./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2381274372 <...> Warning: Permanently added '10.128.1.143' (ED25519) to the list of known hosts. execve("./syz-executor2381274372", ["./syz-executor2381274372"], 0x7ffcda2a7a20 /* 10 vars */) = 0 brk(NULL) = 0x555592a89000 brk(0x555592a89d40) = 0x555592a89d40 arch_prctl(ARCH_SET_FS, 0x555592a893c0) = 0 set_tid_address(0x555592a89690) = 5835 set_robust_list(0x555592a896a0, 24) = 0 rseq(0x555592a89ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2381274372", 4096) = 28 getrandom("\x64\xfa\xc4\xed\x6e\xa3\xcc\xa0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555592a89d40 brk(0x555592aaad40) = 0x555592aaad40 brk(0x555592aab000) = 0x555592aab000 mprotect(0x7fee0c1ea000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached [pid 5836] set_robust_list(0x555592a896a0, 24 [pid 5835] <... clone resumed>, child_tidptr=0x555592a89690) = 5836 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached [pid 5836] mkdir("./syzkaller.VhEgnR", 0700 [pid 5835] <... clone resumed>, child_tidptr=0x555592a89690) = 5837 [pid 5837] set_robust_list(0x555592a896a0, 24 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] <... set_robust_list resumed>) = 0 [pid 5837] mkdir("./syzkaller.YZWEN0", 0700./strace-static-x86_64: Process 5838 attached [pid 5835] <... clone resumed>, child_tidptr=0x555592a89690) = 5838 [pid 5838] set_robust_list(0x555592a896a0, 24 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... mkdir resumed>) = 0 [pid 5836] chmod("./syzkaller.VhEgnR", 0777) = 0 [pid 5836] chdir("./syzkaller.VhEgnR"./strace-static-x86_64: Process 5839 attached [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... mkdir resumed>) = 0 [pid 5835] <... clone resumed>, child_tidptr=0x555592a89690) = 5839 [pid 5839] set_robust_list(0x555592a896a0, 24 [pid 5837] chmod("./syzkaller.YZWEN0", 0777 [pid 5836] <... chdir resumed>) = 0 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... set_robust_list resumed>) = 0 [pid 5838] mkdir("./syzkaller.35P9yO", 0700 [pid 5837] <... chmod resumed>) = 0 [pid 5839] mkdir("./syzkaller.g8f2SX", 0700 [pid 5836] mkdir("./0", 0777 [pid 5837] chdir("./syzkaller.YZWEN0") = 0 ./strace-static-x86_64: Process 5840 attached [pid 5837] mkdir("./0", 0777 [pid 5839] <... mkdir resumed>) = 0 [pid 5840] set_robust_list(0x555592a896a0, 24 [pid 5838] <... mkdir resumed>) = 0 [pid 5837] <... mkdir resumed>) = 0 [pid 5836] <... mkdir resumed>) = 0 [pid 5835] <... clone resumed>, child_tidptr=0x555592a89690) = 5840 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] chmod("./syzkaller.g8f2SX", 0777 [pid 5837] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5838] chmod("./syzkaller.35P9yO", 0777 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5839] <... chmod resumed>) = 0 [pid 5838] <... chmod resumed>) = 0 [pid 5837] <... openat resumed>) = 3 [pid 5836] <... openat resumed>) = 3 [pid 5840] mkdir("./syzkaller.L9PwkL", 0700 [pid 5836] ioctl(3, LOOP_CLR_FD [pid 5839] chdir("./syzkaller.g8f2SX" [pid 5838] chdir("./syzkaller.35P9yO" [pid 5836] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5839] <... chdir resumed>) = 0 [pid 5838] <... chdir resumed>) = 0 [pid 5838] mkdir("./0", 0777 [pid 5840] <... mkdir resumed>) = 0 [pid 5839] mkdir("./0", 0777 [pid 5837] ioctl(3, LOOP_CLR_FD [pid 5836] close(3 [pid 5840] chmod("./syzkaller.L9PwkL", 0777) = 0 [pid 5839] <... mkdir resumed>) = 0 [pid 5838] <... mkdir resumed>) = 0 [pid 5837] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5840] chdir("./syzkaller.L9PwkL") = 0 [pid 5840] mkdir("./0", 0777) = 0 [pid 5837] close(3 [pid 5836] <... close resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5837] <... close resumed>) = 0 [pid 5839] ioctl(3, LOOP_CLR_FD [pid 5837] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5841 attached [pid 5840] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5838] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] set_robust_list(0x555592a896a0, 24 [pid 5838] <... openat resumed>) = 3 [pid 5837] <... clone resumed>, child_tidptr=0x555592a89690) = 5841 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5838] ioctl(3, LOOP_CLR_FD [pid 5841] chdir("./0") = 0 [pid 5838] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] close(3 [pid 5841] setpgid(0, 0 [pid 5838] <... close resumed>) = 0 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] <... setpgid resumed>) = 0 [pid 5840] <... openat resumed>) = 3 [pid 5839] close(3 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5843 attached ./strace-static-x86_64: Process 5842 attached ) = 3 [pid 5840] ioctl(3, LOOP_CLR_FD [pid 5839] <... close resumed>) = 0 [pid 5842] set_robust_list(0x555592a896a0, 24 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... clone resumed>, child_tidptr=0x555592a89690) = 5843 [pid 5843] set_robust_list(0x555592a896a0, 24 [pid 5841] write(3, "1000", 4 [pid 5840] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5838] <... clone resumed>, child_tidptr=0x555592a89690) = 5842 ./strace-static-x86_64: Process 5844 attached [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... write resumed>) = 4 [pid 5840] close(3 [pid 5844] set_robust_list(0x555592a896a0, 24 [pid 5843] chdir("./0" [pid 5842] chdir("./0" [pid 5841] close(3 [pid 5840] <... close resumed>) = 0 [pid 5839] <... clone resumed>, child_tidptr=0x555592a89690) = 5844 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5843] <... chdir resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5845 attached [pid 5844] chdir("./0" [pid 5843] <... prctl resumed>) = 0 [pid 5841] <... symlink resumed>) = 0 [pid 5844] <... chdir resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5840] <... clone resumed>, child_tidptr=0x555592a89690) = 5845 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] set_robust_list(0x555592a896a0, 24 [pid 5844] <... prctl resumed>) = 0 [pid 5843] setpgid(0, 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] setpgid(0, 0 [pid 5843] <... setpgid resumed>) = 0 executing program [pid 5842] <... prctl resumed>) = 0 [pid 5841] write(1, "executing program\n", 18 [pid 5845] chdir("./0" [pid 5844] <... setpgid resumed>) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] setpgid(0, 0 [pid 5841] <... write resumed>) = 18 [pid 5845] <... chdir resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... openat resumed>) = 3 [pid 5841] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] <... futex resumed>) = 0 [pid 5845] <... prctl resumed>) = 0 [pid 5843] write(3, "1000", 4 [pid 5842] <... setpgid resumed>) = 0 [pid 5841] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c185020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c1761d0}, [pid 