./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor43493155

<...>
Warning: Permanently added '10.128.1.168' (ED25519) to the list of known hosts.
execve("./syz-executor43493155", ["./syz-executor43493155"], 0x7ffcdc450660 /* 10 vars */) = 0
brk(NULL)                               = 0x5555569d7000
brk(0x5555569d7d00)                     = 0x5555569d7d00
arch_prctl(ARCH_SET_FS, 0x5555569d7380) = 0
set_tid_address(0x5555569d7650)         = 5058
set_robust_list(0x5555569d7660, 24)     = 0
rseq(0x5555569d7ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor43493155", 4096) = 26
getrandom("\x29\xe5\x68\x5f\x7f\x8c\x59\xe0", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555569d7d00
brk(0x5555569f8d00)                     = 0x5555569f8d00
brk(0x5555569f9000)                     = 0x5555569f9000
mprotect(0x7f00960ba000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555569d7650) = 5059
./strace-static-x86_64: Process 5059 attached
[pid  5059] set_robust_list(0x5555569d7660, 24) = 0
[pid  5059] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5059] setsid()                    = 1
[pid  5059] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5059] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5059] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5059] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5059] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5059] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5059] unshare(CLONE_NEWNS)        = 0
[pid  5059] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5059] unshare(CLONE_NEWIPC)       = 0
[pid  5059] unshare(CLONE_NEWCGROUP)    = 0
[pid  5059] unshare(CLONE_NEWUTS)       = 0
[pid  5059] unshare(CLONE_SYSVSEM)      = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "16777216", 8)     = 8
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "536870912", 9)    = 9
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "1024", 4)         = 4
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "8192", 4)         = 4
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "1024", 4)         = 4
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "1024", 4)         = 4
[pid  5059] close(3)                    = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5059] close(3)                    = 0
[pid  5059] getpid()                    = 1
[pid  5059] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5059] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5059] unshare(CLONE_NEWNET)       = 0
[pid  5059] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5059] write(3, "0 65535", 7)      = 7
[pid  5059] close(3)                    = 0
[pid  5059] mkdir("/dev/binderfs", 0777) = 0
[pid  5059] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5059] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5059] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached
, child_tidptr=0x5555569d7650) = 2
[pid  5062] set_robust_list(0x5555569d7660, 24) = 0
[pid  5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5062] setpgid(0, 0)               = 0
[pid  5062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5062] write(3, "1000", 4)         = 4
[pid  5062] close(3)                    = 0
[pid  5062] openat(AT_FDCWD, "/dev/bus/usb/009/001", O_WRONLY|O_NOCTTY|O_TRUNC|O_SYNC) = 3
[pid  5062] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0
[pid  5062] openat(AT_FDCWD, "/sys/devices/platform/vhci_hcd.0/attach", O_WRONLY|O_CLOEXEC) = 6
[pid  5062] write(6, "0 4 0 4", 7)      = 7
[pid  5062] close(6)                    = 0
[   73.285006][ T5062] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   73.291654][ T5062] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   73.300456][ T5062] vhci_hcd vhci_hcd.0: Device attached
[   73.577838][    T8] vhci_hcd: vhci_device speed not set
[   73.647552][    T8] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[pid  5062] close(3 <unfinished ...>
[pid  5059] kill(-2, SIGKILL)           = 0
[pid  5059] kill(2, SIGKILL)            = 0
[pid  5059] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5059] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5059] getdents64(3, 0x5555569d86f0 /* 2 entries */, 32768) = 48
[pid  5059] getdents64(3, 0x5555569d86f0 /* 0 entries */, 32768) = 0
[pid  5059] close(3)                    = 0
[   86.829400][  T781] cfg80211: failed to load regulatory.db
[  286.507436][   T29] INFO: task kworker/0:0:8 blocked for more than 143 seconds.
