./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3032168661
<...>
DUID 00:04:cd:7d:74:7d:04:96:3f:c0:f2:1a:da:5a:49:b1:9f:fb
forked to background, child pid 3185
[ 23.275687][ T3186] 8021q: adding VLAN 0 to HW filter on device bond0
[ 23.288764][ T3186] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.18' (ECDSA) to the list of known hosts.
execve("./syz-executor3032168661", ["./syz-executor3032168661"], 0x7ffd157da330 /* 10 vars */) = 0
brk(NULL) = 0x555556da9000
brk(0x555556da9c40) = 0x555556da9c40
arch_prctl(ARCH_SET_FS, 0x555556da9300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3032168661", 4096) = 28
brk(0x555556dcac40) = 0x555556dcac40
brk(0x555556dcb000) = 0x555556dcb000
mprotect(0x7fd663739000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556da95d0) = 3608
./strace-static-x86_64: Process 3608 attached
[pid 3608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3608] setpgid(0, 0) = 0
[pid 3608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3608] write(3, "1000", 4) = 4
[pid 3608] close(3) = 0
[pid 3608] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3
[pid 3608] ioctl(3, NBD_SET_SIZE_BLOCKS, 1) = 0
[pid 3608] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0
[pid 3608] ioctl(3, NBD_SET_SOCK, 4) = 0
[pid 3608] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 6
syzkaller login: [ 39.058100][ T3608] nbd0: detected capacity change from 0 to 2
[pid 3608] ioctl(6, NBD_DO_IT <unfinished ...>
[pid 3607] kill(-3608, SIGKILL) = 0
[pid 3608] <... ioctl resumed>) = ?
[pid 3607] kill(3608, SIGKILL) = 0
[ 44.021737][ T3608] block nbd0: shutting down sockets
[pid 3607] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid 3607] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 3607] getdents64(3, 0x555556daa620 /* 2 entries */, 32768) = 48
[pid 3607] getdents64(3, 0x555556daa620 /* 0 entries */, 32768) = 0
[pid 3607] close(3) = 0
[ 69.187054][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 30 seconds
[ 76.227447][ T14] cfg80211: failed to load regulatory.db
[ 99.267078][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 60 seconds
[ 101.631693][ T2973] udevd[2973]: worker [3610] /devices/virtual/block/nbd0 is taking a long time
[ 129.347088][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 90 seconds
[ 159.427044][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 120 seconds
[ 189.507111][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 150 seconds
[ 219.351691][ T2973] udevd[2973]: worker [3610] /devices/virtual/block/nbd0 timeout; kill it
[ 219.360489][ T2973] udevd[2973]: seq 7480 '/devices/virtual/block/nbd0' killed
[ 219.587059][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 180 seconds
[ 249.667119][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 210 seconds
[ 279.747073][ T109] block nbd0: Possible stuck request ffff88801e8d0000: control (read@0,1024B). Runtime 240 seconds
[ 286.147070][ T28] INFO: task syz-executor303:3608 blocked for more than 143 seconds.
[ 286.155174][ T28] Not tainted 6.0.0-rc2-next-20220826-syzkaller #0
[ 286.162231][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.170936][ T28] task:syz-executor303 state:D stack:28176 pid:3608 ppid:3607 flags:0x00004006
[ 286.180205][ T28] Call Trace:
[ 286.183485][ T28] <TASK>
[ 286.186426][ T28] __schedule+0xae5/0x52c0
[ 286.190938][ T28] ? rwlock_bug.part.0+0x90/0x90
[ 286.195897][ T28] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.201388][ T28] ? lock_release+0x560/0x780
[ 286.206094][ T28] ? io_schedule_timeout+0x140/0x140
[ 286.211499][ T28] ? rwlock_bug.part.0+0x90/0x90
[ 286.216447][ T28] ? kmem_cache_free+0xe7/0x5b0
[ 286.221340][ T28] schedule+0xda/0x1b0
