./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1157945732 <...> Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts. execve("./syz-executor1157945732", ["./syz-executor1157945732"], 0x7ffdf5fc2b60 /* 10 vars */) = 0 brk(NULL) = 0x555555f8e000 brk(0x555555f8ec40) = 0x555555f8ec40 arch_prctl(ARCH_SET_FS, 0x555555f8e300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1157945732", 4096) = 28 brk(0x555555fafc40) = 0x555555fafc40 brk(0x555555fb0000) = 0x555555fb0000 mprotect(0x7f9c5fa1b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached , child_tidptr=0x555555f8e5d0) = 5072 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] getpid(./strace-static-x86_64: Process 5073 attached ) = 5072 [pid 5071] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5073 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] mkdir("./syzkaller.ANdWCG", 0700 [pid 5071] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5074 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached ./strace-static-x86_64: Process 5074 attached [pid 5073] getpid( [pid 5071] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5075 [pid 5073] <... getpid resumed>) = 5073 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] mkdir("./syzkaller.6h9ylN", 0700 [pid 5071] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5076 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] getpid( [pid 5071] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5077 [pid 5075] <... getpid resumed>) = 5075 [pid 5075] mkdir("./syzkaller.bCPfwV", 0700 [pid 5074] getpid(./strace-static-x86_64: Process 5076 attached ) = 5074 [pid 5076] getpid(./strace-static-x86_64: Process 5077 attached ) = 5076 [pid 5074] mkdir("./syzkaller.EzivwS", 0700 [pid 5076] mkdir("./syzkaller.JduuPZ", 0700 [pid 5077] getpid() = 5077 [pid 5077] mkdir("./syzkaller.Bps8k5", 0700 [pid 5072] <... mkdir resumed>) = 0 [pid 5072] chmod("./syzkaller.ANdWCG", 0777) = 0 [pid 5072] chdir("./syzkaller.ANdWCG" [pid 5073] <... mkdir resumed>) = 0 [pid 5072] <... chdir resumed>) = 0 [pid 5072] mkdir("./0", 0777 [pid 5075] <... mkdir resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] chmod("./syzkaller.bCPfwV", 0777 [pid 5074] <... mkdir resumed>) = 0 [pid 5073] chmod("./syzkaller.6h9ylN", 0777) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... chmod resumed>) = 0 [pid 5074] chmod("./syzkaller.EzivwS", 0777 [pid 5073] chdir("./syzkaller.6h9ylN" [pid 5077] chmod("./syzkaller.Bps8k5", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] chdir("./syzkaller.bCPfwV" [pid 5073] <... chdir resumed>) = 0 [pid 5074] <... chmod resumed>) = 0 [pid 5073] mkdir("./0", 0777 [pid 5076] chmod("./syzkaller.JduuPZ", 0777 [pid 5075] <... chdir resumed>) = 0 [pid 5074] chdir("./syzkaller.EzivwS" [pid 5077] <... chmod resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5075] mkdir("./0", 0777 [pid 5074] <... chdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] <... openat resumed>) = 3 [pid 5077] chdir("./syzkaller.Bps8k5" [pid 5075] <... mkdir resumed>) = 0 [pid 5074] mkdir("./0", 0777 [pid 5077] <... chdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5077] mkdir("./0", 0777 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5076] <... chmod resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5074] <... mkdir resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] chdir("./syzkaller.JduuPZ" [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5076] <... chdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] mkdir("./0", 0777 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... openat resumed>) = 3 [pid 5072] close(3 [pid 5077] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] close(3 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5074] close(3 [pid 5073] <... close resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5078 attached [pid 5077] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] close(3 [pid 5076] close(3 [pid 5075] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5079 [pid 5073] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5080 [pid 