./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1912895746 <...> Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. execve("./syz-executor1912895746", ["./syz-executor1912895746"], 0x7ffecaaefac0 /* 10 vars */) = 0 brk(NULL) = 0x555581854000 brk(0x555581854d40) = 0x555581854d40 arch_prctl(ARCH_SET_FS, 0x5555818543c0) = 0 set_tid_address(0x555581854690) = 5876 set_robust_list(0x5555818546a0, 24) = 0 rseq(0x555581854ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1912895746", 4096) = 28 getrandom("\x5b\x24\x20\xad\x4b\x0b\x97\x4b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555581854d40 brk(0x555581875d40) = 0x555581875d40 brk(0x555581876000) = 0x555581876000 mprotect(0x7f79d6061000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5877 attached [pid 5877] set_robust_list(0x5555818546a0, 24 [pid 5876] <... clone resumed>, child_tidptr=0x555581854690) = 5877 [pid 5877] <... set_robust_list resumed>) = 0 [pid 5876] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "10000000000", 11) = 11 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "20", 2) = 2 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "0", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "0", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "100", 3) = 3 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "0", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "0", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "7 4 1 3", 7) = 7 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "0", 1) = 1 [pid 5876] close(3) = 0 [pid 5876] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "5877", 4) = 4 [pid 5876] close(3) = 0 [pid 5876] kill(5877, SIGKILL) = 0 [pid 5877] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5877, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5878 attached , child_tidptr=0x555581854690) = 5878 [pid 5878] set_robust_list(0x5555818546a0, 24) = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5878] getppid() = 0 [pid 5878] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5878] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5878] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5878] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5878] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5878] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5878] unshare(CLONE_NEWNS) = 0 [pid 5878] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5878] unshare(CLONE_NEWIPC) = 0 [pid 5878] unshare(CLONE_NEWCGROUP) = 0 [pid 5878] unshare(CLONE_NEWUTS) = 0 [pid 5878] unshare(CLONE_SYSVSEM) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "16777216", 8) = 8 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "536870912", 9) = 9 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1024", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "8192", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1024", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1024", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5878] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5878] close(3) = 0 [pid 5878] getpid() = 1 [pid 5878] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5882] rseq(0x7f79d5f94fe0, 0x20, 0, 0x53053053 [pid 5881] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 5881] rt_sigprocmask(SIG_SETMASK, [], [pid 5882] <... rseq resumed>) = 0 [pid 5881] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5882] set_robust_list(0x7f79d5f949a0, 24 [pid 5881] futex(0x7f79d606d1a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5882] <... set_robust_list resumed>) = 0 [pid 5882] rt_sigprocmask(SIG_SETMASK, [], [pid 5881] <... futex resumed>) = 0 [pid 5882] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5881] futex(0x7f79d606d1ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5882] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5882] futex(0x7f79d606d1ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5881] <... futex resumed>) = 0 [pid 5882] ioctl(3, NBD_SET_SIZE_BLOCKS, 2147483648 [pid 5881] futex(0x7f79d606d1a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5882] <... ioctl resumed>) = 0 [pid 5882] futex(0x7f79d606d1ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5881] <... futex resumed>) = 0 [pid 5881] futex(0x7f79d606d1ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5882] <... futex resumed>) = 0 [pid 