./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3888919408 <...> DUID 00:04:7b:a2:e0:73:6b:5f:a9:8e:d4:f6:53:82:b5:31:a7:5e forked to background, child pid 4693 [ 40.269896][ T4694] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.279791][ T4694] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.122' (ED25519) to the list of known hosts. execve("./syz-executor3888919408", ["./syz-executor3888919408"], 0x7ffc5f524630 /* 10 vars */) = 0 brk(NULL) = 0x555555695000 brk(0x555555695d40) = 0x555555695d40 arch_prctl(ARCH_SET_FS, 0x5555556953c0) = 0 set_tid_address(0x555555695690) = 5024 set_robust_list(0x5555556956a0, 24) = 0 rseq(0x555555695ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3888919408", 4096) = 28 getrandom("\xee\x6e\xf7\x33\xb9\xb1\x63\x2b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555695d40 brk(0x5555556b6d40) = 0x5555556b6d40 brk(0x5555556b7000) = 0x5555556b7000 mprotect(0x7f310e2bf000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5025 attached , child_tidptr=0x555555695690) = 5025 [pid 5024] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5025] set_robust_list(0x5555556956a0, 24) = 0 ./strace-static-x86_64: Process 5026 attached [pid 5024] <... clone resumed>, child_tidptr=0x555555695690) = 5026 [pid 5026] set_robust_list(0x5555556956a0, 24 [pid 5025] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5024] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5026] <... set_robust_list resumed>) = 0 [pid 5025] <... openat resumed>) = 3 [pid 5025] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5026] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5025] close(3) = 0 [pid 5025] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5027 attached , child_tidptr=0x555555695690) = 5027 [pid 5027] set_robust_list(0x5555556956a0, 24) = 0 [pid 5027] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5027] setpgid(0, 0) = 0 [pid 5027] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5027] write(3, "1000", 4) = 4 [pid 5027] close(3) = 0 [pid 5027] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5027] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5024] <... clone resumed>, child_tidptr=0x555555695690) = 5028 [pid 5026] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5028 attached [pid 5024] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5028] set_robust_list(0x5555556956a0, 24 [pid 5027] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5026] ioctl(3, LOOP_CLR_FD [pid 5028] <... set_robust_list resumed>) = 0 [pid 5027] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5026] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5027] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f310e1d5000 [pid 5028] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5027] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5026] close(3 [pid 5027] <... mprotect resumed>) = 0 [pid 5027] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5028] <... openat resumed>) = 3 [pid 5027] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5026] <... close resumed>) = 0 [pid 5026] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5029 attached [pid 5029] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5029] set_robust_list(0x7f310e1f59a0, 24 [pid 5027] <... clone3 resumed> => {parent_tid=[5029]}, 88) = 5029 [pid 5029] <... set_robust_list resumed>) = 0 [pid 5027] rt_sigprocmask(SIG_SETMASK, [], [pid 5029] rt_sigprocmask(SIG_SETMASK, [], [pid 5027] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5026] <... clone resumed>, child_tidptr=0x555555695690) = 5030 ./strace-static-x86_64: Process 5030 attached [pid 5029] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5027] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5031 attached [pid 5029] memfd_create("syzkaller", 0 [pid 5030] set_robust_list(0x5555556956a0, 24 [pid 5024] <... clone resumed>, child_tidptr=0x555555695690) = 5031 [pid 5031] set_robust_list(0x5555556956a0, 24 [pid 5030] <... set_robust_list resumed>) = 0 [pid 5028] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5027] <... futex resumed>) = 0 [pid 5024] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5031] <... set_robust_list resumed>) = 0 [pid 5030] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5027] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5031] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5030] <... prctl resumed>) = 0 [pid 5028] close(3 [pid 5031] <... openat resumed>) = 3 [pid 5030] setpgid(0, 0) = 0 [pid 5028] <... close resumed>) = 0 [pid 5024] <... clone resumed>, child_tidptr=0x555555695690) = 5033 [pid 5031] ioctl(3, LOOP_CLR_FD [pid 5030] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5024] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5031] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5028] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5031] close(3) = 0 ./strace-static-x86_64: Process 5033 attached [pid 5031] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5033] set_robust_list(0x5555556956a0, 24 [pid 5030] <... openat resumed>) = 3 [pid 5033] <... set_robust_list resumed>) = 0 [pid 5030] write(3, "1000", 4) = 4 [pid 5033] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5031] <... clone resumed>, child_tidptr=0x555555695690) = 5036 [pid 5033] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5036 attached [pid 5036] set_robust_list(0x5555556956a0, 24) = 0 [pid 5036] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5036] setpgid(0, 0 [pid 5033] close(3 [pid 5036] <... setpgid resumed>) = 0 [pid 5033] <... close resumed>) = 0 [pid 5036] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5036] <... openat resumed>) = 3 [pid 5036] write(3, "1000", 4) = 4 [pid 5036] close(3) = 0 [pid 5030] close(3./strace-static-x86_64: Process 5035 attached ) = 0 [pid 5024] <... clone resumed>, child_tidptr=0x555555695690) = 5035 [pid 5035] set_robust_list(0x5555556956a0, 24 [pid 5030] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5034 attached [pid 5034] set_robust_list(0x5555556956a0, 24 [pid 5036] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5034] <... set_robust_list resumed>) = 0 [pid 5036] <... futex resumed>) = 0 [pid 5030] <... futex resumed>) = 0 [pid 5028] <... clone resumed>, child_tidptr=0x555555695690) = 5034 ./strace-static-x86_64: Process 5037 attached [pid 5034] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5036] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5033] <... clone resumed>, child_tidptr=0x555555695690) = 5037 [pid 5030] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5037] set_robust_list(0x5555556956a0, 24 [pid 5034] <... prctl resumed>) = 0 [pid 5036] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5035] <... set_robust_list resumed>) = 0 [pid 5030] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5029] <... memfd_create resumed>) = 3 [pid 5037] <... set_robust_list resumed>) = 0 [pid 5034] setpgid(0, 0 [pid 5036] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5030] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5029] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5037] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5034] <... setpgid resumed>) = 0 [pid 5036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5035] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5030] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5029] <... mmap resumed>) = 0x7f3105dd5000 [pid 5034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5030] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5037] <... prctl resumed>) = 0 [pid 5036] <... mmap resumed>) = 0x7f310e1d5000 [pid 5034] <... openat resumed>) = 3 [pid 5034] write(3, "1000", 4) = 4 [pid 5037] setpgid(0, 0 [pid 5034] close(3 [pid 5036] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5034] <... close resumed>) = 0 [pid 5036] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5037] <... setpgid resumed>) = 0 [pid 5034] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5036] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5037] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5034] <... futex resumed>) = 0 [pid 5035] <... openat resumed>) = 3 [pid 5030] <... mmap resumed>) = 0x7f310e1d5000 ./strace-static-x86_64: Process 5038 attached [pid 5034] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5036] <... clone3 resumed> => {parent_tid=[5038]}, 88) = 5038 [pid 5035] ioctl(3, LOOP_CLR_FD [pid 5030] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5037] <... openat resumed>) = 3 [pid 5034] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5036] rt_sigprocmask(SIG_SETMASK, [], [pid 5035] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5030] <... mprotect resumed>) = 0 [pid 5034] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5036] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5030] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5034] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5036] <... futex resumed>) = 0 [pid 5030] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5034] <... mmap resumed>) = 0x7f310e1d5000 [pid 5036] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5035] close(3 [pid 5030] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} syzkaller login: [ 67.703599][ T5029] syz-executor388[5029]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [pid 5037] write(3, "1000", 4 [pid 5034] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5035] <... close resumed>) = 0 [pid 5038] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5037] <... write resumed>) = 4 [pid 5034] <... mprotect resumed>) = 0 [pid 5037] close(3 [pid 5034] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5038] <... rseq resumed>) = 0 [pid 5035] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5040 attached [pid 5037] <... close resumed>) = 0 [pid 5034] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5040] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5037] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5034] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0}./strace-static-x86_64: Process 5041 attached [pid 5040] <... rseq resumed>) = 0 [pid 5038] set_robust_list(0x7f310e1f59a0, 