./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2886693738 <...> DUID 00:04:f8:b5:8a:47:ae:09:95:3a:43:2d:d7:42:86:31:94:89 forked to background, child pid 3209 [ 41.964162][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.974474][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.114' (ECDSA) to the list of known hosts. execve("./syz-executor2886693738", ["./syz-executor2886693738"], 0x7ffdb2bca8b0 /* 10 vars */) = 0 brk(NULL) = 0x5555572a7000 brk(0x5555572a7c40) = 0x5555572a7c40 arch_prctl(ARCH_SET_FS, 0x5555572a7300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2886693738", 4096) = 28 brk(0x5555572c8c40) = 0x5555572c8c40 brk(0x5555572c9000) = 0x5555572c9000 mprotect(0x7f6929f8d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572a75d0) = 3635 ./strace-static-x86_64: Process 3635 attached [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3635] getpid() = 3635 ./strace-static-x86_64: Process 3636 attached [pid 3634] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3636 [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3635] mkdir("./syzkaller.ruhPG5", 0700 [pid 3634] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3637 ./strace-static-x86_64: Process 3637 attached [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3636] getpid() = 3636 [pid 3634] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3638 [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3636] mkdir("./syzkaller.szGpx6", 0700 [pid 3634] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3639 ./strace-static-x86_64: Process 3639 attached [pid 3634] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3637] getpid(./strace-static-x86_64: Process 3640 attached ./strace-static-x86_64: Process 3638 attached [pid 3639] getpid( [pid 3637] <... getpid resumed>) = 3637 [pid 3635] <... mkdir resumed>) = 0 [pid 3636] <... mkdir resumed>) = 0 [pid 3634] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3640 [pid 3637] mkdir("./syzkaller.G9bQsd", 0700 [pid 3636] chmod("./syzkaller.szGpx6", 0777 [pid 3640] getpid( [pid 3639] <... getpid resumed>) = 3639 [pid 3637] <... mkdir resumed>) = 0 [pid 3636] <... chmod resumed>) = 0 [pid 3637] chmod("./syzkaller.G9bQsd", 0777 [pid 3636] chdir("./syzkaller.szGpx6" [pid 3639] mkdir("./syzkaller.VFXIrk", 0700 [pid 3637] <... chmod resumed>) = 0 [pid 3636] <... chdir resumed>) = 0 [pid 3637] chdir("./syzkaller.G9bQsd") = 0 [pid 3639] <... mkdir resumed>) = 0 [pid 3637] mkdir("./0", 0777 [pid 3639] chmod("./syzkaller.VFXIrk", 0777 [pid 3636] mkdir("./0", 0777 [pid 3637] <... mkdir resumed>) = 0 [pid 3636] <... mkdir resumed>) = 0 [pid 3637] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 3640] <... getpid resumed>) = 3640 [pid 3639] <... chmod resumed>) = 0 [pid 3638] getpid( [pid 3637] <... openat resumed>) = 3 [pid 3636] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3635] chmod("./syzkaller.ruhPG5", 0777 [pid 3637] ioctl(3, LOOP_CLR_FD [pid 3636] <... openat resumed>) = 3 [pid 3636] ioctl(3, LOOP_CLR_FD [pid 3639] chdir("./syzkaller.VFXIrk") = 0 [pid 3636] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3639] mkdir("./0", 0777 [pid 3637] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3636] close(3 [pid 3635] <... chmod resumed>) = 0 [pid 3640] mkdir("./syzkaller.N73JCq", 0700 [pid 3639] <... mkdir resumed>) = 0 [pid 3638] <... getpid resumed>) = 3638 [pid 3636] <... close resumed>) = 0 [pid 3635] chdir("./syzkaller.ruhPG5" [pid 3638] mkdir("./syzkaller.CxITtg", 0700 [pid 3636] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3635] <... chdir resumed>) = 0 [pid 3639] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3638] <... mkdir resumed>) = 0 [pid 3635] mkdir("./0", 0777 [pid 3639] <... openat resumed>) = 3 [pid 3638] chmod("./syzkaller.CxITtg", 0777 [pid 3635] <... mkdir resumed>) = 0 [pid 3639] ioctl(3, LOOP_CLR_FD [pid 3638] <... chmod resumed>) = 0 [pid 3636] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3641 [pid 3635] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3640] <... mkdir resumed>) = 0 [pid 3639] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3638] chdir("./syzkaller.CxITtg" [pid 3637] close(3 [pid 3635] <... openat resumed>) = 3 [pid 3639] close(3 [pid 3638] <... chdir resumed>) = 0 [pid 3637] <... close resumed>) = 