./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2534450149 <...> [ 2.751042][ T31] audit: type=1400 audit(1665859269.069:10): avc: denied { getattr } for pid=165 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2.756671][ T167] acpid (167) used greatest stack depth: 24200 bytes left [ 2.878718][ T182] udevd[182]: starting version 3.2.10 [ 2.906321][ T183] udevd[183]: starting eudev-3.2.10 [ 2.908420][ T182] udevd (182) used greatest stack depth: 22976 bytes left [ 12.127121][ T31] kauditd_printk_skb: 49 callbacks suppressed [ 12.127134][ T31] audit: type=1400 audit(1665859278.479:60): avc: denied { transition } for pid=332 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.131592][ T31] audit: type=1400 audit(1665859278.479:61): avc: denied { write } for pid=332 comm="sh" path="pipe:[299]" dev="pipefs" ino=299 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 12.939324][ T333] sshd (333) used greatest stack depth: 22656 bytes left [ 13.451763][ T340] sshd (340) used greatest stack depth: 22400 bytes left Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. execve("./syz-executor2534450149", ["./syz-executor2534450149"], 0x7fff12a31970 /* 10 vars */) = 0 brk(NULL) = 0x555555ed4000 brk(0x555555ed4c40) = 0x555555ed4c40 arch_prctl(ARCH_SET_FS, 0x555555ed4300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555ed45d0) = 426 set_robust_list(0x555555ed45e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f960bf16510, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f960bf16be0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f960bf165b0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f960bf16be0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2534450149", 4096) = 28 brk(0x555555ef5c40) = 0x555555ef5c40 brk(0x555555ef6000) = 0x555555ef6000 mprotect(0x7f960bfd7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ed45d0) = 427 ./strace-static-x86_64: Process 427 attached [pid 427] set_robust_list(0x555555ed45e0, 24) = 0 [pid 427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 427] setpgid(0, 0) = 0 [pid 427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 427] write(3, "1000", 4) = 4 [pid 427] close(3) = 0 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f960bee6000 [pid 427] mprotect(0x7f960bee7000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 427] clone(child_stack=0x7f960bf063f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 428 attached , parent_tid=[428], tls=0x7f960bf06700, child_tidptr=0x7f960bf069d0) = 428 [pid 428] set_robust_list(0x7f960bf069e0, 24 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... set_robust_list resumed>) = 0 [pid 427] <... futex resumed>) = 0 [pid 428] mkdirat(AT_FDCWD, "./file0", 000 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... mkdirat resumed>) = 0 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] openat(AT_FDCWD, "/dev/fuse", O_RDWR|O_CREAT, 000 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... openat resumed>) = 3 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] mount(NULL, "./file0", "fuse", 0, "fd=0x0000000000000003,rootmode=00000000000000000040000,user_id=00000000000000000000,group_id=0000000"...) = 0 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] read(3, "\x38\x00\x00\x00\x1a\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x22\x00\x00\x00\x00\x00\x02\x00\xfb\xff\xff\xb3", 