[ 30.714397][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.722743][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 30.731869][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 30.744182][ T373] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 31.170538][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 31.270723][ T9] device bridge_slave_1 left promiscuous mode [ 31.277099][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.285034][ T9] device bridge_slave_0 left promiscuous mode [ 31.291594][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.020506][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #c0!!! Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. 2022/07/13 23:26:25 parsed 1 programs [ 47.896260][ T23] kauditd_printk_skb: 65 callbacks suppressed [ 47.896266][ T23] audit: type=1400 audit(1657754785.799:148): avc: denied { mounton } for pid=403 comm="syz-executor" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 47.896493][ T403] cgroup: Unknown subsys name 'net' [ 47.932209][ T403] cgroup: Unknown subsys name 'devices' [ 47.938608][ T403] cgroup: Unknown subsys name 'hugetlb' 2022/07/13 23:26:25 executed programs: 0 [ 47.944429][ T403] cgroup: Unknown subsys name 'rlimit' [ 47.950287][ T23] audit: type=1400 audit(1657754785.849:149): avc: denied { mounton } for pid=403 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 47.997517][ T23] audit: type=1400 audit(1657754785.849:150): avc: denied { mount } for pid=403 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 48.019978][ T409] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.022038][ T23] audit: type=1400 audit(1657754785.849:151): avc: denied { mounton } for pid=407 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 48.028953][ T409] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.054384][ T23] audit: type=1400 audit(1657754785.849:152): avc: denied { module_request } for pid=407 comm="syz-executor.2" kmod="netdev-nr2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 48.061588][ T409] device bridge_slave_0 entered promiscuous mode [ 48.090851][ T409] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.098480][ T409] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.105907][ T409] device bridge_slave_1 entered promiscuous mode [ 48.138195][ T407] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.146163][ T407] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.153601][ T407] device bridge_slave_0 entered promiscuous mode [ 48.160412][ T407] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.167962][ T407] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.175362][ T407] device bridge_slave_1 entered promiscuous mode [ 48.256271][ T407] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.263524][ T407] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.270940][ T407] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.278027][ T407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.292763][ T415] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.299870][ T415] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.307171][ T415] device bridge_slave_0 entered promiscuous mode [ 48.316088][ T413] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.323574][ T413] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.331277][ T413] device bridge_slave_0 entered promiscuous mode [ 48.339013][ T413] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.346062][ T413] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.353360][ T413] device bridge_slave_1 entered promiscuous mode [ 48.362896][ T418] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.370110][ T418] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.377480][ T418] device bridge_slave_0 entered promiscuous mode [ 48.391873][ T415] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.399259][ T415] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.406870][ T415] device bridge_slave_1 entered promiscuous mode [ 48.431645][ T418] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.438857][ T418] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.446539][ T418] device bridge_slave_1 entered promiscuous mode [ 48.453427][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.461753][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.470229][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.478069][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.485398][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.492862][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.500206][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 48.508602][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.516701][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.523813][ T374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.531262][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.539412][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.547580][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.554680][ T374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.564986][ T412] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.572248][ T412] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.579434][ T412] device bridge_slave_0 entered promiscuous mode [ 48.592555][ T412] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.599644][ T412] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.607232][ T412] device bridge_slave_1 entered promiscuous mode [ 48.634444][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.642828][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.650734][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.658687][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.667018][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.715309][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.723971][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.751314][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.759679][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.768219][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.776770][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.785968][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.802815][ T23] audit: type=1400 audit(1657754786.709:153): avc: denied { mount } for pid=409 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 48.835072][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.843760][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.852444][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.870728][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.878475][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.886989][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.894021][ T374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.901638][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.909843][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.917142][ T374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.924751][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.933025][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.962422][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 48.970307][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.978860][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.021792][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.034549][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.042926][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.053128][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.061665][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.069975][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.077209][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.085421][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.094632][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.101699][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.109696][ T23] audit: type=1400 audit(1657754787.009:154): avc: denied { append } for pid=142 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 49.132637][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.140860][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.144178][ T23] audit: type=1400 audit(1657754787.009:155): avc: denied { open } for pid=142 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 49.148891][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.172155][ T23] audit: type=1400 audit(1657754787.009:156): avc: denied { getattr } for pid=142 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 49.179956][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.210730][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.218012][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.244201][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.251857][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.259674][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.268960][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.277885][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.286934][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.295643][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.304059][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.311257][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.318904][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.327151][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.338754][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.347826][ T378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.369517][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.377014][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.384921][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.394366][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.402953][ T416] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.410195][ T416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.417856][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.431050][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.439350][ T416] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.446536][ T416] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.454400][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 49.462754][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.471763][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 49.479918][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.488853][ T416] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 49.508821][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 49.517266][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.525641][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 49.534446][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.543872][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.552543][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.562341][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.570835][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.579383][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.587721][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.615544][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.624879][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.634519][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.643396][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.651811][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.660296][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.668945][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.690697][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.699174][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.708718][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 172.831936][ T25] INFO: task syz-executor.3:458 blocked for more than 122 seconds. [ 172.839863][ T25] Not tainted 5.10.118-syzkaller #0 [ 172.860438][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 172.869205][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 172.890432][ T25] Call Trace: [ 172.893812][ T25] __schedule+0x6e4/0x1910 [ 172.898204][ T25] ? io_schedule_timeout+0x150/0x150 [ 172.920462][ T25] ? __kasan_check_write+0x14/0x20 [ 172.925704][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 172.940453][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 172.945729][ T25] schedule+0xdb/0x270 [ 172.949859][ T25] schedule_preempt_disabled+0x13/0x20 [ 172.970436][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 172.975968][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 173.000484][ T25] ? current_time+0x6d/0x200 [ 173.005329][ T25] ? generic_update_time+0x17c/0x290 [ 173.020474][ T25] ? preempt_count_add+0x7a/0x160 [ 173.025495][ T25] __mutex_lock_slowpath+0xe/0x10 [ 173.040454][ T25] mutex_lock+0xc2/0xd0 [ 173.044596][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 173.049967][ T25] ? avc_has_perm+0x121/0x290 [ 173.070444][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 173.075822][ T25] pipe_write+0x117/0x1930 [ 173.080233][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 173.100479][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 173.106118][ T25] ? inode_has_perm+0x142/0x220 [ 173.120481][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 173.126380][ T25] ? file_has_perm+0x24c/0x360 [ 173.140443][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 173.145451][ T25] new_sync_write+0x49b/0x6d0 [ 173.150122][ T25] ? futex_exit_release+0x200/0x200 [ 173.170440][ T25] ? kfree+0xc2/0x4e0 [ 173.174498][ T25] ? new_sync_read+0x6d0/0x6d0 [ 173.179261][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 173.186055][ T25] ? rw_verify_area+0xc3/0x2b0 [ 173.190968][ T25] ? __fget_light.part.0+0x19d/0x330 [ 173.196231][ T25] vfs_write+0x4f5/0x750 [ 173.200575][ T25] ksys_write+0x192/0x210 [ 173.204975][ T25] ? __fget_light.part.0+0x19d/0x330 [ 173.210268][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 173.215325][ T25] ? __kasan_check_write+0x14/0x20 [ 173.220490][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 173.225498][ T25] __x64_sys_write+0x6e/0xb0 [ 173.230148][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 173.235983][ T25] do_syscall_64+0x32/0x80 [ 173.240604][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 173.246701][ T25] RIP: 0033:0x7fefbf019109 [ 173.251264][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 173.259655][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 173.267812][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 173.275931][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 173.283972][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.292082][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 173.300234][ T25] NMI backtrace for cpu 0 [ 173.304665][ T25] CPU: 0 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 173.312621][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 173.322651][ T25] Call Trace: [ 173.325944][ T25] dump_stack_lvl+0x81/0xac [ 173.330428][ T25] dump_stack+0x10/0x12 [ 173.334557][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 173.339727][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 173.344919][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 173.350916][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 173.356788][ T25] watchdog+0x88b/0xb10 [ 173.360916][ T25] ? reset_hung_task_detector+0x30/0x30 [ 173.366435][ T25] ? __kasan_check_read+0x11/0x20 [ 173.371619][ T25] ? __kthread_parkme+0x78/0x140 [ 173.376529][ T25] ? schedule+0xf2/0x270 [ 173.380742][ T25] ? reset_hung_task_detector+0x30/0x30 [ 173.386260][ T25] kthread+0x345/0x420 [ 173.390301][ T25] ? schedule_tail+0xe9/0x1e0 [ 173.394950][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 173.401019][ T25] ret_from_fork+0x1f/0x30 [ 173.405493][ T25] Sending NMI from CPU 0 to CPUs 1: [ 173.410904][ C1] NMI backtrace for cpu 1 [ 173.410906][ C1] CPU: 1 PID: 451 Comm: syz-executor.3 Not tainted 5.10.118-syzkaller #0 [ 173.410908][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 173.410909][ C1] RIP: 0010:bio_iov_iter_get_pages+0x708/0xf20 [ 173.410912][ C1] Code: 07 00 00 41 8b 5e 08 48 39 d9 0f 87 6a 01 00 00 48 8b 85 38 ff ff ff 48 29 cb 4c 8d 60 10 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 <0f> 85 09 07 00 00 48 8b 85 38 ff ff ff 49 8d 7e 0c 48 39 58 10 48 [ 173.410914][ C1] RSP: 0018:ffffc90000a972d0 EFLAGS: 00000246 [ 173.410917][ C1] RAX: 1ffff92000152f83 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.410919][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88812438fff8 [ 173.410920][ C1] RBP: ffffc90000a973f8 R08: ffffc90000a97c18 R09: dffffc0000000000 [ 173.410921][ C1] R10: ffff88812438fff0 R11: 0000000000000000 R12: ffffc90000a97c18 [ 173.410923][ C1] R13: dffffc0000000000 R14: ffff88812438fff0 R15: ffff88812e06f780 [ 173.410925][ C1] FS: 00007fefbef8f700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 173.410926][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.410928][ C1] CR2: 00007f9524517640 CR3: 0000000125b64000 CR4: 00000000003506a0 [ 173.410929][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 173.410930][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 173.410931][ C1] Call Trace: [ 173.410933][ C1] ? bio_add_pc_page+0xf0/0xf0 [ 173.410934][ C1] ? bvec_alloc+0x280/0x280 [ 173.410935][ C1] iomap_dio_bio_actor+0x681/0xe10 [ 173.410936][ C1] iomap_dio_actor+0x6b/0x480 [ 173.410937][ C1] iomap_apply+0x18e/0x620 [ 173.410938][ C1] ? __kasan_check_write+0x14/0x20 [ 173.410940][ C1] ? iomap_dio_rw+0x30/0x30 [ 173.410941][ C1] ? trace_event_raw_event_iomap_apply+0x480/0x480 [ 173.410942][ C1] ? __kasan_check_read+0x11/0x20 [ 173.410943][ C1] ? filemap_check_errors+0x56/0xf0 [ 173.410944][ C1] __iomap_dio_rw+0x659/0x1080 [ 173.410946][ C1] ? iomap_dio_rw+0x30/0x30 [ 173.410947][ C1] ? iomap_dio_bio_actor+0xe10/0xe10 [ 173.410948][ C1] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 173.410949][ C1] iomap_dio_rw+0xd/0x30 [ 173.410950][ C1] ext4_file_write_iter+0x7cf/0x1670 [ 173.410952][ C1] ? __kasan_slab_free+0x111/0x150 [ 173.410953][ C1] ? _raw_write_lock_irqsave+0xa1/0xe0 [ 173.410954][ C1] ? ext4_buffered_write_iter+0x430/0x430 [ 173.410955][ C1] ? __kasan_check_write+0x14/0x20 [ 173.410957][ C1] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 173.410958][ C1] ? __mutex_lock_slowpath+0xe/0x10 [ 173.410959][ C1] do_iter_readv_writev+0x34b/0x850 [ 173.410960][ C1] ? finish_wait+0x154/0x220 [ 173.410961][ C1] ? new_sync_write+0x6d0/0x6d0 [ 173.410962][ C1] ? rw_verify_area+0xc3/0x2b0 [ 173.410964][ C1] do_iter_write+0x128/0x5a0 [ 173.410965][ C1] ? kmalloc_order+0xc5/0x100 [ 173.410966][ C1] ? kmalloc_order_trace+0x18/0x90 [ 173.410967][ C1] vfs_iter_write+0x5a/0xb0 [ 173.410968][ C1] iter_file_splice_write+0x57e/0xbb0 [ 173.410969][ C1] ? generic_splice_sendpage+0x130/0x130 [ 173.410971][ C1] ? selinux_file_permission+0x2f1/0x3f0 [ 173.410972][ C1] ? rw_verify_area+0xc3/0x2b0 [ 173.410973][ C1] do_splice+0xa86/0x2050 [ 173.410974][ C1] ? preempt_count_add+0x7a/0x160 [ 173.410975][ C1] ? splice_from_pipe+0x140/0x140 [ 173.410976][ C1] ? build_open_flags+0x470/0x470 [ 173.410978][ C1] ? preempt_count_add+0x7a/0x160 [ 173.410979][ C1] __do_splice+0x113/0x1e0 [ 173.410980][ C1] ? do_splice+0x2050/0x2050 [ 173.410981][ C1] __x64_sys_splice+0x151/0x200 [ 173.410982][ C1] do_syscall_64+0x32/0x80 [ 173.410983][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 173.410985][ C1] RIP: 0033:0x7fefbf019109 [ 173.410987][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 173.410989][ C1] RSP: 002b:00007fefbef8f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 173.410992][ C1] RAX: ffffffffffffffda RBX: 00007fefbf12bf60 RCX: 00007fefbf019109 [ 173.410993][ C1] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 173.410995][ C1] RBP: 00007fefbf07308d R08: 00000000088000cc R09: 0000000000000000 [ 173.410996][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.410998][ C1] R13: 00007fff35b1d90f R14: 00007fefbef8f300 R15: 0000000000022000 [ 193.950521][ T25] INFO: task syz-executor.3:458 blocked for more than 143 seconds. [ 193.958429][ T25] Not tainted 5.10.118-syzkaller #0 [ 193.980451][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 193.989129][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 194.010435][ T25] Call Trace: [ 194.013727][ T25] __schedule+0x6e4/0x1910 [ 194.018124][ T25] ? io_schedule_timeout+0x150/0x150 [ 194.040449][ T25] ? __kasan_check_write+0x14/0x20 [ 194.045819][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 194.051496][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 194.056939][ T25] schedule+0xdb/0x270 [ 194.061261][ T25] schedule_preempt_disabled+0x13/0x20 [ 194.066721][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 194.072352][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 194.077099][ T25] ? current_time+0x6d/0x200 [ 194.081768][ T25] ? generic_update_time+0x17c/0x290 [ 194.087031][ T25] ? preempt_count_add+0x7a/0x160 [ 194.092139][ T25] __mutex_lock_slowpath+0xe/0x10 [ 194.098888][ T25] mutex_lock+0xc2/0xd0 [ 194.103372][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 194.108677][ T25] ? avc_has_perm+0x121/0x290 [ 194.114600][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 194.119971][ T25] pipe_write+0x117/0x1930 [ 194.140449][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 194.146856][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 194.160436][ T25] ? inode_has_perm+0x142/0x220 [ 194.165544][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 194.180437][ T25] ? file_has_perm+0x24c/0x360 [ 194.185183][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 194.190188][ T25] new_sync_write+0x49b/0x6d0 [ 194.210451][ T25] ? futex_exit_release+0x200/0x200 [ 194.215814][ T25] ? kfree+0xc2/0x4e0 [ 194.219773][ T25] ? new_sync_read+0x6d0/0x6d0 [ 194.240454][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 194.247217][ T25] ? rw_verify_area+0xc3/0x2b0 [ 194.270694][ T25] ? __fget_light.part.0+0x19d/0x330 [ 194.275996][ T25] vfs_write+0x4f5/0x750 [ 194.280304][ T25] ksys_write+0x192/0x210 [ 194.284836][ T25] ? __fget_light.part.0+0x19d/0x330 [ 194.290188][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 194.295263][ T25] ? __kasan_check_write+0x14/0x20 [ 194.300375][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 194.305925][ T25] __x64_sys_write+0x6e/0xb0 [ 194.310586][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 194.316907][ T25] do_syscall_64+0x32/0x80 [ 194.321505][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.327388][ T25] RIP: 0033:0x7fefbf019109 [ 194.331916][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 194.340309][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 194.348372][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 194.356388][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 194.364530][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.372590][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 194.380918][ T25] INFO: task syz-executor.2:477 blocked for more than 123 seconds. [ 194.389244][ T25] Not tainted 5.10.118-syzkaller #0 [ 194.410441][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 194.419262][ T25] task:syz-executor.2 state:D stack: 0 pid: 477 ppid: 407 flags:0x00004004 [ 194.440434][ T25] Call Trace: [ 194.443716][ T25] __schedule+0x6e4/0x1910 [ 194.448111][ T25] ? io_schedule_timeout+0x150/0x150 [ 194.470438][ T25] ? __kasan_check_write+0x14/0x20 [ 194.475630][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 194.490447][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 194.495728][ T25] schedule+0xdb/0x270 [ 194.499861][ T25] schedule_preempt_disabled+0x13/0x20 [ 194.520434][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 194.525990][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 194.530839][ T25] ? current_time+0x6d/0x200 [ 194.535492][ T25] ? generic_update_time+0x17c/0x290 [ 194.540858][ T25] ? preempt_count_add+0x7a/0x160 [ 194.545859][ T25] __mutex_lock_slowpath+0xe/0x10 [ 194.550963][ T25] mutex_lock+0xc2/0xd0 [ 194.555098][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 194.560356][ T25] ? avc_has_perm+0x121/0x290 [ 194.565154][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 194.570632][ T25] pipe_write+0x117/0x1930 [ 194.575023][ T25] ? warn_alloc+0x190/0x190 [ 194.579510][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 194.585846][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 194.591805][ T25] ? inode_has_perm+0x142/0x220 [ 194.596640][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 194.620439][ T25] ? file_has_perm+0x24c/0x360 [ 194.625198][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 194.630197][ T25] new_sync_write+0x49b/0x6d0 [ 194.650436][ T25] ? futex_exit_release+0x200/0x200 [ 194.655622][ T25] ? kfree+0xc2/0x4e0 [ 194.659601][ T25] ? new_sync_read+0x6d0/0x6d0 [ 194.670669][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 194.677255][ T25] ? rw_verify_area+0xc3/0x2b0 [ 194.700450][ T25] ? __fget_light.part.0+0x19d/0x330 [ 194.705916][ T25] vfs_write+0x4f5/0x750 [ 194.710232][ T25] ksys_write+0x192/0x210 [ 194.730443][ T25] ? __fget_light.part.0+0x19d/0x330 [ 194.735990][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 194.740767][ T25] ? __kasan_check_write+0x14/0x20 [ 194.746033][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 194.760460][ T25] __x64_sys_write+0x6e/0xb0 [ 194.770524][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 194.776315][ T25] do_syscall_64+0x32/0x80 [ 194.790456][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.796349][ T25] RIP: 0033:0x7f6aba1ff109 [ 194.820468][ T25] RSP: 002b:00007f6aba154168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 194.828893][ T25] RAX: ffffffffffffffda RBX: 00007f6aba312030 RCX: 00007f6aba1ff109 [ 194.850447][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 194.858783][ T25] RBP: 00007f6aba25908d R08: 0000000000000000 R09: 0000000000000000 [ 194.880451][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.888426][ T25] R13: 00007fff84610c8f R14: 00007f6aba154300 R15: 0000000000022000 [ 194.920467][ T25] NMI backtrace for cpu 0 [ 194.924816][ T25] CPU: 0 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 194.932836][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 194.943582][ T25] Call Trace: [ 194.946887][ T25] dump_stack_lvl+0x81/0xac [ 194.951452][ T25] dump_stack+0x10/0x12 [ 194.955595][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 194.960854][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 194.966202][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 194.972244][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 194.978194][ T25] watchdog+0x88b/0xb10 [ 194.982408][ T25] ? reset_hung_task_detector+0x30/0x30 [ 194.987939][ T25] ? __kasan_check_read+0x11/0x20 [ 194.992942][ T25] ? __kthread_parkme+0x78/0x140 [ 194.997944][ T25] ? schedule+0xf2/0x270 [ 195.002253][ T25] ? reset_hung_task_detector+0x30/0x30 [ 195.007793][ T25] kthread+0x345/0x420 [ 195.012181][ T25] ? schedule_tail+0xe9/0x1e0 [ 195.016867][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 195.023196][ T25] ret_from_fork+0x1f/0x30 [ 195.027638][ T25] Sending NMI from CPU 0 to CPUs 1: [ 195.033047][ C1] NMI backtrace for cpu 1 [ 195.033050][ C1] CPU: 1 PID: 476 Comm: syz-executor.2 Not tainted 5.10.118-syzkaller #0 [ 195.033052][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 195.033053][ C1] RIP: 0010:bio_iov_iter_get_pages+0x722/0xf20 [ 195.033056][ C1] Code: 4c 8d 60 10 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 0f 85 09 07 00 00 48 8b 85 38 ff ff ff 49 8d 7e 0c 48 39 