./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor930934765 <...> Warning: Permanently added '10.128.0.90' (ED25519) to the list of known hosts. execve("./syz-executor930934765", ["./syz-executor930934765"], 0x7ffd83a4c680 /* 10 vars */) = 0 brk(NULL) = 0x5555701f6000 brk(0x5555701f6d00) = 0x5555701f6d00 arch_prctl(ARCH_SET_FS, 0x5555701f6380) = 0 set_tid_address(0x5555701f6650) = 5825 set_robust_list(0x5555701f6660, 24) = 0 rseq(0x5555701f6ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor930934765", 4096) = 27 getrandom("\xc6\x0c\xa7\xcb\x54\xae\x44\x91", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555701f6d00 brk(0x555570217d00) = 0x555570217d00 brk(0x555570218000) = 0x555570218000 mprotect(0x7fb4096c0000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5826 attached [pid 5826] set_robust_list(0x5555701f6660, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555701f6650) = 5826 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] mkdir("./syzkaller.eNrj1i", 0700./strace-static-x86_64: Process 5827 attached [pid 5827] set_robust_list(0x5555701f6660, 24 [pid 5825] <... clone resumed>, child_tidptr=0x5555701f6650) = 5827 [pid 5827] <... set_robust_list resumed>) = 0 [pid 5827] mkdir("./syzkaller.LVFc8M", 0700 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] chmod("./syzkaller.eNrj1i", 0777 [pid 5825] <... clone resumed>, child_tidptr=0x5555701f6650) = 5828 ./strace-static-x86_64: Process 5828 attached [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... chmod resumed>) = 0 [pid 5828] set_robust_list(0x5555701f6660, 24 [pid 5826] chdir("./syzkaller.eNrj1i" [pid 5828] <... set_robust_list resumed>) = 0 [pid 5826] <... chdir resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] chmod("./syzkaller.LVFc8M", 0777 [pid 5828] mkdir("./syzkaller.TONQWu", 0700 [pid 5826] unshare(CLONE_NEWPID./strace-static-x86_64: Process 5829 attached [pid 5827] <... chmod resumed>) = 0 [pid 5827] chdir("./syzkaller.LVFc8M" [pid 5826] <... unshare resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x5555701f6650) = 5829 [pid 5829] set_robust_list(0x5555701f6660, 24 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... chdir resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... set_robust_list resumed>) = 0 [pid 5828] chmod("./syzkaller.TONQWu", 0777 [pid 5827] unshare(CLONE_NEWPID./strace-static-x86_64: Process 5830 attached [pid 5829] mkdir("./syzkaller.5Lh0el", 0700 [pid 5828] <... chmod resumed>) = 0 [pid 5827] <... unshare resumed>) = 0 [pid 5830] set_robust_list(0x5555701f6660, 24 [pid 5828] chdir("./syzkaller.TONQWu" [pid 5830] <... set_robust_list resumed>) = 0 [pid 5828] <... chdir resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x5555701f6650) = 5830 ./strace-static-x86_64: Process 5831 attached [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] unshare(CLONE_NEWPID [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... unshare resumed>) = 0 [pid 5830] <... prctl resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5832 attached [pid 5830] getppid() = 0 [pid 5830] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, ./strace-static-x86_64: Process 5833 attached [pid 5825] <... clone resumed>, child_tidptr=0x5555701f6650) = 5831 [pid 5831] set_robust_list(0x5555701f6660, 24 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5832] set_robust_list(0x5555701f6660, 24 [pid 5830] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5833] set_robust_list(0x5555701f6660, 24 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5829] chmod("./syzkaller.5Lh0el", 0777 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5830] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5827] <... clone resumed>, child_tidptr=0x5555701f6650) = 5833 [pid 5832] <... prctl resumed>) = 0 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x5555701f6650) = 5832 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5832] getppid( [pid 5831] getrandom( [pid 5830] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5829] <... chmod resumed>) = 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] <... getppid resumed>) = 0 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5833] <... prctl resumed>) = 0 [pid 5832] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5831] <... getrandom resumed>"\x95\x73\x50\x7c\xc0\xab\x9c\x58", 8, GRND_NONBLOCK) = 8 [pid 5830] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5829] chdir("./syzkaller.5Lh0el" [pid 5833] getppid( [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5831] mkdir("./syzkaller.BxEcsF", 0700 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5833] <... getppid resumed>) = 0 [pid 5832] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5830] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5833] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5830] <... prlimit64 resumed>NULL) = 0 [pid 5832] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5830] unshare(CLONE_NEWNS [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5831] <... mkdir resumed>) = 0 [pid 5830] <... unshare resumed>) = 0 [pid 5829] unshare(CLONE_NEWPID [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5832] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5833] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5829] <... unshare resumed>) = 0 [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5831] chmod("./syzkaller.BxEcsF", 0777 [pid 5830] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL./strace-static-x86_64: Process 5834 attached [pid 5833] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5832] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5831] <... chmod resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x5555701f6650) = 5834 [pid 5834] set_robust_list(0x5555701f6660, 24 [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5831] chdir("./syzkaller.BxEcsF" [pid 5830] <... mount resumed>) = 0 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5833] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5832] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5831] <... chdir resumed>) = 0 [pid 5830] unshare(CLONE_NEWIPC [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5832] <... prlimit64 resumed>NULL) = 0 [pid 5834] <... prctl resumed>) = 0 [pid 5833] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5832] unshare(CLONE_NEWNS [pid 5831] unshare(CLONE_NEWPID [pid 5830] <... unshare resumed>) = 0 [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5831] <... unshare resumed>) = 0 [pid 5834] getppid( [pid 5833] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5831] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5830] unshare(CLONE_NEWCGROUP [pid 5834] <... getppid resumed>) = 0 [pid 5833] <... prlimit64 resumed>NULL) = 0 [pid 5832] <... unshare resumed>) = 0 ./strace-static-x86_64: Process 5835 attached [pid 5833] unshare(CLONE_NEWNS [pid 5834] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5835] set_robust_list(0x5555701f6660, 24 [pid 5831] <... clone resumed>, child_tidptr=0x5555701f6650) = 5835 [pid 5830] <... unshare resumed>) = 0 [pid 5835] <... set_robust_list resumed>) = 0 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5833] <... unshare resumed>) = 0 [pid 5832] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5830] unshare(CLONE_NEWUTS [pid 5835] <... prctl resumed>) = 0 [pid 5834] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5832] <... mount resumed>) = 0 [pid 5830] <... unshare resumed>) = 0 [pid 5835] getppid( [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5830] unshare(CLONE_SYSVSEM [pid 5835] <... getppid resumed>) = 0 [pid 5834] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5832] unshare(CLONE_NEWIPC [pid 5830] <... unshare resumed>) = 0 [pid 5835] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5833] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5832] <... unshare resumed>) = 0 [pid 5833] <... mount resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5833] unshare(CLONE_NEWIPC [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5834] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5833] <... unshare resumed>) = 0 [pid 5832] unshare(CLONE_NEWCGROUP [pid 5830] <... openat resumed>) = 3 [pid 5835] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5832] <... unshare resumed>) = 0 [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5834] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5833] unshare(CLONE_NEWCGROUP [pid 5832] unshare(CLONE_NEWUTS [pid 5835] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5833] <... unshare resumed>) = 0 [pid 5832] <... unshare resumed>) = 0 [pid 5830] write(3, "16777216", 8 [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5834] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5833] unshare(CLONE_NEWUTS [pid 5832] unshare(CLONE_SYSVSEM [pid 5835] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 5834] <... prlimit64 resumed>NULL) = 0 [pid 5832] <... unshare resumed>) = 0 [pid 5830] <... write resumed>) = 8 [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5834] unshare(CLONE_NEWNS [pid 5833] <... unshare resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5830] close(3 [pid 5835] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 5834] <... unshare resumed>) = 0 [pid 5833] unshare(CLONE_SYSVSEM [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5834] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5833] <... unshare resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5830] <... close resumed>) = 0 [pid 5835] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 5834] <... mount resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5835] <... prlimit64 resumed>NULL) = 0 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5832] write(3, "16777216", 8 [pid 5830] <... openat resumed>) = 3 [pid 5835] unshare(CLONE_NEWNS [pid 5834] unshare(CLONE_NEWIPC [pid 5832] <... write resumed>) = 8 [pid 5833] <... openat resumed>) = 3 [pid 5832] close(3 [pid 5835] <... unshare resumed>) = 0 [pid 5834] <... unshare resumed>) = 0 [pid 5833] write(3, "16777216", 8 [pid 5830] write(3, "536870912", 9 [pid 5835] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 5832] <... close resumed>) = 0 [pid 5835] <... mount resumed>) = 0 [pid 5834] unshare(CLONE_NEWCGROUP [pid 5833] <... write resumed>) = 8 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5830] <... write resumed>) = 9 [pid 5835] unshare(CLONE_NEWIPC [pid 5834] <... unshare resumed>) = 0 [pid 5833] close(3 [pid 5832] <... openat resumed>) = 3 [pid 5835] <... unshare resumed>) = 0 [pid 5834] unshare(CLONE_NEWUTS [pid 5833] <... close resumed>) = 0 [pid 5832] write(3, "536870912", 9 [pid 5830] close(3 [pid 5834] <... unshare resumed>) = 0 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5830] <... close resumed>) = 0 [pid 5835] unshare(CLONE_NEWCGROUP [pid 5834] unshare(CLONE_SYSVSEM [pid 5833] <... openat resumed>) = 3 [pid 5832] <... write resumed>) = 9 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5835] <... unshare resumed>) = 0 [pid 5832] close(3 [pid 5835] unshare(CLONE_NEWUTS [pid 5832] <... close resumed>) = 0 [pid 5835] <... unshare resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5835] unshare(CLONE_SYSVSEM) = 0 [pid 5834] <... unshare resumed>) = 0 [pid 5833] write(3, "536870912", 9 [pid 5832] <... openat resumed>) = 3 [pid 5830] <... openat resumed>) = 3 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 5833] <... write resumed>) = 9 [pid 5830] write(3, "1024", 4 [pid 5835] <... openat resumed>) = 3 [pid 5833] close(3 [pid 5832] write(3, "1024", 4 [pid 5833] <... close resumed>) = 0 [pid 5830] <... write resumed>) = 4 [pid 5834] <... openat resumed>) = 3 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5834] write(3, "16777216", 8 [pid 5830] close(3 [pid 5835] write(3, "16777216", 8 [pid 5834] <... write resumed>) = 8 [pid 5833] <... openat resumed>) = 3 [pid 5832] <... write resumed>) = 4 [pid 5830] <... close resumed>) = 0 [pid 5835] <... write resumed>) = 8 [pid 5834] close(3 [pid 5832] close(3 [pid 5835] close(3 [pid 5832] <... close resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5834] <... close resumed>) = 0 [pid 5833] write(3, "1024", 4 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5835] <... openat resumed>) = 3 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 5833] <... write resumed>) = 4 [pid 5832] <... openat resumed>) = 3 [pid 5830] <... openat resumed>) = 3 [pid 5835] write(3, "536870912", 9 [pid 5834] <... openat resumed>) = 3 [pid 5833] close(3 [pid 5830] write(3, "8192", 4 [pid 5835] <... write resumed>) = 9 [pid 5833] <... close resumed>) = 0 [pid 5832] write(3, "8192", 4 [pid 5835] close(3 [pid 5834] write(3, "536870912", 9 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5832] <... write resumed>) = 4 [pid 5830] <... write resumed>) = 4 [pid 5835] <... close resumed>) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5834] <... write resumed>) = 9 [pid 5833] <... openat resumed>) = 3 [pid 5830] close(3 [pid 5835] <... openat resumed>) = 3 [pid 5834] close(3 [pid 5832] close(3 [pid 5834] <... close resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 5833] write(3, "8192", 4 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5835] write(3, "1024", 