5881] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5882] futex(0x7f79d606d1a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5881] futex(0x7f79d606d1a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5882] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5881] <... futex resumed>) = 0 [pid 5882] <... socketpair resumed>[4, 5]) = 0 [pid 5882] futex(0x7f79d606d1ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5881] futex(0x7f79d606d1ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5882] <... futex resumed>) = 0 [pid 5881] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5882] futex(0x7f79d606d1a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5881] futex(0x7f79d606d1a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5882] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5881] <... futex resumed>) = 0 [pid 5882] ioctl(3, NBD_SET_SOCK, 4 [pid 5881] futex(0x7f79d606d1ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5882] <... ioctl resumed>) = 0 [pid 5882] futex(0x7f79d606d1ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5881] <... futex resumed>) = 0 [pid 5881] futex(0x7f79d606d1a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5881] futex(0x7f79d606d1ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5882] ioctl(3, NBD_DO_IT [pid 5881] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 209.028207][ T5882] nbd0: detected capacity change from 0 to 4294967296 [pid 5881] close(3) = 0 [pid 5881] close(4) = 0 [pid 5881] close(5) = 0 [pid 5881] close(6) = -1 EBADF (Bad file descriptor) [pid 5881] close(7) = -1 EBADF (Bad file descriptor) [pid 5881] close(8) = -1 EBADF (Bad file descriptor) [pid 5881] close(9) = -1 EBADF (Bad file descriptor) [pid 5881] close(10) = -1 EBADF (Bad file descriptor) [pid 5881] close(11) = -1 EBADF (Bad file descriptor) [ 209.243256][ T5166] block nbd0: Receive control failed (result -104) [pid 5881] close(12) = -1 EBADF (Bad file descriptor) [pid 5881] close(13) = -1 EBADF (Bad file descriptor) [pid 5881] close(14) = -1 EBADF (Bad file descriptor) [pid 5881] close(15) = -1 EBADF (Bad file descriptor) [pid 5881] close(16) = -1 EBADF (Bad file descriptor) [pid 5881] close(17) = -1 EBADF (Bad file descriptor) [pid 5881] close(18) = -1 EBADF (Bad file descriptor) [pid 5881] close(19) = -1 EBADF (Bad file descriptor) [pid 5881] close(20) = -1 EBADF (Bad file descriptor) [pid 5881] close(21) = -1 EBADF (Bad file descriptor) [pid 5881] close(22) = -1 EBADF (Bad file descriptor) [pid 5881] close(23) = -1 EBADF (Bad file descriptor) [pid 5881] close(24) = -1 EBADF (Bad file descriptor) [pid 5881] close(25) = -1 EBADF (Bad file descriptor) [pid 5881] close(26) = -1 EBADF (Bad file descriptor) [pid 5881] close(27) = -1 EBADF (Bad file descriptor) [pid 5881] close(28) = -1 EBADF (Bad file descriptor) [pid 5881] close(29) = -1 EBADF (Bad file descriptor) [pid 5881] exit_group(0) = ? [pid 5878] kill(-2, SIGKILL) = 0 [pid 5878] kill(2, SIGKILL) = 0 [pid 5878] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5878] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5878] getdents64(3, 0x555581855730 /* 2 entries */, 32768) = 48 [pid 5878] getdents64(3, 0x555581855730 /* 0 entries */, 32768) = 0 [pid 5878] close(3) = 0 [ 239.528914][ T25] block nbd0: Possible stuck request ffff888025647000: control (read@0,4096B). Runtime 30 seconds [ 269.115180][ T5216] udevd[5216]: worker [5879] /devices/virtual/block/nbd0 is taking a long time [ 269.608783][ T25] block nbd0: Possible stuck request ffff888025647000: control (read@0,4096B). Runtime 60 seconds [ 299.688392][ T94] block nbd0: Possible stuck request ffff888025647000: control (read@0,4096B). Runtime 90 seconds [ 329.769068][ T25] block nbd0: Possible stuck request ffff888025647000: control (read@0,4096B). Runtime 120 seconds [ 359.848107][ T94] block nbd0: Possible stuck request ffff888025647000: control (read@0,4096B). Runtime 150 seconds [ 370.091719][ T31] INFO: task syz-executor191:5882 blocked for more than 143 seconds. [ 370.100036][ T31] Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 [ 370.107184][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 370.115944][ T31] task:syz-executor191 state:D stack:27080 pid:5882 tgid:5881 ppid:5878 task_flags:0x400140 flags:0x00004006 [ 370.128103][ T31] Call Trace: [ 370.131421][ T31] [ 370.134395][ T31] __schedule+0x16f5/0x4d00 [ 370.139032][ T31] ? __lock_acquire+0xab9/0xd20 [ 370.143945][ T31] ? schedule+0x165/0x360 [ 370.148372][ T31] ? __pfx___schedule+0x10/0x10 [ 370.153272][ T31] ? schedule+0x91/0x360 [ 370.157622][ T31] schedule+0x165/0x360 [ 370.161835][ T31] schedule_preempt_disabled+0x13/0x30 [ 370.167309][ T31] __mutex_lock+0x724/0xe80 [ 370.171958][ T31] ? __mutex_lock+0x51b/0xe80 [ 370.176848][ T31] ? bdev_release+0x1a9/0x650 [ 370.181733][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 370.186897][ T31] ? __asan_memset+0x22/0x50 [ 370.191594][ T31] ? __pfx___fsnotify_parent+0x10/0x10 [ 370.197188][ T31] ? do_raw_spin_lock+0x121/0x290 [ 370.202288][ T31] bdev_release+0x1a9/0x650 [ 370.206845][ T31] ? __pfx_blkdev_release+0x10/0x10 [ 370.212188][ T31] blkdev_release+0x15/0x20 [ 370.216721][ T31] __fput+0x44c/0xa70 [ 370.220801][ T31] task_work_run+0x1d1/0x260 [ 370.225433][ T31] ? __pfx_task_work_run+0x10/0x10 [ 370.230698][ T31] ? task_work_add+0x281/0x420 [ 370.235505][ T31] ptrace_notify+0x281/0x2c0 [ 370.240208][ T31] ? __pfx_ptrace_notify+0x10/0x10 [ 370.245364][ T31] ? __fput_deferred+0x215/0x390 [ 370.250494][ T31] ? __pfx___fput_deferred+0x10/0x10 [ 370.255833][ T31] ? __fget_files+0x2a/0x420 [ 370.260530][ T31] syscall_exit_work+0xc6/0x1d0 [ 370.265440][ T31] do_syscall_64+0x2ad/0x3b0 [ 370.270150][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 370.275400][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.281570][ T31] ? clear_bhb_loop+0x60/0xb0 [ 370.286282][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.292290][ T31] RIP: 0033:0x7f79d5fe0e99 [ 370.296841][ T31] RSP: 002b:00007f79d5f94218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.305377][ T31] RAX: 0000000000000000 RBX: 00007f79d606d1a8 RCX: 00007f79d5fe0e99 [ 370.313477][ T31] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 370.321540][ T31] RBP: 00007f79d606d1a0 R08: 0000000000000000 R09: 0000000000000000 [ 370.329675][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f79d6034684 [ 370.337725][ T31] R13: 64626e2f7665642f R14: 0000200000000040 R15: 0000000080000000 [ 370.345828][ T31] [ 370.349014][ T31] [ 370.349014][ T31] Showing all locks held in the system: [ 370.356952][ T31] 1 lock held by khungtaskd/31: [ 370.362012][ T31] #0: ffffffff8e13bf60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 370.372129][ T31] 2 locks held by getty/5611: [ 370.376834][ T31] #0: ffff8880339c80a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 370.386714][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 370.397009][ T31] 1 lock held by udevd/5879: [ 370.401678][ T31] #0: ffff88802558e358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30 [ 370.411088][ T31] 1 lock held by syz-executor191/5882: [ 370.416585][ T31] #0: ffff88802558e358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x1a9/0x650 [ 370.426404][ T31] [ 370.428874][ T31] ============================================= [ 370.428874][ T31] [ 370.437309][ T31] NMI backtrace for cpu 1 [ 370.437331][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 370.437349][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 370.437359][ T31] Call Trace: [ 370.437367][ T31] [ 370.437374][ T31] dump_stack_lvl+0x189/0x250 [ 370.437400][ T31] ? __wake_up_klogd+0xd9/0x110 [ 370.437423][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 370.437441][ T31] ? __pfx__printk+0x10/0x10 [ 370.437471][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 370.437492][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 370.437507][ T31] ? _printk+0xcf/0x120 [ 370.437531][ T31] ? __pfx__printk+0x10/0x10 [ 370.437553][ T31] ? debug_show_all_locks+0x2e/0x180 [ 370.437571][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 370.437597][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 370.437617][ T31] watchdog+0xfee/0x1030 [ 370.437639][ T31] ? watchdog+0x1de/0x1030 [ 370.437666][ T31] kthread+0x70e/0x8a0 [ 370.437688][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.437708][ T31] ? __pfx_kthread+0x10/0x10 [ 370.437728][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 370.437747][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 370.437765][ T31] ? __pfx_kthread+0x10/0x10 [ 370.437785][ T31] ret_from_fork+0x3fc/0x770 [ 370.437802][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 370.437821][ T31] ? __switch_to_asm+0x39/0x70 [ 370.437840][ T31] ? __switch_to_asm+0x33/0x70 [ 370.437864][ T31] ? __pfx_kthread+0x10/0x10 [ 370.437884][ T31] ret_from_fork_asm+0x1a/0x30 [ 370.437915][ T31] [ 370.594643][ T31] Sending NMI from CPU 1 to CPUs 0: [ 370.599945][ C0] NMI backtrace for