./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor893704097 <...> Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts. execve("./syz-executor893704097", ["./syz-executor893704097"], 0x7fff0955c230 /* 10 vars */) = 0 brk(NULL) = 0x555557132000 brk(0x555557132d00) = 0x555557132d00 arch_prctl(ARCH_SET_FS, 0x555557132380) = 0 set_tid_address(0x555557132650) = 5071 set_robust_list(0x555557132660, 24) = 0 rseq(0x555557132ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor893704097", 4096) = 27 getrandom("\x22\x22\xc5\xfe\x40\xd8\x5b\xc3", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555557132d00 brk(0x555557153d00) = 0x555557153d00 brk(0x555557154000) = 0x555557154000 mprotect(0x7fc917dee000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached , child_tidptr=0x555557132650) = 5072 [pid 5072] set_robust_list(0x555557132660, 24) = 0 [pid 5072] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] setsid() = 1 [pid 5072] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5072] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5072] unshare(CLONE_NEWNS) = 0 [pid 5072] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5072] unshare(CLONE_NEWIPC) = 0 [pid 5072] unshare(CLONE_NEWCGROUP) = 0 [pid 5072] unshare(CLONE_NEWUTS) = 0 [pid 5072] unshare(CLONE_SYSVSEM) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "16777216", 8) = 8 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "536870912", 9) = 9 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1024", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "8192", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1024", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1024", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5072] close(3) = 0 [pid 5072] getpid() = 1 [pid 5072] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< 85 c0 01 00 00 48 8b 53 10 65 48 8b 05 f0 fa 99 7e 48 39 c2 0f [ 203.302595][ C1] RSP: 0018:ffffc900001f0c38 EFLAGS: 00000046 [ 203.302612][ C1] RAX: dffffc0000000000 RBX: ffffffff929b7618 RCX: fffff5200003e161 [ 203.302628][ C1] RDX: 1ffffffff2536ec5 RSI: ffffffff8accc100 RDI: ffffffff929b761c [ 203.302643][ C1] RBP: 1ffff9200003e188 R08: 0000000000000000 R09: fffffbfff23e51d0 [ 203.302657][ C1] R10: ffffffff91f28e87 R11: dffffc0000000000 R12: 000000000005b050 [ 203.302672][ C1] R13: ffffffff929b7628 R14: ffffffff8acf3f00 R15: 1ffff9200003e1a2 [ 203.302687][ C1] FS: 0000555557132380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 203.302710][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.302725][ C1] CR2: 00007fc917dc33b0 CR3: 0000000027028000 CR4: 00000000003506f0 [ 203.302739][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 203.302752][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 203.302766][ C1] Call Trace: [ 203.302772][ C1] [ 203.302781][ C1] ? show_regs+0x8e/0xa0 [ 203.302809][ C1] ? nmi_cpu_backtrace+0x1d4/0x380 [ 203.302848][ C1] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 203.302901][ C1] ? nmi_handle+0x1a6/0x570 [ 203.302932][ C1] ? do_raw_spin_lock+0xae/0x2b0 [ 203.302970][ C1] ? default_do_nmi+0x69/0x160 [ 203.302995][ C1] ? exc_nmi+0x186/0x200 [ 203.303017][ C1] ? end_repeat_nmi+0xf/0x2a [ 203.303054][ C1] ? do_raw_spin_lock+0xae/0x2b0 [ 203.303099][ C1] ? do_raw_spin_lock+0xae/0x2b0 [ 203.303139][ C1] ? do_raw_spin_lock+0xae/0x2b0 [ 203.303177][ C1] [ 203.303183][ C1] [ 203.303191][ C1] ? spin_bug+0x1c0/0x1c0 [ 203.303228][ C1] ? find_held_lock+0x2d/0x110 [ 203.303263][ C1] _raw_spin_lock_irqsave+0x42/0x50 [ 203.303297][ C1] ? debug_object_activate+0x1a0/0x490 [ 203.303335][ C1] debug_object_activate+0x1a0/0x490 [ 203.303375][ C1] ? debug_object_free+0x360/0x360 [ 203.303417][ C1] ? do_raw_spin_lock+0x12d/0x2b0 [ 203.303457][ C1] ? taprio_dequeue+0x5e0/0x5e0 [ 203.303485][ C1] ? enqueue_hrtimer+0x25/0x320 [ 203.303520][ C1] enqueue_hrtimer+0x25/0x320 [ 203.303557][ C1] __hrtimer_run_queues+0xa07/0xc00 [ 203.303600][ C1] ? enqueue_hrtimer+0x320/0x320 [ 203.303635][ C1] ? ktime_get_update_offsets_now+0x3bc/0x610 [ 203.303667][ C1] hrtimer_interrupt+0x31b/0x800 [ 203.303712][ C1] __sysvec_apic_timer_interrupt+0x10c/0x400 [ 203.303746][ C1] sysvec_apic_timer_interrupt+0x8e/0xc0 [ 203.303775][ C1] [ 203.303781][ C1] [ 203.303788][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 203.303820][ C1] RIP: 0010:queue_work_on+0x92/0x110 [ 203.303854][ C1] Code: ff 48 89 ee e8 2f 5e 32 00 48 85 ed 75 3b e8 95 62 32 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 13 5e 32 00 48 85 db 75 66 79 62 32 00 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 66 62 [ 203.303876][ C1] RSP: 0018:ffffc90004267bf0 EFLAGS: 00000293 [ 203.303893][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81569c9d [ 203.303908][ C1] RDX: ffff8880265fd940 RSI: ffffffff81569ca7 RDI: 0000000000000007 [ 203.303923][ C1] RBP: 0000000000000200 R08: 0000000000000007 R09: 0000000000000000 [ 203.303937][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000008 [ 203.303951][ C1] R13: 0000000000000001 R14: ffff888013072400 R15: 0000000000000000 [ 203.303971][ C1] ? queue_work_on+0xcd/0x110 [ 203.304002][ C1] ? queue_work_on+0xd7/0x110 [ 203.304039][ C1] ntp_notify_cmos_timer+0x7a/0x90 [ 203.304080][ C1] do_adjtimex+0x729/0xaa0 [ 203.304104][ C1] ? ktime_get_update_offsets_now+0x610/0x610 [ 203.304143][ C1] ? posix_get_monotonic_timespec+0x270/0x270 [ 203.304175][ C1] __do_sys_clock_adjtime+0x173/0x280 [ 203.304207][ C1] ? posix_timer_fn+0x3d0/0x3d0 [ 203.304237][ C1] ? find_held_lock+0x2d/0x110 [ 203.304276][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 203.304306][ C1] ? lockdep_hardirqs_on+0x7c/0x100 [ 203.304331][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 203.304362][ C1] ? ptrace_notify+0xf1/0x130 [ 203.304389][ C1] do_syscall_64+0x3f/0x110 [ 203.304424][ C1] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 203.304452][ C1] RIP: 0033:0x7fc917d75ee9 [ 203.304474][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 203.304495][ C1] RSP: 002b:00007ffc1fa7ba48 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 203.304514][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc917d75ee9 [ 203.304528][ C1] RDX: 00007fc917d75ee9 RSI: 00000000200006c0 RDI: 0000000000000000 [ 203.304542][ C1] RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000100000000 [ 203.304556][ C1] R10: 0000000100000000 R11: 0000000000000246 R12: 00007ffc1fa7baa0 [ 