./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4160727103 <...> Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. execve("./syz-executor4160727103", ["./syz-executor4160727103"], 0x7ffeea587310 /* 10 vars */) = 0 brk(NULL) = 0x555558fb3000 brk(0x555558fb3d00) = 0x555558fb3d00 arch_prctl(ARCH_SET_FS, 0x555558fb3380) = 0 set_tid_address(0x555558fb3650) = 5849 set_robust_list(0x555558fb3660, 24) = 0 rseq(0x555558fb3ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4160727103", 4096) = 28 getrandom("\xa0\x56\xaf\x14\xca\x14\x3e\x55", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555558fb3d00 brk(0x555558fd4d00) = 0x555558fd4d00 brk(0x555558fd5000) = 0x555558fd5000 mprotect(0x7f5883186000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555558fb3650) = 5850 ./strace-static-x86_64: Process 5850 attached [pid 5849] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5850] set_robust_list(0x555558fb3660, 24) = 0 [pid 5850] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached [pid 5849] <... clone resumed>, child_tidptr=0x555558fb3650) = 5851 [pid 5849] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached [pid 5851] set_robust_list(0x555558fb3660, 24 [pid 5852] set_robust_list(0x555558fb3660, 24 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5850] <... clone resumed>, child_tidptr=0x555558fb3650) = 5852 ./strace-static-x86_64: Process 5853 attached [pid 5849] <... clone resumed>, child_tidptr=0x555558fb3650) = 5853 [pid 5849] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5853] set_robust_list(0x555558fb3660, 24 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5851] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5853] <... set_robust_list resumed>) = 0 [pid 5853] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5854 attached [pid 5852] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5856 attached ./strace-static-x86_64: Process 5855 attached [pid 5853] <... clone resumed>, child_tidptr=0x555558fb3650) = 5855 [pid 5852] setpgid(0, 0 [pid 5849] <... clone resumed>, child_tidptr=0x555558fb3650) = 5856 [pid 5856] set_robust_list(0x555558fb3660, 24 [pid 5855] set_robust_list(0x555558fb3660, 24 [pid 5851] <... clone resumed>, child_tidptr=0x555558fb3650) = 5854 [pid 5849] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5856] <... set_robust_list resumed>) = 0 [pid 5855] <... set_robust_list resumed>) = 0 [pid 5854] set_robust_list(0x555558fb3660, 24 [pid 5852] <... setpgid resumed>) = 0 [pid 5856] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5854] <... set_robust_list resumed>) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5858 attached ./strace-static-x86_64: Process 5857 attached [pid 5855] <... prctl resumed>) = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5849] <... clone resumed>, child_tidptr=0x555558fb3650) = 5857 [pid 5857] set_robust_list(0x555558fb3660, 24 [pid 5855] setpgid(0, 0 [pid 5852] <... openat resumed>) = 3 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5855] <... setpgid resumed>) = 0 [pid 5854] <... prctl resumed>) = 0 [ 258.641737][ T29] audit: type=1400 audit(1731799248.850:88): avc: denied { execmem } for pid=5849 comm="syz-executor416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5858] set_robust_list(0x555558fb3660, 24 [pid 5857] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5856] <... clone resumed>, child_tidptr=0x555558fb3650) = 5858 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5854] setpgid(0, 0 [pid 5852] write(3, "1000", 4 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5854] <... setpgid resumed>) = 0 [pid 5852] <... write resumed>) = 4 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5855] <... openat resumed>) = 3 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5852] close(3./strace-static-x86_64: Process 5859 attached [pid 5858] <... prctl resumed>) = 0 [pid 5855] write(3, "1000", 4 [pid 5852] <... close resumed>) = 0 [pid 5857] <... clone resumed>, child_tidptr=0x555558fb3650) = 5859 [pid 5855] <... write resumed>) = 4 [pid 5854] <... openat resumed>) = 3 executing program [pid 5852] write(1, "executing program\n", 18 [pid 5858] setpgid(0, 0 [pid 5859] set_robust_list(0x555558fb3660, 24 [pid 5855] close(3 [pid 5859] <... set_robust_list resumed>) = 0 [pid 5855] <... close resumed>) = 0 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5855] write(1, "executing program\n", 18) = 18 [pid 5859] <... prctl resumed>) = 0 [pid 5855] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERICexecuting program [pid 5859] setpgid(0, 0) = 0 [pid 5858] <... setpgid resumed>) = 0 [pid 5855] <... socket resumed>) = 3 [pid 5854] write(3, "1000", 4 [pid 5852] <... write resumed>) = 18 [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5854] <... write