./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2921946249 <...> Warning: Permanently added '10.128.1.135' (ED25519) to the list of known hosts. execve("./syz-executor2921946249", ["./syz-executor2921946249"], 0x7ffdf6ac9d60 /* 10 vars */) = 0 brk(NULL) = 0x555587158000 brk(0x555587158d40) = 0x555587158d40 arch_prctl(ARCH_SET_FS, 0x5555871583c0) = 0 set_tid_address(0x555587158690) = 5244 set_robust_list(0x5555871586a0, 24) = 0 rseq(0x555587158ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2921946249", 4096) = 28 getrandom("\xf3\x86\x21\x65\x36\x9c\xc6\xfe", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555587158d40 brk(0x555587179d40) = 0x555587179d40 brk(0x55558717a000) = 0x55558717a000 mprotect(0x7f4a1e8f3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5245 attached [pid 5245] set_robust_list(0x5555871586a0, 24 [pid 5244] <... clone resumed>, child_tidptr=0x555587158690) = 5245 [pid 5245] <... set_robust_list resumed>) = 0 [pid 5245] mkdir("./syzkaller.TkjMus", 0700 [pid 5244] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5245] <... mkdir resumed>) = 0 [pid 5245] chmod("./syzkaller.TkjMus", 0777./strace-static-x86_64: Process 5246 attached [pid 5244] <... clone resumed>, child_tidptr=0x555587158690) = 5246 [pid 5246] set_robust_list(0x5555871586a0, 24 [pid 5244] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5246] <... set_robust_list resumed>) = 0 [pid 5245] <... chmod resumed>) = 0 [pid 5246] mkdir("./syzkaller.I9QX0Y", 0700 [pid 5245] chdir("./syzkaller.TkjMus" [pid 5246] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5247 attached [pid 5244] <... clone resumed>, child_tidptr=0x555587158690) = 5247 [pid 5245] <... chdir resumed>) = 0 [pid 5244] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5247] set_robust_list(0x5555871586a0, 24 [pid 5246] chmod("./syzkaller.I9QX0Y", 0777 [pid 5245] mkdir("./0", 0777 [pid 5247] <... set_robust_list resumed>) = 0 [pid 5246] <... chmod resumed>) = 0 [pid 5245] <... mkdir resumed>) = 0 [pid 5247] mkdir("./syzkaller.3zxWND", 0700 [pid 5246] chdir("./syzkaller.I9QX0Y") = 0 [pid 5246] mkdir("./0", 0777./strace-static-x86_64: Process 5248 attached [pid 5244] <... clone resumed>, child_tidptr=0x555587158690) = 5248 [pid 5247] <... mkdir resumed>) = 0 [pid 5245] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5248] set_robust_list(0x5555871586a0, 24 [pid 5247] chmod("./syzkaller.3zxWND", 0777 [pid 5248] <... set_robust_list resumed>) = 0 [pid 5247] <... chmod resumed>) = 0 [pid 5245] <... openat resumed>) = 3 [pid 5247] chdir("./syzkaller.3zxWND" [pid 5244] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5248] mkdir("./syzkaller.cwjdBT", 0700 [pid 5246] <... mkdir resumed>) = 0 [pid 5245] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5249 attached [pid 5247] <... chdir resumed>) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5245] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5249] set_robust_list(0x5555871586a0, 24 [pid 5248] <... mkdir resumed>) = 0 [pid 5246] <... openat resumed>) = 3 [pid 5244] <... clone resumed>, child_tidptr=0x555587158690) = 5249 [pid 5248] chmod("./syzkaller.cwjdBT", 0777 [pid 5247] mkdir("./0", 0777 [pid 5245] close(3 [pid 5249] <... set_robust_list resumed>) = 0 [pid 5249] mkdir("./syzkaller.f9dLYH", 0700 [pid 5246] ioctl(3, LOOP_CLR_FD [pid 5247] <... mkdir resumed>) = 0 [pid 5246] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5249] <... mkdir resumed>) = 0 [pid 5248] <... chmod resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5246] close(3 [pid 5245] <... close resumed>) = 0 [pid 5248] chdir("./syzkaller.cwjdBT" [pid 5245] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5248] <... chdir resumed>) = 0 [pid 5248] mkdir("./0", 0777 [pid 5247] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5250 attached [pid 5249] chmod("./syzkaller.f9dLYH", 0777 [pid 5247] ioctl(3, LOOP_CLR_FD [pid 5246] <... close resumed>) = 0 [pid 5250] set_robust_list(0x5555871586a0, 24 [pid 5249] <... chmod resumed>) = 0 [pid 5248] <... mkdir resumed>) = 0 [pid 5247] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5246] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5250] <... set_robust_list resumed>) = 0 [pid 5249] chdir("./syzkaller.f9dLYH" [pid 5247] close(3 [pid 5245] <... clone resumed>, child_tidptr=0x555587158690) = 5250 [pid 5248] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5250] chdir("./0" [pid 5249] <... chdir resumed>) = 0 [pid 5248] <... openat resumed>) = 3 [pid 5247] <... close resumed>) = 0 ./strace-static-x86_64: Process 5251 attached [pid 5251] set_robust_list(0x5555871586a0, 24) = 0 [pid 5251] chdir("./0" [pid 5248] ioctl(3, LOOP_CLR_FD [pid 5251] <... chdir resumed>) = 0 [pid 5248] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5250] <... chdir resumed>) = 0 [pid 5249] mkdir("./0", 0777 [pid 5248] close(3 [pid 5247] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5246] <... clone resumed>, child_tidptr=0x555587158690) = 5251 [pid 5251] <... prctl resumed>) = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5249] <... mkdir resumed>) = 0 [pid 5248] <... close resumed>) = 0 [pid 5249] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5251] setpgid(0, 0 [pid 5250] <... prctl resumed>) = 0 [pid 5248] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5249] <... openat resumed>) = 3 [pid 5249] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5253 attached [pid 5251] <... setpgid resumed>) = 0 [pid 5250] setpgid(0, 0 [pid 5249] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5253] set_robust_list(0x5555871586a0, 24 [pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5250] <... setpgid resumed>) = 0 [pid 5249] close(3 [pid 5253] <... set_robust_list resumed>) = 0 [pid 5249] <... close resumed>) = 0 [pid 5253] chdir("./0" [pid 5251] <... openat resumed>) = 3 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5249] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5250] <... openat resumed>) = 3 [pid 5251] write(3, "1000", 4 [pid 5250] write(3, "1000", 4 [pid 5248] <... clone resumed>, child_tidptr=0x555587158690) = 5253 [pid 5251] <... write resumed>) = 4 [pid 5251] close(3 [pid 5250] <... write resumed>) = 4 [pid 5247] <... clone resumed>, child_tidptr=0x555587158690) = 5254 [pid 5253] <... chdir resumed>) = 0 [pid 5251] <... close resumed>) = 0 [pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5254 attached [pid 5251] symlink("/dev/binderfs", "./binderfs" [pid 5250] close(3) = 0 [pid 5250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5251] <... symlink resumed>) = 0 [pid 5251] write(1, "executing program\n", 18./strace-static-x86_64: Process 5255 attached [pid 5254] set_robust_list(0x5555871586a0, 24 [pid 5253] <... prctl resumed>) = 0 [pid 5250] write(1, "executing program\n", 18 [pid 5249] <... clone resumed>, child_tidptr=0x555587158690) = 5255 executing program executing program [pid 5255] set_robust_list(0x5555871586a0, 24 [pid 5254] <... set_robust_list resumed>) = 0 [pid 5253] setpgid(0, 0 [pid 5251] <... write resumed>) = 18 [pid 5250] <... write resumed>) = 18 [pid 5255] <... set_robust_list resumed>) = 0 [pid 5254] chdir("./0" [pid 5253] <... setpgid resumed>) = 0 [pid 5251] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5255] chdir("./0" [pid 5254] <... chdir resumed>) = 0 [pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5255] <... chdir resumed>) = 0 [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5251] rt_sigaction(SIGRT_1, {sa_handler=0x7f4a1e88dfe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4a1e87f190}, [pid 