./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3288259339 <...> Warning: Permanently added '10.128.1.162' (ED25519) to the list of known hosts. execve("./syz-executor3288259339", ["./syz-executor3288259339"], 0x7ffe05c4bd20 /* 10 vars */) = 0 brk(NULL) = 0x55555c1e1000 brk(0x55555c1e1d00) = 0x55555c1e1d00 arch_prctl(ARCH_SET_FS, 0x55555c1e1380) = 0 set_tid_address(0x55555c1e1650) = 5828 set_robust_list(0x55555c1e1660, 24) = 0 rseq(0x55555c1e1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3288259339", 4096) = 28 getrandom("\xa1\x11\x81\xbe\x91\xb3\xe9\x5b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555c1e1d00 brk(0x55555c202d00) = 0x55555c202d00 brk(0x55555c203000) = 0x55555c203000 mprotect(0x7fe26c84a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555c1e1650) = 5829 ./strace-static-x86_64: Process 5829 attached [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] set_robust_list(0x55555c1e1660, 24) = 0 ./strace-static-x86_64: Process 5830 attached [pid 5828] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5830 [pid 5829] mkdir("./syzkaller.mwULDq", 0700 [pid 5830] set_robust_list(0x55555c1e1660, 24 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached [pid 5830] <... set_robust_list resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5831 [pid 5831] set_robust_list(0x55555c1e1660, 24 [pid 5829] <... mkdir resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... set_robust_list resumed>) = 0 [pid 5829] chmod("./syzkaller.mwULDq", 0777 [pid 5830] mkdir("./syzkaller.tywR0y", 0700) = 0 [pid 5830] chmod("./syzkaller.tywR0y", 0777./strace-static-x86_64: Process 5832 attached [pid 5831] mkdir("./syzkaller.nZrrtO", 0700 [pid 5829] <... chmod resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5832 [pid 5832] set_robust_list(0x55555c1e1660, 24 [pid 5830] <... chmod resumed>) = 0 [pid 5829] chdir("./syzkaller.mwULDq" [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... mkdir resumed>) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] chmod("./syzkaller.nZrrtO", 0777 [pid 5830] chdir("./syzkaller.tywR0y") = 0 [pid 5830] mkdir("./0", 0777 [pid 5829] mkdir("./0", 0777 [pid 5832] mkdir("./syzkaller.ehsTCB", 0700 [pid 5830] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5833 attached [pid 5828] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5833 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] set_robust_list(0x55555c1e1660, 24 [pid 5832] <... mkdir resumed>) = 0 [pid 5831] <... chmod resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] <... mkdir resumed>) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5832] chmod("./syzkaller.ehsTCB", 0777) = 0 [pid 5830] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5834 attached [pid 5832] chdir("./syzkaller.ehsTCB" [pid 5828] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5834 [pid 5833] mkdir("./syzkaller.06aqWy", 0700 [pid 5832] <... chdir resumed>) = 0 [pid 5831] chdir("./syzkaller.nZrrtO" [pid 5830] ioctl(3, LOOP_CLR_FD [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5834] set_robust_list(0x55555c1e1660, 24 [pid 5832] mkdir("./0", 0777 [pid 5831] <... chdir resumed>) = 0 [pid 5830] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... openat resumed>) = 3 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5831] mkdir("./0", 0777 [pid 5833] <... mkdir resumed>) = 0 [pid 5830] close(3 [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5834] mkdir("./syzkaller.xjivkl", 0700 [pid 5833] chmod("./syzkaller.06aqWy", 0777 [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5831] <... mkdir resumed>) = 0 [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5834] <... mkdir resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5834] chmod("./syzkaller.xjivkl", 0777 [pid 5833] <... chmod resumed>) = 0 [pid 5832] ioctl(3, LOOP_CLR_FD [pid 5831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5830] <... close resumed>) = 0 [pid 5829] close(3 [pid 5834] <... chmod resumed>) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5833] chdir("./syzkaller.06aqWy" [pid 5829] <... close resumed>) = 0 [pid 5833] <... chdir resumed>) = 0 [pid 5831] ioctl(3, LOOP_CLR_FD [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] chdir("./syzkaller.xjivkl" [pid 5833] mkdir("./0", 0777 [pid 5832] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5836 attached [pid 5834] mkdir("./0", 0777 [pid 5831] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5837 attached [pid 5836] set_robust_list(0x55555c1e1660, 24 [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] close(3 [pid 5831] close(3 [pid 5832] <... close resumed>) = 0 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5838 attached [pid 5836] <... set_robust_list resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 5836] chdir("./0" [pid 5834] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5831] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5830] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5837 [pid 5829] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5836 ./strace-static-x86_64: Process 5839 attached [pid 5838] set_robust_list(0x55555c1e1660, 24 [pid 5837] set_robust_list(0x55555c1e1660, 24 [pid 5836] <... chdir resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5833] <... openat resumed>) = 3 [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... set_robust_list resumed>) = 0 [pid 5838] chdir("./0" [pid 5837] chdir("./0" [pid 5834] ioctl(3, LOOP_CLR_FD [pid 5832] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5838 [pid 5839] set_robust_list(0x55555c1e1660, 24 [pid 5838] <... chdir resumed>) = 0 [pid 5837] <... chdir resumed>) = 0 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5834] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5839] <... set_robust_list resumed>) = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... prctl resumed>) = 0 [pid 5833] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5839] chdir("./0" [pid 5838] <... prctl resumed>) = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] setpgid(0, 0 [pid 5834] close(3 [pid 5833] close(3 [pid 5831] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5839 [pid 5839] <... chdir resumed>) = 0 [pid 5838] setpgid(0, 0 [pid 5837] <... prctl resumed>) = 0 [pid 5836] <... setpgid resumed>) = 0 [pid 5834] <... close resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5838] <... setpgid resumed>) = 0 [pid 5837] setpgid(0, 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached [pid 5839] setpgid(0, 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] <... setpgid resumed>) = 0 [pid 5836] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5841 attached [pid 5839] <... setpgid resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] set_robust_list(0x55555c1e1660, 24 [pid 5836] write(3, "1000", 4 [pid 5841] set_robust_list(0x55555c1e1660, 24 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5838] <... openat resumed>) = 3 [pid 5836] <... write resumed>) = 4 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] chdir("./0" [pid 5839] <... openat resumed>) = 3 [pid 5838] write(3, "1000", 4 [pid 5837] <... openat resumed>) = 3 [pid 5836] close(3 [pid 5834] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5840 [pid 5833] <... clone resumed>, child_tidptr=0x55555c1e1650) = 5841 [pid 5841] chdir("./0" [pid 5840] <... chdir resumed>) = 0 [pid 5839] write(3, "1000", 4 [pid 5838] <... write resumed>) = 4 [pid 5837] write(3, "1000", 4 [pid 5836] <... close resumed>) = 0 [pid 5841] <... chdir resumed>) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... write resumed>) = 4 [pid 5836] symlink("/dev/binderfs", "./binderfs" [pid 5839] close(3 [pid 5838] close(3 [pid 5837] <... write resumed>) = 4 [pid 5838] <... close resumed>) = 0 [pid 5837] close(3 [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5837] <... close resumed>) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5840] <... prctl resumed>) = 0 [pid 5839] <... close resumed>) = 0 [pid 5838] <... symlink resumed>) = 0 [pid 5837] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... prctl resumed>) = 0 [pid 5840] setpgid(0, 0 [pid 5839] symlink("/dev/binderfs", "./binderfs" [pid 5836] <... symlink resumed>) = 0 [pid 5841] setpgid(0, 0executing program ) = 0 [pid 5840] <... setpgid resumed>) = 0 [pid 5839] <... symlink resumed>) = 