./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1374858784 <...> Warning: Permanently added '10.128.1.83' (ED25519) to the list of known hosts. execve("./syz-executor1374858784", ["./syz-executor1374858784"], 0x7ffd9a8bbc40 /* 10 vars */) = 0 brk(NULL) = 0x55556ac84000 brk(0x55556ac84d40) = 0x55556ac84d40 arch_prctl(ARCH_SET_FS, 0x55556ac843c0) = 0 set_tid_address(0x55556ac84690) = 5255 set_robust_list(0x55556ac846a0, 24) = 0 rseq(0x55556ac84ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1374858784", 4096) = 28 getrandom("\xd9\xfd\x5b\x04\x37\xa9\x51\xcf", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556ac84d40 brk(0x55556aca5d40) = 0x55556aca5d40 brk(0x55556aca6000) = 0x55556aca6000 mprotect(0x7fe3520c4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5256 attached , child_tidptr=0x55556ac84690) = 5256 [pid 5256] set_robust_list(0x55556ac846a0, 24) = 0 [pid 5255] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "10000000000", 11) = 11 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "20", 2) = 2 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "1", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "0", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "0", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "1", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "100", 3) = 3 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "0", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "0", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "7 4 1 3", 7) = 7 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "1", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "1", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "0", 1) = 1 [pid 5255] close(3) = 0 [pid 5255] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "5256", 4) = 4 [pid 5255] close(3) = 0 [pid 5255] kill(5256, SIGKILL) = 0 [pid 5256] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5256, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5257 attached , child_tidptr=0x55556ac84690) = 5257 [pid 5257] set_robust_list(0x55556ac846a0, 24) = 0 [pid 5255] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5257] mkdir("./syzkaller.EY8uNU", 0700./strace-static-x86_64: Process 5258 attached [pid 5255] <... clone resumed>, child_tidptr=0x55556ac84690) = 5258 [pid 5257] <... mkdir resumed>) = 0 [pid 5258] set_robust_list(0x55556ac846a0, 24) = 0 [pid 5255] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5258] mkdir("./syzkaller.mAMkUN", 0700 [pid 5257] chmod("./syzkaller.EY8uNU", 0777) = 0 [pid 5258] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5259 attached [pid 5257] chdir("./syzkaller.EY8uNU" [pid 5259] set_robust_list(0x55556ac846a0, 24 [pid 5258] chmod("./syzkaller.mAMkUN", 0777 [pid 5257] <... chdir resumed>) = 0 [pid 5255] <... clone resumed>, child_tidptr=0x55556ac84690) = 5259 [pid 5259] <... set_robust_list resumed>) = 0 [pid 5258] <... chmod resumed>) = 0 [pid 5257] mkdir("./0", 0777 [pid 5255] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5259] mkdir("./syzkaller.njbeTX", 0700 [pid 5258] chdir("./syzkaller.mAMkUN"./strace-static-x86_64: Process 5260 attached [pid 5257] <... mkdir resumed>) = 0 [pid 5255] <... clone resumed>, child_tidptr=0x55556ac84690) = 5260 [pid 5260] set_robust_list(0x55556ac846a0, 24 [pid 5255] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5259] <... mkdir resumed>) = 0 [pid 5260] <... set_robust_list resumed>) = 0 [pid 5260] mkdir("./syzkaller.TqVXqF", 0700 [pid 5259] chmod("./syzkaller.njbeTX", 0777 [pid 5258] <... chdir resumed>) = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5258] mkdir("./0", 0777 [pid 5260] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5261 attached [pid 5259] <... chmod resumed>) = 0 [pid 5258] <... mkdir resumed>) = 0 [pid 5257] ioctl(3, LOOP_CLR_FD [pid 5255] <... clone resumed>, child_tidptr=0x55556ac84690) = 5261 [pid 5261] set_robust_list(0x55556ac846a0, 24 [pid 5260] chmod("./syzkaller.TqVXqF", 0777 [pid 5259] chdir("./syzkaller.njbeTX" [pid 5258] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5261] <... set_robust_list resumed>) = 0 [pid 5260] <... chmod resumed>) = 0 [pid 5259] <... chdir resumed>) = 0 [pid 5257] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5259] mkdir("./0", 0777 [pid 5258] <... openat resumed>) = 3 [pid 5257] close(3 [pid 5261] mkdir("./syzkaller.Ip5bR0", 0700 [pid 5260] chdir("./syzkaller.TqVXqF" [pid 5258] ioctl(3, LOOP_CLR_FD [pid 5261] <... mkdir resumed>) = 0 [pid 5260] <... chdir resumed>) = 0 [pid 5259] <... mkdir resumed>) = 0 [pid 5258] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5257] <... close resumed>) = 0 [pid 5260] mkdir("./0", 0777 [pid 5261] chmod("./syzkaller.Ip5bR0", 0777 [pid 5260] <... mkdir resumed>) = 0 [pid 5259] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5258] close(3 [pid 5257] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5261] <... chmod resumed>) = 0 [pid 5258] <... close resumed>) = 0 [pid 5261] chdir("./syzkaller.Ip5bR0" [pid 5259] <... openat resumed>) = 3 [pid 5258] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5261] <... chdir resumed>) = 0 [pid 5261] mkdir("./0", 0777 [pid 5259] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5261] <... mkdir resumed>) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5259] close(3 [pid 5260] <... openat resumed>) = 3 [pid 5259] <... close resumed>) = 0 [pid 5259] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5263 attached [pid 5257] <... clone resumed>, child_tidptr=0x55556ac84690) = 5263 [pid 5263] set_robust_list(0x55556ac846a0, 24 [pid 5260] ioctl(3, LOOP_CLR_FD [pid 5258] <... clone resumed>, child_tidptr=0x55556ac84690) = 5264 ./strace-static-x86_64: Process 5264 attached [pid 5263] <... set_robust_list resumed>) = 0 [pid 5263] chdir("./0" [pid 5261] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5260] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5261] <... openat resumed>) = 3 [pid 5260] close(3./strace-static-x86_64: Process 5265 attached ) = 0 [pid 5265] set_robust_list(0x55556ac846a0, 24 [pid 5261] ioctl(3, LOOP_CLR_FD [pid 5260] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5265] <... set_robust_list resumed>) = 0 [pid 5261] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5259] <... clone resumed>, child_tidptr=0x55556ac84690) = 5265 [pid 5265] chdir("./0" [pid 5261] close(3) = 0 [pid 5265] <... chdir resumed>) = 0 [pid 5261] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5265] setpgid(0, 0./strace-static-x86_64: Process 5266 attached [pid 5264] set_robust_list(0x55556ac846a0, 24 [pid 5263] <... chdir resumed>) = 0 [pid 5260] <... clone resumed>, child_tidptr=0x55556ac84690) = 5266 [pid 5265] <... setpgid resumed>) = 0 [pid 5264] <... set_robust_list resumed>) = 0 [pid 5263] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5266] set_robust_list(0x55556ac846a0, 24 [pid 5265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5264] chdir("./0" [pid 5263] <... prctl resumed>) = 0 [pid 5266] <... set_robust_list resumed>) = 0 [pid 5264] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5267 attached [pid 5266] chdir("./0" [pid 5265] <... openat resumed>) = 3 [pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5263] setpgid(0, 0 [pid 5266] <... chdir resumed>) = 0 [pid 5264] <... prctl resumed>) = 0 [pid 5263] <... setpgid resumed>) = 0 [pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5267] set_robust_list(0x55556ac846a0, 