Warning: Permanently added '10.128.0.30' (ED25519) to the list of known hosts.
2024/10/11 14:59:56 ignoring optional flag "sandboxArg"="0"
2024/10/11 14:59:57 parsed 1 programs
[   46.959499][   T25] audit: type=1400 audit(1728658797.311:122): avc:  denied  { unlink } for  pid=1553 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   47.029017][ T1553] swapon: swapfile has holes
[   47.358599][   T25] audit: type=1401 audit(1728658797.711:123): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2024/10/11 14:59:58 executed programs: 0
[   48.395679][   T25] audit: type=1400 audit(1728658798.711:124): avc:  denied  { read } for  pid=2100 comm="syz.4.19" name="msr" dev="devtmpfs" ino=7557 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   48.419247][   T25] audit: type=1400 audit(1728658798.711:125): avc:  denied  { open } for  pid=2100 comm="syz.4.19" path="/dev/cpu/0/msr" dev="devtmpfs" ino=7557 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   48.443116][   T25] audit: type=1400 audit(1728658798.771:126): avc:  denied  { execute } for  pid=2100 comm="syz.4.19" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B64202097F5479741C2D8F05571E62BA56C940BB607175CFB0421E4C4B1A21CFF433B94510DB67D9CEC430BCFEBE49A52E52C8203202864656C6574656429 dev="hugetlbfs" ino=9699 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
2024/10/11 15:00:03 executed programs: 94
2024/10/11 15:00:17 executed programs: 101
2024/10/11 15:00:30 executed programs: 112
2024/10/11 15:00:44 executed programs: 132
2024/10/11 15:00:56 executed programs: 239
2024/10/11 15:01:08 executed programs: 264
2024/10/11 15:01:20 executed programs: 364
2024/10/11 15:01:25 executed programs: 396
[  137.047067][T19199] cgroup: fork rejected by pids controller in /syz2
2024/10/11 15:01:30 executed programs: 531
[  142.961109][T20397] cgroup: fork rejected by pids controller in /syz0
[  144.172200][T20983] cgroup: fork rejected by pids controller in /syz3
2024/10/11 15:01:35 executed programs: 662
[  145.901623][T22109] cgroup: fork rejected by pids controller in /syz4
[  149.429093][T23080] cgroup: fork rejected by pids controller in /syz1
2024/10/11 15:01:40 executed programs: 817
2024/10/11 15:01:45 executed programs: 939
[  156.364693][T23542] syz-executor (23542) used greatest stack depth: 11936 bytes left
2024/10/11 15:01:50 executed programs: 1051
2024/10/11 15:01:55 executed programs: 1139
2024/10/11 15:02:00 executed programs: 1232
2024/10/11 15:02:05 executed programs: 1320
2024/10/11 15:02:10 executed programs: 1411
[  181.952146][ T2556] syz-executor (2556) used greatest stack depth: 11816 bytes left
2024/10/11 15:02:15 executed programs: 1509
2024/10/11 15:02:20 executed programs: 1602
2024/10/11 15:02:26 executed programs: 1687
2024/10/11 15:02:31 executed programs: 1782
2024/10/11 15:02:36 executed programs: 1871
2024/10/11 15:02:41 executed programs: 1964
[  211.006750][  T217] INFO: task syz.4.98:4175 blocked for more than 143 seconds.
[  211.014244][  T217]       Not tainted 5.7.0-syzkaller #0
[  211.019702][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  211.028357][  T217] syz.4.98        D14648  4175   1569 0x00000004
[  211.034657][  T217] Call Trace:
[  211.037986][  T217]  __schedule+0x2ca/0x650
[  211.042480][  T217]  schedule+0x3b/0xa0
[  211.046489][  T217]  rwsem_down_read_slowpath+0x318/0x560
[  211.052032][  T217]  ? down_read+0xa4/0xd0
[  211.056297][  T217]  down_read+0xa4/0xd0
[  211.060353][  T217]  hugetlb_fault+0x9b/0xaa0
[  211.065012][  T217]  handle_mm_fault+0x60a/0xe60
[  211.069779][  T217]  ? lock_acquire+0x93/0x130
[  211.074358][  T217]  ? do_page_fault+0x11d/0x59f
[  211.079136][  T217]  do_page_fault+0x2ad/0x59f
[  211.083946][  T217]  page_fault+0x39/0x40
[  211.088120][  T217] RIP: 0033:0x7fa68bb1f629
[  211.092541][  T217] Code: Bad RIP value.
[  211.096618][  T217] RSP: 002b:00007fff6a8816f0 EFLAGS: 00010246
[  211.102667][  T217] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffffff7fffff
[  211.110753][  T217] RDX: 781489698450e29c RSI: 0000000020800000 RDI: 00005555575503c8
[  211.118813][  T217] RBP: 00007fa68be05a80 R08: 00007fa68bace000 R09: 0000000000000008
[  211.126837][  T217] R10: 0000000000000000 R11: 0000000000000003 R12: 000000000000d07f
[  211.134787][  T217] R13: 00007fff6a8817f0 R14: 0000000000000032 R15: fffffffffffffffe
[  211.290189][  T217] INFO: task syz.4.98:4176 blocked for more than 143 seconds.