24 [pid 5037] <... futex resumed>) = 0 [pid 5030] <... clone3 resumed> => {parent_tid=[5040]}, 88) = 5040 [pid 5041] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5040] set_robust_list(0x7f310e1f59a0, 24 [pid 5037] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5034] <... clone3 resumed> => {parent_tid=[5041]}, 88) = 5041 [pid 5038] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5042 attached [pid 5041] <... rseq resumed>) = 0 [pid 5040] <... set_robust_list resumed>) = 0 [pid 5030] rt_sigprocmask(SIG_SETMASK, [], [pid 5040] rt_sigprocmask(SIG_SETMASK, [], [pid 5041] set_robust_list(0x7f310e1f59a0, 24 [pid 5040] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5037] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5041] <... set_robust_list resumed>) = 0 [pid 5040] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5037] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5034] rt_sigprocmask(SIG_SETMASK, [], [pid 5037] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5037] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5034] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5041] rt_sigprocmask(SIG_SETMASK, [], [pid 5037] <... mmap resumed>) = 0x7f310e1d5000 [pid 5034] <... futex resumed>) = 0 [pid 5041] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5037] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5034] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5041] memfd_create("syzkaller", 0 [pid 5037] <... mprotect resumed>) = 0 [pid 5037] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5037] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5042] set_robust_list(0x5555556956a0, 24 [pid 5038] rt_sigprocmask(SIG_SETMASK, [], [pid 5037] <... clone3 resumed> => {parent_tid=[5043]}, 88) = 5043 [pid 5035] <... clone resumed>, child_tidptr=0x555555695690) = 5042 [pid 5030] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5042] <... set_robust_list resumed>) = 0 [pid 5038] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5030] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5037] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5042] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5040] <... futex resumed>) = 0 [pid 5038] memfd_create("syzkaller", 0 [pid 5037] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5030] <... futex resumed>) = 1 ./strace-static-x86_64: Process 5043 attached [pid 5042] <... prctl resumed>) = 0 [pid 5041] <... memfd_create resumed>) = 3 [pid 5040] memfd_create("syzkaller", 0 [pid 5038] <... memfd_create resumed>) = 3 [pid 5037] <... futex resumed>) = 0 [pid 5030] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5043] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5042] setpgid(0, 0 [pid 5041] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5040] <... memfd_create resumed>) = 3 [pid 5038] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5037] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5043] <... rseq resumed>) = 0 [pid 5042] <... setpgid resumed>) = 0 [pid 5041] <... mmap resumed>) = 0x7f3105dd5000 [pid 5040] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5038] <... mmap resumed>) = 0x7f3105dd5000 [pid 5043] set_robust_list(0x7f310e1f59a0, 24 [pid 5042] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5043] <... set_robust_list resumed>) = 0 [pid 5040] <... mmap resumed>) = 0x7f3105dd5000 [pid 5043] rt_sigprocmask(SIG_SETMASK, [], [pid 5042] <... openat resumed>) = 3 [pid 5043] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5043] memfd_create("syzkaller", 0 [pid 5042] write(3, "1000", 4) = 4 [pid 5042] close(3) = 0 [pid 5042] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5042] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, NULL, 8) = 0 [pid 5042] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5042] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5043] <... memfd_create resumed>) = 3 [pid 5043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3105dd5000 [pid 5042] <... mmap resumed>) = 0x7f310e1d5000 [pid 5042] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5042] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5042] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0}./strace-static-x86_64: Process 5044 attached => {parent_tid=[5044]}, 88) = 5044 [pid 5044] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5042] rt_sigprocmask(SIG_SETMASK, [], [pid 5044] <... rseq resumed>) = 0 [pid 5042] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5042] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5044] set_robust_list(0x7f310e1f59a0, 24 [pid 5042] <... futex resumed>) = 0 [pid 5042] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5044] <... set_robust_list resumed>) = 0 [pid 5044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5044] memfd_create("syzkaller", 0) = 3 [pid 5044] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3105dd5000 [pid 5038] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5041] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5029] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5044] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5040] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5043] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5038] <... write resumed>) = 16777216 [pid 5038] munmap(0x7f3105dd5000, 138412032) = 0 [pid 5038] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5038] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5038] close(3) = 0 [ 68.709299][ T5038] loop3: detected capacity change from 0 to 32768 [pid 5038] mkdir("./file2", 0777 [pid 5041] <... write resumed>) = 16777216 [pid 5038] <... mkdir resumed>) = 0 [pid 5038] mount("/dev/loop3", "./file2", "jfs", 0, "" [pid 5041] munmap(0x7f3105dd5000, 138412032) = 0 [pid 5041] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5044] <... write resumed>) = 16777216 [pid 5038] <... mount resumed>) = 0 [pid 5041] <... openat resumed>) = 4 [pid 5044] munmap(0x7f3105dd5000, 138412032 [pid 5038] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY [pid 5041] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5044] <... munmap resumed>) = 0 [pid 5038] <... openat resumed>) = 3 [pid 5044] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5041] close(3 [pid 5038] chdir("./file2" [pid 5029] <... write resumed>) = 16777216 [pid 5044] <... openat resumed>) = 4 [pid 5041] <... close resumed>) = 0 [pid 5038] <... chdir resumed>) = 0 [pid 5029] munmap(0x7f3105dd5000, 138412032 [pid 5044] ioctl(4, LOOP_SET_FD, 3 [pid 5041] mkdir("./file2", 0777 [pid 5038] ioctl(4, LOOP_CLR_FD [pid 5041] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5038] <... ioctl resumed>) = 0 [pid 5041] mount("/dev/loop2", "./file2", "jfs", 0, "" [pid 5038] close(4) = 0 [pid 5040] <... write resumed>) = 16777216 [pid 5038] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5038] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5036] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] munmap(0x7f3105dd5000, 138412032 [ 68.844240][ T5041] loop2: detected capacity change from 0 to 32768 [ 68.871254][ T5044] loop5: detected capacity change from 0 to 32768 [pid 5036] <... futex resumed>) = 0 [pid 5044] <... ioctl resumed>) = 0 [pid 5041] <... mount resumed>) = 0 [pid 5038] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5029] <... munmap resumed>) = 0 [pid 5044] close(3 [pid 5041] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY [pid 5038] rename("./file2", "./file1" [pid 5036] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5029] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5044] <... close resumed>) = 0 [pid 5041] <... openat resumed>) = 3 [pid 5044] mkdir("./file2", 0777 [pid 5041] chdir("./file2" [pid 5044] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5044] mount("/dev/loop5", "./file2", "jfs", 0, "" [pid 5041] <... chdir resumed>) = 0 [pid 5041] ioctl(4, LOOP_CLR_FD) = 0 [pid 5029] <... openat resumed>) = 4 [pid 5041] close(4 [pid 5029] ioctl(4, LOOP_SET_FD, 3 [pid 5041] <... close resumed>) = 0 [pid 5044] <... mount resumed>) = 0 [pid 5044] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY) = 3 [pid 5044] chdir("./file2") = 0 [pid 5044] ioctl(4, LOOP_CLR_FD) = 0 [pid 5044] close(4) = 0 [pid 5044] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5044] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5041] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5042] <... futex resumed>) = 0 [pid 5042] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5044] <... futex resumed>) = 0 [pid 5042] <... futex resumed>) = 1 [pid 5044] rename("./file2", "./file1" [pid 5042] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5041] <... futex resumed>) = 1 [pid 5034] <... futex resumed>) = 0 [pid 5029] <... ioctl resumed>) = 0 [pid 5034] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5040] <... munmap resumed>) = 0 [pid 5034] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5040] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 68.908351][ T5038] ERROR: (device loop3): diWrite: ixpxd invalid [ 68.908351][ T5038] [ 68.920068][ T5029] loop0: detected capacity change from 0 to 32768 [ 68.935248][ T5044] ERROR: (device loop5): diWrite: ixpxd invalid [ 68.935248][ T5044] [ 68.944257][ T5038] ERROR: (device loop3): remounting filesystem as read-only [ 68.950600][ T5040] loop1: detected capacity change from 0 to 32768 [pid 5040] ioctl(4, LOOP_SET_FD, 3 [pid 5041] rename("./file2", "./file1" [pid 5036] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5029] close(3 [pid 5036] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5036] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f310e1b4000 [pid 5036] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5036] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5029] <... close resumed>) = 0 [pid 5036] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5036] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0}./strace-static-x86_64: Process 5046 attached [pid 5046] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5036] <... clone3 resumed> => {parent_tid=[5046]}, 88) = 5046 [pid 5046] <... rseq resumed>) = 0 [pid 