./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3032168661 <...> DUID 00:04:cd:7d:74:7d:04:96:3f:c0:f2:1a:da:5a:49:b1:9f:fb forked to background, child pid 3185 [ 23.275687][ T3186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 23.288764][ T3186] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.18' (ECDSA) to the list of known hosts. execve("./syz-executor3032168661", ["./syz-executor3032168661"], 0x7ffd157da330 /* 10 vars */) = 0 brk(NULL) = 0x555556da9000 brk(0x555556da9c40) = 0x555556da9c40 arch_prctl(ARCH_SET_FS, 0x555556da9300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3032168661", 4096) = 28 brk(0x555556dcac40) = 0x555556dcac40 brk(0x555556dcb000) = 0x555556dcb000 mprotect(0x7fd663739000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556da95d0) = 3608 ./strace-static-x86_64: Process 3608 attached [pid 3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3608] setpgid(0, 0) = 0 [pid 3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3608] write(3, "1000", 4) = 4 [pid 3608] close(3) = 0 [pid 3608] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 3608] ioctl(3, NBD_SET_SIZE_BLOCKS, 1) = 0 [pid 3608] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0 [pid 3608] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 3608] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 6 syzkaller login: [ 39.058100][ T3608] nbd0: detected capacity change from 0 to 2 [pid 3608] ioctl(6, NBD_DO_IT [pid 3607] kill(-3608, SIGKILL) = 0 [pid 3608] <... ioctl resumed>) = ? [pid 3607] kill(3608, SIGKILL) = 0 [ 44.021737][ T3608] block nbd0: shutting down sockets [pid 3607] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3607] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3607] getdents64(3, 0x555556daa620 /* 2 entries */, 32768) = 48 [pid 3607] getdents64(3, 0x555556daa620 /* 0 entries */, 32768) = 0 [pid 3607] close(3) = 0 [ 69.187054][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 30 seconds [ 76.227447][ T14] cfg80211: failed to load regulatory.db [ 99.267078][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 60 seconds [ 101.631693][ T2973] udevd[2973]: worker [3610] /devices/virtual/block/nbd0 is taking a long time [ 129.347088][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 90 seconds [ 159.427044][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 120 seconds [ 189.507111][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 150 seconds [ 219.351691][ T2973] udevd[2973]: worker [3610] /devices/virtual/block/nbd0 timeout; kill it [ 219.360489][ T2973] udevd[2973]: seq 7480 '/devices/virtual/block/nbd0' killed [ 219.587059][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 180 seconds [ 249.667119][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 210 seconds [ 279.747073][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 240 seconds [ 286.147070][ T28] INFO: task syz-executor303:3608 blocked for more than 143 seconds. [ 286.155174][ T28] Not tainted 6.0.0-rc2-next-20220826-syzkaller #0 [ 286.162231][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.170936][ T28] task:syz-executor303 state:D stack:28176 pid:3608 ppid:3607 flags:0x00004006 [ 286.180205][ T28] Call Trace: [ 286.183485][ T28] [ 286.186426][ T28] __schedule+0xae5/0x52c0 [ 286.190938][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.195897][ T28] ? rcu_read_lock_sched_held+0xd/0x70 [ 286.201388][ T28] ? lock_release+0x560/0x780 [ 286.206094][ T28] ? io_schedule_timeout+0x140/0x140 [ 286.211499][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.216447][ T28] ? kmem_cache_free+0xe7/0x5b0 [ 286.221340][ T28] schedule+0xda/0x1b0 [ 286.225424][ T28] schedule_preempt_disabled+0xf/0x20 [ 286.230879][ T28] __mutex_lock+0xa44/0x1350 [ 286.235486][ T28] ? blkdev_put+0xbc/0x770 [ 286.240009][ T28] ? mutex_lock_io_nested+0x1190/0x1190 [ 286.245569][ T28] ? locks_check_ctx_file_list+0x1d/0x110 [ 286.251322][ T28] ? do_raw_spin_unlock+0x171/0x230 [ 286.256533][ T28] ? _raw_spin_unlock+0x24/0x40 [ 286.261418][ T28] ? locks_remove_file+0x2f7/0x570 [ 286.266536][ T28] blkdev_put+0xbc/0x770 [ 286.270814][ T28] blkdev_close+0x64/0x80 [ 286.275154][ T28] __fput+0x27c/0xa90 [ 286.279187][ T28] ? blkdev_fsync+0xa0/0xa0 [ 286.283705][ T28] task_work_run+0x16b/0x270 [ 286.288333][ T28] ? task_work_cancel+0x30/0x30 [ 286.293196][ T28] ? do_raw_spin_unlock+0x171/0x230 [ 286.298452][ T28] do_exit+0xc3f/0x2b60 [ 286.302621][ T28] ? rcu_read_lock_sched_held+0xd/0x70 [ 286.308115][ T28] ? lock_release+0x560/0x780 [ 286.312798][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.317682][ T28] ? get_signal+0x93b/0x2610 [ 286.322286][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 286.327685][ T28] ? do_raw_spin_lock+0x120/0x2a0 [ 286.332721][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.337711][ T28] do_group_exit+0xd0/0x2a0 [ 286.342228][ T28] get_signal+0x238c/0x2610 [ 286.346722][ T28] ? map_id_up+0x178/0x2f0 [ 286.351167][ T28] ? exit_signals+0x8b0/0x8b0 [ 286.355854][ T28] ? lock_release+0x560/0x780 [ 286.360570][ T28] ? __task_pid_nr_ns+0x168/0x4b0 [ 286.365616][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.370492][ T28] arch_do_signal_or_restart+0x82/0x2300 [ 286.376155][ T28] ? from_kuid+0xc0/0xc0 [ 286.380439][ T28] ? __task_pid_nr_ns+0x18a/0x4b0 [ 286.385488][ T28] ? get_sigframe_size+0x10/0x10 [ 286.390474][ T28] ? ptrace_notify+0xfa/0x140 [ 286.395163][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.400045][ T28] ? send_sig+0xfe/0x160 [ 286.404314][ T28] ? send_sig_info+0x140/0x140 [ 286.409111][ T28] ? trace_hardirqs_on+0x2d/0x120 [ 286.414148][ T28] exit_to_user_mode_prepare+0x15f/0x250 [ 286.419831][ T28] syscall_exit_to_user_mode+0x19/0x50 [ 286.425382][ T28] do_syscall_64+0x42/0xb0 [ 286.429854][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.435766][ T28] RIP: 0033:0x7fd6636cc6a9 [ 286.440235][ T28] RSP: 002b:00007ffde8205a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.448681][ T28] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007fd6636cc6a9 [ 286.456642][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006 [ 286.464640][ T28] RBP: 0000000000000000 R08: 00007ffde8205bc8 R09: 00007ffde8205bc8 [ 286.472642][ T28] R10: 000000000000ffff R11: 0000000000000246 R12: 00007fd66368b730 [ 286.480643][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 286.488637][ T28] [ 286.491674][ T28] NMI backtrace for cpu 0 [ 286.495991][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc2-next-20220826-syzkaller #0 [ 286.505253][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 286.515291][ T28] Call Trace: [ 286.518560][ T28] [ 286.521500][ T28] dump_stack_lvl+0xcd/0x134 [ 286.526141][ T28] nmi_cpu_backtrace.cold+0x46/0x14f [ 286.531433][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.536628][ T28] nmi_trigger_cpumask_backtrace+0x206/0x250 [ 286.542618][ T28] watchdog+0xcf7/0xfd0 [ 286.546790][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.552785][ T28] kthread+0x2e4/0x3a0 [ 286.556860][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.562511][ T28] ret_from_fork+0x1f/0x30 [ 286.566952][ T28] [ 286.570045][ T28] Sending NMI from CPU 0 to CPUs 1: [ 286.575264][ C1] NMI backtrace for cpu 1 [ 286.575274][ C1] CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 6.0.0-rc2-next-20220826-syzkaller #0 [ 