./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor725180549 <...> Warning: Permanently added '10.128.10.5' (ED25519) to the list of known hosts. execve("./syz-executor725180549", ["./syz-executor725180549"], 0x7ffcad238380 /* 10 vars */) = 0 brk(NULL) = 0x555559ecc000 brk(0x555559eccd40) = 0x555559eccd40 arch_prctl(ARCH_SET_FS, 0x555559ecc3c0) = 0 set_tid_address(0x555559ecc690) = 5830 set_robust_list(0x555559ecc6a0, 24) = 0 rseq(0x555559eccce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor725180549", 4096) = 27 getrandom("\x73\x88\x2a\x13\xb9\xb6\x60\x0d", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555559eccd40 brk(0x555559eedd40) = 0x555559eedd40 brk(0x555559eee000) = 0x555559eee000 mprotect(0x7fb3043e4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached , child_tidptr=0x555559ecc690) = 5831 [pid 5831] set_robust_list(0x555559ecc6a0, 24 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... set_robust_list resumed>) = 0 [pid 5831] mkdir("./syzkaller.6capRN", 0700./strace-static-x86_64: Process 5832 attached [pid 5832] set_robust_list(0x555559ecc6a0, 24 [pid 5830] <... clone resumed>, child_tidptr=0x555559ecc690) = 5832 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5832] mkdir("./syzkaller.H9j54M", 0700 [pid 5831] <... mkdir resumed>) = 0 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5833 attached [pid 5832] <... mkdir resumed>) = 0 [pid 5831] chmod("./syzkaller.6capRN", 0777 [pid 5830] <... clone resumed>, child_tidptr=0x555559ecc690) = 5833 [pid 5833] set_robust_list(0x555559ecc6a0, 24) = 0 [pid 5831] <... chmod resumed>) = 0 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] chmod("./syzkaller.H9j54M", 0777 [pid 5831] chdir("./syzkaller.6capRN" [pid 5833] mkdir("./syzkaller.49xHWu", 0700 [pid 5831] <... chdir resumed>) = 0 [pid 5831] mkdir("./0", 0777./strace-static-x86_64: Process 5834 attached [pid 5830] <... clone resumed>, child_tidptr=0x555559ecc690) = 5834 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... chmod resumed>) = 0 [pid 5831] <... mkdir resumed>) = 0 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] set_robust_list(0x555559ecc6a0, 24 [pid 5833] chmod("./syzkaller.49xHWu", 0777 [pid 5832] chdir("./syzkaller.H9j54M" [pid 5834] <... set_robust_list resumed>) = 0 [pid 5832] <... chdir resumed>) = 0 [pid 5834] mkdir("./syzkaller.hBQ6FI", 0700./strace-static-x86_64: Process 5835 attached [pid 5830] <... clone resumed>, child_tidptr=0x555559ecc690) = 5835 [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... chmod resumed>) = 0 [pid 5832] mkdir("./0", 0777 [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5835] set_robust_list(0x555559ecc6a0, 24 [pid 5833] chdir("./syzkaller.49xHWu" [pid 5832] <... mkdir resumed>) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5835] <... set_robust_list resumed>) = 0 [pid 5835] mkdir("./syzkaller.DgfBaU", 0700 [pid 5834] chmod("./syzkaller.hBQ6FI", 0777 [pid 5833] <... chdir resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5831] ioctl(3, LOOP_CLR_FD [pid 5833] mkdir("./0", 0777 [pid 5834] <... chmod resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5831] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5835] <... mkdir resumed>) = 0 [pid 5834] chdir("./syzkaller.hBQ6FI" [pid 5833] <... mkdir resumed>) = 0 [pid 5832] ioctl(3, LOOP_CLR_FD [pid 5831] close(3 [pid 5835] chmod("./syzkaller.DgfBaU", 0777 [pid 5834] <... chdir resumed>) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5832] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5831] <... close resumed>) = 0 [pid 5835] <... chmod resumed>) = 0 [pid 5834] mkdir("./0", 0777 [pid 5833] <... openat resumed>) = 3 [pid 5831] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] chdir("./syzkaller.DgfBaU" [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5832] close(3 [pid 5835] <... chdir resumed>) = 0 [pid 5832] <... close resumed>) = 0 ./strace-static-x86_64: Process 5836 attached [pid 5835] mkdir("./0", 0777 [pid 5833] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5835] <... mkdir resumed>) = 0 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] close(3./strace-static-x86_64: Process 5837 attached [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5831] <... clone resumed>, child_tidptr=0x555559ecc690) = 5836 [pid 5836] set_robust_list(0x555559ecc6a0, 24 [pid 5837] set_robust_list(0x555559ecc6a0, 24 [pid 5835] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5834] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5838 attached [pid 5837] <... set_robust_list resumed>) = 0 [pid 5835] <... openat resumed>) = 3 [pid 5834] <... openat resumed>) = 3 [pid 5832] <... clone resumed>, child_tidptr=0x555559ecc690) = 5837 [pid 5836] chdir("./0" [pid 5834] ioctl(3, LOOP_CLR_FD [pid 5837] chdir("./0" [pid 5836] <... chdir resumed>) = 0 [pid 5835] ioctl(3, LOOP_CLR_FD [pid 5834] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5838] set_robust_list(0x555559ecc6a0, 24 [pid 5837] <... chdir resumed>) = 0 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5835] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5834] close(3 [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... prctl resumed>) = 0 [pid 5835] close(3 [pid 5833] <... clone resumed>, child_tidptr=0x555559ecc690) = 5838 [pid 5834] <... close resumed>) = 0 [pid 5836] setpgid(0, 0 [pid 5838] chdir("./0" [pid 5837] <... prctl resumed>) = 0 [pid 5836] <... setpgid resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5838] <... chdir resumed>) = 0 [pid 5837] setpgid(0, 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5839 attached [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5837] <... setpgid resumed>) = 0 [pid 5836] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5840 attached [pid 5836] write(3, "1000", 4 [pid 5839] set_robust_list(0x555559ecc6a0, 24 [pid 5836] <... write resumed>) = 4 [pid 5840] set_robust_list(0x555559ecc6a0, 24 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5838] <... prctl resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5836] close(3 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5838] setpgid(0, 0 [pid 5836] <... close resumed>) = 0 [pid 5839] chdir("./0" [pid 5837] <... openat resumed>) = 3 [pid 5835] <... clone resumed>, child_tidptr=0x555559ecc690) = 5840 [pid 5836] symlink("/dev/binderfs", "./binderfs" [pid 5834] <... clone resumed>, child_tidptr=0x555559ecc690) = 5839 [pid 5840] chdir("./0" [pid 5839] <... chdir resumed>) = 0 [pid 5838] <... setpgid resumed>) = 0 [pid 5837] write(3, "1000", 4 [pid 5840] <... chdir resumed>) = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] <... write resumed>) = 4 [pid 5836] <... symlink resumed>) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... prctl resumed>) = 0 [pid 5837] close(3 [pid 5840] <... prctl resumed>) = 0 [pid 5839] setpgid(0, 0 [pid 5838] <... openat resumed>) = 3 [pid 5837] <... close resumed>) = 0 [pid 5836] write(1, "executing program\n", 