24 [pid 5266] <... prctl resumed>) = 0 [pid 5265] write(3, "1000", 4 [pid 5264] setpgid(0, 0 [pid 5263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5261] <... clone resumed>, child_tidptr=0x55556ac84690) = 5267 [pid 5267] <... set_robust_list resumed>) = 0 [pid 5266] setpgid(0, 0 [pid 5265] <... write resumed>) = 4 [pid 5264] <... setpgid resumed>) = 0 [pid 5263] <... openat resumed>) = 3 [pid 5267] chdir("./0" [pid 5266] <... setpgid resumed>) = 0 [pid 5265] close(3 [pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5263] write(3, "1000", 4 [pid 5267] <... chdir resumed>) = 0 [pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5265] <... close resumed>) = 0 [pid 5263] <... write resumed>) = 4 [pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5266] <... openat resumed>) = 3 [pid 5265] symlink("/dev/binderfs", "./binderfs" [pid 5264] <... openat resumed>) = 3 [pid 5263] close(3 [pid 5267] <... prctl resumed>) = 0 [pid 5266] write(3, "1000", 4 [pid 5264] write(3, "1000", 4 [pid 5263] <... close resumed>) = 0 [pid 5267] setpgid(0, 0 [pid 5266] <... write resumed>) = 4 [pid 5265] <... symlink resumed>) = 0 [pid 5264] <... write resumed>) = 4 [pid 5263] symlink("/dev/binderfs", "./binderfs" [pid 5267] <... setpgid resumed>) = 0 [pid 5266] close(3 [pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5263] <... symlink resumed>) = 0 [pid 5266] <... close resumed>) = 0 executing program executing program executing program [pid 5267] <... openat resumed>) = 3 [pid 5266] symlink("/dev/binderfs", "./binderfs" [pid 5263] write(1, "executing program\n", 18 [pid 5265] write(1, "executing program\n", 18) = 18 [pid 5267] write(3, "1000", 4 [pid 5266] <... symlink resumed>) = 0 [pid 5265] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5263] <... write resumed>) = 18 [pid 5264] close(3 [pid 5267] <... write resumed>) = 4 [pid 5266] write(1, "executing program\n", 18 [pid 5265] <... futex resumed>) = 0 [pid 5263] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5266] <... write resumed>) = 18 [pid 5264] <... close resumed>) = 0 [pid 5263] <... futex resumed>) = 0 [pid 5266] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5264] symlink("/dev/binderfs", "./binderfs" [pid 5263] rt_sigaction(SIGRT_1, {sa_handler=0x7fe35205f1e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe352050390}, [pid 5266] <... futex resumed>) = 0 [pid 5263] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5266] rt_sigaction(SIGRT_1, {sa_handler=0x7fe35205f1e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe352050390}, [pid 5263] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5266] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5266] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5267] close(3 [pid 5265] rt_sigaction(SIGRT_1, {sa_handler=0x7fe35205f1e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe352050390}, [pid 5263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5267] <... close resumed>) = 0 [pid 5266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5265] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5267] symlink("/dev/binderfs", "./binderfs"executing program [pid 5266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5265] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5263] <... mmap resumed>) = 0x7fe351fce000 [pid 5267] <... symlink resumed>) = 0 [pid 5266] <... mmap resumed>) = 0x7fe351fce000 [pid 5265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5264] <... symlink resumed>) = 0 [pid 5263] mprotect(0x7fe351fcf000, 131072, PROT_READ|PROT_WRITE [pid 5267] write(1, "executing program\n", 18 [pid 5266] mprotect(0x7fe351fcf000, 131072, PROT_READ|PROT_WRITE [pid 5265] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5267] <... write resumed>) = 18 [pid 5265] <... mmap resumed>) = 0x7fe351fce000 [pid 5267] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5265] mprotect(0x7fe351fcf000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5263] <... mprotect resumed>) = 0 [pid 5267] <... futex resumed>) = 0 [pid 5266] <... mprotect resumed>) = 0 [pid 5265] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5267] rt_sigaction(SIGRT_1, {sa_handler=0x7fe35205f1e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe352050390}, [pid 5263] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5267] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5266] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5265] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5263] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5264] write(1, "executing program\n", 18 [pid 5267] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5266] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5265] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fee990, parent_tid=0x7fe351fee990, exit_signal=0, stack=0x7fe351fce000, stack_size=0x20300, tls=0x7fe351fee6c0} [pid 5263] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fee990, parent_tid=0x7fe351fee990, exit_signal=0, stack=0x7fe351fce000, stack_size=0x20300, tls=0x7fe351fee6c0} [pid 5267] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5266] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fee990, parent_tid=0x7fe351fee990, exit_signal=0, stack=0x7fe351fce000, stack_size=0x20300, tls=0x7fe351fee6c0}./strace-static-x86_64: Process 5268 attached [pid 5267] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program ./strace-static-x86_64: Process 5269 attached [pid 5268] rseq(0x7fe351feefe0, 0x20, 0, 0x53053053 [pid 5267] <... mmap resumed>) = 0x7fe351fce000 [pid 5266] <... clone3 resumed> => {parent_tid=[5269]}, 88) = 5269 [pid 5265] <... clone3 resumed> => {parent_tid=[5268]}, 88) = 5268 [pid 5264] <... write resumed>) = 18 ./strace-static-x86_64: Process 5270 attached [pid 5268] <... rseq resumed>) = 0 [pid 5267] mprotect(0x7fe351fcf000, 131072, PROT_READ|PROT_WRITE [pid 5266] rt_sigprocmask(SIG_SETMASK, [], [pid 5265] rt_sigprocmask(SIG_SETMASK, [], [pid 5263] <... clone3 resumed> => {parent_tid=[5270]}, 88) = 5270 [pid 5270] rseq(0x7fe351feefe0, 0x20, 0, 0x53053053 [pid 5269] rseq(0x7fe351feefe0, 0x20, 0, 0x53053053 [pid 5268] set_robust_list(0x7fe351fee9a0, 24 [pid 5267] <... mprotect resumed>) = 0 [pid 5266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5264] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5270] <... rseq resumed>) = 0 [pid 5269] <... rseq resumed>) = 0 [pid 5268] <... set_robust_list resumed>) = 0 [pid 5267] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5266] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5265] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5263] rt_sigprocmask(SIG_SETMASK, [], [pid 5269] set_robust_list(0x7fe351fee9a0, 24 [pid 5268] rt_sigprocmask(SIG_SETMASK, [], [pid 5266] <... futex resumed>) = 0 [pid 5270] set_robust_list(0x7fe351fee9a0, 24 [pid 5269] <... set_robust_list resumed>) = 0 [pid 5264] <... futex resumed>) = 0 [pid 5270] <... set_robust_list resumed>) = 0 [pid 5269] rt_sigprocmask(SIG_SETMASK, [], [pid 5266] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5264] rt_sigaction(SIGRT_1, {sa_handler=0x7fe35205f1e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe352050390}, [pid 5263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5268] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5267] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5265] <... futex resumed>) = 0 [pid 