./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3153910708 <...> forked to background, child pid 3207 no interfaces have a carrier [ 27.507822][ T3208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.518075][ T3208] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.122' (ECDSA) to the list of known hosts. execve("./syz-executor3153910708", ["./syz-executor3153910708"], 0x7fff3dffed30 /* 10 vars */) = 0 brk(NULL) = 0x555555a66000 brk(0x555555a66c40) = 0x555555a66c40 arch_prctl(ARCH_SET_FS, 0x555555a66300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3153910708", 4096) = 28 brk(0x555555a87c40) = 0x555555a87c40 brk(0x555555a88000) = 0x555555a88000 mprotect(0x7fa69969a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3630 attached , child_tidptr=0x555555a665d0) = 3630 [pid 3629] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a665d0) = 3631 ./strace-static-x86_64: Process 3631 attached [pid 3629] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3630] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 3630] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3632 attached [pid 3629] <... clone resumed>, child_tidptr=0x555555a665d0) = 3632 [pid 3629] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3631] ioctl(3, LOOP_CLR_FD [pid 3630] ioctl(3, LOOP_CLR_FD [pid 3629] <... clone resumed>, child_tidptr=0x555555a665d0) = 3633 [pid 3629] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3631] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3630] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3629] <... clone resumed>, child_tidptr=0x555555a665d0) = 3634 [pid 3631] close(3 [pid 3630] close(3 [pid 3629] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3633 attached [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3631] <... close resumed>) = 0 [pid 3630] <... close resumed>) = 0 [pid 3629] <... clone resumed>, child_tidptr=0x555555a665d0) = 3635 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3630] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3636 [pid 3630] <... clone resumed>, child_tidptr=0x555555a665d0) = 3637 ./strace-static-x86_64: Process 3634 attached [pid 3632] <... openat resumed>) = 3 [pid 3632] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 3635 attached [pid 3632] close(3 [pid 3634] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3632] <... close resumed>) = 0 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3634] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3637 attached [pid 3635] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 3637] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 3638 attached ./strace-static-x86_64: Process 3636 attached ) = 0 [pid 3635] <... openat resumed>) = 3 [pid 3634] ioctl(3, LOOP_CLR_FD [pid 3633] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3636] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3633] <... openat resumed>) = 3 [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3638 [pid 3636] <... prctl resumed>) = 0 [pid 3633] ioctl(3, LOOP_CLR_FD [pid 3638] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3637] setpgid(0, 0 [pid 3636] setpgid(0, 0 [pid 3634] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3633] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3638] <... prctl resumed>) = 0 [pid 3636] <... setpgid resumed>) = 0 [pid 3635] ioctl(3, LOOP_CLR_FD [pid 3634] close(3 [pid 3633] close(3 [pid 3638] setpgid(0, 0 [pid 3636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3635] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3634] <... close resumed>) = 0 [pid 3633] <... close resumed>) = 0 [pid 3638] <... setpgid resumed>) = 0 [pid 3636] <... openat resumed>) = 3 [pid 3635] close(3 [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3633] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3640 attached [pid 3638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3637] <... setpgid resumed>) = 0 [pid 3636] write(3, "1000", 4 [pid 3635] <... close resumed>) = 0 [pid 3640] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3638] <... openat resumed>) = 3 [pid 3637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3636] <... write resumed>) = 4 [pid 3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3634] <... clone resumed>, child_tidptr=0x555555a665d0) = 3641 [pid 3633] <... clone resumed>, child_tidptr=0x555555a665d0) = 3640 [pid 3640] <... prctl resumed>) = 0 [pid 3638] write(3, "1000", 4 [pid 3637] <... openat resumed>) = 3 [pid 3636] close(3 [pid 3640] setpgid(0, 0 [pid 3638] <... write resumed>) = 4 [pid 3637] write(3, "1000", 4 [pid 3636] <... close resumed>) = 0 [pid 3635] <... clone resumed>, child_tidptr=0x555555a665d0) = 3642 ./strace-static-x86_64: Process 3641 attached [pid 3640] <... setpgid resumed>) = 0 [pid 3638] close(3 [pid 3637] <... write resumed>) = 4 [pid 3636] memfd_create("syzkaller", 0 [pid 3641] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3638] <... close resumed>) = 0 [pid 3637] close(3 [pid 3636] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 3642 attached [pid 3641] <... prctl resumed>) = 0 [pid 3640] <... openat resumed>) = 3 [pid 3638] memfd_create("syzkaller", 0 [pid 3637] <... close resumed>) = 0 [pid 3636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3642] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3641] setpgid(0, 0 [pid 3640] write(3, "1000", 4 [pid 3638] <... memfd_create resumed>) = 3 [pid 3637] memfd_create("syzkaller", 0 [pid 3636] <... mmap resumed>) = 0x7fa6911df000 [pid 3642] <... prctl resumed>) = 0 [pid 3641] <... setpgid resumed>) = 0 [pid 3640] <... write resumed>) = 4 [pid 3638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3637] <... memfd_create resumed>) = 3 [pid 3636] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3642] setpgid(0, 0 [pid 3641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3640] close(3 [pid 3638] <... mmap resumed>) = 0x7fa6911df000 [pid 3637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3636] <... write resumed>) = 262144 [pid 3642] <... setpgid resumed>) = 0 [pid 3641] <... openat resumed>) = 3 [pid 3640] <... close resumed>) = 0 [pid 3638] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3637] <... mmap resumed>) = 0x7fa6911df000 [pid 3636] munmap(0x7fa6911df000, 262144 [pid 