Extracting prog: 20m0.243756113s
Minimizing prog: 1h21m55.256185531s
Simplifying prog options: 20m19.952361147s
Extracting C: 5m13.404048365s
Simplifying C: 0s
extracting reproducer from 25 programs
testing a last program of every proc
single: executing 5 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$auto_nsim_pp_hold_fops_netdev-socket-madvise$auto-close_range$auto-openat$auto_kvm_chardev_ops_kvm_main-mmap$auto-sysfs$auto-socketpair$auto-openat$auto_iommufd_fops_main-ioctl$auto-openat$auto_def_blk_fops_fs-write$auto-openat$auto_snd_rawmidi_f_ops_rawmidi-socket$nl_generic-prctl$auto-select$auto-openat$nci-socket$nl_generic-syz_genetlink_get_family_id$auto_ila-syslog$auto-sendmsg$auto_ILA_CMD_ADD-syz_clone-mmap$auto-socket-close_range$auto-openat$auto_vhost_net_fops_net-openat$auto_tracing_buffers_fops_trace-io_uring_enter$auto-rt_sigqueueinfo$auto
detailed listing:
executing program 0:
openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
socket(0x1b, 0x3, 0x1)
madvise$auto(0x0, 0x2000040080000004, 0xe)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
mmap$auto(0x100, 0x440008, 0x8a, 0xf4, 0x2, 0x8000)
sysfs$auto(0x2, 0x7, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r1, 0x3b8f, r0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000480)='/\x91\x03\x1f$%j.Ra\x85!\x9b\xc0\xe3j\x92\x11~\xd0\x81\xcb\xe4\xc9\t\x85\xba\xe4\xbe*\'\xe0\xb8\xd2\x8dOI\x93\xe4\xc8\xe1U\xfa\xeei(\xd8\xdauPF\x12\xc0\xe3\xd7\x86\x13\x89\x8c7\xb6\xbb\x1b\"\xdc\xa8l\xc1B\xc9?j\x80I\xb8QnU\x95\xf4)\x1b)\x9c\xde\xed@\xe4\xb8\x9a\xcb\xbfjh\x14\"m\x03\nC\xfd\xa5\xdeQ\xeb4\xc6Y,\xda\xd2e\x96\xb9\x85\x94\xc3\xc5E+\xe8\x19\x82\x9fo\xc62\xa6^\xe3B\xcc\xe8\x94@\x9c\t\xac\xe7\xbe\xad\x02\x8f_\x13\xf0\xa0\x8e\xc0v/\x1e\x87\x8a\t\xd3\xf0I\x04yF\x02k~+\xf1L&\x908\x8b\x92\xa6s\xc1\xa5\x93\xcdL\x8a\xc1d\xbb\xec\x1f\xa3\xcb\xb5\xdc\xd4\x7fq0J\x85s\xb3\x94J\xae\x89^\xc6\xa8LBP\a\xab\xdc\xe8\xf7\x1d!\x12\v0)\xc2b\xf5\x11\x8d\x9e\x8f\x1f32P\xd8\xfb\xb8J\x81\r\xd1\xe1\xfe\xd4!\x18\x12\xbb\xc0\xf9\x88<\xa7\x04\xbe\xfeEq\x10\xa9a\x11\xfeX\xb8\x1e\xca\x9b\xac\xc2\xa7%\xac\xf7\x11\xb2#\x16\xb9\x98z[\xc2\xec\xde|/\xef~\f\xef\xf3Xk\xfe\x00\x81\xe3\n\x19R\xfc%\xf5\x10\xb2\xd1!\xb8?\x9f\x11^\xbd\xe5)\xdd\xebZ\x87k\x05\xbb<\xda8.\xd3\x9f\x9dq\xc9\x879\xf2-\xa9;\x83c\x9fM\x9e\x8d\xfey\x93l\rlE\x02\xfbn\xd0\x8b\xf79\xb2\xf6\x16', 0x3)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
syslog$auto(0x2, &(0x7f0000000380)=']^^/W#\'\x00', 0x3)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1)
socket(0xf, 0x4, 0x3)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
io_uring_enter$auto(0xffffffffffffffff, 0x1, 0xfffffc01, 0x4, &(0x7f00000002c0)="9cb0e925b6c933c1e84975dc16630bb8b0f266d7793d8229a9d6a5dfa1591faeb97caa277628e870ede4c8395f647b1d493e45805b63a07812b75f6cd4492fdea9bdc15d4023d9dd883e34e03b76d722485bc83c1485c188d0dd8520707151", 0x4)
rt_sigqueueinfo$auto(0x0, 0xb, &(0x7f00000001c0)={@siginfo_0_0={0x3, 0x401, 0x1, @_timer={0x0, 0xd, @sival_ptr=0x0, 0x62}}})
program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket-getsockopt$auto-gettid-mmap$auto-madvise$auto-pipe$auto-socketpair$auto-close_range$auto-openat$auto_v4l2_fops_v4l2_dev-ioctl$auto-mmap$auto-sysfs$auto-fsopen$auto-rt_sigqueueinfo$auto-socket$nl_generic-fadvise64$auto_POSIX_FADV_SEQUENTIAL
detailed listing:
executing program 0:
r0 = socket(0x1d, 0x2, 0x7)
getsockopt$auto(r0, 0x6c, 0x40000000, 0xfffffffffffffffe, 0x0)
r1 = gettid()
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
pipe$auto(0x0)
r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r2, r2, 0x0)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0)
ioctl$auto(r3, 0xc0585611, r3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x100000000000038, 0x0)
fsopen$auto(0x0, 0x1)
rt_sigqueueinfo$auto(r1, 0xb, &(0x7f00000001c0)={@siginfo_0_0={0x3, 0x401, 0xfffffffb, @_timer={r1, 0xd, @sival_ptr=0x0, 0x62}}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
fadvise64$auto_POSIX_FADV_SEQUENTIAL(r4, 0x3ff, 0x480000000000000, 0x2)
program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-getsockopt$auto-openat$auto_kernfs_file_fops_kernfs_internal-read$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(r0, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20) (async)
