./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1365144538

<...>
[  102.724884][    T9] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts.
execve("./syz-executor1365144538", ["./syz-executor1365144538"], 0x7ffd79143e00 /* 10 vars */) = 0
brk(NULL)                               = 0x555556eaf000
brk(0x555556eafd40)                     = 0x555556eafd40
arch_prctl(ARCH_SET_FS, 0x555556eaf3c0) = 0
set_tid_address(0x555556eaf690)         = 5063
set_robust_list(0x555556eaf6a0, 24)     = 0
rseq(0x555556eafce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1365144538", 4096) = 28
getrandom("\x0c\xf1\x85\xfa\xed\x70\xb9\x1b", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556eafd40
brk(0x555556ed0d40)                     = 0x555556ed0d40
brk(0x555556ed1000)                     = 0x555556ed1000
mprotect(0x7f7015f29000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556eaf690) = 5064
./strace-static-x86_64: Process 5064 attached
[pid  5064] set_robust_list(0x555556eaf6a0, 24) = 0
[pid  5064] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5064] setsid()                    = 1
[pid  5064] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5064] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5064] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5064] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5064] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5064] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5064] unshare(CLONE_NEWNS)        = 0
[pid  5064] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5064] unshare(CLONE_NEWIPC)       = 0
[pid  5064] unshare(CLONE_NEWCGROUP)    = 0
[pid  5064] unshare(CLONE_NEWUTS)       = 0
[pid  5064] unshare(CLONE_SYSVSEM)      = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "16777216", 8)     = 8
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "536870912", 9)    = 9
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1024", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "8192", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1024", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1024", 4)         = 4
[pid  5064] close(3)                    = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5064] close(3)                    = 0
[pid  5064] getpid()                    = 1
[pid  5064] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5064] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5064] unshare(CLONE_NEWNET)       = 0
[pid  5064] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5064] write(3, "0 65535", 7)      = 7
[pid  5064] close(3)                    = 0
[pid  5064] mkdir("/dev/binderfs", 0777) = 0
[pid  5064] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5064] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached
, child_tidptr=0x555556eaf690) = 2
[pid  5066] set_robust_list(0x555556eaf6a0, 24) = 0
[pid  5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5066] setpgid(0, 0)               = 0
[pid  5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5066] write(3, "1000", 4)         = 4
[pid  5066] close(3)                    = 0
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5066] rt_sigaction(SIGRT_1, {sa_handler=0x7f7015ece410, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f7015ebfa90}, NULL, 8) = 0
[pid  5066] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5066] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f7015e46000
[pid  5066] mprotect(0x7f7015e47000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5066] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5066] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f7015e66990, parent_tid=0x7f7015e66990, exit_signal=0, stack=0x7f7015e46000, stack_size=0x20300, tls=0x7f7015e666c0}./strace-static-x86_64: Process 5067 attached
 => {parent_tid=[3]}, 88) = 3
[pid  5067] rseq(0x7f7015e66fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5066] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5066] futex(0x7f7015f2f328, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5067] <... rseq resumed>)         = 0
[pid  5067] set_robust_list(0x7f7015e669a0, 24) = 0
[pid  5067] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5067] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0
[pid  5067] futex(0x7f7015f2f32c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5067] futex(0x7f7015f2f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5066] <... futex resumed>)        = 0
[pid  5066] futex(0x7f7015f2f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5067] <... futex resumed>)        = 0
[pid  5066] <... futex resumed>)        = 1
[pid  5067] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY <unfinished ...>
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5067] <... openat resumed>)       = 5
[pid  5067] futex(0x7f7015f2f32c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5066] <... futex resumed>)        = 0
[pid  5067] futex(0x7f7015f2f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5066] futex(0x7f7015f2f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5067] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5066] <... futex resumed>)        = 0
[pid  5067] ioctl(5, NBD_SET_SOCK, 3 <unfinished ...>
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5067] <... ioctl resumed>)        = 0
[pid  5067] futex(0x7f7015f2f32c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5066] <... futex resumed>)        = 0
[pid  5067] futex(0x7f7015f2f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5066] futex(0x7f7015f2f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5067] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5066] <... futex resumed>)        = 0
[pid  5067] ioctl(5, NBD_SET_SIZE, 4294967107 <unfinished ...>
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5067] <... ioctl resumed>)        = 0
[pid  5067] futex(0x7f7015f2f32c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5066] <... futex resumed>)        = 0
[pid  5067] <... futex resumed>)        = 1
[pid  5066] futex(0x7f7015f2f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5067] ioctl(5, NBD_DO_IT <unfinished ...>
[pid  5066] <... futex resumed>)        = 0
[pid  5066] futex(0x7f7015f2f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[  105.233611][ T5067] nbd0: detected capacity change from 0 to 8388607
[pid  5066] close(3)                    = 0
[pid  5066] close(4)                    = 0
[pid  5066] close(5)                    = 0
[pid  5066] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5066] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(19)                   = -1 EBADF (Bad file descriptor)
[  105.444654][ T4455] block nbd0: Receive control failed (result -104)
[pid  5066] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5066] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5066] exit_group(0)               = ?
