./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor467691382

<...>
Warning: Permanently added '10.128.1.88' (ED25519) to the list of known hosts.
execve("./syz-executor467691382", ["./syz-executor467691382"], 0x7fff60d72430 /* 10 vars */) = 0
brk(NULL)                               = 0x5555566c7000
brk(0x5555566c7d00)                     = 0x5555566c7d00
arch_prctl(ARCH_SET_FS, 0x5555566c7380) = 0
set_tid_address(0x5555566c7650)         = 5056
set_robust_list(0x5555566c7660, 24)     = 0
rseq(0x5555566c7ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor467691382", 4096) = 27
getrandom("\x09\xc7\x28\x9f\x4d\x24\x0e\x18", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555566c7d00
brk(0x5555566e8d00)                     = 0x5555566e8d00
brk(0x5555566e9000)                     = 0x5555566e9000
mprotect(0x7fdd0283c000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566c7650) = 5057
./strace-static-x86_64: Process 5057 attached
[pid  5057] set_robust_list(0x5555566c7660, 24) = 0
[pid  5057] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5057] setsid()                    = 1
[pid  5057] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5057] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5057] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5057] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5057] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5057] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5057] unshare(CLONE_NEWNS)        = 0
[pid  5057] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5057] unshare(CLONE_NEWIPC)       = 0
[pid  5057] unshare(CLONE_NEWCGROUP)    = 0
[pid  5057] unshare(CLONE_NEWUTS)       = 0
[pid  5057] unshare(CLONE_SYSVSEM)      = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "16777216", 8)     = 8
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "536870912", 9)    = 9
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "1024", 4)         = 4
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "8192", 4)         = 4
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "1024", 4)         = 4
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "1024", 4)         = 4
[pid  5057] close(3)                    = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5057] close(3)                    = 0
[pid  5057] getpid()                    = 1
[pid  5057] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5057] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5057] unshare(CLONE_NEWNET)       = 0
[pid  5057] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5057] write(3, "0 65535", 7)      = 7
[pid  5057] close(3)                    = 0
[pid  5057] mkdir("/dev/binderfs", 0777) = 0
[pid  5057] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5057] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5057] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5060 attached
, child_tidptr=0x5555566c7650) = 2
[pid  5060] set_robust_list(0x5555566c7660, 24) = 0
[pid  5060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5060] setpgid(0, 0)               = 0
[pid  5060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5060] write(3, "1000", 4)         = 4
[pid  5060] close(3)                    = 0
[pid  5060] openat(AT_FDCWD, "/dev/bus/usb/009/001", O_ACCMODE) = 3
[pid  5060] socketpair(AF_UNIX, SOCK_STREAM, 0, [4, 5]) = 0
[pid  5060] openat(AT_FDCWD, "/sys/devices/platform/vhci_hcd.0/attach", O_WRONLY|O_CLOEXEC) = 6
[pid  5060] write(6, "0 4 0 1", 7)      = 7
[pid  5060] close(6)                    = 0
[   67.573575][ T5060] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   67.580206][ T5060] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   67.588134][ T5060] vhci_hcd vhci_hcd.0: Device attached
[   67.937236][    T9] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[pid  5060] close(3 <unfinished ...>
[pid  5057] kill(-2, SIGKILL)           = 0
[pid  5057] kill(2, SIGKILL)            = 0
[pid  5057] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5057] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5057] getdents64(3, 0x5555566c86f0 /* 2 entries */, 32768) = 48
[pid  5057] getdents64(3, 0x5555566c86f0 /* 0 entries */, 32768) = 0
[pid  5057] close(3)                    = 0
[   87.247957][  T781] cfg80211: failed to load regulatory.db
[  286.927135][   T29] INFO: task kworker/0:1:9 blocked for more than 143 seconds.
