./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2963656484 <...> Warning: Permanently added '10.128.0.191' (ED25519) to the list of known hosts. execve("./syz-executor2963656484", ["./syz-executor2963656484"], 0x7ffe46e28dc0 /* 10 vars */) = 0 brk(NULL) = 0x5555566bd000 brk(0x5555566bdd40) = 0x5555566bdd40 arch_prctl(ARCH_SET_FS, 0x5555566bd3c0) = 0 set_tid_address(0x5555566bd690) = 294 set_robust_list(0x5555566bd6a0, 24) = 0 rseq(0x5555566bdce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2963656484", 4096) = 28 getrandom("\x08\xa4\xdf\x57\x74\x6b\xc1\xca", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555566bdd40 brk(0x5555566ded40) = 0x5555566ded40 brk(0x5555566df000) = 0x5555566df000 mprotect(0x7f5c0633e000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 294 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "294", 3) = 3 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566bd690) = 295 ./strace-static-x86_64: Process 295 attached [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] set_robust_list(0x5555566bd6a0, 24./strace-static-x86_64: Process 296 attached [pid 294] <... clone resumed>, child_tidptr=0x5555566bd690) = 296 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] set_robust_list(0x5555566bd6a0, 24 [pid 295] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 297 attached [pid 294] <... clone resumed>, child_tidptr=0x5555566bd690) = 297 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566bd690) = 298 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 298 attached [pid 297] set_robust_list(0x5555566bd6a0, 24 [pid 296] <... set_robust_list resumed>) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 299 attached [pid 294] <... clone resumed>, child_tidptr=0x5555566bd690) = 299 [pid 299] set_robust_list(0x5555566bd6a0, 24) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 298] set_robust_list(0x5555566bd6a0, 24 [pid 297] <... set_robust_list resumed>) = 0 [pid 296] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 295] <... openat resumed>) = 3 [pid 298] <... set_robust_list resumed>) = 0 [pid 296] <... openat resumed>) = 3 [pid 295] ioctl(3, LOOP_CLR_FD [pid 299] ioctl(3, LOOP_CLR_FD [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 297] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 296] ioctl(3, LOOP_CLR_FD [pid 295] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 299] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 298] <... openat resumed>) = 3 [pid 297] <... openat resumed>) = 3 [pid 296] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 295] close(3 [pid 299] close(3 [pid 298] ioctl(3, LOOP_CLR_FD [pid 297] ioctl(3, LOOP_CLR_FD [pid 296] close(3 [pid 295] <... close resumed>) = 0 [pid 299] <... close resumed>) = 0 [pid 298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 296] <... close resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] close(3 [pid 297] close(3 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] <... close resumed>) = 0 [pid 297] <... close resumed>) = 0 [pid 295] <... clone resumed>, child_tidptr=0x5555566bd690) = 302 [pid 299] <... clone resumed>, child_tidptr=0x5555566bd690) = 303 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] <... clone resumed>, child_tidptr=0x5555566bd690) = 304 [pid 298] <... clone resumed>, child_tidptr=0x5555566bd690) = 306 [pid 297] <... clone resumed>, child_tidptr=0x5555566bd690) = 305 ./strace-static-x86_64: Process 306 attached [pid 306] set_robust_list(0x5555566bd6a0, 24) = 0 [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 306] setpgid(0, 0) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 306] write(3, "1000", 4) = 4 [pid 306] close(3) = 0 [pid 306] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 306] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, NULL, 8) = 0 ./strace-static-x86_64: Process 302 attached [pid 306] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 306] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5c06258000 ./strace-static-x86_64: Process 303 attached ./strace-static-x86_64: Process 305 attached [pid 302] set_robust_list(0x5555566bd6a0, 24 [pid 305] set_robust_list(0x5555566bd6a0, 24 [pid 303] set_robust_list(0x5555566bd6a0, 24 [pid 302] <... set_robust_list resumed>) = 0 [pid 305] <... set_robust_list resumed>) = 0 [pid 303] <... set_robust_list resumed>) = 0 [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 302] <... prctl resumed>) = 0 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 306] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 306] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 306] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} => {parent_tid=[307]}, 88) = 307 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 304 attached [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 304] set_robust_list(0x5555566bd6a0, 24) = 0 [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 304] setpgid(0, 0) = 0 [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 20.495492][ T28] audit: type=1400 audit(1714490921.045:66): avc: denied { execmem } for pid=294 comm="syz-executor296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 20.508513][ T28] audit: type=1400 audit(1714490921.065:67): avc: denied { read write } for pid=299 comm="syz-executor296" name="loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.513065][ T28] audit: type=1400 audit(1714490921.065:68): avc: denied { open } for pid=295 comm="syz-executor296" path="/dev/loop0" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 304] write(3, "1000", 4) = 4 [pid 304] close(3) = 0 [pid 304] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 304] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, NULL, 8) = 0 [pid 304] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 304] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5c06258000 [pid 304] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 304] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 304] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} => {parent_tid=[308]}, 88) = 308 [pid 304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 307 attached [pid 307] set_robust_list(0x7f5c062789a0, 24) = 0 [pid 307] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 307] memfd_create("syzkaller", 0) = 3 [pid 307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bfde58000 [pid 307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 303] <... prctl resumed>) = 0 [pid 302] setpgid(0, 0 [pid 305] <... prctl resumed>) = 0 [pid 303] setpgid(0, 0 [pid 302] <... setpgid resumed>) = 0 [pid 303] <... setpgid resumed>) = 0 [pid 305] setpgid(0, 0) = 0 [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 303] <... openat resumed>) = 3 [pid 302] <... openat resumed>) = 3 [pid 303] write(3, "1000", 4 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 303] <... write resumed>) = 4 [pid 302] write(3, "1000", 4 [pid 303] close(3 [pid 305] <... openat resumed>) = 3 [pid 302] <... write resumed>) = 4 [pid 305] write(3, "1000", 4 [pid 303] <... close resumed>) = 0 [pid 302] close(3 [pid 305] <... write resumed>) = 4 [pid 303] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] <... close resumed>) = 0 [pid 305] close(3 [pid 303] <... futex resumed>) = 0 [pid 302] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 308 attached [pid 305] <... close resumed>) = 0 [pid 303] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, [pid 302] <... futex resumed>) = 0 [pid 308] set_robust_list(0x7f5c062789a0, 24 [pid 305] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... rt_sigaction resumed>NULL, 8) = 0 [pid 302] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, [pid 308] <... set_robust_list resumed>) = 0 [pid 305] <... futex resumed>) = 0 [pid 303] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 302] <... rt_sigaction resumed>NULL, 8) = 0 [pid 308] rt_sigprocmask(SIG_SETMASK, [], [pid 305] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, [pid 303] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 302] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 308] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] <... rt_sigaction resumed>NULL, 8) = 0 [pid 303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 308] memfd_create("syzkaller", 0 [pid 305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 303] <... mmap resumed>) = 0x7f5c06258000 [pid 302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 308] <... memfd_create resumed>) = 3 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 303] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE [pid 308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 302] <... mmap resumed>) = 0x7f5c06258000 [pid 305] <... mmap resumed>) = 0x7f5c06258000 [pid 303] <... mprotect resumed>) = 0 [pid 302] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE [pid 305] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE [pid 303] rt_sigprocmask(SIG_BLOCK, ~[], [pid 302] <... mprotect resumed>) = 0 [pid 308] <... mmap resumed>) = 0x7f5bfde58000 [pid 305] <... mprotect resumed>) = 0 [pid 303] <... rt_sigprocmask resumed>[], 8) = 0 [pid 303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} [pid 302] rt_sigprocmask(SIG_BLOCK, ~[], [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 303] <... clone3 resumed> => {parent_tid=[309]}, 88) = 309 [pid 302] <... rt_sigprocmask resumed>[], 8) = 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} [pid 303] rt_sigprocmask(SIG_SETMASK, [], [pid 302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} [pid 303] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] <... clone3 resumed> => {parent_tid=[310]}, 88) = 310 [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] <... clone3 resumed> => {parent_tid=[311]}, 88) = 311 [pid 305] rt_sigprocmask(SIG_SETMASK, [], [pid 303] <... futex resumed>) = 0 [pid 302] rt_sigprocmask(SIG_SETMASK, [], [pid 305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 305] <... futex resumed>) = 0 [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... write resumed>) = 1048576 ./strace-static-x86_64: Process 311 attached [pid 311] set_robust_list(0x7f5c062789a0, 24) = 0 [pid 307] munmap(0x7f5bfde58000, 138412032 [pid 308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 311] rt_sigprocmask(SIG_SETMASK, [], [pid 307] <... munmap resumed>) = 0 [pid 311] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] memfd_create("syzkaller", 0) = 3 [pid 311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bfde58000 [pid 307] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 ./strace-static-x86_64: Process 309 attached [pid 307] ioctl(4, LOOP_SET_FD, 3 [pid 