./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3767481716 <...> Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts. execve("./syz-executor3767481716", ["./syz-executor3767481716"], 0x7ffdb262a3b0 /* 10 vars */) = 0 brk(NULL) = 0x55556add6000 brk(0x55556add6d40) = 0x55556add6d40 arch_prctl(ARCH_SET_FS, 0x55556add63c0) = 0 set_tid_address(0x55556add6690) = 5082 set_robust_list(0x55556add66a0, 24) = 0 rseq(0x55556add6ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3767481716", 4096) = 28 getrandom("\x8d\xd7\xba\xe8\x9c\xb2\x09\xd6", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556add6d40 brk(0x55556adf7d40) = 0x55556adf7d40 brk(0x55556adf8000) = 0x55556adf8000 mprotect(0x7f291943f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5082 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [ 78.585809][ T29] audit: type=1400 audit(1716521631.493:87): avc: denied { execmem } for pid=5082 comm="syz-executor376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "5082", 4) = 4 close(3) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5083 attached [pid 5083] set_robust_list(0x55556add66a0, 24 [pid 5082] <... clone resumed>, child_tidptr=0x55556add6690) = 5083 [pid 5083] <... set_robust_list resumed>) = 0 [pid 5083] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setsid() = 1 [pid 5083] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5083] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5083] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5083] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5083] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5083] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5083] unshare(CLONE_NEWNS) = 0 [pid 5083] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5083] unshare(CLONE_NEWIPC) = 0 [ 78.686775][ T29] audit: type=1400 audit(1716521631.593:88): avc: denied { mounton } for pid=5083 comm="syz-executor376" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 78.711536][ T29] audit: type=1400 audit(1716521631.593:89): avc: denied { mount } for pid=5083 comm="syz-executor376" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [pid 5083] unshare(CLONE_NEWCGROUP) = 0 [pid 5083] unshare(CLONE_NEWUTS) = 0 [pid 5083] unshare(CLONE_SYSVSEM) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "16777216", 8) = 8 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "536870912", 9) = 9 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1024", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "8192", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1024", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1024", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5083] close(3) = 0 [ 78.734139][ T29] audit: type=1400 audit(1716521631.643:90): avc: denied { mounton } for pid=5083 comm="syz-executor376" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [pid 5083] getpid() = 1 [pid 5083] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5087] rseq(0x7f2919375fe0, 0x20, 0, 0x53053053 [pid 5086] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 5087] <... rseq resumed>) = 0 [pid 5087] set_robust_list(0x7f29193759a0, 24 [pid 5086] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... set_robust_list resumed>) = 0 [pid 5086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] futex(0x7f2919445328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... futex resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5086] futex(0x7f291944532c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5087] <... openat resumed>) = 3 [pid 5087] futex(0x7f291944532c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] futex(0x7f2919445328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... futex resumed>) = 0 [pid 5086] futex(0x7f2919445328, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... futex resumed>) = 0 [pid 5086] <... futex resumed>) = 1 [pid 5087] ioctl(3, NBD_SET_SIZE, 4294967040 [ 78.988768][ T29] audit: type=1400 