5270] rt_sigprocmask(SIG_SETMASK, [], [pid 5269] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5268] memfd_create("syzkaller", 0 [pid 5267] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fee990, parent_tid=0x7fe351fee990, exit_signal=0, stack=0x7fe351fce000, stack_size=0x20300, tls=0x7fe351fee6c0} [pid 5265] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5264] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5263] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5271 attached [pid 5271] rseq(0x7fe351feefe0, 0x20, 0, 0x53053053 [pid 5268] <... memfd_create resumed>) = 3 [pid 5271] <... rseq resumed>) = 0 [pid 5267] <... clone3 resumed> => {parent_tid=[5271]}, 88) = 5271 [pid 5271] set_robust_list(0x7fe351fee9a0, 24 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5267] rt_sigprocmask(SIG_SETMASK, [], [pid 5271] <... set_robust_list resumed>) = 0 [pid 5271] rt_sigprocmask(SIG_SETMASK, [], [pid 5268] <... mmap resumed>) = 0x7fe349a00000 [pid 5267] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5271] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5268] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5267] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5271] memfd_create("syzkaller", 0 [pid 5270] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5267] <... futex resumed>) = 0 [pid 5271] <... memfd_create resumed>) = 3 [pid 5269] memfd_create("syzkaller", 0 [pid 5267] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5270] memfd_create("syzkaller", 0 [pid 5263] <... futex resumed>) = 0 [pid 5264] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe349a00000 [pid 5270] <... memfd_create resumed>) = 3 [pid 5269] <... memfd_create resumed>) = 3 [pid 5264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5263] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5270] <... mmap resumed>) = 0x7fe349a00000 [pid 5269] <... mmap resumed>) = 0x7fe349a00000 [pid 5268] <... write resumed>) = 65536 [pid 5264] <... mmap resumed>) = 0x7fe351fce000 [pid 5271] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5270] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5264] mprotect(0x7fe351fcf000, 131072, PROT_READ|PROT_WRITE [pid 5268] munmap(0x7fe349a00000, 138412032 [pid 5264] <... mprotect resumed>) = 0 [pid 5269] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5268] <... munmap resumed>) = 0 [pid 5264] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5271] <... write resumed>) = 65536 [pid 5270] <... write resumed>) = 65536 [pid 5264] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5270] munmap(0x7fe349a00000, 138412032 [pid 5269] <... write resumed>) = 65536 [pid 5268] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5264] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fee990, parent_tid=0x7fe351fee990, exit_signal=0, stack=0x7fe351fce000, stack_size=0x20300, tls=0x7fe351fee6c0}./strace-static-x86_64: Process 5272 attached [pid 5271] munmap(0x7fe349a00000, 138412032 [pid 5270] <... munmap resumed>) = 0 [pid 5272] rseq(0x7fe351feefe0, 0x20, 0, 0x53053053 [pid 5271] <... munmap resumed>) = 0 [pid 5269] munmap(0x7fe349a00000, 138412032 [pid 5268] <... openat resumed>) = 4 [pid 5264] <... clone3 resumed> => {parent_tid=[5272]}, 88) = 5272 [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5269] <... munmap resumed>) = 0 [pid 5264] rt_sigprocmask(SIG_SETMASK, [], [pid 5272] <... rseq resumed>) = 0 [pid 5271] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5270] <... openat resumed>) = 4 [pid 5268] ioctl(4, LOOP_SET_FD, 3 [pid 5264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5272] set_robust_list(0x7fe351fee9a0, 24 [pid 5271] <... openat resumed>) = 4 [pid 5264] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5272] <... set_robust_list resumed>) = 0 [pid 5271] ioctl(4, LOOP_SET_FD, 3 [pid 5270] ioctl(4, LOOP_SET_FD, 3 [pid 5269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5264] <... futex resumed>) = 0 [pid 5272] rt_sigprocmask(SIG_SETMASK, [], [pid 5271] <... ioctl resumed>) = 0 [pid 5268] <... ioctl resumed>) = 0 [pid 5264] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5269] <... openat resumed>) = 4 [pid 5269] ioctl(4, LOOP_SET_FD, 3 [pid 5272] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5271] close(3 [pid 5270] <... ioctl resumed>) = 0 [pid 5268] close(3 [pid 5272] memfd_create("syzkaller", 0 [pid 5271] <... close resumed>) = 0 [pid 5268] <... close resumed>) = 0 [pid 5268] close(4 [pid 5271] close(4 [pid 5272] <... memfd_create resumed>) = 3 [pid 5268] <... close resumed>) = 0 [pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5271] <... close resumed>) = 0 [pid 5270] close(3 [pid 5269] <... ioctl resumed>) = 0 [pid 5272] <... mmap resumed>) = 0x7fe349a00000 [pid 5271] mkdir("./file0", 0777 [pid 5270] <... close resumed>) = 0 [pid 5268] mkdir("./file0", 0777 [pid 5270] close(4) = 0 [pid 5269] close(3 [pid 5270] mkdir("./file0", 0777 [pid 5269] <... close resumed>) = 0 [pid 5270] <... mkdir resumed>) = 0 [pid 5269] close(4) = 0 [pid 5269] mkdir("./file0", 0777) = 0 [pid 5270] mount("/dev/loop0", "./file0", "sysv", MS_RDONLY|MS_SYNCHRONOUS|MS_STRICTATIME, "" [pid 5271] <... mkdir resumed>) = 0 [pid 5268] <... mkdir resumed>) = 0 [pid 5271] mount("/dev/loop4", "./file0", "sysv", MS_RDONLY|MS_SYNCHRONOUS|MS_STRICTATIME, "" [pid 5268] mount("/dev/loop2", "./file0", "sysv", MS_RDONLY|MS_SYNCHRONOUS|MS_STRICTATIME, "" [ 461.484298][ T5268] loop2: detected capacity change from 0 to 128 [ 461.484921][ T5271] loop4: detected capacity change from 0 to 128 [ 461.502281][ T5270] loop0: detected capacity change from 0 to 128 [ 461.512401][ T5269] loop3: detected capacity change from 0 to 128 [pid 5269] mount("/dev/loop3", "./file0", "sysv", MS_RDONLY|MS_SYNCHRONOUS|MS_STRICTATIME, "" [pid 5272] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536) = 65536 [pid 5272] munmap(0x7fe349a00000, 138412032) = 0 [pid 5272] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5271] <... mount resumed>) = 0 [pid 5268] <... mount resumed>) = 0 [pid 5272] <... openat resumed>) = 4 [pid 5271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5270] <... mount resumed>) = 0 [pid 5269] <... mount resumed>) = 0 [pid 5268] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5272] ioctl(4, LOOP_SET_FD, 3 [pid 5271] <... openat resumed>) = 3 [pid 5269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5268] <... openat resumed>) = 3 [pid 5270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5269] <... openat resumed>) = 3 [pid 5268] chdir("./file0" [pid 5270] <... openat resumed>) = 3 [ 461.555711][ T5271] VFS: Found a Xenix FS (block size = 1024) on device loop4 [ 461.559378][ T5270] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 461.569746][ T5268] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 461.584284][ T5269] VFS: Found a Xenix FS (block size = 1024) on device loop3 [pid 5270] chdir("./file0") = 0 [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5270] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5263] <... futex resumed>) = 0 [pid 5263] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5263] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5271] chdir("./file0" [pid 5270] open("./bus", O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK|O_SYNC|O_NOFOLLOW|O_CLOEXEC|0x3c, 000 [pid 5268] <... chdir resumed>) = 0 [pid 5272] <... ioctl resumed>) = 0 [pid 5271] <... chdir resumed>) = 0 [pid 5269] chdir("./file0" [pid 5268] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5269] <... chdir resumed>) = 0 [pid 5272] close(3 [pid 5271] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5268] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5271] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5272] <... close resumed>) = 0 [pid 5269] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5268] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5272] close(4 [pid 5269] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5268] <... futex resumed>) = 1 [pid 5271] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5265] <... futex resumed>) = 0 [pid 5271] <... futex resumed>) = 1 [pid 5268] futex(0x7fe3520ca6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5265] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5272] <... close resumed>) = 0 [pid 5271] futex(0x7fe3520ca6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5269] <... futex resumed>) = 1 [pid 5268] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5267] <... futex resumed>) = 0 [pid 5265] <... futex resumed>) = 0 [pid 5272] mkdir("./file0", 0777 [pid 5269] futex(0x7fe3520ca6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5268] open("./bus", O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK|O_SYNC|O_NOFOLLOW|O_CLOEXEC|0x3c, 000 [pid 5267] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5265] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5271] <... futex resumed>) = 0 [pid 5267] <... futex resumed>) = 1 [pid 5266] <... futex resumed>) = 0 [pid 5266] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 461.613512][ T5272] loop1: detected capacity change from 0 to 128 [ 461.622980][ T5270] syz-executor137: attempt to access beyond end of device [ 461.622980][ T5270] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 461.642918][ T5270] Buffer I/O error on dev loop0, logical block 3245768, async page read [pid 5266] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5271] open("./bus", O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK|O_SYNC|O_NOFOLLOW|O_CLOEXEC|0x3c, 000 [pid 5269] <... futex resumed>) = 0 [pid 5267] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5272] <... mkdir resumed>) = 0 [pid 5263] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5263] futex(0x7fe3520ca6bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe351fad000 [pid 5263] mprotect(0x7fe351fae000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5263] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 461.659842][ T5268] syz-executor137: attempt to access beyond end of device [ 461.659842][ T5268] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 461.664952][ T5270] syz-executor137: attempt to access beyond end of device [ 461.664952][ T5270] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 461.675229][ T5268] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 461.699435][ T5271] syz-executor137: attempt to access beyond end of device [ 461.699435][ T5271] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5263] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fcd990, parent_tid=0x7fe351fcd990, exit_signal=0, stack=0x7fe351fad000, stack_size=0x20300, tls=0x7fe351fcd6c0} [pid 5272] mount("/dev/loop1", "./file0", "sysv", MS_RDONLY|MS_SYNCHRONOUS|MS_STRICTATIME, "" [pid 5263] <... clone3 resumed> => {parent_tid=[5275]}, 88) = 5275 [pid 5263] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5275 attached [pid 5269] open("./bus", O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK|O_SYNC|O_NOFOLLOW|O_CLOEXEC|0x3c, 000 [pid 5265] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5263] futex(0x7fe3520ca6b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5266] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5263] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5266] futex(0x7fe3520ca6bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe351fad000 [pid 5266] mprotect(0x7fe351fae000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5266] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5266] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fcd990, parent_tid=0x7fe351fcd990, exit_signal=0, stack=0x7fe351fad000, stack_size=0x20300, tls=0x7fe351fcd6c0} => {parent_tid=[5276]}, 88) = 5276 [pid 5266] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5266] futex(0x7fe3520ca6b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5266] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5265] futex(0x7fe3520ca6bc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5276 attached [pid 5276] rseq(0x7fe351fcdfe0, 0x20, 0, 0x53053053) = 0 [pid 5276] set_robust_list(0x7fe351fcd9a0, 24) = 0 [pid 5276] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 461.700161][ T5272] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 461.714047][ T5271] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 461.729972][ T5269] syz-executor137: attempt to access beyond end of device [ 461.729972][ T5269] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 461.736948][ T5270] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 461.745913][ T5268] syz-executor137: attempt to access beyond end of device [pid 5276] mount(NULL, "./bus", NULL, MS_BIND, NULL [pid 5275] rseq(0x7fe351fcdfe0, 0x20, 0, 0x53053053 [pid 5265] <... futex resumed>) = 0 [pid 5272] <... mount resumed>) = 0 [pid 5272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5272] chdir("./file0") = 0 [pid 5272] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5272] futex(0x7fe3520ca6ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5272] futex(0x7fe3520ca6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5264] <... futex resumed>) = 0 [pid 5264] futex(0x7fe3520ca6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5272] <... futex resumed>) = 0 [pid 5264] <... futex resumed>) = 1 [pid 5272] open("./bus", O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK|O_SYNC|O_NOFOLLOW|O_CLOEXEC|0x3c, 000 [pid 5275] <... rseq resumed>) = 0 [pid 5266] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5265] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5264] futex(0x7fe3520ca6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5263] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5267] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5267] futex(0x7fe3520ca6bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 461.745913][ T5268] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 461.757294][ T5272] syz-executor137: attempt to access beyond end of device [ 461.757294][ T5272] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 461.768093][ T5268] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 461.783690][ T5270] syz-executor137: attempt to access beyond end of device [ 461.783690][ T5270] loop0: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 461.790525][ T5268] syz-executor137: attempt to access beyond end of device [pid 5267] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5275] set_robust_list(0x7fe351fcd9a0, 24 [pid 5267] <... mmap resumed>) = 0x7fe351fad000 [pid 5265] <... mmap resumed>) = 0x7fe351fad000 [pid 5267] mprotect(0x7fe351fae000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5267] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5267] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fcd990, parent_tid=0x7fe351fcd990, exit_signal=0, stack=0x7fe351fad000, stack_size=0x20300, tls=0x7fe351fcd6c0} [pid 