58 10 48 0f 46 58 10 <48> 89 f8 48 c1 e8 03 42 0f b6 14 28 48 89 f8 83 e0 07 83 c0 03 38 [ 195.033058][ C1] RSP: 0018:ffffc90000b272d0 EFLAGS: 00000206 [ 195.033062][ C1] RAX: ffffc90000b27c08 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.033063][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88813718fffc [ 195.033065][ C1] RBP: ffffc90000b273f8 R08: ffffc90000b27c18 R09: dffffc0000000000 [ 195.033066][ C1] R10: ffff88813718fff0 R11: 0000000000000000 R12: ffffc90000b27c18 [ 195.033068][ C1] R13: dffffc0000000000 R14: ffff88813718fff0 R15: ffff88812f6d5b40 [ 195.033069][ C1] FS: 00007f6aba175700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 195.033071][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.033073][ C1] CR2: 00007f9524517640 CR3: 000000012327d000 CR4: 00000000003506a0 [ 195.033074][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 195.033076][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 195.033077][ C1] Call Trace: [ 195.033078][ C1] ? bio_add_pc_page+0xf0/0xf0 [ 195.033079][ C1] ? bvec_alloc+0x280/0x280 [ 195.033080][ C1] iomap_dio_bio_actor+0x681/0xe10 [ 195.033082][ C1] iomap_dio_actor+0x6b/0x480 [ 195.033083][ C1] iomap_apply+0x18e/0x620 [ 195.033084][ C1] ? __kasan_check_write+0x14/0x20 [ 195.033085][ C1] ? iomap_dio_rw+0x30/0x30 [ 195.033087][ C1] ? trace_event_raw_event_iomap_apply+0x480/0x480 [ 195.033088][ C1] ? __kasan_check_read+0x11/0x20 [ 195.033089][ C1] ? filemap_check_errors+0x56/0xf0 [ 195.033090][ C1] __iomap_dio_rw+0x659/0x1080 [ 195.033092][ C1] ? iomap_dio_rw+0x30/0x30 [ 195.033093][ C1] ? iomap_dio_bio_actor+0xe10/0xe10 [ 195.033094][ C1] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 195.033095][ C1] iomap_dio_rw+0xd/0x30 [ 195.033097][ C1] ext4_file_write_iter+0x7cf/0x1670 [ 195.033098][ C1] ? __kasan_slab_free+0x111/0x150 [ 195.033099][ C1] ? _raw_write_lock_irqsave+0xa1/0xe0 [ 195.033100][ C1] ? ext4_buffered_write_iter+0x430/0x430 [ 195.033101][ C1] ? __kasan_check_write+0x14/0x20 [ 195.033103][ C1] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 195.033104][ C1] ? __mutex_lock_slowpath+0xe/0x10 [ 195.033105][ C1] do_iter_readv_writev+0x34b/0x850 [ 195.033106][ C1] ? finish_wait+0x154/0x220 [ 195.033107][ C1] ? new_sync_write+0x6d0/0x6d0 [ 195.033108][ C1] ? rw_verify_area+0xc3/0x2b0 [ 195.033110][ C1] do_iter_write+0x128/0x5a0 [ 195.033111][ C1] ? kmalloc_order+0xc5/0x100 [ 195.033112][ C1] ? kmalloc_order_trace+0x18/0x90 [ 195.033113][ C1] vfs_iter_write+0x5a/0xb0 [ 195.033114][ C1] iter_file_splice_write+0x57e/0xbb0 [ 195.033115][ C1] ? generic_splice_sendpage+0x130/0x130 [ 195.033117][ C1] ? selinux_file_permission+0x2f1/0x3f0 [ 195.033118][ C1] ? rw_verify_area+0xc3/0x2b0 [ 195.033119][ C1] do_splice+0xa86/0x2050 [ 195.033120][ C1] ? preempt_count_add+0x7a/0x160 [ 195.033121][ C1] ? splice_from_pipe+0x140/0x140 [ 195.033122][ C1] ? build_open_flags+0x470/0x470 [ 195.033124][ C1] ? preempt_count_add+0x7a/0x160 [ 195.033125][ C1] __do_splice+0x113/0x1e0 [ 195.033126][ C1] ? do_splice+0x2050/0x2050 [ 195.033127][ C1] __x64_sys_splice+0x151/0x200 [ 195.033128][ C1] do_syscall_64+0x32/0x80 [ 195.033129][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 195.033131][ C1] RIP: 0033:0x7f6aba1ff109 [ 195.033133][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 195.033135][ C1] RSP: 002b:00007f6aba175168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 195.033138][ C1] RAX: ffffffffffffffda RBX: 00007f6aba311f60 RCX: 00007f6aba1ff109 [ 195.033139][ C1] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 195.033141][ C1] RBP: 00007f6aba25908d R08: 00000000088000cc R09: 0000000000000000 [ 195.033142][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.033144][ C1] R13: 00007fff84610c8f R14: 00007f6aba175300 R15: 0000000000022000 [ 215.070525][ T25] INFO: task syz-executor.3:458 blocked for more than 164 seconds. [ 215.078465][ T25] Not tainted 5.10.118-syzkaller #0 [ 215.100470][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 215.109354][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 215.130454][ T25] Call Trace: [ 215.133759][ T25] __schedule+0x6e4/0x1910 [ 215.138155][ T25] ? io_schedule_timeout+0x150/0x150 [ 215.160450][ T25] ? __kasan_check_write+0x14/0x20 [ 215.165580][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 215.180436][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 215.185706][ T25] schedule+0xdb/0x270 [ 215.189749][ T25] schedule_preempt_disabled+0x13/0x20 [ 215.210443][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 215.216509][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 215.230490][ T25] ? current_time+0x6d/0x200 [ 215.236050][ T25] ? generic_update_time+0x17c/0x290 [ 215.241355][ T25] ? preempt_count_add+0x7a/0x160 [ 215.246532][ T25] __mutex_lock_slowpath+0xe/0x10 [ 215.270440][ T25] mutex_lock+0xc2/0xd0 [ 215.274582][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 215.279842][ T25] ? avc_has_perm+0x121/0x290 [ 215.300476][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 215.305874][ T25] pipe_write+0x117/0x1930 [ 215.310277][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 215.330446][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 215.336073][ T25] ? inode_has_perm+0x142/0x220 [ 215.350447][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 215.356239][ T25] ? file_has_perm+0x24c/0x360 [ 215.370461][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 215.375473][ T25] new_sync_write+0x49b/0x6d0 [ 215.390468][ T25] ? futex_exit_release+0x200/0x200 [ 215.395724][ T25] ? kfree+0xc2/0x4e0 [ 215.399688][ T25] ? new_sync_read+0x6d0/0x6d0 [ 215.420452][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 215.427028][ T25] ? rw_verify_area+0xc3/0x2b0 [ 215.440438][ T25] ? __fget_light.part.0+0x19d/0x330 [ 215.445797][ T25] vfs_write+0x4f5/0x750 [ 215.450015][ T25] ksys_write+0x192/0x210 [ 215.454466][ T25] ? __fget_light.part.0+0x19d/0x330 [ 215.459813][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 215.464710][ T25] ? __kasan_check_write+0x14/0x20 [ 215.469888][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 215.475191][ T25] __x64_sys_write+0x6e/0xb0 [ 215.479963][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 215.485797][ T25] do_syscall_64+0x32/0x80 [ 215.490191][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.496211][ T25] RIP: 0033:0x7fefbf019109 [ 215.500683][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 215.509332][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 215.517419][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 215.525448][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 215.540463][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.548793][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 215.580458][ T25] INFO: task syz-executor.2:477 blocked for more than 145 seconds. [ 215.588428][ T25] Not tainted 5.10.118-syzkaller #0 [ 215.600444][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 215.609096][ T25] task:syz-executor.2 state:D stack: 0 pid: 477 ppid: 407 flags:0x00004004 [ 215.640434][ T25] Call Trace: [ 215.643817][ T25] __schedule+0x6e4/0x1910 [ 215.648209][ T25] ? io_schedule_timeout+0x150/0x150 [ 215.670439][ T25] ? __kasan_check_write+0x14/0x20 [ 215.675551][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 215.680946][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 215.686209][ T25] schedule+0xdb/0x270 [ 215.690398][ T25] schedule_preempt_disabled+0x13/0x20 [ 215.695969][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 215.701581][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 215.706324][ T25] ? current_time+0x6d/0x200 [ 215.711128][ T25] ? generic_update_time+0x17c/0x290 [ 215.716388][ T25] ? preempt_count_add+0x7a/0x160 [ 215.721478][ T25] __mutex_lock_slowpath+0xe/0x10 [ 215.726651][ T25] mutex_lock+0xc2/0xd0 [ 215.730866][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 215.736210][ T25] ? avc_has_perm+0x121/0x290 [ 215.750479][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 215.760512][ T25] pipe_write+0x117/0x1930 [ 215.764912][ T25] ? warn_alloc+0x190/0x190 [ 215.780440][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 215.786678][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 215.800452][ T25] ? inode_has_perm+0x142/0x220 [ 215.805288][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 215.830438][ T25] ? file_has_perm+0x24c/0x360 [ 215.835548][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 215.850453][ T25] new_sync_write+0x49b/0x6d0 [ 215.855131][ T25] ? futex_exit_release+0x200/0x200 [ 215.870470][ T25] ? kfree+0xc2/0x4e0 [ 215.874450][ T25] ? new_sync_read+0x6d0/0x6d0 [ 215.879538][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 215.900438][ T25] ? rw_verify_area+0xc3/0x2b0 [ 215.905202][ T25] ? __fget_light.part.0+0x19d/0x330 [ 215.920448][ T25] vfs_write+0x4f5/0x750 [ 215.924684][ T25] ksys_write+0x192/0x210 [ 215.928987][ T25] ? __fget_light.part.0+0x19d/0x330 [ 215.950434][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 215.955375][ T25] ? __kasan_check_write+0x14/0x20 [ 215.960565][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 215.965710][ T25] __x64_sys_write+0x6e/0xb0 [ 215.970275][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 