./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2396949849 <...> Warning: Permanently added '10.128.0.85' (ED25519) to the list of known hosts. execve("./syz-executor2396949849", ["./syz-executor2396949849"], 0x7ffeaefbf990 /* 10 vars */) = 0 brk(NULL) = 0x55556adb1000 brk(0x55556adb1d00) = 0x55556adb1d00 arch_prctl(ARCH_SET_FS, 0x55556adb1380) = 0 set_tid_address(0x55556adb1650) = 5849 set_robust_list(0x55556adb1660, 24) = 0 rseq(0x55556adb1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2396949849", 4096) = 28 getrandom("\x81\x8e\xa5\x0b\xd6\xdf\xeb\x12", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556adb1d00 brk(0x55556add2d00) = 0x55556add2d00 brk(0x55556add3000) = 0x55556add3000 mprotect(0x7f2e60cad000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 mkdir("./syzkaller.GmCibC", 0700) = 0 chmod("./syzkaller.GmCibC", 0777) = 0 chdir("./syzkaller.GmCibC") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x55556adb1660, 24) = 0 [pid 5850] chdir("./0" [pid 5849] <... clone resumed>, child_tidptr=0x55556adb1650) = 5850 [pid 5850] <... chdir resumed>) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5850] write(1, "executing program\n", 18executing program ) = 18 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2e58600000 [pid 5850] write(3, "\x68\x73\x71\x73\x07\x00\x00\x00\xfd\xf1\x7c\x63\x00\x00\x10\x00\x00\x00\x00\x00\x04\x00\x14\x00\xd1\xe1\x01\x00\x04\x00\x00\x00\x1f\x01\x00\x00\x00\x00\x00\x00\x64\x03\x00\x00\x00\x00\x00\x00\x08\x03\x00\x00\x00\x00\x00\x00\x4c\x03\x00\x00\x00\x00\x00\x00\x06\x01\x00\x00\x00\x00\x00\x00\x47\x02\x00\x00\x00\x00\x00\x00\xc0\x02\x00\x00\x00\x00\x00\x00\xfa\x02\x00\x00\x00\x00\x00\x00\xfd\x37\x7a\x58"..., 4096) = 4096 [pid 5850] munmap(0x7f2e58600000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5850] close(4) = 0 [pid 5850] mkdir("./file0", 0777) = 0 [ 178.886034][ T5850] loop0: detected capacity change from 0 to 8 [pid 5850] mount("/dev/loop0", "./file0", "squashfs", MS_SYNCHRONOUS, "") = 0 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./file0") = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] open("./file2", O_RDONLY [pid 5849] kill(-5850, SIGKILL) = 0 [pid 5849] kill(5850, SIGKILL [pid 5850] <... open resumed>) = ? [pid 5849] <... kill resumed>) = 0 [pid 5850] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5850, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=4 /* 0.04 s */} --- umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x55556adb26f0 /* 4 entries */, 32768) = 112 [ 183.828604][ T30] audit: type=1800 audit(1747662138.211:2): pid=5850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor239" name="file2" dev="loop0" ino=6 res=0 errno=0 [ 429.143170][ T31] INFO: task syz-executor239:5849 blocked for more than 143 seconds. [ 429.151275][ T31] Not tainted 6.15.0-rc7-syzkaller #0 [ 429.157580][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 429.166437][ T31] task:syz-executor239 state:D stack:25272 pid:5849 tgid:5849 ppid:5846 task_flags:0x400100 flags:0x00004002 [ 429.178492][ T31] Call Trace: [ 429.181779][ T31] [ 429.184760][ T31] __schedule+0x16e2/0x4cd0 [ 429.189326][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.195017][ T31] ? schedule+0x165/0x360 [ 429.199368][ T31] ? __lock_acquire+0xaac/0xd20 [ 429.204268][ T31] ? __pfx___schedule+0x10/0x10 [ 429.209150][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.214867][ T31] ? schedule+0x91/0x360 [ 429.219137][ T31] schedule+0x165/0x360 [ 429.223382][ T31] io_schedule+0x81/0xe0 [ 429.227656][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 429.233045][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 429.238889][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 429.244512][ T31] ? folios_put_refs+0x559/0x640 [ 429.249476][ T31] ? __pfx_find_lock_entries+0x10/0x10 [ 429.255123][ T31] __filemap_get_folio+0x139/0xaf0 [ 429.260257][ T31] truncate_inode_pages_range+0x3ed/0xda0 [ 429.266044][ T31] ? evict+0x847/0x9c0 [ 429.270139][ T31] ? evict_inodes+0x636/0x6c0 [ 429.274908][ T31] ? generic_shutdown_super+0x9a/0x2c0 [ 429.280401][ T31] ? kill_block_super+0x44/0x90 [ 429.285323][ T31] ? deactivate_locked_super+0xbc/0x130 [ 429.290890][ T31] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 429.297216][ T31] ? syscall_exit_to_user_mode+0x12/0x120 [ 429.303035][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.308666][ T31] ? __lock_acquire+0xaac/0xd20 [ 429.313634][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 429.318876][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 429.324135][ T31] evict+0x517/0x9c0 [ 429.328054][ T31] ? __pfx_evict+0x10/0x10 [ 429.332466][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.338170][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.343863][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 429.349062][ T31] evict_inodes+0x636/0x6c0 [ 429.353695][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.359359][ T31] ? __pfx_evict_inodes+0x10/0x10 [ 429.364464][ T31] generic_shutdown_super+0x9a/0x2c0 [ 429.369765][ T31] kill_block_super+0x44/0x90 [ 429.374529][ T31] deactivate_locked_super+0xbc/0x130 [ 429.379952][ T31] cleanup_mnt+0x425/0x4c0 [ 429.384439][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.390114][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 429.395379][ T31] task_work_run+0x1d4/0x260 [ 429.400087][ T31] ? __pfx_task_work_run+0x10/0x10 [ 429.405251][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.410905][ T31] ? path_umount+0x249/0xf70 [ 429.415575][ T31] ptrace_notify+0x281/0x2c0 [ 429.420216][ T31] ? __pfx_ptrace_notify+0x10/0x10 [ 429.425400][ T31] ? __pfx_path_umount+0x10/0x10 [ 429.430351][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.436086][ T31] syscall_exit_work+0xc2/0x1d0 [ 429.440973][ T31] syscall_exit_to_user_mode_prepare+0x6f/0xe0 [ 429.447212][ T31] syscall_exit_to_user_mode+0x12/0x120 [ 429.452785][ T31] do_syscall_64+0x103/0x210 [ 429.457439][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.463186][ T31] ? exc_page_fault+0x91/0x110 [ 429.467977][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.473983][ T31] RIP: 0033:0x7f2e60c39447 [ 429.478412][ T31] RSP: 002b:00007ffd14c5c7b8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 429.486924][ T31] RAX: 0000000000000000 RBX: 0000000000000062 RCX: 00007f2e60c39447 [ 429.494976][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd14c5c870 [ 429.503003][ T31] RBP: 00007ffd14c5c870 R08: 0000000000000000 R09: 0000000000000000 [ 429.510999][ T31] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffd14c5d8e0 [ 429.519027][ T31] R13: 000055556adb26c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 429.527051][ T31] [ 429.530066][ T31] [ 429.530066][ T31] Showing all locks held in the system: [ 429.537970][ T31] 1 lock held by khungtaskd/31: [ 429.542836][ T31] #0: ffffffff8df3dee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 429.552829][ T31] 2 locks held by getty/5584: [ 429.557601][ T31] #0: ffff88803019b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 429.567495][ T31] #1: ffffc900030062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 429.577732][ T31] 1 lock held by syz-executor239/5849: [ 429.583252][ T31] #0: ffff8880112520e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 429.593541][ T31] [ 429.595868][ T31] ============================================= [ 429.595868][ T31] [ 429.604309][ T31] NMI backtrace for cpu 1 [ 429.604325][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 429.604352][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 429.604366][ T31] Call Trace: [ 429.604375][ T31] [ 429.604385][ T31] dump_stack_lvl+0x189/0x250 [ 429.604421][ T31] ? __wake_up_klogd+0xd9/0x110 [ 429.604451][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.604482][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 429.604519][ T31] ? __pfx__printk+0x10/0x10 [ 429.604567][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 429.604599][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 429.604623][ T31] ? _printk+0xcf/0x120 [ 429.604653][ T31] ? __pfx__printk+0x10/0x10 [ 429.604680][ T31] ? debug_show_all_locks+0x2e/0x180 [ 429.604716][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 429.604745][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 429.604775][ T31] watchdog+0xfee/0x1030 [ 429.604810][ T31] ? watchdog+0x1de/0x1030 [ 429.604852][ T31] kthread+0x711/0x8a0 [ 429.604887][ T31] ? __pfx_watchdog+0x10/0x10 [ 429.604917][ T31] ? __pfx_kthread+0x10/0x10 [ 429.604947][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.604977][ T31] ? __pfx_kthread+0x10/0x10 [ 429.605007][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 429.605035][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.605063][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 429.605095][ T31] ? __pfx_kthread+0x10/0x10 [ 429.605125][ T31] ret_from_fork+0x4e/0x80 [ 429.605151][ T31] ? __pfx_kthread+0x10/0x10 [ 429.605180][ T31] ret_from_fork_asm+0x1a/0x30 [ 429.605223][ T31] [ 429.605232][ T31] Sending NMI from CPU 1 to CPUs 0: [ 429.772321][ C0] NMI backtrace for cpu 0 [ 429.772344][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 429.772369][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 429.772382][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 429.772416][ C0] Code: ee bd b9 f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 63 8f 11 00 f3 0f 1e fa fb f4 c3 bd b9 f5 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 429.772434][ C0] RSP: 0018:ffffffff8dc07d80 EFLAGS: 00000286 [ 429.772454][ C0] RAX: b67261d4854f9c00 RBX: ffffffff81977108 RCX: b67261d4854f9c00 [ 429.772472][ C0] RDX: 0000000000000001 RSI: ffffffff8d74e096 RDI: ffffffff8bc1f300 [ 429.772488][ C0] RBP: ffffffff8dc07ec0 R08: ffff8880b8832b5b R09: 1ffff1101710656b [ 429.772505][ C0] R10: dffffc0000000000 R11: ffffed101710656c R12: ffffffff8f7f3370 [ 429.772522][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1b92a48 [ 429.772539][ C0] FS: 0000000000000000(0000) GS:ffff8881260c2000(0000) knlGS:0000000000000000 [ 429.772557][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 429.772572][ C0] CR2: 000055f6f4e5e660 CR3: 000000000dd38000 CR4: 0000000000350ef0 [ 429.772589][ C0] Call Trace: [ 429.772599][ C0] [ 429.772607][ C0] default_idle+0x13/0x20 [ 429.772639][ C0] default_idle_call+0x74/0xb0 [ 429.772673][ C0] do_idle+0x1e8/0x510 [ 429.772697][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.772726][ C0] ? __pfx_do_idle+0x10/0x10 [ 429.772745][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 429.772772][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.772806][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 429.772832][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 429.772866][ C0] cpu_startup_entry+0x44/0x60 [ 429.772892][ C0] rest_init+0x2de/0x300 [ 429.772914][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 429.772944][ C0] start_kernel+0x470/0x4f0 [ 429.772979][ C0] x86_64_start_reservations+0x2a/0x30 [ 429.773004][ C0] x86_64_start_kernel+0x66/0x70 [ 429.773026][ C0] common_startup_64+0x13e/0x147 [ 429.773071][ C0] [ 429.773302][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 429.773318][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) [ 429.773345][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 429.773360][ T31] Call Trace: [ 429.773370][ T31] [ 429.773380][ T31] dump_stack_lvl+0x99/0x250 [ 429.773417][ T31] ? __asan_memcpy+0x40/0x70 [ 429.773444][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 429.773479][ T31] ? __pfx__printk+0x10/0x10 [ 429.773512][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.773552][ T31] panic+0x2db/0x790 [ 429.773592][ T31] ? __pfx_panic+0x10/0x10 [ 429.773623][ T31] ? tick_nohz_tick_stopped+0x86/0xb0 [ 429.773649][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.773682][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.773709][ T31] ? irq_work_queue+0xbc/0x140 [ 429.773745][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.773778][ T31] watchdog+0x102d/0x1030 [ 429.773812][ T31] ? watchdog+0x1de/0x1030 [ 429.773852][ T31] kthread+0x711/0x8a0 [ 429.773887][ T31] ? __pfx_watchdog+0x10/0x10 [ 429.773917][ T31] ? __pfx_kthread+0x10/0x10 [ 429.773945][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.773975][ T31] ? __pfx_kthread+0x10/0x10 [ 429.774003][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 429.774030][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 429.774057][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 429.774089][ T31] ? __pfx_kthread+0x10/0x10 [ 429.774117][ T31] ret_from_fork+0x4e/0x80 [ 429.774143][ T31] ? __pfx_kthread+0x10/0x10 [ 429.774172][ T31] ret_from_fork_asm+0x1a/0x30 [ 429.774213][ T31] [ 430.143949][ T31] Kernel Offset: disabled [ 430.148265][ T31] Rebooting in 86400 seconds..