0 [pid 5838] write(1, "executing program\n", 18 [pid 5837] <... symlink resumed>) = 0 [pid 5836] write(1, "executing program\n", 18 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5836] <... write resumed>) = 18 executing program executing program executing program [pid 5841] <... openat resumed>) = 3 [pid 5840] <... openat resumed>) = 3 [pid 5839] write(1, "executing program\n", 18 [pid 5838] <... write resumed>) = 18 [pid 5837] write(1, "executing program\n", 18 [pid 5836] memfd_create("syzkaller", 0 [pid 5841] write(3, "1000", 4 [pid 5840] write(3, "1000", 4 [pid 5839] <... write resumed>) = 18 [pid 5836] <... memfd_create resumed>) = 3 [pid 5837] <... write resumed>) = 18 [pid 5841] <... write resumed>) = 4 [pid 5840] <... write resumed>) = 4 [pid 5839] memfd_create("syzkaller", 0 [pid 5838] memfd_create("syzkaller", 0 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] close(3 [pid 5840] close(3 [pid 5837] memfd_create("syzkaller", 0 [pid 5836] <... mmap resumed>) = 0x7fe264200000 [pid 5841] <... close resumed>) = 0 [pid 5840] <... close resumed>) = 0 [pid 5839] <... memfd_create resumed>) = 3 [pid 5838] <... memfd_create resumed>) = 3 [pid 5841] symlink("/dev/binderfs", "./binderfs" [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... symlink resumed>) = 0 [pid 5840] <... symlink resumed>) = 0 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5837] <... memfd_create resumed>) = 3 [pid 5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5838] <... mmap resumed>) = 0x7fe264200000 [pid 5839] <... mmap resumed>) = 0x7fe264200000 [pid 5837] <... mmap resumed>) = 0x7fe264200000 executing program executing program [pid 5841] write(1, "executing program\n", 18 [pid 5840] write(1, "executing program\n", 18 [pid 5841] <... write resumed>) = 18 [pid 5840] <... write resumed>) = 18 [pid 5841] memfd_create("syzkaller", 0 [pid 5840] memfd_create("syzkaller", 0) = 3 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] <... memfd_create resumed>) = 3 [pid 5840] <... mmap resumed>) = 0x7fe264200000 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe264200000 [pid 5837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5836] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5840] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5838] <... write resumed>) = 16777216 [pid 5838] munmap(0x7fe264200000, 138412032 [pid 5837] <... write resumed>) = 16777216 [pid 5837] munmap(0x7fe264200000, 138412032 [pid 5838] <... munmap resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3 [pid 5837] <... munmap resumed>) = 0 [pid 5838] <... ioctl resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5838] close(3) = 0 [pid 5837] <... openat resumed>) = 4 [pid 5838] close(4 [pid 5837] ioctl(4, LOOP_SET_FD, 3 [pid 5838] <... close resumed>) = 0 [pid 5840] <... write resumed>) = 16777216 [pid 5838] mkdir("./file0", 0777 [pid 5837] <... ioctl resumed>) = 0 [pid 5838] <... mkdir resumed>) = 0 [pid 5837] close(3 [pid 5838] mount("/dev/loop3", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [pid 5837] <... close resumed>) = 0 [pid 5837] close(4) = 0 [pid 5837] mkdir("./file0", 0777 [pid 5836] <... write resumed>) = 16777216 [pid 5837] <... mkdir resumed>) = 0 [pid 5837] mount("/dev/loop1", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [ 77.784027][ T5838] loop3: detected capacity change from 0 to 32768 [ 77.795037][ T5837] loop1: detected capacity change from 0 to 32768 [pid 5836] munmap(0x7fe264200000, 138412032 [pid 5839] <... write resumed>) = 16777216 [pid 5841] <... write resumed>) = 16777216 [pid 5840] munmap(0x7fe264200000, 138412032 [pid 5839] munmap(0x7fe264200000, 138412032 [pid 5836] <... munmap resumed>) = 0 [pid 5841] munmap(0x7fe264200000, 138412032 [pid 5838] <... mount resumed>) = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5837] <... mount resumed>) = 0 [pid 5836] <... openat resumed>) = 4 [pid 5837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5837] <... openat resumed>) = 3 [pid 5836] ioctl(4, LOOP_SET_FD, 3 [pid 5837] chdir("./file0") = 0 [pid 5837] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 77.844898][ T5837] [ 77.844898][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.844898][ T5837] [ 77.855658][ T5838] [ 77.855658][ T5838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.855658][ T5838] [pid 5837] link("./file1", "./bus" [pid 5839] <... munmap resumed>) = 0 [pid 5838] <... openat resumed>) = 3 [pid 5838] chdir("./file0") = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5838] link("./file1", "./bus" [pid 5841] <... munmap resumed>) = 0 [pid 5840] <... munmap resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5836] <... ioctl resumed>) = 0 [pid 5836] close(3) = 0 [pid 5836] close(4 [pid 5839] <... openat resumed>) = 4 [pid 5836] <... close resumed>) = 0 [ 77.892075][ T5836] loop0: detected capacity change from 0 to 32768 [ 77.895587][ T5837] ERROR: (device loop1): diWrite: ixpxd invalid [ 77.895587][ T5837] [ 77.917611][ T5838] ERROR: (device loop3): diWrite: ixpxd invalid [ 77.917611][ T5838] [ 77.928623][ T5837] ERROR: (device loop1): txCommit: [ 77.928623][ T5837] [ 77.932046][ T5840] loop5: detected capacity change from 0 to 32768 [pid 5839] ioctl(4, LOOP_SET_FD, 3 [pid 5836] mkdir("./file0", 0777 [pid 5840] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5841] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5840] <... openat resumed>) = 4 [pid 5841] <... openat resumed>) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3 [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5836] <... mkdir resumed>) = 0 [pid 5836] mount("/dev/loop0", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [pid 5839] <... ioctl resumed>) = 0 [pid 5839] close(3) = 0 [pid 5839] close(4) = 0 [pid 5837] <... link resumed>) = -1 EIO (Input/output error) [pid 5839] mkdir("./file0", 0777) = 0 [pid 5839] mount("/dev/loop2", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [pid 5840] <... ioctl resumed>) = 0 [pid 5840] close(3) = 0 [pid 5840] close(4) = 0 [pid 5841] <... ioctl resumed>) = 0 [pid 5838] <... link resumed>) = -1 EIO (Input/output error) [pid 5837] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5840] mkdir("./file0", 0777) = 0 [pid 5840] mount("/dev/loop5", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [pid 5841] close(3 [pid 5838] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5837] <... openat resumed>) = 4 [pid 5841] <... close resumed>) = 0 [pid 5838] <... openat resumed>) = 4 [ 77.938115][ T5839] loop2: detected capacity change from 0 to 32768 [ 77.943715][ T5841] loop4: detected capacity change from 0 to 32768 [ 77.958876][ T5838] ERROR: (device loop3): txCommit: [ 77.958876][ T5838] [pid 5837] sendfile(4, 4, NULL, 2053636096 [pid 5841] close(4 [pid 5838] sendfile(4, 4, NULL, 2053636096 [pid 5841] <... close resumed>) = 0 [pid 5841] mkdir("./file0", 0777) = 0 [ 77.990409][ T5837] [ 77.990409][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.990409][ T5837] [ 77.993144][ T5838] [ 77.993144][ T5838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 77.993144][ T5838] [ 78.013317][ T5840] [ 78.013317][ T5840] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.013317][ T5840] [ 78.021358][ T5837] [ 78.021358][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.021358][ T5837] [pid 5841] mount("/dev/loop4", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic," [pid 5840] <... mount resumed>) = 0 [pid 5840] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5840] chdir("./file0") = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [ 78.038860][ T5839] [ 78.038860][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.038860][ T5839] [ 78.039411][ T5841] [ 78.039411][ T5841] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.039411][ T5841] [ 78.065271][ T5836] [ 78.065271][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.065271][ T5836] [ 78.068039][ T5840] ERROR: (device loop5): diWrite: ixpxd invalid [ 78.068039][ T5840] [ 78.077270][ T5837] [pid 5840] link("./file1", "./bus" [pid 5839] <... mount resumed>) = 0 [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5839] chdir("./file0" [pid 5836] <... mount resumed>) = 0 [pid 5836] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5839] <... chdir resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5836] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5836] chdir("./file0" [pid 