[pid  5064] kill(-2, SIGKILL)           = 0
[pid  5064] kill(2, SIGKILL)            = 0
[pid  5064] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5064] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5064] getdents64(3, 0x555556eb0730 /* 2 entries */, 32768) = 48
[pid  5064] getdents64(3, 0x555556eb0730 /* 0 entries */, 32768) = 0
[pid  5064] close(3)                    = 0
[  135.355079][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 30 seconds
[  165.434249][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 60 seconds
[  167.769594][ T4512] udevd[4512]: worker [5057] /devices/virtual/block/nbd0 is taking a long time
[  195.514083][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 90 seconds
[  225.594257][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 120 seconds
[  255.674284][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 150 seconds
[  285.754115][   T54] block nbd0: Possible stuck request ffff88801d9c0000: control (read@0,4096B). Runtime 180 seconds
[  287.033854][   T29] INFO: task syz-executor136:5067 blocked for more than 143 seconds.
[  287.042471][   T29]       Not tainted 6.7.0-rc2-next-20231124-syzkaller #0
[  287.049720][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  287.058638][   T29] task:syz-executor136 state:D stack:26736 pid:5067  tgid:5066  ppid:5064   flags:0x00004006
[  287.069270][   T29] Call Trace:
[  287.072585][   T29]  <TASK>
[  287.075628][   T29]  __schedule+0xf15/0x5c00
[  287.080303][   T29]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  287.086459][   T29]  ? io_schedule_timeout+0x150/0x150
[  287.091823][   T29]  ? schedule+0x1fa/0x270
[  287.096322][   T29]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.101851][   T29]  ? __mutex_lock+0x5af/0x9c0
[  287.106652][   T29]  ? __mutex_trylock_common+0x78/0x250
[  287.112182][   T29]  schedule+0xe7/0x270
[  287.116393][   T29]  schedule_preempt_disabled+0x13/0x20
[  287.121923][   T29]  __mutex_lock+0x5b4/0x9c0
[  287.126533][   T29]  ? bdev_release+0xcd/0xa90
[  287.131282][   T29]  ? mutex_trylock+0x130/0x130
[  287.136176][   T29]  ? do_raw_spin_unlock+0x172/0x230
[  287.141437][   T29]  ? bdev_release+0xcd/0xa90
[  287.146153][   T29]  bdev_release+0xcd/0xa90
[  287.150622][   T29]  ? preempt_count_sub+0x160/0x160
[  287.155866][   T29]  ? task_work_run+0x126/0x240
[  287.160714][   T29]  ? blkdev_fsync+0xd0/0xd0
[  287.165756][   T29]  blkdev_release+0x37/0x50
[  287.170322][   T29]  __fput+0x270/0xbb0
[  287.174508][   T29]  task_work_run+0x14c/0x240
[  287.179159][   T29]  ? task_work_cancel+0x30/0x30
[  287.184115][   T29]  ? blkdev_common_ioctl+0x1ce0/0x1ce0
[  287.189756][   T29]  ptrace_notify+0x10a/0x130
[  287.194524][   T29]  syscall_exit_to_user_mode_prepare+0x122/0x230
[  287.200961][   T29]  syscall_exit_to_user_mode+0xe/0x60
[  287.206525][   T29]  do_syscall_64+0x4d/0x110
[  287.211171][   T29]  entry_SYSCALL_64_after_hwframe+0x62/0x6a
[  287.217248][   T29] RIP: 0033:0x7f7015ea8479
[  287.221727][   T29] RSP: 002b:00007f7015e66218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.230232][   T29] RAX: 0000000000000000 RBX: 00007f7015f2f328 RCX: 00007f7015ea8479
[  287.238322][   T29] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005
[  287.246443][   T29] RBP: 00007f7015f2f320 R08: 0000000000000000 R09: 0000000000000000
[  287.254507][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7015f2f32c
[  287.262495][   T29] R13: 00007f7015efc18c R14: 64626e2f7665642f R15: 00000000ffffff43
[  287.270565][   T29]  </TASK>
[  287.273707][   T29] 
[  287.273707][   T29] Showing all locks held in the system:
[  287.281438][   T29] 1 lock held by khungtaskd/29:
[  287.286763][   T29]  #0: ffffffff8cfacf60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340
