./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1530913637 <...> [ 35.013924][ T4645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.041532][ T4645] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 42.382598][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 42.382608][ T26] audit: type=1400 audit(1680335719.768:73): avc: denied { transition } for pid=4859 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 42.412439][ T26] audit: type=1400 audit(1680335719.798:74): avc: denied { write } for pid=4859 comm="sh" path="pipe:[1907]" dev="pipefs" ino=1907 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts. execve("./syz-executor1530913637", ["./syz-executor1530913637"], 0x7fff24a8d820 /* 10 vars */) = 0 brk(NULL) = 0x555556b3d000 brk(0x555556b3dc40) = 0x555556b3dc40 arch_prctl(ARCH_SET_FS, 0x555556b3d300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556b3d5d0) = 5077 set_robust_list(0x555556b3d5e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f05bccbd5d0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f05bccbdca0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f05bccbd670, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05bccbdca0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1530913637", 4096) = 28 brk(0x555556b5ec40) = 0x555556b5ec40 brk(0x555556b5f000) = 0x555556b5f000 mprotect(0x7f05bcd7f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556b3d5d0) = 5078 ./strace-static-x86_64: Process 5078 attached [pid 5078] set_robust_list(0x555556b3d5e0, 24) = 0 [pid 5078] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] setsid() = 1 [pid 5078] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5078] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5078] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5078] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5078] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5078] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5078] unshare(CLONE_NEWNS) = 0 [pid 5078] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5078] unshare(CLONE_NEWIPC) = 0 [pid 5078] unshare(CLONE_NEWCGROUP) = 0 [pid 5078] unshare(CLONE_NEWUTS) = 0 [pid 5078] unshare(CLONE_SYSVSEM) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "16777216", 8) = 8 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "536870912", 9) = 9 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1024", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "8192", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1024", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1024", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5078] close(3) = 0 [pid 5078] getpid() = 1 [pid 5078] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5081] set_robust_list(0x7f05bccad9e0, 24) = 0 [pid 5081] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 5081] futex(0x7f05bcd854cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5080] futex(0x7f05bcd854c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f05bcd854cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 1 [pid 5081] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 5 [pid 5081] futex(0x7f05bcd854cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5080] futex(0x7f05bcd854c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f05bcd854cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 1 [ 52.056513][ T26] audit: type=1400 audit(1680335729.438:79): avc: denied { mounton } for pid=5078 comm="syz-executor153" path="/dev/binderfs" dev="devtmpfs" ino=2320 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 52.079659][ T26] audit: type=1400 audit(1680335729.448:80): avc: denied { mount } for pid=5078 comm="syz-executor153" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [pid 5081] ioctl(5, NBD_SET_SOCK, 3 [pid 5080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5080] futex(0x7f05bcd854dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f05bcc6c000 [pid 