[  286.515072][   T29]       Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
[  286.522716][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.531526][   T29] task:kworker/0:0     state:D stack:24664 pid:8     tgid:8     ppid:2      flags:0x00004000
[  286.541800][   T29] Workqueue: usb_hub_wq hub_event
[  286.546900][   T29] Call Trace:
[  286.550528][   T29]  <TASK>
[  286.553491][   T29]  __schedule+0x1961/0x4ab0
[  286.558200][   T29]  ? release_firmware_map_entry+0x190/0x190
[  286.564134][   T29]  ? __lock_acquire+0x1fd0/0x1fd0
[  286.569311][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[  286.575329][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.580629][   T29]  ? lockdep_hardirqs_on+0x98/0x140
[  286.585888][   T29]  ? schedule+0x8e/0x260
[  286.590226][   T29]  schedule+0x149/0x260
[  286.594417][   T29]  usb_kill_urb+0x1c9/0x300
[  286.598989][   T29]  ? usb_unlink_urb+0xa0/0xa0
[  286.603708][   T29]  ? wake_bit_function+0x220/0x220
[  286.608950][   T29]  usb_start_wait_urb+0x1b0/0x520
[  286.614018][   T29]  ? usb_api_blocking_completion+0xa0/0xa0
[  286.619909][   T29]  ? trace_kmalloc+0x1f/0xa0
[  286.624556][   T29]  usb_control_msg+0x2b1/0x4c0
[  286.629404][   T29]  ? usb_anchor_empty+0x40/0x40
[  286.634289][   T29]  hub_port_init+0xaa6/0x23a0
[  286.639057][   T29]  hub_event+0x2a3c/0x50a0
[  286.643541][   T29]  ? led_work+0x770/0x770
[  286.647997][   T29]  ? read_lock_is_recursive+0x20/0x20
[  286.653410][   T29]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[  286.659511][   T29]  ? print_irqtrace_events+0x220/0x220
[  286.665001][   T29]  ? process_scheduled_works+0x825/0x1420
[  286.670831][   T29]  process_scheduled_works+0x90f/0x1420
[  286.676436][   T29]  ? assign_work+0x3d0/0x3d0
[  286.681101][   T29]  ? assign_work+0x364/0x3d0
[  286.685727][   T29]  worker_thread+0xa5f/0x1000
[  286.690509][   T29]  kthread+0x2d3/0x370
[  286.694630][   T29]  ? pr_cont_work+0x5e0/0x5e0
[  286.699368][   T29]  ? kthread_blkcg+0xd0/0xd0
[  286.703986][   T29]  ret_from_fork+0x48/0x80
[  286.708522][   T29]  ? kthread_blkcg+0xd0/0xd0
[  286.713150][   T29]  ret_from_fork_asm+0x11/0x20
[  286.718030][   T29]  </TASK>
[  286.721131][   T29] INFO: task syz-executor434:5062 blocked for more than 143 seconds.
[  286.729279][   T29]       Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
[  286.736833][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.745581][   T29] task:syz-executor434 state:D stack:24920 pid:5062  tgid:5062  ppid:5059   flags:0x00004006
[  286.755849][   T29] Call Trace:
[  286.759180][   T29]  <TASK>
[  286.762134][   T29]  __schedule+0x1961/0x4ab0
[  286.766666][   T29]  ? release_firmware_map_entry+0x190/0x190
[  286.772666][   T29]  ? __lock_acquire+0x1fd0/0x1fd0
[  286.777778][   T29]  ? __mutex_trylock_common+0x91/0x2e0
[  286.783272][   T29]  ? schedule+0x8e/0x260
[  286.787585][   T29]  schedule+0x149/0x260
[  286.791786][   T29]  schedule_preempt_disabled+0x13/0x20
[  286.797318][   T29]  __mutex_lock+0x6a3/0xd60
[  286.801853][   T29]  ? __mutex_lock+0x526/0xd60
[  286.806544][   T29]  ? usbdev_release+0x7a/0x7d0
[  286.811423][   T29]  ? mutex_lock_nested+0x20/0x20
[  286.816388][   T29]  ? __fsnotify_parent+0x4d6/0x730
[  286.821592][   T29]  ? __fsnotify_update_child_dentry_flags+0x2a0/0x2a0
[  286.828465][   T29]  usbdev_release+0x7a/0x7d0
[  286.833072][   T29]  ? __lock_acquire+0x1fd0/0x1fd0
[  286.838157][   T29]  ? usbdev_open+0x7a0/0x7a0
[  286.842783][   T29]  __fput+0x3cc/0xa10
[  286.846780][   T29]  __x64_sys_close+0x7e/0x100
[  286.851540][   T29]  do_syscall_64+0x45/0x110
[  286.856095][   T29]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  286.862113][   T29] RIP: 0033:0x7f00960460e0
[  286.866550][   T29] RSP: 002b:00007fff7bcbf2f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[  286.875064][   T29] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f00960460e0
[  286.883146][   T29] RDX: 0000000000000007 RSI: 00007fff7bcbee30 RDI: 0000000000000003
[  286.891218][   T29] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.899242][   T29] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000f4240