resumed>) = 4 [pid 5852] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 5854] close(3executing program [pid 5855] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5854] <... close resumed>) = 0 [pid 5852] <... socket resumed>) = 3 [pid 5859] <... openat resumed>) = 3 [pid 5858] <... openat resumed>) = 3 [pid 5854] write(1, "executing program\n", 18 [pid 5858] write(3, "1000", 4 [pid 5852] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5854] <... write resumed>) = 18 [pid 5858] <... write resumed>) = 4 [pid 5854] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 5859] write(3, "1000", 4 [pid 5858] close(3 [pid 5859] <... write resumed>) = 4 [pid 5858] <... close resumed>) = 0 [pid 5854] <... socket resumed>) = 3 executing program [pid 5859] close(3 [pid 5854] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5858] write(1, "executing program\n", 18 [pid 5859] <... close resumed>) = 0 [pid 5858] <... write resumed>) = 18 [pid 5859] write(1, "executing program\n", 18executing program ) = 18 [pid 5859] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5859] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5858] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [ 258.705726][ T29] audit: type=1400 audit(1731799248.920:89): avc: denied { create } for pid=5855 comm="syz-executor416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 258.730901][ T29] audit: type=1400 audit(1731799248.940:90): avc: denied { write } for pid=5855 comm="syz-executor416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [pid 5858] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5855] <... sendmsg resumed>) = 20 [pid 5855] socket(AF_QIPCRTR, SOCK_DGRAM, 0) = 4 [pid 5855] getsockname(4, {sa_family=AF_QIPCRTR, sq_node=0x1, sq_port=0}, [20 => 12]) = 0 [pid 5855] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x2c\x00\x00\x00\x24\x00\x0b\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x08\x00\x01\x00\x64\x72\x72\x00", iov_len=44}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EBADF (Bad file descriptor) [pid 5855] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 5 [pid 5855] sendmmsg(5, [{msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x2c\x00\x00\x00\x24\x00\x0b\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x08\x00\x01\x00\x64\x72\x72\x00", iov_len=44}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, msg_len=44}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=0xf0b00240000002c, msg_namelen=0, msg_iov=0x100000000, msg_iovlen=18446744069414584320, msg_control=0x1000800000000, msg_controllen=7500388, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=0xc, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, {msg_hdr={msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}}, ...], 159, 0) = 1 [pid 5855] exit_group(0) = ? [pid 5855] +++ exited with 0 +++ [pid 5853] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5853] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5853] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5865 attached [pid 5865] set_robust_list(0x555558fb3660, 24 [pid 5853] <... clone resumed>, child_tidptr=0x555558fb3650) = 5865 [pid 5865] <... set_robust_list resumed>) = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 258.822036][ T29] audit: type=1400 audit(1731799249.030:91): avc: denied { create } for pid=5855 comm="syz-executor416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 258.847910][ T5855] Zero length message leads to an empty skb [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5865] write(3, "1000", 4) = 4 [pid 5865] close(3) = 0 [pid 5865] write(1, "executing program\n", 18executing program ) = 18 [pid 5865] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5865] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5850] kill(-5852, SIGKILL) = 0 [pid 5850] kill(5852, SIGKILL [pid 5852] <... sendmsg resumed>) = ? [pid 5850] <... kill resumed>) = 0 [pid 5852] +++ killed by SIGKILL +++ [pid 5850] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5852, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5856] kill(-5858, SIGKILL) = 0 [pid 5851] kill(-5854, SIGKILL [pid 5856] kill(5858, SIGKILL [pid 5851] <... kill resumed>) = 0 [pid 5856] <... kill resumed>) = 0 [pid 5851] kill(5854, SIGKILL) = 0 [pid 5850] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5868 attached [pid 5868] set_robust_list(0x555558fb3660, 24) = 0 [pid 5850] <... clone resumed>, child_tidptr=0x555558fb3650) = 5868 [pid 5857] kill(-5859, SIGKILL) = 0 [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5857] kill(5859, SIGKILL [pid 5868] <... prctl resumed>) = 0 [pid 5868] setpgid(0, 0) = 0 [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5857] <... kill