./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3460256088

<...>
forked to background, child pid 3187
no interfaces have a carrier
[   24.625762][ T3188] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.635780][ T3188] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.155' (ECDSA) to the list of known hosts.
execve("./syz-executor3460256088", ["./syz-executor3460256088"], 0x7ffe9c809bb0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555559cc000
brk(0x5555559ccc40)                     = 0x5555559ccc40
arch_prctl(ARCH_SET_FS, 0x5555559cc300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3460256088", 4096) = 28
brk(0x5555559edc40)                     = 0x5555559edc40
brk(0x5555559ee000)                     = 0x5555559ee000
mprotect(0x7f22ecefb000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559cc5d0) = 3616
./strace-static-x86_64: Process 3616 attached
[pid  3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3616] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3617
./strace-static-x86_64: Process 3618 attached
./strace-static-x86_64: Process 3617 attached
[pid  3615] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3618
[pid  3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3618] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3615] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3619
[pid  3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3615] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3621
./strace-static-x86_64: Process 3621 attached
[pid  3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3617] setpgid(0, 0 <unfinished ...>
[pid  3618] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3620
[pid  3617] <... setpgid resumed>)      = 0
./strace-static-x86_64: Process 3622 attached
[pid  3615] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3622
[pid  3621] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3615] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3617] <... openat resumed>)       = 3
./strace-static-x86_64: Process 3619 attached
[pid  3619] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3615] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3623
[pid  3617] write(3, "1000", 4)         = 4
[pid  3617] close(3)                    = 0
./strace-static-x86_64: Process 3624 attached
[pid  3622] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3621] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3624
[pid  3617] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3617] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146./strace-static-x86_64: Process 3620 attached
 <unfinished ...>
[pid  3620] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3619] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3625
[pid  3620] <... prctl resumed>)        = 0
[pid  3620] setpgid(0, 0)               = 0
[pid  3622] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3626
[pid  3620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3620] write(3, "1000", 4./strace-static-x86_64: Process 3623 attached
)         = 4
[pid  3623] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  3620] close(3)                    = 0
[pid  3620] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3623] <... clone resumed>, child_tidptr=0x5555559cc5d0) = 3627
[pid  3620] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146./strace-static-x86_64: Process 3625 attached
 <unfinished ...>
[pid  3625] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3624] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3625] <... prctl resumed>)        = 0
[pid  3625] setpgid(0, 0)               = 0
[pid  3624] <... prctl resumed>)        = 0
[pid  3625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3624] setpgid(0, 0./strace-static-x86_64: Process 3627 attached
./strace-static-x86_64: Process 3626 attached
 <unfinished ...>
[pid  3625] <... openat resumed>)       = 3
[pid  3624] <... setpgid resumed>)      = 0
[pid  3627] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3625] write(3, "1000", 4 <unfinished ...>
[pid  3624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3627] <... prctl resumed>)        = 0
[pid  3625] <... write resumed>)        = 4
[pid  3627] setpgid(0, 0 <unfinished ...>
[pid  3625] close(3 <unfinished ...>
[pid  3624] <... openat resumed>)       = 3
[pid  3627] <... setpgid resumed>)      = 0
[pid  3625] <... close resumed>)        = 0
[pid  3624] write(3, "1000", 4 <unfinished ...>
[pid  3627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3626] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  3625] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3624] <... write resumed>)        = 4
[pid  3627] <... openat resumed>)       = 3
[pid  3625] <... openat resumed>)       = 3
[pid  3624] close(3 <unfinished ...>
[pid  3626] <... prctl resumed>)        = 0
[pid  3627] write(3, "1000", 4 <unfinished ...>
[pid  3626] setpgid(0, 0 <unfinished ...>
[pid  3625] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3624] <... close resumed>)        = 0
[pid  3627] <... write resumed>)        = 4
[pid  3626] <... setpgid resumed>)      = 0
[pid  3624] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3627] close(3 <unfinished ...>
[pid  3624] <... openat resumed>)       = 3
