./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor877413928

<...>
Warning: Permanently added '10.128.1.229' (ED25519) to the list of known hosts.
execve("./syz-executor877413928", ["./syz-executor877413928"], 0x7ffdc4a04c00 /* 10 vars */) = 0
brk(NULL)                               = 0x5555709f1000
brk(0x5555709f1d00)                     = 0x5555709f1d00
arch_prctl(ARCH_SET_FS, 0x5555709f1380) = 0
set_tid_address(0x5555709f1650)         = 5222
set_robust_list(0x5555709f1660, 24)     = 0
rseq(0x5555709f1ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor877413928", 4096) = 27
getrandom("\xb6\xb9\x3a\x01\xef\x25\x6e\x90", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555709f1d00
brk(0x555570a12d00)                     = 0x555570a12d00
brk(0x555570a13000)                     = 0x555570a13000
mprotect(0x7fa338ac4000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5223 attached
 <unfinished ...>
[pid  5223] set_robust_list(0x5555709f1660, 24 <unfinished ...>
[pid  5222] <... clone resumed>, child_tidptr=0x5555709f1650) = 5223
[pid  5223] <... set_robust_list resumed>) = 0
[pid  5223] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5223] setsid()                    = 1
[pid  5223] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5223] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5223] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5223] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5223] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5223] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5223] unshare(CLONE_NEWNS)        = 0
[pid  5223] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5223] unshare(CLONE_NEWIPC)       = 0
[pid  5223] unshare(CLONE_NEWCGROUP)    = 0
[pid  5223] unshare(CLONE_NEWUTS)       = 0
[pid  5223] unshare(CLONE_SYSVSEM)      = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "16777216", 8)     = 8
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "536870912", 9)    = 9
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "1024", 4)         = 4
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "8192", 4)         = 4
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "1024", 4)         = 4
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "1024", 4)         = 4
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5223] close(3)                    = 0
[pid  5223] getpid()                    = 1
[pid  5223] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5223] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5223] unshare(CLONE_NEWNET)       = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "0 65535", 7)      = 7
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/dev/net/tun", O_RDWR|O_NONBLOCK) = 3
[pid  5223] dup2(3, 200)                = 200
[pid  5223] close(3)                    = 0
[pid  5223] ioctl(200, TUNSETIFF, 0x7ffe2d34f9b0) = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/accept_dad", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "0", 1)            = 1
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/net/ipv6/conf/syz_tun/router_solicitations", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "0", 1)            = 1
[pid  5223] close(3)                    = 0
[pid  5223] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
[pid  5223] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5223] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5223] close(4)                    = 0
[pid  5223] sendto(3, [{nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x18\x00\x00\x0b\x00\x00\x00\x08\x00\x02\x00\xac\x14\x14\xaa\x08\x00\x01\x00\xac\x14\x14\xaa"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid  5223] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5223] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5223] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5223] close(4)                    = 0
[pid  5223] sendto(3, [{nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x78\x00\x00\x0b\x00\x00\x00\x14\x00\x02\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid  5223] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x14 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x500, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5223] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5223] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5223] close(4)                    = 0