5036] rt_sigprocmask(SIG_SETMASK, [], [pid 5029] mkdir("./file2", 0777 [pid 5046] set_robust_list(0x7f310e1d49a0, 24 [pid 5043] <... write resumed>) = 16777216 [pid 5036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5046] <... set_robust_list resumed>) = 0 [pid 5043] munmap(0x7f3105dd5000, 138412032 [pid 5036] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5029] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5046] rt_sigprocmask(SIG_SETMASK, [], [pid 5040] <... ioctl resumed>) = 0 [pid 5036] <... futex resumed>) = 0 [pid 5029] mount("/dev/loop0", "./file2", "jfs", 0, "" [pid 5046] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5040] close(3 [pid 5036] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5046] mkdir(".", 0777 [pid 5040] <... close resumed>) = 0 [pid 5046] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5040] mkdir("./file2", 0777 [pid 5046] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5040] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5046] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5040] mount("/dev/loop1", "./file2", "jfs", 0, "" [pid 5046] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5036] <... futex resumed>) = 0 [pid 5046] futex(0x7f310e2c55f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5034] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5034] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 68.952612][ T5038] ERROR: (device loop3): txCommit: [ 68.952612][ T5038] [ 68.967325][ T5041] ERROR: (device loop2): diWrite: ixpxd invalid [ 68.967325][ T5041] [ 68.977115][ T5044] ERROR: (device loop5): remounting filesystem as read-only [pid 5042] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5034] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f310e1b4000 [pid 5043] <... munmap resumed>) = 0 [pid 5042] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5034] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5034] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5034] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0} => {parent_tid=[5047]}, 88) = 5047 [pid 5034] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5047 attached [pid 5042] <... futex resumed>) = 0 [pid 5034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5034] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5042] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5034] <... futex resumed>) = 0 [pid 5034] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5047] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5042] <... mmap resumed>) = 0x7f310e1b4000 [pid 5047] <... rseq resumed>) = 0 [pid 5043] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5042] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE [pid 5047] set_robust_list(0x7f310e1d49a0, 24) = 0 [pid 5047] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5047] mkdir(".", 0777) = -1 EEXIST (File exists) [pid 5047] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5029] <... mount resumed>) = 0 [pid 5029] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY [pid 5044] <... rename resumed>) = -1 EIO (Input/output error) [pid 5044] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5029] <... openat resumed>) = 3 [pid 5042] <... mprotect resumed>) = 0 [pid 5029] chdir("./file2" [pid 5044] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5029] <... chdir resumed>) = 0 [pid 5042] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5029] ioctl(4, LOOP_CLR_FD [pid 5043] <... openat resumed>) = 4 [pid 5042] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5029] <... ioctl resumed>) = 0 [pid 5042] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0} [pid 5029] close(4) = 0 [pid 5043] ioctl(4, LOOP_SET_FD, 3 [pid 5042] <... clone3 resumed> => {parent_tid=[5048]}, 88) = 5048 [pid 5029] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5042] rt_sigprocmask(SIG_SETMASK, [], [pid 5029] <... futex resumed>) = 1 [pid 5029] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5042] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5042] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] <... mount resumed>) = 0 [pid 5027] <... futex resumed>) = 0 [ 69.004280][ T5044] ERROR: (device loop5): txCommit: [ 69.004280][ T5044] [ 69.011284][ T5041] ERROR: (device loop2): remounting filesystem as read-only [ 69.023722][ T5038] ERROR: (device loop3): remounting filesystem as read-only [ 69.042233][ T5041] ERROR: (device loop2): txCommit: [ 69.042233][ T5041] ./strace-static-x86_64: Process 5048 attached [pid 5040] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY [pid 5027] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5048] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5040] <... openat resumed>) = 3 [pid 5027] <... futex resumed>) = 1 [pid 5048] <... rseq resumed>) = 0 [pid 5040] chdir("./file2" [pid 5027] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5048] set_robust_list(0x7f310e1d49a0, 24 [pid 5040] <... chdir resumed>) = 0 [pid 5048] <... set_robust_list resumed>) = 0 [pid 5040] ioctl(4, LOOP_CLR_FD [pid 5048] rt_sigprocmask(SIG_SETMASK, [], [pid 5040] <... ioctl resumed>) = 0 [pid 5048] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5040] close(4 [pid 5048] mkdir(".", 0777 [pid 5040] <... close resumed>) = 0 [pid 5048] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5048] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5040] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5040] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5042] <... futex resumed>) = 0 [pid 5030] <... futex resumed>) = 0 [pid 5029] <... futex resumed>) = 0 [pid 5029] rename("./file2", "./file1" [pid 5042] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5030] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5048] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5030] <... futex resumed>) = 1 [pid 5048] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] <... futex resumed>) = 0 [pid 5030] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5048] <... futex resumed>) = 0 [pid 5040] rename("./file2", "./file1" [pid 5048] futex(0x7f310e2c55f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5042] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5042] exit_group(0 [pid 5041] <... rename resumed>) = -1 EIO (Input/output error) [pid 5048] <... futex resumed>) = ? [pid 5047] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5042] <... exit_group resumed>) = ? [pid 5041] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5048] +++ exited with 0 +++ [pid 5041] <... futex resumed>) = 0 [pid 5041] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5047] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5034] <... futex resumed>) = 0 [pid 5034] exit_group(0 [pid 5041] <... futex resumed>) = ? [pid 5034] <... exit_group resumed>) = ? [pid 5041] +++ exited with 0 +++ [pid 5047] +++ exited with 0 +++ [pid 5044] <... futex resumed>) = ? [pid 5038] <... rename resumed>) = -1 EIO (Input/output error) [pid 5034] +++ exited with 0 +++ [pid 5038] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5034, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=31 /* 0.31 s */} --- [pid 5038] <... futex resumed>) = 0 [pid 5028] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5044] +++ exited with 0 +++ [pid 5043] <... ioctl resumed>) = 0 [pid 5042] +++ exited with 0 +++ [ 69.064526][ T5043] loop4: detected capacity change from 0 to 32768 [ 69.075213][ T5029] ERROR: (device loop0): diWrite: ixpxd invalid [ 69.075213][ T5029] [ 69.077263][ T5040] ERROR: (device loop1): diWrite: ixpxd invalid [ 69.077263][ T5040] [ 69.097996][ T109] BUG: Bad page state in process jfsCommit pfn:75d93 [pid 5038] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5043] close(3 [pid 5036] exit_group(0 [pid 5035] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5042, si_uid=0, si_status=0, si_utime=9 /* 0.09 s */, si_stime=26 /* 0.26 s */} --- [pid 5028] <... openat resumed>) = 3 [pid 5027] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5043] <... close resumed>) = 0 [pid 5043] mkdir("./file2", 0777 [pid 5046] <... futex resumed>) = ? [pid 5043] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5038] <... futex resumed>) = ? [pid 5036] <... exit_group resumed>) = ? [pid 5028] ioctl(3, LOOP_CLR_FD [pid 5027] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5038] +++ exited with 0 +++ [pid 5035] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5046] +++ exited with 0 +++ [pid 5036] +++ exited with 0 +++ [pid 5035] <... openat resumed>) = 3 [pid 5030] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5028] <... ioctl resumed>) = 0 [pid 5027] <... futex resumed>) = 0 [pid 5043] mount("/dev/loop4", "./file2", "jfs", 0, "" [pid 5035] ioctl(3, LOOP_CLR_FD [pid 5030] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5028] close(3 [pid 5027] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5031] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5036, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=32 /* 0.32 s */} --- [pid 5030] <... futex resumed>) = 0 [pid 5028] <... close resumed>) = 0 [pid 5031] restart_syscall(<... resuming interrupted clone ...