./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1389665114

<...>
Warning: Permanently added '10.128.10.12' (ED25519) to the list of known hosts.
execve("./syz-executor1389665114", ["./syz-executor1389665114"], 0x7ffd7b8081f0 /* 10 vars */) = 0
brk(NULL)                               = 0x55557f0ce000
brk(0x55557f0ced00)                     = 0x55557f0ced00
arch_prctl(ARCH_SET_FS, 0x55557f0ce380) = 0
set_tid_address(0x55557f0ce650)         = 5847
set_robust_list(0x55557f0ce660, 24)     = 0
rseq(0x55557f0ceca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1389665114", 4096) = 28
getrandom("\x38\x08\xe5\x81\x8b\x71\x00\xb1", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55557f0ced00
brk(0x55557f0efd00)                     = 0x55557f0efd00
brk(0x55557f0f0000)                     = 0x55557f0f0000
mprotect(0x7f0f91181000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
write(1, "executing program\n", 18executing program
)     = 18
openat(AT_FDCWD, "/dev/loop7", O_RDWR|O_CREAT|O_NONBLOCK|__O_SYNC|O_CLOEXEC|0x20, 000) = 3
openat(AT_FDCWD, "/sys/kernel/fscaps", O_RDONLY|O_NOATIME) = 4
[   91.200069][ T5847] loop7: detected capacity change from 0 to 7
[   91.208913][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.218355][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.226785][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.236001][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.244115][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.253315][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.261422][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.270599][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.278746][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.287943][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.296105][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.305316][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.313711][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.322899][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.331050][ T5847] ldm_validate_partition_table(): Disk read failed.
[   91.337981][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.347149][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.355488][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.364672][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.372845][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.382041][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.390286][ T5847] Dev loop7: unable to read RDB block 0
ioctl(3, LOOP_CONFIGURE, {fd=4, block_size=0, info={lo_offset=0x4, lo_number=0, lo_flags=LO_FLAGS_AUTOCLEAR|LO_FLAGS_PARTSCAN, lo_file_name="\xfa\xf9\x83\x17\xe5\xa1\x14\x99\x89\xfc\x8d\xbe\x43\xea\x6a\xcc\x96\xe3\xa2\x50\x3d\xc3\xff\x03\xe3\x7d\x58\x12\x70\xba\xd0\x09\x9c\xeb\xdc\x25\xf5\xab\x60\xc9\xe6\xd6\x80\xf9\x85\x88\x1a\x7b\xed\xa9\xd6\x90\x98\xc8\xb5\x34\x46\x4c\x51\x6b\xdd\x8a\x0f"..., ...}}) = 0
[   91.396660][ T5847]  loop7: unable to read partition table
[   91.402513][ T5847] loop7: partition table beyond EOD, truncated
[   91.408884][ T5847] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=Ãÿã}XpºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5)
[   91.475402][ T5847] 
[   91.477779][ T5847] ======================================================
[   91.484810][ T5847] WARNING: possible circular locking dependency detected
[   91.491853][ T5847] 6.16.0-rc6-next-20250718-syzkaller #0 Not tainted
[   91.498448][ T5847] ------------------------------------------------------
[   91.505470][ T5847] syz-executor138/5847 is trying to acquire lock:
[   91.511884][ T5847] ffff88801b6ffa20 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450
[   91.522184][ T5847] 
[   91.522184][ T5847] but task is already holding lock:
[   91.529550][ T5847] ffff888143304558 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.539319][ T5847] 
[   91.539319][ T5847] which lock already depends on the new lock.
