./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3117428113 <...> Warning: Permanently added '10.128.0.138' (ED25519) to the list of known hosts. execve("./syz-executor3117428113", ["./syz-executor3117428113"], 0x7ffe82f5e1c0 /* 10 vars */) = 0 brk(NULL) = 0x5555559ad000 brk(0x5555559ade00) = 0x5555559ade00 arch_prctl(ARCH_SET_FS, 0x5555559ad480) = 0 set_tid_address(0x5555559ad750) = 5063 set_robust_list(0x5555559ad760, 24) = 0 rseq(0x5555559adda0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3117428113", 4096) = 28 getrandom("\x36\x7d\xcb\x25\xae\xdf\xb1\xfa", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555559ade00 brk(0x5555559cee00) = 0x5555559cee00 brk(0x5555559cf000) = 0x5555559cf000 mprotect(0x7f4227f38000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5063 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "5063", 4) = 4 close(3) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f4227e7d160, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f4227e7d160, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached , child_tidptr=0x5555559ad750) = 5064 [pid 5064] set_robust_list(0x5555559ad760, 24) = 0 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] setpgid(0, 0) = 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] write(3, "1000", 4) = 4 [pid 5064] close(3) = 0 [pid 5064] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5064] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5064] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5066 attached => {parent_tid=[5066]}, 88) = 5066 [pid 5066] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5064] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5066] <... rseq resumed>) = 0 [pid 5064] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] set_robust_list(0x7f4227e729a0, 24 [pid 5064] <... futex resumed>) = 0 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] rt_sigprocmask(SIG_SETMASK, [], [pid 5064] <... futex resumed>) = 0 [pid 5066] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5064] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5064] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0} [pid 5066] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5067 attached ) = 3 [pid 5067] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... rseq resumed>) = 0 [pid 5064] <... clone3 resumed> => {parent_tid=[5067]}, 88) = 5067 [pid 5067] set_robust_list(0x7f4227e519a0, 24 [pid 5066] <... mmap resumed>) = 0x7f421fa31000 [pid 5067] <... set_robust_list resumed>) = 0 [pid 5064] rt_sigprocmask(SIG_SETMASK, [], [pid 5067] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5064] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5067] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5067] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5067] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5067] <... open resumed>) = 4 [pid 5066] <... write resumed>) = 262144 [pid 5067] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] munmap(0x7f421fa31000, 138412032 [pid 5067] <... futex resumed>) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5067] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5066] <... munmap resumed>) = 0 [pid 5064] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5067] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5066] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5064] <... futex resumed>) = 0 [pid 5066] <... openat resumed>) = 5 [pid 5066] ioctl(5, LOOP_SET_FD, 3 [pid 5067] <... mount resumed>) = 0 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5067] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... ioctl resumed>) = 0 [pid 5064] <... futex resumed>) = 0 [pid 5067] <... futex resumed>) = 1 [pid 5066] close(3 [pid 5064] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5067] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5066] <... close resumed>) = 0 [pid 5067] <... open resumed>) = 3 [pid 5066] mkdir("./bus", 0777 [pid 5067] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5064] <... futex resumed>) = 0 [pid 5064] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5067] <... futex resumed>) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5067] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5066] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5066] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5067] <... write resumed>) = 8 [pid 5067] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5064] <... futex resumed>) = 0 [pid 5067] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5064] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5067] <... write resumed>) = 1045 [pid 5067] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5064] <... futex resumed>) = 0 [pid 5067] <... futex resumed>) = 1 [pid 5067] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5066] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5066] ioctl(5, LOOP_CLR_FD) = 0 [pid 5066] close(5) = 0 [pid 5066] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5064] exit_group(0 [pid 5066] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5064] <... exit_group resumed>) = ? [pid 5067] <... futex resumed>) = ? [pid 5066] <... futex resumed>) = ? [pid 5067] +++ exited with 0 +++ [ 56.146980][ T5066] loop0: detected capacity change from 0 to 512 [ 56.166752][ T5066] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 56.177265][ T5066] EXT4-fs (loop0): group descriptors corrupted! [pid 5066] +++ exited with 0 +++ [pid 5064] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached , child_tidptr=0x5555559ad750) = 5068 [pid 5068] set_robust_list(0x5555559ad760, 24) = 0 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5068] setpgid(0, 0) = 0 [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] write(3, "1000", 4) = 4 [pid 5068] close(3) = 0 [pid 5068] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5068] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5068] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5068] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5068] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5069 attached [pid 5069] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5068] <... clone3 resumed> => {parent_tid=[5069]}, 88) = 5069 [pid 5069] <... rseq resumed>) = 0 [pid 5068] rt_sigprocmask(SIG_SETMASK, [], [pid 5069] set_robust_list(0x7f4227e729a0, 24 [pid 5068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5068] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5069] memfd_create("syzkaller", 0 [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] <... memfd_create resumed>) = 3 [pid 5068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] <... mmap resumed>) = 0x7f4227e31000 [pid 5069] <... mmap resumed>) = 0x7f421fa31000 [pid 5068] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5069] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5068] <... mprotect resumed>) = 0 [pid 5068] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5069] <... write resumed>) = 262144 [pid 5068] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5069] munmap(0x7f421fa31000, 138412032 [pid 5068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5070 attached [pid 5070] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5069] <... munmap resumed>) = 0 [pid 5068] <... clone3 resumed> => {parent_tid=[5070]}, 88) = 5070 [pid 5070] set_robust_list(0x7f4227e519a0, 24 [pid 5068] rt_sigprocmask(SIG_SETMASK, [], [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5070] rt_sigprocmask(SIG_SETMASK, [], [pid 5068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5070] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5068] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5068] <... futex resumed>) = 0 [pid 5070] <... open resumed>) = 5 [pid 5069] <... openat resumed>) = 4 [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5069] ioctl(4, LOOP_SET_FD, 3 [pid 5070] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 [pid 5070] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5068] <... futex resumed>) = 0 [pid 5070] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... ioctl resumed>) = 0 [pid 5070] <... futex resumed>) = 1 [pid 5069] close(3 [pid 5068] <... futex resumed>) = 0 [pid 5070] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5069] <... close resumed>) = 0 [pid 5068] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... open resumed>) = 3 [pid 5069] mkdir("./bus", 0777 [pid 5068] <... futex resumed>) = 0 [pid 5069] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5068] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5070] <... futex resumed>) = 0 [pid 5068] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5068] <... futex resumed>) = 0 [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... write resumed>) = 8 [pid 5070] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 [pid 5070] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5068] <... futex resumed>) = 0 [pid 5070] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5068] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... write resumed>) = 1045 [pid 5070] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5068] <... futex resumed>) = 0 [ 56.344225][ T5069] loop0: detected capacity change from 0 to 512 [ 56.373929][ T5069] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #2: comm syz-executor311: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [pid 5070] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5069] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5069] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] close(4) = 0 [pid 5069] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5069] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5068] exit_group(0) = ? [pid 5070] <... futex resumed>) = ? [pid 5069] <... futex resumed>) = ? [pid 5070] +++ exited with 0 +++ [pid 5069] +++ exited with 0 +++ [pid 5068] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [ 56.393093][ T5069] EXT4-fs (loop0): get root inode failed [ 56.398838][ T5069] EXT4-fs (loop0): mount failed openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached , child_tidptr=0x5555559ad750) = 5073 [pid 5073] set_robust_list(0x5555559ad760, 24) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5073] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5073] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5073] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5074 attached [pid 5074] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5073] <... clone3 resumed> => {parent_tid=[5074]}, 88) = 5074 [pid 5074] <... rseq resumed>) = 0 [pid 5073] rt_sigprocmask(SIG_SETMASK, [], [pid 5074] set_robust_list(0x7f4227e729a0, 24 [pid 5073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5073] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] rt_sigprocmask(SIG_SETMASK, [], [pid 5073] <... futex resumed>) = 0 [pid 5074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] memfd_create("syzkaller", 0 [pid 5073] <... futex resumed>) = 0 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5074] <... memfd_create resumed>) = 3 [pid 5073] <... mmap resumed>) = 0x7f4227e31000 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5073] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5073] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5075 attached [pid 5075] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5073] <... clone3 resumed> => {parent_tid=[5075]}, 88) = 5075 [pid 5075] <... rseq resumed>) = 0 [pid 5073] rt_sigprocmask(SIG_SETMASK, [], [pid 5075] set_robust_list(0x7f4227e519a0, 24 [pid 5073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5075] <... set_robust_list resumed>) = 0 [pid 5073] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5073] <... futex resumed>) = 0 [pid 5075] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] <... open resumed>) = 4 [pid 5075] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... write resumed>) = 262144 [pid 5075] <... futex resumed>) = 1 [pid 5075] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] <... futex resumed>) = 0 [pid 5074] munmap(0x7f421fa31000, 138412032 [pid 5073] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5073] <... futex resumed>) = 1 [pid 5075] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] <... mount resumed>) = 0 [pid 5075] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... munmap resumed>) = 0 [pid 5075] <... futex resumed>) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5075] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5073] <... futex resumed>) = 0 [pid 5075] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] <... open resumed>) = 5 [pid 5075] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] <... futex resumed>) = 1 [pid 5074] <... openat resumed>) = 6 [pid 5073] <... futex resumed>) = 0 [pid 5075] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5074] ioctl(6, LOOP_SET_FD, 3 [pid 5073] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] write(5, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5073] <... futex resumed>) = 0 [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... ioctl resumed>) = 0 [pid 5074] close(3) = 0 [pid 5074] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5074] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5075] <... write resumed>) = -1 EIO (Input/output error) [pid 5075] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5075] write(5, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5073] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5075] <... write resumed>) = 1045 [pid 5073] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5075] <... futex resumed>) = 0 [ 56.642205][ T5074] loop0: detected capacity change from 0 to 512 [ 56.644713][ T5075] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 56.674710][ T5074] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [pid 5075] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5074] ioctl(6, LOOP_CLR_FD) = 0 [pid 5074] close(6) = 0 [pid 5074] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5074] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] exit_group(0 [pid 5075] <... futex resumed>) = ? [pid 5074] <... futex resumed>) = ? [pid 5073] <... exit_group resumed>) = ? [pid 5075] +++ exited with 0 +++ [pid 5074] +++ exited with 0 +++ [pid 5073] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 56.688321][ T5074] EXT4-fs error (device loop0): ext4_quota_enable:7066: comm syz-executor311: Bad quota inode: 