./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3749946155 <...> Warning: Permanently added '10.128.1.37' (ECDSA) to the list of known hosts. execve("./syz-executor3749946155", ["./syz-executor3749946155"], 0x7ffcd5cfbd50 /* 10 vars */) = 0 brk(NULL) = 0x555556cd9000 brk(0x555556cd9c40) = 0x555556cd9c40 arch_prctl(ARCH_SET_FS, 0x555556cd9300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556cd95d0) = 5067 set_robust_list(0x555556cd95e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7faafca0d580, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7faafca0dc50}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7faafca0d620, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7faafca0dc50}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3749946155", 4096) = 28 brk(0x555556cfac40) = 0x555556cfac40 brk(0x555556cfb000) = 0x555556cfb000 mprotect(0x7faafcacf000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached , child_tidptr=0x555556cd95d0) = 5068 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] set_robust_list(0x555556cd95e0, 24) = 0 ./strace-static-x86_64: Process 5069 attached [pid 5067] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5069 [pid 5068] getpid( [pid 5069] set_robust_list(0x555556cd95e0, 24 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... set_robust_list resumed>) = 0 [pid 5068] <... getpid resumed>) = 5068 [pid 5069] getpid( [pid 5068] mkdir("./syzkaller.oginco", 0700 [pid 5069] <... getpid resumed>) = 5069 [pid 5067] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5070 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] mkdir("./syzkaller.7NfzCt", 0700 [pid 5067] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5071 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cd95d0) = 5072 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cd95d0) = 5073 ./strace-static-x86_64: Process 5073 attached [pid 5073] set_robust_list(0x555556cd95e0, 24) = 0 [pid 5073] getpid() = 5073 [pid 5073] mkdir("./syzkaller.SaHjwL", 0700./strace-static-x86_64: Process 5072 attached [pid 5072] set_robust_list(0x555556cd95e0, 24 [pid 5069] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5070 attached ./strace-static-x86_64: Process 5071 attached [pid 5069] chmod("./syzkaller.7NfzCt", 0777 [pid 5068] <... mkdir resumed>) = 0 [pid 5072] <... set_robust_list resumed>) = 0 [pid 5069] <... chmod resumed>) = 0 [pid 5068] chmod("./syzkaller.oginco", 0777 [pid 5070] set_robust_list(0x555556cd95e0, 24 [pid 5069] chdir("./syzkaller.7NfzCt" [pid 5068] <... chmod resumed>) = 0 [pid 5072] getpid() = 5072 [pid 5071] set_robust_list(0x555556cd95e0, 24 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] <... chdir resumed>) = 0 [pid 5068] chdir("./syzkaller.oginco" [pid 5072] mkdir("./syzkaller.E71UdK", 0700 [pid 5069] mkdir("./0", 0777 [pid 5068] <... chdir resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] mkdir("./0", 0777 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5073] chmod("./syzkaller.SaHjwL", 0777) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5073] chdir("./syzkaller.SaHjwL" [pid 5069] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] <... mkdir resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] <... openat resumed>) = 3 [pid 5073] <... chdir resumed>) = 0 [pid 5073] mkdir("./0", 0777 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5072] chmod("./syzkaller.E71UdK", 0777 [pid 5069] close(3 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... mkdir resumed>) = 0 [pid 5072] <... chmod resumed>) = 0 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] getpid( [pid 5069] <... close resumed>) = 0 [pid 5068] close(3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... close resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5074 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556cd95d0) = 5075 [pid 5070] <... getpid resumed>) = 5070 [pid 5070] mkdir("./syzkaller.nd6pQA", 0700) = 0 ./strace-static-x86_64: Process 5074 attached ./strace-static-x86_64: Process 5075 attached [pid 5071] getpid( [pid 5072] chdir("./syzkaller.E71UdK") = 0 [pid 5071] <... getpid resumed>) = 5071 [pid 5072] mkdir("./0", 0777 [pid 5071] mkdir("./syzkaller.5gr2ME", 0700 [pid 5074] set_robust_list(0x555556cd95e0, 24 [pid 5075] set_robust_list(0x555556cd95e0, 24 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5075] <... set_robust_list resumed>) = 0 [pid 5075] chdir("./0" [pid 5074] chdir("./0" [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] chmod("./syzkaller.nd6pQA", 0777 [pid 5075] <... chdir resumed>) = 0 [pid 5074] <... chdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] chmod("./syzkaller.5gr2ME", 0777 [pid 5070] <... chmod resumed>) = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... prctl resumed>) = 0 [pid 5074] <... prctl resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5072] <... openat resumed>) = 3 [pid 5071] <... chmod resumed>) = 0 [pid 5070] chdir("./syzkaller.nd6pQA" [pid 5075] setpgid(0, 0 [pid 5074] setpgid(0, 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] chdir("./syzkaller.5gr2ME" [pid 5070] <... chdir resumed>) = 0 [pid 5075] <... setpgid resumed>) = 0 [pid 5074] <... setpgid resumed>) = 0 [pid 5073] close(3 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... chdir resumed>) = 0 [pid 5070] mkdir("./0", 0777 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... close resumed>) = 0 [pid 5072] close(3 [pid 5071] mkdir("./0", 0777 [pid 5070] <... mkdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5074] <... openat resumed>) = 3 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] write(3, "1000", 4 [pid 5074] write(3, "1000", 4 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... openat resumed>) = 3 [pid 5075] <... write resumed>) = 4 [pid 5074] <... write resumed>) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5077 [pid 5071] <... openat resumed>) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5075] close(3 [pid 5074] close(3 [pid 5072] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5078 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] <... close resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] close(3 [pid 5075] symlink("/dev/binderfs", "./binderfs" [pid 5074] symlink("/dev/binderfs", "./binderfs" [pid 5071] close(3 [pid 5070] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... symlink resumed>) = 0 [pid 5074] <... symlink resumed>) = 0 [pid 5075] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... futex resumed>) = 0 [pid 5074] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5079 [pid 5075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5074] <... futex resumed>) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x555556cd95d0) = 5080 ./strace-static-x86_64: Process 5078 attached [pid 5075] <... mmap resumed>) = 0x7faafc9dc000 [pid 5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5079 attached [pid 5078] set_robust_list(0x555556cd95e0, 24 [pid 5075] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5074] <... mmap resumed>) = 0x7faafc9dc000 [pid 5079] set_robust_list(0x555556cd95e0, 24 [pid 5078] <... set_robust_list resumed>) = 0 [pid 5075] <... mprotect resumed>) = 0 [pid 5074] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5079] <... set_robust_list resumed>) = 0 [pid 5078] chdir("./0" [pid 5075] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5074] <... mprotect resumed>) = 0 [pid 5079] chdir("./0" [pid 5078] <... chdir resumed>) = 0 [pid 5074] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5079] <... chdir resumed>) = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... clone resumed>, parent_tid=[5081], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5081 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... prctl resumed>) = 0 [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... clone resumed>, parent_tid=[5082], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5082 [pid 5079] <... prctl resumed>) = 0 [pid 5078] setpgid(0, 0 [pid 5075] <... futex resumed>) = 0 [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5082 attached [pid 5079] setpgid(0, 0 [pid 5078] <... setpgid resumed>) = 0 [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5074] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5077 attached [pid 5082] set_robust_list(0x7faafc9fc9e0, 24 [pid 5079] <... setpgid resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5082] <... set_robust_list resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... openat resumed>) = 3 [pid 5077] set_robust_list(0x555556cd95e0, 24 [pid 5082] memfd_create("syzkaller", 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] write(3, "1000", 4./strace-static-x86_64: Process 5081 attached [pid 5079] write(3, "1000", 4 [pid 5078] <... write resumed>) = 4 [pid 5077] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5080 attached [pid 5081] set_robust_list(0x7faafc9fc9e0, 24 [pid 5079] <... write resumed>) = 4 [pid 5078] close(3 [pid 5079] close(3 [pid 5078] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] symlink("/dev/binderfs", "./binderfs" [pid 5079] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... symlink resumed>) = 0 [pid 5079] <... symlink resumed>) = 0 [pid 5078] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5078] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5081] <... set_robust_list resumed>) = 0 [pid 5080] set_robust_list(0x555556cd95e0, 24 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5078] <... mmap resumed>) = 0x7faafc9dc000 [pid 5077] chdir("./0" [pid 5079] <... mmap resumed>) = 0x7faafc9dc000 [pid 5078] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5079] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5078] <... mprotect resumed>) = 0 [pid 5081] memfd_create("syzkaller", 0 [pid 5080] <... set_robust_list resumed>) = 0 [pid 5079] <... mprotect resumed>) = 0 [pid 5078] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5077] <... chdir resumed>) = 0 [pid 5081] <... memfd_create resumed>) = 3 [pid 5080] chdir("./0" [pid 5079] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... chdir resumed>) = 0 [pid 5078] <... clone resumed>, parent_tid=[5084], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5084 [pid 5077] <... prctl resumed>) = 0 [pid 5081] <... mmap resumed>) = 0x7faaf45dc000 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... clone resumed>, parent_tid=[5085], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5085 [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] setpgid(0, 0./strace-static-x86_64: Process 5084 attached [pid 5082] <... memfd_create resumed>) = 3 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5080] <... prctl resumed>) = 0 [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 0 [pid 5077] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5085 attached [pid 5084] set_robust_list(0x7faafc9fc9e0, 24 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] setpgid(0, 0 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] set_robust_list(0x7faafc9fc9e0, 24 [pid 5084] <... set_robust_list resumed>) = 0 [pid 5082] <... mmap resumed>) = 0x7faaf45dc000 [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] <... set_robust_list resumed>) = 0 [pid 5084] memfd_create("syzkaller", 0 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5081] <... write resumed>) = 262144 [pid 5080] <... setpgid resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5085] memfd_create("syzkaller", 0 [pid 5084] <... memfd_create resumed>) = 3 [pid 5082] <... write resumed>) = 262144 [pid 5081] munmap(0x7faaf45dc000, 262144 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] write(3, "1000", 4 [pid 5085] <... memfd_create resumed>) = 3 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5084] <... mmap resumed>) = 0x7faaf45dc000 [pid 5081] <... munmap resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] <... write resumed>) = 4 [pid 5085] <... mmap resumed>) = 0x7faaf45dc000 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5082] munmap(0x7faaf45dc000, 262144 [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 5084] <... write resumed>) = 262144 [pid 5082] <... munmap resumed>) = 0 [pid 5080] write(3, "1000", 4 [pid 5077] close(3 [pid 5085] <... write resumed>) = 262144 [pid 5084] munmap(0x7faaf45dc000, 262144 [pid 