r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r2, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
single: successfully extracted reproducer
found reproducer with 11 syscalls
minimizing guilty program
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-getsockopt$auto-openat$auto_kernfs_file_fops_kernfs_internal-read$auto-openat$auto_nsim_dev_health_break_fops_health
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(r0, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20) (async)
openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
program did not crash
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-getsockopt$auto-openat$auto_kernfs_file_fops_kernfs_internal-read$auto-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(r0, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20) (async)
write$auto(0xffffffffffffffff, 0x0, 0x2)
program did not crash
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-getsockopt$auto-openat$auto_kernfs_file_fops_kernfs_internal-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(r0, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x0, 0x0)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r1, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-getsockopt$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
getsockopt$auto(r0, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r1, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-setsockopt$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-socketpair$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) (async)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-socket-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program did not crash
testing program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program did not crash
extracting C reproducer
testing compiled C program (duration=8m41.556413682s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
simplifying guilty program options
testing program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
extracting C reproducer
testing compiled C program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program did not crash
testing program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
validation run: crashed=true
testing program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
validation run: crashed=true
testing program (duration=8m41.556413682s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mmap$auto-openat$auto_nsim_dev_health_break_fops_health-write$auto
detailed listing:
executing program 0:
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x2)
program crashed: INFO: task hung in remove_one
validation run: crashed=true
reproducing took 2h25m22.008844842s
repro crashed as (corrupted=false):
INFO: task kworker/u8:8:3452 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:8 state:D stack:24968 pid:3452 tgid:3452 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:100 [inline]
__wait_for_common+0x2f9/0x4e0 kernel/sched/completion.c:121
__debugfs_file_removed fs/debugfs/inode.c:770 [inline]
remove_one+0x312/0x420 fs/debugfs/inode.c:777
__simple_recursive_removal+0x158/0x610 fs/libfs.c:631
debugfs_remove+0x5d/0x80 fs/debugfs/inode.c:800
nsim_dev_health_exit+0x3b/0xe0 drivers/net/netdevsim/health.c:227
nsim_dev_reload_destroy+0x144/0x4d0 drivers/net/netdevsim/dev.c:1710
nsim_dev_reload_down+0x6e/0xd0 drivers/net/netdevsim/dev.c:983
devlink_reload+0x19e/0x7c0 net/devlink/dev.c:461
devlink_pernet_pre_exit+0x1a0/0x2b0 net/devlink/core.c:509
ops_pre_exit_list net/core/net_namespace.c:161 [inline]
ops_undo_list+0x184/0xab0 net/core/net_namespace.c:234
cleanup_net+0x41b/0x8b0 net/core/net_namespace.c:695
process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263
process_scheduled_works kernel/workqueue.c:3346 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INFO: task syz-executor:8705 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:24296 pid:8705 tgid:8705 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
__mutex_lock_common kernel/locking/mutex.c:676 [inline]
__mutex_lock+0x818/0x1060 kernel/locking/mutex.c:760
device_lock include/linux/device.h:914 [inline]
device_del+0xa0/0x9f0 drivers/base/core.c:3840
device_unregister+0x1d/0xc0 drivers/base/core.c:3919