[  286.934701][   T29]       Not tainted 6.7.0-rc6-next-20231222-syzkaller #0
[  286.941782][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.950544][   T29] task:kworker/0:1     state:D stack:27784 pid:9     tgid:9     ppid:2      flags:0x00004000
[  286.960907][   T29] Workqueue: usb_hub_wq hub_event
[  286.965990][   T29] Call Trace:
[  286.969465][   T29]  <TASK>
[  286.972416][   T29]  __schedule+0xf15/0x5c80
[  286.976822][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  286.982225][   T29]  ? rcu_is_watching+0x12/0xb0
[  286.987079][   T29]  ? io_schedule_timeout+0x150/0x150
[  286.993943][   T29]  ? lock_release+0x4c8/0x6a0
[  286.999120][   T29]  ? schedule+0x1fa/0x270
[  287.003458][   T29]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.008871][   T29]  ? spin_bug+0x1c0/0x1c0
[  287.013217][   T29]  ? rcu_is_watching+0x12/0xb0
[  287.018015][   T29]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  287.024104][   T29]  schedule+0xe7/0x270
[  287.028216][   T29]  usb_kill_urb.part.0+0x1c6/0x250
[  287.033393][   T29]  ? usb_anchor_suspend_wakeups+0x40/0x40
[  287.039172][   T29]  ? prepare_to_swait_exclusive+0x240/0x240
[  287.045209][   T29]  ? preempt_count_sub+0x160/0x160
[  287.050352][   T29]  usb_kill_urb+0x83/0xa0
[  287.054954][   T29]  usb_start_wait_urb+0x251/0x4c0
[  287.060013][   T29]  ? usb_api_blocking_completion+0xa0/0xa0
[  287.065922][   T29]  usb_control_msg+0x327/0x4a0
[  287.071004][   T29]  ? usb_start_wait_urb+0x4c0/0x4c0
[  287.076220][   T29]  ? hub_resume+0x3e0/0x3e0
[  287.080752][   T29]  get_bMaxPacketSize0.constprop.0+0xa5/0x1c0
[  287.086842][   T29]  hub_port_init+0x68c/0x39e0
[  287.091586][   T29]  hub_event+0x2b61/0x4e10
[  287.096048][   T29]  ? hub_port_debounce+0x3d0/0x3d0
[  287.101266][   T29]  ? lock_acquire+0x477/0x530
[  287.105971][   T29]  ? check_irq_usage+0xb21/0x1490
[  287.111228][   T29]  ? lock_sync+0x190/0x190
[  287.115696][   T29]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.121136][   T29]  ? __schedule+0xf1d/0x5c80
[  287.125935][   T29]  ? spin_bug+0x1c0/0x1c0
[  287.130411][   T29]  ? rcu_is_watching+0x12/0xb0
[  287.135209][   T29]  process_one_work+0x8a4/0x15f0
[  287.140295][   T29]  ? lock_sync+0x190/0x190
[  287.144721][   T29]  ? workqueue_congested+0x300/0x300
[  287.150052][   T29]  ? assign_work+0x1a0/0x250
[  287.154661][   T29]  worker_thread+0x8b6/0x1290
[  287.159407][   T29]  ? __kthread_parkme+0x148/0x220
[  287.164455][   T29]  ? process_one_work+0x15f0/0x15f0
[  287.169697][   T29]  kthread+0x2c1/0x3a0
[  287.173806][   T29]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  287.179871][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.185764][   T29]  ret_from_fork+0x45/0x80
[  287.190286][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.196091][   T29]  ret_from_fork_asm+0x11/0x20
[  287.200920][   T29]  </TASK>
[  287.204015][   T29] INFO: task syz-executor467:5060 blocked for more than 143 seconds.