5082] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5081] <... openat resumed>) = 4 [pid 5085] munmap(0x7faaf45dc000, 262144 [pid 5084] <... munmap resumed>) = 0 [pid 5082] <... openat resumed>) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... write resumed>) = 4 [pid 5077] <... close resumed>) = 0 syzkaller login: [ 50.982906][ T5082] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5082 'syz-executor374' [pid 5085] <... munmap resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5082] ioctl(4, LOOP_SET_FD, 3 [pid 5085] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5084] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 4 [pid 5084] ioctl(4, LOOP_SET_FD, 3 [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5081] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 5077] symlink("/dev/binderfs", "./binderfs" [pid 5081] close(3 [pid 5080] <... close resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... symlink resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5081] mkdir("./file0", 0777 [pid 5080] <... symlink resumed>) = 0 [pid 5081] <... mkdir resumed>) = 0 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] close(3 [pid 5077] <... futex resumed>) = 0 [pid 5080] <... futex resumed>) = 0 [pid 5081] mount("/dev/loop0", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5085] <... close resumed>) = 0 [pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] mkdir("./file0", 0777) = 0 [pid 5080] <... mmap resumed>) = 0x7faafc9dc000 [pid 5077] <... mmap resumed>) = 0x7faafc9dc000 [pid 5085] mount("/dev/loop2", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5082] <... ioctl resumed>) = 0 [pid 5080] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5077] mprotect(0x7faafc9dd000, 131072, PROT_READ|PROT_WRITE [pid 5082] close(3 [pid 5080] <... mprotect resumed>) = 0 [pid 5077] <... mprotect resumed>) = 0 [pid 5080] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5077] clone(child_stack=0x7faafc9fc3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5084] <... ioctl resumed>) = 0 [pid 5084] close(3) = 0 [pid 5084] mkdir("./file0", 0777) = 0 [pid 5082] <... close resumed>) = 0 [pid 5077] <... clone resumed>, parent_tid=[5088], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5088 [pid 5084] mount("/dev/loop4", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5082] mkdir("./file0", 0777 [pid 5080] <... clone resumed>, parent_tid=[5089], tls=0x7faafc9fc700, child_tidptr=0x7faafc9fc9d0) = 5089 [pid 5077] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5089 attached [pid 5082] <... mkdir resumed>) = 0 [pid 5080] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5089] set_robust_list(0x7faafc9fc9e0, 24 [pid 5080] <... futex resumed>) = 0 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... set_robust_list resumed>) = 0 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5088 attached [pid 5089] memfd_create("syzkaller", 0 [pid 5082] mount("/dev/loop1", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5088] set_robust_list(0x7faafc9fc9e0, 24) = 0 [pid 5088] memfd_create("syzkaller", 0) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faaf45dc000 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5088] munmap(0x7faaf45dc000, 262144) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 51.047331][ T5082] loop1: detected capacity change from 0 to 512 [ 51.047549][ T5081] loop0: detected capacity change from 0 to 512 [ 51.055916][ T5084] loop4: detected capacity change from 0 to 512 [ 51.067588][ T5085] loop2: detected capacity change from 0 to 512 [pid 5088] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... memfd_create resumed>) = 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] mkdir("./file0", 0777) = 0 [pid 5088] mount("/dev/loop5", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faaf45dc000 [pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 5089] munmap(0x7faaf45dc000, 262144) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 51.123053][ T5081] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.131595][ T5088] loop5: detected capacity change from 0 to 512 [ 51.139576][ T5085] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.160488][ T5081] Quota error (device loop0): write_blk: dquota write failed [ 51.164224][ T5084] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.172154][ T5089] loop3: detected capacity change from 0 to 512 [ 51.183241][ T5085] Quota error (device loop2): write_blk: dquota write failed [ 51.192493][ T5082] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.196575][ T5085] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [pid 5089] ioctl(4, LOOP_SET_FD, 3) = 0 [ 51.219954][ T5081] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 51.220294][ T5084] Quota error (device loop4): write_blk: dquota write failed [ 51.233723][ T5085] EXT4-fs (loop2): 1 truncate cleaned up [ 51.237612][ T5084] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 51.254800][ T5084] EXT4-fs (loop4): 1 truncate cleaned up [ 51.260482][ T5084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [pid 5089] close(3) = 0 [pid 5089] mkdir("./file0", 0777) = 0 [ 51.261823][ T5088] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.272808][ T5082] Quota error (device loop1): write_blk: dquota write failed [ 51.294261][ T5082] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 51.295831][ T5081] EXT4-fs (loop0): 1 truncate cleaned up [ 51.305761][ T5085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [pid 5089] mount("/dev/loop3", "./file0", "ext4", MS_NODEV, ",errors=continue" [pid 5085] <... mount resumed>) = 0 [ 51.313357][ T5084] ext4 filesystem being mounted at /root/syzkaller.E71UdK/0/file0 supports timestamps until 2038 (0x7fffffff) [ 51.322580][ T5085] ext4 filesystem being mounted at /root/syzkaller.nd6pQA/0/file0 supports timestamps until 2038 (0x7fffffff) [ 51.347337][ T5082] EXT4-fs (loop1): 1 truncate cleaned up [ 51.354287][ T5082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5084] <... mount resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5082] <... mount resumed>) = 0 [pid 5081] <... mount resumed>) = 0 [pid 5085] chdir("./file0" [pid 