./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1134492036

<...>
4302][   T29] audit: type=1400 audit(1716347517.283:82): avc:  denied  { siginh } for  pid=4930 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   74.923312][   T29] audit: type=1400 audit(1716347518.343:83): avc:  denied  { read } for  pid=4513 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   74.949740][   T29] audit: type=1400 audit(1716347518.343:84): avc:  denied  { append } for  pid=4513 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   75.001376][   T29] audit: type=1400 audit(1716347518.343:85): avc:  denied  { open } for  pid=4513 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   75.042504][   T29] audit: type=1400 audit(1716347518.343:86): avc:  denied  { getattr } for  pid=4513 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '10.128.10.54' (ED25519) to the list of known hosts.
execve("./syz-executor1134492036", ["./syz-executor1134492036"], 0x7ffdd7bb6580 /* 10 vars */) = 0
brk(NULL)                               = 0x55555763d000
brk(0x55555763dd40)                     = 0x55555763dd40
arch_prctl(ARCH_SET_FS, 0x55555763d3c0) = 0
set_tid_address(0x55555763d690)         = 5080
set_robust_list(0x55555763d6a0, 24)     = 0
rseq(0x55555763dce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1134492036", 4096) = 28
getrandom("\x96\xcd\xe7\x4d\xa7\xcf\xad\xf0", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55555763dd40
brk(0x55555765ed40)                     = 0x55555765ed40
brk(0x55555765f000)                     = 0x55555765f000
mprotect(0x7f0746b89000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached
, child_tidptr=0x55555763d690) = 5081
[pid  5081] set_robust_list(0x55555763d6a0, 24) = 0
[pid  5081] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[   92.695548][   T29] audit: type=1400 audit(1716347536.123:87): avc:  denied  { execmem } for  pid=5080 comm="syz-executor113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid  5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5081] setsid()                    = 1
[pid  5081] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5081] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5081] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5081] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5081] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5081] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5081] unshare(CLONE_NEWNS)        = 0
[pid  5081] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[   92.736716][   T29] audit: type=1400 audit(1716347536.163:88): avc:  denied  { mounton } for  pid=5081 comm="syz-executor113" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   92.761623][   T29] audit: type=1400 audit(1716347536.163:89): avc:  denied  { mount } for  pid=5081 comm="syz-executor113" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[pid  5081] unshare(CLONE_NEWIPC)       = 0
[pid  5081] unshare(CLONE_NEWCGROUP)    = 0
[pid  5081] unshare(CLONE_NEWUTS)       = 0
[pid  5081] unshare(CLONE_SYSVSEM)      = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "16777216", 8)     = 8
[pid  5081] close(3)                    = 0
[   92.809376][   T29] audit: type=1400 audit(1716347536.233:90): avc:  denied  { mounton } for  pid=5081 comm="syz-executor113" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "536870912", 9)    = 9
[pid  5081] close(3)                    = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "1024", 4)         = 4
[pid  5081] close(3)                    = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "8192", 4)         = 4
[pid  5081] close(3)                    = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "1024", 4)         = 4
[pid  5081] close(3)                    = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "1024", 4)         = 4
[pid  5081] close(3)                    = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5081] close(3)                    = 0
[pid  5081] getpid()                    = 1
[pid  5081] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5081] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5081] unshare(CLONE_NEWNET)       = 0
[pid  5081] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5081] write(3, "0 65535", 7)      = 7
[pid  5081] close(3)                    = 0
[pid  5081] mkdir("/dev/binderfs", 0777) = 0
[pid  5081] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5081] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5081] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached
, child_tidptr=0x55555763d690) = 2
[pid  5084] set_robust_list(0x55555763d6a0, 24) = 0
[pid  5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5084] setpgid(0, 0)               = 0
[   93.106051][   T29] audit: type=1400 audit(1716347536.533:91): avc:  denied  { mounton } for  pid=5081 comm="syz-executor113" path="/dev/binderfs" dev="devtmpfs" ino=2322 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   93.129848][   T29] audit: type=1400 audit(1716347536.543:92): avc:  denied  { mount } for  pid=5081 comm="syz-executor113" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[pid  5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5084] write(3, "1000", 4)         = 4
[pid  5084] close(3)                    = 0
executing program
[pid  5084] write(1, "executing program\n", 18) = 18
