./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1054201453 <...> Warning: Permanently added '10.128.0.6' (ECDSA) to the list of known hosts. execve("./syz-executor1054201453", ["./syz-executor1054201453"], 0x7fffc4680710 /* 10 vars */) = 0 brk(NULL) = 0x555555cde000 brk(0x555555cdec40) = 0x555555cdec40 arch_prctl(ARCH_SET_FS, 0x555555cde300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555cde5d0) = 5002 set_robust_list(0x555555cde5e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7ff672e7d4d0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7ff672e7dba0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7ff672e7d570, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff672e7dba0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1054201453", 4096) = 28 brk(0x555555cffc40) = 0x555555cffc40 brk(0x555555d00000) = 0x555555d00000 mprotect(0x7ff672f40000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cde5d0) = 5003 ./strace-static-x86_64: Process 5003 attached [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5002] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5004 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] getpid(./strace-static-x86_64: Process 5004 attached [pid 5002] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5005 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5003] <... getpid resumed>) = 5003 [pid 5003] mkdir("./syzkaller.BWb8Zt", 0700 [pid 5002] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5006 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cde5d0) = 5007 [pid 5002] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cde5d0) = 5008 ./strace-static-x86_64: Process 5007 attached [pid 5007] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5004] set_robust_list(0x555555cde5e0, 24 [pid 5007] getpid() = 5007 [pid 5007] mkdir("./syzkaller.keqjvP", 0700./strace-static-x86_64: Process 5006 attached [pid 5006] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5006] getpid() = 5006 [pid 5006] mkdir("./syzkaller.aWgNgI", 0700./strace-static-x86_64: Process 5005 attached [pid 5004] <... set_robust_list resumed>) = 0 [pid 5005] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5005] getpid( [pid 5004] getpid( [pid 5005] <... getpid resumed>) = 5005 [pid 5005] mkdir("./syzkaller.nIqEkD", 0700./strace-static-x86_64: Process 5008 attached [pid 5008] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5008] getpid( [pid 5004] <... getpid resumed>) = 5004 [pid 5008] <... getpid resumed>) = 5008 [pid 5008] mkdir("./syzkaller.1d2CwU", 0700 [pid 5004] mkdir("./syzkaller.lYJ5UB", 0700 [pid 5003] <... mkdir resumed>) = 0 [pid 5003] chmod("./syzkaller.BWb8Zt", 0777 [pid 5007] <... mkdir resumed>) = 0 [pid 5003] <... chmod resumed>) = 0 [pid 5003] chdir("./syzkaller.BWb8Zt" [pid 5006] <... mkdir resumed>) = 0 [pid 5003] <... chdir resumed>) = 0 [pid 5007] chmod("./syzkaller.keqjvP", 0777 [pid 5006] chmod("./syzkaller.aWgNgI", 0777 [pid 5007] <... chmod resumed>) = 0 [pid 5003] mkdir("./0", 0777 [pid 5007] chdir("./syzkaller.keqjvP" [pid 5006] <... chmod resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5003] <... mkdir resumed>) = 0 [pid 5007] <... chdir resumed>) = 0 [pid 5006] chdir("./syzkaller.aWgNgI" [pid 5003] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5005] chmod("./syzkaller.nIqEkD", 0777 [pid 5007] mkdir("./0", 0777 [pid 5006] <... chdir resumed>) = 0 [pid 5003] <... openat resumed>) = 3 [pid 5007] <... mkdir resumed>) = 0 [pid 5003] ioctl(3, LOOP_CLR_FD [pid 5007] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5006] mkdir("./0", 0777 [pid 5007] <... openat resumed>) = 3 [pid 5003] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5007] ioctl(3, LOOP_CLR_FD [pid 5006] <... mkdir resumed>) = 0 [pid 5003] close(3 [pid 5008] <... mkdir resumed>) = 0 [pid 5007] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5005] <... chmod resumed>) = 0 [pid 5004] <... mkdir resumed>) = 0 [pid 5003] <... close resumed>) = 0 [pid 5007] close(3 [pid 5006] <... openat resumed>) = 3 [pid 5007] <... close resumed>) = 0 [pid 5006] ioctl(3, LOOP_CLR_FD [pid 5007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5006] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5006] close(3 [pid 5004] chmod("./syzkaller.lYJ5UB", 0777 [pid 5006] <... close resumed>) = 0 [pid 5004] <... chmod resumed>) = 0 [pid 5006] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5004] chdir("./syzkaller.lYJ5UB" [pid 5007] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5009 [pid 5004] <... chdir resumed>) = 0 [pid 5004] mkdir("./0", 0777) = 0 ./strace-static-x86_64: Process 5009 attached ./strace-static-x86_64: Process 5010 attached [pid 5003] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5010] set_robust_list(0x555555cde5e0, 