3642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3641] write(3, "1000", 4 [pid 3640] memfd_create("syzkaller", 0 [pid 3638] <... write resumed>) = 262144 [pid 3636] <... munmap resumed>) = 0 [pid 3642] <... openat resumed>) = 3 [pid 3641] <... write resumed>) = 4 [pid 3640] <... memfd_create resumed>) = 3 [pid 3638] munmap(0x7fa6911df000, 262144 [pid 3637] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3636] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3642] write(3, "1000", 4 [pid 3641] close(3 [pid 3640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3638] <... munmap resumed>) = 0 [pid 3636] <... openat resumed>) = 4 [pid 3642] <... write resumed>) = 4 [pid 3641] <... close resumed>) = 0 [pid 3640] <... mmap resumed>) = 0x7fa6911df000 [pid 3638] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3637] <... write resumed>) = 262144 [pid 3636] ioctl(4, LOOP_SET_FD, 3 [pid 3642] close(3 [pid 3641] memfd_create("syzkaller", 0 [pid 3640] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3638] <... openat resumed>) = 4 [pid 3637] munmap(0x7fa6911df000, 262144 [pid 3636] <... ioctl resumed>) = 0 [pid 3638] ioctl(4, LOOP_SET_FD, 3 [pid 3642] <... close resumed>) = 0 [pid 3641] <... memfd_create resumed>) = 3 [pid 3640] <... write resumed>) = 262144 [pid 3637] <... munmap resumed>) = 0 [pid 3636] close(3 [pid 3642] memfd_create("syzkaller", 0 [pid 3641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3640] munmap(0x7fa6911df000, 262144 [pid 3637] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3636] <... close resumed>) = 0 [pid 3642] <... memfd_create resumed>) = 3 [pid 3641] <... mmap resumed>) = 0x7fa6911df000 [pid 3640] <... munmap resumed>) = 0 [pid 3636] mkdir("./file0", 0777 [pid 3637] <... openat resumed>) = 4 [pid 3642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3641] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3640] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3637] ioctl(4, LOOP_SET_FD, 3 [pid 3636] <... mkdir resumed>) = 0 [pid 3642] <... mmap resumed>) = 0x7fa6911df000 [pid 3636] mount("/dev/loop1", "./file0", "ext4", 0, ",errors=continue" [pid 3641] <... write resumed>) = 262144 [pid 3640] <... openat resumed>) = 4 [pid 3642] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3641] munmap(0x7fa6911df000, 262144 [pid 3640] ioctl(4, LOOP_SET_FD, 3 [pid 3638] <... ioctl resumed>) = 0 [pid 3638] close(3) = 0 [pid 3638] mkdir("./file0", 0777 [pid 3642] <... write resumed>) = 262144 [pid 3641] <... munmap resumed>) = 0 [pid 3640] <... ioctl resumed>) = 0 [pid 3637] <... ioctl resumed>) = 0 [pid 3642] munmap(0x7fa6911df000, 262144 [pid 3641] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3642] <... munmap resumed>) = 0 [pid 3641] <... openat resumed>) = 4 [pid 3638] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 3638] mount("/dev/loop2", "./file0", "ext4", 0, ",errors=continue" syzkaller login: [ 55.246292][ T3636] loop1: detected capacity change from 0 to 512 [ 55.248227][ T3643] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 55.256009][ T3638] loop2: detected capacity change from 0 to 512 [ 55.280374][ T3637] loop0: detected capacity change from 0 to 512 [ 55.290271][ T3640] loop3: detected capacity change from 0 to 512 [pid 3641] ioctl(4, LOOP_SET_FD, 3 [pid 3637] close(3) = 0 [pid 3640] close(3 [pid 3642] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 3642] ioctl(4, LOOP_SET_FD, 3 [pid 3637] mkdir("./file0", 0777 [pid 3640] <... close resumed>) = 0 [pid 3637] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 3640] mkdir("./file0", 0777 [pid 3637] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue" [pid 3640] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 3640] mount("/dev/loop3", "./file0", "ext4", 0, ",errors=continue" [pid 3641] <... ioctl resumed>) = 0 [pid 3642] <... ioctl resumed>) = 0 [pid 3641] close(3 [ 55.310931][ T3641] loop4: detected capacity change from 0 to 512 [ 55.320582][ T3642] loop5: detected capacity change from 0 to 512 [ 55.336525][ T3636] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [ 55.347050][ T3638] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [pid 3636] <... mount resumed>) = 0 [pid 3642] close(3 [pid 3641] <... close resumed>) = 0 [pid 3638] <... mount resumed>) = 0 [pid 3642] <... close resumed>) = 0 [pid 3641] mkdir("./file0", 0777 [pid 3642] mkdir("./file0", 0777 [pid 3641] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 3638] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3642] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 3641] mount("/dev/loop4", "./file0", "ext4", 0, ",errors=continue" [pid 3642] mount("/dev/loop5", "./file0", "ext4", 0, ",errors=continue" [pid 3638] <... openat resumed>) = 3 [pid 3636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 3636] chdir("./file0") = 0 [pid 3636] ioctl(4, LOOP_CLR_FD) = 0 [pid 3636] close(4 [pid 3638] chdir("./file0" [pid 3636] <... close resumed>) = 0 [pid 3636] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 55.363043][ T3637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [ 55.376805][ T3640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [ 55.392302][ T3641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [pid 3641] <... mount resumed>) = 0 [pid 3640] <... mount resumed>) = 0 [pid 3638] <... chdir resumed>) = 0 [pid 3637] <... mount resumed>) = 0 [pid 3636] <... openat resumed>) = 4 [pid 3641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3638] ioctl(4, LOOP_CLR_FD [pid 3637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3641] <... openat resumed>) = 3 [pid 3640] <... openat resumed>) = 3 [pid 3638] <... ioctl resumed>) = 0 [pid 3637] <... openat resumed>) = 3 [pid 3641] chdir("./file0" [pid 3640] chdir("./file0" [pid 3638] close(4 [pid 3637] chdir("./file0" [pid 3641] <... chdir resumed>) = 0 [pid 3640] <... chdir resumed>) = 0 [pid 3638] <... close resumed>) = 0 [pid 3637] <... chdir resumed>) = 0 [pid 3641] ioctl(4, LOOP_CLR_FD [pid 3640] ioctl(4, LOOP_CLR_FD [pid 3638] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3637] ioctl(4, LOOP_CLR_FD [pid 3641] <... ioctl resumed>) = 0 [pid 3640] <... ioctl resumed>) = 0 [pid 3638] <... openat resumed>) = 4 [pid 3637] <... ioctl resumed>) = 0 [pid 3641] close(4 [pid 3640] close(4 [pid 