[pid  3626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  3627] <... close resumed>)        = 0
[pid  3624] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3627] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC <unfinished ...>
[pid  3626] <... openat resumed>)       = 3
[pid  3627] <... openat resumed>)       = 3
[pid  3627] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3626] write(3, "1000", 4)         = 4
[pid  3626] close(3)                    = 0
[pid  3626] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3626] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3616] kill(-3617, SIGKILL)        = 0
[pid  3618] kill(-3620, SIGKILL <unfinished ...>
[pid  3616] kill(3617, SIGKILL <unfinished ...>
[pid  3621] kill(-3624, SIGKILL <unfinished ...>
[pid  3618] <... kill resumed>)         = 0
[pid  3616] <... kill resumed>)         = 0
[pid  3621] <... kill resumed>)         = 0
[pid  3618] kill(3620, SIGKILL <unfinished ...>
[pid  3621] kill(3624, SIGKILL <unfinished ...>
[pid  3618] <... kill resumed>)         = 0
[pid  3621] <... kill resumed>)         = 0
[pid  3619] kill(-3625, SIGKILL)        = 0
[pid  3619] kill(3625, SIGKILL)         = 0
[pid  3622] kill(-3626, SIGKILL)        = 0
[pid  3622] kill(3626, SIGKILL)         = 0
[pid  3623] kill(-3627, SIGKILL)        = 0
[pid  3623] kill(3627, SIGKILL)         = 0
[pid  3618] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3623] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3618] <... openat resumed>)       = 3
[pid  3622] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3618] fstat(3,  <unfinished ...>
[pid  3622] <... openat resumed>)       = 3
[pid  3623] fstat(3,  <unfinished ...>
[pid  3622] fstat(3,  <unfinished ...>
[pid  3618] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3622] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3623] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3622] getdents64(3,  <unfinished ...>
[pid  3618] getdents64(3,  <unfinished ...>
[pid  3622] <... getdents64 resumed>0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3622] getdents64(3,  <unfinished ...>
[pid  3618] <... getdents64 resumed>0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3622] <... getdents64 resumed>0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3618] getdents64(3,  <unfinished ...>
[pid  3622] close(3 <unfinished ...>
[pid  3618] <... getdents64 resumed>0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3622] <... close resumed>)        = 0
[pid  3618] close(3 <unfinished ...>
[pid  3623] getdents64(3, 0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3621] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3618] <... close resumed>)        = 0
[pid  3623] getdents64(3,  <unfinished ...>
[pid  3621] <... openat resumed>)       = 3
[pid  3623] <... getdents64 resumed>0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3621] fstat(3,  <unfinished ...>
[pid  3623] close(3 <unfinished ...>
[pid  3621] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3623] <... close resumed>)        = 0
[pid  3621] getdents64(3, 0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3621] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3621] close(3)                    = 0
[pid  3616] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3619] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY <unfinished ...>
[pid  3616] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3619] <... openat resumed>)       = 3
[pid  3616] getdents64(3,  <unfinished ...>
[pid  3619] fstat(3,  <unfinished ...>
[pid  3616] <... getdents64 resumed>0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3619] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3616] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3619] getdents64(3,  <unfinished ...>
[pid  3616] close(3 <unfinished ...>
[pid  3619] <... getdents64 resumed>0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3616] <... close resumed>)        = 0
[pid  3619] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3619] close(3)                    = 0
syzkaller login: [   76.186880][  T143] cfg80211: failed to load regulatory.db
[pid  3617] <... fallocate resumed>)    = ?
[pid  3617] +++ killed by SIGKILL +++
[pid  3616] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3617, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4752} ---
[pid  3616] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559cc5d0) = 3643
./strace-static-x86_64: Process 3643 attached
[pid  3643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3643] setpgid(0, 0)               = 0
[pid  3643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3643] write(3, "1000", 4)         = 4
[pid  3643] close(3)                    = 0
[pid  3643] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3643] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3616] kill(-3643, SIGKILL)        = 0
[pid  3616] kill(3643, SIGKILL)         = 0
[pid  3616] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3616] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3616] getdents64(3, 0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3616] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3616] close(3)                    = 0
[pid  3620] <... fallocate resumed>)    = ?