cpu 0 [ 370.599965][ C0] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 370.599988][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 370.600000][ C0] Workqueue: events_unbound toggle_allocation_gate [ 370.600030][ C0] RIP: 0010:its_return_thunk+0x0/0x10 [ 370.600051][ C0] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 e9 2b 65 b8 f5 cc [ 370.600066][ C0] RSP: 0018:ffffc90000ac76d8 EFLAGS: 00000093 [ 370.600081][ C0] RAX: ffffffff81672ea2 RBX: 0000000000000282 RCX: ffff8881404d1e00 [ 370.600094][ C0] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000 [ 370.600105][ C0] RBP: ffffc90000ac7830 R08: 0000000000000003 R09: 0000000000000004 [ 370.600116][ C0] R10: dffffc0000000000 R11: fffff52000158ebc R12: ffffffff82195c5d [ 370.600129][ C0] R13: fffffffffffffeff R14: 0000000000000000 R15: ffffea0000086540 [ 370.600142][ C0] FS: 0000000000000000(0000) GS:ffff888125be7000(0000) knlGS:0000000000000000 [ 370.600157][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 370.600169][ C0] CR2: 000055f2e08ca660 CR3: 000000000df36000 CR4: 00000000003526f0 [ 370.600185][ C0] Call Trace: [ 370.600194][ C0] [ 370.600201][ C0] __text_poke+0x322/0xa10 [ 370.600230][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 370.600253][ C0] ? kmem_cache_alloc_node_noprof+0x8d/0x3c0 [ 370.600275][ C0] ? __pfx___text_poke+0x10/0x10 [ 370.600296][ C0] ? rcu_is_watching+0x15/0xb0 [ 370.600315][ C0] ? trace_contention_end+0x39/0x120 [ 370.600343][ C0] smp_text_poke_batch_finish+0xd0a/0x1100 [ 370.600371][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 370.600398][ C0] ? arch_jump_label_transform_queue+0x97/0x110 [ 370.600432][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 370.600460][ C0] static_key_enable_cpuslocked+0x128/0x250 [ 370.600485][ C0] static_key_enable+0x1a/0x20 [ 370.600507][ C0] toggle_allocation_gate+0xad/0x240 [ 370.600529][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 370.600553][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 370.600574][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 370.600597][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 370.600615][ C0] process_scheduled_works+0xae1/0x17b0 [ 370.600646][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 370.600673][ C0] worker_thread+0x8a0/0xda0 [ 370.600704][ C0] kthread+0x70e/0x8a0 [ 370.600729][ C0] ? __pfx_worker_thread+0x10/0x10 [ 370.600746][ C0] ? __pfx_kthread+0x10/0x10 [ 370.600769][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 370.600789][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 370.600811][ C0] ? __pfx_kthread+0x10/0x10 [ 370.600834][ C0] ret_from_fork+0x3fc/0x770 [ 370.600853][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 370.600872][ C0] ? __switch_to_asm+0x39/0x70 [ 370.600896][ C0] ? __switch_to_asm+0x33/0x70 [ 370.600918][ C0] ? __pfx_kthread+0x10/0x10 [ 370.600940][ C0] ret_from_fork_asm+0x1a/0x30 [ 370.600972][ C0] [ 370.601973][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 370.601994][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 370.602023][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 370.602038][ T31] Call Trace: [ 370.602049][ T31] [ 370.602060][ T31] dump_stack_lvl+0x99/0x250 [ 370.602093][ T31] ? __asan_memcpy+0x40/0x70 [ 370.602119][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 370.602148][ T31] ? __pfx__printk+0x10/0x10 [ 370.602196][ T31] panic+0x2db/0x790 [ 370.602232][ T31] ? __pfx_panic+0x10/0x10 [ 370.602258][ T31] ? __pfx_delay_tsc+0x10/0x10 [ 370.602284][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 370.602319][ T31] ? irq_work_queue+0xbc/0x140 [ 370.602363][ T31] watchdog+0x102d/0x1030 [ 370.602400][ T31] ? watchdog+0x1de/0x1030 [ 370.602444][ T31] kthread+0x70e/0x8a0 [ 370.602480][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.602512][ T31] ? __pfx_kthread+0x10/0x10 [ 370.602544][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 370.602575][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 370.602604][ T31] ? __pfx_kthread+0x10/0x10 [ 370.602637][ T31] ret_from_fork+0x3fc/0x770 [ 370.602665][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 370.602697][ T31] ? __switch_to_asm+0x39/0x70 [ 370.602727][ T31] ? __switch_to_asm+0x33/0x70 [ 370.602757][ T31] ? __pfx_kthread+0x10/0x10 [ 370.602790][ T31] ret_from_fork_asm+0x1a/0x30 [ 370.602849][ T31] [ 371.052206][ T31] Kernel Offset: disabled [ 371.056580][ T31] Rebooting in 86400 seconds..