./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor190731900 <...> Warning: Permanently added '10.128.0.181' (ED25519) to the list of known hosts. execve("./syz-executor190731900", ["./syz-executor190731900"], 0x7fff68f27960 /* 10 vars */) = 0 brk(NULL) = 0x55555c0ca000 brk(0x55555c0cad40) = 0x55555c0cad40 arch_prctl(ARCH_SET_FS, 0x55555c0ca3c0) = 0 set_tid_address(0x55555c0ca690) = 5839 set_robust_list(0x55555c0ca6a0, 24) = 0 rseq(0x55555c0cace0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor190731900", 4096) = 27 getrandom("\x72\xc1\x70\x0b\x27\xca\xb2\x5f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555c0cad40 brk(0x55555c0ebd40) = 0x55555c0ebd40 brk(0x55555c0ec000) = 0x55555c0ec000 mprotect(0x7f38b919f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached , child_tidptr=0x55555c0ca690) = 5840 [pid 5840] set_robust_list(0x55555c0ca6a0, 24 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5841 attached [pid 5840] mkdir("./syzkaller.AnD6pe", 0700 [pid 5841] set_robust_list(0x55555c0ca6a0, 24) = 0 [pid 5839] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5841 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] mkdir("./syzkaller.pATqeu", 0700 [pid 5840] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5842 attached [pid 5840] chmod("./syzkaller.AnD6pe", 0777 [pid 5841] <... mkdir resumed>) = 0 [pid 5840] <... chmod resumed>) = 0 [pid 5840] chdir("./syzkaller.AnD6pe" [pid 5842] set_robust_list(0x55555c0ca6a0, 24 [pid 5840] <... chdir resumed>) = 0 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5840] mkdir("./0", 0777 [pid 5839] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5842 [pid 5842] mkdir("./syzkaller.yqxZW8", 0700 [pid 5841] chmod("./syzkaller.pATqeu", 0777) = 0 [pid 5841] chdir("./syzkaller.pATqeu") = 0 [pid 5840] <... mkdir resumed>) = 0 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] mkdir("./0", 0777 [pid 5842] <... mkdir resumed>) = 0 [pid 5841] <... mkdir resumed>) = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5843 attached [pid 5842] chmod("./syzkaller.yqxZW8", 0777 [pid 5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5839] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5843 [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] <... openat resumed>) = 3 [pid 5843] set_robust_list(0x55555c0ca6a0, 24 [pid 5842] <... chmod resumed>) = 0 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] chdir("./syzkaller.yqxZW8" [pid 5841] ioctl(3, LOOP_CLR_FD [pid 5840] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5844 attached [pid 5843] mkdir("./syzkaller.yDcPBM", 0700 [pid 5839] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5844 [pid 5844] set_robust_list(0x55555c0ca6a0, 24) = 0 [pid 5843] <... mkdir resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5841] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5840] ioctl(3, LOOP_CLR_FD [pid 5844] mkdir("./syzkaller.vyM77u", 0700 [pid 5842] mkdir("./0", 0777 [pid 5841] close(3 [pid 5840] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5843] chmod("./syzkaller.yDcPBM", 0777 [pid 5840] close(3 [pid 5844] <... mkdir resumed>) = 0 [pid 5843] <... chmod resumed>) = 0 [pid 5842] <... mkdir resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5844] chmod("./syzkaller.vyM77u", 0777) = 0 [pid 5844] chdir("./syzkaller.vyM77u" [pid 5843] chdir("./syzkaller.yDcPBM" [pid 5842] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5841] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] <... close resumed>) = 0 [pid 5844] <... chdir resumed>) = 0 [pid 5843] <... chdir resumed>) = 0 [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5843] mkdir("./0", 0777 [pid 5842] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5846 attached [pid 5844] mkdir("./0", 0777./strace-static-x86_64: Process 5845 attached ) = 0 [pid 5843] <... mkdir resumed>) = 0 [pid 5846] set_robust_list(0x55555c0ca6a0, 24 [pid 5845] set_robust_list(0x55555c0ca6a0, 24 [pid 5844] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5842] ioctl(3, LOOP_CLR_FD [pid 5841] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5845 [pid 5840] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5846 [pid 5846] <... set_robust_list resumed>) = 0 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] <... openat resumed>) = 3 [pid 5843] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5846] chdir("./0" [pid 5844] ioctl(3, LOOP_CLR_FD [pid 5846] <... chdir resumed>) = 0 [pid 5844] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] <... openat resumed>) = 3 [pid 5846] <... prctl resumed>) = 0 [pid 5846] setpgid(0, 0 [pid 5845] chdir("./0" [pid 5844] close(3) = 0 [pid 5842] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5846] <... setpgid resumed>) = 0 [pid 5844] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5845] <... chdir resumed>) = 0 [pid 5846] <... openat resumed>) = 3 [pid 5846] write(3, "1000", 4./strace-static-x86_64: Process 5848 attached ) = 4 [pid 5846] close(3) = 0 [pid 5846] symlink("/dev/binderfs", "./binderfs" [pid 5848] set_robust_list(0x55555c0ca6a0, 24 [pid 5846] <... symlink resumed>) = 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5846] write(1, "executing program\n", 18 [pid 5844] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5848 executing program [pid 5848] chdir("./0" [pid 5846] <... write resumed>) = 18 [pid 5848] <... chdir resumed>) = 0 [pid 5846] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5846] <... futex resumed>) = 0 [pid 5848] <... prctl resumed>) = 0 [pid 5846] rt_sigaction(SIGRT_1, {sa_handler=0x7f38b9139fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f38b912b190}, [pid 5848] setpgid(0, 0 [pid 5846] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5848] <... setpgid resumed>) = 0 [pid 5846] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] <... openat resumed>) = 3 [pid 5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5848] write(3, "1000", 4 [pid 5846] <... mmap resumed>) = 0x7f38b90aa000 [pid 5848] <... write resumed>) = 4 [pid 5846] mprotect(0x7f38b90ab000, 131072, PROT_READ|PROT_WRITE [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] ioctl(3, LOOP_CLR_FD [pid 5842] close(3 [pid 5845] <... prctl resumed>) = 0 [pid 5846] <... mprotect resumed>) = 0 [pid 5843] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5845] setpgid(0, 0 [pid 5843] close(3 [pid 5842] <... close resumed>) = 0 [pid 5845] <... setpgid resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5842] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5848] close(3 [pid 5846] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5848] <... close resumed>) = 0 [pid 5846] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5848] symlink("/dev/binderfs", "./binderfs" [pid 5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90ca990, parent_tid=0x7f38b90ca990, exit_signal=0, stack=0x7f38b90aa000, stack_size=0x20300, tls=0x7f38b90ca6c0}./strace-static-x86_64: Process 5850 attached ./strace-static-x86_64: Process 5849 attached executing program [pid 5845] <... openat resumed>) = 3 [pid 5843] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] write(3, "1000", 4 [pid 5849] rseq(0x7f38b90cafe0, 0x20, 0, 0x53053053 [pid 5846] <... clone3 resumed> => {parent_tid=[5849]}, 88) = 5849 [pid 5849] <... rseq resumed>) = 0 [pid 5848] <... symlink resumed>) = 0 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5851 attached [pid 5850] set_robust_list(0x55555c0ca6a0, 24 [pid 5849] set_robust_list(0x7f38b90ca9a0, 24 [pid 5848] write(1, "executing program\n", 18 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... write resumed>) = 4 [pid 5842] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5850 [pid 5851] set_robust_list(0x55555c0ca6a0, 24 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5848] <... write resumed>) = 18 [pid 5846] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] close(3 [pid 5843] <... clone resumed>, child_tidptr=0x55555c0ca690) = 5851 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5850] chdir("./0" [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... futex resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5850] <... chdir resumed>) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5851] chdir("./0" [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] <... futex resumed>) = 0 [pid 5846] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5851] <... chdir resumed>) = 0 [pid 5850] <... prctl resumed>) = 0 [pid 5849] memfd_create("syzkaller", 0 [pid 5848] rt_sigaction(SIGRT_1, {sa_handler=0x7f38b9139fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f38b912b190}, [pid 5845] <... symlink resumed>) = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program [pid 5850] setpgid(0, 0 [pid 5845] write(1, "executing program\n", 18 [pid 5850] <... setpgid resumed>) = 0 [pid 5845] <... write resumed>) = 18 [pid 5851] <... prctl resumed>) = 0 [pid 5849] <... memfd_create resumed>) = 3 [pid 5848] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5851] setpgid(0, 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5848] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5845] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] <... setpgid resumed>) = 0 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5850] <... openat resumed>) = 3 [pid 5849] <... mmap resumed>) = 0x7f38b0c00000 [pid 5848] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5845] <... futex resumed>) = 0 [pid 5850] write(3, "1000", 4 [pid 5848] <... mmap resumed>) = 0x7f38b90aa000 [pid 5845] rt_sigaction(SIGRT_1, {sa_handler=0x7f38b9139fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f38b912b190}, [pid 5850] <... write resumed>) = 4 [pid 5849] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5848] mprotect(0x7f38b90ab000, 131072, PROT_READ|PROT_WRITE [pid 5851] <... openat resumed>) = 3 [pid 5850] close(3 [pid 5845] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5850] <... close resumed>) = 0 [pid 5851] write(3, "1000", 4 [pid 5849] <... write resumed>) = 65536 [pid 5850] symlink("/dev/binderfs", "./binderfs" [pid 5848] <... mprotect resumed>) = 0 [pid 5845] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5851] <... write resumed>) = 4 [pid 5849] munmap(0x7f38b0c00000, 138412032 [pid 5848] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] close(3 [pid 5850] <... symlink resumed>) = 0 [pid 5849] <... munmap resumed>) = 0 [pid 5848] <... rt_sigprocmask resumed>[], 8) = 0 executing program [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5851] <... close resumed>) = 0 [pid 5850] write(1, "executing program\n", 18 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5848] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90ca990, parent_tid=0x7f38b90ca990, exit_signal=0, stack=0x7f38b90aa000, stack_size=0x20300, tls=0x7f38b90ca6c0}./strace-static-x86_64: Process 5852 attached [pid 5851] symlink("/dev/binderfs", "./binderfs" [pid 5850] <... write resumed>) = 18 [pid 5849] <... openat resumed>) = 4 [pid 5845] <... mmap resumed>) = 0x7f38b90aa000 [pid 5852] rseq(0x7f38b90cafe0, 0x20, 0, 0x53053053 [pid 5851] <... symlink resumed>) = 0 [pid 5850] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5848] <... clone3 resumed> => {parent_tid=[5852]}, 88) = 5852 [pid 5845] mprotect(0x7f38b90ab000, 131072, PROT_READ|PROT_WRITE [pid 5852] <... rseq resumed>) = 0 [pid 5851] write(1, "executing program\n", 18 [pid 5850] <... futex resumed>) = 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5848] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5848] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5852] set_robust_list(0x7f38b90ca9a0, 24) = 0 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], executing program NULL, 8) = 0 [pid 5851] <... write resumed>) = 18 [pid 5851] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] memfd_create("syzkaller", 0 [pid 5851] <... futex resumed>) = 0 [pid 5850] rt_sigaction(SIGRT_1, {sa_handler=0x7f38b9139fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f38b912b190}, [pid 5845] <... mprotect resumed>) = 0 [pid 5850] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5851] rt_sigaction(SIGRT_1, {sa_handler=0x7f38b9139fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f38b912b190}, [pid 5850] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5851] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5852] <... memfd_create resumed>) = 3 [pid 5851] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5851] <... mmap resumed>) = 0x7f38b90aa000 [pid 5852] <... mmap resumed>) = 0x7f38b0c00000 [pid 5851] mprotect(0x7f38b90ab000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5851] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5851] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90ca990, parent_tid=0x7f38b90ca990, exit_signal=0, stack=0x7f38b90aa000, stack_size=0x20300, tls=0x7f38b90ca6c0}./strace-static-x86_64: Process 5853 attached => {parent_tid=[5853]}, 88) = 5853 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] <... mmap resumed>) = 0x7f38b90aa000 [pid 5852] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5851] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5853] rseq(0x7f38b90cafe0, 0x20, 0, 0x53053053 [pid 5851] <... futex resumed>) = 0 [pid 5853] <... rseq resumed>) = 0 [pid 5851] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5853] set_robust_list(0x7f38b90ca9a0, 24) = 0 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5853] memfd_create("syzkaller", 0 [pid 5850] mprotect(0x7f38b90ab000, 131072, PROT_READ|PROT_WRITE [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90ca990, parent_tid=0x7f38b90ca990, exit_signal=0, stack=0x7f38b90aa000, stack_size=0x20300, tls=0x7f38b90ca6c0} [pid 5853] <... memfd_create