[  286.907331][   T29] R13: 00007fff7bcbf5a8 R14: 0000000000000001 R15: 00007fff7bcbf340
[  286.915341][   T29]  </TASK>
[  286.918442][   T29] 
[  286.918442][   T29] Showing all locks held in the system:
[  286.926179][   T29] 5 locks held by kworker/0:0/8:
[  286.931197][   T29]  #0: ffff88814766cd38 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[  286.942651][   T29]  #1: ffffc900000d7d20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420
[  286.954616][   T29]  #2: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x50a0
[  286.963597][   T29]  #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x26a5/0x50a0
[  286.973621][   T29]  #4: ffff8881433fde68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x26d9/0x50a0
[  286.983371][   T29] 1 lock held by khungtaskd/29:
[  286.988306][   T29]  #0: ffffffff8d92d060 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  286.998265][   T29] 2 locks held by getty/4811:
[  287.002942][   T29]  #0: ffff88802a0c20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  287.012845][   T29]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b4/0x1e10
[  287.023028][   T29] 1 lock held by syz-executor434/5062:
[  287.028550][   T29]  #0: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x7a/0x7d0
[  287.037789][   T29] 
[  287.040128][   T29] =============================================
[  287.040128][   T29] 
[  287.048618][   T29] NMI backtrace for cpu 1
[  287.052958][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
[  287.062785][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.072849][   T29] Call Trace:
[  287.076139][   T29]  <TASK>
[  287.079084][   T29]  dump_stack_lvl+0x1e7/0x2d0
[  287.083784][   T29]  ? nf_tcp_handle_invalid+0x650/0x650
[  287.089267][   T29]  ? panic+0x850/0x850
[  287.093371][   T29]  ? vprintk_emit+0x607/0x720
[  287.098064][   T29]  ? printk_sprint+0x480/0x480
[  287.102849][   T29]  nmi_cpu_backtrace+0x498/0x4d0
[  287.107821][   T29]  ? nmi_trigger_cpumask_backtrace+0x310/0x310
[  287.113985][   T29]  ? _printk+0xd5/0x120
[  287.118158][   T29]  ? panic+0x850/0x850
[  287.122345][   T29]  ? __wake_up_klogd+0xcc/0x100
[  287.127237][   T29]  ? panic+0x850/0x850
[  287.131347][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  287.137439][   T29]  nmi_trigger_cpumask_backtrace+0x198/0x310
[  287.143443][   T29]  watchdog+0xfaf/0xff0
[  287.147646][   T29]  ? watchdog+0x1e9/0xff0
[  287.152007][   T29]  kthread+0x2d3/0x370
[  287.156092][   T29]  ? hungtask_pm_notify+0x90/0x90
[  287.161137][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.165737][   T29]  ret_from_fork+0x48/0x80
[  287.170162][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.174761][   T29]  ret_from_fork_asm+0x11/0x20
[  287.179552][   T29]  </TASK>
[  287.182749][   T29] Sending NMI from CPU 1 to CPUs 0:
[  287.188037][    C0] NMI backtrace for cpu 0
[  287.188048][    C0] CPU: 0 PID: 12 Comm: kworker/u4:1 Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
[  287.188068][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.188079][    C0] Workqueue:  0x0 (events_unbound)
[  287.188103][    C0] RIP: 0010:update_irq_load_avg+0xff/0xf50
[  287.188140][    C0] Code: 4d 8d af 00 0c 00 00 4c 89 eb 48 c1 eb 03 80 3c 33 00 74 12 4c 89 ef e8 bf 0c 82 00 48 be 00 00 00 00 00 fc ff df 49 8b 45 00 <49> 89 ee 49 29 c6 4c 89 7c 24 10 0f 88 83 00 00 00 31 ed 49 81 fe
[  287.188154][    C0] RSP: 0018:ffffc900001177b0 EFLAGS: 00000046
[  287.188168][    C0] RAX: 00000042ddbd6c00 RBX: 1ffff110173079e8 RCX: 1ffff11017307a17
[  287.188182][    C0] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: ffff8880b983cdc8
[  287.188194][    C0] RBP: 00000042ddbd8442 R08: ffffffff8f00c16f R09: 1ffffffff1e0182d
[  287.188207][    C0] R10: dffffc0000000000 R11: fffffbfff1e0182e R12: 00000042ddbd8442
[  287.188220][    C0] R13: ffff8880b983cf40 R14: 0000000000000000 R15: ffff8880b983c340
[  287.188233][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  287.188248][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.188260][    C0] CR2: 00005651c2174680 CR3: 000000000d730000 CR4: 00000000003506f0