18executing program [pid 5840] setpgid(0, 0 [pid 5839] <... setpgid resumed>) = 0 [pid 5838] write(3, "1000", 4 [pid 5837] symlink("/dev/binderfs", "./binderfs" [pid 5836] <... write resumed>) = 18 [pid 5840] <... setpgid resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] <... symlink resumed>) = 0 [pid 5839] <... openat resumed>) = 3 executing program [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] write(1, "executing program\n", 18 [pid 5839] write(3, "1000", 4 [pid 5838] <... write resumed>) = 4 [pid 5837] <... write resumed>) = 18 [pid 5836] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... openat resumed>) = 3 [pid 5839] <... write resumed>) = 4 [pid 5838] close(3 [pid 5837] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 0 [pid 5840] write(3, "1000", 4 [pid 5839] close(3 [pid 5838] <... close resumed>) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5836] rt_sigaction(SIGRT_1, {sa_handler=0x7fb30437f020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fb3043701d0}, [pid 5840] <... write resumed>) = 4 [pid 5839] <... close resumed>) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5837] rt_sigaction(SIGRT_1, {sa_handler=0x7fb30437f020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fb3043701d0}, [pid 5836] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5840] close(3 [pid 5839] symlink("/dev/binderfs", "./binderfs" [pid 5836] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5837] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] <... symlink resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 executing program [pid 5840] <... close resumed>) = 0 [pid 5839] write(1, "executing program\n", 18 [pid 5838] <... symlink resumed>) = 0 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] <... mmap resumed>) = 0x7fb3042ef000 [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5839] <... write resumed>) = 18 [pid 5838] write(1, "executing program\n", 18 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5836] mprotect(0x7fb3042f0000, 131072, PROT_READ|PROT_WRITEexecuting program executing program [pid 5840] <... symlink resumed>) = 0 [pid 5839] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... write resumed>) = 18 [pid 5837] <... mmap resumed>) = 0x7fb3042ef000 [pid 5836] <... mprotect resumed>) = 0 [pid 5840] write(1, "executing program\n", 18 [pid 5839] <... futex resumed>) = 0 [pid 5838] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] mprotect(0x7fb3042f0000, 131072, PROT_READ|PROT_WRITE [pid 5840] <... write resumed>) = 18 [pid 5839] rt_sigaction(SIGRT_1, {sa_handler=0x7fb30437f020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fb3043701d0}, [pid 5838] <... futex resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5840] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5838] rt_sigaction(SIGRT_1, {sa_handler=0x7fb30437f020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fb3043701d0}, [pid 5837] <... mprotect resumed>) = 0 [pid 5836] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5840] <... futex resumed>) = 0 [pid 5839] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5838] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5840] rt_sigaction(SIGRT_1, {sa_handler=0x7fb30437f020, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fb3043701d0}, [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb30430f990, parent_tid=0x7fb30430f990, exit_signal=0, stack=0x7fb3042ef000, stack_size=0x20300, tls=0x7fb30430f6c0} [pid 5840] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5839] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5842 attached [pid 5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5839] <... mmap resumed>) = 0x7fb3042ef000 [pid 5838] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5842] rseq(0x7fb30430ffe0, 0x20, 0, 0x53053053 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] mprotect(0x7fb3042f0000, 131072, PROT_READ|PROT_WRITE [pid 5838] <... mmap resumed>) = 0x7fb3042ef000 [pid 5837] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5836] <... clone3 resumed> => {parent_tid=[5842]}, 88) = 5842 [pid 5842] <... rseq resumed>) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5839] <... mprotect resumed>) = 0 [pid 5838] mprotect(0x7fb3042f0000, 131072, PROT_READ|PROT_WRITE [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb30430f990, parent_tid=0x7fb30430f990, exit_signal=0, stack=0x7fb3042ef000, stack_size=0x20300, tls=0x7fb30430f6c0} [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] set_robust_list(0x7fb30430f9a0, 24 [pid 5840] <... mmap resumed>) = 0x7fb3042ef000 [pid 5838] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 5843 attached [pid 5842] <... set_robust_list resumed>) = 0 [pid 5840] mprotect(0x7fb3042f0000, 131072, PROT_READ|PROT_WRITE [pid 5838] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5843] rseq(0x7fb30430ffe0, 0x20, 0, 0x53053053 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... mprotect resumed>) = 0 [pid 5839] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5838] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5837] <... clone3 resumed> => {parent_tid=[5843]}, 88) = 5843 [pid 5836] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... rseq resumed>) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb30430f990, parent_tid=0x7fb30430f990, exit_signal=0, stack=0x7fb3042ef000, stack_size=0x20300, tls=0x7fb30430f6c0} [pid 5838] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb30430f990, parent_tid=0x7fb30430f990, exit_signal=0, stack=0x7fb3042ef000, stack_size=0x20300, tls=0x7fb30430f6c0} [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5836] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5844 attached ./strace-static-x86_64: Process 5845 attached [pid 5843] set_robust_list(0x7fb30430f9a0, 24 [pid 5842] memfd_create("syzkaller", 0 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5840] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5839] <... clone3 resumed> => {parent_tid=[5844]}, 88) = 5844 [pid 5845] rseq(0x7fb30430ffe0, 0x20, 0, 0x53053053 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb30430f990, parent_tid=0x7fb30430f990, exit_signal=0, stack=0x7fb3042ef000, stack_size=0x20300, tls=0x7fb30430f6c0} [pid 5839] rt_sigprocmask(SIG_SETMASK, [], [pid 5838] <... clone3 resumed> => {parent_tid=[5845]}, 88) = 5845 [pid 5837] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... memfd_create resumed>) = 3 [pid 5845] <... rseq resumed>) = 0 [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], [pid 5837] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5846 attached [pid 5845] set_robust_list(0x7fb30430f9a0, 24 [pid 5844] rseq(0x7fb30430ffe0, 0x20, 0, 0x53053053 [pid 5843] memfd_create("syzkaller", 0 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5839] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5846] rseq(0x7fb30430ffe0, 0x20, 0, 0x53053053 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] <... rseq