./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2003129113 <...> Warning: Permanently added '10.128.0.200' (ECDSA) to the list of known hosts. [ 22.600707][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! execve("./syz-executor2003129113", ["./syz-executor2003129113"], 0x7ffcc23b9230 /* 10 vars */) = 0 brk(NULL) = 0x555555cab000 brk(0x555555cabd40) = 0x555555cabd40 arch_prctl(ARCH_SET_FS, 0x555555cab400) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555cab6d0) = 371 set_robust_list(0x555555cab6e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f3f6fbf1830, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f3f6fbf0d80}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f3f6fbf18d0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f3f6fbf0d80}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2003129113", 4096) = 28 brk(0x555555cccd40) = 0x555555cccd40 brk(0x555555ccd000) = 0x555555ccd000 mprotect(0x7f3f6fcb3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 371 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) fstat(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "371", 3) = 3 close(3) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f3f6fbeb710, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f3f6fbf0d80}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f3f6fbeb710, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f3f6fbf0d80}, NULL, 8) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 372 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 373 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 374 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 375 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 376 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 377 ./strace-static-x86_64: Process 377 attached [pid 377] set_robust_list(0x555555cab6e0, 24) = 0 [pid 377] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 375 attached [pid 375] set_robust_list(0x555555cab6e0, 24) = 0 [pid 375] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 377] <... openat resumed>) = 3 ./strace-static-x86_64: Process 376 attached ./strace-static-x86_64: Process 372 attached ./strace-static-x86_64: Process 373 attached [pid 376] set_robust_list(0x555555cab6e0, 24 [pid 372] set_robust_list(0x555555cab6e0, 24 [pid 376] <... set_robust_list resumed>) = 0 [pid 373] set_robust_list(0x555555cab6e0, 24 [pid 372] <... set_robust_list resumed>) = 0 [pid 375] <... openat resumed>) = 3 [pid 375] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 375] close(3) = 0 [pid 377] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 375] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 377] close(3) = 0 [pid 377] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 375] <... clone resumed>, child_tidptr=0x555555cab6d0) = 378 [pid 377] <... clone resumed>, child_tidptr=0x555555cab6d0) = 379 ./strace-static-x86_64: Process 374 attached [pid 374] set_robust_list(0x555555cab6e0, 24) = 0 [pid 374] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 374] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 374] close(3) = 0 [pid 374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 380 ./strace-static-x86_64: Process 379 attached [pid 379] set_robust_list(0x555555cab6e0, 24) = 0 [pid 379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 379] setpgid(0, 0) = 0 [pid 379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 379] write(3, "1000", 4) = 4 [pid 379] close(3) = 0 [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f3f6fbc0000 [pid 379] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 379] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[381], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 381 [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 381 attached [pid 381] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 381] memfd_create("syzkaller", 0) = 3 [pid 381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 381] munmap(0x7f3f677c0000, 1048576) = 0 [pid 381] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 381] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 376] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 381] close(3) = 0 [pid 381] mkdir("./file0", 0777) = 0 [ 22.757983][ T23] audit: type=1400 audit(1678605624.850:73): avc: denied { execmem } for pid=371 comm="syz-executor200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 22.777747][ T23] audit: type=1400 audit(1678605624.870:74): avc: denied { read write } for pid=377 comm="syz-executor200" name="loop5" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 381] mount("/dev/loop5", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue"./strace-static-x86_64: Process 380 attached ./strace-static-x86_64: Process 378 attached [pid 376] <... openat resumed>) = 3 [pid 373] <... set_robust_list resumed>) = 0 [pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 380] set_robust_list(0x555555cab6e0, 24 [pid 378] set_robust_list(0x555555cab6e0, 24 [pid 376] ioctl(3, LOOP_CLR_FD [pid 373] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 372] <... openat resumed>) = 3 [pid 380] <... set_robust_list resumed>) = 0 [pid 378] <... set_robust_list resumed>) = 0 [pid 376] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 373] <... openat resumed>) = 3 [pid 372] ioctl(3, LOOP_CLR_FD [pid 380] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 378] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 376] close(3 [pid 373] ioctl(3, LOOP_CLR_FD [pid 372] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 378] <... prctl resumed>) = 0 [pid 373] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 372] close(3 [pid 376] <... close resumed>) = 0 [ 22.807152][ T23] audit: type=1400 audit(1678605624.870:75): avc: denied { open } for pid=377 comm="syz-executor200" path="/dev/loop5" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 380] <... prctl resumed>) = 0 [pid 378] setpgid(0, 0 [pid 376] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 373] close(3 [pid 372] <... close resumed>) = 0 [pid 380] setpgid(0, 0 [pid 378] <... setpgid resumed>) = 0 [pid 373] <... close resumed>) = 0 [pid 372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 380] <... setpgid resumed>) = 0 [pid 378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 378] <... openat resumed>) = 3 [pid 376] <... clone resumed>, child_tidptr=0x555555cab6d0) = 388 [pid 372] <... clone resumed>, child_tidptr=0x555555cab6d0) = 389 [pid 380] <... openat resumed>) = 3 [pid 378] write(3, "1000", 4 [pid 373] <... clone resumed>, child_tidptr=0x555555cab6d0) = 390 [pid 380] write(3, "1000", 4 [pid 378] <... write resumed>) = 4 [pid 380] <... write resumed>) = 4 [pid 378] close(3 [pid 380] close(3 [pid 378] <... close resumed>) = 0 [pid 380] <... close resumed>) = 0 [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] <... futex resumed>) = 0 [pid 380] <... futex resumed>) = 0 [pid 378] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 378] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 380] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 378] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 380] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 378] <... mprotect resumed>) = 0 [pid 380] <... mprotect resumed>) = 0 [pid 378] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 380] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 378] <... clone resumed>, parent_tid=[391], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 391 [pid 380] <... clone resumed>, parent_tid=[392], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 392 [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] <... futex resumed>) = 0 [pid 380] <... futex resumed>) = 0 [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 392 attached ./strace-static-x86_64: Process 391 attached ./strace-static-x86_64: Process 390 attached ./strace-static-x86_64: Process 389 attached ./strace-static-x86_64: Process 388 attached [pid 392] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 392] memfd_create("syzkaller", 0) = 3 [pid 392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 391] set_robust_list(0x7f3f6fbe09e0, 24 [pid 390] set_robust_list(0x555555cab6e0, 24 [pid 389] set_robust_list(0x555555cab6e0, 24 [pid 388] set_robust_list(0x555555cab6e0, 24 [pid 381] <... mount resumed>) = 0 [pid 391] <... set_robust_list resumed>) = 0 [pid 390] <... set_robust_list resumed>) = 0 [pid 389] <... set_robust_list resumed>) = 0 [pid 388] <... set_robust_list resumed>) = 0 [pid 391] memfd_create("syzkaller", 0 [pid 390] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 389] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 388] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 391] <... memfd_create resumed>) = 3 [pid 390] <... prctl resumed>) = 0 [pid 389] <... prctl resumed>) = 0 [pid 388] <... prctl resumed>) = 0 [pid 391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 390] setpgid(0, 0 [pid 389] setpgid(0, 0 [pid 388] setpgid(0, 0 [pid 391] <... mmap resumed>) = 0x7f3f677c0000 [pid 390] <... setpgid resumed>) = 0 [pid 389] <... setpgid resumed>) = 0 [pid 388] <... setpgid resumed>) = 0 [ 22.834278][ T23] audit: type=1400 audit(1678605624.870:76): avc: denied { ioctl } for pid=375 comm="syz-executor200" path="/dev/loop3" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 22.860144][ T23] audit: type=1400 audit(1678605624.900:77): avc: denied { mounton } for pid=379 comm="syz-executor200" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 22.864638][ T381] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [pid 392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 388] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 390] <... openat resumed>) = 3 [pid 389] <... openat resumed>) = 3 [pid 388] <... openat resumed>) = 3 [pid 390] write(3, "1000", 4 [pid 389] write(3, "1000", 4 [pid 388] write(3, "1000", 4 [pid 390] <... write resumed>) = 4 [pid 389] <... write resumed>) = 4 [pid 388] <... write resumed>) = 4 [pid 390] close(3 [pid 389] close(3 [pid 388] close(3 [pid 390] <... close resumed>) = 0 [pid 389] <... close resumed>) = 0 [pid 388] <... close resumed>) = 0 [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 390] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 390] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 389] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 388] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 390] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 389] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 388] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 390] <... mprotect resumed>) = 0 [pid 389] <... mprotect resumed>) = 0 [pid 388] <... mprotect resumed>) = 0 [pid 390] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 389] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 388] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 390] <... clone resumed>, parent_tid=[393], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 393 [pid 389] <... clone resumed>, parent_tid=[394], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 394 [pid 388] <... clone resumed>, parent_tid=[395], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 395 [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 391] <... write resumed>) = 1048576 [pid 381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 381] chdir("./file0") = 0 [pid 381] ioctl(4, LOOP_CLR_FD) = 0 [pid 381] close(4) = 0 [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 379] <... futex resumed>) = 0 [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 381] <... futex resumed>) = 1 [pid 381] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000) = 4 [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 379] <... futex resumed>) = 0 [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f3f6789f000 [pid 379] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 379] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[396], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 396 [pid 379] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 379] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 381] <... futex resumed>) = 1 [pid 381] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9) = 9 [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 381] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 391] munmap(0x7f3f677c0000, 1048576) = 0 [pid 391] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 ./strace-static-x86_64: Process 395 attached [pid 391] ioctl(4, LOOP_SET_FD, 3 [pid 395] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 395] memfd_create("syzkaller", 