203.304570][ C1] R13: 0000000000000001 R14: 00007ffc1fa7baa0 R15: 0000000000000003 [ 203.304592][ C1] [ 203.304600][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.132 msecs [ 203.305465][ C0] rcu: rcu_preempt kthread starved for 10492 jiffies! g10517 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 203.842265][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 203.852274][ C0] rcu: RCU grace-period kthread stack dump: [ 203.858195][ C0] task:rcu_preempt state:R running task stack:28128 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 203.869980][ C0] Call Trace: [ 203.873283][ C0] [ 203.876257][ C0] __schedule+0xee5/0x59b0 [ 203.880779][ C0] ? io_schedule_timeout+0x150/0x150 [ 203.886143][ C0] ? schedule+0x1f8/0x270 [ 203.890537][ C0] ? reacquire_held_locks+0x4b0/0x4b0 [ 203.895973][ C0] ? timer_fixup_activate+0x2d0/0x2d0 [ 203.901431][ C0] schedule+0xe5/0x270 [ 203.905553][ C0] schedule_timeout+0x156/0x2b0 [ 203.910465][ C0] ? usleep_range_state+0x1a0/0x1a0 [ 203.915717][ C0] ? destroy_timer_on_stack+0x20/0x20 [ 203.921150][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x70 [ 203.927017][ C0] ? prepare_to_swait_event+0xf0/0x470 [ 203.932542][ C0] rcu_gp_fqs_loop+0x1eb/0xb00 [ 203.937367][ C0] ? rcu_implicit_dynticks_qs+0x13c0/0x13c0 [ 203.943315][ C0] ? reacquire_held_locks+0x4b0/0x4b0 [ 203.948761][ C0] rcu_gp_kthread+0x243/0x380 [ 203.953490][ C0] ? rcu_gp_init+0x14e0/0x14e0 [ 203.958305][ C0] ? lockdep_hardirqs_on+0x7c/0x100 [ 203.963548][ C0] ? __kthread_parkme+0x148/0x220 [ 203.968626][ C0] ? rcu_gp_init+0x14e0/0x14e0 [ 203.973442][ C0] kthread+0x337/0x440 [ 203.977556][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 203.982802][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 203.988480][ C0] ret_from_fork+0x45/0x80 [ 203.992939][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 203.998625][ C0] ret_from_fork_asm+0x11/0x20 [ 204.003462][ C0] [ 204.006512][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 204.012854][ C0] CPU: 0 PID: 2791 Comm: kworker/u4:7 Not tainted 6.6.0-next-20231103-syzkaller #0 [ 204.022164][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 204.032237][ C0] Workqueue: events_unbound toggle_allocation_gate [ 204.038804][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x33/0x60 [ 204.045002][ C0] Code: bd 7a 7e 65 8b 05 d5 bd 7a 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 35 8b 82 fc 15 00 00 85 c0 74 2b 8b 82 d8 15 00 00 <83> f8 02 75 20 48 8b 8a e0 15 00 00 8b 92 dc 15 00 00 48 8b 01 48 [ 204.064636][ C0] RSP: 0018:ffffc90009d47908 EFLAGS: 00000246 [ 204.070744][ C0] RAX: 0000000000000000 RBX: ffff8880b9941a60 RCX: ffffffff817d39e5 [ 204.078766][ C0] RDX: ffff888026c2d940 RSI: ffffffff817d39bf RDI: 0000000000000005 [ 204.086779][ C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000 [ 204.094778][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffed101732834d [ 204.102799][ C0] R13: 0000000000000001 R14: ffff8880b9941a68 R15: ffff8880b983d8c0 [ 204.110800][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 204.119764][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.126376][ C0] CR2: 0000000020000600 CR3: 000000000cd78000 CR4: 00000000003506f0 [ 