3, type: 0 [ 56.700334][ T5074] EXT4-fs warning (device loop0): ext4_enable_quotas:7107: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 56.716078][ T5074] EXT4-fs (loop0): mount failed ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached [pid 5079] set_robust_list(0x5555559ad760, 24) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] setpgid(0, 0) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5079 [pid 5079] write(3, "1000", 4) = 4 [pid 5079] close(3) = 0 [pid 5079] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5079] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5079] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5080 attached [pid 5080] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5080] set_robust_list(0x7f4227e729a0, 24 [pid 5079] <... clone3 resumed> => {parent_tid=[5080]}, 88) = 5080 [pid 5080] <... set_robust_list resumed>) = 0 [pid 5079] rt_sigprocmask(SIG_SETMASK, [], [pid 5080] rt_sigprocmask(SIG_SETMASK, [], [pid 5079] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5079] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] memfd_create("syzkaller", 0 [pid 5079] <... futex resumed>) = 0 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5080] <... memfd_create resumed>) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... mmap resumed>) = 0x7f4227e31000 [pid 5079] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5080] <... mmap resumed>) = 0x7f421fa31000 [pid 5079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5081 attached [pid 5081] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5079] <... clone3 resumed> => {parent_tid=[5081]}, 88) = 5081 [pid 5081] <... rseq resumed>) = 0 [pid 5079] rt_sigprocmask(SIG_SETMASK, [], [pid 5081] set_robust_list(0x7f4227e519a0, 24 [pid 5079] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5081] <... set_robust_list resumed>) = 0 [pid 5079] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5081] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5080] <... write resumed>) = 262144 [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] munmap(0x7f421fa31000, 138412032 [pid 5081] <... open resumed>) = 4 [pid 5080] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5081] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5081] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] <... futex resumed>) = 0 [pid 5081] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... openat resumed>) = 5 [pid 5081] <... mount resumed>) = 0 [pid 5080] ioctl(5, LOOP_SET_FD, 3 [pid 5081] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5081] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5079] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... open resumed>) = 6 [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5081] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5079] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5080] close(3 [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... close resumed>) = 0 [pid 5080] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5080] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5081] <... write resumed>) = -1 EIO (Input/output error) [pid 5081] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5081] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5079] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5081] <... futex resumed>) = 0 [pid 5081] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5081] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... futex resumed>) = 0 [pid 5081] <... futex resumed>) = 1 [ 56.880960][ T5080] loop0: detected capacity change from 0 to 512 [ 56.884711][ T5081] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 56.903906][ T5080] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #2: comm syz-executor311: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 56.923308][ T5080] EXT4-fs (loop0): get root inode failed [pid 5081] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5080] ioctl(5, LOOP_CLR_FD) = 0 [pid 5080] close(5) = 0 [pid 5080] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] exit_group(0 [pid 5080] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] <... futex resumed>) = ? [pid 5079] <... exit_group resumed>) = ? [ 56.928961][ T5080] EXT4-fs (loop0): mount failed [pid 5081] +++ exited with 0 +++ [pid 5080] <... futex resumed>) = ? [pid 5080] +++ exited with 0 +++ [pid 5079] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached [pid 5084] set_robust_list(0x5555559ad760, 24) = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5084 [pid 5084] <... setpgid resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5084] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5084] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5085 attached => {parent_tid=[5085]}, 88) = 5085 [pid 5084] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5084] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... rseq resumed>) = 0 [pid 5084] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] set_robust_list(0x7f4227e729a0, 24 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... set_robust_list resumed>) = 0 [pid 5084] <... futex resumed>) = 0 [pid 5085] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5085] memfd_create("syzkaller", 0 [pid 5084] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5085] <... memfd_create resumed>) = 3 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5084] <... mprotect resumed>) = 0 [pid 5084] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5084] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5086 attached [pid 5085] <... write resumed>) = 262144 [pid 5086] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5085] munmap(0x7f421fa31000, 138412032 [pid 5084] <... clone3 resumed> => {parent_tid=[5086]}, 88) = 5086 [pid 5086] <... rseq resumed>) = 0 [pid 5084] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] set_robust_list(0x7f4227e519a0, 24 [pid 5084] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5085] <... munmap resumed>) = 0 [pid 5084] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5084] <... futex resumed>) = 0 [pid 5086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5086] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 5 [pid 5086] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... ioctl resumed>) = 0 [pid 5086] <... futex resumed>) = 1 [pid 5085] close(3 [pid 5086] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] <... close resumed>) = 0 [pid 5085] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5085] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5084] <... futex resumed>) = 0 [pid 5084] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] <... futex resumed>) = 0 [pid 5086] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5086] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... futex resumed>) = 0 [pid 5084] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5086] <... futex resumed>) = 1 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c) = 3 [ 57.085266][ T5085] loop0: detected capacity change from 0 to 512 [ 57.106096][ T5085] EXT4-fs (loop0): 1 orphan inode deleted [ 57.111939][ T5085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.124699][ T5085] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [pid 5086] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5086] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] <... futex resumed>) = 0 [pid 5086] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5084] <... futex resumed>) = 0 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] <... write resumed>) = 8 [pid 5086] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5086] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... futex resumed>) = 0 [pid 5084] <... futex resumed>) = 1 [pid 5084] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5086] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5086] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5086] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5085] ioctl(4, LOOP_CLR_FD) = 0 [pid 5085] close(4) = 0 [pid 5085] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5084] exit_group(0) = ? [pid 5086] <... futex resumed>) = ? [pid 5086] +++ exited with 0 +++ [pid 5085] +++ exited with 0 +++ [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached [pid 5089] set_robust_list(0x5555559ad760, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5089 [pid 5089] <... set_robust_list resumed>) = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] setpgid(0, 0) = 0 [ 57.139453][ T5085] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] write(3, "1000", 4) = 4 [pid 5089] close(3) = 0 [pid 5089] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5089] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5089] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5090 attached [pid 5090] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5089] <... clone3 resumed> => {parent_tid=[5090]}, 88) = 5090 [pid 5090] <... rseq resumed>) = 0 [pid 5089] rt_sigprocmask(SIG_SETMASK, [], [pid 5090] set_robust_list(0x7f4227e729a0, 24 [pid 5089] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5090] <... set_robust_list resumed>) = 0 [pid 5089] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5090] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5089] <... futex resumed>) = 0 [pid 5090] memfd_create("syzkaller", 0 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5089] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5090] <... memfd_create resumed>) = 3 [pid 5089] <... mprotect resumed>) = 0 [pid 5089] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5089] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5091 attached [pid 5091] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5089] <... clone3 resumed> => {parent_tid=[5091]}, 88) = 5091 [pid 5091] <... rseq resumed>) = 0 [pid 5091] set_robust_list(0x7f4227e519a0, 24 [pid 5089] rt_sigprocmask(SIG_SETMASK, [], [pid 5091] <... set_robust_list resumed>) = 0 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5089] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5091] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5091] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... futex resumed>) = 0 [pid 5091] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5091] <... open resumed>) = 4 [pid 5091] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5090] <... write resumed>) = 262144 [pid 5091] <... futex resumed>) = 1 [pid 5090] munmap(0x7f421fa31000, 138412032 [pid 5091] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5090] <... munmap resumed>) = 0 [pid 5089] <... futex resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] <... futex resumed>) = 0 [pid 5090] <... openat resumed>) = 5 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5091] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5090] ioctl(5, LOOP_SET_FD, 3 [pid 5091] <... mount resumed>) = 0 [pid 5091] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5091] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5090] <... ioctl resumed>) = 0 [pid 5089] <... futex resumed>) = 0 [pid 5090] close(3 [pid 5089] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5091] <... futex resumed>) = 0 [pid 5089] <... futex resumed>) = 1 [pid 5091] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5090] <... close resumed>) = 0 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5090] mkdir("./bus", 0777 [pid 5091] <... open resumed>) = 6 [pid 5090] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5091] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... futex resumed>) = 0 [pid 5091] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5090] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5089] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5091] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5089] <... futex resumed>) = 0 [pid 5091] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5091] <... write resumed>) = 8 [pid 5091] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... futex resumed>) = 0 [pid 5089] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5091] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5091] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... futex resumed>) = 0 [ 57.306984][ T5090] loop0: detected capacity change from 0 to 512 [ 57.341591][ T5090] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [pid 5091] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5090] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5090] ioctl(5, LOOP_CLR_FD) = 0 [pid 5090] close(5) = 0 [pid 5090] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5090] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] exit_group(0 [pid 5091] <... futex resumed>) = ? [pid 5090] <... futex resumed>) = ? [pid 5089] <... exit_group resumed>) = ? [pid 5091] +++ exited with 0 +++ [pid 5090] +++ exited with 0 +++ [pid 5089] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 57.355094][ T5090] EXT4-fs (loop0): get root inode failed [ 57.360822][ T5090] EXT4-fs (loop0): mount failed close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559ad750) = 5094 ./strace-static-x86_64: Process 5094 attached [pid 5094] set_robust_list(0x5555559ad760, 24) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5094] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5094] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5094] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5094] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5095 attached [pid 5095] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5094] <... clone3 resumed> => {parent_tid=[5095]}, 88) = 5095 [pid 5095] <... rseq resumed>) = 0 [pid 5095] set_robust_list(0x7f4227e729a0, 24) = 0 [pid 5095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5095] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5094] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5094] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5095] <... futex resumed>) = 0 [pid 5094] <... futex resumed>) = 1 [pid 5095] memfd_create("syzkaller", 0 [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5095] <... memfd_create resumed>) = 3 [pid 5094] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5094] <... mprotect resumed>) = 0 [pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5094] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5095] <... write resumed>) = 262144 [pid 5094] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5096 