./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2472274956 <...> e=1 [ 55.787685][ T27] audit: type=1400 audit(1699646684.993:81): avc: denied { siginh } for pid=4911 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 56.928214][ T27] audit: type=1400 audit(1699646686.213:82): avc: denied { read } for pid=4493 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.10.11' (ED25519) to the list of known hosts. execve("./syz-executor2472274956", ["./syz-executor2472274956"], 0x7ffc6317bd80 /* 10 vars */) = 0 brk(NULL) = 0x5555561c3000 brk(0x5555561c3d40) = 0x5555561c3d40 arch_prctl(ARCH_SET_FS, 0x5555561c33c0) = 0 set_tid_address(0x5555561c3690) = 5061 set_robust_list(0x5555561c36a0, 24) = 0 rseq(0x5555561c3ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2472274956", 4096) = 28 getrandom("\xc5\xe5\xc3\xff\x19\xf5\x85\xda", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555561c3d40 brk(0x5555561e4d40) = 0x5555561e4d40 brk(0x5555561e5000) = 0x5555561e5000 mprotect(0x7fe532f6b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5061 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [ 71.797007][ T27] audit: type=1400 audit(1699646701.083:83): avc: denied { execmem } for pid=5061 comm="syz-executor247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 71.821281][ T27] audit: type=1400 audit(1699646701.113:84): avc: denied { append } for pid=4493 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [ 71.844246][ T27] audit: type=1400 audit(1699646701.113:85): avc: denied { open } for pid=4493 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 71.867140][ T27] audit: type=1400 audit(1699646701.113:86): avc: denied { getattr } for pid=4493 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "5061", 4) = 4 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5062 attached , child_tidptr=0x5555561c3690) = 5062 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] set_robust_list(0x5555561c36a0, 24) = 0 ./strace-static-x86_64: Process 5063 attached [pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5063] set_robust_list(0x5555561c36a0, 24 [pid 5061] <... clone resumed>, child_tidptr=0x5555561c3690) = 5063 [pid 5063] <... set_robust_list resumed>) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5062] <... openat resumed>) = 3 [pid 5063] <... openat resumed>) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5063] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5064 attached [pid 5063] close(3 [pid 5061] <... clone resumed>, child_tidptr=0x5555561c3690) = 5064 [pid 5064] set_robust_list(0x5555561c36a0, 24 [pid 5063] <... close resumed>) = 0 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... set_robust_list resumed>) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555561c3690) = 5065 [pid 5064] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5062] close(3 [pid 5061] <... clone resumed>, child_tidptr=0x5555561c3690) = 5066 [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5065 attached [pid 5062] <... close resumed>) = 0 ./strace-static-x86_64: Process 5066 attached [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] set_robust_list(0x5555561c36a0, 24 [pid 5065] set_robust_list(0x5555561c36a0, 24 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5064] ioctl(3, LOOP_CLR_FD [pid 5066] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5064] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5064] close(3) = 0 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] <... openat resumed>) = 3 [pid 5061] <... clone resumed>, child_tidptr=0x5555561c3690) = 5067 ./strace-static-x86_64: Process 5067 attached [pid 5061] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... set_robust_list resumed>) = 0 [pid 5062] <... clone resumed>, child_tidptr=0x5555561c3690) = 5068 ./strace-static-x86_64: Process 5068 attached [pid 5067] set_robust_list(0x5555561c36a0, 24 [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5068] set_robust_list(0x5555561c36a0, 24) = 0 [pid 5066] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] close(3) = 0 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5070 attached [pid 5068] <... prctl resumed>) = 0 [pid 5067] <... set_robust_list resumed>) = 0 [pid 5068] setpgid(0, 0 [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... clone resumed>, child_tidptr=0x5555561c3690) = 5070 [pid 5070] set_robust_list(0x5555561c36a0, 24 [pid 5068] <... setpgid resumed>) = 0 [pid 5065] setpgid(0, 0 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5067] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] <... setpgid resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5066] <... clone resumed>, child_tidptr=0x5555561c3690) = 5071 [pid 5068] write(3, "1000", 4 [pid 5065] <... openat resumed>) = 3 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] write(3, "1000", 4./strace-static-x86_64: Process 5071 attached [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5068] <... write resumed>) = 4 [ 72.077330][ T27] audit: type=1400 audit(1699646701.363:87): avc: denied { read write } for pid=5062 comm="syz-executor247" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.102815][ T27] audit: type=1400 audit(1699646701.363:88): avc: denied { open } for pid=5062 comm="syz-executor247" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5071] set_robust_list(0x5555561c36a0, 24 [pid 5070] <... prctl resumed>) = 0 [pid 5067] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5065] <... write resumed>) = 4 [pid 5061] <... clone resumed>, child_tidptr=0x5555561c3690) = 5069 [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] setpgid(0, 0 [pid 5068] <... close resumed>) = 0 [pid 5065] close(3 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... setpgid resumed>) = 0 [pid 5067] close(3 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... close resumed>) = 0 [pid 5071] <... prctl resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5067] <... close resumed>) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] setpgid(0, 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5065] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5069 attached [pid 5071] <... setpgid resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5068] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5065] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5069] set_robust_list(0x5555561c36a0, 24 [pid 5070] write(3, "1000", 4 [pid 5068] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5065] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5073 attached [pid 5071] close(3 [pid 5073] set_robust_list(0x5555561c36a0, 24 [pid 5071] <... close resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x5555561c3690) = 