./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3100962998 <...> forked to background, child pid 4634 [ 31.997468][ T4635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.014635][ T4635] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 32.312869][ T4722] ssh-keygen (4722) used greatest stack depth: 19520 bytes left OK syzkaller Warning: Permanently added '10.128.1.66' (ECDSA) to the list of known hosts. execve("./syz-executor3100962998", ["./syz-executor3100962998"], 0x7ffc80b8e960 /* 10 vars */) = 0 brk(NULL) = 0x555556a81000 brk(0x555556a81c40) = 0x555556a81c40 arch_prctl(ARCH_SET_FS, 0x555556a81300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556a815d0) = 5065 set_robust_list(0x555556a815e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f67646b95d0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f67646b9ca0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f67646b9670, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f67646b9ca0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3100962998", 4096) = 28 brk(0x555556aa2c40) = 0x555556aa2c40 brk(0x555556aa3000) = 0x555556aa3000 mprotect(0x7f676477b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached , child_tidptr=0x555556a815d0) = 5066 [pid 5066] set_robust_list(0x555556a815e0, 24) = 0 [pid 5066] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] setsid() = 1 [pid 5066] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5066] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5066] unshare(CLONE_NEWNS) = 0 [pid 5066] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5066] unshare(CLONE_NEWIPC) = 0 [pid 5066] unshare(CLONE_NEWCGROUP) = 0 [pid 5066] unshare(CLONE_NEWUTS) = 0 [pid 5066] unshare(CLONE_SYSVSEM) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "16777216", 8) = 8 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "536870912", 9) = 9 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1024", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "8192", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1024", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1024", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5066] close(3) = 0 [pid 5066] getpid() = 1 [pid 5066] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5069] set_robust_list(0x7f67646a99e0, 24) = 0 [pid 5069] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 5069] futex(0x7f67647814cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... futex resumed>) = 0 [pid 5069] <... futex resumed>) = 1 [pid 5068] futex(0x7f67647814c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5068] futex(0x7f67647814cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5069] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 5 [pid 5069] futex(0x7f67647814cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 [pid 5068] futex(0x7f67647814c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5068] futex(0x7f67647814cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5069] ioctl(5, NBD_SET_SOCK, 3) = 0 [pid 5069] futex(0x7f67647814cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... futex resumed>) = 0 [pid 5069] <... futex resumed>) = 1 [pid 5068] futex(0x7f67647814c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5068] futex(0x7f67647814cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5069] ioctl(5, NBD_DO_IT [pid 5068] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5068] futex(0x7f67647814dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6764668000 [pid 