nsim_bus_dev_del drivers/net/netdevsim/bus.c:483 [inline]
del_device_store+0x355/0x4a0 drivers/net/netdevsim/bus.c:244
bus_attr_store+0x71/0xb0 drivers/base/bus.c:172
sysfs_kf_write+0xf2/0x150 fs/sysfs/file.c:142
kernfs_fop_write_iter+0x3af/0x570 fs/kernfs/file.c:352
new_sync_write fs/read_write.c:593 [inline]
vfs_write+0x7d3/0x11d0 fs/read_write.c:686
ksys_write+0x12a/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f69bb98d97f
RSP: 002b:00007fff38cce970 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f69bb98d97f
RDX: 0000000000000001 RSI: 00007fff38cce9c0 RDI: 0000000000000005
RBP: 00007f69bba13239 R08: 0000000000000000 R09: 00007fff38cce7c7
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
R13: 00007fff38cce9c0 R14: 00007f69bc714620 R15: 0000000000000003
INFO: task syz.0.2545:8710 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.2545 state:D stack:27288 pid:8710 tgid:8710 ppid:5986 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
__mutex_lock_common kernel/locking/mutex.c:676 [inline]
__mutex_lock+0x818/0x1060 kernel/locking/mutex.c:760
devlink_health_report+0x6b4/0xb00 net/devlink/health.c:680
nsim_dev_health_break_write+0x166/0x210 drivers/net/netdevsim/health.c:162
full_proxy_write+0x12e/0x1a0 fs/debugfs/file.c:388
vfs_write+0x2a0/0x11d0 fs/read_write.c:684
ksys_write+0x12a/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6e21d8eec9
RSP: 002b:00007ffceae04908 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f6e21fe5fa0 RCX: 00007f6e21d8eec9
RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007f6e21e11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f6e21fe5fa0 R14: 00007f6e21fe5fa0 R15: 0000000000000003
INFO: task syz.3.2553:8720 blocked for more than 144 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.2553 state:D stack:27288 pid:8720 tgid:8720 ppid:5985 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
rwsem_down_read_slowpath+0x64b/0xbf0 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1261 [inline]
__down_read kernel/locking/rwsem.c:1274 [inline]
down_read+0xef/0x480 kernel/locking/rwsem.c:1539
inode_lock_shared include/linux/fs.h:995 [inline]
open_last_lookups fs/namei.c:3894 [inline]
path_openat+0x818/0x2cb0 fs/namei.c:4131
do_filp_open+0x20b/0x470 fs/namei.c:4161
do_sys_openat2+0x11b/0x1d0 fs/open.c:1437
do_sys_open fs/open.c:1452 [inline]
__do_sys_openat fs/open.c:1468 [inline]
__se_sys_openat fs/open.c:1463 [inline]
__x64_sys_openat+0x174/0x210 fs/open.c:1463
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f389118eec9
RSP: 002b:00007ffc7348e618 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f38913e5fa0 RCX: 00007f389118eec9
RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007f3891211f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f38913e5fa0 R14: 00007f38913e5fa0 R15: 0000000000000004
INFO: task syz.1.2554:8722 blocked for more than 144 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.2554 state:D stack:27288 pid:8722 tgid:8722 ppid:8485 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
rwsem_down_read_slowpath+0x64b/0xbf0 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1261 [inline]
__down_read kernel/locking/rwsem.c:1274 [inline]
down_read+0xef/0x480 kernel/locking/rwsem.c:1539
inode_lock_shared include/linux/fs.h:995 [inline]
open_last_lookups fs/namei.c:3894 [inline]
path_openat+0x818/0x2cb0 fs/namei.c:4131
do_filp_open+0x20b/0x470 fs/namei.c:4161
do_sys_openat2+0x11b/0x1d0 fs/open.c:1437
do_sys_open fs/open.c:1452 [inline]
__do_sys_openat fs/open.c:1468 [inline]
__se_sys_openat fs/open.c:1463 [inline]
__x64_sys_openat+0x174/0x210 fs/open.c:1463
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f619e98eec9
RSP: 002b:00007ffe1134eca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f619ebe5fa0 RCX: 00007f619e98eec9
RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007f619ea11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f619ebe5fa0 R14: 00007f619ebe5fa0 R15: 0000000000000004
Showing all locks held in the system:
1 lock held by khungtaskd/31:
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6775
6 locks held by kworker/u8:8/3452:
#0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3238
#1: ffffc9000bc17d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3239