3638] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3637] close(4 [pid 3641] <... close resumed>) = 0 [pid 3640] <... close resumed>) = 0 [pid 3638] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3637] <... close resumed>) = 0 [pid 3641] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3640] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3638] exit_group(0 [pid 3637] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3641] <... openat resumed>) = 4 [pid 3640] <... openat resumed>) = 4 [pid 3638] <... exit_group resumed>) = ? [pid 3637] <... openat resumed>) = 4 [pid 3636] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3641] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3640] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3638] +++ exited with 0 +++ [pid 3637] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3636] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3641] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3640] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3637] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3641] exit_group(0 [pid 3640] exit_group(0 [pid 3637] exit_group(0 [pid 3636] exit_group(0 [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3638, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 3641] <... exit_group resumed>) = ? [pid 3640] <... exit_group resumed>) = ? [pid 3637] <... exit_group resumed>) = ? [pid 3636] <... exit_group resumed>) = ? [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3641] +++ exited with 0 +++ [pid 3640] +++ exited with 0 +++ [pid 3637] +++ exited with 0 +++ [pid 3642] <... mount resumed>) = 0 [pid 3642] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 3642] chdir("./file0") = 0 [pid 3636] +++ exited with 0 +++ [pid 3642] ioctl(4, LOOP_CLR_FD [pid 3632] <... openat resumed>) = 3 [pid 3634] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3641, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 3633] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3640, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 3632] ioctl(3, LOOP_CLR_FD [pid 3630] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3637, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3636, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 3630] restart_syscall(<... resuming interrupted clone ...> [pid 3642] <... ioctl resumed>) = 0 [pid 3631] restart_syscall(<... resuming interrupted clone ...> [pid 3632] <... ioctl resumed>) = 0 [pid 3634] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3632] close(3 [pid 3633] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3631] <... restart_syscall resumed>) = 0 [pid 3630] <... restart_syscall resumed>) = 0 [pid 3634] <... openat resumed>) = 3 [pid 3632] <... close resumed>) = 0 [pid 3633] <... openat resumed>) = 3 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3634] ioctl(3, LOOP_CLR_FD [pid 3642] close(4) = 0 [pid 3642] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 3652 attached [pid 3652] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3634] <... ioctl resumed>) = 0 [pid 3633] ioctl(3, LOOP_CLR_FD [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3652 [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3630] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3652] <... prctl resumed>) = 0 [pid 3634] close(3 [pid 3633] <... ioctl resumed>) = 0 [pid 3631] <... openat resumed>) = 3 [pid 3652] setpgid(0, 0 [pid 3634] <... close resumed>) = 0 [pid 3633] close(3 [pid 3631] ioctl(3, LOOP_CLR_FD [pid 3630] <... openat resumed>) = 3 [pid 3652] <... setpgid resumed>) = 0 [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3633] <... close resumed>) = 0 [pid 3631] <... ioctl resumed>) = 0 [pid 3630] ioctl(3, LOOP_CLR_FD [pid 3652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3652] write(3, "1000", 4 [pid 3633] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3634] <... clone resumed>, child_tidptr=0x555555a665d0) = 3653 [pid 3631] close(3 [pid 3630] <... ioctl resumed>) = 0 [pid 3652] <... write resumed>) = 4 [pid 3652] close(3) = 0 [pid 3652] memfd_create("syzkaller", 0 [pid 3631] <... close resumed>) = 0 [pid 3630] close(3 [pid 3652] <... memfd_create resumed>) = 3 [pid 3633] <... clone resumed>, child_tidptr=0x555555a665d0) = 3654 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3653 attached [pid 3652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3630] <... close resumed>) = 0 [pid 3653] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3652] <... mmap resumed>) = 0x7fa6911df000 [pid 3630] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3653] <... prctl resumed>) = 0 [pid 3652] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3642] <... openat resumed>) = 4 [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3655 ./strace-static-x86_64: Process 3654 attached [pid 3653] setpgid(0, 0 [pid 3652] <... write resumed>) = 262144 [ 55.406873][ T3642] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. [pid 3642] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 3653] <... setpgid resumed>) = 0 [pid 3652] munmap(0x7fa6911df000, 262144 [pid 3630] <... clone resumed>, child_tidptr=0x555555a665d0) = 3656 [pid 3653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3652] <... munmap resumed>) = 0 [pid 3653] <... openat resumed>) = 3 [pid 3652] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3653] write(3, "1000", 4 [pid 3652] <... openat resumed>) = 4 [pid 3653] <... write resumed>) = 4 [pid 3652] ioctl(4, LOOP_SET_FD, 3 [pid 3653] close(3 [pid 3652] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3653] <... close resumed>) = 0 [pid 3653] memfd_create("syzkaller", 0 [pid 3652] ioctl(4, LOOP_CLR_FD [pid 3653] <... memfd_create resumed>) = 3 [pid 3652] <... ioctl resumed>) = 0 [pid 3653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3653] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 3655 attached [pid 3654] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3653] <... write resumed>) = 262144 [pid 3652] ioctl(4, LOOP_SET_FD, 3 [pid 3653] munmap(0x7fa6911df000, 262144 [pid 3652] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 3656 attached [pid 3655] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3654] <... prctl resumed>) = 0 [pid 3653] <... munmap resumed>) = 0 [pid 3652] close(4 [pid 