24 [pid 5009] set_robust_list(0x555555cde5e0, 24) = 0 [pid 5010] <... set_robust_list resumed>) = 0 [pid 5010] chdir("./0" [pid 5009] chdir("./0" [pid 5006] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5010 [pid 5005] chdir("./syzkaller.nIqEkD" [pid 5004] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5010] <... chdir resumed>) = 0 [pid 5009] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5011 attached [pid 5010] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5005] <... chdir resumed>) = 0 [pid 5004] <... openat resumed>) = 3 [pid 5010] <... prctl resumed>) = 0 [pid 5011] set_robust_list(0x555555cde5e0, 24 [pid 5010] setpgid(0, 0 [pid 5009] <... prctl resumed>) = 0 [pid 5008] chmod("./syzkaller.1d2CwU", 0777 [pid 5005] mkdir("./0", 0777 [pid 5004] ioctl(3, LOOP_CLR_FD [pid 5003] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5011 [pid 5011] <... set_robust_list resumed>) = 0 [pid 5010] <... setpgid resumed>) = 0 [pid 5009] setpgid(0, 0 [pid 5008] <... chmod resumed>) = 0 [pid 5011] chdir("./0" [pid 5010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5009] <... setpgid resumed>) = 0 [pid 5005] <... mkdir resumed>) = 0 [pid 5004] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5011] <... chdir resumed>) = 0 [pid 5008] chdir("./syzkaller.1d2CwU") = 0 [pid 5005] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5004] close(3 [pid 5011] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5010] <... openat resumed>) = 3 [pid 5009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5008] mkdir("./0", 0777 [pid 5005] <... openat resumed>) = 3 [pid 5004] <... close resumed>) = 0 [pid 5011] <... prctl resumed>) = 0 [pid 5010] write(3, "1000", 4 [pid 5009] <... openat resumed>) = 3 [pid 5008] <... mkdir resumed>) = 0 [pid 5005] ioctl(3, LOOP_CLR_FD [pid 5004] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5011] setpgid(0, 0 [pid 5010] <... write resumed>) = 4 [pid 5009] write(3, "1000", 4 [pid 5008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5005] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5011] <... setpgid resumed>) = 0 [pid 5010] close(3 [pid 5009] <... write resumed>) = 4 [pid 5008] <... openat resumed>) = 3 [pid 5005] close(3 [pid 5004] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5013 [pid 5011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5010] <... close resumed>) = 0 [pid 5009] close(3 [pid 5008] ioctl(3, LOOP_CLR_FD [pid 5005] <... close resumed>) = 0 [pid 5011] <... openat resumed>) = 3 [pid 5010] symlink("/dev/binderfs", "./binderfs" [pid 5009] <... close resumed>) = 0 [pid 5008] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5005] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5011] write(3, "1000", 4 [pid 5010] <... symlink resumed>) = 0 [pid 5009] symlink("/dev/binderfs", "./binderfs" [pid 5008] close(3 [pid 5011] <... write resumed>) = 4 [pid 5010] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5008] <... close resumed>) = 0 [pid 5005] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5014 ./strace-static-x86_64: Process 5013 attached [pid 5011] close(3 [pid 5010] <... futex resumed>) = 0 [pid 5009] <... symlink resumed>) = 0 [pid 5008] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5013] set_robust_list(0x555555cde5e0, 24 [pid 5011] <... close resumed>) = 0 [pid 5010] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... set_robust_list resumed>) = 0 [pid 5011] symlink("/dev/binderfs", "./binderfs" [pid 5010] <... mmap resumed>) = 0x7ff672e4c000 [pid 5009] <... futex resumed>) = 0 [pid 5008] <... clone resumed>, child_tidptr=0x555555cde5d0) = 5015 ./strace-static-x86_64: Process 5014 attached [pid 5013] chdir("./0" [pid 5011] <... symlink resumed>) = 0 [pid 5010] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE [pid 5009] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5014] set_robust_list(0x555555cde5e0, 24 [pid 5013] <... chdir resumed>) = 0 [pid 5011] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... mprotect resumed>) = 0 [pid 5009] <... mmap resumed>) = 0x7ff672e4c000 [pid 5014] <... set_robust_list resumed>) = 0 [pid 5013] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5011] <... futex resumed>) = 0 [pid 5010] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5009] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE [pid 5014] chdir("./0" [pid 5013] <... prctl resumed>) = 0 [pid 5011] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5009] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 5015 attached [pid 5014] <... chdir resumed>) = 0 [pid 5013] setpgid(0, 0 [pid 5011] <... mmap resumed>) = 0x7ff672e4c000 [pid 5010] <... clone resumed>, parent_tid=[5016], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5016 [pid 5009] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5014] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5013] <... setpgid resumed>) = 0 [pid 5011] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE [pid 5010] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] <... prctl resumed>) = 0 [pid 5013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5011] <... mprotect resumed>) = 0 [pid 5010] <... futex resumed>) = 0 [pid 5009] <... clone resumed>, parent_tid=[5017], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5017 ./strace-static-x86_64: Process 5016 attached [pid 5015] set_robust_list(0x555555cde5e0, 24 [pid 5014] setpgid(0, 0 [pid 5013] <... openat resumed>) = 3 [pid 5011] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5010] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5009] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] set_robust_list(0x7ff672e6c9e0, 24 [pid 5015] <... set_robust_list resumed>) = 0 [pid 5014] <... setpgid resumed>) = 0 [pid 5013] write(3, "1000", 4 [pid 5009] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5017 attached [pid 5016] <... set_robust_list resumed>) = 0 [pid 5015] chdir("./0" [pid 5014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5013] <... write resumed>) = 4 [pid 5011] <... clone resumed>, parent_tid=[5018], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5018 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5017] set_robust_list(0x7ff672e6c9e0, 24 [pid 5016] memfd_create("syzkaller", 0 [pid 5015] <... chdir resumed>) = 0 [pid 5014] <... openat resumed>) = 3 [pid 5013] close(3 [pid 5011] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5017] <... set_robust_list resumed>) = 0 [pid 5015] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5014] write(3, "1000", 4 [pid 5013] <... close resumed>) = 0 [pid 5017] memfd_create("syzkaller", 0 [pid 5014] <... write resumed>) = 4 [pid 5013] symlink("/dev/binderfs", "./binderfs" [pid 5017] <... memfd_create resumed>) = 3 [pid 5014] close(3 [pid 5013] <... symlink resumed>) = 0 [pid 5017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5014] <... close resumed>) = 0 [pid 5013] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5017] <... mmap resumed>) = 0x7ff66aa4c000 [pid 5014] symlink("/dev/binderfs", "./binderfs" [pid 5013] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5018 attached [pid 5016] <... memfd_create resumed>) = 3 [pid 5015] <... prctl resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5018] set_robust_list(0x7ff672e6c9e0, 24 [pid 5016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5015] setpgid(0, 0 [pid 5014] <... symlink resumed>) = 0 [pid 5013] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5011] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5018] <... set_robust_list resumed>) = 0 [pid 5016] <... mmap resumed>) = 0x7ff66aa4c000 [pid 5015] <... setpgid resumed>) = 0 [pid 5014] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... mmap resumed>) = 0x7ff672e4c000 [pid 5018] memfd_create("syzkaller", 0 [pid 5015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5014] <... futex resumed>) = 0 [pid 5013] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE [pid 5018] <... memfd_create resumed>) = 3 [pid 5015] <... openat resumed>) = 3 [pid 5014] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5015] write(3, "1000", 4 [pid 5013] <... mprotect resumed>) = 0 [pid 5018] <... mmap resumed>) = 0x7ff66aa4c000 [pid 5015] <... write resumed>) = 4 [pid 5014] <... mmap resumed>) = 0x7ff672e4c000 [pid 5015] close(3 [pid 5014] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE [pid 5013] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5015] <... close resumed>) = 0 ./strace-static-x86_64: Process 5019 attached [pid 5015] symlink("/dev/binderfs", "./binderfs" [pid 5014] <... mprotect resumed>) = 0 [pid 5019] set_robust_list(0x7ff672e6c9e0, 24 [pid 5015] <... symlink resumed>) = 0 [pid 5015] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5015] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5014] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5013] <... clone resumed>, parent_tid=[5019], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5019 [pid 5019] <... set_robust_list resumed>) = 0 [pid 5015] <... mmap resumed>) = 0x7ff672e4c000 [pid 5015] mprotect(0x7ff672e4d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5013] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] memfd_create("syzkaller", 0 [pid 5015] clone(child_stack=0x7ff672e6c3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5019] <... memfd_create resumed>) = 3 [pid 5014] <... clone resumed>, parent_tid=[5020], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5020 [pid 5013] <... futex