[pid  5223] sendto(3, [{nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x02\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x08\x00\x01\x00\xac\x14\x14\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 48, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 48
[pid  5223] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=48, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5223] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5223] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5223] close(4)                    = 0
[pid  5223] sendto(3, [{nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}, "\x0a\x00\x00\x00\x0b\x00\x00\x00\x80\x00\x00\x00\x14\x00\x01\x00\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x0a\x00\x02\x00\xbb\xaa\xaa\xaa\xaa\xaa\x00\x00"], 60, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 60
[pid  5223] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=60, nlmsg_type=0x1c /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|0x600, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5223] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid  5223] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0
[pid  5223] close(4)                    = 0
[pid  5223] sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0a\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\xaa\x00\x00"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
[pid  5223] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5223] close(3)                    = 0
[pid  5223] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5223] write(3, "100000", 6)       = 6
[pid  5223] close(3)                    = 0
[pid  5223] mkdir("./syz-tmp", 0777)    = 0
[pid  5223] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5223] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5223] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5223] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5223] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5223] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5223] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5223] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5223] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5223] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5223] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5223] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5223] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5223] chdir("/")                  = 0
[pid  5223] umount2("./pivot", MNT_DETACH) = 0
[pid  5223] chroot("./newroot")         = 0
[pid  5223] chdir("/")                  = 0
[pid  5223] mkdir("/dev/binderfs", 0777) = 0
[pid  5223] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5223] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5223] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5226 attached
, child_tidptr=0x5555709f1650) = 2
[pid  5226] set_robust_list(0x5555709f1660, 24) = 0
[pid  5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5226] setpgid(0, 0)               = 0
[pid  5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5226] write(3, "1000", 4)         = 4
[pid  5226] close(3)                    = 0
[pid  5226] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5226] read(200, 0x7ffe2d34f550, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5226] write(1, "executing program\n", 18executing program
) = 18
[pid  5226] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5226] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5226] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5226] recvfrom(4, [{nlmsg_len=996, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=2}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00\x06\x00\x01\x00\x16\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x00\x00\x00\x00\x88\x03\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 996
[pid  5226] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=2}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5226] close(4)                    = 0
[pid  5226] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x2c\x00\x00\x00\x16\x00\x0d\x00\x00\x00\x00\x10\x00\x00\x00\x00\x1a\x00\x00\x00\x18\x00\x01\x80\x14\x00\x02\x00\x73\x79\x7a\x5f\x74\x75\x6e\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=44}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 44