309] set_robust_list(0x7f5c062789a0, 24./strace-static-x86_64: Process 310 attached [pid 308] <... write resumed>) = 1048576 [pid 310] set_robust_list(0x7f5c062789a0, 24 [pid 308] munmap(0x7f5bfde58000, 138412032 [pid 310] <... set_robust_list resumed>) = 0 [pid 308] <... munmap resumed>) = 0 [pid 310] rt_sigprocmask(SIG_SETMASK, [], [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 310] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 309] <... set_robust_list resumed>) = 0 [pid 308] <... openat resumed>) = 4 [pid 307] <... ioctl resumed>) = 0 [pid 310] memfd_create("syzkaller", 0) = 3 [ 20.540126][ T28] audit: type=1400 audit(1714490921.065:69): avc: denied { ioctl } for pid=295 comm="syz-executor296" path="/dev/loop0" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.582788][ T307] loop3: detected capacity change from 0 to 2048 [pid 310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bfde58000 [pid 311] <... write resumed>) = 1048576 [pid 309] rt_sigprocmask(SIG_SETMASK, [], [pid 308] ioctl(4, LOOP_SET_FD, 3 [pid 307] close(3 [pid 311] munmap(0x7f5bfde58000, 138412032 [pid 310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 309] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 311] <... munmap resumed>) = 0 [pid 309] memfd_create("syzkaller", 0 [pid 308] <... ioctl resumed>) = 0 [pid 307] <... close resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 309] <... memfd_create resumed>) = 3 [pid 311] <... openat resumed>) = 4 [pid 309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 311] ioctl(4, LOOP_SET_FD, 3 [pid 309] <... mmap resumed>) = 0x7f5bfde58000 [pid 310] <... write resumed>) = 1048576 [pid 308] close(3 [pid 307] close(4) = 0 [pid 307] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [pid 310] munmap(0x7f5bfde58000, 138412032) = 0 [pid 308] <... close resumed>) = 0 [pid 308] close(4) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 308] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [pid 310] <... openat resumed>) = 4 [pid 308] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 307] <... mkdir resumed>) = 0 [pid 310] ioctl(4, LOOP_SET_FD, 3 [pid 308] mount("/dev/loop1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [ 20.594496][ T308] loop1: detected capacity change from 0 to 2048 [ 20.602058][ T311] loop0: detected capacity change from 0 to 2048 [ 20.610038][ T310] loop2: detected capacity change from 0 to 2048 [pid 307] mount("/dev/loop3", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 310] <... ioctl resumed>) = 0 [pid 310] close(3) = 0 [pid 310] close(4) = 0 [pid 310] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777) = -1 EEXIST (File exists) [pid 310] mount("/dev/loop2", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 311] <... ioctl resumed>) = 0 [pid 311] close(3) = 0 [pid 311] close(4) = 0 [pid 311] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777) = -1 EEXIST (File exists) [pid 311] mount("/dev/loop0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 309] <... write resumed>) = 1048576 [pid 309] munmap(0x7f5bfde58000, 138412032) = 0 [ 20.616923][ T28] audit: type=1400 audit(1714490921.165:70): avc: denied { mounton } for pid=304 comm="syz-executor296" path="/root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 20.680344][ T310] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [pid 309] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 310] <... mount resumed>) = 0 [pid 309] <... openat resumed>) = 4 [pid 308] <... mount resumed>) = 0 [pid 307] <... mount resumed>) = 0 [pid 310] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY [pid 309] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 309] close(3) = 0 [pid 309] close(4) = 0 [pid 309] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777) = -1 EEXIST (File exists) [pid 309] mount("/dev/loop4", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 311] <... mount resumed>) = 0 [pid 311] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY [pid 310] <... openat resumed>) = 3 [pid 307] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY [pid 310] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 311] <... openat resumed>) = 3 [pid 308] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY [pid 310] <... chdir resumed>) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 307] <... openat resumed>) = 3 [pid 310] ioctl(4, LOOP_CLR_FD) = 0 [pid 307] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [ 20.680725][ T307] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 20.689247][ T308] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 20.698230][ T311] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 20.710189][ T309] loop4: detected capacity change from 0 to 2048 [ 20.713472][ T28] audit: type=1400 audit(1714490921.255:71): avc: denied { mount } for pid=305 comm="syz-executor296" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [pid 310] close(4 [pid 311] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 310] <... close resumed>) = 0 [pid 308] <... openat resumed>) = 3 [pid 307] <... chdir resumed>) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 307] ioctl(4, LOOP_CLR_FD) = 0 [pid 307] close(4) = 0 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 307] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 311] <... chdir resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 