[pid  3620] +++ killed by SIGKILL +++
[pid  3618] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3620, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4677} ---
[pid  3618] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559cc5d0) = 3645
./strace-static-x86_64: Process 3645 attached
[pid  3645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3645] setpgid(0, 0)               = 0
[pid  3645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3645] write(3, "1000", 4)         = 4
[pid  3645] close(3)                    = 0
[pid  3645] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3645] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3618] kill(-3645, SIGKILL)        = 0
[pid  3618] kill(3645, SIGKILL)         = 0
[pid  3618] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3618] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3618] getdents64(3, 0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3618] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3618] close(3)                    = 0
[pid  3625] <... fallocate resumed>)    = ?
[pid  3625] +++ killed by SIGKILL +++
[pid  3619] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3625, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4689} ---
[pid  3619] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559cc5d0) = 3652
./strace-static-x86_64: Process 3652 attached
[pid  3652] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  3652] setpgid(0, 0)               = 0
[pid  3652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  3652] write(3, "1000", 4)         = 4
[pid  3652] close(3)                    = 0
[pid  3652] openat(AT_FDCWD, "/dev/nullb0", O_WRONLY|O_TRUNC|O_APPEND|O_NONBLOCK|O_SYNC) = 3
[pid  3652] fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 0, 18014398509482146 <unfinished ...>
[pid  3619] kill(-3652, SIGKILL)        = 0
[pid  3619] kill(3652, SIGKILL)         = 0
[pid  3619] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  3619] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid  3619] getdents64(3, 0x5555559cd620 /* 2 entries */, 32768) = 48
[pid  3619] getdents64(3, 0x5555559cd620 /* 0 entries */, 32768) = 0
[pid  3619] close(3)                    = 0
[  286.096915][   T29] INFO: task syz-executor346:3626 blocked for more than 143 seconds.
[  286.105081][   T29]       Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  286.116614][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.125331][   T29] task:syz-executor346 state:D stack:26328 pid: 3626 ppid:  3622 flags:0x00004004
[  286.136594][   T29] Call Trace:
[  286.139896][   T29]  <TASK>
[  286.142839][   T29]  __schedule+0x91f/0xdf0
[  286.147640][   T29]  ? __sched_text_start+0x8/0x8
[  286.152846][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.158843][   T29]  ? _raw_spin_lock_irq+0xba/0xf0
[  286.164284][   T29]  ? do_raw_spin_unlock+0x134/0x8a0
[  286.169887][   T29]  schedule+0xcb/0x190
[  286.174336][   T29]  rwsem_down_write_slowpath+0xf1c/0x1350
[  286.180502][   T29]  ? rwsem_down_read_slowpath+0x930/0x930
[  286.186632][   T29]  ? read_lock_is_recursive+0x10/0x10
[  286.192039][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.197909][   T29]  down_write+0x163/0x170
[  286.202260][   T29]  ? down_read_killable+0x80/0x80
[  286.207706][   T29]  blkdev_fallocate+0x21f/0x390
[  286.212981][   T29]  vfs_fallocate+0x515/0x670
[  286.218078][   T29]  __x64_sys_fallocate+0xb9/0x100
[  286.223488][   T29]  do_syscall_64+0x3d/0xb0
[  286.228324][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.234580][   T29] RIP: 0033:0x7f22ece8ee09
[  286.239434][   T29] RSP: 002b:00007ffca874b768 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.247893][   T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f22ece8ee09
[  286.256182][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.264558][   T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  286.272614][   T29] R10: 00400000000000a2 R11: 0000000000000246 R12: 00007f22ece525e0
[  286.286563][   T29] R13: 0000000000000000 R14: 00007ffca874b790 R15: 00007ffca874b780
[  286.294584][   T29]  </TASK>
[  286.297662][   T29] INFO: task syz-executor346:3627 blocked for more than 143 seconds.