#2: ffffffff900e8770 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 net/core/net_namespace.c:669
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:914 [inline]
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:108 [inline]
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 net/devlink/core.c:506
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devl_lock net/devlink/core.c:276 [inline]
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:109 [inline]
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 net/devlink/core.c:506
#5: ffff8880587eda70 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1025 [inline]
#5: ffff8880587eda70 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 fs/libfs.c:627
2 locks held by getty/5595:
#0: ffff88814d81d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 drivers/tty/n_tty.c:2222
5 locks held by syz-executor/8705:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880603a7888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
#4: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:914 [inline]
#4: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9f0 drivers/base/core.c:3840
2 locks held by syz.0.2545/8710:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xb00 net/devlink/health.c:680
2 locks held by syz.3.2553/8720:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: open_last_lookups fs/namei.c:3884 [inline]
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0 fs/namei.c:4131
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:995 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: open_last_lookups fs/namei.c:3894 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0 fs/namei.c:4131
2 locks held by syz.1.2554/8722:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: open_last_lookups fs/namei.c:3884 [inline]
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0 fs/namei.c:4131
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:995 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: open_last_lookups fs/namei.c:3894 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0 fs/namei.c:4131
4 locks held by syz-executor/8729:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805b99c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8732:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580d2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8735:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805ad17088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8765:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805a184088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8777:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888058bac088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8780:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880237b0088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8782:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580b2c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8813:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580d7488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8827:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888059647488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8829:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888060527088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8832:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888025cb4888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:332 [inline]
watchdog+0xf3f/0x1170 kernel/hung_task.c:495
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 3551 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:trace_hardirqs_off+0x14/0x40 kernel/trace/trace_preemptirq.c:106
Code: 22 91 5f 00 eb 8a 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 3c 24 e8 73 1f 9e 09 65 8b 05 d0 f8 e0 11 <85> c0 74 05 c3 cc cc cc cc 65 c7 05 bc f8 e0 11 01 00 00 00 48 8b
RSP: 0018:ffffc9000bfb7918 EFLAGS: 00000002
RAX: 0000000000000000 RBX: ffff88813ff1e558 RCX: 0000000000000001
RDX: 0000000000000000 RSI: ffffffff8daffadf RDI: ffffffff8bf1d740
RBP: ffffffff821882bc R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000200 R11: 0000000000000000 R12: 00000000000002c0