0) = 3 [pid 395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 394 attached [pid 394] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 394] memfd_create("syzkaller", 0) = 3 [pid 394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576./strace-static-x86_64: Process 393 attached [pid 393] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 393] memfd_create("syzkaller", 0) = 3 [pid 393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 392] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 396 attached [pid 391] <... ioctl resumed>) = 0 [pid 391] close(3) = 0 [pid 391] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 391] mount("/dev/loop3", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 396] set_robust_list(0x7f3f678bf9e0, 24 [pid 392] munmap(0x7f3f677c0000, 1048576 [pid 396] <... set_robust_list resumed>) = 0 [pid 392] <... munmap resumed>) = 0 [pid 396] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 392] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 396] <... write resumed>) = 9 [pid 392] <... openat resumed>) = 4 [pid 396] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] ioctl(4, LOOP_SET_FD, 3 [pid 379] <... futex resumed>) = 0 [pid 396] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 381] <... futex resumed>) = 0 [pid 379] <... futex resumed>) = 1 [pid 381] open("./bus", O_RDWR [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 381] <... open resumed>) = 5 [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 379] <... futex resumed>) = 0 [pid 381] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 379] <... futex resumed>) = 0 [pid 381] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 381] <... mmap resumed>) = 0x20000000 [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 379] <... futex resumed>) = 0 [pid 381] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 379] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 381] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 379] <... futex resumed>) = 0 [ 22.895641][ T23] audit: type=1400 audit(1678605624.980:78): avc: denied { mount } for pid=379 comm="syz-executor200" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 22.933409][ T381] EXT4-fs error (device loop5): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [pid 381] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 379] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] <... write resumed>) = 1048576 [pid 395] <... write resumed>) = 1048576 [pid 392] <... ioctl resumed>) = 0 [pid 392] close(3) = 0 [pid 392] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 392] mount("/dev/loop2", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue"write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory [pid 393] <... write resumed>) = 1048576 [pid 395] munmap(0x7f3f677c0000, 1048576) = 0 [pid 395] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 395] ioctl(4, LOOP_SET_FD, 3 [pid 394] munmap(0x7f3f677c0000, 1048576) = 0 [pid 394] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 393] munmap(0x7f3f677c0000, 1048576) = 0 [pid 393] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 381] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 381] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 379] <... futex resumed>) = 0 [pid 379] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89) = 89 [pid 379] exit_group(0) = ? [pid 381] <... futex resumed>) = ? [pid 381] +++ exited with 0 +++ [pid 396] <... futex resumed>) = ? [pid 395] <... ioctl resumed>) = 0 [pid 395] close(3) = 0 [pid 395] mkdir("./file0", 0777) = -1 EEXIST (File exists) [ 22.933961][ T23] audit: type=1400 audit(1678605625.000:79): avc: denied { write } for pid=379 comm="syz-executor200" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 22.974206][ T23] audit: type=1400 audit(1678605625.000:80): avc: denied { add_name } for pid=379 comm="syz-executor200" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 22.979981][ T391] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [pid 395] mount("/dev/loop4", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 396] +++ exited with 0 +++ [pid 394] <... openat resumed>) = 4 [pid 379] +++ exited with 0 +++ [pid 394] ioctl(4, LOOP_SET_FD, 3 [pid 393] <... openat resumed>) = 4 [pid 393] ioctl(4, LOOP_SET_FD, 3 [pid 377] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=379, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 377] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 394] <... ioctl resumed>) = 0 [pid 394] close(3) = 0 [pid 394] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 394] mount("/dev/loop0", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 393] <... ioctl resumed>) = 0 [pid 377] <... openat resumed>) = 3 [pid 393] close(3 [pid 377] ioctl(3, LOOP_CLR_FD [pid 393] <... close resumed>) = 0 [pid 377] <... ioctl resumed>) = 0 [pid 393] mkdir("./file0", 0777 [pid 377] close(3 [pid 393] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 377] <... close resumed>) = 0 [pid 393] mount("/dev/loop1", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 377] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 410 [ 22.994976][ T23] audit: type=1400 audit(1678605625.000:81): avc: denied { create } for pid=379 comm="syz-executor200" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 23.025334][ T23] audit: type=1400 audit(1678605625.000:82): avc: denied { read write open } for pid=379 comm="syz-executor200" path="/root/file0/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [pid 391] <... mount resumed>) = 0 [pid 391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 391] chdir("./file0") = 0 [pid 391] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 410 attached [pid 391] close(4) = 0 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] <... futex resumed>) = 0 [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] <... futex resumed>) = 1 [pid 391] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000) = 4 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] <... futex resumed>) = 0 [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 378] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 378] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f3f6789f000 [pid 378] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 378] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[414], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 414 [pid 378] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 378] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 391] <... futex resumed>) = 1 [pid 391] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9) = 9 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 391] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 414 attached [pid 414] set_robust_list(0x7f3f678bf9e0, 24) = 0 [pid 414] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9) = 9 [pid 414] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] set_robust_list(0x555555cab6e0, 24) = 0 [pid 395] <... mount resumed>) = 0 [pid 393] <... mount resumed>) = 0 [pid 414] <... futex resumed>) = 1 [pid 410] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 392] <... mount resumed>) = 0 [pid 378] <... futex resumed>) = 0 [pid 414] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] <... prctl resumed>) = 0 [pid 395] <... openat resumed>) = 3 [pid 393] <... openat resumed>) = 3 [pid 392] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] setpgid(0, 0 [pid 395] chdir("./file0" [pid 393] chdir("./file0" [pid 392] <... openat resumed>) = 3 [pid 410] <... setpgid resumed>) = 0 [pid 395] <... chdir resumed>) = 0 [pid 393] <... chdir resumed>) = 0 [pid 392] chdir("./file0" [pid 410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 395] ioctl(4, LOOP_CLR_FD [pid 393] ioctl(4, LOOP_CLR_FD [pid 392] <... chdir resumed>) = 0 [pid 410] <... openat resumed>) = 3 [pid 395] <... ioctl resumed>) = 0 [pid 393] <... ioctl resumed>) = 0 [pid 410] write(3, "1000", 4 [pid 395] close(4 [pid 393] close(4 [pid 392] ioctl(4, LOOP_CLR_FD [pid 410] <... write resumed>) = 4 [pid 395] <... close resumed>) = 0 [pid 394] <... mount resumed>) = 0 [pid 393] <... close resumed>) = 0 [pid 391] <... futex resumed>) = 0 [pid 378] <... futex resumed>) = 1 [pid 410] close(3 [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... ioctl resumed>) = 0 [pid 391] open("./bus", O_RDWR [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... close resumed>) = 0 [pid 395] <... futex resumed>) = 1 [pid 393] <... futex resumed>) = 1 [pid 392] close(4 [pid 391] <... open resumed>) = 5 [pid 390] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 410] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 392] <... close resumed>) = 0 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... futex resumed>) = 0 [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 378] <... futex resumed>) = 0 [pid 410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 395] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 394] <... openat resumed>) = 3 [pid 393] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 392] <... futex resumed>) = 1 [pid 391] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 380] <... futex resumed>) = 0 [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... mmap resumed>) = 0x7f3f6fbc0000 [pid 395] <... open resumed>) = 4 [pid 394] chdir("./file0" [pid 393] <... open resumed>) = 4 [pid 392] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 391] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] <... futex resumed>) = 0 [pid 410] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... chdir resumed>) = 0 [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 391] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 380] <... futex resumed>) = 0 [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] <... mprotect resumed>) = 0 [pid 395] <... futex resumed>) = 1 [pid 394] ioctl(4, LOOP_CLR_FD [pid 393] <... futex resumed>) = 1 [pid 392] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 391] <... mmap resumed>) = 0x20000000 [pid 390] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 394] <... ioctl resumed>) = 0 [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 392] <... open resumed>) = 4 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [ 23.059163][ T395] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 23.069349][ T392] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 23.073589][ T393] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 23.097098][ T394] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 416 attached [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 394] close(4 [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 378] <... futex resumed>) = 0 [pid 410] <... clone resumed>, parent_tid=[416], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 416 [pid 395] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 394] <... close resumed>) = 0 [pid 391] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 378] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 378] <... futex resumed>) = 0 [pid 394] <... futex resumed>) = 1 [pid 391] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 378] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] set_robust_list(0x7f3f6fbe09e0, 24 [pid 410] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... write resumed>) = 9 [pid 394] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 392] <... futex resumed>) = 1 [pid 390] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] <... futex resumed>) = 0 [pid 388] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 380] <... futex resumed>) = 0 [pid 416] <... set_robust_list resumed>) = 0 [pid 410] <... futex resumed>) = 0 [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] <... write resumed>) = 9 [pid 392] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] <... futex resumed>) = 0 [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] <... futex resumed>) = 0 [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] memfd_create("syzkaller", 0 [pid 410] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 395] <... futex resumed>) = 0 [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 389] <... futex resumed>) = 0 [pid 388] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 380] <... futex resumed>) = 0 [pid 416] <... memfd_create resumed>) = 3 [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] <... futex resumed>) = 0 [pid 392] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 390] <... mmap resumed>) = 0x7f3f6789f000 [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] <... mmap resumed>) = 0x7f3f6789f000 [pid 380] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 392] <... write resumed>) = 9 [pid 390] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE [pid 388] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE [pid 380] <... futex resumed>) = 0 [pid 416] <... mmap resumed>) = 0x7f3f677c0000 [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... mprotect resumed>) = 0 [pid 388] <... mprotect resumed>) = 0 [pid 380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 394] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 392] <... futex resumed>) = 0 [pid 390] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 388] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 380] <... mmap resumed>) = 0x7f3f6789f000 [pid 394] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 392] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 391] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 380] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 418 attached ./strace-static-x86_64: Process 417 attached [pid 416] <... write resumed>) = 1048576 [pid 391] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... clone resumed>, parent_tid=[417], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 417 [pid 388] <... clone resumed>, parent_tid=[418], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 418 [pid 380] <... mprotect resumed>) = 0 [pid 394] <... open resumed>) = 4 [pid 418] set_robust_list(0x7f3f678bf9e0, 24 [pid 417] set_robust_list(0x7f3f678bf9e0, 24 [pid 416] munmap(0x7f3f677c0000, 1048576 [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 391] <... futex resumed>) = 1 [pid 390] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 380] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 378] <... futex resumed>) = 0 ./strace-static-x86_64: Process 419 attached [pid 418] <... set_robust_list resumed>) = 0 [pid 417] <... set_robust_list resumed>) = 0 [pid 416] <... munmap resumed>) = 0 [pid 394] <... futex resumed>) = 1 [pid 391] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 0 write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory [pid 388] <... futex resumed>) = 0 [pid 378] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89 [pid 418] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 417] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 416] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 394] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 380] <... clone resumed>, parent_tid=[419], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 419 [pid 378] <... write resumed>) = 89 [pid 417] <... write resumed>) = 9 [pid 416] <... openat resumed>) = 4 [pid 394] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] <... futex resumed>) = 0 [pid 380] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 378] exit_group(0 [pid 418] <... write resumed>) = 9 [pid 417] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] ioctl(4, LOOP_SET_FD, 3 [pid 414] <... futex resumed>) = ? [pid 394] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 391] <... futex resumed>) = ? [pid 389] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 380] <... futex resumed>) = 0 [pid 378] <... exit_group resumed>) = ? [pid 419] set_robust_list(0x7f3f678bf9e0, 24 [pid 418] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 417] <... futex resumed>) = 1 [pid 416] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 414] +++ exited with 0 +++ [pid 394] <... write resumed>) = 9 [pid 391] +++ exited with 0 +++ [pid 390] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 0 [pid 380] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 378] +++ exited with 0 +++ [pid 418] <... futex resumed>) = 1 [pid 417] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 416] ioctl(4, LOOP_CLR_FD [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 388] <... futex resumed>) = 0 [pid 375] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=378, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 418] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 416] <... ioctl resumed>) = 0 [pid 394] <... futex resumed>) = 0 [pid 393] <... futex resumed>) = 0 [pid 390] <... futex resumed>) = 1 [pid 389] <... mmap resumed>) = 0x7f3f6789f000 [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = 0 [pid 394] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] open("./bus", O_RDWR [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 389] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE [pid 388] <... futex resumed>) = 1 [pid 395] open("./bus", O_RDWR [pid 393] <... open resumed>) = 5 [pid 389] <... mprotect resumed>) = 0 [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 419] <... set_robust_list resumed>) = 0 [pid 395] <... open resumed>) = 5 [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 375] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 395] <... futex resumed>) = 1 [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] <... clone resumed>, parent_tid=[420], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 420 [pid 388] <... futex resumed>) = 0 [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 389] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 375] <... openat resumed>) = 3 [pid 416] ioctl(4, LOOP_SET_FD, 3 [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 393] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 389] <... futex resumed>) = 0 [pid 388] <... futex resumed>) = 0 [pid 375] ioctl(3, LOOP_CLR_FD [pid 416] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 395] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 393] <... mmap resumed>) = 0x20000000 [pid 389] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 375] <... ioctl resumed>) = 0 [pid 416] close(4 [pid 395] <... mmap resumed>) = 0x20000000 [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 420 attached [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 419] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 416] <... close resumed>) = 0 [pid 375] close(3 [pid 420] set_robust_list(0x7f3f678bf9e0, 24 [pid 419] <... write resumed>) = 9 [pid 416] close(3 [pid 395] <... futex resumed>) = 1 [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] <... futex resumed>) = 0 [pid 375] <... close resumed>) = 0 [pid 420] <... set_robust_list resumed>) = 0 [pid 419] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... close resumed>) = 0 [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 388] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 375] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 420] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 419] <... futex resumed>) = 1 [ 23.124653][ T391] EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [pid 416] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 393] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 390] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 388] <... futex resumed>) = 0 [pid 380] <... futex resumed>) = 0 [pid 420] <... write resumed>) = 9 [pid 419] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 416] <... futex resumed>) = 1 [pid 410] <... futex resumed>) = 0 [pid 395] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 375] <... clone resumed>, child_tidptr=0x555555cab6d0) = 421 [pid 420] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 420] <... futex resumed>) = 1 [pid 420] futex(0x7f3f6fcb96d8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 421 attached [pid 421] set_robust_list(0x555555cab6e0, 24) = 0 [pid 421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 421] setpgid(0, 0) = 0 [pid 421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 421] write(3, "1000", 4) = 4 [pid 421] close(3) = 0 [pid 421] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f3f6fbc0000 [pid 421] mprotect(0x7f3f6fbc1000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 421] clone(child_stack=0x7f3f6fbe02f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[422], tls=0x7f3f6fbe0700, child_tidptr=0x7f3f6fbe09d0) = 422 [pid 421] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 422 attached [pid 422] set_robust_list(0x7f3f6fbe09e0, 24) = 0 [pid 422] memfd_create("syzkaller", 0) = 3 [pid 422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3f677c0000 [pid 422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 389] <... futex resumed>) = 0 [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 388] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... futex resumed>) = 1 [pid 416] <... futex resumed>) = 0 [pid 410] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 394] <... futex resumed>) = 0 [pid 416] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 392] <... futex resumed>) = 0 [pid 389] <... futex resumed>) = 1 [pid 380] <... futex resumed>) = 1 [pid 394] open("./bus", O_RDWR [pid 416] <... open resumed>) = 3 [pid 392] open("./bus", O_RDWR [pid 416] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... open resumed>) = 5 [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... open resumed>) = 5 [pid 416] <... futex resumed>) = 1 [pid 410] <... futex resumed>) = 0 [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 416] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 410] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... futex resumed>) = 0 [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 410] <... futex resumed>) = 0 [pid 394] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 392] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 380] <... futex resumed>) = 0 [pid 416] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 410] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... mmap resumed>) = 0x20000000 [pid 392] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 410] <... futex resumed>) = 0 [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... mmap resumed>) = 0x7f3f6789f000 [pid 394] <... futex resumed>) = 1 [pid 389] <... futex resumed>) = 0 [pid 410] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE [pid 394] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 410] <... mprotect resumed>) = 0 [pid 394] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] <... futex resumed>) = 0 [pid 410] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 394] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 389] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 422] <... write resumed>) = 1048576 [pid 422] munmap(0x7f3f677c0000, 1048576) = 0 [pid 422] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 422] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 422] ioctl(4, LOOP_CLR_FD) = 0 [pid 393] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 393] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 393] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 422] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 422] close(4) = 0 [pid 422] close(3) = 0 [pid 422] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 421] <... futex resumed>) = 0 [pid 421] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 422] <... futex resumed>) = 1 [pid 422] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000) = 3 [pid 422] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 421] <... futex resumed>) = 0 [pid 421] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] futex(0x7f3f6fcb96dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f3f6789f000 [pid 421] mprotect(0x7f3f678a0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 421] clone(child_stack=0x7f3f678bf2f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[424], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 424 [pid 421] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 421] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 422] <... futex resumed>) = 1 [pid 422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 395] <... ioctl resumed>) = 0 [pid 390] <... futex resumed>) = 0 write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory [pid 390] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89 [pid 395] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... mmap resumed>) = 0x20000000 [pid 390] <... write resumed>) = 89 [pid 410] <... clone resumed>, parent_tid=[423], tls=0x7f3f678bf700, child_tidptr=0x7f3f678bf9d0) = 423 [pid 410] futex(0x7f3f6fcb96d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = 1 [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] exit_group(0 [pid 388] <... futex resumed>) = 0 [pid 417] <... futex resumed>) = ? [pid 410] <... futex resumed>) = 0 [pid 395] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] <... futex resumed>) = -1 (errno 18446744073709551414) [pid 417] +++ exited with 0 +++ [pid 