./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2373918823 <...> Warning: Permanently added '10.128.0.205' (ED25519) to the list of known hosts. execve("./syz-executor2373918823", ["./syz-executor2373918823"], 0x7fff98489530 /* 10 vars */) = 0 brk(NULL) = 0x5555704fd000 brk(0x5555704fdd00) = 0x5555704fdd00 arch_prctl(ARCH_SET_FS, 0x5555704fd380) = 0 set_tid_address(0x5555704fd650) = 5076 set_robust_list(0x5555704fd660, 24) = 0 rseq(0x5555704fdca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2373918823", 4096) = 28 getrandom("\x31\xfe\x2a\xd4\x14\x40\x97\xcf", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555704fdd00 brk(0x55557051ed00) = 0x55557051ed00 brk(0x55557051f000) = 0x55557051f000 mprotect(0x7f910e066000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5077 attached , child_tidptr=0x5555704fd650) = 5077 [pid 5077] set_robust_list(0x5555704fd660, 24) = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5077] socket(AF_INET, SOCK_SEQPACKET, IPPROTO_IP) = 4 [pid 5077] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 5077] listen(4, 7757) = 0 [pid 5077] ioctl(3, NBD_DO_IT [pid 5076] kill(-5077, SIGKILL) = 0 [pid 5076] kill(5077, SIGKILL) = 0 [ 80.084586][ T5077] block nbd0: shutting down sockets [pid 5076] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x5555704fe6f0 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(3, 0x5555704fe6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [ 87.084117][ T44] cfg80211: failed to load regulatory.db [ 286.756625][ T29] INFO: task syz-executor237:5077 blocked for more than 143 seconds. [ 286.764862][ T29] Not tainted 6.9.0-rc7-syzkaller-00136-gf4345f05c0df #0 [ 286.772602][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.781334][ T29] task:syz-executor237 state:D stack:26008 pid:5077 tgid:5077 ppid:5076 flags:0x00004006 [ 286.791562][ T29] Call Trace: [ 286.794880][ T29] [ 286.797881][ T29] __schedule+0x1796/0x4a00 [ 286.802577][ T29] ? __pfx___schedule+0x10/0x10 [ 286.807495][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.812605][ T29] ? __lock_acquire+0x1346/0x1fd0 [ 286.817695][ T29] ? schedule+0x90/0x320 [ 286.821966][ T29] schedule+0x14b/0x320 [ 286.826126][ T29] schedule_timeout+0xb0/0x310 [ 286.830982][ T29] ? __pfx_schedule_timeout+0x10/0x10 [ 286.836377][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.842450][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.847816][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.853123][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.858393][ T29] ? lockdep_hardirqs_on+0x99/0x150 [ 286.863690][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.869039][ T29] wait_for_completion+0x355/0x620 [ 286.874182][ T29] ? __pfx_wait_for_completion+0x10/0x10 [ 286.879881][ T29] ? flush_workqueue_prep_pwqs+0x45c/0x4c0 [ 286.885734][ T29] ? check_flush_dependency+0xb2/0x390 [ 286.891246][ T29] __flush_workqueue+0x7d6/0x1710 [ 286.896301][ T29] ? __pfx_dd_has_work+0x10/0x10 [ 286.901304][ T29] ? __pfx___flush_workqueue+0x10/0x10 [ 286.906855][ T29] ? __pfx_blk_mq_run_hw_queues+0x10/0x10 [ 286.912635][ T29] ? ktime_get_mono_fast_ns+0x1c3/0x1f0 [ 286.918289][ T29] ? blk_mq_unquiesce_queue+0xc0/0x120 [ 286.923791][ T29] nbd_ioctl+0xbd1/0xf40 [ 286.928179][ T29] ? __pfx_nbd_ioctl+0x10/0x10 [ 286.932970][ T29] ? __asan_memset+0x23/0x50 [ 286.937622][ T29] ? __pfx_autoremove_wake_function+0x10/0x10 [ 286.943700][ T29] ? __pfx_smack_file_ioctl+0x10/0x10 [ 286.949138][ T29] ? file_to_blk_mode+0xd5/0x140 [ 286.954091][ T29] ? __pfx_nbd_ioctl+0x10/0x10 [ 286.958941][ T29] blkdev_ioctl+0x5e5/0x740 [ 286.963483][ T29] ? __pfx_blkdev_ioctl+0x10/0x10 [ 286.968593][ T29] ? bpf_lsm_file_ioctl+0x9/0x10 [ 286.973585][ T29] ? security_file_ioctl+0x87/0xb0 [ 286.978742][ T29] ? __pfx_blkdev_ioctl+0x10/0x10 [ 286.983818][ T29] __se_sys_ioctl+0xfc/0x170 [ 286.988500][ T29] do_syscall_64+0xf5/0x240 [ 286.993063][ T29] ? clear_bhb_loop+0x35/0x90 [ 286.997826][ T29] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.003736][ T29] RIP: 0033:0x7f910dff3879 [ 287.008195][ T29] RSP: 002b:00007ffd11b66aa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.016693][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f910dff3879 [ 287.024667][ T29] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 287.032697][ T29] RBP: 00007f910e0665f0 R08: 