./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor501827979 <...> Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. execve("./syz-executor501827979", ["./syz-executor501827979"], 0x7ffd503bdcb0 /* 10 vars */) = 0 brk(NULL) = 0x555588dcd000 brk(0x555588dcdd40) = 0x555588dcdd40 arch_prctl(ARCH_SET_FS, 0x555588dcd3c0) = 0 set_tid_address(0x555588dcd690) = 5845 set_robust_list(0x555588dcd6a0, 24) = 0 rseq(0x555588dcdce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor501827979", 4096) = 27 getrandom("\xe7\x67\x08\x8c\x2c\x27\xc0\x02", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555588dcdd40 brk(0x555588deed40) = 0x555588deed40 brk(0x555588def000) = 0x555588def000 mprotect(0x7ff4b742a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getrandom("\x27\xa3\xf8\x8b\xb4\x19\x1d\x4c", 8, GRND_NONBLOCK) = 8 mkdir("./syzkaller.piYkfH", 0700) = 0 chmod("./syzkaller.piYkfH", 0777) = 0 chdir("./syzkaller.piYkfH") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached [pid 5846] set_robust_list(0x555588dcd6a0, 24 [pid 5845] <... clone resumed>, child_tidptr=0x555588dcd690) = 5846 [pid 5846] <... set_robust_list resumed>) = 0 [pid 5846] chdir("./0") = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5846] setpgid(0, 0) = 0 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5846] write(3, "1000", 4) = 4 [pid 5846] close(3) = 0 [pid 5846] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5846] write(1, "executing program\n", 18) = 18 [pid 5846] futex(0x7ff4b74306ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5846] rt_sigaction(SIGRT_1, {sa_handler=0x7ff4b73beef0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff4b73b00a0}, NULL, 8) = 0 [pid 5846] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff4b732f000 [pid 5846] mprotect(0x7ff4b7330000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5846] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7ff4b734f990, parent_tid=0x7ff4b734f990, exit_signal=0, stack=0x7ff4b732f000, stack_size=0x20300, tls=0x7ff4b734f6c0}./strace-static-x86_64: Process 5848 attached [pid 5848] rseq(0x7ff4b734ffe0, 0x20, 0, 0x53053053 [pid 5846] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848 [pid 5848] <... rseq resumed>) = 0 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] set_robust_list(0x7ff4b734f9a0, 24 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5846] futex(0x7ff4b74306a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5846] <... futex resumed>) = 0 [pid 5846] futex(0x7ff4b74306ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5848] memfd_create("syzkaller", 0) = 3 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff4aee00000 [pid 5848] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5848] munmap(0x7ff4aee00000, 138412032) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5848] close(3) = 0 [pid 5848] close(4) = 0 [pid 5848] mkdir("./file0", 0777) = 0 [ 118.808993][ T5848] loop0: detected capacity change from 0 to 32768 [ 118.880997][ T5848] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 118.896415][ T5848] bcachefs (loop0): recovering from clean shutdown, journal seq 13 [ 118.915258][ T5848] bcachefs (loop0): accounting_read... done [ 118.921877][ T5848] bcachefs (loop0): alloc_read... done [ 118.927970][ T5848] bcachefs (loop0): stripes_read... done [ 118.933700][ T5848] bcachefs (loop0): snapshots_read... done [ 118.941656][ T5848] bcachefs (loop0): going read-write [ 118.949708][ T5848] bcachefs (loop0): journal_replay... done [ 118.955608][ T5848] bcachefs (loop0): resume_logged_ops... done [ 118.962654][ T5848] bcachefs (loop0): delete_dead_inodes... done [ 118.971715][ T5848] bcachefs (loop0): done starting filesystem [ 118.974868][ T1157] bcachefs (loop0): inum 0:4099 offset 0: data checksum error, type chacha20_poly1305_80: got d2966045f85a9d651be5 should be 7179c5105bb769ac71e3 [ 118.985299][ T12] bcachefs (loop0): inum 0:1073741825 offset 0: data checksum error, type chacha20_poly1305_80: got bae05aa1239bc278accd should be 9d9f00f7643c85751d5c [ 119.008720][ T1157] bcachefs (loop0): inum 0:4099 offset 0: no device to read from: no_device_to_read_from [pid 5848] mount("/dev/loop0", "./file0", "bcachefs", MS_RELATIME|MS_STRICTATIME|MS_LAZYTIME, "\xf3\xf6\xe7\xab\x27\x5e\x7b\x9e\xc1\xca\x06\x63\x35\x54\xe2\xf6\xfa\xd2\xf9\xfb\xc1\x7a\x0b\x2f\xed\xc7\xf5\x95\x28\xeb\xb3\x35\xc5\x51\x32\xcf\x87\x9c\x5c\x26\x1e\x3a\xa0\x60\x65\xeb\xb6\x78\x7a\x85\xfd\xc3\x1e\xc4\xc0\xb0\xad\xd4\xec\x97\xcf\x69\x24\xcf\x23\xa5\x53\xcb\x53\xcc\x5f\x4a\xf2\xff\x61\x4b\xdd\x64\xf0\x9d\xe3\x27") = 0 [pid 5848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5848] chdir("./file0") = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_CLR_FD) = 0 [pid 5848] close(4) = 0 [pid 5848] futex(0x7ff4b74306ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5848] futex(0x7ff4b74306a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] <... futex resumed>) = 0 [pid 5846] futex(0x7ff4b74306a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5848] <... futex resumed>) = 0 [pid 5846] futex(0x7ff4b74306ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5848] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 020) = 4 [pid 5848] futex(0x7ff4b74306ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... futex resumed>) = 0 [pid 5848] <... futex resumed>) = 1 [pid 5846] exit_group(0) = ? [pid 5848] +++ exited with 0 +++ [pid 5846] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 119.008720][ T1157] u64s 8 type extent 4099:8:U32_MAX len 8 ver 1: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum chacha20_poly1305_80 e371:ac69b75b10c57971 compress incompressible ptr: 0:34:0 gen 0 [ 119.016997][ T12] bcachefs (loop0): inum 0:1073741825 offset 0: no device to read from: no_device_to_read_from [ 119.016997][ T12] u64s 8 type extent 1073741825:24:U32_MAX len 24 ver 2: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum chacha20_poly1305_80 5c1d:75853c64f7009f9d compress lz4 ptr: 0:34:8 gen 0 openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555588dce730 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 119.186722][ T5845] bcachefs (loop0): shutting down [ 119.191893][ T5845] bcachefs (loop0): going read-only [ 119.197435][ T5845] bcachefs (loop0): finished waiting for writes to stop [ 119.207229][ T5845] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14 [ 150.527729][ T5845] Allocator stuck? Waited for 30 seconds [ 150.527749][ T5845] Allocator debug: [ 150.527755][ T5845] capacity1536 [ 150.527761][ T5845] reserved 31232 [ 150.527766][ T5845] hidden 0 [ 150.527772][ T5845] btree 0 [ 150.527777][ T5845] data 0 [ 150.527783][ T5845] cached 0 [ 150.527788][ T5845] reserved 0 [ 150.527794][ T5845] online_reserved 768 [ 150.527800][ T5845] nr_inodes 0 [ 150.527805][ T5845] [ 150.527810][ T5845] freelist_wait waiting [ 150.527816][ T5845] open buckets allocated1 [ 150.527821][ T5845] open buckets total 1024 [ 150.527827][ T5845] open_buckets_wait empty [ 150.527833][ T5845] open_buckets_btree 0 [ 150.527838][ T5845] open_buckets_user 0 [ 150.527843][ T5845] btree reserve cache 0 [ 150.527849][ T5845] [ 150.527854][ T5845] Dev 