[  211.297969][  T217]       Not tainted 5.7.0-syzkaller #0
[  211.303568][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  211.312245][  T217] syz.4.98        D14384  4176   1569 0x00004004
[  211.318664][  T217] Call Trace:
[  211.322125][  T217]  __schedule+0x2ca/0x650
[  211.326455][  T217]  schedule+0x3b/0xa0
[  211.330422][  T217]  rwsem_down_write_slowpath+0x38b/0x570
[  211.336081][  T217]  ? hugetlb_cow+0x1ac/0x540
[  211.340754][  T217]  hugetlb_cow+0x1ac/0x540
[  211.345163][  T217]  hugetlb_fault+0x6f6/0xaa0
[  211.349764][  T217]  handle_mm_fault+0x60a/0xe60
[  211.354614][  T217]  ? lock_acquire+0x93/0x130
[  211.359221][  T217]  ? do_page_fault+0x11d/0x59f
[  211.363974][  T217]  do_page_fault+0x2ad/0x59f
[  211.368592][  T217]  page_fault+0x39/0x40
[  211.372753][  T217] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0
[  211.379080][  T217] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a
[  211.398977][  T217] RSP: 0018:ffffc90001937e70 EFLAGS: 00050202
[  211.405205][  T217] RAX: 0000000020028880 RBX: 000000000000f1f8 RCX: 0000000000000001
[  211.413456][  T217] RDX: 0000000000000000 RSI: ffffc90001937e88 RDI: 0000000020028878
[  211.421611][  T217] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff888225790880
[  211.429761][  T217] R10: 0000000000000001 R11: ffff888225790000 R12: 0000000020028878
[  211.437875][  T217] R13: 0000000000018ff8 R14: 0000000020019680 R15: ffffc90001937e8c
[  211.445939][  T217]  _copy_to_user+0x22/0x30
[  211.450340][  T217]  msr_read+0x62/0xe0
[  211.454307][  T217]  vfs_read+0x8f/0x150
[  211.458391][  T217]  ksys_read+0x5a/0xd0
[  211.462706][  T217]  do_syscall_64+0x50/0x180
[  211.467217][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  211.473086][  T217] RIP: 0033:0x7fa68bc4bff9
[  211.477517][  T217] Code: Bad RIP value.
[  211.481569][  T217] RSP: 002b:00007fa68b6cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.490057][  T217] RAX: ffffffffffffffda RBX: 00007fa68be03f80 RCX: 00007fa68bc4bff9
[  211.498025][  T217] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[  211.506000][  T217] RBP: 00007fa68bcbe296 R08: 0000000000000000 R09: 0000000000000000
[  211.514206][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.522189][  T217] R13: 0000000000000000 R14: 00007fa68be03f80 R15: 00007fff6a881588
[  211.536424][  T217] INFO: task syz.4.98:4185 blocked for more than 143 seconds.
[  211.543897][  T217]       Not tainted 5.7.0-syzkaller #0
[  211.549348][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  211.558126][  T217] syz.4.98        D15032  4185   4175 0x80000000
[  211.564434][  T217] Call Trace:
[  211.567721][  T217]  __schedule+0x2ca/0x650
[  211.572237][  T217]  schedule+0x3b/0xa0
[  211.576477][  T217]  rwsem_down_write_slowpath+0x38b/0x570
[  211.582105][  T217]  ? unmap_single_vma+0xaf/0xf0
[  211.586955][  T217]  unmap_single_vma+0xaf/0xf0
[  211.591868][  T217]  unmap_vmas+0x37/0x50
[  211.596048][  T217]  exit_mmap+0xa4/0x180
[  211.600184][  T217]  mmput+0x2e/0xe0
[  211.603961][  T217]  do_exit+0x32c/0xb60
[  211.608291][  T217]  __x64_sys_exit+0x12/0x20
[  211.612775][  T217]  do_syscall_64+0x50/0x180
[  211.617274][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  211.623146][  T217] RIP: 0033:0x7fa68bc4bff9
[  211.627598][  T217] Code: Bad RIP value.
[  211.631776][  T217] RSP: 002b:00007fa68b6abfe8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c
[  211.640281][  T217] RAX: ffffffffffffffda RBX: 00007fa68be04058 RCX: 00007fa68bc4bff9
[  211.648301][  T217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.656454][  T217] RBP: 00007fa68bcbe296 R08: 0000000000000000 R09: 0000000000000000
[  211.664517][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.672592][  T217] R13: 0000000000000000 R14: 00007fa68be04058 R15: 00007fff6a881588
[  211.680712][  T217] INFO: task syz.0.99:4188 blocked for more than 144 seconds.
[  211.688302][  T217]       Not tainted 5.7.0-syzkaller #0
[  211.693752][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  211.702424][  T217] syz.0.99        D14656  4188   2095 0x00000004
[  211.708773][  T217] Call Trace:
[  211.712158][  T217]  __schedule+0x2ca/0x650
[  211.716629][  T217]  schedule+0x3b/0xa0
[  211.720682][  T217]  rwsem_down_write_slowpath+0x38b/0x570
[  211.726328][  T217]  ? hugetlb_cow+0x1ac/0x540
[  211.730906][  T217]  hugetlb_cow+0x1ac/0x540
[  211.735311][  T217]  hugetlb_fault+0x6f6/0xaa0
[  211.739914][  T217]  handle_mm_fault+0x60a/0xe60
[  211.744787][  T217]  ? lock_acquire+0x93/0x130
[  211.749385][  T217]  ? do_page_fault+0x11d/0x59f
[  211.754135][  T217]  do_page_fault+0x2ad/0x59f
[  211.758969][  T217]  page_fault+0x39/0x40
[  211.763118][  T217] RIP: 0033:0x7f87b3e50629
[  211.767768][  T217] Code: Bad RIP value.
