./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor251524592 <...> Warning: Permanently added '10.128.0.10' (ED25519) to the list of known hosts. execve("./syz-executor251524592", ["./syz-executor251524592"], 0x7ffd64e074a0 /* 10 vars */) = 0 brk(NULL) = 0x55555dad1000 brk(0x55555dad1d40) = 0x55555dad1d40 arch_prctl(ARCH_SET_FS, 0x55555dad13c0) = 0 set_tid_address(0x55555dad1690) = 5236 set_robust_list(0x55555dad16a0, 24) = 0 rseq(0x55555dad1ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor251524592", 4096) = 27 getrandom("\x58\x1a\xa9\x30\x65\x8c\x17\x67", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555dad1d40 brk(0x55555daf2d40) = 0x55555daf2d40 brk(0x55555daf3000) = 0x55555daf3000 mprotect(0x7f05ca1ec000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached , child_tidptr=0x55555dad1690) = 5237 [pid 5237] set_robust_list(0x55555dad16a0, 24) = 0 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5237] mkdir("./syzkaller.eRLv4W", 0700./strace-static-x86_64: Process 5238 attached [pid 5238] set_robust_list(0x55555dad16a0, 24 [pid 5237] <... mkdir resumed>) = 0 [pid 5236] <... clone resumed>, child_tidptr=0x55555dad1690) = 5238 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5238] <... set_robust_list resumed>) = 0 [pid 5238] mkdir("./syzkaller.bmSXhY", 0700 [pid 5237] chmod("./syzkaller.eRLv4W", 0777 [pid 5238] <... mkdir resumed>) = 0 [pid 5237] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5239 attached [pid 5236] <... clone resumed>, child_tidptr=0x55555dad1690) = 5239 [pid 5237] chdir("./syzkaller.eRLv4W" [pid 5239] set_robust_list(0x55555dad16a0, 24 [pid 5238] chmod("./syzkaller.bmSXhY", 0777 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5239] <... set_robust_list resumed>) = 0 [pid 5238] <... chmod resumed>) = 0 [pid 5237] <... chdir resumed>) = 0 [pid 5238] chdir("./syzkaller.bmSXhY"./strace-static-x86_64: Process 5240 attached [pid 5239] mkdir("./syzkaller.e7h5Zy", 0700 [pid 5237] mkdir("./0", 0777 [pid 5236] <... clone resumed>, child_tidptr=0x55555dad1690) = 5240 [pid 5238] <... chdir resumed>) = 0 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5240] set_robust_list(0x55555dad16a0, 24 [pid 5238] mkdir("./0", 0777 [pid 5239] <... mkdir resumed>) = 0 [pid 5237] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5241 attached [pid 5236] <... clone resumed>, child_tidptr=0x55555dad1690) = 5241 [pid 5240] <... set_robust_list resumed>) = 0 [pid 5239] chmod("./syzkaller.e7h5Zy", 0777 [pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5240] mkdir("./syzkaller.v8J02h", 0700 [pid 5241] set_robust_list(0x55555dad16a0, 24 [pid 5238] <... mkdir resumed>) = 0 [pid 5238] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5241] <... set_robust_list resumed>) = 0 [pid 5240] <... mkdir resumed>) = 0 [pid 5239] <... chmod resumed>) = 0 [pid 5237] <... openat resumed>) = 3 [pid 5240] chmod("./syzkaller.v8J02h", 0777 [pid 5238] <... openat resumed>) = 3 [pid 5241] mkdir("./syzkaller.w5UB19", 0700 [pid 5240] <... chmod resumed>) = 0 [pid 5239] chdir("./syzkaller.e7h5Zy" [pid 5237] ioctl(3, LOOP_CLR_FD [pid 5240] chdir("./syzkaller.v8J02h" [pid 5238] ioctl(3, LOOP_CLR_FD [pid 5240] <... chdir resumed>) = 0 [pid 5239] <... chdir resumed>) = 0 [pid 5238] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5237] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5240] mkdir("./0", 0777 [pid 5241] <... mkdir resumed>) = 0 [pid 5239] mkdir("./0", 0777 [pid 5237] close(3 [pid 5240] <... mkdir resumed>) = 0 [pid 5238] close(3 [pid 5237] <... close resumed>) = 0 [pid 5241] chmod("./syzkaller.w5UB19", 0777 [pid 5240] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5239] <... mkdir resumed>) = 0 [pid 5238] <... close resumed>) = 0 [pid 5237] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5238] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5241] <... chmod resumed>) = 0 [pid 5240] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5243 attached ./strace-static-x86_64: Process 5242 attached [pid 5241] chdir("./syzkaller.w5UB19") = 0 [pid 5239] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5241] mkdir("./0", 0777 [pid 5240] ioctl(3, LOOP_CLR_FD [pid 5239] <... openat resumed>) = 3 [pid 5241] <... mkdir resumed>) = 0 [pid 5240] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5240] close(3 [pid 5243] set_robust_list(0x55555dad16a0, 24 [pid 5242] set_robust_list(0x55555dad16a0, 24 [pid 5240] <... close resumed>) = 0 [pid 5239] ioctl(3, LOOP_CLR_FD [pid 5238] <... clone resumed>, child_tidptr=0x55555dad1690) = 5242 [pid 5243] <... set_robust_list resumed>) = 0 [pid 5242] <... set_robust_list resumed>) = 0 [pid 5243] chdir("./0" [pid 5242] chdir("./0" [pid 5240] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5239] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5237] <... clone resumed>, child_tidptr=0x55555dad1690) = 5243 ./strace-static-x86_64: Process 5244 attached [pid 5243] <... chdir resumed>) = 0 [pid 5242] <... chdir resumed>) = 0 [pid 5241] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5243] <... prctl resumed>) = 0 [pid 5242] <... prctl resumed>) = 0 [pid 5244] set_robust_list(0x55555dad16a0, 24 [pid 5243] setpgid(0, 0 [pid 5242] setpgid(0, 0 [pid 5241] <... openat resumed>) = 3 [pid 5239] close(3 [pid 5243] <... setpgid resumed>) = 0 [pid 5242] <... setpgid resumed>) = 0 [pid 5239] <... close resumed>) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5239] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5244] <... set_robust_list resumed>) = 0 [pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5242] <... openat resumed>) = 3 [pid 5241] ioctl(3, LOOP_CLR_FD [pid 5240] <... clone resumed>, child_tidptr=0x55555dad1690) = 5244 ./strace-static-x86_64: Process 5245 attached [pid 5242] write(3, "1000", 4 [pid 5245] set_robust_list(0x55555dad16a0, 24 [pid 5244] chdir("./0" [pid 5243] <... openat resumed>) = 3 [pid 5242] <... write resumed>) = 4 [pid 5241] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5245] <... set_robust_list resumed>) = 0 [pid 5242] close(3 [pid 5244] <... chdir resumed>) = 0 [pid 5245] chdir("./0" [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5242] <... close resumed>) = 0 [pid 5243] write(3, "1000", 4 [pid 5241] close(3 [pid 5242] symlink("/dev/binderfs", "./binderfs" [pid 5241] <... close resumed>) = 0 [pid 5239] <... clone resumed>, child_tidptr=0x55555dad1690) = 5245 [pid 5241] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5244] <... prctl resumed>) = 0 [pid 5243] <... write resumed>) = 4 [pid 5242] <... symlink resumed>) = 0 [pid 5245] <... chdir resumed>) = 0 [pid 5244] setpgid(0, 0 [pid 5243] close(3 [pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5243] <... close resumed>) = 0 ./strace-static-x86_64: Process 5246 attached [pid 5244] <... setpgid resumed>) = 0 [pid 5243] symlink("/dev/binderfs", "./binderfs" [pid 5246] set_robust_list(0x55555dad16a0, 24 [pid 5245] <... prctl resumed>) = 0 [pid 5246] <... set_robust_list resumed>) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5241] <... clone resumed>, child_tidptr=0x55555dad1690) = 5246 [pid 5246] chdir("./0" [pid 