R13: ffffea0000086200 R14: fffffffffffffeff R15: 8000000000000063
FS: 0000000000000000(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005627a1faaa38 CR3: 000000000e182000 CR4: 00000000003526f0
Call Trace:
__text_poke+0x6e9/0xb70 arch/x86/kernel/alternative.c:2474
smp_text_poke_batch_finish+0x4f1/0xdb0 arch/x86/kernel/alternative.c:2885
arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
jump_label_update+0x376/0x550 kernel/jump_label.c:919
static_key_disable_cpuslocked+0x158/0x1c0 kernel/jump_label.c:240
static_key_disable+0x1a/0x20 kernel/jump_label.c:248
toggle_allocation_gate mm/kfence/core.c:857 [inline]
toggle_allocation_gate+0x145/0x280 mm/kfence/core.c:844
process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263
process_scheduled_works kernel/workqueue.c:3346 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
final repro crashed as (corrupted=false):
INFO: task kworker/u8:8:3452 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:8 state:D stack:24968 pid:3452 tgid:3452 ppid:2 task_flags:0x4208060 flags:0x00080000
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:100 [inline]
__wait_for_common+0x2f9/0x4e0 kernel/sched/completion.c:121
__debugfs_file_removed fs/debugfs/inode.c:770 [inline]
remove_one+0x312/0x420 fs/debugfs/inode.c:777
__simple_recursive_removal+0x158/0x610 fs/libfs.c:631
debugfs_remove+0x5d/0x80 fs/debugfs/inode.c:800
nsim_dev_health_exit+0x3b/0xe0 drivers/net/netdevsim/health.c:227
nsim_dev_reload_destroy+0x144/0x4d0 drivers/net/netdevsim/dev.c:1710
nsim_dev_reload_down+0x6e/0xd0 drivers/net/netdevsim/dev.c:983
devlink_reload+0x19e/0x7c0 net/devlink/dev.c:461
devlink_pernet_pre_exit+0x1a0/0x2b0 net/devlink/core.c:509
ops_pre_exit_list net/core/net_namespace.c:161 [inline]
ops_undo_list+0x184/0xab0 net/core/net_namespace.c:234
cleanup_net+0x41b/0x8b0 net/core/net_namespace.c:695
process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263
process_scheduled_works kernel/workqueue.c:3346 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INFO: task syz-executor:8705 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:24296 pid:8705 tgid:8705 ppid:1 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
__mutex_lock_common kernel/locking/mutex.c:676 [inline]
__mutex_lock+0x818/0x1060 kernel/locking/mutex.c:760
device_lock include/linux/device.h:914 [inline]
device_del+0xa0/0x9f0 drivers/base/core.c:3840
device_unregister+0x1d/0xc0 drivers/base/core.c:3919
nsim_bus_dev_del drivers/net/netdevsim/bus.c:483 [inline]
del_device_store+0x355/0x4a0 drivers/net/netdevsim/bus.c:244
bus_attr_store+0x71/0xb0 drivers/base/bus.c:172
sysfs_kf_write+0xf2/0x150 fs/sysfs/file.c:142
kernfs_fop_write_iter+0x3af/0x570 fs/kernfs/file.c:352
new_sync_write fs/read_write.c:593 [inline]
vfs_write+0x7d3/0x11d0 fs/read_write.c:686
ksys_write+0x12a/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f69bb98d97f
RSP: 002b:00007fff38cce970 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f69bb98d97f
RDX: 0000000000000001 RSI: 00007fff38cce9c0 RDI: 0000000000000005
RBP: 00007f69bba13239 R08: 0000000000000000 R09: 00007fff38cce7c7
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
R13: 00007fff38cce9c0 R14: 00007f69bc714620 R15: 0000000000000003
INFO: task syz.0.2545:8710 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.2545 state:D stack:27288 pid:8710 tgid:8710 ppid:5986 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
__mutex_lock_common kernel/locking/mutex.c:676 [inline]
__mutex_lock+0x818/0x1060 kernel/locking/mutex.c:760
devlink_health_report+0x6b4/0xb00 net/devlink/health.c:680
nsim_dev_health_break_write+0x166/0x210 drivers/net/netdevsim/health.c:162
full_proxy_write+0x12e/0x1a0 fs/debugfs/file.c:388
vfs_write+0x2a0/0x11d0 fs/read_write.c:684
ksys_write+0x12a/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6e21d8eec9
RSP: 002b:00007ffceae04908 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f6e21fe5fa0 RCX: 00007f6e21d8eec9
RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007f6e21e11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f6e21fe5fa0 R14: 00007f6e21fe5fa0 R15: 0000000000000003
INFO: task syz.3.2553:8720 blocked for more than 144 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.2553 state:D stack:27288 pid:8720 tgid:8720 ppid:5985 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
