./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2092985515

<...>
Warning: Permanently added '10.128.0.141' (ED25519) to the list of known hosts.
execve("./syz-executor2092985515", ["./syz-executor2092985515"], 0x7ffc7c7d43d0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556dc8000
brk(0x555556dc8d00)                     = 0x555556dc8d00
arch_prctl(ARCH_SET_FS, 0x555556dc8380) = 0
set_tid_address(0x555556dc8650)         = 5066
set_robust_list(0x555556dc8660, 24)     = 0
rseq(0x555556dc8ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2092985515", 4096) = 28
getrandom("\x48\x03\xc7\x20\x10\x9d\xc3\xfc", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556dc8d00
brk(0x555556de9d00)                     = 0x555556de9d00
brk(0x555556dea000)                     = 0x555556dea000
mprotect(0x7fc83bbee000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5067 attached
, child_tidptr=0x555556dc8650) = 5067
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5067] set_robust_list(0x555556dc8660, 24) = 0
[pid  5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached
 <unfinished ...>
[pid  5066] <... clone resumed>, child_tidptr=0x555556dc8650) = 5068
[pid  5068] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5068] <... set_robust_list resumed>) = 0
[pid  5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5070 attached
./strace-static-x86_64: Process 5069 attached
 <unfinished ...>
[pid  5066] <... clone resumed>, child_tidptr=0x555556dc8650) = 5070
[  104.159774][   T27] audit: type=1400 audit(1701070372.822:83): avc:  denied  { execmem } for  pid=5066 comm="syz-executor209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached
./strace-static-x86_64: Process 5071 attached
 <unfinished ...>
[pid  5070] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5069] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5067] <... clone resumed>, child_tidptr=0x555556dc8650) = 5069
[pid  5069] <... set_robust_list resumed>) = 0
[pid  5066] <... clone resumed>, child_tidptr=0x555556dc8650) = 5071
[pid  5072] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5071] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5070] <... set_robust_list resumed>) = 0
[pid  5069] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5068] <... clone resumed>, child_tidptr=0x555556dc8650) = 5072
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5072] <... set_robust_list resumed>) = 0
[pid  5071] <... set_robust_list resumed>) = 0
[pid  5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5069] <... prctl resumed>)        = 0
[pid  5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5069] setpgid(0, 0)               = 0
[pid  5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5072] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5069] <... openat resumed>)       = 3
./strace-static-x86_64: Process 5075 attached
./strace-static-x86_64: Process 5074 attached
./strace-static-x86_64: Process 5073 attached
[pid  5072] <... prctl resumed>)        = 0
[pid  5066] <... clone resumed>, child_tidptr=0x555556dc8650) = 5073
[pid  5075] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5074] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5073] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5072] setpgid(0, 0 <unfinished ...>
[pid  5071] <... clone resumed>, child_tidptr=0x555556dc8650) = 5075
[pid  5070] <... clone resumed>, child_tidptr=0x555556dc8650) = 5074
[pid  5069] write(3, "1000", 4 <unfinished ...>
[pid  5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5075] <... set_robust_list resumed>) = 0
[pid  5074] <... set_robust_list resumed>) = 0
[pid  5073] <... set_robust_list resumed>) = 0
[pid  5072] <... setpgid resumed>)      = 0
[pid  5069] <... write resumed>)        = 4
[pid  5075] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5074] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5069] close(3./strace-static-x86_64: Process 5076 attached
 <unfinished ...>
[pid  5075] <... prctl resumed>)        = 0
[pid  5074] <... prctl resumed>)        = 0
[pid  5072] <... openat resumed>)       = 3
[pid  5069] <... close resumed>)        = 0
[pid  5066] <... clone resumed>, child_tidptr=0x555556dc8650) = 5076
[pid  5076] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5075] setpgid(0, 0 <unfinished ...>
[pid  5074] setpgid(0, 0 <unfinished ...>
[pid  5075] <... setpgid resumed>)      = 0
[pid  5074] <... setpgid resumed>)      = 0
[pid  5072] write(3, "1000", 4 <unfinished ...>
[pid  5069] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR./strace-static-x86_64: Process 5077 attached
 <unfinished ...>
[pid  5076] <... set_robust_list resumed>) = 0
[pid  5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5072] <... write resumed>)        = 4