215.976025][ T25] do_syscall_64+0x32/0x80 [ 215.980537][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 215.986402][ T25] RIP: 0033:0x7f6aba1ff109 [ 215.990981][ T25] RSP: 002b:00007f6aba154168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 215.999376][ T25] RAX: ffffffffffffffda RBX: 00007f6aba312030 RCX: 00007f6aba1ff109 [ 216.007343][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 216.030434][ T25] RBP: 00007f6aba25908d R08: 0000000000000000 R09: 0000000000000000 [ 216.038389][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.060434][ T25] R13: 00007fff84610c8f R14: 00007f6aba154300 R15: 0000000000022000 [ 216.068484][ T25] NMI backtrace for cpu 1 [ 216.072809][ T25] CPU: 1 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 216.080758][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 216.090797][ T25] Call Trace: [ 216.094060][ T25] dump_stack_lvl+0x81/0xac [ 216.098644][ T25] dump_stack+0x10/0x12 [ 216.102784][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 216.107967][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 216.113254][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 216.119378][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 216.125261][ T25] watchdog+0x88b/0xb10 [ 216.129391][ T25] ? reset_hung_task_detector+0x30/0x30 [ 216.134909][ T25] ? __kasan_check_read+0x11/0x20 [ 216.139909][ T25] ? __kthread_parkme+0x78/0x140 [ 216.145088][ T25] ? schedule+0xf2/0x270 [ 216.149304][ T25] ? reset_hung_task_detector+0x30/0x30 [ 216.155350][ T25] kthread+0x345/0x420 [ 216.159400][ T25] ? schedule_tail+0xe9/0x1e0 [ 216.164341][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 216.170208][ T25] ret_from_fork+0x1f/0x30 [ 216.174764][ T25] Sending NMI from CPU 1 to CPUs 0: [ 216.180423][ C0] NMI backtrace for cpu 0 [ 216.180426][ C0] CPU: 0 PID: 476 Comm: syz-executor.2 Not tainted 5.10.118-syzkaller #0 [ 216.180428][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 216.180429][ C0] RIP: 0010:bio_iov_iter_get_pages+0x687/0xf20 [ 216.180432][ C0] Code: aa 85 ff eb e0 4c 89 f7 88 85 48 ff ff ff e8 00 aa 85 ff 0f b6 85 48 ff ff ff e9 2c fd ff ff 48 8b 85 38 ff ff ff 48 8d 78 18 <48> 89 f8 48 c1 e8 03 42 80 3c 28 00 0f 85 5f 08 00 00 48 8b 85 38 [ 216.180434][ C0] RSP: 0018:ffffc90000b272d0 EFLAGS: 00000246 [ 216.180438][ C0] RAX: ffffc90000b27c08 RBX: 000000000000003d RCX: 1ffff11025edab6d [ 216.180439][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000b27c20 [ 216.180441][ C0] RBP: ffffc90000b273f8 R08: ffffc90000b27c18 R09: dffffc0000000000 [ 216.180443][ C0] R10: ffff88813718fff0 R11: 0000000000000000 R12: ffffc90000b27c18 [ 216.180445][ C0] R13: dffffc0000000000 R14: ffff88813718fff0 R15: ffff88812f6d5b40 [ 216.180446][ C0] FS: 00007f6aba175700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 [ 216.180448][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.180449][ C0] CR2: 00007f95245831c0 CR3: 000000012327d000 CR4: 00000000003506b0 [ 216.180451][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 216.180453][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 216.180454][ C0] Call Trace: [ 216.180455][ C0] ? bio_add_pc_page+0xf0/0xf0 [ 216.180456][ C0] ? bvec_alloc+0x280/0x280 [ 216.180458][ C0] iomap_dio_bio_actor+0x681/0xe10 [ 216.180459][ C0] iomap_dio_actor+0x6b/0x480 [ 216.180460][ C0] iomap_apply+0x18e/0x620 [ 216.180461][ C0] ? __kasan_check_write+0x14/0x20 [ 216.180462][ C0] ? iomap_dio_rw+0x30/0x30 [ 216.180464][ C0] ? trace_event_raw_event_iomap_apply+0x480/0x480 [ 216.180465][ C0] ? __kasan_check_read+0x11/0x20 [ 216.180466][ C0] ? filemap_check_errors+0x56/0xf0 [ 216.180467][ C0] __iomap_dio_rw+0x659/0x1080 [ 216.180468][ C0] ? iomap_dio_rw+0x30/0x30 [ 216.180470][ C0] ? iomap_dio_bio_actor+0xe10/0xe10 [ 216.180471][ C0] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 216.180472][ C0] iomap_dio_rw+0xd/0x30 [ 216.180473][ C0] ext4_file_write_iter+0x7cf/0x1670 [ 216.180475][ C0] ? __kasan_slab_free+0x111/0x150 [ 216.180476][ C0] ? _raw_write_lock_irqsave+0xa1/0xe0 [ 216.180477][ C0] ? ext4_buffered_write_iter+0x430/0x430 [ 216.180478][ C0] ? __kasan_check_write+0x14/0x20 [ 216.180479][ C0] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 216.180481][ C0] ? __mutex_lock_slowpath+0xe/0x10 [ 216.180482][ C0] do_iter_readv_writev+0x34b/0x850 [ 216.180483][ C0] ? finish_wait+0x154/0x220 [ 216.180484][ C0] ? new_sync_write+0x6d0/0x6d0 [ 216.180485][ C0] ? rw_verify_area+0xc3/0x2b0 [ 216.180486][ C0] do_iter_write+0x128/0x5a0 [ 216.180488][ C0] ? kmalloc_order+0xc5/0x100 [ 216.180489][ C0] ? kmalloc_order_trace+0x18/0x90 [ 216.180490][ C0] vfs_iter_write+0x5a/0xb0 [ 216.180491][ C0] iter_file_splice_write+0x57e/0xbb0 [ 216.180492][ C0] ? generic_splice_sendpage+0x130/0x130 [ 216.180494][ C0] ? selinux_file_permission+0x2f1/0x3f0 [ 216.180495][ C0] ? rw_verify_area+0xc3/0x2b0 [ 216.180496][ C0] do_splice+0xa86/0x2050 [ 216.180497][ C0] ? preempt_count_add+0x7a/0x160 [ 216.180498][ C0] ? splice_from_pipe+0x140/0x140 [ 216.180499][ C0] ? build_open_flags+0x470/0x470 [ 216.180501][ C0] ? preempt_count_add+0x7a/0x160 [ 216.180502][ C0] __do_splice+0x113/0x1e0 [ 216.180503][ C0] ? do_splice+0x2050/0x2050 [ 216.180504][ C0] __x64_sys_splice+0x151/0x200 [ 216.180505][ C0] do_syscall_64+0x32/0x80 [ 216.180506][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 216.180508][ C0] RIP: 0033:0x7f6aba1ff109 [ 216.180511][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 216.180512][ C0] RSP: 002b:00007f6aba175168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 216.180515][ C0] RAX: ffffffffffffffda RBX: 00007f6aba311f60 RCX: 00007f6aba1ff109 [ 216.180517][ C0] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 216.180519][ C0] RBP: 00007f6aba25908d R08: 00000000088000cc R09: 0000000000000000 [ 216.180520][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.180522][ C0] R13: 00007fff84610c8f R14: 00007f6aba175300 R15: 0000000000022000 [ 236.830568][ T25] INFO: task syz-executor.3:458 blocked for more than 186 seconds. [ 236.838595][ T25] Not tainted 5.10.118-syzkaller #0 [ 236.860438][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 236.869193][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 236.890445][ T25] Call Trace: [ 236.893814][ T25] __schedule+0x6e4/0x1910 [ 236.898297][ T25] ? io_schedule_timeout+0x150/0x150 [ 236.920441][ T25] ? __kasan_check_write+0x14/0x20 [ 236.925552][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 236.940443][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 236.945882][ T25] schedule+0xdb/0x270 [ 236.949925][ T25] schedule_preempt_disabled+0x13/0x20 [ 236.970442][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 236.976066][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 236.990437][ T25] ? current_time+0x6d/0x200 [ 236.995007][ T25] ? generic_update_time+0x17c/0x290 [ 237.000283][ T25] ? preempt_count_add+0x7a/0x160 [ 237.020478][ T25] __mutex_lock_slowpath+0xe/0x10 [ 237.025508][ T25] mutex_lock+0xc2/0xd0 [ 237.029656][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 237.050483][ T25] ? avc_has_perm+0x121/0x290 [ 237.055427][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 237.061081][ T25] pipe_write+0x117/0x1930 [ 237.065574][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 237.071923][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 237.077537][ T25] ? inode_has_perm+0x142/0x220 [ 237.082673][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 237.088604][ T25] ? file_has_perm+0x24c/0x360 [ 237.093468][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 237.098674][ T25] new_sync_write+0x49b/0x6d0 [ 237.103584][ T25] ? futex_exit_release+0x200/0x200 [ 237.108933][ T25] ? kfree+0xc2/0x4e0 [ 237.112996][ T25] ? new_sync_read+0x6d0/0x6d0 [ 237.117831][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 237.124671][ T25] ? rw_verify_area+0xc3/0x2b0 [ 237.129415][ T25] ? __fget_light.part.0+0x19d/0x330 [ 237.134780][ T25] vfs_write+0x4f5/0x750 [ 237.138998][ T25] ksys_write+0x192/0x210 [ 237.143389][ T25] ? __fget_light.part.0+0x19d/0x330 [ 237.148649][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 237.153507][ T25] ? __kasan_check_write+0x14/0x20 [ 237.158603][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 237.163793][ T25] __x64_sys_write+0x6e/0xb0 [ 237.168533][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 237.174326][ T25] do_syscall_64+0x32/0x80 [ 237.178805][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 237.185244][ T25] RIP: 0033:0x7fefbf019109 [ 237.189636][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 237.198176][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 237.206225][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 237.214378][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 237.222749][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.230890][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 237.238941][ T25] INFO: task syz-executor.2:477 blocked for more than 166 seconds. [ 237.260504][ T25] Not tainted 5.10.118-syzkaller #0 [ 237.266384][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.290447][ T25] task:syz-executor.2 state:D stack: 0 pid: 477 ppid: 407 flags:0x00004004 [ 