./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor19896556 <...> Warning: Permanently added '10.128.1.120' (ECDSA) to the list of known hosts. execve("./syz-executor19896556", ["./syz-executor19896556"], 0x7ffc9d8c9620 /* 10 vars */) = 0 brk(NULL) = 0x5555562a0000 brk(0x5555562a0c40) = 0x5555562a0c40 arch_prctl(ARCH_SET_FS, 0x5555562a0300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor19896556", 4096) = 26 brk(0x5555562c1c40) = 0x5555562c1c40 brk(0x5555562c2000) = 0x5555562c2000 mprotect(0x7facfa911000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5080 attached , child_tidptr=0x5555562a05d0) = 5080 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5080] socket(AF_AX25, SOCK_DGRAM, 0 /* AX25_P_??? */) = 4 [pid 5080] dup(4) = 5 [pid 5080] ioctl(3, NBD_SET_SOCK, 5) = 0 [pid 5080] ioctl(3, NBD_DO_IT [pid 5079] kill(-5080, SIGKILL) = 0 [pid 5079] kill(5080, SIGKILL) = 0 syzkaller login: [ 65.239708][ T5080] block nbd0: shutting down sockets [pid 5079] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5079] getdents64(3, 0x5555562a1620 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(3, 0x5555562a1620 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [ 81.581627][ T26] cfg80211: failed to load regulatory.db [ 286.380206][ T28] INFO: task syz-executor198:5080 blocked for more than 143 seconds. [ 286.388630][ T28] Not tainted 6.2.0-rc5-next-20230127-syzkaller-08766-ge2f86c02fdc9 #0 [ 286.397621][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.406410][ T28] task:syz-executor198 state:D stack:26888 pid:5080 ppid:5079 flags:0x00004004 [ 286.415750][ T28] Call Trace: [ 286.419055][ T28] [ 286.422041][ T28] __schedule+0x245a/0x5a60 [ 286.426690][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.432044][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.438159][ T28] schedule+0xde/0x1a0 [ 286.442317][ T28] schedule_timeout+0x276/0x2b0 [ 286.447202][ T28] ? usleep_range_state+0x1b0/0x1b0 [ 286.452523][ T28] ? __wait_for_common+0x1c4/0x5c0 [ 286.457671][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.462947][ T28] __wait_for_common+0x1ce/0x5c0 [ 286.467938][ T28] ? usleep_range_state+0x1b0/0x1b0 [ 286.473208][ T28] ? bit_wait_timeout+0x160/0x160 [ 286.478261][ T28] ? flush_workqueue_prep_pwqs+0x290/0x4f0 [ 286.484174][ T28] ? check_flush_dependency+0x86/0x3f0 [ 286.489666][ T28] __flush_workqueue+0x3f5/0x13a0 [ 286.494806][ T28] ? check_flush_dependency+0x3f0/0x3f0 [ 286.500420][ T28] ? blk_mq_run_hw_queues+0x1fd/0x290 [ 286.505889][ T28] ? blk_mq_unquiesce_queue+0xbf/0x100 [ 286.511427][ T28] nbd_ioctl+0x30b/0xcf0 [ 286.515770][ T28] ? nbd_start_device+0xdb0/0xdb0 [ 286.521259][ T28] ? prepare_to_wait_exclusive+0x2c0/0x2c0 [ 286.527136][ T28] ? ptrace_notify+0xfe/0x140 [ 286.531927][ T28] ? nbd_start_device+0xdb0/0xdb0 [ 286.537000][ T28] blkdev_ioctl+0x375/0x800 [ 286.543246][ T28] ? blkdev_common_ioctl+0x1ba0/0x1ba0 [ 286.548750][ T28] ? bpf_lsm_file_ioctl+0x9/0x10 [ 286.553811][ T28] ? blkdev_common_ioctl+0x1ba0/0x1ba0 [ 286.559317][ T28] __x64_sys_ioctl+0x197/0x210 [ 286.564235][ T28] do_syscall_64+0x39/0xb0 [ 286.568759][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.574784][ T28] RIP: 0033:0x7facfa8a4379 [ 286.579223][ T28] RSP: 002b:00007ffd37510248 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.587695][ T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007facfa8a4379 [ 286.595731][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 286.603790][ T28] RBP: 0000000000000000 R08: 00007ffd375103e8 R09: 00007ffd375103e8 [ 286.611806][ T28] R10: 00007ffd375103e8 R11: 0000000000000246 R12: 00007facfa863690 [ 286.620098][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 286.628099][ T28] [ 286.631191][ T28] [ 286.631191][ T28] Showing all locks held in the system: [ 286.638914][ T28] 1 lock held by rcu_tasks_kthre/13: [ 286.644278][ T28] #0: ffffffff8c794970 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 286.654951][ T28] 1 lock held by rcu_tasks_trace/14: [ 286.660294][ T28] #0: ffffffff8c794670 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 286.671380][ T28] 1 lock held by khungtaskd/28: [ 286.676247][ T28] #0: ffffffff8c795540 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x390 [ 286.686201][ T28] 2 locks held by kworker/u5:1/4395: [ 286.691653][ T28] #0: ffff88801ee1c938 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x86d/0x1820 [ 286.702342][ T28] #1: ffffc90006607da8 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1820 [ 286.713584][ T28] 2 locks held by getty/4757: [ 286.718252][ T28] #0: ffff88802c0ea098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 286.728144][ T28] #1: ffffc900015a02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 286.738363][ T28] [ 286.740722][ T28] ============================================= [ 286.740722][ T28] [ 286.749118][ T28] NMI backtrace for cpu 1 [ 286.753449][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc5-next-20230127-syzkaller-08766-ge2f86c02fdc9 #0 [ 286.764459][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 286.774509][ T28] Call Trace: [ 286.777781][ T28] [ 286.780703][ T28] dump_stack_lvl+0xd9/0x150 [ 286.785309][ T28] nmi_cpu_backtrace+0x316/0x3e0 [ 286.790257][ T28] nmi_trigger_cpumask_backtrace+0x38f/0x440 [ 286.796255][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.801459][ T28] watchdog+0xe53/0x11b0 [ 286.805738][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.811741][ T28] kthread+0x2e8/0x3a0 [ 286.815877][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.821530][ T28] ret_from_fork+0x1f/0x30 [ 286.825985][ T28] [ 286.829117][ T28] Sending NMI from CPU 1 to CPUs 0: [ 286.834408][ C0] NMI backtrace for cpu 0 [ 286.834419][ C0] CPU: 0 PID: 1059 Comm: kworker/u4:5 Not tainted 6.2.0-rc5-next-20230127-syzkaller-08766-ge2f86c02fdc9 #0 [ 286.834444][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 286.834456][ C0] Workqueue: events_unbound toggle_allocation_gate [ 286.834515][ C0] RIP: 0010:x2apic_send_IPI+0x9a/0xe0 [ 286.834541][ C0] Code: ae f0 0f ae e8 b9 00 04 00 00 41 83 fc 02 44 89 e0 48 0f 44 c1 48 c1 e2 20 b9 30 08 00 00 48 09 d0 48 c1 ea 20 0f 30 66 90 5b <5d> 41 5c c3 5b 31 d2 48 89 c6 bf 30 08 00 00 5d 41 5c e9 af 71 10 [ 286.834557][ C0] RSP: 0018:ffffc9000532f8d8 EFLAGS: 00000202 [ 286.834571][ C0] RAX: 00000001000000fb RBX: ffff888017251d40 RCX: 0000000000000830 [ 286.834583][ C0] RDX: 0000000000000001 RSI: 00000000000000fb RDI: ffffffff8c1049c8 [ 286.834594][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000001 [ 286.834605][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000000000fb [ 