[  287.212140][   T29]       Not tainted 6.7.0-rc6-next-20231222-syzkaller #0
[  287.219285][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  287.228251][   T29] task:syz-executor467 state:D stack:27216 pid:5060  tgid:5060  ppid:5057   flags:0x00004006
[  287.238463][   T29] Call Trace:
[  287.241727][   T29]  <TASK>
[  287.244644][   T29]  __schedule+0xf15/0x5c80
[  287.249100][   T29]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  287.255226][   T29]  ? io_schedule_timeout+0x150/0x150
[  287.260627][   T29]  ? lock_release+0x4c8/0x6a0
[  287.265353][   T29]  ? schedule+0x1fa/0x270
[  287.269727][   T29]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.275107][   T29]  ? __mutex_lock+0x5af/0x9c0
[  287.279843][   T29]  ? __mutex_trylock_common+0x78/0x250
[  287.285316][   T29]  ? mutex_is_locked+0x40/0x40
[  287.290121][   T29]  ? spin_bug+0x1c0/0x1c0
[  287.294462][   T29]  schedule+0xe7/0x270
[  287.298570][   T29]  schedule_preempt_disabled+0x13/0x20
[  287.304127][   T29]  __mutex_lock+0x5b4/0x9c0
[  287.308663][   T29]  ? usbdev_release+0x87/0x470
[  287.313450][   T29]  ? mutex_trylock+0x130/0x130
[  287.318371][   T29]  ? locks_remove_file+0x399/0x5a0
[  287.323516][   T29]  ? free_async+0x4e0/0x4e0
[  287.328068][   T29]  ? usbdev_release+0x87/0x470
[  287.332845][   T29]  usbdev_release+0x87/0x470
[  287.337482][   T29]  ? free_async+0x4e0/0x4e0
[  287.342123][   T29]  __fput+0x270/0xb70
[  287.346197][   T29]  __fput_sync+0x47/0x50
[  287.350496][   T29]  __x64_sys_close+0x86/0xf0
[  287.355135][   T29]  do_syscall_64+0x40/0x110
[  287.359679][   T29]  entry_SYSCALL_64_after_hwframe+0x62/0x6a
[  287.365594][   T29] RIP: 0033:0x7fdd027c80e0
[  287.370070][   T29] RSP: 002b:00007ffeb1d588c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[  287.378572][   T29] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fdd027c80e0
[  287.386555][   T29] RDX: 0000000000000007 RSI: 00007ffeb1d58400 RDI: 0000000000000003
[  287.394679][   T29] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  287.402859][   T29] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000f4240
[  287.410990][   T29] R13: 00007ffeb1d58b78 R14: 0000000000000001 R15: 00007ffeb1d58910
[  287.419035][   T29]  </TASK>
[  287.422068][   T29] INFO: lockdep is turned off.
[  287.426823][   T29] NMI backtrace for cpu 0
[  287.431198][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0
[  287.441607][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  287.451689][   T29] Call Trace:
[  287.454955][   T29]  <TASK>
[  287.457870][   T29]  dump_stack_lvl+0xd9/0x1b0
[  287.462540][   T29]  nmi_cpu_backtrace+0x277/0x390
[  287.467483][   T29]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  287.472756][   T29]  nmi_trigger_cpumask_backtrace+0x299/0x300
[  287.478744][   T29]  watchdog+0xf86/0x1210
[  287.483001][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.488993][   T29]  ? __kthread_parkme+0x148/0x220
[  287.494106][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  287.500094][   T29]  kthread+0x2c1/0x3a0
[  287.504163][   T29]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  287.510237][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.516057][   T29]  ret_from_fork+0x45/0x80
[  287.520473][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  287.526118][   T29]  ret_from_fork_asm+0x11/0x20
[  287.530889][   T29]  </TASK>
[  287.534275][   T29] Sending NMI from CPU 0 to CPUs 1:
[  287.539570][    C1] NMI backtrace for cpu 1
[  287.539581][    C1] CPU: 1 PID: 4500 Comm: klogd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0
[  287.539603][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  287.539614][    C1] RIP: 0010:__list_del_entry_valid_or_report+0xc6/0x1c0
[  287.539654][    C1] Code: 00 00 00 48 8b 01 48 39 f0 75 71 48 8d 7a 08 48 b8 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 aa 00 00 00 <48> 8b 42 08 48 39 c6 75 5b b8 01 00 00 00 48 83 c4 18 c3 48 c7 c7
