./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2624550174 <...> Warning: Permanently added '10.128.1.176' (ED25519) to the list of known hosts. execve("./syz-executor2624550174", ["./syz-executor2624550174"], 0x7ffe74935390 /* 10 vars */) = 0 brk(NULL) = 0x55556a4e2000 brk(0x55556a4e2d00) = 0x55556a4e2d00 arch_prctl(ARCH_SET_FS, 0x55556a4e2380) = 0 set_tid_address(0x55556a4e2650) = 5093 set_robust_list(0x55556a4e2660, 24) = 0 rseq(0x55556a4e2ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2624550174", 4096) = 28 getrandom("\x7f\xff\xc6\x57\x77\x98\xcc\x04", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556a4e2d00 brk(0x55556a503d00) = 0x55556a503d00 brk(0x55556a504000) = 0x55556a504000 mprotect(0x7ff982a2f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 chmod("/dev/raw-gadget", 0666) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556a4e2650) = 5094 ./strace-static-x86_64: Process 5094 attached [pid 5094] set_robust_list(0x55556a4e2660, 24) = 0 [pid 5094] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setsid() = 1 [pid 5094] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5094] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5094] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5094] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5094] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5094] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5094] unshare(CLONE_NEWNS) = 0 [pid 5094] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5094] unshare(CLONE_NEWIPC) = 0 [pid 5094] unshare(CLONE_NEWCGROUP) = 0 [pid 5094] unshare(CLONE_NEWUTS) = 0 [pid 5094] unshare(CLONE_SYSVSEM) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "16777216", 8) = 8 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "536870912", 9) = 9 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1024", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "8192", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1024", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1024", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5094] close(3) = 0 [pid 5094] getpid() = 1 [pid 5094] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5094] kill(-2, SIGKILL) = 0 [pid 5094] kill(2, SIGKILL) = 0 [pid 5094] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(3, 0x55556a4e36f0 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(3, 0x55556a4e36f0 /* 0 entries */, 32768) = 0 [ 113.989448][ T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-...D } 2630 jiffies s: 621 root: 0x1/. [ 114.003076][ T19] rcu: blocking rcu_node structures (internal RCU debug): [ 114.010590][ T19] Sending NMI from CPU 1 to CPUs 0: [ 114.015843][ C0] NMI backtrace for cpu 0 [ 114.015865][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 114.015884][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 114.015898][ C0] RIP: 0010:lock_release+0xfc/0x9f0 [ 114.015941][ C0] Code: c0 6c 7b ad 8f 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 f7 05 00 00 83 3d 8d ec 3a 0e 00 0f 84 32 05 00 00 65 8b 05 94 fb 8f 7e <85> c0 0f 85 23 05 00 00 65 48 8b 04 25 c0 d4 03 00 48 89 44 24 18 [ 114.015957][ C0] RSP: 0018:ffffc90000007b40 EFLAGS: 00000002 [ 114.015974][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81728ea0 [ 114.015986][ C0] RDX: 0000000000000000 RSI: ffffffff8c1fe960 RDI: ffffffff8c1fe920 [ 114.015998][ C0] RBP: ffffc90000007c80 R08: ffffffff8fad492f R09: 1ffffffff1f5a925 [ 114.016012][ C0] R10: dffffc0000000000 R11: fffffbfff1f5a926 R12: 1ffff92000000f74 [ 114.016025][ C0] R13: ffffffff898f4e42 R14: ffff888028872800 R15: dffffc0000000000 [ 114.016039][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 114.016054][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.016066][ C0] CR2: 0000000020000600 CR3: 000000002dc98000 CR4: 00000000003506f0 [ 