Warning: Permanently added '10.128.10.22' (ED25519) to the list of known hosts.
2025/03/16 12:42:43 ignoring optional flag "sandboxArg"="0"
2025/03/16 12:42:43 parsed 1 programs
[ 48.131774][ T30] audit: type=1400 audit(1742128964.088:122): avc: denied { unlink } for pid=1883 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 48.185234][ T1883] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 48.640172][ T30] audit: type=1401 audit(1742128964.588:123): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2025/03/16 12:42:45 executed programs: 0
[ 49.670922][ T30] audit: type=1400 audit(1742128965.618:124): avc: denied { read } for pid=2419 comm="syz.4.19" name="msr" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 49.693268][ T30] audit: type=1400 audit(1742128965.618:125): avc: denied { open } for pid=2419 comm="syz.4.19" path="/dev/cpu/0/msr" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 49.745160][ T30] audit: type=1400 audit(1742128965.678:126): avc: denied { execute } for pid=2419 comm="syz.4.19" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B64202097F5479741C2D8F05571E62BA56C940BB607175CFB0421E4C4B1A21CFF433B94510DB67D9CEC430BCFEBE49A52E52C8203202864656C6574656429 dev="hugetlbfs" ino=3634 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
2025/03/16 12:42:50 executed programs: 81
2025/03/16 12:42:55 executed programs: 214
2025/03/16 12:43:00 executed programs: 386
2025/03/16 12:43:05 executed programs: 548
2025/03/16 12:43:10 executed programs: 676
2025/03/16 12:43:15 executed programs: 823
2025/03/16 12:43:20 executed programs: 981
2025/03/16 12:43:25 executed programs: 1151
2025/03/16 12:43:30 executed programs: 1320
2025/03/16 12:43:35 executed programs: 1459
2025/03/16 12:43:40 executed programs: 1624
2025/03/16 12:43:45 executed programs: 1782
2025/03/16 12:43:51 executed programs: 1941
2025/03/16 12:43:56 executed programs: 2145
2025/03/16 12:44:01 executed programs: 2369
2025/03/16 12:44:06 executed programs: 2536
2025/03/16 12:44:11 executed programs: 2711
2025/03/16 12:44:16 executed programs: 2837
2025/03/16 12:44:21 executed programs: 3018
2025/03/16 12:44:26 executed programs: 3196
2025/03/16 12:44:31 executed programs: 3330
2025/03/16 12:44:46 executed programs: 3499
2025/03/16 12:44:51 executed programs: 3710
2025/03/16 12:44:56 executed programs: 3919
2025/03/16 12:45:01 executed programs: 4121
[ 187.045617][T31254] modprobe (31254) used greatest stack depth: 12176 bytes left
2025/03/16 12:45:06 executed programs: 4344
2025/03/16 12:45:11 executed programs: 4603
2025/03/16 12:45:16 executed programs: 4861
2025/03/16 12:45:21 executed programs: 5116
2025/03/16 12:45:26 executed programs: 5372
[ 210.961620][ T31] INFO: task syz.0.200:5103 blocked for more than 143 seconds.