0 [pid 3635] ioctl(3, LOOP_CLR_FD [pid 3637] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3639] <... close resumed>) = 0 [pid 3638] mkdir("./0", 0777 [pid 3635] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3640] chmod("./syzkaller.N73JCq", 0777 [pid 3639] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3638] <... mkdir resumed>) = 0 [pid 3635] close(3 [pid 3637] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3642 [pid 3640] <... chmod resumed>) = 0 [pid 3638] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3635] <... close resumed>) = 0 ./strace-static-x86_64: Process 3641 attached [pid 3640] chdir("./syzkaller.N73JCq" [pid 3639] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3643 [pid 3638] <... openat resumed>) = 3 [pid 3640] <... chdir resumed>) = 0 [pid 3638] ioctl(3, LOOP_CLR_FD [pid 3635] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3642 attached [pid 3641] chdir("./0" [pid 3640] mkdir("./0", 0777 [pid 3638] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3638] close(3 [pid 3635] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3644 ./strace-static-x86_64: Process 3643 attached [pid 3638] <... close resumed>) = 0 [pid 3640] <... mkdir resumed>) = 0 [pid 3638] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3643] chdir("./0" [pid 3642] chdir("./0" [pid 3641] <... chdir resumed>) = 0 [pid 3640] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 3643] <... chdir resumed>) = 0 [pid 3638] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3645 [pid 3643] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3641] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3640] <... openat resumed>) = 3 [pid 3643] <... prctl resumed>) = 0 [pid 3642] <... chdir resumed>) = 0 [pid 3641] <... prctl resumed>) = 0 [pid 3640] ioctl(3, LOOP_CLR_FD [pid 3643] setpgid(0, 0 [pid 3642] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3641] setpgid(0, 0 [pid 3643] <... setpgid resumed>) = 0 [pid 3642] <... prctl resumed>) = 0 [pid 3641] <... setpgid resumed>) = 0 [pid 3640] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 3643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3642] setpgid(0, 0 [pid 3641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3640] close(3 [pid 3643] write(3, "1000", 4 [pid 3642] <... setpgid resumed>) = 0 [pid 3643] <... write resumed>) = 4 [pid 3641] <... openat resumed>) = 3 ./strace-static-x86_64: Process 3645 attached [pid 3643] close(3 [pid 3642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3641] write(3, "1000", 4 [pid 3640] <... close resumed>) = 0 ./strace-static-x86_64: Process 3644 attached [pid 3645] chdir("./0" [pid 3643] <... close resumed>) = 0 [pid 3641] <... write resumed>) = 4 [pid 3640] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 3645] <... chdir resumed>) = 0 [pid 3643] symlink("/dev/binderfs", "./binderfs" [pid 3642] <... openat resumed>) = 3 [pid 3645] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3643] <... symlink resumed>) = 0 [pid 3641] close(3 [pid 3645] <... prctl resumed>) = 0 [pid 3643] memfd_create("syzkaller", 0 [pid 3642] write(3, "1000", 4 [pid 3641] <... close resumed>) = 0 [pid 3645] setpgid(0, 0 [pid 3644] chdir("./0" [pid 3643] <... memfd_create resumed>) = 3 [pid 3642] <... write resumed>) = 4 [pid 3641] symlink("/dev/binderfs", "./binderfs" [pid 3640] <... clone resumed>, child_tidptr=0x5555572a75d0) = 3646 [pid 3645] <... setpgid resumed>) = 0 [pid 3643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3642] close(3 [pid 3645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3643] <... mmap resumed>) = 0x7f6921a00000 [pid 3642] <... close resumed>) = 0 [pid 3641] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 3646 attached [pid 3645] <... openat resumed>) = 3 [pid 3644] <... chdir resumed>) = 0 [pid 3646] chdir("./0" [pid 3645] write(3, "1000", 4 [pid 3644] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3642] symlink("/dev/binderfs", "./binderfs" [pid 3641] memfd_create("syzkaller", 0 [pid 3646] <... chdir resumed>) = 0 [pid 3645] <... write resumed>) = 4 [pid 3646] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 3645] close(3 [pid 3646] <... prctl resumed>) = 0 [pid 3645] <... close resumed>) = 0 [pid 3646] setpgid(0, 0 [pid 3645] symlink("/dev/binderfs", "./binderfs" [pid 