[  287.296808][   T29] 2 locks held by getty/4817:
[  287.301502][   T29]  #0: ffff88802ae300a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  287.311542][   T29]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc4/0x1490
[  287.321905][   T29] 1 lock held by udevd/5057:
[  287.326558][   T29]  #0: ffff888143bbf4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open_by_dev+0x27c/0xed0
[  287.336713][   T29] 1 lock held by syz-executor136/5067:
[  287.342211][   T29]  #0: ffff888143bbf4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0xcd/0xa90
[  287.351910][   T29] 
[  287.354313][   T29] =============================================
[  287.354313][   T29] 
[  287.362727][   T29] NMI backtrace for cpu 1
[  287.367058][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc2-next-20231124-syzkaller #0
[  287.376382][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.386445][   T29] Call Trace:
[  287.389872][   T29]  <TASK>
[  287.392833][   T29]  dump_stack_lvl+0xd9/0x1b0
[  287.397543][   T29]  nmi_cpu_backtrace+0x277/0x390
[  287.402605][   T29]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  287.407847][   T29]  nmi_trigger_cpumask_backtrace+0x299/0x300
[  287.413879][   T29]  watchdog+0xf86/0x1210
[  287.418196][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.424239][   T29]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.429473][   T29]  ? __kthread_parkme+0x148/0x220
[  287.434531][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.440549][   T29]  kthread+0x2c1/0x3a0
[  287.444728][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.450012][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.455669][   T29]  ret_from_fork+0x45/0x80
[  287.460174][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.465830][   T29]  ret_from_fork_asm+0x11/0x20
[  287.470648][   T29]  </TASK>
[  287.473890][   T29] Sending NMI from CPU 1 to CPUs 0:
[  287.479248][    C0] NMI backtrace for cpu 0
[  287.479259][    C0] CPU: 0 PID: 59 Comm: kworker/u4:4 Not tainted 6.7.0-rc2-next-20231124-syzkaller #0
[  287.479286][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.479300][    C0] Workqueue: events_unbound toggle_allocation_gate
[  287.479356][    C0] RIP: 0010:x2apic_send_IPI+0x96/0xe0
[  287.479386][    C0] Code: 8b 13 0f ae f0 0f ae e8 b9 00 04 00 00 41 83 fc 02 44 89 e0 48 0f 44 c1 48 c1 e2 20 b9 30 08 00 00 48 09 d0 48 c1 ea 20 0f 30 <66> 90 5b 5d 41 5c c3 5b 31 d2 48 89 c6 bf 30 08 00 00 5d 41 5c e9
[  287.479410][    C0] RSP: 0018:ffffc900015a7900 EFLAGS: 00000202
[  287.479427][    C0] RAX: 00000001000000fb RBX: ffff8880b9921a2c RCX: 0000000000000830
[  287.479443][    C0] RDX: 0000000000000001 RSI: 00000000000000fb RDI: ffffffff8ca75a68
[  287.479458][    C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  287.479473][    C0] R10: 0000000000000001 R11: 0000000000000006 R12: 00000000000000fb
[  287.479487][    C0] R13: 000000000003bccc R14: 0000000000000001 R15: ffff8880b983d8c0
[  287.479503][    C0] FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  287.479527][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.479543][    C0] CR2: 000055750a5bb680 CR3: 000000000cd78000 CR4: 00000000003506f0
[  287.479559][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.479573][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.479588][    C0] Call Trace:
[  287.479595][    C0]  <NMI>
[  287.479603][    C0]  ? show_regs+0x8e/0xa0
[  287.479635][    C0]  ? nmi_cpu_backtrace+0x1d4/0x390
[  287.479674][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  287.479713][    C0]  ? nmi_handle+0x1a6/0x580
[  287.479746][    C0]  ? x2apic_send_IPI+0x96/0xe0
[  287.479773][    C0]  ? default_do_nmi+0x6a/0x160
[  287.479797][    C0]  ? exc_nmi+0x186/0x200