237.299736][ T25] Call Trace: [ 237.310443][ T25] __schedule+0x6e4/0x1910 [ 237.315017][ T25] ? io_schedule_timeout+0x150/0x150 [ 237.330449][ T25] ? __kasan_check_write+0x14/0x20 [ 237.335560][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 237.350447][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 237.355719][ T25] schedule+0xdb/0x270 [ 237.359770][ T25] schedule_preempt_disabled+0x13/0x20 [ 237.380458][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 237.386090][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 237.410447][ T25] ? current_time+0x6d/0x200 [ 237.415141][ T25] ? generic_update_time+0x17c/0x290 [ 237.420868][ T25] ? preempt_count_add+0x7a/0x160 [ 237.426062][ T25] __mutex_lock_slowpath+0xe/0x10 [ 237.431866][ T25] mutex_lock+0xc2/0xd0 [ 237.436021][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 237.441478][ T25] ? avc_has_perm+0x121/0x290 [ 237.446238][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 237.452124][ T25] pipe_write+0x117/0x1930 [ 237.456619][ T25] ? warn_alloc+0x190/0x190 [ 237.461281][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 237.467584][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 237.474089][ T25] ? inode_has_perm+0x142/0x220 [ 237.479024][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 237.484910][ T25] ? file_has_perm+0x24c/0x360 [ 237.489840][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 237.496178][ T25] new_sync_write+0x49b/0x6d0 [ 237.500940][ T25] ? futex_exit_release+0x200/0x200 [ 237.506201][ T25] ? kfree+0xc2/0x4e0 [ 237.510368][ T25] ? new_sync_read+0x6d0/0x6d0 [ 237.515242][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 237.521890][ T25] ? rw_verify_area+0xc3/0x2b0 [ 237.526638][ T25] ? __fget_light.part.0+0x19d/0x330 [ 237.532016][ T25] vfs_write+0x4f5/0x750 [ 237.536234][ T25] ksys_write+0x192/0x210 [ 237.540666][ T25] ? __fget_light.part.0+0x19d/0x330 [ 237.546051][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 237.550913][ T25] ? __kasan_check_write+0x14/0x20 [ 237.556007][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 237.561327][ T25] __x64_sys_write+0x6e/0xb0 [ 237.565993][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 237.580478][ T25] do_syscall_64+0x32/0x80 [ 237.584874][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 237.600448][ T25] RIP: 0033:0x7f6aba1ff109 [ 237.604932][ T25] RSP: 002b:00007f6aba154168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 237.630435][ T25] RAX: ffffffffffffffda RBX: 00007f6aba312030 RCX: 00007f6aba1ff109 [ 237.638811][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 237.660441][ T25] RBP: 00007f6aba25908d R08: 0000000000000000 R09: 0000000000000000 [ 237.668399][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.690436][ T25] R13: 00007fff84610c8f R14: 00007f6aba154300 R15: 0000000000022000 [ 237.698541][ T25] NMI backtrace for cpu 0 [ 237.702890][ T25] CPU: 0 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 237.710914][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 237.721135][ T25] Call Trace: [ 237.724685][ T25] dump_stack_lvl+0x81/0xac [ 237.729193][ T25] dump_stack+0x10/0x12 [ 237.733324][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 237.738595][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 237.743832][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 237.749787][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 237.755770][ T25] watchdog+0x88b/0xb10 [ 237.761910][ T25] ? reset_hung_task_detector+0x30/0x30 [ 237.767434][ T25] ? __kasan_check_read+0x11/0x20 [ 237.772535][ T25] ? __kthread_parkme+0x78/0x140 [ 237.777448][ T25] ? schedule+0xf2/0x270 [ 237.781675][ T25] ? reset_hung_task_detector+0x30/0x30 [ 237.787202][ T25] kthread+0x345/0x420 [ 237.791246][ T25] ? schedule_tail+0xe9/0x1e0 [ 237.795900][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 237.801776][ T25] ret_from_fork+0x1f/0x30 [ 237.806193][ T25] Sending NMI from CPU 0 to CPUs 1: [ 237.811959][ C1] NMI backtrace for cpu 1 [ 237.811961][ C1] CPU: 1 PID: 451 Comm: syz-executor.3 Not tainted 5.10.118-syzkaller #0 [ 237.811963][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 237.811964][ C1] RIP: 0010:bio_add_page+0x75/0x190 [ 237.811967][ C1] Code: b5 41 48 c7 45 88 80 42 0a 82 c7 00 f1 f1 f1 f1 c7 40 04 01 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 c6 45 98 00 66 f5 ff ff 84 c0 0f 85 aa 00 00 00 49 8d 7c 24 6a 49 b9 00 00 [ 237.811969][ C1] RSP: 0018:ffffc90000a97230 EFLAGS: 00000246 [ 237.811972][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.811974][ C1] RDX: 0000000000000000 RSI: ffffea0004bcdb40 RDI: ffff88812e06f780 [ 237.811976][ C1] RBP: ffffc90000a972c0 R08: ffffc90000a97258 R09: dffffc0000000000 [ 237.811977][ C1] R10: ffff88812438fff0 R11: 0000000000000000 R12: ffff88812e06f780 [ 237.811979][ C1] R13: 1ffff92000152e47 R14: ffffea0004bcdb40 R15: 0000000000000000 [ 237.811981][ C1] FS: 00007fefbef8f700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 237.811982][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.811983][ C1] CR2: 00007f9524517640 CR3: 0000000125b64000 CR4: 00000000003506a0 [ 237.811985][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 237.811987][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 237.811988][ C1] Call Trace: [ 237.811989][ C1] ? __bio_add_page+0x410/0x410 [ 237.811990][ C1] bio_iov_iter_get_pages+0x768/0xf20 [ 237.811991][ C1] ? bio_add_pc_page+0xf0/0xf0 [ 237.811992][ C1] ? bvec_alloc+0x280/0x280 [ 237.811994][ C1] iomap_dio_bio_actor+0x681/0xe10 [ 237.811995][ C1] iomap_dio_actor+0x6b/0x480 [ 237.811996][ C1] iomap_apply+0x18e/0x620 [ 237.811997][ C1] ? __kasan_check_write+0x14/0x20 [ 237.811998][ C1] ? iomap_dio_rw+0x30/0x30 [ 237.812000][ C1] ? trace_event_raw_event_iomap_apply+0x480/0x480 [ 237.812001][ C1] ? __kasan_check_read+0x11/0x20 [ 237.812002][ C1] ? filemap_check_errors+0x56/0xf0 [ 237.812003][ C1] __iomap_dio_rw+0x659/0x1080 [ 237.812004][ C1] ? iomap_dio_rw+0x30/0x30 [ 237.812006][ C1] ? iomap_dio_bio_actor+0xe10/0xe10 [ 237.812007][ C1] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 237.812008][ C1] iomap_dio_rw+0xd/0x30 [ 237.812009][ C1] ext4_file_write_iter+0x7cf/0x1670 [ 237.812011][ C1] ? __kasan_slab_free+0x111/0x150 [ 237.812012][ C1] ? _raw_write_lock_irqsave+0xa1/0xe0 [ 237.812013][ C1] ? ext4_buffered_write_iter+0x430/0x430 [ 237.812014][ C1] ? __kasan_check_write+0x14/0x20 [ 237.812016][ C1] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 237.812017][ C1] ? __mutex_lock_slowpath+0xe/0x10 [ 237.812018][ C1] do_iter_readv_writev+0x34b/0x850 [ 237.812019][ C1] ? finish_wait+0x154/0x220 [ 237.812020][ C1] ? new_sync_write+0x6d0/0x6d0 [ 237.812021][ C1] ? rw_verify_area+0xc3/0x2b0 [ 237.812022][ C1] do_iter_write+0x128/0x5a0 [ 237.812024][ C1] ? kmalloc_order+0xc5/0x100 [ 237.812025][ C1] ? kmalloc_order_trace+0x18/0x90 [ 237.812026][ C1] vfs_iter_write+0x5a/0xb0 [ 237.812027][ C1] iter_file_splice_write+0x57e/0xbb0 [ 237.812028][ C1] ? generic_splice_sendpage+0x130/0x130 [ 237.812030][ C1] ? selinux_file_permission+0x2f1/0x3f0 [ 237.812031][ C1] ? rw_verify_area+0xc3/0x2b0 [ 237.812032][ C1] do_splice+0xa86/0x2050 [ 237.812034][ C1] ? preempt_count_add+0x7a/0x160 [ 237.812035][ C1] ? splice_from_pipe+0x140/0x140 [ 237.812036][ C1] ? build_open_flags+0x470/0x470 [ 237.812037][ C1] ? preempt_count_add+0x7a/0x160 [ 237.812038][ C1] __do_splice+0x113/0x1e0 [ 237.812040][ C1] ? do_splice+0x2050/0x2050 [ 237.812041][ C1] __x64_sys_splice+0x151/0x200 [ 237.812042][ C1] do_syscall_64+0x32/0x80 [ 237.812043][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 237.812044][ C1] RIP: 0033:0x7fefbf019109 [ 237.812047][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 237.812049][ C1] RSP: 002b:00007fefbef8f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 237.812051][ C1] RAX: ffffffffffffffda RBX: 00007fefbf12bf60 RCX: 00007fefbf019109 [ 237.812053][ C1] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 237.812054][ C1] RBP: 00007fefbf07308d R08: 00000000088000cc R09: 0000000000000000 [ 237.812056][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.812057][ C1] R13: 00007fff35b1d90f R14: 00007fefbef8f300 R15: 0000000000022000 [ 257.950582][ T25] INFO: task syz-executor.3:458 blocked for more than 207 seconds. [ 257.958682][ T25] Not tainted 5.10.118-syzkaller #0 [ 257.980439][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 257.989197][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 258.010446][ T25] Call Trace: [ 258.013731][ T25] __schedule+0x6e4/0x1910 [ 258.018120][ T25] ? io_schedule_timeout+0x150/0x150 [ 258.040441][ T25] ? __kasan_check_write+0x14/0x20 [ 258.045542][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 258.060445][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 258.065719][ T25] schedule+0xdb/0x270 [ 258.069759][ T25] schedule_preempt_disabled+0x13/0x20 [ 258.090456][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 258.095995][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 258.110518][ T25] ? current_time+0x6d/0x200 [ 258.115322][ T25] ? generic_update_time+0x17c/0x290 [ 258.120612][ T25] ? preempt_count_add+0x7a/0x160 [ 258.125706][ T25] __mutex_lock_slowpath+0xe/0x10 [ 258.150480][ T25] mutex_lock+0xc2/0xd0 [ 258.154647][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 258.160000][ T25] ? avc_has_perm+0x121/0x290 [ 258.180443][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 258.185807][ T25] pipe_write+0x117/0x1930 [ 258.190296][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 258.210464][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 258.216213][ T25] ? inode_has_perm+0x142/0x220 [ 258.230507][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 258.236322][ T25] ? file_has_perm+0x24c/0x360 [ 258.250458][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 258.255551][ T25] new_sync_write+0x49b/0x6d0 [ 258.260292][ T25] ? futex_exit_release+0x200/0x200 [ 258.280453][ T25] ? kfree+0xc2/0x4e0 [ 258.284508][ T25] ? new_sync_read+0x6d0/0x6d0 [ 258.289263][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 258.310453][ T25] ? rw_verify_area+0xc3/0x2b0 [ 258.315209][ T25] ? __fget_light.part.0+0x19d/0x330 [ 258.330441][ T25] vfs_write+0x4f5/0x750 [ 258.334717][ T25] ksys_write+0x192/0x210 [ 258.339020][ T25] ? __fget_light.part.0+0x19d/0x330 [ 258.360487][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 258.365432][ T25] ? __kasan_check_write+0x14/0x20 [ 258.380455][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 258.385568][ T25] __x64_sys_write+0x6e/0xb0 [ 258.390136][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 258.410439][ T25] do_syscall_64+0x32/0x80 [ 258.415012][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.430470][ T25] RIP: 0033:0x7fefbf019109 [ 258.434974][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 258.443748][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 258.451868][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 258.459818][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 258.468059][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.476143][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 258.484272][ T25] INFO: task syz-executor.2:477 blocked for more than 188 seconds. [ 258.492277][ T25] Not tainted 5.10.118-syzkaller #0 [ 258.497969][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 258.506884][ T25] task:syz-executor.2 state:D stack: 0 pid: 477 ppid: 407 flags:0x00004004 [ 258.516133][ T25] Call Trace: [ 258.519446][ T25] __schedule+0x6e4/0x1910 [ 258.524026][ T25] ? io_schedule_timeout+0x150/0x150 [ 258.529649][ T25] ? __kasan_check_write+0x14/0x20 [ 258.534838][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 258.540018][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 258.545390][ T25] schedule+0xdb/0x270 [ 258.549436][ T25] schedule_preempt_disabled+0x13/0x20 [ 258.554984][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 258.560565][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 258.565407][ T25] ? current_time+0x6d/0x200 [ 258.569968][ T25] ? generic_update_time+0x17c/0x290 [ 258.575440][ T25] ? preempt_count_add+0x7a/0x160 [ 258.580599][ T25] __mutex_lock_slowpath+0xe/0x10 [ 258.585597][ T25] mutex_lock+0xc2/0xd0 [ 258.589727][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 258.595201][ T25] ? avc_has_perm+0x121/0x290 [ 258.599960][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 258.620440][ T25] pipe_write+0x117/0x1930 [ 258.624846][ T25] ? warn_alloc+0x190/0x190 [ 258.629327][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 258.650437][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 258.656057][ T25] ? inode_has_perm+0x142/0x220 [ 258.670439][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 258.676252][ T25] ? file_has_perm+0x24c/0x360 [ 258.690445][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 258.695741][ T25] new_sync_write+0x49b/0x6d0 [ 258.700399][ T25] ? futex_exit_release+0x200/0x200 [ 258.720438][ T25] ? kfree+0xc2/0x4e0 [ 258.724928][ T25] ? new_sync_read+0x6d0/0x6d0 [ 258.729752][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 258.750451][ T25] ? rw_verify_area+0xc3/0x2b0 [ 258.770459][ T25] ? __fget_light.part.0+0x19d/0x330 [ 258.775814][ T25] vfs_write+0x4f5/0x750 [ 258.780027][ T25] ksys_write+0x192/0x210 [ 258.790450][ T25] ? __fget_light.part.0+0x19d/0x330 [ 258.795802][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 258.820440][ T25] ? __kasan_check_write+0x14/0x20 [ 258.825804][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 258.831310][ T23] audit: type=1400 audit(1657754996.739:157): avc: denied { remove_name } for pid=142 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 258.840457][ T25] __x64_sys_write+0x6e/0xb0 [ 258.870442][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 258.870460][ T23] audit: type=1400 audit(1657754996.739:158): avc: denied { rename } for pid=142 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 258.876266][ T25] do_syscall_64+0x32/0x80 [ 258.930444][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.930452][ T23] audit: type=1400 audit(1657754996.739:159): avc: denied { create } for pid=142 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 258.936410][ T25] RIP: 0033:0x7f6aba1ff109 [ 258.990495][ T25] RSP: 002b:00007f6aba154168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 258.998989][ T25] RAX: ffffffffffffffda RBX: 00007f6aba312030 RCX: 00007f6aba1ff109 [ 259.030462][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 259.038792][ T25] RBP: 00007f6aba25908d R08: 0000000000000000 R09: 0000000000000000 [ 259.060437][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.068570][ T25] R13: 00007fff84610c8f R14: 00007f6aba154300 R15: 0000000000022000 [ 259.090462][ T25] NMI backtrace for cpu 0 [ 259.094789][ T25] CPU: 0 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 259.102997][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 259.113036][ T25] Call Trace: [ 259.116403][ T25] dump_stack_lvl+0x81/0xac [ 259.120888][ T25] dump_stack+0x10/0x12 [ 259.125206][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 259.130462][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 259.135807][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 259.141952][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 259.147818][ T25] watchdog+0x88b/0xb10 [ 259.151950][ T25] ? reset_hung_task_detector+0x30/0x30 [ 259.157502][ T25] ? __kasan_check_read+0x11/0x20 [ 259.162501][ T25] ? __kthread_parkme+0x78/0x140 [ 259.167412][ T25] ? schedule+0xf2/0x270 [ 259.171632][ T25] ? reset_hung_task_detector+0x30/0x30 [ 259.177329][ T25] kthread+0x345/0x420 [ 259.181382][ T25] ? schedule_tail+0xe9/0x1e0 [ 259.186296][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 259.192260][ T25] ret_from_fork+0x1f/0x30 [ 259.196826][ T25] Sending NMI from CPU 0 to CPUs 1: [ 259.202356][ C1] NMI backtrace for cpu 1 [ 259.202358][ C1] CPU: 1 PID: 476 Comm: syz-executor.2 Not tainted 5.10.118-syzkaller #0 [ 259.202360][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 259.202361][ C1] RIP: 0010:__bio_try_merge_page+0x45/0x370 [ 259.202364][ C1] Code: 83 c7 14 49 89 f9 48 83 ec 28 49 c1 e9 03 45 0f b6 0c 01 48 89 f8 83 e0 07 83 c0 01 44 38 c8 7c 09 45 84 c9 0f 85 f9 01 00 00 43 14 02 0f 85 ca 01 00 00 48 8d 7b 6a 48 b8 00 00 00 00 00 fc [ 259.202365][ C1] RSP: 0018:ffffc90000b271d0 EFLAGS: 00000246 [ 259.202369][ C1] RAX: 0000000000000005 RBX: ffff88812f6d5b40 RCX: 0000000000000000 [ 259.202370][ C1] RDX: 0000000000000000 RSI: ffffea0004892e00 RDI: ffff88812f6d5b54 [ 259.202372][ C1] RBP: ffffc90000b27220 R08: ffffc90000b27258 R09: 0000000000000000 [ 259.202373][ C1] R10: ffff88813718fff0 R11: 0000000000000000 R12: ffff88812f6d5b40 [ 259.202375][ C1] R13: 1ffff92000164e47 R14: ffffea0004892e00 R15: 0000000000000000 [ 259.202377][ C1] FS: 00007f6aba175700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 259.202378][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 259.202380][ C1] CR2: 00007f9524517640 CR3: 000000012327d000 CR4: 00000000003506a0 [ 259.202381][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 259.202383][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 259.202384][ C1] Call Trace: [ 259.202385][ C1] bio_add_page+0x7a/0x190 [ 259.202386][ C1] ? __bio_add_page+0x410/0x410 [ 259.202387][ C1] bio_iov_iter_get_pages+0x768/0xf20 [ 259.202388][ C1] ? bio_add_pc_page+0xf0/0xf0 [ 259.202390][ C1] ? bvec_alloc+0x280/0x280 [ 259.202391][ C1] iomap_dio_bio_actor+0x681/0xe10 [ 259.202392][ C1] iomap_dio_actor+0x6b/0x480 [ 259.202393][ C1] iomap_apply+0x18e/0x620 [ 259.202394][ C1] ? __kasan_check_write+0x14/0x20 [ 259.202396][ C1] ? iomap_dio_rw+0x30/0x30 [ 259.202397][ C1] ? trace_event_raw_event_iomap_apply+0x480/0x480 [ 259.202398][ C1] ? __kasan_check_read+0x11/0x20 [ 259.202399][ C1] ? filemap_check_errors+0x56/0xf0 [ 259.202401][ C1] __iomap_dio_rw+0x659/0x1080 [ 259.202402][ C1] ? iomap_dio_rw+0x30/0x30 [ 259.202403][ C1] ? iomap_dio_bio_actor+0xe10/0xe10 [ 259.202404][ C1] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 259.202406][ C1] iomap_dio_rw+0xd/0x30 [ 259.202407][ C1] ext4_file_write_iter+0x7cf/0x1670 [ 259.202408][ C1] ? __kasan_slab_free+0x111/0x150 [ 259.202409][ C1] ? _raw_write_lock_irqsave+0xa1/0xe0 [ 259.202411][ C1] ? ext4_buffered_write_iter+0x430/0x430 [ 259.202412][ C1] ? __kasan_check_write+0x14/0x20 [ 259.202413][ C1] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 