./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3933636430 <...> Warning: Permanently added '10.128.10.1' (ED25519) to the list of known hosts. execve("./syz-executor3933636430", ["./syz-executor3933636430"], 0x7fffa9319260 /* 10 vars */) = 0 brk(NULL) = 0x555555ee1000 brk(0x555555ee1d00) = 0x555555ee1d00 arch_prctl(ARCH_SET_FS, 0x555555ee1380) = 0 set_tid_address(0x555555ee1650) = 5045 set_robust_list(0x555555ee1660, 24) = 0 rseq(0x555555ee1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3933636430", 4096) = 28 getrandom("\xfb\x9d\x2e\xb7\xaf\x8a\x6a\xaa", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555ee1d00 brk(0x555555f02d00) = 0x555555f02d00 brk(0x555555f03000) = 0x555555f03000 mprotect(0x7f003ec1b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ee1650) = 5046 [ 73.733689][ T28] audit: type=1400 audit(1705199653.475:86): avc: denied { execmem } for pid=5045 comm="syz-executor393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 73.755796][ T28] audit: type=1400 audit(1705199653.495:87): avc: denied { read write } for pid=5045 comm="syz-executor393" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 ./strace-static-x86_64: Process 5046 attached [pid 5046] set_robust_list(0x555555ee1660, 24) = 0 [pid 5046] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5046] setpgid(0, 0) = 0 [pid 5046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5046] write(3, "1000", 4) = 4 [pid 5046] close(3) = 0 [pid 5046] memfd_create("syzkaller", 0) = 3 [pid 5046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0036600000 [ 73.781315][ T28] audit: type=1400 audit(1705199653.495:88): avc: denied { open } for pid=5045 comm="syz-executor393" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 73.806952][ T28] audit: type=1400 audit(1705199653.495:89): avc: denied { ioctl } for pid=5045 comm="syz-executor393" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5046] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5046] munmap(0x7f0036600000, 138412032) = 0 [pid 5046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5046] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5046] close(3) = 0 [pid 5046] close(4) = 0 [pid 5046] mkdir("./file0", 0777) = 0 [ 74.105374][ T5046] loop0: detected capacity change from 0 to 32768 [ 74.136206][ T28] audit: type=1400 audit(1705199653.875:90): avc: denied { mounton } for pid=5046 comm="syz-executor393" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 74.168058][ T5046] gfs2: fsid=gfs2: Trying to join cluster "lock_nolock", "gfs2" [ 74.178367][ T5046] gfs2: fsid=gfs2: Now mounting FS (format 1801)... [ 74.222952][ T5046] gfs2: fsid=gfs2.s: journal 0 mapped with 3 extents in 0ms [pid 5046] mount("/dev/loop0", "./file0", "gfs2", MS_NOATIME|0x200, "\x6c\x6f\x63\x6b\x74\x61\x62\x6c\x65\x3d\xe2\x2c\x6c\x6f\x63\x6b\x74\x61\x62\x6c\x65\x3d\x26\x28\x2c\x6e\x6f\x72\x65\x63\x6f\x76\x65\x72\x79\x2c\x6e\x6f\x72\x67\x72\x70\x6c\x76\x62\x2c\x73\x74\x61\x74\x66\x73\x5f\x71\x75\x61\x6e\x74\x75\x6d\x3d\x30\x78\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x39\x2c\x6e\x6f\x61\x63\x6c\x2c\x64\x61\x74\x61\x3d\x6f\x72\x64\x65\x72\x65\x64\x2c\x6c"... [pid 5045] kill(-5046, SIGKILL) = 0 [pid 5045] kill(5046, SIGKILL) = 0 [pid 5045] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5045] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5045] getdents64(3, 0x555555ee26f0 /* 2 entries */, 32768) = 48 [pid 5045] getdents64(3, 0x555555ee26f0 /* 0 entries */, 32768) = 0 [pid 5045] close(3) = 