[   91.539319][ T5847] 
[   91.549728][ T5847] 
[   91.549728][ T5847] the existing dependency chain (in reverse order) is:
[   91.558742][ T5847] 
[   91.558742][ T5847] -> #2 (&q->q_usage_counter(io)#25){++++}-{0:0}:
[   91.567358][ T5847]        lock_acquire+0x120/0x360
[   91.572392][ T5847]        blk_alloc_queue+0x538/0x620
[   91.577685][ T5847]        __blk_mq_alloc_disk+0x15c/0x340
[   91.583346][ T5847]        loop_add+0x411/0xad0
[   91.588065][ T5847]        loop_init+0x173/0x230
[   91.592852][ T5847]        do_one_initcall+0x233/0x820
[   91.598153][ T5847]        do_initcall_level+0x137/0x1f0
[   91.603625][ T5847]        do_initcalls+0x69/0xd0
[   91.608483][ T5847]        kernel_init_freeable+0x3d9/0x590
[   91.614214][ T5847]        kernel_init+0x1d/0x1d0
[   91.619085][ T5847]        ret_from_fork+0x3f9/0x770
[   91.624205][ T5847]        ret_from_fork_asm+0x1a/0x30
[   91.629497][ T5847] 
[   91.629497][ T5847] -> #1 (fs_reclaim){+.+.}-{0:0}:
[   91.636719][ T5847]        lock_acquire+0x120/0x360
[   91.641749][ T5847]        fs_reclaim_acquire+0x72/0x100
[   91.647303][ T5847]        kmem_cache_alloc_noprof+0x44/0x3c0
[   91.653299][ T5847]        __kernfs_iattrs+0xd9/0x320
[   91.658510][ T5847]        kernfs_iop_setattr+0xea/0x3f0
[   91.663994][ T5847]        notify_change+0xb36/0xe40
[   91.669127][ T5847]        do_truncate+0x1a4/0x220
[   91.674082][ T5847]        path_openat+0x306c/0x3830
[   91.679222][ T5847]        do_filp_open+0x1fa/0x410
[   91.684278][ T5847]        do_sys_openat2+0x121/0x1c0
[   91.689498][ T5847]        __x64_sys_openat+0x138/0x170
[   91.694875][ T5847]        do_syscall_64+0xfa/0x3b0
[   91.699932][ T5847]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.706356][ T5847] 
[   91.706356][ T5847] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[   91.714880][ T5847]        validate_chain+0xb9b/0x2140
[   91.720179][ T5847]        __lock_acquire+0xab9/0xd20
[   91.725383][ T5847]        lock_acquire+0x120/0x360
[   91.730416][ T5847]        down_read+0x46/0x2e0
[   91.735096][ T5847]        kernfs_iop_getattr+0x9e/0x450
[   91.740560][ T5847]        vfs_getattr_nosec+0x2de/0x430
[   91.746023][ T5847]        loop_assign_backing_file+0x222/0x400
[   91.752112][ T5847]        lo_ioctl+0x1860/0x1d00
[   91.756974][ T5847]        blkdev_ioctl+0x5a5/0x6d0
[   91.762009][ T5847]        __se_sys_ioctl+0xf9/0x170
[   91.767138][ T5847]        do_syscall_64+0xfa/0x3b0
[   91.772175][ T5847]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.778595][ T5847] 
[   91.778595][ T5847] other info that might help us debug this:
[   91.778595][ T5847] 
[   91.788833][ T5847] Chain exists of:
[   91.788833][ T5847]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#25
[   91.788833][ T5847] 
[   91.803284][ T5847]  Possible unsafe locking scenario:
[   91.803284][ T5847] 
[   91.810751][ T5847]        CPU0                    CPU1
[   91.816137][ T5847]        ----                    ----
[   91.821507][ T5847]   lock(&q->q_usage_counter(io)#25);
[   91.826896][ T5847]                                lock(fs_reclaim);
[   91.833406][ T5847]                                lock(&q->q_usage_counter(io)#25);
[   91.841335][ T5847]   rlock(&root->kernfs_iattr_rwsem);
[   91.846715][ T5847] 
[   91.846715][ T5847]  *** DEADLOCK ***
[   91.846715][ T5847] 
[   91.854857][ T5847] 3 locks held by syz-executor138/5847:
[   91.860399][ T5847]  #0: ffff888024f5c400 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0xfbf/0x1d00
[   91.869382][ T5847]  #1: ffff888143304558 (&q->q_usage_counter(io)#25){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.879585][ T5847]  #2: ffff888143304590 (&q->q_usage_counter(queue)#21){+.+.}-{0:0}, at: lo_ioctl+0x17f2/0x1d00
[   91.890064][ T5847] 
[   91.890064][ T5847] stack backtrace:
[   91.895975][ T5847] CPU: 0 UID: 0 PID: 5847 Comm: syz-executor138 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[   91.895997][ T5847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.896018][ T5847] Call Trace:
[   91.896025][ T5847]  <TASK>
[   91.896032][ T5847]  dump_stack_lvl+0x189/0x250
[   91.896059][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.896081][ T5847]  ? __pfx__printk+0x10/0x10
[   91.896109][ T5847]  print_circular_bug+0x2ee/0x310
[   91.896132][ T5847]  check_noncircular+0x134/0x160
[   91.896157][ T5847]  validate_chain+0xb9b/0x2140
[   91.896178][ T5847]  ? tomoyo_path_perm+0x1e3/0x4b0