5245] setpgid(0, 0 [pid 5243] <... symlink resumed>) = 0 [pid 5242] write(1, "executing program\n", 18executing program executing program [pid 5246] <... chdir resumed>) = 0 [pid 5245] <... setpgid resumed>) = 0 [pid 5244] <... openat resumed>) = 3 [pid 5242] <... write resumed>) = 18 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5243] write(1, "executing program\n", 18 [pid 5244] write(3, "1000", 4 [pid 5242] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5243] <... write resumed>) = 18 [pid 5242] <... futex resumed>) = 0 [pid 5246] <... prctl resumed>) = 0 [pid 5245] <... openat resumed>) = 3 [pid 5244] <... write resumed>) = 4 [pid 5243] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5242] rt_sigaction(SIGRT_1, {sa_handler=0x7f05ca186fa0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05ca178150}, [pid 5246] setpgid(0, 0) = 0 [pid 5245] write(3, "1000", 4 [pid 5244] close(3 [pid 5243] <... futex resumed>) = 0 [pid 5242] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5245] <... write resumed>) = 4 [pid 5244] <... close resumed>) = 0 [pid 5243] rt_sigaction(SIGRT_1, {sa_handler=0x7f05ca186fa0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05ca178150}, [pid 5242] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5246] <... openat resumed>) = 3 [pid 5245] close(3 [pid 5244] symlink("/dev/binderfs", "./binderfs" [pid 5243] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5246] write(3, "1000", 4 [pid 5245] <... close resumed>) = 0 [pid 5243] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5242] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5246] <... write resumed>) = 4 [pid 5244] <... symlink resumed>) = 0 [pid 5242] <... mmap resumed>) = 0x7f05ca0f6000 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5245] symlink("/dev/binderfs", "./binderfs" [pid 5244] write(1, "executing program\n", 18 [pid 5243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5242] mprotect(0x7f05ca0f7000, 131072, PROT_READ|PROT_WRITEexecuting program [pid 5244] <... write resumed>) = 18 [pid 5243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5242] <... mprotect resumed>) = 0 [pid 5244] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5245] <... symlink resumed>) = 0 [pid 5244] <... futex resumed>) = 0 [pid 5243] <... mmap resumed>) = 0x7f05ca0f6000 executing program executing program [pid 5246] write(1, "executing program\n", 18 [pid 5244] rt_sigaction(SIGRT_1, {sa_handler=0x7f05ca186fa0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05ca178150}, [pid 5245] write(1, "executing program\n", 18 [pid 5244] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5243] mprotect(0x7f05ca0f7000, 131072, PROT_READ|PROT_WRITE [pid 5242] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5246] <... write resumed>) = 18 [pid 5245] <... write resumed>) = 18 [pid 5246] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5244] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5243] <... mprotect resumed>) = 0 [pid 5242] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5246] <... futex resumed>) = 0 [pid 5245] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5243] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5246] rt_sigaction(SIGRT_1, {sa_handler=0x7f05ca186fa0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05ca178150}, [pid 5245] <... futex resumed>) = 0 [pid 5244] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5242] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca116990, parent_tid=0x7f05ca116990, exit_signal=0, stack=0x7f05ca0f6000, stack_size=0x20300, tls=0x7f05ca1166c0} [pid 5246] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5245] rt_sigaction(SIGRT_1, {sa_handler=0x7f05ca186fa0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f05ca178150}, [pid 5244] <... mmap resumed>) = 0x7f05ca0f6000 [pid 5243] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5245] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5243] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca116990, parent_tid=0x7f05ca116990, exit_signal=0, stack=0x7f05ca0f6000, stack_size=0x20300, tls=0x7f05ca1166c0} [pid 5245] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5244] mprotect(0x7f05ca0f7000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 5248 attached [pid 5246] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5245] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5244] <... mprotect resumed>) = 0 [pid 5248] rseq(0x7f05ca116fe0, 0x20, 0, 0x53053053 [pid 5246] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5248] <... rseq resumed>) = 0 [pid 5246] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5248] set_robust_list(0x7f05ca1169a0, 24 [pid 5246] <... mmap resumed>) = 0x7f05ca0f6000 [pid 5248] <... set_robust_list resumed>) = 0 [pid 5246] mprotect(0x7f05ca0f7000, 131072, PROT_READ|PROT_WRITE [pid 5248] rt_sigprocmask(SIG_SETMASK, [], [pid 5246] <... mprotect resumed>) = 0 [pid 5248] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5247 attached [pid 5248] futex(0x7f05ca1f26a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5246] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5244] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5243] <... clone3 resumed> => {parent_tid=[5248]}, 88) = 5248 [pid 5247] rseq(0x7f05ca116fe0, 0x20, 0, 0x53053053 [pid 5246] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5245] <... mmap resumed>) = 0x7f05ca0f6000 [pid 5244] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5243] rt_sigprocmask(SIG_SETMASK, [], [pid 5242] <... clone3 resumed> => {parent_tid=[5247]}, 88) = 5247 [pid 5247] <... rseq resumed>) = 0 [pid 5245] mprotect(0x7f05ca0f7000, 131072, PROT_READ|PROT_WRITE [pid 5244] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca116990, parent_tid=0x7f05ca116990, exit_signal=0, stack=0x7f05ca0f6000, stack_size=0x20300, tls=0x7f05ca1166c0} [pid 5243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5242] rt_sigprocmask(SIG_SETMASK, [], [pid 5247] set_robust_list(0x7f05ca1169a0, 24./strace-static-x86_64: Process 5249 attached ) = 0 [pid 5246] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca116990, parent_tid=0x7f05ca116990, exit_signal=0, stack=0x7f05ca0f6000, stack_size=0x20300, tls=0x7f05ca1166c0} [pid 5245] <... mprotect resumed>) = 0 [pid 5243] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] rseq(0x7f05ca116fe0, 0x20, 0, 0x53053053 [pid 5247] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5250 attached [pid 5249] <... rseq resumed>) = 0 [pid 5247] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5245] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5244] <... clone3 resumed> => {parent_tid=[5249]}, 88) = 5249 [pid 5243] <... futex resumed>) = 1 [pid 5242] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] rseq(0x7f05ca116fe0, 0x20, 0, 0x53053053 [pid 5249] set_robust_list(0x7f05ca1169a0, 24 [pid 5248] <... futex resumed>) = 0 [pid 5246] <... clone3 resumed> => {parent_tid=[5250]}, 88) = 5250 [pid 5243] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5242] <... futex resumed>) = 0 [pid 5250] <... rseq resumed>) = 0 [pid 5249] <... set_robust_list