./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1083258954 <...> Warning: Permanently added '10.128.1.34' (ED25519) to the list of known hosts. execve("./syz-executor1083258954", ["./syz-executor1083258954"], 0x7ffc03f59910 /* 10 vars */) = 0 brk(NULL) = 0x555556c60000 brk(0x555556c60d00) = 0x555556c60d00 arch_prctl(ARCH_SET_FS, 0x555556c60380) = 0 set_tid_address(0x555556c60650) = 5064 set_robust_list(0x555556c60660, 24) = 0 rseq(0x555556c60ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1083258954", 4096) = 28 getrandom("\x54\xc8\xf4\xc2\xb4\x4f\x5d\x43", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556c60d00 brk(0x555556c81d00) = 0x555556c81d00 brk(0x555556c82000) = 0x555556c82000 mprotect(0x7f083344d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3 socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=864, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5064}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x30\x00\x00\x00\xe8\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 864 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36 recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5 ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0 close(5) = 0 sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44 recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5064}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 close(3) = 0 close(4) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached , child_tidptr=0x555556c60650) = 5067 [pid 5067] set_robust_list(0x555556c60660, 24) = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] setpgid(0, 0) = 0 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1000", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5067] ioctl(3, TIOCSETD, [15]) = 0 [pid 5067] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5067] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5067] exit_group(0) = ? [pid 5067] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached [pid 5069] set_robust_list(0x555556c60660, 24) = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] <... clone resumed>, child_tidptr=0x555556c60650) = 5069 [pid 5069] <... prctl resumed>) = 0 [ 56.307078][ T5068] Bluetooth: hci0: command 0x1003 tx timeout [ 56.313308][ T4463] Bluetooth: hci0: Opcode 0x1003 failed: -110 [pid 5069] setpgid(0, 0) = 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] write(3, "1000", 4) = 4 [pid 5069] close(3) = 0 [pid 5069] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5069] ioctl(3, TIOCSETD, [15]) = 0 [pid 5069] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5069] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5069] exit_group(0) = ? [pid 5069] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5070 attached , child_tidptr=0x555556c60650) = 5070 [pid 5070] set_robust_list(0x555556c60660, 24) = 0 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] setpgid(0, 0) = 0 [ 58.466589][ T4463] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 58.466609][ T5068] Bluetooth: hci0: command 0x1003 tx timeout [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5070] ioctl(3, TIOCSETD, [15]) = 0 [pid 5070] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5070] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5070] exit_group(0) = ? [pid 5070] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5071 attached , child_tidptr=0x555556c60650) = 5071 [pid 5071] set_robust_list(0x555556c60660, 24) = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5071] setpgid(0, 0) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] write(3, "1000", 4) = 4 [ 60.626554][ T4463] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 60.626640][ T5068] Bluetooth: hci0: command 0x1003 tx timeout [pid 5071] close(3) = 0 [pid 5071] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5071] ioctl(3, TIOCSETD, [15]) = 0 [pid 5071] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5071] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5071] exit_group(0) = ? [pid 5071] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached [pid 5072] set_robust_list(0x555556c60660, 24 [pid 5064] <... clone resumed>, child_tidptr=0x555556c60650) = 5072 [pid 5072] <... set_robust_list resumed>) = 0 [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] setpgid(0, 0) = 0 [pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1000", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5072] ioctl(3, TIOCSETD, [15]) = 0 [ 62.786582][ T52] Bluetooth: hci0: command 0x1003 tx timeout [ 62.787382][ T4463] Bluetooth: hci0: Opcode 0x1003 failed: -110 [pid 5072] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5072] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5072] exit_group(0) = ? [pid 5072] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5074 attached , child_tidptr=0x555556c60650) = 5074 [pid 5074] set_robust_list(0x555556c60660, 24) = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5074] setpgid(0, 0) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5074] write(3, "1000", 4) = 4 [pid 5074] close(3) = 0 [pid 5074] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [ 64.866579][ T52] Bluetooth: hci0: command 0x1003 tx timeout [ 64.866598][ T4463] Bluetooth: hci0: Opcode 0x1003 failed: -110 [pid 5074] ioctl(3, TIOCSETD, [15]) = 0 [pid 5074] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 4 [pid 5074] ioctl(4, _IOC(_IOC_WRITE, 0x55, 0xc8, 0x4), 0x1) = 0 [pid 5074] exit_group(0) = ? [ 64.945026][ T5073] Bluetooth: hci0: sending frame failed (-49) [ 67.026527][ T5068] Bluetooth: hci0: Opcode 0x1001 failed: -110 [pid 5064] kill(-5074, SIGKILL) = 0 [pid 5064] kill(5074, SIGKILL) = 0 [pid 5064] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5064] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5064] getdents64(3, 0x555556c616f0 /* 2 entries */, 32768) = 48 [pid 5064] getdents64(3, 0x555556c616f0 /* 0 entries */, 32768) = 0 [pid 5064] close(3) = 0 [ 71.751114][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.757688][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.867965][ T926] cfg80211: failed to load regulatory.db [ 133.189593][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.195923][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.629745][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.636077][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.070148][ T1242] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.076538][ T1242] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.786618][ T29] INFO: task syz-executor108:5074 blocked for more than 143 seconds. [ 286.794806][ T29] Not tainted 6.8.0-rc2-next-20240202-syzkaller #0 [ 286.801878][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.810681][ T29] task:syz-executor108 state:D stack:25360 pid:5074 tgid:5074 ppid:5064 flags:0x00004002 [ 286.820942][ T29] Call Trace: [ 286.824228][ T29] [ 286.827202][ T29] __schedule+0x17df/0x4a40 [ 286.831865][ T29] ? __pfx___schedule+0x10/0x10 [ 286.836769][ T29] ? __pfx_lock_release+0x10/0x10 [ 286.841854][ T29] ? __lock_acquire+0x1346/0x1fd0 [ 286.846932][ T29] ? schedule+0x90/0x320 [ 286.851349][ T29] schedule+0x14b/0x320 [ 286.855505][ T29] schedule_timeout+0xb0/0x310 [ 286.860370][ T29] ? __pfx_schedule_timeout+0x10/0x10 [ 286.865753][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.871787][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.877115][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.882481][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.887753][ T29] ? lockdep_hardirqs_on+0x99/0x150 [ 286.893077][ T29] ? wait_for_completion+0x2fe/0x620 [ 286.898451][ T29] wait_for_completion+0x355/0x620 [ 286.903587][ T29] ? __pfx_wait_for_completion+0x10/0x10 [ 286.909274][ T29] ? flush_workqueue_prep_pwqs+0x459/0x4c0 [ 286.915130][ T29] ? check_flush_dependency+0x25b/0x390 [ 286.921127][ T29] __flush_workqueue+0x730/0x1630 [ 286.926190][ T29] ? __pfx___flush_workqueue+0x10/0x10 [ 286.931711][ T29] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 286.937746][ T29] drain_workqueue+0xc9/0x390 [ 286.942432][ T29] destroy_workqueue+0xba/0xc40 [ 286.947328][ T29] ? kfree+0x4e/0x380 [ 286.951363][ T29] hci_release_dev+0x136/0x1670 [ 286.956263][ T29] ? devres_release_all+0x1eb/0x250 [ 286.961593][ T29] ? __pfx_hci_release_dev+0x10/0x10 [ 286.966942][ T29] ? device_release+0x66/0x1c0 [ 286.971757][ T29] ? rcu_is_watching+0x15/0xb0 [ 286.976576][ T29] ? device_release+0x66/0x1c0 [ 286.981356][ T29] bt_host_release+0x83/0x90 [ 286.985990][ T29] ? __pfx_bt_host_release+0x10/0x10 [ 286.991319][ T29] device_release+0x99/0x1c0 [ 286.995918][ T29] kobject_put+0x1f5/0x430 [ 287.000446][ T29] ? hci_unregister_dev+0x376/0x4e0 [ 287.005657][ T29] hci_uart_tty_close+0x1c1/0x290 [ 287.010831][ T29] tty_ldisc_kill+0xa3/0x1a0 [ 287.015524][ T29] tty_ldisc_release+0x174/0x200 [ 287.020527][ T29] tty_release_struct+0x2b/0xe0 [ 287.025441][ T29] tty_release+0xd0c/0x12c0 [ 287.030033][ T29] ? __pfx_tty_release+0x10/0x10 [ 287.034989][ T29] __fput+0x429/0x8a0 [ 287.039073][ T29] task_work_run+0x24f/0x310 [ 287.043688][ T29] ? __pfx_task_work_run+0x10/0x10 [ 287.049183][ T29] ? switch_task_namespaces+0xe1/0x110 [ 287.054666][ T29] do_exit+0xa1b/0x27e0 [ 287.058957][ T29] ? __pfx_do_exit+0x10/0x10 [ 287.063565][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.069596][ T29] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.075940][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.081230][ T29] ? lockdep_hardirqs_on+0x99/0x150 [ 287.086496][ T29] do_group_exit+0x207/0x2c0 [ 287.091089][ T29] __x64_sys_exit_group+0x3f/0x40 [ 287.096101][ T29] do_syscall_64+0xfb/0x240 [ 287.100716][ T29] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 287.106699][ T29] RIP: 0033:0x7f08333d3309 [ 287.111106][ T29] RSP: 002b:00007ffd1b9835d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 287.119564][ T29] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f08333d3309 [ 287.127595][ T29] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 287.135564][ T29] RBP: 00007f0833453390 R08: ffffffffffffffb8 R09: 0000555556c61610 [ 287.143578][ T29] R10: 000000000000000e R11: 0000000000000246 R12: 00007f0833453390 [ 287.151590][ T29] R13: 0000000000000000 R14: 00007f0833454e60 R15: 00007f08333a42f0 [ 287.159613][ T29] [ 287.162641][ T29] [ 287.162641][ T29] Showing all locks held in the system: [ 287.170413][ T29] 5 locks held by kworker/u4:0/10: [ 287.175537][ T29] 1 lock held by khungtaskd/29: [ 287.180439][ T29] #0: ffffffff8e130d60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 287.190394][ T29] 2 locks held by getty/4817: [ 287.195063][ T29] #0: ffff88802afa30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.204863][ T29] #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 287.215014][ T29] 1 lock held by syz-executor108/5074: [ 287.220499][ T29] #0: ffff88807a68e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_release+0x110/0x200 [ 287.230388][ T29] [ 287.232699][ T29] ============================================= [ 287.232699][ T29] [ 287.241138][ T29] NMI backtrace for cpu 1 [ 287.245467][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc2-next-20240202-syzkaller #0 [ 287.254737][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 287.264779][ T29] Call Trace: [ 287.268052][ T29] [ 287.270966][ T29] dump_stack_lvl+0x1e7/0x2e0 [ 287.275637][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.280825][ T29] ? __pfx__printk+0x10/0x10 [ 287.285455][ T29] ? vprintk_emit+0x608/0x720 [ 287.290120][ T29] ? __pfx_vprintk_emit+0x10/0x10 [ 287.295131][ T29] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.300096][ T29] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.305553][ T29] ? _printk+0xd5/0x120 [ 287.309705][ T29] ? __pfx__printk+0x10/0x10 [ 287.314297][ T29] ? __wake_up_klogd+0xcc/0x110 [ 287.319154][ T29] ? __pfx__printk+0x10/0x10 [ 287.323738][ T29] ? wq_watchdog_touch+0x72/0x110 [ 287.328769][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.334774][ T29] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.340752][ T29] watchdog+0xfb0/0xff0 [ 287.344923][ T29] ? watchdog+0x1ea/0xff0 [ 287.349251][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.353920][ T29] kthread+0x2f0/0x390 [ 287.357984][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.362662][ T29] ? __pfx_kthread+0x10/0x10 [ 287.367252][ T29] ret_from_fork+0x4b/0x80 [ 287.371671][ T29] ? __pfx_kthread+0x10/0x10 [ 287.376259][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.381057][ T29] [ 287.384157][ T29] Sending NMI from CPU 1 to CPUs 0: [ 287.389422][ C0] NMI backtrace for cpu 0 [ 287.389433][ C0] CPU: 0 PID: 10 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-next-20240202-syzkaller #0 [ 287.389449][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 287.389459][ C0] Workqueue: events_unbound toggle_allocation_gate [ 287.389508][ C0] RIP: 0010:can_migrate_task+0x4ef/0x960 [ 287.389534][ C0] Code: c1 e8 03 42 0f b6 04 20 84 c0 0f 85 fa 01 00 00 44 3b 7d 00 76 6c 83 fb 01 75 0a 0f 1f 44 00 00 0f 1f 44 00 00 b9 01 00 00 00 <89> c8 48 83 c4 38 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 [ 287.389545][ C0] RSP: 0018:ffffc900000f6f70 EFLAGS: 00000046 [ 287.389557][ C0] RAX: 0000000000000000 RBX: ffff88801969bc34 RCX: 0000000000000000 [ 287.389568][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801969c028 [ 287.389577][ C0] RBP: 0000000000000001 R08: ffff88801969c02f R09: 1ffff110032d3805 [ 287.389587][ C0] R10: dffffc0000000000 R11: ffffed10032d3806 R12: ffffc900000f7580 [ 287.389598][ C0] R13: ffff88801969bc00 R14: dffffc0000000000 R15: ffff88801969c018 [ 287.389610][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 