3655] <... prctl resumed>) = 0 [pid 3654] setpgid(0, 0 [pid 3653] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3652] <... close resumed>) = 0 [pid 3656] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3655] setpgid(0, 0 [pid 3654] <... setpgid resumed>) = 0 [pid 3653] <... openat resumed>) = 4 [pid 3652] close(3 [pid 3656] <... prctl resumed>) = 0 [pid 3655] <... setpgid resumed>) = 0 [pid 3654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3653] ioctl(4, LOOP_SET_FD, 3 [pid 3652] <... close resumed>) = 0 [pid 3653] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3652] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3656] setpgid(0, 0 [pid 3655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3654] <... openat resumed>) = 3 [pid 3653] ioctl(4, LOOP_CLR_FD [pid 3652] <... openat resumed>) = 3 [pid 3656] <... setpgid resumed>) = 0 [pid 3654] write(3, "1000", 4 [pid 3653] <... ioctl resumed>) = 0 [pid 3655] <... openat resumed>) = 3 [pid 3652] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3655] write(3, "1000", 4 [pid 3654] <... write resumed>) = 4 [pid 3652] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3656] <... openat resumed>) = 3 [pid 3655] <... write resumed>) = 4 [pid 3654] close(3 [pid 3652] exit_group(0 [pid 3656] write(3, "1000", 4 [pid 3655] close(3 [pid 3654] <... close resumed>) = 0 [pid 3652] <... exit_group resumed>) = ? [pid 3656] <... write resumed>) = 4 [pid 3655] <... close resumed>) = 0 [pid 3654] memfd_create("syzkaller", 0 [pid 3653] ioctl(4, LOOP_SET_FD, 3 [pid 3652] +++ exited with 0 +++ [pid 3653] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3652, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3653] close(4) = 0 [pid 3653] close(3 [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3653] <... close resumed>) = 0 [pid 3632] <... openat resumed>) = 3 [pid 3653] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3632] ioctl(3, LOOP_CLR_FD [pid 3653] <... openat resumed>) = 3 [pid 3632] <... ioctl resumed>) = 0 [pid 3653] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3632] close(3 [pid 3653] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3632] <... close resumed>) = 0 [pid 3653] exit_group(0 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3656] close(3 [pid 3655] memfd_create("syzkaller", 0 [pid 3654] <... memfd_create resumed>) = 3 [pid 3653] <... exit_group resumed>) = ? [pid 3656] <... close resumed>) = 0 [pid 3655] <... memfd_create resumed>) = 3 [pid 3654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3653] +++ exited with 0 +++ [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3657 [pid 3656] memfd_create("syzkaller", 0 [pid 3654] <... mmap resumed>) = 0x7fa6911df000 [pid 3656] <... memfd_create resumed>) = 3 [pid 3655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3634] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3653, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- ./strace-static-x86_64: Process 3657 attached [pid 3657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3657] setpgid(0, 0) = 0 [pid 3654] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3655] <... mmap resumed>) = 0x7fa6911df000 [pid 3657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3656] <... mmap resumed>) = 0x7fa6911df000 [pid 3634] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 3634] ioctl(3, LOOP_CLR_FD [pid 3657] <... openat resumed>) = 3 [pid 3634] <... ioctl resumed>) = 0 [pid 3657] write(3, "1000", 4 [pid 3634] close(3 [pid 3657] <... write resumed>) = 4 [pid 3634] <... close resumed>) = 0 [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3657] close(3) = 0 [pid 3657] memfd_create("syzkaller", 0) = 3 [pid 3657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3655] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3634] <... clone resumed>, child_tidptr=0x555555a665d0) = 3658 [pid 3657] <... mmap resumed>) = 0x7fa6911df000 [pid 3657] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3656] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3655] <... write resumed>) = 262144 [pid 3654] <... write resumed>) = 262144 ./strace-static-x86_64: Process 3658 attached [pid 3658] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3654] munmap(0x7fa6911df000, 262144 [pid 3658] <... prctl resumed>) = 0 [pid 3658] setpgid(0, 0 [pid 3657] munmap(0x7fa6911df000, 262144 [pid 3658] <... setpgid resumed>) = 0 [pid 3658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3657] <... munmap resumed>) = 0 [pid 3654] <... munmap resumed>) = 0 [pid 3658] <... openat resumed>) = 3 [pid 3657] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3656] <... write resumed>) = 262144 [pid 3655] munmap(0x7fa6911df000, 262144 [pid 3654] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3658] write(3, "1000", 4 [pid 3657] <... openat resumed>) = 4 [pid 3654] <... openat resumed>) = 4 [pid 3658] <... write resumed>) = 4 [pid 3657] ioctl(4, LOOP_SET_FD, 3 [pid 3654] ioctl(4, LOOP_SET_FD, 3 [pid 3658] close(3 [pid 3657] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3656] munmap(0x7fa6911df000, 262144 [pid 3654] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3658] <... close resumed>) = 0 [pid 3657] ioctl(4, LOOP_CLR_FD [pid 3655] <... munmap resumed>) = 0 [pid 3654] ioctl(4, LOOP_CLR_FD [pid 3658] memfd_create("syzkaller", 0 [pid 3657] <... ioctl resumed>) = 0 [pid 3656] <... munmap resumed>) = 0 [pid 3654] <... ioctl resumed>) = 0 [pid 3655] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3658] <... memfd_create resumed>) = 3 [pid 3656] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3655] <... openat resumed>) = 4 [pid 3658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3655] ioctl(4, LOOP_SET_FD, 3 [pid 3656] <... openat resumed>) = 4 [pid 3658] <... mmap resumed>) = 0x7fa6911df000 [pid 3655] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3656] ioctl(4, LOOP_SET_FD, 3 [ 55.450805][ T3642] ------------[ cut here ]------------ [ 55.472172][ T3642] kernel BUG at fs/ext4/ext4.h:3331! [ 55.510934][ T3642] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 55.517027][ T3642] CPU: 0 PID: 3642 Comm: syz-executor315 Not tainted 6.1.0-syzkaller-03225-g764822972d64 #0 [ 55.527287][ T3642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 55.537358][ T3642] RIP: 