[pid  5084] futex(0x7f0746b8f32c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] rt_sigaction(SIGRT_1, {sa_handler=0x7f0746b2e450, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f0746b1fad0}, NULL, 8) = 0
[pid  5084] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0746aa0000
[pid  5084] mprotect(0x7f0746aa1000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f0746ac0990, parent_tid=0x7f0746ac0990, exit_signal=0, stack=0x7f0746aa0000, stack_size=0x20300, tls=0x7f0746ac06c0}./strace-static-x86_64: Process 5085 attached
 <unfinished ...>
[pid  5085] rseq(0x7f0746ac0fe0, 0x20, 0, 0x53053053) = 0
[pid  5085] set_robust_list(0x7f0746ac09a0, 24) = 0
[pid  5085] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5084] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3
[pid  5085] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5084] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5085] futex(0x7f0746b8f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5084] futex(0x7f0746b8f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5084] <... futex resumed>)        = 1
[pid  5084] futex(0x7f0746b8f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5085] openat(AT_FDCWD, "/dev/nbd0", O_RDONLY) = 3
[pid  5085] futex(0x7f0746b8f32c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5084] <... futex resumed>)        = 0
[pid  5085] futex(0x7f0746b8f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] futex(0x7f0746b8f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5084] <... futex resumed>)        = 0
[pid  5085] ioctl(3, NBD_SET_SIZE, 4294967040 <unfinished ...>
[   93.260259][   T29] audit: type=1400 audit(1716347536.683:93): avc:  denied  { read } for  pid=5084 comm="syz-executor113" name="nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   93.284904][   T29] audit: type=1400 audit(1716347536.683:94): avc:  denied  { open } for  pid=5084 comm="syz-executor113" path="/dev/nbd0" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid  5084] futex(0x7f0746b8f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid  5084] futex(0x7f0746b8f33c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f0746a7f000
[pid  5084] mprotect(0x7f0746a80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f0746a9f990, parent_tid=0x7f0746a9f990, exit_signal=0, stack=0x7f0746a7f000, stack_size=0x20300, tls=0x7f0746a9f6c0}./strace-static-x86_64: Process 5086 attached
 <unfinished ...>
[pid  5086] rseq(0x7f0746a9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5086] set_robust_list(0x7f0746a9f9a0, 24) = 0
[pid  5086] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5084] <... clone3 resumed> => {parent_tid=[4]}, 88) = 4
[pid  5086] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5084] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5086] futex(0x7f0746b8f338, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5084] futex(0x7f0746b8f338, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5086] <... futex resumed>)        = 0
[pid  5084] <... futex resumed>)        = 1
[pid  5086] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid  5084] futex(0x7f0746b8f33c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5086] <... socketpair resumed>[4, 5]) = 0
[pid  5086] futex(0x7f0746b8f33c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5086] futex(0x7f0746b8f338, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5085] <... ioctl resumed>)        = 0
[pid  5084] <... futex resumed>)        = 0
[pid  5085] futex(0x7f0746b8f32c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5085] futex(0x7f0746b8f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] futex(0x7f0746b8f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = 0
[pid  5084] <... futex resumed>)        = 1
[pid  5085] ioctl(3, NBD_SET_SOCK, 4 <unfinished ...>
[   93.309579][   T29] audit: type=1400 audit(1716347536.703:95): avc:  denied  { ioctl } for  pid=5084 comm="syz-executor113" path="/dev/nbd0" dev="devtmpfs" ino=664 ioctlcmd=0xab02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid  5084] futex(0x7f0746b8f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5085] <... ioctl resumed>)        = 0
[pid  5085] futex(0x7f0746b8f32c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5084] <... futex resumed>)        = 0
[pid  5085] futex(0x7f0746b8f328, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5084] futex(0x7f0746b8f328, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5085] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5084] <... futex resumed>)        = 0
[pid  5085] ioctl(3, NBD_DO_IT <unfinished ...>
[pid  5084] futex(0x7f0746b8f32c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[   93.451330][ T5085] nbd0: detected capacity change from 0 to 8388607
[pid  5084] close(3)                    = 0
[pid  5084] close(4)                    = 0
[pid  5084] close(5)                    = 0
[pid  5084] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5084] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(26)                   = -1 EBADF (Bad file descriptor)
[   93.841619][ T4475] block nbd0: Receive control failed (result -104)
[pid  5084] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5084] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5084] exit_group(0 <unfinished ...>
[pid  5086] <... futex resumed>)        = ?