[  287.539672][    C1] RSP: 0018:ffffc9000317f138 EFLAGS: 00010246
[  287.539688][    C1] RAX: dffffc0000000000 RBX: ffff8880b9942c00 RCX: 1ffffd400010a182
[  287.539702][    C1] RDX: ffffea0000850c08 RSI: ffffea0001ea4d08 RDI: ffffea0000850c10
[  287.539715][    C1] RBP: ffffea0001ea4d08 R08: ffff8880b9942bc0 R09: ffff8880b9942c20
[  287.539729][    C1] R10: ffff88813fffa740 R11: ffffc9000317f550 R12: dffffc0000000000
[  287.539742][    C1] R13: ffff8880b9942bc0 R14: ffffea0001ea4d00 R15: dffffc0000000000
[  287.539756][    C1] FS:  00007f4703520380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  287.539777][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.539791][    C1] CR2: 0000559a513c0600 CR3: 000000002839d000 CR4: 00000000003506f0
[  287.539803][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.539816][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.539828][    C1] Call Trace:
[  287.539834][    C1]  <NMI>
[  287.539841][    C1]  ? show_regs+0x8e/0xa0
[  287.539868][    C1]  ? nmi_cpu_backtrace+0x1d4/0x390
[  287.539895][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  287.539925][    C1]  ? nmi_handle+0x1a6/0x580
[  287.539951][    C1]  ? __list_del_entry_valid_or_report+0xc6/0x1c0
[  287.539983][    C1]  ? default_do_nmi+0x6a/0x160
[  287.540002][    C1]  ? exc_nmi+0x186/0x200
[  287.540020][    C1]  ? end_repeat_nmi+0xf/0x2a
[  287.540050][    C1]  ? __list_del_entry_valid_or_report+0xc6/0x1c0
[  287.540089][    C1]  ? __list_del_entry_valid_or_report+0xc6/0x1c0
[  287.540122][    C1]  ? __list_del_entry_valid_or_report+0xc6/0x1c0
[  287.540153][    C1]  </NMI>
[  287.540159][    C1]  <TASK>
[  287.540164][    C1]  ? lock_acquire+0x477/0x530
[  287.540182][    C1]  __rmqueue_pcplist+0xef/0x1a70
[  287.540217][    C1]  ? lock_acquire+0x477/0x530
[  287.540240][    C1]  ? lock_sync+0x190/0x190
[  287.540259][    C1]  ? do_raw_spin_trylock+0xb1/0x180
[  287.540280][    C1]  ? use_cma_first+0x1b0/0x1b0
[  287.540314][    C1]  get_page_from_freelist+0xb97/0x3740
[  287.540351][    C1]  ? rcu_is_watching+0x12/0xb0
[  287.540377][    C1]  ? preempt_count_sub+0x160/0x160
[  287.540400][    C1]  ? __rmqueue_pcplist+0x1a70/0x1a70
[  287.540430][    C1]  ? __should_fail_alloc_page+0x115/0x130
[  287.540460][    C1]  ? prepare_alloc_pages.constprop.0+0x16f/0x550
[  287.540492][    C1]  ? is_bpf_text_address+0x8f/0x1a0
[  287.540522][    C1]  __alloc_pages+0x22e/0x2410
[  287.540540][    C1]  ? stack_access_ok+0xf9/0x270
[  287.540558][    C1]  ? __module_address+0x55/0x3b0
[  287.540588][    C1]  ? bpf_ksym_find+0x124/0x1b0
[  287.540612][    C1]  ? write_profile+0x450/0x450
[  287.540634][    C1]  ? rcu_is_watching+0x12/0xb0
[  287.540660][    C1]  ? warn_alloc+0x3a0/0x3a0
[  287.540677][    C1]  ? arch_stack_walk+0x112/0x170
[  287.540698][    C1]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.540720][    C1]  ? rcu_is_watching+0x12/0xb0
[  287.540776][    C1]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  287.540808][    C1]  ? _raw_read_unlock_irqrestore+0x3b/0x70
[  287.540837][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  287.540865][    C1]  ? policy_nodemask+0x313/0x480
[  287.540889][    C1]  alloc_pages_mpol+0x258/0x5f0
[  287.540914][    C1]  ? mempolicy_in_oom_domain+0x150/0x150
[  287.540937][    C1]  ? rcu_is_watching+0x12/0xb0
[  287.540961][    C1]  ? lock_release+0x4c8/0x6a0
[  287.540978][    C1]  ? do_syscall_64+0x40/0x110
[  287.541007][    C1]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.541028][    C1]  new_slab+0x283/0x3c0
[  287.541052][    C1]  ? rcu_is_watching+0x12/0xb0
[  287.541077][    C1]  ___slab_alloc+0x4ab/0x1990
[  287.541105][    C1]  ? __alloc_skb+0x287/0x330
[  287.541131][    C1]  ? exc_int3+0xe/0x70