0010:ext4_get_group_info+0x36e/0x3d0 [pid 3658] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3657] ioctl(4, LOOP_SET_FD, 3 [pid 3655] ioctl(4, LOOP_CLR_FD [pid 3654] ioctl(4, LOOP_SET_FD, 3 [pid 3656] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3658] <... write resumed>) = 262144 [pid 3657] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3658] munmap(0x7fa6911df000, 262144 [pid 3657] close(4 [pid 3658] <... munmap resumed>) = 0 [pid 3657] <... close resumed>) = 0 [pid 3658] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3657] close(3 [pid 3658] <... openat resumed>) = 4 [pid 3657] <... close resumed>) = 0 [pid 3658] ioctl(4, LOOP_SET_FD, 3 [pid 3657] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3658] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3657] <... openat resumed>) = 3 [pid 3658] ioctl(4, LOOP_CLR_FD [pid 3657] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3658] <... ioctl resumed>) = 0 [pid 3657] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3657] exit_group(0) = ? [pid 3657] +++ exited with 0 +++ [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3657, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 3632] restart_syscall(<... resuming interrupted clone ...> [pid 3658] ioctl(4, LOOP_SET_FD, 3 [pid 3632] <... restart_syscall resumed>) = 0 [pid 3658] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3658] close(4) = 0 [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3658] close(3 [pid 3632] <... openat resumed>) = 3 [pid 3658] <... close resumed>) = 0 [pid 3632] ioctl(3, LOOP_CLR_FD [pid 3658] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3632] <... ioctl resumed>) = 0 [pid 3658] <... openat resumed>) = 3 [pid 3632] close(3 [pid 3658] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3632] <... close resumed>) = 0 [pid 3658] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3658] exit_group(0) = ? [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3659 [pid 3658] +++ exited with 0 +++ ./strace-static-x86_64: Process 3659 attached [pid 3659] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3659] setpgid(0, 0) = 0 [pid 3659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3659] write(3, "1000", 4) = 4 [pid 3659] close(3) = 0 [pid 3659] memfd_create("syzkaller", 0) = 3 [pid 3659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3659] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3659] munmap(0x7fa6911df000, 262144) = 0 [pid 3659] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 3659] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3659] ioctl(4, LOOP_CLR_FD) = 0 [pid 3659] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3659] close(4) = 0 [pid 3659] close(3) = 0 [pid 3659] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3659] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3659] exit_group(0) = ? [pid 3659] +++ exited with 0 +++ [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3659, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 3632] ioctl(3, LOOP_CLR_FD) = 0 [pid 3632] close(3) = 0 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a665d0) = 3660 ./strace-static-x86_64: Process 3660 attached [pid 3660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3660] setpgid(0, 0) = 0 [pid 3660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3660] write(3, "1000", 4) = 4 [pid 3660] close(3) = 0 [pid 3660] memfd_create("syzkaller", 0) = 3 [pid 3660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3660] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3660] munmap(0x7fa6911df000, 262144) = 0 [pid 3660] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 3660] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3660] ioctl(4, LOOP_CLR_FD) = 0 [pid 3660] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3660] close(4) = 0 [pid 3660] close(3) = 0 [pid 3660] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3660] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3660] exit_group(0) = ? [pid 3660] +++ exited with 0 +++ [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3660, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3632] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 3632] ioctl(3, LOOP_CLR_FD) = 0 [pid 3632] close(3) = 0 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a665d0) = 3661 [pid 3655] <... ioctl resumed>) = 0 [pid 3655] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3655] close(4) = 0 [pid 3655] close(3) = 0 [pid 3655] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3655] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3655] exit_group(0) = ? [pid 3655] +++ exited with 0 +++ [ 55.543293][ T3642] Code: ff 48 c7 c2 e0 77 62 8a be f1 02 00 00 48 c7 c7 40 78 62 8a c6 05 60 5f 18 0c 01 e8 18 8c 84 07 e9 d9 fd ff ff e8 02 49 5c ff <0f> 0b e8 5b 04 a9 ff e9 ea fc ff ff e8 51 04 a9 ff e9 24 fd ff ff [ 55.562995][ T3642] RSP: 0018:ffffc90003e5f3e0 EFLAGS: 00010293 [ 55.569072][ T3642] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 55.577048][ T3642] RDX: ffff888023120000 RSI: ffffffff822477ae RDI: 0000000000000004 [ 55.585020][ T3642] RBP: ffff8880273ea000 R08: 0000000000000004 R09: 0000000000000001 [ 55.593003][ T3642] R10: 0000000000000001 R11: 0000000000092080 R12: ffff8880273e8000 [ 55.600986][ T3642] R13: ffff8880273e8678 R14: 0000000000000001 R15: ffffc90003e5f7c0 [pid 3654] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3654] close(4) = 0 [pid 3654] close(3) = 0 [pid 3654] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3654] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3656] ioctl(4, LOOP_CLR_FD) = 0 [pid 3654] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3654] exit_group(0) = ? [pid 3654] +++ exited with 0 +++ [pid 3633] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3654, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3656] ioctl(4, LOOP_SET_FD, 3 [pid 3633] restart_syscall(<... resuming interrupted clone ...