attached [pid 5096] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5095] munmap(0x7f421fa31000, 138412032 [pid 5094] <... clone3 resumed> => {parent_tid=[5096]}, 88) = 5096 [pid 5096] <... rseq resumed>) = 0 [pid 5094] rt_sigprocmask(SIG_SETMASK, [], [pid 5096] set_robust_list(0x7f4227e519a0, 24 [pid 5095] <... munmap resumed>) = 0 [pid 5096] <... set_robust_list resumed>) = 0 [pid 5094] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5094] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] rt_sigprocmask(SIG_SETMASK, [], [pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5096] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5096] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5095] ioctl(4, LOOP_SET_FD, 3 [pid 5096] <... open resumed>) = 5 [pid 5096] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5095] <... ioctl resumed>) = 0 [pid 5096] <... futex resumed>) = 1 [pid 5094] <... futex resumed>) = 0 [pid 5096] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5094] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5095] close(3 [pid 5094] <... futex resumed>) = 0 [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5095] <... close resumed>) = 0 [pid 5095] mkdir("./bus", 0777 [pid 5096] <... mount resumed>) = 0 [pid 5095] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5096] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5095] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5096] <... futex resumed>) = 1 [pid 5096] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5094] <... futex resumed>) = 0 [pid 5094] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5096] <... futex resumed>) = 0 [pid 5096] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... open resumed>) = 3 [pid 5096] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5094] <... futex resumed>) = 0 [pid 5096] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [ 57.518312][ T5095] loop0: detected capacity change from 0 to 512 [pid 5094] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5094] <... futex resumed>) = 0 [pid 5096] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... write resumed>) = 8 [pid 5096] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5094] <... futex resumed>) = 0 [pid 5096] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5094] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5094] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5096] <... write resumed>) = 1045 [pid 5096] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5096] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5094] <... futex resumed>) = 0 [pid 5095] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5095] ioctl(4, LOOP_CLR_FD) = 0 [pid 5095] close(4) = 0 [pid 5095] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5095] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5094] exit_group(0 [pid 5096] <... futex resumed>) = ? [pid 5095] <... futex resumed>) = ? [pid 5094] <... exit_group resumed>) = ? [pid 5096] +++ exited with 0 +++ [pid 5095] +++ exited with 0 +++ [pid 5094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [ 57.564575][ T5095] EXT4-fs (loop0): 1 orphan inode deleted [ 57.570449][ T5095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.583852][ T5095] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 57.596519][ T5095] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5099 attached , child_tidptr=0x5555559ad750) = 5099 [pid 5099] set_robust_list(0x5555559ad760, 24) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5099] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5099] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5099] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5100 attached => {parent_tid=[5100]}, 88) = 5100 [pid 5100] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5099] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5099] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... rseq resumed>) = 0 [pid 5100] set_robust_list(0x7f4227e729a0, 24 [pid 5099] <... futex resumed>) = 0 [pid 5100] <... set_robust_list resumed>) = 0 [pid 5099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5100] rt_sigprocmask(SIG_SETMASK, [], [pid 5099] <... mmap resumed>) = 0x7f4227e31000 [pid 5100] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5099] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5100] memfd_create("syzkaller", 0) = 3 [pid 5099] <... mprotect resumed>) = 0 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5099] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5100] <... mmap resumed>) = 0x7f421fa31000 [pid 5099] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5101 attached => {parent_tid=[5101]}, 88) = 5101 [pid 5101] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5099] rt_sigprocmask(SIG_SETMASK, [], [pid 5101] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5099] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5101] rt_sigprocmask(SIG_SETMASK, [], [pid 5099] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5099] <... futex resumed>) = 0 [pid 5101] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 4 [pid 5101] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... write resumed>) = 262144 [pid 5100] munmap(0x7f421fa31000, 138412032 [pid 5099] <... futex resumed>) = 0 [pid 5101] <... futex resumed>) = 1 [pid 5099] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5099] <... futex resumed>) = 0 [pid 5100] <... munmap resumed>) = 0 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5101] <... mount resumed>) = 0 [pid 5100] <... openat resumed>) = 5 [pid 5100] ioctl(5, LOOP_SET_FD, 3 [pid 5101] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5099] <... futex resumed>) = 0 [pid 5101] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5099] <... futex resumed>) = 0 [pid 5101] <... open resumed>) = 6 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5099] <... futex resumed>) = 0 [pid 5101] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5099] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... ioctl resumed>) = 0 [pid 5099] <... futex resumed>) = 0 [pid 5100] close(3) = 0 [pid 5100] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5100] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5101] <... write resumed>) = -1 EIO (Input/output error) [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5099] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5099] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = 0 [pid 5101] <... futex resumed>) = 1 [pid 5099] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5101] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5101] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5099] <... futex resumed>) = 0 [ 57.765894][ T5100] loop0: detected capacity change from 0 to 512 [ 57.769599][ T5101] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 57.791818][ T5100] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 57.805821][ T5100] EXT4-fs (loop0): get root inode failed [pid 5100] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5100] ioctl(5, LOOP_CLR_FD) = 0 [pid 5100] close(5) = 0 [pid 5100] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5099] exit_group(0 [pid 5100] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5101] <... futex resumed>) = ? [pid 5100] <... futex resumed>) = ? [pid 5099] <... exit_group resumed>) = ? [pid 5101] +++ exited with 0 +++ [pid 5100] +++ exited with 0 +++ [pid 5099] +++ exited with 0 +++ [ 57.811639][ T5100] EXT4-fs (loop0): mount failed --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559ad750) = 5104 ./strace-static-x86_64: Process 5104 attached [pid 5104] set_robust_list(0x5555559ad760, 24) = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5104] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5104] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5105 attached [pid 5105] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5104] <... clone3 resumed> => {parent_tid=[5105]}, 88) = 5105 [pid 5105] <... rseq resumed>) = 0 [pid 5105] set_robust_list(0x7f4227e729a0, 24) = 0 [pid 5105] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5105] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5104] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5104] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5105] <... futex resumed>) = 0 [pid 5105] memfd_create("syzkaller", 0 [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] <... memfd_create resumed>) = 3 [pid 5104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5104] <... mmap resumed>) = 0x7f4227e31000 [pid 5105] <... mmap resumed>) = 0x7f421fa31000 [pid 5104] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5104] <... mprotect resumed>) = 0 [pid 5104] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5105] <... write resumed>) = 262144 [pid 5104] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5105] munmap(0x7f421fa31000, 138412032 [pid 5104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5106 attached [pid 5106] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5104] <... clone3 resumed> => {parent_tid=[5106]}, 88) = 5106 [pid 5106] <... rseq resumed>) = 0 [pid 5104] rt_sigprocmask(SIG_SETMASK, [], [pid 5106] set_robust_list(0x7f4227e519a0, 24 [pid 5104] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5106] <... set_robust_list resumed>) = 0 [pid 5105] <... munmap resumed>) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5106] rt_sigprocmask(SIG_SETMASK, [], [pid 5104] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5104] <... futex resumed>) = 0 [pid 5106] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... open resumed>) = 4 [pid 5105] <... openat resumed>) = 5 [pid 5106] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] ioctl(5, LOOP_SET_FD, 3 [pid 5106] <... futex resumed>) = 1 [pid 5104] <... futex resumed>) = 0 [pid 5106] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5104] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5106] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5104] <... futex resumed>) = 0 [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... mount resumed>) = 0 [pid 5106] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] <... ioctl resumed>) = 0 [pid 5106] <... futex resumed>) = 1 [pid 5105] close(3 [pid 5104] <... futex resumed>) = 0 [pid 5106] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5105] <... close resumed>) = 0 [pid 5104] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] <... open resumed>) = 3 [pid 5105] mkdir("./bus", 0777 [pid 5104] <... futex resumed>) = 0 [pid 5105] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5106] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5105] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... futex resumed>) = 0 [pid 5104] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5104] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5106] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5104] <... futex resumed>) = 0 [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... write resumed>) = 8 [pid 5106] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5104] <... futex resumed>) = 0 [pid 5106] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5104] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5104] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5106] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5106] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [ 57.971209][ T5105] loop0: detected capacity change from 0 to 512 [ 57.994366][ T5105] EXT4-fs (loop0): 1 orphan inode deleted [ 58.000142][ T5105] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [pid 5106] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5104] <... futex resumed>) = 0 [pid 5106] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5105] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5105] ioctl(5, LOOP_CLR_FD) = 0 [pid 5105] close(5) = 0 [pid 5105] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5105] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5104] exit_group(0 [pid 5106] <... futex resumed>) = ? [pid 5105] <... futex resumed>) = ? [pid 5104] <... exit_group resumed>) = ? [pid 5106] +++ exited with 0 +++ [pid 5105] +++ exited with 0 +++ [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5109 attached [pid 5109] set_robust_list(0x5555559ad760, 24) = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5109 [pid 5109] <... prctl resumed>) = 0 [pid 5109] setpgid(0, 0) = 0 [ 58.012762][ T5105] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 58.024713][ T5105] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5109] write(3, "1000", 4) = 4 [pid 5109] close(3) = 0 [pid 5109] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5109] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5109] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5110 attached [pid 5110] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5109] <... clone3 resumed> => {parent_tid=[5110]}, 88) = 5110 [pid 5110] <... rseq resumed>) = 0 [pid 5110] set_robust_list(0x7f4227e729a0, 24 [pid 5109] rt_sigprocmask(SIG_SETMASK, [], [pid 5110] <... set_robust_list resumed>) = 0 [pid 5110] rt_sigprocmask(SIG_SETMASK, [], [pid 5109] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5110] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5109] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5110] memfd_create("syzkaller", 0 [pid 5109] <... futex resumed>) = 0 [pid 5110] <... memfd_create resumed>) = 3 [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5110] <... mmap resumed>) = 0x7f421fa52000 [pid 5109] <... mmap resumed>) = 0x7f421fa31000 [pid 5109] mprotect(0x7f421fa32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5109] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5109] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f421fa51990, parent_tid=0x7f421fa51990, exit_signal=0, stack=0x7f421fa31000, stack_size=0x20240, tls=0x7f421fa516c0}./strace-static-x86_64: Process 5111 attached [pid 5111] rseq(0x7f421fa51fe0, 0x20, 0, 0x53053053) = 0 [pid 5109] <... clone3 resumed> => {parent_tid=[5111]}, 88) = 5111 [pid 5111] set_robust_list(0x7f421fa519a0, 24 [pid 5109] rt_sigprocmask(SIG_SETMASK, [], [pid 5110] <... write resumed>) = 262144 [pid 5111] <... set_robust_list resumed>) = 0 [pid 5109] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5111] rt_sigprocmask(SIG_SETMASK, [], [pid 5109] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5111] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5109] <... futex