5250] rt_sigaction(SIGRT_1, {sa_handler=0x7f4a1e88dfe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4a1e87f190}, [pid 5255] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5254] <... prctl resumed>) = 0 [pid 5253] <... openat resumed>) = 3 [pid 5251] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5255] <... prctl resumed>) = 0 [pid 5254] setpgid(0, 0 [pid 5253] write(3, "1000", 4 [pid 5251] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5250] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5255] setpgid(0, 0 [pid 5254] <... setpgid resumed>) = 0 [pid 5253] <... write resumed>) = 4 [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5255] <... setpgid resumed>) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5253] close(3 [pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5250] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5254] <... openat resumed>) = 3 [pid 5253] <... close resumed>) = 0 [pid 5251] <... mmap resumed>) = 0x7f4a1e7fd000 [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5254] write(3, "1000", 4 [pid 5255] <... openat resumed>) = 3 [pid 5254] <... write resumed>) = 4 [pid 5253] symlink("/dev/binderfs", "./binderfs" [pid 5251] mprotect(0x7f4a1e7fe000, 131072, PROT_READ|PROT_WRITE [pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5254] close(3 [pid 5253] <... symlink resumed>) = 0 [pid 5251] <... mprotect resumed>) = 0 [pid 5250] <... mmap resumed>) = 0x7f4a1e7fd000 [pid 5254] <... close resumed>) = 0 [pid 5255] write(3, "1000", 4 [pid 5254] symlink("/dev/binderfs", "./binderfs" [pid 5251] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5250] mprotect(0x7f4a1e7fe000, 131072, PROT_READ|PROT_WRITEexecuting program [pid 5255] <... write resumed>) = 4 [pid 5254] <... symlink resumed>) = 0 [pid 5253] write(1, "executing program\n", 18 [pid 5251] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5250] <... mprotect resumed>) = 0 executing program [pid 5255] close(3 [pid 5254] write(1, "executing program\n", 18 [pid 5253] <... write resumed>) = 18 [pid 5251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e81d990, parent_tid=0x7f4a1e81d990, exit_signal=0, stack=0x7f4a1e7fd000, stack_size=0x20300, tls=0x7f4a1e81d6c0} [pid 5250] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5255] <... close resumed>) = 0 [pid 5254] <... write resumed>) = 18 [pid 5253] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5255] symlink("/dev/binderfs", "./binderfs" [pid 5254] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5253] <... futex resumed>) = 0 [pid 5251] <... clone3 resumed> => {parent_tid=[5256]}, 88) = 5256 [pid 5250] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e81d990, parent_tid=0x7f4a1e81d990, exit_signal=0, stack=0x7f4a1e7fd000, stack_size=0x20300, tls=0x7f4a1e81d6c0}./strace-static-x86_64: Process 5256 attached [pid 5255] <... symlink resumed>) = 0 [pid 5254] <... futex resumed>) = 0 [pid 5253] rt_sigaction(SIGRT_1, {sa_handler=0x7f4a1e88dfe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4a1e87f190}, [pid 5251] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5257 attached [pid 5256] rseq(0x7f4a1e81dfe0, 0x20, 0, 0x53053053 [pid 5254] rt_sigaction(SIGRT_1, {sa_handler=0x7f4a1e88dfe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4a1e87f190}, [pid 5253] <... rt_sigaction resumed>NULL, 8) = 0 executing program [pid 5257] rseq(0x7f4a1e81dfe0, 0x20, 0, 0x53053053 [pid 5256] <... rseq resumed>) = 0 [pid 5255] write(1, "executing program\n", 18 [pid 5254] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5253] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] <... clone3 resumed> => {parent_tid=[5257]}, 88) = 5257 [pid 5257] <... rseq resumed>) = 0 [pid 5256] set_robust_list(0x7f4a1e81d9a0, 24 [pid 5255] <... write resumed>) = 18 [pid 5254] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5253] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5256] <... set_robust_list resumed>) = 0 [pid 5255] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5253] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5251] <... futex resumed>) = 0 [pid 5250] rt_sigprocmask(SIG_SETMASK, [], [pid 5257] set_robust_list(0x7f4a1e81d9a0, 24 [pid 5256] rt_sigprocmask(SIG_SETMASK, [], [pid 5255] <... futex resumed>) = 0 [pid 5254] <... mmap resumed>) = 0x7f4a1e7fd000 [pid 5253] <... mmap resumed>) = 0x7f4a1e7fd000 [pid 5251] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5257] <... set_robust_list resumed>) = 0 [pid 5256] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5255] rt_sigaction(SIGRT_1, {sa_handler=0x7f4a1e88dfe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4a1e87f190}, [pid 5254] mprotect(0x7f4a1e7fe000, 131072, PROT_READ|PROT_WRITE [pid 5253] mprotect(0x7f4a1e7fe000, 131072, PROT_READ|PROT_WRITE [pid 5250] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5257] rt_sigprocmask(SIG_SETMASK, [], [pid 5256] memfd_create("syzkaller", 0 [pid 5255] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5253] <... mprotect resumed>) = 0 [pid 5257] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5256] <... memfd_create resumed>) = 3 [pid 5255] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5254] <... mprotect resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5255] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5253] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5250] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5257] memfd_create("syzkaller", 0 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5255] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5254] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5253] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5255] <... mmap resumed>) = 0x7f4a1e7fd000 [pid 5254] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5257] <... memfd_create resumed>) = 3 [pid 5256] <... mmap resumed>) = 0x7f4a16200000 [pid 5255] mprotect(0x7f4a1e7fe000, 131072, PROT_READ|PROT_WRITE [pid 5254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e81d990, parent_tid=0x7f4a1e81d990, exit_signal=0, stack=0x7f4a1e7fd000, stack_size=0x20300, tls=0x7f4a1e81d6c0} [pid 5253] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e81d990, parent_tid=0x7f4a1e81d990, exit_signal=0, stack=0x7f4a1e7fd000, stack_size=0x20300, tls=0x7f4a1e81d6c0}./strace-static-x86_64: Process 5258 attached [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5255] <... mprotect resumed>) = 0 [pid 5258] rseq(0x7f4a1e81dfe0, 0x20, 0, 0x53053053) = 0 [pid 5257] <... mmap resumed>) = 0x7f4a16200000 [pid 5255] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5254] <... clone3 resumed> => {parent_tid=[5259]}, 88) = 5259 ./strace-static-x86_64: Process 5259 attached [pid 5258] set_robust_list(0x7f4a1e81d9a0, 24 [pid 5255] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5254] rt_sigprocmask(SIG_SETMASK, [], [pid 5253] <... clone3 resumed> => {parent_tid=[5258]}, 88) = 5258 [pid 5259] rseq(0x7f4a1e81dfe0, 0x20, 0, 0x53053053 [pid 5258] <... set_robust_list resumed>) = 0 [pid 5255] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e81d990, parent_tid=0x7f4a1e81d990, exit_signal=0, stack=0x7f4a1e7fd000, stack_size=0x20300, tls=0x7f4a1e81d6c0} [pid 5253] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5260 attached [pid 5259] <... rseq resumed>) = 0 [pid 5258] rt_sigprocmask(SIG_SETMASK, [], [pid 5253] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5260] rseq(0x7f4a1e81dfe0, 0x20, 0, 0x53053053 [pid 