[ 210.969200][ T31] Not tainted 6.14.0-rc6-syzkaller #0
[ 210.975185][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 210.983966][ T31] task:syz.0.200 state:D stack:13360 pid:5103 tgid:5103 ppid:2413 task_flags:0x400040 flags:0x00000004
[ 210.995886][ T31] Call Trace:
[ 210.999139][ T31]
[ 211.002120][ T31] __schedule+0x525/0xb40
[ 211.006523][ T31] schedule+0x25/0x110
[ 211.010647][ T31] io_schedule+0x41/0x60
[ 211.014902][ T31] folio_wait_bit_common+0x136/0x380
[ 211.020152][ T31] ? __pfx_wake_page_function+0x10/0x10
[ 211.025706][ T31] __filemap_get_folio+0x1be/0x340
[ 211.030812][ T31] hugetlb_fault+0x7e0/0xc10
[ 211.035432][ T31] handle_mm_fault+0x351/0x360
[ 211.040281][ T31] exc_page_fault+0x256/0x6e0
[ 211.044979][ T31] asm_exc_page_fault+0x26/0x30
[ 211.049844][ T31] RIP: 0033:0x7fe0bef87208
[ 211.054298][ T31] RSP: 002b:00007ffe788332f8 EFLAGS: 00010246
[ 211.060402][ T31] RAX: 0000000020000640 RBX: 0000000000000004 RCX: 006b6e696c766564
[ 211.068539][ T31] RDX: 0000000000000008 RSI: 006b6e696c766564 RDI: 0000000020000640
[ 211.076520][ T31] RBP: 00007fe0bf177a80 R08: 00007fe0bee3a000 R09: 0000000000000001
[ 211.084501][ T31] R10: 0000000000000001 R11: 0000000000000009 R12: 000000000000e664
[ 211.092469][ T31] R13: 00007ffe78833400 R14: 0000000000000032 R15: fffffffffffffffe
[ 211.100430][ T31]
[ 211.107641][ T31] INFO: task syz.0.200:5105 blocked for more than 143 seconds.
[ 211.115186][ T31] Not tainted 6.14.0-rc6-syzkaller #0
[ 211.121041][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 211.129704][ T31] task:syz.0.200 state:D stack:13784 pid:5105 tgid:5103 ppid:2413 task_flags:0x400140 flags:0x00004006
[ 211.141592][ T31] Call Trace:
[ 211.144847][ T31]
[ 211.147754][ T31] __schedule+0x525/0xb40
[ 211.152069][ T31] schedule+0x25/0x110
[ 211.156113][ T31] schedule_preempt_disabled+0x13/0x30
[ 211.161549][ T31] __mutex_lock+0x5e3/0xa90
[ 211.166017][ T31] ? hugetlb_wp+0x85a/0xcf0
[ 211.170488][ T31] ? hugetlb_wp+0x85a/0xcf0
[ 211.174970][ T31] hugetlb_wp+0x85a/0xcf0
[ 211.179272][ T31] hugetlb_fault+0xa98/0xc10
[ 211.183849][ T31] handle_mm_fault+0x351/0x360
[ 211.188580][ T31] exc_page_fault+0x161/0x6e0
[ 211.193233][ T31] asm_exc_page_fault+0x26/0x30
[ 211.198050][ T31] RIP: 0010:rep_movs_alternative+0x33/0x70
[ 211.203829][ T31] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[ 211.223406][ T31] RSP: 0018:ffffc9000266bde0 EFLAGS: 00050246
[ 211.229430][ T31] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
[ 211.237390][ T31] RDX: 000000002002def0 RSI: ffffc9000266be10 RDI: 000000002002dee8
[ 211.245347][ T31] RBP: 000000002002dee8 R08: 0000000000080000 R09: 0000000000000000
[ 211.253294][ T31] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc9000266be10
[ 211.261243][ T31] R13: 0000000000018ff8 R14: 0000000020019680 R15: 0000000000000000
[ 211.269197][ T31] _copy_to_user+0x56/0x70
[ 211.273598][ T31] msr_read+0x68/0xe0
[ 211.277553][ T31] vfs_read+0xe0/0x380
[ 211.281600][ T31] ? fdget_pos+0x166/0x1b0
[ 211.285990][ T31] ksys_read+0x6f/0xf0
[ 211.290025][ T31] do_syscall_64+0x6d/0x170
[ 211.294510][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 211.300371][ T31] RIP: 0033:0x7fe0befbdff9
[ 211.304767][ T31] RSP: 002b:00007fe0bea39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 211.313159][ T31] RAX: ffffffffffffffda RBX: 00007fe0bf175f80 RCX: 00007fe0befbdff9
[ 211.321099][ T31] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[ 211.329056][ T31] RBP: 00007fe0bf030296 R08: 0000000000000000 R09: 0000000000000000
[ 211.337007][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 211.344965][ T31] R13: 0000000000000000 R14: 00007fe0bf175f80 R15: 00007ffe78833198
[ 211.352922][ T31]
[ 211.357364][ T31] INFO: task syz.3.207:5139 blocked for more than 143 seconds.