[  286.305728][   T29]       Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  286.313706][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.322734][   T29] task:syz-executor346 state:D stack:26328 pid: 3627 ppid:  3623 flags:0x00004004
[  286.332339][   T29] Call Trace:
[  286.335965][   T29]  <TASK>
[  286.339285][   T29]  __schedule+0x91f/0xdf0
[  286.343993][   T29]  ? __sched_text_start+0x8/0x8
[  286.349229][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.355041][   T29]  ? _raw_spin_lock_irq+0xba/0xf0
[  286.360114][   T29]  ? do_raw_spin_unlock+0x134/0x8a0
[  286.365665][   T29]  schedule+0xcb/0x190
[  286.370119][   T29]  rwsem_down_write_slowpath+0xf1c/0x1350
[  286.376234][   T29]  ? rwsem_down_read_slowpath+0x930/0x930
[  286.382378][   T29]  ? read_lock_is_recursive+0x10/0x10
[  286.388104][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.393880][   T29]  down_write+0x163/0x170
[  286.398587][   T29]  ? down_read_killable+0x80/0x80
[  286.404000][   T29]  blkdev_fallocate+0x21f/0x390
[  286.408901][   T29]  vfs_fallocate+0x515/0x670
[  286.413833][   T29]  __x64_sys_fallocate+0xb9/0x100
[  286.418908][   T29]  do_syscall_64+0x3d/0xb0
[  286.423339][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.429436][   T29] RIP: 0033:0x7f22ece8ee09
[  286.434220][   T29] RSP: 002b:00007ffca874b768 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.443053][   T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f22ece8ee09
[  286.451421][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.459789][   T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  286.468103][   T29] R10: 00400000000000a2 R11: 0000000000000246 R12: 00007f22ece525e0
[  286.476404][   T29] R13: 0000000000000000 R14: 00007ffca874b790 R15: 00007ffca874b780
[  286.484757][   T29]  </TASK>
[  286.487836][   T29] INFO: task syz-executor346:3643 blocked for more than 143 seconds.
[  286.496222][   T29]       Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  286.504272][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.513339][   T29] task:syz-executor346 state:D stack:26328 pid: 3643 ppid:  3616 flags:0x00004004
[  286.522872][   T29] Call Trace:
[  286.526453][   T29]  <TASK>
[  286.529774][   T29]  __schedule+0x91f/0xdf0
[  286.534475][   T29]  ? __sched_text_start+0x8/0x8
[  286.539722][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.545201][   T29]  ? _raw_spin_lock_irq+0xba/0xf0
[  286.550262][   T29]  ? do_raw_spin_unlock+0x134/0x8a0
[  286.555789][   T29]  schedule+0xcb/0x190
[  286.560257][   T29]  rwsem_down_write_slowpath+0xf1c/0x1350
[  286.566372][   T29]  ? rwsem_down_read_slowpath+0x930/0x930
[  286.572491][   T29]  ? read_lock_is_recursive+0x10/0x10
[  286.578279][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.584097][   T29]  down_write+0x163/0x170
[  286.588815][   T29]  ? down_read_killable+0x80/0x80
[  286.594210][   T29]  blkdev_fallocate+0x21f/0x390
[  286.599104][   T29]  vfs_fallocate+0x515/0x670
[  286.604036][   T29]  __x64_sys_fallocate+0xb9/0x100
[  286.609437][   T29]  do_syscall_64+0x3d/0xb0
[  286.614216][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  286.620522][   T29] RIP: 0033:0x7f22ece8ee09
[  286.625282][   T29] RSP: 002b:00007ffca874b768 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  286.634141][   T29] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f22ece8ee09
[  286.642450][   T29] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000003
[  286.650809][   T29] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  286.658823][   T29] R10: 00400000000000a2 R11: 0000000000000246 R12: 000000000000a318