5845] setpgid(0, 0 [pid 5843] <... write resumed>) = 4 [pid 5841] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5845] <... setpgid resumed>) = 0 [pid 5843] close(3 [pid 5841] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5844] <... openat resumed>) = 3 [pid 5843] <... close resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... openat resumed>) = 3 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5842] <... openat resumed>) = 3 [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5845] write(3, "1000", 4 [pid 5843] <... symlink resumed>) = 0 [pid 5841] <... mmap resumed>) = 0x7fee0c0f5000 [pid 5845] <... write resumed>) = 4 [pid 5841] mprotect(0x7fee0c0f6000, 131072, PROT_READ|PROT_WRITE [pid 5845] close(3 [pid 5841] <... mprotect resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5843] write(1, "executing program\n", 18executing program [pid 5845] <... symlink resumed>) = 0 [pid 5844] write(3, "1000", 4 [pid 5843] <... write resumed>) = 18 [pid 5842] write(3, "1000", 4 [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5844] <... write resumed>) = 4 [pid 5842] <... write resumed>) = 4 [pid 5844] close(3 [pid 5842] close(3 [pid 5844] <... close resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5842] symlink("/dev/binderfs", "./binderfs"executing program [pid 5845] write(1, "executing program\n", 18 [pid 5844] <... symlink resumed>) = 0 [pid 5843] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5845] <... write resumed>) = 18 [pid 5844] write(1, "executing program\n", 18 [pid 5843] <... futex resumed>) = 0 [pid 5842] <... symlink resumed>) = 0 [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c115990, parent_tid=0x7fee0c115990, exit_signal=0, stack=0x7fee0c0f5000, stack_size=0x20300, tls=0x7fee0c1156c0} [pid 5845] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c185020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c1761d0}, ./strace-static-x86_64: Process 5847 attached [pid 5845] <... futex resumed>) = 0 [pid 5843] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5841] <... clone3 resumed> => {parent_tid=[5847]}, 88) = 5847 executing program [pid 5847] rseq(0x7fee0c115fe0, 0x20, 0, 0x53053053 [pid 5845] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c185020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c1761d0}, [pid 5843] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] <... rseq resumed>) = 0 [pid 5845] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5844] <... write resumed>) = 18 [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] write(1, "executing program\n", 18 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] set_robust_list(0x7fee0c1159a0, 24 [pid 5845] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5841] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... mmap resumed>) = 0x7fee0c0f5000 [pid 5841] <... futex resumed>) = 0 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program [pid 5843] mprotect(0x7fee0c0f6000, 131072, PROT_READ|PROT_WRITE [pid 5841] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... mmap resumed>) = 0x7fee0c0f5000 [pid 5844] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... mprotect resumed>) = 0 [pid 5842] <... write resumed>) = 18 [pid 5844] <... futex resumed>) = 0 [pid 5847] memfd_create("syzkaller", 0 [pid 5845] mprotect(0x7fee0c0f6000, 131072, PROT_READ|PROT_WRITE [pid 5844] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c185020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c1761d0}, [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5842] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5842] <... futex resumed>) = 0 [pid 5844] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5847] <... memfd_create resumed>) = 3 [pid 5845] <... mprotect resumed>) = 0 [pid 5844] <... mmap resumed>) = 0x7fee0c0f5000 [pid 5843] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5844] mprotect(0x7fee0c0f6000, 131072, PROT_READ|PROT_WRITE [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c115990, parent_tid=0x7fee0c115990, exit_signal=0, stack=0x7fee0c0f5000, stack_size=0x20300, tls=0x7fee0c1156c0}./strace-static-x86_64: Process 5848 attached [pid 5847] <... mmap resumed>) = 0x7fee03c00000 [pid 5845] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5844] <... mprotect resumed>) = 0 [pid 5842] rt_sigaction(SIGRT_1, {sa_handler=0x7fee0c185020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fee0c1761d0}, [pid 5848] rseq(0x7fee0c115fe0, 0x20, 0, 0x53053053 [pid 5847] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c115990, parent_tid=0x7fee0c115990, exit_signal=0, stack=0x7fee0c0f5000, stack_size=0x20300, tls=0x7fee0c1156c0} [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5843] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848 [pid 5842] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5848] <... rseq resumed>) = 0 [pid 5844] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5842] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c115990, parent_tid=0x7fee0c115990, exit_signal=0, stack=0x7fee0c0f5000, stack_size=0x20300, tls=0x7fee0c1156c0} [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5849 attached ./strace-static-x86_64: Process 5850 attached [pid 5848] set_robust_list(0x7fee0c1159a0, 24 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5849] rseq(0x7fee0c115fe0, 0x20, 0, 0x53053053 [pid 5844] <... clone3 resumed> => {parent_tid=[5849]}, 88) = 5849 [pid 5842] <... mmap resumed>) = 0x7fee0c0f5000 [pid 5850] rseq(0x7fee0c115fe0, 0x20, 0, 0x53053053 [pid 5849] <... rseq resumed>) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] mprotect(0x7fee0c0f6000, 131072, PROT_READ|PROT_WRITE [pid 5850] <... rseq resumed>) = 0 [pid 5849] set_robust_list(0x7fee0c1159a0, 24 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] set_robust_list(0x7fee0c1159a0, 24 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5844] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... mprotect resumed>) = 0 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] <... futex resumed>) = 0 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5847] <... write resumed>) = 65536 [pid 5845] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850 [pid 5844] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] futex(0x7fee0c1f06c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] memfd_create("syzkaller", 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] munmap(0x7fee03c00000, 138412032 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5849] <... memfd_create resumed>) = 3 [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] <... munmap resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... futex