8224) = 56 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] write(3, "\x50\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x1f\x00\x00\x00\x00\x00\x00\x00\x15\x30\x02\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 80) = 80 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [ 25.905500][ T31] audit: type=1400 audit(1665859292.259:62): avc: denied { execmem } for pid=426 comm="syz-executor253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 25.930714][ T31] audit: type=1400 audit(1665859292.289:63): avc: denied { read write } for pid=427 comm="syz-executor253" name="fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [pid 428] read(3, [pid 427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 427] futex(0x7f960bfdd4dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f960bec5000 [pid 427] mprotect(0x7f960bec6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 427] clone(child_stack=0x7f960bee53f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[431], tls=0x7f960bee5700, child_tidptr=0x7f960bee59d0) = 431 [pid 427] futex(0x7f960bfdd4d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 431 attached [pid 431] set_robust_list(0x7f960bee59e0, 24) = 0 [pid 431] pivot_root("./file0", "./file0") = 0 [pid 431] futex(0x7f960bfdd4dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f960bfdd4d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f960bfdd4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 431] <... futex resumed>) = 1 [pid 431] openat(AT_FDCWD, "/proc/self/attr/exec", O_RDWR [pid 428] <... read resumed>"\x2d\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaf\x01\x00\x00\x00\x00\x00\x00\x70\x72\x6f\x63\x00", 8224) = 45 [pid 428] futex(0x7f960bfdd4cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 25.954091][ T31] audit: type=1400 audit(1665859292.289:64): avc: denied { open } for pid=427 comm="syz-executor253" path="/dev/fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 25.977329][ T31] audit: type=1400 audit(1665859292.299:65): avc: denied { mounton } for pid=427 comm="syz-executor253" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [pid 428] futex(0x7f960bfdd4c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 427] futex(0x7f960bfdd4dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 427] futex(0x7f960bfdd4c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 427] <... futex resumed>) = 1 [pid 428] write(3, "\x2c\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x28\x39\x5c\x00", 44 [ 25.999843][ T31] audit: type=1400 audit(1665859292.299:66): avc: denied { mount } for pid=427 comm="syz-executor253" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [pid 427] futex(0x7f960bfdd4cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 427] exit_group(0) = ? [pid 426] kill(-427, SIGKILL) = 0 [pid 426] kill(427, SIGKILL) = 0 [ 244.433356][ T32] INFO: task udevd:183 blocked for more than 122 seconds. [ 244.440288][ T32] Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 244.447628][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 244.456110][ T32] task:udevd state:D stack:26112 pid: 183 ppid: 1 flags:0x00004000 [ 244.456778][ T31] audit: type=1400 audit(1665859510.819:67): avc: denied { search } for pid=165 comm="syslogd" name="/" dev="fuse" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 