5839] link("./file1", "./bus" [pid 5836] <... chdir resumed>) = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5841] <... mount resumed>) = 0 [pid 5836] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5836] link("./file1", "./bus" [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5841] chdir("./file0") = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 78.077270][ T5837] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.077270][ T5837] [ 78.088797][ T5838] [ 78.088797][ T5838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.088797][ T5838] [ 78.120670][ T5839] ERROR: (device loop2): diWrite: ixpxd invalid [ 78.120670][ T5839] [ 78.131656][ T5836] ERROR: (device loop0): diWrite: ixpxd invalid [ 78.131656][ T5836] [pid 5841] link("./file1", "./bus" [pid 5837] <... sendfile resumed>) = 10 [ 78.142274][ T5841] ERROR: (device loop4): diWrite: ixpxd invalid [ 78.142274][ T5841] [ 78.146537][ T5836] ERROR: (device loop0): txCommit: [ 78.146537][ T5836] [ 78.152115][ T5840] ERROR: (device loop5): txCommit: [ 78.152115][ T5840] [ 78.159183][ T5839] ERROR: (device loop2): txCommit: [ 78.159183][ T5839] [ 78.175401][ T5838] [ 78.175401][ T5838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.175401][ T5838] [pid 5837] exit_group(0 [pid 5839] <... link resumed>) = -1 EIO (Input/output error) [pid 5837] <... exit_group resumed>) = ? [pid 5836] <... link resumed>) = -1 EIO (Input/output error) [pid 5837] +++ exited with 0 +++ [pid 5840] <... link resumed>) = -1 EIO (Input/output error) [pid 5839] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5838] <... sendfile resumed>) = 10 [pid 5836] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5830] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=35 /* 0.35 s */} --- [pid 5839] <... openat resumed>) = 4 [pid 5836] <... openat resumed>) = 4 [pid 5830] restart_syscall(<... resuming interrupted clone ...> [pid 5840] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5839] sendfile(4, 4, NULL, 2053636096 [pid 5838] exit_group(0 [pid 5836] sendfile(4, 4, NULL, 2053636096 [pid 5830] <... restart_syscall resumed>) = 0 [pid 5838] <... exit_group resumed>) = ? [pid 5840] <... openat resumed>) = 4 [pid 5838] +++ exited with 0 +++ [ 78.188604][ T5837] syz-executor328 (5837) used greatest stack depth: 19408 bytes left [ 78.192913][ T5841] ERROR: (device loop4): txCommit: [ 78.192913][ T5841] [ 78.210156][ T5839] [ 78.210156][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.210156][ T5839] [ 78.214586][ T5836] [ 78.214586][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.214586][ T5836] [ 78.223274][ T5839] [ 78.223274][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.223274][ T5839] [pid 5840] sendfile(4, 4, NULL, 2053636096 [pid 5832] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=32 /* 0.32 s */} --- [pid 5830] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5841] <... link resumed>) = -1 EIO (Input/output error) [pid 5839] <... sendfile resumed>) = 10 [pid 5830] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300 [pid 5839] exit_group(0 [pid 5830] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5839] <... exit_group resumed>) = ? [pid 5830] newfstatat(3, "", [pid 5839] +++ exited with 0 +++ [pid 5830] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5841] <... openat resumed>) = 4 [pid 5831] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=31 /* 0.31 s */} --- [pid 5830] getdents64(3, [pid 5841] sendfile(4, 4, NULL, 2053636096 [pid 5831] restart_syscall(<... resuming interrupted clone ...> [pid 5830] <... getdents64 resumed>0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5831] <... restart_syscall resumed>) = 0 [pid 5830] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5830] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5830] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5832] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5830] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 78.246463][ T5839] [ 78.246463][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.246463][ T5839] [ 78.253718][ T5836] [ 78.253718][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.253718][ T5836] [ 78.269254][ T5840] [ 78.269254][ T5840] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.269254][ T5840] [ 78.280342][ T5840] [ 78.280342][ T5840] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.280342][ T5840] [ 78.287934][ T5836] [pid 5832] <... openat resumed>) = 3 [pid 5831] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5830] unlink("./0/binderfs" [pid 5832] newfstatat(3, "", [pid 5831] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5830] <... unlink resumed>) = 0 [pid 5832] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5830] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] getdents64(3, [pid 5831] newfstatat(3, "", [pid 5832] <... getdents64 resumed>0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5831] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5831] getdents64(3, [pid 5832] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5831] <... getdents64 resumed>0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5836] <... sendfile resumed>) = 10 [pid 5832] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5831] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5831] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] unlink("./0/binderfs" [pid 5831] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5832] <... unlink resumed>) = 0 [pid 5831] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5832] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5831] unlink("./0/binderfs") = 0 [ 78.287934][ T5836] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.287934][ T5836] [ 78.304137][ T5830] [ 78.304137][ T5830] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.304137][ T5830] [ 78.315354][ T5841] [ 78.315354][ T5841] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.315354][ T5841] [ 78.317299][ T5840] [ 78.317299][ T5840] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.317299][ T5840] [ 78.330714][ T5841] [ 78.330714][ T5841] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.330714][ T5841] [pid 5831] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5840] <... sendfile resumed>) = 10 [pid 5836] exit_group(0 [pid 5840] exit_group(0 [pid 5836] <... exit_group resumed>) = ? [pid 5840] <... exit_group resumed>) = ? [pid 5836] +++ exited with 0 +++ [pid 5840] +++ exited with 0 +++ [pid 5829] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=32 /* 0.32 s */} --- [pid 5829] restart_syscall(<... resuming interrupted clone ...> [pid 5841] <... sendfile resumed>) = 10 [pid 5829] <... restart_syscall resumed>) = 0 [pid 5841] exit_group(0 [pid 5829] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5841] <... exit_group resumed>) = ? [pid 5829] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] +++ exited with 0 +++ [pid 5829] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=31 /* 0.31 s */} --- [pid 5829] <... openat resumed>) = 3 [pid 5833] restart_syscall(<... resuming interrupted clone ...