5077] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5081 [pid 5072] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5078 ./strace-static-x86_64: Process 5079 attached [pid 5078] chdir("./0" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached ./strace-static-x86_64: Process 5080 attached [pid 5079] chdir("./0" [pid 5078] <... chdir resumed>) = 0 [pid 5080] chdir("./0" [pid 5081] chdir("./0" [pid 5079] <... chdir resumed>) = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5083 [pid 5076] <... clone resumed>, child_tidptr=0x555555f8e5d0) = 5082 [pid 5081] <... chdir resumed>) = 0 [pid 5080] <... chdir resumed>) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5082 attached [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... prctl resumed>) = 0 [pid 5078] setpgid(0, 0./strace-static-x86_64: Process 5083 attached [pid 5082] chdir("./0" [pid 5081] <... prctl resumed>) = 0 [pid 5080] <... prctl resumed>) = 0 [pid 5079] setpgid(0, 0 [pid 5078] <... setpgid resumed>) = 0 [pid 5083] chdir("./0" [pid 5082] <... chdir resumed>) = 0 [pid 5081] setpgid(0, 0 [pid 5080] setpgid(0, 0 [pid 5079] <... setpgid resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] <... chdir resumed>) = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5081] <... setpgid resumed>) = 0 [pid 5080] <... setpgid resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5082] <... prctl resumed>) = 0 [pid 5083] <... prctl resumed>) = 0 [pid 5082] setpgid(0, 0 [pid 5081] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5079] write(3, "1000", 4 [pid 5078] write(3, "1000", 4 [pid 5083] setpgid(0, 0 [pid 5082] <... setpgid resumed>) = 0 [pid 5081] write(3, "1000", 4 [pid 5080] write(3, "1000", 4 [pid 5079] <... write resumed>) = 4 [pid 5078] <... write resumed>) = 4 [pid 5083] <... setpgid resumed>) = 0 [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5081] <... write resumed>) = 4 [pid 5080] <... write resumed>) = 4 [pid 5079] close(3 [pid 5078] close(3 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5082] <... openat resumed>) = 3 [pid 5081] close(3 [pid 5080] close(3 [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5083] <... openat resumed>) = 3 [pid 5082] write(3, "1000", 4 [pid 5081] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] symlink("/dev/binderfs", "./binderfs" [pid 5078] symlink("/dev/binderfs", "./binderfs" [pid 5083] write(3, "1000", 4 [pid 5082] <... write resumed>) = 4 [pid 5081] symlink("/dev/binderfs", "./binderfs" [pid 5080] symlink("/dev/binderfs", "./binderfs" [pid 5083] <... write resumed>) = 4 [pid 5079] <... symlink resumed>) = 0 [pid 5078] <... symlink resumed>) = 0 [pid 5081] <... symlink resumed>) = 0 [pid 5083] close(3) = 0 [pid 5082] close(3 [pid 5080] <... symlink resumed>) = 0 [pid 5083] symlink("/dev/binderfs", "./binderfs" [pid 5082] <... close resumed>) = 0 [pid 5081] memfd_create("syzkaller", 0 [pid 5080] memfd_create("syzkaller", 0 [pid 5079] memfd_create("syzkaller", 0 [pid 5078] memfd_create("syzkaller", 0 [pid 5083] <... symlink resumed>) = 0 [pid 5082] symlink("/dev/binderfs", "./binderfs" [pid 5083] memfd_create("syzkaller", 0) = 3 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9c5755f000 [pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5082] <... symlink resumed>) = 0 [pid 5080] <... memfd_create resumed>) = 3 [pid 5079] <... memfd_create resumed>) = 3 [pid 5078] <... memfd_create resumed>) = 3 [pid 5082] memfd_create("syzkaller", 0 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5082] <... memfd_create resumed>) = 3 [pid 5079] <... mmap resumed>) = 0x7f9c5755f000 [pid 5078] <... mmap resumed>) = 0x7f9c5755f000 [pid 5083] munmap(0x7f9c5755f000, 524288 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... mmap resumed>) = 0x7f9c5755f000 [pid 5083] <... munmap resumed>) = 0 [pid 5083] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5083] ioctl(4, LOOP_SET_FD, 3 [pid 5082] <... mmap resumed>) = 0x7f9c5755f000 [pid 5083] <... ioctl resumed>) = 0 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5081] <... memfd_create resumed>) = 3 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9c5755f000 