311] ioctl(4, LOOP_CLR_FD) = 0 [pid 311] close(4) = 0 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] chdir("./file0" [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... chdir resumed>) = 0 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] memfd_create("syzkaller", 0 [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... memfd_create resumed>) = 4 [pid 302] <... futex resumed>) = 0 [pid 311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 311] <... mmap resumed>) = 0x7f5bfde58000 [pid 311] write(4, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536) = 65536 [pid 311] munmap(0x7f5bfde58000, 138412032 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 311] <... munmap resumed>) = 0 [pid 311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 311] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 311] ioctl(5, LOOP_CLR_FD) = 0 [pid 306] <... futex resumed>) = 0 [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = 1 [pid 307] chdir("./file0" [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... chdir resumed>) = 0 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] <... futex resumed>) = 0 [pid 307] memfd_create("syzkaller", 0 [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... memfd_create resumed>) = 4 [pid 306] <... futex resumed>) = 0 [pid 307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... mmap resumed>) = 0x7f5bfde58000 [pid 307] write(4, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536) = 65536 [pid 307] munmap(0x7f5bfde58000, 138412032) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 307] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 307] ioctl(5, LOOP_CLR_FD) = 0 [pid 311] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 308] <... chdir resumed>) = 0 [pid 310] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 310] chdir("./file0" [pid 308] <... openat resumed>) = 4 [pid 310] <... chdir resumed>) = 0 [pid 308] ioctl(4, LOOP_CLR_FD [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... ioctl resumed>) = 0 [pid 310] <... futex resumed>) = 0 [pid 308] close(4 [pid 310] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] <... close resumed>) = 0 [pid 305] <... futex resumed>) = 0 [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] <... futex resumed>) = 0 [pid 308] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 304] <... futex resumed>) = 0 [pid 308] chdir("./file0" [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... chdir resumed>) = 0 [pid 307] ioctl(5, LOOP_SET_FD, 4 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... futex resumed>) = 0 [pid 308] <... futex resumed>) = 1 [pid 307] close(5 [pid 305] <... futex resumed>) = 1 [pid 304] <... futex resumed>) = 0 [pid 310] memfd_create("syzkaller", 0 [pid 308] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 307] <... close resumed>) = 0 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... memfd_create resumed>) = 4 [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 307] close(4 [pid 304] <... futex resumed>) = 0 [pid 310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 308] memfd_create("syzkaller", 0 [pid 307] <... close resumed>) = 0 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 310] <... mmap resumed>) = 0x7f5bfde58000 [pid 308] <... memfd_create resumed>) = 4 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] <... futex resumed>) = 0 [pid 307] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] write(4, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536 [pid 308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 307] <... open resumed>) = 4 [pid 306] <... futex resumed>) = 0 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... write resumed>) = 65536 [pid 308] <... mmap resumed>) = 0x7f5bfde58000 [pid 307] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] munmap(0x7f5bfde58000, 138412032 [pid 307] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] write(4, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536 [pid 307] <... mount resumed>) = 0 [pid 306] <... futex resumed>) = 0 [pid 310] <... munmap resumed>) = 0 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... write resumed>) = 65536 [pid 307] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 308] munmap(0x7f5bfde58000, 138412032 [pid 307] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... openat resumed>) = 5 [pid 308] <... munmap resumed>) = 0 [pid 307] <... open resumed>) = 5 [pid 306] <... futex resumed>) = 0 [pid 310] ioctl(5, LOOP_SET_FD, 4 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 308] <... openat resumed>) = 5 [pid 307] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] ioctl(5, LOOP_CLR_FD [pid 308] ioctl(5, LOOP_SET_FD, 4 [pid 307] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... ioctl resumed>) = 0 [pid 308] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] <... futex resumed>) = 0 [pid 308] ioctl(5, LOOP_CLR_FD [pid 307] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... ioctl resumed>) = 0 [pid 307] <... openat resumed>) = 6 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] <... futex resumed>) = 0 [pid 310] ioctl(5, LOOP_SET_FD, 4 [pid 307] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] <... futex resumed>) = 0 [pid 310] close(5 [pid 307] read(5, [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... close