resumed>) = 0 [pid 5111] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5111] <... open resumed>) = 4 [pid 5110] munmap(0x7f421fa52000, 138412032 [pid 5111] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5110] <... munmap resumed>) = 0 [pid 5111] <... futex resumed>) = 1 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5111] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5110] <... openat resumed>) = 5 [pid 5109] <... futex resumed>) = 0 [pid 5110] ioctl(5, LOOP_SET_FD, 3 [pid 5109] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5111] <... futex resumed>) = 0 [pid 5110] <... ioctl resumed>) = 0 [pid 5111] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5110] close(3) = 0 [pid 5110] mkdir("./bus", 0777 [pid 5111] <... mount resumed>) = 0 [pid 5110] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5110] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5111] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5109] <... futex resumed>) = 0 [pid 5111] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5109] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5111] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5109] <... futex resumed>) = 0 [pid 5111] <... open resumed>) = 3 [ 58.185788][ T5110] loop0: detected capacity change from 0 to 512 [ 58.215459][ T5110] EXT4-fs (loop0): 1 orphan inode deleted [ 58.221275][ T5110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5111] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5109] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5111] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8) = 8 [pid 5111] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5110] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5109] <... futex resumed>) = 0 [pid 5111] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5109] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5110] ioctl(5, LOOP_CLR_FD [pid 5109] <... futex resumed>) = 0 [pid 5109] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5110] <... ioctl resumed>) = 0 [pid 5110] close(5) = 0 [pid 5110] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5110] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5111] <... write resumed>) = 1045 [pid 5111] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5109] <... futex resumed>) = 0 [pid 5109] exit_group(0) = ? [pid 5111] <... futex resumed>) = ? [pid 5111] +++ exited with 0 +++ [pid 5110] <... futex resumed>) = ? [pid 5110] +++ exited with 0 +++ [pid 5109] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [ 58.234142][ T5110] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 58.246612][ T5110] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5114 attached , child_tidptr=0x5555559ad750) = 5114 [pid 5114] set_robust_list(0x5555559ad760, 24) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5114] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5114] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5115 attached [pid 5115] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5115] set_robust_list(0x7f4227e729a0, 24) = 0 [pid 5115] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5115] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] <... clone3 resumed> => {parent_tid=[5115]}, 88) = 5115 [pid 5114] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5114] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5115] <... futex resumed>) = 0 [pid 5115] memfd_create("syzkaller", 0 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5115] <... memfd_create resumed>) = 3 [pid 5114] <... mmap resumed>) = 0x7f4227e31000 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5114] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5115] <... mmap resumed>) = 0x7f421fa31000 [pid 5114] <... mprotect resumed>) = 0 [pid 5114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0} [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5116 attached [pid 5116] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5114] <... clone3 resumed> => {parent_tid=[5116]}, 88) = 5116 [pid 5116] set_robust_list(0x7f4227e519a0, 24 [pid 5114] rt_sigprocmask(SIG_SETMASK, [], [pid 5116] <... set_robust_list resumed>) = 0 [pid 5116] rt_sigprocmask(SIG_SETMASK, [], [pid 5114] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5116] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5114] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5114] <... futex resumed>) = 0 [pid 5116] <... open resumed>) = 4 [pid 5115] <... write resumed>) = 262144 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5116] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5115] munmap(0x7f421fa31000, 138412032 [pid 5116] <... futex resumed>) = 1 [pid 5114] <... futex resumed>) = 0 [pid 5116] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5116] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5115] <... munmap resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5115] ioctl(5, LOOP_SET_FD, 3 [pid 5116] <... mount resumed>) = 0 [pid 5116] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5116] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5115] <... ioctl resumed>) = 0 [pid 5114] <... futex resumed>) = 0 [pid 5114] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... futex resumed>) = 0 [pid 5114] <... futex resumed>) = 1 [pid 5115] close(3 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5116] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5115] <... close resumed>) = 0 [pid 5115] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5116] <... open resumed>) = 3 [pid 5116] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5115] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5116] <... futex resumed>) = 1 [pid 5114] <... futex resumed>) = 0 [pid 5116] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5114] <... futex resumed>) = 0 [pid 5116] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5116] <... write resumed>) = 8 [pid 5116] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5114] <... futex resumed>) = 0 [pid 5116] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5114] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5116] <... write resumed>) = 1045 [pid 5114] <... futex resumed>) = 0 [pid 5116] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5114] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5116] <... futex resumed>) = 0 [pid 5116] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 58.412945][ T5115] loop0: detected capacity change from 0 to 512 [ 58.443117][ T5115] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 58.456679][ T5115] EXT4-fs (loop0): get root inode failed [pid 5115] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5115] ioctl(5, LOOP_CLR_FD) = 0 [pid 5115] close(5) = 0 [pid 5115] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5115] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5114] exit_group(0 [pid 5116] <... futex resumed>) = ? [pid 5115] <... futex resumed>) = ? [pid 5114] <... exit_group resumed>) = ? [pid 5116] +++ exited with 0 +++ [pid 5115] +++ exited with 0 +++ [pid 5114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 [ 58.462492][ T5115] EXT4-fs (loop0): mount failed openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached , child_tidptr=0x5555559ad750) = 5119 [pid 5119] set_robust_list(0x5555559ad760, 24) = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5119] write(3, "1000", 4) = 4 [pid 5119] close(3) = 0 [pid 5119] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5119] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5119] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5120 attached [pid 5120] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5119] <... clone3 resumed> => {parent_tid=[5120]}, 88) = 5120 [pid 5120] set_robust_list(0x7f4227e729a0, 24 [pid 5119] rt_sigprocmask(SIG_SETMASK, [], [pid 5120] <... set_robust_list resumed>) = 0 [pid 5119] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5120] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5119] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5120] memfd_create("syzkaller", 0 [pid 5119] <... futex resumed>) = 0 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] <... memfd_create resumed>) = 3 [pid 5119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5119] <... mmap resumed>) = 0x7f4227e31000 [pid 5120] <... mmap resumed>) = 0x7f421fa31000 [pid 5119] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5121 attached [pid 5121] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5119] <... clone3 resumed> => {parent_tid=[5121]}, 88) = 5121 [pid 5121] <... rseq resumed>) = 0 [pid 5119] rt_sigprocmask(SIG_SETMASK, [], [pid 5121] set_robust_list(0x7f4227e519a0, 24 [pid 5119] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5120] <... write resumed>) = 262144 [pid 5121] <... set_robust_list resumed>) = 0 [pid 5119] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] rt_sigprocmask(SIG_SETMASK, [], [pid 5120] munmap(0x7f421fa31000, 138412032 [pid 5119] <... futex resumed>) = 0 [pid 5121] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 4 [pid 5121] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5121] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5119] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5120] <... munmap resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5119] <... futex resumed>) = 0 [pid 5120] <... openat resumed>) = 5 [pid 5120] ioctl(5, LOOP_SET_FD, 3 [pid 5121] <... mount resumed>) = 0 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5119] <... futex resumed>) = 0 [pid 5119] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5121] <... futex resumed>) = 1 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c) = 6 [pid 5121] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5120] <... ioctl resumed>) = 0 [pid 5120] close(3 [pid 5119] <... futex resumed>) = 0 [pid 5121] <... futex resumed>) = 1 [pid 5119] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5121] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5119] <... futex resumed>) = 0 [pid 5120] <... close resumed>) = 0 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5120] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5121] <... write resumed>) = 8 [pid 5120] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5121] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5121] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5119] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5119] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5121] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5121] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5121] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5119] <... futex resumed>) = 0 [pid 5121] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5120] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5120] ioctl(5, LOOP_CLR_FD) = 0 [pid 5120] close(5) = 0 [pid 5120] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5120] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5119] exit_group(0) = ? [pid 5121] <... futex resumed>) = ? [pid 5120] <... futex resumed>) = ? [pid 5120] +++ exited with 0 +++ [pid 5121] +++ exited with 0 +++ [pid 5119] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [ 58.658466][ T5120] loop0: detected capacity change from 0 to 512 [ 58.687518][ T5120] EXT4-fs (loop0): Invalid log block size: 2475723007 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5122 attached [pid 5122] set_robust_list(0x5555559ad760, 24) = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5122 [pid 5122] setpgid(0, 0) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5122] write(3, "1000", 4) = 4 [pid 5122] close(3) = 0 [pid 5122] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5122] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5122] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5122] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5122] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5122] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5123 attached [pid 5123] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5122] <... clone3 resumed> => {parent_tid=[5123]}, 88) = 5123 [pid 5123] <... rseq resumed>) = 0 [pid 5122] rt_sigprocmask(SIG_SETMASK, [], [pid 5123] set_robust_list(0x7f4227e729a0, 24 [pid 5122] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5123] <... set_robust_list resumed>) = 0 [pid 5122] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] rt_sigprocmask(SIG_SETMASK, [], [pid 5122] <... futex resumed>) = 0 [pid 5123] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] memfd_create("syzkaller", 0 [pid 5122] <... futex resumed>) = 0 [pid 5122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5123] <... memfd_create resumed>) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5122] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5122] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5122] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5124 attached [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5124] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5122] <... clone3 resumed> => {parent_tid=[5124]}, 88) = 5124 [pid 5124] <... rseq resumed>) = 0 [pid 5124] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5122] rt_sigprocmask(SIG_SETMASK, [], [pid 5124] rt_sigprocmask(SIG_SETMASK, [], [pid 5122] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5122] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5123] <... write resumed>) = 262144 [pid 5122] <... futex resumed>) = 0 [pid 5124] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5124] <... open resumed>) = 4 [pid 5124] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] munmap(0x7f421fa31000, 138412032 [pid 5124] <... futex resumed>) = 1 [pid 5122] <... futex resumed>) = 0 [pid 5123] <... munmap resumed>) = 0 [pid 5124] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5123] ioctl(5, LOOP_SET_FD, 3 [pid 5122] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] <... futex resumed>) = 1 [pid 5124] <... futex resumed>) = 0 [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5124] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5123] close(3 [pid 5124] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5123] <... close resumed>) = 0 [pid 5123] mkdir("./bus", 0777 [pid 5124] <... futex resumed>) = 1 [pid 5122] <... futex resumed>) = 0 [pid 