./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor520910710 <...> Warning: Permanently added '10.128.10.27' (ECDSA) to the list of known hosts. execve("./syz-executor520910710", ["./syz-executor520910710"], 0x7ffe56394a30 /* 10 vars */) = 0 brk(NULL) = 0x555555eba000 brk(0x555555ebac40) = 0x555555ebac40 arch_prctl(ARCH_SET_FS, 0x555555eba300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor520910710", 4096) = 27 brk(0x555555edbc40) = 0x555555edbc40 brk(0x555555edc000) = 0x555555edc000 mprotect(0x7f0ff88d5000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555eba5d0) = 3606 ./strace-static-x86_64: Process 3606 attached [pid 3606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3606] setpgid(0, 0) = 0 [pid 3606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3606] write(3, "1000", 4) = 4 [pid 3606] close(3) = 0 [pid 3606] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 3606] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 5 [pid 3606] ioctl(5, NBD_SET_SOCK, 3) = 0 [pid 3606] ioctl(5, NBD_SET_SIZE_BLOCKS, 4294967297) = 0 [pid 3606] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY|O_NONBLOCK) = 6 syzkaller login: [ 39.437750][ T3606] nbd0: detected capacity change from 0 to 8589934594 [pid 3606] ioctl(6, NBD_DO_IT [pid 3605] kill(-3606, SIGKILL) = 0 [pid 3605] kill(3606, SIGKILL) = 0 [pid 3606] <... ioctl resumed>) = ? [ 44.385747][ T3606] block nbd0: shutting down sockets [pid 3605] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3605] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3605] getdents64(3, 0x555555ebb620 /* 2 entries */, 32768) = 48 [pid 3605] getdents64(3, 0x555555ebb620 /* 0 entries */, 32768) = 0 [pid 3605] close(3) = 0 [ 69.845057][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 30 seconds [ 76.245367][ T1138] cfg80211: failed to load regulatory.db [ 99.924994][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 60 seconds [ 101.649763][ T2972] udevd[2972]: worker [3608] /devices/virtual/block/nbd0 is taking a long time [ 130.005040][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 90 seconds [ 160.084991][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 120 seconds [ 190.165031][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 150 seconds [ 220.244987][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 180 seconds [ 222.383097][ T2972] udevd[2972]: worker [3608] /devices/virtual/block/nbd0 timeout; kill it [ 222.392048][ T2972] udevd[2972]: seq 7455 '/devices/virtual/block/nbd0' killed [ 250.325018][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 210 seconds [ 280.404993][ T9] block nbd0: Possible stuck request ffff88801daa8000: control (read@0,4096B). Runtime 240 seconds [ 286.165035][ T28] INFO: task syz-executor520:3606 blocked for more than 143 seconds. [ 286.173127][ T28] Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 286.180243][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.189132][ T28] task:syz-executor520 state:D stack:27656 pid:3606 ppid:3605 flags:0x00004006 [ 286.198392][ T28] Call Trace: [ 286.201675][ T28] [ 286.204605][ T28] __schedule+0xae5/0x52c0 [ 286.209153][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.214112][ T28] ? rcu_read_lock_sched_held+0xd/0x70 [ 286.219616][ T28] ? lock_release+0x560/0x780 [ 286.224308][ T28] ? io_schedule_timeout+0x140/0x140 [ 286.229637][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.234602][ T28] ? kmem_cache_free+0xe7/0x5b0 [ 286.239512][ T28] schedule+0xda/0x1b0 [ 286.243616][ T28] schedule_preempt_disabled+0xf/0x20 [ 286.249025][ T28] __mutex_lock+0xa44/0x1350 [ 286.253633][ T28] ? blkdev_put+0xbc/0x770 [ 286.258132][ T28] ? mutex_lock_io_nested+0x1190/0x1190 [ 286.263697][ T28] ? locks_check_ctx_file_list+0x1d/0x110 [ 286.269464][ T28] ? do_raw_spin_unlock+0x171/0x230 [ 286.274678][ T28] ? _raw_spin_unlock+0x24/0x40 [ 286.279599][ T28] ? locks_remove_file+0x2f7/0x570 [ 286.284721][ T28] blkdev_put+0xbc/0x770 [ 286.289004][ T28] blkdev_close+0x64/0x80 [ 286.293349][ T28] __fput+0x27c/0xa90 [ 286.297376][ T28] ? blkdev_fsync+0xa0/0xa0 [ 286.301913][ T28] task_work_run+0x16b/0x270 [ 286.306566][ T28] ? task_work_cancel+0x30/0x30 [ 286.311424][ T28] ? do_raw_spin_unlock+0x171/0x230 [ 286.316668][ T28] do_exit+0xc3f/0x2b60 [ 286.320833][ T28] ? rcu_read_lock_sched_held+0xd/0x70 [ 286.326324][ T28] ? lock_release+0x560/0x780 [ 286.331009][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.335877][ T28] ? get_signal+0x93b/0x2610 [ 286.340488][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 286.345894][ T28] ? do_raw_spin_lock+0x120/0x2a0 [ 286.350946][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.355910][ T28] do_group_exit+0xd0/0x2a0 [ 286.360534][ T28] get_signal+0x238c/0x2610 [ 286.365087][ T28] ? map_id_up+0x178/0x2f0 [ 286.369617][ T28] ? exit_signals+0x8b0/0x8b0 [ 286.374288][ T28] ? lock_release+0x560/0x780 [ 286.378993][ T28] ? __task_pid_nr_ns+0x168/0x4b0 [ 286.384049][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.388961][ T28] arch_do_signal_or_restart+0x82/0x2300 [ 286.394606][ T28] ? from_kuid+0xc0/0xc0 [ 286.398971][ T28] ? __task_pid_nr_ns+0x18a/0x4b0 [ 286.404048][ T28] ? get_sigframe_size+0x10/0x10 [ 286.409055][ T28] ? ptrace_notify+0xfa/0x140 [ 286.413747][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.418635][ T28] ? send_sig+0xfe/0x160 [ 286.422907][ T28] ? send_sig_info+0x140/0x140 [ 286.427732][ T28] ? trace_hardirqs_on+0x2d/0x120 [ 286.432781][ T28] exit_to_user_mode_prepare+0x15f/0x250 [ 286.438453][ T28] syscall_exit_to_user_mode+0x19/0x50 [ 286.443966][ T28] do_syscall_64+0x42/0xb0 [ 286.448584][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.454490][ T28] RIP: 0033:0x7f0ff88686c9 [ 286.458931][ T28] RSP: 002b:00007fffa8febac8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.467371][ T28] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007f0ff88686c9 [ 286.475378][ T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006 [ 286.483352][ T28] RBP: 0000000000000000 R08: 00007fffa8febc68 R09: 00007fffa8febc68 [ 286.491353][ T28] R10: 000000000000ffff R11: 0000000000000246 R12: 00007f0ff8827750 [ 286.499447][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 286.507626][ T28] [ 286.510688][ T28] NMI backtrace for cpu 1 [ 286.515025][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 286.524294][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 286.534331][ T28] Call Trace: [ 286.537601][ T28] [ 286.540530][ T28] dump_stack_lvl+0xcd/0x134 [ 286.545189][ T28] nmi_cpu_backtrace.cold+0x46/0x14f [ 286.550479][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.555690][ T28] nmi_trigger_cpumask_backtrace+0x206/0x250 [ 286.561690][ T28] watchdog+0xcf7/0xfd0 [ 286.565888][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.571889][ T28] kthread+0x2e4/0x3a0 [ 286.575966][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.581609][ T28] ret_from_fork+0x1f/0x30 [ 286.586042][ T28] [ 286.589139][ T28] Sending NMI from CPU 1 to CPUs 0: [ 286.594364][ C0] NMI backtrace for cpu 0 [ 286.594375][ C0] CPU: 0 PID: 92 Comm: kworker/u4:4 Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 286.594396][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 286.594408][ C0] Workqueue: events_unbound toggle_allocation_gate [ 286.594434][ C0] RIP: 0010:__jump_label_patch+0xb4/0x330 [ 286.594468][ C0] Code: 00 00 83 f8 05 0f 85 2e 02 00 00 49 c7 c4 20 83 4f 8f 4c 89 e8 48 ba 00 00 00 00 00 fc ff df 4c 89 e1 48 c1 e9 03 0f b6 14 11 <4c> 89 e1 83 e1 07 38 ca 7f 08 84 d2 0f 85 e6 01 00 00 49 8d 7c 24 [ 286.594487][ C0] RSP: 0018:ffffc900015c7b18 EFLAGS: 00000a02 [ 286.594501][ C0] RAX: ffffffff81c87bec RBX: ffffffff81c87d2e RCX: 1ffffffff1e9f064 [ 286.594514][ C0] RDX: 0000000000000005 RSI: ffffffff842a953a RDI: 0000000000000001 [ 286.594526][ C0] RBP: ffffc900015c7b50 R08: 0000000000000001 R09: 0000000000000000 [ 286.594538][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8f4f8320 [ 286.594550][ C0] R13: ffffffff81c87bec R14: 0000000000000000 R15: 0000000000000005 [ 286.594562][ C0] FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 286.594578][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.594591][ C0] CR2: 00005606d978c448 CR3: 000000000bc8e000 CR4: 00000000003506f0 [ 286.594603][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.594614][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.594626][ C0] Call Trace: [ 286.594631][ C0] [ 286.594639][ C0] arch_jump_label_transform_queue+0x63/0x100 [ 286.594673][ C0] __jump_label_update+0x12e/0x410 [ 286.594702][ C0] jump_label_update+0x32f/0x410 [ 286.594730][ C0] static_key_disable_cpuslocked+0x152/0x1b0 [ 286.594758][ C0] static_key_disable+0x16/0x20 [ 286.594784][ C0] toggle_allocation_gate+0x183/0x390 [ 286.594804][ C0] ? lock_release+0x780/0x780 [ 286.594828][ C0] ? wake_up_kfence_timer+0x20/0x20 [ 286.594847][ C0] ? trace_hardirqs_on+0x2d/0x120 [ 286.594868][ C0] ? finish_task_switch.isra.0+0x2b5/0xc80 [ 286.594891][ C0] ? read_word_at_a_time+0xe/0x20 [ 286.594916][ C0] ? strscpy+0xa1/0x2a0 [ 286.594939][ C0] process_one_work+0x991/0x1610 [ 286.594971][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 286.595001][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 286.595028][ C0] worker_thread+0x665/0x1080 [ 286.595059][ C0] ? __kthread_parkme+0x15f/0x220 [ 286.595081][ C0] ? process_one_work+0x1610/0x1610 [ 286.595109][ C0] kthread+0x2e4/0x3a0 [ 286.595131][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 286.595157][ C0] ret_from_fork+0x1f/0x30 [ 286.595190][ C0] [ 286.595381][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 286.595392][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.0.0-rc3-next-20220901-syzkaller #0 [ 286.595417][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 286.595429][ T28] Call Trace: [ 286.595435][ T28] [ 286.595441][ T28] dump_stack_lvl+0xcd/0x134 [ 286.595467][ T28] panic+0x2c8/0x622 [ 286.595527][ T28] ? panic_print_sys_info.part.0+0x110/0x110 [ 286.595565][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 286.595599][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 286.595633][ T28] ? watchdog.cold+0x135/0x426 [ 286.595674][ T28] watchdog.cold+0x146/0x426 [ 286.595706][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.595744][ T28] kthread+0x2e4/0x3a0 [ 286.595779][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.595810][ T28] ret_from_fork+0x1f/0x30 [ 286.595846][ T28] [ 286.599710][ T28] Kernel Offset: disabled [ 286.945194][ T28] Rebooting in 86400 seconds..