./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor992404472 <...> forked to background, child pid 4670 [ 32.306333][ T4671] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.316946][ T4671] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 32.493158][ T4743] ssh-keygen (4743) used greatest stack depth: 22000 bytes left OK syzkaller Warning: Permanently added '10.128.1.188' (ECDSA) to the list of known hosts. execve("./syz-executor992404472", ["./syz-executor992404472"], 0x7ffd2e989d50 /* 10 vars */) = 0 brk(NULL) = 0x555556c49000 brk(0x555556c49c40) = 0x555556c49c40 arch_prctl(ARCH_SET_FS, 0x555556c49300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556c495d0) = 5002 set_robust_list(0x555556c495e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f414dfd85e0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f414dfd8cb0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f414dfd8680, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f414dfd8cb0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor992404472", 4096) = 27 brk(0x555556c6ac40) = 0x555556c6ac40 brk(0x555556c6b000) = 0x555556c6b000 mprotect(0x7f414e09a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556c495d0) = 5003 ./strace-static-x86_64: Process 5003 attached [pid 5003] set_robust_list(0x555556c495e0, 24) = 0 [pid 5003] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5003] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5003] setsid() = 1 [pid 5003] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5003] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5003] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5003] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5003] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5003] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5003] unshare(CLONE_NEWNS) = 0 [pid 5003] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5003] unshare(CLONE_NEWIPC) = 0 [pid 5003] unshare(CLONE_NEWCGROUP) = 0 [pid 5003] unshare(CLONE_NEWUTS) = 0 [pid 5003] unshare(CLONE_SYSVSEM) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "16777216", 8) = 8 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "536870912", 9) = 9 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "1024", 4) = 4 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "8192", 4) = 4 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "1024", 4) = 4 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "1024", 4) = 4 [pid 5003] close(3) = 0 [pid 5003] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5003] close(3) = 0 [pid 5003] getpid() = 1 [pid 5003] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5006] set_robust_list(0x7f414dfc89e0, 24) = 0 [pid 5006] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5005] <... futex resumed>) = 0 [pid 5005] futex(0x7f414e0a04c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] futex(0x7f414e0a04cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5005] <... futex resumed>) = 0 [pid 5005] futex(0x7f414e0a04c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] futex(0x7f414e0a04cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] ioctl(3, NBD_SET_SIZE_BLOCKS, 1) = 0 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5005] <... futex resumed>) = 0 [pid 5005] futex(0x7f414e0a04c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] futex(0x7f414e0a04cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 6 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5005] <... futex resumed>) = 0 [pid 5005] futex(0x7f414e0a04c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] futex(0x7f414e0a04cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5006] ioctl(3, NBD_SET_SOCK, 4) = 0 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5005] <... futex resumed>) = 0 [pid 5006] futex(0x7f414e0a04c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5005] futex(0x7f414e0a04c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5006] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5005] <... futex resumed>) = 0 [pid 5006] ioctl(6, NBD_DO_IT [pid 5005] futex(0x7f414e0a04cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5005] futex(0x7f414e0a04dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f414df87000 [pid 