[ 211.364898][ T31] Not tainted 6.14.0-rc6-syzkaller #0
[ 211.370754][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 211.379420][ T31] task:syz.3.207 state:D stack:14304 pid:5139 tgid:5138 ppid:2423 task_flags:0x400140 flags:0x00004004
[ 211.391289][ T31] Call Trace:
[ 211.394560][ T31]
[ 211.397467][ T31] __schedule+0x525/0xb40
[ 211.401775][ T31] schedule+0x25/0x110
[ 211.405809][ T31] schedule_preempt_disabled+0x13/0x30
[ 211.411243][ T31] __mutex_lock+0x5e3/0xa90
[ 211.415749][ T31] ? hugetlb_fault+0xc2/0xc10
[ 211.420396][ T31] ? hugetlb_fault+0xc2/0xc10
[ 211.425220][ T31] hugetlb_fault+0xc2/0xc10
[ 211.429695][ T31] handle_mm_fault+0x351/0x360
[ 211.434442][ T31] exc_page_fault+0x161/0x6e0
[ 211.439084][ T31] asm_exc_page_fault+0x26/0x30
[ 211.443918][ T31] RIP: 0010:rep_movs_alternative+0x33/0x70
[ 211.449694][ T31] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[ 211.469278][ T31] RSP: 0018:ffffc9000257fde0 EFLAGS: 00050246
[ 211.475338][ T31] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
[ 211.483285][ T31] RDX: 00000000200225d0 RSI: ffffc9000257fe10 RDI: 00000000200225c8
[ 211.491223][ T31] RBP: 00000000200225c8 R08: 0000000000080000 R09: 0000000000000000
[ 211.499190][ T31] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc9000257fe10
[ 211.507149][ T31] R13: 0000000000018ff8 R14: 0000000020019680 R15: 0000000000000000
[ 211.515104][ T31] _copy_to_user+0x56/0x70
[ 211.519492][ T31] msr_read+0x68/0xe0
[ 211.523459][ T31] vfs_read+0xe0/0x380
[ 211.527495][ T31] ? fdget_pos+0x166/0x1b0
[ 211.531899][ T31] ksys_read+0x6f/0xf0
[ 211.535935][ T31] do_syscall_64+0x6d/0x170
[ 211.540402][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 211.546279][ T31] RIP: 0033:0x7f8cb113dff9
[ 211.550665][ T31] RSP: 002b:00007f8cb0bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 211.559048][ T31] RAX: ffffffffffffffda RBX: 00007f8cb12f5f80 RCX: 00007f8cb113dff9
[ 211.566998][ T31] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[ 211.574945][ T31] RBP: 00007f8cb11b0296 R08: 0000000000000000 R09: 0000000000000000
[ 211.582889][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 211.590835][ T31] R13: 0000000000000000 R14: 00007f8cb12f5f80 R15: 00007ffdc13700f8
[ 211.598801][ T31]
[ 211.604116][ T31] INFO: task syz.3.207:5145 blocked for more than 144 seconds.
[ 211.611664][ T31] Not tainted 6.14.0-rc6-syzkaller #0
[ 211.617527][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 211.626209][ T31] task:syz.3.207 state:D stack:13520 pid:5145 tgid:5138 ppid:2423 task_flags:0x400040 flags:0x00000004
[ 211.638089][ T31] Call Trace:
[ 211.641349][ T31]
[ 211.644282][ T31] __schedule+0x525/0xb40
[ 211.648585][ T31] schedule+0x25/0x110
[ 211.652655][ T31] schedule_preempt_disabled+0x13/0x30
[ 211.658079][ T31] __mutex_lock+0x5e3/0xa90
[ 211.662566][ T31] ? hugetlbfs_fallocate+0x205/0x680
[ 211.667817][ T31] ? hugetlbfs_fallocate+0x205/0x680
[ 211.673087][ T31] hugetlbfs_fallocate+0x205/0x680
[ 211.678170][ T31] vfs_fallocate+0x121/0x3b0
[ 211.682754][ T31] __x64_sys_fallocate+0x3e/0x80
[ 211.687692][ T31] do_syscall_64+0x6d/0x170
[ 211.692190][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 211.698056][ T31] RIP: 0033:0x7f8cb113dff9
[ 211.702456][ T31] RSP: 002b:00007f8cb0b9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 211.710834][ T31] RAX: ffffffffffffffda RBX: 00007f8cb12f6058 RCX: 00007f8cb113dff9
[ 211.718810][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 211.726777][ T31] RBP: 00007f8cb11b0296 R08: 0000000000000000 R09: 0000000000000000
[ 211.734755][ T31] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[ 211.742744][ T31] R13: 0000000000000000 R14: 00007f8cb12f6058 R15: 00007ffdc13700f8
[ 211.750694][ T31]
[ 211.757199][ T31] INFO: task syz.4.232:5252 blocked for more than 144 seconds.
