./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1556707849 <...> Warning: Permanently added '10.128.0.38' (ED25519) to the list of known hosts. execve("./syz-executor1556707849", ["./syz-executor1556707849"], 0x7fffe8c48c80 /* 10 vars */) = 0 brk(NULL) = 0x55558e3c8000 brk(0x55558e3c8d00) = 0x55558e3c8d00 arch_prctl(ARCH_SET_FS, 0x55558e3c8380) = 0 set_tid_address(0x55558e3c8650) = 5854 set_robust_list(0x55558e3c8660, 24) = 0 rseq(0x55558e3c8ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1556707849", 4096) = 28 getrandom("\x03\x61\x81\x56\x6e\x1b\x3f\x9e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558e3c8d00 brk(0x55558e3e9d00) = 0x55558e3e9d00 brk(0x55558e3ea000) = 0x55558e3ea000 mprotect(0x7f0c58b7d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached , child_tidptr=0x55558e3c8650) = 5855 [pid 5854] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC [pid 5855] set_robust_list(0x55558e3c8660, 24) = 0 [pid 5854] <... openat resumed>) = 3 [pid 5854] write(3, "10000000000", 11) = 11 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "20", 2) = 2 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "0", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "0", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "100", 3) = 3 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "0", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "0", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "7 4 1 3", 7) = 7 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "0", 1) = 1 [pid 5854] close(3) = 0 [pid 5854] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "5855", 4) = 4 [pid 5854] close(3) = 0 [pid 5854] kill(5855, SIGKILL) = 0 [pid 5855] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5855, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- mkdir("./syzkaller.ITZgO8", 0700) = 0 chmod("./syzkaller.ITZgO8", 0777) = 0 chdir("./syzkaller.ITZgO8") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5856 attached [pid 5856] set_robust_list(0x55558e3c8660, 24 [pid 5854] <... clone resumed>, child_tidptr=0x55558e3c8650) = 5856 [pid 5856] <... set_robust_list resumed>) = 0 [pid 5856] chdir("./0") = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] setpgid(0, 0) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5856] write(3, "1000", 4) = 4 [pid 5856] close(3) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5856] write(1, "executing program\n", 18executing program ) = 18 [pid 5856] memfd_create("syzkaller", 0) = 3 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0c50600000 [pid 5856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5856] munmap(0x7f0c50600000, 138412032) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] close(3) = 0 [pid 5856] close(4) = 0 [pid 5856] mkdir("./file1", 0777) = 0 [ 233.020545][ T5856] loop0: detected capacity change from 0 to 32768 [ 233.105826][ T5856] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=zstd,norecovery,nojournal_transaction_names,allocator_stuck_timeout=32767 [ 233.124841][ T5856] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 233.140851][ T5856] invalid bkey u64s 8 type snapshot 0:4294967295:0 len 0 ver 0: is_subvol 0 deleted 1 parent 0 children 0 33280 subvol 1 tree 0 [ 233.140875][ T5856] children not normalized: delete?, fixing [ 233.166290][ T5856] bcachefs (loop0): accounting_read... done [ 233.172943][ T5856] bcachefs (loop0): alloc_read... done [ 233.178597][ T5856] bcachefs (loop0): stripes_read... done [ 233.184500][ T5856] bcachefs (loop0): snapshots_read... done [ 233.198266][ T5856] bcachefs (loop0): going read-write [pid 5856] mount("/dev/loop0", "./file1", "bcachefs", MS_I_VERSION, "\x61\x63\x6c\x2c\x72\x65\x61\x64\x5f\x6f\x6e\x6c\x79\x2c\x6e\x6f\x72\x65\x63\x6f\x76\x65\x72\x79\x2c\x63\x6f\x6d\x70\x72\x65\x73\x73\x69\x6f\x6e\x3d\x7a\x73\x74\x64\x2c\x6a\x6f\x75\x72\x6e\x61\x6c\x5f\x66\x6c\x75\x73\x68\x5f\x64\x69\x73\x61\x62\x6c\x65\x01") = 0 [pid 5856] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_CLR_FD) = 0 [ 233.210248][ T5856] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 233.223163][ T5856] bcachefs (loop0): done starting filesystem [pid 5856] close(4) = 0 [pid 5856] clone(child_stack=NULL, flags=0./strace-static-x86_64: Process 5868 attached ) = 5868 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ [pid 5854] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=30 /* 0.30 s */} --- [pid 5854] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5854] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5854] getdents64(3, 