[ 33.666422][ T3175] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
syzkaller login: [ 41.733976][ T26] kauditd_printk_skb: 37 callbacks suppressed
[ 41.734001][ T26] audit: type=1400 audit(1643863827.144:73): avc: denied { transition } for pid=3380 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 41.762543][ T26] audit: type=1400 audit(1643863827.154:74): avc: denied { write } for pid=3380 comm="sh" path="pipe:[27089]" dev="pipefs" ino=27089 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
[ 81.352196][ T1154] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.154' (ECDSA) to the list of known hosts.
2022/02/03 05:09:51 parsed 1 programs
[ 1205.782574][ T26] audit: type=1400 audit(1643864991.194:75): avc: denied { getattr } for pid=3654 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1205.806259][ T26] audit: type=1400 audit(1643864991.194:76): avc: denied { read } for pid=3654 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1205.828255][ T26] audit: type=1400 audit(1643864991.194:77): avc: denied { open } for pid=3654 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1205.852062][ T26] audit: type=1400 audit(1643864991.214:78): avc: denied { read } for pid=3654 comm="syz-execprog" name="raw-gadget" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1205.861240][ T3661] cgroup: Unknown subsys name 'net'
[ 1205.875592][ T26] audit: type=1400 audit(1643864991.224:79): avc: denied { open } for pid=3654 comm="syz-execprog" path="/dev/raw-gadget" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1205.904490][ T26] audit: type=1400 audit(1643864991.224:80): avc: denied { read } for pid=3654 comm="syz-execprog" name="vhci" dev="devtmpfs" ino=1072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1205.928002][ T26] audit: type=1400 audit(1643864991.224:81): avc: denied { open } for pid=3654 comm="syz-execprog" path="/dev/vhci" dev="devtmpfs" ino=1072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1205.951883][ T26] audit: type=1400 audit(1643864991.264:82): avc: denied { mounton } for pid=3661 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 1205.975013][ T26] audit: type=1400 audit(1643864991.264:83): avc: denied { mount } for pid=3661 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1205.997623][ T26] audit: type=1400 audit(1643864991.344:84): avc: denied { unmount } for pid=3661 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1206.146064][ T3661] cgroup: Unknown subsys name 'rlimit'
2022/02/03 05:09:51 executed programs: 0
[ 1207.360120][ T3668] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1207.368042][ T3670] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1207.375591][ T3670] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1207.383741][ T3670] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1207.391592][ T3670] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1207.398993][ T3670] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1207.492016][ T3667] chnl_net:caif_netlink_parms(): no params data found
[ 1207.536441][ T3667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.544738][ T3667] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1207.552926][ T3667] device bridge_slave_0 entered promiscuous mode
[ 1207.562819][ T3667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1207.570330][ T3667] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1207.578135][ T3667] device bridge_slave_1 entered promiscuous mode
[ 1207.601811][ T3667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1207.612741][ T3667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1207.637499][ T3667] team0: Port device team_slave_0 added
[ 1207.644899][ T3667] team0: Port device team_slave_1 added
[ 1207.663139][ T3667] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1207.670138][ T3667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1207.696079][ T3667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1207.709866][ T3667] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1207.716825][ T3667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1207.742844][ T3667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1207.770406][ T3667] device hsr_slave_0 entered promiscuous mode
[ 1207.777711][ T3667] device hsr_slave_1 entered promiscuous mode
