[ 29.771083][ T3175] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 37.840656][ T27] kauditd_printk_skb: 37 callbacks suppressed [ 37.840673][ T27] audit: type=1400 audit(1649308188.234:73): avc: denied { transition } for pid=3380 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 37.871306][ T27] audit: type=1400 audit(1649308188.274:74): avc: denied { write } for pid=3380 comm="sh" path="pipe:[27655]" dev="pipefs" ino=27655 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 76.158182][ T6] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.196' (ECDSA) to the list of known hosts. executing program [ 484.377055][ T27] audit: type=1400 audit(1649308634.774:75): avc: denied { execmem } for pid=3624 comm="syz-executor145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 484.397001][ T27] audit: type=1400 audit(1649308634.774:76): avc: denied { read } for pid=3625 comm="syz-executor145" name="nbd0" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 executing program [ 484.421086][ T27] audit: type=1400 audit(1649308634.774:77): avc: denied { open } for pid=3625 comm="syz-executor145" path="/dev/nbd0" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 484.431011][ T51] block nbd0: Send control failed (result -32) [ 484.449145][ T27] audit: type=1400 audit(1649308634.774:78): avc: denied { ioctl } for pid=3625 comm="syz-executor145" path="/dev/nbd0" dev="devtmpfs" ino=660 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 484.451771][ T51] block nbd0: Request send failed, requeueing [ 484.483877][ T51] block nbd0: Dead connection, failed to find a fallback [ 484.491833][ T51] block nbd0: shutting down sockets [ 484.498129][ T51] I/O error, dev nbd0, sector 13730116639742934 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 484.509909][ T3627] block nbd0: Device being setup by another task [ 484.516845][ T9] I/O error, dev nbd0, sector 13730116639742934 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 executing program executing program [ 484.527472][ T9] Buffer I/O error on dev nbd0p4, logical block 1716264579706864, async page read [ 484.556369][ T3628] block nbd0: Device being setup by another task executing program [ 515.196254][ T51] block nbd0: Possible stuck request ffff88801c5f8200: control (read@7029819719548382208,4096B). Runtime 30 seconds [ 544.651141][ T2964] udevd[2964]: worker [3626] /devices/virtual/block/nbd0/nbd0p4 is taking a long time [ 664.812387][ T2964] udevd[2964]: worker [3626] /devices/virtual/block/nbd0/nbd0p4 timeout; kill it [ 664.822135][ T2964] udevd[2964]: seq 7417 '/devices/virtual/block/nbd0/nbd0p4' killed [ 716.156149][ T28] INFO: task syz-executor145:3630 blocked for more than 143 seconds. [ 716.164306][ T28] Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0 [ 716.171984][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.180780][ T28] task:syz-executor145 state:D stack:28224 pid: 3630 ppid: 3624 flags:0x00000004 [ 716.190184][ T28] Call Trace: [ 716.193464][ T28] [ 716.196572][ T28] __schedule+0xa9a/0x4940 [ 716.201108][ T28] ? io_schedule_timeout+0x140/0x140 [ 716.206578][ T28] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 716.212448][ T28] schedule+0xd2/0x1f0 [ 716.216695][ T28] blk_mq_freeze_queue_wait+0x112/0x160 [ 716.222292][ T28] ? blk_mq_queue_inflight+0xa0/0xa0 [ 716.227738][ T28] ? blk_mq_run_hw_queue+0x4a0/0x4a0 [ 716.233035][ T28] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 716.239036][ T28] nbd_add_socket+0x166/0x810 [ 716.243756][ T28] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.250199][ T28] ? cap_capable+0x1f1/0x280 [ 716.254850][ T28] ? nbd_genl_size_set+0x3e0/0x3e0 [ 716.260153][ T28] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.266540][ T28] ? security_capable+0x8f/0xc0 [ 716.271399][ T28] nbd_ioctl+0x38c/0xb10 [ 716.275634][ T28] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x400 [ 716.282384][ T28] ? blk_ioctl_discard+0x340/0x340 [ 716.287770][ T28] ? nbd_start_device+0xd10/0xd10 [ 716.292818][ T28] ? nbd_start_device+0xd10/0xd10 [ 716.297919][ T28] blkdev_ioctl+0x36e/0x800 [ 716.302608][ T28] ? blkdev_common_ioctl+0x17a0/0x17a0 [ 716.308226][ T28] ? selinux_file_ioctl+0xb1/0x270 [ 716.313352][ T28] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.319756][ T28] ? blkdev_common_ioctl+0x17a0/0x17a0 [ 716.325222][ T28] __x64_sys_ioctl+0x193/0x200 [ 716.330209][ T28] do_syscall_64+0x35/0xb0 [ 716.334650][ T28] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 716.340793][ T28] RIP: 0033:0x7f5f0d0f33e9 [ 716.345213][ T28] RSP: 002b:00007ffd5f102da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 716.353793][ T28] RAX: ffffffffffffffda RBX: 00000000000764b6 RCX: 00007f5f0d0f33e9 [ 716.361895][ T28] RDX: 0000000000000005 RSI: 000000000000ab00 RDI: 0000000000000004 [ 716.370021][ T28] RBP: 0000000000000000 R08: 00007ffd5f102f48 R09: 00007ffd5f102f48 [ 716.378131][ T28] R10: 00007ffd5f102f48 R11: 0000000000000246 R12: 00007ffd5f102dbc [ 716.386272][ T28] R13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000 [ 716.394259][ T28] [ 716.397479][ T28] [ 716.397479][ T28] Showing all locks held in the system: [ 716.405189][ T28] 1 lock held by khungtaskd/28: [ 716.410375][ T28] #0: ffffffff8bd7f360 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 716.420393][ T28] 2 locks held by kworker/u4:2/50: [ 716.425698][ T28] #0: ffff8880b9c3a058 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2b/0x120 [ 716.435815][ T28] #1: ffff8880b9c278c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3e7/0x4e0 [ 716.447354][ T28] 2 locks held by getty/3275: [ 716.452022][ T28] #0: ffff888025c8d098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 [ 716.461863][ T28] #1: ffffc90001bf92e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xcea/0x1230 [ 716.472026][ T28] 1 lock held by udevd/3626: [ 716.476973][ T28] #0: ffff88801c57c118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x99/0x950 [ 716.486632][ T28] 1 lock held by syz-executor145/3630: [ 716.492074][ T28] #0: ffff88801c4f5198 (&nbd->config_lock){+.+.}-{3:3}, at: nbd_ioctl+0x151/0xb10 [ 716.501531][ T28] [ 716.503859][ T28] ============================================= [ 716.503859][ T28] [ 716.512373][ T28] NMI backtrace for cpu 1 [ 716.516694][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0 [ 716.527695][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.537729][ T28] Call Trace: [ 716.540994][ T28] [ 716.543911][ T28] dump_stack_lvl+0xcd/0x134 [ 716.548532][ T28] nmi_cpu_backtrace.cold+0x47/0x144 [ 716.553808][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.559034][ T28] nmi_trigger_cpumask_backtrace+0x1e6/0x230 [ 716.565022][ T28] watchdog+0xc1d/0xf50 [ 716.569173][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 716.575160][ T28] kthread+0x2e9/0x3a0 [ 716.580108][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 716.585752][ T28] ret_from_fork+0x1f/0x30 [ 716.590197][ T28] [ 716.593315][ T28] Sending NMI from CPU 1 to CPUs 0: [ 716.598568][ C0] NMI backtrace for cpu 0 [ 716.598579][ C0] CPU: 0 PID: 50 Comm: kworker/u4:2 Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0 [ 716.598602][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.598617][ C0] Workqueue: events_unbound toggle_allocation_gate [ 716.598687][ C0] RIP: 0010:__lock_acquire+0x168a/0x56c0 [ 716.598716][ C0] Code: ed 60 58 fa 8f 48 89 5c 24 10 0f 84 a6 03 00 00 48 8d 