[  211.772087][  T217] RSP: 002b:00007fff4105e440 EFLAGS: 00010246
[  211.778297][  T217] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffffff7fffff
[  211.786265][  T217] RDX: 0a5e629b5b89cc61 RSI: 0000000020800000 RDI: 0000555555d513c8
[  211.794324][  T217] RBP: 00007f87b4136a80 R08: 00007f87b3dff000 R09: 0000000000000008
[  211.802314][  T217] R10: 0000000000000000 R11: 0000000000000003 R12: 000000000000d0b8
[  211.810384][  T217] R13: 00007fff4105e540 R14: 0000000000000032 R15: fffffffffffffffe
[  211.954974][  T217] INFO: task syz.0.99:4189 blocked for more than 144 seconds.
[  211.962493][  T217]       Not tainted 5.7.0-syzkaller #0
[  211.967938][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  211.976990][  T217] syz.0.99        D14584  4189   2095 0x00004004
[  211.983486][  T217] Call Trace:
[  211.986812][  T217]  __schedule+0x2ca/0x650
[  211.991126][  T217]  schedule+0x3b/0xa0
[  211.995244][  T217]  rwsem_down_read_slowpath+0x318/0x560
[  212.000794][  T217]  ? down_read+0xa4/0xd0
[  212.005020][  T217]  down_read+0xa4/0xd0
[  212.009101][  T217]  hugetlb_fault+0x9b/0xaa0
[  212.013595][  T217]  handle_mm_fault+0x60a/0xe60
[  212.018363][  T217]  ? lock_acquire+0x93/0x130
[  212.022938][  T217]  ? do_page_fault+0x11d/0x59f
[  212.027699][  T217]  do_page_fault+0x2ad/0x59f
[  212.032445][  T217]  page_fault+0x39/0x40
[  212.036615][  T217] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0
[  212.043010][  T217] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a
[  212.062624][  T217] RSP: 0000:ffffc9000191fe70 EFLAGS: 00050202
[  212.068684][  T217] RAX: 000000002001ee78 RBX: 00000000000057f0 RCX: 0000000000000001
[  212.076668][  T217] RDX: 0000000000000000 RSI: ffffc9000191fe88 RDI: 000000002001ee70
[  212.084628][  T217] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff888222c98880
[  212.092693][  T217] R10: 0000000000000001 R11: ffff888222c98000 R12: 000000002001ee70
[  212.101171][  T217] R13: 0000000000018ff8 R14: 0000000020019680 R15: ffffc9000191fe8c
[  212.109151][  T217]  _copy_to_user+0x22/0x30
[  212.113543][  T217]  msr_read+0x62/0xe0
[  212.117513][  T217]  vfs_read+0x8f/0x150
[  212.121662][  T217]  ksys_read+0x5a/0xd0
[  212.125713][  T217]  do_syscall_64+0x50/0x180
[  212.130227][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  212.136119][  T217] RIP: 0033:0x7f87b3f7cff9
[  212.140515][  T217] Code: Bad RIP value.
[  212.144556][  T217] RSP: 002b:00007f87b39fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  212.153112][  T217] RAX: ffffffffffffffda RBX: 00007f87b4134f80 RCX: 00007f87b3f7cff9
[  212.161082][  T217] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[  212.169068][  T217] RBP: 00007f87b3fef296 R08: 0000000000000000 R09: 0000000000000000
[  212.177125][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.185087][  T217] R13: 0000000000000000 R14: 00007f87b4134f80 R15: 00007fff4105e2d8
[  212.194362][  T217] INFO: task syz.0.99:4191 blocked for more than 144 seconds.
[  212.201993][  T217]       Not tainted 5.7.0-syzkaller #0
[  212.207443][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  212.216109][  T217] syz.0.99        D15032  4191   4188 0x80000000
[  212.222417][  T217] Call Trace:
[  212.225681][  T217]  __schedule+0x2ca/0x650
[  212.230023][  T217]  schedule+0x3b/0xa0
[  212.234116][  T217]  rwsem_down_write_slowpath+0x38b/0x570
[  212.239791][  T217]  ? unmap_single_vma+0xaf/0xf0
[  212.244928][  T217]  unmap_single_vma+0xaf/0xf0
[  212.249602][  T217]  unmap_vmas+0x37/0x50
[  212.253740][  T217]  exit_mmap+0xa4/0x180
[  212.257891][  T217]  mmput+0x2e/0xe0
[  212.261622][  T217]  do_exit+0x32c/0xb60
[  212.265678][  T217]  __x64_sys_exit+0x12/0x20
[  212.270186][  T217]  do_syscall_64+0x50/0x180
[  212.274669][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  212.280652][  T217] RIP: 0033:0x7f87b3f7cff9
[  212.285050][  T217] Code: Bad RIP value.