[ 1207.869410][ T3667] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1207.879968][ T3667] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1207.888789][ T3667] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1207.897927][ T3667] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1207.919686][ T3667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1207.926943][ T3667] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1207.934822][ T3667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.941913][ T3667] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1207.991413][ T3667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1208.003097][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1208.014023][ T25] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1208.022822][ T25] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1208.031582][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1208.044795][ T3667] 8021q: adding VLAN 0 to HW filter on device team0
[ 1208.071210][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1208.079698][ T25] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1208.086746][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1208.094757][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1208.103198][ T25] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1208.110311][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1208.118612][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1208.127329][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1208.136539][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1208.149265][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1208.163623][ T3679] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1208.174944][ T3667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1208.192070][ T3679] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1208.199755][ T3679] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1208.212438][ T3667] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1208.332480][ T3679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1208.352226][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1208.360770][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1208.368428][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1208.378744][ T3667] device veth0_vlan entered promiscuous mode
[ 1208.389991][ T3667] device veth1_vlan entered promiscuous mode
[ 1208.410426][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1208.418504][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1208.427406][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1208.438232][ T3667] device veth0_macvtap entered promiscuous mode
[ 1208.448952][ T3667] device veth1_macvtap entered promiscuous mode
[ 1208.465120][ T3667] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1208.473549][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1208.483357][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1208.495808][ T3667] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1208.504471][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1208.513012][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1208.524363][ T3667] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.533686][ T3667] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.542719][ T3667] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.559458][ T3667] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1208.626415][ T3676] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1208.642521][ T3676] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1208.654865][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1208.664530][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1208.673244][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1208.682837][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1208.833300][ T3689] nbd0: detected capacity change from 0 to 7846
[ 1209.430133][ T1154] Bluetooth: hci0: command 0x0409 tx timeout
[ 1211.509519][ T25] Bluetooth: hci0: command 0x041b tx timeout
[ 1211.520142][ T26] kauditd_printk_skb: 20 callbacks suppressed
[ 1211.520157][ T26] audit: type=1400 audit(1643864996.934:105): avc: denied { read } for pid=2946 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1211.736531][ T3688] block nbd0: shutting down sockets
[ 1213.589083][ T25] Bluetooth: hci0: command 0x040f tx timeout
[ 1215.669098][ T3662] Bluetooth: hci0: command 0x0419 tx timeout