resumed>) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c115990, parent_tid=0x7fee0c115990, exit_signal=0, stack=0x7fee0c0f5000, stack_size=0x20300, tls=0x7fee0c1156c0} [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5848] memfd_create("syzkaller", 0 [pid 5845] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5851 attached [pid 5850] <... futex resumed>) = 0 [pid 5849] <... mmap resumed>) = 0x7fee03c00000 [pid 5848] <... memfd_create resumed>) = 3 [pid 5847] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5845] <... futex resumed>) = 1 [pid 5851] rseq(0x7fee0c115fe0, 0x20, 0, 0x53053053 [pid 5850] memfd_create("syzkaller", 0 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5847] <... openat resumed>) = 4 [pid 5845] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5848] <... mmap resumed>) = 0x7fee03c00000 [pid 5847] ioctl(4, LOOP_SET_FD, 3 [pid 5851] <... rseq resumed>) = 0 [pid 5850] <... memfd_create resumed>) = 3 [pid 5849] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5848] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5842] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5851] set_robust_list(0x7fee0c1159a0, 24 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5850] <... mmap resumed>) = 0x7fee03c00000 [pid 5849] <... write resumed>) = 65536 [pid 5848] <... write resumed>) = 65536 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5848] munmap(0x7fee03c00000, 138412032 [pid 5842] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5848] <... munmap resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5850] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5849] munmap(0x7fee03c00000, 138412032 [pid 5848] <... openat resumed>) = 4 [pid 5851] memfd_create("syzkaller", 0 [pid 5848] ioctl(4, LOOP_SET_FD, 3 [pid 5851] <... memfd_create resumed>) = 3 [pid 5850] <... write resumed>) = 65536 [pid 5849] <... munmap resumed>) = 0 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5850] munmap(0x7fee03c00000, 138412032 [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5851] <... mmap resumed>) = 0x7fee03c00000 [pid 5850] <... munmap resumed>) = 0 [pid 5847] <... ioctl resumed>) = 0 [pid 5847] close(3) = 0 [pid 5847] close(4 [pid 5851] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5847] <... close resumed>) = 0 [pid 5847] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5849] <... openat resumed>) = 4 [pid 5847] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5848] <... ioctl resumed>) = 0 [pid 5851] <... write resumed>) = 65536 [pid 5850] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5847] <... mount resumed>) = 0 [pid 5851] munmap(0x7fee03c00000, 138412032 [ 127.332189][ T5847] loop1: detected capacity change from 0 to 128 [ 127.343941][ T5848] loop0: detected capacity change from 0 to 128 [pid 5848] close(3) = 0 [pid 5850] <... openat resumed>) = 4 [pid 5848] close(4 [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5847] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5851] <... munmap resumed>) = 0 [pid 5848] <... close resumed>) = 0 [pid 5848] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5848] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5847] <... openat resumed>) = 3 [pid 5851] <... openat resumed>) = 4 [pid 5847] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5847] <... chdir resumed>) = 0 [pid 5847] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5847] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5847] futex(0x7fee0c1f06c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5848] <... mount resumed>) = 0 [pid 5841] <... futex resumed>) = 0 [pid 5848] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5841] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] <... openat resumed>) = 3 [pid 5847] <... futex resumed>) = 0 [pid 5841] <... futex resumed>) = 1 [pid 5848] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5847] open(".", O_RDONLY [pid 5841] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5848] <... chdir resumed>) = 0 [pid 5847] <... open resumed>) = 4 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5847] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5847] <... futex resumed>) = 1 [pid 5841] <... futex resumed>) = 0 [pid 5848] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] rename("./file1", "./file0/file0" [pid 5841] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] <... ioctl resumed>) = 0 [pid 5849] <... ioctl resumed>) = 0 [pid 5848] <... futex resumed>) = 1 [pid 5841] <... futex resumed>) = 0 [pid 5849] close(3) = 0 [pid 5851] close(3 [pid 5849] close(4 [pid 5848] futex(0x7fee0c1f06c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5841] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... close resumed>) = 0 [pid 5849] <... close resumed>) = 0 [pid 5851] close(4 [pid 5849] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5851] <... close resumed>) = 0 [pid 5843] <... futex resumed>) = 0 [pid 5843] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... mkdir resumed>) = 0 [ 127.373918][ T5849] loop3: detected capacity change from 0 to 128 [ 127.376435][ T5850] loop4: detected capacity change from 0 to 128 [ 127.393047][ T5851] loop2: detected capacity change from 0 to 128 [ 127.400215][ T5847] syz-executor238: attempt to access beyond end of device [ 127.400215][ T5847] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5851] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5848] <... futex resumed>) = 0 [pid 5843] <... futex resumed>) = 1 [pid 5848] open(".", O_RDONLY [pid 5843] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5848] <... open resumed>) = 4 [pid 5848] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] <... futex resumed>) = 0 [pid 5843] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] rename("./file1", "./file0/file0" [pid 5843] <... futex resumed>) = 0 [pid 5851] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5850] <... ioctl resumed>) = 0 [pid 5849] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5843] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] close(3) = 0 [pid 5850] close(4) = 0 [pid 5851] <... mount resumed>) = 0 [pid 5850] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5849] <... mount resumed>) = 0 [pid 5851] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] <... mkdir resumed>) = 0 [ 127.427533][ T5848] syz-executor238: attempt to access beyond end of device [ 127.427533][ T5848] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 127.452608][ T5847] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 127.458868][ T5848] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 127.463072][ T5847] syz-executor238: attempt to access beyond end of device [pid 5849] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5851] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5850] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5849] <... openat resumed>) = 3 [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] futex(0x7fee0c1f06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c0d4000 [pid 5841] mprotect(0x7fee0c0d5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c0f4990, parent_tid=0x7fee0c0f4990, exit_signal=0, stack=0x7fee0c0d4000, stack_size=0x20300, tls=0x7fee0c0f46c0} => {parent_tid=[5855]}, 88) = 5855 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5841] futex(0x7fee0c1f06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5841] futex(0x7fee0c1f06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5855 attached [pid 5855] rseq(0x7fee0c0f4fe0, 0x20, 0, 0x53053053) = 0 [pid 5855] set_robust_list(0x7fee0c0f49a0, 24) = 0 [pid 5855] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5855] fdatasync(4 [pid 5843] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5843] futex(0x7fee0c1f06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c0d4000 [pid 5843] mprotect(0x7fee0c0d5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c0f4990, parent_tid=0x7fee0c0f4990, exit_signal=0, stack=0x7fee0c0d4000, stack_size=0x20300, tls=0x7fee0c0f46c0} => {parent_tid=[5856]}, 88) = 5856 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5856 attached [pid 5843] futex(0x7fee0c1f06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] futex(0x7fee0c1f06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5849] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5851] <... chdir resumed>) = 0 [pid 5850] <... mount resumed>) = 0 [pid 5849] <... chdir resumed>) = 0 [pid 5856] rseq(0x7fee0c0f4fe0, 0x20, 0, 0x53053053 [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5850] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5856] <... rseq resumed>) = 0 [pid 5849] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5850] <... openat resumed>) = 3 [pid 5856] set_robust_list(0x7fee0c0f49a0, 24) = 0 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5851] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5850] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5849] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] fdatasync(4 [pid 5851] <... futex resumed>) = 1 [pid 5850] <... chdir resumed>) = 0 [pid 5849] <... futex resumed>) = 1 [pid 5844] <... futex resumed>) = 0 [pid 5842] <... futex resumed>) = 0 [ 127.463072][ T5847] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 127.470548][ T5848] syz-executor238: attempt to access beyond end of device [ 127.470548][ T5848] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 127.501986][ T5848] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 127.502906][ T5847] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 127.511291][ T5848] syz-executor238: attempt to access beyond end of device [pid 5851] open(".", O_RDONLY [pid 5850] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5849] open(".", O_RDONLY [pid 5844] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5843] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5851] <... open resumed>) = 4 [pid 5850] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5849] <... open resumed>) = 4 [pid 5844] <... futex resumed>) = 0 [pid 5842] <... futex resumed>) = 0 [ 127.511291][ T5848] loop0: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 127.520713][ T5847] syz-executor238: attempt to access beyond end of device [ 127.520713][ T5847] loop1: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 127.533861][ T5848] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 127.557637][ T5847] Buffer I/O error on dev loop1, logical block 13269809, async page read [ 127.561281][ T5848] syz-executor238: attempt to access beyond end of device [pid 5851] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 1 [pid 5849] <... futex resumed>) = 0 [pid 5844] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5842] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5845] <... futex resumed>) = 0 [pid 5845] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 127.561281][ T5848] loop0: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 127.568301][ T5847] syz-executor238: attempt to access beyond end of device [ 127.568301][ T5847] loop1: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 127.580689][ T5848] Buffer I/O error on dev loop0, logical block 8073606, async page read [ 127.596704][ T5847] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 127.603781][ T5848] syz-executor238: attempt to access beyond end of device [ 127.603781][ T5848] loop0: rw=0, sector=6491542, nr_sectors = 2 limit=128 [pid 5845] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] rename("./file1", "./file0/file0" [pid 5850] open(".", O_RDONLY [pid 5849] rename("./file1", "./file0/file0" [pid 5844] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... futex resumed>) = 0 [pid 5842] <... futex resumed>) = 0 [pid 5850] <... open resumed>) = 4 [pid 5842] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] futex(0x7fee0c1f06cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] <... futex resumed>) = 1 [pid 5850] futex(0x7fee0c1f06c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5845] <... futex resumed>) = 0 [pid 5845] futex(0x7fee0c1f06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5845] futex(0x7fee0c1f06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5850] rename("./file1", "./file0/file0" [pid 5844] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5844] futex(0x7fee0c1f06dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 127.614852][ T5847] syz-executor238: attempt to access beyond end of device [ 127.614852][ T5847] loop1: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 127.625638][ T5848] Buffer I/O error on dev loop0, logical block 3245771, async page read [ 127.641360][ T5847] Buffer I/O error on dev loop1, logical block 3245771, async page read [pid 5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fee0c0d4000 [pid 5844] mprotect(0x7fee0c0d5000, 131072, PROT_READ|PROT_WRITE [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5844] <... mprotect resumed>) = 0 [pid 5842] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5845] futex(0x7fee0c1f06dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5842] futex(0x7fee0c1f06dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = 0 [pid 5844] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5842] <... futex resumed>) = 0 [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c0f4990, parent_tid=0x7fee0c0f4990, exit_signal=0, stack=0x7fee0c0d4000, stack_size=0x20300, tls=0x7fee0c0f46c0} [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5857 attached [pid 5845] <... mmap resumed>) = 0x7fee0c0d4000 [pid 5842] <... mmap resumed>) = 0x7fee0c0d4000 [pid 5857] rseq(0x7fee0c0f4fe0, 0x20, 0, 0x53053053 [pid 5845] mprotect(0x7fee0c0d5000, 131072, PROT_READ|PROT_WRITE [pid 5844] <... clone3 resumed> => {parent_tid=[5857]}, 88) = 5857 [pid 5842] mprotect(0x7fee0c0d5000, 131072, PROT_READ|PROT_WRITE [pid 5857] <... rseq resumed>) = 0 [pid 5845] <... mprotect resumed>) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5857] set_robust_list(0x7fee0c0f49a0, 24 [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] <... mprotect resumed>) = 0 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5844] futex(0x7fee0c1f06d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c0f4990, parent_tid=0x7fee0c0f4990, exit_signal=0, stack=0x7fee0c0d4000, stack_size=0x20300, tls=0x7fee0c0f46c0} [pid 5844] <... futex resumed>) = 0 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 5858 attached [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] futex(0x7fee0c1f06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5858] rseq(0x7fee0c0f4fe0, 0x20, 0, 0x53053053 [pid 5857] fdatasync(4 [pid 5845] <... clone3 resumed> => {parent_tid=[5858]}, 88) = 5858 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fee0c0f4990, parent_tid=0x7fee0c0f4990, exit_signal=0, stack=0x7fee0c0d4000, stack_size=0x20300, tls=0x7fee0c0f46c0} [pid 5858] <... rseq resumed>) = 0 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5859 attached [pid 5858] set_robust_list(0x7fee0c0f49a0, 24 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5859] rseq(0x7fee0c0f4fe0, 0x20, 0, 0x53053053 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5845] futex(0x7fee0c1f06d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... clone3 resumed> => {parent_tid=[5859]}, 88) = 5859 [pid 5845] <... futex resumed>) = 0 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5859] <... rseq resumed>) = 0 [pid 5858] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] futex(0x7fee0c1f06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5859] set_robust_list(0x7fee0c0f49a0, 24 [pid 5858] fdatasync(4 [pid 5859] <... set_robust_list resumed>) = 0 [pid 5859] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5859] futex(0x7fee0c1f06d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] futex(0x7fee0c1f06d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] futex(0x7fee0c1f06dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5859] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5859] fdatasync(4 [pid 5844] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5842] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] exit_group(0) = ? [pid 5843] exit_group(0) = ? [pid 5845] exit_group(0) = ? [pid 5844] exit_group(0) = ? [pid 5842] exit_group(0) = ? [pid 5840] kill(-5845, SIGKILL [pid 5838] kill(-5842, SIGKILL [pid 5837] kill(-5841, SIGKILL [pid 5836] kill(-5843, SIGKILL [pid 5840] <... kill resumed>) = 0 [pid 5838] <... kill resumed>) = 0 [pid 5837] <... kill resumed>) = 0 [pid 5836] <... kill resumed>) = 0 [pid 5840] kill(5845, SIGKILL [pid 5838] kill(5842, SIGKILL [pid 5836] kill(5843, SIGKILL [pid 5840] <... kill resumed>) = 0 [pid 5838] <... kill resumed>) = 0 [pid 5836] <... kill resumed>) = 0 [pid 5837] kill(5841, SIGKILL) = 0 [pid 5839] kill(-5844, SIGKILL) = 0 [pid 5839] kill(5844, SIGKILL) = 0 [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5840] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] getdents64(3, 0x555592a8a730 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, 0x555592a8a730 /* 0 entries */, 32768) = 0 [pid 5840] close(3) = 0 [pid 5839] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5839] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5839] getdents64(3, 0x555592a8a730 /* 2 entries */, 32768) = 48 [pid 5839] getdents64(3, 0x555592a8a730 /* 0 entries */, 32768) = 0 [pid 5839] close(3 [pid 5838] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5839] <... close resumed>) = 0 [pid 5838] <... openat resumed>) = 3 [pid 5838] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5838] getdents64(3, 0x555592a8a730 /* 2 entries */, 32768) = 48 [pid 5836] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5836] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5836] getdents64(3, 0x555592a8a730 /* 2 entries */, 32768) = 48 [pid 5836] getdents64(3, 0x555592a8a730 /* 0 entries */, 32768) = 0 [pid 5836] close(3 [pid 5838] getdents64(3, [pid 5836] <... close resumed>) = 0 [pid 5838] <... getdents64 resumed>0x555592a8a730 /* 0 entries */, 32768) = 0 [pid 5838] close(3) = 0 [pid 5837] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5837] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5837] getdents64(3, 0x555592a8a730 /* 2 entries */, 32768) = 48 [pid 5837] getdents64(3, 0x555592a8a730 /* 0 entries */, 32768) = 0 [pid 5837] close(3) = 0 [ 286.707423][ T30] INFO: task syz-executor238:5855 blocked for more than 143 seconds. [ 286.745786][ T30] Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 286.753468][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.795800][ T30] task:syz-executor238 state:D stack:28632 pid:5855 tgid:5841 ppid:5837 flags:0x00004006 [ 286.845789][ T30] Call Trace: [ 286.849135][ T30] [ 286.852087][ T30] __schedule+0x17fb/0x4be0 [ 286.895820][ T30] ? __pfx___schedule+0x10/0x10 [ 286.900745][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.925774][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.931823][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.955805][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.960990][ T30] ? schedule+0x90/0x320 [ 286.965252][ T30] schedule+0x14b/0x320 [ 287.005788][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.011316][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.055771][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.061752][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.105779][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.110893][ T30] down_write+0x1d7/0x220 [ 287.115245][ T30] ? __pfx_down_write+0x10/0x10 [ 287.145778][ T30] ? ptrace_notify+0x279/0x380 [ 287.150617][ T30] ? __fget_files+0x2a/0x410 [ 287.155230][ T30] __generic_file_fsync+0x97/0x1a0 [ 287.185774][ T30] generic_file_fsync+0x70/0xf0 [ 287.190703][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 287.215837][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 287.220929][ T30] do_syscall_64+0xf3/0x230 [ 287.225459][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.285810][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.291795][ T30] RIP: 0033:0x7fee0c15ec09 [ 287.325789][ T30] RSP: 002b:00007fee0c0f4218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 287.334272][ T30] RAX: ffffffffffffffda RBX: 00007fee0c1f06d8 RCX: 00007fee0c15ec09 [ 287.375797][ T30] RDX: 00007fee0c138196 RSI: 0000000000000000 RDI: 0000000000000004 [ 287.383833][ T30] RBP: 00007fee0c1f06d0 R08: 00007ffc8780c577 R09: 0000000000000000 [ 287.425849][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 287.433885][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 287.476211][ T30] [ 287.479349][ T30] INFO: task syz-executor238:5859 blocked for more than 144 seconds. [ 287.515771][ T30] Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 287.523454][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.565788][ T30] task:syz-executor238 state:D stack:29200 pid:5859 tgid:5842 ppid:5838 flags:0x00004006 [ 287.595791][ T30] Call Trace: [ 287.599124][ T30] [ 287.602075][ T30] __schedule+0x17fb/0x4be0 [ 287.645814][ T30] ? __pfx___schedule+0x10/0x10 [ 287.650744][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.685801][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.691875][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.725778][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.730965][ T30] ? schedule+0x90/0x320 [ 287.735239][ T30] schedule+0x14b/0x320 [ 287.762163][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.785777][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.791564][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.825803][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.832040][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.875809][ T30] down_write+0x1d7/0x220 [ 287.880203][ T30] ? __pfx_down_write+0x10/0x10 [ 287.885074][ T30] ? ptrace_notify+0x279/0x380 [ 287.935842][ T30] ? __fget_files+0x2a/0x410 [ 287.940510][ T30] __generic_file_fsync+0x97/0x1a0 [ 287.945665][ T30] generic_file_fsync+0x70/0xf0 [ 287.995858][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 288.001482][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 288.025797][ T30] do_syscall_64+0xf3/0x230 [ 288.030357][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.035062][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.065804][ T30] RIP: 0033:0x7fee0c15ec09 [ 288.070285][ T30] RSP: 002b:00007fee0c0f4218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 288.105773][ T30] RAX: ffffffffffffffda RBX: 00007fee0c1f06d8 RCX: 00007fee0c15ec09 [ 288.113805][ T30] RDX: ffffffffffffffb0 RSI: 0000000000000000 RDI: 0000000000000004 [ 288.185774][ T30] RBP: 00007fee0c1f06d0 R08: 0000000000000000 R09: 0000000000000000 [ 288.193818][ T30] R10: 00007ffc8780c577 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 288.225770][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 288.233817][ T30] [ 288.265793][ T30] INFO: task syz-executor238:5856 blocked for more than 144 seconds. [ 288.273905][ T30] Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 288.335770][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.344494][ T30] task:syz-executor238 state:D stack:29200 pid:5856 tgid:5843 ppid:5836 flags:0x00004006 [ 288.395772][ T30] Call Trace: [ 288.399113][ T30] [ 288.402068][ T30] __schedule+0x17fb/0x4be0 [ 288.425818][ T30] ? __pfx___schedule+0x10/0x10 [ 288.430741][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.465786][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.471846][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.515785][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.521066][ T30] ? schedule+0x90/0x320 [ 288.525332][ T30] schedule+0x14b/0x320 [ 288.565791][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.571323][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 288.595786][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 288.601764][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.635832][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.640957][ T30] down_write+0x1d7/0x220 [ 288.645312][ T30] ? __pfx_down_write+0x10/0x10 [ 288.685782][ T30] ? ptrace_notify+0x279/0x380 [ 288.690712][ T30] ? __fget_files+0x2a/0x410 [ 288.695327][ T30] __generic_file_fsync+0x97/0x1a0 [ 288.745877][ T30] generic_file_fsync+0x70/0xf0 [ 288.750814][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 288.785856][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 288.790956][ T30] do_syscall_64+0xf3/0x230 [ 288.795487][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.835801][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.841764][ T30] RIP: 0033:0x7fee0c15ec09 [ 288.875771][ T30] RSP: 002b:00007fee0c0f4218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 288.884255][ T30] RAX: ffffffffffffffda RBX: 00007fee0c1f06d8 RCX: 00007fee0c15ec09 [ 288.925849][ T30] RDX: 00007fee0c138196 RSI: 0000000000000000 RDI: 0000000000000004 [ 288.933880][ T30] RBP: 00007fee0c1f06d0 R08: 00007ffc8780c577 R09: 0000000000000000 [ 288.975837][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 288.983876][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 289.025850][ T30] [ 289.035927][ T30] INFO: task syz-executor238:5857 blocked for more than 145 seconds. [ 289.044040][ T30] Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 289.085789][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.094513][ T30] task:syz-executor238 state:D stack:29200 pid:5857 tgid:5844 ppid:5839 flags:0x00004006 [ 289.145785][ T30] Call Trace: [ 289.149120][ T30] [ 289.152072][ T30] __schedule+0x17fb/0x4be0 [ 289.185791][ T30] ? __pfx___schedule+0x10/0x10 [ 289.190710][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.235817][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.241862][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.286174][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.291356][ T30] ? schedule+0x90/0x320 [ 289.295637][ T30] schedule+0x14b/0x320 [ 289.325776][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.331302][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 289.355796][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 289.361775][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.405774][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.410887][ T30] down_write+0x1d7/0x220 [ 289.415239][ T30] ? __pfx_down_write+0x10/0x10 [ 289.445772][ T30] ? ptrace_notify+0x279/0x380 [ 289.450612][ T30] ? __fget_files+0x2a/0x410 [ 289.455226][ T30] __generic_file_fsync+0x97/0x1a0 [ 289.485799][ T30] generic_file_fsync+0x70/0xf0 [ 289.490735][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 289.535862][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 