> [pid 3656] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3633] <... restart_syscall resumed>) = 0 [pid 3656] close(4) = 0 [pid 3656] close(3 [pid 3633] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3656] <... close resumed>) = 0 [pid 3633] <... openat resumed>) = 3 [pid 3656] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3633] ioctl(3, LOOP_CLR_FD [pid 3656] <... openat resumed>) = 3 [pid 3633] <... ioctl resumed>) = 0 [pid 3656] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3633] close(3 [pid 3656] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3633] <... close resumed>) = 0 [pid 3656] exit_group(0 [pid 3633] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3656] <... exit_group resumed>) = ? [pid 3656] +++ exited with 0 +++ [pid 3633] <... clone resumed>, child_tidptr=0x555555a665d0) = 3662 [ 55.608983][ T3642] FS: 0000555555a66300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 55.617928][ T3642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.624519][ T3642] CR2: 000055f483e60098 CR3: 0000000076992000 CR4: 0000000000350ef0 [ 55.632510][ T3642] Call Trace: [ 55.635794][ T3642] [ 55.638735][ T3642] ext4_mb_load_buddy_gfp+0xc9/0x1350 [ 55.644126][ T3642] ext4_mballoc_query_range+0xa5/0x890 [ 55.649600][ T3642] ? ext4_getfsmap_helper+0xce0/0xce0 [ 55.654992][ T3642] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3655, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3630] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3656, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3634] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3658, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3631] restart_syscall(<... resuming interrupted clone ...> [pid 3630] restart_syscall(<... resuming interrupted clone ...> [pid 3634] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3631] <... restart_syscall resumed>) = 0 [pid 3630] <... restart_syscall resumed>) = 0 [pid 3634] <... openat resumed>) = 3 [pid 3634] ioctl(3, LOOP_CLR_FD) = 0 [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3630] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3634] close(3 [pid 3631] <... openat resumed>) = 3 [pid 3630] <... openat resumed>) = 3 [pid 3634] <... close resumed>) = 0 [pid 3631] ioctl(3, LOOP_CLR_FD [pid 3630] ioctl(3, LOOP_CLR_FD [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3631] <... ioctl resumed>) = 0 [pid 3630] <... ioctl resumed>) = 0 [pid 3631] close(3 [pid 3630] close(3 [pid 3634] <... clone resumed>, child_tidptr=0x555555a665d0) = 3663 [pid 3631] <... close resumed>) = 0 [pid 3630] <... close resumed>) = 0 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3630] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3665 [pid 3630] <... clone resumed>, child_tidptr=0x555555a665d0) = 3664 ./strace-static-x86_64: Process 3665 attached [pid 3665] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3665] setpgid(0, 0) = 0 [pid 3665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3665] write(3, "1000", 4) = 4 [pid 3665] close(3) = 0 [pid 3665] memfd_create("syzkaller", 0) = 3 [pid 3665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3665] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3665] munmap(0x7fa6911df000, 262144) = 0 [pid 3665] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 3665] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3665] ioctl(4, LOOP_CLR_FD) = 0 [pid 3665] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3665] close(4) = 0 [ 55.660655][ T3642] ? ext4_trim_fs+0x1830/0x1830 [ 55.665540][ T3642] ext4_getfsmap_datadev+0x17f8/0x2a10 [ 55.671024][ T3642] ? ext4_getfsmap_datadev_helper+0x9d0/0x9d0 [ 55.677108][ T3642] ? ext4_dax_fault+0x20/0x20 [ 55.681811][ T3642] ? sort+0x96/0xd0 [ 55.685648][ T3642] ? is_bpf_text_address+0x7b/0x170 [ 55.690862][ T3642] ext4_getfsmap+0x6ce/0x990 [ 55.695482][ T3642] ? ext4_fsmap_to_internal+0x2c0/0x2c0 [ 55.701057][ T3642] ? is_bpf_text_address+0x9d/0x170 [ 55.706288][ T3642] ? ext4_sb_setuuid+0x30/0x30 [pid 3665] close(3) = 0 [pid 3665] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3665] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3665] exit_group(0) = ? [pid 3665] +++ exited with 0 +++ [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3665, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 3631] ioctl(3, LOOP_CLR_FD) = 0 [pid 3631] close(3) = 0 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a665d0) = 3666 ./strace-static-x86_64: Process 3666 attached [pid 3666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3666] setpgid(0, 0) = 0 [pid 3666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3666] write(3, "1000", 4) = 4 [pid 3666] close(3) = 0 [pid 3666] memfd_create("syzkaller", 0) = 3 [pid 3666] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3666] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3666] munmap(0x7fa6911df000, 262144) = 0 [ 55.711076][ T3642] ? find_held_lock+0x2d/0x110 [ 55.715865][ T3642] ? ext4_getfsmap_datadev_helper+0x9d0/0x9d0 [ 55.721942][ T3642] ? lock_downgrade+0x6e0/0x6e0 [ 55.726809][ T3642] ext4_ioc_getfsmap+0x344/0x990 [ 55.731757][ T3642] ? ext4_ioctl_group_add+0x580/0x580 [ 55.737141][ T3642] ? find_held_lock+0x2d/0x110 [ 55.741932][ T3642] ? debug_check_no_obj_freed+0x210/0x420 [ 55.747667][ T3642] ? _raw_spin_unlock_irqrestore+0x54/0x70 [ 55.753496][ T3642] ? lock_downgrade+0x6e0/0x6e0 [pid 3666] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 3666] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3666] ioctl(4, LOOP_CLR_FD) = 0 [pid 3666] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3666] close(4) = 0 [pid 3666] close(3) = 0 [pid 3666] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3666] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3666] exit_group(0) = ? [pid 3666] +++ exited with 0 +++ [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3666, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 3631] ioctl(3, LOOP_CLR_FD) = 0 [pid 3631] close(3) = 0 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555a665d0) = 3667 ./strace-static-x86_64: Process 3667 attached [pid 3667] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3667] setpgid(0, 0) = 0 [pid 3667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3667] write(3, "1000", 4) = 4 [pid 3667] close(3) = 0 [pid 3667] memfd_create("syzkaller", 0) = 3 [pid 3667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [ 55.758359][ T3642] ? __kmem_cache_free+0xaf/0x3b0 [ 55.763410][ T3642] __ext4_ioctl+0x352/0x4b60 [ 55.768009][ T3642] ? tomoyo_path_number_perm+0x166/0x570 [ 55.773677][ T3642] ? ext4_reset_inode_seed+0x450/0x450 [ 55.779242][ T3642] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 55.785174][ T3642] ? do_vfs_ioctl+0x132/0x15b0 [ 55.789974][ T3642] ? vfs_fileattr_set+0xbe0/0xbe0 [ 55.795041][ T3642] ? find_held_lock+0x2d/0x110 [ 55.799833][ T3642] ? calibrate_delay+0x1f3/0x1130 [ 55.804872][ T3642] ? lock_downgrade+0x6e0/0x6e0 [pid 3667] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3667] munmap(0x7fa6911df000, 262144) = 0 [pid 3667] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 3667] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3667] ioctl(4, LOOP_CLR_FD) = 0 [pid 3667] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 3661 attached ) = -1 EBUSY (Device or resource busy) [pid 3667] close(4 [pid 3661] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3667] <... close resumed>) = 0 [pid 3661] <... prctl resumed>) = 0 [pid 3667] close(3 [pid 3661] setpgid(0, 0 [pid 3667] <... close resumed>) = 0 [pid 3661] <... setpgid resumed>) = 0 [pid 3667] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3667] <... openat resumed>) = 3 [pid 3661] <... openat resumed>) = 3 [pid 3667] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3661] write(3, "1000", 4 [pid 3667] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3661] <... write resumed>) = 4 [pid 3667] exit_group(0 [pid 3661] close(3 [pid 3667] <... exit_group resumed>) = ? [pid 3661] <... close resumed>) = 0 [pid 3667] +++ exited with 0 +++ [pid 3661] memfd_create("syzkaller", 0) = 3 [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3667, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3631] restart_syscall(<... resuming interrupted clone ...> [pid 3661] <... mmap resumed>) = 0x7fa6911df000 [pid 3631] <... restart_syscall resumed>) = 0 [pid 3661] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3661] munmap(0x7fa6911df000, 262144 [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3661] <... munmap resumed>) = 0 [pid 3631] <... openat resumed>) = 3 [pid 3661] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3631] ioctl(3, LOOP_CLR_FD [pid 3661] <... openat resumed>) = 4 [pid 3631] <... ioctl resumed>) = 0 [ 55.809741][ T3642] ? ext4_fileattr_set+0x1a50/0x1a50 [ 55.815033][ T3642] __x64_sys_ioctl+0x197/0x210 [ 55.819815][ T3642] do_syscall_64+0x39/0xb0 [ 55.824269][ T3642] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 55.830190][ T3642] RIP: 0033:0x7fa69962c3e9 [ 55.834614][ T3642] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 55.854233][ T3642] RSP: 002b:00007fffac3640b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [pid 3661] ioctl(4, LOOP_SET_FD, 3 [pid 3631] close(3 [pid 3661] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3631] <... close resumed>) = 0 [pid 3661] ioctl(4, LOOP_CLR_FD [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3661] <... ioctl resumed>) = 0 [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3668 ./strace-static-x86_64: Process 3668 attached [pid 3661] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3661] close(4) = 0 [pid 3661] close(3) = 0 [pid 3661] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3661] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3661] exit_group(0 [pid 3668] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3661] <... exit_group resumed>) = ? [pid 3668] <... prctl resumed>) = 0 [pid 3661] +++ exited with 0 +++ [pid 3668] setpgid(0, 0) = 0 [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3661, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3632] restart_syscall(<... resuming interrupted clone ...> [pid 3668] <... openat resumed>) = 3 [pid 3632] <... restart_syscall resumed>) = 0 [pid 3668] write(3, "1000", 4) = 4 [pid 3668] close(3 [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3668] <... close resumed>) = 0 [pid 3632] <... openat resumed>) = 3 [pid 3668] memfd_create("syzkaller", 0 [pid 3632] ioctl(3, LOOP_CLR_FD [pid 3668] <... memfd_create resumed>) = 3 [pid 3632] <... ioctl resumed>) = 0 [pid 3668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3632] close(3 [pid 3668] <... mmap resumed>) = 0x7fa6911df000 [pid 3632] <... close resumed>) = 0 [pid 3668] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3668] <... write resumed>) = 262144 [pid 3668] munmap(0x7fa6911df000, 262144 [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3669 [pid 3668] <... munmap resumed>) = 0 [pid 3668] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 3668] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3668] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 3669 attached [pid 3669] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3668] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3668] close(4 [pid 3669] <... prctl resumed>) = 0 [pid 3668] <... close resumed>) = 0 [pid 3669] setpgid(0, 0 [pid 3668] close(3 [pid 3669] <... setpgid resumed>) = 0 [pid 3668] <... close resumed>) = 0 [pid 3669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3668] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 3669] <... openat resumed>) = 3 [pid 3668] <... openat resumed>) = 3 [pid 3669] write(3, "1000", 4 [pid 3668] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3669] <... write resumed>) = 4 [pid 3668] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3669] close(3 [pid 3668] exit_group(0 [pid 3669] <... close resumed>) = 0 [pid 3668] <... exit_group resumed>) = ? [pid 3669] memfd_create("syzkaller", 0 [pid 3668] +++ exited with 0 +++ [pid 3669] <... memfd_create resumed>) = 3 [ 55.862655][ T3642] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fa69962c3e9 [ 55.870628][ T3642] RDX: 0000000020000200 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 55.878601][ T3642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 55.886590][ T3642] R10: 00000000000003f1 R11: 0000000000000246 R12: 00007fa6995eb5c0 [ 55.894565][ T3642] R13: 00007fffac3640e0 R14: 00007fffac3640cc R15: 00007fffac3640d0 [ 55.902555][ T3642] [ 55.905574][ T3642] Modules linked in: [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3668, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- ./strace-static-x86_64: Process 3664 attached ./strace-static-x86_64: Process 3663 attached ./strace-static-x86_64: Process 3662 attached [pid 3669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [pid 