114.016081][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 114.016091][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 114.016102][ C0] Call Trace: [ 114.016110][ C0] [ 114.016117][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 114.016141][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 114.016162][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 114.016180][ C0] ? nmi_handle+0x2a/0x5a0 [ 114.016221][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 114.016242][ C0] ? nmi_handle+0x14f/0x5a0 [ 114.016268][ C0] ? nmi_handle+0x2a/0x5a0 [ 114.016295][ C0] ? lock_release+0xfc/0x9f0 [ 114.016312][ C0] ? default_do_nmi+0x63/0x160 [ 114.016332][ C0] ? exc_nmi+0x123/0x1f0 [ 114.016350][ C0] ? end_repeat_nmi+0xf/0x53 [ 114.016377][ C0] ? advance_sched+0xa02/0xca0 [ 114.016406][ C0] ? lock_release+0xb0/0x9f0 [ 114.016424][ C0] ? lock_release+0xfc/0x9f0 [ 114.016443][ C0] ? lock_release+0xfc/0x9f0 [ 114.016463][ C0] ? lock_release+0xfc/0x9f0 [ 114.016481][ C0] [ 114.016487][ C0] [ 114.016495][ C0] ? advance_sched+0xa02/0xca0 [ 114.016522][ C0] ? __netif_schedule+0xc4/0x310 [ 114.016541][ C0] ? __pfx_lock_release+0x10/0x10 [ 114.016560][ C0] ? __pfx___netif_schedule+0x10/0x10 [ 114.016582][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 114.016608][ C0] ? taprio_set_budgets+0x32c/0x370 [ 114.016634][ C0] ? advance_sched+0xa02/0xca0 [ 114.016659][ C0] ? advance_sched+0xa02/0xca0 [ 114.016686][ C0] advance_sched+0xb32/0xca0 [ 114.016720][ C0] ? __pfx_advance_sched+0x10/0x10 [ 114.016746][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 114.016773][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 114.016803][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 114.016829][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 114.016853][ C0] hrtimer_interrupt+0x396/0x990 [ 114.016891][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 114.016920][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 114.016944][ C0] [ 114.016950][ C0] [ 114.016956][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 114.016983][ C0] RIP: 0010:acpi_safe_halt+0x21/0x30 [ 114.017000][ C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 c0 d4 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 55 5a a3 00 f3 0f 1e fa fb f4 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 [ 114.017014][ C0] RSP: 0018:ffffffff8e007ca8 EFLAGS: 00000246 [ 114.017028][ C0] RAX: ffffffff8e094680 RBX: ffff88801b6f1064 RCX: 000000000001fef9 [ 114.017041][ C0] RDX: 0000000000000001 RSI: ffff88801b6f1000 RDI: ffff88801b6f1064 [ 114.017053][ C0] RBP: 000000000003a578 R08: ffff8880b9437ccb R09: 1ffff11017286f99 [ 114.017065][ C0] R10: dffffc0000000000 R11: ffffffff8b8618c0 R12: ffff888019f65000 [ 114.017078][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8eacdc00 [ 114.017092][ C0] ? __pfx_acpi_idle_enter+0x10/0x10 [ 114.017116][ C0] acpi_idle_enter+0xe4/0x140 [ 114.017134][ C0] cpuidle_enter_state+0x112/0x480 [ 114.017160][ C0] ? __pfx_menu_select+0x10/0x10 [ 114.017188][ C0] cpuidle_enter+0x5d/0xa0 [ 114.017212][ C0] do_idle+0x375/0x5d0 [ 114.017232][ C0] ? __pfx___schedule+0x10/0x10 [ 114.017270][ C0] ? __pfx_do_idle+0x10/0x10 [ 114.017291][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 114.017310][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 114.017329][ C0] ? rest_init+0x31/0x300 [ 114.017346][ C0] ? rest_init+0x31/0x300 [ 114.017362][ C0] cpu_startup_entry+0x42/0x60 [ 114.017382][ C0] rest_init+0x2dc/0x300 [ 114.017398][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 114.017423][ C0] start_kernel+0x47a/0x500 [ 114.017451][ C0] x86_64_start_reservations+0x2a/0x30 [ 114.017471][ C0] x86_64_start_kernel+0x99/0xa0 [ 114.017488][ C0] common_startup_64+0x13e/0x147 [ 114.017515][ C0] [ 114.017524][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.680 msecs