[pid  5086] +++ exited with 0 +++
[pid  5084] <... exit_group resumed>)   = ?
[   97.274534][ T1159] cfg80211: failed to load regulatory.db
[pid  5081] kill(-2, SIGKILL)           = 0
[pid  5081] kill(2, SIGKILL)            = 0
[pid  5081] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5081] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0
[pid  5081] getdents64(3, 0x55555763e730 /* 2 entries */, 32768) = 48
[pid  5081] getdents64(3, 0x55555763e730 /* 0 entries */, 32768) = 0
[pid  5081] close(3)                    = 0
[  123.512538][   T26] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 30 seconds
[  153.592134][ T1018] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 60 seconds
[  156.314717][ T4531] udevd[4531]: worker [5082] /devices/virtual/block/nbd0 is taking a long time
[  183.671539][ T1018] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 90 seconds
[  213.751716][   T26] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 120 seconds
[  243.831713][   T26] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 150 seconds
[  273.504059][ T4531] udevd[4531]: worker [5082] /devices/virtual/block/nbd0 timeout; kill it
[  273.513429][ T4531] udevd[4531]: seq 7633 '/devices/virtual/block/nbd0' killed
[  273.911699][   T26] block nbd0: Possible stuck request ffff888020fd0000: control (read@0,4096B). Runtime 180 seconds
[  286.711463][   T30] INFO: task syz-executor113:5085 blocked for more than 143 seconds.
[  286.719739][   T30]       Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0
[  286.727068][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  286.735816][   T30] task:syz-executor113 state:D stack:26304 pid:5085  tgid:5084  ppid:5081   flags:0x00004006
[  286.746105][   T30] Call Trace:
[  286.749416][   T30]  <TASK>
[  286.752406][   T30]  __schedule+0xf15/0x5d00
[  286.757098][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  286.762453][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  286.767708][   T30]  ? __pfx___schedule+0x10/0x10
[  286.772653][   T30]  ? schedule+0x298/0x350
[  286.777035][   T30]  ? __pfx_lock_release+0x10/0x10
[  286.782178][   T30]  ? __mutex_lock+0x5b3/0x9c0
[  286.786914][   T30]  ? __mutex_trylock_common+0x78/0x250
[  286.792494][   T30]  schedule+0xe7/0x350
[  286.796618][   T30]  schedule_preempt_disabled+0x13/0x30
[  286.802192][   T30]  __mutex_lock+0x5b8/0x9c0
[  286.806761][   T30]  ? bdev_release+0x166/0x710
[  286.811557][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  286.816640][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  286.821757][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  286.827001][   T30]  ? bdev_release+0x166/0x710
[  286.831773][   T30]  bdev_release+0x166/0x710
[  286.836332][   T30]  ? task_work_run+0x126/0x250
[  286.841254][   T30]  ? evm_file_release+0xd6/0x1d0
[  286.846283][   T30]  ? __pfx_blkdev_release+0x10/0x10
[  286.851650][   T30]  blkdev_release+0x15/0x20
[  286.856216][   T30]  __fput+0x408/0xbb0
[  286.860248][   T30]  task_work_run+0x14e/0x250
[  286.864953][   T30]  ? __pfx_task_work_run+0x10/0x10
[  286.870144][   T30]  ? __pfx_task_work_add+0x10/0x10
[  286.875400][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[  286.880507][   T30]  ? selinux_file_ioctl+0xb4/0x270
[  286.885751][   T30]  ptrace_notify+0x10e/0x130
[  286.890425][   T30]  syscall_exit_to_user_mode_prepare+0x126/0x260
[  286.896859][   T30]  syscall_exit_to_user_mode+0x11/0x2a0
[  286.902568][   T30]  do_syscall_64+0xdc/0x260
[  286.907146][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.913241][   T30] RIP: 0033:0x7f0746b084b9
[  286.917691][   T30] RSP: 002b:00007f0746ac0218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  286.926194][   T30] RAX: 0000000000000000 RBX: 00007f0746b8f328 RCX: 00007f0746b084b9