resumed>) = 0 [pid 5019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5017] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5015] <... clone resumed>, parent_tid=[5021], tls=0x7ff672e6c700, child_tidptr=0x7ff672e6c9d0) = 5021 [pid 5015] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5019] <... mmap resumed>) = 0x7ff66aa4c000 [pid 5015] <... futex resumed>) = 0 [pid 5015] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5014] <... futex resumed>) = 0 [pid 5014] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5021 attached [pid 5021] set_robust_list(0x7ff672e6c9e0, 24) = 0 syzkaller login: [ 59.063101][ T5016] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5016 'syz-executor105' [pid 5021] memfd_create("syzkaller", 0) = 3 [pid 5018] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5020 attached ) = 0x7ff66aa4c000 [pid 5020] set_robust_list(0x7ff672e6c9e0, 24) = 0 [pid 5019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5016] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5020] memfd_create("syzkaller", 0) = 3 [pid 5020] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff66aa4c000 [pid 5018] <... write resumed>) = 2097152 [pid 5021] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5020] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152 [pid 5018] munmap(0x7ff66aa4c000, 2097152 [pid 5017] <... write resumed>) = 2097152 [pid 5016] <... write resumed>) = 2097152 [pid 5018] <... munmap resumed>) = 0 [pid 5017] munmap(0x7ff66aa4c000, 2097152 [pid 5018] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5018] ioctl(4, LOOP_SET_FD, 3 [pid 5017] <... munmap resumed>) = 0 [pid 5021] <... write resumed>) = 2097152 [pid 5018] <... ioctl resumed>) = 0 [pid 5017] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5016] munmap(0x7ff66aa4c000, 2097152 [pid 5018] close(3 [pid 5017] <... openat resumed>) = 4 [pid 5016] <... munmap resumed>) = 0 [pid 5018] <... close resumed>) = 0 [pid 5016] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5018] mkdir("./bus", 0777 [pid 5017] ioctl(4, LOOP_SET_FD, 3 [pid 5016] <... openat resumed>) = 4 [pid 5018] <... mkdir resumed>) = 0 [pid 5016] ioctl(4, LOOP_SET_FD, 3 [pid 5018] mount("/dev/loop0", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5016] <... ioctl resumed>) = 0 [pid 5021] munmap(0x7ff66aa4c000, 2097152 [pid 5019] <... write resumed>) = 2097152 [pid 5021] <... munmap resumed>) = 0 [pid 5016] close(3) = 0 [pid 5021] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5016] mkdir("./bus", 0777 [pid 5021] <... openat resumed>) = 4 [pid 5020] <... write resumed>) = 2097152 [pid 5016] <... mkdir resumed>) = 0 [pid 5021] ioctl(4, LOOP_SET_FD, 3 [ 59.213183][ T5018] loop0: detected capacity change from 0 to 4096 [ 59.234330][ T5016] loop3: detected capacity change from 0 to 4096 [ 59.234557][ T5017] loop4: detected capacity change from 0 to 4096 [pid 5016] mount("/dev/loop3", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5021] <... ioctl resumed>) = 0 [pid 5020] munmap(0x7ff66aa4c000, 2097152 [pid 5017] <... ioctl resumed>) = 0 [pid 5020] <... munmap resumed>) = 0 [pid 5019] munmap(0x7ff66aa4c000, 2097152 [pid 5017] close(3) = 0 [pid 5017] mkdir("./bus", 0777 [pid 5019] <... munmap resumed>) = 0 [pid 5017] <... mkdir resumed>) = 0 [pid 5020] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5017] mount("/dev/loop4", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5020] <... openat resumed>) = 4 [ 59.274315][ T5021] loop5: detected capacity change from 0 to 4096 [ 59.282758][ T5018] NILFS (loop0): invalid segment: Checksum error in segment payload [ 59.314144][ T5019] loop1: detected capacity change from 0 to 4096 [pid 5020] ioctl(4, LOOP_SET_FD, 3 [pid 5019] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5020] <... ioctl resumed>) = 0 [pid 5021] close(3 [pid 5019] close(3 [pid 5020] close(3 [pid 5021] <... close resumed>) = 0 [pid 5020] <... close resumed>) = 0 [pid 5021] mkdir("./bus", 0777 [pid 5020] mkdir("./bus", 0777 [pid 5019] <... close resumed>) = 0 [pid 5020] <... mkdir resumed>) = 0 [pid 5020] mount("/dev/loop2", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5019] mkdir("./bus", 0777) = 0 [pid 5019] mount("/dev/loop1", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5021] <... mkdir resumed>) = 0 [ 59.314551][ T5020] loop2: detected capacity change from 0 to 4096 [ 59.321090][ T5018] NILFS (loop0): trying rollback from an earlier position [ 59.335821][ T5017] NILFS (loop4): invalid segment: Checksum error in segment payload [ 59.349209][ T5016] NILFS (loop3): invalid segment: Checksum error in segment payload [ 59.358514][ T5017] NILFS (loop4): trying rollback from an earlier position [ 59.389222][ T5016] NILFS (loop3): trying rollback