287.389622][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.389633][ C0] CR2: 000055b598263448 CR3: 000000000df32000 CR4: 00000000003506f0 [ 287.389646][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.389654][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.389663][ C0] Call Trace: [ 287.389670][ C0] [ 287.389676][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 287.389694][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 287.389710][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.389726][ C0] ? nmi_handle+0x2a/0x580 [ 287.389756][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.389775][ C0] ? nmi_handle+0x14f/0x580 [ 287.389789][ C0] ? nmi_handle+0x2a/0x580 [ 287.389804][ C0] ? can_migrate_task+0x4ef/0x960 [ 287.389826][ C0] ? default_do_nmi+0x63/0x160 [ 287.389843][ C0] ? exc_nmi+0x121/0x210 [ 287.389860][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.389883][ C0] ? can_migrate_task+0x4ef/0x960 [ 287.389906][ C0] ? can_migrate_task+0x4ef/0x960 [ 287.389929][ C0] ? can_migrate_task+0x4ef/0x960 [ 287.389951][ C0] [ 287.389956][ C0] [ 287.389965][ C0] load_balance+0x5480/0x8920 [ 287.390028][ C0] ? __pfx_load_balance+0x10/0x10 [ 287.390049][ C0] ? rcu_read_lock_sched_held+0x8d/0x130 [ 287.390075][ C0] ? __lock_acquire+0x1346/0x1fd0 [ 287.390103][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 287.390122][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 287.390150][ C0] newidle_balance+0x6be/0x1080 [ 287.390173][ C0] ? newidle_balance+0x2a8/0x1080 [ 287.390194][ C0] ? __pfx_newidle_balance+0x10/0x10 [ 287.390217][ C0] pick_next_task_fair+0x27a/0xde0 [ 287.390239][ C0] __pick_next_task+0xb0/0x2c0 [ 287.390262][ C0] __schedule+0x729/0x4a40 [ 287.390297][ C0] ? __pfx___schedule+0x10/0x10 [ 287.390318][ C0] ? schedule+0x90/0x320 [ 287.390339][ C0] ? __pfx_lock_release+0x10/0x10 [ 287.390352][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.390376][ C0] ? kthread_data+0x52/0xd0 [ 287.390391][ C0] ? wq_worker_sleeping+0x66/0x240 [ 287.390409][ C0] ? schedule+0x90/0x320 [ 287.390429][ C0] schedule+0x14b/0x320 [ 287.390451][ C0] toggle_allocation_gate+0x16a/0x250 [ 287.390469][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 287.390487][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 287.390516][ C0] ? process_scheduled_works+0x825/0x14f0 [ 287.390531][ C0] process_scheduled_works+0x913/0x14f0 [ 287.390560][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 287.390579][ C0] ? assign_work+0x364/0x3d0 [ 287.390597][ C0] worker_thread+0xa60/0x1000 [ 287.390622][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.390637][ C0] kthread+0x2f0/0x390 [ 287.390654][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.390668][ C0] ? __pfx_kthread+0x10/0x10 [ 287.390686][ C0] ret_from_fork+0x4b/0x80 [ 287.390706][ C0] ? __pfx_kthread+0x10/0x10 [ 287.390723][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.390752][ C0] [ 287.390757][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.335 msecs [ 287.391463][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 287.391472][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.8.0-rc2-next-20240202-syzkaller #0 [ 287.391489][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 287.391497][ T29] Call Trace: [ 287.391504][ T29] [ 287.391510][ T29] dump_stack_lvl+0x1e7/0x2e0 [ 287.391538][ T29] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.391561][ T29] ? __pfx__printk+0x10/0x10 [ 287.391588][ T29] ? vscnprintf+0x5d/0x90 [ 287.391607][ T29] panic+0x349/0x860 [ 287.391630][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.391656][ T29] ? __pfx_panic+0x10/0x10 [ 287.391674][ T29] ? tick_nohz_tick_stopped+0x7b/0xc0 [ 287.391705][ T29] ? __irq_work_queue_local+0x137/0x3e0 [ 287.391733][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 287.391750][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.391768][ T29] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 287.391788][ T29] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 287.391808][ T29] watchdog+0xfef/0xff0 [ 287.391826][ T29] ? watchdog+0x1ea/0xff0 [ 287.391846][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.391862][ T29] kthread+0x2f0/0x390 [ 287.391880][ T29] ? __pfx_watchdog+0x10/0x10 [ 287.391894][ T29] ? __pfx_kthread+0x10/0x10 [ 287.391913][ T29] ret_from_fork+0x4b/0x80 [ 287.391933][ T29] ? __pfx_kthread+0x10/0x10 [ 287.391951][ T29] ret_from_fork_asm+0x1a/0x30 [ 287.391984][ T29] [ 287.395593][ T29] Kernel Offset: disabled [ 287.944155][ T29] Rebooting in 86400 seconds..