> [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5829] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5829] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] unlink("./0/binderfs") = 0 [pid 5829] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5834] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=35 /* 0.35 s */} --- [pid 5834] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5834] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5834] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5834] getdents64(3, 0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5834] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5834] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 78.338570][ T5830] [ 78.338570][ T5830] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.338570][ T5830] [ 78.349448][ T5832] [ 78.349448][ T5832] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.349448][ T5832] [ 78.365787][ T5841] [ 78.365787][ T5841] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.365787][ T5841] [ 78.369093][ T5832] [ 78.369093][ T5832] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.369093][ T5832] [ 78.387029][ T5831] [ 78.387029][ T5831] ... Log Wrap ... Log Wrap ... Log Wrap ... [pid 5834] unlink("./0/binderfs") = 0 [pid 5834] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5833] <... restart_syscall resumed>) = 0 [pid 5833] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5833] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5833] getdents64(3, 0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5833] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5833] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5833] unlink("./0/binderfs") = 0 [ 78.387029][ T5831] [ 78.397561][ T5829] [ 78.397561][ T5829] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.397561][ T5829] [ 78.400982][ T5831] [ 78.400982][ T5831] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.400982][ T5831] [ 78.410488][ T5829] [ 78.410488][ T5829] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.410488][ T5829] [ 78.432200][ T5834] [ 78.432200][ T5834] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.432200][ T5834] [ 78.443057][ T5834] [ 78.443057][ T5834] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.443057][ T5834] [ 78.443191][ T5833] [ 78.443191][ T5833] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.443191][ T5833] [ 78.464179][ T5833] [ 78.464179][ T5833] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 78.464179][ T5833] [ 86.232981][ T51] cfg80211: failed to load regulatory.db [ 130.401315][ T5830] jfs_flush_journal: synclist not empty [ 130.407049][ T5830] metapage: ffff888075f945d0: 00001000 00000000 00003a24 00000000 [ 130.414982][ T5830] metapage: ffff888075f945e0: 31598228 ffff8880 31598228 ffff8880 [ 130.422922][ T5830] metapage: ffff888075f945f0: 00000004 00000000 00000000 00000000 [ 130.430750][ T5830] metapage: ffff888075f94600: 75f97000 ffff8880 0000001c 00000000 [ 130.438626][ T5830] metapage: ffff888075f94610: 00000000 dead4ead ffffffff 00000000 [ 130.441270][ T5832] jfs_flush_journal: synclist not empty [ 130.446480][ T5830] metapage: ffff888075f94620: ffffffff ffffffff 9a4f6560 ffffffff [ 130.452018][ T5832] metapage: ffff888075f948b8: 00001000 00000000 00003a24 00000000 [ 130.459787][ T5830] metapage: ffff888075f94630: 93c727d0 ffffffff 00000000 00000000 [ 130.468181][ T5832] metapage: ffff888075f948c8: 3159ba28 ffff8880 3159ba28 ffff8880 [ 130.475440][ T5830] metapage: ffff888075f94640: 8c4272e0 ffffffff 00000300 00000000 [ 130.483582][ T5832] metapage: ffff888075f948d8: 00000004 00000000 00000000 00000000 [ 130.491033][ T5830] metapage: ffff888075f94650: 75f94650 ffff8880 75f94650 ffff8880 [ 130.499671][ T5832] metapage: ffff888075f948e8: 75f95000 ffff8880 0000001c 00000000 [ 130.506723][ T5831] jfs_flush_journal: synclist not empty [ 130.514887][ T5832] metapage: ffff888075f948f8: 00000000 dead4ead ffffffff 00000000 [ 130.520105][ T5829] jfs_flush_journal: synclist not empty [ 130.528349][ T5832] metapage: ffff888075f94908: ffffffff ffffffff 9a4f6560 ffffffff [ 130.533502][ T5830] metapage: ffff888075f94660: 01d7e5c0 ffffea00 3086e000 ffff8880 [ 130.533530][ T5830] metapage: ffff888075f94670: 00001000 00003b14 00000001 00000000 [ 130.556951][ T5833] jfs_flush_journal: synclist not empty [ 130.556979][ T5833] metapage: ffff88807534f2e8: 00001000 00000000 00003a24 00000000 [ 130.557008][ T5833] metapage: ffff88807534f2f8: 30d63228 ffff8880 30d63228 ffff8880 [ 130.562563][ T5829] metapage: ffff88802f1408b8: 00001000 00000000 00003a24 00000000 [ 130.562592][ T5829] metapage: ffff88802f1408c8: 26ef9a28 ffff8880 26ef9a28 ffff8880 [ 130.562624][ T5829] metapage: ffff88802f1408d8: 00000004 00000000 00000000 00000000 [ 130.570395][ T5833] metapage: ffff88807534f308: 00000004 00000000 00000000 00000000 [ 130.578310][ T5831] metapage: ffff88802f1405d0: 00001000 00000000 00003a24 00000000 [ 130.587132][ T5834] jfs_flush_journal: synclist not empty [ 130.593953][ T5831] metapage: ffff88802f1405e0: 26ef8228 ffff8880 26ef8228 ffff8880 [ 130.601763][ T5832] metapage: ffff888075f94918: 93c727d0 ffffffff 00000000 00000000 [ 130.609558][ T5829] metapage: ffff88802f1408e8: 7719a000 ffff8880 0000001c 00000000 [ 130.631299][ T5834] metapage: ffff888075e6dd90: 00001000 00000000 00003a24 00000000 [ 130.631333][ T5834] metapage: ffff888075e6dda0: 30d63a28 ffff8880 30d63a28 ffff8880 [ 130.631359][ T5834] metapage: ffff888075e6ddb0: 00000004 00000000 00000000 00000000 [ 130.639137][ T5830] metapage: ffff888075f94680: 31598000 ffff8880 [ 130.647535][ T5832] metapage: ffff888075f94928: 8c4272e0 ffffffff 00000300 00000000 [ 130.654894][ T5831] metapage: ffff88802f1405f0: 00000004 00000000 00000000 00000000 [ 130.677089][ T5834] metapage: ffff888075e6ddc0: 77c02000 ffff8880 0000001c 00000000 [ 130.684623][ T5833] metapage: ffff88807534f318: 7b7d0000 ffff8880 0000001c 00000000 [ 130.684651][ T5833] metapage: ffff88807534f328: 00000000 dead4ead ffffffff 00000000 [ 130.693024][ T5832] metapage: ffff888075f94938: 75f94938 ffff8880 75f94938 ffff8880 [ 130.700305][ T5829] metapage: ffff88802f1408f8: 00000000 dead4ead ffffffff 00000000 [ 130.708440][ T5834] metapage: ffff888075e6ddd0: 00000000 dead4ead ffffffff 00000000 [ 130.715968][ T5830] page: ffffea0001d7e5c0: 00fff5000000422c ffffea0001d7e588 [ 130.723977][ T5832] metapage: ffff888075f94948: 01d7e540 ffffea00 315f8000 ffff8880 [ 130.731768][ T5833] metapage: ffff88807534f338: ffffffff ffffffff 9a4f6560 ffffffff [ 130.740139][ T5834] metapage: ffff888075e6dde0: ffffffff ffffffff 9a4f6560 ffffffff [ 130.746872][ T5829] metapage: ffff88802f140908: ffffffff ffffffff 9a4f6560 ffffffff [ 130.746902][ T5829] metapage: ffff88802f140918: 93c727d0 ffffffff 00000000 00000000 [ 130.755134][ T5832] metapage: ffff888075f94958: 00001000 00003b14 00000001 00000000 [ 130.762534][ T5830] page: ffffea0001d7e5d0: ffffea0001d1d308 ffff888072528f88 [ 130.770562][ T5831] metapage: ffff88802f140600: 2f141000 ffff8880 0000001c 00000000 [ 130.778710][ T5833] metapage: ffff88807534f348: 93c727d0 ffffffff 00000000 00000000 [ 130.786532][ T5832] metapage: ffff888075f94968: 3159b800 ffff8880 [ 130.794418][ T5829] metapage: ffff88802f140928: 8c4272e0 ffffffff 00000300 00000000 [ 130.817362][ T5834] metapage: ffff888075e6ddf0: 93c727d0 ffffffff 00000000 00000000 [ 130.817394][ T5834] metapage: ffff888075e6de00: 8c4272e0 ffffffff 00000300 00000000 [ 130.824509][ T5830] page: ffffea0001d7e5e0: 000000000000001c ffff888075f945d0 [ 130.831510][ T5831] metapage: ffff88802f140610: 00000000 dead4ead ffffffff 00000000 [ 130.839611][ T5833] metapage: ffff88807534f358: 8c4272e0 ffffffff 00000300 00000000 [ 130.847221][ T5832] page: ffffea0001d7e540: 00fff5000000422c ffffea0001d7e7c8 [ 130.854965][ T5830] page: ffffea0001d7e5f0: 00000003ffffffff ffff88801c2b4000 [ 130.877466][ T5834] metapage: ffff888075e6de10: 75e6de10 ffff8880 75e6de10 ffff8880 [ 130.877499][ T5834] metapage: ffff888075e6de20: 01df0080 ffffea00 7b140000 ffff8880 [ 130.885338][ T5833] metapage: ffff88807534f368: 7534f368 ffff8880 7534f368 ffff8880 [ 130.892663][ T5831] metapage: ffff88802f140620: ffffffff ffffffff 9a4f6560 ffffffff [ 130.900672][ T5829] metapage: ffff88802f140938: 2f140938 ffff8880 2f140938 ffff8880 [ 130.908342][ T5832] page: ffffea0001d7e550: ffffea0001d7e588 ffff888072528650 [ 130.916092][ T5833] metapage: ffff88807534f378: 01edf400 ffffea00 353b4000 ffff8880 [ 130.931198][ T5834] metapage: ffff888075e6de30: 00001000 00003b14 00000001 00000000 [ 130.939623][ T5829] metapage: ffff88802f140948: 01dc6680 ffffea00 335a8000 ffff8880 [ 130.946799][ T5831] metapage: ffff88802f140630: 93c727d0 ffffffff 00000000 00000000 [ 130.956480][ T5833] metapage: ffff88807534f388: 00001000 00003b14 00000001 00000000 [ 130.970454][ T5832] page: ffffea0001d7e560: 000000000000001c ffff888075f948b8 [ 130.970481][ T5832] page: ffffea0001d7e570: 00000003ffffffff ffff88801c2b4000 [ 130.978850][ T5829] metapage: ffff88802f140958: 00001000 00003b14 00000001 00000000 [ 130.985424][ T5834] metapage: ffff888075e6de40: 30d63800 ffff8880 [ 130.993730][ T5829] metapage: ffff88802f140968: 26ef9800 ffff8880 [ 130.999488][ T5831] metapage: ffff88802f140640: 8c4272e0 ffffffff 00000300 00000000 [ 131.006179][ T5833] metapage: ffff88807534f398: 30d63000 ffff8880 [ 131.013606][ T5834] page: ffffea0001df0080: 00fff5000000422c ffffea0001df0048 [ 131.020525][ T5833] page: ffffea0001edf400: 00fff5000000422c ffffea000072eac8 [ 131.029983][ T5831] metapage: ffff88802f140650: 2f140650 ffff8880 2f140650 ffff8880 [ 131.034819][ T5829] page: ffffea0001dc6680: 00fff5000000422c ffffea0001dc6608 [ 131.042298][ T5834] page: ffffea0001df0090: ffffea0001d10d08 ffff888076fb8f88 [ 131.042336][ T5834] page: ffffea0001df00a0: 000000000000001c ffff888075e6dd90 [ 131.049945][ T5829] page: ffffea0001dc6690: ffffea0001dc66c8 ffff888072468650 [ 131.056928][ T5831] metapage: ffff88802f140660: 00bc5040 ffffea00 79e7c000 ffff8880 [ 131.064273][ T5833] page: ffffea0001edf410: ffffea0001edf448 ffff888076fbbda0 [ 131.086583][ T5834] page: ffffea0001df00b0: 00000003ffffffff ffff88801c2b4000 [ 131.088845][ T5831] metapage: ffff88802f140670: 00001000 00003b14 00000001 00000000 [ 131.094636][ T5829] page: ffffea0001dc66a0: 000000000000001c ffff88802f1408b8 [ 131.109275][ T5831] metapage: ffff88802f140680: 26ef8000 ffff8880 [ 131.109302][ T5831] page: ffffea0000bc5040: 00fff5000000422c ffffea0001eb27c8 [ 131.115976][ T5829] page: ffffea0001dc66b0: 00000003ffffffff ffff88801c2b4000 [ 131.123187][ T5831] page: ffffea0000bc5050: ffffea0001ec4688 ffff8880724698c0 [ 131.130616][ T5833] page: ffffea0001edf420: 000000000000001c ffff88807534f2e8 [ 131.137518][ T5831] page: ffffea0000bc5060: 000000000000001c ffff88802f1405d0 [ 131.146910][ T5833] page: ffffea0001edf430: 00000003ffffffff ffff88801c2b4000 [ 131.154039][ T5831] page: ffffea0000bc5070: 00000003ffffffff ffff88801c2b4000 [ 183.021294][ T5832] jfs_flush_journal: synclist not empty [ 183.027100][ T5832] metapage: ffff888075f948b8: 00001000 00000000 00003a24 00000000 [ 183.035018][ T5832] metapage: ffff888075f948c8: 3159ba28 ffff8880 3159ba28 ffff8880 [ 183.042919][ T5832] metapage: ffff888075f948d8: 00000004 00000000 00000000 00000000 [ 183.050747][ T5832] metapage: ffff888075f948e8: 75f95000 ffff8880 0000001c 00000000 [ 183.058611][ T5832] metapage: ffff888075f948f8: 00000000 dead4ead ffffffff 00000000 [ 183.066464][ T5832] metapage: ffff888075f94908: ffffffff ffffffff 9a4f6560 ffffffff [ 183.074319][ T5832] metapage: ffff888075f94918: 93c727d0 ffffffff 00000000 00000000 [ 183.082172][ T5832] metapage: ffff888075f94928: 8c4272e0 ffffffff 00000300 00000000 [ 183.089974][ T5832] metapage: ffff888075f94938: 75f94938 ffff8880 75f94938 ffff8880 [ 183.097879][ T5832] metapage: ffff888075f94948: 01d7e540 ffffea00 315f8000 ffff8880 [ 183.105755][ T5832] metapage: ffff888075f94958: 00001000 00003b14 00000001 00000000 [ 183.113633][ T5832] metapage: ffff888075f94968: 3159b800 ffff8880 [pid 5833] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] <... umount2 resumed>) = 0 [pid 5832] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5832] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 183.119938][ T5832] page: ffffea0001d7e540: 00fff5000000422c ffffea0001d7e7c8 [ 183.127292][ T5832] page: ffffea0001d7e550: ffffea0001d7e5c8 ffff888072528650 [ 183.134668][ T5832] page: ffffea0001d7e560: 000000000000001c ffff888075f948b8 [ 183.142038][ T5832] page: ffffea0001d7e570: 00000003ffffffff ffff88801c2b4000 [pid 5832] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5832] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5832] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] getdents64(4, 0x55555c1ea730 /* 2 entries */, 32768) = 48 [pid 5832] getdents64(4, 0x55555c1ea730 /* 0 entries */, 32768) = 0 [pid 5832] close(4) = 0 [pid 5832] rmdir("./0/file0") = 0 [pid 5832] getdents64(3, 0x55555c1e26f0 /* 0 entries */, 32768) = 0 [pid 5832] close(3) = 0 [pid 5832] rmdir("./0") = 0 [pid 5832] mkdir("./1", 0777) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5832] ioctl(3, LOOP_CLR_FD) = 0 [pid 5832] close(3) = 0 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5864 attached , child_tidptr=0x55555c1e1650) = 5864 [pid 5864] set_robust_list(0x55555c1e1660, 24) = 0 [pid 5864] chdir("./1") = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] setpgid(0, 0) = 0 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5864] write(3, "1000", 4) = 4 [pid 5864] close(3) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5864] write(1, "executing program\n", 18) = 18 [pid 5864] memfd_create("syzkaller", 0) = 3 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe264200000 [pid 5864] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5864] munmap(0x7fe264200000, 138412032) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5864] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5864] close(3) = 0 [pid 5864] close(4) = 0 [pid 5864] mkdir("./file0", 0777) = 0 [ 183.715813][ T5864] loop3: detected capacity change from 0 to 32768 [pid 5864] mount("/dev/loop3", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic,") = 0 [pid 5864] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5864] chdir("./file0") = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5864] link("./file1", "./bus") = -1 EIO (Input/output error) [pid 5864] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300) = 4 [ 183.760793][ T5864] [ 183.760793][ T5864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.760793][ T5864] [ 183.776389][ T5864] ERROR: (device loop3): diWrite: ixpxd invalid [ 183.776389][ T5864] [ 183.785655][ T5864] ERROR: (device loop3): txCommit: [ 183.785655][ T5864] [ 183.806212][ T5864] [pid 5864] sendfile(4, 4, NULL, 2053636096) = 10 [pid 5864] exit_group(0) = ? [pid 5864] +++ exited with 0 +++ [pid 5832] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=24 /* 0.24 s */} --- [pid 5832] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5832] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 183.806212][ T5864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.806212][ T5864] [ 183.816714][ T5864] [ 183.816714][ T5864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.816714][ T5864] [ 183.827464][ T5864] [ 183.827464][ T5864] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.827464][ T5864] [pid 5832] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] getdents64(3, 0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5832] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5832] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5832] unlink("./1/binderfs") = 0 [ 183.955536][ T5832] [ 183.955536][ T5832] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.955536][ T5832] [ 183.966086][ T5832] [ 183.966086][ T5832] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 183.966086][ T5832] [ 235.151262][ T5830] jfs_flush_journal: synclist not empty [ 235.156837][ T5830] metapage: ffff888075f945d0: 00001000 00000000 00003a24 00000000 [ 235.164748][ T5830] metapage: ffff888075f945e0: 31598228 ffff8880 31598228 ffff8880 [ 235.172613][ T5830] metapage: ffff888075f945f0: 00000004 00000000 00000000 00000000 [ 235.180444][ T5830] metapage: ffff888075f94600: 75f97000 ffff8880 0000001c 00000000 [ 235.188365][ T5830] metapage: ffff888075f94610: 00000000 dead4ead ffffffff 00000000 [ 235.196225][ T5830] metapage: ffff888075f94620: ffffffff ffffffff 9a4f6560 ffffffff [ 235.204153][ T5830] metapage: ffff888075f94630: 93c727d0 ffffffff 00000000 00000000 [ 235.212067][ T5830] metapage: ffff888075f94640: 8c4272e0 ffffffff 00000300 00000000 [ 235.219899][ T5830] metapage: ffff888075f94650: 75f94650 ffff8880 75f94650 ffff8880 [ 235.227824][ T5830] metapage: ffff888075f94660: 01d7e5c0 ffffea00 3086e000 ffff8880 [ 235.235703][ T5830] metapage: ffff888075f94670: 00001000 00003b14 00000001 00000000 [ 235.243616][ T5830] metapage: ffff888075f94680: 31598000 ffff8880 [pid 5832] umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5830] <... umount2 resumed>) = 0 [pid 5830] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5830] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 235.249874][ T5830] page: ffffea0001d7e5c0: 00fff5000000422c ffffea0001d7e548 [ 235.257219][ T5830] page: ffffea0001d7e5d0: ffffea0001eb1708 ffff888072528f88 [ 235.264589][ T5830] page: ffffea0001d7e5e0: 000000000000001c ffff888075f945d0 [ 235.272002][ T5830] page: ffffea0001d7e5f0: 00000003ffffffff ffff88801c2b4000 [pid 5830] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5830] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5830] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5830] getdents64(4, 0x55555c1ea730 /* 2 entries */, 32768) = 48 [pid 5830] getdents64(4, 0x55555c1ea730 /* 0 entries */, 32768) = 0 [pid 5830] close(4) = 