[ 211.764853][ T31] Not tainted 6.14.0-rc6-syzkaller #0
[ 211.770846][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 211.779572][ T31] task:syz.4.232 state:D stack:13336 pid:5252 tgid:5246 ppid:1937 task_flags:0x400040 flags:0x00000004
[ 211.791509][ T31] Call Trace:
[ 211.794762][ T31]
[ 211.797664][ T31] __schedule+0x525/0xb40
[ 211.802026][ T31] schedule+0x25/0x110
[ 211.806083][ T31] schedule_preempt_disabled+0x13/0x30
[ 211.811525][ T31] __mutex_lock+0x5e3/0xa90
[ 211.815996][ T31] ? hugetlbfs_fallocate+0x205/0x680
[ 211.821244][ T31] ? hugetlbfs_fallocate+0x205/0x680
[ 211.826502][ T31] hugetlbfs_fallocate+0x205/0x680
[ 211.831587][ T31] vfs_fallocate+0x121/0x3b0
[ 211.836142][ T31] __x64_sys_fallocate+0x3e/0x80
[ 211.841043][ T31] do_syscall_64+0x6d/0x170
[ 211.845521][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 211.851384][ T31] RIP: 0033:0x7ff2627adff9
[ 211.855783][ T31] RSP: 002b:00007ff262208038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 211.864315][ T31] RAX: ffffffffffffffda RBX: 00007ff262966058 RCX: 00007ff2627adff9
[ 211.872268][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 211.880212][ T31] RBP: 00007ff262820296 R08: 0000000000000000 R09: 0000000000000000
[ 211.888174][ T31] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000
[ 211.896127][ T31] R13: 0000000000000000 R14: 00007ff262966058 R15: 00007ffc42e12b68
[ 211.904088][ T31]
[ 211.909733][ T31]
[ 211.909733][ T31] Showing all locks held in the system:
[ 211.917570][ T31] 1 lock held by khungtaskd/31:
[ 211.922544][ T31] #0: ffffffff8277c700 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x36/0x120
[ 211.932388][ T31] 2 locks held by getty/841:
[ 211.936946][ T31] #0: ffff8881056ff8a0 (&tty->ldisc_sem){....}-{0:0}, at: tty_ldisc_ref_wait+0x23/0x60
[ 211.946651][ T31] #1: ffffc90001c6f2f0 (&ldata->atomic_read_lock){....}-{3:3}, at: n_tty_read+0x54b/0x6a0
[ 211.956632][ T31] 3 locks held by syz.0.200/5103:
[ 211.961644][ T31] #0: ffff8881097d3368 (&vma->vm_lock->lock){....}-{3:3}, at: lock_vma_under_rcu+0x86/0x1d0
[ 211.971786][ T31] #1: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0xc2/0xc10
[ 211.982362][ T31] #2: ffff8881013a00e8 (&resv_map->rw_sema){....}-{3:3}, at: hugetlb_fault+0xca/0xc10
[ 211.991981][ T31] 2 locks held by syz.0.200/5105:
[ 211.996975][ T31] #0: ffff88810bb90b20 (&mm->mmap_lock){....}-{3:3}, at: lock_mm_and_find_vma+0x26/0x270
[ 212.006859][ T31] #1: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_wp+0x85a/0xcf0
[ 212.017252][ T31] 2 locks held by syz.3.207/5139:
[ 212.022253][ T31] #0: ffff8881013ab020 (&mm->mmap_lock){....}-{3:3}, at: lock_mm_and_find_vma+0x26/0x270
[ 212.032132][ T31] #1: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0xc2/0xc10
[ 212.042712][ T31] 3 locks held by syz.3.207/5145:
[ 212.047698][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.057400][ T31] #1: ffff88810a7557c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.068508][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.079687][ T31] 3 locks held by syz.4.232/5252:
[ 212.084711][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.094326][ T31] #1: ffff88810a755c48 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.105243][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.116428][ T31] 3 locks held by syz.3.940/9688:
[ 212.121422][ T31] #0: ffff8881102bf9f0 (&vma->vm_lock->lock){....}-{3:3}, at: lock_vma_under_rcu+0x86/0x1d0
[ 212.131565][ T31] #1: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0xc2/0xc10
[ 212.142144][ T31] #2: ffff88810d3b8ce8 (&resv_map->rw_sema){....}-{3:3}, at: hugetlb_fault+0xca/0xc10