resumed>) = 3 [pid 5850] <... mprotect resumed>) = 0 [pid 5849] <... ioctl resumed>) = 0 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5849] close(3./strace-static-x86_64: Process 5854 attached [pid 5853] <... mmap resumed>) = 0x7f38b0c00000 [pid 5852] <... write resumed>) = 65536 [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5849] <... close resumed>) = 0 [pid 5845] <... clone3 resumed> => {parent_tid=[5854]}, 88) = 5854 [pid 5854] rseq(0x7f38b90cafe0, 0x20, 0, 0x53053053 [pid 5853] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5849] close(4 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... rseq resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5852] munmap(0x7f38b0c00000, 138412032 [pid 5850] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5849] <... close resumed>) = 0 [pid 5854] set_robust_list(0x7f38b90ca9a0, 24 [pid 5852] <... munmap resumed>) = 0 [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90ca990, parent_tid=0x7f38b90ca990, exit_signal=0, stack=0x7f38b90aa000, stack_size=0x20300, tls=0x7f38b90ca6c0} [pid 5849] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5845] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5855 attached [pid 5854] <... set_robust_list resumed>) = 0 [pid 5853] <... write resumed>) = 65536 [pid 5852] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5849] <... mkdir resumed>) = 0 [pid 5845] <... futex resumed>) = 0 [pid 5855] rseq(0x7f38b90cafe0, 0x20, 0, 0x53053053 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], [pid 5852] <... openat resumed>) = 4 [pid 5850] <... clone3 resumed> => {parent_tid=[5855]}, 88) = 5855 [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5855] <... rseq resumed>) = 0 [pid 5853] munmap(0x7f38b0c00000, 138412032 [pid 5852] ioctl(4, LOOP_SET_FD, 3 [pid 5849] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5855] set_robust_list(0x7f38b90ca9a0, 24 [pid 5854] memfd_create("syzkaller", 0 [pid 5853] <... munmap resumed>) = 0 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5855] <... set_robust_list resumed>) = 0 [ 133.831014][ T5849] loop0: detected capacity change from 0 to 128 [ 133.865400][ T5852] loop4: detected capacity change from 0 to 128 [ 133.873728][ T5849] ======================================================= [pid 5855] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... memfd_create resumed>) = 3 [pid 5853] <... openat resumed>) = 4 [pid 5852] <... ioctl resumed>) = 0 [pid 5850] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5853] ioctl(4, LOOP_SET_FD, 3 [pid 5852] close(3 [pid 5850] <... futex resumed>) = 0 [pid 5855] memfd_create("syzkaller", 0 [pid 5854] <... mmap resumed>) = 0x7f38b0c00000 [pid 5850] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5852] <... close resumed>) = 0 [pid 5852] close(4) = 0 [pid 5852] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5852] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5854] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5852] <... mount resumed>) = 0 [pid 5852] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5852] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5852] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5852] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5852] futex(0x7f38b91a56a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5848] <... futex resumed>) = 0 [pid 5848] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = 0 [pid 5848] <... futex resumed>) = 1 [ 133.873728][ T5849] WARNING: The mand mount option has been deprecated and [ 133.873728][ T5849] and is ignored by this kernel. Remove the mand [ 133.873728][ T5849] option from the mount to silence this warning. [ 133.873728][ T5849] ======================================================= [ 133.907559][ T5853] loop3: detected capacity change from 0 to 128 [pid 5852] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 000 [pid 5848] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5855] <... memfd_create resumed>) = 3 [pid 5854] <... write resumed>) = 65536 [pid 5853] <... ioctl resumed>) = 0 [pid 5854] munmap(0x7f38b0c00000, 138412032 [pid 5853] close(3 [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5854] <... munmap resumed>) = 0 [pid 5855] <... mmap resumed>) = 0x7f38b0c00000 [pid 5853] <... close resumed>) = 0 [pid 5855] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5853] close(4) = 0 [pid 5849] <... mount resumed>) = 0 [pid 5853] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5849] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5849] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5853] <... mkdir resumed>) = 0 [pid 5849] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5849] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5849] futex(0x7f38b91a56a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] <... futex resumed>) = 0 [pid 5846] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... futex resumed>) = 0 [pid 5846] <... futex resumed>) = 1 [pid 5849] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 000 [pid 5846] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5855] <... write resumed>) = 65536 [pid 5854] <... openat resumed>) = 4 [pid 5853] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5848] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5855] munmap(0x7f38b0c00000, 138412032 [pid 5854] ioctl(4, LOOP_SET_FD, 3 [pid 5848] futex(0x7f38b91a56bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5848] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f38b9089000 [pid 5848] mprotect(0x7f38b908a000, 131072, PROT_READ|PROT_WRITE) = 0 [ 133.926471][ T5852] syz-executor190: attempt to access beyond end of device [ 133.926471][ T5852] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 133.944749][ T5852] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 133.963255][ T5849] syz-executor190: attempt to access beyond end of device [ 133.963255][ T5849] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5848] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5848] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90a9990, parent_tid=0x7f38b90a9990, exit_signal=0, stack=0x7f38b9089000, stack_size=0x20300, tls=0x7f38b90a96c0}./strace-static-x86_64: Process 5857 attached [pid 5857] rseq(0x7f38b90a9fe0, 0x20, 0, 0x53053053 [pid 5848] <... clone3 resumed> => {parent_tid=[5857]}, 88) = 5857 [pid 5857] <... rseq resumed>) = 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5857] set_robust_list(0x7f38b90a99a0, 24 [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5848] futex(0x7f38b91a56b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] <... futex resumed>) = 0 [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] futex(0x7f38b91a56bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5857] openat(AT_FDCWD, "cpu.