./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4133034837 <...> Warning: Permanently added '10.128.1.61' (ED25519) to the list of known hosts. execve("./syz-executor4133034837", ["./syz-executor4133034837"], 0x7ffeaa52d840 /* 10 vars */) = 0 brk(NULL) = 0x55558c1cd000 brk(0x55558c1cde00) = 0x55558c1cde00 arch_prctl(ARCH_SET_FS, 0x55558c1cd480) = 0 set_tid_address(0x55558c1cd750) = 5818 set_robust_list(0x55558c1cd760, 24) = 0 rseq(0x55558c1cdda0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4133034837", 4096) = 28 getrandom("\xb9\x03\xe2\xb2\x8f\x42\x75\xbd", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558c1cde00 brk(0x55558c1eee00) = 0x55558c1eee00 brk(0x55558c1ef000) = 0x55558c1ef000 mprotect(0x7f0a0df3f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5819 attached [pid 5819] set_robust_list(0x55558c1cd760, 24 [pid 5818] <... clone resumed>, child_tidptr=0x55558c1cd750) = 5819 [pid 5819] <... set_robust_list resumed>) = 0 [pid 5818] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "10000000000", 11) = 11 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "20", 2) = 2 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "0", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "0", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "100", 3) = 3 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "0", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "0", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "7 4 1 3", 7) = 7 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "1", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "0", 1) = 1 [pid 5818] close(3) = 0 [pid 5818] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5818] write(3, "5819", 4) = 4 [pid 5818] close(3) = 0 [pid 5818] kill(5819, SIGKILL) = 0 [pid 5819] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5819, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- chmod("/dev/raw-gadget", 0666) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f0a0de82b60, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0a0de8ceb0}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f0a0de82b60, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f0a0de8ceb0}, NULL, 8) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5820 attached [pid 5820] set_robust_list(0x55558c1cd760, 24 [pid 5818] <... clone resumed>, child_tidptr=0x55558c1cd750) = 5820 [pid 5820] <... set_robust_list resumed>) = 0 [pid 5820] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5820] getppid() = 0 [pid 5820] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5820] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5820] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5820] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5820] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5820] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5820] unshare(CLONE_NEWNS) = 0 [pid 5820] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5820] unshare(CLONE_NEWIPC) = 0 [pid 5820] unshare(CLONE_NEWCGROUP) = 0 [pid 5820] unshare(CLONE_NEWUTS) = 0 [pid 5820] unshare(CLONE_SYSVSEM) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "16777216", 8) = 8 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "536870912", 9) = 9 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1024", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "8192", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1024", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1024", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5820] close(3) = 0 [pid 5820] getpid() = 1 [pid 5820] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5831] set_robust_list(0x55558c1cd760, 24 [pid 5820] <... clone resumed>, child_tidptr=0x55558c1cd750) = 2 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5831] setpgid(0, 0) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5831] write(3, "1000", 4) = 4 [pid 5831] close(3) = 0 [pid 5831] write(1, "executing program\n", 18executing program ) = 18 [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5831] rt_sigaction(SIGRT_1, {sa_handler=0x7f0a0deec670, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f0a0de8ceb0}, NULL, 