286.575295][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 286.575306][ C1] Workqueue: events_unbound toggle_allocation_gate [ 286.575329][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x60 [ 286.575361][ C1] Code: 81 e1 00 01 00 00 65 48 8b 14 25 80 6f 02 00 a9 00 01 ff 00 74 0e 85 c9 74 35 8b 82 94 15 00 00 85 c0 74 2b 8b 82 70 15 00 00 <83> f8 02 75 20 48 8b 8a 78 15 00 00 8b 92 74 15 00 00 48 8b 01 48 [ 286.575380][ C1] RSP: 0018:ffffc900000d7a08 EFLAGS: 00000246 [ 286.575394][ C1] RAX: 0000000000000000 RBX: ffffc900000d7a78 RCX: 0000000000000000 [ 286.575407][ C1] RDX: ffff88813fe557c0 RSI: ffffffff842a310d RDI: 0000000000000001 [ 286.575420][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 286.575431][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff89e6ad6a [ 286.575443][ C1] R13: 000000000000000f R14: 1ffff9200001af49 R15: ffffffff89e6ad6a [ 286.575456][ C1] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 286.575472][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.575485][ C1] CR2: 000055b39e622680 CR3: 000000000bc8e000 CR4: 00000000003506e0 [ 286.575497][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.575508][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.575520][ C1] Call Trace: [ 286.575525][ C1] [ 286.575530][ C1] insn_decode+0x9d/0x3b0 [ 286.575550][ C1] ? kmem_cache_alloc_bulk+0x1f1/0x860 [ 286.575576][ C1] text_poke_loc_init+0xa6/0x450 [ 286.575595][ C1] ? arch_jump_label_transform_queue+0x58/0x100 [ 286.575626][ C1] ? text_poke_memcpy+0x10/0x10 [ 286.575650][ C1] ? kmem_cache_alloc_bulk+0x1f1/0x860 [ 286.575675][ C1] ? __jump_label_patch+0x173/0x330 [ 286.575704][ C1] arch_jump_label_transform_queue+0x94/0x100 [ 286.575735][ C1] __jump_label_update+0x12e/0x410 [ 286.575763][ C1] jump_label_update+0x32f/0x410 [ 286.575789][ C1] static_key_disable_cpuslocked+0x152/0x1b0 [ 286.575816][ C1] static_key_disable+0x16/0x20 [ 286.575840][ C1] toggle_allocation_gate+0x183/0x390 [ 286.575860][ C1] ? lock_release+0x780/0x780 [ 286.575881][ C1] ? wake_up_kfence_timer+0x20/0x20 [ 286.575900][ C1] ? trace_hardirqs_on+0x2d/0x120 [ 286.575918][ C1] ? finish_task_switch.isra.0+0x2b5/0xc80 [ 286.575941][ C1] ? read_word_at_a_time+0xe/0x20 [ 286.575961][ C1] ? strscpy+0xa1/0x2a0 [ 286.575982][ C1] process_one_work+0x991/0x1610 [ 286.576012][ C1] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 286.576046][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 286.576072][ C1] worker_thread+0x665/0x1080 [ 286.576103][ C1] ? process_one_work+0x1610/0x1610 [ 286.576130][ C1] kthread+0x2e4/0x3a0 [ 286.576152][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 286.576177][ C1] ret_from_fork+0x1f/0x30 [ 286.576209][ C1] [ 286.576286][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 286.870454][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc2-next-20220826-syzkaller #0 [ 286.879735][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 286.889789][ T28] Call Trace: [ 286.893054][ T28] [ 286.895989][ T28] dump_stack_lvl+0xcd/0x134 [ 286.900577][ T28] panic+0x2c8/0x627 [ 286.904487][ T28] ? panic_print_sys_info.part.0+0x10b/0x10b [ 286.910459][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.915646][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 286.921008][ T28] ? watchdog.cold+0x135/0x426 [ 286.925773][ T28] watchdog.cold+0x146/0x426 [ 286.930354][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.936348][ T28] kthread+0x2e4/0x3a0 [ 286.940409][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.946037][ T28] ret_from_fork+0x1f/0x30 [ 286.950461][ T28] [ 286.953638][ T28] Kernel Offset: disabled [ 286.957955][ T28] Rebooting in 86400 seconds..