[  286.934237][   T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  286.942302][   T30] RBP: 00007f0746b8f320 R08: 0000000000000000 R09: 0000000000000000
[  286.950307][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0746b8f32c
[  286.958381][   T30] R13: 00007f0746b5c1a4 R14: 64626e2f7665642f R15: 00000000ffffff00
[  286.966432][   T30]  </TASK>
[  286.969463][   T30] 
[  286.969463][   T30] Showing all locks held in the system:
[  286.977235][   T30] 1 lock held by khungtaskd/30:
[  286.982167][   T30]  #0: ffffffff8dbb1760 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340
[  286.992221][   T30] 3 locks held by kworker/u8:8/3380:
[  286.997546][   T30] 1 lock held by klogd/4520:
[  287.002216][   T30] 2 locks held by getty/4836:
[  287.006918][   T30]  #0: ffff88802b7230a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  287.016813][   T30]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490
[  287.027084][   T30] 1 lock held by udevd/5082:
[  287.031809][   T30]  #0: ffff888020e2c4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x43c/0xe90
[  287.041339][   T30] 1 lock held by syz-executor113/5085:
[  287.046831][   T30]  #0: ffff888020e2c4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x166/0x710
[  287.056506][   T30] 
[  287.058855][   T30] =============================================
[  287.058855][   T30] 
[  287.067349][   T30] NMI backtrace for cpu 0
[  287.071691][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0
[  287.081180][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  287.091277][   T30] Call Trace:
[  287.094564][   T30]  <TASK>
[  287.097500][   T30]  dump_stack_lvl+0x116/0x1f0
[  287.102282][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  287.107298][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  287.113325][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  287.119316][   T30]  watchdog+0xf86/0x1240
[  287.123585][   T30]  ? __pfx_watchdog+0x10/0x10
[  287.128306][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.133519][   T30]  ? __kthread_parkme+0x148/0x220
[  287.138584][   T30]  ? __pfx_watchdog+0x10/0x10
[  287.143308][   T30]  kthread+0x2c1/0x3a0
[  287.147392][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.152646][   T30]  ? __pfx_kthread+0x10/0x10
[  287.157263][   T30]  ret_from_fork+0x45/0x80
[  287.161713][   T30]  ? __pfx_kthread+0x10/0x10
[  287.166364][   T30]  ret_from_fork_asm+0x1a/0x30
[  287.171215][   T30]  </TASK>
[  287.174383][   T30] Sending NMI from CPU 0 to CPUs 1:
[  287.179653][    C1] NMI backtrace for cpu 1
[  287.179666][    C1] CPU: 1 PID: 3380 Comm: kworker/u8:8 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0
[  287.179695][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  287.179710][    C1] Workqueue: events_unbound toggle_allocation_gate
[  287.179776][    C1] RIP: 0010:text_poke_bp_batch+0x4c9/0x760
[  287.179809][    C1] Code: 44 89 ef 89 ee 48 83 c3 10 e8 33 ce 5b 00 41 39 ed 74 79 e8 e9 d3 5b 00 48 89 d8 48 89 da 48 c1 e8 03 83 e2 07 42 0f b6 04 30 <38> d0 7f 08 84 c0 0f 85 00 02 00 00 44 0f b6 23 48 8d 7b fe 48 89
[  287.179833][    C1] RSP: 0018:ffffc9000b3ffa70 EFLAGS: 00000202
[  287.179851][    C1] RAX: 0000000000000000 RBX: ffffffff92e8a42a RCX: ffffffff8132185d
[  287.179869][    C1] RDX: 0000000000000002 RSI: ffffffff81321867 RDI: 0000000000000004
[  287.179885][    C1] RBP: 0000000000000006 R08: 0000000000000004 R09: 0000000000000009
[  287.179901][    C1] R10: 0000000000000006 R11: 0000000000000006 R12: 00000000000000e9
[  287.179916][    C1] R13: 0000000000000009 R14: dffffc0000000000 R15: 0000000000000005
[  287.179932][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  287.179957][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.179975][    C1] CR2: 0000561d3fa72600 CR3: 000000000d97a000 CR4: 00000000003506f0