0 [ 87.550421][ T9] cfg80211: failed to load regulatory.db [ 287.229827][ T29] INFO: task syz-executor393:5046 blocked for more than 143 seconds. [ 287.237923][ T29] Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 287.245151][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.253848][ T29] task:syz-executor393 state:D stack:25808 pid:5046 tgid:5046 ppid:5045 flags:0x00004006 [ 287.264083][ T29] Call Trace: [ 287.267365][ T29] [ 287.270333][ T29] __schedule+0xf12/0x5c00 [ 287.274845][ T29] ? rcu_is_watching+0x12/0xb0 [ 287.279611][ T29] ? lock_release+0x4bf/0x690 [ 287.284371][ T29] ? io_schedule_timeout+0x150/0x150 [ 287.289723][ T29] ? lock_release+0x4bf/0x690 [ 287.294626][ T29] ? schedule+0x1fc/0x270 [ 287.299049][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.304466][ T29] ? lock_release+0x4bf/0x690 [ 287.309192][ T29] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.314862][ T29] ? do_raw_spin_lock+0x12e/0x2b0 [ 287.319966][ T29] schedule+0xe9/0x270 [ 287.324043][ T29] io_schedule+0xbe/0x130 [ 287.328452][ T29] folio_wait_bit_common+0x3dc/0x9c0 [ 287.333874][ T29] ? folio_wait_bit_common+0x13d/0x9c0 [ 287.339375][ T29] ? filemap_cachestat+0x930/0x930 [ 287.344536][ T29] ? filemap_write_and_wait_range+0x120/0x120 [ 287.350818][ T29] ? filemap_alloc_folio+0x490/0x490 [ 287.356130][ T29] ? __filemap_get_folio+0x2b0/0xaa0 [ 287.361551][ T29] gfs2_jhead_process_page+0x4d3/0x5a0 [ 287.367034][ T29] ? __filemap_add_folio+0xed0/0xed0 [ 287.372383][ T29] ? bvec_try_merge_page+0x18f/0x300 [ 287.377694][ T29] ? revoke_lo_scan_elements+0x6f0/0x6f0 [ 287.383402][ T29] ? bio_add_page+0x19b/0x2b0 [ 287.388111][ T29] ? __bio_add_page+0x2d0/0x2d0 [ 287.393009][ T29] gfs2_find_jhead+0x6a5/0xd40 [ 287.397806][ T29] ? databuf_lo_before_commit+0x100/0x100 [ 287.403613][ T29] check_journal_clean+0x1da/0x350 [ 287.408750][ T29] ? gfs2_assert_i+0x30/0x30 [ 287.413480][ T29] ? lock_release+0x4bf/0x690 [ 287.418187][ T29] ? do_raw_spin_lock+0x12e/0x2b0 [ 287.423253][ T29] ? init_inodes+0x1113/0x2e30 [ 287.428035][ T29] ? do_raw_spin_unlock+0x173/0x230 [ 287.433366][ T29] ? _raw_spin_unlock+0x28/0x40 [ 287.438248][ T29] ? gfs2_jdesc_find+0xbf/0xf0 [ 287.443053][ T29] init_inodes+0x1113/0x2e30 [ 287.447804][ T29] ? end_bio_io_page+0xd0/0xd0 [ 287.452648][ T29] ? gfs2_fill_super+0x1a98/0x2bd0 [ 287.457787][ T29] ? init_sb+0x9d8/0x10e0 [ 287.462185][ T29] ? vsprintf+0x30/0x30 [ 287.466360][ T29] ? gfs2_fill_super+0x1a98/0x2bd0 [ 287.471532][ T29] gfs2_fill_super+0x1a98/0x2bd0 [ 287.476493][ T29] ? gfs2_destroy_threads+0x110/0x110 [ 287.481992][ T29] ? gfs2_fill_super+0x1730/0x2bd0 [ 287.487120][ T29] ? spin_bug+0x1d0/0x1d0 [ 287.491476][ T29] ? disk_unblock_events+0xd/0x60 [ 287.496511][ T29] ? set_blocksize+0x2b1/0x350 [ 287.501300][ T29] ? sb_set_blocksize+0xf6/0x120 [ 287.506248][ T29] ? setup_bdev_super+0x3a6/0x760 [ 287.511318][ T29] get_tree_bdev+0x36b/0x600 [ 287.515928][ T29] ? gfs2_destroy_threads+0x110/0x110 [ 287.521349][ T29] ? sget_dev+0xe0/0xe0 [ 287.525752][ T29] ? legacy_fs_context_free+0xd0/0xd0 [ 287.531175][ T29] ? cap_capable+0x1cf/0x230 [ 287.535804][ T29] gfs2_get_tree+0x4e/0x280 [ 287.540444][ T29] vfs_get_tree+0x8c/0x370 [ 287.544874][ T29] path_mount+0x14e6/0x1f20 [ 287.549367][ T29] ? kmem_cache_free+0x129/0x350 [ 287.554331][ T29] ? finish_automount+0xa40/0xa40 [ 287.559381][ T29] ? putname+0x12e/0x170 [ 287.563820][ T29] __x64_sys_mount+0x293/0x310 [ 287.568598][ T29] ? copy_mnt_ns+0x9f0/0x9f0 [ 287.573230][ T29] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.578438][ T29] ? ptrace_notify+0xf4/0x130 [ 287.583148][ T29] do_syscall_64+0xd3/0x250 [ 287.587667][ T29] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 287.593698][ T29] RIP: 0033:0x7f003eb891aa [ 287.598122][ T29] RSP: 002b:00007fff5bf5d408 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 287.606646][ T29] RAX: ffffffffffffffda RBX: 00007fff5bf5d420 RCX: 00007f003eb891aa [ 287.614755][ T29] RDX: 000000002001f680 RSI: 000000002001f6c0 RDI: 00007fff5bf5d420 [ 287.622742][ T29] RBP: 0000000000000004 R08: 00007fff5bf5d460 R09: 000000000001f672 [ 287.630839][ T29] R10: 0000000000000600 R11: 0000000000000282 R12: 0000000000000600 [ 287.638798][ T29] R13: 00007fff5bf5d460 R14: 0000000000000003 R15: 0000000001000000 [ 287.646811][ T29] [ 287.649878][ T29] INFO: lockdep is turned off. [ 287.654642][ T29] NMI backtrace for cpu 0 [ 287.658958][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 287.668519][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.678564][ T29] Call Trace: [ 287.682017][ T29] [ 287.684941][ T29] dump_stack_lvl+0xd9/0x1b0 [ 287.689549][ T29] nmi_cpu_backtrace+0x277/0x390 [ 287.694519][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 287.699749][ T29] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 287.705739][ T29] watchdog+0xf87/0x1210 [ 287.709988][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.715986][ T29] ? __kthread_parkme+0x14b/0x220 [ 287.721013][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 287.727006][ T29] kthread+0x2c6/0x3a0 [ 287.731173][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.736808][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.742439][ T29] ret_from_fork+0x45/0x80 [ 287.746855][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 287.752504][ T29] ret_from_fork_asm+0x11/0x20 [ 287.757284][ T29] [ 287.760390][ T29] Sending NMI from CPU 0 to CPUs 1: [ 287.765609][ C1] NMI backtrace for cpu 1 [ 287.765619][ C1] CPU: 1 PID: 2424 Comm: kworker/u4:6 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 287.765643][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 287.765655][ C1] Workqueue: 0x0 (events_unbound) [ 287.765677][ C1] RIP: 0010:load_balance+0x778/0x3360 [ 287.765709][ C1] Code: e9 03 0f b6 0c 01 48 89 f8 83 e0 07 83 c0 03 38 c8 7c 08 84 c9 0f 85 c7 2b 00 00 48 8b 44 24 60 83 44 98 68 01 e9 de fa ff ff <48> 8b 9c 24 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 40 [ 287.765729][ C1] RSP: 0018:ffffc9000a5c78d8 EFLAGS: 00000046 [ 287.765744][ C1] RAX: 0000000000000001 RBX: ffff8880b9928de0 RCX: ffffffff815fffa2 [ 287.765758][ C1] RDX: ffffed10173251bd RSI: 0000000000000008 RDI: ffff8880b9928de0 [ 287.765771][ C1] RBP: ffffc9000a5c7aa0 R08: 0000000000000000 R09: ffffed10173251bc [ 287.765785][ C1] R10: ffff8880b9928de7 R11: 0000000000000000 R12: 0000000000028dd0 [ 287.765797][ C1] R13: 0000000000000001 R14: ffff8880b9900000 R15: dffffc0000000000 [ 287.765811][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 287.765832][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.765846][ C1] CR2: 00007ff084cd4b90 CR3: 000000001de47000 CR4: 00000000003506f0 [ 287.765859][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.765871][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.765884][ C1] Call Trace: [ 287.765890][ C1] [ 287.765896][ C1] ? show_regs+0x8f/0xa0 [ 287.765921][ C1] ? nmi_cpu_backtrace+0x1d4/0x390 [ 287.765953][ C1] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 