[  212.289098][  T217] RSP: 002b:00007f87b39dcfe8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c
[  212.297519][  T217] RAX: ffffffffffffffda RBX: 00007f87b4135058 RCX: 00007f87b3f7cff9
[  212.305463][  T217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  212.313607][  T217] RBP: 00007f87b3fef296 R08: 0000000000000000 R09: 0000000000000000
[  212.321630][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.329832][  T217] R13: 0000000000000000 R14: 00007f87b4135058 R15: 00007fff4105e2d8
[  212.362884][  T217] INFO: task syz.1.101:4197 blocked for more than 144 seconds.
[  212.370580][  T217]       Not tainted 5.7.0-syzkaller #0
[  212.376127][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  212.384910][  T217] syz.1.101       D13368  4197   2094 0x00004004
[  212.391236][  T217] Call Trace:
[  212.394508][  T217]  __schedule+0x2ca/0x650
[  212.398846][  T217]  ? hugetlb_fault+0x1ab/0xaa0
[  212.403603][  T217]  schedule+0x3b/0xa0
[  212.407683][  T217]  schedule_preempt_disabled+0x5/0x10
[  212.413083][  T217]  __mutex_lock+0x3c4/0x700
[  212.417585][  T217]  ? lock_acquire+0x93/0x130
[  212.422157][  T217]  ? hugetlb_fault+0x1ab/0xaa0
[  212.427006][  T217]  hugetlb_fault+0x1ab/0xaa0
[  212.431587][  T217]  handle_mm_fault+0x60a/0xe60
[  212.436360][  T217]  do_page_fault+0x2ad/0x59f
[  212.441069][  T217]  page_fault+0x39/0x40
[  212.445214][  T217] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0
[  212.451555][  T217] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a
[  212.471157][  T217] RSP: 0018:ffffc90001997e70 EFLAGS: 00050202
[  212.477240][  T217] RAX: 000000002001fe70 RBX: 00000000000067e8 RCX: 0000000000000001
[  212.485946][  T217] RDX: 0000000000000000 RSI: ffffc90001997e88 RDI: 000000002001fe68
[  212.494071][  T217] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff888225788880
[  212.502032][  T217] R10: 0000000000000001 R11: ffff888225788000 R12: 000000002001fe68
[  212.509996][  T217] R13: 0000000000018ff8 R14: 0000000020019680 R15: ffffc90001997e8c
[  212.518152][  T217]  _copy_to_user+0x22/0x30
[  212.522550][  T217]  msr_read+0x62/0xe0
[  212.526529][  T217]  vfs_read+0x8f/0x150
[  212.530584][  T217]  ksys_read+0x5a/0xd0
[  212.534633][  T217]  do_syscall_64+0x50/0x180
[  212.539153][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  212.545029][  T217] RIP: 0033:0x7f733705bff9
[  212.549473][  T217] Code: Bad RIP value.
[  212.553518][  T217] RSP: 002b:00007f7336add038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  212.561941][  T217] RAX: ffffffffffffffda RBX: 00007f7337213f80 RCX: 00007f733705bff9
[  212.570036][  T217] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[  212.578075][  T217] RBP: 00007f73370ce296 R08: 0000000000000000 R09: 0000000000000000
[  212.586287][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.594428][  T217] R13: 0000000000000000 R14: 00007f7337213f80 R15: 00007fffeb23e148
[  212.606218][  T217] INFO: task syz.1.101:4202 blocked for more than 144 seconds.
[  212.613864][  T217]       Not tainted 5.7.0-syzkaller #0
[  212.619356][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  212.628109][  T217] syz.1.101       D14160  4202   2094 0x00000004
[  212.634834][  T217] Call Trace:
[  212.638335][  T217]  __schedule+0x2ca/0x650
[  212.642651][  T217]  ? hugetlbfs_fallocate+0x1ca/0x530
[  212.647953][  T217]  schedule+0x3b/0xa0
[  212.652005][  T217]  schedule_preempt_disabled+0x5/0x10
[  212.657478][  T217]  __mutex_lock+0x3c4/0x700
[  212.661969][  T217]  ? hugetlbfs_fallocate+0x1ca/0x530
[  212.667367][  T217]  hugetlbfs_fallocate+0x1ca/0x530
[  212.672467][  T217]  vfs_fallocate+0x13d/0x270
[  212.677064][  T217]  ksys_fallocate+0x37/0x70
[  212.681615][  T217]  __x64_sys_fallocate+0x15/0x20
[  212.686845][  T217]  do_syscall_64+0x50/0x180
[  212.691337][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  212.697231][  T217] RIP: 0033:0x7f733705bff9
[  212.701670][  T217] Code: Bad RIP value.
[  212.705818][  T217] RSP: 002b:00007f7336abc038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  212.714235][  T217] RAX: ffffffffffffffda RBX: 00007f7337214058 RCX: 00007f733705bff9
[  212.722305][  T217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  212.730362][  T217] RBP: 00007f73370ce296 R08: 0000000000000000 R09: 0000000000000000
[  212.738340][  T217] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[  212.746397][  T217] R13: 0000000000000000 R14: 00007f7337214058 R15: 00007fffeb23e148
[  212.757879][  T217] INFO: task syz.3.105:4229 blocked for more than 145 seconds.