from an earlier position [ 59.392852][ T5020] NILFS (loop2): invalid segment: Checksum error in segment payload [ 59.401516][ T5019] NILFS (loop1): invalid segment: Checksum error in segment payload [ 59.409859][ T5021] NILFS (loop5): invalid segment: Checksum error in segment payload [ 59.421893][ T5021] NILFS (loop5): trying rollback from an earlier position [pid 5021] mount("/dev/loop5", "./bus", "nilfs2", MS_NODIRATIME|MS_REC, "" [pid 5017] <... mount resumed>) = 0 [ 59.442925][ T5020] NILFS (loop2): trying rollback from an earlier position [ 59.445310][ T5018] NILFS (loop0): recovery complete [ 59.458154][ T5017] NILFS (loop4): recovery complete [ 59.459763][ T5019] NILFS (loop1): trying rollback from an earlier position [ 59.470934][ T5020] NILFS (loop2): recovery complete [ 59.476710][ T5021] NILFS (loop5): recovery complete [ 59.477564][ T5024] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5017] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5017] chdir("./bus") = 0 [pid 5017] ioctl(4, LOOP_CLR_FD) = 0 [pid 5017] close(4) = 0 [pid 5017] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5009] <... futex resumed>) = 0 [pid 5017] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5009] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5017] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5009] <... futex resumed>) = 0 [pid 5017] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5017] <... open resumed>) = 4 [pid 5018] <... mount resumed>) = 0 [pid 5018] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5017] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5018] <... openat resumed>) = 3 [pid 5017] <... futex resumed>) = 1 [pid 5009] <... futex resumed>) = 0 [pid 5009] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5018] chdir("./bus" [pid 5017] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5018] <... chdir resumed>) = 0 [pid 5017] <... open resumed>) = 5 [pid 5018] ioctl(4, LOOP_CLR_FD [pid 5017] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5018] <... ioctl resumed>) = 0 [pid 5017] <... futex resumed>) = 1 [pid 5009] <... futex resumed>) = 0 [pid 5018] close(4 [pid 5017] ftruncate(5, 33587195 [pid 5009] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... mount resumed>) = 0 [ 59.482776][ T5016] NILFS (loop3): recovery complete [ 59.510533][ T5027] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 59.521541][ T5025] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 59.521975][ T5026] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5020] <... mount resumed>) = 0 [pid 5018] <... close resumed>) = 0 [pid 5009] <... futex resumed>) = 0 [pid 5021] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5020] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5018] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5017] <... ftruncate resumed>) = 0 [pid 5016] <... mount resumed>) = 0 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] <... openat resumed>) = 3 [pid 5020] <... openat resumed>) = 3 [pid 5018] <... futex resumed>) = 1 [pid 5017] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5011] <... futex resumed>) = 0 [pid 5021] chdir("./bus" [pid 5020] chdir("./bus" [pid 5021] <... chdir resumed>) = 0 [pid 5020] <... chdir resumed>) = 0 [pid 5021] ioctl(4, LOOP_CLR_FD [pid 5020] ioctl(4, LOOP_CLR_FD [pid 5021] <... ioctl resumed>) = 0 [pid 5020] <... ioctl resumed>) = 0 [pid 5021] close(4 [pid 5020] close(4 [pid 5021] <... close resumed>) = 0 [pid 5020] <... close resumed>) = 0 [pid 5021] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5020] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... futex resumed>) = 1 [pid 5020] <... futex resumed>) = 1 [pid 5014] <... futex resumed>) = 0 [pid 5021] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5020] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5014] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5020] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5014] <... futex resumed>) = 0 [pid 5020] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5014] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5020] <... open resumed>) = 4 [pid 5018] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5017] <... futex resumed>) = 1 [pid 5016] <... openat resumed>) = 3 [pid 5015] <... futex resumed>) = 0 [pid 5011] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5009] <... futex resumed>) = 0 [pid 5019] <... mount resumed>) = 0 [pid 5020] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5017] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5016] chdir("./bus" [pid 5015] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] <... futex resumed>) = 0 [pid 5009] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... futex resumed>) = 