[  286.666822][   T29] R13: 00007ffca874b77c R14: 00007ffca874b790 R15: 00007ffca874b780
[  286.675167][   T29]  </TASK>
[  286.678588][   T29] 
[  286.678588][   T29] Showing all locks held in the system:
[  286.686819][   T29] 1 lock held by rcu_tasks_kthre/13:
[  286.692453][   T29]  #0: ffffffff8cb233f0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00
[  286.703041][   T29] 1 lock held by rcu_tasks_trace/14:
[  286.715711][   T29]  #0: ffffffff8cb23bf0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00
[  286.733965][   T29] 1 lock held by khungtaskd/29:
[  286.742035][   T29]  #0: ffffffff8cb23220 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  286.751478][   T29] 2 locks held by getty/3289:
[  286.756441][   T29]  #0: ffff88814b3b3098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  286.766648][   T29]  #1: ffffc90002d232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x53b/0x1650
[  286.777151][   T29] 1 lock held by syz-executor346/3624:
[  286.782953][   T29] 1 lock held by syz-executor346/3626:
[  286.788783][   T29]  #0: ffff888140c13fc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  286.799806][   T29] 1 lock held by syz-executor346/3627:
[  286.805606][   T29]  #0: ffff888140c13fc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  286.816683][   T29] 1 lock held by syz-executor346/3643:
[  286.822154][   T29]  #0: ffff888140c13fc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  286.833362][   T29] 1 lock held by syz-executor346/3645:
[  286.839207][   T29]  #0: ffff888140c13fc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  286.849952][   T29] 1 lock held by syz-executor346/3652:
[  286.855432][   T29]  #0: ffff888140c13fc0 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_fallocate+0x21f/0x390
[  286.867071][   T29] 
[  286.870188][   T29] =============================================
[  286.870188][   T29] 
[  286.879563][   T29] NMI backtrace for cpu 1
[  286.883908][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  286.893735][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[  286.903796][   T29] Call Trace:
[  286.907060][   T29]  <TASK>
[  286.909981][   T29]  dump_stack_lvl+0x1b1/0x28e
[  286.914643][   T29]  ? preempt_schedule+0xb6/0xc0
[  286.919482][   T29]  ? fortify_panic+0x13/0x13
[  286.924061][   T29]  ? panic+0x715/0x715
[  286.928181][   T29]  ? console_unlock+0x6bd/0x6f0
[  286.933030][   T29]  ? console_trylock_spinning+0x410/0x410
[  286.938837][   T29]  ? nmi_cpu_backtrace+0x1e5/0x450
[  286.943984][   T29]  nmi_cpu_backtrace+0x425/0x450
[  286.948912][   T29]  ? vprintk_emit+0x109/0x1e0
[  286.953583][   T29]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  286.959727][   T29]  ? _printk+0xc0/0x100
[  286.963873][   T29]  ? panic+0x715/0x715
[  286.967933][   T29]  ? __wake_up_klogd+0xcd/0x100
[  286.972772][   T29]  ? panic+0x715/0x715
[  286.976902][   T29]  ? __rcu_read_unlock+0x8f/0x100
[  286.981978][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  286.988082][   T29]  nmi_trigger_cpumask_backtrace+0x169/0x280
[  286.994149][   T29]  watchdog+0xcd5/0xd20
[  286.998357][   T29]  kthread+0x266/0x300
[  287.002462][   T29]  ? hungtask_pm_notify+0x50/0x50
[  287.007475][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.012056][   T29]  ret_from_fork+0x1f/0x30
[  287.016499][   T29]  </TASK>
[  287.019623][   T29] Sending NMI from CPU 1 to CPUs 0:
[  287.024845][    C0] NMI backtrace for cpu 0
