = 3 [pid 5235] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5241] <... set_robust_list resumed>) = 0 [pid 5240] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5237] write(3, "1000", 4 [pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5239] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5242 attached [pid 5237] <... write resumed>) = 4 [pid 5242] set_robust_list(0x55555e573660, 24 [pid 5237] close(3 [pid 5241] <... prctl resumed>) = 0 [pid 5239] write(3, "1000", 4 [pid 5237] <... close resumed>) = 0 [pid 5242] <... set_robust_list resumed>) = 0 [pid 5241] setpgid(0, 0 [pid 5240] <... clone resumed>, child_tidptr=0x55555e573650) = 5242 executing program [pid 5239] <... write resumed>) = 4 [pid 5237] write(1, "executing program\n", 18 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5241] <... setpgid resumed>) = 0 [pid 5239] close(3 [pid 5237] <... write resumed>) = 18 [pid 5242] <... prctl resumed>) = 0 [pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5239] <... close resumed>) = 0 [pid 5237] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNCexecuting program [pid 5242] setpgid(0, 0 [pid 5241] <... openat resumed>) = 3 [pid 5239] write(1, "executing program\n", 18 [pid 5237] <... openat resumed>) = 3 [pid 5241] write(3, "1000", 4 [pid 5239] <... write resumed>) = 18 [pid 5241] <... write resumed>) = 4 [pid 5237] dup(3 [pid 5241] close(3 [pid 5239] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNCexecuting program [pid 5237] <... dup resumed>) = 4 [pid 5242] <... setpgid resumed>) = 0 [pid 5241] <... close resumed>) = 0 [pid 5241] write(1, "executing program\n", 18 [pid 5239] <... openat resumed>) = 3 [pid 5237] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5241] <... write resumed>) = 18 [pid 5239] dup(3 [pid 5241] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNC [pid 5239] <... dup resumed>) = 4 [pid 5241] <... openat resumed>) = 3 [pid 5239] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5242] <... openat resumed>) = 3 [pid 5241] dup(3) = 4 [pid 5241] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 executing program [pid 5242] write(1, "executing program\n", 18) = 18 [pid 5242] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNC) = 3 [pid 5242] dup(3) = 4 [pid 5242] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5233] kill(-5235, SIGKILL) = 0 [pid 5233] kill(5235, SIGKILL [pid 5234] kill(-5237, SIGKILL) = 0 [pid 5234] kill(5237, SIGKILL [pid 5233] <... kill resumed>) = 0 [pid 5236] kill(-5239, SIGKILL [pid 5234] <... kill resumed>) = 0 [pid 5236] <... kill resumed>) = 0 [pid 5236] kill(5239, SIGKILL) = 0 [pid 5238] kill(-5241, SIGKILL) = 0 [pid 5238] kill(5241, SIGKILL) = 0 [pid 5240] kill(-5242, SIGKILL) = 0 [pid 5240] kill(5242, SIGKILL) = 0 [pid 5236] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5234] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5238] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5240] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5233] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5234] <... openat resumed>) = 3 [pid 5240] <... openat resumed>) = 3 [pid 5238] <... openat resumed>) = 3 [pid 5236] <... openat resumed>) = 3 [pid 5233] <... openat resumed>) = 3 [pid 5240] newfstatat(3, "", [pid 5238] newfstatat(3, "", [pid 5240] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5238] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5240] getdents64(3, [pid 5238] getdents64(3, [pid 5240] <... getdents64 resumed>0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5238] <... getdents64 resumed>0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5240] getdents64(3, [pid 5238] getdents64(3, [pid 5240] <... getdents64 resumed>0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5238] <... getdents64 resumed>0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5240] close(3 [pid 5238] close(3 [pid 5236] newfstatat(3, "", [pid 5234] newfstatat(3, "", [pid 5233] newfstatat(3, "", [pid 5240] <... close resumed>) = 0 [pid 5238] <... close resumed>) = 0 [pid 