5068] mprotect(0x7f6764669000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5068] clone(child_stack=0x7f67646883f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5071 attached , parent_tid=[4], tls=0x7f6764688700, child_tidptr=0x7f67646889d0) = 4 [pid 5071] set_robust_list(0x7f67646889e0, 24) = 0 [pid 5071] futex(0x7f67647814d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] futex(0x7f67647814d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] <... futex resumed>) = 0 [pid 5068] <... futex resumed>) = 1 [pid 5071] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY|0x4) = 6 [pid 5071] futex(0x7f67647814dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5071] futex(0x7f67647814d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] futex(0x7f67647814dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5068] futex(0x7f67647814d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] futex(0x7f67647814dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5071] <... futex resumed>) = 0 [pid 5071] ioctl(6, NBD_SET_SIZE_BLOCKS, 63) = 0 [pid 5071] futex(0x7f67647814dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 syzkaller login: [ 58.325544][ T5071] nbd0: detected capacity change from 0 to 126 [pid 5071] futex(0x7f67647814d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] close(3) = 0 [pid 5068] close(4) = 0 [pid 5068] close(5) = 0 [ 58.456489][ T4376] block nbd0: Receive control failed (result -104) [pid 5068] close(6 [pid 5066] kill(-2, SIGKILL [pid 5071] <... futex resumed>) = ? [pid 5066] <... kill resumed>) = 0 [pid 5071] +++ killed by SIGKILL +++ [pid 5066] kill(2, SIGKILL) = 0 [pid 5066] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5066] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5066] getdents64(3, 0x555556a82620 /* 2 entries */, 32768) = 48 [pid 5066] getdents64(3, 0x555556a82620 /* 0 entries */, 32768) = 0 [pid 5066] close(3) = 0 [ 76.336996][ T7] cfg80211: failed to load regulatory.db [ 88.497047][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 30 seconds [ 118.575407][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 60 seconds [ 120.349260][ T4422] udevd[4422]: worker [5070] /devices/virtual/block/nbd0 is taking a long time [ 148.655504][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 90 seconds [ 178.735463][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 120 seconds [ 208.815474][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 150 seconds [ 238.895508][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 180 seconds [ 240.504282][ T4422] udevd[4422]: worker [5070] /devices/virtual/block/nbd0 timeout; kill it [ 240.513300][ T4422] udevd[4422]: seq 7501 '/devices/virtual/block/nbd0' killed [ 268.975404][ T93] block nbd0: Possible stuck request ffff88801ef30000: control (read@0,4096B). Runtime 210 seconds [ 286.255329][ T28] INFO: task syz-executor310:5068 blocked for more than 143 seconds. [ 286.263509][ T28] Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0 [ 286.271172][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.279938][ T28] task:syz-executor310 state:D stack:25992 pid:5068 ppid:5066 flags:0x00004006 [ 286.289240][ T28] Call Trace: [ 286.292532][ T28] [ 286.295547][ T28] __schedule+0x9d1/0xe40 [ 286.300013][ T28] ? release_firmware_map_entry+0x180/0x180 [ 286.305971][ T28] ? __lock_acquire+0x1f60/0x1f60 [ 286.311045][ T28] ? __mutex_trylock_common+0x8e/0x2f0 [ 286.316773][ T28] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.322086][ T28] schedule+0xcb/0x190 [ 286.326223][ T28] schedule_preempt_disabled+0xf/0x20 [ 286.331606][ T28] __mutex_lock_common+0xecf/0x26c0 [ 286.336918][ T28] ? blkdev_put+0x100/0x730 [ 286.341526][ T28] ? mutex_lock_io_nested+0x60/0x60 [ 286.346839][ T28] ? __fsnotify_parent+0x4fd/0x710 [ 286.352046][ T28] mutex_lock_nested+0x17/0x20 [ 286.356973][ T28] blkdev_put+0x100/0x730 [ 286.361316][ T28] blkdev_close+0x55/0x80 [ 286.365691][ T28] ? blkdev_open+0x2e0/0x2e0 [ 286.370287][ T28] __fput+0x3ba/0x880 [ 286.374322][ T28] task_work_run+0x243/0x300 [ 286.379046][ T28] ? task_work_cancel+0x290/0x290 [ 286.384164][ T28] ptrace_notify+0x29a/0x340 [ 286.388951][ T28] ? do_notify_parent+0xeb0/0xeb0 [ 286.394018][ T28] ? rcu_lock_release+0x20/0x20 [ 286.398984][ T28] syscall_exit_work+0x8c/0xe0 [ 286.403871][ T28] syscall_exit_to_user_mode_prepare+0x6b/0xc0 [ 286.410150][ T28] syscall_exit_to_user_mode+0xa/0x60 [ 286.415619][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.421727][ T28] RIP: 0033:0x7f67646b8bbb [ 286.426181][ T28] RSP: 002b:00007ffed0f88720 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 286.434630][ T28] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 00007f67646b8bbb [ 286.442696][ T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 286.450719][ T28] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000064 [ 286.458748][ T28] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000e3b7 [ 286.466750][ T28] R13: 00007f67647814dc R14: 00007ffed0f88780 R15: 00007f67647814c0 [ 286.474741][ T28] [ 286.477848][ T28] INFO: task syz-executor310:5069 blocked for more than 143 seconds. [ 286.486306][ T28] Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0 [ 286.493852][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.503038][ T28] task:syz-executor310 state:D stack:25992 pid:5069 ppid:5066 flags:0x00004006 [ 286.512295][ T28] Call Trace: [ 286.515647][ T28] [ 286.518593][ T28] __schedule+0x9d1/0xe40 [ 286.522921][ T28] ? release_firmware_map_entry+0x180/0x180 [ 286.528885][ T28] ? __lock_acquire+0x1f60/0x1f60 [ 286.533961][ T28] ? __mutex_trylock_common+0x8e/0x2f0 [ 286.539532][ T28] ? do_raw_spin_unlock+0x134/0x8a0 [ 286.544758][ T28] schedule+0xcb/0x190 [ 286.548899][ T28] schedule_preempt_disabled+0xf/0x20 [ 286.554275][ T28] __mutex_lock_common+0xecf/0x26c0 [ 286.559595][ T28] ? blkdev_put+0x100/0x730 [ 286.564109][ T28] ? mutex_lock_io_nested+0x60/0x60 [ 286.569371][ T28] ? __fsnotify_parent+0x4fd/0x710 [ 286.574524][ T28] mutex_lock_nested+0x17/0x20 [ 286.579373][ T28] blkdev_put+0x100/0x730 [ 286.583716][ T28] blkdev_close+0x55/0x80 [ 286.588093][ T28] ? blkdev_open+0x2e0/0x2e0 [ 286.592689][ T28] __fput+0x3ba/0x880 [ 286.596752][ T28] task_work_run+0x243/0x300 [ 286.601359][ T28] ? task_work_cancel+0x290/0x290 [ 286.606467][ T28] ptrace_notify+0x29a/0x340 [ 286.611088][ T28] ? task_work_add+0x2e6/0x340 [ 286.615925][ T28] ? do_notify_parent+0xeb0/0xeb0 [ 286.620959][ T28] ? rcu_lock_release+0x20/0x20 [ 286.625857][ T28] ? blkdev_compat_ptr_ioctl+0xd0/0xd0 [ 286.631516][ T28] syscall_exit_work+0x8c/0xe0 [ 286.636349][ T28] syscall_exit_to_user_mode_prepare+0x6b/0xc0 [ 286.642520][ T28] syscall_exit_to_user_mode+0xa/0x60 [ 286.647940][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.653855][ T28] RIP: 0033:0x7f67646fc589 [ 286.658489][ T28] RSP: 002b:00007f67646a9308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.667059][ T28] RAX: 0000000000000000 RBX: 00007f67647814c8 RCX: 00007f67646fc589 [ 286.675246][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 286.683321][ T28] RBP: 00007f67647814c0 R08: 