5073 [pid 5073] <... set_robust_list resumed>) = 0 [pid 5071] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... futex resumed>) = 0 [pid 5071] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5073] <... prctl resumed>) = 0 [pid 5071] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5073] setpgid(0, 0 [pid 5071] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5073] <... setpgid resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe532e85000 [pid 5071] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5073] <... openat resumed>) = 3 [pid 5071] <... mprotect resumed>) = 0 [pid 5071] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5073] write(3, "1000", 4) = 4 [pid 5071] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5073] close(3 [pid 5071] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5073] <... close resumed>) = 0 [pid 5073] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 5074 attached [pid 5073] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5074] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5073] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5071] <... clone3 resumed> => {parent_tid=[5074]}, 88) = 5074 [pid 5074] <... rseq resumed>) = 0 [pid 5073] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5071] rt_sigprocmask(SIG_SETMASK, [], [pid 5074] set_robust_list(0x7fe532ea59a0, 24 [pid 5073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] rt_sigprocmask(SIG_SETMASK, [], [pid 5073] <... mmap resumed>) = 0x7fe532e85000 [pid 5071] <... futex resumed>) = 0 [pid 5074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5073] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5074] memfd_create("syzkaller", 0 [pid 5073] <... mprotect resumed>) = 0 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5070] <... write resumed>) = 4 [pid 5068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5065] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5074] <... memfd_create resumed>) = 3 [pid 5073] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5074] <... mmap resumed>) = 0x7fe52aa85000 [pid 5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5070] close(3./strace-static-x86_64: Process 5075 attached [pid 5073] <... clone3 resumed> => {parent_tid=[5075]}, 88) = 5075 [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5070] <... close resumed>) = 0 [pid 5065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5075] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] <... mmap resumed>) = 0x7fe532e85000 [pid 5075] <... rseq resumed>) = 0 [pid 5073] <... futex resumed>) = 0 [pid 5075] set_robust_list(0x7fe532ea59a0, 24 [pid 5069] <... openat resumed>) = 3 [pid 5070] <... futex resumed>) = 0 [pid 5068] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5065] <... mmap resumed>) = 0x7fe532e85000 [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5075] <... set_robust_list resumed>) = 0 [pid 5065] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5068] <... mprotect resumed>) = 0 [pid 5065] <... mprotect resumed>) = 0 [pid 5068] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5075] rt_sigprocmask(SIG_SETMASK, [], [pid 5065] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5070] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5068] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5075] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5075] memfd_create("syzkaller", 0 [pid 5070] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5065] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5075] <... memfd_create resumed>) = 3 [pid 5065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5070] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], ./strace-static-x86_64: Process 5077 attached [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5068] <... clone3 resumed> => {parent_tid=[5076]}, 88) = 5076 [pid 5077] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5075] <... mmap resumed>) = 0x7fe52aa85000 [pid 5070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5068] rt_sigprocmask(SIG_SETMASK, [], [pid 5070] <... mmap resumed>) = 0x7fe532e85000 [pid 5068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5077] <... rseq resumed>) = 0 [pid 5065] <... clone3 resumed> => {parent_tid=[5077]}, 88) = 5077 [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] set_robust_list(0x7fe532ea59a0, 24 [pid 5065] rt_sigprocmask(SIG_SETMASK, [], [pid 5068] <... futex resumed>) = 0 [pid 5070] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 5076 attached [pid 5077] <... set_robust_list resumed>) = 0 [pid 5076] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5070] <... mprotect resumed>) = 0 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5076] <... rseq resumed>) = 0 [pid 5076] set_robust_list(0x7fe532ea59a0, 24 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] rt_sigprocmask(SIG_SETMASK, [], [pid 5076] <... set_robust_list resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5070] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5077] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5076] rt_sigprocmask(SIG_SETMASK, [], [pid 5070] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5077] memfd_create("syzkaller", 0 [pid 5076] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5065] <... futex resumed>) = 0 [pid 5077] <... memfd_create resumed>) = 3 [pid 5076] memfd_create("syzkaller", 0 [pid 5069] close(3 [pid 5070] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... memfd_create resumed>) = 3 [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5078 attached [pid 5077] <... mmap resumed>) = 0x7fe52aa85000 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5069] <... close resumed>) = 0 [pid 5078] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5076] <... mmap resumed>) = 0x7fe52aa85000 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... clone3 resumed> => {parent_tid=[5078]}, 88) = 5078 [ 72.165905][ T27] audit: type=1400 audit(1699646701.393:89): avc: denied { ioctl } for pid=5063 comm="syz-executor247" path="/dev/loop1" dev="devtmpfs" ino=649 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 5070] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5079 attached [pid 5078] <... rseq resumed>) = 0 [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5070] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x5555561c3690) = 5079 [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5079] set_robust_list(0x5555561c36a0, 24 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5079] <... set_robust_list resumed>) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] set_robust_list(0x7fe532ea59a0, 24) = 0 [pid 5079] <... prctl resumed>) = 0 [pid 5078] rt_sigprocmask(SIG_SETMASK, [], [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5079] setpgid(0, 0) = 0 [pid 5078] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] memfd_create("syzkaller", 0 [pid 5079] write(3, "1000", 4 [pid 5078] <... memfd_create resumed>) = 3 [pid 5079] <... write resumed>) = 4 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe52aa85000 [pid 5079] close(3 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5077] <... write resumed>) = 1048576 [pid 5079] <... close resumed>) = 0 [pid 5079] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] munmap(0x7fe52aa85000, 138412032 [pid 5079] <... futex resumed>) = 0 [pid 5079] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5077] <... munmap resumed>) = 0 [pid 5074] <... write resumed>) = 1048576 [pid 5079] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5075] <... write resumed>) = 1048576 [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5077] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... mmap resumed>) = 0x7fe532e85000 [pid 5074] munmap(0x7fe52aa85000, 138412032) = 0 [pid 5079] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5074] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... mprotect resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5077] close(3 [pid 5075] munmap(0x7fe52aa85000, 138412032 [pid 5079] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... write resumed>) = 1048576 [pid 5075] <... munmap resumed>) = 0 [pid 5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5077] mkdir("./file0", 0777 [pid 5076] munmap(0x7fe52aa85000, 138412032 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5075] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5080 attached [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... munmap resumed>) = 0 [pid 5080] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5079] <... clone3 resumed> => {parent_tid=[5080]}, 88) = 5080 [pid 5079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5080] <... rseq resumed>) = 0 [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] set_robust_list(0x7fe532ea59a0, 24 [pid 5076] <... openat resumed>) = 4 [pid 5080] <... set_robust_list resumed>) = 0 [pid 5076] ioctl(4, LOOP_SET_FD, 3 [pid 5080] rt_sigprocmask(SIG_SETMASK, [], [pid 5076] <... ioctl resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5076] close(3 [pid 5080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5077] mount("/dev/loop1", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [ 72.301917][ T5077] loop1: detected capacity change from 0 to 2048 [ 72.303718][ T5074] loop3: detected capacity change from 0 to 2048 [ 72.329276][ T5075] loop4: detected capacity change from 0 to 2048 [ 72.341012][ T5076] loop0: detected capacity change from 0 to 2048 [pid 5080] memfd_create("syzkaller", 0) = 3 [pid 5078] <... write resumed>) = 1048576 [pid 5074] <... ioctl resumed>) = 0 [pid 5074] close(3) = 0 [pid 5074] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5074] mount("/dev/loop3", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 5075] <... ioctl resumed>) = 0 [pid 5075] close(3) = 0 [pid 5075] mkdir("./file0", 0777 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5076] <... close resumed>) = 0 [pid 5075] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5075] mount("/dev/loop4", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 5080] <... mmap resumed>) = 0x7fe52aa85000 [pid 5078] munmap(0x7fe52aa85000, 138412032 [pid 5076] mkdir("./file0", 0777 [pid 5078] <... munmap resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [ 72.352514][ T27] audit: type=1400 audit(1699646701.643:90): avc: denied { mounton } for pid=5065 comm="syz-executor247" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 72.387114][ T5078] loop2: detected capacity change from 0 to 2048 [pid 5076] mount("/dev/loop0", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5078] mount("/dev/loop2", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 5077] <... mount resumed>) = 0 [pid 5080] <... write resumed>) = 1048576 [ 72.415714][ T5077] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.432495][ T27] audit: type=1400 audit(1699646701.713:91): avc: denied { mount } for pid=5065 comm="syz-executor247" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] munmap(0x7fe52aa85000, 138412032 [pid 5077] <... openat resumed>) = 3 [pid 5080] <... munmap resumed>) = 0 [pid 5077] chdir("./file0" [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5077] <... chdir resumed>) = 0 [pid 5075] <... mount resumed>) = 0 [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5077] ioctl(4, LOOP_CLR_FD [pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5077] close(4) = 0 [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5065] <... futex resumed>) = 0 [pid 5077] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [ 72.436726][ T5075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.472899][ T5074] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.490339][ T5080] loop5: detected capacity change from 0 to 2048 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] chdir("./file0" [pid 5065] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] <... open resumed>) = 4 [pid 5075] <... chdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5074] <... mount resumed>) = 0 [pid 5080] close(3 [pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] <... close resumed>) = 0 [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] ioctl(4, LOOP_CLR_FD [pid 5074] <... openat resumed>) = 3 [pid 5080] mkdir("./file0", 0777 [pid 5077] <... futex resumed>) = 1 [pid 5074] chdir("./file0" [pid 5065] <... futex resumed>) = 0 [ 72.508847][ T27] audit: type=1400 audit(1699646701.793:92): avc: denied { write } for pid=5065 comm="syz-executor247" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 72.550978][ T5076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [pid 5076] <... mount resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5077] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5074] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] close(4 [pid 5065] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] <... close resumed>) = 0 [pid 5074] ioctl(4, LOOP_CLR_FD) = 0 [pid 5080] mount("/dev/loop5", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue" [pid 5074] close(4) = 0 [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5074] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] <... write resumed>) = 9 [pid 5076] <... openat resumed>) = 3 [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... mount resumed>) = 0 [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] chdir("./file0") = 0 [pid 5075] <... futex resumed>) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5077] <... futex resumed>) = 1 [pid 5065] <... futex resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] ioctl(4, LOOP_CLR_FD [pid 5075] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... ioctl resumed>) = 0 [pid 5073] <... futex resumed>) = 0 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] close(4 [pid 5074] <... futex resumed>) = 0 [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5071] <... futex resumed>) = 1 [pid 5065] <... futex resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] open("./bus", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 5075] <... open resumed>) = 4 [pid 5074] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] chdir("./file0" [pid 5077] <... open resumed>) = 5 [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... chdir resumed>) = 0 [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = 1 [pid 5075] <... futex resumed>) = 1 [pid 5074] <... open resumed>) = 4 [pid 5073] <... futex resumed>) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5078] ioctl(4, LOOP_CLR_FD [pid 5077] <... futex resumed>) = 1 [pid 5076] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] <... futex resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5075] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5074] <... futex resumed>) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [ 72.565587][ T5078] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [pid 5068] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] close(4 [pid 5077] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5065] <... futex resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] <... mmap resumed>) = 0x20000000 [pid 5078] <... futex resumed>) = 1 [pid 5070] <... futex resumed>) = 0 [pid 5078] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5070] <... futex resumed>) = 0 [pid 5078] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5065] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5065] <... futex resumed>) = 0 [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... open resumed>) = 4 [pid 5076] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5074] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... mount resumed>) = 0 [pid 5076] <... open resumed>) = 4 [pid 5075] <... write resumed>) = 9 [pid 5074] <... write resumed>) = 9 [pid 5071] <... futex resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... openat resumed>) = 3 [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = 1 [pid 5075] <... futex resumed>) = 1 [pid 5074] <... futex resumed>) = 0 [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5068] <... futex resumed>) = 0 [pid 5080] chdir("./file0" [pid 5076] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... chdir resumed>) = 0 [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5075] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5074] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5080] ioctl(4, LOOP_CLR_FD [pid 5076] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5075] open("./bus", O_RDWR [pid 5074] open("./bus", O_RDWR [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... futex resumed>) = 1 [pid 5075] <... open resumed>) = 5 [pid 5074] <... open resumed>) = 5 [pid 5070] <... futex resumed>) = 0 [pid 5080] close(4 [pid 5078] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5076] <... write resumed>) = 9 [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... close resumed>) = 0 [pid 5078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 1 [pid 5074] <... futex resumed>) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5070] <... futex resumed>) = 0 [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = 1 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 0 [pid 5078] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5080] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5076] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5075] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5074] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... write resumed>) = 9 [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5075] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5074] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] <... futex resumed>) = 0 [pid 5080] <... open resumed>) = 4 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] open("./bus", O_RDWR [pid 5075] <... mmap resumed>) = 0x20000000 [pid 5074] <... mmap resumed>) = 0x20000000 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 1 [pid 5076] <... open resumed>) = 5 [ 72.619019][ T5080] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.635835][ T5077] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1214: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = 0 [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] open("./bus", O_RDWR [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5075] <... futex resumed>) = 1 [pid 5074] <... futex resumed>) = 1 [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5078] <... open resumed>) = 5 [pid 5077] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 5076] <... futex resumed>) = 1 [pid 5075] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5074] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5073] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5065] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5080] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5077] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5065] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5079] <... futex resumed>) = 0 [pid 5078] <... futex resumed>) = 0 [pid 5077] <... futex resumed>) = 0 [pid 5073] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5071] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5078] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5077] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000780} --- [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5070] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5068] <... futex resumed>) = 0 [pid 5065] <... futex resumed>) = 0 [pid 5076] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5078] <... futex resumed>) = 0 [pid 5076] <... mmap resumed>) = 0x20000000 [pid 5070] <... futex resumed>) = 1 [pid 5080] <... write resumed>) = 9 [pid 5078] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5065] <... futex resumed>) = ? [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... mmap resumed>) = 0x20000000 [pid 5076] <... futex resumed>) = 1 [pid 5068] <... futex resumed>) = 0 [ 