4 [pid 5832] <... close resumed>) = 0 [pid 5835] <... write resumed>) = 4 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5835] close(3) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5833] <... write resumed>) = 4 [pid 5832] <... openat resumed>) = 3 [pid 5830] <... openat resumed>) = 3 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5834] write(3, "1024", 4 [pid 5833] close(3 [pid 5832] write(3, "1024", 4 [pid 5830] write(3, "1024", 4 [pid 5835] <... openat resumed>) = 3 [pid 5834] <... write resumed>) = 4 [pid 5833] <... close resumed>) = 0 [pid 5832] <... write resumed>) = 4 [pid 5830] <... write resumed>) = 4 [pid 5835] write(3, "8192", 4 [pid 5834] close(3 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5832] close(3 [pid 5830] close(3 [pid 5835] <... write resumed>) = 4 [pid 5834] <... close resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5835] close(3 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 5833] <... openat resumed>) = 3 [pid 5832] <... close resumed>) = 0 [pid 5830] <... openat resumed>) = 3 [pid 5835] <... close resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5830] write(3, "1024", 4 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5834] write(3, "8192", 4 [pid 5833] write(3, "1024", 4 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5835] <... openat resumed>) = 3 [pid 5834] <... write resumed>) = 4 [pid 5833] <... write resumed>) = 4 [pid 5830] <... write resumed>) = 4 [pid 5835] write(3, "1024", 4 [pid 5834] close(3 [pid 5833] close(3 [pid 5832] <... openat resumed>) = 3 [pid 5830] close(3 [pid 5835] <... write resumed>) = 4 [pid 5834] <... close resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5832] write(3, "1024", 4 [pid 5830] <... close resumed>) = 0 [pid 5835] close(3 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5832] <... write resumed>) = 4 [pid 5830] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5835] <... close resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5830] <... openat resumed>) = 3 [pid 5833] <... openat resumed>) = 3 [pid 5832] close(3 [pid 5830] write(3, "1024 1048576 500 1024", 21 [pid 5835] <... openat resumed>) = 3 [pid 5834] write(3, "1024", 4 [pid 5832] <... close resumed>) = 0 [pid 5834] <... write resumed>) = 4 [pid 5832] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5830] <... write resumed>) = 21 [pid 5835] write(3, "1024", 4 [pid 5834] close(3 [pid 5833] write(3, "1024", 4 [pid 5832] <... openat resumed>) = 3 [pid 5830] close(3 [pid 5833] <... write resumed>) = 4 [pid 5830] <... close resumed>) = 0 [pid 5835] <... write resumed>) = 4 [pid 5834] <... close resumed>) = 0 [pid 5833] close(3 [pid 5832] write(3, "1024 1048576 500 1024", 21 [pid 5835] close(3 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 5833] <... close resumed>) = 0 [pid 5830] getpid( [pid 5835] <... close resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5832] <... write resumed>) = 21 [pid 5830] <... getpid resumed>) = 1 [pid 5835] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5834] write(3, "1024", 4 [pid 5832] close(3 [pid 5830] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5835] <... openat resumed>) = 3 [pid 5835] write(3, "1024 1048576 500 1024", 21 [pid 5834] <... write resumed>) = 4 [pid 5832] <... close resumed>) = 0 [pid 5830] <... capget resumed>{effective=1<) = 21 [pid 5834] close(3 [pid 5832] getpid( [pid 5830] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5835] close(3 [pid 5834] <... close resumed>) = 0 [pid 5832] <... getpid resumed>) = 1 [pid 5830] <... capset resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5832] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5830] unshare(CLONE_NEWNET [pid 5835] getpid( [pid 5834] <... openat resumed>) = 3 [pid 5833] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 5832] <... capget resumed>{effective=1<) = 3 [pid 5833] write(3, "1024 1048576 500 1024", 21 [pid 5835] <... getpid resumed>) = 1 [pid 5834] write(3, "1024 1048576 500 1024", 21 [pid 5833] <... write resumed>) = 21 [pid 5832] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5835] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5834] <... write resumed>) = 21 [pid 5833] close(3 [pid 5835] <... capget resumed>{effective=1< [pid 5833] <... close resumed>) = 0 [pid 5832] <... capset resumed>) = 0 [pid 5835] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5834] <... close resumed>) = 0 [pid 5833] getpid( [pid 5832] unshare(CLONE_NEWNET [pid 5835] <... capset resumed>) = 0 [pid 5834] getpid( [pid 5833] <... getpid resumed>) = 1 [pid 5835] unshare(CLONE_NEWNET [pid 5834] <... getpid resumed>) = 1 [pid 5833] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5834] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 5833] <... capget resumed>{effective=1<{effective=1< [pid 5834] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5835] <... unshare resumed>) = 0 [pid 5833] <... unshare resumed>) = 0 [pid 5835] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5833] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5835] <... openat resumed>) = 3 [pid 5833] <... openat resumed>) = 3 [pid 5833] write(3, "0 65535", 7 [pid 5835] write(3, "0 65535", 7 [pid 5832] <... unshare resumed>) = 0 [pid 5830] <... unshare resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5835] <... write resumed>) = 7 [pid 5834] <... unshare resumed>) = 0 [pid 5833] <... write resumed>) = 7 [pid 5832] <... openat resumed>) = 3 [pid 5830] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5835] close(3) = 0 [pid 5834] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 5833] close(3 [pid 5832] write(3, "0 65535", 7 [pid 5830] <... openat resumed>) = 3 [pid 5835] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 5832] <... write resumed>) = 7 [pid 5832] close(3) = 0 [pid 5835] <... openat resumed>) = 3 [pid 5833] <... close resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 5830] write(3, "0 65535", 7 [pid 5832] <... openat resumed>) = 3 [pid 5830] <... write resumed>) = 7 [pid 5830] close(3 [pid 5835] write(3, "100000", 6 [pid 5834] <... openat resumed>) = 3 [pid 5833] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 5832] write(3, "100000", 6 [pid 5835] <... write resumed>) = 6 [pid 5834] write(3, "0 65535", 7 [pid 5833] <... openat resumed>) = 3 [pid 5832] <... write resumed>) = 6 [pid 5830] <... close resumed>) = 0 [pid 5835] close(3 [pid 5834] <... write resumed>) = 7 [pid 5833] write(3, "100000", 6 [pid 5832] close(3 [pid 5830] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 5835] <... close resumed>) = 0 [pid 5834] close(3 [pid 5833] <... write