5258] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5253] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5260] <... rseq resumed>) = 0 [pid 5258] memfd_create("syzkaller", 0 [pid 5255] <... clone3 resumed> => {parent_tid=[5260]}, 88) = 5260 [pid 5253] <... futex resumed>) = 0 [pid 5260] set_robust_list(0x7f4a1e81d9a0, 24 [pid 5259] set_robust_list(0x7f4a1e81d9a0, 24 [pid 5257] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5259] <... set_robust_list resumed>) = 0 [pid 5260] <... set_robust_list resumed>) = 0 [pid 5255] rt_sigprocmask(SIG_SETMASK, [], [pid 5253] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5260] rt_sigprocmask(SIG_SETMASK, [], [pid 5255] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5260] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5258] <... memfd_create resumed>) = 3 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5255] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5260] memfd_create("syzkaller", 0 [pid 5259] rt_sigprocmask(SIG_SETMASK, [], [pid 5258] <... mmap resumed>) = 0x7f4a16200000 [pid 5256] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5255] <... futex resumed>) = 0 [pid 5254] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5257] <... write resumed>) = 65536 [pid 5254] <... futex resumed>) = 0 [pid 5260] <... memfd_create resumed>) = 3 [pid 5255] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5259] memfd_create("syzkaller", 0 [pid 5258] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5257] munmap(0x7f4a16200000, 138412032 [pid 5256] <... write resumed>) = 65536 [pid 5254] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5260] <... mmap resumed>) = 0x7f4a16200000 [pid 5260] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5258] <... write resumed>) = 65536 [pid 5258] munmap(0x7f4a16200000, 138412032) = 0 [pid 5260] <... write resumed>) = 65536 [pid 5257] <... munmap resumed>) = 0 [pid 5256] munmap(0x7f4a16200000, 138412032 [pid 5259] <... memfd_create resumed>) = 3 [pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5256] <... munmap resumed>) = 0 [pid 5259] <... mmap resumed>) = 0x7f4a16200000 [pid 5258] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5260] munmap(0x7f4a16200000, 138412032 [pid 5258] <... openat resumed>) = 4 [pid 5256] <... openat resumed>) = 4 [pid 5260] <... munmap resumed>) = 0 [pid 5258] ioctl(4, LOOP_SET_FD, 3 [pid 5259] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5257] <... openat resumed>) = 4 [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 5257] ioctl(4, LOOP_SET_FD, 3 [pid 5260] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5260] ioctl(4, LOOP_SET_FD, 3 [pid 5258] <... ioctl resumed>) = 0 [pid 5258] close(3) = 0 [pid 5258] close(4) = 0 [pid 5258] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5259] <... write resumed>) = 65536 [pid 5258] <... mkdir resumed>) = 0 [ 134.001650][ T5258] loop3: detected capacity change from 0 to 128 [ 134.009831][ T5256] loop1: detected capacity change from 0 to 128 [ 134.011098][ T5260] loop4: detected capacity change from 0 to 128 [ 134.016739][ T5257] loop0: detected capacity change from 0 to 128 [ 134.032419][ T5258] ======================================================= [ 134.032419][ T5258] WARNING: The mand mount option has been deprecated and [pid 5258] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5259] munmap(0x7f4a16200000, 138412032 [pid 5257] <... ioctl resumed>) = 0 [pid 5256] <... ioctl resumed>) = 0 [pid 5260] <... ioctl resumed>) = 0 [pid 5260] close(3) = 0 [pid 5260] close(4) = 0 [pid 5259] <... munmap resumed>) = 0 [pid 5257] close(3 [pid 5256] close(3 [pid 5260] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5256] <... close resumed>) = 0 [pid 5257] <... close resumed>) = 0 [pid 5260] <... mkdir resumed>) = 0 [pid 5257] close(4 [pid 5256] close(4 [pid 5260] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5257] <... close resumed>) = 0 [pid 5256] <... close resumed>) = 0 [pid 5259] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5257] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5256] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5257] <... mkdir resumed>) = 0 [pid 5260] <... mount resumed>) = 0 [pid 5259] <... openat resumed>) = 4 [pid 5257] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5256] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5260] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5260] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5260] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5255] <... futex resumed>) = 0 [pid 5260] futex(0x7f4a1e8f96a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5255] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5260] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5255] <... futex resumed>) = 0 [pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_NONBLOCK [pid 5255] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5259] ioctl(4, LOOP_SET_FD, 3 [pid 5257] <... mount resumed>) = 0 [pid 5256] <... mount resumed>) = 0 [pid 5256] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5257] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5256] <... openat resumed>) = 3 [ 134.032419][ T5258] and is ignored by this kernel. Remove the mand [ 134.032419][ T5258] option from the mount to silence this warning. [ 134.032419][ T5258] ======================================================= [ 134.084823][ T5260] syz-executor292: attempt to access beyond end of device [ 134.084823][ T5260] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5257] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5259] <... ioctl resumed>) = 0 [pid 5257] <... chdir resumed>) = 0 [pid 5256] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5258] <... mount resumed>) = 0 [pid 5258] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5258] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5258] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5258] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5258] futex(0x7f4a1e8f96a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5253] <... futex resumed>) = 0 [pid 5253] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5258] <... futex resumed>) = 0 [pid 5253] <... futex resumed>) = 1 [pid 5258] openat(AT_FDCWD, "./file0", O_RDONLY|O_NONBLOCK [pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5256] <... chdir resumed>) = 0 [pid 5255] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5253] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5255] futex(0x7f4a1e8f96bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5255] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5256] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5255] <... mmap resumed>) = 0x7f4a1e7dc000 [pid 5255] mprotect(0x7f4a1e7dd000, 131072, PROT_READ|PROT_WRITE [pid 5257] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5256] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5255] <... mprotect resumed>) = 0 [pid 5255] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5257] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5256] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5255] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5257] <... futex resumed>) = 1 [pid 5256] <... futex resumed>) = 1 [pid 5255] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e7fc990, parent_tid=0x7f4a1e7fc990, exit_signal=0, stack=0x7f4a1e7dc000, stack_size=0x20300, tls=0x7f4a1e7fc6c0} [pid 