[   58.975258][ T5226] 
[   58.977608][ T5226] ================================================
[   58.984090][ T5226] WARNING: lock held when returning to user space!
[   58.990591][ T5226] 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0 Not tainted
[   58.997683][ T5226] ------------------------------------------------
[   59.004153][ T5226] syz-executor877/5226 is leaving the kernel with locks still held!
[   59.012125][ T5226] 1 lock held by syz-executor877/5226:
[pid  5226] close(3)                    = 0
[pid  5226] close(4)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5226] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5226] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5226] exit_group(0)               = ?
[pid  5226] +++ exited with 0 +++
[pid  5223] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[pid  5223] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5223] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached
, child_tidptr=0x5555709f1650) = 3
[pid  5227] set_robust_list(0x5555709f1660, 24) = 0
[pid  5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5227] setpgid(0, 0)               = 0
[pid  5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5227] write(3, "1000", 4)         = 4
[pid  5227] close(3)                    = 0
[pid  5227] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110
[pid  5227] read(200, 0x7ffe2d34f550, 1000) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5227] write(1, "executing program\n", 18executing program
[   59.017560][ T5226]  #0: ffffffff8fc84b88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_act_cable_test+0x187/0x3f0
) = 18
[pid  5227] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid  5227] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
[pid  5227] sendto(4, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid  5227] recvfrom(4, [{nlmsg_len=996, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x65\x74\x68\x74\x6f\x6f\x6c\x00\x06\x00\x01\x00\x16\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x00\x00\x00\x00\x88\x03\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 996
[pid  5227] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid  5227] close(4)                    = 0
[   59.100242][ T5227] ==================================================================
[   59.108326][ T5227] BUG: KASAN: slab-use-after-free in __mutex_lock+0xcf5/0xd70
[   59.115776][ T5227] Read of size 4 at addr ffff888028d25a34 by task syz-executor877/5227
[   59.123992][ T5227] 
[   59.126307][ T5227] CPU: 1 UID: 0 PID: 5227 Comm: syz-executor877 Not tainted 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0
[   59.137398][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   59.147435][ T5227] Call Trace:
[   59.150693][ T5227]  <TASK>
[   59.153606][ T5227]  dump_stack_lvl+0x241/0x360
[   59.158274][ T5227]  ? __pfx_dump_stack_lvl+0x10/0x10
[   59.163499][ T5227]  ? __pfx__printk+0x10/0x10
[   59.168091][ T5227]  ? _printk+0xd5/0x120
[   59.172231][ T5227]  ? __virt_addr_valid+0x183/0x530
[   59.177325][ T5227]  ? __virt_addr_valid+0x183/0x530
[   59.182421][ T5227]  print_report+0x169/0x550
[   59.186918][ T5227]  ? __virt_addr_valid+0x183/0x530
[   59.192014][ T5227]  ? __virt_addr_valid+0x183/0x530
[   59.197108][ T5227]  ? __virt_addr_valid+0x45f/0x530
[   59.202200][ T5227]  ? __phys_addr+0xba/0x170
[   59.206688][ T5227]  ? __mutex_lock+0xcf5/0xd70
[   59.211357][ T5227]  kasan_report+0x143/0x180
[   59.215849][ T5227]  ? __mutex_lock+0xcf5/0xd70
[   59.220517][ T5227]  __mutex_lock+0xcf5/0xd70
[   59.225007][ T5227]  ? netdev_get_by_name+0x7c/0xb0
[   59.230023][ T5227]  ? ethnl_parse_header_dev_get+0x690/0x990
[   59.235902][ T5227]  ? ethnl_act_cable_test+0x187/0x3f0
[   59.241262][ T5227]  ? __pfx___mutex_lock+0x10/0x10
[   59.246276][ T5227]  ethnl_act_cable_test+0x187/0x3f0
[   59.251464][ T5227]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   59.257175][ T5227]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[   59.263493][ T5227]  genl_rcv_msg+0xb14/0xec0
[   59.267989][ T5227]  ? __pfx_genl_rcv_msg+0x10/0x10
[   59.273001][ T5227]  ? __pfx_stack_trace_save+0x10/0x10
[   59.278360][ T5227]  ? stack_trace_save+0x118/0x1d0
[   59.283368][ T5227]  ? stack_depot_save_flags+0x29/0x830