[pid  5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5072] close(3 <unfinished ...>
[pid  5077] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5073] <... clone resumed>, child_tidptr=0x555556dc8650) = 5077
[pid  5077] <... set_robust_list resumed>) = 0
[pid  5075] <... openat resumed>)       = 3
[pid  5074] <... openat resumed>)       = 3
[pid  5072] <... close resumed>)        = 0
[pid  5069] <... openat resumed>)       = 3
[pid  5077] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5075] write(3, "1000", 4 <unfinished ...>
[pid  5074] write(3, "1000", 4 <unfinished ...>
[pid  5072] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR./strace-static-x86_64: Process 5078 attached
) = 3
[pid  5078] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5077] <... prctl resumed>)        = 0
[pid  5076] <... clone resumed>, child_tidptr=0x555556dc8650) = 5078
[pid  5075] <... write resumed>)        = 4
[pid  5074] <... write resumed>)        = 4
[pid  5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5078] <... set_robust_list resumed>) = 0
[pid  5077] setpgid(0, 0 <unfinished ...>
[pid  5075] close(3 <unfinished ...>
[pid  5074] close(3 <unfinished ...>
[pid  5078] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid  5077] <... setpgid resumed>)      = 0
[pid  5075] <... close resumed>)        = 0
[pid  5074] <... close resumed>)        = 0
[pid  5072] <... write resumed>)        = 120
[pid  5069] <... write resumed>)        = 120
[pid  5078] <... prctl resumed>)        = 0
[pid  5078] setpgid(0, 0 <unfinished ...>
[pid  5072] ioctl(3, TIOCSETD, [21] <unfinished ...>
[pid  5078] <... setpgid resumed>)      = 0
[pid  5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5075] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR <unfinished ...>
[pid  5074] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR <unfinished ...>
[pid  5069] ioctl(3, TIOCSETD, [21] <unfinished ...>
[pid  5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid  5075] <... openat resumed>)       = 3
[pid  5074] <... openat resumed>)       = 3
[pid  5072] <... ioctl resumed>)        = 0
[pid  5077] <... openat resumed>)       = 3
[pid  5069] <... ioctl resumed>)        = 0
[pid  5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5069] exit_group(0 <unfinished ...>
[pid  5078] <... openat resumed>)       = 3
[pid  5077] write(3, "1000", 4 <unfinished ...>
[pid  5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5072] exit_group(0 <unfinished ...>
[pid  5078] write(3, "1000", 4 <unfinished ...>
[pid  5077] <... write resumed>)        = 4
[pid  5072] <... exit_group resumed>)   = ?
[pid  5078] <... write resumed>)        = 4
[pid  5077] close(3 <unfinished ...>
[pid  5072] +++ exited with 0 +++
[pid  5077] <... close resumed>)        = 0
[pid  5078] close(3 <unfinished ...>
[pid  5077] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR <unfinished ...>
[pid  5078] <... close resumed>)        = 0
[pid  5078] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR <unfinished ...>
[pid  5077] <... openat resumed>)       = 3
[pid  5078] <... openat resumed>)       = 3
[pid  5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5069] <... exit_group resumed>)   = ?
[pid  5069] +++ exited with 0 +++
[pid  5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached
, child_tidptr=0x555556dc8650) = 5079
[pid  5079] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid  5079] <... set_robust_list resumed>) = 0
[pid  5068] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  104.286499][ T5074] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634
[  104.296192][ T5074] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5074, name: syz-executor209
[  104.305702][ T5074] preempt_count: 1, expected: 0
[  104.310599][ T5074] RCU nest depth: 0, expected: 0
[  104.315652][ T5074] 3 locks held by syz-executor209/5074:
[  104.321317][ T5074]  #0: ffff8880205c30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[pid  5079] setpgid(0, 0)               = 0
[pid  5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid  5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5079] write(3, "1000", 4)         = 4
[pid  5079] close(3)                    = 0
[pid  5079] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR <unfinished ...>
[pid  5068] <... clone resumed>, child_tidptr=0x555556dc8650) = 5080
./strace-static-x86_64: Process 5080 attached
[pid  5079] <... openat resumed>)       = 3
[pid  5080] set_robust_list(0x555556dc8660, 24 <unfinished ...>
[pid  5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5080] <... set_robust_list resumed>) = 0