286.834615][ C0] R13: ffffc9000532f910 R14: ffff8880b983d410 R15: dffffc0000000000 [ 286.834628][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 286.834645][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.834657][ C0] CR2: 000055988e235600 CR3: 000000000c571000 CR4: 00000000003506f0 [ 286.834669][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.834679][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.834690][ C0] Call Trace: [ 286.834694][ C0] [ 286.834701][ C0] send_call_function_single_ipi+0x17e/0x1e0 [ 286.834758][ C0] ? sched_ttwu_pending+0x550/0x550 [ 286.834779][ C0] ? __bitmap_and+0x18c/0x210 [ 286.834804][ C0] ? _find_next_bit+0x11b/0x140 [ 286.834853][ C0] smp_call_function_many_cond+0xc82/0xe30 [ 286.834894][ C0] ? optimize_nops+0x3e0/0x3e0 [ 286.834919][ C0] ? smp_call_function_single_async+0xd0/0xd0 [ 286.834938][ C0] ? perf_event_bpf_event+0x4d0/0x4d0 [ 286.834973][ C0] ? text_poke_memset+0x60/0x60 [ 286.834996][ C0] ? optimize_nops+0x3e0/0x3e0 [ 286.835018][ C0] on_each_cpu_cond_mask+0x5a/0xa0 [ 286.835036][ C0] ? __kmem_cache_alloc_node+0xc4/0x330 [ 286.835077][ C0] text_poke_bp_batch+0x3f1/0x6b0 [ 286.835103][ C0] ? do_sync_core+0x30/0x30 [ 286.835127][ C0] ? __jump_label_update+0x296/0x410 [ 286.835166][ C0] text_poke_finish+0x1a/0x30 [ 286.835189][ C0] arch_jump_label_transform_apply+0x17/0x30 [ 286.835210][ C0] jump_label_update+0x32f/0x410 [ 286.835234][ C0] static_key_disable_cpuslocked+0x156/0x1b0 [ 286.835258][ C0] static_key_disable+0x1a/0x20 [ 286.835280][ C0] toggle_allocation_gate+0x143/0x230 [ 286.835301][ C0] ? wake_up_kfence_timer+0x30/0x30 [ 286.835322][ C0] ? trace_lock_acquire+0x1f1/0x2b0 [ 286.835351][ C0] process_one_work+0x9bf/0x1820 [ 286.835378][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 286.835401][ C0] ? rcu_read_lock_sched_held+0x3e/0x70 [ 286.835424][ C0] ? spin_bug+0x1c0/0x1c0 [ 286.835444][ C0] ? lock_acquire+0x32/0xc0 [ 286.835464][ C0] ? worker_thread+0x16d/0x1090 [ 286.835488][ C0] worker_thread+0x669/0x1090 [ 286.835514][ C0] ? __kthread_parkme+0x163/0x220 [ 286.835533][ C0] ? process_one_work+0x1820/0x1820 [ 286.835557][ C0] kthread+0x2e8/0x3a0 [ 286.835575][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 286.835597][ C0] ret_from_fork+0x1f/0x30 [ 286.835627][ C0] [ 286.835633][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.225 msecs [ 286.836405][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 287.182220][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc5-next-20230127-syzkaller-08766-ge2f86c02fdc9 #0 [ 287.193257][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 287.203326][ T28] Call Trace: [ 287.206611][ T28] [ 287.209552][ T28] dump_stack_lvl+0xd9/0x150 [ 287.214167][ T28] panic+0x61b/0x6c0 [ 287.218084][ T28] ? panic_smp_self_stop+0x90/0x90 [ 287.223226][ T28] ? irq_work_claim+0x76/0x90 [ 287.228009][ T28] ? irq_work_queue+0x2d/0x80 [ 287.232713][ T28] ? watchdog+0xc04/0x11b0 [ 287.237153][ T28] watchdog+0xc15/0x11b0 [ 287.241417][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.247420][ T28] kthread+0x2e8/0x3a0 [ 287.251507][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 287.257165][ T28] ret_from_fork+0x1f/0x30 [ 287.261661][ T28] [ 287.264894][ T28] Kernel Offset: disabled [ 287.269224][ T28] Rebooting in 86400 seconds..