5124] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5123] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5122] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... open resumed>) = 3 [pid 5122] <... futex resumed>) = 0 [pid 5123] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5124] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5122] <... futex resumed>) = 0 [pid 5124] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5122] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5124] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8) = 8 [pid 5122] <... futex resumed>) = 0 [pid 5124] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5124] <... futex resumed>) = 0 [pid 5122] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5124] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5122] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5124] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5122] <... futex resumed>) = 0 [pid 5124] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5122] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5124] <... write resumed>) = 1045 [ 58.823901][ T5123] loop0: detected capacity change from 0 to 512 [ 58.854069][ T5123] EXT4-fs (loop0): 1 orphan inode deleted [ 58.860042][ T5123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [pid 5124] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5124] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5122] <... futex resumed>) = 0 [pid 5123] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5123] ioctl(5, LOOP_CLR_FD) = 0 [pid 5123] close(5) = 0 [pid 5123] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5122] exit_group(0 [pid 5124] <... futex resumed>) = ? [pid 5122] <... exit_group resumed>) = ? [pid 5124] +++ exited with 0 +++ [pid 5123] +++ exited with 0 +++ [pid 5122] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 [ 58.873140][ T5123] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 58.885946][ T5123] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5127 attached , child_tidptr=0x5555559ad750) = 5127 [pid 5127] set_robust_list(0x5555559ad760, 24) = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5127] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5127] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5127] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5127] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5127] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5128 attached => {parent_tid=[5128]}, 88) = 5128 [pid 5127] rt_sigprocmask(SIG_SETMASK, [], [pid 5128] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5127] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5128] <... rseq resumed>) = 0 [pid 5127] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] set_robust_list(0x7f4227e729a0, 24 [pid 5127] <... futex resumed>) = 0 [pid 5128] <... set_robust_list resumed>) = 0 [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] rt_sigprocmask(SIG_SETMASK, [], [pid 5127] <... futex resumed>) = 0 [pid 5128] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5127] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5128] memfd_create("syzkaller", 0 [pid 5127] <... mprotect resumed>) = 0 [pid 5128] <... memfd_create resumed>) = 3 [pid 5127] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5127] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5128] <... mmap resumed>) = 0x7f421fa31000 [pid 5127] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5129 attached [pid 5129] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5129] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5127] <... clone3 resumed> => {parent_tid=[5129]}, 88) = 5129 [pid 5129] rt_sigprocmask(SIG_SETMASK, [], [pid 5127] rt_sigprocmask(SIG_SETMASK, [], [pid 5129] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5127] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5127] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5129] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5127] <... futex resumed>) = 0 [pid 5129] <... open resumed>) = 4 [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5129] <... futex resumed>) = 1 [pid 5127] <... futex resumed>) = 0 [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5127] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... futex resumed>) = 0 [pid 5128] <... write resumed>) = 262144 [pid 5129] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5128] munmap(0x7f421fa31000, 138412032 [pid 5129] <... mount resumed>) = 0 [pid 5129] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5128] <... munmap resumed>) = 0 [pid 5127] <... futex resumed>) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5127] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5127] <... futex resumed>) = 0 [pid 5129] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... open resumed>) = 5 [pid 5129] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5128] <... openat resumed>) = 6 [pid 5129] <... futex resumed>) = 1 [pid 5127] <... futex resumed>) = 0 [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] ioctl(6, LOOP_SET_FD, 3 [pid 5127] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5127] <... futex resumed>) = 0 [pid 5129] write(5, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5128] <... ioctl resumed>) = 0 [pid 5128] close(3 [pid 5129] <... write resumed>) = -1 EIO (Input/output error) [pid 5128] <... close resumed>) = 0 [pid 5129] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5128] mkdir("./bus", 0777 [pid 5127] <... futex resumed>) = 0 [pid 5128] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5128] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5127] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5127] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5129] <... futex resumed>) = 0 [pid 5129] write(5, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5129] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5129] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5127] <... futex resumed>) = 0 [pid 5128] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5128] ioctl(6, LOOP_CLR_FD) = 0 [pid 5128] close(6) = 0 [pid 5128] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5127] exit_group(0 [pid 5129] <... futex resumed>) = ? [pid 5127] <... exit_group resumed>) = ? [pid 5129] +++ exited with 0 +++ [pid 5128] +++ exited with 0 +++ [pid 5127] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5130 attached [pid 5130] set_robust_list(0x5555559ad760, 24) = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5130 [pid 5130] <... prctl resumed>) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5130] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5130] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5130] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5130] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 59.052569][ T5128] loop0: detected capacity change from 0 to 512 [ 59.052794][ T5129] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 59.074893][ T5128] EXT4-fs (loop0): bad geometry: block count 3888436996 exceeds size of device (64 blocks) [pid 5130] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0} => {parent_tid=[5131]}, 88) = 5131 ./strace-static-x86_64: Process 5131 attached [pid 5131] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5130] rt_sigprocmask(SIG_SETMASK, [], [pid 5131] <... rseq resumed>) = 0 [pid 5130] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5131] set_robust_list(0x7f4227e729a0, 24 [pid 5130] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] <... set_robust_list resumed>) = 0 [pid 5130] <... futex resumed>) = 0 [pid 5131] rt_sigprocmask(SIG_SETMASK, [], [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5130] <... futex resumed>) = 0 [pid 5131] memfd_create("syzkaller", 0 [pid 5130] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5131] <... memfd_create resumed>) = 3 [pid 5130] <... mmap resumed>) = 0x7f4227e31000 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5130] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5131] <... mmap resumed>) = 0x7f421fa31000 [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5130] <... mprotect resumed>) = 0 [pid 5130] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5130] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0} => {parent_tid=[5132]}, 88) = 5132 [pid 5130] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5130] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5131] <... write resumed>) = 262144 [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5131] munmap(0x7f421fa31000, 138412032./strace-static-x86_64: Process 5132 attached [pid 5132] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5131] <... munmap resumed>) = 0 [pid 5132] set_robust_list(0x7f4227e519a0, 24 [pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5132] <... set_robust_list resumed>) = 0 [pid 5131] <... openat resumed>) = 4 [pid 5132] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5131] ioctl(4, LOOP_SET_FD, 3 [pid 5132] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 5 [pid 5132] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5130] <... futex resumed>) = 0 [pid 5130] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5132] <... futex resumed>) = 1 [pid 5132] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5132] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5131] <... ioctl resumed>) = 0 [pid 5131] close(3 [pid 5130] <... futex resumed>) = 0 [pid 5132] <... futex resumed>) = 1 [pid 5130] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5130] <... futex resumed>) = 0 [pid 5131] <... close resumed>) = 0 [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5132] <... open resumed>) = 6 [pid 5131] mkdir("./bus", 0777 [pid 5132] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5131] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5130] <... futex resumed>) = 0 [pid 5132] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5130] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5131] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5130] <... futex resumed>) = 0 [pid 5132] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5132] <... write resumed>) = 8 [pid 5132] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5130] <... futex resumed>) = 0 [pid 5132] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5130] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5132] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5130] <... futex resumed>) = 0 [pid 5132] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5130] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5132] <... write resumed>) = 1045 [ 59.189994][ T5131] loop0: detected capacity change from 0 to 512 [pid 5132] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5132] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5130] <... futex resumed>) = 0 [pid 5131] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5131] ioctl(4, LOOP_CLR_FD) = 0 [pid 5131] close(4) = 0 [pid 5131] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5131] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5130] exit_group(0 [pid 5132] <... futex resumed>) = ? [pid 5130] <... exit_group resumed>) = ? [pid 5132] +++ exited with 0 +++ [pid 5131] <... futex resumed>) = ? [pid 5131] +++ exited with 0 +++ [pid 5130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5135 attached [pid 5135] set_robust_list(0x5555559ad760, 24) = 0 [ 59.231533][ T5131] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 59.245271][ T5131] EXT4-fs (loop0): get root inode failed [ 59.250958][ T5131] EXT4-fs (loop0): mount failed [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5135 [pid 5135] <... prctl resumed>) = 0 [pid 5135] setpgid(0, 0) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5135] write(3, "1000", 4) = 4 [pid 5135] close(3) = 0 [pid 5135] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5135] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5135] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5135] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5135] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5135] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5135] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5136 attached [pid 5136] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5135] <... clone3 resumed> => {parent_tid=[5136]}, 88) = 5136 [pid 5136] <... rseq resumed>) = 0 [pid 5135] rt_sigprocmask(SIG_SETMASK, [], [pid 5136] set_robust_list(0x7f4227e729a0, 24 [pid 5135] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5136] <... set_robust_list resumed>) = 0 [pid 5135] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] rt_sigprocmask(SIG_SETMASK, [], [pid 5135] <... futex resumed>) = 0 [pid 5136] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] memfd_create("syzkaller", 0 [pid 5135] <... futex resumed>) = 0 [pid 5135] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5136] <... memfd_create resumed>) = 3 [pid 5135] <... mmap resumed>) = 0x7f4227e31000 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f421fa31000 [pid 5135] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5135] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5135] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5137 attached [pid 5137] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5137] <... rseq resumed>) = 0 [pid 5135] <... clone3 resumed> => {parent_tid=[5137]}, 88) = 5137 [pid 5137] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5135] rt_sigprocmask(SIG_SETMASK, [], [pid 5137] rt_sigprocmask(SIG_SETMASK, [], [pid 5135] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5137] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5135] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5135] <... futex resumed>) = 0 [pid 5137] <... open resumed>) = 4 [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5135] <... futex resumed>) = 0 [pid 5137] <... futex resumed>) = 1 [pid 5135] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5135] <... futex resumed>) = 0 [pid 5137] <... mount resumed>) = 0 [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... write resumed>) = 262144 [pid 5137] <... futex resumed>) = 1 [pid 5136] munmap(0x7f421fa31000, 138412032 [pid 5135] <... futex resumed>) = 0 [pid 5137] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5136] <... munmap resumed>) = 0 [pid 5135] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5135] <... futex resumed>) = 0 [pid 5137] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... open resumed>) = 5 [pid 