72.692172][ T5074] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1214: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 72.709012][ T5075] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1214: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [pid 5080] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] open("./bus", O_RDWR [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] <... futex resumed>) = 1 [pid 5077] +++ killed by SIGBUS +++ [pid 5070] <... futex resumed>) = 0 [pid 5068] <... futex resumed>) = 0 [pid 5065] +++ killed by SIGBUS +++ [pid 5079] <... futex resumed>) = 0 [pid 5078] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5070] <... futex resumed>) = 0 [pid 5070] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5065, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5080] <... open resumed>) = 5 [pid 5078] <... ioctl resumed>) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5070] <... futex resumed>) = 0 [pid 5063] <... openat resumed>) = 3 [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5076] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 5070] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5080] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5076] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5070] <... futex resumed>) = 0 [pid 5063] ioctl(3, LOOP_CLR_FD [pid 5080] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5078] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001000} --- [pid 5076] <... futex resumed>) = 1 [pid 5070] ???( [pid 5068] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5076] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5070] <... ??? resumed>) = ? [pid 5068] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... ioctl resumed>) = 0 [pid 5080] <... mmap resumed>) = 0x20000000 [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5075] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 5074] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 5073] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5071] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5068] <... futex resumed>) = 0 [pid 5063] close(3 [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5076] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5073] futex(0x7fe532f7161c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f7161c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5063] <... close resumed>) = 0 [pid 5080] <... futex resumed>) = 1 [pid 5079] <... futex resumed>) = 0 [pid 5076] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000780} --- [pid 5073] <... futex resumed>) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5068] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5068] <... futex resumed>) = ? [pid 5079] <... futex resumed>) = 0 [pid 5073] <... mmap resumed>) = 0x7fe532e64000 [pid 5071] <... mmap resumed>) = 0x7fe532e64000 [pid 5079] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5073] mprotect(0x7fe532e65000, 131072, PROT_READ|PROT_WRITE [pid 5071] mprotect(0x7fe532e65000, 131072, PROT_READ|PROT_WRITE [pid 5063] <... clone resumed>, child_tidptr=0x5555561c3690) = 5097 [ 72.751895][ T5076] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1214: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 72.780017][ T5078] ------------[ cut here ]------------ [ 72.785795][ T5078] kernel BUG at fs/ext4/inode.c:2569! [pid 5080] ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5075] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5073] <... mprotect resumed>) = 0 [pid 5071] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 5097 attached [pid 5097] set_robust_list(0x5555561c36a0, 24 [pid 5071] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5073] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5097] <... set_robust_list resumed>) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5071] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5071] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532e84990, parent_tid=0x7fe532e84990, exit_signal=0, stack=0x7fe532e64000, stack_size=0x20300, tls=0x7fe532e846c0} [pid 5073] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532e84990, parent_tid=0x7fe532e84990, exit_signal=0, stack=0x7fe532e64000, stack_size=0x20300, tls=0x7fe532e846c0} [pid 5075] <... futex resumed>) = 0 [pid 5074] <... futex resumed>) = 0 [pid 5097] <... prctl resumed>) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5073] <... clone3 resumed> => {parent_tid=[5099]}, 88) = 5099 [pid 5071] <... clone3 resumed> => {parent_tid=[5098]}, 88) = 5098 ./strace-static-x86_64: Process 5098 attached [pid 5075] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5074] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5098] rseq(0x7fe532e84fe0, 0x20, 0, 0x53053053 [pid 5073] rt_sigprocmask(SIG_SETMASK, [], [pid 5071] rt_sigprocmask(SIG_SETMASK, [], [pid 5098] <... rseq resumed>) = 0 [pid 5073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5098] set_robust_list(0x7fe532e849a0, 24 [pid 5071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5073] futex(0x7fe532f71618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5071] futex(0x7fe532f71618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5098] rt_sigprocmask(SIG_SETMASK, [], [pid 5073] <... futex resumed>) = 0 [pid 5098] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5071] <... futex resumed>) = 0 [pid 5073] futex(0x7fe532f7161c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5071] futex(0x7fe532f7161c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5098] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000780} --- [pid 5097] <... openat resumed>) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, NULL, 8) = 0 [pid 5097] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 ./strace-static-x86_64: Process 5099 attached [ 72.800146][ T5076] ------------[ cut here ]------------ [ 72.805700][ T5076] kernel BUG at fs/ext4/inode.c:2569! [ 72.826801][ T5078] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 72.831232][ T5080] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1214: group 0, [ 72.832886][ T5078] CPU: 0 PID: 5078 Comm: syz-executor247 Not tainted 6.6.0-syzkaller-15859-g89cdf9d55601 #0 [ 72.832899][ T5080] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 72.859923][ T5078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 72.869986][ T5078] RIP: 0010:ext4_do_writepages+0x2653/0x3340 [ 72.876006][ T5078] Code: fc ff df 44 89 64 24 18 48 c1 ea 03 80 3c 02 00 0f 84 09 ee ff ff 48 8b 7c 24 08 e8 f7 e4 a7 ff e9 fa ed ff ff e8 2d b3 51 ff <0f> 0b e8 26 b3 51 ff 48 8b 4c 24 60 41 89 dd 48 b8 00 00 00 00 00 [ 72.895797][ T5078] RSP: 