resumed>) = 0 [pid 5868] write(3, "1000", 4) = 4 [pid 5868] close(3) = 0 executing program [pid 5868] write(1, "executing program\n", 18) = 18 [pid 5868] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 5868] sendmsg(3, {msg_name=NULL, msg_namelen=2, msg_iov=[{iov_base="\x14\x00\x00\x00\x24\x00\x09\x00\x00\x00\x00\x03\x00\x00\x00\x00\x06\x00\x00\x00", iov_len=20}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5853] kill(-5865, SIGKILL) = 0 [pid 5853] kill(5865, SIGKILL) = 0 [pid 5856] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5856] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5857] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5856] getdents64(3, [pid 5857] newfstatat(3, "", [pid 5856] <... getdents64 resumed>0x555558fb46f0 /* 2 entries */, 32768) = 48 [pid 5857] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5856] getdents64(3, 0x555558fb46f0 /* 0 entries */, 32768) = 0 [pid 5856] close(3 [pid 5857] getdents64(3, [pid 5856] <... close resumed>) = 0 [pid 5857] <... getdents64 resumed>0x555558fb46f0 /* 2 entries */, 32768) = 48 [pid 5857] getdents64(3, 0x555558fb46f0 /* 0 entries */, 32768) = 0 [pid 5857] close(3) = 0 [pid 5851] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5851] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5851] getdents64(3, 0x555558fb46f0 /* 2 entries */, 32768) = 48 [pid 5851] getdents64(3, 0x555558fb46f0 /* 0 entries */, 32768) = 0 [pid 5851] close(3) = 0 [pid 5853] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5853] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5853] getdents64(3, 0x555558fb46f0 /* 2 entries */, 32768) = 48 [pid 5853] getdents64(3, 0x555558fb46f0 /* 0 entries */, 32768) = 0 [pid 5853] close(3) = 0 [pid 5850] kill(-5868, SIGKILL) = 0 [pid 5850] kill(5868, SIGKILL) = 0 [pid 5850] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5850] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5850] getdents64(3, 0x555558fb46f0 /* 2 entries */, 32768) = 48 [pid 5850] getdents64(3, 0x555558fb46f0 /* 0 entries */, 32768) = 0 [pid 5850] close(3) = 0 [ 429.492044][ T30] INFO: task syz-executor416:5858 blocked for more than 143 seconds. [ 429.500188][ T30] Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 429.507863][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.516556][ T30] task:syz-executor416 state:D stack:27744 pid:5858 tgid:5858 ppid:5856 flags:0x00004006 [ 429.526789][ T30] Call Trace: [ 429.530073][ T30] [ 429.533024][ T30] __schedule+0xe55/0x5740 [ 429.537478][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.542687][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.547886][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.553105][ T30] ? __pfx___schedule+0x10/0x10 [ 429.557957][ T30] ? schedule+0x298/0x350 [ 429.562313][ T30] ? __pfx_lock_release+0x10/0x10 [ 429.567333][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 429.572620][ T30] ? lock_acquire+0x2f/0xb0 [ 429.577134][ T30] ? schedule+0x1fd/0x350 [ 429.581446][ T30] schedule+0xe7/0x350 [ 429.585552][ T30] schedule_preempt_disabled+0x13/0x30 [ 429.591026][ T30] __mutex_lock+0x5b8/0x9c0 [ 429.595538][ T30] ? ____sys_sendmsg+0xaaf/0xc90 [ 429.600479][ T30] ? ___sys_sendmsg+0x135/0x1e0 [ 429.605394][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 429.611204][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 429.616263][ T30] ? __asan_memset+0x23/0x50 [ 429.620849][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 429.626676][ T30] nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 429.632328][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 429.638041][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 429.644481][ T30] ? __nla_parse+0x40/0x60 [ 429.648904][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 429.656334][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 429.663787][ T30] genl_family_rcv_msg_doit+0x202/0x2f0 [ 429.669352][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 429.675532][ T30] ? bpf_lsm_capable+0x9/0x10 [ 429.680208][ T30] ? security_capable+0x7e/0x260 [ 429.685215][ T30] genl_rcv_msg+0x565/0x800 [ 429.689730][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 429.694913][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 429.701067][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.706292][ T30] netlink_rcv_skb+0x16b/0x440 [ 429.711051][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 429.716142][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 429.721446][ T30] ? down_read+0xc9/0x330 [ 429.725807][ T30] ? __pfx_down_read+0x10/0x10 [ 429.730566][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 429.735937][ T30] ? selinux_nlmsg_lookup+0x265/0x4b0 [ 429.741308][ T30] genl_rcv+0x28/0x40 [ 