[  287.541164][    C1]  ? __alloc_skb+0x287/0x330
[  287.541184][    C1]  ? __slab_alloc.constprop.0+0x56/0xa0
[  287.541211][    C1]  __slab_alloc.constprop.0+0x56/0xa0
[  287.541246][    C1]  ? __alloc_skb+0x287/0x330
[  287.541265][    C1]  kmem_cache_alloc_node+0x10a/0x340
[  287.541297][    C1]  __alloc_skb+0x287/0x330
[  287.541318][    C1]  ? __napi_build_skb+0x50/0x50
[  287.541340][    C1]  ? lock_repin_lock+0x320/0x350
[  287.541372][    C1]  alloc_skb_with_frags+0xe4/0x710
[  287.541397][    C1]  ? lock_release+0x4c8/0x6a0
[  287.541417][    C1]  sock_alloc_send_pskb+0x7e1/0x970
[  287.541453][    C1]  ? sock_wmalloc+0x120/0x120
[  287.541480][    C1]  ? reacquire_held_locks+0x4c0/0x4c0
[  287.541499][    C1]  ? do_raw_spin_lock+0x12d/0x2b0
[  287.541520][    C1]  ? spin_bug+0x1c0/0x1c0
[  287.541539][    C1]  ? __rcu_read_unlock+0x2ac/0x570
[  287.541569][    C1]  unix_dgram_sendmsg+0x464/0x1ca0
[  287.541604][    C1]  ? aa_sk_perm+0x2f5/0xb40
[  287.541629][    C1]  ? unix_stream_recvmsg+0x1b0/0x1b0
[  287.541658][    C1]  ? aa_af_perm+0x250/0x250
[  287.541684][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  287.541713][    C1]  ? unix_stream_recvmsg+0x1b0/0x1b0
[  287.541745][    C1]  __sock_sendmsg+0xd5/0x180
[  287.541765][    C1]  __sys_sendto+0x225/0x310
[  287.541788][    C1]  ? __ia32_sys_getpeername+0xb0/0xb0
[  287.541819][    C1]  ? __rseq_handle_notify_resume+0x663/0x1030
[  287.541862][    C1]  __x64_sys_sendto+0xe0/0x1b0
[  287.541884][    C1]  ? syscall_enter_from_user_mode+0x7d/0x110
[  287.541908][    C1]  do_syscall_64+0x40/0x110
[  287.541937][    C1]  entry_SYSCALL_64_after_hwframe+0x62/0x6a
[  287.541962][    C1] RIP: 0033:0x7f47036829b5
[  287.541976][    C1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83
[  287.541995][    C1] RSP: 002b:00007ffd16736a48 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  287.542013][    C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f47036829b5
[  287.542025][    C1] RDX: 000000000000004e RSI: 00005605aeef6cc0 RDI: 0000000000000003
[  287.542037][    C1] RBP: 00005605aeef2910 R08: 0000000000000000 R09: 0000000000000000
[  287.542050][    C1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013
[  287.542062][    C1] R13: 00007f4703810212 R14: 00007ffd16736b48 R15: 0000000000000000
[  287.542081][    C1]  </TASK>
[  287.542088][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.519 msecs
[  287.542577][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  288.187225][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc6-next-20231222-syzkaller #0
[  288.197195][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  288.207239][   T29] Call Trace:
[  288.210511][   T29]  <TASK>
[  288.213432][   T29]  dump_stack_lvl+0xd9/0x1b0
[  288.218055][   T29]  panic+0x6dc/0x790
[  288.221958][   T29]  ? panic_smp_self_stop+0xa0/0xa0
[  288.227167][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  288.232543][   T29]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  288.237742][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  288.243132][   T29]  ? watchdog+0xd3d/0x1210
[  288.247546][   T29]  ? watchdog+0xd30/0x1210
[  288.251967][   T29]  watchdog+0xd4e/0x1210
[  288.256304][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.262369][   T29]  ? __kthread_parkme+0x148/0x220
[  288.267393][   T29]  ? proc_dohung_task_timeout_secs+0x90/0x90
[  288.273375][   T29]  kthread+0x2c1/0x3a0
[  288.277446][   T29]  ? trace_irq_enable.constprop.0+0xe0/0x110
[  288.283516][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  288.289146][   T29]  ret_from_fork+0x45/0x80
[  288.293566][   T29]  ? kthread_complete_and_exit+0x40/0x40
[  288.299479][   T29]  ret_from_fork_asm+0x11/0x20
[  288.304275][   T29]  </TASK>
[  288.307532][   T29] Kernel Offset: disabled
[  288.312117][   T29] Rebooting in 86400 seconds..