./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3862698960 <...> [ 15.742585][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 16.492446][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts. execve("./syz-executor3862698960", ["./syz-executor3862698960"], 0x7ffd20451540 /* 10 vars */) = 0 brk(NULL) = 0x555555962000 brk(0x555555962c40) = 0x555555962c40 arch_prctl(ARCH_SET_FS, 0x555555962300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3862698960", 4096) = 28 brk(0x555555983c40) = 0x555555983c40 brk(0x555555984000) = 0x555555984000 mprotect(0x7f8986ca3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 372 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 373 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 374 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 375 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 376 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 377 ./strace-static-x86_64: Process 373 attached [pid 373] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 373] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 373] close(3) = 0 [pid 373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 378 ./strace-static-x86_64: Process 372 attached [pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 372] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 372] close(3) = 0 [pid 372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 379 ./strace-static-x86_64: Process 378 attached [pid 378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 378] setpgid(0, 0) = 0 [pid 378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 378] write(3, "1000", 4) = 4 [pid 378] close(3) = 0 [pid 378] memfd_create("syzkaller", 0) = 3 [pid 378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000 [pid 378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 378] munmap(0x7f897e7e8000, 262144) = 0 [pid 378] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 378] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 378] close(3) = 0 [pid 378] mkdir("./file0", 0777) = 0 [pid 378] mount("/dev/loop1", "./file0", "ext4", 0, ",errors=continue"./strace-static-x86_64: Process 374 attached [pid 374] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 374] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 374] close(3) = 0 [pid 374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 382 ./strace-static-x86_64: Process 382 attached [pid 382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 382] setpgid(0, 0) = 0 [pid 382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 382] write(3, "1000", 4) = 4 [pid 382] close(3) = 0 [pid 382] memfd_create("syzkaller", 0) = 3 [pid 382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000 [pid 382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 382] munmap(0x7f897e7e8000, 262144) = 0 [pid 382] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 382] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 375 attached [pid 375] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 379 attached ./strace-static-x86_64: Process 377 attached ./strace-static-x86_64: Process 376 attached [ 19.202683][ T23] audit: type=1400 audit(1669531057.599:73): avc: denied { execmem } for pid=371 comm="syz-executor386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.224923][ T23] audit: type=1400 audit(1669531057.599:74): avc: denied { read write } for pid=373 comm="syz-executor386" name="loop1" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 379] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 377] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 376] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 379] <... prctl resumed>) = 0 [pid 379] setpgid(0, 0) = 0 [pid 379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 379] write(3, "1000", 4) = 4 [pid 379] close(3 [pid 382] <... ioctl resumed>) = 0 [pid 379] <... close resumed>) = 0 [pid 379] memfd_create("syzkaller", 0) = 3 [pid 382] close(3 [pid 379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 382] <... close resumed>) = 0 [pid 379] <... mmap resumed>) = 0x7f897e7e8000 [pid 382] mkdir("./file0", 0777 [pid 379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 382] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 382] mount("/dev/loop2", "./file0", "ext4", 0, ",errors=continue" [pid 