0: [ 150.527859][ T5845] buckets sectors fragmented [ 150.527866][ T5845] free 0 0 0 [ 150.527872][ T5845] sb 0 0 0 [ 150.527878][ T5845] journal 0 0 0 [ 150.527884][ T5845] btree 0 0 0 [ 150.527893][ T5845] user 0 0 0 [ 150.527899][ T5845] cached 0 0 0 [ 150.527905][ T5845] parity 0 0 0 [ 150.527912][ T5845] stripe 0 0 0 [ 150.527918][ T5845] need_gc_gens 0 0 0 [ 150.527924][ T5845] need_discard 0 0 0 [ 150.527930][ T5845] unstriped 0 0 0 [ 150.527936][ T5845] capacity 128 [ 150.527942][ T5845] [ 150.527947][ T5845] reserves: [ 150.527952][ T5845] stripe 60 [ 150.527958][ T5845] normal 58 [ 150.527963][ T5845] copygc 56 [ 150.527969][ T5845] btree 28 [ 150.527974][ T5845] btree_copygc 0 [ 150.527980][ T5845] reclaim 0 [ 150.527985][ T5845] interior_updates 0 [ 150.527991][ T5845] [ 150.527996][ T5845] open buckets 0 [ 150.528001][ T5845] buckets to invalidate 0 [ 150.528007][ T5845] [ 150.528012][ T5845] Copygc debug: [ 150.528017][ T5845] running: 0 [ 150.528023][ T5845] copygc_wait:0 [ 150.528028][ T5845] copygc_wait_at:0 [ 150.528033][ T5845] Currently waiting for:0 B [ 150.528039][ T5845] Currently waiting since:640 KiB [ 150.528044][ T5845] Currently calculated wait:0 B [ 150.528050][ T5845] [ 150.528055][ T5845] Journal debug: [ 150.528060][ T5845] flags: replay_done,running,may_skip_flush [ 150.528067][ T5845] dirty journal entries: 2/32768 [ 150.528072][ T5845] seq: 15 [ 150.528078][ T5845] seq_ondisk: 15 [ 150.528083][ T5845] last_seq: 14 [ 150.528089][ T5845] last_seq_ondisk: 14 [ 150.528095][ T5845] flushed_seq_ondisk: 15 [ 150.528100][ T5845] watermark: stripe [ 150.528106][ T5845] each entry reserved: 321 [ 150.528111][ T5845] nr flush writes: 2 [ 150.528117][ T5845] nr noflush writes: 0 [ 150.528122][ T5845] average write size: 1.57 KiB [ 150.528128][ T5845] nr direct reclaim: 0 [ 150.528134][ T5845] nr background reclaim: 4 [ 150.528139][ T5845] reclaim kicked: 0 [ 150.528145][ T5845] reclaim runs in: 0 ms [ 150.528150][ T5845] blocked: 0 [ 150.528156][ T5845] current entry sectors: 256 [ 150.528161][ T5845] current entry error: ok [ 150.528167][ T5845] current entry: closed [ 150.528172][ T5845] unwritten entries: [ 150.528178][ T5845] last buf closed [ 150.528183][ T5845] space: [ 150.528188][ T5845] discarded 256:1536 [ 150.528194][ T5845] clean ondisk 256:1536 [ 150.528200][ T5845] clean 256:1536 [ 150.528205][ T5845] total 256:2048 [ 150.528211][ T5845] dev 0: [ 150.528216][ T5845] durability 1: [ 150.528221][ T5845] nr 8 [ 150.528227][ T5845] bucket size 256 [ 150.528232][ T5845] available 6:240 [ 150.528238][ T5845] discard_idx 0 [ 150.528244][ T5845] dirty_ondisk 0 (seq 15) [ 150.528249][ T5845] dirty_idx 0 (seq 15) [ 150.528255][ T5845] cur_idx 0 (seq 15) [ 150.528261][ T5845] replicas want 1 need 1 [ 150.528266][ T5845] [ 286.838637][ T30] INFO: task bch-reclaim/loo:5856 blocked for more than 143 seconds. [ 286.847125][ T30] Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 286.854240][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.863066][ T30] task:bch-reclaim/loo state:D stack:25144 pid:5856 tgid:5856 ppid:2 flags:0x00004000 [ 286.873459][ T30] Call Trace: [ 286.876836][ T30] [ 286.879799][ T30] __schedule+0x189f/0x4c80 [ 286.884334][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.890483][ T30] ? __pfx___schedule+0x10/0x10 [ 286.895363][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.900461][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 286.906379][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 286.912775][ T30] ? schedule+0x90/0x320 [ 286.917060][ T30] schedule+0x14b/0x320 [ 286.921212][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.926734][ T30] __mutex_lock+0x7e7/0xee0 [ 286.931277][ T30] ? __mutex_lock+0x5ef/0xee0 [ 286.935976][ T30] ? btree_write_buffer_flush_seq+0x1c3f/0x1e10 [ 286.942294][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 286.947391][ T30] ? __pfx_bch2_next_write_buffer_flush_journal_buf+0x10/0x10 [ 286.954869][ T30] ? bch2_trans_unlock+0x3a6/0x470 [ 286.960048][ T30] btree_write_buffer_flush_seq+0x1c3f/0x1e10 [ 286.966141][ T30] ? __lock_acquire+0x1397/0x2100 [ 286.971219][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 286.976636][ T30] ? __pfx_btree_write_buffer_flush_seq+0x10/0x10 [ 286.983042][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 286.988886][ T30] ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10 [ 286.996106][ T30] bch2_btree_write_buffer_journal_flush+0xc7/0x150 [ 287.002859][ T30] ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10 [ 287.010194][ T30] ? bch2_journal_key_to_wb_slowpath+0x861/0x8f0 [ 287.016621][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 287.021863][ T30] ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10 [ 287.029155][ T30] journal_flush_pins+0x5f7/0xb20 [ 287.034213][ T30] __bch2_journal_reclaim+0x789/0xda0 [ 287.039678][ T30] bch2_journal_reclaim_thread+0x17a/0x570 [ 287.045507][ T30] ? bch2_journal_reclaim_thread+0x267/0x570 [ 287.051583][ T30] ? __pfx_bch2_journal_reclaim_thread+0x10/0x10 [ 287.057962][ T30] kthread+0x2f0/0x390 [ 287.062029][ T30] ? __pfx_bch2_journal_reclaim_thread+0x10/0x10 [ 287.068407][ T30] ? __pfx_kthread+0x10/0x10 [ 287.073031][ T30] ret_from_fork+0x4b/0x80 [ 287.077522][ T30] ? __pfx_kthread+0x10/0x10 [ 287.082123][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.086944][ T30] [ 287.089990][ T30] [ 287.089990][ T30] Showing all locks held in the system: [ 287.097813][ T30] 1 lock held by khungtaskd/30: [ 287.102681][ T30] #0: ffffffff8e9374a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 287.112635][ T30] 1 lock held by klogd/5193: [ 287.117293][ T30] #0: ffff8880b863e998 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 287.127393][ T30] 2 locks held by getty/5584: [ 287.132075][ T30] #0: ffff888034df20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 287.141990][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 287.152340][ T30] 5 locks held by syz-executor501/5845: [ 287.157943][ T30] #0: ffff888011cf40e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 287.168331][ T30] #1: ffff888074280278 (&c->state_lock){+.+.}-{4:4}, at: __bch2_fs_stop+0xfd/0x5c0 [ 287.177859][ T30] #2: ffff888074284378 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x7e4/0xd30 [ 287.188384][ T30] #3: ffff888074284720 (&wb->flushing.lock){+.+.}-{4:4}, at: btree_write_buffer_flush_seq+0x1c3f/0x1e10 [ 287.199844][ T30] #4: ffff8880742a66d0 (&c->gc_lock){.+.+}-{4:4}, at: bch2_btree_update_start+0x682/0x14e0 [ 287.210068][ T30] 3 locks held by bch-reclaim/loo/5856: [ 287.215656][ T30] #0: ffff8880742cb028 (&j->reclaim_lock){+.+.}-{4:4}, at: bch2_journal_reclaim_thread+0x16d/0x570 [ 287.226715][ T30] #1: ffff888074284378 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x7e4/0xd30 [ 287.237247][ T30] #2: ffff888074284720 (&wb->flushing.lock){+.+.