resumed>) = 6 [pid 5832] <... close resumed>) = 0 [pid 5830] <... openat resumed>) = 3 [pid 5835] mkdir("./syz-tmp", 0777 [pid 5834] <... close resumed>) = 0 [pid 5833] close(3 [pid 5832] mkdir("./syz-tmp", 0777 [pid 5835] <... mkdir resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 5833] <... close resumed>) = 0 [pid 5830] write(3, "100000", 6 [pid 5833] mkdir("./syz-tmp", 0777 [pid 5835] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 5834] <... openat resumed>) = 3 [pid 5832] <... mkdir resumed>) = 0 [pid 5830] <... write resumed>) = 6 [pid 5833] <... mkdir resumed>) = 0 [pid 5833] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 5835] <... mount resumed>) = 0 [pid 5834] write(3, "100000", 6 [pid 5832] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 5830] close(3 [pid 5835] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 5834] <... write resumed>) = 6 [pid 5833] <... mount resumed>) = 0 [pid 5832] <... mount resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5834] close(3 [pid 5830] mkdir("./syz-tmp", 0777 [pid 5835] mkdir("./syz-tmp/newroot/dev", 0700 [pid 5834] <... close resumed>) = 0 [pid 5833] mkdir("./syz-tmp/newroot", 0777 [pid 5832] mkdir("./syz-tmp/newroot", 0777 [pid 5834] mkdir("./syz-tmp", 0777 [pid 5835] <... mkdir resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5835] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] mkdir("./syz-tmp/newroot/dev", 0700 [pid 5830] <... mkdir resumed>) = 0 [pid 5834] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 5833] mkdir("./syz-tmp/newroot/dev", 0700 [pid 5835] <... mount resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5830] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 5835] mkdir("./syz-tmp/newroot/proc", 0700 [pid 5834] <... mount resumed>) = 0 [pid 5832] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] mkdir("./syz-tmp/newroot", 0777 [pid 5833] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mount resumed>) = 0 [pid 5833] mkdir("./syz-tmp/newroot/proc", 0700 [pid 5835] <... mkdir resumed>) = 0 [pid 5834] mkdir("./syz-tmp/newroot/dev", 0700 [pid 5832] <... mount resumed>) = 0 [pid 5830] <... mount resumed>) = 0 [pid 5835] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] mkdir("./syz-tmp/newroot/proc", 0700 [pid 5830] mkdir("./syz-tmp/newroot", 0777 [pid 5835] <... mount resumed>) = 0 [pid 5834] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] mkdir("./syz-tmp/newroot/selinux", 0700 [pid 5834] <... mount resumed>) = 0 [pid 5833] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL [pid 5832] <... mkdir resumed>) = 0 [pid 5834] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 5835] <... mkdir resumed>) = 0 [pid 5833] <... mount resumed>) = 0 [pid 5832] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL [pid 5830] <... mkdir resumed>) = 0 [pid 5835] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL [pid 5830] mkdir("./syz-tmp/newroot/dev", 0700 [pid 5835] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5834] <... mount resumed>) = 0 [pid 5832] <... mount resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5835] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 5834] mkdir("./syz-tmp/newroot/selinux", 0700 [pid 5833] mkdir("./syz-tmp/newroot/selinux", 0700 [pid 5832] mkdir("./syz-tmp/newroot/selinux", 0700 [pid 5830] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] mkdir("./syz-tmp/newroot/sys", 0700 [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5830] <... mount resumed>) = 0 [pid 5835] <... mkdir resumed>) = 0 [pid 5833] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5833] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5832] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5830] mkdir("./syz-tmp/newroot/proc", 0700 [pid 5833] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 5835] <... mount resumed>) = 0 [pid 5834] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5832] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5830] <... mkdir resumed>) = 0 [pid 5833] mkdir("./syz-tmp/newroot/sys", 0700 [pid 5832] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5833] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 5832] mkdir("./syz-tmp/newroot/sys", 0700 [pid 5835] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5830] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL [pid 5832] <... mkdir resumed>) = 0 [pid 5835] <... mount resumed>) = 0 [pid 5834] mkdir("./syz-tmp/newroot/sys", 0700 [pid 5833] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5832] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5830] <... mount resumed>) = 0 [pid 5835] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mount resumed>) = 0 [pid 5835] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5834] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5832] <... mount resumed>) = 0 [pid 5835] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mount resumed>) = 0 [pid 5833] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5830] mkdir("./syz-tmp/newroot/selinux", 0700 [pid 5833] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5832] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] <... mount resumed>) = 0 [pid 5833] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5832] <... mount resumed>) = 0 [pid 5834] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5833] <... mount resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5832] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5834] <... mount resumed>) = 0 [pid 5832] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5833] mkdir("./syz-tmp/pivot", 0777 [pid 5832] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] mkdir("./syz-tmp/pivot", 0777 [pid 5834] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... mount resumed>) = 0 [pid 5830] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] <... mkdir resumed>) = 0 [pid 5834] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5833] pivot_root("./syz-tmp", "./syz-tmp/pivot" [pid 5830] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5835] pivot_root("./syz-tmp", "./syz-tmp/pivot" [pid 5834] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5830] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5833] <... pivot_root resumed>) = 0 [pid 5832] mkdir("./syz-tmp/pivot", 0777 [pid 5830] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5834] <... mount resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5832] pivot_root("./syz-tmp", "./syz-tmp/pivot" [pid 5835] <... pivot_root resumed>) = 0 [pid 5834] mkdir("./syz-tmp/pivot", 0777 [pid 5833] chdir("/" [pid 5830] mkdir("./syz-tmp/newroot/sys", 0700 [pid 5833] <... chdir resumed>) = 0 [pid 5832] <... pivot_root resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5834] <... mkdir resumed>) = 0 [pid 5835] chdir("/" [pid 5833] umount2("./pivot", MNT_DETACH [pid 5832] chdir("/" [pid 5830] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] <... chdir resumed>) = 0 [pid 5834] pivot_root("./syz-tmp", "./syz-tmp/pivot" [pid 5833] <... umount2 resumed>) = 0 [pid 5835] umount2("./pivot", MNT_DETACH [pid 5830] <... mount resumed>) = 0 [pid 5834] <... pivot_root resumed>) = 0 [pid 5833] chroot("./newroot" [pid 5832] <... chdir resumed>) = 0 [pid 5832] umount2("./pivot", MNT_DETACH [pid 5833] <... chroot resumed>) = 0 [pid 5833] chdir("/") = 0 [pid 5835] <... umount2 resumed>) = 0 [pid 5834] chdir("/" [pid 5833] mkdir("/dev/binderfs", 0777 [pid 5832] <... umount2 resumed>) = 0 [pid 5830] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] chroot("./newroot" [pid 5834] <... chdir resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] chroot("./newroot" [pid 5835] <... chroot resumed>) = 0 [pid 5834] umount2("./pivot", MNT_DETACH [pid 5830] <... mount resumed>) = 0 [pid 5835] chdir("/" [pid 5834] <... umount2 resumed>) = 0 [pid 5833] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5832] <... chroot resumed>) = 0 [pid 5830] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 5835] <... chdir resumed>) = 0 [pid 5834] chroot("./newroot" [pid 5830] <... mount resumed>) = -1 ENOENT (No such file or directory) [pid 5830] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 5830] mkdir("./syz-tmp/pivot", 0777 [pid 5835] mkdir("/dev/binderfs", 0777 [pid 5834] <... chroot resumed>) = 0 [pid 5833] <... mount resumed>) = 0 [pid 5832] chdir("/" [pid 5834] chdir("/" [pid 5833] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5834] <... chdir resumed>) = 0 [pid 5835] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5834] mkdir("/dev/binderfs", 0777 [pid 5832] <... chdir resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5835] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5834] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5832] mkdir("/dev/binderfs", 0777 [pid 5830] pivot_root("./syz-tmp", "./syz-tmp/pivot" [pid 5834] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5833] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5835] <... mount resumed>) = 0 [pid 5834] <... mount resumed>) = 0 [pid 5832] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5830] <... pivot_root resumed>) = 0 [pid 5833] mkdir("./0", 0777 [pid 5835] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5832] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5834] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5833] <... mkdir resumed>) = 0 [pid 5830] chdir("/" [pid 5834] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5833] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5832] <... mount resumed>) = 0 [pid 5830] <... chdir resumed>) = 0 [pid 5835] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5832] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 5835] mkdir("./0", 0777 [pid 5834] mkdir("./0", 0777 [pid 5833] <... openat resumed>) = 3 [pid 5830] umount2("./pivot", MNT_DETACH [pid 5835] <... mkdir resumed>) = 0 [pid 5834] <... mkdir resumed>) = 0 [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5835] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5832] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5830] <... umount2 resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5833] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5835] <... openat resumed>) = 3 [pid 5834] <... openat resumed>) = 3 [pid 5832] mkdir("./0", 0777 [pid 5835] ioctl(3, LOOP_CLR_FD [pid 5834] ioctl(3, LOOP_CLR_FD [pid 5833] close(3 [pid 5832] <... mkdir resumed>) = 0 [pid 5830] chroot("./newroot" [pid 5835] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5830] <... chroot resumed>) = 0 [pid 5830] chdir("/" [pid 5835] close(3 [pid 5830] <... chdir resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5830] mkdir("/dev/binderfs", 0777 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5830] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5834] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5832] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5842 attached [pid 5834] close(3 [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... openat resumed>) = 3 [pid 5830] mount("binder", "/dev/binderfs", "binder", 0, NULL [pid 5834] <... close resumed>) = 0 [pid 5832] ioctl(3, LOOP_CLR_FD [pid 5830] <... mount resumed>) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5842] set_robust_list(0x5555701f6660, 24 [pid 5832] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5843 attached [pid 5842] <... set_robust_list resumed>) = 0 [pid 5835] <... clone resumed>, child_tidptr=0x5555701f6650) = 2 [pid 5832] close(3 [pid 5830] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL./strace-static-x86_64: Process 5844 attached [pid 5842] chdir("./0" [pid 5834] <... clone resumed>, child_tidptr=0x5555701f6650) = 2 [pid 5832] <... close resumed>) = 0 [pid 5843] set_robust_list(0x5555701f6660, 24 [pid 5842] <... chdir resumed>) = 0 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5844] set_robust_list(0x5555701f6660, 24 [pid 5830] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] <... set_robust_list resumed>) = 0 [pid 5830] mkdir("./0", 0777 [pid 5844] chdir("./0" [pid 5830] <... mkdir resumed>) = 0 [pid 5844] <... chdir resumed>) = 0 [pid 5833] <... clone resumed>, child_tidptr=0x5555701f6650) = 2 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5842] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5845 attached [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] chdir("./0" [pid 5842] setpgid(0, 0 [pid 5830] <... openat resumed>) = 3 [pid 5845] set_robust_list(0x5555701f6660, 24 [pid 5844] <... prctl resumed>) = 0 [pid 5830] ioctl(3, LOOP_CLR_FD [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] setpgid(0, 0 [pid 5843] <... chdir resumed>) = 0 [pid 5842] <... setpgid resumed>) = 0 [pid 5832] <... clone resumed>, child_tidptr=0x5555701f6650) = 2 [pid 5830] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5845] chdir("./0" [pid 5844] <... setpgid resumed>) = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... prctl resumed>) = 0 [pid 5842] <... openat resumed>) = 3 [pid 5845] <... chdir resumed>) = 0 [pid 5843] setpgid(0, 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] write(3, "1000", 4 [pid 5845] <... prctl resumed>) = 0 [pid 5843] <... setpgid resumed>) = 0 [pid 5842] <... write resumed>) = 4 [pid 5842] close(3 [pid 