[ 1238.482111][ T1227] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.488671][ T1227] ieee802154 phy1 wpan1: encryption failed: -22
[ 1268.977941][ T2964] udevd[2964]: worker [3663] /devices/virtual/block/nbd0 is taking a long time
[ 1299.920533][ T1227] ieee802154 phy0 wpan0: encryption failed: -22
[ 1299.926854][ T1227] ieee802154 phy1 wpan1: encryption failed: -22
[ 1332.709093][ T3662] Bluetooth: hci0: command 0x0406 tx timeout
[ 1361.350711][ T1227] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.357287][ T1227] ieee802154 phy1 wpan1: encryption failed: -22
[ 1369.669143][ T27] INFO: task udevd:3663 blocked for more than 143 seconds.
[ 1369.676512][ T27] Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
[ 1369.684593][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1369.693319][ T27] task:udevd state:D stack:26280 pid: 3663 ppid: 2964 flags:0x00004000
[ 1369.702867][ T27] Call Trace:
[ 1369.706165][ T27]
[ 1369.709461][ T27] __schedule+0xab2/0x4db0
[ 1369.713990][ T27] ? find_held_lock+0x2d/0x110
[ 1369.718752][ T27] ? io_schedule_timeout+0x180/0x180
[ 1369.724377][ T27] ? mark_held_locks+0x9f/0xe0
[ 1369.729394][ T27] schedule+0xd2/0x260
[ 1369.733507][ T27] io_schedule+0xee/0x170
[ 1369.737823][ T27] folio_wait_bit_common+0x4f2/0xa90
[ 1369.743483][ T27] ? replace_page_cache_page+0xdd0/0xdd0
[ 1369.749434][ T27] ? end_buffer_async_read_io+0x300/0x300
[ 1369.755223][ T27] ? filemap_write_and_wait_range+0x1a0/0x1a0
[ 1369.761734][ T27] ? alloc_pages+0x1b2/0x310
[ 1369.766388][ T27] do_read_cache_folio+0x506/0x760
[ 1369.771797][ T27] read_cache_page+0x59/0x1c0
[ 1369.776471][ T27] read_part_sector+0xf6/0x5b0
[ 1369.781535][ T27] ? adfspart_check_ADFS+0x800/0x800
[ 1369.786813][ T27] adfspart_check_ICS+0x9d/0xc90
[ 1369.791874][ T27] ? pointer+0xa00/0xa00
[ 1369.796175][ T27] ? rcu_read_lock_sched_held+0x3a/0x70
[ 1369.801917][ T27] ? __alloc_pages+0x3b6/0x500
[ 1369.806699][ T27] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 1369.813505][ T27] ? adfspart_check_ADFS+0x800/0x800
[ 1369.818797][ T27] ? snprintf+0xbb/0xf0
[ 1369.823007][ T27] ? vsprintf+0x30/0x30
[ 1369.827168][ T27] ? alloc_pages+0x1b2/0x310
[ 1369.831800][ T27] ? adfspart_check_ADFS+0x800/0x800
[ 1369.837097][ T27] bdev_disk_changed+0x629/0xf60
[ 1369.842158][ T27] ? iput.part.0+0x73/0x820
[ 1369.846865][ T27] blkdev_get_whole+0x206/0x2d0
[ 1369.851833][ T27] blkdev_get_by_dev.part.0+0x5c6/0xc70
[ 1369.857389][ T27] ? devcgroup_check_permission+0x1bb/0x410
[ 1369.863554][ T27] blkdev_get_by_dev+0x6b/0x80
[ 1369.868334][ T27] blkdev_open+0x154/0x2e0
[ 1369.873145][ T27] do_dentry_open+0x4b9/0x1240
[ 1369.878026][ T27] ? blkdev_close+0x80/0x80
[ 1369.884334][ T27] path_openat+0x1c9e/0x2940
[ 1369.889013][ T27] ? path_lookupat+0x860/0x860
[ 1369.893791][ T27] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1369.900203][ T27] do_filp_open+0x1aa/0x400
[ 1369.904731][ T27] ? may_open_dev+0xf0/0xf0
[ 1369.909850][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 1369.914788][ T27] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1369.921370][ T27] ? _find_next_bit+0x1e3/0x260
[ 1369.926286][ T27] ? _raw_spin_unlock+0x24/0x40
[ 1369.931395][ T27] ? alloc_fd+0x2f0/0x670
[ 1369.935715][ T27] do_sys_openat2+0x16d/0x4d0
[ 1369.940619][ T27] ? build_open_flags+0x6f0/0x6f0
[ 1369.945639][ T27] ? __context_tracking_exit+0xb8/0xe0
[ 1369.951360][ T27] ? lock_downgrade+0x6e0/0x6e0
[ 1369.956207][ T27] __x64_sys_openat+0x13f/0x1f0
[ 1369.961508][ T27] ? __ia32_sys_open+0x1c0/0x1c0
[ 1369.966480][ T27] ? syscall_enter_from_user_mode+0x21/0x70
[ 1369.972692][ T27] do_syscall_64+0x35/0xb0
[ 1369.977219][ T27] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1369.983921][ T27] RIP: 0033:0x7f27d7675697
[ 1369.988370][ T27] RSP: 002b:00007ffc91e0e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1369.997139][ T27] RAX: ffffffffffffffda RBX: 00007f27d8f5d4a0 RCX: 00007f27d7675697
[ 1370.005365][ T27] RDX: 00000000000a0800 RSI: 00007f27d8f3f370 RDI: 00000000ffffff9c
[ 1370.013573][ T27] RBP: 00007f27d8f3f370 R08: 0000000000000001 R09: 00007ffc91fcb080
[ 1370.022023][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[ 1370.030335][ T27] R13: 00007f27d8f30940 R14: 0000000000000001 R15: 00007f27d8f222c0
[ 1370.038328][ T27]
[ 1370.041709][ T27] INFO: task syz-executor.0:3687 blocked for more than 143 seconds.