259.202414][ C1] ? __mutex_lock_slowpath+0xe/0x10 [ 259.202416][ C1] do_iter_readv_writev+0x34b/0x850 [ 259.202417][ C1] ? finish_wait+0x154/0x220 [ 259.202418][ C1] ? new_sync_write+0x6d0/0x6d0 [ 259.202419][ C1] ? rw_verify_area+0xc3/0x2b0 [ 259.202420][ C1] do_iter_write+0x128/0x5a0 [ 259.202421][ C1] ? kmalloc_order+0xc5/0x100 [ 259.202423][ C1] ? kmalloc_order_trace+0x18/0x90 [ 259.202424][ C1] vfs_iter_write+0x5a/0xb0 [ 259.202425][ C1] iter_file_splice_write+0x57e/0xbb0 [ 259.202426][ C1] ? generic_splice_sendpage+0x130/0x130 [ 259.202428][ C1] ? selinux_file_permission+0x2f1/0x3f0 [ 259.202429][ C1] ? rw_verify_area+0xc3/0x2b0 [ 259.202430][ C1] do_splice+0xa86/0x2050 [ 259.202431][ C1] ? preempt_count_add+0x7a/0x160 [ 259.202432][ C1] ? splice_from_pipe+0x140/0x140 [ 259.202434][ C1] ? build_open_flags+0x470/0x470 [ 259.202435][ C1] ? preempt_count_add+0x7a/0x160 [ 259.202436][ C1] __do_splice+0x113/0x1e0 [ 259.202437][ C1] ? do_splice+0x2050/0x2050 [ 259.202438][ C1] __x64_sys_splice+0x151/0x200 [ 259.202439][ C1] do_syscall_64+0x32/0x80 [ 259.202441][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 259.202442][ C1] RIP: 0033:0x7f6aba1ff109 [ 259.202445][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 259.202446][ C1] RSP: 002b:00007f6aba175168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 259.202449][ C1] RAX: ffffffffffffffda RBX: 00007f6aba311f60 RCX: 00007f6aba1ff109 [ 259.202451][ C1] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 259.202452][ C1] RBP: 00007f6aba25908d R08: 00000000088000cc R09: 0000000000000000 [ 259.202454][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.202455][ C1] R13: 00007fff84610c8f R14: 00007f6aba175300 R15: 0000000000022000 [ 279.710486][ T25] INFO: task syz-executor.3:458 blocked for more than 229 seconds. [ 279.718658][ T25] Not tainted 5.10.118-syzkaller #0 [ 279.740437][ T25] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 279.749193][ T25] task:syz-executor.3 state:D stack: 0 pid: 458 ppid: 412 flags:0x00004004 [ 279.780436][ T25] Call Trace: [ 279.783920][ T25] __schedule+0x6e4/0x1910 [ 279.788406][ T25] ? io_schedule_timeout+0x150/0x150 [ 279.800451][ T25] ? __kasan_check_write+0x14/0x20 [ 279.805557][ T25] ? __mutex_add_waiter+0x25a/0x2f0 [ 279.820439][ T25] ? mutex_spin_on_owner+0x260/0x260 [ 279.825705][ T25] schedule+0xdb/0x270 [ 279.829752][ T25] schedule_preempt_disabled+0x13/0x20 [ 279.850452][ T25] __mutex_lock.constprop.0+0x350/0xdd0 [ 279.856331][ T25] ? ww_mutex_lock+0x1b0/0x1b0 [ 279.870478][ T25] ? current_time+0x6d/0x200 [ 279.875049][ T25] ? generic_update_time+0x17c/0x290 [ 279.890452][ T25] ? preempt_count_add+0x7a/0x160 [ 279.895459][ T25] __mutex_lock_slowpath+0xe/0x10 [ 279.910437][ T25] mutex_lock+0xc2/0xd0 [ 279.914572][ T25] ? __mutex_lock_slowpath+0x10/0x10 [ 279.920012][ T25] ? avc_has_perm+0x121/0x290 [ 279.940438][ T25] ? avc_has_perm_noaudit+0x210/0x210 [ 279.945803][ T25] pipe_write+0x117/0x1930 [ 279.950193][ T25] ? kasan_print_address_stack_frame+0xe1/0x110 [ 279.980450][ T25] ? anon_pipe_buf_try_steal+0x140/0x140 [ 279.986157][ T25] ? inode_has_perm+0x142/0x220 [ 280.000452][ T25] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 280.006416][ T25] ? file_has_perm+0x24c/0x360 [ 280.020452][ T25] ? __wake_up_common+0x5a0/0x5a0 [ 280.025461][ T25] new_sync_write+0x49b/0x6d0 [ 280.030110][ T25] ? futex_exit_release+0x200/0x200 [ 280.050472][ T25] ? kfree+0xc2/0x4e0 [ 280.054642][ T25] ? new_sync_read+0x6d0/0x6d0 [ 280.059489][ T25] ? fsnotify_handle_inode_event.isra.0+0x2a0/0x2a0 [ 280.080447][ T25] ? rw_verify_area+0xc3/0x2b0 [ 280.085200][ T25] ? __fget_light.part.0+0x19d/0x330 [ 280.100438][ T25] vfs_write+0x4f5/0x750 [ 280.104757][ T25] ksys_write+0x192/0x210 [ 280.109059][ T25] ? __fget_light.part.0+0x19d/0x330 [ 280.130453][ T25] ? __ia32_sys_read+0xa0/0xa0 [ 280.135557][ T25] ? __kasan_check_write+0x14/0x20 [ 280.150442][ T25] ? switch_fpu_return+0xc3/0x1c0 [ 280.155451][ T25] __x64_sys_write+0x6e/0xb0 [ 280.160018][ T25] ? syscall_exit_to_user_mode+0x27/0x160 [ 280.165856][ T25] do_syscall_64+0x32/0x80 [ 280.170347][ T25] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 280.176353][ T25] RIP: 0033:0x7fefbf019109 [ 280.180817][ T25] RSP: 002b:00007fefbef6e168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 280.189203][ T25] RAX: ffffffffffffffda RBX: 00007fefbf12c030 RCX: 00007fefbf019109 [ 280.197280][ T25] RDX: 00000000ffffff14 RSI: 0000000020000240 RDI: 0000000000000005 [ 280.205306][ T25] RBP: 00007fefbf07308d R08: 0000000000000000 R09: 0000000000000000 [ 280.213512][ T25] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.221985][ T25] R13: 00007fff35b1d90f R14: 00007fefbef6e300 R15: 0000000000022000 [ 280.229956][ T25] NMI backtrace for cpu 1 [ 280.234389][ T25] CPU: 1 PID: 25 Comm: khungtaskd Not tainted 5.10.118-syzkaller #0 [ 280.242348][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 280.252391][ T25] Call Trace: [ 280.255668][ T25] dump_stack_lvl+0x81/0xac [ 280.260147][ T25] dump_stack+0x10/0x12 [ 280.264276][ T25] nmi_cpu_backtrace.cold+0x93/0x95 [ 280.269463][ T25] ? lapic_can_unplug_cpu+0x80/0x80 [ 280.274638][ T25] nmi_trigger_cpumask_backtrace+0x17b/0x1b0 [ 280.280600][ T25] arch_trigger_cpumask_backtrace+0x14/0x20 [ 280.286556][ T25] watchdog+0x88b/0xb10 [ 280.290697][ T25] ? reset_hung_task_detector+0x30/0x30 [ 280.296220][ T25] ? __kasan_check_read+0x11/0x20 [ 280.301489][ T25] ? __kthread_parkme+0x78/0x140 [ 280.306609][ T25] ? schedule+0xf2/0x270 [ 280.310833][ T25] ? reset_hung_task_detector+0x30/0x30 [ 280.316354][ T25] kthread+0x345/0x420 [ 280.320400][ T25] ? schedule_tail+0xe9/0x1e0 [ 280.325048][ T25] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 280.330916][ T25] ret_from_fork+0x1f/0x30 [ 280.335340][ T25] Sending NMI from CPU 1 to CPUs 0: [ 280.340693][ C0] NMI backtrace for cpu 0 [ 280.340696][ C0] CPU: 0 PID: 177 Comm: kworker/u4:2 Not tainted 5.10.118-syzkaller #0 [ 280.340698][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 280.340699][ C0] Workqueue: events_unbound toggle_allocation_gate [ 280.340703][ C0] RIP: 0010:x2apic_send_IPI+0x9c/0xf0 [ 280.340706][ C0] Code: b7 13 0f ae f0 0f ae e8 b9 00 04 00 00 41 83 fd 02 44 89 e8 48 0f 44 c1 48 c1 e2 20 b9 30 08 00 00 48 09 d0 48 c1 ea 20 0f 30 <0f> 1f 44 00 00 5b 41 5c 41 5d 5d c3 31 d2 48 89 c6 bf 30 08 00 00 [ 280.340707][ C0] RSP: 0018:ffffc90000787890 EFLAGS: 00000202 [ 280.340710][ C0] RAX: 00000001000000fb RBX: ffff8881f7321158 RCX: 0000000000000830 [ 280.340711][ C0] RDX: 0000000000000001 RSI: 00000000000000fb RDI: ffffffff8536b708 [ 280.340713][ C0] RBP: ffffc900007878a8 R08: 0000000000000001 R09: ffff8881f73577c7 [ 280.340714][ C0] R10: ffffed103ee6aef8 R11: 0000000000000000 R12: 0000000000000001 [ 280.340716][ C0] R13: 00000000000000fb R14: 0000000000000000 R15: 0000000000000001 [ 280.340717][ C0] FS: 0000000000000000(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 [ 280.340719][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 280.340720][ C0] CR2: 00007f95245831c0 CR3: 000000000560f000 CR4: 00000000003506b0 [ 280.340722][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 280.340723][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 280.340724][ C0] Call Trace: [ 280.340725][ C0] native_send_call_func_single_ipi+0x52/0x70 [ 280.340727][ C0] send_call_function_single_ipi+0xa5/0x180 [ 280.340728][ C0] generic_exec_single+0xca/0x270 [ 280.340729][ C0] smp_call_function_single+0x130/0x3f0 [ 280.340730][ C0] ? find_next_bit+0x14/0x20 [ 280.340732][ C0] ? text_poke_bp_batch+0x510/0x510 [ 280.340733][ C0] ? generic_exec_single+0x270/0x270 [ 280.340734][ C0] ? text_poke_bp_batch+0x510/0x510 [ 280.340735][ C0] ? kasan_check_range+0x148/0x190 [ 280.340737][ C0] smp_call_function_many_cond+0x187/0x860 [ 280.340738][ C0] ? text_poke_bp_batch+0x510/0x510 [ 280.340739][ C0] ? text_poke_loc_init+0x380/0x380 [ 280.340740][ C0] ? text_poke_bp_batch+0x510/0x510 [ 280.340741][ C0] on_each_cpu+0x43/0xa0 [ 280.340742][ C0] text_poke_bp_batch+0x430/0x510 [ 280.340744][ C0] ? __text_poke+0x800/0x800 [ 280.340745][ C0] ? mutex_lock+0x79/0xd0 [ 280.340746][ C0] ? __mutex_lock_slowpath+0x10/0x10 [ 280.340747][ C0] text_poke_finish+0x1a/0x30 [ 280.340748][ C0] arch_jump_label_transform_apply+0x15/0x30 [ 280.340753][ C0] __jump_label_update+0x25f/0x330 [ 280.340755][ C0] jump_label_update+0x14a/0x320 [ 280.340756][ C0] ? psi_task_switch+0x278/0x360 [ 280.340757][ C0] ? balance_fair+0x70/0x70 [ 280.340758][ C0] static_key_enable_cpuslocked+0x164/0x210 [ 280.340759][ C0] static_key_enable+0x16/0x30 [ 280.340761][ C0] toggle_allocation_gate+0xf2/0x2e0 [ 280.340762][ C0] ? finish_task_switch+0x132/0x7a0 [ 280.340763][ C0] ? wake_up_kfence_timer+0x20/0x20 [ 280.340764][ C0] ? __kasan_check_read+0x11/0x20 [ 280.340765][ C0] ? read_word_at_a_time+0x12/0x20 [ 280.340766][ C0] ? strscpy+0x9a/0x2a0 [ 280.340768][ C0] process_one_work+0x635/0xf60 [ 280.340769][ C0] worker_thread+0x548/0xf20 [ 280.340770][ C0] ? rescuer_thread+0xc60/0xc60 [ 280.340771][ C0] kthread+0x345/0x420 [ 280.340772][ C0] ? schedule_tail+0xe9/0x1e0 [ 280.340774][ C0] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 280.340775][ C0] ret_from_fork+0x1f/0x30