429.745304][ T30] netlink_unicast+0x53c/0x7f0 [ 429.750062][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 429.755416][ T30] netlink_sendmsg+0x8b8/0xd70 [ 429.760192][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 429.765553][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 429.770334][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 429.776060][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 429.781383][ T30] ___sys_sendmsg+0x135/0x1e0 [ 429.786106][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 429.791318][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 429.797095][ T30] ? fdget+0x176/0x210 [ 429.801174][ T30] __sys_sendmsg+0x117/0x1f0 [ 429.805790][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 429.810911][ T30] ? ptrace_notify+0xf1/0x130 [ 429.815666][ T30] ? __pfx_lock_release+0x10/0x10 [ 429.820708][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 429.826017][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 429.831217][ T30] ? ptrace_notify+0xf1/0x130 [ 429.835969][ T30] do_syscall_64+0xcd/0x250 [ 429.840469][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.846394][ T30] RIP: 0033:0x7f5883112d69 [ 429.850799][ T30] RSP: 002b:00007ffdb42bdd08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 429.859251][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5883112d69 [ 429.867230][ T30] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 429.875240][ T30] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 429.883224][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588318a800 [ 429.891186][ T30] R13: 00007ffdb42bdf28 R14: 00007ffdb42bdd30 R15: 00007ffdb42bdd20 [ 429.899291][ T30] [ 429.902361][ T30] INFO: task syz-executor416:5859 blocked for more than 143 seconds. [ 429.910435][ T30] Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 429.918109][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.926828][ T30] task:syz-executor416 state:D stack:27744 pid:5859 tgid:5859 ppid:5857 flags:0x00004006 [ 429.937097][ T30] Call Trace: [ 429.940388][ T30] [ 429.943358][ T30] __schedule+0xe55/0x5740 [ 429.947799][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.953055][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.958247][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 429.963469][ T30] ? __pfx___schedule+0x10/0x10 [ 429.968319][ T30] ? schedule+0x298/0x350 [ 429.972681][ T30] ? __pfx_lock_release+0x10/0x10 [ 429.977712][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 429.982928][ T30] ? lock_acquire+0x2f/0xb0 [ 429.987434][ T30] ? schedule+0x1fd/0x350 [ 429.991754][ T30] schedule+0xe7/0x350 [ 429.995861][ T30] schedule_preempt_disabled+0x13/0x30 [ 430.001318][ T30] __mutex_lock+0x5b8/0x9c0 [ 430.005836][ T30] ? ____sys_sendmsg+0xaaf/0xc90 [ 430.010775][ T30] ? ___sys_sendmsg+0x135/0x1e0 [ 430.015655][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.021461][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 430.026516][ T30] ? __asan_memset+0x23/0x50 [ 430.031106][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.036961][ T30] nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.042637][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 430.048369][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.054561][ T30] ? __nla_parse+0x40/0x60 [ 430.058983][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 430.066381][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 430.073778][ T30] genl_family_rcv_msg_doit+0x202/0x2f0 [ 430.079314][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 430.085390][ T30] ? bpf_lsm_capable+0x9/0x10 [ 430.090064][ T30] ? security_capable+0x7e/0x260 [ 430.095039][ T30] genl_rcv_msg+0x565/0x800 [ 430.099541][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.104580][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.110737][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.115973][ T30] netlink_rcv_skb+0x16b/0x440 [ 430.120733][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.125779][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 430.131074][ T30] ? down_read+0xc9/0x330 [ 430.135498][ T30] ? __pfx_down_read+0x10/0x10 [ 430.140265][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 430.145572][ T30] ? selinux_nlmsg_lookup+0x265/0x4b0 [ 430.150945][ T30] genl_rcv+0x28/0x40 [ 430.154957][ T30] netlink_unicast+0x53c/0x7f0 [ 430.159713][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 430.165015][ T30] netlink_sendmsg+0x8b8/0xd70 [ 430.169780][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 430.175111][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 430.179877][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 430.185389][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 