resumed>) = 0 [pid 5248] memfd_create("syzkaller", 0 [pid 5247] memfd_create("syzkaller", 0 [pid 5246] rt_sigprocmask(SIG_SETMASK, [], [pid 5245] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5244] rt_sigprocmask(SIG_SETMASK, [], [pid 5242] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5250] set_robust_list(0x7f05ca1169a0, 24 [pid 5245] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca116990, parent_tid=0x7f05ca116990, exit_signal=0, stack=0x7f05ca0f6000, stack_size=0x20300, tls=0x7f05ca1166c0} [pid 5244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5251 attached [pid 5250] rt_sigprocmask(SIG_SETMASK, [], [pid 5249] rt_sigprocmask(SIG_SETMASK, [], [pid 5248] <... memfd_create resumed>) = 3 [pid 5246] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5244] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] rseq(0x7f05ca116fe0, 0x20, 0, 0x53053053 [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5247] <... memfd_create resumed>) = 3 [pid 5246] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5244] <... futex resumed>) = 0 [pid 5251] <... rseq resumed>) = 0 [pid 5250] memfd_create("syzkaller", 0 [pid 5249] memfd_create("syzkaller", 0 [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5245] <... clone3 resumed> => {parent_tid=[5251]}, 88) = 5251 [pid 5244] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5251] set_robust_list(0x7f05ca1169a0, 24) = 0 [pid 5250] <... memfd_create resumed>) = 3 [pid 5247] <... mmap resumed>) = 0x7f05c1c00000 [pid 5245] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] rt_sigprocmask(SIG_SETMASK, [], [pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5245] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] futex(0x7f05ca1f26a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5245] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5249] <... memfd_create resumed>) = 3 [pid 5248] <... mmap resumed>) = 0x7f05c1c00000 [pid 5246] <... futex resumed>) = 0 [pid 5251] memfd_create("syzkaller", 0 [pid 5250] <... mmap resumed>) = 0x7f05c1c00000 [pid 5250] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5248] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5246] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5249] <... mmap resumed>) = 0x7f05c1c00000 [pid 5249] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5247] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5245] <... futex resumed>) = 0 [pid 5251] <... memfd_create resumed>) = 3 [pid 5245] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f05c1c00000 [pid 5248] <... write resumed>) = 65536 [pid 5251] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5250] <... write resumed>) = 65536 [pid 5248] munmap(0x7f05c1c00000, 138412032 [pid 5251] <... write resumed>) = 65536 [pid 5250] munmap(0x7f05c1c00000, 138412032 [pid 5249] <... write resumed>) = 65536 [pid 5248] <... munmap resumed>) = 0 [pid 5247] <... write resumed>) = 65536 [pid 5247] munmap(0x7f05c1c00000, 138412032 [pid 5249] munmap(0x7f05c1c00000, 138412032 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5251] munmap(0x7f05c1c00000, 138412032 [pid 5250] <... munmap resumed>) = 0 [pid 5249] <... munmap resumed>) = 0 [pid 5248] <... openat resumed>) = 4 [pid 5247] <... munmap resumed>) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5249] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5248] ioctl(4, LOOP_SET_FD, 3 [pid 5249] <... openat resumed>) = 4 [pid 5249] ioctl(4, LOOP_SET_FD, 3 [pid 5251] <... munmap resumed>) = 0 [pid 5250] <... openat resumed>) = 4 [pid 5247] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5250] ioctl(4, LOOP_SET_FD, 3 [pid 5247] <... openat resumed>) = 4 [pid 5249] <... ioctl resumed>) = 0 [pid 5251] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5250] <... ioctl resumed>) = 0 [pid 5248] <... ioctl resumed>) = 0 [pid 5247] ioctl(4, LOOP_SET_FD, 3 [pid 5250] close(3) = 0 [pid 5249] close(3) = 0 [pid 5251] <... openat resumed>) = 4 [pid 5249] close(4 [pid 5248] close(3 [pid 5249] <... close resumed>) = 0 [pid 5248] <... close resumed>) = 0 [pid 5249] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5248] close(4 [pid 5249] <... mkdir resumed>) = 0 [pid 5248] <... close resumed>) = 0 [pid 5248] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 126.881627][ T5248] loop0: detected capacity change from 0 to 128 [ 126.890101][ T5249] loop3: detected capacity change from 0 to 128 [ 126.890553][ T5250] loop4: detected capacity change from 0 to 128 [ 126.910131][ T5247] loop1: detected capacity change from 0 to 128 [ 126.916124][ T5251] loop2: detected capacity change from 0 to 128 [ 126.923970][ T5248] ======================================================= [pid 5251] ioctl(4, LOOP_SET_FD, 3 [pid 5249] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5248] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5250] close(4 [pid 5247] <... ioctl resumed>) = 0 [pid 5251] <... ioctl resumed>) = 0 [pid 5247] close(3) = 0 [pid 5251] close(3 [pid 5250] <... close resumed>) = 0 [pid 5247] close(4 [pid 5251] <... close resumed>) = 0 [pid 5247] <... close resumed>) = 0 [pid 5251] close(4) = 0 [pid 5251] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5250] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5247] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5251] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5250] <... mkdir resumed>) = 0 [pid 5247] <... mkdir resumed>) = 0 [pid 5250] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5247] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5250] <... mount resumed>) = 0 [pid 5249] <... mount resumed>) = 0 [pid 5247] <... mount resumed>) = 0 [pid 5251] <... mount resumed>) = 0 [pid 5247] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5251] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5247] <... openat resumed>) = 3 [pid 5251] <... openat resumed>) = 3 [pid 5250] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5247] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5251] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5249] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5247] <... chdir resumed>) = 0 [pid 5251] <... chdir resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5251] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5247] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5249] <... openat resumed>) = 3 [pid 5251] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5250] <... openat resumed>) = 3 [pid 5249] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5247] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5249] <... chdir resumed>) = 0 [pid 5247] <... futex resumed>) = 1 [pid 5242] <... futex resumed>) = 0 [pid 5251] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] <... chdir resumed>) = 0 [pid 5249] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5247] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5242] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5251] <... futex resumed>) = 1 [pid 5245] <... futex resumed>) = 0 [pid 5242] <... futex resumed>) = 0 [ 126.923970][ T5248] WARNING: The mand mount option