0 [pid 5830] rmdir("./0/file0") = 0 [pid 5830] getdents64(3, 0x55555c1e26f0 /* 0 entries */, 32768) = 0 [pid 5830] close(3) = 0 [pid 5830] rmdir("./0") = 0 [pid 5830] mkdir("./1", 0777) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5830] ioctl(3, LOOP_CLR_FD) = 0 [pid 5830] close(3) = 0 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5868 attached , child_tidptr=0x55555c1e1650) = 5868 [pid 5868] set_robust_list(0x55555c1e1660, 24) = 0 [pid 5868] chdir("./1") = 0 [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5868] setpgid(0, 0) = 0 [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5868] write(3, "1000", 4) = 4 [pid 5868] close(3) = 0 [pid 5868] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5868] write(1, "executing program\n", 18) = 18 [pid 5868] memfd_create("syzkaller", 0) = 3 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe264200000 [pid 5868] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5868] munmap(0x7fe264200000, 138412032) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5868] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5868] close(3) = 0 [pid 5868] close(4) = 0 [pid 5868] mkdir("./file0", 0777) = 0 [ 235.853990][ T5868] loop1: detected capacity change from 0 to 32768 [pid 5868] mount("/dev/loop1", "./file0", "jfs", 0, "iocharset=maccroatian,discard=0x0000000000000003,nodiscard,errors=continue,iocharset=maccyrillic,") = 0 [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] chdir("./file0") = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 235.903888][ T5868] [ 235.903888][ T5868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.903888][ T5868] [pid 5868] link("./file1", "./bus") = -1 EIO (Input/output error) [pid 5868] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 0300) = 4 [ 235.948250][ T5868] ERROR: (device loop1): diWrite: ixpxd invalid [ 235.948250][ T5868] [ 235.957138][ T5868] ERROR: (device loop1): txCommit: [ 235.957138][ T5868] [ 235.967956][ T5868] [ 235.967956][ T5868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.967956][ T5868] [ 235.978556][ T5868] [ 235.978556][ T5868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.978556][ T5868] [ 235.989131][ T5832] jfs_flush_journal: synclist not empty [ 235.990303][ T5868] [pid 5868] sendfile(4, 4, NULL, 2053636096) = 10 [pid 5868] exit_group(0) = ? [pid 5868] +++ exited with 0 +++ [pid 5830] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [ 235.990303][ T5868] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 235.990303][ T5868] [ 235.994803][ T5832] metapage: ffff8880338eeba0: 00001000 00000000 00003a24 00000000 [ 236.013180][ T5832] metapage: ffff8880338eebb0: 7947ea28 ffff8880 7947ea28 ffff8880 [ 236.021248][ T5832] metapage: ffff8880338eebc0: 00000004 00000000 00000000 00000000 [ 236.029329][ T5832] metapage: ffff8880338eebd0: 2ef7d000 ffff8880 0000001c 00000000 [ 236.037637][ T5832] metapage: ffff8880338eebe0: 00000000 dead4ead ffffffff 00000000 [pid 5830] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5830] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5830] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5830] getdents64(3, 0x55555c1e26f0 /* 4 entries */, 32768) = 112 [pid 5830] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5830] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5830] unlink("./1/binderfs") = 0 [ 236.045666][ T5832] metapage: ffff8880338eebf0: ffffffff ffffffff 9a4f6560 ffffffff [ 236.053781][ T5832] metapage: ffff8880338eec00: 93c727d0 ffffffff 00000000 00000000 [ 236.061689][ T5832] metapage: ffff8880338eec10: 8c4272e0 ffffffff 00000300 00000000 [ 236.069527][ T5832] metapage: ffff8880338eec20: 338eec20 ffff8880 338eec20 ffff8880 [ 236.077410][ T5832] metapage: ffff8880338eec30: 00bbdf40 ffffea00 7aab8000 ffff8880 [ 236.085844][ T5832] metapage: ffff8880338eec40: 00001000 00003b14 00000001 00000000 [ 236.086231][ T5830] [ 236.086231][ T5830] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 236.086231][ T5830] [ 236.093775][ T5832] metapage: ffff8880338eec50: 7947e800 ffff8880 [ 236.105288][ T5830] [ 236.105288][ T5830] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 236.105288][ T5830] [ 236.110466][ T5832] page: ffffea0000bbdf40: 00fff5000000422c ffffea0000cd0e48 [ 236.128269][ T5832] page: ffffea0000bbdf50: ffffea0001bbafc8 ffff8880724718c0 [ 236.135671][ T5832] page: ffffea0000bbdf60: 000000000000001c ffff8880338eeba0 [ 236.143242][ T5832] page: ffffea0000bbdf70: 00000003ffffffff ffff88801c2b4000 [ 285.911382][ T30] INFO: task syz-executor328:5829 blocked for more than 143 seconds. [ 285.919552][ T30] Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 285.927265][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 285.936048][ T30] task:syz-executor328 state:D stack:24784 pid:5829 tgid:5829 ppid:5828 flags:0x00004002 [ 285.946400][ T30] Call Trace: [ 285.949711][ T30] [ 285.952721][ T30] __schedule+0x1850/0x4c30 [ 285.957323][ T30] ? __pfx___schedule+0x10/0x10 [ 285.962451][ T30] ? __pfx_lock_release+0x10/0x10 [ 285.967517][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 285.973477][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.979152][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 285.984877][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 285.990838][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 285.997361][ T30] ? schedule+0x90/0x320 [ 286.001699][ T30] schedule+0x14b/0x320 [ 286.005873][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.011409][ T30] __mutex_lock+0x7e7/0xee0 [ 286.015949][ T30] ? __mutex_lock+0x5ef/0xee0 [ 286.020643][ T30] ? lmLogClose+0xb2/0x530 [ 286.025145][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 286.030215][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.035989][ T30] ? updateSuper+0x13d/0x760 [ 286.040639][ T30] lmLogClose+0xb2/0x530 [ 286.044998][ T30] jfs_umount+0x2ce/0x3a0 [ 286.049377][ T30] jfs_put_super+0x8a/0x190 [ 286.053943][ T30] ? __pfx_jfs_put_super+0x10/0x10 [ 286.059082][ T30] generic_shutdown_super+0x13b/0x2d0 [ 286.064579][ T30] kill_block_super+0x44/0x90 [ 286.069299][ T30] deactivate_locked_super+0xc6/0x130 [ 286.074787][ T30] cleanup_mnt+0x41f/0x4b0 [ 286.079254][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.084955][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 286.090169][ T30] task_work_run+0x251/0x310 [ 286.094838][ T30] ? __pfx_task_work_run+0x10/0x10 [ 286.099982][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.105718][ T30] ? path_umount+0x284/0xf70 [ 286.110437][ T30] ptrace_notify+0x2d2/0x380 [ 286.115102][ T30] ? __pfx_ptrace_notify+0x10/0x10 [ 286.120297][ T30] ? kmem_cache_free+0x195/0x410 [ 286.125334][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.131027][ T30] ? __x64_sys_umount+0x123/0x170 [ 286.136120][ T30] syscall_exit_work+0xc7/0x1d0 [ 286.141005][ T30] syscall_exit_to_user_mode+0x24a/0x340 [ 286.146747][ T30] do_syscall_64+0x100/0x230 [ 286.151424][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.157368][ T30] RIP: 0033:0x7fe26c7d14b7 [ 286.161879][ T30] RSP: 002b:00007ffe36fb80d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 286.170333][ T30] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe26c7d14b7 [ 286.178364][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe36fb8190 [ 286.186407][ T30] RBP: 00007ffe36fb8190 R08: 0000000000000000 R09: 0000000000000000 [ 286.194460][ T30] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe36fb91f0 [ 286.202520][ T30] R13: 000055555c1e26c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 286.210549][ T30] [ 286.213692][ T30] INFO: task syz-executor328:5831 blocked for more than 143 seconds. [ 286.221866][ T30] Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 286.229501][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.238218][ T30] task:syz-executor328 state:D stack:25472 pid:5831 tgid:5831 ppid:5828 flags:0x00004002 [ 286.248502][ T30] Call Trace: [ 286.251862][ T30] [ 286.254813][ T30] __schedule+0x1850/0x4c30 [ 286.259349][ T30] ? __pfx___schedule+0x10/0x10 [ 286.264349][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.269409][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 286.275364][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.281029][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.286758][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 