0 [pid 5020] <... futex resumed>) = 1 [pid 5019] <... openat resumed>) = 3 [pid 5017] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5016] <... chdir resumed>) = 0 [pid 5015] <... futex resumed>) = 1 [pid 5018] <... open resumed>) = 4 [pid 5014] <... futex resumed>) = 0 [pid 5011] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5009] <... futex resumed>) = 0 [pid 5021] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5019] chdir("./bus" [pid 5014] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5020] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5019] <... chdir resumed>) = 0 [pid 5014] <... futex resumed>) = 0 [pid 5009] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5019] ioctl(4, LOOP_CLR_FD [pid 5017] sendfile(4, 5, NULL, 281474978811909 [pid 5015] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5014] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5020] <... open resumed>) = 5 [pid 5019] <... ioctl resumed>) = 0 [pid 5019] close(4) = 0 [pid 5019] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5013] <... futex resumed>) = 0 [pid 5019] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5013] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5013] <... futex resumed>) = 0 [pid 5019] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5013] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] <... open resumed>) = 4 [pid 5020] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] <... open resumed>) = 4 [pid 5018] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] ioctl(4, LOOP_CLR_FD [pid 5021] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5020] <... futex resumed>) = 1 [pid 5019] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] <... futex resumed>) = 0 [pid 5021] <... futex resumed>) = 1 [pid 5020] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5019] <... futex resumed>) = 1 [pid 5018] <... futex resumed>) = 1 [pid 5016] <... ioctl resumed>) = 0 [pid 5015] <... futex resumed>) = 0 [pid 5014] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... futex resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5021] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5020] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5019] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5018] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5016] close(4 [pid 5015] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] <... futex resumed>) = 0 [pid 5013] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5020] ftruncate(5, 33587195 [pid 5019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5018] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5016] <... close resumed>) = 0 [pid 5015] <... futex resumed>) = 0 [pid 5014] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5013] <... futex resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5021] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5020] <... ftruncate resumed>) = 0 [pid 5019] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5018] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5016] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5015] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5013] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5019] <... open resumed>) = 5 [pid 5018] <... open resumed>) = 5 [pid 5021] <... open resumed>) = 5 [pid 5020] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5018] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] <... futex resumed>) = 1 [pid 5010] <... futex resumed>) = 0 [pid 5021] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5020] <... futex resumed>) = 1 [pid 5019] <... futex resumed>) = 1 [pid 5018] <... futex resumed>) = 1 [pid 5016] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5014] <... futex resumed>) = 0 [pid 5013] <... futex resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5010] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... futex resumed>) = 1 [pid 5020] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5019] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 59.545689][ T5019] NILFS (loop1): recovery complete [ 59.553965][ T5028] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 59.564924][ T5029] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [pid 5018] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5016] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5015] <... futex resumed>) = 0 [pid 5014] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5011] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... futex resumed>) = 0 [pid 5021] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5020] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5018] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5016] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5015] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5014] <... futex