3664] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3663] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3669] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3662] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3669] <... write resumed>) = 262144 [pid 3631] <... openat resumed>) = 3 [pid 3669] munmap(0x7fa6911df000, 262144 [pid 3631] ioctl(3, LOOP_CLR_FD [pid 3669] <... munmap resumed>) = 0 [pid 3631] <... ioctl resumed>) = 0 [pid 3669] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3664] <... prctl resumed>) = 0 [pid 3663] <... prctl resumed>) = 0 [pid 3662] <... prctl resumed>) = 0 [pid 3631] close(3 [pid 3669] <... openat resumed>) = 4 [pid 3631] <... close resumed>) = 0 [pid 3669] ioctl(4, LOOP_SET_FD, 3 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3669] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 3669] ioctl(4, LOOP_CLR_FD [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3670 [pid 3669] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 3670 attached [pid 3669] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3669] close(4) = 0 [pid 3669] close(3) = 0 [pid 3669] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3669] ioctl(3, FS_IOC_GETFSMAP, 0x20000200 [pid 3670] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3669] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 3670] <... prctl resumed>) = 0 [pid 3669] exit_group(0 [pid 3670] setpgid(0, 0 [pid 3669] <... exit_group resumed>) = ? [pid 3670] <... setpgid resumed>) = 0 [pid 3669] +++ exited with 0 +++ [pid 3670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3632] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3669, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3670] <... openat resumed>) = 3 [pid 3670] write(3, "1000", 4) = 4 [pid 3664] setpgid(0, 0 [pid 3663] setpgid(0, 0 [pid 3662] setpgid(0, 0 [pid 3632] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3670] close(3 [pid 3632] <... openat resumed>) = 3 [pid 3670] <... close resumed>) = 0 [pid 3632] ioctl(3, LOOP_CLR_FD [pid 3670] memfd_create("syzkaller", 0 [pid 3632] <... ioctl resumed>) = 0 [pid 3670] <... memfd_create resumed>) = 3 [pid 3632] close(3 [pid 3670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3632] <... close resumed>) = 0 [pid 3670] <... mmap resumed>) = 0x7fa6911df000 [pid 3632] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3670] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 3664] <... setpgid resumed>) = 0 [pid 3663] <... setpgid resumed>) = 0 [pid 3662] <... setpgid resumed>) = 0 [pid 3670] <... write resumed>) = 262144 [pid 3632] <... clone resumed>, child_tidptr=0x555555a665d0) = 3671 ./strace-static-x86_64: Process 3671 attached [pid 3670] munmap(0x7fa6911df000, 262144 [pid 3664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3670] <... munmap resumed>) = 0 [pid 3670] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 3670] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [ 55.923823][ T3642] ---[ end trace 0000000000000000 ]--- [ 55.929361][ T3642] RIP: 0010:ext4_get_group_info+0x36e/0x3d0 [ 55.936174][ T3642] Code: ff 48 c7 c2 e0 77 62 8a be f1 02 00 00 48 c7 c7 40 78 62 8a c6 05 60 5f 18 0c 01 e8 18 8c 84 07 e9 d9 fd ff ff e8 02 49 5c ff <0f> 0b e8 5b 04 a9 ff e9 ea fc ff ff e8 51 04 a9 ff e9 24 fd ff ff [ 55.956859][ T3642] RSP: 0018:ffffc90003e5f3e0 EFLAGS: 00010293 [ 55.963004][ T3642] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [pid 3670] ioctl(4, LOOP_CLR_FD) = 0 [pid 3670] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 3670] close(4) = 0 [pid 3670] close(3 [pid 3671] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3670] <... close resumed>) = 0 [pid 3664] <... openat resumed>) = 3 [pid 3663] <... openat resumed>) = 3 [pid 3662] <... openat resumed>) = 3 [pid 3670] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 3670] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 3670] exit_group(0) = ? [pid 3671] <... prctl resumed>) = 0 [pid 3670] +++ exited with 0 +++ [pid 3664] write(3, "1000", 4 [pid 3663] write(3, "1000", 4 [pid 3662] write(3, "1000", 4 [pid 3631] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3670, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 3631] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 3631] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 3631] ioctl(3, LOOP_CLR_FD) = 0 [pid 3631] close(3) = 0 [pid 3631] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3671] setpgid(0, 0 [pid 3664] <... write resumed>) = 4 [pid 3663] <... write resumed>) = 4 [pid 3662] <... write resumed>) = 4 [pid 3631] <... clone resumed>, child_tidptr=0x555555a665d0) = 3672 ./strace-static-x86_64: Process 3672 attached [pid 3671] <... setpgid resumed>) = 0 [pid 3664] close(3 [pid 3663] close(3 [pid 3662] close(3 [pid 3671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3664] <... close resumed>) = 0 [pid 3663] <... close resumed>) = 0 [pid 3672] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3671] <... openat resumed>) = 3 [pid 3662] <... close resumed>) = 0 [pid 3671] write(3, "1000", 4 [pid 3664] memfd_create("syzkaller", 0 [pid 3672] <... prctl resumed>) = 0 [pid 3671] <... write resumed>) = 4 [pid 3663] memfd_create("syzkaller", 0 [pid 3662] memfd_create("syzkaller", 0 [ 55.971672][ T3642] RDX: ffff888023120000 RSI: ffffffff822477ae RDI: 0000000000000004 [ 55.980396][ T3642] RBP: ffff8880273ea000 R08: 0000000000000004 R09: 0000000000000001 [ 55.988622][ T3642] R10: 0000000000000001 R11: 0000000000092080 R12: ffff8880273e8000 [ 55.996862][ T3642] R13: ffff8880273e8678 R14: 0000000000000001 R15: ffffc90003e5f7c0 [ 56.004977][ T3642] FS: 0000555555a66300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 56.014586][ T3642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [pid 3671] close(3) = 0 [pid 3672] setpgid(0, 0 [pid 3671] memfd_create("syzkaller", 0 [pid 3664] <... memfd_create resumed>) = 3 [pid 3663] <... memfd_create resumed>) = 3 [pid 3662] <... memfd_create resumed>) = 3 [pid 3671] <... memfd_create resumed>) = 3 [pid 3671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa6911df000 [ 56.021762][ T3642] CR2: 0000555555a665d0 CR3: 0000000076992000 CR4: 0000000000350ef0 [ 56.030344][ T3642] Kernel panic - not syncing: Fatal exception [ 56.037001][ T3642] Kernel Offset: disabled [ 56.041316][ T3642] Rebooting in 86400 seconds..