./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor24313886

<...>
no interfaces have a carrier
[   29.455170][ T3181] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
syzkaller login: [   39.719565][   T27] kauditd_printk_skb: 37 callbacks suppressed
[   39.719581][   T27] audit: type=1400 audit(1659585918.162:73): avc:  denied  { transition } for  pid=3417 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   39.748083][   T27] audit: type=1400 audit(1659585918.172:74): avc:  denied  { write } for  pid=3417 comm="sh" path="pipe:[27563]" dev="pipefs" ino=27563 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '10.128.1.76' (ECDSA) to the list of known hosts.
execve("./syz-executor24313886", ["./syz-executor24313886"], 0x7ffd2003d5b0 /* 10 vars */) = 0
brk(NULL)                               = 0x55555697a000
brk(0x55555697ac40)                     = 0x55555697ac40
arch_prctl(ARCH_SET_FS, 0x55555697a300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor24313886", 4096) = 26
brk(0x55555699bc40)                     = 0x55555699bc40
brk(0x55555699c000)                     = 0x55555699c000
mprotect(0x7f6248bf1000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/sync/sw_sync", O_RDONLY) = 3
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
ioctl(3, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000080) = 0
openat(AT_FDCWD, "/sys/kernel/debug/sync/sw_sync", O_RDONLY) = 69
ioctl(69, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000100) = 0
openat(AT_FDCWD, "/sys/kernel/debug/sync/sw_sync", O_RDONLY) = 71
ioctl(71, _IOC(_IOC_READ|_IOC_WRITE, 0x57, 0, 0x28), 0x20000100) = 0
ioctl(70, SYNC_IOC_MERGE, 0x200002c0)   = 0
poll([{fd=73, events=0}], 1, 0)         = 0 (Timeout)
openat(AT_FDCWD, "/sys/kernel/debug/sync/info", O_RDONLY|O_NOFOLLOW) = 74
read(74, "objs:\n--", 8)                = 8
exit_group(0)                           = ?
[   50.581150][   T27] audit: type=1400 audit(1659585929.022:75): avc:  denied  { execmem } for  pid=3609 comm="syz-executor243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   50.613175][    C0] 
[   50.615520][    C0] ================================
[   50.620609][    C0] WARNING: inconsistent lock state
[   50.625740][    C0] 5.19.0-syzkaller-02972-g200e340f2196 #0 Not tainted
[   50.632495][    C0] --------------------------------
[   50.637591][    C0] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
[   50.644421][    C0] syz-executor243/3609 [HC1[1]:SC0[0]:HE0:SE1] takes:
[   50.651184][    C0] ffffffff8c94cb58 (sync_timeline_list_lock){?.+.}-{2:2}, at: sync_timeline_debug_remove+0x25/0x190
[   50.661974][    C0] {HARDIRQ-ON-W} state was registered at:
[   50.667700][    C0]   lockdep_hardirqs_on_prepare+0x135/0x400
[   50.673605][    C0]   trace_hardirqs_on+0x2d/0x120
[   50.678539][    C0]   _raw_spin_unlock_irq+0x1f/0x40
[   50.683637][    C0]   sync_info_debugfs_show+0xeb/0x200
[   50.689530][    C0]   seq_read_iter+0x4f5/0x1280
[   50.694293][    C0]   seq_read+0x2c7/0x420
[   50.698515][    C0]   vfs_read+0x1ef/0x5d0
[   50.702743][    C0]   ksys_read+0x127/0x250
[   50.707140][    C0]   do_syscall_64+0x35/0xb0
[   50.711641][    C0]   entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.717621][    C0] irq event stamp: 9828
[   50.721763][    C0] hardirqs last  enabled at (9827): [<ffffffff897ad67f>] _raw_spin_unlock_irq+0x1f/0x40
[   50.731463][    C0] hardirqs last disabled at (9828): [<ffffffff89777ceb>] sysvec_irq_work+0xb/0xc0
[   50.740667][    C0] softirqs last  enabled at (9282): [<ffffffff8147b4e3>] __irq_exit_rcu+0x123/0x180
[   50.750032][    C0] softirqs last disabled at (9255): [<ffffffff8147b4e3>] __irq_exit_rcu+0x123/0x180
[   50.759425][    C0] 
[   50.759425][    C0] other info that might help us debug this:
[   50.767481][    C0]  Possible unsafe locking scenario:
[   50.767481][    C0] 
[   50.774922][    C0]        CPU0
[   50.778183][    C0]        ----
[   50.781443][    C0]   lock(sync_timeline_list_lock);
[   50.786536][    C0]   <Interrupt>
[   50.789970][    C0]     lock(sync_timeline_list_lock);
[   50.795260][    C0] 
[   50.795260][    C0]  *** DEADLOCK ***
[   50.795260][    C0] 
[   50.803383][    C0] no locks held by syz-executor243/3609.