430.190692][ T30] ___sys_sendmsg+0x135/0x1e0 [ 430.195431][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 430.200649][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 430.206318][ T30] ? fdget+0x176/0x210 [ 430.210390][ T30] __sys_sendmsg+0x117/0x1f0 [ 430.215114][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 430.220223][ T30] ? ptrace_notify+0xf1/0x130 [ 430.224910][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.229931][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 430.235163][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 430.240372][ T30] ? ptrace_notify+0xf1/0x130 [ 430.245072][ T30] do_syscall_64+0xcd/0x250 [ 430.249567][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.255512][ T30] RIP: 0033:0x7f5883112d69 [ 430.259928][ T30] RSP: 002b:00007ffdb42bdd08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 430.268363][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5883112d69 [ 430.276357][ T30] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 430.284333][ T30] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 430.292328][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f588318a800 [ 430.300272][ T30] R13: 00007ffdb42bdf28 R14: 00007ffdb42bdd30 R15: 00007ffdb42bdd20 [ 430.308264][ T30] [ 430.311286][ T30] INFO: task syz-executor416:5865 blocked for more than 144 seconds. [ 430.319403][ T30] Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 430.327042][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.335749][ T30] task:syz-executor416 state:D stack:26952 pid:5865 tgid:5865 ppid:5853 flags:0x00004006 [ 430.345949][ T30] Call Trace: [ 430.349216][ T30] [ 430.352182][ T30] __schedule+0xe55/0x5740 [ 430.356615][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.361809][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.367031][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.372264][ T30] ? __pfx___schedule+0x10/0x10 [ 430.377118][ T30] ? schedule+0x298/0x350 [ 430.381426][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.386458][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 430.391653][ T30] ? lock_acquire+0x2f/0xb0 [ 430.396190][ T30] ? schedule+0x1fd/0x350 [ 430.400524][ T30] schedule+0xe7/0x350 [ 430.404605][ T30] schedule_preempt_disabled+0x13/0x30 [ 430.410062][ T30] __mutex_lock+0x5b8/0x9c0 [ 430.414606][ T30] ? ____sys_sendmsg+0xaaf/0xc90 [ 430.419546][ T30] ? ___sys_sendmsg+0x135/0x1e0 [ 430.424410][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.430216][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 430.435286][ T30] ? __asan_memset+0x23/0x50 [ 430.439886][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.445709][ T30] nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.451349][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 430.457191][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.463402][ T30] ? __nla_parse+0x40/0x60 [ 430.467829][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 430.475283][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 430.482700][ T30] genl_family_rcv_msg_doit+0x202/0x2f0 [ 430.488241][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 430.494332][ T30] ? bpf_lsm_capable+0x9/0x10 [ 430.499003][ T30] ? security_capable+0x7e/0x260 [ 430.503957][ T30] genl_rcv_msg+0x565/0x800 [ 430.508456][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.513506][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.519666][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.524878][ T30] netlink_rcv_skb+0x16b/0x440 [ 430.529635][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.534714][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 430.540012][ T30] ? down_read+0xc9/0x330 [ 430.544357][ T30] ? __pfx_down_read+0x10/0x10 [ 430.549114][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 430.554431][ T30] ? selinux_nlmsg_lookup+0x265/0x4b0 [ 430.559798][ T30] genl_rcv+0x28/0x40 [ 430.563788][ T30] netlink_unicast+0x53c/0x7f0 [ 430.568546][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 430.573861][ T30] netlink_sendmsg+0x8b8/0xd70 [ 430.578621][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 430.583938][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 430.588709][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 430.594227][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 430.599561][ T30] ___sys_sendmsg+0x135/0x1e0 [ 430.604264][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 430.609474][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 430.615184][ T30] ? fdget+0x176/0x210 [ 430.619255][ T30] __sys_sendmsg+0x117/0x1f0 [ 430.623926][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 430.629035][ T30] ? ptrace_notify+0xf1/0x130 [ 