[   59.288818][ T5227]  ? rcu_is_watching+0x15/0xb0
[   59.293574][ T5227]  ? __pfx_lock_acquire+0x10/0x10
[   59.298585][ T5227]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   59.304293][ T5227]  ? __pfx___might_resched+0x10/0x10
[   59.309565][ T5227]  ? rcu_is_watching+0x15/0xb0
[   59.314315][ T5227]  ? lock_acquire+0xe3/0x550
[   59.318893][ T5227]  netlink_rcv_skb+0x1e3/0x430
[   59.323642][ T5227]  ? __pfx_genl_rcv_msg+0x10/0x10
[   59.328653][ T5227]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   59.333922][ T5227]  ? lock_release+0xbf/0xa30
[   59.338506][ T5227]  ? __pfx___netlink_lookup+0x10/0x10
[   59.343884][ T5227]  ? net_generic+0x1f/0x240
[   59.348387][ T5227]  genl_rcv+0x28/0x40
[   59.352357][ T5227]  netlink_unicast+0x7f6/0x990
[   59.357126][ T5227]  ? __pfx_netlink_unicast+0x10/0x10
[   59.362406][ T5227]  ? __virt_addr_valid+0x183/0x530
[   59.367503][ T5227]  ? __check_object_size+0x49c/0x900
[   59.372772][ T5227]  ? bpf_lsm_netlink_send+0x9/0x10
[   59.377871][ T5227]  netlink_sendmsg+0x8e4/0xcb0
[   59.382625][ T5227]  ? __pfx_netlink_sendmsg+0x10/0x10
[   59.387896][ T5227]  ? __import_iovec+0x536/0x820
[   59.392736][ T5227]  ? aa_sock_msg_perm+0x91/0x160
[   59.397661][ T5227]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   59.402932][ T5227]  ? security_socket_sendmsg+0x87/0xb0
[   59.408382][ T5227]  ? __pfx_netlink_sendmsg+0x10/0x10
[   59.413650][ T5227]  __sock_sendmsg+0x221/0x270
[   59.418316][ T5227]  ____sys_sendmsg+0x525/0x7d0
[   59.423070][ T5227]  ? __pfx_____sys_sendmsg+0x10/0x10
[   59.428342][ T5227]  ? do_raw_spin_lock+0x14f/0x370
[   59.433355][ T5227]  __sys_sendmsg+0x2b0/0x3a0
[   59.437934][ T5227]  ? __pfx___sys_sendmsg+0x10/0x10
[   59.443044][ T5227]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   59.449380][ T5227]  ? _raw_spin_unlock_irq+0x2e/0x50
[   59.454577][ T5227]  ? ptrace_notify+0x279/0x380
[   59.459332][ T5227]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   59.465647][ T5227]  ? rcu_is_watching+0x15/0xb0
[   59.470399][ T5227]  do_syscall_64+0xf3/0x230
[   59.474906][ T5227]  ? clear_bhb_loop+0x35/0x90
[   59.479578][ T5227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.485480][ T5227] RIP: 0033:0x7fa338a4c839
[   59.489892][ T5227] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   59.509489][ T5227] RSP: 002b:00007ffe2d34f948 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   59.517889][ T5227] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fa338a4c839
[   59.525843][ T5227] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   59.533794][ T5227] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00007ffe2d34fa78
[   59.541747][ T5227] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000e633
[   59.549714][ T5227] R13: 00007ffe2d34f964 R14: 00007ffe2d34f980 R15: 00007ffe2d34f970
[   59.557684][ T5227]  </TASK>
[   59.560695][ T5227] 
[   59.562999][ T5227] Allocated by task 5223:
[   59.567304][ T5227]  kasan_save_track+0x3f/0x80
[   59.571971][ T5227]  __kasan_slab_alloc+0x66/0x80
[   59.576806][ T5227]  kmem_cache_alloc_node_noprof+0x16b/0x320
[   59.582681][ T5227]  dup_task_struct+0x57/0x8c0
[   59.587352][ T5227]  copy_process+0x5d1/0x3e10
[   59.591934][ T5227]  kernel_clone+0x226/0x8f0
[   59.596423][ T5227]  __x64_sys_clone+0x258/0x2a0
[   59.601170][ T5227]  do_syscall_64+0xf3/0x230
[   59.605657][ T5227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.611535][ T5227] 
[   59.613845][ T5227] Freed by task 16:
[   59.617630][ T5227]  kasan_save_track+0x3f/0x80
[   59.622293][ T5227]  kasan_save_free_info+0x40/0x50
[   59.627298][ T5227]  poison_slab_object+0xe0/0x150
[   59.632226][ T5227]  __kasan_slab_free+0x37/0x60
[   59.636976][ T5227]  kmem_cache_free+0x145/0x350
[   59.641729][ T5227]  delayed_put_task_struct+0x125/0x300
[   59.647176][ T5227]  rcu_core+0xafd/0x1830
[   59.651405][ T5227]  handle_softirqs+0x2c4/0x970
[   59.656152][ T5227]  run_ksoftirqd+0xca/0x130
[   59.660643][ T5227]  smpboot_thread_fn+0x544/0xa30
[   59.665571][ T5227]  kthread+0x2f0/0x390
[   59.669627][ T5227]  ret_from_fork+0x4b/0x80
[   59.674031][ T5227]  ret_from_fork_asm+0x1a/0x30
[   59.678781][ T5227] 
[   59.681085][ T5227] Last potentially related work creation:
[   59.686777][ T5227]  kasan_save_stack+0x3f/0x60
[   59.691437][ T5227]  __kasan_record_aux_stack+0xac/0xc0
