./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1862190021 <...> Warning: Permanently added '10.128.1.157' (ED25519) to the list of known hosts. execve("./syz-executor1862190021", ["./syz-executor1862190021"], 0x7ffdc1438230 /* 10 vars */) = 0 brk(NULL) = 0x555556aa9000 brk(0x555556aa9d00) = 0x555556aa9d00 arch_prctl(ARCH_SET_FS, 0x555556aa9380) = 0 set_tid_address(0x555556aa9650) = 5056 set_robust_list(0x555556aa9660, 24) = 0 rseq(0x555556aa9ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1862190021", 4096) = 28 getrandom("\x84\x8c\xd6\xd3\x88\x96\xaf\xac", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556aa9d00 brk(0x555556acad00) = 0x555556acad00 brk(0x555556acb000) = 0x555556acb000 mprotect(0x7faa2715f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556aa9650) = 5057 ./strace-static-x86_64: Process 5057 attached [pid 5057] set_robust_list(0x555556aa9660, 24) = 0 [pid 5057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5057] setpgid(0, 0) = 0 [pid 5057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5057] write(3, "1000", 4) = 4 [pid 5057] close(3) = 0 [pid 5057] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5057] socket(AF_INET, SOCK_SEQPACKET, IPPROTO_IP) = 4 [pid 5057] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 5057] listen(4, 7757) = 0 [pid 5057] ioctl(3, NBD_DO_IT [pid 5056] kill(-5057, SIGKILL) = 0 [pid 5056] kill(5057, SIGKILL) = 0 [ 58.795811][ T5057] block nbd0: shutting down sockets [pid 5056] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5056] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5056] getdents64(3, 0x555556aaa6f0 /* 2 entries */, 32768) = 48 [pid 5056] getdents64(3, 0x555556aaa6f0 /* 0 entries */, 32768) = 0 [pid 5056] close(3) = 0 [ 76.161446][ T23] cfg80211: failed to load regulatory.db [ 286.081105][ T29] INFO: task syz-executor186:5057 blocked for more than 143 seconds. [ 286.089182][ T29] Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 286.096404][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.105089][ T29] task:syz-executor186 state:D stack:28040 pid:5057 tgid:5057 ppid:5056 flags:0x00004006 [ 286.115291][ T29] Call Trace: [ 286.118563][ T29] [ 286.121503][ T29] __schedule+0xf12/0x5c00 [ 286.125961][ T29] ? __schedule+0xf1a/0x5c00 [ 286.130531][ T29] ? io_schedule_timeout+0x150/0x150 [ 286.135834][ T29] ? lock_release+0x4bf/0x690 [ 286.140531][ T29] ? schedule+0x1fc/0x270 [ 286.144880][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.150270][ T29] ? lock_release+0x4bf/0x690 [ 286.154962][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.160342][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 286.165723][ T29] schedule+0xe9/0x270 [ 286.169793][ T29] schedule_timeout+0x257/0x290 [ 286.174666][ T29] ? usleep_range_state+0x1a0/0x1a0 [ 286.179890][ T29] ? lock_release+0x4bf/0x690 [ 286.184581][ T29] ? rcu_is_watching+0x12/0xb0 [ 286.189361][ T29] __wait_for_common+0x3e0/0x5f0 [ 286.194318][ T29] ? usleep_range_state+0x1a0/0x1a0 [ 286.199534][ T29] ? out_of_line_wait_on_bit_timeout+0x170/0x170 [ 286.205875][ T29] ? flush_workqueue_prep_pwqs+0x28f/0x4f0 [ 286.211717][ T29] ? check_flush_dependency+0x86/0x460 [ 286.217162][ T29] __flush_workqueue+0x3e0/0x1340 [ 286.222195][ T29] ? blk_mq_run_hw_queue+0x2b1/0x9a0 [ 286.227485][ T29] ? apply_wqattrs_cleanup.part.0+0x2b0/0x2b0 [ 286.233573][ T29] ? blk_mq_run_hw_queues+0x1fb/0x290 [ 286.238970][ T29] ? nbd_ioctl+0x308/0xd60 [ 286.243407][ T29] nbd_ioctl+0x308/0xd60 [ 286.247665][ T29] ? nbd_start_device+0xe00/0xe00 [ 286.252734][ T29] ? prepare_to_swait_exclusive+0x240/0x240 [ 286.258638][ T29] ? rcu_is_watching+0x12/0xb0 [ 286.263407][ T29] ? lock_release+0x4bf/0x690 [ 286.268095][ T29] ? nbd_start_device+0xe00/0xe00 [ 286.273131][ T29] blkdev_ioctl+0x2f3/0x760 [ 286.277644][ T29] ? blkdev_common_ioctl+0x1cc0/0x1cc0 [ 286.283109][ T29] ? bpf_lsm_file_ioctl+0x9/0x10 [ 286.288053][ T29] ? blkdev_common_ioctl+0x1cc0/0x1cc0 [ 286.293527][ T29] __x64_sys_ioctl+0x18f/0x210 [ 286.298301][ T29] do_syscall_64+0xd3/0x250 [ 286.302809][ T29] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 286.308725][ T29] RIP: 0033:0x7faa270ec879 [ 286.313179][ T29] RSP: 002b:00007ffd5a137f38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.321627][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa270ec879 [ 286.329587][ T29] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 286.337561][ T29] RBP: 00007faa2715f5f0 R08: 0000000000000006 R09: 0000000000000006 [ 286.345556][ T29] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 286.353529][ T29] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 286.361530][ T29] [ 286.364542][ T29] INFO: lockdep is turned off. [ 286.369273][ T29] NMI backtrace for cpu 0 [ 286.373569][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 286.382993][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 286.393019][ T29] Call Trace: [ 286.396273][ T29] [ 286.399179][ T29] dump_stack_lvl+0xd9/0x1b0 [ 286.403754][ T29] nmi_cpu_backtrace+0x277/0x390 [ 286.408669][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.413847][ T29] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 286.419814][ T29] watchdog+0xf87/0x1210 [ 286.424033][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.429989][ T29] ? __kthread_parkme+0x14b/0x220 [ 286.434993][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.440950][ T29] kthread+0x2c6/0x3a0 [ 286.444991][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.450596][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.456200][ T29] ret_from_fork+0x45/0x80 [ 286.460590][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.466197][ T29] ret_from_fork_asm+0x11/0x20 [ 286.470939][ T29] [ 286.474017][ T29] Sending NMI from CPU 0 to CPUs 1: [ 286.479223][ C1] NMI backtrace for cpu 1 [ 286.479230][ C1] CPU: 1 PID: 59 Comm: kworker/u4:4 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 286.479244][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 286.479252][ C1] Workqueue: events_unbound toggle_allocation_gate [ 286.479272][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 286.479291][ C1] Code: b6 dc df 02 66 0f 1f 44 00 00 f3 0f 1e fa 48 8b be b0 01 00 00 e8 b0 ff ff ff 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1e fa 65 48 8b 14 25 80 c2 03 00 65 8b 05 d4 b1 7b 7e a9 00 [ 286.479302][ C1] RSP: 0018:ffffc900015a7880 EFLAGS: 00000246 [ 286.479311][ C1] RAX: 0000000000000000 RBX: 00002aaaaaaab000 RCX: ffffffff81cfc7cd [ 286.479318][ C1] RDX: ffff888016763b80 RSI: 0000000000000000 RDI: 0000000000000007 [ 286.479325][ C1] RBP: 0000000013084067 R08: 0000000000000007 R09: 0000000000000000 [ 286.479332][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000067 [ 286.479339][ C1] R13: ffff888013076aa8 R14: 0000000000000000 R15: 000ffffffffff000 [ 286.479350][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 286.479367][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.479374][ C1] CR2: 0000555f499ba680 CR3: 000000000cf79000 CR4: 0000000000350ef0 [ 286.479382][ C1] Call Trace: [ 286.479386][ C1] [ 286.479390][ C1] ? show_regs+0x8f/0xa0 [ 286.479405][ C1] ? nmi_cpu_backtrace+0x1d4/0x390 [ 286.479425][ C1] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 286.479443][ C1] ? nmi_handle+0x1a6/0x570 [ 286.479457][ C1] ? x86_pmu_event_mapped+0x1c0/0x1c0 [ 286.479477][ C1] ? kcov_close+0x20/0x20 [ 286.479491][ C1] ? default_do_nmi+0x6a/0x160 [ 286.479506][ C1] ? exc_nmi+0x186/0x200 [ 286.479519][ C1] ? end_repeat_nmi+0xf/0x2a [ 286.479538][ C1] ? __pte_offset_map+0x16d/0x540 [ 286.479558][ C1] ? kcov_close+0x20/0x20 [ 286.479572][ C1] ? kcov_close+0x20/0x20 [ 286.479587][ C1] ? kcov_close+0x20/0x20 [ 286.479601][ C1] [ 286.479604][ C1] [ 286.479607][ C1] __pte_offset_map+0x17b/0x540 [ 286.479627][ C1] __pte_offset_map_lock+0x8e/0x2f0 [ 286.479638][ C1] ? lock_release+0x4bf/0x690 [ 286.479657][ C1] ? pte_offset_map_nolock+0x1b0/0x1b0 [ 286.479676][ C1] ? get_flush_tlb_info+0x167/0x220 [ 286.479693][ C1] __get_locked_pte+0x75/0xc0 [ 286.479705][ C1] ? kmalloc_node_trace+0xa3/0x380 [ 286.479722][ C1] __text_poke+0x224/0xca0 [ 286.479734][ C1] ? setup_data_read+0x280/0x280 [ 286.479745][ C1] ? kmalloc_trace+0xa2/0x340 [ 286.479763][ C1] ? apply_relocation+0x830/0x830 [ 286.479775][ C1] ? __text_poke+0xca0/0xca0 [ 286.479788][ C1] text_poke_bp_batch+0x3e0/0x750 [ 286.479802][ C1] ? kmalloc_node_trace+0xa3/0x380 [ 286.479818][ C1] ? alternatives_enable_smp+0x400/0x400 [ 286.479831][ C1] ? __jump_label_patch+0x1db/0x400 [ 286.479848][ C1] ? text_poke_queue+0xef/0x180 [ 286.479866][ C1] ? arch_jump_label_transform_queue+0xc0/0x110 [ 286.479886][ C1] text_poke_finish+0x30/0x40 [ 286.479899][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 286.479918][ C1] jump_label_update+0x1d7/0x400 [ 286.479936][ C1] static_key_disable_cpuslocked+0x154/0x1c0 [ 286.479954][ C1] static_key_disable+0x1a/0x20 [ 286.479971][ C1] toggle_allocation_gate+0x13f/0x250 [ 286.479988][ C1] ? wake_up_kfence_timer+0x30/0x30 [ 286.480004][ C1] ? prepare_to_swait_exclusive+0x240/0x240 [ 286.480025][ C1] process_one_work+0x886/0x15d0 [ 286.480044][ C1] ? lock_sync+0x190/0x190 [ 286.480054][ C1] ? workqueue_congested+0x300/0x300 [ 286.480072][ C1] ? assign_work+0x1a0/0x250 [ 286.480088][ C1] worker_thread+0x8b9/0x1290 [ 286.480107][ C1] ? process_one_work+0x15d0/0x15d0 [ 286.480123][ C1] kthread+0x2c6/0x3a0 [ 286.480137][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 286.480152][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 286.480167][ C1] ret_from_fork+0x45/0x80 [ 286.480181][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 286.480197][ C1] ret_from_fork_asm+0x11/0x20 [ 286.480216][ C1] [ 286.481236][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 286.481244][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 286.481260][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 286.481267][ T29] Call Trace: [ 286.481272][ T29] [ 286.481277][ T29] dump_stack_lvl+0xd9/0x1b0 [ 286.481303][ T29] panic+0x6dc/0x790 [ 286.481324][ T29] ? panic_smp_self_stop+0xa0/0xa0 [ 286.481344][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 286.481367][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.481389][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 286.481412][ T29] ? watchdog+0xd3e/0x1210 [ 286.481430][ T29] ? watchdog+0xd31/0x1210 [ 286.481449][ T29] watchdog+0xd4f/0x1210 [ 286.481470][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.481491][ T29] ? __kthread_parkme+0x14b/0x220 [ 286.481509][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 286.481529][ T29] kthread+0x2c6/0x3a0 [ 286.481547][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.481566][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.481585][ T29] ret_from_fork+0x45/0x80 [ 286.481604][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 286.481623][ T29] ret_from_fork_asm+0x11/0x20 [ 286.481647][ T29] [ 286.485442][ T29] Kernel Offset: disabled [ 287.004158][ T29] Rebooting in 86400 seconds..