}-{4:4}, at: btree_write_buffer_flush_seq+0x1c3f/0x1e10 [ 287.248619][ T30] [ 287.250961][ T30] ============================================= [ 287.250961][ T30] [ 287.259468][ T30] NMI backtrace for cpu 1 [ 287.263818][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 287.273783][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.283825][ T30] Call Trace: [ 287.287091][ T30] [ 287.290010][ T30] dump_stack_lvl+0x241/0x360 [ 287.294681][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.299900][ T30] ? __pfx__printk+0x10/0x10 [ 287.304596][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.309526][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.314991][ T30] ? _printk+0xd5/0x120 [ 287.319144][ T30] ? __pfx__printk+0x10/0x10 [ 287.323739][ T30] ? __wake_up_klogd+0xcc/0x110 [ 287.328592][ T30] ? __pfx__printk+0x10/0x10 [ 287.333228][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.339231][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.345224][ T30] watchdog+0xff6/0x1040 [ 287.349465][ T30] ? watchdog+0x1ea/0x1040 [ 287.353885][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.358749][ T30] kthread+0x2f0/0x390 [ 287.362829][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.367589][ T30] ? __pfx_kthread+0x10/0x10 [ 287.372208][ T30] ret_from_fork+0x4b/0x80 [ 287.376651][ T30] ? __pfx_kthread+0x10/0x10 [ 287.381258][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.386053][ T30] [ 287.389190][ T30] Sending NMI from CPU 1 to CPUs 0: [ 287.394534][ C0] NMI backtrace for cpu 0 [ 287.394549][ C0] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 287.394568][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.394579][ C0] Workqueue: events_unbound toggle_allocation_gate [ 287.394604][ C0] RIP: 0010:x2apic_send_IPI+0x7a/0xe0 [ 287.394628][ C0] Code: d8 48 c1 e8 03 42 0f b6 04 38 84 c0 75 29 8b 13 0f ae f0 0f ae e8 41 83 fe 02 b8 00 04 00 00 41 0f 45 c6 b9 30 08 00 00 0f 30 <66> 90 5b 41 5e 41 5f 5d c3 cc cc cc cc 89 d9 80 e1 07 80 c1 03 38 [ 287.394642][ C0] RSP: 0018:ffffc90000bd76b8 EFLAGS: 00000206 [ 287.394655][ C0] RAX: 00000000000000fb RBX: ffff8880b8721170 RCX: 0000000000000830 [ 287.394667][ C0] RDX: 0000000000000001 RSI: 00000000000000fb RDI: 0000000000000001 [ 287.394677][ C0] RBP: ffffffff8e2eba98 R08: ffffffff81936eda R09: 1ffffffff2033b36 [ 287.394689][ C0] R10: dffffc0000000000 R11: ffffffff81493250 R12: dffffc0000000000 [ 287.394701][ C0] R13: ffff8880b863fb80 R14: 00000000000000fb R15: dffffc0000000000 [ 287.394770][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 287.394786][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.394798][ C0] CR2: 00005619e6807600 CR3: 000000000e736000 CR4: 00000000003526f0 [ 287.394813][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.394823][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.394833][ C0] Call Trace: [ 287.394841][ C0] [ 287.394849][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 287.394869][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 287.394889][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.394912][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.394939][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.394955][ C0] ? nmi_handle+0x14f/0x5a0 [ 287.394973][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.394992][ C0] ? x2apic_send_IPI+0x7a/0xe0 [ 287.395012][ C0] ? default_do_nmi+0x63/0x160 [ 287.395035][ C0] ? exc_nmi+0x123/0x1f0 [ 287.395057][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.395088][ C0] ? __pfx_native_send_call_func_single_ipi+0x10/0x10 [ 287.395111][ C0] ? smp_call_function_many_cond+0x13fa/0x2c60 [ 287.395134][ C0] ? x2apic_send_IPI+0x7a/0xe0 [ 287.395155][ C0] ? x2apic_send_IPI+0x7a/0xe0 [ 287.395176][ C0] ? x2apic_send_IPI+0x7a/0xe0 [ 287.395196][ C0] [ 287.395202][ C0] [ 287.395208][ C0] smp_call_function_many_cond+0x15c6/0x2c60 [ 287.395239][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 287.395269][ C0] ? __pfx___text_poke+0x10/0x10 [ 287.395293][ C0] ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0 [ 287.395318][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 287.395340][ C0] ? __pfx_perf_event_text_poke+0x10/0x10 [ 287.395359][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 287.395378][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 287.395400][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 287.395422][ C0] text_poke_bp_batch+0x9ef/0xb30 [ 287.395477][ C0] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 287.395500][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 287.395525][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 287.395551][ C0] ? process_scheduled_works+0x976/0x1840 [ 287.395575][ C0] text_poke_finish+0x30/0x50 [ 287.395596][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 287.395621][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 287.395644][ C0] static_key_enable+0x1a/0x20 [ 287.395663][ C0] toggle_allocation_gate+0xbc/0x260 [ 287.395683][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 287.395701][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.395724][ C0] process_scheduled_works+0xa66/0x1840 [ 287.395760][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 287.395787][ C0] ? assign_work+0x364/0x3d0 [ 287.395811][ C0] worker_thread+0x870/0xd30 [ 287.395833][ C0] ? __kthread_parkme+0x169/0x1d0 [ 287.395850][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.395873][ C0] kthread+0x2f0/0x390 [ 287.395891][ C0] ? __pfx_worker_thread+0x10/0x10 [ 287.395913][ C0] ? __pfx_kthread+0x10/0x10 [ 287.395931][ C0] ret_from_fork+0x4b/0x80 [ 287.395946][ C0] ? __pfx_kthread+0x10/0x10 [ 287.395963][ C0] ret_from_fork_asm+0x1a/0x30 [ 287.395985][ C0] [ 287.395993][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.459 msecs [ 287.396541][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 287.396556][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 287.396575][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.396586][ T30] Call Trace: [ 287.396593][ T30] [ 287.396601][ T30] dump_stack_lvl+0x241/0x360 [ 287.396629][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.396652][ T30] ? __pfx__printk+0x10/0x10 [ 287.396672][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.396703][ T30] ? vscnprintf+0x5d/0x90 [ 287.396723][ T30] panic+0x349/0x880 [ 287.396746][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.396772][ T30] ? __pfx_panic+0x10/0x10 [ 287.396791][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 287.396815][ T30] ? __irq_work_queue_local+0x137/0x410 [ 287.396837][ T30] ? irq_work_queue+0xca/0x150 [ 287.396854][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.396873][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.396890][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.396906][ T30] ? nmi_trigger_cpumask_backtrace+0x251/0x320 [ 287.396934][ T30] watchdog+0x1035/0x1040 [ 287.396955][ T30] ? watchdog+0x1ea/0x1040 [ 287.396979][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.396997][ T30] kthread+0x2f0/0x390 [ 287.397016][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.397034][ T30] ? __pfx_kthread+0x10/0x10 [ 287.397053][ T30] ret_from_fork+0x4b/0x80 [ 287.397071][ T30] ? __pfx_kthread+0x10/0x10 [ 287.397090][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.397119][ T30] [ 287.976027][ T30] Kernel Offset: disabled [ 287.980352][ T30] Rebooting in 86400 seconds..