14 ed 60 58 fa 8f 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 e4 2c 00 00 48 8b 1c ed 60 58 fa 8f 48 85 db 74 58 48 83 eb [ 716.598735][ C0] RSP: 0018:ffffc90000dbf7b8 EFLAGS: 00000046 [ 716.598752][ C0] RAX: dffffc0000000000 RBX: ffffffff8ffec728 RCX: ffffffff815c883e [ 716.598767][ C0] RDX: 1ffffffff1ffd8e5 RSI: 0000000000000008 RDI: ffffffff90035900 [ 716.598781][ C0] RBP: 0000000000008dd9 R08: 0000000000000000 R09: ffffffff90035907 [ 716.598795][ C0] R10: fffffbfff2006b20 R11: 0000000000000001 R12: ffff888011c6abc0 [ 716.598808][ C0] R13: ffff888011c6a0c0 R14: 0000000000000000 R15: 623d1377ab3a24ec [ 716.598822][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 716.598843][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 716.598858][ C0] CR2: 0000557e13d9c600 CR3: 000000000ba8e000 CR4: 00000000003506f0 [ 716.598872][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 716.598884][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 716.598897][ C0] Call Trace: [ 716.598902][ C0] [ 716.598910][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 716.598937][ C0] ? __lock_acquire+0x163e/0x56c0 [ 716.598961][ C0] lock_acquire+0x1ab/0x510 [ 716.598984][ C0] ? arch_jump_label_transform_queue+0x58/0x100 [ 716.599033][ C0] ? lock_release+0x720/0x720 [ 716.599057][ C0] __mutex_lock+0x12f/0x12f0 [ 716.599079][ C0] ? arch_jump_label_transform_queue+0x58/0x100 [ 716.599104][ C0] ? arch_jump_label_transform_queue+0x58/0x100 [ 716.599130][ C0] ? mutex_lock_io_nested+0x1150/0x1150 [ 716.599153][ C0] ? __mutex_lock+0x21a/0x12f0 [ 716.599173][ C0] ? static_key_disable_cpuslocked+0x108/0x1b0 [ 716.599216][ C0] arch_jump_label_transform_queue+0x58/0x100 [ 716.599242][ C0] __jump_label_update+0x12e/0x400 [ 716.599265][ C0] jump_label_update+0x32f/0x410 [ 716.599286][ C0] static_key_disable_cpuslocked+0x152/0x1b0 [ 716.599309][ C0] static_key_disable+0x16/0x20 [ 716.599331][ C0] toggle_allocation_gate+0x183/0x390 [ 716.599354][ C0] ? lock_release+0x720/0x720 [ 716.599377][ C0] ? wake_up_kfence_timer+0x20/0x20 [ 716.599399][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 716.599426][ C0] process_one_work+0x996/0x1610 [ 716.599449][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 716.599471][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 716.599495][ C0] ? _raw_spin_lock_irq+0x41/0x50 [ 716.599519][ C0] worker_thread+0x665/0x1080 [ 716.599541][ C0] ? process_one_work+0x1610/0x1610 [ 716.599562][ C0] kthread+0x2e9/0x3a0 [ 716.599586][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 716.599613][ C0] ret_from_fork+0x1f/0x30 [ 716.599638][ C0] [ 716.599645][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.077 msecs [ 716.600593][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 716.918513][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0 [ 716.928399][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.938447][ T28] Call Trace: [ 716.941725][ T28] [ 716.944645][ T28] dump_stack_lvl+0xcd/0x134 [ 716.949241][ T28] panic+0x2d7/0x636 [ 716.953173][ T28] ? panic_print_sys_info.part.0+0x10b/0x10b [ 716.959152][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.964354][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 716.969897][ T28] ? nmi_trigger_cpumask_backtrace+0x1c9/0x230 [ 716.976048][ T28] ? watchdog.cold+0x130/0x158 [ 716.980822][ T28] watchdog.cold+0x141/0x158 [ 716.985407][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 716.991386][ T28] kthread+0x2e9/0x3a0 [ 716.995456][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 717.001091][ T28] ret_from_fork+0x1f/0x30 [ 717.005506][ T28] [ 717.008798][ T28] Kernel Offset: disabled [ 717.013116][ T28] Rebooting in 86400 seconds..