./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4210628791 <...> Warning: Permanently added '10.128.0.136' (ED25519) to the list of known hosts. execve("./syz-executor4210628791", ["./syz-executor4210628791"], 0x7ffed76c4910 /* 10 vars */) = 0 brk(NULL) = 0x55555730c000 brk(0x55555730cd40) = 0x55555730cd40 arch_prctl(ARCH_SET_FS, 0x55555730c3c0) = 0 set_tid_address(0x55555730c690) = 5020 set_robust_list(0x55555730c6a0, 24) = 0 rseq(0x55555730cce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4210628791", 4096) = 28 getrandom("\xbc\x03\x06\x96\xb8\x30\x10\x61", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555730cd40 brk(0x55555732dd40) = 0x55555732dd40 brk(0x55555732e000) = 0x55555732e000 mprotect(0x7fbe898b0000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5021 attached , child_tidptr=0x55555730c690) = 5021 [pid 5021] set_robust_list(0x55555730c6a0, 24) = 0 [pid 5021] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5021] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5021] setsid() = 1 [pid 5021] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5021] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5021] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5021] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5021] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5021] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5021] unshare(CLONE_NEWNS) = 0 [pid 5021] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5021] unshare(CLONE_NEWIPC) = 0 [pid 5021] unshare(CLONE_NEWCGROUP) = 0 [pid 5021] unshare(CLONE_NEWUTS) = 0 [pid 5021] unshare(CLONE_SYSVSEM) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "16777216", 8) = 8 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "536870912", 9) = 9 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1024", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "8192", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1024", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1024", 4) = 4 [pid 5021] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5021] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5021] close(3) = 0 [pid 5021] getpid() = 1 [pid 5021] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< {parent_tid=[3]}, 88) = 3 [pid 5032] rseq(0x7fbe897e9fe0, 0x20, 0, 0x53053053) = 0 [pid 5032] set_robust_list(0x7fbe897e99a0, 24) = 0 [pid 5032] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5032] pipe([3, 4]) = 0 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5032] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 5 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5032] close(5) = 0 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5032] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 5 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5032] setsockopt(5, SOL_SOCKET, SO_BROADCAST, [50], 4) = 0 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5032] futex(0x7fbe898b6428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5032] <... futex resumed>) = 0 [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] bind(5, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("172.20.20.21")}, 16) = 0 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5031] <... futex resumed>) = 0 [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] connect(5, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("255.255.255.255")}, 16) = 0 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5031] <... futex resumed>) = 0 [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] sendmmsg(5, [{msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=-301, msg_iov=[{iov_base="\x4f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=1406}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, msg_len=1406}, {msg_hdr={msg_name=0xffffffff00000002, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=0x4f, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name={sa_family=0x4f /* AF_??? */, sa_data="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"}, msg_namelen=1406, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}, ...], 957, MSG_CONFIRM|MSG_MORE) = 957 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5031] <... futex resumed>) = 0 [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00", 8) = 8 [pid 5032] futex(0x7fbe898b642c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5031] <... futex resumed>) = 0 [pid 5031] futex(0x7fbe898b6428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5031] futex(0x7fbe898b642c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5032] splice(3, NULL, 5, NULL, 327648, 0 [pid 5031] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5031] close(3) = 0 [pid 5031] close(4 [pid 5021] kill(-2, SIGKILL) = 0 [pid 5021] kill(2, SIGKILL) = 