resumed>) = 0 [pid 5842] <... mmap resumed>) = 0x7fb2fbe00000 [pid 5843] <... memfd_create resumed>) = 3 [pid 5840] <... clone3 resumed> => {parent_tid=[5846]}, 88) = 5846 [pid 5839] <... futex resumed>) = 0 [pid 5838] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... rseq resumed>) = 0 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] set_robust_list(0x7fb30430f9a0, 24 [pid 5846] set_robust_list(0x7fb30430f9a0, 24 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5846] <... set_robust_list resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5842] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5839] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5838] <... futex resumed>) = 0 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] memfd_create("syzkaller", 0 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... memfd_create resumed>) = 3 [pid 5844] memfd_create("syzkaller", 0 [pid 5843] <... mmap resumed>) = 0x7fb2fbe00000 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5846] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] <... memfd_create resumed>) = 3 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5840] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... mmap resumed>) = 0x7fb2fbe00000 [pid 5846] <... futex resumed>) = 0 [pid 5845] <... mmap resumed>) = 0x7fb2fbe00000 [pid 5840] <... futex resumed>) = 1 [pid 5846] memfd_create("syzkaller", 0 [pid 5844] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5842] <... write resumed>) = 65536 [pid 5840] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5846] <... memfd_create resumed>) = 3 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5843] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5846] <... mmap resumed>) = 0x7fb2fbe00000 [pid 5846] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5845] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5843] <... write resumed>) = 65536 [pid 5842] munmap(0x7fb2fbe00000, 138412032 [pid 5844] <... write resumed>) = 65536 [pid 5844] munmap(0x7fb2fbe00000, 138412032) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5843] munmap(0x7fb2fbe00000, 138412032 [pid 5842] <... munmap resumed>) = 0 [pid 5844] ioctl(4, LOOP_SET_FD, 3 [pid 5845] <... write resumed>) = 65536 [pid 5843] <... munmap resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5846] <... write resumed>) = 65536 [pid 5846] munmap(0x7fb2fbe00000, 138412032) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5842] <... openat resumed>) = 4 [pid 5843] <... openat resumed>) = 4 [pid 5842] ioctl(4, LOOP_SET_FD, 3 [pid 5846] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5846] ioctl(4, LOOP_SET_FD, 3 [pid 5844] <... ioctl resumed>) = 0 [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5845] munmap(0x7fb2fbe00000, 138412032 [pid 5844] close(3) = 0 [pid 5845] <... munmap resumed>) = 0 [pid 5844] close(4) = 0 [pid 5844] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5844] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5846] <... ioctl resumed>) = 0 [pid 5845] <... openat resumed>) = 4 [ 73.468246][ T5844] loop3: detected capacity change from 0 to 128 [ 73.485845][ T5846] loop4: detected capacity change from 0 to 128 [ 73.490257][ T5842] loop0: detected capacity change from 0 to 128 [pid 5846] close(3) = 0 [pid 5845] ioctl(4, LOOP_SET_FD, 3 [pid 5842] <... ioctl resumed>) = 0 [pid 5846] close(4 [pid 5844] <... mount resumed>) = 0 [pid 5844] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5844] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5844] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5844] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] close(3 [pid 5846] <... close resumed>) = 0 [pid 5839] <... futex resumed>) = 0 [pid 5846] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5843] <... ioctl resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5846] <... mkdir resumed>) = 0 [pid 5843] close(3 [pid 5842] close(4 [pid 5839] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5845] <... ioctl resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5839] <... futex resumed>) = 1 [pid 5845] close(3 [pid 5843] close(4 [pid 5842] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5845] <... close resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5839] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5846] <... mount resumed>) = 0 [pid 5845] close(4 [pid 5844] <... futex resumed>) = 0 [pid 5843] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5842] <... mkdir resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5844] open(".", O_RDONLY [pid 5845] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5844] <... open resumed>) = 4 [pid 5843] <... mkdir resumed>) = 0 [pid 5842] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5846] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5844] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... openat resumed>) = 3 [pid 5845] <... mkdir resumed>) = 0 [pid 5844] <... futex resumed>) = 1 [pid 5839] <... futex resumed>) = 0 [pid 5846] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5845] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5844] rename("./file1", "./file0/file0" [pid 5843] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5842] <... mount resumed>) = 0 [pid 5839] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... chdir resumed>) = 0 [pid 5842] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5846] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5839] <... futex resumed>) = 0 [pid 5846] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5839] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5846] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... mount resumed>) = 0 [pid 5845] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5845] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5845] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5838] <... futex resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5838] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5843] <... mount resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5838] <... futex resumed>) = 0 [pid 5846] <... futex resumed>) = 1 [pid 5845] open(".", O_RDONLY [pid 5842] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5838] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5846] open(".", O_RDONLY [pid 5845] <... open resumed>) = 4 [pid 5846] <... open resumed>) = 4 [pid 5845] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5842] <... futex resumed>) = 1 [pid 5836] <... futex resumed>) = 0 [pid 5846] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = 1 [pid 5843] <... openat resumed>) = 3 [pid 5842] open(".", O_RDONLY [pid 5838] <... futex resumed>) = 0 [pid 5836] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5836] <... futex resumed>) = 0 [pid 5842] <... open resumed>) = 4 [pid 5843] <... chdir resumed>) = 0 [pid 5836] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5842] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... futex