5084] <... openat resumed>) = 3 [pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... chdir resumed>) = 0 [pid 5084] chdir("./file0" [pid 5082] <... openat resumed>) = 3 [pid 5085] ioctl(4, LOOP_CLR_FD [pid 5084] <... chdir resumed>) = 0 [pid 5082] chdir("./file0" [pid 5085] <... ioctl resumed>) = 0 [pid 5084] ioctl(4, LOOP_CLR_FD [pid 5082] <... chdir resumed>) = 0 [pid 5085] close(4 [pid 5084] <... ioctl resumed>) = 0 [pid 5082] ioctl(4, LOOP_CLR_FD [pid 5085] <... close resumed>) = 0 [pid 5084] close(4 [pid 5082] <... ioctl resumed>) = 0 [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... close resumed>) = 0 [pid 5082] close(4 [pid 5085] <... futex resumed>) = 1 [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] <... close resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] <... futex resumed>) = 1 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 0 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5082] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] fspick(AT_FDCWD, ".", 0 [pid 5084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5082] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 0 [pid 5085] <... fspick resumed>) = 4 [pid 5084] fspick(AT_FDCWD, ".", 0 [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... fspick resumed>) = 4 [pid 5085] <... futex resumed>) = 1 [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5079] <... futex resumed>) = 0 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] <... futex resumed>) = 1 [pid 5081] <... openat resumed>) = 3 [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 0 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] chdir("./file0" [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 5084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5081] <... chdir resumed>) = 0 [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 0 [pid 5085] <... fsconfig resumed>) = 0 [pid 5084] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 5081] ioctl(4, LOOP_CLR_FD [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... fsconfig resumed>) = 0 [pid 5081] <... ioctl resumed>) = 0 [pid 5085] <... futex resumed>) = 1 [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] close(4 [pid 5079] <... futex resumed>) = 0 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] <... futex resumed>) = 1 [pid 5081] <... close resumed>) = 0 [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 0 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5081] <... futex resumed>) = 1 [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 0 [pid 5084] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5081] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 1 [pid 5082] fspick(AT_FDCWD, ".", 0 [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] <... fspick resumed>) = 4 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 51.355049][ T5081] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [ 51.366672][ T5082] ext4 filesystem being mounted at /root/syzkaller.7NfzCt/0/file0 supports timestamps until 2038 (0x7fffffff) [ 51.382143][ T5088] Quota error (device loop5): write_blk: dquota write failed [ 51.390949][ T5081] ext4 filesystem being mounted at /root/syzkaller.oginco/0/file0 supports timestamps until 2038 (0x7fffffff) [ 51.400734][ T5088] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [pid 5074] <... futex resumed>) = 0 [pid 5082] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5074] <... futex resumed>) = 0 [pid 5082] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] <... fsconfig resumed>) = 0 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5074] <... futex resumed>) = 0 [ 51.444248][ T5085] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.457442][ T5089] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.461693][ T5084] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.483253][ T5088] EXT4-fs (loop5): 1 truncate cleaned up [ 51.483812][ T5089] EXT4-fs (loop3): 1 truncate cleaned up [pid 5082] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... fsconfig resumed>) = 0 [pid 5082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5081] fspick(AT_FDCWD, ".", 0 [pid 5079] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5078] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5075] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5074] <... futex resumed>) = 0 [pid 5082] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5081] <... fspick resumed>) = 4 [pid 5079] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... mount resumed>) = 0 [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... fsconfig resumed>) = 0 [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5085] <... futex resumed>) = 0 [pid 5081] <... futex resumed>) = 0 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] <... mmap resumed>) = 0x7faaf45fb000 [pid 5075] <... mmap resumed>) = 0x7faaf45fb000 [ 51.488916][ T5088] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [ 51.506893][ T5088] ext4 filesystem being mounted at /root/syzkaller.SaHjwL/0/file0 supports timestamps until 2038 (0x7fffffff) [ 51.519757][ T5089] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback. [ 51.520226][ T5082] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [pid 5079] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE [pid 5075] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... mount resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] <... fsconfig resumed>) = 0 [pid 5079] <... mprotect resumed>) = 0 [pid 5078] <... futex resumed>) = 0 [pid 5075] <... mprotect resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... openat resumed>) = 3 [pid 5084] <... futex resumed>) = 0 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5078] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5075] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5089] <... openat resumed>) = 3 [pid 5088] chdir("./file0" [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5082] <... futex resumed>) = 1 [pid 5078] <... mmap resumed>) = 0x7faaf45fb000 [pid 5074] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5101 attached [pid 5089] chdir("./file0" [pid 