./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3482960770

<...>
Warning: Permanently added '10.128.0.69' (ED25519) to the list of known hosts.
execve("./syz-executor3482960770", ["./syz-executor3482960770"], 0x7ffe63cadd00 /* 10 vars */) = 0
brk(NULL)                               = 0x55557d404000
brk(0x55557d404d00)                     = 0x55557d404d00
arch_prctl(ARCH_SET_FS, 0x55557d404380) = 0
set_tid_address(0x55557d404650)         = 5853
set_robust_list(0x55557d404660, 24)     = 0
rseq(0x55557d404ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3482960770", 4096) = 28
getrandom("\x8e\xbd\x1f\x72\xdd\xec\x87\xc0", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55557d404d00
brk(0x55557d425d00)                     = 0x55557d425d00
brk(0x55557d426000)                     = 0x55557d426000
mprotect(0x7fd414f16000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18)     = 18
openat(AT_FDCWD, "/dev/loop7", O_RDWR|O_CREAT|O_NONBLOCK|__O_SYNC|O_CLOEXEC|0x20, 000) = 3
openat(AT_FDCWD, "/sys/kernel/fscaps", O_RDONLY|O_NOATIME) = 4
[   91.013213][ T5853] loop7: detected capacity change from 0 to 7
[   91.022774][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.032182][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.040638][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.049910][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.058157][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.067418][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.075933][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.085111][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.093426][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.102594][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.110684][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.119877][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.129497][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.138726][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.146739][ T5853] ldm_validate_partition_table(): Disk read failed.
[   91.154179][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.163340][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.171578][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.180751][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.189190][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.198349][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.207020][ T5853] Dev loop7: unable to read RDB block 0
ioctl(3, LOOP_CONFIGURE, {fd=4, block_size=0, info={lo_offset=0x4, lo_number=0, lo_flags=LO_FLAGS_AUTOCLEAR|LO_FLAGS_PARTSCAN, lo_file_name="\xfa\xf9\x83\x17\xe5\xa1\x14\x99\x89\xfc\x8d\xbe\x43\xea\x6a\xcc\x96\xe3\xa2\x50\x3d\xc3\xff\x03\xe3\x7d\x58\x12\x70\xba\xd0\x09\x9c\xeb\xdc\x25\xf5\xab\x60\xc9\xe6\xd6\x80\xf9\x85\x88\x1a\x7b\xed\xa9\xd6\x90\x98\xc8\xb5\x34\x46\x4c\x51\x6b\xdd\x8a\x0f"..., ...}}) = 0
[   91.213379][ T5853]  loop7: unable to read partition table
[   91.219433][ T5853] loop7: partition table beyond EOD, truncated
[   91.225617][ T5853] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=Ãÿã}XpºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5)
[   91.279252][ T5853] 
[   91.281650][ T5853] ======================================================
[   91.288677][ T5853] WARNING: possible circular locking dependency detected
[   91.295721][ T5853] 6.16.0-rc6-next-20250718-syzkaller #0 Not tainted
[   91.302301][ T5853] ------------------------------------------------------
[   91.309357][ T5853] syz-executor348/5853 is trying to acquire lock:
[   91.315779][ T5853] ffff88801b6ffa20 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450
[   91.326061][ T5853] 
[   91.326061][ T5853] but task is already holding lock:
[   91.333508][ T5853] ffff888142fcec98 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.343270][ T5853] 
[   91.343270][ T5853] which lock already depends on the new lock.