resumed>) = 1 [ 73.512563][ T5843] loop1: detected capacity change from 0 to 128 [ 73.522267][ T5845] loop2: detected capacity change from 0 to 128 [ 73.554057][ T5844] syz-executor725: attempt to access beyond end of device [ 73.554057][ T5844] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5845] rename("./file1", "./file0/file0" [pid 5838] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] <... futex resumed>) = 0 [pid 5846] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5843] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5842] <... futex resumed>) = 0 [pid 5840] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... futex resumed>) = 0 [pid 5843] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5843] <... futex resumed>) = 1 [pid 5837] <... futex resumed>) = 0 [pid 5836] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5836] <... futex resumed>) = 1 [pid 5842] <... futex resumed>) = 0 [pid 5836] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] rename("./file1", "./file0/file0" [pid 5846] rename("./file1", "./file0/file0" [pid 5840] <... futex resumed>) = 0 [pid 5838] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5837] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] <... futex resumed>) = 0 [pid 5837] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] open(".", O_RDONLY) = 4 [pid 5843] futex(0x7fb3043ea6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5837] <... futex resumed>) = 0 [pid 5843] futex(0x7fb3043ea6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] futex(0x7fb3043ea6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5837] <... futex resumed>) = 0 [pid 5843] rename("./file1", "./file0/file0" [ 73.583737][ T5845] syz-executor725: attempt to access beyond end of device [ 73.583737][ T5845] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 73.600347][ T5842] syz-executor725: attempt to access beyond end of device [ 73.600347][ T5842] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 73.601765][ T5846] syz-executor725: attempt to access beyond end of device [ 73.601765][ T5846] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5837] futex(0x7fb3043ea6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5839] futex(0x7fb3043ea6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5839] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fb3042ce000 [pid 5839] mprotect(0x7fb3042cf000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5839] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5839] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb3042ee990, parent_tid=0x7fb3042ee990, exit_signal=0, stack=0x7fb3042ce000, stack_size=0x20300, tls=0x7fb3042ee6c0} => {parent_tid=[5849]}, 88) = 5849 [pid 5839] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5839] futex(0x7fb3043ea6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5839] futex(0x7fb3043ea6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5838] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) ./strace-static-x86_64: Process 5849 attached [pid 5838] futex(0x7fb3043ea6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] futex(0x7fb3043ea6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] rseq(0x7fb3042eefe0, 0x20, 0, 0x53053053 [pid 5838] <... futex resumed>) = 0 [pid 5838] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fb3042ce000 [pid 5849] <... rseq resumed>) = 0 [pid 5838] mprotect(0x7fb3042cf000, 131072, PROT_READ|PROT_WRITE [pid 5836] <... futex resumed>) = 0 [pid 5838] <... mprotect resumed>) = 0 [pid 5838] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5838] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb3042ee990, parent_tid=0x7fb3042ee990, exit_signal=0, stack=0x7fb3042ce000, stack_size=0x20300, tls=0x7fb3042ee6c0} [pid 5849] set_robust_list(0x7fb3042ee9a0, 24 [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5838] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] <... set_robust_list resumed>) = 0 [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] <... mmap resumed>) = 0x7fb3042ce000 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] futex(0x7fb3043ea6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] futex(0x7fb3043ea6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] mprotect(0x7fb3042cf000, 131072, PROT_READ|PROT_WRITE [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... futex resumed>) = 0 [pid 5838] <... futex resumed>) = 0 [pid 5836] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 5850 attached [pid 5849] fdatasync(4 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5838] futex(0x7fb3043ea6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] rseq(0x7fb3042eefe0, 0x20, 0, 0x53053053 [pid 5840] <... mmap resumed>) = 0x7fb3042ce000 [pid 5836] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5850] <... rseq resumed>) = 0 [ 73.633679][ T5843] syz-executor725: attempt to access beyond end of device [ 73.633679][ T5843] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 73.634097][ T5844] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 73.650145][ T5842] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 73.665376][ T5845] Buffer I/O error on dev loop2, logical block 3245768, async page read [pid 5840] mprotect(0x7fb3042cf000, 131072, PROT_READ|PROT_WRITE [pid 5850] set_robust_list(0x7fb3042ee9a0, 24 [pid 5840] <... mprotect resumed>) = 0 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5837] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb3042ee990, parent_tid=0x7fb3042ee990, exit_signal=0, stack=0x7fb3042ce000, stack_size=0x20300, tls=0x7fb3042ee6c0} [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5839] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5850] fdatasync(4 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb3042ee990, parent_tid=0x7fb3042ee990, exit_signal=0, stack=0x7fb3042ce000, stack_size=0x20300, tls=0x7fb3042ee6c0}./strace-static-x86_64: Process 5851 attached [pid 5851] rseq(0x7fb3042eefe0, 0x20, 0, 0x53053053 [pid 5840] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5851] <... rseq resumed>) = 0 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] set_robust_list(0x7fb3042ee9a0, 24 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5840] futex(0x7fb3043ea6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... futex resumed>) = 0 [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7fb3043ea6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] fdatasync(4 [pid 5837] futex(0x7fb3043ea6dc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5852 attached ) = 0 [pid 5852] rseq(0x7fb3042eefe0, 0x20, 0, 0x53053053 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5836] <... clone3 resumed> => {parent_tid=[5852]}, 88) = 5852 [pid 5837] <... mmap resumed>) = 0x7fb3042ce000 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5837] mprotect(0x7fb3042cf000, 131072, PROT_READ|PROT_WRITE [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 