204.134388][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 204.142379][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 204.150371][ C0] Call Trace: [ 204.153677][ C0] [ 204.156564][ C0] ? show_regs+0x8e/0xa0 [ 204.160852][ C0] ? rcu_check_gp_kthread_starvation+0x317/0x450 [ 204.167226][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 204.172483][ C0] ? rcu_sched_clock_irq+0x2236/0x30f0 [ 204.178008][ C0] ? rcu_note_context_switch+0x1ab0/0x1ab0 [ 204.183884][ C0] ? hrtimer_run_queues+0x97/0x440 [ 204.189052][ C0] ? rcu_read_lock_sched_held+0x3a/0x70 [ 204.194658][ C0] ? tick_sched_do_timer+0x2e0/0x2e0 [ 204.200003][ C0] ? update_process_times+0x17a/0x220 [ 204.205421][ C0] ? timer_clear_idle+0xa0/0xa0 [ 204.210330][ C0] ? update_wall_time+0x1c/0x40 [ 204.215221][ C0] ? tick_sched_handle+0x8e/0x170 [ 204.220286][ C0] ? tick_nohz_highres_handler+0xe9/0x110 [ 204.226050][ C0] ? __hrtimer_run_queues+0x654/0xc00 [ 204.231484][ C0] ? enqueue_hrtimer+0x320/0x320 [ 204.236485][ C0] ? ktime_get_update_offsets_now+0x3bc/0x610 [ 204.242602][ C0] ? hrtimer_interrupt+0x31b/0x800 [ 204.247776][ C0] ? __sysvec_apic_timer_interrupt+0x10c/0x400 [ 204.253982][ C0] ? sysvec_apic_timer_interrupt+0x8e/0xc0 [ 204.259846][ C0] [ 204.262808][ C0] [ 204.265775][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 204.271973][ C0] ? smp_call_function_many_cond+0x4e5/0x1560 [ 204.278109][ C0] ? smp_call_function_many_cond+0x4bf/0x1560 [ 204.284231][ C0] ? __sanitizer_cov_trace_pc+0x33/0x60 [ 204.289812][ C0] smp_call_function_many_cond+0x4bf/0x1560 [ 204.295768][ C0] ? __text_poke+0xc90/0xc90 [ 204.300400][ C0] ? __kmem_cache_alloc_node+0xc3/0x310 [ 204.306004][ C0] ? generic_smp_call_function_single_interrupt+0x20/0x20 [ 204.313180][ C0] ? apply_relocation+0x830/0x830 [ 204.318240][ C0] ? __text_poke+0xc90/0xc90 [ 204.322867][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 204.328039][ C0] text_poke_bp_batch+0x2ce/0x960 [ 204.333130][ C0] ? do_sync_core+0x40/0x40 [ 204.337680][ C0] ? __jump_label_patch+0x1db/0x3f0 [ 204.342929][ C0] ? text_poke_queue+0xef/0x180 [ 204.347838][ C0] ? arch_jump_label_transform_queue+0xc0/0x110 [ 204.354153][ C0] text_poke_finish+0x30/0x40 [ 204.358872][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 204.364910][ C0] jump_label_update+0x32e/0x410 [ 204.369891][ C0] static_key_enable_cpuslocked+0x1b5/0x270 [ 204.375828][ C0] static_key_enable+0x1a/0x20 [ 204.380648][ C0] toggle_allocation_gate+0xf4/0x250 [ 204.385993][ C0] ? wake_up_kfence_timer+0x30/0x30 [ 204.391260][ C0] process_one_work+0x8a2/0x15e0 [ 204.396261][ C0] ? lock_sync+0x180/0x180 [ 204.400723][ C0] ? init_worker_pool+0x770/0x770 [ 204.405799][ C0] ? assign_work+0x1a0/0x240 [ 204.410438][ C0] worker_thread+0x8b6/0x1280 [ 204.415192][ C0] ? __kthread_parkme+0x148/0x220 [ 204.420271][ C0] ? process_one_work+0x15e0/0x15e0 [ 204.425524][ C0] kthread+0x337/0x440 [ 204.429639][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 204.434890][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 204.440588][ C0] ret_from_fork+0x45/0x80 [ 204.445050][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 204.450725][ C0] ret_from_fork_asm+0x11/0x20 [ 204.455558][ C0]