410] futex(0x7f3f6fcb96dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... futex resumed>) = 1 [pid 390] <... exit_group resumed>) = ? [pid 393] +++ exited with 0 +++ [pid 388] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89 [pid 380] <... futex resumed>) = 0 [pid 392] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 423 attached [pid 423] set_robust_list(0x7f3f678bf9e0, 24) = 0 [pid 423] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 394] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 394] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 394] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 424 attached [pid 424] set_robust_list(0x7f3f678bf9e0, 24) = 0 [pid 424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory [pid 388] <... write resumed>) = 89 [pid 388] exit_group(0 [pid 418] <... futex resumed>) = ? [pid 388] <... exit_group resumed>) = ? [pid 418] +++ exited with 0 +++ [pid 380] futex(0x7f3f6fcb96c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] <... futex resumed>) = ? [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 389] <... futex resumed>) = 0 [ 23.164814][ T393] EXT4-fs error (device loop2): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 23.183552][ T394] EXT4-fs error (device loop0): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 23.201106][ T390] ------------[ cut here ]------------ [ 23.207263][ T390] kernel BUG at fs/ext4/inode.c:2767! [ 23.208315][ T395] ------------[ cut here ]------------ [ 23.213069][ T390] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 23.218439][ T395] kernel BUG at fs/ext4/inode.c:2767! [ 23.224345][ T390] CPU: 1 PID: 390 Comm: syz-executor200 Not tainted 5.10.161-syzkaller-00019-g416c4356f372 #0 [ 23.234681][ T392] ------------[ cut here ]------------ [ 23.240020][ T390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 23.240041][ T390] RIP: 0010:ext4_writepages+0x36f6/0x3710 [ 23.240052][ T390] Code: c6 31 ff e8 8c 07 90 ff 84 db 75 2c e8 73 04 90 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 64 24 40 e9 28 f7 ff ff e8 5a 04 90 ff <0f> 0b e8 53 04 90 ff e8 ed 64 23 ff eb a0 e8 47 04 90 ff e8 e1 64 [ 23.240059][ T390] RSP: 0018:ffffc90000cb75a0 EFLAGS: 00010293 [ 23.287303][ T390] RAX: ffffffff81dd1d56 RBX: 0000008000000000 RCX: ffff8881041acf00 [ 23.295347][ T390] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 23.303300][ T390] RBP: ffffc90000cb7990 R08: ffffffff81dced3a R09: ffffed1023451ecf [ 23.311440][ T390] R10: ffffed1023451ecf R11: 1ffff11023451ece R12: ffff8881002e0000 [ 23.320464][ T390] R13: ffffc90000cb7860 R14: 0000009410000000 R15: ffffc90000cb7b00 [ 23.328512][ T390] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 23.337419][ T390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.344073][ T390] CR2: 00007f3f678bf718 CR3: 0000000104b8f000 CR4: 00000000003506a0 [ 23.352114][ T390] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.360082][ T390] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.368402][ T390] Call Trace: [ 23.371902][ T390] ? ext4_readpage+0x220/0x220 [ 23.376677][ T390] ? is_module_text_address+0xe1/0x140 [ 23.382124][ T390] ? stack_trace_save+0x1f0/0x1f0 [ 23.387246][ T390] ? __kernel_text_address+0x9a/0x110 [ 23.392686][ T390] ? unwind_get_return_address+0x4c/0x90 [ 23.398390][ T390] ? arch_stack_walk+0xf8/0x140 [ 23.403485][ T390] ? stack_trace_save+0x12d/0x1f0 [ 23.408579][ T390] ? kasan_set_track+0x63/0x80 [ 23.414970][ T390] ? kasan_set_track+0x4c/0x80 [ 23.419886][ T390] ? ext4_readpage+0x220/0x220 [ 23.424646][ T390] do_writepages+0x13a/0x280 [ 23.429216][ T390] ? __writepage+0x130/0x130 [ 23.433788][ T390] ? __kasan_check_write+0x14/0x20 [ 23.438881][ T390] ? _raw_spin_unlock+0x4d/0x70 [ 23.443734][ T390] __filemap_fdatawrite_range+0x354/0x420 [ 23.449443][ T390] ? filemap_check_errors+0x120/0x120 [ 23.454800][ T390] ? __fsnotify_update_child_dentry_flags+0x300/0x300 [ 23.461545][ T390] filemap_flush+0x23/0x30 [ 23.465973][ T390] ext4_alloc_da_blocks+0x71/0x180 [ 23.471065][ T390] ext4_release_file+0x84/0x320 [ 23.475896][ T390] ? ext4_file_open+0x680/0x680 [ 23.480729][ T390] __fput+0x348/0x7c0 [ 23.484692][ T390] ____fput+0x15/0x20 [ 23.488658][ T390] task_work_run+0x147/0x1b0 [ 23.493338][ T390] do_exit+0x63c/0x2340 [ 23.497490][ T390] ? ptrace_stop+0x6ff/0x9f0 [ 23.502063][ T390] ? try_invoke_on_locked_down_task+0x280/0x280 [ 23.508279][ T390] ? get_task_struct+0x80/0x80 [ 23.513034][ T390] ? __kasan_check_write+0x14/0x20 [ 23.518133][ T390] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 23.523311][ T390] ? _raw_spin_lock_irqsave+0x210/0x210 [ 23.528834][ T390] ? __fpregs_load_activate+0x1e7/0x370 [ 23.534358][ T390] ? wake_up_state+0xb/0x10 [ 23.538844][ T390] ? zap_other_threads+0x24d/0x290 [ 23.543938][ T390] do_group_exit+0x13a/0x300 [ 23.548505][ T390] __x64_sys_exit_group+0x3f/0x40 [ 23.553510][ T390] do_syscall_64+0x34/0x70 [ 23.558004][ T390] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 23.563962][ T390] RIP: 0033:0x7f3f6fc3a939 [ 23.568353][ T390] Code: Unable to access opcode bytes at RIP 0x7f3f6fc3a90f. [ 23.575713][ T390] RSP: 002b:00007ffce71d2178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 23.584132][ T390] RAX: ffffffffffffffda RBX: 00007f3f6fcb9390 RCX: 00007f3f6fc3a939 [ 23.592101][ T390] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 23.600052][ T390] RBP: 0000000000000000 R08: ffffffffffffffb8 R09: 0000000000000000 [ 23.608110][ T390] R10: 00007ffce71d2200 R11: 0000000000000246 R12: 00007f3f6fcb9390 [ 23.616074][ T390] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [pid 380] futex(0x7f3f6fcb96cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory [pid 416] <... write resumed>) = 9 [pid 392] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 389] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89 [pid 416] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 389] <... write resumed>) = 89 [pid 416] <... futex resumed>) = 0 [pid 392] futex(0x7f3f6fcb96cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 389] exit_group(0 [pid 420] <... futex resumed>) = ? [pid 416] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 394] <... futex resumed>) = ? [pid 392] <... futex resumed>) = 1 [pid 389] <... exit_group resumed>) = ? [pid 380] <... futex resumed>) = 0 [pid 420] +++ exited with 