73.695760][ T5845] syz-executor725: attempt to access beyond end of device [ 73.695760][ T5845] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 73.705002][ T5843] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 73.719247][ T5846] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 73.731742][ T5844] syz-executor725: attempt to access beyond end of device [ 73.731742][ T5844] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5852] <... rseq resumed>) = 0 [pid 5838] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5837] <... mprotect resumed>) = 0 [pid 5836] futex(0x7fb3043ea6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] set_robust_list(0x7fb3042ee9a0, 24 [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] <... futex resumed>) = 0 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 73.740454][ T5842] syz-executor725: attempt to access beyond end of device [ 73.740454][ T5842] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 73.747904][ T5845] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 73.768828][ T5843] syz-executor725: attempt to access beyond end of device [ 73.768828][ T5843] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 73.780404][ T5846] syz-executor725: attempt to access beyond end of device [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5836] futex(0x7fb3043ea6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5852] fdatasync(4 [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fb3042ee990, parent_tid=0x7fb3042ee990, exit_signal=0, stack=0x7fb3042ce000, stack_size=0x20300, tls=0x7fb3042ee6c0}./strace-static-x86_64: Process 5854 attached => {parent_tid=[5854]}, 88) = 5854 [pid 5854] rseq(0x7fb3042eefe0, 0x20, 0, 0x53053053 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... rseq resumed>) = 0 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] set_robust_list(0x7fb3042ee9a0, 24 [pid 5837] futex(0x7fb3043ea6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5854] <... set_robust_list resumed>) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], [pid 5837] futex(0x7fb3043ea6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 73.780404][ T5846] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 73.801319][ T5844] Buffer I/O error on dev loop3, logical block 8833403, async page read [ 73.810106][ T5842] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 73.814636][ T5844] Buffer I/O error on dev loop3, logical block 13269809, async page read [ 73.827622][ T5843] Buffer I/O error on dev loop1, logical block 8833403, async page read [pid 5854] fdatasync(4 [pid 5837] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5839] exit_group(0 [pid 5840] exit_group(0 [pid 5839] <... exit_group resumed>) = ? [pid 5840] <... exit_group resumed>) = ? [pid 5838] exit_group(0) = ? [pid 5836] exit_group(0) = ? [pid 5837] exit_group(0) = ? [pid 5833] kill(-5838, SIGKILL [pid 5832] kill(-5837, SIGKILL [pid 5833] <... kill resumed>) = 0 [pid 5832] <... kill resumed>) = 0 [pid 5831] kill(-5836, SIGKILL [pid 5833] kill(5838, SIGKILL [pid 5832] kill(5837, SIGKILL [pid 5831] <... kill resumed>) = 0 [pid 5833] <... kill resumed>) = 0 [pid 5832] <... kill resumed>) = 0 [pid 5831] kill(5836, SIGKILL) = 0 [pid 5834] kill(-5839, SIGKILL) = 0 [pid 5834] kill(5839, SIGKILL) = 0 [pid 5835] kill(-5840, SIGKILL) = 0 [pid 5835] kill(5840, SIGKILL) = 0 [pid 5832] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5832] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5832] getdents64(3, 0x555559ecd730 /* 2 entries */, 32768) = 48 [pid 5832] getdents64(3, 0x555559ecd730 /* 0 entries */, 32768) = 0 [pid 5832] close(3) = 0 [pid 5833] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5833] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5833] getdents64(3, 0x555559ecd730 /* 2 entries */, 32768) = 48 [pid 5833] getdents64(3, 0x555559ecd730 /* 0 entries */, 32768) = 0 [pid 5833] close(3) = 0 [pid 5831] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5831] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5831] getdents64(3, 0x555559ecd730 /* 2 entries */, 32768) = 48 [pid 5831] getdents64(3, 0x555559ecd730 /* 0 entries */, 32768) = 0 [pid 5831] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555559ecd730 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(3, 0x555559ecd730 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [pid 5834] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5834] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5834] getdents64(3, 0x555559ecd730 /* 2 entries */, 32768) = 48 [pid 5834] getdents64(3, 0x555559ecd730 /* 0 entries */, 32768) = 0 [pid 5834] close(3) = 0 [ 87.013090][ T8] cfg80211: failed to load regulatory.db [ 286.671985][ T30] INFO: task syz-executor725:5852 blocked for more than 143 seconds. [ 286.680340][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 286.741434][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.750209][ T30] task:syz-executor725 state:D stack:29200 pid:5852 tgid:5836 ppid:5831 flags:0x00004006 [ 286.821397][ T30] Call Trace: [ 286.824756][ T30] [ 286.827721][ T30] __schedule+0x189f/0x4c80 [ 286.861378][ T30] ? __pfx___schedule+0x10/0x10 [ 286.866420][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.901361][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.907444][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.951422][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.956635][ T30] ? schedule+0x90/0x320 [ 286.960935][ T30] schedule+0x14b/0x320 [ 287.001351][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.006909][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.051409][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.057503][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.111399][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.116563][ T30] down_write+0x1d7/0x220 [ 287.120942][ T30] ? __pfx_down_write+0x10/0x10 [ 287.161361][ T30] ? ptrace_notify+0x279/0x380 [ 287.166221][ T30] ? __fget_files+0x2a/0x410 [ 287.170859][ T30] __generic_file_fsync+0x97/0x1a0 [ 287.211429][ T30] generic_file_fsync+0x70/0xf0 [ 287.216387][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 287.281356][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 287.286498][ T30] do_syscall_64+0xf3/0x230 [ 287.291044][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.331411][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.337413][ T30] RIP: 0033:0x7fb304358c09 [ 287.381881][ T30] RSP: 002b:00007fb3042ee218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 287.390413][ T30] RAX: ffffffffffffffda RBX: 00007fb3043ea6d8 RCX: 00007fb304358c09 [ 287.431404][ T30] RDX: 00007fb304332196 RSI: 0000000000000000 RDI: 0000000000000004 [ 287.439460][ T30] RBP: 00007fb3043ea6d0 R08: 00007ffcf5b58727 R09: 0000000000000000 [ 287.511405][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3043ad0c0 [ 287.519466][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 