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... write resumed>) = 524288 [pid 5082] <... write resumed>) = 524288 [pid 5083] close(3) = 0 [pid 5079] <... write resumed>) = 524288 [pid 5083] mkdir("./file0", 0777) = 0 [pid 5083] mount("/dev/loop5", "./file0", "hfsplus", 0, "" [pid 5082] munmap(0x7f9c5755f000, 524288 [pid 5081] <... write resumed>) = 524288 [pid 5080] munmap(0x7f9c5755f000, 524288 [pid 5079] munmap(0x7f9c5755f000, 524288 [pid 5078] <... write resumed>) = 524288 [pid 5082] <... munmap resumed>) = 0 [pid 5080] <... munmap resumed>) = 0 [pid 5079] <... munmap resumed>) = 0 [pid 5078] munmap(0x7f9c5755f000, 524288 [pid 5082] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5082] <... openat resumed>) = 4 [pid 5081] munmap(0x7f9c5755f000, 524288 [pid 5080] <... openat resumed>) = 4 [pid 5078] <... munmap resumed>) = 0 [pid 5082] ioctl(4, LOOP_SET_FD, 3 [pid 5081] <... munmap resumed>) = 0 [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 4 syzkaller login: [ 57.374552][ T5081] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5081 'syz-executor115' [ 57.401191][ T5083] loop5: detected capacity change from 0 to 1024 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5081] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3 [pid 5082] <... ioctl resumed>) = 0 [pid 5081] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... openat resumed>) = 4 [pid 5082] close(3 [pid 5081] close(3) = 0 [pid 5081] mkdir("./file0", 0777) = 0 [pid 5081] mount("/dev/loop2", "./file0", "hfsplus", 0, "" [pid 5078] ioctl(4, LOOP_SET_FD, 3 [pid 5083] <... mount resumed>) = 0 [pid 5082] <... close resumed>) = 0 [pid 5080] close(3 [pid 5079] <... ioctl resumed>) = 0 [pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5081] <... mount resumed>) = 0 [pid 5083] <... openat resumed>) = 3 [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5083] ioctl(4, LOOP_CLR_FD [pid 5081] <... openat resumed>) = 3 [pid 5083] <... ioctl resumed>) = 0 [pid 5082] mkdir("./file0", 0777 [pid 5081] ioctl(4, LOOP_CLR_FD [pid 5080] <... close resumed>) = 0 [pid 5079] close(3 [pid 5078] <... ioctl resumed>) = 0 [pid 5083] close(4 [pid 5081] <... ioctl resumed>) = 0 [pid 5080] mkdir("./file0", 0777 [pid 5079] <... close resumed>) = 0 [pid 5083] <... close resumed>) = 0 [pid 5081] close(4 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] mkdir("./file0", 0777 [pid 5078] close(3 [pid 5083] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5082] <... mkdir resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5080] mount("/dev/loop1", "./file0", "hfsplus", 0, "" [pid 5083] <... openat resumed>) = 4 [pid 5082] mount("/dev/loop4", "./file0", "hfsplus", 0, "" [pid 5081] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5083] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5081] <... openat resumed>) = 4 [pid 5080] <... mount resumed>) = 0 [pid 5079] mount("/dev/loop3", "./file0", "hfsplus", 0, "" [pid 5078] mkdir("./file0", 0777 [pid 5082] <... mount resumed>) = 0 [pid 5081] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 5082] <... openat resumed>) = 3 [pid 5080] ioctl(4, LOOP_CLR_FD [pid 5079] <... mount resumed>) = 0 [pid 5078] mount("/dev/loop0", "./file0", "hfsplus", 0, "" [pid 5082] ioctl(4, LOOP_CLR_FD [pid 5080] <... ioctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5082] <... ioctl resumed>) = 0 [pid 5080] close(4 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... mount resumed>) = 0 [pid 5082] close(4 [pid 5080] <... close resumed>) = 0 [pid 5079] ioctl(4, LOOP_CLR_FD [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5082] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5082] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5080] <... openat resumed>) = 4 [pid 5079] close(4 [pid 5078] ioctl(4, LOOP_CLR_FD [pid 5082] <... openat resumed>) = 4 [pid 5080] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... close resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5082] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] openat(AT_FDCWD, "/dev/loop5", O_RDONLY [pid 5078] close(4 