0018:ffffc90003537578 EFLAGS: 00010293 [ 72.901844][ T5078] RAX: 0000000000000000 RBX: ffff888073937310 RCX: ffffffff8235cfbb [ 72.909794][ T5078] RDX: ffff88801f21a100 RSI: ffffffff8235e373 RDI: 0000000000000007 [ 72.917745][ T5078] RBP: ffffc90003537780 R08: 0000000000000007 R09: 0000000000000000 [ 72.925698][ T5078] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 72.933676][ T5078] R13: ffff888020c78630 R14: ffff888073937570 R15: 7fffffffffffffff [ 72.941713][ T5078] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 72.950622][ T5078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.957185][ T5078] CR2: 00007fe532f07c50 CR3: 000000001fc5c000 CR4: 00000000003506f0 [ 72.965135][ T5078] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.973085][ T5078] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.981033][ T5078] Call Trace: [ 72.984292][ T5078] [ 72.987203][ T5078] ? show_regs+0x8f/0xa0 [ 72.991428][ T5078] ? die+0x36/0xa0 [ 72.995134][ T5078] ? do_trap+0x22b/0x420 [ 72.999360][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.004712][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.010059][ T5078] ? do_error_trap+0xf4/0x230 [ 73.014719][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.020069][ T5078] ? handle_invalid_op+0x34/0x40 [ 73.024987][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.030337][ T5078] ? exc_invalid_op+0x2d/0x40 [ 73.035009][ T5078] ? asm_exc_invalid_op+0x1a/0x20 [ 73.040016][ T5078] ? ext4_do_writepages+0x129b/0x3340 [ 73.045365][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.050713][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.056062][ T5078] ? ext4_do_writepages+0x2653/0x3340 [ 73.061411][ T5078] ? mark_lock+0x105/0x1950 [ 73.065898][ T5078] ? lockdep_unlock+0x11b/0x290 [ 73.070730][ T5078] ? __ext4_mark_inode_dirty+0x800/0x800 [ 73.076341][ T5078] ext4_writepages+0x30c/0x780 [ 73.081088][ T5078] ? ext4_normal_submit_inode_data_buffers+0x1a0/0x1a0 [ 73.087918][ T5078] ? ext4_normal_submit_inode_data_buffers+0x1a0/0x1a0 [ 73.094743][ T5078] do_writepages+0x1b4/0x690 [ 73.099313][ T5078] ? writeback_set_ratelimit+0x140/0x140 [ 73.104923][ T5078] ? lock_sync+0x190/0x190 [ 73.109320][ T5078] ? do_raw_spin_unlock+0x173/0x230 [ 73.114500][ T5078] ? _raw_spin_unlock+0x28/0x40 [ 73.119332][ T5078] ? wbc_attach_and_unlock_inode+0x49c/0x910 [ 73.125298][ T5078] ? ext4_file_mmap+0x6f0/0x6f0 [ 73.130130][ T5078] filemap_fdatawrite_wbc+0x144/0x1b0 [ 73.135481][ T5078] __filemap_fdatawrite_range+0xba/0x100 [ 73.141095][ T5078] ? delete_from_page_cache_batch+0xb40/0xb40 [ 73.147143][ T5078] ? locks_remove_file+0x399/0x5a0 [ 73.152238][ T5078] ext4_alloc_da_blocks+0x1e9/0x270 [ 73.157415][ T5078] ext4_release_file+0x178/0x360 [ 73.162333][ T5078] __fput+0x270/0xbb0 [ 73.166294][ T5078] task_work_run+0x14d/0x240 [ 73.170869][ T5078] ? task_work_cancel+0x30/0x30 [ 73.175703][ T5078] ? do_raw_spin_unlock+0x173/0x230 [ 73.180887][ T5078] do_exit+0xa92/0x2ae0 [ 73.185028][ T5078] ? mm_update_next_owner+0x840/0x840 [ 73.190386][ T5078] do_group_exit+0xd4/0x2a0 [ 73.194874][ T5078] get_signal+0x23ba/0x2790 [ 73.199357][ T5078] ? _raw_spin_unlock_irqrestore+0x3b/0x70 [ 73.205143][ T5078] ? exit_signals+0x960/0x960 [ 73.209799][ T5078] arch_do_signal_or_restart+0x90/0x7f0 [ 73.215329][ T5078] ? get_sigframe_size+0x20/0x20 [ 73.220253][ T5078] exit_to_user_mode_prepare+0x11f/0x240 [ 73.225864][ T5078] irqentry_exit_to_user_mode+0x9/0x40 [ 73.231301][ T5078] asm_exc_page_fault+0x26/0x30 [ 73.236131][ T5078] RIP: 0033:0x7fe532eb10bb [ 73.240522][ T5078] Code: Unable to access opcode bytes at 0x7fe532eb1091. [ 73.247519][ T5078] RSP: 002b:00007fe532ea5220 EFLAGS: 00010217 [ 73.253565][ T5078] RAX: 0000000020000fc0 RBX: 00007fe532f71608 RCX: 00000000000000e5 [ 73.261515][ T5078] RDX: 0000000000000000 RSI: 00007fe532f3d300 RDI: 0000000020001000 [ 73.269464][ T5078] RBP: 00007fe532f71600 R08: 0000000000000000 R09: 0000000000000000 [ 73.277412][ T5078] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe532f3da2c [ 73.285361][ T5078] R13: 00007fe532f3d2c0 R14: 0030656c69662f2e R15: 6fe44da629969272 [ 73.293486][ T5078] [ 73.296483][ T5078] Modules linked in: [ 73.300393][ T5076] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 73.306475][ T5076] CPU: 1 PID: 5076 Comm: syz-executor247 Tainted: G D 6.6.0-syzkaller-15859-g89cdf9d55601 #0 [ 73.313569][ T5078] ---[ end trace 0000000000000000 ]--- [ 73.318012][ T5076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 73.318025][ T5076] RIP: 0010:ext4_do_writepages+0x2653/0x3340 [ 73.324057][ T5078] RIP: 0010:ext4_do_writepages+0x2653/0x3340 [ 73.333497][ T5076] Code: fc ff df 44 89 64 24 18 48 c1 ea 03 80 3c 02 00 0f 84 09 ee ff ff 48 8b 7c 24 08 e8 f7 e4 a7 ff e9 fa ed ff ff e8 2d b3 51 ff <0f> 0b e8 26 b3 51 ff 48 8b 4c 24 60 41 89 dd 48 b8 00 00 00 00 00 [ 73.333517][ T5076] RSP: 0018:ffffc90003517578 EFLAGS: 00010293 [ 73.333536][ T5076] RAX: 0000000000000000 RBX: ffff888073937310 RCX: ffffffff8235cfbb [ 73.379053][ T5076] RDX: ffff888074760080 RSI: ffffffff8235e373 RDI: 0000000000000007 [ 73.387032][ T5076] RBP: ffffc90003517780 R08: 0000000000000007 R09: 0000000000000000 [ 73.394998][ T5076] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 73.402971][ T5076] R13: ffff888020c78630 R14: ffff888073937570 R15: 7fffffffffffffff [ 73.410937][ T5076] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 73.419868][ T5076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.426448][ T5076] CR2: 000055d370feaf80 CR3: 000000007a0be000 CR4: 00000000003506f0 [ 73.434413][ T5076] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.442375][ T5076] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.450339][ T5076] Call Trace: [ 73.453608][ T5076] [ 73.456529][ T5076] ? show_regs+0x8f/0xa0 [ 73.460772][ T5076] ? die+0x36/0xa0 [ 73.464488][ T5076] ? do_trap+0x22b/0x420 [ 73.468730][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.474096][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.479459][ T5076] ? do_error_trap+0xf4/0x230 [ 73.484136][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.489501][ T5076] ? handle_invalid_op+0x34/0x40 [ 73.494435][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.499799][ T5076] ? exc_invalid_op+0x2d/0x40 [ 73.504479][ T5076] ? asm_exc_invalid_op+0x1a/0x20 [ 73.509496][ T5076] ? ext4_do_writepages+0x129b/0x3340 [ 73.514860][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.520223][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.525593][ T5076] ? ext4_do_writepages+0x2653/0x3340 [ 73.530962][ T5076] ? mark_lock+0x105/0x1950 [ 73.535466][ T5076] ? __ext4_mark_inode_dirty+0x800/0x800 [ 73.541099][ T5076] ext4_writepages+0x30c/0x780 [ 73.545857][ T5076] ? ext4_normal_submit_inode_data_buffers+0x1a0/0x1a0 [ 73.552705][ T5076] ? ext4_normal_submit_inode_data_buffers+0x1a0/0x1a0 [ 73.559552][ T5076] do_writepages+0x1b4/0x690 [ 73.564138][ T5076] ? writeback_set_ratelimit+0x140/0x140 [ 73.569774][ T5076] ? lock_sync+0x190/0x190 [ 73.574198][ T5076] ? do_raw_spin_unlock+0x173/0x230 [ 73.579398][ T5076] ? _raw_spin_unlock+0x28/0x40 [ 73.584249][ T5076] ? wbc_attach_and_unlock_inode+0x49c/0x910 [ 73.590233][ T5076] ? ext4_file_mmap+0x6f0/0x6f0 [ 73.595177][ T5076] filemap_fdatawrite_wbc+0x144/0x1b0 [ 73.600638][ T5076] __filemap_fdatawrite_range+0xba/0x100 [ 73.606271][ T5076] ? delete_from_page_cache_batch+0xb40/0xb40 [ 73.612337][ T5076] ? locks_remove_file+0x399/0x5a0 [ 73.617450][ T5076] ext4_alloc_da_blocks+0x1e9/0x270 [ 73.622640][ T5076] ext4_release_file+0x178/0x360 [ 73.627580][ T5076] __fput+0x270/0xbb0 [ 73.631568][ T5076] task_work_run+0x14d/0x240 [ 73.636164][ T5076] ? task_work_cancel+0x30/0x30 [ 73.641015][ T5076] ? do_raw_spin_unlock+0x173/0x230 [ 73.646217][ T5076] do_exit+0xa92/0x2ae0 [ 73.650378][ T5076] ? mm_update_next_owner+0x840/0x840 [ 73.655756][ T5076] do_group_exit+0xd4/0x2a0 [ 73.660273][ T5076] get_signal+0x23ba/0x2790 [ 73.664769][ T5076] ? _raw_spin_unlock_irqrestore+0x3b/0x70 [ 73.670574][ T5076] ? exit_signals+0x960/0x960 [ 73.675243][ T5076] arch_do_signal_or_restart+0x90/0x7f0 [ 73.680791][ T5076] ? get_sigframe_size+0x20/0x20 [ 73.685729][ T5076] exit_to_user_mode_prepare+0x11f/0x240 [ 73.691356][ T5076] irqentry_exit_to_user_mode+0x9/0x40 [ 73.696813][ T5076] asm_exc_page_fault+0x26/0x30 [ 73.701661][ T5076] RIP: 0033:0x7fe532eb109d [ 73.706064][ T5076] Code: Unable to access opcode bytes at 0x7fe532eb1073. [ 73.713066][ T5076] RSP: 002b:00007fe532ea5220 EFLAGS: 00010217 [ 73.719126][ T5076] RAX: 0000000020000fc0 RBX: 00007fe532f71608 RCX: 00000000000000ed [ 73.727089][ T5076] RDX: 0000000000000000 RSI: 00007fe532f3d2c0 RDI: 00007fe532f71608 [ 73.735052][ T5076] RBP: 00007fe532f71600 R08: 0000000000000000 R09: 0000000000000000 [ 73.743017][ T5076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe532f3da2c [pid 5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe532e85000 [pid 5099] rseq(0x7fe532e84fe0, 0x20, 0, 0x53053053 [pid 5080] <... ioctl resumed>) = -1 EFAULT (Bad address) [pid 5079] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5074] <... futex resumed>) = ? [pid 5071] <... futex resumed>) = ? [pid 5099] <... rseq resumed>) = 0 [pid 5097] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5099] set_robust_list(0x7fe532e849a0, 24 [pid 5097] <... mprotect resumed>) = 0 [pid 5097] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5099] <... set_robust_list resumed>) = 0 [pid 5099] rt_sigprocmask(SIG_SETMASK, [], [pid 5097] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5097] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5099] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5097] <... clone3 resumed> => {parent_tid=[5100]}, 88) = 5100 [pid 5099] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000780} --- [pid 5097] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5100 attached [pid 5098] +++ killed by SIGBUS +++ [pid 5080] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5079] futex(0x7fe532f7161c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5074] +++ killed by SIGBUS +++ [pid 5071] +++ killed by SIGBUS +++ [ 73.751068][ T5076] R13: 00007fe532f3d2c0 R14: 0030656c69662f2e R15: 6fe44da629969272 [ 73.759040][ T5076] [ 73.762054][ T5076] Modules linked in: [ 73.766103][ T5078] Code: fc ff df 44 89 64 24 18 48 c1 ea 03 80 3c 02 00 0f 84 09 ee ff ff 48 8b 7c 24 08 e8 f7 e4 a7 ff e9 fa ed ff ff e8 2d b3 51 ff <0f> 0b e8 26 b3 51 ff 48 8b 4c 24 60 41 89 dd 48 b8 00 00 00 00 00 [ 73.770688][ T5076] ---[ end trace 0000000000000000 ]--- [ 73.786894][ T5078] RSP: 0018:ffffc90003537578 EFLAGS: 00010293 [ 73.791683][ T5076] RIP: 0010:ext4_do_writepages+0x2653/0x3340 [pid 5100] rseq(0x7fe532ea5fe0, 0x20, 0, 0x53053053 [pid 5080] <... futex resumed>) = 0 [pid 5079] <... futex resumed>) = 0 [pid 5075] <... futex resumed>) = ? [pid 5073] <... futex resumed>) = ? [pid 5066] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5071, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=14 /* 0.14 s */} --- [ 73.797768][ T5078] RAX: 0000000000000000 RBX: ffff888073937310 RCX: ffffffff8235cfbb [ 73.803525][ T5076] Code: fc ff df 44 89 64 24 18 48 c1 ea 03 80 3c 02 00 0f 84 09 ee ff ff 48 8b 7c 24 08 e8 f7 e4 a7 ff e9 fa ed ff ff e8 2d b3 51 ff <0f> 0b e8 26 b3 51 ff 48 8b 4c 24 60 41 89 dd 48 b8 00 00 00 00 00 [ 73.803545][ T5076] RSP: 0018:ffffc90003537578 EFLAGS: 00010293 [ 73.811506][ T5078] RDX: ffff88801f21a100 RSI: ffffffff8235e373 RDI: 0000000000000007 [ 73.831145][ T5076] [ 73.837146][ T5078] RBP: ffffc90003537780 R08: 0000000000000007 R09: 0000000000000000 [pid 5100] <... rseq resumed>) = 0 [pid 5080] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5075] +++ killed by SIGBUS +++ [pid 5100] set_robust_list(0x7fe532ea59a0, 24 [pid 5079] <... mmap resumed>) = 0x7fe532e64000 [pid 5100] <... set_robust_list resumed>) = 0 [pid 5079] mprotect(0x7fe532e65000, 131072, PROT_READ|PROT_WRITE [pid 5066] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5100] rt_sigprocmask(SIG_SETMASK, [], [pid 5079] <... mprotect resumed>) = 0 [pid 5066] <... openat resumed>) = 3 [pid 5100] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5079] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5066] ioctl(3, LOOP_CLR_FD [pid 5100] memfd_create("syzkaller", 0 [pid 5079] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5100] <... memfd_create resumed>) = 3 [pid 5079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532e84990, parent_tid=0x7fe532e84990, exit_signal=0, stack=0x7fe532e64000, stack_size=0x20300, tls=0x7fe532e846c0} [pid 5066] <... ioctl resumed>) = 0 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5066] close(3 [pid 5100] <... mmap resumed>) = 0x7fe52aa85000 [pid 5079] <... clone3 resumed> => {parent_tid=[5101]}, 88) = 5101 [pid 5066] <... close resumed>) = 0 ./strace-static-x86_64: Process 5101 attached [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576 [pid 5079] rt_sigprocmask(SIG_SETMASK, [], [pid 5066] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5101] rseq(0x7fe532e84fe0, 0x20, 0, 0x53053053 [pid 5100] <... write resumed>) = 1048576 [pid 5079] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5079] futex(0x7fe532f71618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5066] <... clone resumed>, child_tidptr=0x5555561c3690) = 5102 [pid 5079] <... futex