5236] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5234] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5233] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5233] getdents64(3, [pid 5234] getdents64(3, [pid 5233] <... getdents64 resumed>0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5236] getdents64(3, [pid 5234] <... getdents64 resumed>0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5233] getdents64(3, [pid 5234] getdents64(3, [pid 5233] <... getdents64 resumed>0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5234] <... getdents64 resumed>0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5233] close(3 [pid 5234] close(3 [pid 5233] <... close resumed>) = 0 [pid 5236] <... getdents64 resumed>0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5234] <... close resumed>) = 0 [pid 5236] getdents64(3, 0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5236] close(3) = 0 [pid 5235] <... fallocate resumed>) = ? [pid 5235] +++ killed by SIGKILL +++ [pid 5233] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5235, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3483 /* 34.83 s */} --- [pid 5233] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5243 attached , child_tidptr=0x55555e573650) = 5243 [pid 5243] set_robust_list(0x55555e573660, 24) = 0 [pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5243] setpgid(0, 0) = 0 [pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5243] write(3, "1000", 4) = 4 [pid 5243] close(3executing program ) = 0 [pid 5243] write(1, "executing program\n", 18) = 18 [pid 5243] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNC) = 3 [pid 5243] dup(3) = 4 [pid 5243] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5233] kill(-5243, SIGKILL) = 0 [pid 5233] kill(5243, SIGKILL) = 0 [pid 5233] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5233] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5233] getdents64(3, 0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5233] getdents64(3, 0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5233] close(3) = 0 [pid 5237] <... fallocate resumed>) = ? [pid 5237] +++ killed by SIGKILL +++ [pid 5234] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5237, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=3374 /* 33.74 s */} --- [pid 5234] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5250 attached , child_tidptr=0x55555e573650) = 5250 [pid 5250] set_robust_list(0x55555e573660, 24) = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5250] setpgid(0, 0) = 0 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5250] write(3, "1000", 4executing program ) = 4 [pid 5250] close(3) = 0 [pid 5250] write(1, "executing program\n", 18) = 18 [pid 5250] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_TRUNC|O_APPEND|O_NONBLOCK|__O_SYNC|O_NOFOLLOW|O_NOATIME|FASYNC) = 3 [pid 5250] dup(3) = 4 [pid 5250] fallocate(4, FALLOC_FL_ZERO_RANGE, 0, 137438954496 [pid 5234] kill(-5250, SIGKILL) = 0 [pid 5234] kill(5250, SIGKILL) = 0 [pid 5234] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5234] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5234] getdents64(3, 0x55555e5746f0 /* 2 entries */, 32768) = 48 [pid 5234] getdents64(3, 0x55555e5746f0 /* 0 entries */, 32768) = 0 [pid 5234] close(3) = 0 [ 286.676008][ T30] INFO: task syz-executor907:5241 blocked for more than 143 seconds. [ 286.684901][ T30] Not tainted 6.11.0-syzkaller-10547-g684a64bf32b6 #0 [ 286.692521][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.704849][ T30] task:syz-executor907 state:D stack:26592 pid:5241 tgid:5241 ppid:5238 flags:0x00004006 [ 286.716553][ T30] Call Trace: [ 286.720850][ T30] [ 286.723854][ T30] __schedule+0x1843/0x4ae0 [ 286.729604][ T30] ? __pfx___schedule+0x10/0x10 [ 286.736440][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.741558][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.747952][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.754747][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.760111][ T30] ? schedule+0x90/0x320 [ 286.764768][ T30] schedule+0x14b/0x320 [ 286.769605][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.777189][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 