5845] setpgid(0, 0 [pid 5844] <... openat resumed>) = 3 executing program [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] <... close resumed>) = 0 [pid 5830] close(3 [pid 5845] <... setpgid resumed>) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs" [pid 5830] <... close resumed>) = 0 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... openat resumed>) = 3 [pid 5842] <... symlink resumed>) = 0 [pid 5844] write(3, "1000", 4./strace-static-x86_64: Process 5847 attached ) = 4 [pid 5844] close(3) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5830] <... clone resumed>, child_tidptr=0x5555701f6650) = 2 [pid 5847] set_robust_list(0x5555701f6660, 24 [pid 5844] <... symlink resumed>) = 0 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5844] write(1, "executing program\n", 18 [pid 5847] chdir("./0" [pid 5844] <... write resumed>) = 18 [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[HUP RT_17 RT_18 RT_19 RT_20 RT_21 RT_22 RT_23 RT_24 RT_25 RT_26 RT_27 RT_28 RT_29 RT_30 RT_31 RT_32], executing program NULL, 8) = 0 [pid 5844] gettid() = 2 [pid 5842] write(1, "executing program\n", 18 [pid 5843] write(3, "1000", 4 [pid 5845] <... openat resumed>) = 3 [pid 5844] timer_create(CLOCK_BOOTTIME_ALARM, {sigev_signo=SIGPWR, sigev_notify=SIGEV_THREAD_ID, sigev_notify_thread_id=2}, [pid 5843] <... write resumed>) = 4 [pid 5842] <... write resumed>) = 18 [pid 5844] <... timer_create resumed>[0]) = 0 [pid 5844] timer_settime(0, TIMER_ABSTIME|0x4, {it_interval={tv_sec=0, tv_nsec=10000000}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5847] <... chdir resumed>) = 0 [pid 5845] write(3, "1000", 4 [pid 5844] <... timer_settime resumed>NULL) = 0 [pid 5843] close(3 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[HUP RT_17 RT_18 RT_19 RT_20 RT_21 RT_22 RT_23 RT_24 RT_25 RT_26 RT_27 RT_28 RT_29 RT_30 RT_31 RT_32], [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] <... write resumed>) = 4 [pid 5843] <... close resumed>) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] <... prctl resumed>) = 0 [pid 5845] close(3 [pid 5844] timer_settime(0, 0, {it_interval={tv_sec=0, tv_nsec=0}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5842] gettid( [pid 5847] setpgid(0, 0 [pid 5845] <... close resumed>) = 0 [pid 5844] <... timer_settime resumed>NULL) = 0 [pid 5847] <... setpgid resumed>) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5844] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5843] <... symlink resumed>) = 0 [pid 5842] <... gettid resumed>) = 2 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program executing program [pid 5845] <... symlink resumed>) = 0 [pid 5844] <... mkdir resumed>) = 0 [pid 5843] write(1, "executing program\n", 18 [pid 5842] timer_create(CLOCK_BOOTTIME_ALARM, {sigev_signo=SIGPWR, sigev_notify=SIGEV_THREAD_ID, sigev_notify_thread_id=2}, [pid 5845] write(1, "executing program\n", 18 [pid 5843] <... write resumed>) = 18 [pid 5845] <... write resumed>) = 18 [pid 5842] <... timer_create resumed>[0]) = 0 [pid 5847] <... openat resumed>) = 3 [pid 5844] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[HUP RT_17 RT_18 RT_19 RT_20 RT_21 RT_22 RT_23 RT_24 RT_25 RT_26 RT_27 RT_28 RT_29 RT_30 RT_31 RT_32], [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[HUP RT_17 RT_18 RT_19 RT_20 RT_21 RT_22 RT_23 RT_24 RT_25 RT_26 RT_27 RT_28 RT_29 RT_30 RT_31 RT_32], [pid 5842] timer_settime(0, TIMER_ABSTIME|0x4, {it_interval={tv_sec=0, tv_nsec=10000000}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] <... timer_settime resumed>NULL) = 0 [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] gettid( [pid 5843] gettid( [pid 5845] <... gettid resumed>) = 2 [pid 5843] <... gettid resumed>) = 2 [pid 5842] timer_settime(0, 0, {it_interval={tv_sec=0, tv_nsec=0}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5845] timer_create(CLOCK_BOOTTIME_ALARM, {sigev_signo=SIGPWR, sigev_notify=SIGEV_THREAD_ID, sigev_notify_thread_id=2}, [pid 5843] timer_create(CLOCK_BOOTTIME_ALARM, {sigev_signo=SIGPWR, sigev_notify=SIGEV_THREAD_ID, sigev_notify_thread_id=2}, [pid 5842] <... timer_settime resumed>NULL) = 0 [pid 5845] <... timer_create resumed>[0]) = 0 [pid 5843] <... timer_create resumed>[0]) = 0 [pid 5842] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5845] timer_settime(0, TIMER_ABSTIME|0x4, {it_interval={tv_sec=0, tv_nsec=10000000}, it_value={tv_sec=0, tv_nsec=60000000}}, executing program [pid 5847] write(3, "1000", 4 [pid 5845] <... timer_settime resumed>NULL) = 0 [pid 5843] timer_settime(0, TIMER_ABSTIME|0x4, {it_interval={tv_sec=0, tv_nsec=10000000}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5842] <... mkdir resumed>) = 0 [pid 5845] timer_settime(0, 0, {it_interval={tv_sec=0, tv_nsec=0}, it_value={tv_sec=0, tv_nsec=60000000}}, [pid 5842] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5845] <... timer_settime resumed>NULL) = 0 [pid 5843] <... timer_settime resumed>NULL) = 0 [pid 5845] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5847] <... write resumed>) = 4 [pid 5847] close(3) = 0 [pid 5847] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5847] write(1, "executing program\n", 18) = 18 [pid 5847] rt_sigprocmask(SIG_BLOCK, ~[HUP RT_17 RT_18 RT_19 RT_20 RT_21 RT_22 RT_23 RT_24 RT_25 RT_26 RT_27 RT_28 RT_29 RT_30 RT_31 RT_32], NULL, 8) = 0 [pid 5847] gettid() = 2 [pid 5847] timer_create(CLOCK_BOOTTIME_ALARM, {sigev_signo=SIGPWR, sigev_notify=SIGEV_THREAD_ID, sigev_notify_thread_id=2}, [0]) = 0 [pid 5847] timer_settime(0, TIMER_ABSTIME|0x4, {it_interval={tv_sec=0, tv_nsec=10000000}, it_value={tv_sec=0, tv_nsec=60000000}}, NULL) = 0 [pid 5847] timer_settime(0, 0, {it_interval={tv_sec=0, tv_nsec=0}, it_value={tv_sec=0, tv_nsec=60000000}}, NULL) = 0 [pid 5847] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5847] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5845] <... mkdir resumed>) = 0 [pid 5843] timer_settime(0, 0, {it_interval={tv_sec=0, tv_nsec=0}, it_value={tv_sec=0, tv_nsec=60000000}}, NULL) = 0 [pid 5845] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5843] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5843] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [ 60.542564][ C1] ------------[ cut here ]------------ [ 60.548319][ C1] WARNING: CPU: 1 PID: 5847 at kernel/signal.c:2008 posixtimer_send_sigqueue+0x9da/0xbc0 [ 60.558185][ C1] Modules linked in: [ 60.562112][ C1] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor930 Not tainted 6.12.0-rc6-next-20241108-syzkaller #0 [ 60.572727][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 60.582813][ C1] RIP: 0010:posixtimer_send_sigqueue+0x9da/0xbc0 [ 60.589173][ C1] Code: df 80 3c 08 00 74 08 48 89 df e8 c1 ad a5 00 4c 89 2b eb 51 e8 a7 32 3b 00 41 be 02 00 00 00 e9 e9 fd ff ff e8 97 32 3b 00 90 <0f> 0b 90 e9 f2 fa ff ff 4c 89 ef e8 86 33 5a 03 84 c0 0f 84 aa 01 [ 60.608802][ C1] RSP: 0018:ffffc90000a18bc0 EFLAGS: 00010006 [ 60.614893][ C1] RAX: ffffffff81644979 RBX: 0000000000000000 RCX: ffff888032ddda00 [ 60.622861][ C1] RDX: 0000000000010000 RSI: 000000000000001e RDI: 0000000000000009 [ 60.630817][ C1] RBP: ffffc90000a18cc0 R08: ffffffff816450cc R09: 1ffffffff2857112 [ 60.638782][ C1] R10: dffffc0000000000 R11: fffffbfff2857113 R12: ffff888072a24084 [ 60.646743][ C1] R13: 1ffff1100e544810 R14: ffff888072a24000 R15: ffff888072a240c0 [ 60.654704][ C1] FS: 00005555701f6380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 60.663651][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.670244][ C1] CR2: 0000000000000000 CR3: 0000000072a20000 CR4: 00000000003526f0 [ 60.678203][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.686173][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.694128][ C1] Call Trace: [ 60.697394][ C1] [ 60.700233][ C1] ? __warn+0x168/0x4e0 [ 60.704375][ C1] ? posixtimer_send_sigqueue+0x9da/0xbc0 [ 60.710086][ C1] ? report_bug+0x2b3/0x500 [ 60.714597][ C1] ? posixtimer_send_sigqueue+0x9da/0xbc0 [ 60.720304][ C1] ? handle_bug+0x60/0x90 [ 60.724615][ C1] ? exc_invalid_op+0x1a/0x50 [ 60.729289][ C1] ? asm_exc_invalid_op+0x1a/0x20 [ 60.734296][ C1] ? prepare_signal+0x25c/0xc90 [ 60.739140][ C1] ? posixtimer_send_sigqueue+0x9d9/0xbc0 [ 60.744851][ C1] ? posixtimer_send_sigqueue+0x9da/0xbc0 [ 60.750573][ C1] ? posixtimer_send_sigqueue+0xd2/0xbc0 [ 60.756197][ C1] ? __pfx_posixtimer_send_sigqueue+0x10/0x10 [ 60.762259][ C1] alarm_handle_timer+0x2f/0x60 [ 60.767100][ C1] ? __pfx_alarm_handle_timer+0x10/0x10 [ 60.772655][ C1] alarmtimer_fired+0x173/0x410 [ 60.777497][ C1] ? __pfx_alarmtimer_fired+0x10/0x10 [ 60.782855][ C1] __hrtimer_run_queues+0x59b/0xd50 [ 60.788053][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 60.793755][ C1] ? sched_clock+0x4a/0x70 [ 60.798167][ C1] ? read_tsc+0x9/0x20 [ 60.802223][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 60.808277][ C1] hrtimer_interrupt+0x403/0xa40 [ 60.813214][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 60.819179][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 60.824827][ C1] [ 60.827750][ C1] [ 60.830678][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 60.836647][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 60.841923][ C1] Code: 2b 00 74 08 4c 89 f7 e8 7a 52 8f 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 60.861527][ C1] RSP: 0018:ffffc900041f6b40 EFLAGS: 00000206 [ 60.867583][ C1] RAX: 0000000000000001 RBX: 1ffff9200083ed74 RCX: ffff888032dde4d8 [ 60.875543][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0aea60 RDI: ffffffff8c605b60 [ 60.883501][ C1] RBP: ffffc900041f6c88 R08: ffffffff942b8887 R09: 1ffffffff2857110 [ 60.891457][ C1] R10: dffffc0000000000 R11: fffffbfff2857111 R12: 1ffff9200083ed70 [ 60.899419][ C1] R13: dffffc0000000000 R14: ffffc900041f6ba0 R15: 0000000000000246 [ 60.907409][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 60.912420][ C1] ? __pfx_validate_chain+0x10/0x10 [ 60.917605][ C1] ? __pfx_lock_release+0x10/0x10 [ 60.922617][ C1] ? rcu_is_watching+0x15/0xb0 [ 60.927364][ C1] mt_find+0x2ca/0x920 [ 60.931416][ C1] ? mt_find+0x2a9/0x920 [ 60.935640][ C1] ? mt_find+0x2a9/0x920 [ 60.939874][ C1] ? __pfx_mt_find+0x10/0x10 [ 60.944455][ C1] find_vma+0xf9/0x170 [ 60.948513][ C1] ? __pfx_find_vma+0x10/0x10 [ 60.953181][ C1] __get_user_pages+0x4b3/0x49e0 [ 60.958126][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 60.963135][ C1] ? __pfx_shmem_write_end+0x10/0x10 [ 60.968412][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 60.973768][ C1] ? get_dump_page+0xe2/0x2f0 [ 60.978427][ C1] ? get_dump_page+0x19d/0x2f0 [ 60.983174][ C1] ? __pfx_down_read_killable+0x10/0x10 [ 60.988714][ C1] get_dump_page+0x155/0x2f0 [ 60.993305][ C1] ? __pfx___might_resched+0x10/0x10 [ 60.998582][ C1] ? __pfx_get_dump_page+0x10/0x10 [ 61.003681][ C1] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 61.009649][ C1] ? iov_iter_bvec+0x4e/0x180 [ 61.014317][ C1] dump_user_range+0x14d/0x970 [ 61.019071][ C1] ? __pfx_dump_user_range+0x10/0x10 [ 61.024345][ C1] ? __pfx_elf_coredump_extra_notes_write+0x10/0x10 [ 61.030917][ C1] ? __kmalloc_cache_noprof+0x243/0x390 [ 61.036533][ C1] ? dump_emit+0x99/0xd0 [ 61.040779][ C1] elf_core_dump+0x3e9f/0x4790 [ 61.045546][ C1] ? __pfx_elf_core_dump+0x10/0x10 [ 61.050648][ C1] ? mark_lock+0x9a/0x360 [ 61.054968][ C1] ? __lock_acquire+0x1397/0x2100 [ 61.059985][ C1] ? __pfx_cmp_vma_size+0x10/0x10 [ 61.065008][ C1] ? rcu_read_lock_any_held+0xb7/0x160 [ 61.070458][ C1] ? getname_kernel+0x140/0x2f0 [ 61.075301][ C1] do_coredump+0x214b/0x2e60 [ 61.079894][ C1] ? __pfx_do_coredump+0x10/0x10 [ 61.084822][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 61.089884][ C1] ? proc_coredump_connector+0x1e8/0x750 [ 61.095515][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 61.101488][ C1] ? __pfx_proc_coredump_connector+0x10/0x10 [ 61.107461][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 61.112648][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 61.117831][ C1] get_signal+0x140b/0x1750 [ 61.122337][ C1] ? __pfx_get_signal+0x10/0x10 [ 61.127187][ C1] ? __pfx_force_sig_fault+0x10/0x10 [ 61.132462][ C1] arch_do_signal_or_restart+0x96/0x860 [ 61.137999][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 61.144149][ C1] ? irqentry_exit_to_user_mode+0x53/0x250 [ 61.149943][ C1] irqentry_exit_to_user_mode+0x7e/0x250 [ 61.155559][ C1] exc_page_fault+0x590/0x8c0 [ 61.160225][ C1] asm_exc_page_fault+0x26/0x30 [ 61.165061][ C1] RIP: 0033:0x7fb40964595e [ 61.169467][ C1] Code: fd d7 c9 0f bc d1 c5 fe 7f 27 c5 fe 7f 6f 20 c5 fe 7f 77 40 c5 fe 7f 7f 60 49 83 c0 1f 49 29 d0 48 8d 7c 17 61 e9 d2 04 00 00 fe 6f 1e c5 fe 6f 56 20 c5 fd 74 cb c5 fd d7 d1 49 83 f8 21 0f [ 61.189063][ C1] RSP: 002b:00007ffdac390648 EFLAGS: 00010287 [ 61.195125][ C1] RAX: 00007ffdac3906a0 RBX: 0000000000000000 RCX: 0000000000000000 [ 61.203079][ C1] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007ffdac3906a0 [ 61.211036][ C1] RBP: 0000000020000180 R08: 00000000000000e0 R09: 00007ffdac390680 [ 61.218992][ C1] R10: 0000000000000000 R11: 0000000000000217 R12: 00007ffdac3906a0 [ 61.226946][ C1] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000001 [ 61.234923][ C1] [ 61.237938][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 61.245202][ C1] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor930 Not tainted 