[  212.765533][  T217]       Not tainted 5.7.0-syzkaller #0
[  212.771001][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  212.779670][  T217] syz.3.105       D14584  4229   2102 0x00004004
[  212.786002][  T217] Call Trace:
[  212.789363][  T217]  __schedule+0x2ca/0x650
[  212.793715][  T217]  ? hugetlb_fault+0x1ab/0xaa0
[  212.798522][  T217]  schedule+0x3b/0xa0
[  212.802498][  T217]  schedule_preempt_disabled+0x5/0x10
[  212.808049][  T217]  __mutex_lock+0x3c4/0x700
[  212.812547][  T217]  ? lock_acquire+0x93/0x130
[  212.817145][  T217]  ? hugetlb_fault+0x1ab/0xaa0
[  212.821995][  T217]  hugetlb_fault+0x1ab/0xaa0
[  212.826606][  T217]  handle_mm_fault+0x60a/0xe60
[  212.831539][  T217]  do_page_fault+0x2ad/0x59f
[  212.836483][  T217]  page_fault+0x39/0x40
[  212.840629][  T217] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0
[  212.846951][  T217] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a
[  212.866643][  T217] RSP: 0018:ffffc900019b7e70 EFLAGS: 00050202
[  212.872863][  T217] RAX: 000000002001f440 RBX: 0000000000005db8 RCX: 0000000000000001
[  212.880930][  T217] RDX: 0000000000000000 RSI: ffffc900019b7e88 RDI: 000000002001f438
[  212.889140][  T217] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff8882257eb800
[  212.897193][  T217] R10: 0000000000000001 R11: ffff8882257eaf80 R12: 000000002001f438
[  212.905247][  T217] R13: 0000000000018ff8 R14: 0000000020019680 R15: ffffc900019b7e8c
[  212.913660][  T217]  _copy_to_user+0x22/0x30
[  212.918228][  T217]  msr_read+0x62/0xe0
[  212.922190][  T217]  vfs_read+0x8f/0x150
[  212.926383][  T217]  ksys_read+0x5a/0xd0
[  212.930455][  T217]  do_syscall_64+0x50/0x180
[  212.935148][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  212.941047][  T217] RIP: 0033:0x7ff8dfdbaff9
[  212.945591][  T217] Code: Bad RIP value.
[  212.949660][  T217] RSP: 002b:00007ff8df83c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  212.958067][  T217] RAX: ffffffffffffffda RBX: 00007ff8dff72f80 RCX: 00007ff8dfdbaff9
[  212.966029][  T217] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[  212.974255][  T217] RBP: 00007ff8dfe2d296 R08: 0000000000000000 R09: 0000000000000000
[  212.982339][  T217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.990326][  T217] R13: 0000000000000000 R14: 00007ff8dff72f80 R15: 00007ffda54611d8
[  213.013201][  T217] INFO: task syz.3.105:4232 blocked for more than 145 seconds.
[  213.020790][  T217]       Not tainted 5.7.0-syzkaller #0
[  213.026274][  T217] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  213.034917][  T217] syz.3.105       D14328  4232   2102 0x00000004
[  213.041232][  T217] Call Trace:
[  213.044511][  T217]  __schedule+0x2ca/0x650
[  213.048845][  T217]  ? hugetlbfs_fallocate+0x1ca/0x530
[  213.054116][  T217]  schedule+0x3b/0xa0
[  213.058124][  T217]  schedule_preempt_disabled+0x5/0x10
[  213.063493][  T217]  __mutex_lock+0x3c4/0x700
[  213.068003][  T217]  ? hugetlbfs_fallocate+0x1ca/0x530
[  213.073273][  T217]  hugetlbfs_fallocate+0x1ca/0x530
[  213.078384][  T217]  vfs_fallocate+0x13d/0x270
[  213.082957][  T217]  ksys_fallocate+0x37/0x70
[  213.087467][  T217]  __x64_sys_fallocate+0x15/0x20
[  213.092390][  T217]  do_syscall_64+0x50/0x180
[  213.096893][  T217]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  213.103029][  T217] RIP: 0033:0x7ff8dfdbaff9
[  213.107444][  T217] Code: Bad RIP value.