0000000000000006 R09: 0000000000000006 [ 287.040709][ T29] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 287.048742][ T29] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 287.056797][ T29] [ 287.059844][ T29] [ 287.059844][ T29] Showing all locks held in the system: [ 287.067631][ T29] 1 lock held by khungtaskd/29: [ 287.072493][ T29] #0: ffffffff8e334da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 287.082445][ T29] 2 locks held by kworker/u9:1/4469: [ 287.087800][ T29] #0: ffff88802029d148 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x17c0 [ 287.099083][ T29] #1: ffffc9000d90fd00 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x17c0 [ 287.110930][ T29] 1 lock held by klogd/4514: [ 287.115539][ T29] #0: ffff8880b943e658 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.125510][ T29] 2 locks held by getty/4830: [ 287.130212][ T29] #0: ffff88802ed810a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.140067][ T29] #1: ffffc90002f0e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 287.150290][ T29] [ 287.152618][ T29] ============================================= [ 287.152618][ T29] [ 287.161079][ T29] NMI backtrace for cpu 1 [ 287.165409][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00136-gf4345f05c0df #0 [ 287.175198][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.185244][ T29] Call Trace: [ 287.188513][ T29] [ 287.191435][ T29] dump_stack_lvl+0x241/0x360 [ 287.196116][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.201314][ T29] ? __pfx__printk+0x10/0x10 [ 287.205955][ T29] ? vprintk_emit+0x631/0x770 [ 287.210629][ T29] ? __pfx_vprintk_emit+0x10/0x10 [ 287.215665][ T29] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.220630][ T29] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.226091][ T29] ? _printk+0xd5/0x120 [ 287.230260][ T29] ? __pfx__printk+0x10/0x10 [ 287.234864][ T29] ? __wake_up_klogd+0xcc/0x110 [ 287.239734][ T29] ? __pfx__printk+0x10/0x10 [ 287.244327][ T29] ? wq_watchdog_touch+0x72/0x110 [ 287.249363][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.255362][ T29] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.261344][ T29] watchdog+0xfde/0x1020 [ 287.265602][ T29] ? watchdog+0x1ea/0x1020 [ 287.270023][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.274708][ T29] kthread+0x2f0/0x390 [ 287.278777][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.283453][ T29] ? __pfx_kthread+0x10/0x10 [ 287.288051][ T29] ret_from_fork+0x4b/0x80 [ 287.292475][ T29] ? __pfx_kthread+0x10/0x10 [ 287.297074][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.301864][ T29] [ 287.304998][ T29] Sending NMI from CPU 1 to CPUs 0: [ 287.310260][ C0] NMI backtrace for cpu 0 [ 287.310271][ C0] CPU: 0 PID: 950 Comm: kworker/u8:6 Not tainted 6.9.0-rc7-syzkaller-00136-gf4345f05c0df #0 [ 287.310287][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.310297][ C0] Workqueue: events_unbound toggle_allocation_gate [ 287.310320][ C0] RIP: 0010:insn_get_prefixes+0x249/0x18b0 [ 287.310344][ C0] Code: 0d ef 21 f6 e9 72 01 00 00 e8 03 ef 21 f6 eb 1e e8 fc ee 21 f6 eb 13 e8 f5 ee 21 f6 eb 0c e8 ee ee 21 f6 eb 05 e8 e7 ee 21 f6 <4c> 8b 3c 24 48 b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 0f 85 [ 287.310356][ C0] RSP: 0018:ffffc900041175c0 EFLAGS: 00000293 [ 287.310369][ C0] RAX: ffffffff8b741894 RBX: 1ffffffff178ac11 RCX: ffff888020d99e00 [ 287.310381][ C0] RDX: 0000000000000000 RSI: 000000000000001f RDI: 000000000000000b [ 287.310391][ C0] RBP: 000000000000001f R08: ffffffff8b7417ac R09: 0000000000000000 [ 287.310401][ C0] R10: ffffc90004117920 R11: fffff52000822f2f R12: ffffffff8bc5608c [ 287.310413][ C0] R13: ffffffff8bc5608a R14: ffffffff8bc56099 R15: ffffc90004117920 [ 287.310430][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 287.310442][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.310453][ C0] CR2: 000055a398083600 CR3: 000000000e134000 CR4: 00000000003506f0 [ 287.310467][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.310476][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.310486][ C0] Call Trace: [ 287.310492][ C0] [ 287.310499][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 287.310517][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 