5080] mprotect(0x7f05bcc6d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5080] clone(child_stack=0x7f05bcc8c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4], tls=0x7f05bcc8c700, child_tidptr=0x7f05bcc8c9d0) = 4 [pid 5080] futex(0x7f05bcd854d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] futex(0x7f05bcd854dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5082 attached [pid 5082] set_robust_list(0x7f05bcc8c9e0, 24) = 0 [ 52.102335][ T26] audit: type=1400 audit(1680335729.458:81): avc: denied { read } for pid=5080 comm="syz-executor153" name="nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 52.126032][ T26] audit: type=1400 audit(1680335729.458:82): avc: denied { open } for pid=5080 comm="syz-executor153" path="/dev/nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5082] ioctl(5, NBD_DO_IT [pid 5081] <... ioctl resumed>) = 0 [pid 5081] futex(0x7f05bcd854cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5081] futex(0x7f05bcd854c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] futex(0x7f05bcd854c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5080] <... futex resumed>) = 0 [pid 5081] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY|0x4 [pid 5080] futex(0x7f05bcd854cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... openat resumed>) = 6 [pid 5081] futex(0x7f05bcd854cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5080] <... futex resumed>) = 0 [pid 5081] futex(0x7f05bcd854c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] futex(0x7f05bcd854c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5080] <... futex resumed>) = 0 [pid 5081] ioctl(6, NBD_SET_SIZE_BLOCKS, 63 [pid 5080] futex(0x7f05bcd854cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... ioctl resumed>) = 0 [pid 5081] futex(0x7f05bcd854cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 0 [pid 5081] <... futex resumed>) = 1 [ 52.150353][ T26] audit: type=1400 audit(1680335729.458:83): avc: denied { ioctl } for pid=5080 comm="syz-executor153" path="/dev/nbd0" dev="devtmpfs" ino=664 ioctlcmd=0xab00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 52.191706][ T5081] nbd0: detected capacity change from 0 to 126 [pid 5081] futex(0x7f05bcd854c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] close(3) = 0 [pid 5080] close(4 [pid 5082] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] close(5 [pid 5082] futex(0x7f05bcd854dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 52.333868][ T4386] block nbd0: Receive control failed (result -104) [pid 5082] futex(0x7f05bcd854d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5078] kill(-2, SIGKILL [pid 5082] <... futex resumed>) = ? [pid 5078] <... kill resumed>) = 0 [pid 5082] +++ killed by SIGKILL +++ [pid 5081] <... futex resumed>) = ? [pid 5081] +++ killed by SIGKILL +++ [pid 5078] kill(2, SIGKILL) = 0 [pid 5078] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5078] getdents64(3, 0x555556b3e620 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(3, 0x555556b3e620 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [ 76.478592][ T25] cfg80211: failed to load regulatory.db [ 82.237405][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 30 seconds [ 112.316787][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 60 seconds [ 114.485813][ T4432] udevd[4432]: worker [5083] /devices/virtual/block/nbd0 is taking a long time [ 142.396813][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 90 seconds [ 172.476927][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 120 seconds [ 202.556829][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 150 seconds [ 232.636864][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 180 seconds [ 234.648407][ T4432] udevd[4432]: worker [5083] /devices/virtual/block/nbd0 timeout; kill it [ 234.657847][ T4432] udevd[4432]: seq 7516 '/devices/virtual/block/nbd0' killed [ 262.716887][ T51] block nbd0: Possible stuck request ffff88801f480000: control (read@0,4096B). Runtime 210 seconds [ 286.396653][ T27] INFO: task syz-executor153:5080 