[pid  5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5080] setpgid(0, 0)               = 0
[pid  5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5080] write(3, "1000", 4)         = 4
[pid  5080] close(3)                    = 0
[pid  5080] openat(AT_FDCWD, "/dev/char/4:1", O_RDWR) = 3
[  104.331139][ T5074]  #1: ffff8880205c3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0
[  104.342511][ T5074]  #2: ffff88801fd2a3e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150
[  104.351671][ T5074] irq event stamp: 774
[  104.355789][ T5074] hardirqs last  enabled at (773): [<ffffffff8a825c03>] _raw_spin_unlock_irq+0x23/0x50
[  104.365472][ T5074] hardirqs last disabled at (774): [<ffffffff8a825a2e>] _raw_spin_lock_irqsave+0x4e/0x50
[  104.375351][ T5074] softirqs last  enabled at (708): [<ffffffff8a828897>] __do_softirq+0x597/0x8de
[  104.384517][ T5074] softirqs last disabled at (699): [<ffffffff814e8977>] irq_exit_rcu+0xb7/0x120
[  104.393582][ T5074] Preemption disabled at:
[  104.393606][ T5074] [<0000000000000000>] 0x0
[  104.402364][ T5074] CPU: 1 PID: 5074 Comm: syz-executor209 Not tainted 6.7.0-rc2-syzkaller-00265-gd2da77f431ac #0
[  104.412805][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  104.422882][ T5074] Call Trace:
[  104.426194][ T5074]  <TASK>
[  104.429160][ T5074]  dump_stack_lvl+0xd9/0x1b0
[  104.433820][ T5074]  __might_resched+0x3c3/0x5e0
[  104.438617][ T5074]  ? preempt_count_sub+0x160/0x160
[  104.443770][ T5074]  ? add_lock_to_list+0x17d/0x380
[  104.448872][ T5074]  console_lock+0x34/0x150
[  104.453338][ T5074]  do_con_write+0x145/0x7f40
[  104.457961][ T5074]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  104.463980][ T5074]  ? preempt_count_sub+0x160/0x160
[  104.469125][ T5074]  ? reset_palette+0x2a0/0x2a0
[  104.473932][ T5074]  ? lock_acquire+0x1ae/0x520
[  104.478640][ T5074]  ? lock_sync+0x190/0x190
[  104.483097][ T5074]  ? do_raw_spin_lock+0x12e/0x2b0
[  104.488192][ T5074]  ? spin_bug+0x1d0/0x1d0
[  104.492602][ T5074]  con_write+0x23/0xb0
[  104.496735][ T5074]  gsmld_write+0xd0/0x150
[  104.501110][ T5074]  ? gsm_dlci_copy_config_values+0x300/0x300
[  104.507131][ T5074]  file_tty_write.constprop.0+0x519/0x9b0
[  104.512902][ T5074]  vfs_write+0x64f/0xdf0
[  104.517205][ T5074]  ? kernel_write+0x6c0/0x6c0
[  104.521950][ T5074]  ? __fget_light+0x1fc/0x260
[  104.526654][ T5074]  ksys_write+0x12f/0x250
[  104.531013][ T5074]  ? __ia32_sys_read+0xb0/0xb0
[  104.535805][ T5074]  ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[  104.542086][ T5074]  do_syscall_64+0x40/0x110
[  104.546674][ T5074]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  104.552602][ T5074] RIP: 0033:0x7fc83bb7ada9
[  104.557045][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  104.576714][ T5074] RSP: 002b:00007fffd23cd388 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.585166][ T5074] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc83bb7ada9
[  104.593165][ T5074] RDX: 0000000000000078 RSI: 0000000020000100 RDI: 0000000000000003
[  104.601183][ T5074] RBP: 00000000000f4240 R08: 00007fffd23cd097 R09: 00000000000000a0
[  104.609199][ T5074] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001
[  104.617188][ T5074] R13: 00007fffd23cd5a8 R14: 00007fffd23cd3b0 R15: 00007fffd23cd3a0
[  104.625181][ T5074]  </TASK>
[pid  5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 120 <unfinished ...>
[pid  5077] <... write resumed>)        = 120
[pid  5075] <... write resumed>)        = 120
[pid  5074] <... write resumed>)        = 120
[pid  5077] ioctl(3, TIOCSETD, [21] <unfinished ...>
[  104.632202][   T27] audit: type=1400 audit(1701070373.292:84): avc:  denied  { append } for  pid=4495 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  104.642296][ T5078] BUG: scheduling while atomic: syz-executor209/5078/0x00000002
[  104.657955][   T27] audit: type=1400 audit(1701070373.292:85): avc:  denied  { open } for  pid=4495 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  104.662221][ T5078] 3 locks held by syz-executor209/5078:
[  104.689195][   T27] audit: type=1400 audit(1701070373.292:86): avc:  denied  { getattr } for  pid=4495 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  104.690088][ T5078]  #0: ffff8880205c30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  104.712876][ T5078]  #1: ffff8880205c3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x2d1/0x9b0
[  104.712964][ T5078]  #2: ffff88801fd2a3e0 (&gsm->tx_lock){+.+.}-{2:2}, at: gsmld_write+0x62/0x150
[  104.713046][ T5078] Modules linked in:
[  104.713061][ T5078] Preemption disabled at:
[  104.713070][ T5078] [<0000000000000000>] 0x0
[  104.713096][ T5078] Kernel panic - not syncing: scheduling while atomic: panic_on_warn set ...