[ 1370.049899][ T27] Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
[ 1370.057511][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1370.066618][ T27] task:syz-executor.0 state:D stack:28288 pid: 3687 ppid: 3667 flags:0x00000004
[ 1370.076138][ T27] Call Trace:
[ 1370.079686][ T27]
[ 1370.082623][ T27] __schedule+0xab2/0x4db0
[ 1370.087045][ T27] ? io_schedule_timeout+0x180/0x180
[ 1370.093149][ T27] schedule+0xd2/0x260
[ 1370.097216][ T27] schedule_preempt_disabled+0xf/0x20
[ 1370.102842][ T27] __mutex_lock+0xa32/0x12f0
[ 1370.107425][ T27] ? blkdev_put+0x99/0x950
[ 1370.112075][ T27] ? mutex_lock_io_nested+0x1150/0x1150
[ 1370.117614][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 1370.122806][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1370.129309][ T27] ? _raw_spin_unlock+0x24/0x40
[ 1370.134178][ T27] ? locks_remove_file+0x2f7/0x570
[ 1370.139491][ T27] blkdev_put+0x99/0x950
[ 1370.143761][ T27] blkdev_close+0x6a/0x80
[ 1370.148112][ T27] __fput+0x286/0x9f0
[ 1370.152320][ T27] ? blkdev_fsync+0xa0/0xa0
[ 1370.156833][ T27] task_work_run+0xdd/0x1a0
[ 1370.161457][ T27] exit_to_user_mode_prepare+0x27e/0x290
[ 1370.167246][ T27] syscall_exit_to_user_mode+0x19/0x60
[ 1370.172841][ T27] do_syscall_64+0x42/0xb0
[ 1370.177273][ T27] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1370.183292][ T27] RIP: 0033:0x7efd9b888c9b
[ 1370.187713][ T27] RSP: 002b:00007ffd940a8da0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1370.196241][ T27] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007efd9b888c9b
[ 1370.204241][ T27] RDX: 0000001b30d20000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1370.212365][ T27] RBP: 00007efd9b9ea960 R08: 0000000000000000 R09: 00007ffd941ec080
[ 1370.220417][ T27] R10: 00007ffd941ec090 R11: 0000000000000293 R12: 00000000001274c9
[ 1370.228464][ T27] R13: 00007ffd940a8ea0 R14: 00007efd9b9e9030 R15: 0000000000000032
[ 1370.236570][ T27]
[ 1370.239719][ T27]
[ 1370.239719][ T27] Showing all locks held in the system:
[ 1370.247430][ T27] 1 lock held by khungtaskd/27:
[ 1370.252466][ T27] #0: ffffffff8bb81120 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 1370.262500][ T27] 5 locks held by kworker/u4:2/44:
[ 1370.267854][ T27] 2 locks held by getty/3273:
[ 1370.272860][ T27] #0: ffff88807f6b9098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[ 1370.282850][ T27] #1: ffffc90002b5b2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xcf0/0x1230
[ 1370.293057][ T27] 1 lock held by udevd/3663:
[ 1370.297648][ T27] #0: ffff88801b222118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x9b/0xc70
[ 1370.308317][ T27] 1 lock held by syz-executor.0/3687:
[ 1370.313755][ T27] #0: ffff88801b222118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x99/0x950
[ 1370.323521][ T27]
[ 1370.325849][ T27] =============================================
[ 1370.325849][ T27]
[ 1370.334429][ T27] NMI backtrace for cpu 1
[ 1370.338878][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
[ 1370.348768][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1370.358811][ T27] Call Trace:
[ 1370.362081][ T27]
[ 1370.365013][ T27] dump_stack_lvl+0xcd/0x134
[ 1370.369679][ T27] nmi_cpu_backtrace.cold+0x47/0x144
[ 1370.374954][ T27] ? lapic_can_unplug_cpu+0x80/0x80
[ 1370.380203][ T27] nmi_trigger_cpumask_backtrace+0x1b3/0x230
[ 1370.386223][ T27] watchdog+0xc1d/0xf50
[ 1370.390372][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80
[ 1370.396353][ T27] kthread+0x2e9/0x3a0
[ 1370.400421][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 1370.406062][ T27] ret_from_fork+0x1f/0x30
[ 1370.410514][ T27]
[ 1370.413999][ T27] Sending NMI from CPU 1 to CPUs 0:
[ 1370.419254][ C0] NMI backtrace for cpu 0
[ 1370.419265][ C0] CPU: 0 PID: 1154 Comm: kworker/0:3 Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