286.783019][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 286.789244][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.796764][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 286.802617][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.809681][ T30] down_write+0x1d7/0x220 [ 286.814385][ T30] ? __pfx_down_write+0x10/0x10 [ 286.819310][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.825248][ T30] blkdev_fallocate+0x20e/0x490 [ 286.833711][ T30] vfs_fallocate+0x569/0x6e0 [ 286.848972][ T30] __x64_sys_fallocate+0xbd/0x110 [ 286.854114][ T30] do_syscall_64+0xf3/0x230 [ 286.859567][ T30] ? clear_bhb_loop+0x35/0x90 [ 286.864535][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.870487][ T30] RIP: 0033:0x7f3910711b29 [ 286.882080][ T30] RSP: 002b:00007ffed6052c78 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.890838][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3910711b29 [ 286.898924][ T30] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000004 [ 286.910267][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.919628][ T30] R10: 0000002000000400 R11: 0000000000000246 R12: 0000000000000001 [ 286.931621][ T30] R13: 00007ffed6052e98 R14: 00007ffed6052ca0 R15: 00007ffed6052c90 [ 286.942806][ T30] [ 286.946500][ T30] INFO: task syz-executor907:5242 blocked for more than 143 seconds. [ 286.957789][ T30] Not tainted 6.11.0-syzkaller-10547-g684a64bf32b6 #0 [ 286.965297][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.975141][ T30] task:syz-executor907 state:D stack:26560 pid:5242 tgid:5242 ppid:5240 flags:0x00004006 [ 286.986767][ T30] Call Trace: [ 286.991020][ T30] [ 286.995952][ T30] __schedule+0x1843/0x4ae0 [ 287.001461][ T30] ? __pfx___schedule+0x10/0x10 [ 287.007495][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.012612][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.020525][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.027069][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.032238][ T30] ? schedule+0x90/0x320 [ 287.036625][ T30] schedule+0x14b/0x320 [ 287.043344][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.052181][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.059125][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.065149][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.071379][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.076671][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.083174][ T30] down_write+0x1d7/0x220 [ 287.090798][ T30] ? __pfx_down_write+0x10/0x10 [ 287.098070][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.105978][ T30] blkdev_fallocate+0x20e/0x490 [ 287.111000][ T30] vfs_fallocate+0x569/0x6e0 [ 287.115885][ T30] __x64_sys_fallocate+0xbd/0x110 [ 287.120991][ T30] do_syscall_64+0xf3/0x230 [ 287.128015][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.135102][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.141233][ T30] RIP: 0033:0x7f3910711b29 [ 287.146675][ T30] RSP: 002b:00007ffed6052c78 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.156166][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3910711b29 [ 287.167756][ T30] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000004 [ 287.186889][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.195865][ T30] R10: 0000002000000400 R11: 0000000000000246 R12: 0000000000000001 [ 287.205059][ T30] R13: 00007ffed6052e98 R14: 00007ffed6052ca0 R15: 00007ffed6052c90 [ 287.214037][ T30] [ 287.217250][ T30] [ 287.217250][ T30] Showing all locks held in the system: [ 287.235465][ T30] 1 lock held by khungtaskd/30: [ 287.241109][ T30] #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 287.285476][ T30] 3 locks held by kworker/1:1H/2152: [ 287.290846][ T30] #0: ffff8880b873ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.349774][ T30] #1: ffff8880b8728948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770 [ 287.362437][ T30] #2: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: blk_mq_run_work_fn+0x9b/0x2f0 [ 287.374664][ T30] 1 lock held by klogd/4659: [ 287.380297][ T30] 2 locks held by getty/4973: [ 287.386034][ T30] #0: ffff88814ba0e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.395924][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 287.406444][ T30] 1 lock held by syz-executor907/5239: [ 287.411957][ T30] 1 lock held by syz-executor907/5241: [ 287.418484][ T30] #0: ffff888023508940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 287.430506][ T30] 1 lock held by syz-executor907/5242: [ 287.437152][ T30] #0: ffff888023508940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 287.449801][ T30] 1 lock held by syz-executor907/5243: [ 287.456364][ T30] #0: ffff888023508940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 287.468269][ T30] 1 lock held by syz-executor907/5250: [ 287.499800][ T30] #0: ffff888023508940 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x20e/0x490 [ 287.511636][ T30] [ 287.514924][ T30] ============================================= [ 287.514924][ T30] [ 287.551890][ T30] NMI backtrace for cpu 0 [ 287.556313][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10547-g684a64bf32b6 #0 [ 287.566536][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 287.576641][ T30] Call Trace: [ 287.580051][ T30] [ 287.583031][ T30] dump_stack_lvl+0x241/0x360 [ 287.587786][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.593137][ T30] ? __pfx__printk+0x10/0x10 [ 287.597839][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.602864][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.608392][ T30] ? _printk+0xd5/0x120 [ 287.612608][ T30] ? __pfx__printk+0x10/0x10 [ 287.617280][ T30] ? __wake_up_klogd+0xcc/0x110 [ 287.622340][ T30] ? __pfx__printk+0x10/0x10 [ 287.627009][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 287.632185][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.638577][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.645412][ T30] watchdog+0xff4/0x1040 [ 287.650332][ T30] ? watchdog+0x1ea/0x1040 [ 287.655577][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.661069][ T30] kthread+0x2f0/0x390 [ 287.665467][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.670860][ T30] ? __pfx_kthread+0x10/0x10 [ 287.675571][ T30] ret_from_fork+0x4b/0x80 [ 287.680123][ T30] ? __pfx_kthread+0x10/0x10 [ 287.684743][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.689820][ T30] [ 287.693159][ T30] Sending NMI from CPU 0 to CPUs 1: [ 287.698846][ C1] NMI backtrace for cpu 1 [ 287.698896][ C1] CPU: 1 UID: 0 PID: 4659 Comm: klogd Not tainted 6.11.0-syzkaller-10547-g684a64bf32b6 #0 [ 287.698918][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 287.698928][ C1] RIP: 0010:qlist_free_all+0x71/0x140 [ 287.698959][ C1] Code: 4c 05 08 f6 c1 01 0f 85 a8 00 00 00 4c 01 e8 66 90 0f b6 48 33 c1 e1 18 81 f9 00 00 00 f5 48 0f 45 c5 48 8b 58 08 4d 8b 34 24 <48> 63 83 c0 00 00 00 49 29 c4 48 89 df 4c 89 e6 e8 4a e5 ff ff 66 [ 287.698981][ C1] RSP: 0018:ffffc900038e7620 EFLAGS: 00000246 [ 287.698998][ C1] RAX: ffffea0001c39580 RBX: ffff88801ac41780 RCX: 00000000f5000000 [ 287.699012][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 287.699023][ C1] RBP: 0000000000000000 R08: ffffffff8142be9c R09: ffffffff81fb4faf [ 287.699036][ C1] R10: dffffc0000000000 R11: fffffbfff2846aff R12: ffff888070e56800 [ 287.699050][ C1] R13: ffffea0000000000 R14: ffff88806e47d3a0 R15: 0000000000000000 [ 287.699063][ C1] FS: 00007fbfd5e18380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 287.699079][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.699092][ C1] CR2: 00007f39107880d0 CR3: 000000002d2fa000 CR4: 00000000003506f0 [ 287.699108][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.699119][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.699131][ C1] Call Trace: [ 287.699137][ C1] [ 287.699145][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 287.699173][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 287.699202][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.699229][ C1] ? nmi_handle+0x2a/0x5a0 [ 287.699254][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.699278][ C1] ? nmi_handle+0x14f/0x5a0 [ 287.699295][ C1] ? nmi_handle+0x2a/0x5a0 [ 287.699313][ C1] ? qlist_free_all+0x71/0x140 [ 287.699334][ C1] ? default_do_nmi+0x63/0x160 [ 287.699362][ C1] ? exc_nmi+0x123/0x1f0 [ 287.699389][ C1] ? end_repeat_nmi+0xf/0x53 [ 287.699412][ C1] ? qlist_free_all+0x8f/0x140 [ 287.699433][ C1] ? __phys_addr+0xac/0x170 [ 287.699451][ C1] ? qlist_free_all+0x71/0x140 [ 287.699474][ C1] ? qlist_free_all+0x71/0x140 [ 287.699496][ C1] ? qlist_free_all+0x71/0x140 [ 287.699519][ C1] [ 287.699524][ C1] [ 287.699533][ C1] kasan_quarantine_reduce+0x14f/0x170 [ 287.699558][ C1] __kasan_slab_alloc+0x23/0x80 [ 287.699583][ C1] __kmalloc_node_track_caller_noprof+0x1cd/0x440 [ 287.699603][ C1] ? __alloc_skb+0x1f3/0x440 [ 287.699626][ C1] ? __alloc_skb+0x1f3/0x440 [ 287.699648][ C1] kmalloc_reserve+0x111/0x2a0 [ 287.699672][ C1] __alloc_skb+0x1f3/0x440 [ 287.699694][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.699715][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 287.699743][ C1] alloc_skb_with_frags+0xc3/0x820 [ 287.699775][ C1] sock_alloc_send_pskb+0x91a/0xa60 [ 287.699811][ C1] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 287.699841][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 287.699875][ C1] unix_dgram_sendmsg+0x6d3/0x1f80 [ 287.699902][ C1] ? __pfx_smack_socket_sendmsg+0x10/0x10 [ 287.699926][ C1] ? tomoyo_socket_sendmsg_permission+0x288/0x420 [ 287.699953][ C1] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.699984][ C1] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.700005][ C1] __sock_sendmsg+0x221/0x270 [ 287.700026][ C1] __sys_sendto+0x39b/0x4f0 [ 287.700051][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 287.700086][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.700113][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.700143][ C1] __x64_sys_sendto+0xde/0x100 [ 287.700167][ C1] do_syscall_64+0xf3/0x230 [ 287.700190][ C1] ? clear_bhb_loop+0x35/0x90 [ 287.700212][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.700232][ C1] RIP: 0033:0x7fbfd5f7a9b5 [ 287.700248][ C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.700262][ C1] RSP: 002b:00007ffd748ff208 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.700280][ C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fbfd5f7a9b5 [ 287.700292][ C1] RDX: 0000000000000073 RSI: 000055f684ebccc0 RDI: 0000000000000003 [ 287.700304][ C1] RBP: 000055f684eb8910 R08: 0000000000000000 R09: 0000000000000000 [ 287.700315][ C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.700327][ C1] R13: 00007fbfd6108212 R14: 00007ffd748ff308 R15: 0000000000000000 [ 287.700347][ C1] [ 287.700355][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.510 msecs [ 287.760950][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 287.760973][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10547-g684a64bf32b6 #0 [ 287.761001][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 287.761016][ T30] Call Trace: [ 287.761026][ T30] [ 287.761037][ T30] dump_stack_lvl+0x241/0x360 [ 287.761078][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.761109][ T30] ? __pfx__printk+0x10/0x10 [ 287.761136][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.761179][ T30] ? vscnprintf+0x5d/0x90 [ 287.761216][ T30] panic+0x349/0x880 [ 287.761245][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.761282][ T30] ? __pfx_panic+0x10/0x10 [ 287.761307][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 287.761332][ T30] ? __irq_work_queue_local+0x137/0x410 [ 287.761364][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 287.761390][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.761425][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 287.761463][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 287.761501][ T30] watchdog+0x1033/0x1040 [ 287.761534][ T30] ? watchdog+0x1ea/0x1040 [ 287.761570][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.761600][ T30] kthread+0x2f0/0x390 [ 287.761623][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.761652][ T30] ? __pfx_kthread+0x10/0x10 [ 287.761676][ T30] ret_from_fork+0x4b/0x80 [ 287.761708][ T30] ? __pfx_kthread+0x10/0x10 [ 287.761730][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.761777][ T30] [ 288.307707][ T30] Kernel Offset: disabled [ 288.312042][ T30] Rebooting in 86400 seconds..