./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3105114922 <...> Warning: Permanently added '10.128.0.35' (ED25519) to the list of known hosts. execve("./syz-executor3105114922", ["./syz-executor3105114922"], 0x7fffefba4300 /* 10 vars */) = 0 brk(NULL) = 0x5555602ec000 brk(0x5555602ecd00) = 0x5555602ecd00 arch_prctl(ARCH_SET_FS, 0x5555602ec380) = 0 set_tid_address(0x5555602ec650) = 5834 set_robust_list(0x5555602ec660, 24) = 0 rseq(0x5555602ecca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3105114922", 4096) = 28 getrandom("\x82\x5c\xeb\x50\x5a\xe6\xd1\x37", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555602ecd00 brk(0x55556030dd00) = 0x55556030dd00 brk(0x55556030e000) = 0x55556030e000 mprotect(0x7f47bd192000, 16384, PROT_READ) = 0 mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000 mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000 mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555602ec650) = 5835 ./strace-static-x86_64: Process 5835 attached [pid 5835] set_robust_list(0x5555602ec660, 24 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5836 attached [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] set_robust_list(0x5555602ec660, 24./strace-static-x86_64: Process 5837 attached [pid 5834] <... clone resumed>, child_tidptr=0x5555602ec650) = 5836 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... set_robust_list resumed>) = 0 [pid 5835] <... clone resumed>, child_tidptr=0x5555602ec650) = 5837 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5838 attached [pid 5837] set_robust_list(0x5555602ec660, 24 [pid 5838] set_robust_list(0x5555602ec660, 24 [pid 5837] <... set_robust_list resumed>) = 0 [pid 5838] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5839 attached [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] set_robust_list(0x5555602ec660, 24 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... clone resumed>, child_tidptr=0x5555602ec650) = 5839 ./strace-static-x86_64: Process 5840 attached [pid 5834] <... clone resumed>, child_tidptr=0x5555602ec650) = 5838 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5837] <... prctl resumed>) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] set_robust_list(0x5555602ec660, 24 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5838] <... clone resumed>, child_tidptr=0x5555602ec650) = 5840 [pid 5839] <... prctl resumed>) = 0 [pid 5837] setpgid(0, 0 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5837] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5841 attached [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] setpgid(0, 0 [pid 5834] <... clone resumed>, child_tidptr=0x5555602ec650) = 5841 [pid 5839] <... setpgid resumed>) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] set_robust_list(0x5555602ec660, 24 [pid 5840] <... prctl resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] setpgid(0, 0 [ 125.745078][ T29] audit: type=1400 audit(1739695163.795:88): avc: denied { execmem } for pid=5834 comm="syz-executor310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5842 attached [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] <... setpgid resumed>) = 0 [pid 5839] <... openat resumed>) = 3 [pid 5834] <... clone resumed>, child_tidptr=0x5555602ec650) = 5842 [pid 5842] set_robust_list(0x5555602ec660, 24 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] write(3, "1000", 4 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] write(3, "1000", 4 [pid 5837] <... write resumed>) = 4 [pid 5840] <... openat resumed>) = 3 [pid 5842] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] close(3 [pid 5840] write(3, "1000", 4 [pid 5839] <... write resumed>) = 4 [pid 5839] close(3) = 0 executing program ./strace-static-x86_64: Process 5843 attached [pid 5837] <... close resumed>) = 0 [pid 5839] write(1, "executing program\n", 18executing program ) = 18 ./strace-static-x86_64: Process 5844 attached [pid 5843] set_robust_list(0x5555602ec660, 24 [pid 5839] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5840] <... write resumed>) = 4 [pid 5837] write(1, "executing program\n", 18 [pid 5844] set_robust_list(0x5555602ec660, 24 [pid 5840] close(3 [pid 