8) = 0 [pid 5831] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0a0de51000 [pid 5831] mprotect(0x7f0a0de52000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f0a0de71990, parent_tid=0x7f0a0de71990, exit_signal=0, stack=0x7f0a0de51000, stack_size=0x20240, tls=0x7f0a0de716c0}./strace-static-x86_64: Process 5832 attached [pid 5832] rseq(0x7f0a0de71fe0, 0x20, 0, 0x53053053) = 0 [pid 5831] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 5832] set_robust_list(0x7f0a0de719a0, 24 [pid 5831] rt_sigprocmask(SIG_SETMASK, [], [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5832] rt_sigprocmask(SIG_SETMASK, [], [pid 5831] futex(0x7f0a0df45408, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5832] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY [pid 5831] <... futex resumed>) = 0 [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5832] <... openat resumed>) = 3 [pid 5832] futex(0x7f0a0df4540c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5832] <... futex resumed>) = 0 [pid 5832] futex(0x7f0a0df45408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7f0a0df45408, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... futex resumed>) = 0 [pid 5832] ioctl(3, NBD_SET_SIZE_BLOCKS, 9 [pid 5831] <... futex resumed>) = 1 [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5832] <... ioctl resumed>) = 0 [pid 5832] futex(0x7f0a0df4540c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5832] futex(0x7f0a0df45408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7f0a0df45408, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = 1 [pid 5832] socketpair(AF_UNIX, SOCK_STREAM, 0, [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5832] <... socketpair resumed>[4, 5]) = 0 [pid 5832] futex(0x7f0a0df4540c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5832] futex(0x7f0a0df45408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7f0a0df45408, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = 1 [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5832] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 5832] futex(0x7f0a0df4540c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5832] futex(0x7f0a0df45408, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7f0a0df45408, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5832] ioctl(3, NBD_DO_IT [pid 5831] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5831] futex(0x7f0a0df4540c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [ 87.460472][ T5832] nbd0: detected capacity change from 0 to 18 [pid 5831] close(3) = 0 [pid 5831] close(4) = 0 [pid 5831] close(5) = 0 [pid 5831] close(6) = -1 EBADF (Bad file descriptor) [pid 5831] close(7) = -1 EBADF (Bad file descriptor) [pid 5831] close(8) = -1 EBADF (Bad file descriptor) [pid 5831] close(9) = -1 EBADF (Bad file descriptor) [pid 5831] close(10) = -1 EBADF (Bad file descriptor) [pid 5831] close(11) = -1 EBADF (Bad file descriptor) [pid 5831] close(12) = -1 EBADF (Bad file descriptor) [pid 5831] close(13) = -1 EBADF (Bad file descriptor) [pid 5831] close(14) = -1 EBADF (Bad file descriptor) [pid 5831] close(15) = -1 EBADF (Bad file descriptor) [pid 5831] close(16) = -1 EBADF (Bad file descriptor) [pid 5831] close(17) = -1 EBADF (Bad file descriptor) [pid 5831] close(18) = -1 EBADF (Bad file descriptor) [pid 5831] close(19) = -1 EBADF (Bad file descriptor) [pid 5831] close(20) = -1 EBADF (Bad file descriptor) [pid 5831] close(21) = -1 EBADF (Bad file descriptor) [pid 5831] close(22) = -1 EBADF (Bad file descriptor) [pid 5831] close(23) = -1 EBADF (Bad file descriptor) [pid 5831] close(24) = -1 EBADF (Bad file descriptor) [pid 5831] close(25) = -1 EBADF (Bad file descriptor) [pid 5831] close(26) = -1 EBADF (Bad file descriptor) [pid 5831] close(27) = -1 EBADF (Bad file descriptor) [pid 5831] close(28) = -1 EBADF (Bad file descriptor) [pid 5831] close(29) = -1 EBADF (Bad file descriptor) [pid 5831] exit_group(0) = ? [ 87.663471][ T5133] block nbd0: Receive control failed (result -104) [pid 5820] kill(-2, SIGKILL) = 0 [pid 5820] kill(2, SIGKILL) = 0 [pid 