244.465288][ T32] Call Trace: [ 244.489330][ T32] [ 244.492111][ T32] __schedule+0xaa6/0x1010 [ 244.496581][ T32] ? release_firmware_map_entry+0x193/0x193 [ 244.502234][ T32] ? __kasan_check_write+0x14/0x20 [ 244.507214][ T32] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 244.512131][ T32] ? _raw_spin_lock_irqsave+0x210/0x210 [ 244.517716][ T32] schedule+0x12b/0x1f0 [ 244.521759][ T32] rwsem_down_read_slowpath+0x6c7/0xe20 [ 244.527155][ T32] ? down_write_killable+0x150/0x150 [ 244.532264][ T32] ? __legitimize_mnt+0x7d/0x1d0 [ 244.537049][ T32] ? try_to_unlazy+0x64a/0xa60 [ 244.541633][ T32] down_read+0xad/0x230 [ 244.545642][ T32] ? lookup_fast+0x321/0x7f0 [ 244.550138][ T32] ? __down_common+0x4f0/0x4f0 [ 244.554754][ T32] ? handle_dots+0x1020/0x1020 [ 244.559341][ T32] lookup_slow+0x4c/0x80 [ 244.563428][ T32] walk_component+0x425/0x5a0 [ 244.567932][ T32] ? nd_alloc_stack+0xf0/0xf0 [ 244.572443][ T32] ? fuse_do_getattr+0x13b0/0x13b0 [ 244.577403][ T32] link_path_walk+0x682/0xde0 [ 244.581905][ T32] ? nd_jump_root+0x1a9/0x470 [ 244.586428][ T32] ? handle_lookup_down+0x130/0x130 [ 244.591453][ T32] ? getname_flags+0xba/0x510 [ 244.595976][ T32] ? vfs_statx+0x104/0x6a0 [ 244.600218][ T32] path_lookupat+0xab/0x460 [ 244.604567][ T32] filename_lookup+0x277/0x640 [ 244.609155][ T32] ? hashlen_string+0x120/0x120 [ 244.613861][ T32] user_path_at_empty+0x44/0x1b0 [ 244.618618][ T32] vfs_statx+0x104/0x6a0 [ 244.622696][ T32] ? sysvec_irq_work+0x55/0xc0 [ 244.627315][ T32] ? asm_sysvec_irq_work+0x1b/0x20 [ 244.632242][ T32] ? vfs_fstatat+0x40/0x40 [ 244.636509][ T32] __se_sys_newfstatat+0xc8/0x780 [ 244.641356][ T32] ? __x64_sys_newfstatat+0xb0/0xb0 [ 244.646401][ T32] ? group_send_sig_info+0x1a9/0x2f0 [ 244.651510][ T32] ? __lock_task_sighand+0x100/0x100 [ 244.656649][ T32] ? idr_find+0x3f/0x60 [ 244.660737][ T32] ? kill_proc_info+0x6b/0x90 [ 244.665268][ T32] __x64_sys_newfstatat+0x9b/0xb0 [ 244.670113][ T32] do_syscall_64+0x44/0xd0 [ 244.674381][ T32] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 244.680089][ T32] RIP: 0033:0x7f83be6821da [ 244.684358][ T32] RSP: 002b:00007ffe06c9cf28 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 244.692585][ T32] RAX: ffffffffffffffda RBX: 0000563738c946a0 RCX: 00007f83be6821da [ 244.700413][ T32] RDX: 00007ffe06c9cf38 RSI: 0000563738c827ed RDI: 00000000ffffff9c [ 244.708217][ T32] RBP: 0000563739717698 R08: 0000000001b98b1a R09: 00007ffe06ddc0b8 [ 244.716028][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.723835][ T32] R13: 0000000000000001 R14: 0000000000000000 R15: 00007ffe06c9cf38 [ 244.731642][ T32] [ 244.734534][ T32] INFO: task syz-executor253:426 blocked for more than 123 seconds. [ 244.742318][ T32] Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 244.749554][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 244.758058][ T32] task:syz-executor253 state:D stack:25440 pid: 426 ppid: 423 flags:0x00004000 [ 244.767091][ T32] Call Trace: [ 244.770176][ T32] [ 244.772953][ T32] __schedule+0xaa6/0x1010 [ 244.777234][ T32] ? release_firmware_map_entry+0x193/0x193 [ 244.782957][ T32] ? __kasan_check_write+0x14/0x20 [ 244.787894][ T32] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 244.792825][ T32] ? _raw_spin_lock_irqsave+0x210/0x210 [ 244.798229][ T32] schedule+0x12b/0x1f0 [ 244.802201][ T32] rwsem_down_read_slowpath+0x6c7/0xe20 [ 244.807597][ T32] ? down_write_killable+0x150/0x150 [ 244.812708][ T32] ? avc_has_perm_noaudit+0x358/0x450 [ 244.817926][ T32] ? __legitimize_mnt+0x7d/0x1d0 [ 244.822686][ T32] ? try_to_unlazy+0x64a/0xa60 [ 244.827304][ T32] down_read+0xad/0x230 [ 244.831277][ T32] ? lookup_fast+0x321/0x7f0 [ 244.835715][ T32] ? __down_common+0x4f0/0x4f0 [ 244.840302][ T32] ? handle_dots+0x1020/0x1020 [ 244.844915][ T32] lookup_slow+0x4c/0x80 [ 244.848983][ T32] walk_component+0x425/0x5a0 [ 244.853513][ T32] ? nd_alloc_stack+0xf0/0xf0 [ 244.858008][ T32] ? fuse_do_getattr+0x13b0/0x13b0 [ 244.862954][ T32] link_path_walk+0x682/0xde0 [ 244.867481][ T32] ? handle_lookup_down+0x130/0x130 [ 244.872502][ T32] path_openat+0x26a/0x2ea0 [ 244.876868][ T32] ? stack_trace_save+0x12d/0x1f0 [ 244.881702][ T32] ? __stack_depot_save+0x34/0x4b0 [ 244.886661][ T32] ? getname_flags+0xba/0x510 [ 244.891253][ T32] ? do_filp_open+0x4f0/0x4f0 [ 244.895775][ T32] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 244.901842][ T32] do_filp_open+0x277/0x4f0 [ 244.906187][ T32] ? vfs_tmpfile+0x290/0x290 [ 244.910606][ T32] do_sys_openat2+0x13b/0x500 [ 244.915134][ T32] ? ptrace_stop+0x6eb/0xa30 [ 244.919544][ T32] ? do_sys_open+0x220/0x220 [ 244.923981][ T32] ? _raw_spin_unlock_irq+0x4e/0x70 [ 244.929004][ T32] ? ptrace_notify+0x248/0x340 [ 244.933701][ T32] __x64_sys_openat+0x243/0x290 [ 244.938375][ T32] ? __ia32_sys_open+0x270/0x270 [ 244.943149][ T32] ? syscall_enter_from_user_mode+0x71/0x1b0 [ 244.948977][ T32] do_syscall_64+0x44/0xd0 [ 244.953220][ T32] ? common_interrupt+0x65/0xd0 [ 244.957902][ T32] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 244.963650][ T32] RIP: 0033:0x7f960bf54b58 [ 244.967884][ T32] RSP: 002b:00007ffcc21ccde0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101 [ 244.976155][ T32] RAX: ffffffffffffffda RBX: 00007ffcc21cce50 RCX: 00007f960bf54b58 [ 244.983955][ T32] RDX: 0000000000090800 RSI: 00007f960bfab004 RDI: 00000000ffffff9c [ 244.991756][ T32] RBP: 00000000000001ab R08: 0000000000090800 R09: 00007f960bfab004 [ 244.999662][ T32] R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffcc21ccfd4 [ 245.007473][ T32] R13: 00007ffcc21ccfd4 R14: 0000000000000000 R15: 0000000000000000 [ 245.015287][ T32] [ 245.018149][ T32] INFO: task syz-executor253:428 blocked for more than 123 seconds. [ 245.026003][ T32] Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 245.033262][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 245.041747][ T32] task:syz-executor253 state:D stack:26176 pid: 428 ppid: 426 flags:0x00004004 [ 245.050794][ T32] Call Trace: [ 245.053909][ T32] [ 245.056674][ T32] __schedule+0xaa6/0x1010 [ 245.060942][ T32] ? __kernel_text_address+0x9a/0x110 [ 245.066178][ T32] ? release_firmware_map_entry+0x193/0x193 [ 245.071876][ T32] ? __kasan_check_write+0x14/0x20 [ 245.076852][ T32] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 245.081763][ T32] ? _raw_spin_lock_irqsave+0x210/0x210 [ 245.087155][ T32] schedule+0x12b/0x1f0 [ 245.091133][ T32] rwsem_down_write_slowpath+0xa05/0x1820 [ 245.096719][ T32] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 245.101912][ T32] ? rwsem_down_read_slowpath+0xe20/0xe20 [ 245.107460][ T32] ? fuse_init_inode+0x320/0x320 [ 245.112221][ T32] ? inode_insert5+0x530/0x530 [ 245.116833][ T32] ? __kasan_check_write+0x14/0x20 [ 245.121770][ T32] ? _raw_spin_lock+0xa3/0x1b0 [ 245.126379][ T32] ? __kasan_check_read+0x11/0x20 [ 245.131227][ T32] ? ilookup5+0x1b1/0x1d0 [ 245.135404][ T32] ? fuse_init_inode+0x320/0x320 [ 245.140167][ T32] down_write+0x133/0x140 [ 245.144359][ T32] ? down_read_killable+0x250/0x250 [ 245.149395][ T32] ? __kasan_check_write+0x14/0x20 [ 245.154329][ T32] ? down_read+0xf9/0x230 [ 245.158478][ T32] fuse_reverse_inval_entry+0x54/0x820 [ 245.163785][ T32] ? __kasan_check_write+0x14/0x20 [ 245.168723][ T32] ? fuse_copy_finish+0x1d0/0x2b0 [ 245.173593][ T32] fuse_dev_do_write+0x3efb/0x4da0 [ 245.178530][ T32] ? send_call_function_single_ipi+0x155/0x180 [ 245.184528][ T32] ? ttwu_queue_wakelist+0x30f/0x500 [ 245.189649][ T32] ? ttwu_do_wakeup+0x430/0x430 [ 245.194360][ T32] ? __kasan_check_read+0x11/0x20 [ 245.199194][ T32] ? put_page+0xa0/0xa0 [ 245.203289][ T32] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 245.208732][ T32] ? __update_load_avg_cfs_rq+0xb0/0x2f0 [ 245.214223][ T32] ? update_load_avg+0x415/0x8e0 [ 245.219040][ T32] ? __kasan_check_write+0x14/0x20 [ 245.223937][ T32] ? __switch_to+0x617/0x1170 [ 245.228434][ T32] ? __kasan_check_read+0x11/0x20 [ 245.233306][ T32] ? compat_start_thread+0x20/0x20 [ 245.238242][ T32] fuse_dev_write+0x158/0x1c0 [ 245.242756][ T32] ? fuse_dev_read+0x210/0x210 [ 245.247369][ T32] ? iov_iter_init+0x53/0x180 [ 245.251870][ T32] vfs_write+0xc8d/0x1050 [ 245.256043][ T32] ? __kasan_check_write+0x14/0x20 [ 245.260980][ T32] ? file_end_write+0x1b0/0x1b0 [ 245.265676][ T32] ? _raw_spin_unlock_irq+0x4e/0x70 [ 245.270705][ T32] ? __fget_files+0x310/0x370 [ 245.275236][ T32] ? __fdget_pos+0x1fe/0x310 [ 245.279640][ T32] ? ksys_write+0x77/0x2c0 [ 245.283903][ T32] ksys_write+0x198/0x2c0 [ 245.288061][ T32] ? do_notify_parent+0xa60/0xa60 [ 245.292921][ T32] ? __ia32_sys_read+0x90/0x90 [ 245.297533][ T32] __x64_sys_write+0x7b/0x90 [ 245.301945][ T32] do_syscall_64+0x44/0xd0 [ 245.306208][ T32] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.311934][ T32] RIP: 0033:0x7f960bf54e89 [ 245.316221][ T32] RSP: 002b:00007f960bf062f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 245.324637][ T32] RAX: ffffffffffffffda RBX: 00007f960bfdd4c0 RCX: 00007f960bf54e89 [ 245.332412][ T32] RDX: 000000000000002c RSI: 00000000200000c0 RDI: 0000000000000003 [ 245.340267][ T32] RBP: 00007f960bfab07c R08: 0000000000000000 R09: 0000000000000000 [ 245.348054][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 245.355859][ T32] R13: 64695f70756f7267 R14: 65646f6d746f6f72 R15: 00007f960bfdd4c8 [ 245.363665][ T32] [ 245.366520][ T32] INFO: task syz-executor253:431 blocked for more than 123 seconds. [ 245.374372][ T32] Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 245.381554][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 245.390066][ T32] task:syz-executor253 state:D stack:25400 pid: 431 ppid: 426 flags:0x00004004 [ 245.399123][ T32] Call Trace: [ 245.402191][ T32] [ 245.404985][ T32] __schedule+0xaa6/0x1010 [ 245.409222][ T32] ? release_firmware_map_entry+0x193/0x193 [ 245.414984][ T32] ? __kasan_check_write+0x14/0x20 [ 245.419900][ T32] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 245.425572][ T32] ? prepare_to_wait_event+0x464/0x560 [ 245.430960][ T32] schedule+0x12b/0x1f0 [ 245.434977][ T32] fuse_simple_request+0x10f5/0x1990 [ 