has been deprecated and [ 126.923970][ T5248] and is ignored by this kernel. Remove the mand [ 126.923970][ T5248] option from the mount to silence this warning. [ 126.923970][ T5248] ======================================================= [pid 5251] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5245] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5242] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5250] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5245] <... futex resumed>) = 0 [pid 5250] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5245] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5249] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5250] <... futex resumed>) = 1 [pid 5249] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5250] futex(0x7f05ca1f26a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5249] futex(0x7f05ca1f26a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5248] <... mount resumed>) = 0 [pid 5246] <... futex resumed>) = 0 [pid 5248] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5246] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] <... futex resumed>) = 0 [pid 5248] <... openat resumed>) = 3 [pid 5246] <... futex resumed>) = 1 [pid 5248] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5246] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... chdir resumed>) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5248] futex(0x7f05ca1f26ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5250] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5242] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5243] <... futex resumed>) = 0 [ 126.991111][ T5251] syz-executor251: attempt to access beyond end of device [ 126.991111][ T5251] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 126.993556][ T5247] syz-executor251: attempt to access beyond end of device [ 126.993556][ T5247] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 127.006621][ T5251] Buffer I/O error on dev loop2, logical block 3245768, async page read [pid 5248] futex(0x7f05ca1f26a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5243] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5243] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5248] <... futex resumed>) = 0 [pid 5248] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5245] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5245] futex(0x7f05ca1f26bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5244] <... futex resumed>) = 0 [pid 5242] futex(0x7f05ca1f26bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5244] futex(0x7f05ca1f26a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5242] <... futex resumed>) = 0 [pid 5249] <... futex resumed>) = 0 [pid 5244] <... futex resumed>) = 1 [ 127.042677][ T5250] syz-executor251: attempt to access beyond end of device [ 127.042677][ T5250] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 127.043354][ T5251] syz-executor251: attempt to access beyond end of device [ 127.043354][ T5251] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 127.072557][ T5248] syz-executor251: attempt to access beyond end of device [ 127.072557][ T5248] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5242] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5249] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5244] futex(0x7f05ca1f26ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5242] <... mmap resumed>) = 0x7f05ca0d5000 [pid 5245] <... mmap resumed>) = 0x7f05ca0d5000 [pid 5242] mprotect(0x7f05ca0d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5242] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5242] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca0f5990, parent_tid=0x7f05ca0f5990, exit_signal=0, stack=0x7f05ca0d5000, stack_size=0x20300, tls=0x7f05ca0f56c0} => {parent_tid=[5256]}, 88) = 5256 [pid 5242] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5242] futex(0x7f05ca1f26b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5242] futex(0x7f05ca1f26bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5256 attached [pid 5256] rseq(0x7f05ca0f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5256] set_robust_list(0x7f05ca0f59a0, 24) = 0 [pid 5256] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5246] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5245] mprotect(0x7f05ca0d6000, 131072, PROT_READ|PROT_WRITE [pid 5243] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5256] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5243] futex(0x7f05ca1f26bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f05ca0d5000 [pid 5243] mprotect(0x7f05ca0d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5243] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5243] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca0f5990, parent_tid=0x7f05ca0f5990, exit_signal=0, stack=0x7f05ca0d5000, stack_size=0x20300, tls=0x7f05ca0f56c0} => {parent_tid=[5257]}, 88) = 5257 ./strace-static-x86_64: Process 5257 attached [pid 5243] rt_sigprocmask(SIG_SETMASK, [], [pid 5257] rseq(0x7f05ca0f5fe0, 0x20, 0, 0x53053053 [pid 5243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5257] <... rseq resumed>) = 0 [pid 5243] futex(0x7f05ca1f26b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] set_robust_list(0x7f05ca0f59a0, 24 [pid 5243] <... futex resumed>) = 0 [pid 5257] <... set_robust_list resumed>) = 0 [pid 5243] futex(0x7f05ca1f26bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5257] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5257] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5246] futex(0x7f05ca1f26bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5245] <... mprotect resumed>) = 0 [ 127.091156][ T5249] syz-executor251: attempt to access beyond end of device [ 127.091156][ T5249] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 127.099593][ T5250] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 127.112201][ T5247] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 127.115403][ T5248] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 127.129638][ T5249] Buffer I/O error on dev loop3, logical block 3245768, async page read [pid 5242] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5245] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5246] <... futex resumed>) = 0 [pid 5246] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f05ca0d5000 [pid 5246] mprotect(0x7f05ca0d6000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5244] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5244] futex(0x7f05ca1f26bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5244] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f05ca0d5000 [pid 5244] mprotect(0x7f05ca0d6000, 131072, PROT_READ|PROT_WRITE [pid 5246] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5244] <... mprotect resumed>) = 0 [pid 5244] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5246] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5244] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5246] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca0f5990, parent_tid=0x7f05ca0f5990, exit_signal=0, stack=0x7f05ca0d5000, stack_size=0x20300, tls=0x7f05ca0f56c0} [pid 