5837] <... write resumed>) = 18 [pid 5841] <... clone resumed>, child_tidptr=0x5555602ec650) = 5843 [pid 5840] <... close resumed>) = 0 [pid 5844] <... set_robust_list resumed>) = 0 executing program [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] <... clone resumed>, child_tidptr=0x5555602ec650) = 5844 [pid 5840] write(1, "executing program\n", 18 [pid 5837] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5840] <... write resumed>) = 18 [pid 5839] <... openat resumed>) = 3 [pid 5837] <... openat resumed>) = 3 [pid 5840] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5837] dup(3 [pid 5840] dup(3 [pid 5837] <... dup resumed>) = 4 [pid 5844] <... prctl resumed>) = 0 [pid 5840] <... dup resumed>) = 4 [pid 5837] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5844] setpgid(0, 0 [pid 5840] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5844] <... setpgid resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5844] write(3, "1000", 4) = 4 executing program [pid 5844] close(3) = 0 [pid 5844] write(1, "executing program\n", 18) = 18 [pid 5844] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5844] dup(3 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] dup(3 [pid 5844] <... dup resumed>) = 4 [pid 5843] <... prctl resumed>) = 0 [pid 5839] <... dup resumed>) = 4 [pid 5844] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5843] setpgid(0, 0 [pid 5839] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5843] <... setpgid resumed>) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5843] write(3, "1000", 4) = 4 [pid 5843] close(3executing program ) = 0 [pid 5843] write(1, "executing program\n", 18) = 18 [pid 5843] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5843] dup(3) = 4 [ 125.821703][ T29] audit: type=1400 audit(1739695163.875:89): avc: denied { read write } for pid=5839 comm="syz-executor310" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 125.845527][ T29] audit: type=1400 audit(1739695163.875:90): avc: denied { open } for pid=5839 comm="syz-executor310" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [pid 5843] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5835] kill(-5837, SIGKILL) = 0 [pid 5835] kill(5837, SIGKILL) = 0 [pid 5838] kill(-5840, SIGKILL) = 0 [pid 5838] kill(5840, SIGKILL [pid 5836] kill(-5839, SIGKILL [pid 5838] <... kill resumed>) = 0 [pid 5836] <... kill resumed>) = 0 [pid 5836] kill(5839, SIGKILL) = 0 [pid 5841] kill(-5843, SIGKILL [pid 5842] kill(-5844, SIGKILL [pid 5841] <... kill resumed>) = 0 [pid 5842] <... kill resumed>) = 0 [pid 5841] kill(5843, SIGKILL [pid 5842] kill(5844, SIGKILL [pid 5841] <... kill resumed>) = 0 [pid 5842] <... kill resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5836] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5835] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] <... openat resumed>) = 3 [pid 5838] newfstatat(3, "", [pid 5842] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5835] <... openat resumed>) = 3 [pid 5835] newfstatat(3, "", [pid 5841] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] <... openat resumed>) = 3 [pid 5838] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5836] <... openat resumed>) = 3 [pid 5841] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] newfstatat(3, "", [pid 5841] getdents64(3, [pid 5838] getdents64(3, [pid 5836] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5841] <... getdents64 resumed>0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5836] getdents64(3, [pid 5842] getdents64(3, [pid 5841] getdents64(3, [pid 5838] <... getdents64 resumed>0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5836] <... getdents64 resumed>0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(3, [pid 5842] <... getdents64 resumed>0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5841] <... getdents64 resumed>0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5838] getdents64(3, [pid 5836] getdents64(3, [pid 5838] <... getdents64 resumed>0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5841] close(3 [pid 5838] close(3 [pid 5836] <... getdents64 resumed>0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5842] getdents64(3, [pid 