INFO: task syz-executor.4:19688 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Dev loop3: unable to read RDB block 1
 loop3: unable to read partition table
loop3: partition table beyond EOD, truncated
syz-executor.4  D28648 19688   8136 0x00000004
loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
ldm_validate_privheads(): Disk read failed.
 loop3: p2 < > p4
loop3: partition table partially beyond EOD, truncated
loop3: p2 size 2 extends beyond EOD, truncated
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
loop3: p4 size 2097152 extends beyond EOD, truncated
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
ldm_validate_privheads(): Disk read failed.
 loop3: p2 < > p4
loop3: partition table partially beyond EOD, truncated
 __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
loop3: p2 size 2 extends beyond EOD, truncated
loop3: p4 size 2097152 extends beyond EOD, truncated
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0033:0x7fb98d80328a
Code: Bad RIP value.
RSP: 002b:00007ffe86c5bc90 EFLAGS: 00010246
RAX: 0000000020000040 RBX: 0000000000000000 RCX: 0000000000000000
RDX: fb20090c779d630b RSI: 0000000080010000 RDI: 0000555555f462e8
RBP: 00007ffe86c5bd88 R08: 0000000000000000 R09: 0000000000000000
R10: 00007ffe86c5bdb0 R11: 0000000000000246 R12: 000000000034eaf3
R13: 00007ffe86c5bdb0 R14: 00007fb98d985120 R15: 0000000000000032
INFO: task syz-executor.4:19690 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D28232 19690   8136 0x80000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
 exit_mm kernel/exit.c:512 [inline]
 do_exit+0x6e4/0x2be0 kernel/exit.c:857
 do_group_exit+0x125/0x310 kernel/exit.c:967
 get_signal+0x3f2/0x1f70 kernel/signal.c:2589
 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799
 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fb98d863669
Code: Bad RIP value.
RSP: 002b:00007fb98c1d7218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007fb98d984f88 RCX: 00007fb98d863669
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb98d984f88
RBP: 00007fb98d984f80 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb98d984f8c
R13: 00007ffe86c5bc4f R14: 00007fb98c1d7300 R15: 0000000000022000
INFO: task syz-executor.4:19693 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D28928 19693   8136 0x80000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
 exit_mm kernel/exit.c:512 [inline]
 do_exit+0x6e4/0x2be0 kernel/exit.c:857
 do_group_exit+0x125/0x310 kernel/exit.c:967
 get_signal+0x3f2/0x1f70 kernel/signal.c:2589
 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799
 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fb98d863669
Code: Bad RIP value.
RSP: 002b:00007fb98c195218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007fb98d985128 RCX: 00007fb98d863669
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb98d985128
RBP: 00007fb98d985120 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb98d98512c
R13: 00007ffe86c5bc4f R14: 00007fb98c195300 R15: 0000000000022000
INFO: task syz-executor.4:19694 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D30080 19694   8136 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
 __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0010:__get_user_4+0x21/0x30 arch/x86/lib/getuser.S:78
Code: 50 ff 31 c0 0f 01 ca c3 90 48 83 c0 03 72 55 65 48 8b 14 25 c0 df 01 00 48 3b 82 98 14 00 00 73 43 48 19 d2 48 21 d0 0f 01 cb <8b> 50 fd 31 c0 0f 01 ca c3 66 0f 1f 44 00 00 48 83 c0 07 72 25 65
RSP: 0018:ffff88805cf0fd60 EFLAGS: 00050206
RAX: 0000000020000047 RBX: 00007fffffffefc0 RCX: 1ffff11015357929
RDX: ffffffffffffffff RSI: ffffffff81765ebb RDI: 0000000000000286
RBP: 0000000000000006 R08: ffffffff8cd38068 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff88805cf0fe40 R14: 0000000020000040 R15: 0000000020000040
 perf_copy_attr+0xb8/0x7a0 kernel/events/core.c:10275
 __do_sys_perf_event_open kernel/events/core.c:10571 [inline]
 __se_sys_perf_event_open+0xb4/0x2720 kernel/events/core.c:10549
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fb98d863669
Code: Bad RIP value.
RSP: 002b:00007fb98c174168 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
RAX: ffffffffffffffda RBX: 00007fb98d9851f0 RCX: 00007fb98d863669
RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000020000040
RBP: 00007fb98d8be560 R08: 000000000000000a R09: 0000000000000000
R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe86c5bc4f R14: 00007fb98c174300 R15: 0000000000022000
INFO: task syz-executor.4:19695 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D30192 19695   8136 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
 rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309
 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
 __down_read arch/x86/include/asm/rwsem.h:83 [inline]
 down_read+0x44/0x80 kernel/locking/rwsem.c:26
 __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0010:do_strncpy_from_user lib/strncpy_from_user.c:39 [inline]
RIP: 0010:strncpy_from_user+0x1ea/0x350 lib/strncpy_from_user.c:119
Code: 03 da fd 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 98 04 da fd 48 83 fd 07 0f 86 29 01 00 00 e8 f9 02 da fd 45 31 ff <4d> 8b 64 1d 00 31 ff 44 89 fe e8 57 04 da fd 45 85 ff 0f 84 61 ff
RSP: 0018:ffff888057de7dd0 EFLAGS: 00050246
RAX: ffff88805bede140 RBX: 0000000000000000 RCX: ffffffff838881e4
RDX: 0000000000000000 RSI: ffffffff83888277 RDI: 0000000000000007
RBP: 0000000000000fe0 R08: 0000000000000fe0 R09: 0000000000000007
R10: 0000000000000007 R11: 0000000000000000 R12: 0000000020000fe0
R13: 0000000020000000 R14: ffff888052326da0 R15: 0000000000000000
 getname_flags+0x113/0x590 fs/namei.c:151
 do_sys_open+0x26c/0x520 fs/open.c:1079
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fb98d863669
Code: Bad RIP value.