379] <... write resumed>) = 262144 [pid 379] munmap(0x7f897e7e8000, 262144 [pid 375] <... openat resumed>) = 3 [pid 375] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 375] close(3) = 0 [pid 375] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 386 [pid 379] <... munmap resumed>) = 0 [pid 379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 379] ioctl(4, LOOP_SET_FD, 3 [pid 378] <... mount resumed>) = 0 [pid 378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 378] chdir("./file0") = 0 [ 19.225890][ T378] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 19.249138][ T23] audit: type=1400 audit(1669531057.599:75): avc: denied { open } for pid=373 comm="syz-executor386" path="/dev/loop1" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 378] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 386 attached [pid 379] <... ioctl resumed>) = 0 [pid 377] <... openat resumed>) = 3 [pid 376] <... openat resumed>) = 3 [pid 377] ioctl(3, LOOP_CLR_FD [pid 376] ioctl(3, LOOP_CLR_FD [pid 377] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 376] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 19.249153][ T23] audit: type=1400 audit(1669531057.599:76): avc: denied { ioctl } for pid=373 comm="syz-executor386" path="/dev/loop1" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 19.249170][ T23] audit: type=1400 audit(1669531057.609:77): avc: denied { mounton } for pid=378 comm="syz-executor386" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 19.288644][ T382] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [pid 377] close(3 [pid 376] close(3 [pid 377] <... close resumed>) = 0 [pid 376] <... close resumed>) = 0 [pid 386] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 379] close(3 [pid 386] <... prctl resumed>) = 0 [pid 379] <... close resumed>) = 0 [pid 386] setpgid(0, 0 [pid 379] mkdir("./file0", 0777 [pid 386] <... setpgid resumed>) = 0 [pid 382] <... mount resumed>) = 0 [pid 379] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 379] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue" [pid 377] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 376] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 386] <... openat resumed>) = 3 ./strace-static-x86_64: Process 393 attached ./strace-static-x86_64: Process 391 attached [pid 378] <... ioctl resumed>) = 0 [pid 391] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 378] close(4 [pid 376] <... clone resumed>, child_tidptr=0x5555559625d0) = 393 [pid 391] <... prctl resumed>) = 0 [pid 378] <... close resumed>) = 0 [pid 391] setpgid(0, 0 [pid 378] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 391] <... setpgid resumed>) = 0 [pid 391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 391] write(3, "1000", 4) = 4 [pid 391] close(3) = 0 [pid 391] memfd_create("syzkaller", 0) = 3 [pid 391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000 [pid 391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 391] munmap(0x7f897e7e8000, 262144) = 0 [pid 391] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 378] <... openat resumed>) = 4 [pid 391] ioctl(4, LOOP_SET_FD, 3 [pid 386] write(3, "1000", 4 [pid 378] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 386] <... write resumed>) = 4 [pid 378] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 378] exit_group(0) = ? [pid 378] +++ exited with 0 +++ [pid 393] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 386] close(3 [pid 373] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=378, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 377] <... clone resumed>, child_tidptr=0x5555559625d0) = 391 [pid 386] <... close resumed>) = 0 [pid 382] <... openat resumed>) = 3 [pid 386] memfd_create("syzkaller", 0 [pid 382] chdir("./file0" [pid 386] <... memfd_create resumed>) = 3 [pid 373] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 382] <... chdir resumed>) = 0 [pid 386] <... mmap resumed>) = 0x7f897e7e8000 [pid 382] ioctl(4, LOOP_CLR_FD [pid 393] <... prctl resumed>) = 0 [pid 393] setpgid(0, 0) = 0 [pid 393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 393] <... openat resumed>) = 3 [pid 386] <... write resumed>) = 262144 [pid 386] munmap(0x7f897e7e8000, 262144) = 0 [ 19.322962][ T23] audit: type=1400 audit(1669531057.679:78): avc: denied { mount } for pid=378 