0 [pid 5021] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5021] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5021] getdents64(3, 0x55555730d730 /* 2 entries */, 32768) = 48 [pid 5021] getdents64(3, 0x55555730d730 /* 0 entries */, 32768) = 0 [pid 5021] close(3) = 0 [ 70.718506][ T22] cfg80211: failed to load regulatory.db [ 285.751254][ T28] INFO: task syz-executor421:5031 blocked for more than 143 seconds. [ 285.759592][ T28] Not tainted 6.5.0-rc1-syzkaller-00006-g3f01e9fed845 #0 [ 285.773347][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.782196][ T28] task:syz-executor421 state:D stack:27728 pid:5031 ppid:5021 flags:0x00004006 [ 285.791931][ T28] Call Trace: [ 285.795204][ T28] [ 285.798213][ T28] __schedule+0xc9a/0x5880 [ 285.803548][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 285.809531][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 285.815714][ T28] ? io_schedule_timeout+0x150/0x150 [ 285.821159][ T28] ? __mutex_lock+0xa36/0x1350 [ 285.825936][ T28] schedule+0xde/0x1a0 [ 285.829997][ T28] schedule_preempt_disabled+0x13/0x20 [ 285.835900][ T28] __mutex_lock+0xa3b/0x1350 [ 285.840497][ T28] ? pipe_release+0x4d/0x310 [ 285.845327][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 285.851025][ T28] ? fcntl_setlk+0xc80/0xc80 [ 285.855626][ T28] ? free_pipe_info+0x3b0/0x3b0 [ 285.860474][ T28] pipe_release+0x4d/0x310 [ 285.865148][ T28] ? free_pipe_info+0x3b0/0x3b0 [ 285.870003][ T28] __fput+0x40c/0xad0 [ 285.874258][ T28] task_work_run+0x16f/0x270 [ 285.878860][ T28] ? task_work_cancel+0x30/0x30 [ 285.883926][ T28] ptrace_notify+0x118/0x140 [ 285.888513][ T28] syscall_exit_to_user_mode_prepare+0x129/0x220 [ 285.895038][ T28] syscall_exit_to_user_mode+0xd/0x50 [ 285.900411][ T28] do_syscall_64+0x46/0xb0 [ 285.905506][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 285.912344][ T28] RIP: 0033:0x7fbe8982b7da [ 285.916753][ T28] RSP: 002b:00007ffd74cb3820 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 285.925367][ T28] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007fbe8982b7da [ 285.933560][ T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 285.941685][ T28] RBP: 000000000000000a R08: 0000000000000000 R09: 00007ffd74d90080 [ 285.949656][ T28] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000a9f7 [ 285.957809][ T28] R13: 000000000000aa29 R14: 00007fbe898b642c R15: 00007fbe898b6420 [ 285.965957][ T28] [ 285.969008][ T28] [ 285.969008][ T28] Showing all locks held in the system: [ 285.977009][ T28] 1 lock held by rcu_tasks_kthre/13: [ 285.982467][ T28] #0: ffffffff8c9a3af0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 285.993178][ T28] 1 lock held by rcu_tasks_trace/14: [ 285.998453][ T28] #0: ffffffff8c9a37f0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 [ 286.009685][ T28] 1 lock held by khungtaskd/28: [ 286.015050][ T28] #0: ffffffff8c9a4700 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340 [ 286.025151][ T28] 2 locks held by getty/4773: [ 286.029819][ T28] #0: ffff88802d33a098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 286.039804][ T28] #1: ffffc900015c02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xf08/0x13f0 [ 286.050057][ T28] 1 lock held by syz-executor421/5031: [ 286.055645][ T28] #0: ffff888022606868 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_release+0x4d/0x310 [ 286.065106][ T28] 2 locks held by syz-executor421/5032: [ 286.070639][ T28] [ 286.073169][ T28] ============================================= [ 286.073169][ T28] [ 286.081745][ T28] NMI backtrace for cpu 1 [ 286.086147][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.5.0-rc1-syzkaller-00006-g3f01e9fed845 #0 [ 286.095936][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 286.105984][ T28] Call Trace: [ 286.109248][ T28] [ 286.112168][ T28] dump_stack_lvl+0xd9/0x150 [ 286.116756][ T28] nmi_cpu_backtrace+0x29c/0x350 [ 286.121687][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.126879][ T28] nmi_trigger_cpumask_backtrace+0x2a4/0x300 [ 286.132857][ T28] watchdog+0xe16/0x1090 [ 286.137097][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.143072][ T28] kthread+0x344/0x440 [ 286.147130][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.152747][ T28] ret_from_fork+0x1f/0x30 [ 286.157161][ T28] [ 286.160589][ T28] Sending NMI from CPU 1 to CPUs 0: [ 286.165816][ C0] NMI backtrace for cpu 0 [ 286.165823][ C0] CPU: 0 PID: 5032 Comm: syz-executor421 Not tainted 6.5.0-rc1-syzkaller-00006-g3f01e9fed845 #0 [ 286.165835][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 286.165841][ C0] RIP: 0010:__ip_append_data+0x957/0x3c90 [ 286.165862][ C0] Code: 31 ff 29 eb 89 de e8 d8 6d e9 f8 85 db 0f 8e b5 1a 00 00 e8 ab 71 e9 f8 48 8b 44 24 38 41 39 de 41 0f 4e de 41 89 dc 80 38 00 <0f> 