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5855] <... munmap resumed>) = 0 [pid 5854] <... ioctl resumed>) = 0 [pid 5853] <... mount resumed>) = 0 [pid 5854] close(3 [pid 5853] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5855] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 133.979365][ T5854] loop1: detected capacity change from 0 to 128 [ 133.987826][ T5852] syz-executor190: attempt to access beyond end of device [ 133.987826][ T5852] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 133.998557][ T5849] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 134.004857][ T5852] Buffer I/O error on dev loop4, logical block 8833403, async page read [ 134.010950][ T5849] syz-executor190: attempt to access beyond end of device [pid 5855] ioctl(4, LOOP_SET_FD, 3 [pid 5854] <... close resumed>) = 0 [pid 5853] <... openat resumed>) = 3 [pid 5848] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5846] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5854] close(4 [pid 5853] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5846] futex(0x7f38b91a56bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... ioctl resumed>) = 0 [pid 5855] close(3) = 0 [pid 5855] close(4) = 0 [pid 5855] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 134.010950][ T5849] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 134.022779][ T5855] loop2: detected capacity change from 0 to 128 [ 134.035070][ T5849] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 134.042539][ T5852] syz-executor190: attempt to access beyond end of device [ 134.042539][ T5852] loop4: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 134.049968][ T5849] syz-executor190: attempt to access beyond end of device [ 134.049968][ T5849] loop0: rw=0, sector=26539618, nr_sectors = 2 limit=128 [pid 5855] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5854] <... close resumed>) = 0 [pid 5853] <... chdir resumed>) = 0 [pid 5846] <... futex resumed>) = 0 [pid 5855] <... mount resumed>) = 0 [ 134.070927][ T5852] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 134.095516][ T5852] syz-executor190: attempt to access beyond end of device [ 134.095516][ T5852] loop4: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 134.106944][ T5849] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 134.119046][ T5849] syz-executor190: attempt to access beyond end of device [pid 5854] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5855] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5853] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5855] <... openat resumed>) = 3 [pid 5855] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5853] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5855] <... chdir resumed>) = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5855] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5854] <... mkdir resumed>) = 0 [pid 5853] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... mmap resumed>) = 0x7f38b9089000 [pid 5855] <... futex resumed>) = 1 [pid 5855] futex(0x7f38b91a56a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5854] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5853] <... futex resumed>) = 1 [pid 5850] <... futex resumed>) = 0 [pid 5846] mprotect(0x7f38b908a000, 131072, PROT_READ|PROT_WRITE [pid 5851] <... futex resumed>) = 0 [pid 5850] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 1 [pid 5855] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 000 [pid 5850] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] futex(0x7f38b91a56a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] <... mprotect resumed>) = 0 [ 134.119046][ T5849] loop0: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 134.137026][ T5849] Buffer I/O error on dev loop0, logical block 8073606, async page read [ 134.140393][ T5855] syz-executor190: attempt to access beyond end of device [ 134.140393][ T5855] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 134.147946][ T5849] syz-executor190: attempt to access beyond end of device [ 134.147946][ T5849] loop0: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 134.161656][ T5852] Buffer I/O error on dev loop4, logical block 8073606, async page read [pid 5854] <... mount resumed>) = 0 [pid 5846] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5854] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5854] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5854] futex(0x7f38b91a56ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5854] futex(0x7f38b91a56a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5851] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5845] <... futex resumed>) = 0 [pid 5851] <... futex resumed>) = 1 [pid 5853] <... futex resumed>) = 0 [pid 5845] futex(0x7f38b91a56a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 000 [pid 5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90a9990, parent_tid=0x7f38b90a9990, exit_signal=0, stack=0x7f38b9089000, stack_size=0x20300, tls=0x7f38b90a96c0} [pid 5845] <... futex resumed>) = 1 [pid 5854] <... futex resumed>) = 0 [pid 5854] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|FASYNC, 000 [pid 5845] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5846] <... clone3 resumed> => {parent_tid=[5858]}, 88) = 5858 ./strace-static-x86_64: Process 5858 attached [pid 5858] rseq(0x7f38b90a9fe0, 0x20, 0, 0x53053053 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... rseq resumed>) = 0 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] set_robust_list(0x7f38b90a99a0, 24 [pid 5846] futex(0x7f38b91a56b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5846] futex(0x7f38b91a56bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] futex(0x7f38b91a56ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5858] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5850] futex(0x7f38b91a56bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f38b9089000 [pid 5850] mprotect(0x7f38b908a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 134.175020][ T5855] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 134.185492][ T5852] Buffer I/O error on dev loop4, logical block 3245771, async page read [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90a9990, parent_tid=0x7f38b90a9990, exit_signal=0, stack=0x7f38b9089000, stack_size=0x20300, tls=0x7f38b90a96c0} => {parent_tid=[5859]}, 88) = 5859 [pid 5858] openat(AT_FDCWD, "cpu.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] futex(0x7f38b91a56b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] futex(0x7f38b91a56bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5859 attached [pid 5859] rseq(0x7f38b90a9fe0, 0x20, 0, 0x53053053) = 0 [pid 5859] set_robust_list(0x7f38b90a99a0, 24) = 0 [pid 5859] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5859] openat(AT_FDCWD, "cpu.