287.561341][ T30] [ 287.571420][ T30] INFO: task syz-executor725:5854 blocked for more than 144 seconds. [ 287.579554][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 287.621378][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.630146][ T30] task:syz-executor725 state:D stack:29200 pid:5854 tgid:5837 ppid:5832 flags:0x00004006 [ 287.701338][ T30] Call Trace: [ 287.704695][ T30] [ 287.707692][ T30] __schedule+0x189f/0x4c80 [ 287.751377][ T30] ? __pfx___schedule+0x10/0x10 [ 287.756328][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.791351][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.797441][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.841585][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.846802][ T30] ? schedule+0x90/0x320 [ 287.851096][ T30] schedule+0x14b/0x320 [ 287.891357][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.896911][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.941342][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.947362][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.991350][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.996490][ T30] down_write+0x1d7/0x220 [ 288.000861][ T30] ? __pfx_down_write+0x10/0x10 [ 288.041345][ T30] ? ptrace_notify+0x279/0x380 [ 288.046206][ T30] ? __fget_files+0x2a/0x410 [ 288.050846][ T30] __generic_file_fsync+0x97/0x1a0 [ 288.111420][ T30] generic_file_fsync+0x70/0xf0 [ 288.116406][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 288.151348][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 288.156471][ T30] do_syscall_64+0xf3/0x230 [ 288.161044][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.201344][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.207347][ T30] RIP: 0033:0x7fb304358c09 [ 288.241334][ T30] RSP: 002b:00007fb3042ee218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 288.249845][ T30] RAX: ffffffffffffffda RBX: 00007fb3043ea6d8 RCX: 00007fb304358c09 [ 288.301332][ T30] RDX: 00007fb304332196 RSI: 0000000000000000 RDI: 0000000000000004 [ 288.309401][ T30] RBP: 00007fb3043ea6d0 R08: 00007ffcf5b58727 R09: 0000000000000000 [ 288.341382][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3043ad0c0 [ 288.371361][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 288.379442][ T30] [ 288.421415][ T30] INFO: task syz-executor725:5850 blocked for more than 145 seconds. [ 288.429565][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 288.461332][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.470084][ T30] task:syz-executor725 state:D stack:29200 pid:5850 tgid:5838 ppid:5833 flags:0x00004006 [ 288.521330][ T30] Call Trace: [ 288.524683][ T30] [ 288.527664][ T30] __schedule+0x189f/0x4c80 [ 288.571380][ T30] ? __pfx___schedule+0x10/0x10 [ 288.576343][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.611349][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.617438][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.661329][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.666552][ T30] ? schedule+0x90/0x320 [ 288.670848][ T30] schedule+0x14b/0x320 [ 288.711356][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.716925][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 288.751351][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 288.757363][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.821342][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.826528][ T30] down_write+0x1d7/0x220 [ 288.830903][ T30] ? __pfx_down_write+0x10/0x10 [ 288.871373][ T30] ? ptrace_notify+0x279/0x380 [ 288.876279][ T30] ? __fget_files+0x2a/0x410 [ 288.880923][ T30] __generic_file_fsync+0x97/0x1a0 [ 288.921337][ T30] generic_file_fsync+0x70/0xf0 [ 288.926373][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 288.971351][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 288.976457][ T30] do_syscall_64+0xf3/0x230 [ 288.980993][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.031362][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.037351][ T30] RIP: 0033:0x7fb304358c09 [ 289.071356][ T30] RSP: 002b:00007fb3042ee218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 289.079862][ T30] RAX: ffffffffffffffda RBX: 00007fb3043ea6d8 RCX: 00007fb304358c09 [ 289.141337][ T30] RDX: 00007fb304332196 RSI: 0000000000000000 RDI: 0000000000000004 [ 289.149396][ T30] RBP: 00007fb3043ea6d0 R08: 00007ffcf5b58727 R09: 0000000000000000 [ 289.201326][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3043ad0c0 [ 289.209393][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 289.271360][ T30] [ 289.274486][ T30] INFO: task syz-executor725:5849 blocked for more than 145 seconds. [ 289.321330][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 289.328516][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.381346][ T30] task:syz-executor725 state:D stack:28632 pid:5849 tgid:5839 ppid:5834 flags:0x00004006 [ 289.421342][ T30] Call Trace: [ 289.424695][ T30] [ 289.427669][ T30] __schedule+0x189f/0x4c80 [ 289.461352][ T30] ? __pfx___schedule+0x10/0x10 [ 289.466302][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.501331][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.507412][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.561328][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.566541][ T30] ? schedule+0x90/0x320 [ 289.571052][ T30] schedule+0x14b/0x320 [ 289.611432][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.616994][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 289.661333][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 289.667339][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.711409][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.716555][ T30] down_write+0x1d7/0x220 [ 289.720945][ T30] ? __pfx_down_write+0x10/0x10 [ 289.761324][ T30] ? ptrace_notify+0x279/0x380 [ 289.766185][ T30] ? __fget_files+0x2a/0x410 [ 289.770822][ T30] __generic_file_fsync+0x97/0x1a0 [ 289.831412][ T30] generic_file_fsync+0x70/0xf0 [ 289.836383][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 289.881323][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 289.886440][ T30] do_syscall_64+0xf3/0x230 [ 289.890982][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.931353][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.937370][ T30] RIP: 0033:0x7fb304358c09 [ 289.971360][ T30] RSP: 002b:00007fb3042ee218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 289.979932][ T30] RAX: ffffffffffffffda RBX: 00007fb3043ea6d8 RCX: 00007fb304358c09 [ 290.051351][ T30] RDX: 00007fb304332196 RSI: 0000000000000000 RDI: 0000000000000004 [ 290.059410][ T30] RBP: 00007fb3043ea6d0 R08: 00007ffcf5b58727 R09: 0000000000000000 [ 290.101336][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3043ad0c0 [ 290.109409][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 290.181348][ T30] [ 290.184523][ T30] INFO: task syz-executor725:5851 blocked for more than 146 seconds. [ 290.221322][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 