5005] mprotect(0x7f414df88000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5005] clone(child_stack=0x7f414dfa73f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[4], tls=0x7f414dfa7700, child_tidptr=0x7f414dfa79d0) = 4 ./strace-static-x86_64: Process 5008 attached [pid 5005] futex(0x7f414e0a04d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5005] futex(0x7f414e0a04dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5008] set_robust_list(0x7f414dfa79e0, 24) = 0 syzkaller login: [ 56.106965][ T5006] nbd0: detected capacity change from 0 to 2 [pid 5008] ioctl(3, BLKRRPART [pid 5005] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5005] futex(0x7f414e0a04dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5005] close(3) = 0 [pid 5005] close(4) = 0 [pid 5005] close(5 [pid 5006] <... ioctl resumed>) = 0 [pid 5005] <... close resumed>) = 0 [pid 5006] futex(0x7f414e0a04cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5006] futex(0x7f414e0a04c8, FUTEX_WAIT_PRIVATE, 0, NULL [ 56.349223][ T4409] block nbd0: Receive control failed (result -104) [pid 5005] close(6 [pid 5003] kill(-2, SIGKILL) = 0 [pid 5006] <... futex resumed>) = ? [pid 5003] kill(2, SIGKILL [pid 5006] +++ killed by SIGKILL +++ [pid 5003] <... kill resumed>) = 0 [pid 5003] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5003] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5003] getdents64(3, 0x555556c4a620 /* 2 entries */, 32768) = 48 [pid 5003] getdents64(3, 0x555556c4a620 /* 0 entries */, 32768) = 0 [pid 5003] close(3) = 0 [ 76.626090][ T2481] cfg80211: failed to load regulatory.db [ 86.224511][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 30 seconds [ 116.304292][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 60 seconds [ 117.636554][ T4457] udevd[4457]: worker [5007] /devices/virtual/block/nbd0 is taking a long time [ 146.383841][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 90 seconds [ 176.463843][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 120 seconds [ 206.543886][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 150 seconds [ 236.623959][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 180 seconds [ 237.792743][ T4457] udevd[4457]: worker [5007] /devices/virtual/block/nbd0 timeout; kill it [ 237.802127][ T4457] udevd[4457]: seq 7544 '/devices/virtual/block/nbd0' killed [ 266.703948][ T52] block nbd0: Possible stuck request ffff88801ee88000: control (read@0,1024B). Runtime 210 seconds [ 286.543746][ T28] INFO: task syz-executor992:5005 blocked for more than 143 seconds. [ 286.551930][ T28] Not tainted 6.3.0-next-20230428-syzkaller #0 [ 286.559078][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.567883][ T28] task:syz-executor992 state:D stack:27408 pid:5005 ppid:5003 flags:0x00004006 [ 286.577181][ T28] Call Trace: [ 286.580483][ T28] [ 286.583412][ T28] __schedule+0x1d15/0x5790 [ 286.588303][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.594421][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.599755][ T28] ? __mutex_lock+0xa36/0x1350 [ 286.604620][ T28] schedule+0xde/0x1a0 [ 286.608726][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.614243][ T28] __mutex_lock+0xa3b/0x1350 [ 286.618866][ T28] ? blkdev_put+0xba/0x780 [ 286.623330][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.628957][ T28] ? locks_check_ctx_file_list+0x1d/0x320 [ 286.634771][ T28] ? lock_acquire+0x32/0xc0 [ 286.639280][ T28] ? do_raw_spin_unlock+0x175/0x230 [ 286.644528][ T28] ? _raw_spin_unlock+0x28/0x40 [ 286.649399][ T28] ? locks_remove_file+0x2fb/0x5b0 [ 286.654618][ T28] blkdev_put+0xba/0x780 [ 286.658906][ T28] blkdev_close+0x68/0x80 [ 286.663236][ T28] __fput+0x27c/0xa90 [ 286.667268][ T28] ? blkdev_fsync+0xa0/0xa0 [ 286.671800][ T28] task_work_run+0x16f/0x270 [ 286.676698][ T28] ? task_work_cancel+0x30/0x30 [ 286.681594][ T28] ptrace_notify+0x118/0x140 [ 286.686251][ T28] syscall_exit_to_user_mode_prepare+0x129/0x220 [ 286.692601][ T28] syscall_exit_to_user_mode+0xd/0x50 [ 286.698182][ T28] do_syscall_64+0x46/0xb0 [ 286.702620][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.708634][ T28] RIP: 0033:0x7f414dfd7bcb [ 286.713062][ T28] RSP: 002b:00007ffc2776deb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 286.721544][ T28] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 00007f414dfd7bcb [ 286.729565][ T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 286.737602][ T28] RBP: 0000000000000007 R08: 0000000000000000 R09: 00007ffc277d9080 [ 286.745663][ T28] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000db50 [ 286.753720][ T28] R13: 00007f414e0a04dc R14: 00007ffc2776df10 R15: 00007f414e0a04c0 [ 286.761807][ T28] [ 286.764900][ T28] INFO: task syz-executor992:5008 blocked for more than 143 seconds. [ 286.773003][ T28] Not tainted 6.3.0-next-20230428-syzkaller #0 [ 286.779921][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.788848][ T28] task:syz-executor992 state:D stack:28592 pid:5008 ppid:5003 flags:0x00004004 [ 286.798134][ T28] Call Trace: [ 286.801436][ T28] [ 286.804417][ T28] __schedule+0x1d15/0x5790 [ 286.809018][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.815088][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.820849][ T28] ? __mutex_lock+0xa36/0x1350 [ 286.825705][ T28] schedule+0xde/0x1a0 [ 286.829809][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.835346][ T28] __mutex_lock+0xa3b/0x1350 [ 286.839986][ T28] ? blkdev_get_by_dev.part.0+0x95/0xb80 [ 286.845677][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.851255][ T28] ? kobject_get_unless_zero+0x15e/0x1e0 [ 286.857024][ T28] ? iput+0xcd/0x7a0 [ 286.860952][ T28] ? disk_block_events+0x21/0x140 [ 286.866126][ T28] blkdev_get_by_dev.part.0+0x95/0xb80 [ 286.871616][ T28] ? devcgroup_check_permission+0x1aa/0x4a0 [ 286.877690][ T28] blkdev_get_by_dev+0x6f/0x90 [ 286.882480][ T28] disk_scan_partitions+0x1eb/0x310 [ 286.887753][ T28] blkdev_common_ioctl+0x5bb/0x1a40 [ 286.892978][ T28] ? blkdev_bszset+0x1f0/0x1f0 [ 286.897809][ T28] ? trace_lock_acquire+0x12d/0x180 [ 286.903060][ T28] ? lock_acquire+0x32/0xc0 [ 286.907621][ T28] ? receive_fd+0x110/0x110 [ 286.912143][ T28] blkdev_ioctl+0x2c8/0x7f0 [ 286.916725][ T28] ? blkdev_common_ioctl+0x1a40/0x1a40 [ 286.922232][ T28] ? bpf_lsm_file_ioctl+0x9/0x10 [ 286.927290][ T28] ? blkdev_common_ioctl+0x1a40/0x1a40 [ 286.932776][ T28] __x64_sys_ioctl+0x197/0x210 [ 286.937590][ T28] do_syscall_64+0x39/0xb0 [ 286.942044][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.948005][ T28] RIP: 0033:0x7f414e01b599 [ 286.952449][ T28] RSP: 002b:00007f414dfa7308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.961018][ T28] RAX: ffffffffffffffda RBX: 00007f414e0a04d8 RCX: 00007f414e01b599 [ 286.969032][ T28] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 286.977044][ T28] RBP: 00007f414e0a04d0 R08: 00007f414dfa7700 R09: 0000000000000000 [ 286.985060][ T28] R10: 00007f414dfa7700 R11: 0000000000000246 R12: 00007f414e0a04dc [ 286.993027][ T28] R13: 00007f414e06d1a4 R14: 64626e2f7665642f R15: 0000000000022000 [ 287.001059][ T28] [ 287.004134][ T28] [ 287.004134][ T28] Showing all locks held in the system: [ 287.011867][ T28] 1 lock held by rcu_tasks_kthre/13: [ 287.017205][ T28] #0: ffffffff8c798df0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 287.027857][ T28] 1 lock held by rcu_tasks_trace/14: [ 287.033142][ T28] #0: ffffffff8c798af0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 287.044372][ T28] 1 lock held by khungtaskd/28: [ 287.049229][ T28] #0: ffffffff8c799a00 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x390 [ 287.059237][ T28] 5 locks held by kworker/u4:6/3141: [ 287.064660][ T28] #0: ffff8880b993c5d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2f/0x120 [ 287.074869][ T28] #1: ffff8880b9928848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2de/0x950 [ 287.086421][ T28] #2: ffff8880b9928848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_change+0x1bf/0x300 [ 287.097929][ T28] #3: ffffffff91ff5820 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x134/0x3f0 [ 287.108404][ T28] #4: ffffffff8c65c708 (text_mutex){+.+.