85 15 29 00 00 48 8b 44 24 18 48 8b 18 48 8d bb f0 00 00 00 48 [ 286.165873][ C0] RSP: 0018:ffffc90003b9f520 EFLAGS: 00000246 [ 286.165882][ C0] RAX: ffffed100fab0f00 RBX: 0000000000000006 RCX: 0000000000000000 [ 286.165889][ C0] RDX: ffff888019e95940 RSI: ffffffff889b7015 RDI: 0000000000000005 [ 286.165895][ C0] RBP: 000000000000001c R08: 0000000000000005 R09: 0000000000000000 [ 286.165902][ C0] R10: 000000000000057e R11: 0000000000000001 R12: 0000000000000006 [ 286.165908][ C0] R13: dffffc0000000000 R14: 0000000000000006 R15: ffff8880132dd3c0 [ 286.165917][ C0] FS: 00007fbe897e96c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 286.165928][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.165935][ C0] CR2: 00005598ca226780 CR3: 00000000193f8000 CR4: 0000000000350ef0 [ 286.165941][ C0] Call Trace: [ 286.165944][ C0] [ 286.165948][ C0] ? nmi_cpu_backtrace+0x1d0/0x350 [ 286.165965][ C0] ? nmi_cpu_backtrace_handler+0xc/0x10 [ 286.165981][ C0] ? nmi_handle+0x13d/0x400 [ 286.165994][ C0] ? irqentry_nmi_enter+0x80/0x90 [ 286.166007][ C0] ? __ip_append_data+0x957/0x3c90 [ 286.166024][ C0] ? default_do_nmi+0x6b/0x170 [ 286.166035][ C0] ? exc_nmi+0x171/0x1e0 [ 286.166045][ C0] ? end_repeat_nmi+0x16/0x31 [ 286.166059][ C0] ? __ip_append_data+0x945/0x3c90 [ 286.166074][ C0] ? __ip_append_data+0x957/0x3c90 [ 286.166090][ C0] ? __ip_append_data+0x957/0x3c90 [ 286.166106][ C0] ? __ip_append_data+0x957/0x3c90 [ 286.166122][ C0] [ 286.166125][ C0] [ 286.166130][ C0] ? print_usage_bug.part.0+0x670/0x670 [ 286.166145][ C0] ? ip_frag_init+0x320/0x320 [ 286.166162][ C0] ? ip_output+0x320/0x320 [ 286.166177][ C0] ? udp_sendmsg+0x76b/0x2840 [ 286.166190][ C0] ? ip_frag_init+0x320/0x320 [ 286.166204][ C0] ip_append_data+0x115/0x1a0 [ 286.166222][ C0] udp_sendmsg+0x881/0x2840 [ 286.166235][ C0] ? ip_frag_init+0x320/0x320 [ 286.166249][ C0] ? aa_profile_af_perm+0x470/0x470 [ 286.166266][ C0] ? udp_recvmsg+0x12d0/0x12d0 [ 286.166277][ C0] ? lock_sync+0x190/0x190 [ 286.166295][ C0] ? aa_sk_perm+0x31d/0xb10 [ 286.166309][ C0] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.166322][ C0] ? aa_af_perm+0x240/0x240 [ 286.166336][ C0] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.166352][ C0] inet_sendmsg+0x9d/0xe0 [ 286.166374][ C0] ? inet_send_prepare+0x530/0x530 [ 286.166389][ C0] sock_sendmsg+0xde/0x190 [ 286.166405][ C0] splice_to_socket+0x964/0xee0 [ 286.166425][ C0] ? splice_from_pipe+0x140/0x140 [ 286.166444][ C0] ? aa_path_link+0x2f0/0x2f0 [ 286.166458][ C0] ? __lock_acquire+0xc1b/0x5e20 [ 286.166473][ C0] ? apparmor_file_permission+0x278/0x4f0 [ 286.166485][ C0] ? bpf_lsm_file_permission+0x9/0x10 [ 286.166496][ C0] ? security_file_permission+0xaf/0xd0 [ 286.166514][ C0] ? splice_from_pipe+0x140/0x140 [ 286.166530][ C0] do_splice+0xb8a/0x1ec0 [ 286.166546][ C0] ? find_held_lock+0x2d/0x110 [ 286.166559][ C0] ? splice_file_to_pipe+0x1b0/0x1b0 [ 286.166575][ C0] ? direct_file_splice_eof+0xb0/0xb0 [ 286.166593][ C0] __do_splice+0x14e/0x270 [ 286.166609][ C0] ? do_splice+0x1ec0/0x1ec0 [ 286.166627][ C0] __x64_sys_splice+0x19c/0x250 [ 286.166645][ C0] do_syscall_64+0x39/0xb0 [ 286.166661][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.166678][ C0] RIP: 0033:0x7fbe8982c519 [ 286.166688][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 286.166697][ C0] RSP: 002b:00007fbe897e9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 286.166706][ C0] RAX: ffffffffffffffda RBX: 00007fbe898b6428 RCX: 00007fbe8982c519 [ 286.166713][ C0] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 286.166719][ C0] RBP: 00007fbe898b6420 R08: 000000000004ffe0 R09: 0000000000000000 [ 286.166726][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe898b642c [ 286.166732][ C0] R13: 00007fbe898834f4 R14: 04000000000003bd R15: 00007ffd74cb3758 [ 286.166742][ C0] [ 286.172044][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 286.172052][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.5.0-rc1-syzkaller-00006-g3f01e9fed845 #0 [ 286.172067][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 286.172075][ T28] Call Trace: [ 286.172078][ T28] [ 286.172083][ T28] dump_stack_lvl+0xd9/0x150 [ 286.172107][ T28] panic+0x686/0x730 [ 286.172124][ T28] ? panic_smp_self_stop+0xa0/0xa0 [ 286.172142][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 286.172162][ T28] ? preempt_schedule_thunk+0x1a/0x30 [ 286.172185][ T28] ? watchdog+0xbe8/0x1090 [ 286.172209][ T28] watchdog+0xbf9/0x1090 [ 286.172231][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 286.172253][ T28] kthread+0x344/0x440 [ 286.172266][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.172283][ T28] ret_from_fork+0x1f/0x30 [ 286.172309][ T28] [ 286.175896][ T28] Kernel Offset: disabled [ 286.701433][ T28] Rebooting in 86400 seconds..