./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2353349902 <...> forked to background, child pid 3184 no interfaces have a carrier [ 25.527948][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.545431][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.112' (ECDSA) to the list of known hosts. execve("./syz-executor2353349902", ["./syz-executor2353349902"], 0x7fff5e78e470 /* 10 vars */) = 0 brk(NULL) = 0x555556b64000 brk(0x555556b64c40) = 0x555556b64c40 arch_prctl(ARCH_SET_FS, 0x555556b64300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2353349902", 4096) = 28 brk(0x555556b85c40) = 0x555556b85c40 brk(0x555556b86000) = 0x555556b86000 mprotect(0x7fbbc2025000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3606 attached , child_tidptr=0x555556b645d0) = 3606 [pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3606] setpgid(0, 0) = 0 [pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1000", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY|O_NONBLOCK|O_CLOEXEC) = 3 [pid 3606] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0 [pid 3606] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 3606] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 6 [pid 3606] ioctl(3, NBD_SET_SIZE, 1052) = 0 syzkaller login: [ 48.774764][ T3606] nbd0: detected capacity change from 0 to 2 [pid 3606] ioctl(6, NBD_DO_IT [pid 3605] kill(-3606, SIGKILL) = 0 [pid 3605] kill(3606, SIGKILL) = 0 [pid 3606] <... ioctl resumed>) = ? [ 53.709306][ T3606] block nbd0: shutting down sockets [pid 3605] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3605] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3605] getdents64(3, 0x555556b65620 /* 2 entries */, 32768) = 48 [pid 3605] getdents64(3, 0x555556b65620 /* 0 entries */, 32768) = 0 [pid 3605] close(3) = 0 [ 76.222671][ T14] cfg80211: failed to load regulatory.db [ 79.421154][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 30 seconds [ 109.501157][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 60 seconds [ 111.226654][ T2971] udevd[2971]: worker [3608] /devices/virtual/block/nbd0 is taking a long time [ 139.581165][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 90 seconds [ 169.661115][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 120 seconds [ 199.741038][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 150 seconds [ 229.821153][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 180 seconds [ 231.390276][ T2971] udevd[2971]: worker [3608] /devices/virtual/block/nbd0 timeout; kill it [ 231.399472][ T2971] udevd[2971]: seq 7462 '/devices/virtual/block/nbd0' killed [ 259.901068][ T755] block nbd0: Possible stuck request ffff88801f168000: control (read@0,1024B). Runtime 210 seconds [ 286.141189][ T28] INFO: task syz-executor235:3606 blocked for more than 143 seconds. [ 286.149390][ T28] Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0 [ 286.156806][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.165536][ T28] task:syz-executor235 state:D stack:25984 pid: 3606 ppid: 3605 flags:0x00004006 [ 286.174810][ T28] Call Trace: [ 286.178102][ T28] [ 286.181089][ T28] __schedule+0x957/0xe20 [ 286.185517][ T28] ? __sched_text_start+0x8/0x8 [ 286.190372][ T28] ? __mutex_trylock_common+0x8e/0x2f0 [ 286.195892][ T28] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.201173][ T28] schedule+0xcb/0x190 [ 286.205234][ T28] schedule_preempt_disabled+0xf/0x20 [ 286.210594][ T28] __mutex_lock_common+0xecf/0x26c0 [ 286.215836][ T28] ? blkdev_put+0x100/0x730 [ 286.220761][ T28] ? mutex_lock_io_nested+0x60/0x60 [ 286.225994][ T28] ? __fsnotify_parent+0x4fd/0x710 [ 286.231185][ T28] ? blkdev_open+0x2e0/0x2e0 [ 286.235765][ T28] mutex_lock_nested+0x17/0x20 [ 286.240518][ T28] blkdev_put+0x100/0x730 [ 286.244895][ T28] ? lockdep_hardirqs_on_prepare+0x448/0x7b0 [ 286.250889][ T28] ? blkdev_open+0x2e0/0x2e0 [ 286.255532][ T28] blkdev_close+0x55/0x80 [ 286.259879][ T28] __fput+0x3b9/0x820 [ 286.263961][ T28] task_work_run+0x146/0x1c0 [ 286.268602][ T28] do_exit+0x55e/0x20a0 [ 286.272852][ T28] ? mm_update_next_owner+0x6d0/0x6d0 [ 286.278246][ T28] ? lockdep_hardirqs_on_prepare+0x448/0x7b0 [ 286.284295][ T28] ? print_irqtrace_events+0x220/0x220 [ 286.289769][ T28] ? _raw_spin_lock_irq+0xdb/0x110 [ 