[   59.696789][ T5227]  call_rcu+0x167/0xa70
[   59.700930][ T5227]  release_task+0x16ec/0x1830
[   59.705595][ T5227]  wait_consider_task+0x1a14/0x2e60
[   59.710775][ T5227]  __do_wait+0x1b0/0x850
[   59.714996][ T5227]  do_wait+0x1e9/0x560
[   59.719046][ T5227]  kernel_wait4+0x2a7/0x3e0
[   59.723526][ T5227]  __x64_sys_wait4+0x134/0x1e0
[   59.728269][ T5227]  do_syscall_64+0xf3/0x230
[   59.732753][ T5227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.738629][ T5227] 
[   59.740932][ T5227] The buggy address belongs to the object at ffff888028d25a00
[   59.740932][ T5227]  which belongs to the cache task_struct of size 7424
[   59.755142][ T5227] The buggy address is located 52 bytes inside of
[   59.755142][ T5227]  freed 7424-byte region [ffff888028d25a00, ffff888028d27700)
[   59.768914][ T5227] 
[   59.771218][ T5227] The buggy address belongs to the physical page:
[   59.777612][ T5227] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28d20
[   59.786359][ T5227] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   59.794834][ T5227] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   59.802449][ T5227] page_type: 0xfdffffff(slab)
[   59.807108][ T5227] raw: 00fff00000000040 ffff8880166fd500 ffffea000070a600 dead000000000002
[   59.815670][ T5227] raw: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[   59.824232][ T5227] head: 00fff00000000040 ffff8880166fd500 ffffea000070a600 dead000000000002
[   59.832883][ T5227] head: 0000000000000000 0000000000040004 00000001fdffffff 0000000000000000
[   59.841530][ T5227] head: 00fff00000000003 ffffea0000a34801 ffffffffffffffff 0000000000000000
[   59.850177][ T5227] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   59.858822][ T5227] page dumped because: kasan: bad access detected
[   59.865216][ T5227] page_owner tracks the page as allocated
[   59.870911][ T5227] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 965, tgid 965 (kworker/u8:5), ts 10067893112, free_ts 0
[   59.891295][ T5227]  post_alloc_hook+0x1f3/0x230
[   59.896058][ T5227]  get_page_from_freelist+0x2e4c/0x2f10
[   59.901590][ T5227]  __alloc_pages_noprof+0x256/0x6c0
[   59.906772][ T5227]  alloc_slab_page+0x5f/0x120
[   59.911431][ T5227]  allocate_slab+0x5a/0x2f0
[   59.915924][ T5227]  ___slab_alloc+0xcd1/0x14b0
[   59.920584][ T5227]  __slab_alloc+0x58/0xa0
[   59.924894][ T5227]  kmem_cache_alloc_node_noprof+0x1fe/0x320
[   59.930770][ T5227]  dup_task_struct+0x57/0x8c0
[   59.935430][ T5227]  copy_process+0x5d1/0x3e10
[   59.940006][ T5227]  kernel_clone+0x226/0x8f0
[   59.944491][ T5227]  user_mode_thread+0x132/0x1a0
[   59.949327][ T5227]  call_usermodehelper_exec_work+0x5c/0x230
[   59.955201][ T5227]  process_scheduled_works+0xa2c/0x1830
[   59.960818][ T5227]  worker_thread+0x86d/0xd40
[   59.965399][ T5227]  kthread+0x2f0/0x390
[   59.969451][ T5227] page_owner free stack trace missing
[   59.974794][ T5227] 
[   59.977099][ T5227] Memory state around the buggy address:
[   59.982706][ T5227]  ffff888028d25900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   59.990747][ T5227]  ffff888028d25980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   59.998788][ T5227] >ffff888028d25a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.006827][ T5227]                                      ^
[   60.012435][ T5227]  ffff888028d25a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.020474][ T5227]  ffff888028d25b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   60.028510][ T5227] ==================================================================
[   60.036852][ T5227] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   60.044061][ T5227] CPU: 1 UID: 0 PID: 5227 Comm: syz-executor877 Not tainted 6.11.0-rc4-syzkaller-00565-gf9db28bb09f4 #0
[   60.055153][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   60.065193][ T5227] Call Trace:
[   60.068456][ T5227]  <TASK>
[   60.071374][ T5227]  dump_stack_lvl+0x241/0x360
[   60.076040][ T5227]  ? __pfx_dump_stack_lvl+0x10/0x10
[   60.081220][ T5227]  ? __pfx__printk+0x10/0x10
[   60.085791][ T5227]  ? rcu_is_watching+0x15/0xb0
[   60.090540][ T5227]  ? lock_release+0xbf/0xa30
[   60.095115][ T5227]  ? vscnprintf+0x5d/0x90
[   60.099433][ T5227]  panic+0x349/0x860
[   60.103309][ T5227]  ? check_panic_on_warn+0x21/0xb0
[   60.108402][ T5227]  ? __pfx_panic+0x10/0x10