RSP: 002b:00007fb98c153168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fb98d9852c0 RCX: 00007fb98d863669
RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c
RBP: 00007fb98d8be560 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe86c5bc4f R14: 00007fb98c153300 R15: 0000000000022000

Showing all locks held in the system:
1 lock held by khungtaskd/1550:
 #0: 00000000a7ce29f4 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441
3 locks held by systemd-udevd/4700:
1 lock held by in:imklog/7806:
 #0: 0000000032d282cd (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767
2 locks held by agetty/8039:
 #0: 00000000131758de (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 000000005abb38cb (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154
4 locks held by kworker/u4:7/9485:
 #0: 00000000067c899f ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
 #1: 00000000daaafa91 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
 #2: 000000006af3fa30 (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521
 #3: 00000000b08a65e3 (rcu_preempt_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline]
 #3: 00000000b08a65e3 (rcu_preempt_state.exp_mutex){+.+.}, at: _synchronize_rcu_expedited+0x256/0x6f0 kernel/rcu/tree_exp.h:667
3 locks held by kworker/u4:4/15697:
2 locks held by kworker/1:4/10725:
 #0: 000000002f66d6d3 ((wq_completion)"rcu_gp"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
 #1: 000000001d0aafc9 ((work_completion)(&rew.rew_work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
1 lock held by syz-executor.4/19688:
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
1 lock held by syz-executor.4/19690:
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline]
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857
1 lock held by syz-executor.4/19692:
1 lock held by syz-executor.4/19693:
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline]
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857
1 lock held by syz-executor.4/19694:
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
1 lock held by syz-executor.4/19695:
 #0: 00000000bbaa1d94 (&mm->mmap_sem){++++}, at: __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348
1 lock held by syz-executor.1/31562:
 #0: 00000000b08a65e3 (rcu_preempt_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:297 [inline]
 #0: 00000000b08a65e3 (rcu_preempt_state.exp_mutex){+.+.}, at: _synchronize_rcu_expedited+0x4dc/0x6f0 kernel/rcu/tree_exp.h:667
1 lock held by syz-executor.2/31615:
 #0: 0000000096abcffd (&mm->mmap_sem){++++}, at: vm_mmap_pgoff+0x152/0x200 mm/util.c:355
2 locks held by syz-executor.2/31619:
 #0: 0000000096abcffd (&mm->mmap_sem){++++}, at: vm_mmap_pgoff+0x152/0x200 mm/util.c:355
 #1: 0000000082ed7165 (&event->mmap_mutex){+.+.}, at: perf_mmap+0x693/0x1810 kernel/events/core.c:5713

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1550 Comm: khungtaskd Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
 watchdog+0x991/0xe60 kernel/hung_task.c:287
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 9485 Comm: kworker/u4:7 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
Workqueue: netns cleanup_net
RIP: 0010:__lock_release kernel/locking/lockdep.c:3684 [inline]
RIP: 0010:lock_release+0x27d/0x8b0 kernel/locking/lockdep.c:3927
Code: 48 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 0c 11 48 89 fa 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 19 05 00 00 <8b> 48 24 85 c9 0f 85 be 03 00 00 48 8d 78 22 48 ba 00 00 00 00 00
RSP: 0018:ffff888052b6fa70 EFLAGS: 00000046
RAX: ffff888052b60cc0 RBX: ffffffff8d243760 RCX: 0000000000000000
RDX: 0000000000000007 RSI: ffffffff89f85fa0 RDI: ffff888052b60ce4
RBP: ffffffff89f85fa0 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff1100a56df51
R13: ffffffff86d664b1 R14: ffff888052b603c0 R15: 0000000000000004
FS:  0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000009f709000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 rcu_lock_release include/linux/rcupdate.h:247 [inline]
 rcu_read_unlock include/linux/rcupdate.h:681 [inline]
 inet_twsk_purge+0x558/0x7c0 net/ipv4/inet_timewait_sock.c:298
 tcp_sk_exit_batch+0x1d/0xa0 net/ipv4/tcp_ipv4.c:2630
 ops_exit_list+0xf9/0x150 net/core/net_namespace.c:156
 cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415