resumed>) = 0 [pid 307] <... read resumed>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 8224 [pid 310] close(4 [pid 308] ioctl(5, LOOP_SET_FD, 4 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... close resumed>) = 0 [pid 307] <... futex resumed>) = 1 [pid 306] <... futex resumed>) = 0 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 307] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 306] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] close(5 [pid 310] <... futex resumed>) = 1 [pid 308] close(5 [pid 307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 310] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] <... close resumed>) = 0 [pid 307] write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x66\x61\x74\x00\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"..., 34136651 [pid 306] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] close(4 [pid 310] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 308] close(4 [pid 305] <... futex resumed>) = 0 [pid 311] <... close resumed>) = 0 [pid 310] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... open resumed>) = 4 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... mount resumed>) = 0 [pid 310] <... open resumed>) = 4 [pid 308] <... close resumed>) = 0 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... futex resumed>) = 0 [pid 310] <... futex resumed>) = 1 [pid 308] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 311] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 310] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = 0 [pid 311] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 310] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL [pid 308] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... open resumed>) = 5 [pid 310] <... mount resumed>) = 0 [pid 308] <... open resumed>) = 4 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... futex resumed>) = 1 [pid 304] <... futex resumed>) = 0 [pid 311] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 20.746576][ T28] audit: type=1400 audit(1714490921.285:72): avc: denied { mounton } for pid=303 comm="syz-executor296" path="/root/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [pid 302] <... futex resumed>) = 0 [pid 311] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... openat resumed>) = 6 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] <... futex resumed>) = 0 [pid 311] read(5, [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 311] <... read resumed>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 8224 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] <... futex resumed>) = 0 [pid 311] write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x66\x61\x74\x00\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"..., 34136651 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... futex resumed>) = 1 [pid 309] <... mount resumed>) = 0 [pid 308] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL [pid 305] <... futex resumed>) = 0 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5 [ 20.821233][ T309] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 20.827056][ T319] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 289: padding at end of block bitmap is not set [ 20.838927][ T28] audit: type=1400 audit(1714490921.355:73): avc: denied { write } for pid=306 comm="syz-executor296" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 310] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 311] <... write resumed>) = 1040352 [pid 309] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY [pid 308] <... mount resumed>) = 0 [pid 306] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 305] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = 0 [pid 306] futex(0x7f5c0634461c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 0 [pid 306] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5c06237000 [pid 306] mprotect(0x7f5c06238000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 306] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 306] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06257990, parent_tid=0x7f5c06257990, exit_signal=0, stack=0x7f5c06237000, stack_size=0x20300, tls=0x7f5c062576c0} => {parent_tid=[324]}, 88) = 324 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] futex(0x7f5c06344618, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 306] futex(0x7f5c0634461c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 324 attached [pid 324] set_robust_list(0x7f5c062579a0, 24) = 0 [pid 324] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 20.851610][ T310] EXT4-fs error (device loop0): ext4_xattr_ibody_get:603: inode #19: comm syz-executor296: corrupted in-inode xattr [ 20.876416][ T28] audit: type=1400 audit(1714490921.355:74): avc: denied { add_name } for pid=306 comm="syz-executor296" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 20.881746][ T324] EXT4-fs error (device loop0): ext4_check_all_de:655: inode #12: block 5: comm syz-executor296: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=124 fake=0 [pid 324] mkdir("./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [pid 311] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... openat resumed>) = 6 [pid 309] <... openat resumed>) = 3 [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 302] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... write resumed>) = 1040352 [pid 307] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 307] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 324] <... mkdir resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 324] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 307] <... futex resumed>) = ? [pid 307] +++ killed by SIGSEGV +++ [pid 306] <... futex resumed>) = ? [pid 324] +++ killed by SIGSEGV +++ [pid 306] +++ killed by SIGSEGV +++ [pid 311] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 311] mkdir("./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [pid 302] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=46000000} [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 308] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=306, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3} --- [pid 310] <... futex resumed>) = 0 [pid 309] <... chdir resumed>) = 0 [pid 308] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] read(5, [pid 309] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = 0 [pid 310] <... read resumed>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 8224 [pid 309] <... openat resumed>) = 4 [pid 308] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] ioctl(4, LOOP_CLR_FD [pid 308] <... open resumed>) = 5 [pid 310] <... futex resumed>) = 1 [pid 309] <... ioctl resumed>) = 0 [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 310] write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x66\x61\x74\x00\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"..., 34136651 [pid 309] close(4 [pid 308] <... futex resumed>) = 1 [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... futex resumed>) = 0 [pid 309] <... close resumed>) = 0 [pid 308] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 305] <... futex resumed>) = 0 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... openat resumed>) = 3 [pid 309] <... futex resumed>) = 1 [pid 298] ioctl(3, LOOP_CLR_FD [pid 309] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] <... futex resumed>) = 0 [pid 298] <... ioctl resumed>) = 0 [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] close(3 [pid 309] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 1 [pid 298] <... close resumed>) = 0 [pid 309] chdir("./file0" [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 311] <... mkdir resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 309] <... chdir resumed>) = 0 [pid 311] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 302] <... futex resumed>) = ? [pid 311] +++ killed by SIGSEGV +++ [pid 302] +++ killed by SIGSEGV +++ [ 20.900548][ T28] audit: type=1400 audit(1714490921.355:75): avc: denied { create } for pid=306 comm="syz-executor296" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 20.923503][ T311] EXT4-fs error (device loop0): ext4_check_all_de:655: inode #12: block 5: comm syz-executor296: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=124 fake=0 [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=302, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=10} --- [pid 295] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] ioctl(3, LOOP_CLR_FD [pid 309] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 298] <... clone resumed>, child_tidptr=0x5555566bd690) = 325 [pid 295] <... ioctl resumed>) = 0 [pid 309] memfd_create("syzkaller", 0 [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] close(3 [pid 309] <... memfd_create resumed>) = 4 [pid 303] <... futex resumed>) = 0 [pid 295] <... close resumed>) = 0 [pid 309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 309] <... mmap resumed>) = 0x7f5bfde58000 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 309] write(4, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536 [pid 295] <... clone resumed>, child_tidptr=0x5555566bd690) = 326 [pid 309] <... write resumed>) = 65536 [pid 309] munmap(0x7f5bfde58000, 138412032) = 0 [pid 309] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 309] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy) [pid 309] ioctl(5, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 325 attached [pid 325] set_robust_list(0x5555566bd6a0, 24 [pid 309] ioctl(5, LOOP_SET_FD, 4 [pid 325] <... set_robust_list resumed>) = 0 [pid 309] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 325] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 309] close(5 [pid 308] <... openat resumed>) = 6 [pid 325] <... prctl resumed>) = 0 [pid 325] setpgid(0, 0 [pid 309] <... close resumed>) = 0 [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] <... setpgid resumed>) = 0 [pid 309] close(4 [pid 304] <... futex resumed>) = 0 [pid 309] <... close resumed>) = 0 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 304] <... futex resumed>) = 0 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... futex resumed>) = 1 [pid 325] <... openat resumed>) = 3 [pid 309] <... futex resumed>) = 1 [pid 308] read(5, [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] <... futex resumed>) = 0 [pid 325] write(3, "1000", 4 [pid 309] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 308] <... read resumed>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 8224 [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] <... open resumed>) = 4 ./strace-static-x86_64: Process 326 attached [pid 326] set_robust_list(0x5555566bd6a0, 24) = 0 [pid 325] <... write resumed>) = 4 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] close(3 [pid 309] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 325] <... close resumed>) = 0 [pid 309] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] <... futex resumed>) = 0 [pid 325] <... futex resumed>) = 0 [pid 309] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 325] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, [pid 309] <... mount resumed>) = 0 [pid 325] <... rt_sigaction resumed>NULL, 8) = 0 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 309] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 325] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 309] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] <... mmap resumed>) = 0x7f5c06258000 [pid 309] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] <... futex resumed>) = 0 [pid 325] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE [pid 309] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 325] <... mprotect resumed>) = 0 [pid 309] <... open resumed>) = 5 [pid 308] <... futex resumed>) = 1 [pid 304] <... futex resumed>) = 0 [pid 325] rt_sigprocmask(SIG_BLOCK, ~[], [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x66\x61\x74\x00\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"..., 34136651 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] <... rt_sigprocmask resumed>[], 8) = 0 [pid 309] <... futex resumed>) = 1 [pid 304] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 0 [pid 325] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} [pid 309] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] <... openat resumed>) = 6 [pid 325] <... clone3 resumed> => {parent_tid=[327]}, 88) = 327 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] rt_sigprocmask(SIG_SETMASK, [], [pid 309] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 325] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 309] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] <... futex resumed>) = 0 [pid 325] <... futex resumed>) = 0 [pid 309] read(5, [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 309] <... read resumed>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8224) = 8224 [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 309] write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x66\x61\x74\x00\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61"..., 34136651 [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... write resumed>) = 1040352 [pid 310] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 310] futex(0x7f5c06344608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 326] setpgid(0, 0) = 0 [pid 326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 326] write(3, "1000", 4) = 4 [pid 326] close(3) = 0 [pid 305] <... futex resumed>) = 0 [ 20.960537][ T308] EXT4-fs error (device loop0): ext4_xattr_ibody_get:603: inode #19: comm syz-executor296: corrupted in-inode xattr [pid 305] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... futex resumed>) = 0 [pid 310] mkdir("./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777./strace-static-x86_64: Process 327 attached [pid 326] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] set_robust_list(0x7f5c062789a0, 24) = 0 [pid 327] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 326] <... futex resumed>) = 0 [pid 327] memfd_create("syzkaller", 0 [pid 326] rt_sigaction(SIGRT_1, {sa_handler=0x7f5c062e9200, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5c062db040}, [pid 310] <... mkdir resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 327] <... memfd_create resumed>) = 3 [pid 326] <... rt_sigaction resumed>NULL, 8) = 0 [pid 310] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 326] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 327] <... mmap resumed>) = 0x7f5bfde58000 [pid 326] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 310] +++ killed by SIGSEGV +++ [pid 305] <... futex resumed>) = ? [pid 327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 308] <... write resumed>) = 1040352 [pid 305] +++ killed by SIGSEGV +++ [pid 308] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=305, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5} --- [pid 308] <... futex resumed>) = 1 [pid 304] <... futex resumed>) = 0 [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 308] mkdir("./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [ 20.997927][ T310] EXT4-fs error (device loop0): ext4_check_all_de:655: inode #12: block 5: comm syz-executor296: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=124 fake=0 [pid 304] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... write resumed>) = 1048576 [pid 326] <... mmap resumed>) = 0x7f5c06258000 [pid 309] <... write resumed>) = 1040352 [pid 304] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 297] <... restart_syscall resumed>) = 0 [pid 327] munmap(0x7f5bfde58000, 138412032 [pid 326] mprotect(0x7f5c06259000, 131072, PROT_READ|PROT_WRITE [pid 309] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... munmap resumed>) = 0 [pid 326] <... mprotect resumed>) = 0 [pid 309] <... futex resumed>) = 0 [pid 308] <... mkdir resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 303] <... futex