286.292729][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 286.299070][ T30] ? schedule+0x90/0x320 [ 286.303394][ T30] schedule+0x14b/0x320 [ 286.307614][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.313141][ T30] __mutex_lock+0x7e7/0xee0 [ 286.317687][ T30] ? __mutex_lock+0x5ef/0xee0 [ 286.322459][ T30] ? lmLogClose+0xb2/0x530 [ 286.326918][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 286.332017][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.337691][ T30] ? updateSuper+0x13d/0x760 [ 286.342497][ T30] lmLogClose+0xb2/0x530 [ 286.346801][ T30] jfs_umount+0x2ce/0x3a0 [ 286.351228][ T30] jfs_put_super+0x8a/0x190 [ 286.355754][ T30] ? __pfx_jfs_put_super+0x10/0x10 [ 286.360875][ T30] generic_shutdown_super+0x13b/0x2d0 [ 286.366338][ T30] kill_block_super+0x44/0x90 [ 286.371047][ T30] deactivate_locked_super+0xc6/0x130 [ 286.376501][ T30] cleanup_mnt+0x41f/0x4b0 [ 286.380957][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.386663][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 286.391945][ T30] task_work_run+0x251/0x310 [ 286.396550][ T30] ? __pfx_task_work_run+0x10/0x10 [ 286.401870][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.407529][ T30] ? path_umount+0x284/0xf70 [ 286.412180][ T30] ptrace_notify+0x2d2/0x380 [ 286.416843][ T30] ? __pfx_ptrace_notify+0x10/0x10 [ 286.422033][ T30] ? kmem_cache_free+0x195/0x410 [ 286.427013][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.432750][ T30] ? __x64_sys_umount+0x123/0x170 [ 286.437824][ T30] syscall_exit_work+0xc7/0x1d0 [ 286.442764][ T30] syscall_exit_to_user_mode+0x24a/0x340 [ 286.448442][ T30] do_syscall_64+0x100/0x230 [ 286.453096][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.459023][ T30] RIP: 0033:0x7fe26c7d14b7 [ 286.463515][ T30] RSP: 002b:00007ffe36fb80d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 286.472018][ T30] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe26c7d14b7 [ 286.480013][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe36fb8190 [ 286.488079][ T30] RBP: 00007ffe36fb8190 R08: 0000000000000000 R09: 0000000000000000 [ 286.496114][ T30] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe36fb91f0 [ 286.504170][ T30] R13: 000055555c1e26c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 286.512228][ T30] [ 286.515276][ T30] INFO: task syz-executor328:5833 blocked for more than 143 seconds. [ 286.523432][ T30] Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 286.531094][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.539830][ T30] task:syz-executor328 state:D stack:23840 pid:5833 tgid:5833 ppid:5828 flags:0x00004002 [ 286.550133][ T30] Call Trace: [ 286.553526][ T30] [ 286.556602][ T30] __schedule+0x1850/0x4c30 [ 286.561213][ T30] ? __pfx___schedule+0x10/0x10 [ 286.566127][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.571217][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 286.577162][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.582879][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.588563][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 286.594542][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 286.600932][ T30] ? schedule+0x90/0x320 [ 286.605256][ T30] schedule+0x14b/0x320 [ 286.609443][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.614966][ T30] __mutex_lock+0x7e7/0xee0 [ 286.619505][ T30] ? __mutex_lock+0x5ef/0xee0 [ 286.624284][ T30] ? lmLogClose+0xb2/0x530 [ 286.628751][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 286.633868][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.639536][ T30] ? updateSuper+0x13d/0x760 [ 286.644245][ T30] lmLogClose+0xb2/0x530 [ 286.648526][ T30] jfs_umount+0x2ce/0x3a0 [ 286.652935][ T30] jfs_put_super+0x8a/0x190 [ 286.657488][ T30] ? __pfx_jfs_put_super+0x10/0x10 [ 286.662686][ T30] generic_shutdown_super+0x13b/0x2d0 [ 286.668106][ T30] kill_block_super+0x44/0x90 [ 286.672942][ T30] deactivate_locked_super+0xc6/0x130 [ 286.678368][ T30] cleanup_mnt+0x41f/0x4b0 [ 286.682901][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.688564][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 286.693846][ T30] task_work_run+0x251/0x310 [ 286.698495][ T30] ? __pfx_task_work_run+0x10/0x10 [ 286.703743][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.709411][ T30] ? path_umount+0x284/0xf70 [ 286.714072][ T30] ptrace_notify+0x2d2/0x380 [ 286.718701][ T30] ? __pfx_ptrace_notify+0x10/0x10 [ 286.724427][ T30] ? kmem_cache_free+0x195/0x410 [ 286.729492][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.735222][ T30] ? __x64_sys_umount+0x123/0x170 [ 286.740278][ T30] syscall_exit_work+0xc7/0x1d0 [ 286.745256][ T30] syscall_exit_to_user_mode+0x24a/0x340 [ 286.750933][ T30] do_syscall_64+0x100/0x230 [ 286.755644][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.761644][ T30] RIP: 0033:0x7fe26c7d14b7 [ 286.766092][ T30] RSP: 002b:00007ffe36fb80d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 286.774629][ T30] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe26c7d14b7 [ 286.782693][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe36fb8190 [ 286.790674][ T30] RBP: 00007ffe36fb8190 R08: 0000000000000000 R09: 0000000000000000 [ 286.798723][ T30] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffe36fb91f0 [ 286.806788][ T30] R13: 000055555c1e26c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 286.814837][ T30] [ 286.817874][ T30] [ 286.817874][ T30] Showing all locks held in the system: [ 286.825665][ T30] 1 lock held by khungtaskd/30: [ 286.830526][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 286.841017][ T30] 2 locks held by getty/5585: [ 286.845791][ T30] #0: ffff88803148c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 286.855629][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 286.865885][ T30] 2 locks held by syz-executor328/5829: [ 286.871480][ T30] #0: ffff8880335a80e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.881823][ T30] #1: ffffffff8ed54888 (jfs_log_mutex){+.+.}-{4:4}, at: lmLogClose+0xb2/0x530 [ 286.890859][ T30] 1 lock held by syz-executor328/5830: [ 286.896415][ T30] #0: ffff88802d3fc0e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.906853][ T30] 2 locks held by syz-executor328/5831: [ 286.912456][ T30] #0: ffff888079e7c0e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.922850][ T30] #1: ffffffff8ed54888 (jfs_log_mutex){+.+.}-{4:4}, at: lmLogClose+0xb2/0x530 [ 286.931959][ T30] 2 locks held by syz-executor328/5832: [ 286.937513][ T30] #0: ffff88807aab80e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.947850][ T30] #1: ffffffff8ed54888 (jfs_log_mutex){+.+.}-{4:4}, at: lmLogClose+0xb2/0x530 [ 286.956928][ T30] 2 locks held by syz-executor328/5833: [ 286.962530][ T30] #0: ffff8880353b40e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.972846][ T30] #1: ffffffff8ed54888 (jfs_log_mutex){+.+.}-{4:4}, at: lmLogClose+0xb2/0x530 [ 286.982012][ T30] 2 locks held by syz-executor328/5834: [ 286.987569][ T30] #0: ffff88807b1400e0 (&type->s_umount_key#42){+.+.}-{4:4}, at: deactivate_super+0xb5/0xf0 [ 286.997878][ T30] #1: ffffffff8ed54888 (jfs_log_mutex){+.+.