3646] <... setpgid resumed>) = 0 [pid 3645] <... symlink resumed>) = 0 [pid 3644] <... prctl resumed>) = 0 [pid 3642] <... symlink resumed>) = 0 [pid 3641] <... memfd_create resumed>) = 3 [pid 3646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3645] memfd_create("syzkaller", 0 [pid 3644] setpgid(0, 0 [pid 3646] <... openat resumed>) = 3 [pid 3645] <... memfd_create resumed>) = 3 [pid 3644] <... setpgid resumed>) = 0 [pid 3642] memfd_create("syzkaller", 0 [pid 3641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3646] write(3, "1000", 4 [pid 3645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 3646] <... write resumed>) = 4 [pid 3645] <... mmap resumed>) = 0x7f6921a00000 [pid 3642] <... memfd_create resumed>) = 3 [pid 3641] <... mmap resumed>) = 0x7f6921a00000 [pid 3644] <... openat resumed>) = 3 [pid 3646] close(3 [pid 3642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3646] <... close resumed>) = 0 [pid 3646] symlink("/dev/binderfs", "./binderfs") = 0 [pid 3646] memfd_create("syzkaller", 0 [pid 3644] write(3, "1000", 4 [pid 3646] <... memfd_create resumed>) = 3 [pid 3642] <... mmap resumed>) = 0x7f6921a00000 [pid 3646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 3644] <... write resumed>) = 4 [pid 3646] <... mmap resumed>) = 0x7f6921a00000 [pid 3644] close(3) = 0 [pid 3644] symlink("/dev/binderfs", "./binderfs") = 0 [pid 3644] memfd_create("syzkaller", 0) = 3 [pid 3644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6921a00000 [pid 3641] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3642] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3643] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3644] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3646] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 3641] <... write resumed>) = 16777216 [pid 3641] munmap(0x7f6921a00000, 16777216) = 0 [pid 3642] <... write resumed>) = 16777216 [pid 3642] munmap(0x7f6921a00000, 16777216 [pid 3643] <... write resumed>) = 16777216 [pid 3641] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 3643] munmap(0x7f6921a00000, 16777216 [pid 3641] <... openat resumed>) = 4 [pid 3641] ioctl(4, LOOP_SET_FD, 3 [pid 3642] <... munmap resumed>) = 0 [pid 3642] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 3642] ioctl(4, LOOP_SET_FD, 3 [pid 3645] <... write resumed>) = 16777216 [pid 3644] <... write resumed>) = 16777216 [pid 3644] munmap(0x7f6921a00000, 16777216 [pid 3643] <... munmap resumed>) = 0 [pid 3641] <... ioctl resumed>) = 0 [pid 3642] <... ioctl resumed>) = 0 [pid 3643] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 3641] close(3 [pid 3643] <... openat resumed>) = 4 [pid 3641] <... close resumed>) = 0 [pid 3645] munmap(0x7f6921a00000, 16777216 [pid 3644] <... munmap resumed>) = 0 [pid 3643] ioctl(4, LOOP_SET_FD, 3 [pid 3642] close(3 [pid 3641] mkdir("./file0", 0777 [pid 3646] <... write resumed>) = 16777216 [pid 3645] <... munmap resumed>) = 0 [pid 3644] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 3646] munmap(0x7f6921a00000, 16777216 [pid 3644] <... openat resumed>) = 4 [pid 3643] <... ioctl resumed>) = 0 [pid 3642] <... close resumed>) = 0 [pid 3641] <... mkdir resumed>) = 0 [pid 3646] <... munmap resumed>) = 0 [pid 3645] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 3644] ioctl(4, LOOP_SET_FD, 3 [pid 3643] close(3 syzkaller login: [ 70.535923][ T3641] loop1: detected capacity change from 0 to 32768 [ 70.541935][ T3642] loop2: detected capacity change from 0 to 32768 [ 70.569820][ T3643] loop4: detected capacity change from 0 to 32768 [pid 3642] mkdir("./file0", 0777 [pid 3641] mount("/dev/loop1", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3646] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 3645] <... openat resumed>) = 4 [pid 3642] <... mkdir resumed>) = 0 [pid 3646] <... openat resumed>) = 4 [pid 3645] ioctl(4, LOOP_SET_FD, 3 [pid 3642] mount("/dev/loop2", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3644] <... ioctl resumed>) = 0 [pid 3643] <... close resumed>) = 0 [pid 3644] close(3 [pid 3643] mkdir("./file0", 0777 [pid 3646] ioctl(4, LOOP_SET_FD, 3 [pid 3644] <... close resumed>) = 0 [pid 3643] <... mkdir resumed>) = 0 [pid 3645] <... ioctl resumed>) = 0 [pid 3644] mkdir("./file0", 0777 [pid 