[ 212.151764][ T31] 2 locks held by syz.3.940/9689:
[ 212.156760][ T31] #0: ffff88810faa3020 (&mm->mmap_lock){....}-{3:3}, at: lock_mm_and_find_vma+0x26/0x270
[ 212.166663][ T31] #1: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_wp+0x85a/0xcf0
[ 212.177060][ T31] 3 locks held by syz.0.980/9857:
[ 212.182053][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.191672][ T31] #1: ffff88810dbddc48 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.202610][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.213788][ T31] 3 locks held by syz.4.983/9868:
[ 212.218782][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.228421][ T31] #1: ffff88810dbde9c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.239355][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.250542][ T31] 3 locks held by syz.1.1499/13388:
[ 212.255727][ T31] #0: ffff8881102bf6f8 (&vma->vm_lock->lock){....}-{3:3}, at: lock_vma_under_rcu+0x86/0x1d0
[ 212.265858][ T31] #1: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0xc2/0xc10
[ 212.276437][ T31] #2: ffff8881037fe6e8 (&resv_map->rw_sema){....}-{3:3}, at: hugetlb_fault+0xca/0xc10
[ 212.286112][ T31] 2 locks held by syz.1.1499/13389:
[ 212.291279][ T31] #0: ffff888108bf5e60 (&mm->mmap_lock){....}-{3:3}, at: lock_mm_and_find_vma+0x26/0x270
[ 212.301278][ T31] #1: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_wp+0x85a/0xcf0
[ 212.311874][ T31] 3 locks held by syz.4.1501/13397:
[ 212.317057][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.327176][ T31] #1: ffff888102abfbc8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.338104][ T31] #2: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.349296][ T31] 3 locks held by syz.1.2365/18301:
[ 212.354476][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.364176][ T31] #1: ffff88810e7f0148 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.375098][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.386302][ T31] 3 locks held by syz.3.2364/18314:
[ 212.391465][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.401082][ T31] #1: ffff88810e7f0a48 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.412015][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.423200][ T31] 3 locks held by syz.4.2367/18319:
[ 212.428365][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.438023][ T31] #1: ffff88810e7f0ec8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.448980][ T31] #2: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.460196][ T31] 2 locks held by syz.2.2401/18458:
[ 212.465383][ T31] #0: ffff88810bb926e0 (&mm->mmap_lock){....}-{3:3}, at: lock_mm_and_find_vma+0x98/0x270
[ 212.475258][ T31] #1: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlb_fault+0xc2/0xc10
[ 212.485827][ T31] 3 locks held by syz.2.2401/18464:
[ 212.490994][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.500635][ T31] #1: ffff88810e7f2548 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.511568][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.522748][ T31] 3 locks held by syz.4.2824/21597:
[ 212.527918][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.537538][ T31] #1: ffff88810d3bc148 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.548452][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.559625][ T31] 3 locks held by syz.1.2827/21616:
[ 212.564811][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.574434][ T31] #1: ffff88810d3bc5c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.585360][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.596541][ T31] 3 locks held by syz.0.2829/21624:
[ 212.601720][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.611327][ T31] #1: ffff88810d3bd7c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.622243][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.633433][ T31] 3 locks held by syz.3.2833/21658:
[ 212.638602][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.648247][ T31] #1: ffff88810d3bdc48 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.659176][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.670360][ T31] 3 locks held by syz.4.3408/25431:
[ 212.675530][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.685149][ T31] #1: ffff88810bf70148 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.696084][ T31] #2: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.707270][ T31] 3 locks held by syz.3.3411/25429:
[ 212.712440][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.722049][ T31] #1: ffff88810bf705c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.732971][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.744167][ T31] 3 locks held by syz.2.3414/25448:
[ 212.749333][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.758960][ T31] #1: ffff88810bf71348 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.769888][ T31] #2: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.781082][ T31] 3 locks held by syz.1.3417/25456:
[ 212.786259][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.795873][ T31] #1: ffff88810bf720c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.806800][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.817988][ T31] 3 locks held by syz.0.3503/25724:
[ 212.823163][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.832786][ T31] #1: ffff88810bf732c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.843708][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.854897][ T31] 3 locks held by syz.3.3625/28422:
[ 212.860064][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.869678][ T31] #1: ffff88810fb64a48 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.880596][ T31] #2: ffff888101acc458 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.891765][ T31] 3 locks held by syz.2.3636/28461:
[ 212.896917][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.906536][ T31] #1: ffff88810fb669c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.917452][ T31] #2: ffff888101acc8d8 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.928628][ T31] 3 locks held by syz.4.5426/3993:
[ 212.933726][ T31] #0: ffff8881026ba3f8 (sb_writers#14){....}-{0:0}, at: __x64_sys_fallocate+0x3e/0x80
[ 212.943335][ T31] #1: ffff88811ec1c5c8 (&sb->s_type->i_mutex_key#15){....}-{3:3}, at: hugetlbfs_fallocate+0xb9/0x680
[ 212.954260][ T31] #2: ffff888101acc848 (&hugetlb_fault_mutex_table[i]){....}-{3:3}, at: hugetlbfs_fallocate+0x205/0x680
[ 212.965450][ T31]
[ 212.967745][ T31] =============================================
[ 212.967745][ T31]
[ 212.976140][ T31] NMI backtrace for cpu 1
[ 212.976146][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc6-syzkaller #0
[ 212.976150][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 212.976153][ T31] Call Trace:
[ 212.976154][ T31]
[ 212.976156][ T31] dump_stack_lvl+0x5a/0x90
[ 212.976163][ T31] nmi_cpu_backtrace+0xd4/0x110
[ 212.976168][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 212.976173][ T31] nmi_trigger_cpumask_backtrace+0xd5/0x140
[ 212.976177][ T31] watchdog+0x645/0x680
[ 212.976180][ T31] ? watchdog+0x1e8/0x680
[ 212.976182][ T31] ? __pfx_watchdog+0x10/0x10
[ 212.976186][ T31] kthread+0xf7/0x200