5257] futex(0x7f4a1e8f96a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5256] futex(0x7f4a1e8f96a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5255] <... clone3 resumed> => {parent_tid=[5262]}, 88) = 5262 ./strace-static-x86_64: Process 5262 attached [pid 5255] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5262] rseq(0x7f4a1e7fcfe0, 0x20, 0, 0x53053053 [pid 5255] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5262] <... rseq resumed>) = 0 [pid 5255] futex(0x7f4a1e8f96b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5262] set_robust_list(0x7f4a1e7fc9a0, 24 [pid 5259] close(3 [pid 5257] <... futex resumed>) = 0 [pid 5256] <... futex resumed>) = 0 [pid 5255] <... futex resumed>) = 0 [pid 5251] <... futex resumed>) = 1 [pid 5250] <... futex resumed>) = 1 [pid 5262] <... set_robust_list resumed>) = 0 [pid 5259] <... close resumed>) = 0 [pid 5257] openat(AT_FDCWD, "./file0", O_RDONLY|O_NONBLOCK [pid 5256] openat(AT_FDCWD, "./file0", O_RDONLY|O_NONBLOCK [pid 5255] futex(0x7f4a1e8f96bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5251] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 134.105696][ T5259] loop2: detected capacity change from 0 to 128 [ 134.106853][ T5260] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 134.129406][ T5258] syz-executor292: attempt to access beyond end of device [ 134.129406][ T5258] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5250] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5262] rt_sigprocmask(SIG_SETMASK, [], [pid 5259] close(4 [pid 5262] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 134.157828][ T5257] syz-executor292: attempt to access beyond end of device [ 134.157828][ T5257] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 134.159971][ T5258] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 134.172079][ T5256] syz-executor292: attempt to access beyond end of device [ 134.172079][ T5256] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 134.181114][ T5260] syz-executor292: attempt to access beyond end of device [pid 5262] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_SYNC|O_LARGEFILE|FASYNC, 000 [pid 5259] <... close resumed>) = 0 [pid 5255] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5253] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5253] futex(0x7f4a1e8f96bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5253] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5250] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5251] futex(0x7f4a1e8f96bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7f4a1e8f96bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5253] <... mmap resumed>) = 0x7f4a1e7dc000 [pid 5251] <... mmap resumed>) = 0x7f4a1e7dc000 [pid 5250] <... mmap resumed>) = 0x7f4a1e7dc000 [pid 5253] mprotect(0x7f4a1e7dd000, 131072, PROT_READ|PROT_WRITE [pid 5251] mprotect(0x7f4a1e7dd000, 131072, PROT_READ|PROT_WRITE [pid 5250] mprotect(0x7f4a1e7dd000, 131072, PROT_READ|PROT_WRITE [pid 5253] <... mprotect resumed>) = 0 [pid 5251] <... mprotect resumed>) = 0 [pid 5250] <... mprotect resumed>) = 0 [pid 5253] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5251] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5250] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5253] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5251] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5250] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5253] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e7fc990, parent_tid=0x7f4a1e7fc990, exit_signal=0, stack=0x7f4a1e7dc000, stack_size=0x20300, tls=0x7f4a1e7fc6c0} [pid 5251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e7fc990, parent_tid=0x7f4a1e7fc990, exit_signal=0, stack=0x7f4a1e7dc000, stack_size=0x20300, tls=0x7f4a1e7fc6c0} [pid 5250] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e7fc990, parent_tid=0x7f4a1e7fc990, exit_signal=0, stack=0x7f4a1e7dc000, stack_size=0x20300, tls=0x7f4a1e7fc6c0} [pid 5251] <... clone3 resumed> => {parent_tid=[5264]}, 88) = 5264 [pid 5250] <... clone3 resumed> => {parent_tid=[5263]}, 88) = 5263 [pid 5253] <... clone3 resumed> => {parent_tid=[5265]}, 88) = 5265 [pid 5251] rt_sigprocmask(SIG_SETMASK, [], [pid 5250] rt_sigprocmask(SIG_SETMASK, [], [pid 5259] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777./strace-static-x86_64: Process 5264 attached [pid 5253] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5253] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] futex(0x7f4a1e8f96b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7f4a1e8f96b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5253] futex(0x7f4a1e8f96b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = 0 [pid 5259] <... mkdir resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5264] rseq(0x7f4a1e7fcfe0, 0x20, 0, 0x53053053 [pid 5259] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5253] <... futex resumed>) = 0 [pid 5251] futex(0x7f4a1e8f96bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5250] futex(0x7f4a1e8f96bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5253] futex(0x7f4a1e8f96bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5265 attached ./strace-static-x86_64: Process 5263 attached [pid 5265] rseq(0x7f4a1e7fcfe0, 0x20, 0, 0x53053053 [pid 5263] rseq(0x7f4a1e7fcfe0, 0x20, 0, 0x53053053 [pid 5265] <... rseq resumed>) = 0 [pid 5263] <... rseq resumed>) = 0 [pid 5265] set_robust_list(0x7f4a1e7fc9a0, 24 [pid 5263] set_robust_list(0x7f4a1e7fc9a0, 24 [pid 5265] <... set_robust_list resumed>) = 0 [pid 5263] <... set_robust_list resumed>) = 0 [pid 5265] rt_sigprocmask(SIG_SETMASK, [], [pid 5263] rt_sigprocmask(SIG_SETMASK, [], [pid 5265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5265] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_SYNC|O_LARGEFILE|FASYNC, 000 [pid 5263] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_SYNC|O_LARGEFILE|FASYNC, 000 [pid 5264] <... rseq resumed>) = 0 [ 134.181114][ T5260] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 134.208864][ T5257] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 134.227444][ T5258] syz-executor292: attempt to access beyond end of device [ 134.227444][ T5258] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 134.231384][ T5256] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 134.243915][ T5260] Buffer I/O error on dev loop4, logical block 8833403, async page read [pid 5264] set_robust_list(0x7f4a1e7fc9a0, 24 [pid 5259] <... mount resumed>) = 0 [pid 5264] <... set_robust_list resumed>) = 0 [pid 5259] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5253] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5250] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 134.254974][ T5257] syz-executor292: attempt to access beyond end of device [ 134.254974][ T5257] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 134.260445][ T5258] Buffer I/O error on dev loop3, logical block 8833403, async page read [ 134.275728][ T5256] syz-executor292: attempt to access beyond end of device [ 134.275728][ T5256] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 134.284214][ T5260] syz-executor292: attempt to access beyond end of device [ 134.284214][ T5260] loop4: rw=0, sector=26539618, nr_sectors = 2 limit=128 [pid 5264] rt_sigprocmask(SIG_SETMASK, [], [pid 5259] <... openat resumed>) = 3 [pid 5264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5259] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5264] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_SYNC|O_LARGEFILE|FASYNC, 000 [pid 5259] <... chdir resumed>) = 0 [pid 