[ 286.225424][ T28] schedule_preempt_disabled+0xf/0x20
[ 286.230879][ T28] __mutex_lock+0xa44/0x1350
[ 286.235486][ T28] ? blkdev_put+0xbc/0x770
[ 286.240009][ T28] ? mutex_lock_io_nested+0x1190/0x1190
[ 286.245569][ T28] ? locks_check_ctx_file_list+0x1d/0x110
[ 286.251322][ T28] ? do_raw_spin_unlock+0x171/0x230
[ 286.256533][ T28] ? _raw_spin_unlock+0x24/0x40
[ 286.261418][ T28] ? locks_remove_file+0x2f7/0x570
[ 286.266536][ T28] blkdev_put+0xbc/0x770
[ 286.270814][ T28] blkdev_close+0x64/0x80
[ 286.275154][ T28] __fput+0x27c/0xa90
[ 286.279187][ T28] ? blkdev_fsync+0xa0/0xa0
[ 286.283705][ T28] task_work_run+0x16b/0x270
[ 286.288333][ T28] ? task_work_cancel+0x30/0x30
[ 286.293196][ T28] ? do_raw_spin_unlock+0x171/0x230
[ 286.298452][ T28] do_exit+0xc3f/0x2b60
[ 286.302621][ T28] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.308115][ T28] ? lock_release+0x560/0x780
[ 286.312798][ T28] ? lock_downgrade+0x6e0/0x6e0
[ 286.317682][ T28] ? get_signal+0x93b/0x2610
[ 286.322286][ T28] ? mm_update_next_owner+0x7b0/0x7b0
[ 286.327685][ T28] ? do_raw_spin_lock+0x120/0x2a0
[ 286.332721][ T28] ? rwlock_bug.part.0+0x90/0x90
[ 286.337711][ T28] do_group_exit+0xd0/0x2a0
[ 286.342228][ T28] get_signal+0x238c/0x2610
[ 286.346722][ T28] ? map_id_up+0x178/0x2f0
[ 286.351167][ T28] ? exit_signals+0x8b0/0x8b0
[ 286.355854][ T28] ? lock_release+0x560/0x780
[ 286.360570][ T28] ? __task_pid_nr_ns+0x168/0x4b0
[ 286.365616][ T28] ? lock_downgrade+0x6e0/0x6e0
[ 286.370492][ T28] arch_do_signal_or_restart+0x82/0x2300
[ 286.376155][ T28] ? from_kuid+0xc0/0xc0
[ 286.380439][ T28] ? __task_pid_nr_ns+0x18a/0x4b0
[ 286.385488][ T28] ? get_sigframe_size+0x10/0x10
[ 286.390474][ T28] ? ptrace_notify+0xfa/0x140
[ 286.395163][ T28] ? lock_downgrade+0x6e0/0x6e0
[ 286.400045][ T28] ? send_sig+0xfe/0x160
[ 286.404314][ T28] ? send_sig_info+0x140/0x140
[ 286.409111][ T28] ? trace_hardirqs_on+0x2d/0x120
[ 286.414148][ T28] exit_to_user_mode_prepare+0x15f/0x250
[ 286.419831][ T28] syscall_exit_to_user_mode+0x19/0x50
[ 286.425382][ T28] do_syscall_64+0x42/0xb0
[ 286.429854][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 286.435766][ T28] RIP: 0033:0x7fd6636cc6a9
[ 286.440235][ T28] RSP: 002b:00007ffde8205a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 286.448681][ T28] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007fd6636cc6a9
[ 286.456642][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006
[ 286.464640][ T28] RBP: 0000000000000000 R08: 00007ffde8205bc8 R09: 00007ffde8205bc8
[ 286.472642][ T28] R10: 000000000000ffff R11: 0000000000000246 R12: 00007fd66368b730
[ 286.480643][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000
[ 286.488637][ T28] </TASK>
[ 286.491674][ T28] NMI backtrace for cpu 0
[ 286.495991][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc2-next-20220826-syzkaller #0
[ 286.505253][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 286.515291][ T28] Call Trace:
[ 286.518560][ T28] <TASK>
[ 286.521500][ T28] dump_stack_lvl+0xcd/0x134
[ 286.526141][ T28] nmi_cpu_backtrace.cold+0x46/0x14f
[ 286.531433][ T28] ? lapic_can_unplug_cpu+0x80/0x80
[ 286.536628][ T28] nmi_trigger_cpumask_backtrace+0x206/0x250
[ 286.542618][ T28] watchdog+0xcf7/0xfd0
[ 286.546790][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80
[ 286.552785][ T28] kthread+0x2e4/0x3a0
[ 286.556860][ T28] ? kthread_complete_and_exit+0x40/0x40
[ 286.562511][ T28] ret_from_fork+0x1f/0x30
[ 286.566952][ T28] </TASK>
[ 286.570045][ T28] Sending NMI from CPU 0 to CPUs 1:
[ 286.575264][ C1] NMI backtrace for cpu 1
[ 286.575274][ C1] CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 6.0.0-rc2-next-20220826-syzkaller #0