286.295009][ T28] do_group_exit+0x23b/0x2f0 [ 286.299609][ T28] ? _raw_spin_unlock_irq+0x1f/0x40 [ 286.304860][ T28] ? lockdep_hardirqs_on+0x95/0x140 [ 286.310136][ T28] get_signal+0x172f/0x1780 [ 286.314723][ T28] ? ptrace_notify+0x340/0x340 [ 286.319498][ T28] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.324737][ T28] arch_do_signal_or_restart+0x8d/0x750 [ 286.330313][ T28] ? _raw_spin_unlock_irq+0x2a/0x40 [ 286.335543][ T28] ? ptrace_notify+0x245/0x340 [ 286.340317][ T28] ? get_sigframe_size+0x10/0x10 [ 286.345343][ T28] ? vtime_user_exit+0x2b2/0x3e0 [ 286.350371][ T28] ? exit_to_user_mode_loop+0x42/0x160 [ 286.355917][ T28] exit_to_user_mode_loop+0x74/0x160 [ 286.361259][ T28] exit_to_user_mode_prepare+0xad/0x110 [ 286.366800][ T28] syscall_exit_to_user_mode+0x2e/0x60 [ 286.372299][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.378211][ T28] RIP: 0033:0x7fbbc1fb83b9 [ 286.382689][ T28] RSP: 002b:00007ffc813e3ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.391161][ T28] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007fbbc1fb83b9 [ 286.399148][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006 [ 286.407215][ T28] RBP: 0000000000000000 R08: 00007ffc813e3c78 R09: 00007ffc813e3c78 [ 286.415251][ T28] R10: 00007ffc813e3c78 R11: 0000000000000246 R12: 00007fbbc1f776d0 [ 286.423301][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 286.431311][ T28] [ 286.434341][ T28] [ 286.434341][ T28] Showing all locks held in the system: [ 286.442106][ T28] 1 lock held by rcu_tasks_kthre/12: [ 286.447424][ T28] #0: ffffffff8cd20970 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.457974][ T28] 1 lock held by rcu_tasks_trace/13: [ 286.463391][ T28] #0: ffffffff8cd21170 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.474399][ T28] 1 lock held by khungtaskd/28: [ 286.479254][ T28] #0: ffffffff8cd207a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 286.488643][ T28] 2 locks held by getty/3290: [ 286.493348][ T28] #0: ffff8880276cb098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 286.503170][ T28] #1: ffffc90002d232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6e8/0x1e50 [ 286.513390][ T28] 1 lock held by syz-executor235/3606: [ 286.518836][ T28] #0: ffff88801eb4e4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x730 [ 286.528274][ T28] 1 lock held by udevd/3608: [ 286.532906][ T28] #0: ffff88801eb4e4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0xfd/0xa40 [ 286.542913][ T28] [ 286.545250][ T28] ============================================= [ 286.545250][ T28] [ 286.553706][ T28] NMI backtrace for cpu 0 [ 286.558036][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0 [ 286.567563][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 286.577604][ T28] Call Trace: [ 286.580871][ T28] [ 286.583791][ T28] dump_stack_lvl+0x1e3/0x2cb [ 286.588460][ T28] ? io_notif_register+0x5e7/0x5e7 [ 286.593573][ T28] ? panic+0x76b/0x76b [ 286.597673][ T28] ? console_unlock+0x6bd/0x6f0 [ 286.602522][ T28] ? console_trylock_spinning+0x450/0x450 [ 286.608248][ T28] ? nmi_cpu_backtrace+0x248/0x4b0 [ 286.613383][ T28] nmi_cpu_backtrace+0x47c/0x4b0 [ 286.618575][ T28] ? vprintk_emit+0x109/0x1e0 [ 286.623243][ T28] ? nmi_trigger_cpumask_backtrace+0x280/0x280 [ 286.629395][ T28] ? _printk+0xcf/0x10f [ 286.633538][ T28] ? panic+0x76b/0x76b [ 286.637593][ T28] ? __wake_up_klogd+0xcd/0x100 [ 286.642455][ T28] ? panic+0x76b/0x76b [ 286.646511][ T28] ? __rcu_read_unlock+0x8f/0x100 [ 286.651542][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 286.657683][ T28] nmi_trigger_cpumask_backtrace+0x169/0x280 [ 286.663669][ T28] watchdog+0xcd5/0xd20 [ 286.667893][ T28] kthread+0x266/0x300 [ 286.671981][ T28] ? hungtask_pm_notify+0x50/0x50 [ 286.677038][ T28] ? kthread_blkcg+0xd0/0xd0 [ 286.681640][ T28] ret_from_fork+0x1f/0x30 [ 286.686092][ T28] [ 286.689219][ T28] Sending NMI from CPU 0 to CPUs 1: [ 286.694471][ C1] NMI backtrace for cpu 1 [ 286.694481][ C1] CPU: 1 PID: 46 Comm: kworker/u4:3 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0 [ 286.694497][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 286.694505][ C1] Workqueue: events_unbound toggle_allocation_gate [ 286.694581][ C1] RIP: 0010:check_preemption_disabled+0x14/0x120 [ 286.694600][ C1] Code: ff cc cc cc cc cc 48 c7 c7 00 54 0a 8b 48 c7 c6 40 54 0a 8b eb 00 41 57 41 56 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 <48> 89 44 24 08 65 8b 1d f8 cf c9 75 65 8b 05 61 25 ca 75 a9 ff ff [ 286.694611][ C1] RSP: 0018:ffffc90000b77740 EFLAGS: 00000082 [ 286.694622][ C1] RAX: 2e5beb6e1b123400 RBX: ffff8880186d9d80 RCX: ffffffff8169af8a [ 286.694632][ C1] RDX: dffffc0000000000 RSI: ffffffff8aad75c0 RDI: ffffffff8b0a5460 [ 286.694642][ C1] RBP: ffffc90000b77970 R08: dffffc0000000000 R09: fffffbfff1ff380b [ 286.694651][ C1] R10: fffffbfff1ff380b R11: 1ffffffff1ff380a R12: ffff8881400fa558 [ 286.694661][ C1] R13: dffffc0000000000 R14: ffffffff813204f4 R15: ffffffff81dc2f1a [ 286.694670][ C1] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 286.694682][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.694691][ C1] CR2: 00007fff91a90478 CR3: 000000000ca8e000 CR4: 00000000003506e0 [ 286.694704][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.694712][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.694720][ C1] Call Trace: [ 286.694724][ C1] [ 286.694729][ C1] ? text_poke_memcpy+0x5/0x10 [ 286.694764][ C1] ? __text_poke+0x7c4/0x9d0 [ 286.694774][ C1] ? kmem_cache_alloc+0xda/0x310 [ 286.694804][ C1] lockdep_hardirqs_on+0x95/0x140 [ 286.694819][ C1] __text_poke+0x7c4/0x9d0 [ 286.694832][ C1] ? kmem_cache_alloc+0xda/0x310 [ 286.694845][ C1] ? __text_poke+0x9d0/0x9d0 [ 286.694858][ C1] ? text_poke+0x90/0x90 [ 286.694871][ C1] ? rcu_read_lock_sched_held+0x89/0x130 [ 286.694888][ C1] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 286.694903][ C1] ? trace_raw_output_contention_end+0xd0/0xd0 [ 286.694924][ C1] ? kmem_cache_alloc+0xda/0x310 [ 286.694937][ C1] text_poke_bp_batch+0x1b7/0x970 [ 286.694954][ C1] ? mutex_lock_io_nested+0x60/0x60 [ 286.694969][ C1] ? text_poke_loc_init+0x510/0x510 [ 286.694982][ C1] ? arch_jump_label_transform_queue+0x7c/0xd0 [ 286.694998][ C1] ? __jump_label_update+0x38e/0x3b0 [ 286.695037][ C1] text_poke_finish+0x16/0x30 [ 286.695048][ C1] arch_jump_label_transform_apply+0x13/0x20 [ 286.695062][ C1] static_key_disable_cpuslocked+0xc8/0x1b0 [ 286.695078][ C1] static_key_disable+0x16/0x20 [ 286.695092][ C1] toggle_allocation_gate+0x3d8/0x470 [ 286.695107][ C1] ? virt_to_slab+0x2c0/0x2c0 [ 286.695122][ C1] ? rcu_read_lock_sched_held+0x89/0x130 [ 286.695136][ C1] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 286.695150][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 286.695171][ C1] process_one_work+0x81c/0xd10 [ 286.695208][ C1] ? worker_detach_from_pool+0x260/0x260 [ 286.695224][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 286.695237][ C1] ? kthread_data+0x4d/0xc0 [ 286.695257][ C1] ? wq_worker_running+0x95/0x190 [ 286.695272][ C1] worker_thread+0xb14/0x1330 [ 286.695292][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 286.695313][ C1] kthread+0x266/0x300 [ 286.695326][ C1] ? rcu_lock_release+0x20/0x20 [ 286.695339][ C1] ? kthread_blkcg+0xd0/0xd0 [ 286.695354][ C1] ret_from_fork+0x1f/0x30 [ 286.695376][ C1] [ 286.695532][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 287.042221][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0 [ 287.051764][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 287.061811][ T28] Call Trace: [ 287.065093][ T28] [ 287.068022][ T28] dump_stack_lvl+0x1e3/0x2cb [ 287.072703][ T28] ? io_notif_register+0x5e7/0x5e7 [ 287.077813][ T28] ? panic+0x76b/0x76b [ 287.081882][ T28] ? vscnprintf+0x59/0x80 [ 287.086207][ T28] panic+0x316/0x76b [ 287.090098][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 287.095730][ T28] ? nmi_trigger_cpumask_backtrace+0x205/0x280 [ 287.101884][ T28] ? fb_is_primary_device+0xcc/0xcc [ 287.107078][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 287.113160][ T28] ? nmi_trigger_cpumask_backtrace+0x205/0x280 [ 287.119487][ T28] ? nmi_trigger_cpumask_backtrace+0x265/0x280 [ 287.125641][ T28] watchdog+0xd16/0xd20 [ 287.129819][ T28] kthread+0x266/0x300 [ 287.133885][ T28] ? hungtask_pm_notify+0x50/0x50 [ 287.138904][ T28] ? kthread_blkcg+0xd0/0xd0 [ 287.143491][ T28] ret_from_fork+0x1f/0x30 [ 287.147931][ T28] [ 287.151228][ T28] Kernel Offset: disabled [ 287.155648][ T28] Rebooting in 86400 seconds..