blocked for more than 143 seconds. [ 286.404849][ T27] Not tainted 6.3.0-rc4-syzkaller-00174-g2bac7dc169af #0 [ 286.412864][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.421660][ T27] task:syz-executor153 state:D stack:27808 pid:5080 ppid:5078 flags:0x00004006 [ 286.431012][ T27] Call Trace: [ 286.434309][ T27] [ 286.437284][ T27] __schedule+0xc91/0x5770 [ 286.441814][ T27] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.447940][ T27] ? flock_lock_inode+0x8d0/0xef0 [ 286.453090][ T27] ? io_schedule_timeout+0x150/0x150 [ 286.458432][ T27] ? __mutex_lock+0xa36/0x1350 [ 286.463221][ T27] schedule+0xde/0x1a0 [ 286.467396][ T27] schedule_preempt_disabled+0x13/0x20 [ 286.472877][ T27] __mutex_lock+0xa3b/0x1350 [ 286.477559][ T27] ? blkdev_put+0xc0/0x770 [ 286.482076][ T27] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.487763][ T27] ? locks_check_ctx_file_list+0x1d/0x320 [ 286.493606][ T27] ? do_raw_spin_unlock+0x175/0x230 [ 286.498859][ T27] ? _raw_spin_unlock+0x28/0x40 [ 286.503739][ T27] ? locks_remove_file+0x2fb/0x5b0 [ 286.508967][ T27] blkdev_put+0xc0/0x770 [ 286.513231][ T27] blkdev_close+0x68/0x80 [ 286.517609][ T27] __fput+0x27c/0xa90 [ 286.521671][ T27] ? blkdev_fsync+0xa0/0xa0 [ 286.526170][ T27] task_work_run+0x16f/0x270 [ 286.530894][ T27] ? task_work_cancel+0x30/0x30 [ 286.535780][ T27] ptrace_notify+0x118/0x140 [ 286.540420][ T27] syscall_exit_to_user_mode_prepare+0x129/0x220 [ 286.546924][ T27] syscall_exit_to_user_mode+0xd/0x50 [ 286.552318][ T27] do_syscall_64+0x46/0xb0 [ 286.556781][ T27] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.562762][ T27] RIP: 0033:0x7f05bccbcbbb [ 286.567299][ T27] RSP: 002b:00007ffd37c220f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 286.576185][ T27] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f05bccbcbbb [ 286.584207][ T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 286.592273][ T27] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000064 [ 286.600282][ T27] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000c50c [ 286.608341][ T27] R13: 00007f05bcd854cc R14: 00007ffd37c22150 R15: 00007f05bcd854c0 [ 286.616308][ T27] [ 286.619409][ T27] [ 286.619409][ T27] Showing all locks held in the system: [ 286.627199][ T27] 1 lock held by rcu_tasks_kthre/11: [ 286.632492][ T27] #0: ffffffff8c791ab0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 286.643065][ T27] 1 lock held by rcu_tasks_trace/12: [ 286.648427][ T27] #0: ffffffff8c7917b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 286.659508][ T27] 1 lock held by khungtaskd/27: [ 286.664395][ T27] #0: ffffffff8c792600 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340 [ 286.674524][ T27] 2 locks held by getty/4755: [ 286.679274][ T27] #0: ffff88802b759098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 286.689194][ T27] #1: ffffc900020182f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 286.699448][ T27] 1 lock held by syz-executor153/5080: [ 286.704893][ T27] #0: ffff88801f3de4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xc0/0x770 [ 286.714275][ T27] 1 lock held by udevd/5083: [ 286.718891][ T27] #0: ffff88801f3de4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x9b/0xb80 [ 286.729515][ T27] [ 286.731841][ T27] ============================================= [ 286.731841][ T27] [ 286.740329][ T27] NMI backtrace for cpu 0 [ 286.744671][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.3.0-rc4-syzkaller-00174-g2bac7dc169af #0 [ 286.754479][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 286.764521][ T27] Call Trace: [ 286.767787][ T27] [ 286.770707][ T27] dump_stack_lvl+0xd9/0x150 [ 286.775357][ T27] nmi_cpu_backtrace+0x29c/0x350 [ 286.780286][ T27] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.785477][ T27] nmi_trigger_cpumask_backtrace+0x2a4/0x300 [ 286.791448][ T27] watchdog+0xe16/0x1090 [ 286.795740][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.801731][ T27] kthread+0x2e8/0x3a0 [ 286.805810][ T27] ? kthread_complete_and_exit+0x40/0x40 [ 286.811465][ T27] ret_from_fork+0x1f/0x30 [ 286.815906][ T27] [ 286.819123][ T27] Sending NMI from CPU 0 to CPUs 1: [ 286.824350][ C1] NMI backtrace for cpu 1 [ 286.824360][ C1] CPU: 1 PID: 40 Comm: kworker/u4:2 Not tainted 6.3.0-rc4-syzkaller-00174-g2bac7dc169af #0 [ 286.824379][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 286.824390][ C1] Workqueue: events_unbound toggle_allocation_gate [ 286.824502][ C1] RIP: 0010:match_held_lock+0x70/0xc0 [ 286.824529][ C1] Code: 06 48 0f af c2 0f b7 53 20 81 e2 ff 1f 00 00 48 39 d0 0f 94 c0 48 83 c4 08 0f b6 c0 5b c3 31 f6 e8 65 fe ff ff 48 85 c0 75 b2 <31> c0 48 83 c4 08 5b c3 48 83 c4 08 b8 01 00 00 00 5b c3 e8 88 bb [ 286.824545][ C1] RSP: 0018:ffffc90000d1f978 EFLAGS: 00000046 [ 286.824558][ C1] RAX: 0000000000000000 RBX: ffff8880176bac38 RCX: 0000000000000001 [ 286.824569][ C1] RDX: 0000000000000000 RSI: ffffffff8c7925a0 RDI: ffff8880176bac38 [ 286.824580][ C1] RBP: ffffffff8c7925a0 R08: ffffffff812df6fc R09: 0000000000000000 [ 286.824591][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880176ba200 [ 286.824602][ C1] R13: ffff8880176bac38 R14: 00000000ffffffff R15: ffff8880176bac38 [ 286.824613][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 286.824631][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.824643][ C1] CR2: 00007f2b7d0bd990 CR3: 000000000c571000 CR4: 00000000003506e0 [ 286.824654][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.824664][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.824674][ C1] Call Trace: [ 286.824679][ C1] [ 286.824684][ C1] lock_is_held_type+0xab/0x140 [ 286.824709][ C1] __might_resched+0x414/0x580 [ 286.824734][ C1] __mutex_lock+0x9f/0x1350 [ 286.824757][ C1] ? arch_jump_label_transform_queue+0x5c/0x100 [ 286.824776][ C1] ? __mutex_unlock_slowpath+0x157/0x5e0 [ 286.824799][ C1] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.824822][ C1] ? wait_for_completion_io_timeout+0x20/0x20 [ 286.824847][ C1] ? kmem_cache_alloc_bulk+0xf3/0x3e0 [ 286.824863][ C1] ? __jump_label_patch+0x173/0x340 [ 286.824881][ C1] arch_jump_label_transform_queue+0x5c/0x100 [ 286.824900][ C1] __jump_label_update+0x12e/0x410 [ 286.824963][ C1] jump_label_update+0x32f/0x410 [ 286.824990][ C1] static_key_disable_cpuslocked+0x156/0x1b0 [ 286.825019][ C1] static_key_disable+0x1a/0x20 [ 286.825046][ C1] toggle_allocation_gate+0x143/0x230 [ 286.825082][ C1] ? wake_up_kfence_timer+0x30/0x30 [ 286.825106][ C1] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.825125][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.825152][ C1] process_one_work+0x991/0x15c0 [ 286.825174][ C1] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 286.825195][ C1] ? spin_bug+0x1c0/0x1c0 [ 286.825213][ C1] ? _raw_spin_lock_irq+0x45/0x50 [ 286.825240][ C1] worker_thread+0x669/0x1090 [ 286.825261][ C1] ? process_one_work+0x15c0/0x15c0 [ 286.825281][ C1] kthread+0x2e8/0x3a0 [ 286.825296][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 286.825314][ C1] ret_from_fork+0x1f/0x30 [ 286.825341][ C1] [ 286.826353][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 287.123577][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.3.0-rc4-syzkaller-00174-g2bac7dc169af #0 [ 287.133381][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 287.143436][ T27] Call Trace: [ 287.146715][ T27] [ 287.149645][ T27] dump_stack_lvl+0xd9/0x150 [ 287.154246][ T27] panic+0x688/0x730 [ 287.158143][ T27] ? panic_smp_self_stop+0x90/0x90 [ 287.163259][ T27] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.168487][ T27] ? preempt_schedule_thunk+0x1a/0x20 [ 287.173872][ T27] ? watchdog+0xbe8/0x1090 [ 287.178299][ T27] watchdog+0xbf9/0x1090 [ 287.182572][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.188565][ T27] kthread+0x2e8/0x3a0 [ 287.192638][ T27] ? kthread_complete_and_exit+0x40/0x40 [ 287.198274][ T27] ret_from_fork+0x1f/0x30 [ 287.202701][ T27] [ 287.205884][ T27] Kernel Offset: disabled [ 287.210208][ T27] Rebooting in 86400 seconds..