0000000000000000 R09: 0000000000000000 [ 286.691377][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f67647814cc [ 286.699472][ T28] R13: 00007f676474e1a4 R14: 64626e2f7665642f R15: 0000000000022000 [ 286.707635][ T28] [ 286.710670][ T28] [ 286.710670][ T28] Showing all locks held in the system: [ 286.718482][ T28] 1 lock held by rcu_tasks_kthre/12: [ 286.723801][ T28] #0: ffffffff8d523a50 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.734368][ T28] 1 lock held by rcu_tasks_trace/13: [ 286.739713][ T28] #0: ffffffff8d524250 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x30/0xd00 [ 286.750727][ T28] 1 lock held by khungtaskd/28: [ 286.755624][ T28] #0: ffffffff8d523880 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 286.764969][ T28] 2 locks held by getty/4738: [ 286.769715][ T28] #0: ffff88802cb03098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 286.779656][ T28] #1: ffffc900015902f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6e8/0x1e50 [ 286.789792][ T28] 1 lock held by syz-executor310/5068: [ 286.795382][ T28] #0: ffff88801eec94c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x730 [ 286.804912][ T28] 1 lock held by syz-executor310/5069: [ 286.810483][ T28] #0: ffff88801eec94c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x730 [ 286.820079][ T28] 1 lock held by udevd/5070: [ 286.824665][ T28] #0: ffff88801eec94c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0xfe/0xa60 [ 286.834650][ T28] [ 286.837038][ T28] ============================================= [ 286.837038][ T28] [ 286.845489][ T28] NMI backtrace for cpu 1 [ 286.849850][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0 [ 286.859636][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 286.869673][ T28] Call Trace: [ 286.873198][ T28] [ 286.876117][ T28] dump_stack_lvl+0x1e3/0x2d0 [ 286.880783][ T28] ? nf_tcp_handle_invalid+0x630/0x630 [ 286.886243][ T28] ? panic+0x770/0x770 [ 286.890335][ T28] ? nmi_cpu_backtrace+0x255/0x560 [ 286.895642][ T28] nmi_cpu_backtrace+0x4e3/0x560 [ 286.900576][ T28] ? vprintk_emit+0x109/0x1e0 [ 286.905293][ T28] ? nmi_trigger_cpumask_backtrace+0x3e0/0x3e0 [ 286.911435][ T28] ? _printk+0xcf/0x110 [ 286.915578][ T28] ? panic+0x770/0x770 [ 286.919630][ T28] ? __wake_up_klogd+0xcd/0x100 [ 286.924467][ T28] ? panic+0x770/0x770 [ 286.928526][ T28] ? nmi_trigger_cpumask_backtrace+0xaa/0x3e0 [ 286.934579][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 286.940694][ T28] nmi_trigger_cpumask_backtrace+0x19b/0x3e0 [ 286.946688][ T28] watchdog+0xcd5/0xd20 [ 286.950873][ T28] kthread+0x266/0x300 [ 286.954928][ T28] ? hungtask_pm_notify+0x50/0x50 [ 286.959937][ T28] ? kthread_blkcg+0xd0/0xd0 [ 286.964516][ T28] ret_from_fork+0x1f/0x30 [ 286.968954][ T28] [ 286.972103][ T28] Sending NMI from CPU 1 to CPUs 0: [ 286.977447][ C0] NMI backtrace for cpu 0 [ 286.977456][ C0] CPU: 0 PID: 9 Comm: kworker/u4:0 Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0 [ 286.977470][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 286.977478][ C0] Workqueue: events_unbound toggle_allocation_gate [ 286.977554][ C0] RIP: 0010:trace_lock_release+0x65/0x220 [ 286.977572][ C0] Code: 86 9e 00 00 00 89 ed 48 89 e8 48 c1 e8 06 48 8d 3c c5 a8 4c b0 8e be 08 00 00 00 e8 05 d1 77 00 48 0f a3 2d e5 6d 43 0d 73 3d <65> ff 05 7c b9 96 7e 48 c7 c0 88 bf 9c 8e 48 c1 e8 03 80 3c 18 00 [ 286.977582][ C0] RSP: 0018:ffffc900000e75f0 EFLAGS: 00000057 [ 286.977593][ C0] RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffffffff816cdebb [ 