> [pid 5030] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5028] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5027] <... mmap resumed>) = 0x7f310e1b4000 [pid 5031] <... restart_syscall resumed>) = 0 [pid 5030] <... mmap resumed>) = 0x7f310e1b4000 [pid 5028] <... clone resumed>, child_tidptr=0x555555695690) = 5049 [pid 5027] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5031] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5027] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5031] <... openat resumed>) = 3 [pid 5027] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5031] ioctl(3, LOOP_CLR_FD [pid 5027] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0} [pid 5031] <... ioctl resumed>) = 0 [pid 5031] close(3 [pid 5027] <... clone3 resumed> => {parent_tid=[5050]}, 88) = 5050 [pid 5031] <... close resumed>) = 0 [pid 5027] rt_sigprocmask(SIG_SETMASK, [], [pid 5031] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5027] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5035] <... ioctl resumed>) = 0 [pid 5027] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5051 attached ./strace-static-x86_64: Process 5050 attached ./strace-static-x86_64: Process 5049 attached [pid 5040] <... rename resumed>) = -1 EIO (Input/output error) [pid 5035] close(3 [pid 5030] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE [pid 5043] <... mount resumed>) = 0 [pid 5027] <... futex resumed>) = 0 [pid 5043] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY [pid 5030] <... mprotect resumed>) = 0 [pid 5049] set_robust_list(0x5555556956a0, 24 [pid 5027] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5051] set_robust_list(0x5555556956a0, 24 [pid 5049] <... set_robust_list resumed>) = 0 [pid 5030] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5043] <... openat resumed>) = 3 [pid 5030] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5050] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5049] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5043] chdir("./file2" [pid 5031] <... clone resumed>, child_tidptr=0x555555695690) = 5051 [pid 5030] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0} [pid 5049] <... prctl resumed>) = 0 [ 69.123994][ T5040] ERROR: (device loop1): remounting filesystem as read-only [ 69.141466][ T5029] ERROR: (device loop0): remounting filesystem as read-only [ 69.142962][ T109] page:ffffea0001d764c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x75d93 [ 69.163164][ T5040] ERROR: (device loop1): txCommit: [ 69.163164][ T5040] ./strace-static-x86_64: Process 5052 attached [pid 5050] <... rseq resumed>) = 0 [pid 5049] setpgid(0, 0 [pid 5043] <... chdir resumed>) = 0 [pid 5035] <... close resumed>) = 0 [pid 5052] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5050] set_robust_list(0x7f310e1d49a0, 24 [pid 5049] <... setpgid resumed>) = 0 [pid 5043] ioctl(4, LOOP_CLR_FD [pid 5035] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5030] <... clone3 resumed> => {parent_tid=[5052]}, 88) = 5052 [pid 5052] <... rseq resumed>) = 0 [pid 5050] <... set_robust_list resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5043] <... ioctl resumed>) = 0 [pid 5030] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5053 attached [pid 5052] set_robust_list(0x7f310e1d49a0, 24 [pid 5051] <... set_robust_list resumed>) = 0 [pid 5050] rt_sigprocmask(SIG_SETMASK, [], [pid 5049] <... openat resumed>) = 3 [pid 5043] close(4 [pid 5035] <... clone resumed>, child_tidptr=0x555555695690) = 5053 [pid 5030] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5052] <... set_robust_list resumed>) = 0 [pid 5051] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5030] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5052] rt_sigprocmask(SIG_SETMASK, [], [pid 5049] write(3, "1000", 4 [pid 5043] <... close resumed>) = 0 [pid 5030] <... futex resumed>) = 0 [pid 5052] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5049] <... write resumed>) = 4 [pid 5043] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5052] mkdir(".", 0777 [pid 5030] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5053] set_robust_list(0x5555556956a0, 24 [pid 5052] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5050] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5049] close(3 [pid 5043] <... futex resumed>) = 1 [pid 5037] <... futex resumed>) = 0 [pid 5053] <... set_robust_list resumed>) = 0 [pid 5052] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5051] <... prctl resumed>) = 0 [pid 5050] mkdir(".", 0777 [pid 5049] <... close resumed>) = 0 [pid 5043] rename("./file2", "./file1" [pid 5037] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5053] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5037] <... futex resumed>) = 0 [pid 5053] <... prctl resumed>) = 0 [pid 5050] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5040] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5037] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5053] setpgid(0, 0 [pid 5050] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5040] <... futex resumed>) = 0 [pid 5053] <... setpgid resumed>) = 0 [pid 5050] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5040] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... futex resumed>) = 1 [pid 5027] <... futex resumed>) = 0 [pid 5053] <... openat resumed>) = 3 [pid 5052] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5051] setpgid(0, 0 [pid 5050] futex(0x7f310e2c55f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5049] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5053] write(3, "1000", 4) = 4 [pid 5052] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5051] <... setpgid resumed>) = 0 [pid 5049] <... futex resumed>) = 0 [pid 5052] <... futex resumed>) = 1 [pid 5030] <... futex resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5030] exit_group(0 [pid 5052] futex(0x7f310e2c55f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5049] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5052] <... futex resumed>) = ? [pid 5030] <... exit_group resumed>) = ? [pid 5053] close(3 [pid 5040] <... futex resumed>) = ? [pid 5051] <... openat resumed>) = 3 [pid 5040] +++ exited with 0 +++ [pid 5053] <... close resumed>) = 0 [pid 5053] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5052] +++ exited with 0 +++ [pid 5030] +++ exited with 0 +++ [pid 5051] write(3, "1000", 4 [pid 5049] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5053] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, NULL, 8) = 0 [pid 5053] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5051] <... write resumed>) = 4 [pid 5049] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5026] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5030, si_uid=0, si_status=0, si_utime=10 /* 0.10 s */, si_stime=32 /* 0.32 s */} --- [pid 5053] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5051] close(3 [pid 5049] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5051] <... close resumed>) = 0 [pid 5049] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5053] <... mmap resumed>) = 0x7f310e1d5000 [ 69.180081][ T5029] ERROR: (device loop0): txCommit: [ 69.180081][ T5029] [ 69.198909][ T5043] ERROR: (device loop4): diWrite: ixpxd invalid [ 69.198909][ T5043] [ 69.211779][ T109] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 69.214553][ T5029] ERROR: (device loop0): remounting filesystem as read-only [pid 5049] <... mmap resumed>) = 0x7f310e1d5000 [pid 5026] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5053] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5051] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5053] <... mprotect resumed>) = 0 [pid 5051] <... futex resumed>) = 0 [pid 5049] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5026] <... openat resumed>) = 3 [pid 5053] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5053] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} => {parent_tid=[5054]}, 88) = 5054 [pid 5053] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5053] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5053] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5037] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5037] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5054 attached [pid 5051] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5049] <... mprotect resumed>) = 0 [pid 5043] <... rename resumed>) = -1 EIO (Input/output error) [pid 5037] <... futex resumed>) = 0 [pid 5026] ioctl(3, LOOP_CLR_FD [pid 5037] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f310e1b4000 [pid 5037] mprotect(0x7f310e1b5000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5037] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5026] <... ioctl resumed>) = 0 [pid 5054] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5051] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5049] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5029] <... rename resumed>) = -1 EIO (Input/output error) [pid 5029] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5029] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5027] exit_group(0 [pid 5050] <... futex resumed>) = ? [pid 5029] <... futex resumed>) = ? [pid 5027] <... exit_group resumed>) = ? [pid 5050] +++ exited with 0 +++ [pid 5029] +++ exited with 0 +++ [pid 5027] +++ exited with 0 +++ [pid 5025] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5027, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=31 /* 0.31 s */} --- [pid 5037] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5025] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5049] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5037] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1d4990, parent_tid=0x7f310e1d4990, exit_signal=0, stack=0x7f310e1b4000, stack_size=0x20300, tls=0x7f310e1d46c0} [pid 5025] <... openat resumed>) = 3 [pid 5054] <... rseq resumed>) = 0 [pid 5051] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5049] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5026] close(3 [pid 5054] set_robust_list(0x7f310e1f59a0, 24 [pid 5051] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5037] <... clone3 resumed> => {parent_tid=[5055]}, 88) = 5055 [pid 5026] <... close resumed>) = 0 [pid 5025] ioctl(3, LOOP_CLR_FD [pid 5054] <... set_robust_list resumed>) = 0 [pid 5051] <... mmap resumed>) = 0x7f310e1d5000 [pid 5037] rt_sigprocmask(SIG_SETMASK, [], [pid 5026] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5055 attached [pid 5054] rt_sigprocmask(SIG_SETMASK, [], [pid 5051] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5049] <... clone3 resumed> => {parent_tid=[5056]}, 88) = 5056 [pid 5037] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5025] <... ioctl resumed>) = 0 [pid 5055] rseq(0x7f310e1d4fe0, 0x20, 0, 0x53053053 [pid 5037] futex(0x7f310e2c55f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5025] close(3 [pid 5055] <... rseq resumed>) = 0 [pid 5037] <... futex resumed>) = 0 [pid 5025] <... close resumed>) = 0 [pid 5037] futex(0x7f310e2c55fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5049] rt_sigprocmask(SIG_SETMASK, [], [pid 5025] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5057 attached ./strace-static-x86_64: Process 5056 attached [pid 5055] set_robust_list(0x7f310e1d49a0, 24 [pid 5054] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5051] <... mprotect resumed>) = 0 [pid 5049] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5043] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5026] <... clone resumed>, child_tidptr=0x555555695690) = 5057 ./strace-static-x86_64: Process 5058 attached [pid 5057] set_robust_list(0x5555556956a0, 24 [pid 5056] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5055] <... set_robust_list resumed>) = 0 [pid 5054] memfd_create("syzkaller", 0 [pid 5049] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5051] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5043] <... futex resumed>) = 0 [pid 5025] <... clone resumed>, child_tidptr=0x555555695690) = 5058 [pid 5058] set_robust_list(0x5555556956a0, 24 [pid 5057] <... set_robust_list resumed>) = 0 [pid 5056] <... rseq resumed>) = 0 [pid 5055] rt_sigprocmask(SIG_SETMASK, [], [pid 5051] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5049] <... futex resumed>) = 0 [pid 5043] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] <... set_robust_list resumed>) = 0 [pid 5057] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5056] set_robust_list(0x7f310e1f59a0, 24 [pid 5055] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5051] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5054] <... memfd_create resumed>) = 3 [ 69.244021][ T5043] ERROR: (device loop4): remounting filesystem as read-only [ 69.255309][ T5043] ERROR: (device loop4): txCommit: [ 69.255309][ T5043] [ 69.262941][ T109] page_type: 0xffffffff() [ 69.268107][ T109] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000 [pid 5049] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5058] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5056] <... set_robust_list resumed>) = 0 [pid 5055] mkdir(".", 0777 [pid 5058] <... prctl resumed>) = 0 [pid 5056] rt_sigprocmask(SIG_SETMASK, [], [pid 5055] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5058] setpgid(0, 0 [pid 5056] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5055] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5058] <... setpgid resumed>) = 0 [pid 5056] memfd_create("syzkaller", 0 [pid 5058] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5056] <... memfd_create resumed>) = 3 [pid 5055] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5058] <... openat resumed>) = 3 [pid 5056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5058] write(3, "1000", 4 [pid 5055] futex(0x7f310e2c55fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5058] <... write resumed>) = 4 [pid 5057] <... prctl resumed>) = 0 [pid 5056] <... mmap resumed>) = 0x7f3105dd5000 [pid 5055] <... futex resumed>) = 1 [pid 5054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5037] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5059 attached [pid 5058] close(3 [pid 5057] setpgid(0, 0 [pid 5055] futex(0x7f310e2c55f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5037] exit_group(0 [pid 5058] <... close resumed>) = 0 [pid 5055] <... futex resumed>) = ? [pid 5037] <... exit_group resumed>) = ? [pid 5059] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5058] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5057] <... setpgid resumed>) = 0 [pid 5055] +++ exited with 0 +++ [pid 5051] <... clone3 resumed> => {parent_tid=[5059]}, 88) = 5059 [pid 5043] <... futex resumed>) = ? [pid 5054] <... mmap resumed>) = 0x7f3105dd5000 [pid 5051] rt_sigprocmask(SIG_SETMASK, [], [pid 5059] <... rseq resumed>) = 0 [pid 5058] <... futex resumed>) = 0 [pid 5058] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, NULL, 8) = 0 [pid 5058] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5059] set_robust_list(0x7f310e1f59a0, 24 [pid 5058] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5059] <... set_robust_list resumed>) = 0 [pid 5058] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5043] +++ exited with 0 +++ [pid 5037] +++ exited with 0 +++ [pid 5059] rt_sigprocmask(SIG_SETMASK, [], [pid 5058] <... mmap resumed>) = 0x7f310e1d5000 [pid 5057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5059] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5058] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5057] <... openat resumed>) = 3 [pid 5051] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5033] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5037, si_uid=0, si_status=0, si_utime=9 /* 0.09 s */, si_stime=33 /* 0.33 s */} --- [pid 5059] memfd_create("syzkaller", 0 [pid 5058] <... mprotect resumed>) = 0 [pid 5057] write(3, "1000", 4 [pid 5051] <... futex resumed>) = 0 [pid 5059] <... memfd_create resumed>) = 3 [pid 5058] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5057] <... write resumed>) = 4 [pid 5051] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5058] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5057] close(3 [pid 5059] <... mmap resumed>) = 0x7f3105dd5000 [pid 5058] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5057] <... close resumed>) = 0 [pid 5057] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5033] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5060 attached [pid 5057] <... futex resumed>) = 0 [pid 5058] <... clone3 resumed> => {parent_tid=[5060]}, 88) = 5060 [pid 5033] <... openat resumed>) = 3 [pid 5057] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [ 69.293861][ T109] raw: 000000000000001c ffff888078e4d9b0 00000000ffffffff 0000000000000000 [ 69.311617][ T109] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 69.319268][ T109] page_owner tracks the page as allocated [pid 5060] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5058] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5058] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5058] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5060] <... rseq resumed>) = 0 [pid 5057] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5033] ioctl(3, LOOP_CLR_FD [pid 5060] set_robust_list(0x7f310e1f59a0, 24 [pid 5057] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5033] <... ioctl resumed>) = 0 [pid 5060] <... set_robust_list resumed>) = 0 [pid 5057] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5033] close(3 [pid 5060] rt_sigprocmask(SIG_SETMASK, [], [pid 5057] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5033] <... close resumed>) = 0 [pid 5060] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5057] <... mmap resumed>) = 0x7f310e1d5000 [pid 5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] memfd_create("syzkaller", 0 [pid 5033] <... clone resumed>, child_tidptr=0x555555695690) = 5061 ./strace-static-x86_64: Process 5061 attached [pid 5060] <... memfd_create resumed>) = 3 [pid 5057] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5061] set_robust_list(0x5555556956a0, 24 [pid 5057] <... mprotect resumed>) = 0 [pid 5061] <... set_robust_list resumed>) = 0 [pid 5060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5060] <... mmap resumed>) = 0x7f3105dd5000 [ 69.354029][ T109] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 5041, tgid 5034 (syz-executor388), ts 68890756815, free_ts 57556269723 [pid 5057] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5061] setpgid(0, 0 [pid 5057] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5061] <... setpgid resumed>) = 0 [pid 5057] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5062 attached [pid 5061] write(3, "1000", 4 [pid 5057] <... clone3 resumed> => {parent_tid=[5062]}, 88) = 5062 [pid 5062] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5061] <... write resumed>) = 4 [pid 5057] rt_sigprocmask(SIG_SETMASK, [], [pid 5061] close(3 [pid 5062] <... rseq resumed>) = 0 [pid 5057] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 69.395049][ T109] post_alloc_hook+0x1e6/0x210 [pid 5062] set_robust_list(0x7f310e1f59a0, 24 [pid 5061] <... close resumed>) = 0 [ 69.423053][ T109] get_page_from_freelist+0x31db/0x3360 [ 69.429137][ T109] __alloc_pages+0x255/0x670 [pid 5057] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] <... set_robust_list resumed>) = 0 [pid 5061] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5057] <... futex resumed>) = 0 [pid 5061] <... futex resumed>) = 0 [pid 5057] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5062] rt_sigprocmask(SIG_SETMASK, [], [pid 5061] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5062] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5061] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5062] memfd_create("syzkaller", 0 [pid 5061] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5062] <... memfd_create resumed>) = 3 [pid 5061] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5061] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5062] <... mmap resumed>) = 0x7f3105dd5000 [pid 5061] <... mmap resumed>) = 0x7f310e1d5000 [pid 5061] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5061] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5061] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} => {parent_tid=[5063]}, 88) = 5063 [pid 5061] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5061] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5061] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5063 attached [pid 5063] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5063] set_robust_list(0x7f310e1f59a0, 24) = 0 [pid 5063] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 69.463708][ T109] folio_alloc+0x1e/0x60 [ 69.468436][ T109] filemap_alloc_folio+0xde/0x500 [pid 5063] memfd_create("syzkaller", 0) = 3 [ 69.505584][ T109] do_read_cache_folio+0xed/0x810 [pid 5063] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3105dd5000 [ 69.552898][ T109] do_read_cache_page+0x30/0x210 [ 69.557883][ T109] __get_metapage+0x330/0x1040 [ 69.562694][ T109] diRead+0x5f4/0xae0 [ 69.624857][ T109] jfs_iget+0x8c/0x3b0 [ 69.652922][ T109] jfs_fill_super+0x808/0xc50 [ 69.657754][ T109] mount_bdev+0x237/0x300 [ 69.662120][ T109] legacy_get_tree+0xef/0x190 [ 69.709008][ T109] vfs_get_tree+0x8c/0x280 [ 69.722899][ T109] do_new_mount+0x28f/0xae0 [ 69.727528][ T109] __se_sys_mount+0x2d9/0x3c0 [ 69.732217][ T109] page last free stack trace: [ 69.793130][ T109] free_unref_page_prepare+0x8c3/0x9f0 [ 69.805251][ T109] free_unref_page+0x37/0x3f0 [ 69.818808][ T109] pipe_read+0x6e6/0x1300 [pid 5054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 69.852894][ T109] vfs_read+0x795/0xb00 [ 69.857281][ T109] ksys_read+0x1a0/0x2c0 [ 69.861550][ T109] do_syscall_64+0x41/0xc0 [pid 5056] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 69.913038][ T109] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 69.919020][ T109] Modules linked in: [ 69.938078][ T109] CPU: 0 PID: 109 Comm: jfsCommit Not tainted 6.6.0-rc7-syzkaller #0 [ 69.946172][ T109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 69.956240][ T109] Call Trace: [ 69.959532][ T109] [ 69.962476][ T109] dump_stack_lvl+0x1e7/0x2d0 [ 69.967198][ T109] ? nf_tcp_handle_invalid+0x650/0x650 [ 69.972707][ T109] ? is_module_text_address+0x180/0x180 [ 69.978288][ T109] ? dump_page+0x9c2/0x1090 [ 69.982825][ T109] bad_page+0x14b/0x170 [ 69.987018][ T109] free_unref_page_prepare+0x97c/0x9f0 [ 69.992507][ T109] free_unref_page+0x37/0x3f0 [ 69.997215][ T109] txUnlock+0x282/0xca0 [ 70.001401][ T109] ? lockdep_hardirqs_on+0x98/0x140 [ 70.006620][ T109] jfs_lazycommit+0x5d4/0xb70 [pid 5059] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 70.011341][ T109] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 70.017257][ T109] ? lockdep_hardirqs_on+0x98/0x140 [ 70.022475][ T109] ? txFreelock+0x580/0x580 [ 70.026996][ T109] ? do_task_dead+0xd0/0xd0 [ 70.031526][ T109] kthread+0x2d3/0x370 [ 70.035611][ T109] ? txFreelock+0x580/0x580 [ 70.040142][ T109] ? kthread_blkcg+0xd0/0xd0 [ 70.044747][ T109] ret_from_fork+0x48/0x80 [ 70.049194][ T109] ? kthread_blkcg+0xd0/0xd0 [ 70.053799][ T109] ret_from_fork_asm+0x11/0x20 [ 70.058616][ T109] [pid 5060] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 70.292993][ T109] Disabling lock debugging due to kernel taint [ 70.299262][ T109] page:ffffea0001d764c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x75d93 [ 70.332879][ T109] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 70.363359][ T109] page_type: 0xffffffff() [ 70.373173][ T109] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000 [pid 5063] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5060] <... write resumed>) = 16777216 [ 70.407251][ T109] raw: 000000000000001c ffff888078e4d9b0 00000000ffffffff 0000000000000000 [ 70.440927][ T109] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u)) [pid 5060] munmap(0x7f3105dd5000, 138412032 [pid 5063] <... write resumed>) = 16777216 [pid 5063] munmap(0x7f3105dd5000, 138412032) = 0 [pid 5060] <... munmap resumed>) = 0 [pid 5060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5060] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5060] ioctl(4, LOOP_CLR_FD) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5063] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5060] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5060] close(4) = 0 [pid 5063] ioctl(4, LOOP_CLR_FD [pid 5060] close(3 [pid 5063] <... ioctl resumed>) = 0 [ 70.476312][ T109] page_owner tracks the page as allocated [ 70.506870][ T109] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 5041, tgid 5034 (syz-executor388), ts 68890756815, free_ts 57556269723 [pid 5063] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5063] close(4) = 0 [pid 5063] close(3 [pid 5054] <... write resumed>) = 16777216 [pid 5056] <... write resumed>) = 16777216 [pid 5054] munmap(0x7f3105dd5000, 138412032 [pid 5056] munmap(0x7f3105dd5000, 138412032 [pid 5054] <... munmap resumed>) = 0 [pid 5056] <... munmap resumed>) = 0 [ 70.581116][ T109] post_alloc_hook+0x1e6/0x210 [pid 5059] <... write resumed>) = 16777216 [pid 5056] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5054] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5056] <... openat resumed>) = 4 [pid 5059] munmap(0x7f3105dd5000, 138412032 [pid 5056] ioctl(4, LOOP_SET_FD, 3 [pid 5054] <... openat resumed>) = 4 [pid 5056] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5056] ioctl(4, LOOP_CLR_FD) = 0 [pid 5054] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5056] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5054] ioctl(4, LOOP_CLR_FD [pid 5056] close(4 [pid 5054] <... ioctl resumed>) = 0 [pid 5056] <... close resumed>) = 0 [pid 5056] close(3 [pid 5054] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5054] close(4) = 0 [pid 5054] close(3 [pid 5059] <... munmap resumed>) = 0 [ 70.613387][ T109] get_page_from_freelist+0x31db/0x3360 [ 70.632042][ T109] __alloc_pages+0x255/0x670 [pid 5062] <... write resumed>) = 16777216 [pid 5059] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5062] munmap(0x7f3105dd5000, 138412032 [pid 5059] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5059] ioctl(4, LOOP_CLR_FD) = 0 [pid 5059] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5059] close(4) = 0 [ 70.654068][ T109] folio_alloc+0x1e/0x60 [ 70.673970][ T109] filemap_alloc_folio+0xde/0x500 [pid 5059] close(3 [pid 5062] <... munmap resumed>) = 0 [pid 5062] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5062] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [ 70.702773][ T109] do_read_cache_folio+0xed/0x810 [pid 5062] ioctl(4, LOOP_CLR_FD) = 0 [ 70.727819][ T109] do_read_cache_page+0x30/0x210 [pid 5062] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5062] close(4) = 0 [ 70.750316][ T109] __get_metapage+0x330/0x1040 [ 70.773334][ T109] diRead+0x5f4/0xae0 [ 70.811078][ T109] jfs_iget+0x8c/0x3b0 [ 70.823332][ T109] jfs_fill_super+0x808/0xc50 [pid 5062] close(3 [pid 5060] <... close resumed>) = 0 [pid 5060] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5060] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] <... futex resumed>) = 0 [pid 5058] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5060] <... futex resumed>) = 0 [pid 5060] rename("./file2", "./file1") = -1 EBUSY (Device or resource busy) [pid 5060] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5058] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5060] <... futex resumed>) = 0 [pid 5058] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 70.862881][ T109] mount_bdev+0x237/0x300 [ 70.867250][ T109] legacy_get_tree+0xef/0x190 [ 70.871942][ T109] vfs_get_tree+0x8c/0x280 [ 70.898924][ T109] do_new_mount+0x28f/0xae0 [pid 5060] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5060] <... futex resumed>) = 0 [pid 5058] <... futex resumed>) = 1 [pid 5060] mkdir(".", 0777 [pid 5058] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5060] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5060] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "") = -1 EINVAL (Invalid argument) [pid 5060] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5058] <... futex resumed>) = 0 [pid 5060] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5058] exit_group(0 [pid 5060] <... futex resumed>) = ? [pid 5058] <... exit_group resumed>) = ? [pid 5060] +++ exited with 0 +++ [pid 5058] +++ exited with 0 +++ [pid 5025] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5058, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=33 /* 0.33 s */} --- [pid 5025] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5063] <... close resumed>) = 0 [pid 5063] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5061] <... futex resumed>) = 0 [pid 5061] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5061] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] <... futex resumed>) = 1 [pid 5063] rename("./file2", "./file1" [pid 5025] <... openat resumed>) = 3 [pid 5063] <... rename resumed>) = -1 EBUSY (Device or resource busy) [pid 5025] ioctl(3, LOOP_CLR_FD) = 0 [pid 5025] close(3 [pid 5063] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5025] <... close resumed>) = 0 [pid 5025] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5063] <... futex resumed>) = 1 [pid 5061] <... futex resumed>) = 0 [pid 5061] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5061] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5063] mkdir(".", 0777) = -1 EEXIST (File exists) [pid 5063] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "") = -1 EINVAL (Invalid argument) [pid 5063] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5061] <... futex resumed>) = 0 [pid 5061] exit_group(0 [pid 5025] <... clone resumed>, child_tidptr=0x555555695690) = 5065 [pid 5065] set_robust_list(0x5555556956a0, 24 [pid 5061] <... exit_group resumed>) = ? [pid 5065] <... set_robust_list resumed>) = 0 [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5065] setpgid(0, 0 [pid 5063] +++ exited with 0 +++ [pid 5061] +++ exited with 0 +++ [pid 5065] <... setpgid resumed>) = 0 [pid 5033] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5061, si_uid=0, si_status=0, si_utime=8 /* 0.08 s */, si_stime=29 /* 0.29 s */} --- [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5033] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5065] <... openat resumed>) = 3 [pid 5033] <... openat resumed>) = 3 [pid 5065] write(3, "1000", 4 [pid 5033] ioctl(3, LOOP_CLR_FD [pid 5065] <... write resumed>) = 4 [pid 5033] <... ioctl resumed>) = 0 [pid 5065] close(3 [pid 5054] <... close resumed>) = 0 [pid 5033] close(3 [pid 5065] <... close resumed>) = 0 [pid 5065] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5033] <... close resumed>) = 0 [pid 5065] <... futex resumed>) = 0 [pid 5065] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5033] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5056] <... close resumed>) = 0 [pid 5065] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5033] <... clone resumed>, child_tidptr=0x555555695690) = 5066 [pid 5065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5056] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5049] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5066 attached [pid 5065] <... mmap resumed>) = 0x7f310e1d5000 [pid 5056] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5049] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] set_robust_list(0x5555556956a0, 24 [pid 5065] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5056] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5049] <... futex