[  104.713113][ T5078] CPU: 1 PID: 5078 Comm: syz-executor209 Tainted: G        W          6.7.0-rc2-syzkaller-00265-gd2da77f431ac #0
[  104.713148][ T5078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  104.713165][ T5078] Call Trace:
[  104.713175][ T5078]  <TASK>
[  104.713185][ T5078]  dump_stack_lvl+0xd9/0x1b0
[  104.713220][ T5078]  panic+0x6dc/0x790
[  104.713258][ T5078]  ? panic_smp_self_stop+0xa0/0xa0
[  104.713297][ T5078]  ? kmsg_dump_get_line+0x350/0x350
[  104.713345][ T5078]  ? __module_text_address+0x140/0x140
[  104.713391][ T5078]  ? check_panic_on_warn+0x1f/0xb0
[  104.713431][ T5078]  check_panic_on_warn+0xab/0xb0
[  104.713478][ T5078]  __schedule_bug+0x10d/0x160
[  104.713509][ T5078]  __schedule+0x38d5/0x5af0
[  104.713552][ T5078]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  104.713601][ T5078]  ? print_usage_bug.part.0+0x550/0x550
[  104.713651][ T5078]  ? lock_acquire+0x1ae/0x520
[  104.713695][ T5078]  ? find_held_lock+0x2d/0x110
[  104.713734][ T5078]  ? io_schedule_timeout+0x150/0x150
[  104.713776][ T5078]  ? schedule+0x1fc/0x270
[  104.713815][ T5078]  ? reacquire_held_locks+0x4c0/0x4c0
[  104.713861][ T5078]  ? mark_lock+0x59a/0xc50
[  104.713907][ T5078]  ? print_usage_bug.part.0+0x550/0x550
[  104.713955][ T5078]  schedule+0xe9/0x270
[  104.713996][ T5078]  schedule_timeout+0x257/0x290
[  104.714046][ T5078]  ? usleep_range_state+0x1a0/0x1a0
[  104.714099][ T5078]  ? mark_held_locks+0x9f/0xe0
[  104.714144][ T5078]  ? _raw_spin_unlock_irq+0x23/0x50
[  104.714176][ T5078]  __down_common+0x327/0x6d0
[  104.714219][ T5078]  ? lock_sync+0x190/0x190
[  104.714266][ T5078]  ? up+0xb0/0xb0
[  104.714305][ T5078]  ? spin_bug+0x1d0/0x1d0
[  104.714352][ T5078]  ? preempt_count_sub+0x160/0x160
[  104.714384][ T5078]  down+0x74/0xa0
[  104.714427][ T5078]  console_lock+0x96/0x150
[  104.714481][ T5078]  do_con_write+0x145/0x7f40
[  104.714519][ T5078]  ? __might_fault+0x13f/0x1a0
[  104.714553][ T5078]  ? lockdep_hardirqs_on_prepare+0x420/0x420
[  104.714604][ T5078]  ? preempt_count_sub+0x160/0x160
[  104.714634][ T5078]  ? reset_palette+0x2a0/0x2a0
[  104.714667][ T5078]  ? lock_acquire+0x1ae/0x520
[  104.714714][ T5078]  ? lock_sync+0x190/0x190
[  104.714759][ T5078]  ? do_raw_spin_lock+0x12e/0x2b0
[  104.714809][ T5078]  ? spin_bug+0x1d0/0x1d0
[  104.714859][ T5078]  con_write+0x23/0xb0
[  104.714892][ T5078]  gsmld_write+0xd0/0x150
[  104.714923][ T5078]  ? gsm_dlci_copy_config_values+0x300/0x300
[  104.714958][ T5078]  file_tty_write.constprop.0+0x519/0x9b0
[  104.714994][ T5078]  vfs_write+0x64f/0xdf0
[  104.715030][ T5078]  ? kernel_write+0x6c0/0x6c0
[  104.715069][ T5078]  ? __fget_light+0x1fc/0x260
[  104.715103][ T5078]  ksys_write+0x12f/0x250
[  104.715138][ T5078]  ? __ia32_sys_read+0xb0/0xb0
[  104.715173][ T5078]  ? syscall_trace_enter.constprop.0+0xaf/0x1e0
[  104.715214][ T5078]  do_syscall_64+0x40/0x110
[  104.715250][ T5078]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  104.715299][ T5078] RIP: 0033:0x7fc83bb7ada9
[  104.715320][ T5078] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  104.715350][ T5078] RSP: 002b:00007fffd23cd388 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.715378][ T5078] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc83bb7ada9
[  104.715398][ T5078] RDX: 0000000000000078 RSI: 0000000020000100 RDI: 0000000000000003
[  104.715416][ T5078] RBP: 00000000000f4240 R08: 00007fffd23cd097 R09: 00000000000000a0
[  104.715435][ T5078] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001
[  104.715459][ T5078] R13: 00007fffd23cd5a8 R14: 00007fffd23cd3b0 R15: 00007fffd23cd3a0
[  104.715485][ T5078]  </TASK>
[  104.715839][ T5078] Kernel Offset: disabled