SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4561 comm=syz-executor.4 watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor.0:4532] Modules linked in: irq event stamp: 4691319 hardirqs last enabled at (4691318): [] asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 hardirqs last disabled at (4691319): [] sysvec_apic_timer_interrupt+0xb/0xa0 arch/x86/kernel/apic/apic.c:1094 softirqs last enabled at (4584790): [] asm_call_irq_on_stack+0x12/0x20 softirqs last disabled at (4584793): [] asm_call_irq_on_stack+0x12/0x20 CPU: 0 PID: 4532 Comm: syz-executor.0 Not tainted 5.10.223 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:kmemleak_alloc+0x6/0x30 mm/kmemleak.c:897 Code: c4 08 48 89 df 5b e9 59 fe ff ff 48 c7 c7 50 ae c8 84 48 89 34 24 e8 d9 66 86 fd 48 8b 34 24 eb d6 0f 1f 00 8b 05 9a 3a 24 01 <85> c0 74 13 48 85 ff 74 0e 48 81 ff 00 f0 ff ff 77 05 e9 03 12 89 RSP: 0018:ffff88806ce09ab8 EFLAGS: 00000246 RAX: 0000000000000001 RBX: ffff8880451e0640 RCX: 0000000000000a20 RDX: 0000000000000001 RSI: 00000000000000e8 RDI: ffff8880451e0500 RBP: ffff888008805a00 R08: 00000000efe127fd R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000a20 R13: 0000000000000a20 R14: 00000000ffffffff R15: 0000000000000000 FS: 00007f1b6e108700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055674c079678 CR3: 000000004916c000 CR4: 0000000000350ef0 Call Trace: kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] slab_post_alloc_hook mm/slab.h:534 [inline] slab_alloc_node mm/slub.c:2896 [inline] kmem_cache_alloc_node+0x169/0x330 mm/slub.c:2932 __alloc_skb+0x6d/0x5b0 net/core/skbuff.c:199 skb_copy+0x183/0x350 net/core/skbuff.c:1529 mac80211_hwsim_tx_frame_no_nl.isra.0+0xb1d/0x13d0 drivers/net/wireless/mac80211_hwsim.c:1499 mac80211_hwsim_tx_frame+0x152/0x1e0 drivers/net/wireless/mac80211_hwsim.c:1716 mac80211_hwsim_beacon_tx+0x494/0x940 drivers/net/wireless/mac80211_hwsim.c:1770 __iterate_interfaces+0x1f0/0x550 net/mac80211/util.c:792 ieee80211_iterate_active_interfaces_atomic+0x71/0x1c0 net/mac80211/util.c:828 mac80211_hwsim_beacon+0xd1/0x1d0 drivers/net/wireless/mac80211_hwsim.c:1793 __run_hrtimer kernel/time/hrtimer.c:1584 [inline] __hrtimer_run_queues+0x632/0xb40 kernel/time/hrtimer.c:1648 hrtimer_run_softirq+0x148/0x310 kernel/time/hrtimer.c:1665 __do_softirq+0x1b8/0x7c9 kernel/softirq.c:298 asm_call_irq_on_stack+0x12/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x80/0xa0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu kernel/softirq.c:423 [inline] irq_exit_rcu+0x114/0x1b0 kernel/softirq.c:435 sysvec_apic_timer_interrupt+0x43/0xa0 arch/x86/kernel/apic/apic.c:1094 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 RIP: 0010:rcu_read_unlock include/linux/rcupdate.h:767 [inline] RIP: 0010:percpu_ref_put_many.constprop.0+0x45/0x110 include/linux/percpu-refcount.h:324 Code: 00 00 31 f6 48 c7 c7 20 8c ff 84 e8 b5 56 bb ff e8 a0 ed 79 02 5a 85 c0 75 39 48 8b 45 00 a8 03 0f 85 a8 00 00 00 65 48 ff 08 86 ed 79 02 85 c0 75 5c 65 ff 0d ab 8e 96 7e e8 b6 15 c2 ff 48 RSP: 0018:ffff88802027f448 EFLAGS: 00000282 RAX: 0000607f92e0ad08 RBX: ffff88800cb0fb00 RCX: 00000000cfb1416b RDX: 0000000000000000 RSI: fb56938e9670e70e RDI: ffff88806ce3c128 RBP: ffff88800f917d80 R08: 0000000000000000 R09: ffffffff868686e7 R10: 0000000000000246 R11: 0000000000000001 R12: ffff8880083fe8c0 R13: 0000000000000246 R14: 0000000000000006 R15: 00000000fffffef8 percpu_ref_put include/linux/percpu-refcount.h:338 [inline] obj_cgroup_put include/linux/memcontrol.h:518 [inline] memcg_slab_free_hook mm/slab.h:385 [inline] memcg_slab_free_hook mm/slab.h:351 [inline] do_slab_free mm/slub.c:3105 [inline] ___cache_free+0x1de/0x360 mm/slub.c:3156 qlink_free mm/kasan/quarantine.c:151 [inline] qlist_free_all+0x59/0xe0 mm/kasan/quarantine.c:170 quarantine_reduce+0x184/0x210 mm/kasan/quarantine.c:267 __kasan_kmalloc.constprop.0+0xa2/0xd0 mm/kasan/common.c:442 slab_post_alloc_hook mm/slab.h:532 [inline] slab_alloc_node mm/slub.c:2896 [inline] slab_alloc mm/slub.c:2904 [inline] kmem_cache_alloc+0x13b/0x310 mm/slub.c:2909 mem_pool_alloc mm/kmemleak.c:423 [inline] create_object.isra.0+0x3a/0xa20 mm/kmemleak.c:578 kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] slab_post_alloc_hook mm/slab.h:534 [inline] slab_alloc_node mm/slub.c:2896 [inline] slab_alloc mm/slub.c:2904 [inline] kmem_cache_alloc+0x159/0x310 mm/slub.c:2909 __d_alloc+0x2a/0x990 fs/dcache.c:1714 d_alloc fs/dcache.c:1793 [inline] d_alloc_parallel+0x111/0x1bc0 fs/dcache.c:2547 __lookup_slow+0x193/0x490 fs/namei.c:1541 lookup_one_len+0x167/0x1a0 fs/namei.c:2572 start_creating.part.0+0x10a/0x230 fs/debugfs/inode.c:350 start_creating fs/debugfs/inode.c:328 [inline] __debugfs_create_file+0xdb/0x580 fs/debugfs/inode.c:395 relay_create_buf_file+0xf6/0x180 kernel/relay.c:429 relay_open_buf.part.0+0x7de/0xc00 kernel/relay.c:458 relay_open_buf kernel/relay.c:450 [inline] relay_open kernel/relay.c:605 [inline] relay_open+0x531/0xa10 kernel/relay.c:564 do_blk_trace_setup+0x4cf/0xc10 kernel/trace/blktrace.c:557 __blk_trace_setup+0xca/0x180 kernel/trace/blktrace.c:597 blk_trace_setup+0x43/0x60 kernel/trace/blktrace.c:615 sg_ioctl_common+0x634/0x2570 drivers/scsi/sg.c:1115 sg_ioctl+0x8f/0x120 drivers/scsi/sg.c:1158 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 RIP: 0033:0x7f1b70b92b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1b6e108188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f1b70ca5f60 RCX: 00007f1b70b92b19 RDX: 0000000020000080 RSI: 00000000c0481273 RDI: 0000000000000004 RBP: 00007f1b70becf6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffaab3119f R14: 00007f1b6e108300 R15: 0000000000022000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.10.223 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:cpu_relax arch/x86/include/asm/vdso/processor.h:19 [inline] RIP: 0010:virt_spin_lock arch/x86/include/asm/qspinlock.h:100 [inline] RIP: 0010:queued_spin_lock_slowpath+0x122/0x8c0 kernel/locking/qspinlock.c:326 Code: 00 00 00 65 48 2b 04 25 28 00 00 00 0f 85 09 07 00 00 48 81 c4 88 00 00 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 f0 a5 f8 02 f3 90 73 ff ff ff 44 8b 74 24 48 41 81 fe 00 01 00 00 0f 84 e1 00 00 RSP: 0018:ffff88806cf09a38 EFLAGS: 00000202 RAX: 0000000000000000 RBX: ffffffff87a04180 RCX: ffffffff81279957 RDX: fffffbfff0f40831 RSI: 0000000000000004 RDI: ffffffff87a04180 RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff87a04183 R10: fffffbfff0f40830 R11: 0000000000000001 R12: 0000000000000003 R13: fffffbfff0f40830 R14: 0000000000000001 R15: 1ffff1100d9e1348 FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555556361098 CR3: 000000000b9c2000 CR4: 0000000000350ee0 Call Trace: queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] do_raw_spin_lock+0x1dc/0x260 kernel/locking/spinlock_debug.c:113 spin_lock include/linux/spinlock.h:354 [inline] mac80211_hwsim_tx_frame_no_nl.isra.0+0x695/0x13d0 drivers/net/wireless/mac80211_hwsim.c:1450 mac80211_hwsim_tx_frame+0x152/0x1e0 drivers/net/wireless/mac80211_hwsim.c:1716 mac80211_hwsim_beacon_tx+0x494/0x940 drivers/net/wireless/mac80211_hwsim.c:1770 __iterate_interfaces+0x1f0/0x550 