5841] <... close resumed>) = 0 [pid 5838] <... close resumed>) = 0 [pid 5836] close(3 [pid 5835] <... getdents64 resumed>0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5842] <... getdents64 resumed>0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5836] <... close resumed>) = 0 [pid 5835] getdents64(3, [pid 5842] close(3) = 0 [pid 5835] <... getdents64 resumed>0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5837] <... fallocate resumed>) = ? [pid 5837] +++ killed by SIGKILL +++ [pid 5835] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5837, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=8194 /* 81.94 s */} --- [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached , child_tidptr=0x5555602ec650) = 5851 [pid 5851] set_robust_list(0x5555602ec660, 24) = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 executing program [pid 5851] write(1, "executing program\n", 18) = 18 [pid 5851] openat(AT_FDCWD, "/dev/nullb0", O_RDWR|O_NONBLOCK|O_SYNC|O_LARGEFILE|O_NOATIME) = 3 [pid 5851] dup(3) = 4 [pid 5851] fallocate(4, FALLOC_FL_KEEP_SIZE|FALLOC_FL_ZERO_RANGE, 3072, 8796109807616 [pid 5835] kill(-5851, SIGKILL) = 0 [pid 5835] kill(5851, SIGKILL) = 0 [pid 5835] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x5555602ed6f0 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(3, 0x5555602ed6f0 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [ 286.678410][ T30] INFO: task syz-executor310:5839 blocked for more than 143 seconds. [ 286.686664][ T30] Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 286.696440][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.705825][ T30] task:syz-executor310 state:D stack:27280 pid:5839 tgid:5839 ppid:5836 task_flags:0x400040 flags:0x00004006 [ 286.718439][ T30] Call Trace: [ 286.722359][ T30] [ 286.725906][ T30] __schedule+0xf43/0x5890 [ 286.731038][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 286.759257][ T30] ? mark_lock+0xb5/0xc60 [ 286.763671][ T30] ? __pfx_mark_lock+0x10/0x10 [ 286.772807][ T30] ? __pfx___schedule+0x10/0x10 [ 286.777752][ T30] ? schedule+0x298/0x350 [ 286.782319][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.787808][ T30] ? lock_acquire+0x2f/0xb0 [ 286.792340][ T30] ? schedule+0x1fd/0x350 [ 286.796711][ T30] schedule+0xe7/0x350 [ 286.801552][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.807900][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 286.814394][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.821325][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.827126][ T30] ? lock_acquire+0x2f/0xb0 [ 286.832494][ T30] ? blkdev_fallocate+0x1da/0x390 [ 286.838288][ T30] down_write+0x1d8/0x200 [ 286.842659][ T30] ? __pfx_down_write+0x10/0x10 [ 286.847634][ T30] ? inode_security+0x101/0x130 [ 286.852588][ T30] blkdev_fallocate+0x1da/0x390 [ 286.857464][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 286.863625][ T30] vfs_fallocate+0x60d/0x10d0 [ 286.869109][ T30] ? __pfx_vfs_fallocate+0x10/0x10 [ 286.875041][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.881074][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.887038][ T30] __x64_sys_fallocate+0xd5/0x150 [ 286.892972][ T30] do_syscall_64+0xcd/0x250 [ 286.898182][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.926472][ T30] RIP: 0033:0x7f47bd11fb29 [ 286.931096][ T30] RSP: 002b:00007ffc2e3c21f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.939583][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f47bd11fb29 [ 286.948294][ T30] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 286.957115][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 286.965832][ T30] R10: 0000080001002000 R11: 0000000000000246 R12: 0000000000000001 [ 286.973921][ T30] R13: 00007ffc2e3c2418 R14: 00007ffc2e3c2220 R15: 00007ffc2e3c2210 [ 286.982561][ T30] [ 286.986622][ T30] INFO: task syz-executor310:5843 blocked for more than 143 seconds. [ 286.995684][ T30] Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 287.004015][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.013477][ T30] task:syz-executor310 state:D stack:27776 pid:5843 tgid:5843 ppid:5841 task_flags:0x400040 flags:0x00004006 [ 