[   91.343270][ T5853] 
[   91.353671][ T5853] 
[   91.353671][ T5853] the existing dependency chain (in reverse order) is:
[   91.362859][ T5853] 
[   91.362859][ T5853] -> #2 (&q->q_usage_counter(io)#25){++++}-{0:0}:
[   91.371576][ T5853]        lock_acquire+0x120/0x360
[   91.376639][ T5853]        blk_alloc_queue+0x538/0x620
[   91.382803][ T5853]        __blk_mq_alloc_disk+0x15c/0x340
[   91.388459][ T5853]        loop_add+0x411/0xad0
[   91.393148][ T5853]        loop_init+0x173/0x230
[   91.397925][ T5853]        do_one_initcall+0x233/0x820
[   91.403260][ T5853]        do_initcall_level+0x137/0x1f0
[   91.408758][ T5853]        do_initcalls+0x69/0xd0
[   91.413642][ T5853]        kernel_init_freeable+0x3d9/0x590
[   91.419410][ T5853]        kernel_init+0x1d/0x1d0
[   91.424383][ T5853]        ret_from_fork+0x3f9/0x770
[   91.429536][ T5853]        ret_from_fork_asm+0x1a/0x30
[   91.434841][ T5853] 
[   91.434841][ T5853] -> #1 (fs_reclaim){+.+.}-{0:0}:
[   91.442179][ T5853]        lock_acquire+0x120/0x360
[   91.447233][ T5853]        fs_reclaim_acquire+0x72/0x100
[   91.452804][ T5853]        kmem_cache_alloc_noprof+0x44/0x3c0
[   91.458726][ T5853]        __kernfs_iattrs+0xd9/0x320
[   91.463964][ T5853]        kernfs_iop_setattr+0xea/0x3f0
[   91.469436][ T5853]        notify_change+0xb36/0xe40
[   91.474575][ T5853]        do_truncate+0x1a4/0x220
[   91.479541][ T5853]        path_openat+0x306c/0x3830
[   91.484712][ T5853]        do_filp_open+0x1fa/0x410
[   91.489763][ T5853]        do_sys_openat2+0x121/0x1c0
[   91.494986][ T5853]        __x64_sys_openat+0x138/0x170
[   91.500376][ T5853]        do_syscall_64+0xfa/0x3b0
[   91.505453][ T5853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.511943][ T5853] 
[   91.511943][ T5853] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[   91.520552][ T5853]        validate_chain+0xb9b/0x2140
[   91.525858][ T5853]        __lock_acquire+0xab9/0xd20
[   91.531063][ T5853]        lock_acquire+0x120/0x360
[   91.536088][ T5853]        down_read+0x46/0x2e0
[   91.540813][ T5853]        kernfs_iop_getattr+0x9e/0x450
[   91.546298][ T5853]        vfs_getattr_nosec+0x2de/0x430
[   91.551775][ T5853]        loop_assign_backing_file+0x222/0x400
[   91.557869][ T5853]        lo_ioctl+0x1860/0x1d00
[   91.562746][ T5853]        blkdev_ioctl+0x5a5/0x6d0
[   91.567804][ T5853]        __se_sys_ioctl+0xf9/0x170
[   91.572971][ T5853]        do_syscall_64+0xfa/0x3b0
[   91.578172][ T5853]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.584607][ T5853] 
[   91.584607][ T5853] other info that might help us debug this:
[   91.584607][ T5853] 
[   91.594851][ T5853] Chain exists of:
[   91.594851][ T5853]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#25
[   91.594851][ T5853] 
[   91.609310][ T5853]  Possible unsafe locking scenario:
[   91.609310][ T5853] 
[   91.616775][ T5853]        CPU0                    CPU1
[   91.622163][ T5853]        ----                    ----
[   91.627541][ T5853]   lock(&q->q_usage_counter(io)#25);
[   91.632937][ T5853]                                lock(fs_reclaim);
[   91.639462][ T5853]                                lock(&q->q_usage_counter(io)#25);
[   91.647378][ T5853]   rlock(&root->kernfs_iattr_rwsem);
[   91.652785][ T5853] 
[   91.652785][ T5853]  *** DEADLOCK ***
[   91.652785][ T5853] 
[   91.660933][ T5853] 3 locks held by syz-executor348/5853:
[   91.666478][ T5853]  #0: ffff888142feb400 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0xfbf/0x1d00
[   91.675549][ T5853]  #1: ffff888142fcec98 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.685855][ T5853]  #2: ffff888142fcecd0 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.696324][ T5853] 
[   91.696324][ T5853] stack backtrace:
[   91.702229][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: syz-executor348 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[   91.702250][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.702270][ T5853] Call Trace:
[   91.702279][ T5853]  <TASK>
[   91.702287][ T5853]  dump_stack_lvl+0x189/0x250
[   91.702313][ T5853]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.702335][ T5853]  ? __pfx__printk+0x10/0x10
[   91.702363][ T5853]  print_circular_bug+0x2ee/0x310
[   91.702387][ T5853]  check_noncircular+0x134/0x160
[   91.702411][ T5853]  validate_chain+0xb9b/0x2140
[   91.702433][ T5853]  ? tomoyo_path_perm+0x1e3/0x4b0
[   91.702461][ T5853]  __lock_acquire+0xab9/0xd20