resumed>) = 0 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5056] rename("./file2", "./file1" [pid 5049] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] <... mprotect resumed>) = 0 [ 70.933564][ T109] __se_sys_mount+0x2d9/0x3c0 [ 70.948268][ T109] page last free stack trace: [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5056] <... rename resumed>) = -1 EBUSY (Device or resource busy) [pid 5054] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... prctl resumed>) = 0 [pid 5065] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5056] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5054] <... futex resumed>) = 1 [pid 5053] <... futex resumed>) = 0 [pid 5066] setpgid(0, 0 [pid 5065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5056] <... futex resumed>) = 1 [pid 5054] rename("./file2", "./file1" [pid 5053] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5049] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5067 attached [pid 5056] mkdir(".", 0777 [pid 5054] <... rename resumed>) = -1 EBUSY (Device or resource busy) [pid 5053] <... futex resumed>) = 0 [pid 5049] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5067] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5065] <... clone3 resumed> => {parent_tid=[5067]}, 88) = 5067 [pid 5056] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5054] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5053] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5049] <... futex resumed>) = 0 [pid 5067] <... rseq resumed>) = 0 [pid 5066] <... setpgid resumed>) = 0 [pid 5065] rt_sigprocmask(SIG_SETMASK, [], [pid 5056] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5054] <... futex resumed>) = 0 [pid 5053] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5049] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5067] set_robust_list(0x7f310e1f59a0, 24 [pid 5054] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5056] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5053] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5067] <... set_robust_list resumed>) = 0 [pid 5065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5053] <... futex resumed>) = 0 [pid 5067] rt_sigprocmask(SIG_SETMASK, [], [pid 5065] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5053] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5067] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... futex resumed>) = 0 [pid 5054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5067] memfd_create("syzkaller", 0 [pid 5065] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5067] <... memfd_create resumed>) = 3 [pid 5066] <... openat resumed>) = 3 [pid 5054] mkdir(".", 0777 [pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5054] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5054] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5067] <... mmap resumed>) = 0x7f3105dd5000 [pid 5054] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5054] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5053] <... futex resumed>) = 0 [pid 5054] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5053] exit_group(0) = ? [pid 5054] <... futex resumed>) = ? [pid 5056] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5054] +++ exited with 0 +++ [pid 5053] +++ exited with 0 +++ [pid 5035] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5053, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=24 /* 0.24 s */} --- [pid 5056] <... futex resumed>) = 1 [pid 5049] <... futex resumed>) = 0 [pid 5049] exit_group(0 [pid 5035] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] write(3, "1000", 4 [pid 5049] <... exit_group resumed>) = ? [pid 5035] <... openat resumed>) = 3 [pid 5035] ioctl(3, LOOP_CLR_FD) = 0 [pid 5035] close(3 [pid 5066] <... write resumed>) = 4 [pid 5056] +++ exited with 0 +++ [pid 5049] +++ exited with 0 +++ [pid 5035] <... close resumed>) = 0 [pid 5066] close(3 [pid 5035] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached [pid 5028] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5049, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=36 /* 0.36 s */} --- [pid 5068] set_robust_list(0x5555556956a0, 24 [pid 5035] <... clone resumed>, child_tidptr=0x555555695690) = 5068 [pid 5028] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5066] <... close resumed>) = 0 [pid 5028] <... openat resumed>) = 3 [pid 5028] ioctl(3, LOOP_CLR_FD) = 0 [pid 5028] close(3) = 0 [pid 5028] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached [pid 5066] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] set_robust_list(0x5555556956a0, 24 [pid 5066] <... futex resumed>) = 0 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5066] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5028] <... clone resumed>, child_tidptr=0x555555695690) = 5069 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5069] <... prctl resumed>) = 0 [pid 5068] <... prctl resumed>) = 0 [pid 5066] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5069] setpgid(0, 0 [pid 5068] setpgid(0, 0 [pid 5066] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5069] <... setpgid resumed>) = 0 [pid 5068] <... setpgid resumed>) = 0 [pid 5066] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [ 70.982994][ T109] free_unref_page_prepare+0x8c3/0x9f0 [ 70.988500][ T109] free_unref_page+0x37/0x3f0 [ 71.011972][ T109] pipe_read+0x6e6/0x1300 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... openat resumed>) = 3 [pid 5066] <... mmap resumed>) = 0x7f310e1d5000 [pid 5068] <... openat resumed>) = 3 [pid 5066] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5059] <... close resumed>) = 0 [pid 5069] write(3, "1000", 4 [pid 5068] write(3, "1000", 4 [pid 5066] <... mprotect resumed>) = 0 [pid 5068] <... write resumed>) = 4 [pid 5069] <... write resumed>) = 4 [pid 5068] close(3) = 0 [pid 5068] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5069] close(3 [pid 5068] <... futex resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5069] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5066] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5059] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... futex resumed>) = 0 [pid 5068] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5066] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5059] <... futex resumed>) = 1 [pid 5059] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5070 attached [pid 5069] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5066] <... clone3 resumed> => {parent_tid=[5070]}, 88) = 5070 [pid 5051] <... futex resumed>) = 0 [pid 5069] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5066] rt_sigprocmask(SIG_SETMASK, [], [pid 5051] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5068] <... mmap resumed>) = 0x7f310e1d5000 [pid 5051] <... futex resumed>) = 1 [pid 5059] <... futex resumed>) = 0 [pid 5069] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5068] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5059] rename("./file2", "./file1" [pid 5051] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5069] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5068] <... mprotect resumed>) = 0 [pid 5070] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5069] <... mmap resumed>) = 0x7f310e1d5000 [pid 5068] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5059] <... rename resumed>) = -1 EBUSY (Device or resource busy) [pid 5070] <... rseq resumed>) = 0 [pid 5069] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5068] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5062] <... close resumed>) = 0 [pid 5066] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5059] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] set_robust_list(0x7f310e1f59a0, 24 [pid 5069] <... mprotect resumed>) = 0 [pid 5068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5069] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5068] <... clone3 resumed> => {parent_tid=[5071]}, 88) = 5071 [pid 5069] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5068] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5069] <... clone3 resumed> => {parent_tid=[5072]}, 88) = 5072 [pid 5068] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] rt_sigprocmask(SIG_SETMASK, [], [pid 5068] <... futex resumed>) = 0 [pid 5069] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 71.042891][ T109] vfs_read+0x795/0xb00 [ 71.047099][ T109] ksys_read+0x1a0/0x2c0 [ 71.051362][ T109] do_syscall_64+0x41/0xc0 [pid 5068] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5072 attached ./strace-static-x86_64: Process 5071 attached [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5059] <... futex resumed>) = 1 [pid 5051] <... futex resumed>) = 0 [pid 5072] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5071] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5070] rt_sigprocmask(SIG_SETMASK, [], [pid 5069] <... futex resumed>) = 0 [pid 5066] <... futex resumed>) = 0 [pid 5062] <... futex resumed>) = 1 [pid 5059] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5057] <... futex resumed>) = 0 [pid 5051] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... rseq resumed>) = 0 [pid 5071] <... rseq resumed>) = 0 [pid 5070] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5069] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5066] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5062] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5059] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5057] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5051] <... futex resumed>) = 0 [pid 5072] set_robust_list(0x7f310e1f59a0, 24 [pid 5071] set_robust_list(0x7f310e1f59a0, 24 [pid 5057] <... futex resumed>) = 0 [pid 5051] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5059] mkdir(".", 0777 [pid 5062] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5072] <... set_robust_list resumed>) = 0 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] memfd_create("syzkaller", 0 [pid 5059] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5062] rename("./file2", "./file1" [pid 5072] rt_sigprocmask(SIG_SETMASK, [], [pid 