287.025486][ T30] Call Trace: [ 287.028841][ T30] [ 287.031779][ T30] __schedule+0xf43/0x5890 [ 287.036206][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.041478][ T30] ? mark_lock+0xb5/0xc60 [ 287.046657][ T30] ? __pfx_mark_lock+0x10/0x10 [ 287.052222][ T30] ? __pfx___schedule+0x10/0x10 [ 287.057815][ T30] ? schedule+0x298/0x350 [ 287.062951][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.068797][ T30] ? lock_acquire+0x2f/0xb0 [ 287.073996][ T30] ? schedule+0x1fd/0x350 [ 287.079092][ T30] schedule+0xe7/0x350 [ 287.083233][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.088766][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 287.094525][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.100796][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.106500][ T30] ? lock_acquire+0x2f/0xb0 [ 287.111793][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.117501][ T30] down_write+0x1d8/0x200 [ 287.122612][ T30] ? __pfx_down_write+0x10/0x10 [ 287.128162][ T30] ? inode_security+0x101/0x130 [ 287.133734][ T30] blkdev_fallocate+0x1da/0x390 [ 287.139376][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 287.145421][ T30] vfs_fallocate+0x60d/0x10d0 [ 287.150172][ T30] ? __pfx_vfs_fallocate+0x10/0x10 [ 287.155299][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.160538][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.165757][ T30] __x64_sys_fallocate+0xd5/0x150 [ 287.170847][ T30] do_syscall_64+0xcd/0x250 [ 287.175379][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.181941][ T30] RIP: 0033:0x7f47bd11fb29 [ 287.186386][ T30] RSP: 002b:00007ffc2e3c21f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.195608][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f47bd11fb29 [ 287.204322][ T30] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.213087][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.221813][ T30] R10: 0000080001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.230524][ T30] R13: 00007ffc2e3c2418 R14: 00007ffc2e3c2220 R15: 00007ffc2e3c2210 [ 287.239243][ T30] [ 287.242338][ T30] INFO: task syz-executor310:5844 blocked for more than 143 seconds. [ 287.252709][ T30] Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 287.260443][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.269194][ T30] task:syz-executor310 state:D stack:27664 pid:5844 tgid:5844 ppid:5842 task_flags:0x400040 flags:0x00004006 [ 287.281215][ T30] Call Trace: [ 287.284508][ T30] [ 287.287451][ T30] __schedule+0xf43/0x5890 [ 287.291964][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 287.297816][ T30] ? mark_lock+0xb5/0xc60 [ 287.302197][ T30] ? __pfx_mark_lock+0x10/0x10 [ 287.307005][ T30] ? __pfx___schedule+0x10/0x10 [ 287.311975][ T30] ? schedule+0x298/0x350 [ 287.316942][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.322072][ T30] ? lock_acquire+0x2f/0xb0 [ 287.327248][ T30] ? schedule+0x1fd/0x350 [ 287.332341][ T30] schedule+0xe7/0x350 [ 287.337048][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.342594][ T30] rwsem_down_write_slowpath+0x539/0x12a0 [ 287.348394][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.355205][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.361123][ T30] ? lock_acquire+0x2f/0xb0 [ 287.366344][ T30] ? blkdev_fallocate+0x1da/0x390 [ 287.371524][ T30] down_write+0x1d8/0x200 [ 287.375890][ T30] ? __pfx_down_write+0x10/0x10 [ 287.380826][ T30] ? inode_security+0x101/0x130 [ 287.385734][ T30] blkdev_fallocate+0x1da/0x390 [ 287.390684][ T30] ? __pfx_blkdev_fallocate+0x10/0x10 [ 287.396108][ T30] vfs_fallocate+0x60d/0x10d0 [ 287.400872][ T30] ? __pfx_vfs_fallocate+0x10/0x10 [ 287.406835][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.412819][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.418126][ T30] __x64_sys_fallocate+0xd5/0x150 [ 287.423908][ T30] do_syscall_64+0xcd/0x250 [ 287.429273][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.435913][ T30] RIP: 0033:0x7f47bd11fb29 [ 287.441075][ T30] RSP: 002b:00007ffc2e3c21f8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 287.450245][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f47bd11fb29 [ 287.458919][ T30] RDX: 0000000000000c00 RSI: 