5820] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5820] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5820] getdents64(3, 0x55558c1ce7f0 /* 2 entries */, 32768) = 48 [pid 5820] getdents64(3, 0x55558c1ce7f0 /* 0 entries */, 32768) = 0 [pid 5820] close(3) = 0 [ 117.751099][ T26] block nbd0: Possible stuck request ffff888025745080: control (read@0,4096B). Runtime 30 seconds [ 147.841818][ T26] block nbd0: Possible stuck request ffff888025745080: control (read@0,4096B). Runtime 60 seconds [ 149.988236][ T5194] udevd[5194]: worker [5830] /devices/virtual/block/nbd0 is taking a long time [ 177.910810][ T58] block nbd0: Possible stuck request ffff888025745080: control (read@0,4096B). Runtime 90 seconds [ 207.990596][ T26] block nbd0: Possible stuck request ffff888025745080: control (read@0,4096B). Runtime 120 seconds [ 238.070538][ T58] block nbd0: Possible stuck request ffff888025745080: control (read@0,4096B). Runtime 150 seconds [ 239.992307][ T30] INFO: task syz-executor413:5832 blocked for more than 143 seconds. [ 240.000720][ T30] Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0 [ 240.008354][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 240.017084][ T30] task:syz-executor413 state:D stack:26648 pid:5832 tgid:5831 ppid:5820 flags:0x00004006 [ 240.027393][ T30] Call Trace: [ 240.030750][ T30] [ 240.033716][ T30] __schedule+0x17fb/0x4be0 [ 240.038303][ T30] ? __pfx___schedule+0x10/0x10 [ 240.043248][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.048300][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 240.054249][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 240.060233][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 240.066579][ T30] ? schedule+0x90/0x320 [ 240.071282][ T30] schedule+0x14b/0x320 [ 240.075469][ T30] schedule_preempt_disabled+0x13/0x30 [ 240.081060][ T30] __mutex_lock+0x7e7/0xee0 [ 240.085583][ T30] ? __mutex_lock+0x5ef/0xee0 [ 240.090396][ T30] ? bdev_release+0x17e/0x700 [ 240.095103][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 240.100223][ T30] ? __fsnotify_parent+0x20c/0x5e0 [ 240.105352][ T30] bdev_release+0x17e/0x700 [ 240.109922][ T30] blkdev_release+0x15/0x20 [ 240.114479][ T30] ? __pfx_blkdev_release+0x10/0x10 [ 240.119686][ T30] __fput+0x23c/0xa50 [ 240.123736][ T30] task_work_run+0x24f/0x310 [ 240.128343][ T30] ? __pfx_task_work_run+0x10/0x10 [ 240.133494][ T30] ? __phys_addr+0xba/0x170 [ 240.138008][ T30] ptrace_notify+0x2d2/0x380 [ 240.142673][ T30] ? task_work_add+0x321/0x490 [ 240.147534][ T30] ? __pfx_ptrace_notify+0x10/0x10 [ 240.152876][ T30] ? __pfx_task_work_add+0x10/0x10 [ 240.158009][ T30] ? blkdev_ioctl+0x57d/0x6a0 [ 240.162768][ T30] ? __pfx_blkdev_ioctl+0x10/0x10 [ 240.167818][ T30] syscall_exit_work+0xc7/0x1d0 [ 240.173127][ T30] syscall_exit_to_user_mode+0x24a/0x340 [ 240.178810][ T30] do_syscall_64+0x100/0x230 [ 240.183482][ T30] ? clear_bhb_loop+0x35/0x90 [ 240.188170][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.194134][ T30] RIP: 0033:0x7f0a0dec5189 [ 240.198567][ T30] RSP: 002b:00007f0a0de71158 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.207116][ T30] RAX: 0000000000000000 RBX: 00007f0a0df45408 RCX: 00007f0a0dec5189 [ 240.215142][ T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 240.223202][ T30] RBP: 00007f0a0df45400 R08: 00007f0a0de716c0 R09: 0000000000000000 [ 240.231285][ T30] R10: 00007f0a0de716c0 R11: 0000000000000246 R12: 00007f0a0df4540c [ 240.239273][ T30] R13: 0000000000000010 R14: 00007ffe1ba6c8e0 R15: 00007ffe1ba6c9c8 [ 240.247346][ T30] [ 240.250423][ T30] [ 240.250423][ T30] Showing all locks held in the system: [ 240.258274][ T30] 1 lock held by khungtaskd/30: [ 240.263182][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 240.273366][ T30] 5 locks held by kworker/u8:2/35: [ 240.278482][ T30] #0: ffff8880b873e758 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 240.288483][ T30] #1: ffffc90000ab7d00 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 240.301384][ T30] #2: ffffffff8e7d2ed0 (cpu_hotplug_lock){++++}-{0:0}, at: static_key_disable+0x12/0x20 [ 240.312724][ T30] #3: ffffffff9a58b4a8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x17f/0x580 [ 240.323233][ T30] #4: ffffffff8e7e7e28 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30 [ 240.333879][ T30] 2 locks held by getty/5574: [ 240.338562][ T30] #0: ffff8880353720a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 240.348343][ T30] #1: ffffc90002fd62f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 240.358529][ T30] 1 lock held by udevd/5830: [ 240.363161][ T30] #0: ffff8881437b44c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xf0/0xc50 [ 240.372454][ T30] 1 lock held by syz-executor413/5832: [ 240.377902][ T30] #0: ffff8881437b44c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x17e/0x700 [ 240.387550][ T30] [ 240.389878][ T30] ============================================= [ 240.389878][ T30] [ 240.398371][ T30] NMI backtrace for cpu 1 [ 240.402710][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0 [ 240.413195][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 240.423236][ T30] Call Trace: [ 240.426502][ T30] [ 240.429421][ T30] dump_stack_lvl+0x241/0x360 [ 240.434094][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 240.439280][ T30] ? __pfx__printk+0x10/0x10 [ 240.443861][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 240.448785][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 240.454234][ T30] ? _printk+0xd5/0x120 [ 240.458378][ T30] ? __pfx__printk+0x10/0x10 [ 240.462959][ T30] ? __wake_up_klogd+0xcc/0x110 [ 240.467796][ T30] ? __pfx__printk+0x10/0x10 [ 240.472384][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 240.477418][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 240.483390][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 240.489374][ T30] watchdog+0xff6/0x1040 [ 240.493609][ T30] ? watchdog+0x1ea/0x1040 [ 240.498011][ T30] ? __pfx_watchdog+0x10/0x10 [ 240.502676][ T30] kthread+0x2f0/0x390 [ 240.506733][ T30] ? __pfx_watchdog+0x10/0x10 [ 240.511390][ T30] ? __pfx_kthread+0x10/0x10 [ 240.515982][ T30] ret_from_fork+0x4b/0x80 [ 240.520378][ T30] ? __pfx_kthread+0x10/0x10 [ 240.524950][ T30] ret_from_fork_asm+0x1a/0x30 [ 240.529707][ T30] [ 240.532897][ T30] Sending NMI from CPU 1 to CPUs 0: [ 240.538136][ C0] NMI backtrace for cpu 0 [ 240.538147][ C0] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0 [ 240.538166][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 240.538176][ C0] Workqueue: events_unbound toggle_allocation_gate [ 240.538202][ C0] RIP: 0010:switch_mm_irqs_off+0x769/0xa70 [ 240.538223][ C0] Code: 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 68 fa b5 00 48 8b 3b 41 0f b7 f7 ba 01 00 00 00 e8 17 05 00 00 <48> c7 c3 ff ff ff ff 31 ff 48 89 de e8 16 07 00 00 65 4c 89 2d 3e [ 240.538236][ C0] RSP: 0018:ffffc90000ab7660 EFLAGS: 00000046 [ 240.538249][ C0] RAX: 000000001ac78000 RBX: ffff88801ac700b8 RCX: ffff8880202e5a00 [ 240.538261][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 240.538270][ C0] RBP: ffffc90000ab7730 R08: ffffffff814d403c R09: 1ffff1100358e0cc [ 240.538282][ C0] R10: dffffc0000000000 R11: ffffed100358e0cd R12: 0000000000017d62 [ 240.538293][ C0] R13: ffff88801ac70000 R14: 0000000000000000 R15: 0000000000000000 [ 240.538304][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 240.538317][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.538328][ C0] CR2: 000055d7235f2680 CR3: 000000001ac78000 CR4: 00000000003526f0 [ 240.538342][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 240.538352][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 240.538361][ C0] Call Trace: [ 240.538367][ C0] [ 240.538374][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 240.538393][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 240.538411][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 240.538428][ C0] ? nmi_handle+0x2a/0x5a0 [ 240.538452][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 240.538474][ C0] ? nmi_handle+0x14f/0x5a0 [ 240.538490][ C0] ? nmi_handle+0x2a/0x5a0 [ 240.538507][ C0] ? switch_mm_irqs_off+0x769/0xa70 [ 240.538524][ C0] ? default_do_nmi+0x63/0x160 [ 240.538542][ C0] ? exc_nmi+0x123/0x1f0 [ 240.538558][ C0] ? end_repeat_nmi+0xf/0x53 [ 240.538575][ C0] ? __phys_addr+0xac/0x170 [ 240.538593][ C0] ? switch_mm_irqs_off+0x769/0xa70 [ 240.538610][ C0] ? switch_mm_irqs_off+0x769/0xa70 [ 240.538628][ C0] ? switch_mm_irqs_off+0x769/0xa70 [ 240.538646][ C0] [ 240.538651][ C0] [ 240.538657][ C0] ? __page_table_check_ptes_set+0x2f8/0x410 [ 240.538680][ C0] ? __pfx_switch_mm_irqs_off+0x10/0x10 [ 240.538698][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 240.538718][ C0] ? walk_to_pmd+0x19b/0x240 [ 240.538740][ C0] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 240.538757][ C0] ? rcu_is_watching+0x15/0xb0 [ 240.538777][ C0] __text_poke+0x713/0xd30 [ 240.538797][ C0] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 240.538819][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 240.538839][ C0] ? __pfx___text_poke+0x10/0x10 [ 240.538856][ C0] ? __kmalloc_cache_node_noprof+0x8c/0x3a0 [ 240.538872][ C0] ? perf_event_text_poke+0x258/0x330 [ 240.538891][ C0] ? __pfx_perf_event_text_poke+0x10/0x10 [ 240.538907][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 240.538933][ C0] text_poke_bp_batch+0x59c/0xb30 [ 240.538957][ C0] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 240.538973][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 240.538996][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 240.539021][ C0] ? process_scheduled_works+0x976/0x1840 [ 240.539043][ C0] text_poke_finish+0x30/0x50 [ 240.539062][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 240.539083][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 240.539105][ C0] static_key_enable+0x1a/0x20 [ 240.539123][ C0] toggle_allocation_gate+0xbc/0x260 [ 240.539145][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 240.539166][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 240.539184][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 240.539203][ C0] process_scheduled_works+0xa66/0x1840 [ 240.539236][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 240.539262][ C0] ? assign_work+0x364/0x3d0 [ 240.539285][ C0] worker_thread+0x870/0xd30 [ 240.539304][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 240.539326][ C0] ? __kthread_parkme+0x169/0x1d0 [ 240.539342][ C0] ? __pfx_worker_thread+0x10/0x10 [ 240.539356][ C0] kthread+0x2f0/0x390 [ 240.539372][ C0] ? __pfx_worker_thread+0x10/0x10 [ 240.539386][ C0] ? __pfx_kthread+0x10/0x10 [ 240.539403][ C0] ret_from_fork+0x4b/0x80 [ 240.539417][ C0] ? __pfx_kthread+0x10/0x10 [ 240.539433][ C0] ret_from_fork_asm+0x1a/0x30 [ 240.539460][ C0] [ 240.540243][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 240.540256][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00262-gb62cef9a5c67 #0 [ 240.540278][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 240.540288][ T30] Call Trace: [ 240.540295][ T30] [ 240.540303][ T30] dump_stack_lvl+0x241/0x360 [ 240.540328][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 240.540350][ T30] ? __pfx__printk+0x10/0x10 [ 240.540368][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 240.540394][ T30] ? vscnprintf+0x5d/0x90 [ 240.540416][ T30] panic+0x349/0x880 [ 240.540437][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 240.540458][ T30] ? __pfx_panic+0x10/0x10 [ 240.540476][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 240.540500][ T30] ? __irq_work_queue_local+0x137/0x410 [ 240.540520][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 240.540539][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 240.540559][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 240.540581][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 240.540604][ T30] watchdog+0x1035/0x1040 [ 240.540624][ T30] ? watchdog+0x1ea/0x1040 [ 240.540647][ T30] ? __pfx_watchdog+0x10/0x10 [ 240.540665][ T30] kthread+0x2f0/0x390 [ 240.540684][ T30] ? __pfx_watchdog+0x10/0x10 [ 240.540701][ T30] ? __pfx_kthread+0x10/0x10 [ 240.540720][ T30] ret_from_fork+0x4b/0x80 [ 240.540736][ T30] ? __pfx_kthread+0x10/0x10 [ 240.540755][ T30] ret_from_fork_asm+0x1a/0x30 [ 240.540788][ T30] [ 241.131753][ T30] Kernel Offset: disabled [ 241.136074][ T30] Rebooting in 86400 seconds..