5088] <... chdir resumed>) = 0 [pid 5082] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] <... clone resumed>, parent_tid=[5101], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5101 [pid 5078] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE [pid 5075] <... clone resumed>, parent_tid=[5102], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5102 [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] set_robust_list(0x7faaf461b9e0, 24 [pid 5089] <... chdir resumed>) = 0 [pid 5088] ioctl(4, LOOP_CLR_FD [pid 5082] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... mprotect resumed>) = 0 [pid 5075] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5102 attached [pid 5101] <... set_robust_list resumed>) = 0 [pid 5089] ioctl(4, LOOP_CLR_FD [pid 5088] <... ioctl resumed>) = 0 [pid 5082] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5079] <... futex resumed>) = 0 [ 51.532332][ T5089] ext4 filesystem being mounted at /root/syzkaller.5gr2ME/0/file0 supports timestamps until 2038 (0x7fffffff) [pid 5078] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5075] <... futex resumed>) = 0 [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] set_robust_list(0x7faaf461b9e0, 24 [pid 5101] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] close(4 [pid 5079] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] <... set_robust_list resumed>) = 0 [pid 5102] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0./strace-static-x86_64: Process 5104 attached ) = 0 [pid 5104] set_robust_list(0x7faaf461b9e0, 24 [pid 5102] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... set_robust_list resumed>) = 0 [pid 5102] <... futex resumed>) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5104] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5102] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = 1 [pid 5089] close(4 [pid 5088] <... close resumed>) = 0 [pid 5081] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5078] <... clone resumed>, parent_tid=[5104], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5104 [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5089] <... close resumed>) = 0 [pid 5088] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [ 51.591404][ T5082] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 51.603003][ T5101] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 51.624907][ T5081] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [pid 5078] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = 1 [pid 5078] <... futex resumed>) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5104] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5089] <... futex resumed>) = 1 [pid 5088] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5078] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5082] <... fsconfig resumed>) = 0 [pid 5080] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 0 [pid 5085] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = 1 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] openat(AT_FDCWD, ".", O_RDONLY [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] <... mmap resumed>) = 0x7faaf45fb000 [pid 5085] <... openat resumed>) = 5 [pid 5074] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] <... mprotect resumed>) = 0 [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5088] fspick(AT_FDCWD, ".", 0 [pid 5085] <... futex resumed>) = 1 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] <... fsconfig resumed>) = 0 [pid 5080] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5074] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5107 attached [pid 5101] <... fsconfig resumed>) = 0 [pid 5089] fspick(AT_FDCWD, ".", 0 [pid 5088] <... fspick resumed>) = 4 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5082] <... futex resumed>) = 0 [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5079] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... fspick resumed>) = 4 [pid 5088] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5082] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = 0 [pid 5074] <... clone resumed>, parent_tid=[5107], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5107 [pid 5107] set_robust_list(0x7faaf461b9e0, 24 [pid 5101] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = 1 [pid 5085] mkdirat(5, "./bus", 000 [pid 5081] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] <... futex resumed>) = 0 [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5107] <... set_robust_list resumed>) = 0 [pid 5101] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] <... futex resumed>) = 1 [pid 5088] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5080] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 51.639424][ T5082] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.656073][ T5104] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 51.667451][ T5101] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [pid 5081] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5080] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5107] openat(AT_FDCWD, ".", O_RDONLY [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5085] <... mkdirat resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5080] <... futex resumed>) = 0 [pid 5077] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 0 [pid 5089] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5089] <... fsconfig resumed>) = 0 [pid 5089] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5080] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5080] <... futex resumed>) = 0 [pid 5089] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5107] <... openat resumed>) = 5 [pid 5107] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5107] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... futex resumed>) = 0 [pid 5077] <... futex resumed>) = 1 [pid 5088] fsconfig(4, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... fsconfig resumed>) = 0 [pid 5088] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5077] <... futex resumed>) = 0 [pid 5088] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5077] <... futex resumed>) = 0 [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5074] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5079] <... futex resumed>) = 0 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5104] <... fsconfig resumed>) = 0 [pid 5079] exit_group(0 [pid 5074] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5104] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] <... exit_group resumed>) = ? [pid 5074] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] <... futex resumed>) = 1 [pid 5074] <... futex resumed>) = 1 [pid 5104] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] <... futex resumed>) = ? [pid 5101] +++ exited with 0 +++ [pid 5089] <... fsconfig resumed>) = 0 [pid 5085] <... futex resumed>) = ? [pid 5082] <... futex resumed>) = 0 [pid 5078] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] +++ exited with 0 +++ [pid 5082] mkdirat(5, "./bus", 000 [pid 5079] +++ exited with 0 +++ [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 1 [pid 5084] <... futex resumed>) = 0 [pid 5080] <... futex resumed>) = 0 [pid 5078] <... futex resumed>) = 1 [pid 5089] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5084] openat(AT_FDCWD, ".", O_RDONLY [pid 5080] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5089] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5084] <... openat resumed>) = 5 [pid 5080] <... futex resumed>) = 0 [pid 5089] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5084] <... futex resumed>) = 1 [pid 5078] <... futex resumed>) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5078] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5078] <... futex resumed>) = 0 [pid 5084] mkdirat(5, "./bus", 000 [ 51.687205][ T5081] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 51.693809][ T5104] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.708986][ T5089] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.720821][ T5088] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.725701][ T5089] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [pid 5078] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5088] <... fsconfig resumed>) = 0 [pid 5070] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5077] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = 0 [pid 5077] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=49000000} [pid 5088] <... futex resumed>) = 1 [pid 5088] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 5084] <... mkdirat resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5082] <... mkdirat resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5081] <... fsconfig resumed>) = 0 [pid 5075] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5074] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5070] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5084] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5082] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] exit_group(0 [pid 5070] <... openat resumed>) = 3 [pid 5084] <... futex resumed>) = 1 [pid 5081] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = 0 [pid 5082] <... futex resumed>) = ? [pid 5074] <... exit_group resumed>) = ? [pid 5070] fstat(3, [pid 5084] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5081] openat(AT_FDCWD, ".", O_RDONLY [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5082] +++ exited with 0 +++ [pid 5081] <... openat resumed>) = 5 [pid 5070] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] getdents64(3, [pid 5081] <... futex resumed>) = 1 [pid 5075] <... futex resumed>) = 0 [pid 5107] <... futex resumed>) = ? [pid 5081] mkdirat(5, "./bus", 000 [pid 5078] <... futex resumed>) = 0 [pid 5075] futex(0x7faafcad57a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... getdents64 resumed>0x555556cda620 /* 4 entries */, 32768) = 112 [pid 5107] +++ exited with 0 +++ [pid 5078] exit_group(0 [pid 5075] <... futex resumed>) = 0 [pid 5074] +++ exited with 0 +++ [pid 5104] <... futex resumed>) = ? [pid 5084] <... futex resumed>) = ? [pid 5078] <... exit_group resumed>) = ? [pid 5075] futex(0x7faafcad57ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5104] +++ exited with 0 +++ [pid 5084] +++ exited with 0 +++ [pid 5078] +++ exited with 0 +++ [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5072] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] lstat("./0/binderfs", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5069] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5081] <... mkdirat resumed>) = -1 EUCLEAN (Structure needs cleaning) [pid 5070] unlink("./0/binderfs" [pid 5081] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... openat resumed>) = 3 [pid 5080] <... futex resumed>) = 0 [pid 5081] <... futex resumed>) = 1 [pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5075] <... futex resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... unlink resumed>) = 0 [pid 5069] fstat(3, [pid 5081] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5080] <... mmap resumed>) = 0x7faaf45fb000 [pid 5075] exit_group(0 [pid 5072] fstat(3, [pid 5102] <... futex resumed>) = ? [pid 5081] <... futex resumed>) = ? [pid 5080] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE [pid 5075] <... exit_group resumed>) = ? [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5070] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5102] +++ exited with 0 +++ [pid 5081] +++ exited with 0 +++ [pid 5080] <... mprotect resumed>) = 0 [pid 5072] getdents64(3, [pid 5080] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID [pid 5072] <... getdents64 resumed>0x555556cda620 /* 4 entries */, 32768) = 112 [pid 5075] +++ exited with 0 +++ [pid 5072] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, [pid 5080] <... clone resumed>, parent_tid=[5111], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5111 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5072] lstat("./0/binderfs", [pid 5080] <... futex resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5080] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5072] unlink("./0/binderfs") = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555556cda620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5111 attached [pid 