5259] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5259] futex(0x7f4a1e8f96ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5254] <... futex resumed>) = 0 [pid 5259] futex(0x7f4a1e8f96a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5254] futex(0x7f4a1e8f96a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5254] <... futex resumed>) = 0 [pid 5254] futex(0x7f4a1e8f96ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 134.295532][ T5257] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 134.311922][ T5258] syz-executor292: attempt to access beyond end of device [ 134.311922][ T5258] loop3: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 134.317603][ T5256] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 134.340296][ T5257] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 134.349345][ T5257] Buffer I/O error on dev loop0, logical block 8073606, async page read [pid 5259] openat(AT_FDCWD, "./file0", O_RDONLY|O_NONBLOCK [pid 5254] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5254] futex(0x7f4a1e8f96bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4a1e7dc000 [pid 5254] mprotect(0x7f4a1e7dd000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5254] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4a1e7fc990, parent_tid=0x7f4a1e7fc990, exit_signal=0, stack=0x7f4a1e7dc000, stack_size=0x20300, tls=0x7f4a1e7fc6c0} => {parent_tid=[5266]}, 88) = 5266 [pid 5254] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5254] futex(0x7f4a1e8f96b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5254] futex(0x7f4a1e8f96bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5266 attached [pid 5266] rseq(0x7f4a1e7fcfe0, 0x20, 0, 0x53053053) = 0 [pid 5266] set_robust_list(0x7f4a1e7fc9a0, 24) = 0 [pid 5266] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5266] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_SYNC|O_LARGEFILE|FASYNC, 000 [pid 5254] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5255] exit_group(0) = ? [pid 5251] exit_group(0) = ? [pid 5253] exit_group(0) = ? [pid 5250] exit_group(0) = ? [pid 5254] exit_group(0) = ? [pid 5245] kill(-5250, SIGKILL) = 0 [pid 5245] kill(5250, SIGKILL) = 0 [pid 5246] kill(-5251, SIGKILL) = 0 [pid 5246] kill(5251, SIGKILL) = 0 [pid 5248] kill(-5253, SIGKILL) = 0 [pid 5248] kill(5253, SIGKILL) = 0 [pid 5247] kill(-5254, SIGKILL) = 0 [pid 5247] kill(5254, SIGKILL) = 0 [pid 5249] kill(-5255, SIGKILL) = 0 [pid 5249] kill(5255, SIGKILL) = 0 [pid 5249] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5249] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5249] getdents64(3, 0x555587159730 /* 2 entries */, 32768) = 48 [pid 5249] getdents64(3, 0x555587159730 /* 0 entries */, 32768) = 0 [pid 5249] close(3) = 0 [pid 5247] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5247] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5247] getdents64(3, 0x555587159730 /* 2 entries */, 32768) = 48 [pid 5247] getdents64(3, 0x555587159730 /* 0 entries */, 32768) = 0 [pid 5247] close(3) = 0 [pid 5248] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5248] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5248] getdents64(3, 0x555587159730 /* 2 entries */, 32768) = 48 [pid 5248] getdents64(3, 0x555587159730 /* 0 entries */, 32768) = 0 [pid 5248] close(3) = 0 [pid 5245] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5245] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5245] getdents64(3, 0x555587159730 /* 2 entries */, 32768) = 48 [pid 5245] getdents64(3, 0x555587159730 /* 0 entries */, 32768) = 0 [pid 5245] close(3) = 0 [pid 5246] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5246] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5246] getdents64(3, 0x555587159730 /* 2 entries */, 32768) = 48 [pid 5246] getdents64(3, 0x555587159730 /* 0 entries */, 32768) = 0 [pid 5246] close(3) = 0 [ 286.685055][ T30] INFO: task syz-executor292:5263 blocked for more than 143 seconds. [ 286.693361][ T30] Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 286.754844][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.763571][ T30] task:syz-executor292 state:D stack:27952 pid:5263 tgid:5250 ppid:5245 flags:0x00004006 [ 286.814856][ T30] Call Trace: [ 286.818189][ T30] [ 286.821136][ T30] __schedule+0x17ae/0x4a10 [ 286.845303][ T30] ? __pfx___schedule+0x10/0x10 [ 286.850217][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.894866][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.900914][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.934845][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.940037][ T30] ? schedule+0x90/0x320 [ 286.944302][ T30] schedule+0x14b/0x320 [ 286.984852][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.990378][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 287.024842][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 287.030827][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.064885][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.069984][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.114856][ T30] down_write+0x1d7/0x220 [ 287.119252][ T30] ? __pfx_down_write+0x10/0x10 [ 287.124121][ T30] ? sb_end_write+0xe9/0x1c0 [ 287.154875][ T30] path_openat+0x7fb/0x3470 [ 287.159456][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 287.184883][ T30] ? __lock_acquire+0x137a/0x2040 [ 287.189990][ T30] ? __pfx_path_openat+0x10/0x10 [ 287.224884][ T30] do_filp_open+0x235/0x490 [ 287.229550][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 287.234625][ T30] ? _raw_spin_unlock+0x28/0x50 [ 287.264845][ T30] ? alloc_fd+0x5a1/0x640 [ 287.269252][ T30] do_sys_openat2+0x13e/0x1d0 [ 287.273953][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.309479][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 287.314722][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.354856][ T30] ? ptrace_notify+0x279/0x380 [ 287.359701][ T30] __x64_sys_open+0x225/0x270 [ 287.364419][ T30] ? __pfx___x64_sys_open+0x10/0x10 [ 287.414973][ T30] ? do_syscall_64+0x100/0x230 [ 287.419813][ T30] do_syscall_64+0xf3/0x230 [ 287.424337][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.474853][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.480909][ T30] RIP: 0033:0x7f4a1e867bc9 [ 287.514862][ T30] RSP: 002b:00007f4a1e7fc218 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 287.523357][ T30] RAX: ffffffffffffffda RBX: 00007f4a1e8f96b8 RCX: 00007f4a1e867bc9 [ 287.574851][ T30] RDX: 0000000000000000 RSI: 000000000010b942 RDI: 0000000020000080 [ 287.582879][ T30] RBP: 00007f4a1e8f96b0 R08: 00007ffee00fdc47 R09: 0000000000000000 [ 287.624853][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a1e8f96bc [ 287.632891][ T30] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 287.694861][ T30] [ 287.697945][ T30] INFO: task syz-executor292:5264 blocked for more than 144 seconds. [ 287.724849][ T30] Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 287.732871][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.784843][ T30] task:syz-executor292 state:D stack:27952 pid:5264 tgid:5251 ppid:5246 flags:0x00004006 [ 287.824857][ T30] Call Trace: [ 287.828184][ T30] [ 287.831123][ T30] __schedule+0x17ae/0x4a10 [ 287.864863][ T30] ? __pfx___schedule+0x10/0x10 [ 287.869868][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.904850][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.910903][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.934840][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.940019][ T30] ? schedule+0x90/0x320 [ 287.944284][ T30] schedule+0x14b/0x320 [ 287.974872][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.980394][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 288.024843][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 288.030814][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.074844][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.079955][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 288.114847][ T30] down_write+0x1d7/0x220 [ 288.119239][ T30] ? __pfx_down_write+0x10/0x10 [ 288.124112][ T30] ? sb_end_write+0xe9/0x1c0 [ 288.164873][ T30] path_openat+0x7fb/0x3470 [ 288.169458][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 288.214851][ T30] ? __lock_acquire+0x137a/0x2040 [ 288.219959][ T30] ? __pfx_path_openat+0x10/0x10 [ 288.254865][ T30] do_filp_open+0x235/0x490 [ 288.259436][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 288.264506][ T30] ? _raw_spin_unlock+0x28/0x50 [ 288.294844][ T30] ? alloc_fd+0x5a1/0x640 [ 288.299242][ T30] do_sys_openat2+0x13e/0x1d0 [ 288.303943][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 288.334866][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 288.340124][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 288.384870][ T30] ? ptrace_notify+0x279/0x380 [ 288.389703][ T30] __x64_sys_open+0x225/0x270 [ 288.394442][ T30] ? __pfx___x64_sys_open+0x10/0x10 [ 288.424876][ T30] ? do_syscall_64+0x100/0x230 [ 288.429709][ T30] do_syscall_64+0xf3/0x230 [ 288.434240][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.474860][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.480826][ T30] RIP: 0033:0x7f4a1e867bc9 [ 288.514863][ T30] RSP: 002b:00007f4a1e7fc218 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 288.523349][ T30] RAX: ffffffffffffffda RBX: 00007f4a1e8f96b8 RCX: 00007f4a1e867bc9 [ 288.564872][ T30] RDX: 0000000000000000 RSI: 000000000010b942 RDI: 0000000020000080 [ 288.572918][ T30] RBP: 00007f4a1e8f96b0 R08: 00007ffee00fdc47 R09: 0000000000000000 [ 288.624877][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a1e8f96bc [ 288.632916][ T30] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 288.674867][ T30] [ 288.677954][ T30] INFO: task syz-executor292:5265 blocked for more than 145 seconds. [ 288.714866][ T30] Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 288.722555][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.764873][ T30] task:syz-executor292 state:D stack:27952 pid:5265 tgid:5253 ppid:5248 flags:0x00004006 [ 288.794854][ T30] Call Trace: [ 288.798271][ T30] [ 288.801221][ T30] __schedule+0x17ae/0x4a10 [ 288.844912][ T30] ? __pfx___schedule+0x10/0x10 [ 288.849831][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.884876][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.890931][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.924870][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.930058][ T30] ? schedule+0x90/0x320 [ 288.934327][ T30] schedule+0x14b/0x320 [ 288.964905][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.970535][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 289.004872][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 289.010856][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.044878][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.049997][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 289.094855][ T30] down_write+0x1d7/0x220 [ 289.099252][ T30] ? __pfx_down_write+0x10/0x10 [ 289.104124][ T30] ? sb_end_write+0xe9/0x1c0 [ 289.134857][ T30] path_openat+0x7fb/0x3470 [ 289.139473][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 289.165158][ T30] ? __lock_acquire+0x137a/0x2040 [ 289.170254][ T30] ? __pfx_path_openat+0x10/0x10 [ 289.194861][ T30] do_filp_open+0x235/0x490 [ 289.199524][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 289.204596][ T30] ? _raw_spin_unlock+0x28/0x50 [ 289.234868][ T30] ? alloc_fd+0x5a1/0x640 [ 289.239286][ T30] do_sys_openat2+0x13e/0x1d0 [ 289.243989][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 289.294858][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 289.300118][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 289.334855][ T30] ? ptrace_notify+0x279/0x380 [ 289.339691][ T30] __x64_sys_open+0x225/0x270 [ 289.344394][ T30] ? __pfx___x64_sys_open+0x10/0x10 [ 289.374856][ T30] ? do_syscall_64+0x100/0x230 [ 289.379783][ T30] do_syscall_64+0xf3/0x230 [ 289.384306][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.424877][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.430839][ T30] RIP: 0033:0x7f4a1e867bc9 [ 289.464911][ T30] RSP: 002b:00007f4a1e7fc218 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 289.473392][ T30] RAX: ffffffffffffffda RBX: 00007f4a1e8f96b8 RCX: 00007f4a1e867bc9 [ 289.524872][ T30] RDX: 0000000000000000 RSI: 000000000010b942 RDI: 0000000020000080 [ 289.532914][ T30] RBP: 00007f4a1e8f96b0 R08: 00007ffee00fdc47 R09: 0000000000000000 [ 289.585290][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a1e8f96bc [ 289.593335][ T30] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 289.624923][ T30] [ 289.628014][ T30] INFO: task syz-executor292:5266 blocked for more than 146 seconds. [ 289.655384][ T30] Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 289.663080][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.724876][ T30] task:syz-executor292 state:D stack:27928 pid:5266 tgid:5254 ppid:5247 flags:0x00004006 [ 289.754852][ T30] Call Trace: [ 289.758197][ T30] [ 289.761144][ T30] __schedule+0x17ae/0x4a10 [ 289.794873][ T30] ? __pfx___schedule+0x10/0x10 [ 289.799799][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.824927][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.830982][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.874852][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.880043][ T30] ? schedule+0x90/0x320 [ 289.884312][ T30] schedule+0x14b/0x320 [ 289.925108][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.930641][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 289.965009][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 289.970989][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.004877][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.009987][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 290.035096][ T30] down_write+0x1d7/0x220 [ 290.039530][ T30] ? __pfx_down_write+0x10/0x10 [ 290.044401][ T30] ? sb_end_write+0xe9/0x1c0 [ 290.094849][ T30] path_openat+0x7fb/0x3470 [ 290.099433][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 290.134865][ T30] ? __lock_acquire+0x137a/0x2040 [ 290.139968][ T30] ? __pfx_path_openat+0x10/0x10 [ 290.164901][ T30] do_filp_open+0x235/0x490 [ 290.169468][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 290.174560][ T30] ? _raw_spin_unlock+0x28/0x50 [ 290.204868][ T30] ? alloc_fd+0x5a1/0x640 [ 290.209270][ T30] do_sys_openat2+0x13e/0x1d0 [ 290.213967][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.244913][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 290.250165][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 290.284953][ T30] ? ptrace_notify+0x279/0x380 [ 290.289792][ T30] __x64_sys_open+0x225/0x270 [ 290.294515][ T30] ? __pfx___x64_sys_open+0x10/0x10 [ 290.334864][ T30] ? do_syscall_64+0x100/0x230 [ 290.339722][ T30] do_syscall_64+0xf3/0x230 [ 290.344264][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.394854][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.400820][ T30] RIP: 0033:0x7f4a1e867bc9 [ 290.434846][ T30] RSP: 002b:00007f4a1e7fc218 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 