[ 212.976190][ T31] ? __pfx_kthread+0x10/0x10
[ 212.976192][ T31] ret_from_fork+0x2c/0x50
[ 212.976198][ T31] ? __pfx_kthread+0x10/0x10
[ 212.976199][ T31] ret_from_fork_asm+0x1a/0x30
[ 212.976205][ T31]
[ 212.976206][ T31] Sending NMI from CPU 1 to CPUs 0:
[ 213.069876][ C0] NMI backtrace for cpu 0
[ 213.069879][ C0] CPU: 0 UID: 0 PID: 25767 Comm: udevd Not tainted 6.14.0-rc6-syzkaller #0
[ 213.069883][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 213.069884][ C0] RIP: 0010:check_preemption_disabled+0x2c/0xe0
[ 213.069890][ C0] Code: 55 53 48 83 ec 08 65 8b 1d 7d 1a 19 7e 65 f7 05 6e 1a 19 7e ff ff ff 7f 74 0f 48 83 c4 08 89 d8 5b 5d 41 5c c3 cc cc cc cc 9c <58> f6 c4 02 74 ea 65 4c 8b 25 46 1a 19 7e 48 89 fd 41 f6 44 24 2f
[ 213.069892][ C0] RSP: 0018:ffffc900047fbc20 EFLAGS: 00000046
[ 213.069895][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
[ 213.069896][ C0] RDX: 0000000000000001 RSI: ffffffff8252e958 RDI: ffffffff824f54e2
[ 213.069898][ C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 213.069899][ C0] R10: ffff888110440618 R11: 0000000000000002 R12: 0000000000000000
[ 213.069900][ C0] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000046
[ 213.069901][ C0] FS: 00007f7b4a36c280(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[ 213.069906][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 213.069907][ C0] CR2: 0000555558c604a8 CR3: 000000010d326000 CR4: 00000000003506f0
[ 213.069908][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 213.069909][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 213.069911][ C0] Call Trace:
[ 213.069912][ C0]
[ 213.069913][ C0] ? nmi_cpu_backtrace+0x8f/0x110
[ 213.069918][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20
[ 213.069923][ C0] ? nmi_handle+0xb8/0x1a0
[ 213.069927][ C0] ? check_preemption_disabled+0x2c/0xe0
[ 213.069929][ C0] ? default_do_nmi+0x69/0x2f0
[ 213.069933][ C0] ? exc_nmi+0x152/0x190
[ 213.069935][ C0] ? end_repeat_nmi+0xf/0x53
[ 213.069939][ C0] ? check_preemption_disabled+0x2c/0xe0
[ 213.069941][ C0] ? check_preemption_disabled+0x2c/0xe0
[ 213.069942][ C0] ? check_preemption_disabled+0x2c/0xe0
[ 213.069944][ C0]
[ 213.069945][ C0]
[ 213.069946][ C0] lock_acquire+0x79/0x190
[ 213.069950][ C0] step_into+0x3ba/0x7b0
[ 213.069954][ C0] ? link_path_walk.part.0.constprop.0+0x218/0x390
[ 213.069958][ C0] link_path_walk.part.0.constprop.0+0x218/0x390
[ 213.069961][ C0] path_lookupat+0x39/0x1a0
[ 213.069964][ C0] filename_lookup+0xf4/0x200
[ 213.069968][ C0] do_readlinkat+0x75/0x180
[ 213.069971][ C0] __x64_sys_readlink+0x19/0x20
[ 213.069974][ C0] do_syscall_64+0x6d/0x170
[ 213.069976][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 213.069979][ C0] RIP: 0033:0x7f7b4a495d47
[ 213.069981][ C0] Code: 73 01 c3 48 8b 0d e1 90 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 59 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b1 90 0d 00 f7 d8 64 89 01 48
[ 213.069982][ C0] RSP: 002b:00007ffd7d37f428 EFLAGS: 00000246 ORIG_RAX: 0000000000000059
[ 213.069984][ C0] RAX: ffffffffffffffda RBX: 00007ffd7d37f4c8 RCX: 00007f7b4a495d47
[ 213.069986][ C0] RDX: 0000000000000400 RSI: 00007ffd7d37f8c8 RDI: 00007ffd7d37fde8
[ 213.069987][ C0] RBP: 00007ffd7d37fde8 R08: 0000000000000000 R09: 00007ffd7d37f6a8
[ 213.069988][ C0] R10: 0000000000000100 R11: 0000000000000246 R12: 00007ffd7d37f8c8
[ 213.069989][ C0] R13: 000055ffc273b440 R14: 000055ffc2760db0 R15: 00007ffd7d37fdf6
[ 213.069991][ C0]
[ 213.070872][ T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 213.398581][ T31] Kernel Offset: disabled
[ 213.402865][ T31] Rebooting in 86400 seconds..