[ 286.575295][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 286.575306][ C1] Workqueue: events_unbound toggle_allocation_gate
[ 286.575329][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x60
[ 286.575361][ C1] Code: 81 e1 00 01 00 00 65 48 8b 14 25 80 6f 02 00 a9 00 01 ff 00 74 0e 85 c9 74 35 8b 82 94 15 00 00 85 c0 74 2b 8b 82 70 15 00 00 <83> f8 02 75 20 48 8b 8a 78 15 00 00 8b 92 74 15 00 00 48 8b 01 48
[ 286.575380][ C1] RSP: 0018:ffffc900000d7a08 EFLAGS: 00000246
[ 286.575394][ C1] RAX: 0000000000000000 RBX: ffffc900000d7a78 RCX: 0000000000000000
[ 286.575407][ C1] RDX: ffff88813fe557c0 RSI: ffffffff842a310d RDI: 0000000000000001
[ 286.575420][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 286.575431][ C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff89e6ad6a
[ 286.575443][ C1] R13: 000000000000000f R14: 1ffff9200001af49 R15: ffffffff89e6ad6a
[ 286.575456][ C1] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[ 286.575472][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 286.575485][ C1] CR2: 000055b39e622680 CR3: 000000000bc8e000 CR4: 00000000003506e0
[ 286.575497][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 286.575508][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 286.575520][ C1] Call Trace:
[ 286.575525][ C1] <TASK>
[ 286.575530][ C1] insn_decode+0x9d/0x3b0
[ 286.575550][ C1] ? kmem_cache_alloc_bulk+0x1f1/0x860
[ 286.575576][ C1] text_poke_loc_init+0xa6/0x450
[ 286.575595][ C1] ? arch_jump_label_transform_queue+0x58/0x100
[ 286.575626][ C1] ? text_poke_memcpy+0x10/0x10
[ 286.575650][ C1] ? kmem_cache_alloc_bulk+0x1f1/0x860
[ 286.575675][ C1] ? __jump_label_patch+0x173/0x330
[ 286.575704][ C1] arch_jump_label_transform_queue+0x94/0x100
[ 286.575735][ C1] __jump_label_update+0x12e/0x410
[ 286.575763][ C1] jump_label_update+0x32f/0x410
[ 286.575789][ C1] static_key_disable_cpuslocked+0x152/0x1b0
[ 286.575816][ C1] static_key_disable+0x16/0x20
[ 286.575840][ C1] toggle_allocation_gate+0x183/0x390
[ 286.575860][ C1] ? lock_release+0x780/0x780
[ 286.575881][ C1] ? wake_up_kfence_timer+0x20/0x20
[ 286.575900][ C1] ? trace_hardirqs_on+0x2d/0x120
[ 286.575918][ C1] ? finish_task_switch.isra.0+0x2b5/0xc80
[ 286.575941][ C1] ? read_word_at_a_time+0xe/0x20
[ 286.575961][ C1] ? strscpy+0xa1/0x2a0
[ 286.575982][ C1] process_one_work+0x991/0x1610
[ 286.576012][ C1] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 286.576046][ C1] ? rwlock_bug.part.0+0x90/0x90
[ 286.576072][ C1] worker_thread+0x665/0x1080
[ 286.576103][ C1] ? process_one_work+0x1610/0x1610
[ 286.576130][ C1] kthread+0x2e4/0x3a0
[ 286.576152][ C1] ? kthread_complete_and_exit+0x40/0x40
[ 286.576177][ C1] ret_from_fork+0x1f/0x30
[ 286.576209][ C1] </TASK>
[ 286.576286][ T28] Kernel panic - not syncing: hung_task: blocked tasks
[ 286.870454][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc2-next-20220826-syzkaller #0
[ 286.879735][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 286.889789][ T28] Call Trace:
[ 286.893054][ T28] <TASK>
[ 286.895989][ T28] dump_stack_lvl+0xcd/0x134
[ 286.900577][ T28] panic+0x2c8/0x627
[ 286.904487][ T28] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 286.910459][ T28] ? lapic_can_unplug_cpu+0x80/0x80
[ 286.915646][ T28] ? preempt_schedule_thunk+0x16/0x18
[ 286.921008][ T28] ? watchdog.cold+0x135/0x426
[ 286.925773][ T28] watchdog.cold+0x146/0x426
[ 286.930354][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80
[ 286.936348][ T28] kthread+0x2e4/0x3a0
[ 286.940409][ T28] ? kthread_complete_and_exit+0x40/0x40
[ 286.946037][ T28] ret_from_fork+0x1f/0x30
[ 286.950461][ T28] </TASK>
[ 286.953638][ T28] Kernel Offset: disabled
[ 286.957955][ T28] Rebooting in 86400 seconds..