}-{3:3}, at: arch_jump_label_transform_apply+0x12/0x30 [ 287.118990][ T28] 2 locks held by getty/4754: [ 287.123703][ T28] #0: ffff88802861b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 287.133475][ T28] #1: ffffc900015b02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 287.143859][ T28] 1 lock held by syz-executor992/5005: [ 287.149304][ T28] #0: ffff888140f344c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xba/0x780 [ 287.158867][ T28] 1 lock held by syz-executor992/5008: [ 287.164360][ T28] #0: ffff888140f344c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x95/0xb80 [ 287.175264][ T28] 1 lock held by udevd/5007: [ 287.179868][ T28] #0: ffff888140f344c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x95/0xb80 [ 287.190923][ T28] [ 287.193251][ T28] ============================================= [ 287.193251][ T28] [ 287.201881][ T28] NMI backtrace for cpu 1 [ 287.206211][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.3.0-next-20230428-syzkaller #0 [ 287.215164][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 287.225212][ T28] Call Trace: [ 287.228478][ T28] [ 287.231408][ T28] dump_stack_lvl+0xd9/0x150 [ 287.236011][ T28] nmi_cpu_backtrace+0x29c/0x350 [ 287.240958][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.246161][ T28] nmi_trigger_cpumask_backtrace+0x2a4/0x300 [ 287.252133][ T28] watchdog+0xe16/0x1090 [ 287.256397][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.262389][ T28] kthread+0x344/0x440 [ 287.266470][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 287.272113][ T28] ret_from_fork+0x1f/0x30 [ 287.276562][ T28] [ 287.279697][ T28] Sending NMI from CPU 1 to CPUs 0: [ 287.284999][ C0] NMI backtrace for cpu 0 [ 287.285009][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-next-20230428-syzkaller #0 [ 287.285027][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 287.285037][ C0] RIP: 0010:hrtimer_reprogram+0x0/0x440 [ 287.285068][ C0] Code: 65 48 8b 2c 25 c0 bb 03 00 80 3c 02 00 75 10 48 89 6b 40 5b 5d 41 5c c3 e8 fd 86 63 00 eb c4 e8 f6 86 63 00 eb e9 0f 1f 40 00 <41> 57 41 56 49 c7 c6 40 b8 02 00 41 55 41 54 55 53 48 89 fb 48 83 [ 287.285083][ C0] RSP: 0018:ffffffff8c407d18 EFLAGS: 00000093 [ 287.285097][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 287.285107][ C0] RDX: ffffffff8c495780 RSI: 0000000000000001 RDI: ffff8880b982c170 [ 287.285118][ C0] RBP: ffff8880b982b840 R08: 0000000000000005 R09: 0000000000000000 [ 287.285129][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 287.285138][ C0] R13: ffff8880b982b8c0 R14: ffff8880b982c170 R15: 0000000000000000 [ 287.285149][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 287.285166][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.285178][ C0] CR2: 00007f9866134580 CR3: 0000000029213000 CR4: 00000000003506f0 [ 287.285189][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.285198][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.285208][ C0] Call Trace: [ 287.285213][ C0] [ 287.285218][ C0] hrtimer_start_range_ns+0x7e6/0xbd0 [ 287.285262][ C0] tick_nohz_restart+0x191/0x200 [ 287.285288][ C0] tick_nohz_idle_exit+0x267/0x310 [ 287.285308][ C0] do_idle+0x25b/0x3c0 [ 287.285325][ C0] ? arch_cpu_idle_exit+0x30/0x30 [ 287.285346][ C0] cpu_startup_entry+0x18/0x20 [ 287.285362][ C0] rest_init+0x16f/0x2b0 [ 287.285379][ C0] ? regulator_has_full_constraints+0x9/0x20 [ 287.285433][ C0] ? trace_init_perf_perm_irq_work_exit+0x20/0x20 [ 287.285490][ C0] arch_call_rest_init+0x13/0x30 [ 287.285520][ C0] start_kernel+0x3b6/0x490 [ 287.285546][ C0] x86_64_start_reservations+0x18/0x30 [ 287.285568][ C0] x86_64_start_kernel+0xb3/0xc0 [ 287.285588][ C0] secondary_startup_64_no_verify+0xf4/0xfb [ 287.285618][ C0] [ 287.286027][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 287.507562][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.3.0-next-20230428-syzkaller #0 [ 287.516498][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 287.526552][ T28] Call Trace: [ 287.529834][ T28] [ 287.532765][ T28] dump_stack_lvl+0xd9/0x150 [ 287.537372][ T28] panic+0x686/0x730 [ 287.541282][ T28] ? panic_smp_self_stop+0xa0/0xa0 [ 287.546412][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.551624][ T28] ? preempt_schedule_thunk+0x1a/0x20 [ 287.557020][ T28] ? watchdog+0xbe8/0x1090 [ 287.561458][ T28] watchdog+0xbf9/0x1090 [ 287.565730][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.571743][ T28] kthread+0x344/0x440 [ 287.575821][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 287.581472][ T28] ret_from_fork+0x1f/0x30 [ 287.585922][ T28] [ 287.589090][ T28] Kernel Offset: disabled [ 287.593430][ T28] Rebooting in 86400 seconds..