audit: type=1804 audit(1633145718.375:36866): pid=9433 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir108401216/syzkaller.iVjReD/907/file0" dev="sda1" ino=14536 res=1 loop3: p3 size 1912633224 extends beyond EOD, truncated rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: 0-...!: (1 GPs behind) idle=64a/1/0x4000000000000002 softirq=105736/105737 fqs=0 rcu: 1-...!: (1 ticks this GP) idle=036/1/0x4000000000000000 softirq=103773/103773 fqs=0 rcu: (detected by 0, t=2 jiffies, g=157513, q=253) NMI backtrace for cpu 0 CPU: 0 PID: 9423 Comm: syz-executor.1 Not tainted 4.19.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline] rcu_dump_cpu_stacks+0x15f/0x19c kernel/rcu/tree.c:1340 print_other_cpu_stall kernel/rcu/tree.c:1415 [inline] check_cpu_stall kernel/rcu/tree.c:1557 [inline] __rcu_pending kernel/rcu/tree.c:3293 [inline] rcu_pending kernel/rcu/tree.c:3336 [inline] rcu_check_callbacks.cold+0x851/0xe19 kernel/rcu/tree.c:2682 update_process_times+0x2a/0x70 kernel/time/timer.c:1650 tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:168 tick_sched_timer+0xfc/0x290 kernel/time/tick-sched.c:1278 __run_hrtimer kernel/time/hrtimer.c:1465 [inline] __hrtimer_run_queues+0x3f6/0xe60 kernel/time/hrtimer.c:1527 hrtimer_interrupt+0x326/0x9e0 kernel/time/hrtimer.c:1585 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1071 [inline] smp_apic_timer_interrupt+0x10c/0x550 arch/x86/kernel/apic/apic.c:1096 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0010:tty_reopen+0xa4/0x2a0 drivers/tty/tty_io.c:1267 Code: 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 52 01 00 00 8b ab 60 04 00 00 <31> ff 89 ee e8 e3 4e aa fd 85 ed 0f 84 ae 01 00 00 e8 66 4d aa fd RSP: 0018:ffff888055b0f8e8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 RAX: 0000000000000000 RBX: ffff88809fdd75c0 RCX: ffffc900134c5000 RDX: 1ffff11013fbaf44 RSI: ffffffff83b83676 RDI: 0000000000000005 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000010004 R10: 0000000000000005 R11: 00000000bf6eb889 R12: ffff88809fdd7a20 R13: ffff8880af12f500 R14: ffff88809fdd75c0 R15: 0000000000400043 tty_open_by_driver drivers/tty/tty_io.c:1975 [inline] tty_open+0x629/0x990 drivers/tty/tty_io.c:2029 chrdev_open+0x266/0x770 fs/char_dev.c:423 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f7b72a4e8d9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f7b6ffc5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007f7b72b52f60 RCX: 00007f7b72a4e8d9 RDX: 0000000000000802 RSI: 0000000020000840 RDI: ffffffffffffff9c RBP: 00007f7b72aa8cb4 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd20fc77cf R14: 00007f7b6ffc5300 R15: 0000000000022000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at native_halt+0xd/0x10 arch/x86/include/asm/irqflags.h:66 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 loop3: p4 size 3657465856 extends beyond EOD, truncated loop3: p2 < > p3 p4 loop3: p3 size 1912633224 extends beyond EOD, truncated Bluetooth: hci5: command 0x0406 tx timeout loop3: p4 size 3657465856 extends beyond EOD, truncated FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 00 00 add %al,(%rax) 2: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 9: fc ff df c: 4c 89 e2 mov %r12,%rdx f: 48 c1 ea 03 shr $0x3,%rdx 13: 0f b6 04 02 movzbl (%rdx,%rax,1),%eax 17: 84 c0 test %al,%al 19: 74 08 je 0x23 1b: 3c 03 cmp $0x3,%al 1d: 0f 8e 52 01 00 00 jle 0x175 23: 8b ab 60 04 00 00 mov 0x460(%rbx),%ebp * 29: 31 ff xor %edi,%edi <-- trapping instruction 2b: 89 ee mov %ebp,%esi 2d: e8 e3 4e aa fd callq 0xfdaa4f15 32: 85 ed test %ebp,%ebp 34: 0f 84 ae 01 00 00 je 0x1e8 3a: e8 66 4d aa fd callq 0xfdaa4da5