0 +++ [pid 394] +++ exited with 0 +++ [pid 392] futex(0x7f3f6fcb96c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 389] +++ exited with 0 +++ [pid 380] write(1, "write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory\n", 89) = 89 [pid 372] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=389, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 380] exit_group(0 [pid 419] <... futex resumed>) = ? [pid 392] <... futex resumed>) = ? [pid 380] <... exit_group resumed>) = ? [pid 419] +++ exited with 0 +++ [pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 372] ioctl(3, LOOP_CLR_FD) = 0 [pid 372] close(3) = 0 [pid 372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555cab6d0) = 425 [ 23.624064][ T390] Modules linked in: [ 23.628017][ T395] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 23.634104][ T395] CPU: 0 PID: 395 Comm: syz-executor200 Tainted: G D 5.10.161-syzkaller-00019-g416c4356f372 #0 [ 23.635943][ T390] ---[ end trace 5356b85c85c4a776 ]--- [ 23.645730][ T395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 23.645748][ T395] RIP: 0010:ext4_writepages+0x36f6/0x3710 [ 23.645767][ T395] Code: c6 31 ff e8 8c 07 90 ff 84 db 75 2c e8 73 04 90 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 64 24 40 e9 28 f7 ff ff e8 5a 04 90 ff <0f> 0b e8 53 04 90 ff e8 ed 64 23 ff eb a0 e8 47 04 90 ff e8 e1 64 [ 23.651390][ T390] RIP: 0010:ext4_writepages+0x36f6/0x3710 [ 23.661412][ T395] RSP: 0018:ffffc90000d17380 EFLAGS: 00010293 [ 23.661425][ T395] RAX: ffffffff81dd1d56 RBX: 0000008000000000 RCX: ffff8881067ee2c0 [ 23.661439][ T395] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 23.667146][ T390] Code: c6 31 ff e8 8c 07 90 ff 84 db 75 2c e8 73 04 90 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 64 24 40 e9 28 f7 ff ff e8 5a 04 90 ff <0f> 0b e8 53 04 90 ff e8 ed 64 23 ff eb a0 e8 47 04 90 ff e8 e1 64 [ 23.686723][ T395] RBP: ffffc90000d17770 R08: ffffffff81dced3a R09: ffffed1023451ecf [ 23.686731][ T395] R10: ffffed1023451ecf R11: 1ffff11023451ece R12: ffff8881002e0000 [ 23.686748][ T395] R13: ffffc90000d17640 R14: 0000009410000000 R15: ffffc90000d178e0 [ 23.692442][ T390] RSP: 0018:ffffc90000cb75a0 EFLAGS: 00010293 [ 23.698482][ T395] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 23.698489][ T395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.698505][ T395] CR2: 00007ffce71d21a8 CR3: 0000000104be5000 CR4: 00000000003506b0 [ 23.706458][ T390] [ 23.714411][ T395] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.734009][ T390] RAX: ffffffff81dd1d56 RBX: 0000008000000000 RCX: ffff8881041acf00 [ 23.741993][ T395] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.741997][ T395] Call Trace: [ 23.742035][ T395] ? ext4_readpage+0x220/0x220 [ 23.750016][ T390] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 23.757968][ T395] ? is_module_text_address+0xe1/0x140 [ 23.757987][ T395] ? stack_trace_save+0x1f0/0x1f0 [ 23.764307][ T390] RBP: ffffc90000cb7990 R08: ffffffff81dced3a R09: ffffed1023451ecf [ 23.773214][ T395] ? __kernel_text_address+0x9a/0x110 [ 23.773233][ T395] ? unwind_get_return_address+0x4c/0x90 [ 23.779797][ T390] R10: ffffed1023451ecf R11: 1ffff11023451ece R12: ffff8881002e0000 [ 23.787745][ T395] ? arch_stack_walk+0xf8/0x140 [ 23.787764][ T395] ? stack_trace_save+0x12d/0x1f0 [ 23.790074][ T390] R13: ffffc90000cb7860 R14: 0000009410000000 R15: ffffc90000cb7b00 [ 23.798023][ T395] ? kasan_set_track+0x63/0x80 [ 23.798041][ T395] ? kasan_set_track+0x4c/0x80 [ 23.806001][ T390] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 23.813955][ T395] ? ext4_readpage+0x220/0x220 [ 23.817219][ T390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.821965][ T395] do_writepages+0x13a/0x280 [ 23.829921][ T390] CR2: 00007f3f678bf718 CR3: 000000010ca50000 CR4: 00000000003506a0 [ 23.835348][ T395] ? __writepage+0x130/0x130 [ 23.835367][ T395] ? __kasan_check_write+0x14/0x20 [ 23.840365][ T390] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.848316][ T395] ? _raw_spin_unlock+0x4d/0x70 [ 23.848337][ T395] __filemap_fdatawrite_range+0x354/0x420 [ 23.853687][ T390] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.859377][ T395] ? filemap_check_errors+0x120/0x120 [ 23.859398][ T395] ? __fsnotify_update_child_dentry_flags+0x300/0x300 [ 23.867350][ T390] Kernel panic - not syncing: Fatal exception [ 23.872184][ T395] filemap_flush+0x23/0x30 [ 23.986392][ T395] ext4_alloc_da_blocks+0x71/0x180 [ 23.991491][ T395] ext4_release_file+0x84/0x320 [ 23.996327][ T395] ? ext4_file_open+0x680/0x680 [ 24.001602][ T395] __fput+0x348/0x7c0 [ 24.005575][ T395] ____fput+0x15/0x20 [ 24.009553][ T395] task_work_run+0x147/0x1b0 [ 24.014133][ T395] do_exit+0x63c/0x2340 [ 24.018281][ T395] ? __kasan_check_write+0x14/0x20 [ 24.023384][ T395] ? finish_task_switch+0x1b9/0x580 [ 24.028577][ T395] ? get_task_struct+0x80/0x80 [ 24.033331][ T395] ? __schedule+0x86e/0xc00 [ 24.037824][ T395] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 24.043634][ T395] ? __kasan_check_write+0x14/0x20 [ 24.048738][ T395] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 24.053844][ T395] do_group_exit+0x13a/0x300 [ 24.058424][ T395] ? __kasan_check_write+0x14/0x20 [ 24.063554][ T395] get_signal+0xe17/0x1440 [ 24.067985][ T395] arch_do_signal+0x8e/0x650 [ 24.072589][ T395] ? __do_sys_rt_sigreturn+0x1e0/0x1e0 [ 24.078075][ T395] exit_to_user_mode_loop+0xa3/0xe0 [ 24.083265][ T395] syscall_exit_to_user_mode+0x77/0xa0 [ 24.088711][ T395] do_syscall_64+0x40/0x70 [ 24.093118][ T395] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 24.099022][ T395] RIP: 0033:0x7f3f6fc3be39 [ 24.103422][ T395] Code: Unable to access opcode bytes at RIP 0x7f3f6fc3be0f. [ 24.110777][ T395] RSP: 002b:00007f3f6fbe0218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 24.119277][ T395] RAX: fffffffffffffe00 RBX: 00007f3f6fcb96c8 RCX: 00007f3f6fc3be39 [ 24.127417][ T395] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3f6fcb96c8 [ 24.135381][ T395] RBP: 00007f3f6fcb96c0 R08: 0000000000000000 R09: 0000000000000000 [ 24.143431][ T395] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f6fcb96cc [ 24.151395][ T395] R13: 00007ffce71d214f R14: 00007f3f6fbe0300 R15: 0000000000022000 [ 24.159356][ T395] Modules linked in: [ 24.163486][ T390] Kernel Offset: disabled [ 24.167814][ T390] Rebooting in 86400 seconds..