}-{4:4}, at: lmLogClose+0xb2/0x530 [ 287.007000][ T30] [ 287.009511][ T30] ============================================= [ 287.009511][ T30] [ 287.017969][ T30] NMI backtrace for cpu 1 [ 287.022309][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 287.032799][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.042845][ T30] Call Trace: [ 287.046118][ T30] [ 287.049041][ T30] dump_stack_lvl+0x241/0x360 [ 287.053729][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.059020][ T30] ? __pfx__printk+0x10/0x10 [ 287.063709][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 287.068663][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.074117][ T30] ? _printk+0xd5/0x120 [ 287.078270][ T30] ? __pfx__printk+0x10/0x10 [ 287.082858][ T30] ? __wake_up_klogd+0xcc/0x110 [ 287.087702][ T30] ? __pfx__printk+0x10/0x10 [ 287.092289][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.097918][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 287.102944][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.108941][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 287.114926][ T30] watchdog+0xff6/0x1040 [ 287.119170][ T30] ? watchdog+0x1ea/0x1040 [ 287.123586][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.128260][ T30] kthread+0x2f2/0x390 [ 287.132328][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.137002][ T30] ? __pfx_kthread+0x10/0x10 [ 287.141593][ T30] ret_from_fork+0x4d/0x80 [ 287.146003][ T30] ? __pfx_kthread+0x10/0x10 [ 287.150600][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.155372][ T30] [ 287.158592][ T30] Sending NMI from CPU 1 to CPUs 0: [ 287.163869][ C0] NMI backtrace for cpu 0 [ 287.163884][ C0] CPU: 0 UID: 0 PID: 5189 Comm: klogd Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 287.163910][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.163924][ C0] RIP: 0010:flush_tlb_one_kernel+0x4/0x60 [ 287.163961][ C0] Code: 90 0f 0b e8 ce 4b 7b 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 <53> 48 89 fb 48 c7 c0 80 3f 7a 8e 48 c1 e8 03 48 b9 00 00 00 00 00 [ 287.163980][ C0] RSP: 0018:ffffc900046af218 EFLAGS: 00000002 [ 287.164001][ C0] RAX: 0000000000000002 RBX: 1ffff1100375eb50 RCX: ffffffff9a3ab903 [ 287.164025][ C0] RDX: ffff888079161e00 RSI: 0000000000000001 RDI: ffff88823bf50000 [ 287.164042][ C0] RBP: ffffc900046af2f0 R08: ffffffff820632c5 R09: 1ffffffff2854913 [ 287.164060][ C0] R10: dffffc0000000000 R11: fffffbfff2854914 R12: ffff88801baf5a80 [ 287.164078][ C0] R13: 1ffff920008d5e48 R14: 800000023bf50163 R15: 800000023bf50163 [ 287.164100][ C0] FS: 00007f2dcb8c0380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 287.164121][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.164137][ C0] CR2: 0000557d1dd52d88 CR3: 0000000032fa0000 CR4: 0000000000350ef0 [ 287.164156][ C0] Call Trace: [ 287.164164][ C0] [ 287.164173][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 287.164202][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 287.164233][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 287.164261][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.164300][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.164322][ C0] ? nmi_handle+0x151/0x5a0 [ 287.164351][ C0] ? nmi_handle+0x2a/0x5a0 [ 287.164381][ C0] ? flush_tlb_one_kernel+0x4/0x60 [ 287.164412][ C0] ? default_do_nmi+0x63/0x160 [ 287.164440][ C0] ? exc_nmi+0x123/0x1f0 [ 287.164465][ C0] ? end_repeat_nmi+0xf/0x53 [ 287.164490][ C0] ? kfence_unprotect+0xe5/0x290 [ 287.164520][ C0] ? flush_tlb_one_kernel+0x4/0x60 [ 287.164553][ C0] ? flush_tlb_one_kernel+0x4/0x60 [ 287.164586][ C0] ? flush_tlb_one_kernel+0x4/0x60 [ 287.164618][ C0] [ 287.164626][ C0] [ 287.164634][ C0] kfence_unprotect+0x19d/0x290 [ 287.164661][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.164686][ C0] ? __pfx_kfence_unprotect+0x10/0x10 [ 287.164713][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.164744][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 287.164774][ C0] ? unwind_get_return_address+0x4d/0x90 [ 287.164809][ C0] kfence_guarded_alloc+0x3cf/0xcd0 [ 287.164842][ C0] ? __pfx_kfence_guarded_alloc+0x10/0x10 [ 287.164873][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.164897][ C0] ? get_alloc_stack_hash+0x3c0/0x760 [ 287.164925][ C0] __kfence_alloc+0x344/0x370 [ 287.164952][ C0] ? __pfx___kfence_alloc+0x10/0x10 [ 287.164978][ C0] ? __kfence_alloc+0x274/0x370 [ 287.165007][ C0] ? kmem_cache_alloc_node_noprof+0x2c8/0x380 [ 287.165040][ C0] ? __alloc_skb+0x1c3/0x440 [ 287.165063][ C0] ? alloc_skb_with_frags+0xc3/0x820 [ 287.165089][ C0] ? sock_alloc_send_pskb+0x91a/0xa60 [ 287.165118][ C0] ? unix_dgram_sendmsg+0x6d3/0x1f80 [ 287.165146][ C0] ? __sock_sendmsg+0x223/0x270 [ 287.165179][ C0] ? __sys_sendto+0x363/0x4c0 [ 287.165201][ C0] ? __x64_sys_sendto+0xde/0x100 [ 287.165224][ C0] ? do_syscall_64+0xf3/0x230 [ 287.165258][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.165321][ C0] ? kmem_cache_alloc_node_noprof+0x2a8/0x380 [ 287.165358][ C0] kmem_cache_alloc_node_noprof+0x2c8/0x380 [ 287.165391][ C0] ? __alloc_skb+0x1c3/0x440 [ 287.165416][ C0] __alloc_skb+0x1c3/0x440 [ 287.165440][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165463][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 287.165496][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 287.165520][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165545][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165573][ C0] alloc_skb_with_frags+0xc3/0x820 [ 287.165609][ C0] sock_alloc_send_pskb+0x91a/0xa60 [ 287.165650][ C0] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 287.165684][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165708][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 287.165731][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165759][ C0] unix_dgram_sendmsg+0x6d3/0x1f80 [ 287.165794][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165821][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165844][ C0] ? aa_sk_perm+0x96d/0xab0 [ 287.165884][ C0] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.165914][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165939][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.165963][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 287.165987][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.166018][ C0] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 287.166044][ C0] __sock_sendmsg+0x223/0x270 [ 287.166080][ C0] __sys_sendto+0x363/0x4c0 [ 287.166107][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 287.166147][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.166170][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.166200][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.166232][ C0] __x64_sys_sendto+0xde/0x100 [ 287.166259][ C0] do_syscall_64+0xf3/0x230 [ 287.166293][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.166319][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.166354][ C0] RIP: 0033:0x7f2dcba229b5 [ 287.166372][ C0] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 287.166390][ C0] RSP: 002b:00007fff358d7f18 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 287.166413][ C0] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2dcba229b5 [ 287.166430][ C0] RDX: 000000000000008b RSI: 00005651311e8740 RDI: 0000000000000003 [ 287.166446][ C0] RBP: 00005651311e4910 R08: 0000000000000000 R09: 0000000000000000 [ 287.166461][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 287.166476][ C0] R13: 00007f2dcbbb0212 R14: 00007fff358d8018 R15: 0000000000000000 [ 287.166502][ C0] [ 287.166512][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.643 msecs [ 287.166868][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 287.771889][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00161-g63676eefb7a0 #0 [ 287.782398][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 287.792453][ T30] Call Trace: [ 287.795736][ T30] [ 287.798675][ T30] dump_stack_lvl+0x241/0x360 [ 287.803376][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 287.808591][ T30] ? __pfx__printk+0x10/0x10 [ 287.813193][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.819188][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.824916][ T30] ? vscnprintf+0x5d/0x90 [ 287.829259][ T30] panic+0x349/0x880 [ 287.833167][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.838807][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 287.844976][ T30] ? __pfx_panic+0x10/0x10 [ 287.849404][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 287.854799][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.860525][ T30] ? __irq_work_queue_local+0x137/0x410 [ 287.866084][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.871725][ T30] ? irq_work_queue+0xca/0x150 [ 287.876501][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.882492][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 287.888484][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.894125][ T30] ? nmi_trigger_cpumask_backtrace+0x251/0x320 [ 287.900293][ T30] watchdog+0x1035/0x1040 [ 287.904656][ T30] ? watchdog+0x1ea/0x1040 [ 287.909089][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.913787][ T30] kthread+0x2f2/0x390 [ 287.917869][ T30] ? __pfx_watchdog+0x10/0x10 [ 287.922557][ T30] ? __pfx_kthread+0x10/0x10 [ 287.927159][ T30] ret_from_fork+0x4d/0x80 [ 287.931582][ T30] ? __pfx_kthread+0x10/0x10 [ 287.936183][ T30] ret_from_fork_asm+0x1a/0x30 [ 287.940963][ T30] [ 287.944217][ T30] Kernel Offset: disabled [ 287.948541][ T30] Rebooting in 86400 seconds..