[   50.808991][    C0] 
[   50.808991][    C0] stack backtrace:
[   50.814857][    C0] CPU: 0 PID: 3609 Comm: syz-executor243 Not tainted 5.19.0-syzkaller-02972-g200e340f2196 #0
[   50.824990][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   50.835027][    C0] Call Trace:
[   50.838295][    C0]  <IRQ>
[   50.841123][    C0]  dump_stack_lvl+0xcd/0x134
[   50.845721][    C0]  mark_lock.part.0.cold+0x18/0xd8
[   50.850906][    C0]  ? mark_lock.part.0+0xee/0x1910
[   50.855915][    C0]  ? lock_chain_count+0x20/0x20
[   50.860764][    C0]  ? find_held_lock+0x2d/0x110
[   50.865509][    C0]  ? lock_chain_count+0x20/0x20
[   50.870344][    C0]  ? debug_object_activate+0x287/0x3e0
[   50.875782][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   50.880617][    C0]  __lock_acquire+0x14ad/0x5660
[   50.885454][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   50.891437][    C0]  ? do_raw_spin_unlock+0x171/0x230
[   50.896632][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   50.902622][    C0]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   50.908432][    C0]  lock_acquire+0x1ab/0x570
[   50.912938][    C0]  ? sync_timeline_debug_remove+0x25/0x190
[   50.918750][    C0]  ? lock_release+0x780/0x780
[   50.923415][    C0]  ? timeline_fence_release+0x1f2/0x340
[   50.928947][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   50.933790][    C0]  _raw_spin_lock_irqsave+0x39/0x50
[   50.938974][    C0]  ? sync_timeline_debug_remove+0x25/0x190
[   50.944852][    C0]  sync_timeline_debug_remove+0x25/0x190
[   50.950484][    C0]  timeline_fence_release+0x263/0x340
[   50.955843][    C0]  ? sw_sync_debugfs_release+0x240/0x240
[   50.961459][    C0]  dma_fence_release+0x2ee/0x590
[   50.966434][    C0]  ? lock_downgrade+0x6e0/0x6e0
[   50.971270][    C0]  dma_fence_array_release+0x1f6/0x2d0
[   50.976718][    C0]  ? dma_fence_array_cb_func+0x190/0x190
[   50.982337][    C0]  dma_fence_release+0x2ee/0x590
[   50.987279][    C0]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   50.993067][    C0]  irq_dma_fence_array_work+0xa5/0xd0
[   50.998422][    C0]  irq_work_single+0x120/0x250
[   51.003182][    C0]  irq_work_run_list+0x91/0xc0
[   51.007970][    C0]  irq_work_run+0x54/0xd0
[   51.012296][    C0]  __sysvec_irq_work+0x95/0x3d0
[   51.017130][    C0]  sysvec_irq_work+0x8e/0xc0
[   51.021702][    C0]  </IRQ>
[   51.024616][    C0]  <TASK>
[   51.027531][    C0]  asm_sysvec_irq_work+0x16/0x20
[   51.032454][    C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[   51.038247][    C0] Code: 0f 1f 44 00 00 55 48 8b 74 24 08 48 89 fd 48 83 c7 18 e8 be ed e2 f7 48 89 ef e8 56 6f e3 f7 e8 41 84 05 f8 fb bf 01 00 00 00 <e8> 46 71 d6 f7 65 8b 05 af 98 87 76 85 c0 74 02 5d c3 e8 fb 6e 85
[   51.057839][    C0] RSP: 0018:ffffc900030d7d18 EFLAGS: 00000206
[   51.063889][    C0] RAX: 0000000000002663 RBX: 00000000ffffffff RCX: 1ffffffff1b76681
[   51.071884][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   51.079849][    C0] RBP: ffff888017021f50 R08: 0000000000000001 R09: 0000000000000001
[   51.087824][    C0] R10: ffffed1002e043ea R11: 0000000000000001 R12: ffff888017021f00
[   51.095780][    C0] R13: dffffc0000000000 R14: ffff888017021f00 R15: ffff888017021f50
[   51.103737][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[   51.108921][    C0]  sw_sync_debugfs_release+0x160/0x240
[   51.114372][    C0]  __fput+0x277/0x9d0
[   51.118345][    C0]  ? sw_sync_debugfs_open+0x330/0x330
[   51.123724][    C0]  task_work_run+0xdd/0x1a0
[   51.128304][    C0]  do_exit+0xade/0x29d0
[   51.132449][    C0]  ? mm_update_next_owner+0x7a0/0x7a0
[   51.137810][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[   51.142989][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[   51.148177][    C0]  do_group_exit+0xd2/0x2f0
[   51.152682][    C0]  __x64_sys_exit_group+0x3a/0x50
[   51.157692][    C0]  do_syscall_64+0x35/0xb0
[   51.162095][    C0]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.167974][    C0] RIP: 0033:0x7f6248b83969
[   51.172369][    C0] Code: Unable to access opcode bytes at RIP 0x7f6248b8393f.
+++ exited with 0 +++
[   51.179713][    C0] RSP: 002b:00007fff6c63ca88