net/mac80211/util.c:792 ieee80211_iterate_active_interfaces_atomic+0x71/0x1c0 net/mac80211/util.c:828 mac80211_hwsim_beacon+0xd1/0x1d0 drivers/net/wireless/mac80211_hwsim.c:1793 __run_hrtimer kernel/time/hrtimer.c:1584 [inline] __hrtimer_run_queues+0x632/0xb40 kernel/time/hrtimer.c:1648 hrtimer_run_softirq+0x148/0x310 kernel/time/hrtimer.c:1665 __do_softirq+0x1b8/0x7c9 kernel/softirq.c:298 asm_call_irq_on_stack+0x12/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0x80/0xa0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:393 [inline] __irq_exit_rcu kernel/softirq.c:423 [inline] irq_exit_rcu+0x114/0x1b0 kernel/softirq.c:435 sysvec_apic_timer_interrupt+0x43/0xa0 arch/x86/kernel/apic/apic.c:1094 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:635 RIP: 0010:_raw_spin_unlock_irq+0x27/0x30 kernel/locking/spinlock.c:200 Code: 44 00 00 55 48 8b 74 24 08 48 89 fd 48 8d 7f 18 e8 5e c2 3f fd 48 89 ef e8 26 7c 40 fd e8 b1 a1 5f fd fb 65 ff 0d e9 00 1b 7c <5d> e9 63 d1 38 00 0f 1f 00 55 48 89 fd 48 83 c7 18 53 48 89 f3 48 RSP: 0018:ffff8880089bfd10 EFLAGS: 00000282 RAX: 00000000003e97f3 RBX: ffff8880089b0000 RCX: 1ffffffff0ace489 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff83e76e4f RBP: ffff88806cf3b2c0 R08: 0000000000000001 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000001 R12: ffff88806cf3b2c0 R13: ffff8880495ab480 R14: 0000000000000000 R15: 0000000000000000 finish_lock_switch kernel/sched/core.c:3539 [inline] finish_task_switch+0x126/0x5d0 kernel/sched/core.c:3639 context_switch kernel/sched/core.c:3803 [inline] __schedule+0x82c/0x1ea0 kernel/sched/core.c:4548 schedule+0xcb/0x270 kernel/sched/core.c:4626 smpboot_thread_fn+0x594/0x860 kernel/smpboot.c:160 kthread+0x38f/0x470 kernel/kthread.c:328 ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:298 9pnet: Could not find request transport: rdma EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue audit: type=1326 audit(1723283653.111:18): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.113:19): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.183:20): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.183:21): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.184:22): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.184:23): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.184:24): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.184:25): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.185:26): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7effdf2a5b19 code=0x7ffc0000 audit: type=1326 audit(1723283653.185:27): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=4615 comm="syz-executor.1" exe="/syz-executor.1" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7effdf2a5ad7 code=0x7ffc0000 EXT4-fs (loop1): Unrecognized mount option "Õïøì™aÏþô›ñ " or missing value EXT4-fs (loop4): Unrecognized mount option "/dev/vcsa" or missing value ---------------- Code disassembly (best guess), 2 bytes skipped: 0: 48 89 df mov %rbx,%rdi 3: 5b pop %rbx 4: e9 59 fe ff ff jmpq 0xfffffe62 9: 48 c7 c7 50 ae c8 84 mov $0xffffffff84c8ae50,%rdi 10: 48 89 34 24 mov %rsi,(%rsp) 14: e8 d9 66 86 fd callq 0xfd8666f2 19: 48 8b 34 24 mov (%rsp),%rsi 1d: eb d6 jmp 0xfffffff5 1f: 0f 1f 00 nopl (%rax) 22: 8b 05 9a 3a 24 01 mov 0x1243a9a(%rip),%eax # 0x1243ac2 * 28: 85 c0 test %eax,%eax <-- trapping instruction 2a: 74 13 je 0x3f 2c: 48 85 ff test %rdi,%rdi 2f: 74 0e je 0x3f 31: 48 81 ff 00 f0 ff ff cmp $0xfffffffffffff000,%rdi 38: 77 05 ja 0x3f 3a: e9 .byte 0xe9 3b: 03 12 add (%rdx),%edx 3d: 89 .byte 0x89