287.765984][ C1] ? nmi_handle+0x1a6/0x570 [ 287.766009][ C1] ? load_balance+0x778/0x3360 [ 287.766035][ C1] ? default_do_nmi+0x6a/0x160 [ 287.766059][ C1] ? exc_nmi+0x186/0x200 [ 287.766082][ C1] ? end_repeat_nmi+0xf/0x2a [ 287.766102][ C1] ? load_balance+0x312/0x3360 [ 287.766127][ C1] ? load_balance+0x778/0x3360 [ 287.766153][ C1] ? load_balance+0x778/0x3360 [ 287.766184][ C1] ? load_balance+0x778/0x3360 [ 287.766210][ C1] [ 287.766215][ C1] [ 287.766222][ C1] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.766253][ C1] ? psi_account_irqtime+0x301/0x510 [ 287.766275][ C1] ? lock_repin_lock+0x350/0x350 [ 287.766299][ C1] ? find_busiest_group+0xc70/0xc70 [ 287.766326][ C1] ? lock_acquire+0x464/0x520 [ 287.766356][ C1] ? rcu_is_watching+0x12/0xb0 [ 287.766380][ C1] newidle_balance+0x713/0x1250 [ 287.766410][ C1] ? load_balance+0x3360/0x3360 [ 287.766435][ C1] ? lock_release+0x4bf/0x690 [ 287.766464][ C1] ? dequeue_entity+0x35a/0x1130 [ 287.766489][ C1] ? rcu_is_watching+0x12/0xb0 [ 287.766512][ C1] pick_next_task_fair+0x87/0x1200 [ 287.766540][ C1] __schedule+0x4b1/0x5c00 [ 287.766566][ C1] ? spin_bug+0x1d0/0x1d0 [ 287.766595][ C1] ? preempt_count_sub+0x160/0x160 [ 287.766616][ C1] ? pwq_dec_nr_in_flight+0x162/0x2a0 [ 287.766642][ C1] ? rcu_is_watching+0x12/0xb0 [ 287.766665][ C1] ? io_schedule_timeout+0x150/0x150 [ 287.766690][ C1] ? lock_release+0x4bf/0x690 [ 287.766718][ C1] ? schedule+0x1fc/0x270 [ 287.766742][ C1] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.766771][ C1] ? reacquire_held_locks+0x4c0/0x4c0 [ 287.766802][ C1] schedule+0xe9/0x270 [ 287.766826][ C1] ? worker_thread+0x274/0x1290 [ 287.766851][ C1] worker_thread+0x2e1/0x1290 [ 287.766879][ C1] ? process_one_work+0x15d0/0x15d0 [ 287.766904][ C1] kthread+0x2c6/0x3a0 [ 287.766926][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 287.766949][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 287.766973][ C1] ret_from_fork+0x45/0x80 [ 287.766998][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 287.767022][ C1] ret_from_fork_asm+0x11/0x20 [ 287.767052][ C1] [ 287.767059][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.451 msecs [ 287.767643][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 288.153938][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0 [ 288.163392][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 288.173699][ T29] Call Trace: [ 288.176974][ T29] [ 288.179897][ T29] dump_stack_lvl+0xd9/0x1b0 [ 288.184494][ T29] panic+0x6dc/0x790 [ 288.188405][ T29] ? panic_smp_self_stop+0xa0/0xa0 [ 288.193526][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 288.198903][ T29] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 288.204105][ T29] ? preempt_schedule_thunk+0x1a/0x30 [ 288.209491][ T29] ? watchdog+0xd3e/0x1210 [ 288.214166][ T29] ? watchdog+0xd31/0x1210 [ 288.218583][ T29] watchdog+0xd4f/0x1210 [ 288.222915][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 288.228984][ T29] ? __kthread_parkme+0x14b/0x220 [ 288.234023][ T29] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 288.240029][ T29] kthread+0x2c6/0x3a0 [ 288.244197][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 288.249838][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 288.255486][ T29] ret_from_fork+0x45/0x80 [ 288.259908][ T29] ? kthread_complete_and_exit+0x40/0x40 [ 288.265539][ T29] ret_from_fork_asm+0x11/0x20 [ 288.270403][ T29] [ 288.273603][ T29] Kernel Offset: disabled [ 288.277911][ T29] Rebooting in 86400 seconds..