430.633737][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.638775][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 430.643999][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 430.649197][ T30] ? ptrace_notify+0xf1/0x130 [ 430.654007][ T30] do_syscall_64+0xcd/0x250 [ 430.658516][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.664430][ T30] RIP: 0033:0x7f5883112d69 [ 430.668839][ T30] RSP: 002b:00007ffdb42bdd08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 430.677282][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5883112d69 [ 430.685278][ T30] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 430.693293][ T30] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 430.701256][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000003f26a [ 430.709249][ T30] R13: 00007ffdb42bdd1c R14: 00007ffdb42bdd30 R15: 00007ffdb42bdd20 [ 430.717284][ T30] [ 430.720298][ T30] INFO: task syz-executor416:5868 blocked for more than 144 seconds. [ 430.728370][ T30] Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 430.736032][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.744745][ T30] task:syz-executor416 state:D stack:26952 pid:5868 tgid:5868 ppid:5850 flags:0x00004006 [ 430.754969][ T30] Call Trace: [ 430.758240][ T30] [ 430.761150][ T30] __schedule+0xe55/0x5740 [ 430.765681][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.770871][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.776121][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.781315][ T30] ? __pfx___schedule+0x10/0x10 [ 430.786180][ T30] ? schedule+0x298/0x350 [ 430.790510][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.795575][ T30] ? trace_lock_acquire+0x14a/0x1d0 [ 430.800772][ T30] ? lock_acquire+0x2f/0xb0 [ 430.805285][ T30] ? schedule+0x1fd/0x350 [ 430.809617][ T30] schedule+0xe7/0x350 [ 430.813718][ T30] schedule_preempt_disabled+0x13/0x30 [ 430.819188][ T30] __mutex_lock+0x5b8/0x9c0 [ 430.823719][ T30] ? ____sys_sendmsg+0xaaf/0xc90 [ 430.828669][ T30] ? ___sys_sendmsg+0x135/0x1e0 [ 430.833557][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.839365][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 430.844440][ T30] ? __asan_memset+0x23/0x50 [ 430.849038][ T30] ? nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.854874][ T30] nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 430.860520][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 430.866280][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.872494][ T30] ? __nla_parse+0x40/0x60 [ 430.876931][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 430.884339][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 430.891709][ T30] genl_family_rcv_msg_doit+0x202/0x2f0 [ 430.897292][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 430.903377][ T30] ? bpf_lsm_capable+0x9/0x10 [ 430.908033][ T30] ? security_capable+0x7e/0x260 [ 430.913021][ T30] genl_rcv_msg+0x565/0x800 [ 430.917536][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.922573][ T30] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 430.928729][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 430.933958][ T30] netlink_rcv_skb+0x16b/0x440 [ 430.938716][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 430.943758][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 430.949051][ T30] ? down_read+0xc9/0x330 [ 430.953415][ T30] ? __pfx_down_read+0x10/0x10 [ 430.958173][ T30] ? netlink_deliver_tap+0x1ae/0xd90 [ 430.963471][ T30] ? selinux_nlmsg_lookup+0x265/0x4b0 [ 430.968844][ T30] genl_rcv+0x28/0x40 [ 430.972855][ T30] netlink_unicast+0x53c/0x7f0 [ 430.977616][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 430.982918][ T30] netlink_sendmsg+0x8b8/0xd70 [ 430.987677][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 430.993013][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 430.997787][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 431.003280][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 431.008571][ T30] ___sys_sendmsg+0x135/0x1e0 [ 431.013299][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 431.018500][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 431.024168][ T30] ? fdget+0x176/0x210 [ 431.028250][ T30] __sys_sendmsg+0x117/0x1f0 [ 431.032884][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 431.038001][ T30] ? ptrace_notify+0xf1/0x130 [ 431.042699][ T30] ? __pfx_lock_release+0x10/0x10 [ 431.047734][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 431.052961][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 431.058158][ T30] ? ptrace_notify+0xf1/0x130 [ 431.062855][ T30] do_syscall_64+0xcd/0x250 [ 431.067363][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.073291][ T30] RIP: 0033:0x7f5883112d69 [ 431.077707][ T30] RSP: 