[  287.024855][    C0] CPU: 0 PID: 2964 Comm: klogd Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  287.024870][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[  287.024877][    C0] RIP: 0010:rcu_is_watching+0x51/0xb0
[  287.024897][    C0] Code: 38 60 8c 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 a0 99 69 00 48 c7 c3 60 4a 03 00 49 03 1e 48 89 d8 48 c1 e8 03 <42> 8a 04 38 84 c0 75 1e 8b 03 65 ff 0d c6 8a 91 7e 74 0c 83 e0 04
[  287.024908][    C0] RSP: 0018:ffffc90002b6efe0 EFLAGS: 00000802
[  287.024920][    C0] RAX: 1ffff1101734694c RBX: ffff8880b9a34a60 RCX: ffff88807e7ebb00
[  287.024930][    C0] RDX: 0000000000000000 RSI: ffffffff8aec54a0 RDI: ffffffff8aec5460
[  287.024939][    C0] RBP: ffffc90002b6f088 R08: dffffc0000000000 R09: fffffbfff1c1651e
[  287.024948][    C0] R10: fffffbfff1c1651e R11: 1ffffffff1c1651d R12: dffffc0000000000
[  287.024958][    C0] R13: 1ffff9200056de40 R14: ffffffff8c603840 R15: dffffc0000000000
[  287.024967][    C0] FS:  00007f9e74d66800(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[  287.024979][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.024988][    C0] CR2: 0000559e684bcfb8 CR3: 0000000025e24000 CR4: 00000000003506f0
[  287.025000][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.025007][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.025015][    C0] Call Trace:
[  287.025019][    C0]  <TASK>
[  287.025024][    C0]  rcu_read_lock_sched_held+0x69/0x110
[  287.025041][    C0]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  287.025059][    C0]  ? debug_check_no_obj_freed+0x5c2/0x650
[  287.025146][    C0]  trace_lock_release+0x7b/0x1a0
[  287.025162][    C0]  ? debug_check_no_obj_freed+0x5c2/0x650
[  287.025176][    C0]  lock_release+0x81/0x820
[  287.025190][    C0]  ? read_lock_is_recursive+0x10/0x10
[  287.025205][    C0]  ? do_raw_spin_lock+0x148/0x360
[  287.025222][    C0]  ? __lock_acquire+0x1f60/0x1f60
[  287.025237][    C0]  ? __rwlock_init+0x140/0x140
[  287.025250][    C0]  ? _raw_spin_lock_irqsave+0x8e/0x100
[  287.025266][    C0]  _raw_spin_unlock_irqrestore+0x75/0x120
[  287.025280][    C0]  ? _raw_spin_unlock+0x40/0x40
[  287.025291][    C0]  ? put_cpu_partial+0x106/0x170
[  287.025346][    C0]  ? kasan_quarantine_reduce+0x169/0x180
[  287.025374][    C0]  ? __kasan_slab_alloc+0x2f/0xd0
[  287.025391][    C0]  debug_check_no_obj_freed+0x5c2/0x650
[  287.025408][    C0]  ? __reset_page_owner+0x16b/0x190
[  287.025422][    C0]  free_pcp_prepare+0x2cc/0x900
[  287.025459][    C0]  free_unref_page+0x7d/0x5f0
[  287.025471][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[  287.025484][    C0]  ? _raw_spin_unlock_irqrestore+0x8b/0x120
[  287.025496][    C0]  ? lockdep_hardirqs_on+0x8d/0x130
[  287.025535][    C0]  ? mark_free_pages+0x450/0x450
[  287.025546][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  287.025559][    C0]  ? _raw_spin_unlock+0x40/0x40
[  287.025570][    C0]  ? lockdep_hardirqs_on_prepare+0x428/0x790
[  287.025589][    C0]  __unfreeze_partials+0x1ab/0x200
[  287.025606][    C0]  put_cpu_partial+0x106/0x170
[  287.025623][    C0]  qlist_free_all+0x2b/0x70
[  287.025637][    C0]  kasan_quarantine_reduce+0x169/0x180
[  287.025653][    C0]  __kasan_slab_alloc+0x2f/0xd0
[  287.025665][    C0]  ? rcu_read_lock_sched_held+0x87/0x110
[  287.025680][    C0]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  287.025704][    C0]  ? kmem_cache_alloc_node+0x44/0x350
[  287.025717][    C0]  ? exc_int3+0xa/0x70
[  287.025729][    C0]  ? asm_exc_int3+0x35/0x40
[  287.025742][    C0]  ? __alloc_skb+0xcf/0x2b0
[  287.025763][    C0]  ? kmem_cache_alloc_node+0x2c9/0x350