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5079] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] openat(AT_FDCWD, "/dev/loop5", O_RDONLY) = 4 [ 57.453944][ T5082] loop4: detected capacity change from 0 to 1024 [ 57.460104][ T5081] loop2: detected capacity change from 0 to 1024 [ 57.461113][ T5080] loop1: detected capacity change from 0 to 1024 [ 57.476625][ T5079] loop3: detected capacity change from 0 to 1024 [ 57.490609][ T5078] loop0: detected capacity change from 0 to 1024 [pid 5078] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5083] <... ioctl resumed>) = 0 [pid 5082] <... ioctl resumed>) = 0 [pid 5081] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5083] exit_group(0 [pid 5082] exit_group(0 [pid 5081] exit_group(0 [pid 5080] exit_group(0 [pid 5079] exit_group(0 [pid 5078] exit_group(0 [pid 5083] <... exit_group resumed>) = ? [pid 5082] <... exit_group resumed>) = ? [pid 5081] <... exit_group resumed>) = ? [pid 5080] <... exit_group resumed>) = ? [pid 5079] <... exit_group resumed>) = ? [pid 5078] <... exit_group resumed>) = ? [pid 5083] +++ exited with 0 +++ [pid 5082] +++ exited with 0 +++ [pid 5081] +++ exited with 0 +++ [pid 5080] +++ exited with 0 +++ [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5079] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5078] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] <... restart_syscall resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] <... restart_syscall resumed>) = 0 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5077] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5075] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 3 [pid 5077] fstat(3, [pid 5076] fstat(3, [pid 5075] <... openat resumed>) = 3 [pid 5074] fstat(3, [pid 5073] <... openat resumed>) = 3 [pid 5072] fstat(3, [pid 5077] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] fstat(3, [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] fstat(3, [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5077] getdents64(3, [pid 5076] getdents64(3, [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(3, [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, [pid 5077] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5075] getdents64(3, [pid 5074] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5073] getdents64(3, [pid 5072] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5074] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x555555f8f620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] lstat("./0/binderfs", [pid 5076] lstat("./0/binderfs", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./0/binderfs", [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./0/binderfs", [pid 5077] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] lstat("./0/binderfs", [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] lstat("./0/binderfs", [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5077] unlink("./0/binderfs" [pid 5076] unlink("./0/binderfs" [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] unlink("./0/binderfs" [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] unlink("./0/binderfs" [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] unlink("./0/binderfs" [pid 5074] <... unlink resumed>) = 0 [pid 5073] unlink("./0/binderfs" [pid 5072] <... unlink resumed>) = 0 [pid 5077] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [ 57.607444][ T41] ================================================================== [ 57.615603][ T41] BUG: KASAN: slab-out-of-bounds in copy_page_from_iter_atomic+0x8d3/0x1140 [ 57.624337][ T41] Read of size 2048 at addr ffff88801e14c000 by task kworker/u4:2/41 [ 57.632466][ T41] [ 57.634813][ T41] CPU: 0 PID: 41 Comm: kworker/u4:2 Not tainted 6.3.0-rc3-syzkaller #0 [ 57.643082][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [pid 5074] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... unlink resumed>) = 0 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 57.653161][ T41] Workqueue: loop5 loop_rootcg_workfn [ 57.658597][ T41] Call Trace: [ 57.661898][ T41] [ 57.664848][ T41] dump_stack_lvl+0x1e7/0x2d0 [ 57.669567][ T41] ? nf_tcp_handle_invalid+0x650/0x650 [ 57.675066][ T41] ? panic+0x770/0x770 [ 57.679166][ T41] ? _printk+0xd5/0x120 [ 57.683362][ T41] print_report+0x163/0x540 [ 57.687901][ T41] ? shmem_get_folio_gfp+0x32ed/0x36b0 [ 57.693402][ T41] ? __virt_addr_valid+0x22f/0x2e0 [ 57.698561][ T41] ? __phys_addr+0xba/0x170 [ 57.703107][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 57.709115][ T41] kasan_report+0x176/0x1b0 [ 57.713652][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 57.719670][ T41] kasan_check_range+0x283/0x290 [ 57.724643][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 57.730654][ T41] __asan_memcpy+0x29/0x70 [ 57.735107][ T41] copy_page_from_iter_atomic+0x8d3/0x1140 [ 57.740947][ T41] ? pipe_zero+0x230/0x230 [ 57.745395][ T41] ? shmem_write_begin+0x265/0x4f0 [ 57.750537][ T41] ? shmem_writepage+0x1f20/0x1f20 [ 57.755683][ T41] ? fault_in_iov_iter_readable+0x232/0x280 [ 57.761709][ T41] generic_perform_write+0x370/0x5e0 [ 57.767035][ T41] ? generic_file_direct_write+0x460/0x460 [ 57.772869][ T41] ? __file_remove_privs+0x640/0x640 [ 57.778190][ T41] ? generic_write_checks+0x160/0x1c0 [ 57.783609][ T41] __generic_file_write_iter+0x17a/0x400 [ 57.789315][ T41] generic_file_write_iter+0xaf/0x310 [ 57.794723][ T41] do_iter_write+0x6ea/0xc50 [ 57.799356][ T41] ? vfs_iter_write+0xa0/0xa0 [ 57.804079][ T41] ? rcu_read_lock_bh_held+0x120/0x120 [ 57.809578][ T41] ? _raw_spin_unlock_irq+0x23/0x50 [ 57.814814][ T41] ? vfs_iter_write+0x6d/0xa0 [ 57.819528][ T41] loop_process_work+0x144a/0x2220 [ 57.824681][ T41] ? loop_workfn+0x50/0x50 [ 57.829230][ T41] ? read_lock_is_recursive+0x20/0x20 [ 57.834608][ T41] ? print_irqtrace_events+0x220/0x220 [ 57.840092][ T41] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 57.845995][ T41] process_one_work+0x8a0/0x10e0 [ 57.851101][ T41] ? worker_detach_from_pool+0x290/0x290 [ 57.856736][ T41] ? _raw_spin_lock_irqsave+0x120/0x120 [ 57.862376][ T41] ? kthread_data+0x52/0xc0 [ 57.866880][ T41] ? wq_worker_running+0x9b/0x1a0 [ 57.871901][ T41] worker_thread+0xa63/0x1210 [ 57.876600][ T41] kthread+0x270/0x300 [ 57.880664][ T41] ? pr_cont_work+0x5e0/0x5e0 [ 57.885338][ T41] ? kthread_blkcg+0xd0/0xd0 [ 57.889922][ T41] ret_from_fork+0x1f/0x30 [ 57.894350][ T41] [ 57.897363][ T41] [ 57.899675][ T41] Allocated by task 5083: [ 57.904081][ T41] kasan_set_track+0x4f/0x70 [ 57.908667][ T41] __kasan_kmalloc+0x98/0xb0 [ 57.913271][ T41] __kmalloc+0xb9/0x230 [ 57.917429][ T41] hfsplus_read_wrapper+0x530/0x1330 [ 57.922705][ T41] hfsplus_fill_super+0x38e/0x1c90 [ 57.927813][ T41] mount_bdev+0x271/0x3a0 [ 57.932148][ T41] legacy_get_tree+0xef/0x190 [ 57.936825][ T41] vfs_get_tree+0x8c/0x270 [ 57.941246][ T41] do_new_mount+0x28f/0xae0 [ 57.945743][ T41] __se_sys_mount+0x2d9/0x3c0 [ 57.950425][ T41] do_syscall_64+0x41/0xc0 [ 57.954852][ T41] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.960751][ T41] [ 57.963069][ T41] The buggy address belongs to the object at ffff88801e14c000 [ 57.963069][ T41] which belongs to the cache kmalloc-512 of size 512 [ 57.977730][ T41] The buggy address is located 0 bytes inside of [ 57.977730][ T41] allocated 512-byte region [ffff88801e14c000, ffff88801e14c200) [ 57.992114][ T41] [ 57.994428][ T41] The buggy address belongs to the physical page: [ 58.000843][ T41] page:ffffea0000785300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e14c [ 58.011005][ T41] head:ffffea0000785300 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 58.019955][ T41] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 58.028022][ T41] raw: 00fff00000010200 ffff888012441c80 dead000000000100 dead000000000122 [ 58.036602][ T41] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 58.045174][ T41] page dumped because: kasan: bad access detected [ 58.051582][ T41] page_owner tracks the page as allocated [ 58.057289][ T41] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 801, tgid 801 (kworker/u4:1), ts 8160852403, free_ts 0 [ 58.077527][ T41] get_page_from_freelist+0x3246/0x33c0 [ 58.083090][ T41] __alloc_pages+0x255/0x670 [ 58.087679][ T41] alloc_slab_page+0x6a/0x160 [ 58.092352][ T41] new_slab+0x84/0x2f0 [ 58.096412][ T41] ___slab_alloc+0xa85/0x10a0 [ 58.101088][ T41] __kmem_cache_alloc_node+0x1b8/0x290 [ 58.106549][ T41] kmalloc_trace+0x2a/0xe0 [ 58.110980][ T41] alloc_bprm+0x57/0x710 [ 58.115223][ T41] kernel_execve+0x96/0xa10 [ 58.119721][ T41] call_usermodehelper_exec_async+0x233/0x370 [ 58.125783][ T41] ret_from_fork+0x1f/0x30 [ 58.130202][ T41] page_owner free stack trace missing [ 58.135575][ T41] [ 58.137899][ T41] Memory state around the buggy address: [ 58.143518][ T41] ffff88801e14c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.151577][ T41] ffff88801e14c180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.159628][ T41] >ffff88801e14c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.167705][ T41] ^ [ 58.171781][ T41] ffff88801e14c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.179844][ T41] ffff88801e14c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.187906][ T41] ================================================================== [ 58.196131][ T41] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 58.203339][ T41] CPU: 0 PID: 41 Comm: kworker/u4:2 Not tainted 6.3.0-rc3-syzkaller #0 [ 58.212019][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 58.222081][ T41] Workqueue: loop5 loop_rootcg_workfn [ 58.227477][ T41] Call Trace: [ 58.230771][ T41] [ 58.233719][ T41] dump_stack_lvl+0x1e7/0x2d0 [ 58.238421][ T41] ? nf_tcp_handle_invalid+0x650/0x650 [ 58.243907][ T41] ? panic+0x770/0x770 [ 58.247991][ T41] ? vscnprintf+0x5d/0x80 [ 58.252327][ T41] panic+0x31c/0x770 [ 58.256315][ T41] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 58.262482][ T41] ? check_panic_on_warn+0x21/0xa0 [ 58.267603][ T41] ? memcpy_page_flushcache+0x100/0x100 [ 58.273160][ T41] ? mark_lock+0x9a/0x340 [ 58.277496][ T41] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 58.283407][ T41] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 58.289335][ T41] ? _raw_spin_unlock+0x40/0x40 [ 58.294207][ T41] check_panic_on_warn+0x82/0xa0 [ 58.299161][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 58.305159][ T41] end_report+0x63/0x110 [ 58.309422][ T41] kasan_report+0x183/0x1b0 [ 58.313957][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 58.319964][ T41] kasan_check_range+0x283/0x290 [ 58.324952][ T41] ? copy_page_from_iter_atomic+0x8d3/0x1140 [ 58.330957][ T41] __asan_memcpy+0x29/0x70 [ 58.335391][ T41] copy_page_from_iter_atomic+0x8d3/0x1140 [ 58.341227][ T41] ? pipe_zero+0x230/0x230 [ 58.345648][ T41] ? shmem_write_begin+0x265/0x4f0 [ 58.350767][ T41] ? shmem_writepage+0x1f20/0x1f20 [ 58.355888][ T41] ? fault_in_iov_iter_readable+0x232/0x280 [ 58.361793][ T41] generic_perform_write+0x370/0x5e0 [ 58.367111][ T41] ? generic_file_direct_write+0x460/0x460 [ 58.372923][ T41] ? __file_remove_privs+0x640/0x640 [ 58.378226][ T41] ? generic_write_checks+0x160/0x1c0 [ 58.383615][ T41] __generic_file_write_iter+0x17a/0x400 [ 58.389344][ T41] generic_file_write_iter+0xaf/0x310 [ 58.394738][ T41] do_iter_write+0x6ea/0xc50 [ 58.399343][ T41] ? vfs_iter_write+0xa0/0xa0 [ 58.404029][ T41] ? rcu_read_lock_bh_held+0x120/0x120 [ 58.409502][ T41] ? _raw_spin_unlock_irq+0x23/0x50 [ 58.414723][ T41] ? vfs_iter_write+0x6d/0xa0 [ 58.419411][ T41] loop_process_work+0x144a/0x2220 [ 58.424543][ T41] ? loop_workfn+0x50/0x50 [ 58.428972][ T41] ? read_lock_is_recursive+0x20/0x20 [ 58.434349][ T41] ? print_irqtrace_events+0x220/0x220 [ 58.439813][ T41] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 58.445719][ T41] process_one_work+0x8a0/0x10e0 [ 58.450671][ T41] ? worker_detach_from_pool+0x290/0x290 [ 58.456311][ T41] ? _raw_spin_lock_irqsave+0x120/0x120 [ 58.461859][ T41] ? kthread_data+0x52/0xc0 [ 58.466363][ T41] ? wq_worker_running+0x9b/0x1a0 [ 58.471386][ T41] worker_thread+0xa63/0x1210 [ 58.476079][ T41] kthread+0x270/0x300 [ 58.480233][ T41] ? pr_cont_work+0x5e0/0x5e0 [ 58.484911][ T41] ? kthread_blkcg+0xd0/0xd0 [ 58.489509][ T41] ret_from_fork+0x1f/0x30 [ 58.493940][ T41] [ 58.497223][ T41] Kernel Offset: disabled [ 58.501564][ T41] Rebooting in 86400 seconds..