290.228510][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.271443][ T30] task:syz-executor725 state:D stack:29200 pid:5851 tgid:5840 ppid:5835 flags:0x00004006 [ 290.311340][ T30] Call Trace: [ 290.314695][ T30] [ 290.317666][ T30] __schedule+0x189f/0x4c80 [ 290.371366][ T30] ? __pfx___schedule+0x10/0x10 [ 290.376324][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.411351][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.417430][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.461329][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.466541][ T30] ? schedule+0x90/0x320 [ 290.470829][ T30] schedule+0x14b/0x320 [ 290.511379][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.516935][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 290.561343][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 290.567385][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.611350][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.616514][ T30] down_write+0x1d7/0x220 [ 290.620886][ T30] ? __pfx_down_write+0x10/0x10 [ 290.661322][ T30] ? ptrace_notify+0x279/0x380 [ 290.666174][ T30] ? __fget_files+0x2a/0x410 [ 290.670815][ T30] __generic_file_fsync+0x97/0x1a0 [ 290.731360][ T30] generic_file_fsync+0x70/0xf0 [ 290.736313][ T30] ? __pfx_generic_file_fsync+0x10/0x10 [ 290.771363][ T30] __x64_sys_fdatasync+0xb6/0x110 [ 290.776479][ T30] do_syscall_64+0xf3/0x230 [ 290.781021][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.821319][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.827304][ T30] RIP: 0033:0x7fb304358c09 [ 290.861327][ T30] RSP: 002b:00007fb3042ee218 EFLAGS: 00000246 ORIG_RAX: 000000000000004b [ 290.869824][ T30] RAX: ffffffffffffffda RBX: 00007fb3043ea6d8 RCX: 00007fb304358c09 [ 290.941556][ T30] RDX: 00007fb304332196 RSI: 0000000000000000 RDI: 0000000000000004 [ 290.949620][ T30] RBP: 00007fb3043ea6d0 R08: 00007ffcf5b58727 R09: 0000000000000000 [ 290.991441][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3043ad0c0 [ 290.999505][ T30] R13: 0030656c69662f30 R14: 2f30656c69662f2e R15: 0031656c69662f2e [ 291.071395][ T30] [ 291.074583][ T30] [ 291.074583][ T30] Showing all locks held in the system: [ 291.111382][ T30] 1 lock held by khungtaskd/30: [ 291.116311][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 291.161798][ T30] 2 locks held by kswapd0/89: [ 291.166559][ T30] 2 locks held by kswapd1/90: [ 291.201384][ T30] 2 locks held by getty/5583: [ 291.206140][ T30] #0: ffff8880315040a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 291.271829][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 291.321354][ T30] 2 locks held by syz-executor725/5842: [ 291.327007][ T30] 1 lock held by syz-executor725/5852: [ 291.351373][ T30] #0: ffff888076468180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.401331][ T30] 3 locks held by syz-executor725/5843: [ 291.407001][ T30] 1 lock held by syz-executor725/5854: [ 291.441354][ T30] #0: ffff8880764686c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.491354][ T30] 1 lock held by syz-executor725/5845: [ 291.496887][ T30] 1 lock held by syz-executor725/5850: [ 291.541362][ T30] #0: ffff88807645cc00 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.581334][ T30] 1 lock held by syz-executor725/5844: [ 291.586872][ T30] 1 lock held by syz-executor725/5849: [ 291.621732][ T30] #0: ffff88807645c180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.671355][ T30] 2 locks held by syz-executor725/5846: [ 291.676979][ T30] 1 lock held by syz-executor725/5851: [ 291.711362][ T30] #0: ffff88807645c6c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: __generic_file_fsync+0x97/0x1a0 [ 291.761361][ T30] [ 291.763757][ T30] ============================================= [ 291.763757][ T30] [ 291.801375][ T30] NMI backtrace for cpu 0 [ 291.801406][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 291.801435][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.801447][ T30] Call Trace: [ 291.801454][ T30] [ 291.801464][ T30] dump_stack_lvl+0x241/0x360 [ 291.801494][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.801518][ T30] ? __pfx__printk+0x10/0x10 [ 291.801563][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 291.801598][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.801624][ T30] ? _printk+0xd5/0x120 [ 291.801654][ T30] ? __pfx__printk+0x10/0x10 [ 291.801686][ T30] ? __wake_up_klogd+0xcc/0x110 [ 291.801711][ T30] ? __pfx__printk+0x10/0x10 [ 291.801745][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 291.801774][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 291.801802][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 291.801834][ T30] watchdog+0xff6/0x1040 [ 291.801864][ T30] ? watchdog+0x1ea/0x1040 [ 291.801895][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.801921][ T30] kthread+0x7a9/0x920 [ 291.801962][ T30] ? __pfx_kthread+0x10/0x10 [ 291.801993][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.802019][ T30] ? __pfx_kthread+0x10/0x10 [ 291.802046][ T30] ? __pfx_kthread+0x10/0x10 [ 291.802096][ T30] ? __pfx_kthread+0x10/0x10 [ 291.802124][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 291.802153][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 291.802184][ T30] ? __pfx_kthread+0x10/0x10 [ 291.802214][ T30] ret_from_fork+0x4b/0x80 [ 291.802240][ T30] ? __pfx_kthread+0x10/0x10 [ 291.802269][ T30] ret_from_fork_asm+0x1a/0x30 [ 291.802316][ T30] [ 291.802324][ T30] Sending NMI from CPU 0 to CPUs 1: [ 291.971986][ C1] NMI backtrace for cpu 1 [ 291.972003][ C1] CPU: 1 UID: 0 PID: 90 Comm: kswapd1 Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 291.972029][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.972041][ C1] RIP: 0010:unwind_next_frame+0xc0/0x22d0 [ 291.972073][ C1] Code: 6c 24 78 48 89 8c 24 90 00 00 00 48 89 5c 24 20 bf 01 00 00 00 e8 00 dd 21 00 49 8d 6d 50 48 89 e8 48 c1 e8 03 48 89 44 24 38 <42> 80 3c 20 00 74 08 48 89 ef e8 f1 0f ba 00 48 8b 5d 00 48 85 db [ 291.972088][ C1] RSP: 0018:ffffc900025ee490 EFLAGS: 00000a02 [ 291.972104][ C1] RAX: 1ffff920004bdcb6 RBX: 1ffff920004bdcac RCX: ffffffff8bf4de00 [ 291.972118][ C1] RDX: dffffc0000000000 RSI: ffffffff81aae558 RDI: ffffffff816b8f90 [ 291.972132][ C1] RBP: ffffc900025ee5b0 R08: 0000000000000000 R09: ffffc900025ee650 [ 291.972145][ C1] R10: ffffc900025ee5b0 R11: ffffffff81aae620 R12: dffffc0000000000 [ 291.972158][ C1] R13: ffffc900025ee560 R14: ffffffff81aae558 R15: 0000000000000000 [ 291.972171][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 291.972186][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 291.972199][ C1] CR2: 0000560fbbc3a680 CR3: 0000000030234000 CR4: 00000000003526f0 [ 291.972215][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 291.972226][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 291.972237][ C1] Call Trace: [ 291.972243][ C1] [ 291.972250][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 