5137] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5136] <... openat resumed>) = 6 [pid 5135] <... futex resumed>) = 0 [pid 5137] <... futex resumed>) = 1 [pid 5136] ioctl(6, LOOP_SET_FD, 3 [pid 5135] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5137] write(5, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5135] <... futex resumed>) = 0 [pid 5136] <... ioctl resumed>) = 0 [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5136] close(3) = 0 [pid 5136] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5136] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5137] <... write resumed>) = -1 EIO (Input/output error) [pid 5137] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5135] <... futex resumed>) = 0 [pid 5135] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5135] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5137] <... futex resumed>) = 1 [pid 5137] write(5, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5137] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5137] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5135] <... futex resumed>) = 0 [ 59.410479][ T5136] loop0: detected capacity change from 0 to 512 [ 59.410945][ T5137] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 59.441467][ T5136] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 59.455130][ T5136] EXT4-fs (loop0): get root inode failed [pid 5136] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5136] ioctl(6, LOOP_CLR_FD) = 0 [pid 5136] close(6) = 0 [pid 5136] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5136] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5135] exit_group(0 [pid 5137] <... futex resumed>) = ? [pid 5136] <... futex resumed>) = ? [pid 5135] <... exit_group resumed>) = ? [pid 5137] +++ exited with 0 +++ [pid 5136] +++ exited with 0 +++ [ 59.460936][ T5136] EXT4-fs (loop0): mount failed [pid 5135] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached [pid 5140] set_robust_list(0x5555559ad760, 24) = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5140 [pid 5140] <... setpgid resumed>) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5140] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5140] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5141 attached [pid 5141] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5140] <... clone3 resumed> => {parent_tid=[5141]}, 88) = 5141 [pid 5141] set_robust_list(0x7f4227e729a0, 24 [pid 5140] rt_sigprocmask(SIG_SETMASK, [], [pid 5141] <... set_robust_list resumed>) = 0 [pid 5140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5140] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5141] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5140] <... mmap resumed>) = 0x7f4227e31000 [pid 5140] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5141] <... memfd_create resumed>) = 3 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5140] <... mprotect resumed>) = 0 [pid 5141] <... mmap resumed>) = 0x7f421fa31000 [pid 5140] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5140] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5142 attached [pid 5141] <... write resumed>) = 262144 [pid 5142] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5141] munmap(0x7f421fa31000, 138412032 [pid 5140] <... clone3 resumed> => {parent_tid=[5142]}, 88) = 5142 [pid 5142] <... rseq resumed>) = 0 [pid 5140] rt_sigprocmask(SIG_SETMASK, [], [pid 5142] set_robust_list(0x7f4227e519a0, 24 [pid 5140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5141] <... munmap resumed>) = 0 [pid 5142] <... set_robust_list resumed>) = 0 [pid 5140] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5142] rt_sigprocmask(SIG_SETMASK, [], [pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5140] <... futex resumed>) = 0 [pid 5142] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5141] <... openat resumed>) = 4 [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5142] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5142] <... open resumed>) = 5 [pid 5142] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5140] <... futex resumed>) = 0 [pid 5142] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5140] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5142] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5140] <... futex resumed>) = 0 [pid 5142] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5142] <... mount resumed>) = 0 [pid 5142] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5141] <... ioctl resumed>) = 0 [pid 5142] <... futex resumed>) = 1 [pid 5141] close(3 [pid 5142] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5141] <... close resumed>) = 0 [pid 5141] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5141] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5140] <... futex resumed>) = 0 [pid 5140] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5142] <... futex resumed>) = 0 [pid 5140] <... futex resumed>) = 1 [pid 5142] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5142] <... open resumed>) = 3 [pid 5142] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5140] <... futex resumed>) = 0 [pid 5142] <... futex resumed>) = 1 [pid 5140] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5142] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5140] <... futex resumed>) = 0 [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5142] <... write resumed>) = 8 [pid 5142] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5142] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5140] <... futex resumed>) = 0 [pid 5140] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5142] <... futex resumed>) = 0 [pid 5142] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5140] <... futex resumed>) = 1 [pid 5140] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5142] <... write resumed>) = 1045 [pid 5142] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5142] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5140] <... futex resumed>) = 0 [ 59.681905][ T5141] loop0: detected capacity change from 0 to 512 [pid 5141] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5141] ioctl(4, LOOP_CLR_FD) = 0 [pid 5141] close(4) = 0 [pid 5141] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5140] exit_group(0 [pid 5141] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5142] <... futex resumed>) = ? [pid 5141] <... futex resumed>) = ? [pid 5140] <... exit_group resumed>) = ? [pid 5142] +++ exited with 0 +++ [pid 5141] +++ exited with 0 +++ [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5145 attached , child_tidptr=0x5555559ad750) = 5145 [pid 5145] set_robust_list(0x5555559ad760, 24) = 0 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5145] setpgid(0, 0) = 0 [ 59.722943][ T5141] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 59.736409][ T5141] EXT4-fs (loop0): get root inode failed [ 59.742113][ T5141] EXT4-fs (loop0): mount failed [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5145] write(3, "1000", 4) = 4 [pid 5145] close(3) = 0 [pid 5145] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5145] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5145] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5145] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5146 attached [pid 5146] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5145] <... clone3 resumed> => {parent_tid=[5146]}, 88) = 5146 [pid 5146] set_robust_list(0x7f4227e729a0, 24 [pid 5145] rt_sigprocmask(SIG_SETMASK, [], [pid 5146] <... set_robust_list resumed>) = 0 [pid 5145] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5146] rt_sigprocmask(SIG_SETMASK, [], [pid 5145] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5146] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5146] memfd_create("syzkaller", 0 [pid 5145] <... futex resumed>) = 0 [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5146] <... memfd_create resumed>) = 3 [pid 5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... mmap resumed>) = 0x7f4227e31000 [pid 5146] <... mmap resumed>) = 0x7f421fa31000 [pid 5145] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5145] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5145] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5147 attached [pid 5147] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5145] <... clone3 resumed> => {parent_tid=[5147]}, 88) = 5147 [pid 5147] <... rseq resumed>) = 0 [pid 5145] rt_sigprocmask(SIG_SETMASK, [], [pid 5147] set_robust_list(0x7f4227e519a0, 24 [pid 5145] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5147] <... set_robust_list resumed>) = 0 [pid 5146] <... write resumed>) = 262144 [pid 5145] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] rt_sigprocmask(SIG_SETMASK, [], [pid 5145] <... futex resumed>) = 0 [pid 5147] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5146] munmap(0x7f421fa31000, 138412032 [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5147] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000) = 4 [pid 5147] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5146] <... munmap resumed>) = 0 [pid 5147] <... futex resumed>) = 1 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5145] <... futex resumed>) = 0 [pid 5147] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5146] <... openat resumed>) = 5 [pid 5145] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5147] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5146] ioctl(5, LOOP_SET_FD, 3 [pid 5145] <... futex resumed>) = 0 [pid 5147] <... mount resumed>) = 0 [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5147] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5146] <... ioctl resumed>) = 0 [pid 5145] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5147] <... futex resumed>) = 0 [pid 5146] close(3 [pid 5147] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5145] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... open resumed>) = 6 [pid 5146] <... close resumed>) = 0 [pid 5145] <... futex resumed>) = 0 [pid 5146] mkdir("./bus", 0777 [pid 5147] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5146] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5147] <... futex resumed>) = 0 [pid 5146] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5145] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5147] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5145] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5145] <... futex resumed>) = 0 [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5147] <... write resumed>) = 8 [pid 5147] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5145] <... futex resumed>) = 0 [pid 5147] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5145] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5147] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5145] <... futex resumed>) = 0 [pid 5147] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5145] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5147] <... write resumed>) = 1045 [pid 5147] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5145] <... futex resumed>) = 0 [pid 5147] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5146] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5146] ioctl(5, LOOP_CLR_FD) = 0 [pid 5146] close(5) = 0 [pid 5146] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 59.868604][ T5146] loop0: detected capacity change from 0 to 512 [ 59.891458][ T5146] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 59.905228][ T5146] EXT4-fs (loop0): get root inode failed [ 59.911041][ T5146] EXT4-fs (loop0): mount failed [pid 5146] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5145] exit_group(0) = ? [pid 5147] <... futex resumed>) = ? [pid 5146] <... futex resumed>) = ? [pid 5147] +++ exited with 0 +++ [pid 5146] +++ exited with 0 +++ [pid 5145] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5150 attached , child_tidptr=0x5555559ad750) = 5150 [pid 5150] set_robust_list(0x5555559ad760, 24) = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5150] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5150] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5150] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5150] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5150] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5151 attached [pid 5151] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5150] <... clone3 resumed> => {parent_tid=[5151]}, 88) = 5151 [pid 5151] <... rseq resumed>) = 0 [pid 5150] rt_sigprocmask(SIG_SETMASK, [], [pid 5151] set_robust_list(0x7f4227e729a0, 24 [pid 5150] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5151] <... set_robust_list resumed>) = 0 [pid 5150] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5151] rt_sigprocmask(SIG_SETMASK, [], [pid 5150] <... futex resumed>) = 0 [pid 5151] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5151] memfd_create("syzkaller", 0 [pid 5150] <... futex resumed>) = 0 [pid 5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5151] <... memfd_create resumed>) = 3 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5150] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5151] <... mmap resumed>) = 0x7f421fa31000 [pid 5150] <... mprotect resumed>) = 0 [pid 5150] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5150] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5152 attached [pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5150] <... clone3 resumed> => {parent_tid=[5152]}, 88) = 5152 [pid 5152] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5152] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5152] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5150] rt_sigprocmask(SIG_SETMASK, [], [pid 5152] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5150] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5150] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] <... futex resumed>) = 0 [pid 5150] <... futex resumed>) = 1 [pid 5152] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5152] <... open resumed>) = 4 [pid 5152] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5151] <... write resumed>) = 262144 [pid 5152] <... futex resumed>) = 1 [pid 5151] munmap(0x7f421fa31000, 138412032 [pid 5150] <... futex resumed>) = 0 [pid 5150] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5152] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5152] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5150] <... futex resumed>) = 0 [pid 5152] <... futex resumed>) = 1 [pid 