resumed>) = 0 [pid 308] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 327] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 326] rt_sigprocmask(SIG_BLOCK, ~[], [pid 303] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 327] <... openat resumed>) = 4 [pid 326] <... rt_sigprocmask resumed>[], 8) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 327] ioctl(4, LOOP_SET_FD, 3 [pid 326] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5c06278990, parent_tid=0x7f5c06278990, exit_signal=0, stack=0x7f5c06258000, stack_size=0x20300, tls=0x7f5c062786c0} [pid 309] mkdir("./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 [pid 308] +++ killed by SIGSEGV +++ [pid 304] <... futex resumed>) = ? [pid 297] <... openat resumed>) = 3 [pid 327] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 326] <... clone3 resumed> => {parent_tid=[329]}, 88) = 329 [pid 326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 326] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 326] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 327] ioctl(4, LOOP_CLR_FD [pid 304] +++ killed by SIGSEGV +++ [pid 297] ioctl(3, LOOP_CLR_FD [pid 296] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=304, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8} --- [pid 296] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 296] ioctl(3, LOOP_CLR_FD) = 0 [pid 296] close(3) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555566bd690) = 330 ./strace-static-x86_64: Process 329 attached [pid 329] set_robust_list(0x7f5c062789a0, 24) = 0 [pid 329] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 329] memfd_create("syzkaller", 0) = 3 [pid 329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bfde58000 [pid 329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 [pid 329] munmap(0x7f5bfde58000, 138412032) = 0 [pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 329] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 329] ioctl(4, LOOP_CLR_FD) = 0 [pid 327] <... ioctl resumed>) = 0 [pid 297] <... ioctl resumed>) = 0 [ 21.033364][ T308] EXT4-fs error (device loop0): ext4_check_all_de:655: inode #12: block 5: comm syz-executor296: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=124 fake=0 [ 21.060671][ T309] ================================================================== [ 21.068566][ T309] BUG: KASAN: use-after-free in ext4_convert_inline_data_nolock+0x311/0xa70 [ 21.077069][ T309] Read of size 68 at addr ffff888122f650cf by task syz-executor296/309 [ 21.085143][ T309] [ 21.087309][ T309] CPU: 1 PID: 309 Comm: syz-executor296 Not tainted 6.1.75-syzkaller-00075-g6364d594125d #0 [pid 297] close(3) = 0 [pid 327] ioctl(4, LOOP_SET_FD, 3 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 327] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 327] close(4 [pid 297] <... clone resumed>, child_tidptr=0x5555566bd690) = 331 [pid 327] <... close resumed>) = 0 [pid 327] close(3) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 325] <... futex resumed>) = 0 [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 327] chdir("./file0") = -1 ENOENT (No such file or directory) [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] <... futex resumed>) = 0 [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 327] <... futex resumed>) = 1 [pid 327] memfd_create("syzkaller", 0) = 3 [pid 327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5bfde58000 [pid 327] write(3, "\xeb\x58\x90\x6d\x6b\x66\x73\x2e\x66\x61\x74\x00\x02\x08\x20\x00\x01\x00\x00\x00\x00\xf8\x00\x00\x10\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x01\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x29\x0b\xf3\xd9\x1d\x53\x59\x5a\x4b\x41\x4c\x4c\x45\x52\x20\x20\x46\x41\x54\x33\x32\x20\x20\x20\x0e\x1f\xbe\x77\x7c\x09\x00\x00\x00\x00"..., 65536) = 65536 [pid 327] munmap(0x7f5bfde58000, 138412032) = 0 [pid 327] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 327] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 327] ioctl(4, LOOP_CLR_FD) = 0 [pid 327] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 327] close(4) = 0 [pid 327] close(3) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 325] <... futex resumed>) = 0 [pid 327] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000 [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... open resumed>) = 3 [pid 325] <... futex resumed>) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 327] <... futex resumed>) = 0 [pid 325] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 327] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... mount resumed>) = 0 [pid 325] <... futex resumed>) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 327] <... futex resumed>) = 0 [pid 325] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 327] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... open resumed>) = 4 [pid 325] <... futex resumed>) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 327] <... futex resumed>) = 0 [pid 325] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 327] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 325] futex(0x7f5c06344608, FUTEX_WAKE_PRIVATE, 1000000 [pid 327] <... openat resumed>) = 5 [pid 325] <... futex resumed>) = 0 [pid 327] futex(0x7f5c0634460c, FUTEX_WAKE_PRIVATE, 1000000 [pid 325] futex(0x7f5c0634460c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}