5070] <... memfd_create resumed>) = 3 [pid 5071] rt_sigprocmask(SIG_SETMASK, [], [pid 5057] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5062] <... rename resumed>) = -1 EBUSY (Device or resource busy) [pid 5059] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5072] memfd_create("syzkaller", 0 [pid 5071] memfd_create("syzkaller", 0 [pid 5070] <... mmap resumed>) = 0x7f3105dd5000 [pid 5062] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] <... memfd_create resumed>) = 3 [pid 5071] <... memfd_create resumed>) = 3 [pid 5062] <... futex resumed>) = 1 [pid 5057] <... futex resumed>) = 0 [pid 5071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5057] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] <... mmap resumed>) = 0x7f3105dd5000 [pid 5057] <... futex resumed>) = 0 [pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5062] mkdir(".", 0777 [pid 5059] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5057] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5072] <... mmap resumed>) = 0x7f3105dd5000 [pid 5062] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5059] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5062] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" [pid 5059] <... futex resumed>) = 1 [pid 5051] <... futex resumed>) = 0 [pid 5051] exit_group(0) = ? [pid 5062] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5062] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5059] +++ exited with 0 +++ [pid 5051] +++ exited with 0 +++ [pid 5062] <... futex resumed>) = 1 [pid 5057] <... futex resumed>) = 0 [pid 5062] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5057] exit_group(0 [pid 5031] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5051, si_uid=0, si_status=0, si_utime=14 /* 0.14 s */, si_stime=33 /* 0.33 s */} --- [pid 5062] <... futex resumed>) = ? [pid 5057] <... exit_group resumed>) = ? [pid 5031] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5062] +++ exited with 0 +++ [pid 5057] +++ exited with 0 +++ [pid 5031] ioctl(3, LOOP_CLR_FD) = 0 [pid 5026] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5057, si_uid=0, si_status=0, si_utime=11 /* 0.11 s */, si_stime=20 /* 0.20 s */} --- [pid 5026] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5026] ioctl(3, LOOP_CLR_FD) = 0 [pid 5026] close(3) = 0 [pid 5026] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5031] close(3) = 0 [pid 5031] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5026] <... clone resumed>, child_tidptr=0x555555695690) = 5073 ./strace-static-x86_64: Process 5073 attached [pid 5073] set_robust_list(0x5555556956a0, 24./strace-static-x86_64: Process 5074 attached [pid 5074] set_robust_list(0x5555556956a0, 24 [pid 5031] <... clone resumed>, child_tidptr=0x555555695690) = 5074 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] <... set_robust_list resumed>) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] setpgid(0, 0 [pid 5073] <... prctl resumed>) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5074] <... setpgid resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... openat resumed>) = 3 [pid 5074] <... openat resumed>) = 3 [pid 5074] write(3, "1000", 4 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5074] <... write resumed>) = 4 [pid 5073] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5074] close(3) = 0 [pid 5074] futex(0x7f310e2c55ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5073] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5073] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f310e1d5000 [pid 5073] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5074] rt_sigaction(SIGRT_1, {sa_handler=0x7f310e25e460, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f310e24fb10}, [pid 5073] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5074] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5074] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5073] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} [pid 5074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5073] <... clone3 resumed> => {parent_tid=[5075]}, 88) = 5075 ./strace-static-x86_64: Process 5075 attached [pid 5073] rt_sigprocmask(SIG_SETMASK, [], [pid 5075] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053 [pid 5073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5075] <... rseq resumed>) = 0 [pid 5073] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] set_robust_list(0x7f310e1f59a0, 24 [pid 5073] <... futex resumed>) = 0 [pid 5075] <... set_robust_list resumed>) = 0 [ 71.114120][ T109] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 71.144250][ T109] ------------[ cut here ]------------ [ 71.149745][ T109] kernel BUG at include/linux/mm.h:1441! [ 71.187610][ T109] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 71.193710][ T109] CPU: 0 PID: 109 Comm: jfsCommit Tainted: G B 6.6.0-rc7-syzkaller #0 [ 71.203278][ T109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 71.213349][ T109] RIP: 0010:put_metapage+0x264/0x300 [ 71.218651][ T109] Code: 2c 24 49 81 e5 ff 0f 00 00 74 21 e8 b6 0e 7c fe e9 9b 00 00 00 e8 ac 0e 7c fe 48 8b 3c 24 48 c7 c6 60 35 42 8b e8 5c f5 bd fe <0f> 0b 48 8b 1c 24 48 89 df be 08 00 00 00 e8 19 92 d6 fe 48 c1 eb [ 71.238272][ T109] RSP: 0018:ffffc90002c4fc98 EFLAGS: 00010246 [ 71.244359][ T109] RAX: 11b663bae7acd700 RBX: 000000000000007f RCX: ffffffff816d7b40 [ 71.252354][ T109] RDX: 0000000000000000 RSI: ffffffff8b598240 RDI: ffffffff8b598200 [ 71.260352][ T109] RBP: ffff888078e4d9b0 R08: ffffffff8e99a86f R09: 1ffffffff1d3350d [ 71.268339][ T109] R10: dffffc0000000000 R11: fffffbfff1d3350e R12: dffffc0000000000 [ 71.276345][ T109] R13: ffffea0001d764f4 R14: 1ffff1100f1c9b3b R15: ffff888078e4d9d8 [ 71.284335][ T109] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 71.293284][ T109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.299899][ T109] CR2: 00007ffd1158f9d0 CR3: 0000000025737000 CR4: 00000000003506f0 [ 71.307892][ T109] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.315964][ T109] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.323951][ T109] Call Trace: [ 71.327244][ T109] [ 71.330181][ T109] ? __die_body+0x8b/0xe0 [ 71.334538][ T109] ? die+0xa1/0xd0 [ 71.338276][ T109] ? do_trap+0x153/0x380 [ 71.342548][ T109] ? put_metapage+0x264/0x300 [ 71.347240][ T109] ? do_error_trap+0x1dc/0x2c0 [ 71.352029][ T109] ? put_metapage+0x264/0x300 [ 71.356726][ T109] ? do_int3+0x50/0x50 [ 71.360823][ T109] ? handle_invalid_op+0x34/0x40 [ 71.365793][ T109] ? put_metapage+0x264/0x300 [ 71.370481][ T109] ? exc_invalid_op+0x33/0x50 [ 71.375188][ T109] ? asm_exc_invalid_op+0x1a/0x20 [ 71.380244][ T109] ? lock_release+0xb0/0x9d0 [ 71.384857][ T109] ? put_metapage+0x264/0x300 [ 71.389554][ T109] ? put_metapage+0x264/0x300 [ 71.394253][ T109] txUnlock+0x42f/0xca0 [ 71.398441][ T109] jfs_lazycommit+0x5d4/0xb70 [ 71.403143][ T109] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 71.409066][ T109] ? lockdep_hardirqs_on+0x98/0x140 [ 71.414390][ T109] ? txFreelock+0x580/0x580 [ 71.419003][ T109] ? do_task_dead+0xd0/0xd0 [ 71.423538][ T109] kthread+0x2d3/0x370 [ 71.427620][ T109] ? txFreelock+0x580/0x580 [ 71.432137][ T109] ? kthread_blkcg+0xd0/0xd0 [pid 5073] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5075] rt_sigprocmask(SIG_SETMASK, [], [pid 5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5075] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5075] memfd_create("syzkaller", 0 [pid 5074] <... mmap resumed>) = 0x7f310e1d5000 [pid 5074] mprotect(0x7f310e1d6000, 131072, PROT_READ|PROT_WRITE [pid 5075] <... memfd_create resumed>) = 3 [pid 5074] <... mprotect resumed>) = 0 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3105dd5000 [pid 5074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f310e1f5990, parent_tid=0x7f310e1f5990, exit_signal=0, stack=0x7f310e1d5000, stack_size=0x20300, tls=0x7f310e1f56c0} => {parent_tid=[5076]}, 88) = 5076 ./strace-static-x86_64: Process 5076 attached [pid 5074] rt_sigprocmask(SIG_SETMASK, [], [pid 5076] rseq(0x7f310e1f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5076] set_robust_list(0x7f310e1f59a0, 24) = 0 [ 71.436742][ T109] ret_from_fork+0x48/0x80 [ 71.441175][ T109] ? kthread_blkcg+0xd0/0xd0 [ 71.445776][ T109] ret_from_fork_asm+0x11/0x20 [ 71.450571][ T109] [ 71.453597][ T109] Modules linked in: [pid 5076] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5076] futex(0x7f310e2c55e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5074] futex(0x7f310e2c55e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 1 [pid 5076] memfd_create("syzkaller", 0 [pid 5074] futex(0x7f310e2c55ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5076] <... memfd_create resumed>) = 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3105dd5000 [ 71.506900][ T109] ---[ end trace 0000000000000000 ]--- [ 71.515138][ T109] RIP: 0010:put_metapage+0x264/0x300 [ 71.521045][ T109] Code: 2c 24 49 81 e5 ff 0f 00 00 74 21 e8 b6 0e 7c fe e9 9b 00 00 00 e8 ac 0e 7c fe 48 8b 3c 24 48 c7 c6 60 35 42 8b e8 5c f5 bd fe <0f> 0b 48 8b 1c 24 48 89 df be 08 00 00 00 e8 19 92 d6 fe 48 c1 eb [ 71.615357][ T109] RSP: 0018:ffffc90002c4fc98 EFLAGS: 00010246 [ 71.642873][ T109] RAX: 11b663bae7acd700 RBX: 000000000000007f RCX: ffffffff816d7b40 [ 71.651123][ T109] RDX: 0000000000000000 RSI: ffffffff8b598240 RDI: ffffffff8b598200 [ 71.667332][ T109] RBP: ffff888078e4d9b0 R08: ffffffff8e99a86f R09: 1ffffffff1d3350d [ 71.702912][ T109] R10: dffffc0000000000 R11: fffffbfff1d3350e R12: dffffc0000000000 [ 71.710931][ T109] R13: ffffea0001d764f4 R14: 1ffff1100f1c9b3b R15: ffff888078e4d9d8 [pid 5071] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [ 71.762870][ T109] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 71.771993][ T109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.782850][ T109] CR2: 00007f3106a95000 CR3: 0000000075ea2000 CR4: 00000000003506e0 [ 71.790944][ T109] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.835524][ T109] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.862856][ T109] Kernel panic - not syncing: Fatal exception [ 71.869275][ T109] Kernel Offset: disabled [ 71.873599][ T109] Rebooting in 86400 seconds..