3643] mount("/dev/loop4", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3642] <... mount resumed>) = 0 [pid 3641] <... mount resumed>) = 0 [pid 3644] <... mkdir resumed>) = 0 [pid 3641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3646] <... ioctl resumed>) = 0 [pid 3645] close(3 [pid 3642] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3641] <... openat resumed>) = 3 [pid 3646] close(3 [pid 3645] <... close resumed>) = 0 [pid 3642] <... openat resumed>) = 3 [pid 3641] chdir("./file0" [pid 3646] <... close resumed>) = 0 [pid 3645] mkdir("./file0", 0777 [pid 3644] mount("/dev/loop0", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3643] <... mount resumed>) = 0 [pid 3642] chdir("./file0" [pid 3641] <... chdir resumed>) = 0 [pid 3646] mkdir("./file0", 0777 [pid 3645] <... mkdir resumed>) = 0 [pid 3643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3642] <... chdir resumed>) = 0 [pid 3641] ioctl(4, LOOP_CLR_FD [pid 3646] <... mkdir resumed>) = 0 [pid 3645] mount("/dev/loop3", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3642] ioctl(4, LOOP_CLR_FD [pid 3641] <... ioctl resumed>) = 0 [pid 3646] mount("/dev/loop5", "./file0", "jfs", 0, "nointegrity,iocharset=koi8-ru,iocharset=macceltic," [pid 3643] <... openat resumed>) = 3 [pid 3642] <... ioctl resumed>) = 0 [pid 3641] close(4 [pid 3642] close(4 [pid 3641] <... close resumed>) = 0 [pid 3642] <... close resumed>) = 0 [pid 3642] exit_group(0) = ? [pid 3642] +++ exited with 0 +++ [pid 3643] chdir("./file0") = 0 [pid 3643] ioctl(4, LOOP_CLR_FD) = 0 [pid 3643] close(4 [pid 3646] <... mount resumed>) = 0 [pid 3645] <... mount resumed>) = 0 [pid 3643] <... close resumed>) = 0 [pid 3641] exit_group(0 [pid 3637] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3642, si_uid=0, si_status=0, si_utime=10, si_stime=23} --- [pid 3646] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3644] <... mount resumed>) = 0 [pid 3643] exit_group(0 [pid 3646] <... openat resumed>) = 3 [pid 3645] <... openat resumed>) = 3 [ 70.582916][ T3644] loop0: detected capacity change from 0 to 32768 [ 70.585067][ T3645] loop3: detected capacity change from 0 to 32768 [ 70.604714][ T3646] loop5: detected capacity change from 0 to 32768 [pid 3644] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 3643] <... exit_group resumed>) = ? [pid 3646] chdir("./file0" [pid 3645] chdir("./file0" [pid 3644] <... openat resumed>) = 3 [pid 3643] +++ exited with 0 +++ [pid 3641] <... exit_group resumed>) = ? [pid 3646] <... chdir resumed>) = 0 [pid 3645] <... chdir resumed>) = 0 [pid 3644] chdir("./file0" [pid 3646] ioctl(4, LOOP_CLR_FD [pid 3645] ioctl(4, LOOP_CLR_FD [pid 3644] <... chdir resumed>) = 0 [pid 3639] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3643, si_uid=0, si_status=0, si_utime=9, si_stime=25} --- [pid 3646] <... ioctl resumed>) = 0 [pid 3645] <... ioctl resumed>) = 0 [pid 3644] ioctl(4, LOOP_CLR_FD [pid 3641] +++ exited with 0 +++ [pid 3639] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3646] close(4 [pid 3645] close(4 [pid 3644] <... ioctl resumed>) = 0 [pid 3639] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3636] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3641, si_uid=0, si_status=0, si_utime=5, si_stime=24} --- [pid 3646] <... close resumed>) = 0 [pid 3645] <... close resumed>) = 0 [pid 3644] close(4 [pid 3639] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3636] restart_syscall(<... resuming interrupted clone ...> [pid 3646] exit_group(0 [pid 3645] exit_group(0 [pid 3644] <... close resumed>) = 0 [pid 3639] <... openat resumed>) = 3 [pid 3636] <... restart_syscall resumed>) = 0 [pid 3646] <... exit_group resumed>) = ? [pid 3645] <... exit_group resumed>) = ? [pid 3644] exit_group(0 [pid 3639] fstat(3, [pid 3637] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3646] +++ exited with 0 +++ [pid 3645] +++ exited with 0 +++ [pid 3644] <... exit_group resumed>) = ? [pid 3639] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3637] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3644] +++ exited with 0 +++ [pid 3640] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3646, si_uid=0, si_status=0, si_utime=9, si_stime=26} --- [pid 3639] getdents64(3, [pid 3638] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3645, si_uid=0, si_status=0, si_utime=8, si_stime=27} --- [pid 