[  287.479819][    C0]  ? end_repeat_nmi+0xf/0x2a
[  287.479857][    C0]  ? x2apic_send_IPI+0x96/0xe0
[  287.479884][    C0]  ? x2apic_send_IPI+0x96/0xe0
[  287.479918][    C0]  ? x2apic_send_IPI+0x96/0xe0
[  287.479944][    C0]  </NMI>
[  287.479950][    C0]  <TASK>
[  287.479958][    C0]  smp_call_function_many_cond+0x12ef/0x1570
[  287.479991][    C0]  ? __text_poke+0xca0/0xca0
[  287.480018][    C0]  ? __kmem_cache_alloc_node+0xc4/0x310
[  287.480060][    C0]  ? generic_smp_call_function_single_interrupt+0x20/0x20
[  287.480091][    C0]  ? perf_event_bpf_event+0x500/0x500
[  287.480132][    C0]  ? __text_poke+0xca0/0xca0
[  287.480158][    C0]  on_each_cpu_cond_mask+0x40/0x90
[  287.480188][    C0]  text_poke_bp_batch+0x655/0x750
[  287.480218][    C0]  ? __kmem_cache_alloc_node+0xc4/0x310
[  287.480258][    C0]  ? alternatives_enable_smp+0x400/0x400
[  287.480286][    C0]  ? __jump_label_patch+0x1db/0x400
[  287.480323][    C0]  ? text_poke_queue+0xef/0x180
[  287.480357][    C0]  ? arch_jump_label_transform_queue+0xc0/0x110
[  287.480404][    C0]  text_poke_finish+0x30/0x40
[  287.480432][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  287.480472][    C0]  jump_label_update+0x1d7/0x400
[  287.480510][    C0]  static_key_enable_cpuslocked+0x1b7/0x270
[  287.480548][    C0]  static_key_enable+0x1a/0x20
[  287.480583][    C0]  toggle_allocation_gate+0xf4/0x250
[  287.480623][    C0]  ? wake_up_kfence_timer+0x30/0x30
[  287.480662][    C0]  process_one_work+0x8a4/0x15f0
[  287.480703][    C0]  ? lock_sync+0x190/0x190
[  287.480725][    C0]  ? workqueue_congested+0x300/0x300
[  287.480767][    C0]  ? assign_work+0x1a0/0x250
[  287.480801][    C0]  worker_thread+0x8b6/0x1290
[  287.480842][    C0]  ? __kthread_parkme+0x148/0x220
[  287.480872][    C0]  ? process_one_work+0x15f0/0x15f0
[  287.480912][    C0]  kthread+0x2c1/0x3a0
[  287.480942][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.480975][    C0]  ? kthread_complete_and_exit+0x40/0x40
[  287.481009][    C0]  ret_from_fork+0x45/0x80
[  287.481041][    C0]  ? kthread_complete_and_exit+0x40/0x40
[  287.481100][    C0]  ret_from_fork_asm+0x11/0x20
[  287.481145][    C0]  </TASK>
[  287.481153][    C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.905 msecs
[  287.481297][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  287.878626][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc2-next-20231124-syzkaller #0
[  287.887932][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  287.898003][   T29] Call Trace:
[  287.901389][   T29]  <TASK>
[  287.904338][   T29]  dump_stack_lvl+0xd9/0x1b0
[  287.908975][   T29]  panic+0x6dc/0x790
[  287.912993][   T29]  ? panic_smp_self_stop+0xa0/0xa0
[  287.918141][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  287.923558][   T29]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  287.928811][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  287.934227][   T29]  ? watchdog+0xd3d/0x1210
[  287.938676][   T29]  ? watchdog+0xd30/0x1210
[  287.943128][   T29]  watchdog+0xd4e/0x1210
[  287.947412][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.953429][   T29]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.958660][   T29]  ? __kthread_parkme+0x148/0x220
[  287.963725][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.969738][   T29]  kthread+0x2c1/0x3a0
[  287.973837][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.979075][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.984743][   T29]  ret_from_fork+0x45/0x80
[  287.989198][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.994868][   T29]  ret_from_fork_asm+0x11/0x20
[  287.999704][   T29]  </TASK>
[  288.003027][   T29] Kernel Offset: disabled
[  288.007388][   T29] Rebooting in 86400 seconds..