[   60.112801][ T5227]  ? trace_irq_enable+0x2c/0x120
[   60.117722][ T5227]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[   60.123601][ T5227]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   60.129479][ T5227]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   60.135793][ T5227]  ? print_report+0x502/0x550
[   60.140459][ T5227]  check_panic_on_warn+0x86/0xb0
[   60.145378][ T5227]  ? __mutex_lock+0xcf5/0xd70
[   60.150038][ T5227]  end_report+0x77/0x160
[   60.154267][ T5227]  kasan_report+0x154/0x180
[   60.158760][ T5227]  ? __mutex_lock+0xcf5/0xd70
[   60.163422][ T5227]  __mutex_lock+0xcf5/0xd70
[   60.167912][ T5227]  ? netdev_get_by_name+0x7c/0xb0
[   60.172925][ T5227]  ? ethnl_parse_header_dev_get+0x690/0x990
[   60.178802][ T5227]  ? ethnl_act_cable_test+0x187/0x3f0
[   60.184161][ T5227]  ? __pfx___mutex_lock+0x10/0x10
[   60.189172][ T5227]  ethnl_act_cable_test+0x187/0x3f0
[   60.194357][ T5227]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   60.200063][ T5227]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[   60.206380][ T5227]  genl_rcv_msg+0xb14/0xec0
[   60.210872][ T5227]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.215885][ T5227]  ? __pfx_stack_trace_save+0x10/0x10
[   60.221244][ T5227]  ? stack_trace_save+0x118/0x1d0
[   60.226253][ T5227]  ? stack_depot_save_flags+0x29/0x830
[   60.231696][ T5227]  ? rcu_is_watching+0x15/0xb0
[   60.236451][ T5227]  ? __pfx_lock_acquire+0x10/0x10
[   60.241461][ T5227]  ? __pfx_ethnl_act_cable_test+0x10/0x10
[   60.247169][ T5227]  ? __pfx___might_resched+0x10/0x10
[   60.252436][ T5227]  ? rcu_is_watching+0x15/0xb0
[   60.257186][ T5227]  ? lock_acquire+0xe3/0x550
[   60.261762][ T5227]  netlink_rcv_skb+0x1e3/0x430
[   60.266508][ T5227]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.271518][ T5227]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   60.276790][ T5227]  ? lock_release+0xbf/0xa30
[   60.281372][ T5227]  ? __pfx___netlink_lookup+0x10/0x10
[   60.286729][ T5227]  ? net_generic+0x1f/0x240
[   60.291218][ T5227]  genl_rcv+0x28/0x40
[   60.295181][ T5227]  netlink_unicast+0x7f6/0x990
[   60.299935][ T5227]  ? __pfx_netlink_unicast+0x10/0x10
[   60.305204][ T5227]  ? __virt_addr_valid+0x183/0x530
[   60.310298][ T5227]  ? __check_object_size+0x49c/0x900
[   60.315563][ T5227]  ? bpf_lsm_netlink_send+0x9/0x10
[   60.320661][ T5227]  netlink_sendmsg+0x8e4/0xcb0
[   60.325410][ T5227]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.330685][ T5227]  ? __import_iovec+0x536/0x820
[   60.335520][ T5227]  ? aa_sock_msg_perm+0x91/0x160
[   60.340442][ T5227]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   60.345712][ T5227]  ? security_socket_sendmsg+0x87/0xb0
[   60.351161][ T5227]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.356425][ T5227]  __sock_sendmsg+0x221/0x270
[   60.361085][ T5227]  ____sys_sendmsg+0x525/0x7d0
[   60.365840][ T5227]  ? __pfx_____sys_sendmsg+0x10/0x10
[   60.371109][ T5227]  ? do_raw_spin_lock+0x14f/0x370
[   60.376119][ T5227]  __sys_sendmsg+0x2b0/0x3a0
[   60.380732][ T5227]  ? __pfx___sys_sendmsg+0x10/0x10
[   60.385845][ T5227]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   60.392171][ T5227]  ? _raw_spin_unlock_irq+0x2e/0x50
[   60.397362][ T5227]  ? ptrace_notify+0x279/0x380
[   60.402117][ T5227]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   60.408431][ T5227]  ? rcu_is_watching+0x15/0xb0
[   60.413188][ T5227]  do_syscall_64+0xf3/0x230
[   60.417680][ T5227]  ? clear_bhb_loop+0x35/0x90
[   60.422346][ T5227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.428227][ T5227] RIP: 0033:0x7fa338a4c839
[   60.432637][ T5227] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   60.452233][ T5227] RSP: 002b:00007ffe2d34f948 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.460636][ T5227] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fa338a4c839
[   60.471543][ T5227] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   60.479499][ T5227] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00007ffe2d34fa78
[   60.487451][ T5227] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000e633
[   60.495404][ T5227] R13: 00007ffe2d34f964 R14: 00007ffe2d34f980 R15: 00007ffe2d34f970
[   60.503365][ T5227]  </TASK>
[   60.506569][ T5227] Kernel Offset: disabled
[   60.510879][ T5227] Rebooting in 86400 seconds..