[   91.702481][ T5853]  ? kernfs_iop_getattr+0x9e/0x450
[   91.702497][ T5853]  lock_acquire+0x120/0x360
[   91.702513][ T5853]  ? kernfs_iop_getattr+0x9e/0x450
[   91.702535][ T5853]  down_read+0x46/0x2e0
[   91.702550][ T5853]  ? kernfs_iop_getattr+0x9e/0x450
[   91.702566][ T5853]  kernfs_iop_getattr+0x9e/0x450
[   91.702584][ T5853]  vfs_getattr_nosec+0x2de/0x430
[   91.702601][ T5853]  loop_assign_backing_file+0x222/0x400
[   91.702626][ T5853]  ? __pfx_loop_assign_backing_file+0x10/0x10
[   91.702647][ T5853]  ? schedule+0x91/0x360
[   91.702674][ T5853]  ? percpu_ref_kill_and_confirm+0xa3/0x130
[   91.702704][ T5853]  lo_ioctl+0x1860/0x1d00
[   91.702723][ T5853]  ? __lock_acquire+0xab9/0xd20
[   91.702744][ T5853]  ? __pfx_lo_ioctl+0x10/0x10
[   91.702763][ T5853]  ? __lock_acquire+0xab9/0xd20
[   91.702792][ T5853]  ? is_bpf_text_address+0x26/0x2b0
[   91.702813][ T5853]  ? is_bpf_text_address+0x292/0x2b0
[   91.702832][ T5853]  ? is_bpf_text_address+0x26/0x2b0
[   91.702852][ T5853]  ? __lock_acquire+0xab9/0xd20
[   91.702873][ T5853]  ? __lock_acquire+0xab9/0xd20
[   91.702897][ T5853]  ? is_bpf_text_address+0x26/0x2b0
[   91.702918][ T5853]  ? is_bpf_text_address+0x292/0x2b0
[   91.702936][ T5853]  ? is_bpf_text_address+0x26/0x2b0
[   91.702956][ T5853]  ? kernel_text_address+0xa5/0xe0
[   91.702971][ T5853]  ? __kernel_text_address+0xd/0x40
[   91.702985][ T5853]  ? unwind_get_return_address+0x4d/0x90
[   91.703006][ T5853]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   91.703030][ T5853]  ? arch_stack_walk+0xfc/0x150
[   91.703056][ T5853]  ? stack_trace_save+0x9c/0xe0
[   91.703080][ T5853]  ? stack_depot_save_flags+0x40/0x900
[   91.703104][ T5853]  ? kasan_save_track+0x4f/0x80
[   91.703118][ T5853]  ? kasan_save_track+0x3e/0x80
[   91.703131][ T5853]  ? kasan_save_free_info+0x46/0x50
[   91.703152][ T5853]  ? __kasan_slab_free+0x62/0x70
[   91.703167][ T5853]  ? kfree+0x18e/0x440
[   91.703180][ T5853]  ? tomoyo_path_number_perm+0x47a/0x5a0
[   91.703200][ T5853]  ? security_file_ioctl+0xcb/0x2d0
[   91.703218][ T5853]  ? __se_sys_ioctl+0x47/0x170
[   91.703236][ T5853]  ? do_syscall_64+0xfa/0x3b0
[   91.703258][ T5853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.703288][ T5853]  ? kasan_quarantine_put+0xdd/0x220
[   91.703307][ T5853]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   91.703327][ T5853]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   91.703349][ T5853]  ? do_vfs_ioctl+0xbe8/0x1430
[   91.703367][ T5853]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   91.703388][ T5853]  ? __asan_memset+0x22/0x50
[   91.703411][ T5853]  ? blk_get_meta_cap+0x140/0x6d0
[   91.703434][ T5853]  ? __pfx_blk_get_meta_cap+0x10/0x10
[   91.703459][ T5853]  ? blkdev_common_ioctl+0xa8d/0xc50
[   91.703481][ T5853]  ? __pfx_lo_ioctl+0x10/0x10
[   91.703501][ T5853]  blkdev_ioctl+0x5a5/0x6d0
[   91.703526][ T5853]  ? __pfx_blkdev_ioctl+0x10/0x10
[   91.703548][ T5853]  ? bpf_lsm_file_ioctl+0x9/0x20
[   91.703563][ T5853]  ? __pfx_blkdev_ioctl+0x10/0x10
[   91.703584][ T5853]  __se_sys_ioctl+0xf9/0x170
[   91.703603][ T5853]  do_syscall_64+0xfa/0x3b0
[   91.703626][ T5853]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.703648][ T5853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.703663][ T5853]  ? clear_bhb_loop+0x60/0xb0
[   91.703681][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.703697][ T5853] RIP: 0033:0x7fd414ea32a9
[   91.703715][ T5853] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   91.703733][ T5853] RSP: 002b:00007ffca46c1e38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.703749][ T5853] RAX: ffffffffffffffda RBX: 00007ffca46c2008 RCX: 00007fd414ea32a9
[   91.703761][ T5853] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000003
[   91.703776][ T5853] RBP: 00007fd414f16610 R08: 00007ffca46c2008 R09: 00007ffca46c2008
[   91.703787][ T5853] R10: 00007ffca46c2008 R11: 0000000000000246 R12: 0000000000000001
[   91.703797][ T5853] R13: 00007ffca46c1ff8 R14: 0000000000000001 R15: 0000000000000001
[   91.703813][ T5853]  </TASK>
[   92.154700][ T5853] ldm_validate_partition_table(): Disk read failed.
[   92.161983][ T5853] Dev loop7: unable to read RDB block 0
[   92.168140][ T5853]  loop7: unable to read partition table
[   92.173961][ T5853] loop7: partition table beyond EOD, truncated
ioctl(3, LOOP_CHANGE_FD, 4)             = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   92.180238][ T5853] loop_reread