5150] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5152] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5150] <... futex resumed>) = 0 [pid 5152] <... open resumed>) = 5 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5152] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5151] <... munmap resumed>) = 0 [pid 5152] <... futex resumed>) = 1 [pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5150] <... futex resumed>) = 0 [pid 5152] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5151] <... openat resumed>) = 6 [pid 5150] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5152] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5151] ioctl(6, LOOP_SET_FD, 3 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5152] write(5, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5151] <... ioctl resumed>) = 0 [pid 5151] close(3) = 0 [pid 5151] mkdir("./bus", 0777 [pid 5152] <... write resumed>) = -1 EIO (Input/output error) [pid 5152] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5151] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5152] <... futex resumed>) = 1 [pid 5151] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5150] <... futex resumed>) = 0 [pid 5152] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5150] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5150] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5152] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5152] write(5, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5152] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5151] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5150] <... futex resumed>) = 0 [pid 5152] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5151] ioctl(6, LOOP_CLR_FD) = 0 [pid 5151] close(6) = 0 [pid 5151] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5150] exit_group(0 [pid 5151] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5150] <... exit_group resumed>) = ? [pid 5152] <... futex resumed>) = ? [pid 5151] <... futex resumed>) = ? [pid 5151] +++ exited with 0 +++ [pid 5152] +++ exited with 0 +++ [pid 5150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [ 60.124157][ T5151] loop0: detected capacity change from 0 to 512 [ 60.125190][ T5152] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 60.144996][ T5151] EXT4-fs (loop0): bad geometry: block count 3888436996 exceeds size of device (64 blocks) openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5153 attached , child_tidptr=0x5555559ad750) = 5153 [pid 5153] set_robust_list(0x5555559ad760, 24) = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5153] setpgid(0, 0) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5153] write(3, "1000", 4) = 4 [pid 5153] close(3) = 0 [pid 5153] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5153] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5153] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5153] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5153] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5153] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5154 attached => {parent_tid=[5154]}, 88) = 5154 [pid 5154] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053) = 0 [pid 5153] rt_sigprocmask(SIG_SETMASK, [], [pid 5154] set_robust_list(0x7f4227e729a0, 24 [pid 5153] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5154] <... set_robust_list resumed>) = 0 [pid 5153] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5154] rt_sigprocmask(SIG_SETMASK, [], [pid 5153] <... futex resumed>) = 0 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5154] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5154] memfd_create("syzkaller", 0 [pid 5153] <... mmap resumed>) = 0x7f4227e31000 [pid 5154] <... memfd_create resumed>) = 3 [pid 5153] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5153] <... mprotect resumed>) = 0 [pid 5154] <... mmap resumed>) = 0x7f421fa31000 [pid 5153] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5153] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5155 attached [pid 5155] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5155] set_robust_list(0x7f4227e519a0, 24 [pid 5153] <... clone3 resumed> => {parent_tid=[5155]}, 88) = 5155 [pid 5155] <... set_robust_list resumed>) = 0 [pid 5153] rt_sigprocmask(SIG_SETMASK, [], [pid 5155] rt_sigprocmask(SIG_SETMASK, [], [pid 5153] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5155] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5153] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5155] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5153] <... futex resumed>) = 0 [pid 5155] <... open resumed>) = 4 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5155] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5154] <... write resumed>) = 262144 [pid 5154] munmap(0x7f421fa31000, 138412032 [pid 5155] <... futex resumed>) = 1 [pid 5153] <... futex resumed>) = 0 [pid 5155] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5153] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5155] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5153] <... futex resumed>) = 0 [pid 5155] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5154] <... munmap resumed>) = 0 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5155] <... mount resumed>) = 0 [pid 5154] <... openat resumed>) = 5 [pid 5154] ioctl(5, LOOP_SET_FD, 3 [pid 5155] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5155] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5153] <... futex resumed>) = 0 [pid 5154] <... ioctl resumed>) = 0 [pid 5154] close(3 [pid 5153] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5154] <... close resumed>) = 0 [pid 5153] <... futex resumed>) = 1 [pid 5155] <... futex resumed>) = 0 [pid 5154] mkdir("./bus", 0777 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5155] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5154] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5154] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5155] <... open resumed>) = 3 [pid 5155] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5153] <... futex resumed>) = 0 [pid 5155] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5153] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5155] <... futex resumed>) = 0 [pid 5153] <... futex resumed>) = 1 [pid 5155] write(3, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5155] <... write resumed>) = 8 [pid 5155] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5153] <... futex resumed>) = 0 [pid 5155] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5153] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5155] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5153] <... futex resumed>) = 0 [pid 5155] write(3, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5153] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5155] <... write resumed>) = 1045 [pid 5155] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5153] <... futex resumed>) = 0 [pid 5155] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5154] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5154] ioctl(5, LOOP_CLR_FD) = 0 [pid 5154] close(5) = 0 [pid 5154] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5154] futex(0x7f4227f3e608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5153] exit_group(0 [pid 5155] <... futex resumed>) = ? [pid 5154] <... futex resumed>) = ? [pid 5153] <... exit_group resumed>) = ? [pid 5155] +++ exited with 0 +++ [pid 5154] +++ exited with 0 +++ [pid 5153] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [ 60.312110][ T5154] loop0: detected capacity change from 0 to 512 [ 60.330286][ T5154] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)! [ 60.341046][ T5154] EXT4-fs (loop0): group descriptors corrupted! openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5156 attached , child_tidptr=0x5555559ad750) = 5156 [pid 5156] set_robust_list(0x5555559ad760, 24) = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5156] write(3, "1000", 4) = 4 [pid 5156] close(3) = 0 [pid 5156] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5156] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5156] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5156] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5156] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5156] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5157 attached [pid 5157] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5156] <... clone3 resumed> => {parent_tid=[5157]}, 88) = 5157 [pid 5157] <... rseq resumed>) = 0 [pid 5156] rt_sigprocmask(SIG_SETMASK, [], [pid 5157] set_robust_list(0x7f4227e729a0, 24 [pid 5156] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5157] <... set_robust_list resumed>) = 0 [pid 5156] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] rt_sigprocmask(SIG_SETMASK, [], [pid 5156] <... futex resumed>) = 0 [pid 5157] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] memfd_create("syzkaller", 0 [pid 5156] <... futex resumed>) = 0 [pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e31000 [pid 5157] <... memfd_create resumed>) = 3 [pid 5156] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5156] <... mprotect resumed>) = 0 [pid 5157] <... mmap resumed>) = 0x7f421fa31000 [pid 5156] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5156] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5158 attached [pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5158] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5156] <... clone3 resumed> => {parent_tid=[5158]}, 88) = 5158 [pid 5156] rt_sigprocmask(SIG_SETMASK, [], [pid 5158] <... rseq resumed>) = 0 [pid 5156] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5158] set_robust_list(0x7f4227e519a0, 24 [pid 5156] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5158] <... set_robust_list resumed>) = 0 [pid 5156] <... futex resumed>) = 0 [pid 5158] rt_sigprocmask(SIG_SETMASK, [], [pid 5157] <... write resumed>) = 262144 [pid 5157] munmap(0x7f421fa31000, 138412032 [pid 5158] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5157] <... munmap resumed>) = 0 [pid 5158] <... open resumed>) = 4 [pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5158] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5157] <... openat resumed>) = 5 [pid 5156] <... futex resumed>) = 0 [pid 5158] <... futex resumed>) = 1 [pid 5157] ioctl(5, LOOP_SET_FD, 3 [pid 5156] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5158] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 [pid 5158] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5158] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL) = 0 [pid 5156] <... futex resumed>) = 1 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5156] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5158] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5156] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5158] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5156] <... futex resumed>) = 0 [pid 5158] <... open resumed>) = 6 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5156] <... futex resumed>) = 0 [pid 5156] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5158] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5156] <... futex resumed>) = 0 [pid 5157] <... ioctl resumed>) = 0 [pid 5157] close(3) = 0 [pid 5157] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5157] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5158] <... write resumed>) = -1 EIO (Input/output error) [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5156] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5156] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = 0 [pid 5158] <... futex resumed>) = 1 [pid 5156] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5158] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045) = 1045 [pid 5158] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5158] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5156] <... futex resumed>) = 0 [pid 5157] <... mount resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5157] ioctl(5, LOOP_CLR_FD) = 0 [pid 5157] close(5) = 0 [pid 5157] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5156] exit_group(0 [pid 5158] <... futex resumed>) = ? [pid 5157] <... futex resumed>) = ? [pid 5156] <... exit_group resumed>) = ? [pid 5157] +++ exited with 0 +++ [pid 5158] +++ exited with 0 +++ [pid 5156] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [ 60.515413][ T5157] loop0: detected capacity change from 0 to 512 [ 60.519221][ T5158] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 60.541431][ T5157] EXT4-fs error (device loop0): __ext4_get_inode_loc:4387: comm syz-executor311: Invalid inode table block 34 in block_group 0 [ 60.555012][ T5157] EXT4-fs (loop0): get root inode failed [ 60.560701][ T5157] EXT4-fs (loop0): mount failed openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5161 attached [pid 5161] set_robust_list(0x5555559ad760, 24) = 0 [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5161 [pid 5161] <... prctl resumed>) = 0 [pid 5161] setpgid(0, 0) = 0 [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5161] write(3, "1000", 4) = 4 [pid 5161] close(3) = 0 [pid 5161] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5161] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5161] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5161] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5161] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5161] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5161] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5162 attached [pid 5162] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5161] <... clone3 resumed> => {parent_tid=[5162]}, 88) = 5162 [pid 5162] <... rseq resumed>) = 0 [pid 5161] rt_sigprocmask(SIG_SETMASK, [], [pid 5162] set_robust_list(0x7f4227e729a0, 24 [pid 5161] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5162] <... set_robust_list resumed>) = 0 [pid 5162] rt_sigprocmask(SIG_SETMASK, [], [pid 5161] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5162] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5161] <... futex resumed>) = 0 [pid 5162] memfd_create("syzkaller", 0 [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5161] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5161] <... mmap resumed>) = 0x7f4227e31000 [pid 5162] <... mmap resumed>) = 0x7f421fa31000 [pid 