5111] set_robust_list(0x7faaf461b9e0, 24) = 0 [pid 5111] openat(AT_FDCWD, ".", O_RDONLY [pid 5069] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] lstat("./0/binderfs", [pid 5068] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5111] <... openat resumed>) = 5 [pid 5069] unlink("./0/binderfs" [pid 5068] <... openat resumed>) = 3 [ 51.732325][ T5082] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3789: comm syz-executor374: Allocating blocks 41-42 which overlap fs metadata [ 51.757723][ T5081] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.762280][ T5088] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [pid 5111] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5069] <... unlink resumed>) = 0 [pid 5068] fstat(3, [pid 5077] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5111] <... futex resumed>) = 1 [pid 5080] <... futex resumed>) = 0 [pid 5077] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5111] mkdirat(5, "./bus", 000 [pid 5080] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5080] <... futex resumed>) = 0 [pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5080] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] <... mmap resumed>) = 0x7faaf45fb000 [pid 5077] mprotect(0x7faaf45fc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5077] clone(child_stack=0x7faaf461b3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5112], tls=0x7faaf461b700, child_tidptr=0x7faaf461b9d0) = 5112 [pid 5077] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5112 attached [pid 5112] set_robust_list(0x7faaf461b9e0, 24) = 0 [pid 5112] openat(AT_FDCWD, ".", O_RDONLY) = 5 [pid 5112] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... futex resumed>) = 0 [pid 5077] futex(0x7faafcad57b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5077] futex(0x7faafcad57bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5112] <... futex resumed>) = 1 [pid 5112] mkdirat(5, "./bus", 000 [pid 5069] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5068] getdents64(3, 0x555556cda620 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5068] unlink("./0/binderfs") = 0 [ 51.807637][ T5072] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.808198][ T5070] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.828548][ T5089] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.841327][ T5111] ------------[ cut here ]------------ [ 51.842294][ T5068] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.846905][ T5111] WARNING: CPU: 0 PID: 5111 at fs/ext4/xattr.c:2141 ext4_xattr_block_set+0x2ef2/0x3680 [ 51.857039][ T5088] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. Quota mode: writeback. [ 51.865569][ T5111] Modules linked in: [ 51.879521][ T5111] CPU: 0 PID: 5111 Comm: syz-executor374 Not tainted 6.2.0-syzkaller-13467-g0988a0ea7919 #0 [ 51.889633][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 51.899747][ T5111] RIP: 0010:ext4_xattr_block_set+0x2ef2/0x3680 [pid 5068] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5089] <... fsconfig resumed>) = 0 [pid 5088] <... fsconfig resumed>) = 0 [pid 5080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5077] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5089] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] futex(0x7faafcad57ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... futex resumed>) = 0 [pid 5088] <... futex resumed>) = 0 [pid 5089] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] futex(0x7faafcad57a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5112] <... mkdirat resumed>) = 0 [pid 5112] futex(0x7faafcad57bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5112] futex(0x7faafcad57b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] exit_group(0 [pid 5112] <... futex resumed>) = ? [pid 5088] <... futex resumed>) = ? [pid 5077] <... exit_group resumed>) = ? [pid 5112] +++ exited with 0 +++ [pid 5088] +++ exited with 0 +++ [pid 5077] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5073] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, 0x555556cda620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./0/binderfs") = 0 [ 51.900551][ T5069] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.906028][ T5111] Code: b3 3d ff 48 8b 7c 24 50 4c 89 ee e8 88 2f c1 ff 45 31 ed e9 86 f4 ff ff e8 1b b3 3d ff 45 31 ed e9 79 f4 ff ff e8 0e b3 3d ff <0f> 0b e9 5d f2 ff ff e8 02 b3 3d ff 0f 0b 43 80 3c 26 00 0f 85 6f [ 51.934621][ T5111] RSP: 0018:ffffc90003dcf4a0 EFLAGS: 00010293 [ 51.940720][ T5111] RAX: ffffffff824f0a52 RBX: 1ffff920007b9f11 RCX: ffff8880296f8000 [ 51.948751][ T5111] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 51.956778][ T5111] RBP: ffffc90003dcf6d0 R08: ffffffff8213bec0 R09: ffffed100413b2ae [ 51.964797][ T5111] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 51.972877][ T5111] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc90003dcf860 [ 51.980864][ T5111] FS: 00007faaf461b700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 51.989830][ T5111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.996503][ T5111] CR2: 00007ffef43dbed8 CR3: 0000000075e6f000 CR4: 00000000003506f0 [ 52.004617][ T5111] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 52.012707][ T5111] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 52.020687][ T5111] Call Trace: [ 52.023980][ T5111] [ 52.026949][ T5111] ? ext4_xattr_block_find+0x520/0x520 [ 52.032535][ T5111] ? ext4_reserve_inode_write+0x2b7/0x360 [ 52.038274][ T5111] ? ext4_mark_iloc_dirty+0x1de0/0x1de0 [ 52.043874][ T5111] ? ext4_mkdir+0x425/0xce0 [ 52.048454][ T5111] ? ext4_xattr_block_find+0xda/0x520 [ 52.053865][ T5111] ? __x64_sys_mkdirat+0x89/0xa0 [ 52.058799][ T5111] ? ext4_xattr_ibody_set+0xfd/0x330 [ 52.064172][ T5111] ext4_xattr_set_handle+0xcd4/0x15c0 [ 52.069581][ T5111] ? ext4_xattr_set_entry+0x3bf0/0x3bf0 [ 52.075192][ T5111] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 52.081297][ T5111] ext4_initxattrs+0xa3/0x110 [ 52.085985][ T5111] security_inode_init_security+0x2df/0x3f0 [ 52.091931][ T5111] ? ext4_init_security+0x40/0x40 [ 52.096953][ T5111] ? security_dentry_create_files_as+0xc0/0xc0 [ 52.103140][ T5111] ? ext4_init_acl+0x387/0x400 [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] exit_group(0 [pid 5089] <... futex resumed>) = ? [pid 5080] <... exit_group resumed>) = ? [pid 5089] +++ exited with 0 +++ [ 52.107937][ T5111] ? _raw_spin_unlock+0x28/0x40 [ 52.112866][ T5111] ? insert_inode_locked+0x3b7/0x410 [ 52.118168][ T5111] ? ext4_has_metadata_csum+0x12f/0x1c0 [ 52.123800][ T5111] __ext4_new_inode+0x347e/0x43d0 [ 52.128890][ T5111] ? ext4_has_group_desc_csum+0x1e0/0x1e0 [ 52.134675][ T5111] ? smk_access+0x477/0x4b0 [ 52.139207][ T5111] ? smk_tskacc+0x2ff/0x360 [ 52.143760][ T5111] ext4_mkdir+0x425/0xce0 [ 52.148115][ T5111] ? ext4_symlink+0xb30/0xb30 [ 52.152879][ T5111] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 52.157913][ T5111] ? security_inode_mkdir+0xb8/0x100 [ 52.163256][ T5111] vfs_mkdir+0x29d/0x450 [ 52.167513][ T5111] do_mkdirat+0x264/0x520 [ 52.171901][ T5111] ? vfs_mkdir+0x450/0x450 [ 52.176326][ T5111] ? getname_flags+0x1f0/0x4e0 [ 52.181095][ T5111] __x64_sys_mkdirat+0x89/0xa0 [ 52.185928][ T5111] do_syscall_64+0x41/0xc0 [ 52.190369][ T5111] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.196365][ T5111] RIP: 0033:0x7faafca506d9 [ 52.200801][ T5111] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.220507][ T5111] RSP: 002b:00007faaf461b2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 52.228976][ T5111] RAX: ffffffffffffffda RBX: 00007faafcad57b0 RCX: 00007faafca506d9 [ 52.237038][ T5111] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000005 [ 52.245146][ T5111] RBP: 00007faafcaa2590 R08: 0000000000000000 R09: 0000000000000000 [ 52.253181][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faafcaa20c0 [ 52.261202][ T5111] R13: 3d6469677365722c R14: 0030656c69662f2e R15: 00007faafcad57b8 [ 52.269188][ T5111] [ 52.272281][ T5111] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 52.279554][ T5111] CPU: 0 PID: 5111 Comm: syz-executor374 Not tainted 6.2.0-syzkaller-13467-g0988a0ea7919 #0 [ 52.289624][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 52.299666][ T5111] Call Trace: [ 52.302937][ T5111] [ 52.305858][ T5111] dump_stack_lvl+0x1e7/0x2d0 [ 52.310545][ T5111] ? nf_tcp_handle_invalid+0x650/0x650 [ 52.316021][ T5111] ? vsnprintf+0x17f/0x1d80 [ 52.320526][ T5111] ? panic+0x770/0x770 [ 52.324609][ T5111] ? vscnprintf+0x5d/0x80 [ 52.328943][ T5111] panic+0x31c/0x770 [ 52.332847][ T5111] ? __warn+0x16c/0x610 [ 52.337005][ T5111] ? memcpy_page_flushcache+0x100/0x100 [ 52.342568][ T5111] __warn+0x434/0x610 [ 52.346553][ T5111] ? ext4_xattr_block_set+0x2ef2/0x3680 [ 52.352106][ T5111] report_bug+0x2b3/0x500 [ 52.356432][ T5111] ? ext4_xattr_block_set+0x2ef2/0x3680 [ 52.361980][ T5111] handle_bug+0x3d/0x70 [ 52.366135][ T5111] exc_invalid_op+0x1a/0x50 [ 52.370636][ T5111] asm_exc_invalid_op+0x1a/0x20 [ 52.375488][ T5111] RIP: 0010:ext4_xattr_block_set+0x2ef2/0x3680 [ 52.381657][ T5111] Code: b3 3d ff 48 8b 7c 24 50 4c 89 ee e8 88 2f c1 ff 45 31 ed e9 86 f4 ff ff e8 1b b3 3d ff 45 31 ed e9 79 f4 ff ff e8 0e b3 3d ff <0f> 0b e9 5d f2 ff ff e8 02 b3 3d ff 0f 0b 43 80 3c 26 00 0f 85 6f [ 52.401266][ T5111] RSP: 0018:ffffc90003dcf4a0 EFLAGS: 00010293 [ 52.407338][ T5111] RAX: ffffffff824f0a52 RBX: 1ffff920007b9f11 RCX: ffff8880296f8000 [ 52.415306][ T5111] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 52.423268][ T5111] RBP: ffffc90003dcf6d0 R08: ffffffff8213bec0 R09: ffffed100413b2ae [ 52.431243][ T5111] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 52.439210][ T5111] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc90003dcf860 [ 52.447183][ T5111] ? dquot_initialize_needed+0x170/0x320 [ 52.452813][ T5111] ? ext4_xattr_block_set+0x2ef2/0x3680 [ 52.458381][ T5111] ? ext4_xattr_block_find+0x520/0x520 [ 52.463842][ T5111] ? ext4_reserve_inode_write+0x2b7/0x360 [ 52.469561][ T5111] ? ext4_mark_iloc_dirty+0x1de0/0x1de0 [ 52.475100][ T5111] ? ext4_mkdir+0x425/0xce0 [ 52.479613][ T5111] ? ext4_xattr_block_find+0xda/0x520 [ 52.484993][ T5111] ? __x64_sys_mkdirat+0x89/0xa0 [ 52.489942][ T5111] ? ext4_xattr_ibody_set+0xfd/0x330 [ 52.495235][ T5111] ext4_xattr_set_handle+0xcd4/0x15c0 [ 52.500623][ T5111] ? ext4_xattr_set_entry+0x3bf0/0x3bf0 [ 52.506166][ T5111] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 52.512166][ T5111] ext4_initxattrs+0xa3/0x110 [ 52.516846][ T5111] security_inode_init_security+0x2df/0x3f0 [ 52.522740][ T5111] ? ext4_init_security+0x40/0x40 [ 52.527768][ T5111] ? security_dentry_create_files_as+0xc0/0xc0 [ 52.533916][ T5111] ? ext4_init_acl+0x387/0x400 [ 52.538685][ T5111] ? _raw_spin_unlock+0x28/0x40 [ 52.543535][ T5111] ? insert_inode_locked+0x3b7/0x410 [ 52.548819][ T5111] ? ext4_has_metadata_csum+0x12f/0x1c0 [ 52.554361][ T5111] __ext4_new_inode+0x347e/0x43d0 [ 52.559401][ T5111] ? ext4_has_group_desc_csum+0x1e0/0x1e0 [ 52.565112][ T5111] ? smk_access+0x477/0x4b0 [ 52.569619][ T5111] ? smk_tskacc+0x2ff/0x360 [ 52.574125][ T5111] ext4_mkdir+0x425/0xce0 [ 52.578461][ T5111] ? ext4_symlink+0xb30/0xb30 [ 52.583134][ T5111] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 52.588150][ T5111] ? security_inode_mkdir+0xb8/0x100 [ 52.593432][ T5111] vfs_mkdir+0x29d/0x450 [ 52.597675][ T5111] do_mkdirat+0x264/0x520 [ 52.601998][ T5111] ? vfs_mkdir+0x450/0x450 [ 52.606409][ T5111] ? getname_flags+0x1f0/0x4e0 [ 52.611177][ T5111] __x64_sys_mkdirat+0x89/0xa0 [ 52.615944][ T5111] do_syscall_64+0x41/0xc0 [ 52.620363][ T5111] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.626249][ T5111] RIP: 0033:0x7faafca506d9 [ 52.630664][ T5111] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 52.650272][ T5111] RSP: 002b:00007faaf461b2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 52.658679][ T5111] RAX: ffffffffffffffda RBX: 00007faafcad57b0 RCX: 00007faafca506d9 [ 52.666642][ T5111] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000005 [ 52.674606][ T5111] RBP: 00007faafcaa2590 R08: 0000000000000000 R09: 0000000000000000 [ 52.682570][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faafcaa20c0 [ 52.690531][ T5111] R13: 3d6469677365722c R14: 0030656c69662f2e R15: 00007faafcad57b8 [ 52.698597][ T5111] [ 52.701770][ T5111] Kernel Offset: disabled [ 52.706169][ T5111] Rebooting in 86400 seconds..