audit(1716521631.903:93): avc: denied { read } for pid=5086 comm="syz-executor376" name="nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 79.013081][ T29] audit: type=1400 audit(1716521631.903:94): avc: denied { open } for pid=5086 comm="syz-executor376" path="/dev/nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5086] futex(0x7f291944532c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5086] futex(0x7f291944533c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f2919334000 [pid 5087] <... ioctl resumed>) = 0 [pid 5087] futex(0x7f291944532c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] mprotect(0x7f2919335000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... futex resumed>) = 0 [pid 5086] <... mprotect resumed>) = 0 [pid 5087] futex(0x7f2919445328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5086] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2919354990, parent_tid=0x7f2919354990, exit_signal=0, stack=0x7f2919334000, stack_size=0x20300, tls=0x7f29193546c0}./strace-static-x86_64: Process 5088 attached => {parent_tid=[4]}, 88) = 4 [pid 5088] rseq(0x7f2919354fe0, 0x20, 0, 0x53053053) = 0 [pid 5088] set_robust_list(0x7f29193549a0, 24) = 0 [ 79.037518][ T29] audit: type=1400 audit(1716521631.913:95): avc: denied { ioctl } for pid=5086 comm="syz-executor376" path="/dev/nbd0" dev="devtmpfs" ino=664 ioctlcmd=0xab02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5088] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] futex(0x7f2919445338, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] futex(0x7f2919445338, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = 0 [pid 5086] <... futex resumed>) = 1 [pid 5088] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5086] futex(0x7f291944533c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... socketpair resumed>[4, 5]) = 0 [pid 5088] futex(0x7f291944533c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5086] <... futex resumed>) = 0 [pid 5088] futex(0x7f2919445338, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] futex(0x7f2919445328, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5086] futex(0x7f291944532c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5087] <... futex resumed>) = 0 [pid 5087] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 5087] futex(0x7f291944532c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] futex(0x7f2919445328, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... futex resumed>) = 0 [pid 5086] futex(0x7f2919445328, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5087] <... futex resumed>) = 0 [pid 5086] futex(0x7f291944532c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5087] ioctl(3, NBD_DO_IT [pid 5086] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 79.228486][ T5087] nbd0: detected capacity change from 0 to 8388607 [pid 5086] close(3) = 0 [pid 5086] close(4) = 0 [pid 5086] close(5) = 0 [pid 5086] close(6) = -1 EBADF (Bad file descriptor) [pid 5086] close(7) = -1 EBADF (Bad file descriptor) [pid 5086] close(8) = -1 EBADF (Bad file descriptor) [pid 5086] close(9) = -1 EBADF (Bad file descriptor) [pid 5086] close(10) = -1 EBADF (Bad file descriptor) [pid 5086] close(11) = -1 EBADF (Bad file descriptor) [pid 5086] close(12) = -1 EBADF (Bad file descriptor) [pid 5086] close(13) = -1 EBADF (Bad file descriptor) [pid 5086] close(14) = -1 EBADF (Bad file descriptor) [pid 5086] close(15) = -1 EBADF (Bad file descriptor) [pid 5086] close(16) = -1 EBADF (Bad file descriptor) [pid 5086] close(17) = -1 EBADF (Bad file descriptor) [pid 5086] close(18) = -1 EBADF (Bad file descriptor) [pid 5086] close(19) = -1 EBADF (Bad file descriptor) [pid 5086] close(20) = -1 EBADF (Bad file descriptor) [pid 5086] close(21) = -1 EBADF (Bad file descriptor) [pid 5086] close(22) = -1 EBADF (Bad file descriptor) [pid 5086] close(23) = -1 EBADF (Bad file descriptor) [pid 5086] close(24) = -1 EBADF (Bad file descriptor) [pid 5086] close(25) = -1 EBADF (Bad file