291.972274][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.972300][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.972322][ C1] ? nmi_handle+0x2a/0x5a0 [ 291.972355][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 291.972376][ C1] ? nmi_handle+0x14f/0x5a0 [ 291.972413][ C1] ? nmi_handle+0x2a/0x5a0 [ 291.972438][ C1] ? unwind_next_frame+0xc0/0x22d0 [ 291.972461][ C1] ? default_do_nmi+0x63/0x160 [ 291.972481][ C1] ? exc_nmi+0x123/0x1f0 [ 291.972501][ C1] ? end_repeat_nmi+0xf/0x53 [ 291.972525][ C1] ? stack_trace_save+0x118/0x1d0 [ 291.972543][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 291.972563][ C1] ? queued_write_lock_slowpath+0x400/0x44a [ 291.972589][ C1] ? stack_trace_save+0x118/0x1d0 [ 291.972606][ C1] ? unwind_next_frame+0xb0/0x22d0 [ 291.972628][ C1] ? unwind_next_frame+0xc0/0x22d0 [ 291.972651][ C1] ? unwind_next_frame+0xc0/0x22d0 [ 291.972675][ C1] ? unwind_next_frame+0xc0/0x22d0 [ 291.972698][ C1] [ 291.972704][ C1] [ 291.972710][ C1] ? arch_stack_walk+0xe5/0x150 [ 291.972738][ C1] ? __unwind_start+0x59a/0x740 [ 291.972762][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 291.972786][ C1] arch_stack_walk+0x11c/0x150 [ 291.972831][ C1] ? stack_trace_save+0x118/0x1d0 [ 291.972852][ C1] stack_trace_save+0x118/0x1d0 [ 291.972872][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 291.972892][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 291.972917][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 291.972942][ C1] kasan_save_track+0x3f/0x80 [ 291.972987][ C1] ? __pfx_lock_release+0x10/0x10 [ 291.973009][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 291.973033][ C1] kasan_save_free_info+0x40/0x50 [ 291.973052][ C1] __kasan_slab_free+0x59/0x70 [ 291.973075][ C1] ? free_buffer_head+0x54/0x240 [ 291.973102][ C1] kmem_cache_free+0x195/0x410 [ 291.973119][ C1] ? free_buffer_head+0x54/0x240 [ 291.973148][ C1] free_buffer_head+0x54/0x240 [ 291.973175][ C1] try_to_free_buffers+0x2fa/0x3b0 [ 291.973198][ C1] ? __pfx_try_to_free_buffers+0x10/0x10 [ 291.973219][ C1] ? filemap_release_folio+0x279/0x2d0 [ 291.973245][ C1] shrink_folio_list+0x1f83/0x5910 [ 291.973289][ C1] ? __pfx_shrink_folio_list+0x10/0x10 [ 291.973314][ C1] ? mark_lock+0x9a/0x360 [ 291.973338][ C1] ? __pfx_validate_chain+0x10/0x10 [ 291.973365][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 291.973389][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 291.973413][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 291.973434][ C1] ? finish_task_switch+0x1e5/0x870 [ 291.973460][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 291.973485][ C1] ? cgroup_rstat_updated+0x13b/0xc30 [ 291.973512][ C1] ? finish_task_switch+0x1e5/0x870 [ 291.973541][ C1] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 291.973576][ C1] ? rcu_is_watching+0x15/0xb0 [ 291.973593][ C1] ? __mod_memcg_lruvec_state+0x2f7/0x4d0 [ 291.973623][ C1] ? mark_lock+0x9a/0x360 [ 291.973655][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 291.973678][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 291.973704][ C1] evict_folios+0x4220/0x50b0 [ 291.973743][ C1] ? __pfx_evict_folios+0x10/0x10 [ 291.973769][ C1] ? zone_watermark_ok+0x31/0x80 [ 291.973791][ C1] ? should_abort_scan+0x40c/0x4d0 [ 291.973813][ C1] try_to_shrink_lruvec+0x713/0x9b0 [ 291.973839][ C1] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 291.973859][ C1] ? shrink_node+0x3573/0x3e50 [ 291.973877][ C1] ? __pfx_lock_release+0x10/0x10 [ 291.973927][ C1] shrink_one+0x3b9/0x850 [ 291.973948][ C1] ? shrink_node+0x3573/0x3e50 [ 291.973967][ C1] shrink_node+0x37c5/0x3e50 [ 291.973985][ C1] ? shrink_node+0x3573/0x3e50 [ 291.974016][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.974044][ C1] ? mem_cgroup_iter+0x3d/0x420 [ 291.974065][ C1] ? __pfx_shrink_node+0x10/0x10 [ 291.974089][ C1] ? mem_cgroup_iter+0x3d/0x420 [ 291.974108][ C1] kswapd+0x20f3/0x3b10 [ 291.974145][ C1] ? kswapd+0xb9f/0x3b10 [ 291.974177][ C1] ? __pfx_kswapd+0x10/0x10 [ 291.974208][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 291.974232][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 291.974262][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 291.974288][ C1] ? __wait_for_common+0x630/0x6e0 [ 291.974315][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 291.974340][ C1] ? __kthread_parkme+0x169/0x1d0 [ 291.974363][ C1] ? __pfx_kswapd+0x10/0x10 [ 291.974387][ C1] kthread+0x7a9/0x920 [ 291.974409][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974434][ C1] ? __pfx_kswapd+0x10/0x10 [ 291.974457][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974480][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974505][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974527][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 291.974550][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 291.974575][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974599][ C1] ret_from_fork+0x4b/0x80 [ 291.974621][ C1] ? __pfx_kthread+0x10/0x10 [ 291.974645][ C1] ret_from_fork_asm+0x1a/0x30 [ 291.974672][ C1] [ 291.974680][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.700 msecs [ 292.501391][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 292.501415][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 292.501457][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 292.501472][ T30] Call Trace: [ 292.501481][ T30] [ 292.501492][ T30] dump_stack_lvl+0x241/0x360 [ 292.501526][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.501551][ T30] ? __pfx__printk+0x10/0x10 [ 292.501584][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 292.501623][ T30] ? vscnprintf+0x5d/0x90 [ 292.501673][ T30] panic+0x349/0x880 [ 292.501711][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.501744][ T30] ? __pfx_panic+0x10/0x10 [ 292.501783][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 292.501817][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.501847][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 292.501880][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 292.501915][ T30] watchdog+0x1035/0x1040 [ 292.501947][ T30] ? watchdog+0x1ea/0x1040 [ 292.501982][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.502012][ T30] kthread+0x7a9/0x920 [ 292.502044][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502078][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.502120][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502150][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502184][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502213][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 292.502243][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 292.502276][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502308][ T30] ret_from_fork+0x4b/0x80 [ 292.502337][ T30] ? __pfx_kthread+0x10/0x10 [ 292.502375][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.502416][ T30] [ 292.789431][ T30] Kernel Offset: disabled [ 292.793759][ T30] Rebooting in 86400 seconds..