[   91.896206][ T5847]  __lock_acquire+0xab9/0xd20
[   91.896226][ T5847]  ? kernfs_iop_getattr+0x9e/0x450
[   91.896242][ T5847]  lock_acquire+0x120/0x360
[   91.896258][ T5847]  ? kernfs_iop_getattr+0x9e/0x450
[   91.896279][ T5847]  down_read+0x46/0x2e0
[   91.896293][ T5847]  ? kernfs_iop_getattr+0x9e/0x450
[   91.896309][ T5847]  kernfs_iop_getattr+0x9e/0x450
[   91.896328][ T5847]  vfs_getattr_nosec+0x2de/0x430
[   91.896344][ T5847]  loop_assign_backing_file+0x222/0x400
[   91.896369][ T5847]  ? __pfx_loop_assign_backing_file+0x10/0x10
[   91.896391][ T5847]  ? schedule+0x91/0x360
[   91.896417][ T5847]  ? percpu_ref_kill_and_confirm+0xa3/0x130
[   91.896446][ T5847]  lo_ioctl+0x1860/0x1d00
[   91.896465][ T5847]  ? __lock_acquire+0xab9/0xd20
[   91.896487][ T5847]  ? __pfx_lo_ioctl+0x10/0x10
[   91.896505][ T5847]  ? __lock_acquire+0xab9/0xd20
[   91.896529][ T5847]  ? is_bpf_text_address+0x26/0x2b0
[   91.896551][ T5847]  ? is_bpf_text_address+0x292/0x2b0
[   91.896570][ T5847]  ? is_bpf_text_address+0x26/0x2b0
[   91.896590][ T5847]  ? __lock_acquire+0xab9/0xd20
[   91.896611][ T5847]  ? __lock_acquire+0xab9/0xd20
[   91.896635][ T5847]  ? is_bpf_text_address+0x26/0x2b0
[   91.896655][ T5847]  ? is_bpf_text_address+0x292/0x2b0
[   91.896674][ T5847]  ? is_bpf_text_address+0x26/0x2b0
[   91.896693][ T5847]  ? kernel_text_address+0xa5/0xe0
[   91.896709][ T5847]  ? __kernel_text_address+0xd/0x40
[   91.896722][ T5847]  ? unwind_get_return_address+0x4d/0x90
[   91.896743][ T5847]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   91.896778][ T5847]  ? arch_stack_walk+0xfc/0x150
[   91.896805][ T5847]  ? stack_trace_save+0x9c/0xe0
[   91.896828][ T5847]  ? stack_depot_save_flags+0x40/0x900
[   91.896852][ T5847]  ? kasan_save_track+0x4f/0x80
[   91.896866][ T5847]  ? kasan_save_track+0x3e/0x80
[   91.896880][ T5847]  ? kasan_save_free_info+0x46/0x50
[   91.896902][ T5847]  ? __kasan_slab_free+0x62/0x70
[   91.896917][ T5847]  ? kfree+0x18e/0x440
[   91.896932][ T5847]  ? tomoyo_path_number_perm+0x47a/0x5a0
[   91.896952][ T5847]  ? security_file_ioctl+0xcb/0x2d0
[   91.896970][ T5847]  ? __se_sys_ioctl+0x47/0x170
[   91.896987][ T5847]  ? do_syscall_64+0xfa/0x3b0
[   91.897011][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.897114][ T5847]  ? kasan_quarantine_put+0xdd/0x220
[   91.897137][ T5847]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   91.897159][ T5847]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[   91.897180][ T5847]  ? do_vfs_ioctl+0xbe8/0x1430
[   91.897200][ T5847]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   91.897221][ T5847]  ? __asan_memset+0x22/0x50
[   91.897243][ T5847]  ? blk_get_meta_cap+0x140/0x6d0
[   91.897268][ T5847]  ? __pfx_blk_get_meta_cap+0x10/0x10
[   91.897293][ T5847]  ? blkdev_common_ioctl+0xa8d/0xc50
[   91.897315][ T5847]  ? __pfx_lo_ioctl+0x10/0x10
[   91.897337][ T5847]  blkdev_ioctl+0x5a5/0x6d0
[   91.897361][ T5847]  ? __pfx_blkdev_ioctl+0x10/0x10
[   91.897384][ T5847]  ? bpf_lsm_file_ioctl+0x9/0x20
[   91.897400][ T5847]  ? __pfx_blkdev_ioctl+0x10/0x10
[   91.897422][ T5847]  __se_sys_ioctl+0xf9/0x170
[   91.897442][ T5847]  do_syscall_64+0xfa/0x3b0
[   91.897466][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.897488][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.897503][ T5847]  ? clear_bhb_loop+0x60/0xb0
[   91.897521][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.897536][ T5847] RIP: 0033:0x7f0f9110e2a9
[   91.897560][ T5847] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   91.897577][ T5847] RSP: 002b:00007ffd50ce5708 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.897595][ T5847] RAX: ffffffffffffffda RBX: 00007ffd50ce58d8 RCX: 00007f0f9110e2a9
[   91.897606][ T5847] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000003
[   91.897616][ T5847] RBP: 00007f0f91181610 R08: 00007ffd50ce58d8 R09: 00007ffd50ce58d8
[   91.897627][ T5847] R10: 00007ffd50ce58d8 R11: 0000000000000246 R12: 0000000000000001
[   91.897637][ T5847] R13: 00007ffd50ce58c8 R14: 0000000000000001 R15: 0000000000000001
[   91.897653][ T5847]  </TASK>
[   92.344530][  T850] cfg80211: failed to load regulatory.db
[   92.351712][ T5847] ldm_validate_partition_table(): Disk read failed.
[   92.370861][ T5847] Dev loop7: unable to read RDB block 0
ioctl(3, LOOP_CHANGE_FD, 4)             = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   92.377491][ T5847