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5845] futex(0x7f38b91a56bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f38b9089000 [pid 5845] mprotect(0x7f38b908a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90a9990, parent_tid=0x7f38b90a9990, exit_signal=0, stack=0x7f38b9089000, stack_size=0x20300, tls=0x7f38b90a96c0}./strace-static-x86_64: Process 5860 attached => {parent_tid=[5860]}, 88) = 5860 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5860] rseq(0x7f38b90a9fe0, 0x20, 0, 0x53053053 [pid 5845] futex(0x7f38b91a56b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] <... rseq resumed>) = 0 [pid 5845] <... futex resumed>) = 0 [pid 5860] set_robust_list(0x7f38b90a99a0, 24 [pid 5845] futex(0x7f38b91a56bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5860] <... set_robust_list resumed>) = 0 [pid 5851] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5860] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] futex(0x7f38b91a56bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5860] openat(AT_FDCWD, "cpu.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5851] <... futex resumed>) = 0 [pid 5851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f38b9089000 [pid 5851] mprotect(0x7f38b908a000, 131072, PROT_READ|PROT_WRITE [pid 5846] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5851] <... mprotect resumed>) = 0 [pid 5851] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5851] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f38b90a9990, parent_tid=0x7f38b90a9990, exit_signal=0, stack=0x7f38b9089000, stack_size=0x20300, tls=0x7f38b90a96c0}./strace-static-x86_64: Process 5861 attached => {parent_tid=[5861]}, 88) = 5861 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5861] rseq(0x7f38b90a9fe0, 0x20, 0, 0x53053053 [pid 5851] futex(0x7f38b91a56b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] <... rseq resumed>) = 0 [pid 5851] <... futex resumed>) = 0 [pid 5861] set_robust_list(0x7f38b90a99a0, 24 [pid 5851] futex(0x7f38b91a56bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5861] <... set_robust_list resumed>) = 0 [pid 5861] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5861] openat(AT_FDCWD, "cpu.stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5851] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5848] exit_group(0) = ? [pid 5850] exit_group(0) = ? [pid 5846] exit_group(0) = ? [pid 5851] exit_group(0) = ? [pid 5845] exit_group(0) = ? [pid 5841] kill(-5845, SIGKILL [pid 5840] kill(-5846, SIGKILL [pid 5841] <... kill resumed>) = 0 [pid 5840] <... kill resumed>) = 0 [pid 5841] kill(5845, SIGKILL [pid 5840] kill(5846, SIGKILL [pid 5841] <... kill resumed>) = 0 [pid 5840] <... kill resumed>) = 0 [pid 5844] kill(-5848, SIGKILL) = 0 [pid 5844] kill(5848, SIGKILL) = 0 [pid 5842] kill(-5850, SIGKILL) = 0 [pid 5842] kill(5850, SIGKILL) = 0 [pid 5843] kill(-5851, SIGKILL) = 0 [pid 5843] kill(5851, SIGKILL) = 0 [pid 5841] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5841] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5841] getdents64(3, 0x55555c0cb730 /* 2 entries */, 32768) = 48 [pid 5841] getdents64(3, 0x55555c0cb730 /* 0 entries */, 32768) = 0 [pid 5841] close(3) = 0 [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5840] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] getdents64(3, 0x55555c0cb730 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, 0x55555c0cb730 /* 0 entries */, 32768) = 0 [pid 5840] close(3) = 0 [pid 5842] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5842] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5842] getdents64(3, 0x55555c0cb730 /* 2 entries */, 32768) = 48 [pid 5842] getdents64(3, 0x55555c0cb730 /* 0 entries */, 32768) = 0 [pid 5842] close(3) = 0 [pid 5844] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5844] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5844] getdents64(3, 0x55555c0cb730 /* 2 entries */, 32768) = 48 [pid 5844] getdents64(3, 0x55555c0cb730 /* 0 entries */, 32768) = 0 [pid 5844] close(3) = 0 [pid 5843] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5843] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5843] getdents64(3, 0x55555c0cb730 /* 2 entries */, 32768) = 48 [pid 5843] getdents64(3, 0x55555c0cb730 /* 0 entries */, 32768) = 0 [pid 5843] close(3) = 0 [ 286.648524][ T30] INFO: task syz-executor190:5860 blocked for more than 143 seconds. [ 286.676871][ T30] Not tainted 6.13.0-rc3-syzkaller #0 [ 286.682858][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.736963][ T30] task:syz-executor190 state:D stack:27920 pid:5860 tgid:5845 ppid:5841 flags:0x00004006 [ 286.777217][ T30] Call Trace: [ 286.780594][ T30] [ 286.783575][ T30] __schedule+0x17fb/0x4be0 [ 286.826900][ T30] ? __pfx___schedule+0x10/0x10 [ 286.831860][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.856932][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.863008][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.886877][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.892200][ T30] ? schedule+0x90/0x320 [ 286.896507][ T30] schedule+0x14b/0x320 [ 286.927005][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.932571][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 286.976950][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 286.983837][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.036881][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.042019][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.076860][ T30] down_write+0x1d7/0x220 [ 287.081452][ T30] ? __pfx_down_write+0x10/0x10 [ 287.086356][ T30] ? sb_end_write+0xe9/0x1c0 [ 287.116872][ T30] path_openat+0x89a/0x3590 [ 287.121645][ T30] ? __pfx_path_openat+0x10/0x10 [ 287.146879][ T30] do_filp_open+0x27f/0x4e0 [ 287.151564][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 287.156633][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 287.197395][ T30] do_sys_openat2+0x13e/0x1d0 [ 287.202177][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.256878][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 287.262196][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.296858][ T30] ? ptrace_notify+0x279/0x380 [ 287.301724][ T30] __x64_sys_openat+0x247/0x2a0 [ 287.306731][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 287.336949][ T30] ? do_syscall_64+0x100/0x230 [ 287.341861][ T30] do_syscall_64+0xf3/0x230 [ 287.346417][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.386868][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.392978][ T30] RIP: 0033:0x7f38b9113bc9 [ 287.416925][ T30] RSP: 002b:00007f38b90a9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.425566][ T30] RAX: ffffffffffffffda RBX: 00007f38b91a56b8 RCX: 00007f38b9113bc9 [ 287.496894][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 287.504945][ T30] RBP: 00007f38b91a56b0 R08: 00007ffd5e2d1847 R09: 0000000000000000 [ 287.566855][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56bc [ 287.575075][ T30] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 287.606897][ T30] [ 287.626868][ T30] INFO: task syz-executor190:5858 blocked for more than 144 seconds. [ 287.635275][ T30] Not tainted 6.13.0-rc3-syzkaller #0 [ 287.666855][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.675642][ T30] task:syz-executor190 state:D stack:27920 pid:5858 tgid:5846 ppid:5840 flags:0x00004006 [ 287.736866][ T30] Call Trace: [ 287.740227][ T30] [ 287.743210][ T30] __schedule+0x17fb/0x4be0 [ 287.786886][ T30] ? __pfx___schedule+0x10/0x10 [ 287.791857][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.816861][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.823209][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.866879][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.872103][ T30] ? schedule+0x90/0x320 [ 287.876415][ T30] schedule+0x14b/0x320 [ 287.917345][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.922916][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.966863][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.973059][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.006903][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.012233][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 288.046874][ T30] down_write+0x1d7/0x220 [ 288.051292][ T30] ? __pfx_down_write+0x10/0x10 [ 288.056230][ T30] ? sb_end_write+0xe9/0x1c0 [ 288.096941][ T30] path_openat+0x89a/0x3590 [ 288.101575][ T30] ? __pfx_path_openat+0x10/0x10 [ 288.106586][ T30] do_filp_open+0x27f/0x4e0 [ 288.137376][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 288.142682][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 288.166984][ T30] do_sys_openat2+0x13e/0x1d0 [ 288.171756][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 288.206862][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 288.212248][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 288.236909][ T30] ? ptrace_notify+0x279/0x380 [ 288.241763][ T30] __x64_sys_openat+0x247/0x2a0 [ 288.246658][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 288.306874][ T30] ? do_syscall_64+0x100/0x230 [ 288.311831][ T30] do_syscall_64+0xf3/0x230 [ 288.316386][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.346871][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.352965][ T30] RIP: 0033:0x7f38b9113bc9 [ 288.376946][ T30] RSP: 002b:00007f38b90a9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 288.385457][ T30] RAX: ffffffffffffffda RBX: 00007f38b91a56b8 RCX: 00007f38b9113bc9 [ 288.456910][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 288.465055][ T30] RBP: 00007f38b91a56b0 R08: 00007ffd5e2d1847 R09: 0000000000000000 [ 288.516849][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56bc [ 288.524992][ T30] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 288.576907][ T30] [ 288.587122][ T30] INFO: task syz-executor190:5857 blocked for more than 145 seconds. [ 288.595254][ T30] Not tainted 6.13.0-rc3-syzkaller #0 [ 288.636866][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.645620][ T30] task:syz-executor190 state:D stack:27288 pid:5857 tgid:5848 ppid:5844 flags:0x00004006 [ 288.716846][ T30] Call Trace: [ 288.720225][ T30] [ 288.723201][ T30] __schedule+0x17fb/0x4be0 [ 288.766882][ T30] ? __pfx___schedule+0x10/0x10 [ 288.771830][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.806870][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.812980][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.846884][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.852136][ T30] ? schedule+0x90/0x320 [ 288.856728][ T30] schedule+0x14b/0x320 [ 288.886861][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.892429][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 288.936980][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 288.943693][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.977823][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.983146][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 289.016921][ T30] down_write+0x1d7/0x220 [ 289.021341][ T30] ? __pfx_down_write+0x10/0x10 [ 289.026440][ T30] ? sb_end_write+0xe9/0x1c0 [ 289.066878][ T30] path_openat+0x89a/0x3590 [ 289.071546][ T30] ? __pfx_path_openat+0x10/0x10 [ 289.076660][ T30] do_filp_open+0x27f/0x4e0 [ 289.136913][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 289.142051][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 289.166891][ T30] do_sys_openat2+0x13e/0x1d0 [ 289.171661][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 289.197390][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 289.202782][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 289.236930][ T30] ? ptrace_notify+0x279/0x380 [ 289.242128][ T30] __x64_sys_openat+0x247/0x2a0 [ 289.266909][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 289.272575][ T30] ? do_syscall_64+0x100/0x230 [ 289.307353][ T30] do_syscall_64+0xf3/0x230 [ 289.312121][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.346859][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.352852][ T30] RIP: 0033:0x7f38b9113bc9 [ 289.386872][ T30] RSP: 002b:00007f38b90a9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 289.395469][ T30] RAX: ffffffffffffffda RBX: 00007f38b91a56b8 RCX: 00007f38b9113bc9 [ 289.426855][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 289.434915][ T30] RBP: 00007f38b91a56b0 R08: 00007ffd5e2d1847 R09: 0000000000000000 [ 289.486852][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56bc [ 289.496053][ T30] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 289.576938][ T30] [ 289.580076][ T30] INFO: task syz-executor190:5859 blocked for more than 146 seconds. [ 289.616853][ T30] Not tainted 6.13.0-rc3-syzkaller #0 [ 289.622818][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.656851][ T30] task:syz-executor190 state:D stack:27920 pid:5859 tgid:5850 ppid:5842 flags:0x00004006 [ 289.686876][ T30] Call Trace: [ 289.690367][ T30] [ 289.693348][ T30] __schedule+0x17fb/0x4be0 [ 289.726901][ T30] ? __pfx___schedule+0x10/0x10 [ 289.731865][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.766904][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.773097][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.816861][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.822083][ T30] ? schedule+0x90/0x320 [ 289.826381][ T30] schedule+0x14b/0x320 [ 289.866858][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.872430][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 289.916886][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 289.922982][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.966858][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.972091][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 290.016882][ T30] down_write+0x1d7/0x220 [ 290.021307][ T30] ? __pfx_down_write+0x10/0x10 [ 290.026331][ T30] ? sb_end_write+0xe9/0x1c0 [ 290.056874][ T30] path_openat+0x89a/0x3590 [ 290.061593][ T30] ? __pfx_path_openat+0x10/0x10 [ 290.066643][ T30] do_filp_open+0x27f/0x4e0 [ 290.096856][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 290.101971][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 290.126893][ T30] do_sys_openat2+0x13e/0x1d0 [ 290.131664][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.156858][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 290.162350][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 290.196881][ T30] ? ptrace_notify+0x279/0x380 [ 290.202035][ T30] __x64_sys_openat+0x247/0x2a0 [ 290.226866][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 290.232353][ T30] ? do_syscall_64+0x100/0x230 [ 290.256895][ T30] do_syscall_64+0xf3/0x230 [ 290.262661][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.296910][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.303381][ T30] RIP: 0033:0x7f38b9113bc9 [ 290.336879][ T30] RSP: 002b:00007f38b90a9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 290.345551][ T30] RAX: ffffffffffffffda RBX: 00007f38b91a56b8 RCX: 00007f38b9113bc9 [ 290.386868][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 290.395721][ T30] RBP: 00007f38b91a56b0 R08: 00007ffd5e2d1847 R09: 0000000000000000 [ 290.446854][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56bc [ 290.455089][ T30] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 290.506875][ T30] [ 290.510022][ T30] INFO: task syz-executor190:5861 blocked for more than 147 seconds. [ 290.546873][ T30] Not tainted 6.13.0-rc3-syzkaller #0 [ 290.552837][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.596845][ T30] task:syz-executor190 state:D stack:27920 pid:5861 tgid:5851 ppid:5843 flags:0x00004006 [ 290.626889][ T30] Call Trace: [ 290.630247][ T30] [ 290.633351][ T30] __schedule+0x17fb/0x4be0 [ 290.676884][ T30] ? __pfx___schedule+0x10/0x10 [ 290.681992][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.716865][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.723378][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.757339][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.762560][ T30] ? schedule+0x90/0x320 [ 290.786885][ T30] schedule+0x14b/0x320 [ 290.791150][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.816854][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 290.822675][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 290.857415][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.863680][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.906892][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 290.912461][ T30] down_write+0x1d7/0x220 [ 290.936869][ T30] ? __pfx_down_write+0x10/0x10 [ 290.941904][ T30] ? sb_end_write+0xe9/0x1c0 [ 290.946560][ T30] path_openat+0x89a/0x3590 [ 290.977376][ T30] ? __pfx_path_openat+0x10/0x10 [ 290.982444][ T30] do_filp_open+0x27f/0x4e0 [ 291.016876][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 291.021995][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 291.056913][ T30] do_sys_openat2+0x13e/0x1d0 [ 291.061696][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 291.106863][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 291.112163][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 291.146853][ T30] ? ptrace_notify+0x279/0x380 [ 291.151735][ T30] __x64_sys_openat+0x247/0x2a0 [ 291.156644][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 291.206859][ T30] ? do_syscall_64+0x100/0x230 [ 291.211764][ T30] do_syscall_64+0xf3/0x230 [ 291.216317][ T30] ? clear_bhb_loop+0x35/0x90 [ 291.256848][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.262967][ T30] RIP: 0033:0x7f38b9113bc9 [ 291.296865][ T30] RSP: 002b:00007f38b90a9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 291.305641][ T30] RAX: ffffffffffffffda RBX: 00007f38b91a56b8 RCX: 00007f38b9113bc9 [ 291.356866][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 291.364976][ T30] RBP: 00007f38b91a56b0 R08: 00007ffd5e2d1847 R09: 0000000000000000 [ 291.396878][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56bc [ 291.405014][ T30] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 291.456953][ T30] [ 291.460108][ T30] [ 291.460108][ T30] Showing all locks held in the system: [ 291.481662][ T30] 1 lock held by khungtaskd/30: [ 291.486668][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 291.536857][ T30] 1 lock held by kswapd0/88: [ 291.541569][ T30] 2 locks held by getty/5586: [ 291.546290][ T30] #0: ffff88802ffa00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 291.616850][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 291.646859][ T30] 3 locks held by syz-executor190/5854: [ 291.652484][ T30] 1 lock held by syz-executor190/5860: [ 291.686861][ T30] #0: ffff888076d7d140 (&type->i_mutex_dir_key#6){+.+.}-{4:4}, at: path_openat+0x89a/0x3590 [ 291.716852][ T30] 1 lock held by syz-executor190/5849: [ 291.722392][ T30] 1 lock held by syz-executor190/5858: [ 291.746855][ T30] #0: ffff888076d7c6c0 (&type->i_mutex_dir_key#6){+.+.}-{4:4}, at: path_openat+0x89a/0x3590 [ 291.796895][ T30] 1 lock held by syz-executor190/5852: [ 291.802446][ T30] 1 lock held by syz-executor190/5857: [ 291.836871][ T30] #0: ffff888076d7c180 (&type->i_mutex_dir_key#6){+.+.}-{4:4}, at: path_openat+0x89a/0x3590 [ 291.876880][ T30] 1 lock held by syz-executor190/5855: [ 291.882420][ T30] 1 lock held by syz-executor190/5859: [ 291.916893][ T30] #0: ffff888076d7cc00 (&type->i_mutex_dir_key#6){+.+.}-{4:4}, at: path_openat+0x89a/0x3590 [ 291.956863][ T30] 1 lock held by syz-executor190/5853: [ 291.962404][ T30] 1 lock held by syz-executor190/5861: [ 291.996850][ T30] #0: ffff888076d54180 (&type->i_mutex_dir_key#6){+.+.}-{4:4}, at: path_openat+0x89a/0x3590 [ 292.046881][ T30] [ 292.049279][ T30] ============================================= [ 292.049279][ T30] [ 292.076864][ T30] NMI backtrace for cpu 1 [ 292.081275][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller #0 [ 292.090333][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 292.100404][ T30] Call Trace: [ 292.103789][ T30] [ 292.106740][ T30] dump_stack_lvl+0x241/0x360 [ 292.111445][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.116750][ T30] ? __pfx__printk+0x10/0x10 [ 292.121380][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 292.126366][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.131918][ T30] ? _printk+0xd5/0x120 [ 292.136189][ T30] ? __pfx__printk+0x10/0x10 [ 292.140975][ T30] ? __wake_up_klogd+0xcc/0x110 [ 292.145862][ T30] ? __pfx__printk+0x10/0x10 [ 292.150645][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 292.155769][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 292.162209][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 292.168222][ T30] watchdog+0xff6/0x1040 [ 292.172502][ T30] ? watchdog+0x1ea/0x1040 [ 292.177205][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.181956][ T30] kthread+0x2f0/0x390 [ 292.186060][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.190769][ T30] ? __pfx_kthread+0x10/0x10 [ 292.195471][ T30] ret_from_fork+0x4b/0x80 [ 292.199901][ T30] ? __pfx_kthread+0x10/0x10 [ 292.204541][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.209362][ T30] [ 292.212590][ T30] Sending NMI from CPU 1 to CPUs 0: [ 292.217886][ C0] NMI backtrace for cpu 0 [ 292.217901][ C0] CPU: 0 UID: 0 PID: 5852 Comm: syz-executor190 Not tainted 6.13.0-rc3-syzkaller #0 [ 292.217921][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 292.217932][ C0] RIP: 0010:clear_page_erms+0xb/0x20 [ 292.217956][ C0] Code: 48 8d 7f 40 75 d9 90 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 00 10 00 00 31 c0 aa c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 [ 292.217971][ C0] RSP: 0018:ffffc90003c77190 EFLAGS: 00010246 [ 292.217996][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000340 [ 292.218008][ C0] RDX: ffff88805596d000 RSI: 0000000000000001 RDI: ffff88805596dcc0 [ 292.218021][ C0] RBP: 0000000000000004 R08: ffffea0001565b77 R09: 0000000000000000 [ 292.218032][ C0] R10: ffffed100ab2da00 R11: fffff940002acb6f R12: 0000000000000001 [ 292.218045][ C0] R13: 0000000000000001 R14: ffffea0001565b40 R15: 0000000000000000 [ 292.218056][ C0] FS: 00007f38b90ca6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 292.218072][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 292.218085][ C0] CR2: 00005635dcab2680 CR3: 000000007cf14000 CR4: 00000000003526f0 [ 292.218100][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 292.218111][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 292.218122][ C0] Call Trace: [ 292.218128][ C0] [ 292.218135][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 292.218157][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 292.218178][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.218198][ C0] ? nmi_handle+0x2a/0x5a0 [ 292.218226][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 292.218253][ C0] ? nmi_handle+0x14f/0x5a0 [ 292.218272][ C0] ? nmi_handle+0x2a/0x5a0 [ 292.218292][ C0] ? clear_page_erms+0xb/0x20 [ 292.218309][ C0] ? default_do_nmi+0x63/0x160 [ 292.218330][ C0] ? exc_nmi+0x123/0x1f0 [ 292.218348][ C0] ? end_repeat_nmi+0xf/0x53 [ 292.218370][ C0] ? clear_page_erms+0xb/0x20 [ 292.218388][ C0] ? clear_page_erms+0xb/0x20 [ 292.218407][ C0] ? clear_page_erms+0xb/0x20 [ 292.218425][ C0] [ 292.218431][ C0] [ 292.218437][ C0] post_alloc_hook+0xf8/0x230 [ 292.218459][ C0] get_page_from_freelist+0x3651/0x37a0 [ 292.218492][ C0] ? __pfx___might_resched+0x10/0x10 [ 292.218521][ C0] ? get_block+0x1132/0x16d0 [ 292.218547][ C0] ? should_fail_alloc_page+0x75/0x110 [ 292.218580][ C0] __alloc_pages_noprof+0x292/0x710 [ 292.218605][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 292.218638][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 292.218669][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 292.218702][ C0] folio_alloc_noprof+0x128/0x180 [ 292.218721][ C0] filemap_alloc_folio_noprof+0xdf/0x500 [ 292.218748][ C0] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 292.218772][ C0] ? filemap_read_folio+0x30a/0x3b0 [ 292.218790][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.218815][ C0] ? __filemap_get_folio+0x848/0x940 [ 292.218845][ C0] do_read_cache_folio+0x2fd/0x5b0 [ 292.218863][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.218890][ C0] sysv_find_entry+0x16c/0x590 [ 292.218919][ C0] sysv_inode_by_name+0x98/0x2a0 [ 292.218944][ C0] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 292.218979][ C0] sysv_lookup+0x6b/0xe0 [ 292.219002][ C0] ? __pfx_sysv_lookup+0x10/0x10 [ 292.219027][ C0] path_openat+0x11a7/0x3590 [ 292.219062][ C0] ? __pfx_path_openat+0x10/0x10 [ 292.219093][ C0] do_filp_open+0x27f/0x4e0 [ 292.219115][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 292.219135][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 292.219178][ C0] do_sys_openat2+0x13e/0x1d0 [ 292.219197][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 292.219215][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 292.219240][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 292.219262][ C0] ? ptrace_notify+0x279/0x380 [ 292.219287][ C0] __x64_sys_openat+0x247/0x2a0 [ 292.219306][ C0] ? __pfx___x64_sys_openat+0x10/0x10 [ 292.219326][ C0] ? do_syscall_64+0x100/0x230 [ 292.219356][ C0] do_syscall_64+0xf3/0x230 [ 292.219381][ C0] ? clear_bhb_loop+0x35/0x90 [ 292.219398][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.219443][ C0] RIP: 0033:0x7f38b9113bc9 [ 292.219458][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 292.219473][ C0] RSP: 002b:00007f38b90ca218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 292.219490][ C0] RAX: ffffffffffffffda RBX: 00007f38b91a56a8 RCX: 00007f38b9113bc9 [ 292.219503][ C0] RDX: 0000000000103042 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 292.219515][ C0] RBP: 00007f38b91a56a0 R08: 0000000000000000 R09: 0000000000000000 [ 292.219527][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38b91a56ac [ 292.219539][ C0] R13: 00007f38b91680c0 R14: 746174732e757063 R15: 0031656c69662f2e [ 292.219559][ C0] [ 292.219567][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.682 msecs [ 292.976866][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 292.984016][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller #0 [ 292.992832][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 293.002933][ T30] Call Trace: [ 293.006937][ T30] [ 293.009912][ T30] dump_stack_lvl+0x241/0x360 [ 293.014644][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 293.019892][ T30] ? __pfx__printk+0x10/0x10 [ 293.024523][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 293.030557][ T30] ? vscnprintf+0x5d/0x90 [ 293.034935][ T30] panic+0x349/0x880 [ 293.038877][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 293.045176][ T30] ? __pfx_panic+0x10/0x10 [ 293.049667][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 293.055172][ T30] ? __irq_work_queue_local+0x137/0x410 [ 293.060757][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 293.066181][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 293.072377][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 293.078638][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 293.084847][ T30] watchdog+0x1035/0x1040 [ 293.089238][ T30] ? watchdog+0x1ea/0x1040 [ 293.093800][ T30] ? __pfx_watchdog+0x10/0x10 [ 293.098542][ T30] kthread+0x2f0/0x390 [ 293.102833][ T30] ? __pfx_watchdog+0x10/0x10 [ 293.107551][ T30] ? __pfx_kthread+0x10/0x10 [ 293.112191][ T30] ret_from_fork+0x4b/0x80 [ 293.117259][ T30] ? __pfx_kthread+0x10/0x10 [ 293.122586][ T30] ret_from_fork_asm+0x1a/0x30 [ 293.127547][ T30] [ 293.130994][ T30] Kernel Offset: disabled [ 293.135333][ T30] Rebooting in 86400 seconds..