5275] <... set_robust_list resumed>) = 0 [pid 5265] mprotect(0x7fe351fae000, 131072, PROT_READ|PROT_WRITE [pid 5267] <... clone3 resumed> => {parent_tid=[5277]}, 88) = 5277 [pid 5267] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5267] futex(0x7fe3520ca6b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 461.790525][ T5268] loop2: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 461.820671][ T5269] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 461.821526][ T5272] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 461.831550][ T5271] syz-executor137: attempt to access beyond end of device [ 461.831550][ T5271] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 461.851557][ T5272] Buffer I/O error on dev loop1, logical block 8833403, async page read [pid 5267] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5275] rt_sigprocmask(SIG_SETMASK, [], [pid 5265] <... mprotect resumed>) = 0 [pid 5264] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) ./strace-static-x86_64: Process 5277 attached [pid 5264] futex(0x7fe3520ca6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5277] rseq(0x7fe351fcdfe0, 0x20, 0, 0x53053053 [pid 5264] <... futex resumed>) = 0 [pid 5277] <... rseq resumed>) = 0 [pid 5264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5277] set_robust_list(0x7fe351fcd9a0, 24 [pid 5264] <... mmap resumed>) = 0x7fe351fad000 [pid 5277] <... set_robust_list resumed>) = 0 [pid 5264] mprotect(0x7fe351fae000, 131072, PROT_READ|PROT_WRITE [pid 5277] rt_sigprocmask(SIG_SETMASK, [], [pid 5264] <... mprotect resumed>) = 0 [pid 5277] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5275] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5265] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5264] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5277] mount(NULL, "./bus", NULL, MS_BIND, NULL [pid 5264] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5265] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5275] mount(NULL, "./bus", NULL, MS_BIND, NULL [pid 5265] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fcd990, parent_tid=0x7fe351fcd990, exit_signal=0, stack=0x7fe351fad000, stack_size=0x20300, tls=0x7fe351fcd6c0} [pid 5264] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe351fcd990, parent_tid=0x7fe351fcd990, exit_signal=0, stack=0x7fe351fad000, stack_size=0x20300, tls=0x7fe351fcd6c0}./strace-static-x86_64: Process 5278 attached [pid 5265] <... clone3 resumed> => {parent_tid=[5278]}, 88) = 5278 [pid 5278] rseq(0x7fe351fcdfe0, 0x20, 0, 0x53053053) = 0 [pid 5265] rt_sigprocmask(SIG_SETMASK, [], [pid 5264] <... clone3 resumed> => {parent_tid=[5279]}, 88) = 5279 [pid 5265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5278] set_robust_list(0x7fe351fcd9a0, 24 [pid 5264] rt_sigprocmask(SIG_SETMASK, [], [pid 5267] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5264] futex(0x7fe3520ca6b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5264] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5279 attached [pid 5265] futex(0x7fe3520ca6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5279] rseq(0x7fe351fcdfe0, 0x20, 0, 0x53053053 [pid 5278] <... set_robust_list resumed>) = 0 [pid 5279] <... rseq resumed>) = 0 [pid 5279] set_robust_list(0x7fe351fcd9a0, 24) = 0 [pid 5279] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5279] mount(NULL, "./bus", NULL, MS_BIND, NULL [pid 5278] rt_sigprocmask(SIG_SETMASK, [], [pid 5265] <... futex resumed>) = 0 [pid 5278] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5265] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 461.851717][ T5272] Buffer I/O error on dev loop1, logical block 13269809, async page read [ 461.864027][ T5269] Buffer I/O error on dev loop3, logical block 8833403, async page read [pid 5278] mount(NULL, "./bus", NULL, MS_BIND, NULL [pid 5264] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5264] futex(0x7fe3520ca6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5265] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5266] exit_group(0) = ? [pid 5267] exit_group(0) = ? [pid 5263] exit_group(0) = ? [pid 5264] exit_group(0) = ? [pid 5265] exit_group(0) = ? [pid 5258] kill(-5264, SIGKILL [pid 5257] kill(-5263, SIGKILL [pid 5258] <... kill resumed>) = 0 [pid 5257] <... kill resumed>) = 0 [pid 5258] kill(5264, SIGKILL [pid 5257] kill(5263, SIGKILL [pid 5258] <... kill resumed>) = 0 [pid 5257] <... kill resumed>) = 0 [pid 5261] kill(-5267, SIGKILL [pid 5260] kill(-5266, SIGKILL [pid 5261] <... kill resumed>) = 0 [pid 5260] <... kill resumed>) = 0 [pid 5261] kill(5267, SIGKILL [pid 5259] kill(-5265, SIGKILL [pid 5261] <... kill resumed>) = 0 [pid 5260] kill(5266, SIGKILL [pid 5259] <... kill resumed>) = 0 [pid 5260] <... kill resumed>) = 0 [pid 5259] kill(5265, SIGKILL) = 0 [pid 5258] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5258] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5258] getdents64(3, 0x55556ac85730 /* 2 entries */, 32768) = 48 [pid 5258] getdents64(3, 0x55556ac85730 /* 0 entries */, 32768) = 0 [pid 5258] close(3) = 0 [pid 5259] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5259] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5259] getdents64(3, 0x55556ac85730 /* 2 entries */, 32768) = 48 [pid 5259] getdents64(3, 0x55556ac85730 /* 0 entries */, 32768) = 0 [pid 5259] close(3) = 0 [pid 5257] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5257] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5257] getdents64(3, 0x55556ac85730 /* 2 entries */, 32768) = 48 [pid 5257] getdents64(3, 0x55556ac85730 /* 0 entries */, 32768) = 0 [pid 5257] close(3) = 0 [pid 5261] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5261] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5261] getdents64(3, 0x55556ac85730 /* 2 entries */, 32768) = 48 [pid 5261] getdents64(3, 0x55556ac85730 /* 0 entries */, 32768) = 0 [pid 5261] close(3) = 0 [pid 5260] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5260] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5260] getdents64(3, 0x55556ac85730 /* 2 entries */, 32768) = 48 [pid 5260] getdents64(3, 0x55556ac85730 /* 0 entries */, 32768) = 0 [pid 5260] close(3) = 0 [ 624.699614][ T30] INFO: task syz-executor137:5275 blocked for more than 143 seconds. [ 624.707925][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 624.748918][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 624.757666][ T30] task:syz-executor137 state:D stack:28848 pid:5275 tgid:5263 ppid:5257 flags:0x00004006 [ 624.848906][ T30] Call Trace: [ 624.852257][ T30] [ 624.855220][ T30] __schedule+0x17ae/0x4a10 [ 624.889382][ T30] ? __pfx___schedule+0x10/0x10 [ 624.894376][ T30] ? __pfx_lock_release+0x10/0x10 [ 624.938898][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 624.944974][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 624.968897][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 624.974105][ T30] ? schedule+0x90/0x320 [ 624.978395][ T30] schedule+0x14b/0x320 [ 625.008930][ T30] ? down_read+0x6a5/0xa40 [ 625.013460][ T30] schedule_preempt_disabled+0x13/0x30 [ 625.038902][ T30] down_read+0x705/0xa40 [ 625.043238][ T30] ? __pfx_down_read+0x10/0x10 [ 625.048042][ T30] ? __d_lookup+0x64/0x7b0 [ 625.109354][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 625.114906][ T30] ? security_inode_permission+0xb7/0x100 [ 625.138927][ T30] ? link_path_walk+0xc60/0xea0 [ 625.143869][ T30] lookup_slow+0x45/0x70 [ 625.148159][ T30] walk_component+0x2e1/0x410 [ 625.178903][ T30] path_lookupat+0x16f/0x450 [ 625.183593][ T30] filename_lookup+0x256/0x610 [ 625.188410][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 625.238917][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 625.244127][ T30] ? getname_flags+0x1e3/0x540 [ 625.268921][ T30] user_path_at+0x3a/0x60 [ 625.273333][ T30] __se_sys_mount+0x297/0x3c0 [ 625.278052][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 625.308909][ T30] ? do_syscall_64+0x100/0x230 [ 625.313773][ T30] ? __x64_sys_mount+0x20/0xc0 [ 625.318599][ T30] do_syscall_64+0xf3/0x230 [ 625.368900][ T30] ? clear_bhb_loop+0x35/0x90 [ 625.373667][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.418904][ T30] RIP: 0033:0x7fe352038dc9 [ 625.423406][ T30] RSP: 002b:00007fe351fcd228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 625.468915][ T30] RAX: ffffffffffffffda RBX: 00007fe3520ca6b8 RCX: 00007fe352038dc9 [ 625.477055][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000000 [ 625.518896][ T30] RBP: 00007fe3520ca6b0 R08: 0000000000000000 R09: 00007fe351fcd6c0 [ 625.526948][ T30] R10: 0000000000001000 R11: 0000000000000246 R12: 00007fe3520ca6bc [ 625.568895][ T30] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 625.577064][ T30] [ 625.608936][ T30] INFO: task syz-executor137:5279 blocked for more than 144 seconds. [ 625.617089][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 625.648928][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 625.657728][ T30] task:syz-executor137 state:D stack:28504 pid:5279 tgid:5264 ppid:5258 flags:0x00004006 [ 625.688957][ T30] Call Trace: [ 625.692306][ T30] [ 625.695268][ T30] __schedule+0x17ae/0x4a10 [ 625.719474][ T30] ? __pfx___schedule+0x10/0x10 [ 625.724410][ T30] ? __pfx_lock_release+0x10/0x10 [ 625.778935][ T30] ? schedule+0x90/0x320 [ 625.783267][ T30] schedule+0x14b/0x320 [ 625.787472][ T30] ? down_read+0x6a5/0xa40 [ 625.818894][ T30] schedule_preempt_disabled+0x13/0x30 [ 625.824447][ T30] down_read+0x705/0xa40 [ 625.828742][ T30] ? __pfx_down_read+0x10/0x10 [ 625.858912][ T30] ? __d_lookup+0x64/0x7b0 [ 625.863426][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 625.898892][ T30] ? security_inode_permission+0xb7/0x100 [ 625.904701][ T30] ? link_path_walk+0xc60/0xea0 [ 625.938905][ T30] lookup_slow+0x45/0x70 [ 625.943234][ T30] walk_component+0x2e1/0x410 [ 625.947968][ T30] path_lookupat+0x16f/0x450 [ 625.978947][ T30] filename_lookup+0x256/0x610 [ 625.983805][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 626.008997][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 626.014214][ T30] ? getname_flags+0x1e3/0x540 [ 626.044236][ T30] user_path_at+0x3a/0x60 [ 626.048659][ T30] __se_sys_mount+0x297/0x3c0 [ 626.078917][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 626.084201][ T30] ? do_syscall_64+0x100/0x230 [ 626.108979][ T30] ? __x64_sys_mount+0x20/0xc0 [ 626.113830][ T30] do_syscall_64+0xf3/0x230 [ 626.118370][ T30] ? clear_bhb_loop+0x35/0x90 [ 626.158911][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.164969][ T30] RIP: 0033:0x7fe352038dc9 [ 626.188980][ T30] RSP: 002b:00007fe351fcd228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 626.197479][ T30] RAX: ffffffffffffffda RBX: 00007fe3520ca6b8 RCX: 00007fe352038dc9 [ 626.258887][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000000 [ 626.267042][ T30] RBP: 00007fe3520ca6b0 R08: 0000000000000000 R09: 00007fe351fcd6c0 [ 626.318912][ T30] R10: 0000000000001000 R11: 0000000000000246 R12: 00007fe3520ca6bc [ 626.327133][ T30] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 626.388907][ T30] [ 626.392045][ T30] INFO: task syz-executor137:5278 blocked for more than 145 seconds. [ 626.448892][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 626.456593][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 626.508891][ T30] task:syz-executor137 state:D stack:28848 pid:5278 tgid:5265 ppid:5259 flags:0x00004006 [ 626.538971][ T30] Call Trace: [ 626.542321][ T30] [ 626.545390][ T30] __schedule+0x17ae/0x4a10 [ 626.568982][ T30] ? __pfx___schedule+0x10/0x10 [ 626.573933][ T30] ? __pfx_lock_release+0x10/0x10 [ 626.618943][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 626.625023][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 626.658911][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 626.664124][ T30] ? schedule+0x90/0x320 [ 626.668420][ T30] schedule+0x14b/0x320 [ 626.699390][ T30] ? down_read+0x6a5/0xa40 [ 626.703893][ T30] schedule_preempt_disabled+0x13/0x30 [ 626.729397][ T30] down_read+0x705/0xa40 [ 626.733732][ T30] ? __pfx_down_read+0x10/0x10 [ 626.738535][ T30] ? __d_lookup+0x64/0x7b0 [ 626.788970][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 626.794517][ T30] ? security_inode_permission+0xb7/0x100 [ 626.828970][ T30] ? link_path_walk+0xc60/0xea0 [ 626.834091][ T30] lookup_slow+0x45/0x70 [ 626.838380][ T30] walk_component+0x2e1/0x410 [ 626.868975][ T30] path_lookupat+0x16f/0x450 [ 626.873665][ T30] filename_lookup+0x256/0x610 [ 626.878483][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 626.918922][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 626.924130][ T30] ? getname_flags+0x1e3/0x540 [ 626.968979][ T30] user_path_at+0x3a/0x60 [ 626.973398][ T30] __se_sys_mount+0x297/0x3c0 [ 626.978123][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 627.018893][ T30] ? do_syscall_64+0x100/0x230 [ 627.023745][ T30] ? __x64_sys_mount+0x20/0xc0 [ 627.028566][ T30] do_syscall_64+0xf3/0x230 [ 627.058920][ T30] ? clear_bhb_loop+0x35/0x90 [ 627.063688][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.089024][ T30] RIP: 0033:0x7fe352038dc9 [ 627.093515][ T30] RSP: 002b:00007fe351fcd228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 627.128967][ T30] RAX: ffffffffffffffda RBX: 00007fe3520ca6b8 RCX: 00007fe352038dc9 [ 627.137024][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000000 [ 627.208934][ T30] RBP: 00007fe3520ca6b0 R08: 0000000000000000 R09: 00007fe351fcd6c0 [ 627.216983][ T30] R10: 0000000000001000 R11: 0000000000000246 R12: 00007fe3520ca6bc [ 627.258888][ T30] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 627.266970][ T30] [ 627.309186][ T30] INFO: task syz-executor137:5276 blocked for more than 145 seconds. [ 627.317339][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 627.358914][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 627.367647][ T30] task:syz-executor137 state:D stack:28216 pid:5276 tgid:5266 ppid:5260 flags:0x00004006 [ 627.419375][ T30] Call Trace: [ 627.422728][ T30] [ 627.425694][ T30] __schedule+0x17ae/0x4a10 [ 627.468945][ T30] ? __pfx___schedule+0x10/0x10 [ 627.473888][ T30] ? __pfx_lock_release+0x10/0x10 [ 627.508934][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 627.515006][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 627.548899][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 627.554104][ T30] ? schedule+0x90/0x320 [ 627.558402][ T30] schedule+0x14b/0x320 [ 627.588900][ T30] ? down_read+0x6a5/0xa40 [ 627.593494][ T30] schedule_preempt_disabled+0x13/0x30 [ 627.628921][ T30] down_read+0x705/0xa40 [ 627.633259][ T30] ? __pfx_down_read+0x10/0x10 [ 627.638068][ T30] ? __d_lookup+0x64/0x7b0 [ 627.668902][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 627.674449][ T30] ? security_inode_permission+0xb7/0x100 [ 627.708903][ T30] ? link_path_walk+0xc60/0xea0 [ 627.713859][ T30] lookup_slow+0x45/0x70 [ 627.718159][ T30] walk_component+0x2e1/0x410 [ 627.762931][ T30] path_lookupat+0x16f/0x450 [ 627.767624][ T30] filename_lookup+0x256/0x610 [ 627.808931][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 627.814341][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 627.848912][ T30] ? getname_flags+0x1e3/0x540 [ 627.853770][ T30] user_path_at+0x3a/0x60 [ 627.858143][ T30] __se_sys_mount+0x297/0x3c0 [ 627.888964][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 627.894434][ T30] ? do_syscall_64+0x100/0x230 [ 627.928980][ T30] ? __x64_sys_mount+0x20/0xc0 [ 627.933843][ T30] do_syscall_64+0xf3/0x230 [ 627.938386][ T30] ? clear_bhb_loop+0x35/0x90 [ 627.978922][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.984934][ T30] RIP: 0033:0x7fe352038dc9 [ 628.018892][ T30] RSP: 002b:00007fe351fcd228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 628.027482][ T30] RAX: ffffffffffffffda RBX: 00007fe3520ca6b8 RCX: 00007fe352038dc9 [ 628.078911][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000000 [ 628.086957][ T30] RBP: 00007fe3520ca6b0 R08: 0000000000000000 R09: 00007fe351fcd6c0 [ 628.128954][ T30] R10: 0000000000001000 R11: 0000000000000246 R12: 00007fe3520ca6bc [ 628.137013][ T30] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 628.198949][ T30] [ 628.209151][ T30] INFO: task syz-executor137:5277 blocked for more than 146 seconds. [ 628.217271][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 628.279265][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 628.288015][ T30] task:syz-executor137 state:D stack:28848 pid:5277 tgid:5267 ppid:5261 flags:0x00004006 [ 628.338899][ T30] Call Trace: [ 628.342252][ T30] [ 628.345245][ T30] __schedule+0x17ae/0x4a10 [ 628.368995][ T30] ? __pfx___schedule+0x10/0x10 [ 628.373954][ T30] ? __pfx_lock_release+0x10/0x10 [ 628.398904][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 628.404979][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 628.448984][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 628.454303][ T30] ? schedule+0x90/0x320 [ 628.458595][ T30] schedule+0x14b/0x320 [ 628.488962][ T30] ? down_read+0x6a5/0xa40 [ 628.493462][ T30] schedule_preempt_disabled+0x13/0x30 [ 628.518903][ T30] down_read+0x705/0xa40 [ 628.523247][ T30] ? __pfx_down_read+0x10/0x10 [ 628.528073][ T30] ? __d_lookup+0x64/0x7b0 [ 628.558926][ T30] ? bpf_lsm_inode_permission+0x9/0x10 [ 628.564503][ T30] ? security_inode_permission+0xb7/0x100 [ 628.618993][ T30] ? link_path_walk+0xc60/0xea0 [ 628.623938][ T30] lookup_slow+0x45/0x70 [ 628.628257][ T30] walk_component+0x2e1/0x410 [ 628.668965][ T30] path_lookupat+0x16f/0x450 [ 628.673653][ T30] filename_lookup+0x256/0x610 [ 628.678486][ T30] ? __pfx_filename_lookup+0x10/0x10 [ 628.718916][ T30] ? strncpy_from_user+0x1a4/0x2e0 [ 628.724133][ T30] ? getname_flags+0x1e3/0x540 [ 628.758897][ T30] user_path_at+0x3a/0x60 [ 628.763317][ T30] __se_sys_mount+0x297/0x3c0 [ 628.768053][ T30] ? __pfx___se_sys_mount+0x10/0x10 [ 628.818899][ T30] ? do_syscall_64+0x100/0x230 [ 628.823758][ T30] ? __x64_sys_mount+0x20/0xc0 [ 628.828577][ T30] do_syscall_64+0xf3/0x230 [ 628.878894][ T30] ? clear_bhb_loop+0x35/0x90 [ 628.883748][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.909215][ T30] RIP: 0033:0x7fe352038dc9 [ 628.913705][ T30] RSP: 002b:00007fe351fcd228 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 628.948970][ T30] RAX: ffffffffffffffda RBX: 00007fe3520ca6b8 RCX: 00007fe352038dc9 [ 628.957109][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000000 [ 629.008959][ T30] RBP: 00007fe3520ca6b0 R08: 0000000000000000 R09: 00007fe351fcd6c0 [ 629.017096][ T30] R10: 0000000000001000 R11: 0000000000000246 R12: 00007fe3520ca6bc [ 629.078914][ T30] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 629.086986][ T30] [ 629.119100][ T30] [ 629.119100][ T30] Showing all locks held in the system: [ 629.126892][ T30] 1 lock held by khungtaskd/30: [ 629.158894][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 629.189483][ T30] 1 lock held by kswapd0/89: [ 629.194173][ T30] 2 locks held by getty/4981: [ 629.228890][ T30] #0: ffff8880309c60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 629.238766][ T30] #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 629.298923][ T30] 1 lock held by syz-executor137/5270: [ 629.304447][ T30] 1 lock held by syz-executor137/5275: [ 629.328890][ T30] #0: ffff8880768f8c00 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 629.368920][ T30] 1 lock held by syz-executor137/5272: [ 629.374453][ T30] 1 lock held by syz-executor137/5279: [ 629.408918][ T30] #0: ffff88807fbbc180 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 629.448902][ T30] 5 locks held by syz-executor137/5268: [ 629.454515][ T30] 1 lock held by syz-executor137/5278: [ 629.488969][ T30] #0: ffff8880768f8180 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 629.528990][ T30] 1 lock held by syz-executor137/5269: [ 629.534538][ T30] 1 lock held by syz-executor137/5276: [ 629.568988][ T30] #0: ffff8880768f9140 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 629.598959][ T30] 1 lock held by syz-executor137/5271: [ 629.604504][ T30] 1 lock held by syz-executor137/5277: [ 629.650410][ T30] #0: ffff8880768f86c0 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: lookup_slow+0x45/0x70 [ 629.678914][ T30] [ 629.681301][ T30] ============================================= [ 629.681301][ T30] [ 629.718911][ T30] NMI backtrace for cpu 1 [ 629.723346][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 629.733890][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 629.743963][ T30] Call Trace: [ 629.747252][ T30] [ 629.750210][ T30] dump_stack_lvl+0x241/0x360 [ 629.754917][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 629.760130][ T30] ? __pfx__printk+0x10/0x10 [ 629.764728][ T30] ? vprintk_emit+0x667/0x7c0 [ 629.769422][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 629.774464][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 629.779422][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 629.784920][ T30] ? _printk+0xd5/0x120 [ 629.789086][ T30] ? __pfx__printk+0x10/0x10 [ 629.794144][ T30] ? __wake_up_klogd+0xcc/0x110 [ 629.799010][ T30] ? __pfx__printk+0x10/0x10 [ 629.803608][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 629.808645][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 629.814646][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 629.820661][ T30] watchdog+0xff4/0x1040 [ 629.824933][ T30] ? watchdog+0x1ea/0x1040 [ 629.829377][ T30] ? __pfx_watchdog+0x10/0x10 [ 629.834067][ T30] kthread+0x2f0/0x390 [ 629.838161][ T30] ? __pfx_watchdog+0x10/0x10 [ 629.842852][ T30] ? __pfx_kthread+0x10/0x10 [ 629.847460][ T30] ret_from_fork+0x4b/0x80 [ 629.851951][ T30] ? __pfx_kthread+0x10/0x10 [ 629.856645][ T30] ret_from_fork_asm+0x1a/0x30 [ 629.861436][ T30] [ 629.864768][ T30] Sending NMI from CPU 1 to CPUs 0: [ 629.870077][ C0] NMI backtrace for cpu 0 [ 629.870090][ C0] CPU: 0 UID: 0 PID: 5270 Comm: syz-executor137 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 629.870112][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 629.870122][ C0] RIP: 0010:__read_once_word_nocheck+0xc/0x20 [ 629.870155][ C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 53 48 89 fb e8 77 2d 52 00 48 8b 03 <5b> c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 [ 629.870175][ C0] RSP: 0018:ffffc90003816cf8 EFLAGS: 00000293 [ 629.870191][ C0] RAX: ffffffff81f46d28 RBX: ffffc900038175e0 RCX: ffff8880319e1e00 [ 629.870205][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffc900038175e0 [ 629.870216][ C0] RBP: 1ffff92000702dbe R08: ffffffff814137ed R09: ffffffff81413746 [ 629.870229][ C0] R10: 0000000000000003 R11: ffff8880319e1e00 R12: ffffc900038175e0 [ 629.870242][ C0] R13: dffffc0000000000 R14: 1ffff92000702dbd R15: 1ffff92000702dbc [ 629.870255][ C0] FS: 00007fe351fee6c0(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 629.870270][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 629.870287][ C0] CR2: 000055e1a7460680 CR3: 000000002f9e6000 CR4: 00000000003506f0 [ 629.870302][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 629.870312][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 629.870323][ C0] Call Trace: [ 629.870329][ C0] [ 629.870336][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 629.870366][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 629.870393][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 629.870415][ C0] ? nmi_handle+0x2a/0x5a0 [ 629.870441][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 629.870463][ C0] ? nmi_handle+0x14f/0x5a0 [ 629.870479][ C0] ? nmi_handle+0x2a/0x5a0 [ 629.870497][ C0] ? __read_once_word_nocheck+0xc/0x20 [ 629.870523][ C0] ? default_do_nmi+0x63/0x160 [ 629.870547][ C0] ? exc_nmi+0x123/0x1f0 [ 629.870569][ C0] ? end_repeat_nmi+0xf/0x53 [ 629.870596][ C0] ? unwind_next_frame+0xff6/0x2a00 [ 629.870620][ C0] ? unwind_next_frame+0x109d/0x2a00 [ 629.870644][ C0] ? folio_alloc_noprof+0x128/0x180 [ 629.870668][ C0] ? __read_once_word_nocheck+0xc/0x20 [ 629.870695][ C0] ? __read_once_word_nocheck+0xc/0x20 [ 629.870722][ C0] ? __read_once_word_nocheck+0xc/0x20 [ 629.870749][ C0] [ 629.870755][ C0] [ 629.870761][ C0] unwind_next_frame+0x1356/0x2a00 [ 629.870792][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 629.870816][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 629.870836][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 629.870859][ C0] arch_stack_walk+0x151/0x1b0 [ 629.870880][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 629.870905][ C0] stack_trace_save+0x118/0x1d0 [ 629.870927][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 629.870956][ C0] save_stack+0xfb/0x1f0 [ 629.870974][ C0] ? __pfx_save_stack+0x10/0x10 [ 629.870989][ C0] ? post_alloc_hook+0x1f3/0x230 [ 629.871005][ C0] ? get_page_from_freelist+0x2e4c/0x2f10 [ 629.871025][ C0] ? __alloc_pages_noprof+0x256/0x6c0 [ 629.871044][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 629.871077][ C0] __set_page_owner+0x92/0x800 [ 629.871095][ C0] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 629.871124][ C0] ? __pfx_lock_release+0x10/0x10 [ 629.871148][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 629.871164][ C0] ? do_raw_spin_trylock+0xc8/0x1f0 [ 629.871190][ C0] post_alloc_hook+0x1f3/0x230 [ 629.871209][ C0] get_page_from_freelist+0x2e4c/0x2f10 [ 629.871238][ C0] ? __alloc_pages_noprof+0x166/0x6c0 [ 629.871263][ C0] ? get_block+0x1132/0x16d0 [ 629.871293][ C0] ? should_fail_alloc_page+0x75/0x110 [ 629.871316][ C0] ? prepare_alloc_pages+0x1da/0x5d0 [ 629.871341][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 629.871380][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 629.871413][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 629.871439][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 629.871468][ C0] folio_alloc_noprof+0x128/0x180 [ 629.871492][ C0] filemap_alloc_folio_noprof+0xdf/0x500 [ 629.871517][ C0] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 629.871540][ C0] ? filemap_read_folio+0x37a/0x790 [ 629.871565][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 629.871593][ C0] ? __filemap_get_folio+0x984/0xc10 [ 629.871617][ C0] ? kasan_check_range+0x37/0x290 [ 629.871642][ C0] do_read_cache_folio+0xed/0x820 [ 629.871669][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 629.871697][ C0] do_read_cache_page+0x30/0x200 [ 629.871725][ C0] sysv_find_entry+0x1af/0x410 [ 629.871759][ C0] sysv_inode_by_name+0x98/0x1f0 [ 629.871776][ C0] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 629.871804][ C0] sysv_lookup+0x6b/0xe0 [ 629.871819][ C0] ? __pfx_sysv_lookup+0x10/0x10 [ 629.871835][ C0] path_openat+0x11cc/0x3470 [ 629.871878][ C0] ? __pfx_path_openat+0x10/0x10 [ 629.871913][ C0] do_filp_open+0x235/0x490 [ 629.871938][ C0] ? __pfx_do_filp_open+0x10/0x10 [ 629.871980][ C0] ? _raw_spin_unlock+0x28/0x50 [ 629.872004][ C0] ? alloc_fd+0x5a1/0x640 [ 629.872036][ C0] do_sys_openat2+0x13e/0x1d0 [ 629.872058][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 629.872079][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 629.872097][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 629.872123][ C0] ? ptrace_notify+0x279/0x380 [ 629.872145][ C0] __x64_sys_open+0x225/0x270 [ 629.872167][ C0] ? __pfx___x64_sys_open+0x10/0x10 [ 629.872189][ C0] ? do_syscall_64+0x100/0x230 [ 629.872213][ C0] do_syscall_64+0xf3/0x230 [ 629.872232][ C0] ? clear_bhb_loop+0x35/0x90 [ 629.872255][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.872277][ C0] RIP: 0033:0x7fe352038dc9 [ 629.872293][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 629.872306][ C0] RSP: 002b:00007fe351fee228 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 629.872324][ C0] RAX: ffffffffffffffda RBX: 00007fe3520ca6a8 RCX: 00007fe352038dc9 [ 629.872336][ C0] RDX: 0000000000000000 RSI: 00000000001a18fd RDI: 00000000200000c0 [ 629.872347][ C0] RBP: 00007fe3520ca6a0 R08: 00007fe351fee6c0 R09: 00007fe351fee6c0 [ 629.872365][ C0] R10: 0000000000009e7f R11: 0000000000000246 R12: 00007fe3520ca6ac [ 629.872377][ C0] R13: 00007fe35208d160 R14: 0030656c69662f2e R15: 00007ffeee3055a8 [ 629.872399][ C0] [ 630.721136][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 630.728046][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 630.738598][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 630.748788][ T30] Call Trace: [ 630.752091][ T30] [ 630.755044][ T30] dump_stack_lvl+0x241/0x360 [ 630.759764][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 630.764994][ T30] ? __pfx__printk+0x10/0x10 [ 630.769630][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 630.775748][ T30] ? vscnprintf+0x5d/0x90 [ 630.780126][ T30] panic+0x349/0x860 [ 630.784056][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 630.790251][ T30] ? __pfx_panic+0x10/0x10 [ 630.794694][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 630.800096][ T30] ? __irq_work_queue_local+0x137/0x410 [ 630.805683][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 630.811110][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 630.817300][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 630.823492][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 630.829693][ T30] watchdog+0x1033/0x1040 [ 630.834069][ T30] ? watchdog+0x1ea/0x1040 [ 630.838618][ T30] ? __pfx_watchdog+0x10/0x10 [ 630.843445][ T30] kthread+0x2f0/0x390 [ 630.847557][ T30] ? __pfx_watchdog+0x10/0x10 [ 630.852533][ T30] ? __pfx_kthread+0x10/0x10 [ 630.857165][ T30] ret_from_fork+0x4b/0x80 [ 630.861698][ T30] ? __pfx_kthread+0x10/0x10 [ 630.866602][ T30] ret_from_fork_asm+0x1a/0x30 [ 630.871420][ T30] [ 630.874758][ T30] Kernel Offset: disabled [ 630.879303][ T30] Rebooting in 86400 seconds..