3637] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3639] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3637] <... openat resumed>) = 3 [pid 3639] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3637] fstat(3, [pid 3636] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3635] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3644, si_uid=0, si_status=0, si_utime=7, si_stime=28} --- [pid 3639] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3638] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3637] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3636] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3639] lstat("./0/binderfs", [pid 3638] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3637] getdents64(3, [pid 3636] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3640] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3639] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3638] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3637] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3640] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3639] unlink("./0/binderfs" [pid 3638] <... openat resumed>) = 3 [pid 3637] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3636] <... openat resumed>) = 3 [pid 3640] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3637] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3640] <... openat resumed>) = 3 [pid 3639] <... unlink resumed>) = 0 [pid 3638] fstat(3, [pid 3637] lstat("./0/binderfs", [pid 3636] fstat(3, [pid 3635] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3640] fstat(3, [pid 3639] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3638] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3637] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3636] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3635] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3640] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3638] getdents64(3, [pid 3637] unlink("./0/binderfs" [pid 3640] getdents64(3, [pid 3638] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3637] <... unlink resumed>) = 0 [pid 3636] getdents64(3, [pid 3635] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 3640] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3638] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 70.708437][ T3637] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN [ 70.720214][ T3637] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 70.728651][ T3637] CPU: 1 PID: 3637 Comm: syz-executor288 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 [ 70.739100][ T3637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 70.749184][ T3637] RIP: 0010:lmLogSync+0x227/0xb00 [ 70.754268][ T3637] Code: ae fe 49 8d 5f f0 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 57 20 d7 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 3a 20 d7 fe 48 8b 3b e8 d2 f9 ae [ 70.774339][ T3637] RSP: 0018:ffffc90003d8fa60 EFLAGS: 00010206 [ 70.780438][ T3637] RAX: 0000000000000006 RBX: 0000000000000030 RCX: aa46bf18d8d22600 [ 70.788438][ T3637] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 70.796435][ T3637] RBP: ffffc90003d8fb68 R08: ffffffff81b68393 R09: ffffc90003d8f9b0 [pid 3637] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3640] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3638] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3636] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3635] <... openat resumed>) = 3 [pid 3640] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3638] lstat("./0/binderfs", [pid 3636] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3635] fstat(3, [pid 3638] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3636] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3635] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 3638] unlink("./0/binderfs" [pid 3636] lstat("./0/binderfs", [pid 3635] getdents64(3, [pid 3638] <... unlink resumed>) = 0 [pid 3636] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3635] <... getdents64 resumed>0x5555572a8620 /* 4 entries */, 32768) = 112 [pid 3638] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3636] unlink("./0/binderfs" [pid 3635] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3636] <... unlink