rwsem_down_read_slowpath+0x64b/0xbf0 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1261 [inline]
__down_read kernel/locking/rwsem.c:1274 [inline]
down_read+0xef/0x480 kernel/locking/rwsem.c:1539
inode_lock_shared include/linux/fs.h:995 [inline]
open_last_lookups fs/namei.c:3894 [inline]
path_openat+0x818/0x2cb0 fs/namei.c:4131
do_filp_open+0x20b/0x470 fs/namei.c:4161
do_sys_openat2+0x11b/0x1d0 fs/open.c:1437
do_sys_open fs/open.c:1452 [inline]
__do_sys_openat fs/open.c:1468 [inline]
__se_sys_openat fs/open.c:1463 [inline]
__x64_sys_openat+0x174/0x210 fs/open.c:1463
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f389118eec9
RSP: 002b:00007ffc7348e618 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f38913e5fa0 RCX: 00007f389118eec9
RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007f3891211f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f38913e5fa0 R14: 00007f38913e5fa0 R15: 0000000000000004
INFO: task syz.1.2554:8722 blocked for more than 144 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.2554 state:D stack:27288 pid:8722 tgid:8722 ppid:8485 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5325 [inline]
__schedule+0x1190/0x5de0 kernel/sched/core.c:6929
__schedule_loop kernel/sched/core.c:7011 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:7026
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7083
rwsem_down_read_slowpath+0x64b/0xbf0 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1261 [inline]
__down_read kernel/locking/rwsem.c:1274 [inline]
down_read+0xef/0x480 kernel/locking/rwsem.c:1539
inode_lock_shared include/linux/fs.h:995 [inline]
open_last_lookups fs/namei.c:3894 [inline]
path_openat+0x818/0x2cb0 fs/namei.c:4131
do_filp_open+0x20b/0x470 fs/namei.c:4161
do_sys_openat2+0x11b/0x1d0 fs/open.c:1437
do_sys_open fs/open.c:1452 [inline]
__do_sys_openat fs/open.c:1468 [inline]
__se_sys_openat fs/open.c:1463 [inline]
__x64_sys_openat+0x174/0x210 fs/open.c:1463
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f619e98eec9
RSP: 002b:00007ffe1134eca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f619ebe5fa0 RCX: 00007f619e98eec9
RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
RBP: 00007f619ea11f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f619ebe5fa0 R14: 00007f619ebe5fa0 R15: 0000000000000004
Showing all locks held in the system:
1 lock held by khungtaskd/31:
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:867 [inline]
#0: ffffffff8e3c4320 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6775
6 locks held by kworker/u8:8/3452:
#0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3238
#1: ffffc9000bc17d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3239
#2: ffffffff900e8770 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 net/core/net_namespace.c:669
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:914 [inline]
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:108 [inline]
#3: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 net/devlink/core.c:506
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devl_lock net/devlink/core.c:276 [inline]
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:109 [inline]
#4: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 net/devlink/core.c:506
#5: ffff8880587eda70 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:1025 [inline]
#5: ffff8880587eda70 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 fs/libfs.c:627
2 locks held by getty/5595:
#0: ffff88814d81d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 drivers/tty/n_tty.c:2222
5 locks held by syz-executor/8705:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880603a7888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
#4: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:914 [inline]
#4: ffff88802863b0e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9f0 drivers/base/core.c:3840
2 locks held by syz.0.2545/8710:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88802863c250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xb00 net/devlink/health.c:680
2 locks held by syz.3.2553/8720:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: open_last_lookups fs/namei.c:3884 [inline]