comm="syz-executor386" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 19.362900][ T23] audit: type=1400 audit(1669531057.749:79): avc: denied { mounton } for pid=379 comm="syz-executor386" path="/root/file0" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [pid 386] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 393] write(3, "1000", 4 [pid 391] <... ioctl resumed>) = 0 [pid 386] <... openat resumed>) = 4 [pid 382] <... ioctl resumed>) = 0 [pid 373] <... openat resumed>) = 3 [pid 391] close(3) = 0 [pid 391] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 391] mount("/dev/loop5", "./file0", "ext4", 0, ",errors=continue" [pid 393] <... write resumed>) = 4 [pid 386] ioctl(4, LOOP_SET_FD, 3 [pid 382] close(4 [pid 373] ioctl(3, LOOP_CLR_FD [pid 393] close(3 [pid 382] <... close resumed>) = 0 [pid 379] <... mount resumed>) = 0 [pid 379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 379] chdir("./file0") = 0 [pid 379] ioctl(4, LOOP_CLR_FD [pid 393] <... close resumed>) = 0 [pid 393] memfd_create("syzkaller", 0) = 3 [pid 393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000 [pid 393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 393] munmap(0x7f897e7e8000, 262144 [pid 382] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 386] <... ioctl resumed>) = 0 [pid 382] <... openat resumed>) = 4 [ 19.396461][ T379] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 19.396843][ T23] audit: type=1400 audit(1669531057.759:80): avc: denied { write } for pid=378 comm="syz-executor386" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 19.428462][ T23] audit: type=1400 audit(1669531057.759:81): avc: denied { add_name } for pid=378 comm="syz-executor386" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [pid 379] <... ioctl resumed>) = 0 [pid 373] <... ioctl resumed>) = 0 [pid 373] close(3) = 0 [pid 373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 379] close(4) = 0 [pid 373] <... clone resumed>, child_tidptr=0x5555559625d0) = 398 [pid 379] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 379] ioctl(4, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 379] exit_group(0) = ? [pid 379] +++ exited with 0 +++ [pid 372] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=379, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 372] ioctl(3, LOOP_CLR_FD) = 0 [pid 372] close(3) = 0 [pid 372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 399 ./strace-static-x86_64: Process 399 attached ./strace-static-x86_64: Process 398 attached [pid 393] <... munmap resumed>) = 0 [pid 386] close(3 [pid 382] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 399] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 398] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 393] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 386] <... close resumed>) = 0 [pid 382] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 399] <... prctl resumed>) = 0 [pid 398] <... prctl resumed>) = 0 [pid 393] <... openat resumed>) = 4 [pid 386] mkdir("./file0", 0777 [pid 382] exit_group(0 [pid 399] setpgid(0, 0 [pid 398] setpgid(0, 0 [pid 386] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 382] <... exit_group resumed>) = ? [pid 399] <... setpgid resumed>) = 0 [pid 398] <... setpgid resumed>) = 0 [pid 393] ioctl(4, LOOP_SET_FD, 3 [pid 386] mount("/dev/loop3", "./file0", "ext4", 0, ",errors=continue" [pid 382] +++ exited with 0 +++ [pid 399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 374] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=382, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 399] <... openat resumed>) = 3 [pid 398] <... openat resumed>) = 3 [pid 374] restart_syscall(<... resuming interrupted clone ...