[  287.025779][    C0]  kmem_cache_alloc_node+0x1cc/0x350
[  287.025792][    C0]  ? __alloc_skb+0xcf/0x2b0
[  287.025807][    C0]  __alloc_skb+0xcf/0x2b0
[  287.025821][    C0]  alloc_skb_with_frags+0xaf/0x810
[  287.025834][    C0]  ? rcu_read_lock_sched_held+0x87/0x110
[  287.025849][    C0]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  287.025867][    C0]  sock_alloc_send_pskb+0x938/0xa70
[  287.025878][    C0]  ? unix_dgram_sendmsg+0x381/0x2010
[  287.025971][    C0]  ? sock_kzfree_s+0x50/0x50
[  287.025985][    C0]  ? do_raw_spin_unlock+0x134/0x8a0
[  287.026001][    C0]  unix_dgram_sendmsg+0x5ab/0x2010
[  287.026022][    C0]  ? aa_sk_perm+0x89e/0x9e0
[  287.026096][    C0]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.026113][    C0]  ? aa_sock_msg_perm+0x91/0x150
[  287.026126][    C0]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  287.026153][    C0]  ? security_socket_sendmsg+0x9d/0xb0
[  287.026192][    C0]  ? unix_dgram_poll+0x6c0/0x6c0
[  287.026206][    C0]  __sys_sendto+0x46e/0x5f0
[  287.026246][    C0]  ? __ia32_sys_getpeername+0x80/0x80
[  287.026261][    C0]  ? read_lock_is_recursive+0x10/0x10
[  287.026276][    C0]  ? __ct_user_exit+0x81/0xe0
[  287.026290][    C0]  ? __lock_acquire+0x1f60/0x1f60
[  287.026318][    C0]  __x64_sys_sendto+0xda/0xf0
[  287.026332][    C0]  do_syscall_64+0x3d/0xb0
[  287.026345][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  287.026359][    C0] RIP: 0033:0x7f9e74f020ac
[  287.026370][    C0] Code: 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 19 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 64 c3 0f 1f 00 55 48 83 ec 20 48 89 54 24 10
[  287.026380][    C0] RSP: 002b:00007ffd4bf39868 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  287.026394][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9e74f020ac
[  287.026403][    C0] RDX: 000000000000003a RSI: 00005581db59ed70 RDI: 0000000000000003
[  287.026411][    C0] RBP: 00005581db59a910 R08: 0000000000000000 R09: 0000000000000000
[  287.026418][    C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000014
[  287.026426][    C0] R13: 0000000000000001 R14: 00007f9e7507d77d R15: 00007ffd4bf39978
[  287.026442][    C0]  </TASK>
[  287.026447][    C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.602 msecs
[  287.027239][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  287.027248][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.0.0-rc7-syzkaller-00068-g49c13ed0316d #0
[  287.027265][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[  287.027274][   T29] Call Trace:
[  287.027279][   T29]  <TASK>
[  287.027285][   T29]  dump_stack_lvl+0x1b1/0x28e
[  287.027306][   T29]  ? fortify_panic+0x13/0x13
[  287.027321][   T29]  ? panic+0x715/0x715
[  287.027345][   T29]  ? vscnprintf+0x59/0x80
[  287.027364][   T29]  panic+0x2d6/0x715
[  287.027380][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  287.027398][   T29]  ? nmi_trigger_cpumask_backtrace+0x205/0x280
[  287.027414][   T29]  ? fb_is_primary_device+0xcc/0xcc
[  287.027431][   T29]  ? __irq_work_queue_local+0x121/0x180
[  287.027510][   T29]  ? nmi_trigger_cpumask_backtrace+0x205/0x280
[  287.027525][   T29]  ? nmi_trigger_cpumask_backtrace+0x265/0x280
[  287.027546][   T29]  watchdog+0xd16/0xd20
[  287.027575][   T29]  kthread+0x266/0x300
[  287.027590][   T29]  ? hungtask_pm_notify+0x50/0x50
[  287.027605][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.027622][   T29]  ret_from_fork+0x1f/0x30
[  287.027652][   T29]  </TASK>
[  287.030951][   T29] Kernel Offset: disabled
[  287.695726][   T29] Rebooting in 86400 seconds..