5244] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca0f5990, parent_tid=0x7f05ca0f5990, exit_signal=0, stack=0x7f05ca0d5000, stack_size=0x20300, tls=0x7f05ca0f56c0} [pid 5246] <... clone3 resumed> => {parent_tid=[5259]}, 88) = 5259 [pid 5246] rt_sigprocmask(SIG_SETMASK, [], [pid 5244] <... clone3 resumed> => {parent_tid=[5258]}, 88) = 5258 [pid 5246] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5244] rt_sigprocmask(SIG_SETMASK, [], [pid 5246] futex(0x7f05ca1f26b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5246] <... futex resumed>) = 0 [pid 5244] futex(0x7f05ca1f26b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5246] futex(0x7f05ca1f26bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5244] <... futex resumed>) = 0 [ 127.131521][ T5250] syz-executor251: attempt to access beyond end of device [ 127.131521][ T5250] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 127.140403][ T5247] syz-executor251: attempt to access beyond end of device [ 127.140403][ T5247] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 127.167420][ T5251] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 127.176176][ T5249] syz-executor251: attempt to access beyond end of device [ 127.176176][ T5249] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5244] futex(0x7f05ca1f26bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5259 attached ./strace-static-x86_64: Process 5258 attached [pid 5245] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5243] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5259] rseq(0x7f05ca0f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5259] set_robust_list(0x7f05ca0f59a0, 24) = 0 [pid 5259] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5259] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5245] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f05ca0f5990, parent_tid=0x7f05ca0f5990, exit_signal=0, stack=0x7f05ca0d5000, stack_size=0x20300, tls=0x7f05ca0f56c0} [pid 5258] rseq(0x7f05ca0f5fe0, 0x20, 0, 0x53053053 [pid 5246] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5244] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5258] <... rseq resumed>) = 0 [pid 5245] <... clone3 resumed> => {parent_tid=[5260]}, 88) = 5260 [pid 5258] set_robust_list(0x7f05ca0f59a0, 24 [pid 5245] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5258] <... set_robust_list resumed>) = 0 [pid 5258] rt_sigprocmask(SIG_SETMASK, [], [pid 5245] futex(0x7f05ca1f26b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5260 attached [pid 5258] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5245] <... futex resumed>) = 0 [pid 5245] futex(0x7f05ca1f26bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5260] rseq(0x7f05ca0f5fe0, 0x20, 0, 0x53053053) = 0 [pid 5260] set_robust_list(0x7f05ca0f59a0, 24) = 0 [pid 5260] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 127.190289][ T5251] syz-executor251: attempt to access beyond end of device [ 127.190289][ T5251] loop2: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 127.190321][ T5251] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 127.208603][ T5247] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 127.213473][ T5248] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 127.222955][ T5249] Buffer I/O error on dev loop3, logical block 8833403, async page read [pid 5260] mount(NULL, "./file0/../file0", NULL, MS_RDONLY|MS_SYNCHRONOUS|MS_DIRSYNC|MS_BIND|MS_SHARED, NULL [pid 5245] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5244] exit_group(0) = ? [pid 5243] exit_group(0) = ? [pid 5246] exit_group(0) = ? [pid 5242] exit_group(0) = ? [pid 5245] exit_group(0) = ? [pid 5238] kill(-5242, SIGKILL) = 0 [pid 5238] kill(5242, SIGKILL) = 0 [pid 5240] kill(-5244, SIGKILL) = 0 [pid 5240] kill(5244, SIGKILL) = 0 [pid 5239] kill(-5245, SIGKILL) = 0 [pid 5237] kill(-5243, SIGKILL [pid 5239] kill(5245, SIGKILL [pid 5237] <... kill resumed>) = 0 [pid 5239] <... kill resumed>) = 0 [pid 5237] kill(5243, SIGKILL) = 0 [pid 5241] kill(-5246, SIGKILL) = 0 [pid 5241] kill(5246, SIGKILL) = 0 [pid 5238] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5238] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5238] getdents64(3, 0x55555dad2730 /* 2 entries */, 32768) = 48 [pid 5238] getdents64(3, 0x55555dad2730 /* 0 entries */, 32768) = 0 [pid 5238] close(3) = 0 [pid 5240] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5240] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5240] getdents64(3, 0x55555dad2730 /* 2 entries */, 32768) = 48 [pid 5240] getdents64(3, 0x55555dad2730 /* 0 entries */, 32768) = 0 [pid 5240] close(3) = 0 [pid 5237] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5237] newfstatat(3, "", [pid 5239] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5237] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5239] <... openat resumed>) = 3 [pid 5239] newfstatat(3, "", [pid 5237] getdents64(3, [pid 5239] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5239] getdents64(3, [pid 5237] <... getdents64 resumed>0x55555dad2730 /* 2 entries */, 32768) = 48 [pid 5239] <... getdents64 resumed>0x55555dad2730 /* 2 entries */, 32768) = 48 [pid 5237] getdents64(3, [pid 5239] getdents64(3, 0x55555dad2730 /* 0 entries */, 32768) = 0 [pid 5237] <... getdents64 resumed>0x55555dad2730 /* 0 entries */, 32768) = 0 [pid 5239] close(3 [pid 5237] close(3 [pid 5239] <... close resumed>) = 0 [pid 5237] <... close resumed>) = 0 [pid 5241] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5241] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5241] getdents64(3, 0x55555dad2730 /* 2 entries */, 32768) = 48 [pid 5241] getdents64(3, 0x55555dad2730 /* 0 entries */, 32768) = 0 [pid 5241] close(3) = 0 [ 286.674913][ T30] INFO: task syz-executor251:5256 blocked for more than 143 seconds. [ 286.683165][ T30] Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 286.734722][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.743442][ T30] task:syz-executor251 state:D stack:27704 pid:5256 tgid:5242 ppid:5238 flags:0x00004006 [ 286.784941][ T30] Call Trace: [ 286.788263][ T30] [ 286.791209][ T30] __schedule+0x17ae/0x4a10 [ 286.824763][ T30] ? __pfx___schedule+0x10/0x10 [ 286.829679][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.854728][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 286.860675][ T30] ? schedule+0x90/0x320 [ 286.905166][ T30] schedule+0x14b/0x320 [ 286.909389][ T30] d_alloc_parallel+0xc16/0x1600 [ 286.914356][ T30] ? d_alloc_parallel+0x311/0x1600 [ 286.964730][ T30] ? __pfx_d_alloc_parallel+0x10/0x10 [ 286.970163][ T30] ? __pfx_default_wake_function+0x10/0x10 [ 287.004737][ T30] ? __init_waitqueue_head+0xae/0x150 [ 287.010174][ T30] __lookup_slow+0x117/0x3f0 [ 287.035032][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 287.040213][ T30] ? generic_permission+0x1d6/0x550 [ 287.064755][ T30] lookup_slow+0x53/0x70 [ 287.069052][ T30] link_path_walk+0x99b/0xea0 [ 287.073760][ T30] path_lookupat+0xa9/0x450 [ 287.104727][ T30] filename_lookup+0x256/0x610 [ 287.109546][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 