290.443333][ T30] RAX: ffffffffffffffda RBX: 00007f4a1e8f96b8 RCX: 00007f4a1e867bc9 [ 290.504857][ T30] RDX: 0000000000000000 RSI: 000000000010b942 RDI: 0000000020000080 [ 290.512896][ T30] RBP: 00007f4a1e8f96b0 R08: 00007ffee00fdc47 R09: 0000000000000000 [ 290.564852][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a1e8f96bc [ 290.572891][ T30] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 290.644953][ T30] [ 290.648103][ T30] INFO: task syz-executor292:5262 blocked for more than 147 seconds. [ 290.674848][ T30] Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 290.682532][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.714846][ T30] task:syz-executor292 state:D stack:27320 pid:5262 tgid:5255 ppid:5249 flags:0x00004006 [ 290.754852][ T30] Call Trace: [ 290.758183][ T30] [ 290.761131][ T30] __schedule+0x17ae/0x4a10 [ 290.794867][ T30] ? __pfx___schedule+0x10/0x10 [ 290.799785][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.824896][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.831034][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.855291][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.860471][ T30] ? schedule+0x90/0x320 [ 290.864735][ T30] schedule+0x14b/0x320 [ 290.904907][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.910435][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 290.944873][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 290.950852][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.984955][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.990068][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 291.014846][ T30] down_write+0x1d7/0x220 [ 291.019236][ T30] ? __pfx_down_write+0x10/0x10 [ 291.024113][ T30] ? sb_end_write+0xe9/0x1c0 [ 291.064904][ T30] path_openat+0x7fb/0x3470 [ 291.069486][ T30] ? __lock_acquire+0x137a/0x2040 [ 291.074546][ T30] ? __pfx_path_openat+0x10/0x10 [ 291.134862][ T30] do_filp_open+0x235/0x490 [ 291.139442][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 291.144512][ T30] ? _raw_spin_unlock+0x28/0x50 [ 291.195082][ T30] ? alloc_fd+0x5a1/0x640 [ 291.199581][ T30] do_sys_openat2+0x13e/0x1d0 [ 291.204278][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 291.254848][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 291.260106][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 291.294839][ T30] ? ptrace_notify+0x279/0x380 [ 291.299660][ T30] __x64_sys_open+0x225/0x270 [ 291.304363][ T30] ? __pfx___x64_sys_open+0x10/0x10 [ 291.334867][ T30] ? do_syscall_64+0x100/0x230 [ 291.339699][ T30] do_syscall_64+0xf3/0x230 [ 291.344218][ T30] ? clear_bhb_loop+0x35/0x90 [ 291.374847][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.380802][ T30] RIP: 0033:0x7f4a1e867bc9 [ 291.414839][ T30] RSP: 002b:00007f4a1e7fc218 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 291.423318][ T30] RAX: ffffffffffffffda RBX: 00007f4a1e8f96b8 RCX: 00007f4a1e867bc9 [ 291.488017][ T30] RDX: 0000000000000000 RSI: 000000000010b942 RDI: 0000000020000080 [ 291.514843][ T30] RBP: 00007f4a1e8f96b0 R08: 00007ffee00fdc47 R09: 0000000000000000 [ 291.522871][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4a1e8f96bc [ 291.564912][ T30] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 291.573065][ T30] [ 291.604959][ T30] [ 291.604959][ T30] Showing all locks held in the system: [ 291.612732][ T30] 1 lock held by khungtaskd/30: [ 291.654845][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 291.684931][ T30] 1 lock held by kswapd0/89: [ 291.689599][ T30] 2 locks held by getty/4976: [ 291.694283][ T30] #0: ffff88803030c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 291.744868][ T30] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 291.794909][ T30] 2 locks held by syz-executor292/5257: [ 291.800686][ T30] 1 lock held by syz-executor292/5263: [ 291.824872][ T30] #0: ffff8880783006c0 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: path_openat+0x7fb/0x3470 [ 291.864865][ T30] 1 lock held by syz-executor292/5256: [ 291.870373][ T30] 1 lock held by syz-executor292/5264: [ 291.894903][ T30] #0: ffff888078300180 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: path_openat+0x7fb/0x3470 [ 291.934919][ T30] 1 lock held by syz-executor292/5258: [ 291.940428][ T30] 1 lock held by syz-executor292/5265: [ 291.974899][ T30] #0: ffff8880783c06c0 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: path_openat+0x7fb/0x3470 [ 292.014900][ T30] 1 lock held by syz-executor292/5259: [ 292.020410][ T30] 1 lock held by syz-executor292/5266: [ 292.054912][ T30] #0: ffff888078300c00 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: path_openat+0x7fb/0x3470 [ 292.084887][ T30] 2 locks held by syz-executor292/5260: [ 292.090474][ T30] 1 lock held by syz-executor292/5262: [ 292.124933][ T30] #0: ffff8880783c0180 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: path_openat+0x7fb/0x3470 [ 292.164882][ T30] [ 292.167255][ T30] ============================================= [ 292.167255][ T30] [ 292.215097][ T30] NMI backtrace for cpu 0 [ 292.219475][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 292.229994][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 292.240056][ T30] Call Trace: [ 292.243331][ T30] [ 292.246255][ T30] dump_stack_lvl+0x241/0x360 [ 292.250937][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.256128][ T30] ? __pfx__printk+0x10/0x10 [ 292.260708][ T30] ? vprintk_emit+0x667/0x7c0 [ 292.265378][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 292.270398][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 292.275337][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.280786][ T30] ? _printk+0xd5/0x120 [ 292.284935][ T30] ? __pfx__printk+0x10/0x10 [ 292.289514][ T30] ? __wake_up_klogd+0xcc/0x110 [ 292.294360][ T30] ? __pfx__printk+0x10/0x10 [ 292.298943][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 292.303965][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 292.309938][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 292.315947][ T30] watchdog+0xff4/0x1040 [ 292.320195][ T30] ? watchdog+0x1ea/0x1040 [ 292.324611][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.329296][ T30] kthread+0x2f0/0x390 [ 292.333365][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.338036][ T30] ? __pfx_kthread+0x10/0x10 [ 292.342622][ T30] ret_from_fork+0x4b/0x80 [ 292.347035][ T30] ? __pfx_kthread+0x10/0x10 [ 292.351641][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.356411][ T30] [ 292.359531][ T30] Sending NMI from CPU 0 to CPUs 1: [ 292.364772][ C1] NMI backtrace for cpu 1 [ 292.364784][ C1] CPU: 1 UID: 0 PID: 5259 Comm: syz-executor292 Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 292.364806][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 292.364815][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 292.364841][ C1] Code: 89 fb e8 23 00 00 00 48 8b 3d bc 26 75 0c 48 89 de 5b e9 53 75 58 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d6 03 00 65 8b 15 50 4a [ 292.364858][ C1] RSP: 0018:ffffc90003796ee0 EFLAGS: 00000246 [ 292.364873][ C1] RAX: ffffffff90106f08 RBX: ffffffff90106f0c RCX: ffff88807f0ebc00 [ 292.364885][ C1] RDX: 0000000000000000 RSI: ffffffff82086c46 RDI: ffffffff82086c88 [ 292.364896][ C1] RBP: ffffffff82086c88 R08: ffffffff81412c60 R09: ffffc900037970b0 [ 292.364907][ C1] R10: 0000000000000003 R11: ffffffff817f2f30 R12: ffffffff90106f08 [ 292.364918][ C1] R13: ffffffff90106f08 R14: ffffffff82086c46 R15: ffffffff90106f08 [ 292.364930][ C1] FS: 