[  287.179991][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  287.180007][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  287.180023][    C1] Call Trace:
[  287.180031][    C1]  <NMI>
[  287.180039][    C1]  ? show_regs+0x8c/0xa0
[  287.180087][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  287.180113][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  287.180147][    C1]  ? nmi_handle+0x1a9/0x5c0
[  287.180185][    C1]  ? text_poke_bp_batch+0x4c9/0x760
[  287.180214][    C1]  ? default_do_nmi+0x6a/0x160
[  287.180243][    C1]  ? exc_nmi+0x170/0x1e0
[  287.180269][    C1]  ? end_repeat_nmi+0xf/0x53
[  287.180300][    C1]  ? text_poke_bp_batch+0x4ad/0x760
[  287.180328][    C1]  ? text_poke_bp_batch+0x4b7/0x760
[  287.180356][    C1]  ? text_poke_bp_batch+0x4c9/0x760
[  287.180389][    C1]  ? text_poke_bp_batch+0x4c9/0x760
[  287.180417][    C1]  ? text_poke_bp_batch+0x4c9/0x760
[  287.180444][    C1]  </NMI>
[  287.180451][    C1]  <TASK>
[  287.180459][    C1]  ? kmem_cache_alloc_bulk_noprof+0x198/0x940
[  287.180507][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  287.180535][    C1]  ? __jump_label_patch+0x1db/0x400
[  287.180565][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  287.180600][    C1]  text_poke_finish+0x30/0x40
[  287.180628][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  287.180662][    C1]  jump_label_update+0x1d7/0x400
[  287.180713][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  287.180749][    C1]  static_key_enable+0x1a/0x20
[  287.180781][    C1]  toggle_allocation_gate+0xf8/0x250
[  287.180818][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  287.180857][    C1]  process_one_work+0x9fb/0x1b60
[  287.180886][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  287.180925][    C1]  ? __pfx_process_one_work+0x10/0x10
[  287.180951][    C1]  ? assign_work+0x1a0/0x250
[  287.180989][    C1]  worker_thread+0x6c8/0xf70
[  287.181016][    C1]  ? __kthread_parkme+0x148/0x220
[  287.181052][    C1]  ? __pfx_worker_thread+0x10/0x10
[  287.181080][    C1]  kthread+0x2c1/0x3a0
[  287.181109][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.181144][    C1]  ? __pfx_kthread+0x10/0x10
[  287.181177][    C1]  ret_from_fork+0x45/0x80
[  287.181218][    C1]  ? __pfx_kthread+0x10/0x10
[  287.181270][    C1]  ret_from_fork_asm+0x1a/0x30
[  287.181317][    C1]  </TASK>
[  287.181326][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.673 msecs
[  287.181653][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  287.181672][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0
[  287.181708][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  287.181728][   T30] Call Trace:
[  287.181740][   T30]  <TASK>
[  287.181752][   T30]  dump_stack_lvl+0x3d/0x1f0
[  287.181800][   T30]  panic+0x6f5/0x7a0
[  287.181851][   T30]  ? __pfx_panic+0x10/0x10
[  287.181910][   T30]  ? __irq_work_queue_local+0x136/0x440
[  287.181981][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  287.182028][   T30]  ? irq_work_queue+0x2a/0x80
[  287.182080][   T30]  ? watchdog+0xd3d/0x1240
[  287.182114][   T30]  ? watchdog+0xd30/0x1240
[  287.182149][   T30]  watchdog+0xd4e/0x1240
[  287.182186][   T30]  ? __pfx_watchdog+0x10/0x10
[  287.182219][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  287.182268][   T30]  ? __kthread_parkme+0x148/0x220
[  287.182311][   T30]  ? __pfx_watchdog+0x10/0x10
[  287.182346][   T30]  kthread+0x2c1/0x3a0
[  287.182385][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.182428][   T30]  ? __pfx_kthread+0x10/0x10
[  287.182470][   T30]  ret_from_fork+0x45/0x80
[  287.182520][   T30]  ? __pfx_kthread+0x10/0x10
[  287.182561][   T30]  ret_from_fork_asm+0x1a/0x30
[  287.182616][   T30]  </TASK>
[  287.185985][   T30] Kernel Offset: disabled
[  287.662883][   T30] Rebooting in 86400 seconds..