descriptor) [pid 5086] close(26) = -1 EBADF (Bad file descriptor) [pid 5086] close(27) = -1 EBADF (Bad file descriptor) [pid 5086] close(28) = -1 EBADF (Bad file descriptor) [pid 5086] close(29) = -1 EBADF (Bad file descriptor) [pid 5086] write(1, "write to /proc/sys/net/core/bpf_jit_kallsyms failed: No such file or directory\nwrite to /proc/sys/ne"..., 156write to /proc/sys/net/core/bpf_jit_kallsyms failed: No such file or directory write to /proc/sys/net/core/bpf_jit_harden failed: No such file or directory ) = 156 [pid 5086] exit_group(0 [pid 5088] <... futex resumed>) = ? [pid 5086] <... exit_group resumed>) = ? [pid 5088] +++ exited with 0 +++ [ 79.500072][ T4478] block nbd0: Receive control failed (result -104) [pid 5083] kill(-2, SIGKILL) = 0 [pid 5083] kill(2, SIGKILL) = 0 [pid 5083] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5083] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5083] getdents64(3, 0x55556add8740 /* 2 entries */, 32768) = 48 [pid 5083] getdents64(3, 0x55556add8740 /* 0 entries */, 32768) = 0 [pid 5083] close(3) = 0 [ 87.300488][ T25] cfg80211: failed to load regulatory.db [ 109.699731][ T57] block nbd0: Possible stuck request ffff888020848000: control (read@0,4096B). Runtime 30 seconds [ 139.779153][ T57] block nbd0: Possible stuck request ffff888020848000: control (read@0,4096B). Runtime 60 seconds [ 140.328523][ T4534] udevd[4534]: worker [5084] /devices/virtual/block/nbd0 is taking a long time [ 169.858684][ T57] block nbd0: Possible stuck request ffff888020848000: control (read@0,4096B). Runtime 90 seconds [ 199.938647][ T57] block nbd0: Possible stuck request ffff888020848000: control (read@0,4096B). Runtime 120 seconds [ 230.018601][ T57] block nbd0: Possible stuck request ffff888020848000: control (read@0,4096B). Runtime 150 seconds [ 242.179639][ T30] INFO: task syz-executor376:5087 blocked for more than 143 seconds. [ 242.187830][ T30] Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 242.195102][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 242.204202][ T30] task:syz-executor376 state:D stack:27952 pid:5087 tgid:5086 ppid:5083 flags:0x00004006 [ 242.214472][ T30] Call Trace: [ 242.217759][ T30] [ 242.220740][ T30] __schedule+0xf15/0x5d00 [ 242.225212][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 242.230459][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 242.235679][ T30] ? __pfx___schedule+0x10/0x10 [ 242.240579][ T30] ? schedule+0x298/0x350 [ 242.244939][ T30] ? __pfx_lock_release+0x10/0x10 [ 242.250005][ T30] ? __mutex_lock+0x5b3/0x9c0 [ 242.254701][ T30] ? __mutex_trylock_common+0x78/0x250 [ 242.260235][ T30] schedule+0xe7/0x350 [ 242.264323][ T30] schedule_preempt_disabled+0x13/0x30 [ 242.269826][ T30] __mutex_lock+0x5b8/0x9c0 [ 242.274350][ T30] ? bdev_release+0x166/0x710 [ 242.279079][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 242.284120][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 242.289180][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 242.294396][ T30] ? bdev_release+0x166/0x710 [ 242.299118][ T30] bdev_release+0x166/0x710 [ 242.303639][ T30] ? task_work_run+0x126/0x250 [ 242.308489][ T30] ? evm_file_release+0xd6/0x1d0 [ 242.313454][ T30] ? __pfx_blkdev_release+0x10/0x10 [ 242.318728][ T30] blkdev_release+0x15/0x20 [ 242.323261][ T30] __fput+0x408/0xbb0 [ 242.327266][ T30] task_work_run+0x14e/0x250 [ 242.331921][ T30] ? __pfx_task_work_run+0x10/0x10 [ 242.337056][ T30] ? __pfx_task_work_add+0x10/0x10 [ 242.342225][ T30] ? __pfx_blkdev_ioctl+0x10/0x10 [ 242.347276][ T30] ? selinux_file_ioctl+0xb4/0x270 [ 242.352429][ T30] ptrace_notify+0x10e/0x130 [ 242.357035][ T30] syscall_exit_to_user_mode_prepare+0x126/0x260 [ 242.363405][ T30] syscall_exit_to_user_mode+0x11/0x2a0 [ 242.369011][ T30] do_syscall_64+0xdc/0x260 [ 242.373516][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.379459][ T30] RIP: 0033:0x7f29193c51a9 [ 242.383886][ T30] RSP: 002b:00007f2919375218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.392338][ T30] RAX: 0000000000000000 RBX: 00007f2919445328 RCX: 00007f29193c51a9 [ 242.400382][ T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 242.408404][ T30] RBP: 00007f2919445320 R08: 0000000000000000 R09: 0000000000000000 [ 242.416419][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f291944532c [ 242.424541][ T30] R13: 00007f29194123b4 R14: 64626e2f7665642f R15: 00000000ffffff00 [ 242.432664][ T30] [ 242.435719][ T30] [ 242.435719][ T30] Showing all locks held in the system: [ 242.443953][ T30] 1 lock held by khungtaskd/30: [ 242.449297][ T30] #0: ffffffff8dbb1760 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 242.459510][ T30] 2 locks held by getty/4836: [ 242.464209][ T30] #0: ffff88802b0890a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 242.474180][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 242.484362][ T30] 1 lock held by udevd/5084: [ 242.489017][ T30] #0: ffff8880207164c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x43c/0xe90 [ 242.498398][ T30] 1 lock held by syz-executor376/5087: [ 242.503841][ T30] #0: ffff8880207164c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x166/0x710 [ 242.513495][ T30] [ 242.515827][ T30] ============================================= [ 242.515827][ T30] [ 242.524291][ T30] NMI backtrace for cpu 1 [ 242.528629][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 242.538071][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 242.548120][ T30] Call Trace: [ 242.551415][ T30] [ 242.554339][ T30] dump_stack_lvl+0x116/0x1f0 [ 242.559030][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 242.563982][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 242.569972][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 242.575954][ T30] watchdog+0xf86/0x1240 [ 242.580203][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.584880][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 242.590087][ T30] ? __kthread_parkme+0x148/0x220 [ 242.595115][ T30] ? __pfx_watchdog+0x10/0x10 [ 242.599791][ T30] kthread+0x2c1/0x3a0 [ 242.603862][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 242.609068][ T30] ? __pfx_kthread+0x10/0x10 [ 242.613660][ T30] ret_from_fork+0x45/0x80 [ 242.618085][ T30] ? __pfx_kthread+0x10/0x10 [ 242.622680][ T30] ret_from_fork_asm+0x1a/0x30 [ 242.627457][ T30] [ 242.630594][ T30] Sending NMI from CPU 1 to CPUs 0: [ 242.635832][ C0] NMI backtrace for cpu 0 [ 242.635843][ C0] CPU: 0 PID: 2490 Comm: kworker/u8:9 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 242.635865][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 242.635877][ C0] Workqueue: events_unbound toggle_allocation_gate [ 242.635908][ C0] RIP: 0010:hlock_class+0xb/0x130 [ 242.635934][ C0] Code: eb e8 7e 00 48 8b 3c 24 eb 81 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 b8 00 00 00 00 00 fc ff df 53 <48> 89 fb 48 83 c7 20 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 [ 242.635952][ C0] RSP: 0018:ffffc9000958f7d0 EFLAGS: 00000002 [ 242.635968][ C0] RAX: dffffc0000000000 RBX: ffff88802a1da9d0 RCX: 0000000000000002 [ 242.635982][ C0] RDX: dffffc0000000000 RSI: ffff88802a1da9d0 RDI: ffff88802a1da9d0 [ 242.635996][ C0] RBP: ffffc9000958f918 R08: 0000000000000000 R09: fffffbfff284e250 [ 242.636010][ C0] R10: ffffffff94271287 R11: 0000000000000006 R12: ffff88802a1d9e00 [ 242.636023][ C0] R13: 0000000000000004 R14: 0000000000000002 R15: 1ffff920012b1f02 [ 242.636037][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 242.636058][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.636072][ C0] CR2: 00005610bf217600 CR3: 000000000d97a000 CR4: 00000000003506f0 [ 242.636086][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 242.636098][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 242.636111][ C0] Call Trace: [ 242.636118][ C0] [ 242.636124][ C0] ? show_regs+0x8c/0xa0 [ 242.636151][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 242.636172][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 