6.12.0-rc6-next-20241108-syzkaller #0 [ 61.255790][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 61.265828][ C1] Call Trace: [ 61.269092][ C1] [ 61.271922][ C1] dump_stack_lvl+0x241/0x360 [ 61.276586][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 61.281798][ C1] ? __pfx__printk+0x10/0x10 [ 61.286399][ C1] ? vscnprintf+0x5d/0x90 [ 61.290801][ C1] panic+0x349/0x880 [ 61.294700][ C1] ? __warn+0x177/0x4e0 [ 61.298869][ C1] ? __pfx_panic+0x10/0x10 [ 61.303296][ C1] __warn+0x34b/0x4e0 [ 61.307276][ C1] ? posixtimer_send_sigqueue+0x9da/0xbc0 [ 61.313003][ C1] report_bug+0x2b3/0x500 [ 61.317328][ C1] ? posixtimer_send_sigqueue+0x9da/0xbc0 [ 61.323041][ C1] handle_bug+0x60/0x90 [ 61.327187][ C1] exc_invalid_op+0x1a/0x50 [ 61.331768][ C1] asm_exc_invalid_op+0x1a/0x20 [ 61.336620][ C1] RIP: 0010:posixtimer_send_sigqueue+0x9da/0xbc0 [ 61.342949][ C1] Code: df 80 3c 08 00 74 08 48 89 df e8 c1 ad a5 00 4c 89 2b eb 51 e8 a7 32 3b 00 41 be 02 00 00 00 e9 e9 fd ff ff e8 97 32 3b 00 90 <0f> 0b 90 e9 f2 fa ff ff 4c 89 ef e8 86 33 5a 03 84 c0 0f 84 aa 01 [ 61.362574][ C1] RSP: 0018:ffffc90000a18bc0 EFLAGS: 00010006 [ 61.368630][ C1] RAX: ffffffff81644979 RBX: 0000000000000000 RCX: ffff888032ddda00 [ 61.376587][ C1] RDX: 0000000000010000 RSI: 000000000000001e RDI: 0000000000000009 [ 61.384559][ C1] RBP: ffffc90000a18cc0 R08: ffffffff816450cc R09: 1ffffffff2857112 [ 61.392516][ C1] R10: dffffc0000000000 R11: fffffbfff2857113 R12: ffff888072a24084 [ 61.400480][ C1] R13: 1ffff1100e544810 R14: ffff888072a24000 R15: ffff888072a240c0 [ 61.408445][ C1] ? prepare_signal+0x25c/0xc90 [ 61.413284][ C1] ? posixtimer_send_sigqueue+0x9d9/0xbc0 [ 61.419005][ C1] ? posixtimer_send_sigqueue+0xd2/0xbc0 [ 61.424642][ C1] ? __pfx_posixtimer_send_sigqueue+0x10/0x10 [ 61.430705][ C1] alarm_handle_timer+0x2f/0x60 [ 61.435539][ C1] ? __pfx_alarm_handle_timer+0x10/0x10 [ 61.441072][ C1] alarmtimer_fired+0x173/0x410 [ 61.445912][ C1] ? __pfx_alarmtimer_fired+0x10/0x10 [ 61.451271][ C1] __hrtimer_run_queues+0x59b/0xd50 [ 61.456464][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 61.462171][ C1] ? sched_clock+0x4a/0x70 [ 61.466571][ C1] ? read_tsc+0x9/0x20 [ 61.470628][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 61.476678][ C1] hrtimer_interrupt+0x403/0xa40 [ 61.481611][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 61.487576][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 61.493194][ C1] [ 61.496113][ C1] [ 61.499032][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 61.505006][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 61.510277][ C1] Code: 2b 00 74 08 4c 89 f7 e8 7a 52 8f 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 61.529864][ C1] RSP: 0018:ffffc900041f6b40 EFLAGS: 00000206 [ 61.535915][ C1] RAX: 0000000000000001 RBX: 1ffff9200083ed74 RCX: ffff888032dde4d8 [ 61.543877][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0aea60 RDI: ffffffff8c605b60 [ 61.551841][ C1] RBP: ffffc900041f6c88 R08: ffffffff942b8887 R09: 1ffffffff2857110 [ 61.559797][ C1] R10: dffffc0000000000 R11: fffffbfff2857111 R12: 1ffff9200083ed70 [ 61.567760][ C1] R13: dffffc0000000000 R14: ffffc900041f6ba0 R15: 0000000000000246 [ 61.575740][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 61.580751][ C1] ? __pfx_validate_chain+0x10/0x10 [ 61.585931][ C1] ? __pfx_lock_release+0x10/0x10 [ 61.590942][ C1] ? rcu_is_watching+0x15/0xb0 [ 61.595691][ C1] mt_find+0x2ca/0x920 [ 61.599759][ C1] ? mt_find+0x2a9/0x920 [ 61.604007][ C1] ? mt_find+0x2a9/0x920 [ 61.608242][ C1] ? __pfx_mt_find+0x10/0x10 [ 61.612843][ C1] find_vma+0xf9/0x170 [ 61.616903][ C1] ? __pfx_find_vma+0x10/0x10 [ 61.621574][ C1] __get_user_pages+0x4b3/0x49e0 [ 61.626503][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 61.631518][ C1] ? __pfx_shmem_write_end+0x10/0x10 [ 61.636817][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 61.642185][ C1] ? get_dump_page+0xe2/0x2f0 [ 61.646849][ C1] ? get_dump_page+0x19d/0x2f0 [ 61.651602][ C1] ? __pfx_down_read_killable+0x10/0x10 [ 61.657154][ C1] get_dump_page+0x155/0x2f0 [ 61.661745][ C1] ? __pfx___might_resched+0x10/0x10 [ 61.667031][ C1] ? __pfx_get_dump_page+0x10/0x10 [ 61.672135][ C1] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 61.678108][ C1] ? iov_iter_bvec+0x4e/0x180 [ 61.682774][ C1] dump_user_range+0x14d/0x970 [ 61.687530][ C1] ? __pfx_dump_user_range+0x10/0x10 [ 61.692811][ C1] ? __pfx_elf_coredump_extra_notes_write+0x10/0x10 [ 61.699392][ C1] ? __kmalloc_cache_noprof+0x243/0x390 [ 61.704968][ C1] ? dump_emit+0x99/0xd0 [ 61.709199][ C1] elf_core_dump+0x3e9f/0x4790 [ 61.713975][ C1] ? __pfx_elf_core_dump+0x10/0x10 [ 61.719072][ C1] ? mark_lock+0x9a/0x360 [ 61.723390][ C1] ? __lock_acquire+0x1397/0x2100 [ 61.728403][ C1] ? __pfx_cmp_vma_size+0x10/0x10 [ 61.733428][ C1] ? rcu_read_lock_any_held+0xb7/0x160 [ 61.738874][ C1] ? getname_kernel+0x140/0x2f0 [ 61.743715][ C1] do_coredump+0x214b/0x2e60 [ 61.748423][ C1] ? __pfx_do_coredump+0x10/0x10 [ 61.753354][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 61.758380][ C1] ? proc_coredump_connector+0x1e8/0x750 [ 61.763995][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 61.769956][ C1] ? __pfx_proc_coredump_connector+0x10/0x10 [ 61.775922][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 61.781111][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 61.786295][ C1] get_signal+0x140b/0x1750 [ 61.790792][ C1] ? __pfx_get_signal+0x10/0x10 [ 61.795627][ C1] ? __pfx_force_sig_fault+0x10/0x10 [ 61.800901][ C1] arch_do_signal_or_restart+0x96/0x860 [ 61.806464][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 61.812610][ C1] ? irqentry_exit_to_user_mode+0x53/0x250 [ 61.818404][ C1] irqentry_exit_to_user_mode+0x7e/0x250 [ 61.824019][ C1] exc_page_fault+0x590/0x8c0 [ 61.828681][ C1] asm_exc_page_fault+0x26/0x30 [ 61.833514][ C1] RIP: 0033:0x7fb40964595e [ 61.837999][ C1] Code: fd d7 c9 0f bc d1 c5 fe 7f 27 c5 fe 7f 6f 20 c5 fe 7f 77 40 c5 fe 7f 7f 60 49 83 c0 1f 49 29 d0 48 8d 7c 17 61 e9 d2 04 00 00 fe 6f 1e c5 fe 6f 56 20 c5 fd 74 cb c5 fd d7 d1 49 83 f8 21 0f [ 61.857603][ C1] RSP: 002b:00007ffdac390648 EFLAGS: 00010287 [ 61.863744][ C1] RAX: 00007ffdac3906a0 RBX: 0000000000000000 RCX: 0000000000000000 [ 61.871723][ C1] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007ffdac3906a0 [ 61.879698][ C1] RBP: 0000000020000180 R08: 00000000000000e0 R09: 00007ffdac390680 [ 61.887668][ C1] R10: 0000000000000000 R11: 0000000000000217 R12: 00007ffdac3906a0 [ 61.895624][ C1] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000001 [ 61.903594][ C1] [ 61.906871][ C1] Kernel Offset: disabled [ 61.911249][ C1] Rebooting in 86400 seconds..