[  287.188279][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.188290][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.188300][    C0] Call Trace:
[  287.188307][    C0]  <NMI>
[  287.188313][    C0]  ? nmi_cpu_backtrace+0x3be/0x4d0
[  287.188337][    C0]  ? read_lock_is_recursive+0x20/0x20
[  287.188361][    C0]  ? nmi_trigger_cpumask_backtrace+0x310/0x310
[  287.188384][    C0]  ? nmi_handle+0x2a/0x570
[  287.188416][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  287.188440][    C0]  ? nmi_handle+0x14c/0x570
[  287.188462][    C0]  ? nmi_handle+0x2a/0x570
[  287.188484][    C0]  ? update_irq_load_avg+0xff/0xf50
[  287.188508][    C0]  ? default_do_nmi+0x63/0x150
[  287.188531][    C0]  ? exc_nmi+0x121/0x210
[  287.188552][    C0]  ? end_repeat_nmi+0xf/0x2a
[  287.188583][    C0]  ? update_irq_load_avg+0xff/0xf50
[  287.188608][    C0]  ? update_irq_load_avg+0xff/0xf50
[  287.188634][    C0]  ? update_irq_load_avg+0xff/0xf50
[  287.188659][    C0]  </NMI>
[  287.188664][    C0]  <TASK>
[  287.188674][    C0]  update_blocked_averages+0x3f4/0x1750
[  287.188704][    C0]  ? sched_clock_cpu+0x76/0x490
[  287.188724][    C0]  ? rebalance_domains+0xac0/0xac0
[  287.188745][    C0]  ? local_clock+0x20/0x20
[  287.188762][    C0]  ? do_raw_spin_unlock+0x13b/0x8b0
[  287.188790][    C0]  ? newidle_balance+0x2a8/0x1080
[  287.188807][    C0]  newidle_balance+0x481/0x1080
[  287.188829][    C0]  ? rcu_is_watching+0x15/0xb0
[  287.188855][    C0]  ? newidle_balance+0x2a8/0x1080
[  287.188878][    C0]  ? update_misfit_status+0x7e0/0x7e0
[  287.188898][    C0]  ? enqueue_task_fair+0xbc0/0xbc0
[  287.188918][    C0]  pick_next_task_fair+0x27a/0xdd0
[  287.188941][    C0]  __schedule+0x7ce/0x4ab0
[  287.188977][    C0]  ? release_firmware_map_entry+0x190/0x190
[  287.188998][    C0]  ? schedule+0x8e/0x260
[  287.189018][    C0]  ? __lock_acquire+0x1fd0/0x1fd0
[  287.189039][    C0]  ? lockdep_hardirqs_on_prepare+0x43c/0x780
[  287.189063][    C0]  ? kthread_data+0x52/0xc0
[  287.189088][    C0]  ? schedule+0x8e/0x260
[  287.189107][    C0]  ? wq_worker_sleeping+0x66/0x240
[  287.189140][    C0]  ? schedule+0x8e/0x260
[  287.189159][    C0]  schedule+0x149/0x260
[  287.189180][    C0]  worker_thread+0xc26/0x1000
[  287.189215][    C0]  kthread+0x2d3/0x370
[  287.189232][    C0]  ? pr_cont_work+0x5e0/0x5e0
[  287.189252][    C0]  ? kthread_blkcg+0xd0/0xd0
[  287.189270][    C0]  ret_from_fork+0x48/0x80
[  287.189290][    C0]  ? kthread_blkcg+0xd0/0xd0
[  287.189307][    C0]  ret_from_fork_asm+0x11/0x20
[  287.189341][    C0]  </TASK>
[  287.189347][    C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.310 msecs
[  287.190096][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  287.570486][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
[  287.580296][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.590355][   T29] Call Trace:
[  287.593645][   T29]  <TASK>
[  287.596595][   T29]  dump_stack_lvl+0x1e7/0x2d0
[  287.601291][   T29]  ? nf_tcp_handle_invalid+0x650/0x650
[  287.606759][   T29]  ? panic+0x850/0x850
[  287.610845][   T29]  ? vscnprintf+0x5d/0x80
[  287.615182][   T29]  panic+0x349/0x850
[  287.619096][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x310
[  287.625264][   T29]  ? __memcpy_flushcache+0x2b0/0x2b0
[  287.630566][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  287.636647][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  287.642037][   T29]  ? nmi_trigger_cpumask_backtrace+0x244/0x310
[  287.648203][   T29]  ? nmi_trigger_cpumask_backtrace+0x2c7/0x310
[  287.654368][   T29]  ? nmi_trigger_cpumask_backtrace+0x2cc/0x310
[  287.660535][   T29]  watchdog+0xfee/0xff0
[  287.664713][   T29]  ? watchdog+0x1e9/0xff0
[  287.669064][   T29]  kthread+0x2d3/0x370
[  287.673144][   T29]  ? hungtask_pm_notify+0x90/0x90
[  287.678182][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.682776][   T29]  ret_from_fork+0x48/0x80
[  287.687205][   T29]  ? kthread_blkcg+0xd0/0xd0
[  287.691802][   T29]  ret_from_fork_asm+0x11/0x20
[  287.696608][   T29]  </TASK>
[  287.699881][   T29] Kernel Offset: disabled
[  287.704208][   T29] Rebooting in 86400 seconds..