287.310535][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.310552][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.310591][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.310612][ C0] ? nmi_handle+0x14f/0x5a0 [ 287.310627][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.310644][ C0] ? insn_get_prefixes+0x249/0x18b0 [ 287.310664][ C0] ? default_do_nmi+0x63/0x160 [ 287.310683][ C0] ? exc_nmi+0x123/0x1f0 [ 287.310700][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.310723][ C0] ? insn_get_prefixes+0x14c/0x18b0 [ 287.310742][ C0] ? insn_get_prefixes+0x234/0x18b0 [ 287.310763][ C0] ? insn_get_prefixes+0x249/0x18b0 [ 287.310783][ C0] ? insn_get_prefixes+0x249/0x18b0 [ 287.310805][ C0] ? insn_get_prefixes+0x249/0x18b0 [ 287.310825][ C0] [ 287.310830][ C0] [ 287.310843][ C0] insn_get_opcode+0x65/0xa90 [ 287.310863][ C0] ? inat_get_opcode_attribute+0xc/0x50 [ 287.310881][ C0] ? insn_get_opcode+0x79d/0xa90 [ 287.310908][ C0] insn_get_modrm+0x63/0x730 [ 287.310928][ C0] ? insn_get_modrm+0x4a2/0x730 [ 287.310951][ C0] insn_get_displacement+0x151/0x9a0 [ 287.310976][ C0] insn_get_immediate+0x62/0x11f0 [ 287.311008][ C0] ? insn_get_immediate+0xad4/0x11f0 [ 287.311030][ C0] insn_decode+0x2d6/0x4c0 [ 287.311068][ C0] ? kmem_cache_alloc+0xae/0x350 [ 287.311096][ C0] text_poke_loc_init+0xed/0x870 [ 287.311117][ C0] ? __jump_label_patch+0x2ca/0x490 [ 287.311137][ C0] ? kmem_cache_alloc+0xae/0x350 [ 287.311159][ C0] ? __pfx_text_poke_loc_init+0x10/0x10 [ 287.311178][ C0] ? trace_contention_end+0x3c/0x120 [ 287.311205][ C0] ? static_key_disable_cpuslocked+0x9b/0x1c0 [ 287.311235][ C0] ? text_poke_queue+0x46/0x180 [ 287.311282][ C0] arch_jump_label_transform_queue+0x8f/0x100 [ 287.311305][ C0] __jump_label_update+0x177/0x3a0 [ 287.311327][ C0] ? process_scheduled_works+0x91b/0x17c0 [ 287.311344][ C0] static_key_disable_cpuslocked+0xce/0x1c0 [ 287.311365][ C0] static_key_disable+0x1a/0x20 [ 287.311382][ C0] toggle_allocation_gate+0x1b8/0x250 [ 287.311402][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 287.311428][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.311452][ C0] process_scheduled_works+0xa10/0x17c0 [ 287.311483][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 287.311504][ C0] ? assign_work+0x364/0x3d0 [ 287.311522][ C0] worker_thread+0x86d/0xd70 [ 287.311547][ C0] ? __kthread_parkme+0x169/0x1d0 [ 287.311566][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.311583][ C0] kthread+0x2f0/0x390 [ 287.311602][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.311618][ C0] ? __pfx_kthread+0x10/0x10 [ 287.311637][ C0] ret_from_fork+0x4b/0x80 [ 287.311675][ C0] ? __pfx_kthread+0x10/0x10 [ 287.311694][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.311725][ C0] [ 287.311732][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.471 msecs [ 287.312322][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.752132][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00136-gf4345f05c0df #0 [ 287.761920][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.771960][ T29] Call Trace: [ 287.775229][ T29] [ 287.778150][ T29] dump_stack_lvl+0x241/0x360 [ 287.782829][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.788021][ T29] ? __pfx__printk+0x10/0x10 [ 287.792600][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.798570][ T29] ? vscnprintf+0x5d/0x90 [ 287.802889][ T29] panic+0x349/0x860 [ 287.806782][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.812921][ T29] ? __pfx_panic+0x10/0x10 [ 287.817327][ T29] ? tick_nohz_tick_stopped+0x82/0xb0 [ 287.822702][ T29] ? __irq_work_queue_local+0x137/0x410 [ 287.828265][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.833641][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.839785][ T29] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 287.845937][ T29] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 287.852110][ T29] watchdog+0x101d/0x1020 [ 287.856435][ T29] ? watchdog+0x1ea/0x1020 [ 287.860850][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.865539][ T29] kthread+0x2f0/0x390 [ 287.869614][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.874289][ T29] ? __pfx_kthread+0x10/0x10 [ 287.878880][ T29] ret_from_fork+0x4b/0x80 [ 287.883297][ T29] ? __pfx_kthread+0x10/0x10 [ 287.887891][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.892665][ T29] [ 287.896021][ T29] Kernel Offset: disabled [ 287.900348][ T29] Rebooting in 86400 seconds..