287.144739][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 287.149918][ T30] ? getname_flags+0x1e3/0x540 [ 287.184721][ T30] user_path_at+0x3a/0x60 [ 287.189105][ T30] __se_sys_mount+0x297/0x3c0 [ 287.193807][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 287.244732][ T30] ? do_syscall_64+0x100/0x230 [ 287.249555][ T30] ? __x64_sys_mount+0x20/0xc0 [ 287.254344][ T30] do_syscall_64+0xf3/0x230 [ 287.284725][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.289465][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.314749][ T30] RIP: 0033:0x7f05ca160b89 [ 287.319206][ T30] RSP: 002b:00007f05ca0f5238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.354741][ T30] RAX: ffffffffffffffda RBX: 00007f05ca1f26b8 RCX: 00007f05ca160b89 [ 287.362764][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 287.424787][ T30] RBP: 00007f05ca1f26b0 R08: 0000000000000000 R09: 00007f05ca0f56c0 [ 287.432810][ T30] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 287.474748][ T30] R13: 000000000000006e R14: 00007ffef128d550 R15: 00007ffef128d638 [ 287.482974][ T30] [ 287.505013][ T30] INFO: task syz-executor251:5257 blocked for more than 144 seconds. [ 287.513123][ T30] Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 287.544793][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.553506][ T30] task:syz-executor251 state:D stack:28064 pid:5257 tgid:5243 ppid:5237 flags:0x00004006 [ 287.599428][ T30] Call Trace: [ 287.602751][ T30] [ 287.634885][ T30] __schedule+0x17ae/0x4a10 [ 287.639481][ T30] ? __pfx___schedule+0x10/0x10 [ 287.644364][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.694814][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.700777][ T30] ? schedule+0x90/0x320 [ 287.744737][ T30] schedule+0x14b/0x320 [ 287.748955][ T30] d_alloc_parallel+0xc16/0x1600 [ 287.753924][ T30] ? d_alloc_parallel+0x311/0x1600 [ 287.781289][ T30] ? __pfx_d_alloc_parallel+0x10/0x10 [ 287.804756][ T30] ? __pfx_default_wake_function+0x10/0x10 [ 287.810639][ T30] ? __init_waitqueue_head+0xae/0x150 [ 287.844754][ T30] __lookup_slow+0x117/0x3f0 [ 287.849404][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 287.854540][ T30] ? generic_permission+0x1d6/0x550 [ 287.894756][ T30] lookup_slow+0x53/0x70 [ 287.899059][ T30] link_path_walk+0x99b/0xea0 [ 287.903767][ T30] path_lookupat+0xa9/0x450 [ 287.944754][ T30] filename_lookup+0x256/0x610 [ 287.949577][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 287.984750][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 287.989939][ T30] ? getname_flags+0x1e3/0x540 [ 288.014752][ T30] user_path_at+0x3a/0x60 [ 288.019143][ T30] __se_sys_mount+0x297/0x3c0 [ 288.023867][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 288.064731][ T30] ? do_syscall_64+0x100/0x230 [ 288.069557][ T30] ? __x64_sys_mount+0x20/0xc0 [ 288.074351][ T30] do_syscall_64+0xf3/0x230 [ 288.124785][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.129525][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.164757][ T30] RIP: 0033:0x7f05ca160b89 [ 288.169224][ T30] RSP: 002b:00007f05ca0f5238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 288.214720][ T30] RAX: ffffffffffffffda RBX: 00007f05ca1f26b8 RCX: 00007f05ca160b89 [ 288.222744][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 288.274720][ T30] RBP: 00007f05ca1f26b0 R08: 0000000000000000 R09: 00007f05ca0f56c0 [ 288.282744][ T30] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 288.314739][ T30] R13: 000000000000006e R14: 00007ffef128d550 R15: 00007ffef128d638 [ 288.322772][ T30] [ 288.354743][ T30] INFO: task syz-executor251:5258 blocked for more than 145 seconds. [ 288.362881][ T30] Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 288.424717][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.433423][ T30] task:syz-executor251 state:D stack:28064 pid:5258 tgid:5244 ppid:5240 flags:0x00004006 [ 288.494735][ T30] Call Trace: [ 288.498154][ T30] [ 288.501099][ T30] __schedule+0x17ae/0x4a10 [ 288.534865][ T30] ? __pfx___schedule+0x10/0x10 [ 288.539779][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.564755][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 288.599359][ T30] ? schedule+0x90/0x320 [ 288.603651][ T30] schedule+0x14b/0x320 [ 288.634752][ T30] d_alloc_parallel+0xc16/0x1600 [ 288.639759][ T30] ? d_alloc_parallel+0x311/0x1600 [ 288.674840][ T30] ? __pfx_d_alloc_parallel+0x10/0x10 [ 288.680278][ T30] ? __pfx_default_wake_function+0x10/0x10 [ 288.724758][ T30] ? __init_waitqueue_head+0xae/0x150 [ 288.730201][ T30] __lookup_slow+0x117/0x3f0 [ 288.754755][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 288.759937][ T30] ? generic_permission+0x1d6/0x550 [ 288.784744][ T30] lookup_slow+0x53/0x70 [ 288.789043][ T30] link_path_walk+0x99b/0xea0 [ 288.793753][ T30] path_lookupat+0xa9/0x450 [ 288.824747][ T30] filename_lookup+0x256/0x610 [ 288.829573][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 288.864770][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 288.869951][ T30] ? getname_flags+0x1e3/0x540 [ 288.904740][ T30] user_path_at+0x3a/0x60 [ 288.909141][ T30] __se_sys_mount+0x297/0x3c0 [ 288.913856][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 288.944739][ T30] ? do_syscall_64+0x100/0x230 [ 288.949565][ T30] ? __x64_sys_mount+0x20/0xc0 [ 288.954356][ T30] do_syscall_64+0xf3/0x230 [ 289.004734][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.009470][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.044731][ T30] RIP: 0033:0x7f05ca160b89 [ 289.049198][ T30] RSP: 002b:00007f05ca0f5238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.084723][ T30] RAX: ffffffffffffffda RBX: 00007f05ca1f26b8 RCX: 00007f05ca160b89 [ 289.092738][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 289.134766][ T30] RBP: 00007f05ca1f26b0 R08: 0000000000000000 R09: 00007f05ca0f56c0 [ 289.142774][ T30] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 289.194732][ T30] R13: 000000000000006e R14: 00007ffef128d550 R15: 00007ffef128d638 [ 289.202758][ T30] [ 289.244735][ T30] INFO: task syz-executor251:5260 blocked for more than 145 seconds. [ 289.252827][ T30] Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 289.294729][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.303427][ T30] task:syz-executor251 state:D stack:28064 pid:5260 tgid:5245 ppid:5239 flags:0x00004006 [ 289.364718][ T30] Call Trace: [ 289.368031][ T30] [ 289.370978][ T30] __schedule+0x17ae/0x4a10 [ 289.404756][ T30] ? __pfx___schedule+0x10/0x10 [ 289.409663][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.434754][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 289.440696][ T30] ? schedule+0x90/0x320 [ 289.464793][ T30] schedule+0x14b/0x320 [ 289.468991][ T30] d_alloc_parallel+0xc16/0x1600 [ 289.473954][ T30] ? d_alloc_parallel+0x311/0x1600 [ 289.524730][ T30] ? __pfx_d_alloc_parallel+0x10/0x10 [ 289.530158][ T30] ? __pfx_default_wake_function+0x10/0x10 [ 289.565604][ T30] ? __init_waitqueue_head+0xae/0x150 [ 289.571033][ T30] __lookup_slow+0x117/0x3f0 [ 289.599239][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 289.604405][ T30] ? generic_permission+0x1d6/0x550 [ 289.634813][ T30] lookup_slow+0x53/0x70 [ 289.639120][ T30] link_path_walk+0x99b/0xea0 [ 289.643832][ T30] path_lookupat+0xa9/0x450 [ 289.674811][ T30] filename_lookup+0x256/0x610 [ 289.679638][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 289.714919][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 289.720101][ T30] ? getname_flags+0x1e3/0x540 [ 289.754756][ T30] user_path_at+0x3a/0x60 [ 289.759154][ T30] __se_sys_mount+0x297/0x3c0 [ 289.763860][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 289.804728][ T30] ? do_syscall_64+0x100/0x230 [ 289.809559][ T30] ? __x64_sys_mount+0x20/0xc0 [ 289.814350][ T30] do_syscall_64+0xf3/0x230 [ 289.854773][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.859517][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.884757][ T30] RIP: 0033:0x7f05ca160b89 [ 289.889224][ T30] RSP: 002b:00007f05ca0f5238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.934748][ T30] RAX: ffffffffffffffda RBX: 00007f05ca1f26b8 RCX: 00007f05ca160b89 [ 289.942774][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 290.004791][ T30] RBP: 00007f05ca1f26b0 R08: 0000000000000000 R09: 00007f05ca0f56c0 [ 290.012819][ T30] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 290.074741][ T30] R13: 000000000000006e R14: 00007ffef128d550 R15: 00007ffef128d638 [ 290.082786][ T30] [ 290.124761][ T30] INFO: task syz-executor251:5259 blocked for more than 146 seconds. [ 290.132873][ T30] Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 290.174744][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.183501][ T30] task:syz-executor251 state:D stack:28064 pid:5259 tgid:5246 ppid:5241 flags:0x00004006 [ 290.254744][ T30] Call Trace: [ 290.258075][ T30] [ 290.261022][ T30] __schedule+0x17ae/0x4a10 [ 290.284749][ T30] ? __pfx___schedule+0x10/0x10 [ 290.289657][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.314752][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 290.320704][ T30] ? schedule+0x90/0x320 [ 290.354751][ T30] schedule+0x14b/0x320 [ 290.358963][ T30] d_alloc_parallel+0xc16/0x1600 [ 290.363963][ T30] ? d_alloc_parallel+0x311/0x1600 [ 290.404752][ T30] ? __pfx_d_alloc_parallel+0x10/0x10 [ 290.410181][ T30] ? __pfx_default_wake_function+0x10/0x10 [ 290.454782][ T30] ? __init_waitqueue_head+0xae/0x150 [ 290.460230][ T30] __lookup_slow+0x117/0x3f0 [ 290.484777][ T30] ? __pfx___lookup_slow+0x10/0x10 [ 290.489954][ T30] ? generic_permission+0x1d6/0x550 [ 290.524744][ T30] lookup_slow+0x53/0x70 [ 290.529050][ T30] link_path_walk+0x99b/0xea0 [ 290.533761][ T30] path_lookupat+0xa9/0x450 [ 290.564746][ T30] filename_lookup+0x256/0x610 [ 290.569585][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 290.594775][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 290.614989][ T30] ? getname_flags+0x1e3/0x540 [ 290.619811][ T30] user_path_at+0x3a/0x60 [ 290.624159][ T30] __se_sys_mount+0x297/0x3c0 [ 290.664754][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 290.670021][ T30] ? do_syscall_64+0x100/0x230 [ 290.704734][ T30] ? __x64_sys_mount+0x20/0xc0 [ 290.709559][ T30] do_syscall_64+0xf3/0x230 [ 290.714078][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.754840][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.760799][ T30] RIP: 0033:0x7f05ca160b89 [ 290.784748][ T30] RSP: 002b:00007f05ca0f5238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.793213][ T30] RAX: ffffffffffffffda RBX: 00007f05ca1f26b8 RCX: 00007f05ca160b89 [ 290.834743][ T30] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 290.842767][ T30] RBP: 00007f05ca1f26b0 R08: 0000000000000000 R09: 00007f05ca0f56c0 [ 290.904729][ T30] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 290.912755][ T30] R13: 000000000000006e R14: 00007ffef128d550 R15: 00007ffef128d638 [ 290.944744][ T30] [ 290.954825][ T30] [ 290.954825][ T30] Showing all locks held in the system: [ 290.962577][ T30] 1 lock held by khungtaskd/30: [ 290.994846][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 291.034761][ T30] 1 lock held by kswapd0/88: [ 291.039421][ T30] 2 locks held by getty/4975: [ 291.044104][ T30] #0: ffff88802f90a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 291.114754][ T30] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 291.154764][ T30] 1 lock held by syz-executor251/5247: [ 291.160270][ T30] 1 lock held by syz-executor251/5256: [ 291.184742][ T30] #0: ffff88807c6486c0 (&type->i_mutex_dir_key#6){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 291.214747][ T30] 3 locks held by syz-executor251/5248: [ 291.220332][ T30] 1 lock held by syz-executor251/5257: [ 291.254742][ T30] #0: ffff88807c7986c0 (&type->i_mutex_dir_key#6){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 291.294755][ T30] 2 locks held by syz-executor251/5249: [ 291.300345][ T30] 1 lock held by syz-executor251/5258: [ 291.344728][ T30] #0: ffff88807c648180 (&type->i_mutex_dir_key#6){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 291.374751][ T30] 1 lock held by syz-executor251/5251: [ 291.380259][ T30] 1 lock held by syz-executor251/5260: [ 291.404724][ T30] #0: ffff88807c798180 (&type->i_mutex_dir_key#6){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 291.434758][ T30] 2 locks held by syz-executor251/5250: [ 291.440343][ T30] 1 lock held by syz-executor251/5259: [ 291.474778][ T30] #0: ffff88807c648c00 (&type->i_mutex_dir_key#6){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 [ 291.504741][ T30] [ 291.507109][ T30] ============================================= [ 291.507109][ T30] [ 291.544741][ T30] NMI backtrace for cpu 1 [ 291.549113][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 291.559631][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 291.569698][ T30] Call Trace: [ 291.572985][ T30] [ 291.575924][ T30] dump_stack_lvl+0x241/0x360 [ 291.580618][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.585826][ T30] ? __pfx__printk+0x10/0x10 [ 291.590433][ T30] ? vprintk_emit+0x667/0x7c0 [ 291.595126][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 291.600165][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 291.605131][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.610605][ T30] ? _printk+0xd5/0x120 [ 291.614766][ T30] ? __pfx__printk+0x10/0x10 [ 291.619357][ T30] ? __wake_up_klogd+0xcc/0x110 [ 291.624207][ T30] ? __pfx__printk+0x10/0x10 [ 291.628794][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 291.633810][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 291.639784][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 291.645762][ T30] watchdog+0xff4/0x1040 [ 291.650003][ T30] ? watchdog+0x1ea/0x1040 [ 291.654419][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.659090][ T30] kthread+0x2f0/0x390 [ 291.663156][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.667827][ T30] ? __pfx_kthread+0x10/0x10 [ 291.672412][ T30] ret_from_fork+0x4b/0x80 [ 291.676823][ T30] ? __pfx_kthread+0x10/0x10 [ 291.681409][ T30] ret_from_fork_asm+0x1a/0x30 [ 291.686177][ T30] [ 291.689364][ T30] Sending NMI from CPU 1 to CPUs 0: [ 291.694610][ C0] NMI backtrace for cpu 0 [ 291.694626][ C0] CPU: 0 UID: 0 PID: 5248 Comm: syz-executor251 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 291.694644][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 291.694654][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x11/0x90 [ 291.694683][ C0] Code: 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 c0 d6 03 00 <65> 8b 05 90 46 70 7e 25 00 01 ff 00 74 10 3d 00 01 00 00 75 5b 83 [ 291.694701][ C0] RSP: 0018:ffffc90003b2eff0 EFLAGS: 00000246 [ 291.694715][ C0] RAX: 0000000000000001 RBX: ffffc90003b2f068 RCX: ffffffff91531000 [ 291.694727][ C0] RDX: ffff88802ab29e00 RSI: 0000000000000001 RDI: 0000000000000000 [ 291.694737][ C0] RBP: 0000000000000001 R08: ffffffff814125f8 R09: ffffffff814140bf [ 291.694748][ C0] R10: 0000000000000003 R11: ffff88802ab29e00 R12: ffff88802ab29e00 [ 291.694759][ C0] R13: ffffffff817f2eb0 R14: dffffc0000000000 R15: 1ffff92000765e0d [ 291.694771][ C0] FS: 00007f05ca1166c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 291.694785][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 291.694796][ C0] CR2: 0000559c9e5d0558 CR3: 000000005dee0000 CR4: 00000000003506f0 [ 291.694809][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 291.694818][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 291.694828][ C0] Call Trace: [ 291.694833][ C0] [ 291.694839][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 291.694859][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 291.694881][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.694898][ C0] ? nmi_handle+0x2a/0x5a0 [ 291.694920][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 291.694939][ C0] ? nmi_handle+0x14f/0x5a0 [ 291.694954][ C0] ? nmi_handle+0x2a/0x5a0 [ 291.694969][ C0] ? __sanitizer_cov_trace_const_cmp4+0x11/0x90 [ 291.694990][ C0] ? default_do_nmi+0x63/0x160 [ 291.695008][ C0] ? exc_nmi+0x123/0x1f0 [ 291.695026][ C0] ? end_repeat_nmi+0xf/0x53 [ 291.695043][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 291.695064][ C0] ? unwind_next_frame+0x196f/0x2a00 [ 291.695085][ C0] ? unwind_get_return_address+0x68/0xc0 [ 291.695107][ C0] ? __init_begin+0x41000/0x41000 [ 291.695124][ C0] ? __sanitizer_cov_trace_const_cmp4+0x11/0x90 [ 291.695146][ C0] ? __sanitizer_cov_trace_const_cmp4+0x11/0x90 [ 291.695168][ C0] ? __sanitizer_cov_trace_const_cmp4+0x11/0x90 [ 291.695189][ C0] [ 291.695194][ C0] [ 291.695199][ C0] unwind_get_return_address+0x68/0xc0 [ 291.695220][ C0] ? stack_trace_save+0x118/0x1d0 [ 291.695238][ C0] arch_stack_walk+0x125/0x1b0 [ 291.695256][ C0] ? kasan_save_track+0x3f/0x80 [ 291.695275][ C0] stack_trace_save+0x118/0x1d0 [ 291.695294][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 291.695319][ C0] kasan_save_track+0x3f/0x80 [ 291.695361][ C0] __kasan_slab_alloc+0x66/0x80 [ 291.695378][ C0] ? alloc_buffer_head+0x2a/0x290 [ 291.695398][ C0] kmem_cache_alloc_noprof+0x135/0x2a0 [ 291.695422][ C0] alloc_buffer_head+0x2a/0x290 [ 291.695440][ C0] ? folio_alloc_buffers+0x34c/0x5b0 [ 291.695461][ C0] folio_alloc_buffers+0x241/0x5b0 [ 291.695483][ C0] create_empty_buffers+0x3a/0x740 [ 291.695507][ C0] block_read_full_folio+0x25c/0xcd0 [ 291.695534][ C0] ? __pfx_get_block+0x10/0x10 [ 291.695555][ C0] ? __pfx_block_read_full_folio+0x10/0x10 [ 291.695592][ C0] ? __pfx_lru_add_fn+0x10/0x10 [ 291.695620][ C0] ? folio_add_lru+0x4b3/0x9e0 [ 291.695639][ C0] ? folio_add_lru+0x27b/0x9e0 [ 291.695661][ C0] filemap_read_folio+0x1a0/0x790 [ 291.695683][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.695704][ C0] ? __pfx_filemap_read_folio+0x10/0x10 [ 291.695726][ C0] ? __filemap_get_folio+0x984/0xc10 [ 291.695751][ C0] do_read_cache_folio+0x134/0x820 [ 291.695773][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.695796][ C0] do_read_cache_page+0x30/0x200 [ 291.695819][ C0] sysv_find_entry+0x1af/0x410 [ 291.695847][ C0] sysv_inode_by_name+0x98/0x1f0 [ 291.695869][ C0] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 291.695895][ C0] sysv_lookup+0x6b/0xe0 [ 291.695916][ C0] __lookup_slow+0x28c/0x3f0 [ 291.695936][ C0] ? __pfx___lookup_slow+0x10/0x10 [ 291.695956][ C0] ? generic_permission+0x1d6/0x550 [ 291.695976][ C0] lookup_slow+0x53/0x70 [ 291.695993][ C0] link_path_walk+0x99b/0xea0 [ 291.696017][ C0] path_lookupat+0xa9/0x450 [ 291.696037][ C0] filename_lookup+0x256/0x610 [ 291.696056][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 291.696084][ C0] ? strncpy_from_user+0x1a4/0x2e0 [ 291.696108][ C0] ? getname_flags+0x1e3/0x540 [ 291.696125][ C0] user_path_at+0x3a/0x60 [ 291.696143][ C0] __se_sys_mount+0x297/0x3c0 [ 291.696167][ C0] ? __pfx___se_sys_mount+0x10/0x10 [ 291.696189][ C0] ? do_syscall_64+0x100/0x230 [ 291.696205][ C0] ? __x64_sys_mount+0x20/0xc0 [ 291.696226][ C0] do_syscall_64+0xf3/0x230 [ 291.696241][ C0] ? clear_bhb_loop+0x35/0x90 [ 291.696258][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.696274][ C0] RIP: 0033:0x7f05ca160b89 [ 291.696288][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 291.696300][ C0] RSP: 002b:00007f05ca116238 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 291.696316][ C0] RAX: ffffffffffffffda RBX: 00007f05ca1f26a8 RCX: 00007f05ca160b89 [ 291.696327][ C0] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000000 [ 291.696336][ C0] RBP: 00007f05ca1f26a0 R08: 0000000000000000 R09: 00007f05ca1166c0 [ 291.696346][ C0] R10: 0000000000101091 R11: 0000000000000246 R12: 00007f05ca1b50c0 [ 291.696357][ C0] R13: 0000000000000006 R14: 00007ffef128d550 R15: 00007ffef128d638 [ 291.696375][ C0] [ 291.696381][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.772 msecs [ 292.134760][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 292.134780][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0 [ 292.134802][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 292.134812][ T30] Call Trace: [ 292.134819][ T30] [ 292.134827][ T30] dump_stack_lvl+0x241/0x360 [ 292.134858][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.134875][ T30] ? __pfx__printk+0x10/0x10 [ 292.134895][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 292.134924][ T30] ? vscnprintf+0x5d/0x90 [ 292.134945][ T30] panic+0x349/0x860 [ 292.134968][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.134989][ T30] ? __pfx_panic+0x10/0x10 [ 292.135009][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 292.135028][ T30] ? __irq_work_queue_local+0x137/0x410 [ 292.135051][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 292.135069][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.135087][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 292.135107][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 292.375238][ T30] watchdog+0x1033/0x1040 [ 292.379589][ T30] ? watchdog+0x1ea/0x1040 [ 292.384025][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.388712][ T30] kthread+0x2f0/0x390 [ 292.392796][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.397490][ T30] ? __pfx_kthread+0x10/0x10 [ 292.402094][ T30] ret_from_fork+0x4b/0x80 [ 292.406519][ T30] ? __pfx_kthread+0x10/0x10 [ 292.411120][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.415910][ T30] [ 292.419157][ T30] Kernel Offset: disabled [ 292.423472][ T30] Rebooting in 86400 seconds..