242.636197][ C0] ? nmi_handle+0x1a9/0x5c0 [ 242.636224][ C0] ? hlock_class+0xb/0x130 [ 242.636246][ C0] ? default_do_nmi+0x6a/0x160 [ 242.636269][ C0] ? exc_nmi+0x170/0x1e0 [ 242.636289][ C0] ? end_repeat_nmi+0xf/0x53 [ 242.636314][ C0] ? hlock_class+0xb/0x130 [ 242.636335][ C0] ? hlock_class+0xb/0x130 [ 242.636357][ C0] ? hlock_class+0xb/0x130 [ 242.636379][ C0] [ 242.636385][ C0] [ 242.636391][ C0] mark_lock+0xb5/0xc60 [ 242.636417][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 242.636438][ C0] ? __pfx_mark_lock+0x10/0x10 [ 242.636464][ C0] ? __page_table_check_pte_clear+0xb1/0x570 [ 242.636486][ C0] ? __pfx___page_table_check_pte_clear+0x10/0x10 [ 242.636509][ C0] ? __pte_offset_map_lock+0x156/0x300 [ 242.636532][ C0] ? rcu_is_watching+0x12/0xc0 [ 242.636552][ C0] mark_held_locks+0x9f/0xe0 [ 242.636578][ C0] ? kmalloc_node_track_caller_noprof+0xe4/0x440 [ 242.636610][ C0] lockdep_hardirqs_on_prepare+0x137/0x420 [ 242.636638][ C0] ? kmalloc_node_track_caller_noprof+0xe4/0x440 [ 242.636668][ C0] trace_hardirqs_on+0x36/0x40 [ 242.636697][ C0] __text_poke+0x8d5/0xca0 [ 242.636718][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 242.636745][ C0] ? __pfx___text_poke+0x10/0x10 [ 242.636766][ C0] ? kmalloc_node_track_caller_noprof+0xe4/0x440 [ 242.636797][ C0] text_poke_bp_batch+0x493/0x760 [ 242.636820][ C0] ? kmem_cache_alloc_bulk_noprof+0x198/0x940 [ 242.636850][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 242.636872][ C0] ? __jump_label_patch+0x1db/0x400 [ 242.636896][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 242.636923][ C0] text_poke_finish+0x30/0x40 [ 242.636945][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 242.636971][ C0] jump_label_update+0x1d7/0x400 [ 242.636997][ C0] static_key_enable_cpuslocked+0x1b7/0x270 [ 242.637024][ C0] static_key_enable+0x1a/0x20 [ 242.637048][ C0] toggle_allocation_gate+0xf8/0x250 [ 242.637075][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 242.637104][ C0] process_one_work+0x9fb/0x1b60 [ 242.637128][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 242.637155][ C0] ? __pfx_process_one_work+0x10/0x10 [ 242.637177][ C0] ? assign_work+0x1a0/0x250 [ 242.637204][ C0] worker_thread+0x6c8/0xf70 [ 242.637226][ C0] ? __kthread_parkme+0x148/0x220 [ 242.637250][ C0] ? __pfx_worker_thread+0x10/0x10 [ 242.637269][ C0] kthread+0x2c1/0x3a0 [ 242.637291][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 242.637315][ C0] ? __pfx_kthread+0x10/0x10 [ 242.637338][ C0] ret_from_fork+0x45/0x80 [ 242.637364][ C0] ? __pfx_kthread+0x10/0x10 [ 242.637386][ C0] ret_from_fork_asm+0x1a/0x30 [ 242.637417][ C0] [ 242.637835][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 243.062856][ T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 243.072320][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 243.082369][ T30] Call Trace: [ 243.085646][ T30] [ 243.088574][ T30] dump_stack_lvl+0x3d/0x1f0 [ 243.093174][ T30] panic+0x6f5/0x7a0 [ 243.097077][ T30] ? __pfx_panic+0x10/0x10 [ 243.101502][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 243.106875][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 243.112947][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 243.118321][ T30] ? watchdog+0xd3d/0x1240 [ 243.122841][ T30] ? watchdog+0xd30/0x1240 [ 243.127270][ T30] watchdog+0xd4e/0x1240 [ 243.131527][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.136219][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 243.141431][ T30] ? __kthread_parkme+0x148/0x220 [ 243.146462][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.151141][ T30] kthread+0x2c1/0x3a0 [ 243.155217][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 243.160421][ T30] ? __pfx_kthread+0x10/0x10 [ 243.165015][ T30] ret_from_fork+0x45/0x80 [ 243.169442][ T30] ? __pfx_kthread+0x10/0x10 [ 243.174035][ T30] ret_from_fork_asm+0x1a/0x30 [ 243.178814][ T30] [ 243.182152][ T30] Kernel Offset: disabled [ 243.186486][ T30] Rebooting in 86400 seconds..