00007f4a1e81d6c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 292.364943][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 292.364954][ C1] CR2: 0000559ac1abfe30 CR3: 00000000287e6000 CR4: 00000000003506f0 [ 292.364967][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 292.364976][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 292.364986][ C1] Call Trace: [ 292.364992][ C1] [ 292.364998][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 292.365024][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 292.365047][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.365066][ C1] ? nmi_handle+0x2a/0x5a0 [ 292.365089][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 292.365108][ C1] ? nmi_handle+0x14f/0x5a0 [ 292.365122][ C1] ? nmi_handle+0x2a/0x5a0 [ 292.365137][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 292.365158][ C1] ? default_do_nmi+0x63/0x160 [ 292.365178][ C1] ? exc_nmi+0x123/0x1f0 [ 292.365198][ C1] ? end_repeat_nmi+0xf/0x53 [ 292.365217][ C1] ? __x64_sys_openat+0x246/0x2a0 [ 292.365234][ C1] ? __x64_sys_openat+0x288/0x2a0 [ 292.365251][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 292.365270][ C1] ? unwind_next_frame+0x510/0x2a00 [ 292.365294][ C1] ? __x64_sys_openat+0x246/0x2a0 [ 292.365310][ C1] ? __x64_sys_openat+0x288/0x2a0 [ 292.365326][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 292.365347][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 292.365368][ C1] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 292.365389][ C1] [ 292.365394][ C1] [ 292.365399][ C1] unwind_next_frame+0x531/0x2a00 [ 292.365423][ C1] ? __x64_sys_openat+0x246/0x2a0 [ 292.365441][ C1] ? __x64_sys_openat+0x247/0x2a0 [ 292.365457][ C1] ? __x64_sys_openat+0x247/0x2a0 [ 292.365474][ C1] ? __kernel_text_address+0xd/0x40 [ 292.365489][ C1] ? __x64_sys_openat+0x247/0x2a0 [ 292.365506][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 292.365525][ C1] arch_stack_walk+0x151/0x1b0 [ 292.365543][ C1] ? __x64_sys_openat+0x247/0x2a0 [ 292.365563][ C1] stack_trace_save+0x118/0x1d0 [ 292.365582][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 292.365607][ C1] kasan_save_track+0x3f/0x80 [ 292.365623][ C1] ? kasan_save_track+0x3f/0x80 [ 292.365637][ C1] ? __kasan_slab_alloc+0x66/0x80 [ 292.365653][ C1] ? kmem_cache_alloc_noprof+0x135/0x2a0 [ 292.365673][ C1] ? alloc_buffer_head+0x2a/0x290 [ 292.365693][ C1] ? folio_alloc_buffers+0x241/0x5b0 [ 292.365712][ C1] ? create_empty_buffers+0x3a/0x740 [ 292.365733][ C1] ? block_read_full_folio+0x25c/0xcd0 [ 292.365754][ C1] ? filemap_read_folio+0x1a0/0x790 [ 292.365775][ C1] ? do_read_cache_folio+0x134/0x820 [ 292.365797][ C1] ? do_read_cache_page+0x30/0x200 [ 292.365818][ C1] ? sysv_find_entry+0x1af/0x410 [ 292.365839][ C1] ? sysv_inode_by_name+0x98/0x1f0 [ 292.365853][ C1] ? sysv_lookup+0x6b/0xe0 [ 292.365865][ C1] ? path_openat+0x11cc/0x3470 [ 292.365884][ C1] ? do_filp_open+0x235/0x490 [ 292.365902][ C1] ? do_sys_openat2+0x13e/0x1d0 [ 292.365918][ C1] ? __x64_sys_openat+0x247/0x2a0 [ 292.365953][ C1] __kasan_slab_alloc+0x66/0x80 [ 292.365970][ C1] ? alloc_buffer_head+0x2a/0x290 [ 292.365990][ C1] kmem_cache_alloc_noprof+0x135/0x2a0 [ 292.366013][ C1] alloc_buffer_head+0x2a/0x290 [ 292.366036][ C1] ? folio_alloc_buffers+0x34c/0x5b0 [ 292.366058][ C1] folio_alloc_buffers+0x241/0x5b0 [ 292.366082][ C1] create_empty_buffers+0x3a/0x740 [ 292.366108][ C1] block_read_full_folio+0x25c/0xcd0 [ 292.366135][ C1] ? __pfx_get_block+0x10/0x10 [ 292.366156][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 292.366181][ C1] ? __pfx_lru_add_fn+0x10/0x10 [ 292.366204][ C1] ? folio_add_lru+0x4b3/0x9e0 [ 292.366224][ C1] ? folio_add_lru+0x27b/0x9e0 [ 292.366246][ C1] filemap_read_folio+0x1a0/0x790 [ 292.366268][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.366290][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 292.366312][ C1] ? __filemap_get_folio+0x984/0xc10 [ 292.366337][ C1] do_read_cache_folio+0x134/0x820 [ 292.366359][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.366383][ C1] do_read_cache_page+0x30/0x200 [ 292.366406][ C1] sysv_find_entry+0x1af/0x410 [ 292.366436][ C1] sysv_inode_by_name+0x98/0x1f0 [ 292.366450][ C1] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 292.366470][ C1] sysv_lookup+0x6b/0xe0 [ 292.366483][ C1] ? __pfx_sysv_lookup+0x10/0x10 [ 292.366497][ C1] path_openat+0x11cc/0x3470 [ 292.366532][ C1] ? __pfx_path_openat+0x10/0x10 [ 292.366561][ C1] do_filp_open+0x235/0x490 [ 292.366582][ C1] ? __pfx_do_filp_open+0x10/0x10 [ 292.366613][ C1] ? _raw_spin_unlock+0x28/0x50 [ 292.366634][ C1] ? alloc_fd+0x5a1/0x640 [ 292.366661][ C1] do_sys_openat2+0x13e/0x1d0 [ 292.366679][ C1] ? __pfx_do_sys_openat2+0x10/0x10 [ 292.366697][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 292.366712][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 292.366733][ C1] ? ptrace_notify+0x279/0x380 [ 292.366752][ C1] __x64_sys_openat+0x247/0x2a0 [ 292.366771][ C1] ? __pfx___x64_sys_openat+0x10/0x10 [ 292.366790][ C1] ? do_syscall_64+0x100/0x230 [ 292.366811][ C1] do_syscall_64+0xf3/0x230 [ 292.366827][ C1] ? clear_bhb_loop+0x35/0x90 [ 292.366847][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.366865][ C1] RIP: 0033:0x7f4a1e867bc9 [ 292.366879][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 292.366891][ C1] RSP: 002b:00007f4a1e81d218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 292.366906][ C1] RAX: ffffffffffffffda RBX: 00007f4a1e8f96a8 RCX: 00007f4a1e867bc9 [ 292.366917][ C1] RDX: 0000000000000800 RSI: 0000000020000240 RDI: 00000000ffffff9c [ 292.366927][ C1] RBP: 00007f4a1e8f96a0 R08: 0000000000000000 R09: 0000000000000000 [ 292.366936][ C1] R10: 0000000000000039 R11: 0000000000000246 R12: 00007f4a1e8f96ac [ 292.366946][ C1] R13: 00007f4a1e8bc0c0 R14: 0031656c69662f2e R15: 0030656c69662f2e [ 292.366965][ C1] [ 292.366972][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.204 msecs [ 292.824867][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 292.824887][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00183-gb831f83e40a2 #0 [ 292.824910][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 292.824920][ T30] Call Trace: [ 292.824927][ T30] [ 292.824935][ T30] dump_stack_lvl+0x241/0x360 [ 292.824962][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.824986][ T30] ? __pfx__printk+0x10/0x10 [ 292.825001][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 292.825030][ T30] ? vscnprintf+0x5d/0x90 [ 292.825052][ T30] panic+0x349/0x860 [ 292.825071][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.825094][ T30] ? __pfx_panic+0x10/0x10 [ 292.825108][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 292.825128][ T30] ? __irq_work_queue_local+0x137/0x410 [ 292.825151][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 292.825168][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.825188][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 292.825211][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 292.825235][ T30] watchdog+0x1033/0x1040 [ 292.825258][ T30] ? watchdog+0x1ea/0x1040 [ 292.825285][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.825306][ T30] kthread+0x2f0/0x390 [ 292.825330][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.825350][ T30] ? __pfx_kthread+0x10/0x10 [ 292.825373][ T30] ret_from_fork+0x4b/0x80 [ 292.825394][ T30] ? __pfx_kthread+0x10/0x10 [ 292.825416][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.825449][ T30] [ 292.827426][ T30] Kernel Offset: disabled [ 293.214476][ T30] Rebooting in 86400 seconds..