289.540961][ T30] do_syscall_64+0xf3/0x230 [ 289.545493][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.585789][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.591772][ T30] RIP: 0033:0x7fee0c15ec09 [ 289.616281][ T30] RSP: 002b:00007fee0c0f4218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 289.624767][ T30] RAX: ffffffffffffffda RBX: 00007fee0c1f06d8 RCX: 00007fee0c15ec09 [ 289.675825][ T30] RDX: 00007fee0c138196 RSI: 0000000000000000 RDI: 0000000000000004 [ 289.683870][ T30] RBP: 00007fee0c1f06d0 R08: 00007ffc8780c577 R09: 0000000000000000 [ 289.745788][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 289.753826][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 289.795798][ T30] [ 289.798924][ T30] INFO: task syz-executor238:5858 blocked for more than 146 seconds. [ 289.855862][ T30] Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 289.863551][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.925786][ T30] task:syz-executor238 state:D stack:29200 pid:5858 tgid:5845 ppid:5840 flags:0x00004006 [ 289.965770][ T30] Call Trace: [ 289.969106][ T30] [ 289.972065][ T30] __schedule+0x17fb/0x4be0 [ 289.995799][ T30] ? __pfx___schedule+0x10/0x10 [ 290.000714][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.025779][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.031830][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.065776][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.070963][ T30] ? schedule+0x90/0x320 [ 290.075229][ T30] schedule+0x14b/0x320 [ 290.105807][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.111336][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 290.145778][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 290.151749][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.195812][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.200926][ T30] down_write+0x1d7/0x220 [ 290.205274][ T30] ? __pfx_down_write+0x10/0x10 [ 290.245787][ T30] ? ptrace_notify+0x279/0x380 [ 290.250620][ T30] ? __fget_files+0x2a/0x410 [ 290.255237][ T30] __generic_file_fsync+0x97/0x1a0 [ 290.285792][ T30] generic_file_fsync+0x70/0xf0 [ 290.290710][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 290.316214][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 290.321308][ T30] do_syscall_64+0xf3/0x230 [ 290.355841][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.360594][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.405797][ T30] RIP: 0033:0x7fee0c15ec09 [ 290.410617][ T30] RSP: 002b:00007fee0c0f4218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 290.465802][ T30] RAX: ffffffffffffffda RBX: 00007fee0c1f06d8 RCX: 00007fee0c15ec09 [ 290.473844][ T30] RDX: 00007fee0c138196 RSI: 0000000000000000 RDI: 0000000000000004 [ 290.525769][ T30] RBP: 00007fee0c1f06d0 R08: 00007ffc8780c577 R09: 0000000000000000 [ 290.533808][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 290.575856][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 290.583909][ T30] [ 290.625791][ T30] [ 290.625791][ T30] Showing all locks held in the system: [ 290.633564][ T30] 1 lock held by khungtaskd/30: [ 290.665790][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 290.695878][ T30] 1 lock held by kswapd0/88: [ 290.700577][ T30] 2 locks held by getty/5576: [ 290.705276][ T30] #0: ffff8880359610a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 290.775773][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 290.815787][ T30] 2 locks held by syz-executor238/5847: [ 290.821388][ T30] 1 lock held by syz-executor238/5855: [ 290.845829][ T30] #0: ffff88807951c180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 290.875794][ T30] 1 lock held by syz-executor238/5851: [ 290.881306][ T30] 1 lock held by syz-executor238/5859: [ 290.915774][ T30] #0: ffff888079578180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 290.965854][ T30] 1 lock held by syz-executor238/5848: [ 290.971369][ T30] 1 lock held by syz-executor238/5856: [ 291.005804][ T30] #0: ffff88807951c6c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.045774][ T30] 1 lock held by syz-executor238/5849: [ 291.051298][ T30] 1 lock held by syz-executor238/5857: [ 291.095788][ T30] #0: ffff8880795786c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.125772][ T30] 2 locks held by syz-executor238/5850: [ 291.131365][ T30] 1 lock held by syz-executor238/5858: [ 291.155790][ T30] #0: ffff888079578c00 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.205797][ T30] [ 291.208176][ T30] ============================================= [ 291.208176][ T30] [ 291.245784][ T30] NMI backtrace for cpu 0 [ 291.250167][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 291.260687][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.270761][ T30] Call Trace: [ 291.274053][ T30] [ 291.276998][ T30] dump_stack_lvl+0x241/0x360 [ 291.281704][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.286927][ T30] ? __pfx__printk+0x10/0x10 [ 291.291551][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 291.296518][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.301995][ T30] ? _printk+0xd5/0x120 [ 291.306162][ T30] ? __pfx__printk+0x10/0x10 [ 291.310750][ T30] ? __wake_up_klogd+0xcc/0x110 [ 291.315601][ T30] ? __pfx__printk+0x10/0x10 [ 291.320186][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 291.325206][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 291.331183][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 291.337162][ T30] watchdog+0xff6/0x1040 [ 291.341399][ T30] ? watchdog+0x1ea/0x1040 [ 291.345810][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.350480][ T30] kthread+0x2f0/0x390 [ 291.354546][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.359222][ T30] ? __pfx_kthread+0x10/0x10 [ 291.363807][ T30] ret_from_fork+0x4b/0x80 [ 291.368215][ T30] ? __pfx_kthread+0x10/0x10 [ 291.372798][ T30] ret_from_fork_asm+0x1a/0x30 [ 291.377567][ T30] [ 291.381352][ T30] Sending NMI from CPU 0 to CPUs 1: [ 291.386657][ C1] NMI backtrace for cpu 1 [ 291.386669][ C1] CPU: 1 UID: 0 PID: 5849 Comm: syz-executor238 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 291.386688][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.386697][ C1] RIP: 0010:__rcu_read_unlock+0xb/0x110 [ 291.386717][ C1] Code: c1 7c aa 4c 89 ff e8 54 60 7d 00 eb a0 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 <41> 54 53 49 bc 00 00 00 00 00 fc ff df 65 4c 8b 34 25 80 d4 03 00 [ 291.386729][ C1] RSP: 0018:ffffc900041bee80 EFLAGS: 00000246 [ 291.386743][ C1] RAX: 739661309a4f8b00 RBX: 0000000000000001 RCX: ffffc900041bed03 [ 291.386755][ C1] RDX: 0000000000000002 RSI: ffffffff8c0aaae0 RDI: ffffffff8c5edd60 [ 291.386766][ C1] RBP: 0000000000000001 R08: ffffffff901856b7 R09: 1ffffffff2030ad6 [ 291.386776][ C1] R10: dffffc0000000000 R11: fffffbfff2030ad7 R12: 0000000000000002 [ 291.386786][ C1] R13: dffffc0000000000 R14: ffffffff81d81b5e R15: ffffea0001655234 [ 291.386798][ C1] FS: 00007fee0c1156c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 291.386811][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 291.386822][ C1] CR2: 00005619da372958 CR3: 000000005a52e000 CR4: 00000000003526f0 [ 291.386836][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 291.386845][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 291.386855][ C1] Call Trace: [ 291.386861][ C1] [ 291.386867][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 291.386884][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.386902][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.386918][ C1] ? nmi_handle+0x2a/0x5a0 [ 291.386941][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 291.386960][ C1] ? nmi_handle+0x14f/0x5a0 [ 291.386975][ C1] ? nmi_handle+0x2a/0x5a0 [ 291.386991][ C1] ? __rcu_read_unlock+0xb/0x110 [ 291.387005][ C1] ? default_do_nmi+0x63/0x160 [ 291.387022][ C1] ? exc_nmi+0x123/0x1f0 [ 291.387037][ C1] ? end_repeat_nmi+0xf/0x53 [ 291.387051][ C1] ? folio_try_get+0x1e/0x350 [ 291.387074][ C1] ? __rcu_read_unlock+0xb/0x110 [ 291.387089][ C1] ? __rcu_read_unlock+0xb/0x110 [ 291.387104][ C1] ? __rcu_read_unlock+0xb/0x110 [ 291.387119][ C1] [ 291.387124][ C1] [ 291.387129][ C1] ? folio_try_get+0x1e/0x350 [ 291.387147][ C1] folio_try_get+0x228/0x350 [ 291.387166][ C1] filemap_get_entry+0x240/0x3b0 [ 291.387184][ C1] ? filemap_get_entry+0x123/0x3b0 [ 291.387202][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 291.387219][ C1] ? __find_get_block+0x2f1/0x1150 [ 291.387240][ C1] ? __pfx___might_resched+0x10/0x10 [ 291.387260][ C1] ? alloc_buffer_head+0x2a/0x290 [ 291.387280][ C1] __filemap_get_folio+0x72/0x940 [ 291.387298][ C1] ? fs_reclaim_acquire+0x93/0x130 [ 291.387318][ C1] bdev_getblk+0x1d4/0x670 [ 291.387371][ C1] ? sysv_find_entry+0x16c/0x590 [ 291.387389][ C1] ? sysv_inode_by_name+0x98/0x2a0 [ 291.387409][ C1] __bread_gfp+0x86/0x400 [ 291.387429][ C1] get_branch+0x2c3/0x6e0 [ 291.387451][ C1] get_block+0x180/0x16d0 [ 291.387473][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.387488][ C1] ? create_empty_buffers+0x471/0x530 [ 291.387507][ C1] ? __pfx_lock_release+0x10/0x10 [ 291.387521][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 291.387539][ C1] ? __pfx_get_block+0x10/0x10 [ 291.387561][ C1] ? _raw_spin_unlock+0x28/0x50 [ 291.387578][ C1] ? create_empty_buffers+0x471/0x530 [ 291.387600][ C1] block_read_full_folio+0x3ee/0xae0 [ 291.387619][ C1] ? __pfx_get_block+0x10/0x10 [ 291.387635][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 291.387653][ C1] ? folio_add_lru+0x187/0x230 [ 291.387674][ C1] filemap_read_folio+0x148/0x3b0 [ 291.387688][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.387706][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 291.387721][ C1] ? __filemap_get_folio+0x848/0x940 [ 291.387742][ C1] do_read_cache_folio+0x373/0x5b0 [ 291.387757][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.387777][ C1] sysv_find_entry+0x16c/0x590 [ 291.387799][ C1] sysv_inode_by_name+0x98/0x2a0 [ 291.387817][ C1] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 291.387838][ C1] sysv_lookup+0x6b/0xe0 [ 291.387856][ C1] __lookup_slow+0x28c/0x3f0 [ 291.387873][ C1] ? __pfx___lookup_slow+0x10/0x10 [ 291.387887][ C1] ? __d_lookup+0x64/0x7b0 [ 291.387912][ C1] lookup_slow+0x53/0x70 [ 291.387927][ C1] link_path_walk+0x99b/0xea0 [ 291.387954][ C1] __filename_parentat+0x2a7/0x740 [ 291.387969][ C1] ? kernel_text_address+0xa7/0xe0 [ 291.387989][ C1] ? __pfx___filename_parentat+0x10/0x10 [ 291.388016][ C1] ? __lock_acquire+0x1397/0x2100 [ 291.388035][ C1] do_renameat2+0x3b8/0x13f0 [ 291.388061][ C1] ? __virt_addr_valid+0x183/0x530 [ 291.388080][ C1] ? __pfx_do_renameat2+0x10/0x10 [ 291.388103][ C1] ? __virt_addr_valid+0x183/0x530 [ 291.388118][ C1] ? __virt_addr_valid+0x45f/0x530 [ 291.388133][ C1] ? __phys_addr_symbol+0x2f/0x70 [ 291.388152][ C1] ? strncpy_from_user+0x152/0x270 [ 291.388173][ C1] ? getname_flags+0x1e3/0x540 [ 291.388188][ C1] __x64_sys_rename+0x82/0x90 [ 291.388206][ C1] do_syscall_64+0xf3/0x230 [ 291.388225][ C1] ? clear_bhb_loop+0x35/0x90 [ 291.388240][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.388258][ C1] RIP: 0033:0x7fee0c15ec09 [ 291.388273][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 291.388284][ C1] RSP: 002b:00007fee0c115218 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 291.388299][ C1] RAX: ffffffffffffffda RBX: 00007fee0c1f06c8 RCX: 00007fee0c15ec09 [ 291.388311][ C1] RDX: 00007fee0c15ec09 RSI: 0000000020000000 RDI: 0000000020000040 [ 291.388326][ C1] RBP: 00007fee0c1f06c0 R08: 0000000000000000 R09: 0000000000000000 [ 291.388336][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fee0c1b30c0 [ 291.388346][ C1] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 291.388364][ C1] [ 291.388371][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.715 msecs [ 291.805798][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 291.805817][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 291.805839][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.805850][ T30] Call Trace: [ 291.805857][ T30] [ 291.805865][ T30] dump_stack_lvl+0x241/0x360 [ 291.805895][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.805916][ T30] ? __pfx__printk+0x10/0x10 [ 291.805935][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 291.805961][ T30] ? vscnprintf+0x5d/0x90 [ 291.805984][ T30] panic+0x349/0x880 [ 291.806004][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 291.806026][ T30] ? __pfx_panic+0x10/0x10 [ 291.806044][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 291.806067][ T30] ? __irq_work_queue_local+0x137/0x410 [ 291.806088][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 291.806106][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 291.806125][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 291.806148][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 291.806170][ T30] watchdog+0x1035/0x1040 [ 291.806190][ T30] ? watchdog+0x1ea/0x1040 [ 291.806213][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.806231][ T30] kthread+0x2f0/0x390 [ 291.806251][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.806268][ T30] ? __pfx_kthread+0x10/0x10 [ 291.806288][ T30] ret_from_fork+0x4b/0x80 [ 291.806304][ T30] ? __pfx_kthread+0x10/0x10 [ 291.806323][ T30] ret_from_fork_asm+0x1a/0x30 [ 291.806356][ T30] [ 292.138572][ T30] Kernel Offset: disabled [ 292.142913][ T30] Rebooting in 86400 seconds..