resumed>) = 0 [pid 5079] futex(0x7fe532f7161c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5102 attached [pid 5101] <... rseq resumed>) = 0 [pid 5100] munmap(0x7fe52aa85000, 138412032 [pid 5099] +++ killed by SIGBUS +++ [pid 5073] +++ killed by SIGBUS +++ [pid 5100] <... munmap resumed>) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5102] set_robust_list(0x5555561c36a0, 24 [pid 5101] set_robust_list(0x7fe532e849a0, 24 [ 73.845109][ T5076] RAX: 0000000000000000 RBX: ffff888073937310 RCX: ffffffff8235cfbb [ 73.847414][ T5078] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 73.874295][ T5078] R13: ffff888020c78630 R14: ffff888073937570 R15: 7fffffffffffffff [ 73.882810][ T5078] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 73.892505][ T5078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.896867][ T5076] RDX: ffff88801f21a100 RSI: ffffffff8235e373 RDI: 0000000000000007 [pid 5100] ioctl(4, LOOP_CLR_FD [pid 5067] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5073, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5100] <... ioctl resumed>) = 0 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5100] close(4) = 0 [pid 5100] close(3 [pid 5102] <... set_robust_list resumed>) = 0 [pid 5101] <... set_robust_list resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5101] rt_sigprocmask(SIG_SETMASK, [], [pid 5100] <... futex resumed>) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5101] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5100] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOFOLLOW|O_NOATIME|0x29800030, 000 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5102] <... prctl resumed>) = 0 [pid 5101] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20000780} --- [pid 5100] <... open resumed>) = 3 [pid 5097] <... futex resumed>) = 0 [pid 5102] setpgid(0, 0 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5080] <... futex resumed>) = ? [pid 5079] <... futex resumed>) = ? [pid 5080] +++ killed by SIGBUS +++ [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5100] futex(0x7fe532f71608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5097] <... futex resumed>) = 0 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00", 9 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5101] +++ killed by SIGBUS +++ [pid 5079] +++ killed by SIGBUS +++ [pid 5067] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5079, si_uid=0, si_status=SIGBUS, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5102] <... setpgid resumed>) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5067] <... openat resumed>) = 3 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5102] <... openat resumed>) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5069] <... clone resumed>, child_tidptr=0x5555561c3690) = 5103 [pid 5067] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5103 attached [pid 5103] set_robust_list(0x5555561c36a0, 24) = 0 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3 [pid 5103] <... write resumed>) = 4 [pid 5103] close(3) = 0 [pid 5103] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5103] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, NULL, 8) = 0 [pid 5103] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5102] <... close resumed>) = 0 [pid 5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe532e85000 [pid 5102] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... write resumed>) = 9 [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5100] open("./bus", O_RDWR [pid 5102] <... futex resumed>) = 0 [pid 5100] <... open resumed>) = 4 [pid 5067] close(3 [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5102] rt_sigaction(SIGRT_1, {sa_handler=0x7fe532f15e00, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe532f07c40}, [pid 5100] <... futex resumed>) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5067] <... close resumed>) = 0 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5102] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5097] <... futex resumed>) = 0 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5102] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5100] mmap(0x20000000, 6291456, PROT_WRITE|PROT_EXEC|PROT_SEM|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1< [pid 5102] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5067] <... clone resumed>, child_tidptr=0x5555561c3690) = 5104 [pid 5103] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5102] <... mmap resumed>) = 0x7fe532e85000 [pid 5100] <... mmap resumed>) = 0x20000000 [pid 5103] <... mprotect resumed>) = 0 [pid 5102] mprotect(0x7fe532e86000, 131072, PROT_READ|PROT_WRITE [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5103] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5100] <... futex resumed>) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5100] ioctl(4, _IOC(_IOC_WRITE, 0x66, 0x29, 0x4), 0x20000040 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5100] <... ioctl resumed>) = 0 [pid 5097] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5104 attached [pid 5102] <... mprotect resumed>) = 0 [pid 5097] futex(0x7fe532f7160c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5103] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5103] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5100] futex(0x7fe532f7160c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] set_robust_list(0x5555561c36a0, 24 [pid 5102] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5100] <... futex resumed>) = 1 [pid 5097] <... futex resumed>) = 0 [pid 5104] <... set_robust_list resumed>) = 0 [pid 5102] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5097] futex(0x7fe532f71608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5102] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe532ea5990, parent_tid=0x7fe532ea5990, exit_signal=0, stack=0x7fe532e85000, stack_size=0x20300, tls=0x7fe532ea56c0} [pid 5100] --- SIGBUS {si_signo=SIGBUS, si_code=BUS_ADRERR, si_addr=0x20001000} --- [pid 5097] <... futex resumed>) = -1 (errno 18446744073709551181) ./strace-static-x86_64: Process 5106 attached [pid 5104] <... prctl resumed>) = 0 [pid 5103] <... clone3 resumed> => {parent_tid=[5105]}, 88) = 5105 [ 73.901041][ T5078] CR2: 00007ffdb2fb39c0 CR3: 0000000020c33000 CR4: 00000000003506f0 [ 73.917052][ T5078] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.934544][ T5076] RBP: ffffc90003537780 R08: 0000000000000007 R09: 0000000000000000 [ 73.980917][ T5078] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.989223][ T5078] Kernel panic - not syncing: Fatal exception [ 73.995483][ T5078] Kernel Offset: disabled [ 73.999791][ T5078] Rebooting in 86400 seconds..