[ 1370.419287][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1370.419299][ C0] Workqueue: events nsim_dev_trap_report_work
[ 1370.419444][ C0] RIP: 0010:get_page_from_freelist+0xa8d/0x2f50
[ 1370.419470][ C0] Code: 00 00 48 8b 7c 24 28 44 89 fe e8 6e 8d ff ff 8b 5c 24 14 83 e3 04 45 85 ff 0f 84 bd 18 00 00 f7 84 24 84 00 00 00 00 00 04 00 <0f> 85 76 19 00 00 85 db 0f 85 22 1a 00 00 48 8b 44 24 28 48 8d 78
[ 1370.419490][ C0] RSP: 0018:ffffc900047c7838 EFLAGS: 00000006
[ 1370.419504][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1370.419516][ C0] RDX: ffff88801d5c00c0 RSI: ffffffff81b4ee92 RDI: 0000000000000003
[ 1370.419530][ C0] RBP: 000000000003d5f8 R08: 0000000000000002 R09: 0000000000000001
[ 1370.419542][ C0] R10: ffffffff81c58582 R11: 000000000000001f R12: 0000000000000000
[ 1370.419555][ C0] R13: dffffc0000000000 R14: ffff88813fffa700 R15: 0000000000000001
[ 1370.419568][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 1370.419588][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1370.419602][ C0] CR2: 00007f46530a1600 CR3: 000000000b88e000 CR4: 00000000003506f0
[ 1370.419615][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1370.419626][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1370.419639][ C0] Call Trace:
[ 1370.419643][ C0]
[ 1370.419651][ C0] ? __stack_depot_save+0x35/0x500
[ 1370.419677][ C0] ? __zone_watermark_ok+0x450/0x450
[ 1370.419697][ C0] ? prepare_alloc_pages+0x415/0x570
[ 1370.419717][ C0] ? __alloc_skb+0x215/0x340
[ 1370.419799][ C0] ? nsim_dev_trap_report_work+0x29a/0xbc0
[ 1370.419823][ C0] ? process_one_work+0x9ac/0x1650
[ 1370.419844][ C0] __alloc_pages+0x1b2/0x500
[ 1370.419863][ C0] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 1370.419886][ C0] ? __lock_acquire+0x1655/0x5470
[ 1370.419910][ C0] ? exc_int3+0xb/0x80
[ 1370.419930][ C0] cache_grow_begin+0x75/0x350
[ 1370.419977][ C0] ? cache_alloc_pfmemalloc+0x1e/0x140
[ 1370.420000][ C0] cache_alloc_refill+0x27f/0x380
[ 1370.420022][ C0] kmem_cache_alloc_node_trace+0x49c/0x5b0
[ 1370.420045][ C0] ? rcu_read_lock_sched_held+0x3a/0x70
[ 1370.420069][ C0] __kmalloc_node_track_caller+0x38/0x60
[ 1370.420092][ C0] __alloc_skb+0xde/0x340
[ 1370.420113][ C0] nsim_dev_trap_report_work+0x29a/0xbc0
[ 1370.420139][ C0] process_one_work+0x9ac/0x1650
[ 1370.420158][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 1370.420179][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 1370.420202][ C0] ? _raw_spin_lock_irq+0x41/0x50
[ 1370.420228][ C0] worker_thread+0x657/0x1110
[ 1370.420248][ C0] ? process_one_work+0x1650/0x1650
[ 1370.420267][ C0] kthread+0x2e9/0x3a0
[ 1370.420290][ C0] ? kthread_complete_and_exit+0x40/0x40
[ 1370.420315][ C0] ret_from_fork+0x1f/0x30
[ 1370.420338][ C0]
[ 1370.421248][ T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 1370.716518][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.17.0-rc2-syzkaller-00054-g27bb0b18c208 #0
[ 1370.726404][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1370.736453][ T27] Call Trace:
[ 1370.739726][ T27]
[ 1370.742648][ T27] dump_stack_lvl+0xcd/0x134
[ 1370.747240][ T27] panic+0x2b0/0x6dd
[ 1370.751189][ T27] ? __warn_printk+0xf3/0xf3
[ 1370.755778][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 1370.762021][ T27] ? irq_work_claim+0x76/0x90
[ 1370.766766][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 1370.773049][ T27] ? irq_work_queue+0x29/0x80
[ 1370.777722][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1370.783967][ T27] ? watchdog.cold+0x130/0x158
[ 1370.788750][ T27] watchdog.cold+0x141/0x158
[ 1370.793339][ T27] ? proc_dohung_task_timeout_secs+0x80/0x80
[ 1370.799320][ T27] kthread+0x2e9/0x3a0
[ 1370.803386][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 1370.809018][ T27] ret_from_fork+0x1f/0x30
[ 1370.813434][ T27]
[ 1370.816766][ T27] Kernel Offset: disabled
[ 1370.821096][ T27] Rebooting in 86400 seconds..