resumed>) = 0 [pid 5013] <... futex resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5010] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5020] sendfile(4, 5, NULL, 281474978811909 [pid 5019] ftruncate(5, 33587195 [pid 5018] ftruncate(5, 33587195 [pid 5016] <... open resumed>) = 4 [pid 5015] <... futex resumed>) = 0 [pid 5014] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5013] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] ftruncate(5, 33587195 [pid 5019] <... ftruncate resumed>) = 0 [pid 5018] <... ftruncate resumed>) = 0 [pid 5016] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5015] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] <... ftruncate resumed>) = 0 [pid 5019] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5018] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] <... futex resumed>) = 1 [pid 5010] <... futex resumed>) = 0 [pid 5021] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5019] <... futex resumed>) = 1 [pid 5018] <... futex resumed>) = 1 [pid 5016] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000 [pid 5013] <... futex resumed>) = 0 [pid 5011] <... futex resumed>) = 0 [pid 5010] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] <... futex resumed>) = 1 [pid 5019] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5018] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5015] <... futex resumed>) = 0 [pid 5013] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5021] futex(0x7ff672f467a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5018] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5016] <... open resumed>) = 5 [pid 5015] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5013] <... futex resumed>) = 0 [pid 5011] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5010] <... futex resumed>) = 0 [pid 5021] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5019] sendfile(4, 5, NULL, 281474978811909 [pid 5018] sendfile(4, 5, NULL, 281474978811909 [pid 5016] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5015] <... futex resumed>) = 0 [pid 5013] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] <... futex resumed>) = 0 [pid 5010] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5021] sendfile(4, 5, NULL, 281474978811909 [pid 5009] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5015] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5011] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5010] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5010] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5016] <... futex resumed>) = 0 [pid 5010] <... futex resumed>) = 0 [pid 5014] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5016] ftruncate(5, 33587195 [pid 5010] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5016] <... ftruncate resumed>) = 0 [pid 5016] futex(0x7ff672f467ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5010] <... futex resumed>) = 0 [pid 5016] sendfile(4, 5, NULL, 281474978811909 [pid 5013] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5010] futex(0x7ff672f467a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5015] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5011] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 59.776394][ T5029] ------------[ cut here ]------------ [ 59.782242][ T5029] WARNING: CPU: 0 PID: 5029 at fs/nilfs2/btree.c:2283 nilfs_btree_assign+0x978/0xdf0 [ 59.792294][ T5029] Modules linked in: [ 59.796295][ T5029] CPU: 0 PID: 5029 Comm: segctord Not tainted 6.4.0-rc2-next-20230515-syzkaller #0 [ 59.805770][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 59.816072][ T5029] RIP: 0010:nilfs_btree_assign+0x978/0xdf0 [ 59.821988][ T5029] Code: 00 00 00 00 e9 83 f8 ff ff e8 b4 78 55 fe 44 89 e6 bf fe ff ff ff e8 c7 74 55 fe 41 83 fc fe 0f 85 8a fb ff ff e8 98 78 55 fe <0f> 0b e9 7e fb ff ff e8 8c 78 55 fe 48 89 eb 48 c7 44 24 28 18 00 [ 59.841717][ T5029] RSP: 0018:ffffc90003c7f9f0 EFLAGS: 00010293 [ 59.847852][ T5029] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 59.855913][ T5029] RDX: ffff88802725bb80 RSI: ffffffff832eab18 RDI: 0000000000000005 [ 59.863950][ T5029] RBP: ffff888073e1a020 R08: 0000000000000005 R09: 00000000fffffffe [pid 5010] futex(0x7ff672f467ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [ 59.871987][ T5029] R10: 00000000fffffffe R11: 0000000000094001 R12: 00000000fffffffe [ 59.879998][ T5029] R13: ffffc90003c7fc78 R14: ffffc90003c7fcb8 R15: 0000000000000082 [ 59.888064][ T5029] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 59.897218][ T5029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.903926][ T5029] CR2: 