[  213.111589][  T217] RSP: 002b:00007ff8df81b038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  213.119996][  T217] RAX: ffffffffffffffda RBX: 00007ff8dff73058 RCX: 00007ff8dfdbaff9
[  213.127972][  T217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  213.136615][  T217] RBP: 00007ff8dfe2d296 R08: 0000000000000000 R09: 0000000000000000
[  213.144617][  T217] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[  213.152590][  T217] R13: 0000000000000000 R14: 00007ff8dff73058 R15: 00007ffda54611d8
[  213.164035][  T217] 
[  213.164035][  T217] Showing all locks held in the system:
[  213.171778][  T217] 2 locks held by kworker/u4:0/7:
[  213.176797][  T217]  #0: ffff888236c20938 ((wq_completion)events_unbound){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.187751][  T217]  #1: ffffc90000043e78 ((work_completion)(&sub_info->work)){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.199115][  T217] 2 locks held by kworker/u4:1/21:
[  213.204211][  T217]  #0: ffff888236c20938 ((wq_completion)events_unbound){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.215238][  T217]  #1: ffffc900000bfe78 ((work_completion)(&sub_info->work)){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.226694][  T217] 1 lock held by khungtaskd/217:
[  213.231624][  T217]  #0: ffffffff8226cd60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x15/0xfc
[  213.241444][  T217] 3 locks held by kworker/u4:2/218:
[  213.246640][  T217]  #0: ffff8882333dd538 ((wq_completion)netns){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.256805][  T217]  #1: ffffc900000d7e78 (net_cleanup_work){....}-{0:0}, at: process_one_work+0x1bd/0x460
[  213.266915][  T217]  #2: ffffffff8226d5a8 (rcu_state.barrier_mutex){....}-{3:3}, at: rcu_barrier+0x27/0x1d0
[  213.276912][  T217] 2 locks held by getty/960:
[  213.281748][  T217]  #0: ffff8882358f1898 (&tty->ldisc_sem){....}-{0:0}, at: tty_ldisc_ref_wait+0x1f/0x50
[  213.291503][  T217]  #1: ffffc900015a72e8 (&ldata->atomic_read_lock){....}-{3:3}, at: n_tty_read+0xd4/0x9c0
[  213.301404][  T217] 3 locks held by kworker/1:8/1144:
[  213.306603][  T217] 2 locks held by syz.4.98/4175:
[  213.311538][  T217]  #0: ffff888225726528 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.321167][  T217]  #1: ffff888225729cd0 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.331674][  T217] 4 locks held by syz.4.98/4176:
[  213.336786][  T217]  #0: ffff888225726528 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.346248][  T217]  #1: ffff888225729cd0 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.356662][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.367340][  T217]  #3: ffff888225729cd0 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_cow+0x1ac/0x540
[  213.377778][  T217] 1 lock held by syz.4.98/4185:
[  213.382731][  T217]  #0: ffff888225729cd0 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: unmap_single_vma+0xaf/0xf0
[  213.393425][  T217] 4 locks held by syz.0.99/4188:
[  213.398492][  T217]  #0: ffff888222c013e8 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.407957][  T217]  #1: ffff888225754350 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.418734][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.429504][  T217]  #3: ffff888225754350 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_cow+0x1ac/0x540
[  213.439860][  T217] 2 locks held by syz.0.99/4189:
[  213.444869][  T217]  #0: ffff888222c013e8 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.454498][  T217]  #1: ffff888225754350 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.465073][  T217] 1 lock held by syz.0.99/4191:
[  213.470003][  T217]  #0: ffff888225754350 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: unmap_single_vma+0xaf/0xf0
[  213.480685][  T217] 3 locks held by syz.1.101/4197:
[  213.485696][  T217]  #0: ffff888222c88768 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x4ec/0x59f
[  213.495243][  T217]  #1: ffff888222c50790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.505658][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.516338][  T217] 3 locks held by syz.1.101/4202:
[  213.521332][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.530640][  T217]  #1: ffff888222c505d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.541655][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.552867][  T217] 3 locks held by syz.3.105/4229:
[  213.557882][  T217]  #0: ffff88822429a068 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x4ec/0x59f
[  213.567472][  T217]  #1: ffff888222cbcbd0 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.578115][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.588811][  T217] 3 locks held by syz.3.105/4232:
[  213.593896][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.603169][  T217]  #1: ffff888222cbca18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.614557][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.625943][  T217] 3 locks held by syz.2.104/4231:
[  213.630943][  T217]  #0: ffff888222d58da8 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x4ec/0x59f
[  213.640490][  T217]  #1: ffff888222d94790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.650928][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.661744][  T217] 3 locks held by syz.2.104/4233:
[  213.666753][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.676118][  T217]  #1: ffff888222d945d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.687068][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.698407][  T217] 3 locks held by syz.0.111/6507:
[  213.703560][  T217]  #0: ffff8882238293e8 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.713090][  T217]  #1: ffff888222cb8350 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.723505][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.734176][  T217] 3 locks held by syz.0.111/6523:
[  213.739193][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.748466][  T217]  #1: ffff888222cb8198 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.759480][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.770700][  T217] 3 locks held by syz.2.112/6508:
[  213.775803][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.785102][  T217]  #1: ffff888222ee4198 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.796291][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.807658][  T217] 3 locks held by syz.1.115/6530:
[  213.812714][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.822076][  T217]  #1: ffff888222c50a18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.833210][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.844498][  T217] 2 locks held by syz.3.116/6536:
[  213.849630][  T217]  #0: ffff8882257e0768 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.859417][  T217]  #1: ffff888222cbd450 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.870102][  T217] 4 locks held by syz.3.116/6538:
[  213.875200][  T217]  #0: ffff8882257e0768 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.884746][  T217]  #1: ffff888222cbd450 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.895174][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  213.906410][  T217]  #3: ffff888222cbd450 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_cow+0x1ac/0x540
[  213.916749][  T217] 3 locks held by syz.4.110/6543:
[  213.921749][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  213.931044][  T217]  #1: ffff88822575ac18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  213.941971][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  213.953273][  T217] 1 lock held by syz.3.116/6545:
[  213.958290][  T217]  #0: ffff888222cbd450 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: unmap_single_vma+0xaf/0xf0
[  213.968887][  T217] 4 locks held by syz.0.117/8794:
[  213.973887][  T217]  #0: ffff888222c02068 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x11d/0x59f
[  213.983349][  T217]  #1: ffff888222cb8790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  213.993755][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  214.004642][  T217]  #3: ffff888222cb8790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_cow+0x1ac/0x540
[  214.014968][  T217] 3 locks held by syz.0.117/8795:
[  214.019999][  T217]  #0: ffff888222c02068 (&mm->mmap_sem#2){....}-{3:3}, at: do_page_fault+0x4ec/0x59f
[  214.029450][  T217]  #1: ffff888222cb8790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: hugetlb_fault+0x9b/0xaa0
[  214.039865][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0x1ab/0xaa0
[  214.050543][  T217] 1 lock held by syz.0.117/8825:
[  214.055455][  T217]  #0: ffff888222cb8790 (&hugetlbfs_i_mmap_rwsem_key){....}-{3:3}, at: unmap_single_vma+0xaf/0xf0
[  214.066053][  T217] 3 locks held by syz.2.126/8854:
[  214.071050][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.080340][  T217]  #1: ffff888222ee45d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.091270][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.102479][  T217] 3 locks held by syz.1.127/8850:
[  214.107494][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.116785][  T217]  #1: ffff888222caca18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.127721][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.138929][  T217] 3 locks held by syz.3.132/8883:
[  214.143926][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.153219][  T217]  #1: ffff888222cbdf58 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.164238][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.175538][  T217] 3 locks held by syz.4.136/8893:
[  214.180556][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.189935][  T217]  #1: ffff88822575b058 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.201128][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.212329][  T217] 3 locks held by syz.0.158/11254:
[  214.217564][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.226849][  T217]  #1: ffff888225754a18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.237881][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.249195][  T217] 3 locks held by syz.3.174/11327:
[  214.254627][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.264021][  T217]  #1: ffff8882256285d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.274963][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.286258][  T217] 3 locks held by syz.4.208/11469:
[  214.291347][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.300646][  T217]  #1: ffff88822572b498 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.311587][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.322898][  T217] 3 locks held by syz.1.241/11592:
[  214.328098][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.337477][  T217]  #1: ffff888222c52398 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.348415][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.359629][  T217] 3 locks held by syz.2.243/11598:
[  214.364722][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.374015][  T217]  #1: ffff888222ee5f58 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.385080][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.396378][  T217] 3 locks held by syz.0.248/12613:
[  214.401673][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.411246][  T217]  #1: ffff888222cb96d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.422269][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.433766][  T217] 3 locks held by syz.3.249/12650:
[  214.438868][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.448192][  T217]  #1: ffff888225628e58 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.459211][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.470583][  T217] 3 locks held by syz.4.261/13172:
[  214.475677][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.484975][  T217]  #1: ffff888225758a18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.496004][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.507202][  T217] 3 locks held by syz.2.266/13951:
[  214.512636][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.521929][  T217]  #1: ffff888222d97498 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.532960][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.544531][  T217] 3 locks held by syz.1.268/13960:
[  214.549650][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.558930][  T217]  #1: ffff888222c527d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.569956][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.581239][  T217] 3 locks held by syz.0.287/15145:
[  214.586440][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.595725][  T217]  #1: ffff888222cb9f58 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.606670][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.617867][  T217] 3 locks held by syz.3.296/15344:
[  214.622958][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.632251][  T217]  #1: ffff888225629b18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.643272][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.654566][  T217] 3 locks held by syz.4.325/16366:
[  214.659681][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.669223][  T217]  #1: ffff88822575b498 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.680247][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.691472][  T217] 3 locks held by syz.1.364/16578:
[  214.696579][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.705956][  T217]  #1: ffff888222c53d18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.716885][  T217]  #2: ffff888234ac0698 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.728091][  T217] 3 locks held by syz.2.368/16595:
[  214.733272][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.743092][  T217]  #1: ffff888222ee7d18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.754040][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.765340][  T217] 3 locks held by syz.0.380/17204:
[  214.770483][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.779784][  T217]  #1: ffff888222cbb058 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.790721][  T217]  #2: ffff888234ac0068 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.802104][  T217] 3 locks held by syz.3.382/17550:
[  214.807575][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.816969][  T217]  #1: ffff88822562a398 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.827992][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.839323][  T217] 3 locks held by syz.4.386/18055:
[  214.844424][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.853892][  T217]  #1: ffff88822572bd18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.865069][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.876281][  T217] 3 locks held by syz.1.448/19175:
[  214.881377][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.890759][  T217]  #1: ffff888222c51b18 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.901800][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.913195][  T217] 3 locks held by syz.3.652/21353:
[  214.918391][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.927872][  T217]  #1: ffff88822562a7d8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.938955][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.950371][  T217] 3 locks held by syz.0.717/22226:
[  214.955458][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  214.964927][  T217]  #1: ffff888225757058 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  214.976151][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  214.987567][  T217] 3 locks held by syz.4.791/22997:
[  214.992652][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  215.001972][  T217]  #1: ffff888225729298 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  215.012907][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  215.024202][  T217] 3 locks held by syz.1.810/23127:
[  215.029309][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  215.038780][  T217]  #1: ffff888222c50198 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  215.050012][  T217]  #2: ffff888234ac0728 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  215.061418][  T217] 1 lock held by syz-executor/18669:
[  215.066789][  T217]  #0: ffffffff8226d6a0 (rcu_state.exp_mutex){....}-{3:3}, at: synchronize_rcu_expedited+0x2c4/0x360
[  215.077846][  T217] 1 lock held by syz-executor/19170:
[  215.083203][  T217]  #0: ffffffff8226d6a0 (rcu_state.exp_mutex){....}-{3:3}, at: synchronize_rcu_expedited+0xe6/0x360
[  215.093980][  T217] 3 locks held by syz.2.1999/20799:
[  215.099175][  T217]  #0: ffff8882346c0438 (sb_writers#14){....}-{0:0}, at: vfs_fallocate+0x218/0x270
[  215.108471][  T217]  #1: ffff88821e874198 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb2/0x530
[  215.119440][  T217]  #2: ffff888234ac0848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x1ca/0x530
[  215.130733][  T217] 
[  215.133040][  T217] =============================================
[  215.133040][  T217] 
[  215.141553][  T217] NMI backtrace for cpu 1
[  215.145887][  T217] CPU: 1 PID: 217 Comm: khungtaskd Not tainted 5.7.0-syzkaller #0
[  215.153855][  T217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  215.163979][  T217] Call Trace:
[  215.167356][  T217]  dump_stack+0x50/0x70
[  215.171493][  T217]  nmi_cpu_backtrace.cold.7+0x13/0x50
[  215.176947][  T217]  ? lapic_can_unplug_cpu.cold.31+0x40/0x40
[  215.182823][  T217]  nmi_trigger_cpumask_backtrace+0x9b/0x9d
[  215.188612][  T217]  watchdog+0x327/0x4b0
[  215.192840][  T217]  ? hungtask_pm_notify+0x40/0x40
[  215.197929][  T217]  kthread+0x10e/0x130
[  215.201996][  T217]  ? kthread_park+0x60/0x60
[  215.206480][  T217]  ret_from_fork+0x22/0x30
[  215.210900][  T217] Sending NMI from CPU 1 to CPUs 0:
[  215.216181][    C0] NMI backtrace for cpu 0
[  215.216182][    C0] CPU: 0 PID: 21284 Comm: modprobe Not tainted 5.7.0-syzkaller #0
[  215.216182][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  215.216183][    C0] RIP: 0010:__lock_acquire.isra.31+0x12c/0x3e0
[  215.216184][    C0] Code: 24 50 66 41 89 47 20 0f b6 c4 83 e0 7f 44 09 e0 41 88 47 21 41 0f b6 47 22 49 89 57 08 83 e0 fc 09 c1 41 88 4f 22 41 8b 57 20 <81> e2 ff 9f fb ff 89 d0 41 89 57 20 c1 e8 10 83 e0 f3 41 09 c0 45
[  215.216185][    C0] RSP: 0000:ffffc9000038fce8 EFLAGS: 00000046
[  215.216186][    C0] RAX: 0000000000000000 RBX: 0000000000000235 RCX: 0000000000000000
[  215.216187][    C0] RDX: 0000000000000235 RSI: 0000000000000000 RDI: ffff88821e3f3828
[  215.216188][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff88821e3f3800
[  215.216188][    C0] R10: 0000000000000001 R11: ffff88821e3f2f80 R12: 0000000000000000
[  215.216189][    C0] R13: ffff88821e3f2f80 R14: ffff888237c286c0 R15: ffff88821e3f3850
[  215.216190][    C0] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  215.216190][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  215.216191][    C0] CR2: 00007f11c7e0d1b0 CR3: 000000021e3ce000 CR4: 00000000003406f0
[  215.216191][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  215.216192][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  215.216192][    C0] Call Trace:
[  215.216193][    C0]  lock_acquire+0x93/0x130
[  215.216193][    C0]  ? lru_cache_add+0x91/0x250
[  215.216194][    C0]  lru_cache_add+0xc0/0x250
[  215.216194][    C0]  ? lru_cache_add+0x91/0x250
[  215.216195][    C0]  ? page_add_new_anon_rmap+0xde/0x190
[  215.216195][    C0]  wp_page_copy+0x245/0x710
[  215.216196][    C0]  do_wp_page+0x94/0x570
[  215.216196][    C0]  handle_mm_fault+0x79c/0xe60
[  215.216197][    C0]  do_page_fault+0x2ad/0x59f
[  215.216197][    C0]  page_fault+0x39/0x40
[  215.216198][    C0] RIP: 0033:0x7f11c7e182d7
[  215.216199][    C0] Code: 14 c6 48 83 c2 10 eb 9c 49 8b 04 24 48 85 c0 0f 84 84 00 00 00 41 f6 84 24 1e 03 00 00 20 75 79 49 8b 54 24 60 48 85 d2 74 04 <48> 01 42 08 49 8b 54 24 58 48 85 d2 74 04 48 01 42 08 49 8b 54 24
[  215.216200][    C0] RSP: 002b:00007ffcb70dd680 EFLAGS: 00010202
[  215.216201][    C0] RAX: 00007f11c7d4c000 RBX: 0000000000000032 RCX: 0000000000000029
[  215.216202][    C0] RDX: 00007f11c7e0d1a8 RSI: 00007f11c7e0f100 RDI: 000000006fffffff
[  215.216202][    C0] RBP: 00007ffcb70dd7e0 R08: 000000006ffffdff R09: 000000006ffffeff
[  215.216203][    C0] R10: 000000006fffff41 R11: 000000006ffffe35 R12: 00007f11c7e0f0c0
[  215.216204][    C0] R13: 00007ffcb70dd868 R14: 0000000070000022 R15: 00000000effffef5
[  215.217113][  T217] Kernel panic - not syncing: hung_task: blocked tasks
[  215.477680][  T217] Kernel Offset: disabled
[  215.481994][  T217] Rebooting in 86400 seconds..