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0 fs/namei.c:4131
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:995 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: open_last_lookups fs/namei.c:3894 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0 fs/namei.c:4131
2 locks held by syz.1.2554/8722:
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: open_last_lookups fs/namei.c:3884 [inline]
#0: ffff88801e6f2420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0 fs/namei.c:4131
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:995 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: open_last_lookups fs/namei.c:3894 [inline]
#1: ffff8880587eda70 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0 fs/namei.c:4131
4 locks held by syz-executor/8729:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805b99c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8732:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580d2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8735:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805ad17088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8765:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff88805a184088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8777:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888058bac088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8780:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880237b0088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8782:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580b2c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8813:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff8880580d7488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8827:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888059647488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8829:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888060527088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
4 locks held by syz-executor/8832:
#0: ffff888034fc8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 fs/read_write.c:738
#1: ffff888025cb4888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 fs/kernfs/file.c:343
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_get_active_of fs/kernfs/file.c:80 [inline]
#2: ffff88814476c968 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 fs/kernfs/file.c:344
#3: ffffffff8f6825a8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 drivers/net/netdevsim/bus.c:234
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:332 [inline]
watchdog+0xf3f/0x1170 kernel/hung_task.c:495
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 3551 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:trace_hardirqs_off+0x14/0x40 kernel/trace/trace_preemptirq.c:106
Code: 22 91 5f 00 eb 8a 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 3c 24 e8 73 1f 9e 09 65 8b 05 d0 f8 e0 11 <85> c0 74 05 c3 cc cc cc cc 65 c7 05 bc f8 e0 11 01 00 00 00 48 8b
RSP: 0018:ffffc9000bfb7918 EFLAGS: 00000002
RAX: 0000000000000000 RBX: ffff88813ff1e558 RCX: 0000000000000001
RDX: 0000000000000000 RSI: ffffffff8daffadf RDI: ffffffff8bf1d740
RBP: ffffffff821882bc R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000200 R11: 0000000000000000 R12: 00000000000002c0
R13: ffffea0000086200 R14: fffffffffffffeff R15: 8000000000000063
FS: 0000000000000000(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005627a1faaa38 CR3: 000000000e182000 CR4: 00000000003526f0
Call Trace:
__text_poke+0x6e9/0xb70 arch/x86/kernel/alternative.c:2474
smp_text_poke_batch_finish+0x4f1/0xdb0 arch/x86/kernel/alternative.c:2885
arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
jump_label_update+0x376/0x550 kernel/jump_label.c:919
static_key_disable_cpuslocked+0x158/0x1c0 kernel/jump_label.c:240
static_key_disable+0x1a/0x20 kernel/jump_label.c:248
toggle_allocation_gate mm/kfence/core.c:857 [inline]
toggle_allocation_gate+0x145/0x280 mm/kfence/core.c:844
process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263
process_scheduled_works kernel/workqueue.c:3346 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427
kthread+0x3c2/0x780 kernel/kthread.c:463
ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245