245.440069][ T32] ? fuse_put_request+0x2c0/0x2c0 [ 245.444946][ T32] ? io_schedule+0x120/0x120 [ 245.449529][ T32] ? io_schedule+0x120/0x120 [ 245.453984][ T32] ? io_schedule+0x120/0x120 [ 245.458375][ T32] ? __kasan_kmalloc+0x9/0x10 [ 245.462887][ T32] ? kmem_cache_alloc_trace+0x1e3/0x310 [ 245.468280][ T32] ? fuse_alloc_forget+0x46/0x50 [ 245.473043][ T32] fuse_lookup_name+0x347/0x820 [ 245.477741][ T32] ? fuse_invalid_attr+0x110/0x110 [ 245.482675][ T32] ? __kasan_check_write+0x14/0x20 [ 245.487639][ T32] ? mutex_lock+0xb6/0x130 [ 245.491875][ T32] fuse_lookup+0x179/0x5f0 [ 245.496137][ T32] ? fuse_perm_getattr+0x50/0x50 [ 245.500901][ T32] ? try_to_unlazy+0x64a/0xa60 [ 245.505511][ T32] __lookup_slow+0x2b3/0x400 [ 245.509936][ T32] ? lookup_one_len+0x6a0/0x6a0 [ 245.514638][ T32] ? lookup_fast+0x321/0x7f0 [ 245.519039][ T32] ? handle_dots+0x1020/0x1020 [ 245.523678][ T32] lookup_slow+0x5a/0x80 [ 245.527719][ T32] walk_component+0x425/0x5a0 [ 245.532239][ T32] ? nd_alloc_stack+0xf0/0xf0 [ 245.536768][ T32] ? fuse_do_getattr+0x13b0/0x13b0 [ 245.541691][ T32] link_path_walk+0x682/0xde0 [ 245.546217][ T32] ? handle_lookup_down+0x130/0x130 [ 245.551239][ T32] path_openat+0x26a/0x2ea0 [ 245.555590][ T32] ? stack_trace_save+0x12d/0x1f0 [ 245.560441][ T32] ? __stack_depot_save+0x34/0x4b0 [ 245.565398][ T32] ? getname_flags+0xba/0x510 [ 245.569898][ T32] ? do_filp_open+0x4f0/0x4f0 [ 245.574428][ T32] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.580343][ T32] do_filp_open+0x277/0x4f0 [ 245.584665][ T32] ? vfs_tmpfile+0x290/0x290 [ 245.589082][ T32] do_sys_openat2+0x13b/0x500 [ 245.593601][ T32] ? ptrace_stop+0x6eb/0xa30 [ 245.598020][ T32] ? do_sys_open+0x220/0x220 [ 245.602447][ T32] ? _raw_spin_unlock_irq+0x4e/0x70 [ 245.607579][ T32] ? ptrace_notify+0x248/0x340 [ 245.612166][ T32] __x64_sys_openat+0x243/0x290 [ 245.616863][ T32] ? __ia32_sys_open+0x270/0x270 [ 245.621627][ T32] ? syscall_enter_from_user_mode+0x71/0x1b0 [ 245.627454][ T32] do_syscall_64+0x44/0xd0 [ 245.631705][ T32] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.637447][ T32] RIP: 0033:0x7f960bf54e89 [ 245.641674][ T32] RSP: 002b:00007f960bee52f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 245.650200][ T32] RAX: ffffffffffffffda RBX: 00007f960bfdd4d0 RCX: 00007f960bf54e89 [ 245.658004][ T32] RDX: 0000000000000002 RSI: 0000000020000180 RDI: ffffffffffffff9c [ 245.665824][ T32] RBP: 00007f960bfab07c R08: 0000000000000000 R09: 0000000000000000 [ 245.673625][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 245.681426][ T32] R13: 64695f70756f7267 R14: 65646f6d746f6f72 R15: 00007f960bfdd4d8 [ 245.689249][ T32] [ 245.692113][ T32] INFO: task init:432 blocked for more than 124 seconds. [ 245.699070][ T32] Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 245.706289][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 245.714775][ T32] task:init state:D stack:27432 pid: 432 ppid: 1 flags:0x00004000 [ 245.723795][ T32] Call Trace: [ 245.726906][ T32] [ 245.729791][ T32] __schedule+0xaa6/0x1010 [ 245.734061][ T32] ? release_firmware_map_entry+0x193/0x193 [ 245.739774][ T32] ? __kasan_check_write+0x14/0x20 [ 245.744908][ T32] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 245.749837][ T32] ? _raw_spin_lock_irqsave+0x210/0x210 [ 245.755477][ T32] schedule+0x12b/0x1f0 [ 245.759724][ T32] rwsem_down_read_slowpath+0x6c7/0xe20 [ 245.765264][ T32] ? down_write_killable+0x150/0x150 [ 245.770337][ T32] ? __rcu_read_unlock+0x7c/0xd0 [ 245.775139][ T32] ? try_to_unlazy+0x64a/0xa60 [ 245.779713][ T32] down_read+0xad/0x230 [ 245.783717][ T32] ? lookup_fast+0x321/0x7f0 [ 245.788130][ T32] ? __down_common+0x4f0/0x4f0 [ 245.792728][ T32] ? handle_dots+0x1020/0x1020 [ 245.797343][ T32] lookup_slow+0x4c/0x80 [ 245.801405][ T32] walk_component+0x425/0x5a0 [ 245.805929][ T32] ? nd_alloc_stack+0xf0/0xf0 [ 245.810433][ T32] ? fuse_do_getattr+0x13b0/0x13b0 [ 245.815402][ T32] link_path_walk+0x682/0xde0 [ 245.819893][ T32] ? handle_lookup_down+0x130/0x130 [ 245.824939][ T32] path_openat+0x26a/0x2ea0 [ 245.829266][ T32] ? stack_trace_save+0x12d/0x1f0 [ 245.834147][ T32] ? __stack_depot_save+0x34/0x4b0 [ 245.839164][ T32] ? getname_flags+0xba/0x510 [ 245.843686][ T32] ? do_filp_open+0x4f0/0x4f0 [ 245.848188][ T32] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.854187][ T32] do_filp_open+0x277/0x4f0 [ 245.858430][ T32] ? vfs_tmpfile+0x290/0x290 [ 245.862861][ T32] do_sys_openat2+0x13b/0x500 [ 245.867404][ T32] ? do_sys_open+0x220/0x220 [ 245.871795][ T32] ? __kasan_check_write+0x14/0x20 [ 245.876760][ T32] __x64_sys_openat+0x243/0x290 [ 245.881429][ T32] ? __ia32_sys_open+0x270/0x270 [ 245.886739][ T32] ? debug_smp_processor_id+0x17/0x20 [ 245.891934][ T32] do_syscall_64+0x44/0xd0 [ 245.896288][ T32] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 245.901998][ T32] RIP: 0033:0x7ff7e22eb697 [ 245.906271][ T32] RSP: 002b:00007ffc78fd27d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 245.914508][ T32] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007ff7e22eb697 [ 245.922306][ T32] RDX: 0000000000000802 RSI: 000055e21bab09fd RDI: 00000000ffffff9c [ 245.930134][ T32] RBP: 000055e21bab09fd R08: 00007ffc78fd27e8 R09: 0000000000000000 [ 245.937947][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000802 [ 245.945753][ T32] R13: 0000000000000002 R14: 0000000000000802 R15: 0000000000000000 [ 245.953729][ T32] [ 245.956596][ T32] NMI backtrace for cpu 1 [ 245.960797][ T32] CPU: 1 PID: 32 Comm: khungtaskd Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 245.970215][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 245.980123][ T32] Call Trace: [ 245.983235][ T32] [ 245.986014][ T32] dump_stack_lvl+0x151/0x1b7 [ 245.990524][ T32] ? bfq_pos_tree_add_move+0x43e/0x43e [ 245.995820][ T32] dump_stack+0x15/0x17 [ 245.999811][ T32] nmi_cpu_backtrace+0x2fb/0x310 [ 246.004587][ T32] ? __wake_up_klogd+0xd9/0x110 [ 246.009273][ T32] ? nmi_trigger_cpumask_backtrace+0x240/0x240 [ 246.015261][ T32] ? memcpy+0x56/0x70 [ 246.019082][ T32] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 246.024981][ T32] nmi_trigger_cpumask_backtrace+0x134/0x240 [ 246.030795][ T32] arch_trigger_cpumask_backtrace+0x10/0x20 [ 246.036525][ T32] check_hung_uninterruptible_tasks+0x7f2/0x890 [ 246.042601][ T32] ? hung_task_panic+0x20/0x20 [ 246.047201][ T32] watchdog+0x13e/0x170 [ 246.051195][ T32] kthread+0x41c/0x500 [ 246.055096][ T32] ? hungtask_pm_notify+0x50/0x50 [ 246.059958][ T32] ? kthread_blkcg+0xd0/0xd0 [ 246.064383][ T32] ret_from_fork+0x1f/0x30 [ 246.068639][ T32] [ 246.071557][ T32] Sending NMI from CPU 1 to CPUs 0: [ 246.076609][ C0] NMI backtrace for cpu 0 skipped: idling at acpi_idle_enter+0x411/0x6d0