0000562733436658 CR3: 00000000724ed000 CR4: 00000000003506f0 [ 59.911984][ T5029] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.920196][ T5029] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.928633][ T5029] Call Trace: [ 59.931994][ T5029] [ 59.934955][ T5029] ? lock_acquire+0x32/0xc0 [ 59.939509][ T5029] ? nilfs_bmap_assign+0x2f/0x180 [ 59.944612][ T5029] ? nilfs_btree_seek_key+0x450/0x450 [ 59.950031][ T5029] ? down_write+0x14f/0x200 [ 59.954978][ T5029] ? down_write_killable_nested+0x250/0x250 [ 59.960924][ T5029] ? up_write+0x1b4/0x520 [ 59.965336][ T5029] ? __getblk_gfp+0x4f/0x80 [ 59.969895][ T5029] nilfs_bmap_assign+0x87/0x180 [ 59.974998][ T5029] nilfs_segctor_do_construct+0x14d2/0x7200 [ 59.981016][ T5029] ? nilfs_segctor_abort_construction+0xe20/0xe20 [ 59.987582][ T5029] ? do_raw_spin_lock+0x124/0x2b0 [ 59.992727][ T5029] ? spin_bug+0x1c0/0x1c0 [ 59.997117][ T5029] ? do_raw_spin_unlock+0x175/0x230 [ 60.002421][ T5029] ? _raw_spin_unlock+0x28/0x40 [ 60.007321][ T5029] nilfs_segctor_construct+0x8e3/0xb30 [ 60.012899][ T5029] ? rcu_is_watching+0x12/0xb0 [ 60.017703][ T5029] ? trace_nilfs2_transaction_transition+0x17d/0x1c0 [ 60.024472][ T5029] nilfs_segctor_thread+0x3c7/0xf30 [ 60.029729][ T5029] ? nilfs_segctor_construct+0xb30/0xb30 [ 60.035484][ T5029] ? prepare_to_swait_exclusive+0x240/0x240 [ 60.041437][ T5029] ? __kthread_parkme+0x163/0x220 [ 60.046565][ T5029] ? nilfs_segctor_construct+0xb30/0xb30 [ 60.052318][ T5029] kthread+0x344/0x440 [ 60.056431][ T5029] ? kthread_complete_and_exit+0x40/0x40 [ 60.062158][ T5029] ret_from_fork+0x1f/0x30 [ 60.066648][ T5029] [ 60.069699][ T5029] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 60.076996][ T5029] CPU: 0 PID: 5029 Comm: segctord Not tainted 6.4.0-rc2-next-20230515-syzkaller #0 [ 60.086306][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 60.096389][ T5029] Call Trace: [ 60.099695][ T5029] [ 60.102652][ T5029] dump_stack_lvl+0xd9/0x150 [ 60.107298][ T5029] panic+0x686/0x730 [ 60.111236][ T5029] ? panic_smp_self_stop+0xa0/0xa0 [ 60.116385][ T5029] ? show_trace_log_lvl+0x285/0x390 [ 60.121656][ T5029] ? nilfs_btree_assign+0x978/0xdf0 [ 60.126899][ T5029] check_panic_on_warn+0xb1/0xc0 [ 60.131887][ T5029] __warn+0xf2/0x390 [ 60.135811][ T5029] ? nilfs_btree_assign+0x978/0xdf0 [ 60.141021][ T5029] report_bug+0x2da/0x500 [ 60.145377][ T5029] handle_bug+0x3c/0x70 [ 60.149540][ T5029] exc_invalid_op+0x18/0x50 [ 60.154049][ T5029] asm_exc_invalid_op+0x1a/0x20 [ 60.158918][ T5029] RIP: 0010:nilfs_btree_assign+0x978/0xdf0 [ 60.164749][ T5029] Code: 00 00 00 00 e9 83 f8 ff ff e8 b4 78 55 fe 44 89 e6 bf fe ff ff ff e8 c7 74 55 fe 41 83 fc fe 0f 85 8a fb ff ff e8 98 78 55 fe <0f> 0b e9 7e fb ff ff e8 8c 78 55 fe 48 89 eb 48 c7 44 24 28 18 00 [ 60.184381][ T5029] RSP: 0018:ffffc90003c7f9f0 EFLAGS: 00010293 [ 60.190461][ T5029] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 60.198437][ T5029] RDX: ffff88802725bb80 RSI: ffffffff832eab18 RDI: 0000000000000005 [ 60.206413][ T5029] RBP: ffff888073e1a020 R08: 0000000000000005 R09: 00000000fffffffe [ 60.214393][ T5029] R10: 00000000fffffffe R11: 0000000000094001 R12: 00000000fffffffe [ 60.222372][ T5029] R13: ffffc90003c7fc78 R14: ffffc90003c7fcb8 R15: 0000000000000082 [ 60.230377][ T5029] ? nilfs_btree_assign+0x978/0xdf0 [ 60.235642][ T5029] ? lock_acquire+0x32/0xc0 [ 60.240179][ T5029] ? nilfs_bmap_assign+0x2f/0x180 [ 60.245223][ T5029] ? nilfs_btree_seek_key+0x450/0x450 [ 60.250623][ T5029] ? down_write+0x14f/0x200 [ 60.255172][ T5029] ? down_write_killable_nested+0x250/0x250 [ 60.261109][ T5029] ? up_write+0x1b4/0x520 [ 60.265460][ T5029] ? __getblk_gfp+0x4f/0x80 [ 60.269983][ T5029] nilfs_bmap_assign+0x87/0x180 [ 60.274870][ T5029] nilfs_segctor_do_construct+0x14d2/0x7200 [ 60.280818][ T5029] ? nilfs_segctor_abort_construction+0xe20/0xe20 [ 60.287259][ T5029] ? do_raw_spin_lock+0x124/0x2b0 [ 60.292306][ T5029] ? spin_bug+0x1c0/0x1c0 [ 60.296654][ T5029] ? do_raw_spin_unlock+0x175/0x230 [ 60.301870][ T5029] ? _raw_spin_unlock+0x28/0x40 [ 60.306744][ T5029] nilfs_segctor_construct+0x8e3/0xb30 [ 60.312228][ T5029] ? rcu_is_watching+0x12/0xb0 [ 60.316996][ T5029] ? trace_nilfs2_transaction_transition+0x17d/0x1c0 [ 60.323714][ T5029] nilfs_segctor_thread+0x3c7/0xf30 [ 60.328940][ T5029] ? nilfs_segctor_construct+0xb30/0xb30 [ 60.334595][ T5029] ? prepare_to_swait_exclusive+0x240/0x240 [ 60.340506][ T5029] ? __kthread_parkme+0x163/0x220 [ 60.345554][ T5029] ? nilfs_segctor_construct+0xb30/0xb30 [ 60.351207][ T5029] kthread+0x344/0x440 [ 60.355287][ T5029] ? kthread_complete_and_exit+0x40/0x40 [ 60.360937][ T5029] ret_from_fork+0x1f/0x30 [ 60.365377][ T5029] [ 60.368447][ T5029] Kernel Offset: disabled [ 60.372852][ T5029] Rebooting in 86400 seconds..