resumed>) = 0 [pid 3635] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 3636] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3635] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3635] unlink("./0/binderfs") = 0 [pid 3635] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 3640] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 3640] unlink("./0/binderfs") = 0 [ 70.804432][ T3637] R10: fffff520007b1f39 R11: 1ffff920007b1f36 R12: dffffc0000000000 [ 70.812440][ T3637] R13: ffff888072d73800 R14: 0000000000000000 R15: ffff888028b6aa38 [ 70.820434][ T3637] FS: 00005555572a7300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 70.829360][ T3637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.835935][ T3637] CR2: 00005555572b0628 CR3: 0000000075823000 CR4: 00000000003506e0 [ 70.843934][ T3637] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.851921][ T3637] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.859896][ T3637] Call Trace: [ 70.863174][ T3637] [ 70.866101][ T3637] ? jfs_syncpt+0x22/0x90 [ 70.870436][ T3637] ? lmWriteRecord+0x1240/0x1240 [ 70.875374][ T3637] ? lmLogShutdown+0x920/0x920 [ 70.880143][ T3637] ? dqput+0x810/0x810 [ 70.884214][ T3637] jfs_syncpt+0x79/0x90 [ 70.888370][ T3637] jfs_sync_fs+0x86/0xa0 [ 70.892603][ T3637] sync_filesystem+0xe8/0x220 [ 70.897283][ T3637] generic_shutdown_super+0x6b/0x310 [ 70.902563][ T3637] kill_block_super+0x79/0xd0 [ 70.907234][ T3637] deactivate_locked_super+0xa7/0xf0 [ 70.912514][ T3637] cleanup_mnt+0x494/0x520 [ 70.916927][ T3637] ? lockdep_hardirqs_on+0x8d/0x130 [ 70.922152][ T3637] task_work_run+0x243/0x300 [ 70.926769][ T3637] ? task_work_cancel+0x290/0x290 [ 70.931803][ T3637] ? path_umount+0x1e0/0xf90 [ 70.936409][ T3637] ptrace_notify+0x29a/0x340 [ 70.941011][ T3637] ? do_notify_parent+0xe00/0xe00 [ 70.946056][ T3637] ? user_path_at_empty+0x149/0x1a0 [ 70.951260][ T3637] ? __x64_sys_umount+0x113/0x150 [ 70.956304][ T3637] syscall_exit_work+0x8c/0xe0 [ 70.961074][ T3637] syscall_exit_to_user_mode_prepare+0x63/0xc0 [ 70.967321][ T3637] syscall_exit_to_user_mode+0xa/0x60 [ 70.972691][ T3637] do_syscall_64+0x49/0xb0 [ 70.977099][ T3637] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 70.983005][ T3637] RIP: 0033:0x7f6929f1adc7 [ 70.987415][ T3637] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 71.007028][ T3637] RSP: 002b:00007ffcb5715f18 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 71.015440][ T3637] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f6929f1adc7 [ 71.023406][ T3637] RDX: 00007ffcb5715fd9 RSI: 000000000000000a RDI: 00007ffcb5715fd0 [ 71.031372][ T3637] RBP: 00007ffcb5715fd0 R08: 00000000ffffffff R09: 00007ffcb5715db0 [ 71.039348][ T3637] R10: 00005555572a8653 R11: 0000000000000206 R12: 00007ffcb5717040 [ 71.047325][ T3637] R13: 00005555572a85f0 R14: 00007ffcb5715f40 R15: 0000000000000001 [ 71.055304][ T3637] [ 71.058319][ T3637] Modules linked in: [ 71.063609][ T3637] ---[ end trace 0000000000000000 ]--- [ 71.069514][ T3637] RIP: 0010:lmLogSync+0x227/0xb00 [ 71.074575][ T3637] Code: ae fe 49 8d 5f f0 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 57 20 d7 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 3a 20 d7 fe 48 8b 3b e8 d2 f9 ae [ 71.094228][ T3637] RSP: 0018:ffffc90003d8fa60 EFLAGS: 00010206 [ 71.100340][ T3637] RAX: 0000000000000006 RBX: 0000000000000030 RCX: aa46bf18d8d22600 [ 71.108367][ T3637] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 71.116361][ T3637] RBP: ffffc90003d8fb68 R08: ffffffff81b68393 R09: ffffc90003d8f9b0 [ 71.124430][ T3637] R10: fffff520007b1f39 R11: 1ffff920007b1f36 R12: dffffc0000000000 [ 71.132446][ T3637] R13: ffff888072d73800 R14: 0000000000000000 R15: ffff888028b6aa38 [ 71.140451][ T3637] FS: 00005555572a7300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 71.149424][ T3637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.156003][ T3637] CR2: 00005555572b0628 CR3: 0000000075823000 CR4: 00000000003506e0 [ 71.164025][ T3637] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.173446][ T3637] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.181512][ T3637] Kernel panic - not syncing: Fatal exception [ 71.187845][ T3637] Kernel Offset: disabled [ 71.192177][ T3637] Rebooting in 86400 seconds..