0x55558e3c96f0 /* 4 entries */, 32768) = 112 [pid 5854] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] unlink("./0/binderfs") = 0 [pid 5854] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) [pid 5854] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) [pid 5854] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5854] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5854] getdents64(4, 0x55558e3d1730 /* 3 entries */, 32768) = 80 [pid 5854] umount2("./0/file1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] newfstatat(AT_FDCWD, "./0/file1/file0", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] umount2("./0/file1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] openat(AT_FDCWD, "./0/file1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 [pid 5854] newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5854] getdents64(5, 0x55558e3d9770 /* 3 entries */, 32768) = 80 [ 233.285012][ T5856] syz-executor155 (5856) used greatest stack depth: 18816 bytes left [pid 5854] umount2("./0/file1/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] newfstatat(AT_FDCWD, "./0/file1/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] unlink("./0/file1/file0/file1") = 0 [pid 5854] getdents64(5, 0x55558e3d9770 /* 1 entries */, 32768) = 32 [pid 5854] umount2("./0/file1/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] newfstatat(AT_FDCWD, "./0/file1/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] unlink("./0/file1/file0/file0") = 0 [pid 5854] getdents64(5, 0x55558e3d9770 /* 0 entries */, 32768) = 0 [pid 5854] close(5) = 0 [pid 5854] rmdir("./0/file1/file0" [pid 5868] exit(0 [pid 5854] <... rmdir resumed>) = 0 [pid 5868] <... exit resumed>) = ? [pid 5868] +++ exited with 0 +++ getdents64(4, 0x55558e3d1730 /* 1 entries */, 32768) = 32 umount2("./0/file1/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file1/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/file1/file3") = 0 getdents64(4, 0x55558e3d1730 /* 1 entries */, 32768) = 32 umount2("./0/file1/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file1/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 395.993152][ T30] INFO: task bch-reclaim/loo:5865 blocked for more than 143 seconds. [ 396.001334][ T30] Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 396.009029][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 396.017878][ T30] task:bch-reclaim/loo state:D stack:25848 pid:5865 tgid:5865 ppid:2 flags:0x00004000 [ 396.028279][ T30] Call Trace: [ 396.031575][ T30] [ 396.034554][ T30] __schedule+0x184f/0x4c30 [ 396.039121][ T30] ? __pfx___schedule+0x10/0x10 [ 396.044051][ T30] ? __pfx_lock_release+0x10/0x10 [ 396.049120][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 396.054647][ T30] ? schedule+0x90/0x320 [ 396.058918][ T30] schedule+0x14b/0x320 [ 396.063161][ T30] schedule_preempt_disabled+0x13/0x30 [ 396.068655][ T30] __mutex_lock+0x6a7/0xd70 [ 396.073215][ T30] ? __mutex_lock+0x52a/0xd70 [ 396.077928][ T30] ? btree_write_buffer_flush_seq+0x1a39/0x1bc0 [ 396.084260][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 396.089355][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.095053][ T30] ? bch2_trans_unlock+0x3a6/0x470 [ 396.100222][ T30] btree_write_buffer_flush_seq+0x1a39/0x1bc0 [ 396.106377][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.112065][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 396.117159][ T30] ? __asan_memset+0x23/0x50 [ 396.121793][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 396.127273][ T30] ? __pfx_btree_write_buffer_flush_seq+0x10/0x10 [ 396.133781][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 396.139632][ T30] ? journal_flush_pins+0x597/0xb20 [ 396.144929][ T30] ? __pfx_lock_release+0x10/0x10 [ 396.150011][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.155731][ T30] ? __bch2_trans_get+0x975/0xd20 [ 396.160782][ T30] bch2_btree_write_buffer_journal_flush+0x4e/0x80 [ 396.167362][ T30] ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10 [ 396.174880][ T30] journal_flush_pins+0x5f9/0xb20 [ 396.179932][ T30] __bch2_journal_reclaim+0x789/0xdc0 [ 396.185491][ T30] bch2_journal_reclaim_thread+0x174/0x560 [ 396.191363][ T30] ? bch2_journal_reclaim_thread+0x249/0x560 [ 396.197600][ T30] ? __pfx_bch2_journal_reclaim_thread+0x10/0x10 [ 396.204009][ T30] kthread+0x2f2/0x390 [ 396.208082][ T30] ? __pfx_bch2_journal_reclaim_thread+0x10/0x10 [ 396.214471][ T30] ? __pfx_kthread+0x10/0x10 [ 396.219091][ T30] ret_from_fork+0x4d/0x80 [ 396.223590][ T30] ? __pfx_kthread+0x10/0x10 [ 396.228209][ T30] ret_from_fork_asm+0x1a/0x30 [ 396.233236][ T30] [ 396.236294][ T30] [ 396.236294][ T30] Showing all locks held in the system: [ 396.244092][ T30] 1 lock held by khungtaskd/30: [ 396.248978][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 396.259373][ T30] 2 locks held by getty/5591: [ 396.264146][ T30] #0: ffff8880349da0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 396.274025][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 396.284270][ T30] 3 locks held by syz-executor155/5854: [ 396.289842][ T30] #0: ffff88807c9ae420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 396.299207][ T30] #1: ffff888070404398 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x7de/0xd20 [ 396.309790][ T30] #2: ffff8880704266d0 (&c->gc_lock){.+.+}-{3:3}, at: bch2_btree_update_start+0x682/0x14e0 [ 396.319975][ T30] 3 locks held by bch-reclaim/loo/5865: [ 396.325585][ T30] #0: ffff88807044b0a8 (&j->reclaim_lock){+.+.}-{3:3}, at: bch2_journal_reclaim_thread+0x167/0x560 [ 396.336477][ T30] #1: ffff888070404398 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x7de/0xd20 [ 396.347034][ T30] #2: ffff888070404740 (&wb->flushing.lock){+.+.}-{3:3}, at: btree_write_buffer_flush_seq+0x1a39/0x1bc0 [ 396.358344][ T30] 3 locks held by bch-copygc/loop/5866: [ 396.363945][ T30] #0: ffff888070404740 (&wb->flushing.lock){+.+.}-{3:3}, at: bch2_btree_write_buffer_tryflush+0x14b/0x1c0 [ 396.375598][ T30] #1: ffff888070404398 (&c->btree_trans_barrier){.+.+}-{0:0}, at: bch2_trans_srcu_lock+0x97/0x1a0 [ 396.386448][ T30] #2: ffff8880704266d0 (&c->gc_lock){.+.+}-{3:3}, at: bch2_btree_update_start+0x682/0x14e0 [ 396.397450][ T30] [ 396.399810][ T30] ============================================= [ 396.399810][ T30] [ 396.408312][ T30] NMI backtrace for cpu 0 [ 396.412655][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 396.423171][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 396.433235][ T30] Call Trace: [ 396.436523][ T30] [ 396.439462][ T30] dump_stack_lvl+0x241/0x360 [ 396.444168][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 396.449582][ T30] ? __pfx__printk+0x10/0x10 [ 396.454196][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 396.459163][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 396.464640][ T30] ? _printk+0xd5/0x120 [ 396.468809][ T30] ? __pfx__printk+0x10/0x10 [ 396.473446][ T30] ? __wake_up_klogd+0xcc/0x110 [ 396.478321][ T30] ? __pfx__printk+0x10/0x10 [ 396.482929][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.488622][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 396.493670][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 396.499669][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 396.505677][ T30] watchdog+0xff4/0x1040 [ 396.509969][ T30] ? watchdog+0x1ea/0x1040 [ 396.514433][ T30] ? __pfx_watchdog+0x10/0x10 [ 396.519506][ T30] kthread+0x2f2/0x390 [ 396.523587][ T30] ? __pfx_watchdog+0x10/0x10 [ 396.528283][ T30] ? __pfx_kthread+0x10/0x10 [ 396.532913][ T30] ret_from_fork+0x4d/0x80 [ 396.537366][ T30] ? __pfx_kthread+0x10/0x10 [ 396.541965][ T30] ret_from_fork_asm+0x1a/0x30 [ 396.546763][ T30] [ 396.549947][ T30] Sending NMI from CPU 0 to CPUs 1: [ 396.555418][ C1] NMI backtrace for cpu 1 [ 396.555433][ C1] CPU: 1 UID: 0 PID: 67 Comm: kworker/u8:4 Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 396.555459][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 396.555474][ C1] Workqueue: 0x0 (events_unbound) [ 396.555504][ C1] RIP: 0010:srso_alias_safe_ret+0x0/0x7 [ 396.555539][ C1] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <48> 8d 64 24 08 c3 cc e8 f4 ff ff ff 0f 0b cc cc cc cc cc cc cc cc [ 396.555558][ C1] RSP: 0018:ffffc900015f72b0 EFLAGS: 00000096 [ 396.555578][ C1] RAX: 1ffffffff1cffcbc RBX: 0000000000000008 RCX: dffffc0000000000 [ 396.555595][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8e7fe6d0 [ 396.555610][ C1] RBP: 0000000000000048 R08: ffffffff8e7fe6d7 R09: 1ffffffff1cffcda [ 396.555627][ C1] R10: dffffc0000000000 R11: fffffbfff1cffcdb R12: ffff888020af0000 [ 396.555645][ C1] R13: ffff888020af0068 R14: 1ffff1100415e00d R15: ffff8880b873ea80 [ 396.555666][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 396.555686][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 396.555703][ C1] CR2: 0000558081776600 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 396.555727][ C1] Call Trace: [ 396.555735][ C1] [ 396.555744][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 396.555781][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 396.555822][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 396.555868][ C1] ? nmi_handle+0x2a/0x5a0 [ 396.555903][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 396.555937][ C1] ? nmi_handle+0x151/0x5a0 [ 396.555961][ C1] ? nmi_handle+0x2a/0x5a0 [ 396.555987][ C1] ? __entry_text_end+0x1020c9/0x1020c9 [ 396.556019][ C1] ? default_do_nmi+0x63/0x160 [ 396.556057][ C1] ? exc_nmi+0x123/0x1f0 [ 396.556093][ C1] ? end_repeat_nmi+0xf/0x53 [ 396.556128][ C1] ? __entry_text_end+0x1020c9/0x1020c9 [ 396.556161][ C1] ? __entry_text_end+0x1020c9/0x1020c9 [ 396.556195][ C1] ? __entry_text_end+0x1020c9/0x1020c9 [ 396.556228][ C1] [ 396.556236][ C1] [ 396.556243][ C1] srso_alias_return_thunk+0x5/0xfbef5 [ 396.556275][ C1] activate_task+0x61/0xc0 [ 396.556320][ C1] attach_task+0xee/0x190 [ 396.556349][ C1] sched_balance_rq+0x664a/0x8620 [ 396.556421][ C1] ? __pfx_sched_balance_rq+0x10/0x10 [ 396.556451][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.556502][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.556534][ C1] ? __lock_acquire+0x1384/0x2050 [ 396.556589][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 396.556637][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 396.556668][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.556704][ C1] sched_balance_newidle+0x6ba/0xfd0 [ 396.556746][ C1] ? sched_balance_newidle+0x2c0/0xfd0 [ 396.556787][ C1] ? __pfx_sched_balance_newidle+0x10/0x10 [ 396.556820][ C1] ? dl_server_stop+0x4c/0x90 [ 396.556851][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 396.556883][ C1] ? dequeue_entities+0xc07/0xfb0 [ 396.556924][ C1] pick_next_task_fair+0x40/0xc90 [ 396.556965][ C1] __pick_next_task+0xdd/0x400 [ 396.556995][ C1] __schedule+0x776/0x4c30 [ 396.557036][ C1] ? __pfx___schedule+0x10/0x10 [ 396.557062][ C1] ? schedule+0x90/0x320 [ 396.557086][ C1] ? __pfx_lock_release+0x10/0x10 [ 396.557123][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 396.557162][ C1] ? schedule+0x90/0x320 [ 396.557192][ C1] ? wq_worker_sleeping+0x66/0x240 [ 396.557229][ C1] ? schedule+0x90/0x320 [ 396.557252][ C1] schedule+0x14b/0x320 [ 396.557278][ C1] worker_thread+0xa30/0xd30 [ 396.557322][ C1] ? __kthread_parkme+0x169/0x1d0 [ 396.557360][ C1] ? __pfx_worker_thread+0x10/0x10 [ 396.557395][ C1] kthread+0x2f2/0x390 [ 396.557418][ C1] ? __pfx_worker_thread+0x10/0x10 [ 396.557452][ C1] ? __pfx_kthread+0x10/0x10 [ 396.557479][ C1] ret_from_fork+0x4d/0x80 [ 396.557515][ C1] ? __pfx_kthread+0x10/0x10 [ 396.557538][ C1] ret_from_fork_asm+0x1a/0x30 [ 396.557583][ C1] [ 396.558445][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 396.960516][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00077-g2e1b3cc9d7f7 #0 [ 396.971026][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 396.981088][ T30] Call Trace: [ 396.984372][ T30] [ 396.987394][ T30] dump_stack_lvl+0x241/0x360 [ 396.992096][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 396.997314][ T30] ? __pfx__printk+0x10/0x10 [ 397.001918][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 397.007925][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 397.013573][ T30] ? vscnprintf+0x5d/0x90 [ 397.017921][ T30] panic+0x349/0x880 [ 397.022087][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 397.027738][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 397.033916][ T30] ? __pfx_panic+0x10/0x10 [ 397.038346][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 397.044023][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 397.049754][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 397.055158][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 397.061333][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 397.067511][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 397.073156][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 397.079333][ T30] watchdog+0x1033/0x1040 [ 397.083683][ T30] ? watchdog+0x1ea/0x1040 [ 397.088118][ T30] ? __pfx_watchdog+0x10/0x10 [ 397.092809][ T30] kthread+0x2f2/0x390 [ 397.096881][ T30] ? __pfx_watchdog+0x10/0x10 [ 397.101572][ T30] ? __pfx_kthread+0x10/0x10 [ 397.106170][ T30] ret_from_fork+0x4d/0x80 [ 397.110604][ T30] ? __pfx_kthread+0x10/0x10 [ 397.115202][ T30] ret_from_fork_asm+0x1a/0x30 [ 397.119996][ T30] [ 397.123219][ T30] Kernel Offset: disabled [ 397.127539][ T30] Rebooting in 86400 seconds..