286.977603][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8eb04ca8 [ 286.977611][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1d60996 [ 286.977620][ C0] R10: fffffbfff1d60996 R11: 1ffffffff1d60995 R12: dffffc0000000000 [ 286.977629][ C0] R13: ffffffff81650960 R14: ffff88813fe6f058 R15: 1ffff9200001ced0 [ 286.977639][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 286.977650][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.977659][ C0] CR2: 00007ff14a79c990 CR3: 000000000d28e000 CR4: 00000000003506f0 [ 286.977671][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.977679][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.977687][ C0] Call Trace: [ 286.977691][ C0] [ 286.977698][ C0] lock_release+0x81/0x870 [ 286.977715][ C0] ? kvm_sched_clock_read+0x14/0x40 [ 286.977736][ C0] ? sched_clock_cpu+0x71/0x2b0 [ 286.977749][ C0] ? __lock_acquire+0x1f60/0x1f60 [ 286.977765][ C0] ? clear_sched_clock_stable+0x60/0x60 [ 286.977783][ C0] newidle_balance+0xadd/0xff0 [ 286.977825][ C0] ? update_misfit_status+0x7d0/0x7d0 [ 286.977837][ C0] ? dequeue_task_fair+0xc37/0x12a0 [ 286.977853][ C0] pick_next_task_fair+0x2a4/0xdf0 [ 286.977887][ C0] ? update_irq_load_avg+0x801/0xc10 [ 286.977904][ C0] pick_next_task+0xf2/0x2040 [ 286.977925][ C0] __schedule+0x4ff/0xe40 [ 286.977944][ C0] ? release_firmware_map_entry+0x180/0x180 [ 286.977956][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 286.977972][ C0] ? _raw_spin_unlock+0x40/0x40 [ 286.977987][ C0] ? __might_sleep+0xc0/0xc0 [ 286.978008][ C0] ? rcu_read_lock_any_held+0xb3/0x150 [ 286.978025][ C0] ? wq_worker_sleeping+0x5e/0x290 [ 286.978040][ C0] schedule+0xcb/0x190 [ 286.978053][ C0] toggle_allocation_gate+0x16a/0x250 [ 286.978066][ C0] ? virt_to_slab+0x2c0/0x2c0 [ 286.978078][ C0] ? rcu_read_lock_sched_held+0x89/0x130 [ 286.978092][ C0] ? wake_bit_function+0x240/0x240 [ 286.978112][ C0] process_one_work+0x81c/0xd10 [ 286.978135][ C0] ? worker_detach_from_pool+0x260/0x260 [ 286.978152][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 286.978167][ C0] ? kthread_data+0x4d/0xc0 [ 286.978182][ C0] ? wq_worker_running+0x95/0x190 [ 286.978197][ C0] worker_thread+0xb14/0x1330 [ 286.978225][ C0] kthread+0x266/0x300 [ 286.978238][ C0] ? rcu_lock_release+0x20/0x20 [ 286.978253][ C0] ? kthread_blkcg+0xd0/0xd0 [ 286.978266][ C0] ret_from_fork+0x1f/0x30 [ 286.978290][ C0] [ 286.978493][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 287.300683][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0 [ 287.310482][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 287.320544][ T28] Call Trace: [ 287.323819][ T28] [ 287.326749][ T28] dump_stack_lvl+0x1e3/0x2d0 [ 287.331433][ T28] ? nf_tcp_handle_invalid+0x630/0x630 [ 287.336889][ T28] ? panic+0x770/0x770 [ 287.340990][ T28] ? vscnprintf+0x59/0x80 [ 287.345421][ T28] panic+0x316/0x770 [ 287.349314][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 287.354947][ T28] ? nmi_trigger_cpumask_backtrace+0x2b0/0x3e0 [ 287.361097][ T28] ? memcpy_page_flushcache+0x100/0x100 [ 287.366648][ T28] ? nmi_trigger_cpumask_backtrace+0x2b0/0x3e0 [ 287.372799][ T28] ? nmi_trigger_cpumask_backtrace+0x32a/0x3e0 [ 287.378951][ T28] ? nmi_trigger_cpumask_backtrace+0x32f/0x3e0 [ 287.385102][ T28] watchdog+0xd15/0xd20 [ 287.389270][ T28] kthread+0x266/0x300 [ 287.393333][ T28] ? hungtask_pm_notify+0x50/0x50 [ 287.398359][ T28] ? kthread_blkcg+0xd0/0xd0 [ 287.402950][ T28] ret_from_fork+0x1f/0x30 [ 287.407375][ T28] [ 287.410444][ T28] Kernel Offset: disabled [ 287.414786][ T28] Rebooting in 86400 seconds..