0000000000000011 RDI: 0000000000000004 [ 287.466925][ T30] RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 [ 287.474980][ T30] R10: 0000080001002000 R11: 0000000000000246 R12: 0000000000000001 [ 287.483087][ T30] R13: 00007ffc2e3c2418 R14: 00007ffc2e3c2220 R15: 00007ffc2e3c2210 [ 287.491821][ T30] [ 287.494918][ T30] [ 287.494918][ T30] Showing all locks held in the system: [ 287.527901][ T30] 1 lock held by khungtaskd/30: [ 287.534692][ T30] #0: ffffffff8e1bcc80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 287.557345][ T30] 1 lock held by klogd/5182: [ 287.562875][ T30] 1 lock held by dhcpcd/5486: [ 287.567584][ T30] 2 locks held by getty/5575: [ 287.572312][ T30] #0: ffff8880364120a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 287.582761][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 287.592980][ T30] 1 lock held by syz-executor310/5839: [ 287.598505][ T30] #0: ffff888023ab0940 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.609249][ T30] 1 lock held by syz-executor310/5840: [ 287.614734][ T30] 1 lock held by syz-executor310/5843: [ 287.620257][ T30] #0: ffff888023ab0940 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.630999][ T30] 1 lock held by syz-executor310/5844: [ 287.636475][ T30] #0: ffff888023ab0940 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.647881][ T30] 1 lock held by syz-executor310/5851: [ 287.653375][ T30] #0: ffff888023ab0940 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x1da/0x390 [ 287.664807][ T30] [ 287.667159][ T30] ============================================= [ 287.667159][ T30] [ 287.675676][ T30] NMI backtrace for cpu 1 [ 287.675695][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 287.675714][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 287.675724][ T30] Call Trace: [ 287.675729][ T30] [ 287.675737][ T30] dump_stack_lvl+0x116/0x1f0 [ 287.675762][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 287.675787][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.675812][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 287.675838][ T30] watchdog+0xf62/0x12b0 [ 287.675869][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.675892][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.675911][ T30] ? __kthread_parkme+0x148/0x220 [ 287.675930][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.675954][ T30] kthread+0x3af/0x750 [ 287.675976][ T30] ? __pfx_kthread+0x10/0x10 [ 287.675999][ T30] ? __pfx_kthread+0x10/0x10 [ 287.676020][ T30] ret_from_fork+0x45/0x80 [ 287.676043][ T30] ? __pfx_kthread+0x10/0x10 [ 287.676063][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.676093][ T30] [ 287.676098][ T30] Sending NMI from CPU 1 to CPUs 0: [ 287.788536][ C0] NMI backtrace for cpu 0 [ 287.788552][ C0] CPU: 0 UID: 0 PID: 5182 Comm: klogd Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 287.788567][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 287.788575][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xc/0x70 [ 287.788603][ C0] Code: cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 15 14 02 4a 7e <65> 8b 05 15 02 4a 7e a9 00 01 ff 00 48 8b 34 24 74 1d f6 c4 01 74 [ 287.788615][ C0] RSP: 0018:ffffc900039f77b0 EFLAGS: 00000202 [ 287.788627][ C0] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffffffff8228ac30 [ 287.788634][ C0] RDX: ffff888079234880 RSI: 0000000000000008 RDI: 0000000000000006 [ 287.788642][ C0] RBP: ffff88801d549150 R08: 0000000000000006 R09: 0000000000000008 [ 287.788650][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001 [ 287.788657][ C0] R13: 0000000000000003 R14: ffff88801d54914c R15: dffffc0000000000 [ 287.788665][ C0] FS: 00007ff02f315500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 287.788680][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.788688][ C0] CR2: 0000555cbdfccb38 CR3: 00000000795f0000 CR4: 00000000003526f0 [ 287.788696][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.788703][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.788710][ C0] Call Trace: [ 287.788715][ C0] [ 287.788720][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 287.788741][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.788758][ C0] ? nmi_handle+0x1ac/0x5d0 [ 287.788776][ C0] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 287.788794][ C0] ? default_do_nmi+0x6a/0x160 [ 287.788811][ C0] ? exc_nmi+0x170/0x1e0 [ 287.788827][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.788846][ C0] ? __page_table_check_zero+0x130/0x360 [ 287.788862][ C0] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 287.788880][ C0] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 287.788897][ C0] ? __sanitizer_cov_trace_pc+0xc/0x70 [ 287.788915][ C0] [ 287.788918][ C0] [ 287.788922][ C0] __page_table_check_zero+0x13e/0x360 [ 287.788942][ C0] free_frozen_pages+0x6c2/0xfb0 [ 287.788958][ C0] qlist_free_all+0x4e/0x120 [ 287.788978][ C0] kasan_quarantine_reduce+0x195/0x1e0 [ 287.788997][ C0] __kasan_slab_alloc+0x69/0x90 [ 287.789010][ C0] kmem_cache_alloc_node_noprof+0x223/0x3c0 [ 287.789023][ C0] ? __alloc_skb+0x2b1/0x380 [ 287.789039][ C0] __alloc_skb+0x2b1/0x380 [ 287.789052][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 287.789067][ C0] ? find_held_lock+0x2d/0x110 [ 287.789083][ C0] alloc_skb_with_frags+0xe4/0x850 [ 287.789100][ C0] ? __pfx_lock_release+0x10/0x10 [ 287.789116][ C0] ? trace_lock_acquire+0x14e/0x1f0 [ 287.789131][ C0] sock_alloc_send_pskb+0x7f1/0x980 [ 287.789148][ C0] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 287.789161][ C0] ? selinux_socket_getpeersec_dgram+0x1a5/0x370 [ 287.789179][ C0] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 287.789197][ C0] unix_dgram_sendmsg+0x45e/0x18c0 [ 287.789217][ C0] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 287.789236][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 287.789251][ C0] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.789270][ C0] __sys_sendto+0x488/0x4f0 [ 287.789285][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 287.789300][ C0] ? rcu_is_watching+0x12/0xc0 [ 287.789318][ C0] ? xfd_validate_state+0x5d/0x180 [ 287.789335][ C0] ? rcu_is_watching+0x12/0xc0 [ 287.789348][ C0] __x64_sys_sendto+0xe0/0x1c0 [ 287.789362][ C0] ? do_syscall_64+0x91/0x250 [ 287.789375][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.789388][ C0] do_syscall_64+0xcd/0x250 [ 287.789401][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.789416][ C0] RIP: 0033:0x7ff02f4779b5 [ 287.789426][ C0] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.789437][ C0] RSP: 002b:00007ffe8ecc0d28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.789449][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff02f4779b5 [ 287.789456][ C0] RDX: 0000000000000049 RSI: 000055e52fa07fa0 RDI: 0000000000000003 [ 287.789464][ C0] RBP: 000055e52fa022c0 R08: 0000000000000000 R09: 0000000000000000 [ 287.789471][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.789478][ C0] R13: 00007ff02f605212 R14: 00007ffe8ecc0e28 R15: 0000000000000000 [ 287.789490][ C0] [ 287.790185][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 288.236280][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0 [ 288.246774][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 288.256821][ T30] Call Trace: [ 288.260095][ T30] [ 288.263021][ T30] dump_stack_lvl+0x3d/0x1f0 [ 288.267624][ T30] panic+0x71d/0x800 [ 288.271536][ T30] ? __pfx_panic+0x10/0x10 [ 288.275964][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.281335][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 288.287310][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 288.292686][ T30] ? watchdog+0xdcc/0x12b0 [ 288.297097][ T30] ? watchdog+0xdbf/0x12b0 [ 288.301514][ T30] watchdog+0xddd/0x12b0 [ 288.305759][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.310431][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 288.315624][ T30] ? __kthread_parkme+0x148/0x220 [ 288.320655][ T30] ? __pfx_watchdog+0x10/0x10 [ 288.325337][ T30] kthread+0x3af/0x750 [ 288.329397][ T30] ? __pfx_kthread+0x10/0x10 [ 288.333981][ T30] ? __pfx_kthread+0x10/0x10 [ 288.338567][ T30] ret_from_fork+0x45/0x80 [ 288.343000][ T30] ? __pfx_kthread+0x10/0x10 [ 288.347592][ T30] ret_from_fork_asm+0x1a/0x30 [ 288.352367][ T30] [ 288.355592][ T30] Kernel Offset: disabled [ 288.359901][ T30] Rebooting in 86400 seconds..