5161] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5161] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5161] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0}./strace-static-x86_64: Process 5163 attached [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5163] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053 [pid 5161] <... clone3 resumed> => {parent_tid=[5163]}, 88) = 5163 [pid 5163] <... rseq resumed>) = 0 [pid 5163] set_robust_list(0x7f4227e519a0, 24 [pid 5161] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5163] <... set_robust_list resumed>) = 0 [pid 5162] <... write resumed>) = 262144 [pid 5161] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5163] rt_sigprocmask(SIG_SETMASK, [], [pid 5162] munmap(0x7f421fa31000, 138412032 [pid 5161] <... futex resumed>) = 0 [pid 5163] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5163] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5162] <... munmap resumed>) = 0 [pid 5163] <... open resumed>) = 4 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 5163] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5161] <... futex resumed>) = 0 [pid 5163] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5161] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5161] <... futex resumed>) = 0 [pid 5163] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5162] ioctl(5, LOOP_SET_FD, 3 [pid 5163] <... mount resumed>) = 0 [pid 5163] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5163] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5161] <... futex resumed>) = 0 [pid 5161] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5163] <... futex resumed>) = 0 [pid 5162] <... ioctl resumed>) = 0 [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5162] close(3 [pid 5163] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5162] <... close resumed>) = 0 [pid 5162] mkdir("./bus", 0777 [pid 5163] <... open resumed>) = 6 [pid 5162] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5162] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5163] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5161] <... futex resumed>) = 0 [pid 5163] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5161] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5163] <... write resumed>) = 8 [pid 5163] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5163] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5161] <... futex resumed>) = 0 [pid 5161] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5163] <... futex resumed>) = 0 [pid 5161] <... futex resumed>) = 1 [pid 5163] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5161] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5163] <... write resumed>) = 1045 [pid 5163] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5161] <... futex resumed>) = 0 [ 60.680536][ T5162] loop0: detected capacity change from 0 to 512 [ 60.714025][ T5162] EXT4-fs (loop0): 1 orphan inode deleted [pid 5163] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5162] <... mount resumed>) = -1 ENOTDIR (Not a directory) [pid 5162] ioctl(5, LOOP_CLR_FD) = 0 [pid 5162] close(5) = 0 [pid 5162] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5161] exit_group(0 [pid 5163] <... futex resumed>) = ? [pid 5161] <... exit_group resumed>) = ? [pid 5163] +++ exited with 0 +++ [pid 5162] +++ exited with 0 +++ [pid 5161] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 [ 60.719813][ T5162] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.732446][ T5162] ext4 filesystem being mounted at /root/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.746015][ T5162] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5167 attached [pid 5167] set_robust_list(0x5555559ad760, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555559ad750) = 5167 [pid 5167] <... set_robust_list resumed>) = 0 [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5167] setpgid(0, 0) = 0 [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5167] write(3, "1000", 4) = 4 [pid 5167] close(3) = 0 [pid 5167] futex(0x7f4227f3e60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5167] rt_sigaction(SIGRT_1, {sa_handler=0x7f4227ee3130, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4227e85790}, NULL, 8) = 0 [pid 5167] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4227e52000 [pid 5167] mprotect(0x7f4227e53000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5167] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5167] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e72990, parent_tid=0x7f4227e72990, exit_signal=0, stack=0x7f4227e52000, stack_size=0x20240, tls=0x7f4227e726c0}./strace-static-x86_64: Process 5168 attached [pid 5168] rseq(0x7f4227e72fe0, 0x20, 0, 0x53053053 [pid 5167] <... clone3 resumed> => {parent_tid=[5168]}, 88) = 5168 [pid 5168] <... rseq resumed>) = 0 [pid 5167] rt_sigprocmask(SIG_SETMASK, [], [pid 5168] set_robust_list(0x7f4227e729a0, 24 [pid 5167] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5168] <... set_robust_list resumed>) = 0 [pid 5167] futex(0x7f4227f3e608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5168] rt_sigprocmask(SIG_SETMASK, [], [pid 5167] <... futex resumed>) = 0 [pid 5168] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5168] memfd_create("syzkaller", 0 [pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5168] <... memfd_create resumed>) = 3 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5167] <... mmap resumed>) = 0x7f4227e31000 [pid 5168] <... mmap resumed>) = 0x7f421fa31000 [pid 5167] mprotect(0x7f4227e32000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5167] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5167] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4227e51990, parent_tid=0x7f4227e51990, exit_signal=0, stack=0x7f4227e31000, stack_size=0x20240, tls=0x7f4227e516c0} [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144./strace-static-x86_64: Process 5169 attached [pid 5169] rseq(0x7f4227e51fe0, 0x20, 0, 0x53053053) = 0 [pid 5169] set_robust_list(0x7f4227e519a0, 24) = 0 [pid 5168] <... write resumed>) = 262144 [pid 5167] <... clone3 resumed> => {parent_tid=[5169]}, 88) = 5169 [pid 5169] rt_sigprocmask(SIG_SETMASK, [], [pid 5168] munmap(0x7f421fa31000, 138412032 [pid 5169] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5167] rt_sigprocmask(SIG_SETMASK, [], [pid 5169] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5167] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] <... futex resumed>) = 0 [pid 5167] <... futex resumed>) = 1 [pid 5169] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOFOLLOW|O_NOATIME|O_CLOEXEC, 000 [pid 5168] <... munmap resumed>) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] <... open resumed>) = 4 [pid 5168] <... openat resumed>) = 5 [pid 5169] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5168] ioctl(5, LOOP_SET_FD, 3 [pid 5167] <... futex resumed>) = 0 [pid 5169] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5167] <... futex resumed>) = 0 [pid 5169] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] <... mount resumed>) = 0 [pid 5169] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5169] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5169] <... futex resumed>) = 0 [pid 5168] <... ioctl resumed>) = 0 [pid 5168] close(3 [pid 5169] open("./bus", O_RDWR|O_SYNC|O_NOATIME|0x3c [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5168] <... close resumed>) = 0 [pid 5168] mkdir("./bus", 0777 [pid 5169] <... open resumed>) = 6 [pid 5168] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5168] mount("/dev/loop0", "./bus", "ext4", MS_NOSYMFOLLOW|MS_NOATIME|MS_REC, ",errors=continue" [pid 5169] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5167] <... futex resumed>) = 0 [pid 5169] <... futex resumed>) = 1 [pid 5167] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] write(6, "\x31\x30\x30\x30\x30\x30\x30\x00", 8 [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] <... write resumed>) = 8 [pid 5169] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5169] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] <... futex resumed>) = 0 [pid 5167] futex(0x7f4227f3e618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5169] <... futex resumed>) = 0 [pid 5167] <... futex resumed>) = 1 [pid 5169] write(6, "\x23\x21\x20\x2e\x2f\x66\x69\x6c\x65\x31\x0a\x82\x6a\x3f\xc6\x7c\x3a\xab\x7d\x7e\x31\x38\xd5\xcc\x25\x19\xa6\xa8\xf7\xa0\x0b\xff\x3b\xee\x49\xbb\x93\x22\x1f\x4e\x80\x95\x34\x94\x23\x35\x8b\x24\xc3\x46\x99\x05\xf2\x81\x89\x7d\xc6\xe1\x7a\x55\x07\xba\x1b\x9e\x33\xcc\x8e\x4f\x28\xf6\xda\xe3\x4d\x29\x86\xca\x00\x9c\x79\xab\x46\x1e\x69\xfd\x74\xcc\xe8\xc9\xed\x5b\x91\x09\xf3\xfa\x42\xf4\x3d\x39\x82\xeb"..., 1045 [pid 5167] futex(0x7f4227f3e61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5169] <... write resumed>) = 1045 [pid 5169] futex(0x7f4227f3e61c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5169] futex(0x7f4227f3e618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5167] <... futex resumed>) = 0 [ 60.904223][ T5168] loop0: detected capacity change from 0 to 512 [ 60.931127][ T5168] ================================================================================ [ 60.940593][ T5168] UBSAN: shift-out-of-bounds in fs/ext4/super.c:4424:27 [ 60.947754][ T5168] shift exponent 59 is too large for 32-bit type 'int' [ 60.954692][ T5168] CPU: 0 PID: 5168 Comm: syz-executor311 Not tainted 6.7.0-rc6-syzkaller-00248-g5254c0cbc92d #0 [ 60.965103][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 60.975147][ T5168] Call Trace: [ 60.978417][ T5168] [ 60.981361][ T5168] dump_stack_lvl+0x1e7/0x2d0 [ 60.986050][ T5168] ? nf_tcp_handle_invalid+0x650/0x650 [ 60.991500][ T5168] ? panic+0x850/0x850 [ 60.995569][ T5168] __ubsan_handle_shift_out_of_bounds+0x3c3/0x420 [ 61.002008][ T5168] ext4_handle_clustersize+0x592/0x5c0 [ 61.007480][ T5168] ? ext4_hash_info_init+0x1ef/0x470 [ 61.012756][ T5168] ext4_fill_super+0x3b37/0x6d90 [ 61.017696][ T5168] ? ext4_parse_test_dummy_encryption+0xa0/0xa0 [ 61.023928][ T5168] ? __down_write_common+0x161/0x200 [ 61.029209][ T5168] ? clear_nonspinnable+0x60/0x60 [ 61.034230][ T5168] get_tree_bdev+0x416/0x5b0 [ 61.038825][ T5168] ? ext4_parse_test_dummy_encryption+0xa0/0xa0 [ 61.045072][ T5168] ? setup_bdev_super+0x630/0x630 [ 61.050078][ T5168] ? cap_capable+0x1b4/0x240 [ 61.054661][ T5168] ? bpf_lsm_capable+0x9/0x10 [ 61.059324][ T5168] vfs_get_tree+0x8c/0x2a0 [ 61.063731][ T5168] do_new_mount+0x28f/0xae0 [ 61.068225][ T5168] ? do_move_mount_old+0x170/0x170 [ 61.073339][ T5168] __se_sys_mount+0x2d9/0x3c0 [ 61.078005][ T5168] ? __x64_sys_mount+0xc0/0xc0 [ 61.082771][ T5168] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 61.088758][ T5168] ? syscall_enter_from_user_mode+0xf5/0x2d0 [ 61.094734][ T5168] ? __x64_sys_mount+0x20/0xc0 [ 61.099516][ T5168] do_syscall_64+0x45/0x110 [ 61.104017][ T5168] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 61.109906][ T5168] RIP: 0033:0x7f4227ebeb9a [ 61.114307][ T5168] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 3e 07 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 61.133899][ T5168] RSP: 002b:00007f4227e71fd8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 61.142300][ T5168] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f4227ebeb9a [ 61.150266][ T5168] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f4227e71ff0 [ 61.158230][ T5168] RBP: 00007f4227e71ff0 R08: 00007f4227e72030 R09: 00000000000004d6 [ 61.166189][ T5168] R10: 0000000000004500 R11: 0000000000000206 R12: 00007f4227e72030 [ 61.174148][ T5168] R13: 0000000000004500 R14: 0000000000000003 R15: 0000000000040000 [ 61.182117][ T5168] [ 61.185287][ T5168] ================================================================================ [ 61.196148][ T5168] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 61.203357][ T5168] CPU: 0 PID: 5168 Comm: syz-executor311 Not tainted 6.7.0-rc6-syzkaller-00248-g5254c0cbc92d #0 [ 61.213762][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 61.223807][ T5168] Call Trace: [ 61.227077][ T5168] [ 61.230000][ T5168] dump_stack_lvl+0x1e7/0x2d0 [ 61.234679][ T5168] ? nf_tcp_handle_invalid+0x650/0x650 [ 61.240133][ T5168] ? panic+0x850/0x850 [ 61.244191][ T5168] ? vprintk_emit+0x607/0x720 [ 61.248868][ T5168] ? vscnprintf+0x5d/0x80 [ 61.253192][ T5168] panic+0x349/0x850 [ 61.257082][ T5168] ? check_panic_on_warn+0x21/0xa0 [ 61.262194][ T5168] ? __memcpy_flushcache+0x2b0/0x2b0 [ 61.267468][ T5168] ? _printk+0xd5/0x120 [ 61.271617][ T5168] ? panic+0x850/0x850 [ 61.275682][ T5168] check_panic_on_warn+0x82/0xa0 [ 61.280614][ T5168] __ubsan_handle_shift_out_of_bounds+0x3e2/0x420 [ 61.287034][ T5168] ext4_handle_clustersize+0x592/0x5c0 [ 61.292491][ T5168] ? ext4_hash_info_init+0x1ef/0x470 [ 61.297777][ T5168] ext4_fill_super+0x3b37/0x6d90 [ 61.302728][ T5168] ? ext4_parse_test_dummy_encryption+0xa0/0xa0 [ 61.308967][ T5168] ? __down_write_common+0x161/0x200 [ 61.314247][ T5168] ? clear_nonspinnable+0x60/0x60 [ 61.319268][ T5168] get_tree_bdev+0x416/0x5b0 [ 61.323851][ T5168] ? ext4_parse_test_dummy_encryption+0xa0/0xa0 [ 61.330085][ T5168] ? setup_bdev_super+0x630/0x630 [ 61.335100][ T5168] ? cap_capable+0x1b4/0x240 [ 61.339692][ T5168] ? bpf_lsm_capable+0x9/0x10 [ 61.344364][ T5168] vfs_get_tree+0x8c/0x2a0 [ 61.348796][ T5168] do_new_mount+0x28f/0xae0 [ 61.353296][ T5168] ? do_move_mount_old+0x170/0x170 [ 61.358407][ T5168] __se_sys_mount+0x2d9/0x3c0 [ 61.363080][ T5168] ? __x64_sys_mount+0xc0/0xc0 [ 61.367923][ T5168] ? syscall_enter_from_user_mode+0xa4/0x2d0 [ 61.373897][ T5168] ? syscall_enter_from_user_mode+0xf5/0x2d0 [ 61.379867][ T5168] ? __x64_sys_mount+0x20/0xc0 [ 61.384625][ T5168] do_syscall_64+0x45/0x110 [ 61.389125][ T5168] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 61.395015][ T5168] RIP: 0033:0x7f4227ebeb9a [ 61.399424][ T5168] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 3e 07 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 61.419039][ T5168] RSP: 002b:00007f4227e71fd8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 61.427470][ T5168] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f4227ebeb9a [ 61.435448][ T5168] RDX: 0000000020000040 RSI: 0000000020000080 RDI: 00007f4227e71ff0 [ 61.443418][ T5168] RBP: 00007f4227e71ff0 R08: 00007f4227e72030 R09: 00000000000004d6 [ 61.451384][ T5168] R10: 0000000000004500 R11: 0000000000000206 R12: 00007f4227e72030 [ 61.459353][ T5168] R13: 0000000000004500 R14: 0000000000000003 R15: 0000000000040000 [ 61.467332][ T5168] [ 61.470540][ T5168] Kernel Offset: disabled [ 61.474991][ T5168] Rebooting in 86400 seconds..