002b:00007ffdb42bdd08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 431.086141][ T30] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5883112d69 [ 431.094133][ T30] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 431.102108][ T30] RBP: 00000000000f4240 R08: 0000000000000000 R09: 00000000000000a0 [ 431.110072][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000003f25d [ 431.118072][ T30] R13: 00007ffdb42bdd1c R14: 00007ffdb42bdd30 R15: 00007ffdb42bdd20 [ 431.126091][ T30] [ 431.129112][ T30] [ 431.129112][ T30] Showing all locks held in the system: [ 431.136865][ T30] 1 lock held by khungtaskd/30: [ 431.141722][ T30] #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 [ 431.151631][ T30] 2 locks held by getty/5581: [ 431.156328][ T30] #0: ffff88803182c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 431.166117][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 [ 431.176256][ T30] 2 locks held by syz-executor416/5854: [ 431.181786][ T30] #0: ffffffff8ff82090 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 431.189982][ T30] #1: ffffffff8e5d4f68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 431.200102][ T30] 2 locks held by syz-executor416/5858: [ 431.205652][ T30] #0: ffffffff8ff82090 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 431.213886][ T30] #1: ffffffff8e5d4f68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 431.224027][ T30] 2 locks held by syz-executor416/5859: [ 431.229553][ T30] #0: ffffffff8ff82090 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 431.237751][ T30] #1: ffffffff8e5d4f68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 431.247894][ T30] 2 locks held by syz-executor416/5865: [ 431.253550][ T30] #0: ffffffff8ff82090 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 431.261743][ T30] #1: ffffffff8e5d4f68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 431.271929][ T30] 2 locks held by syz-executor416/5868: [ 431.277491][ T30] #0: ffffffff8ff82090 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 431.285674][ T30] #1: ffffffff8e5d4f68 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0xe3/0x1b40 [ 431.295823][ T30] [ 431.298125][ T30] ============================================= [ 431.298125][ T30] [ 431.306535][ T30] NMI backtrace for cpu 0 [ 431.310845][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 431.321312][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 431.331342][ T30] Call Trace: [ 431.334593][ T30] [ 431.337497][ T30] dump_stack_lvl+0x116/0x1f0 [ 431.342153][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 431.347063][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 431.353017][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 431.358972][ T30] watchdog+0xf0c/0x1240 [ 431.363189][ T30] ? __pfx_watchdog+0x10/0x10 [ 431.367834][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 431.373008][ T30] ? __kthread_parkme+0x148/0x220 [ 431.378005][ T30] ? __pfx_watchdog+0x10/0x10 [ 431.382650][ T30] kthread+0x2c1/0x3a0 [ 431.386700][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 431.391872][ T30] ? __pfx_kthread+0x10/0x10 [ 431.396446][ T30] ret_from_fork+0x45/0x80 [ 431.400832][ T30] ? __pfx_kthread+0x10/0x10 [ 431.405394][ T30] ret_from_fork_asm+0x1a/0x30 [ 431.410136][ T30] [ 431.413199][ T30] Sending NMI from CPU 0 to CPUs 1: [ 431.418415][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20 [ 431.419393][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 431.434353][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00189-ge8bdb3c8be08 #0 [ 431.444831][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 431.454864][ T30] Call Trace: [ 431.458123][ T30] [ 431.461049][ T30] dump_stack_lvl+0x3d/0x1f0 [ 431.465622][ T30] panic+0x71d/0x800 [ 431.469509][ T30] ? __pfx_panic+0x10/0x10 [ 431.473911][ T30] ? __pfx__printk+0x10/0x10 [ 431.478483][ T30] ? irq_work_claim+0x76/0xa0 [ 431.483152][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 431.489203][ T30] ? irq_work_queue+0x2a/0x80 [ 431.493882][ T30] ? watchdog+0xd76/0x1240 [ 431.498286][ T30] ? watchdog+0xd69/0x1240 [ 431.502681][ T30] watchdog+0xd87/0x1240 [ 431.506905][ T30] ? __pfx_watchdog+0x10/0x10 [ 431.511558][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 431.516745][ T30] ? __kthread_parkme+0x148/0x220 [ 431.521752][ T30] ? __pfx_watchdog+0x10/0x10 [ 431.526408][ T30] kthread+0x2c1/0x3a0 [ 431.530459][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 431.535657][ T30] ? __pfx_kthread+0x10/0x10 [ 431.540230][ T30] ret_from_fork+0x45/0x80 [ 431.544627][ T30] ? __pfx_kthread+0x10/0x10 [ 431.549200][ T30] ret_from_fork_asm+0x1a/0x30 [ 431.553971][ T30] [ 431.557178][ T30] Kernel Offset: disabled [ 431.561485][ T30] Rebooting in 86400 seconds..