./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1166831106 <...> Warning: Permanently added '10.128.0.27' (ED25519) to the list of known hosts. execve("./syz-executor1166831106", ["./syz-executor1166831106"], 0x7ffe14b7dec0 /* 10 vars */) = 0 brk(NULL) = 0x5555938a1000 brk(0x5555938a1d00) = 0x5555938a1d00 arch_prctl(ARCH_SET_FS, 0x5555938a1380) = 0 set_tid_address(0x5555938a1650) = 5846 set_robust_list(0x5555938a1660, 24) = 0 rseq(0x5555938a1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1166831106", 4096) = 28 getrandom("\xda\x24\xc6\xea\x68\x97\xb7\xe2", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555938a1d00 brk(0x5555938c2d00) = 0x5555938c2d00 brk(0x5555938c3000) = 0x5555938c3000 mprotect(0x7ff33a9d5000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5847 attached , child_tidptr=0x5555938a1650) = 5847 [pid 5847] set_robust_list(0x5555938a1660, 24) = 0 [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5847] setpgid(0, 0) = 0 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5847] write(3, "1000", 4) = 4 [pid 5847] close(3) = 0 [ 222.331254][ T29] audit: type=1400 audit(1731604808.977:88): avc: denied { execmem } for pid=5846 comm="syz-executor116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5847] write(1, "executing program\n", 18executing program ) = 18 [pid 5847] getsockname(-1, NULL, NULL) = -1 EBADF (Bad file descriptor) [pid 5847] openat(AT_FDCWD, "/dev/iommu", O_RDONLY) = 3 [pid 5847] socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 4 [ 222.408086][ T29] audit: type=1400 audit(1731604809.047:89): avc: denied { read } for pid=5847 comm="syz-executor116" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 222.430983][ T29] audit: type=1400 audit(1731604809.047:90): avc: denied { open } for pid=5847 comm="syz-executor116" path="/dev/iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 5847] setsockopt(4, SOL_SOCKET, 0x50 /* SO_??? */, "\x00\x00\x65\x76\x2f\x69\x6f\x6d\x00\x00\x00\x00\x00\x00\x00\x00", 16 [pid 5846] kill(-5847, SIGKILL) = 0 [pid 5846] kill(5847, SIGKILL) = 0 [ 334.560393][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 334.567159][ C1] rcu: 1-....: (1 GPs behind) idle=bd14/1/0x4000000000000000 softirq=11133/11134 fqs=5248 [ 334.577530][ C1] rcu: hardirqs softirqs csw/system [ 334.583932][ C1] rcu: number: 1 0 0 [ 334.590317][ C1] rcu: cputime: 136 0 52343 ==> 52480(ms) [ 334.598098][ C1] rcu: (t=10500 jiffies g=6001 q=24 ncpus=2) [ 334.604154][ C1] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor116 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0 [ 334.604167][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 334.604178][ C1] RIP: 0010:xas_load+0x3e/0x5b0 [ 334.604211][ C1] Code: 18 e8 e6 d5 76 f6 48 89 ef e8 8e d5 ff ff 48 89 c3 e8 d6 d5 76 f6 49 89 dc bf 02 00 00 00 41 83 e4 03 4c 89 e6 e8 32 d8 76 f6 <49> 83 fc 02 74 1b e8 b7 d5 76 f6 48 89 d8 48 83 c4 18 5b 5d 41 5c [ 334.604221][ C1] RSP: 0018:ffffc9000391f830 EFLAGS: 00000293 [ 334.604233][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8b16a59e [ 334.604239][ C1] RDX: ffff888026f02440 RSI: 0000000000000002 RDI: 0000000000000007 [ 334.604246][ C1] RBP: ffffc9000391f938 R08: 0000000000000007 R09: 0000000000000002 [ 334.604252][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 334.604258][ C1] R13: 0000000000000000 R14: ffff888030060548 R15: ffffc9000391f938 [ 334.604265][ C1] FS: 00005555938a1380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 334.604276][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.604283][ C1] CR2: 00007ff33a9d90d0 CR3: 0000000030164000 CR4: 00000000003526f0 [ 334.604289][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 334.604295][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 334.604301][ C1] Call Trace: [ 334.604306][ C1] [ 334.604310][ C1] ? rcu_dump_cpu_stacks+0x25e/0x4c0 [ 334.604332][ C1] ? rcu_sched_clock_irq+0xa24/0x32a0 [ 334.604349][ C1] ? timekeeping_advance+0x96e/0xf20 [ 334.604363][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 334.604376][ C1] ? __asan_memcpy+0x3c/0x60 [ 334.604388][ C1] ? __asan_memcpy+0x3c/0x60 [ 334.604406][ C1] ? update_process_times+0x178/0x220 [ 334.604424][ C1] ? __pfx_update_process_times+0x10/0x10 [ 334.604440][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 334.604453][ C1] ? update_wall_time+0x1c/0x40 [ 334.604469][ C1] ? tick_nohz_handler+0x376/0x530 [ 334.604482][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 334.604498][ C1] ? __hrtimer_run_queues+0x5fb/0xae0 [ 334.604513][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 334.604525][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 334.604543][ C1] ? hrtimer_interrupt+0x31b/0x800 [ 334.604560][ C1] ? __sysvec_apic_timer_interrupt+0x10f/0x400 [ 334.604574][ C1] ? sysvec_apic_timer_interrupt+0x9f/0xc0 [ 334.604590][ C1] [ 334.604593][ C1] [ 334.604597][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 334.604617][ C1] ? xas_load+0x3e/0x5b0 [ 334.604629][ C1] ? xas_load+0x3e/0x5b0 [ 334.604640][ C1] ? irqentry_exit+0x3b/0x90 [ 334.604649][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 334.604666][ C1] xas_store+0xb1b/0x1960 [ 334.604682][ C1] __xa_erase+0xb4/0x150 [ 334.604694][ C1] ? __pfx___xa_erase+0x10/0x10 [ 334.604708][ C1] ? sock_devmem_dontneed+0x47b/0x770 [ 334.604721][ C1] ? __xa_erase+0xe/0x150 [ 334.604733][ C1] sock_devmem_dontneed+0x3c2/0x770 [ 334.604748][ C1] ? __pfx_sock_devmem_dontneed+0x10/0x10 [ 334.604769][ C1] sk_setsockopt+0x326/0x3d50 [ 334.604783][ C1] ? __lock_acquire+0x163e/0x3ce0 [ 334.604795][ C1] ? __pfx_sk_setsockopt+0x10/0x10 [ 334.604808][ C1] ? __pfx_sock_has_perm+0x10/0x10 [ 334.604829][ C1] ? selinux_netlbl_socket_setsockopt+0x184/0x470 [ 334.604843][ C1] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 334.604855][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 334.604871][ C1] ? selinux_socket_setsockopt+0x6a/0x80 [ 334.604884][ C1] do_sock_setsockopt+0x3f4/0x480 [ 334.604899][ C1] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 334.604913][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 334.604926][ C1] ? ptrace_stop.part.0+0x488/0x940 [ 334.604941][ C1] ? ptrace_stop.part.0+0x722/0x940 [ 334.604954][ C1] ? fdget+0x176/0x210 [ 334.604971][ C1] __sys_setsockopt+0x1a4/0x270 [ 334.604984][ C1] ? __pfx___sys_setsockopt+0x10/0x10 [ 334.604998][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 334.605017][ C1] __x64_sys_setsockopt+0xbd/0x160 [ 334.605028][ C1] ? syscall_trace_enter+0xab/0x240 [ 334.605040][ C1] do_syscall_64+0xcd/0x250 [ 334.605051][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.605067][ C1] RIP: 0033:0x7ff33a962a39 [ 334.605081][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 334.605090][ C1] RSP: 002b:00007ffc03f0f368 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 334.605100][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff33a962a39 [ 334.605107][ C1] RDX: 0000000000000050 RSI: 0000000000000001 RDI: 0000000000000004 [ 334.605113][ C1] RBP: 00007ff33a9d55f0 R08: 0000000000000010 R09: 0000000000000006 [ 334.605119][ C1] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.605125][ C1] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 334.605138][ C1]