> [pid 399] write(3, "1000", 4 [pid 398] write(3, "1000", 4 [pid 374] <... restart_syscall resumed>) = 0 [pid 399] <... write resumed>) = 4 [pid 398] <... write resumed>) = 4 [pid 399] close(3 [pid 398] close(3 [pid 399] <... close resumed>) = 0 [pid 398] <... close resumed>) = 0 [pid 374] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 399] memfd_create("syzkaller", 0 [pid 398] memfd_create("syzkaller", 0 [pid 399] <... memfd_create resumed>) = 3 [pid 399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 398] <... memfd_create resumed>) = 3 [pid 399] <... mmap resumed>) = 0x7f897e7e8000 [pid 398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 398] <... mmap resumed>) = 0x7f897e7e8000 [pid 393] <... ioctl resumed>) = 0 [pid 374] <... openat resumed>) = 3 [pid 374] ioctl(3, LOOP_CLR_FD) = 0 [pid 374] close(3 [pid 398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 374] <... close resumed>) = 0 [pid 399] <... write resumed>) = 262144 [pid 374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 402 ./strace-static-x86_64: Process 402 attached [pid 399] munmap(0x7f897e7e8000, 262144 [pid 398] <... write resumed>) = 262144 [pid 393] close(3 [pid 391] <... mount resumed>) = 0 [pid 386] <... mount resumed>) = 0 [pid 399] <... munmap resumed>) = 0 [pid 398] munmap(0x7f897e7e8000, 262144 [pid 393] <... close resumed>) = 0 [pid 386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 399] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 398] <... munmap resumed>) = 0 [pid 393] mkdir("./file0", 0777 [pid 386] <... openat resumed>) = 3 [pid 399] <... openat resumed>) = 4 [pid 398] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 393] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 386] chdir("./file0" [pid 399] ioctl(4, LOOP_SET_FD, 3 [pid 398] <... openat resumed>) = 4 [pid 393] mount("/dev/loop4", "./file0", "ext4", 0, ",errors=continue" [pid 386] <... chdir resumed>) = 0 [pid 399] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 398] ioctl(4, LOOP_SET_FD, 3 [pid 386] ioctl(4, LOOP_CLR_FD [pid 399] ioctl(4, LOOP_CLR_FD [pid 398] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 386] <... ioctl resumed>) = 0 [pid 399] <... ioctl resumed>) = 0 [pid 398] ioctl(4, LOOP_CLR_FD [pid 386] close(4 [pid 391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 398] <... ioctl resumed>) = 0 [pid 391] <... openat resumed>) = 3 [pid 386] <... close resumed>) = 0 [pid 391] chdir("./file0" [pid 386] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 391] <... chdir resumed>) = 0 [pid 386] <... openat resumed>) = 4 [pid 402] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 391] ioctl(4, LOOP_CLR_FD [ 19.451206][ T23] audit: type=1400 audit(1669531057.759:82): avc: denied { create } for pid=378 comm="syz-executor386" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 19.476366][ T391] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 19.493970][ T386] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [pid 386] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 [pid 402] <... prctl resumed>) = 0 [pid 391] <... ioctl resumed>) = 0 [pid 402] setpgid(0, 0 [pid 399] ioctl(4, LOOP_SET_FD, 3 [pid 398] ioctl(4, LOOP_SET_FD, 3 [pid 391] close(4 [pid 393] <... mount resumed>) = 0 [pid 393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 393] chdir("./file0") = 0 [pid 393] ioctl(4, LOOP_CLR_FD) = 0 [pid 393] close(4) = 0 [pid 393] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 393] ioctl(4, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 393] exit_group(0) = ? [pid 393] +++ exited with 0 +++ [pid 376] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=393, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 376] restart_syscall(<... resuming interrupted clone ...> [pid 402] <... setpgid resumed>) = 0 [pid 402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 376] <... restart_syscall resumed>) = 0 [pid 402] write(3, "1000", 4) = 4 [pid 402] close(3 [pid 376] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 402] <... close resumed>) = 0 [pid 376] <... openat resumed>) = 3 [pid 402] memfd_create("syzkaller", 0 [pid 376] ioctl(3, LOOP_CLR_FD [pid 402] <... memfd_create resumed>) = 3 [pid 376] <... ioctl resumed>) = 0 [pid 402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 376] close(3 [pid 402] <... mmap resumed>) = 0x7f897e7e8000 [pid 376] <... close resumed>) = 0 [ 19.508510][ T386] ------------[ cut here ]------------ [ 19.514313][ T386] kernel BUG at fs/ext4/ext4.h:3248! [ 19.517189][ T393] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 19.519667][ T386] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 19.534487][ T386] CPU: 1 PID: 386 Comm: syz-executor386 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0 [ 19.544723][ T386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [pid 402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 376] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 402] <... write resumed>) = 262144 [pid 402] munmap(0x7f897e7e8000, 262144 [pid 376] <... clone resumed>, child_tidptr=0x5555559625d0) = 404 [pid 402] <... munmap resumed>) = 0 [pid 402] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 402] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 402] ioctl(4, LOOP_CLR_FD) = 0 [pid 402] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 402] close(4) = 0 [pid 402] close(3) = 0 [pid 402] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 402] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 402] exit_group(0) = ? [pid 402] +++ exited with 0 +++ [pid 374] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=402, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 374] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 374] ioctl(3, LOOP_CLR_FD) = 0 [pid 374] close(3) = 0 [pid 374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 405 [pid 399] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 399] close(4) = 0 [pid 399] close(3) = 0 [pid 399] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 399] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 399] exit_group(0) = ? [pid 399] +++ exited with 0 +++ [pid 372] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=399, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 372] ioctl(3, LOOP_CLR_FD) = 0 [pid 372] close(3) = 0 [pid 372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 406 [ 19.554785][ T386] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0 [ 19.560932][ T386] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83 [ 19.580534][ T386] RSP: 0018:ffffc90000c471f8 EFLAGS: 00010293 [ 19.586606][ T386] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff8881067f3b40 [ 19.595008][ T386] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [pid 398] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 398] close(4) = 0 [pid 398] close(3) = 0 [pid 398] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 398] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument) [pid 398] exit_group(0) = ? [pid 398] +++ exited with 0 +++ [pid 373] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=398, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 373] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 373] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 373] ioctl(3, LOOP_CLR_FD) = 0 [pid 373] close(3) = 0 [pid 373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 407 [pid 391] <... close resumed>) = 0 [pid 391] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [ 19.602974][ T386] RBP: ffffc90000c47290 R08: ffffffff81dee0ac R09: ffffc90000c47320 [ 19.610965][ T386] R10: fffff52000188e6b R11: 1ffff92000188e64 R12: 1ffff1102142f879 [ 19.618933][ T386] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000 [ 19.626901][ T386] FS: 0000555555962300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 19.635821][ T386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 19.636777][ T391] ------------[ cut here ]------------ [ 19.642566][ T386] CR2: 00007f8986bf195f CR3: 000000011e60c000 CR4: 00000000003506a0 [ 19.642574][ T386] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 19.642580][ T386] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 19.642583][ T386] Call Trace: [ 19.642608][ T386] ext4_mballoc_query_range+0xb8/0x7a0 [ 19.654613][ T391] kernel BUG at fs/ext4/ext4.h:3248! [ 19.655982][ T386] ? ext4_getfsmap_dev_compare+0x80/0x80 [ 19.656000][ T386] ? ext4_trim_all_free+0xb80/0xb80 [ 19.696570][ T386] ? kmem_cache_alloc_trace+0x1dd/0x330 [ 19.702089][ T386] ext4_getfsmap_datadev+0x1b7f/0x2710 [ 19.707525][ T386] ? sort_r+0x1387/0x13a0 [ 19.711832][ T386] ? ext4_getfsmap+0x10c0/0x10c0 [ 19.716739][ T386] ? ext4_getfsmap+0x10c0/0x10c0 [ 19.721645][ T386] ? ext4_getfsmap+0xb97/0x10c0 [ 19.726465][ T386] ? ext4_getfsmap+0x10c0/0x10c0 [ 19.731379][ T386] ext4_getfsmap+0xd66/0x10c0 [ 19.736041][ T386] ? ext4_fsmap_to_internal+0x260/0x260 [ 19.741562][ T386] ? ext4_getfsmap+0x10c0/0x10c0 [ 19.746473][ T386] ? ext4_shutdown+0x4d0/0x4d0 [ 19.751210][ T386] ? __reset_page_pinner+0x4d0/0x4d0 [ 19.756465][ T386] ? ext4_fsmap_to_internal+0x25/0x260 [ 19.761893][ T386] ext4_ioctl+0x35bd/0x6330 [ 19.766367][ T386] ? avc_has_extended_perms+0x731/0x1270 [ 19.771968][ T386] ? memcpy+0x56/0x70 [ 19.775921][ T386] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 19.781435][ T386] ? avc_has_extended_perms+0xb66/0x1270 [ 19.787049][ T386] ? avc_ss_reset+0x290/0x290 [ 19.791700][ T386] ? __kasan_check_write+0x14/0x20 [ 19.796782][ T386] ? __switch_to+0x5e4/0x1220 [ 19.801433][ T386] ? ioctl_has_perm+0x3da/0x560 [ 19.806257][ T386] ? __x32_compat_sys_ioctl+0x90/0x90 [ 19.811599][ T386] ? has_cap_mac_admin+0xb0/0xb0 [ 19.816572][ T386] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 19.821657][ T386] ? __kasan_check_write+0x14/0x20 [ 19.826763][ T386] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 19.831888][ T386] ? cgroup_update_frozen+0x155/0x320 [ 19.837233][ T386] ? _raw_spin_unlock_irq+0x4e/0x70 [ 19.842408][ T386] ? selinux_file_ioctl+0x3c9/0x530 [ 19.847580][ T386] ? ptrace_stop+0x6ff/0x9f0 [ 19.852149][ T386] ? selinux_file_alloc_security+0x120/0x120 [ 19.858103][ T386] ? _raw_spin_unlock_irq+0x4e/0x70 [ 19.863286][ T386] ? ptrace_notify+0x248/0x340 [ 19.868042][ T386] ? do_notify_parent+0xa40/0xa40 [ 19.873127][ T386] ? security_file_ioctl+0xb1/0xd0 [ 19.878334][ T386] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 19.883855][ T386] __se_sys_ioctl+0x115/0x190 [ 19.888509][ T386] __x64_sys_ioctl+0x7b/0x90 [ 19.893082][ T386] do_syscall_64+0x34/0x70 [ 19.897593][ T386] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 19.903470][ T386] RIP: 0033:0x7f8986c353e9 [ 19.907867][ T386] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 19.927453][ T386] RSP: 002b:00007ffca4a1dde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 19.935840][ T386] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f8986c353e9 [ 19.943781][ T386] RDX: 0000000020000200 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 19.951723][ T386] RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d [ 19.959688][ T386] R10: 00000000000003f1 R11: 0000000000000246 R12: 00007f8986bf45c0 [ 19.967684][ T386] R13: 00007ffca4a1de10 R14: 00007ffca4a1ddfc R15: 00007ffca4a1de00 [ 19.975629][ T386] Modules linked in: [ 19.979551][ T391] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 19.983290][ T386] ---[ end trace e37d997476fbb1ed ]--- [ 19.985613][ T391] CPU: 0 PID: 391 Comm: syz-executor386 Tainted: G D 5.10.153-syzkaller-00570-g673a7341bdab #0 [ 19.991055][ T386] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0 [ 20.002634][ T391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 20.002647][ T391] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0 [ 20.002656][ T391] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83 [ 20.002661][ T391] RSP: 0018:ffffc90000cb71f8 EFLAGS: 00010293 [ 20.002671][ T391] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff888101d962c0 [ 20.002684][ T391] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 20.009021][ T386] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83 [ 20.018832][ T391] RBP: ffffc90000cb7290 R08: ffffffff81dee0ac R09: ffffc90000cb7320 [ 20.018838][ T391] R10: fffff52000196e6b R11: 1ffff92000196e64 R12: 1ffff1102142f879 [ 20.018844][ T391] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000 [ 20.018852][ T391] FS: 0000555555962300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 20.018865][ T391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.025754][ T386] RSP: 0018:ffffc90000c471f8 EFLAGS: 00010293 [ 20.044660][ T391] CR2: 00007f8986ca7138 CR3: 00000001041fc000 CR4: 00000000003506b0 [ 20.044669][ T391] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.044675][ T391] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.044678][ T391] Call Trace: [ 20.044699][ T391] ext4_mballoc_query_range+0xb8/0x7a0 [ 20.044711][ T391] ? ext4_getfsmap_dev_compare+0x80/0x80 [ 20.044730][ T391] ? ext4_trim_all_free+0xb80/0xb80 [ 20.051003][ T386] [ 20.058732][ T391] ? kmem_cache_alloc_trace+0x1dd/0x330 [ 20.058743][ T391] ext4_getfsmap_datadev+0x1b7f/0x2710 [ 20.058754][ T391] ? sort_r+0x1387/0x13a0 [ 20.058770][ T391] ? ext4_getfsmap+0x10c0/0x10c0 [ 20.067444][ T386] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff8881067f3b40 [ 20.086309][ T391] ? ext4_getfsmap+0x10c0/0x10c0 [ 20.086318][ T391] ? ext4_getfsmap+0xb97/0x10c0 [ 20.086326][ T391] ? ext4_getfsmap+0x10c0/0x10c0 [ 20.086342][ T391] ext4_getfsmap+0xd66/0x10c0 [ 20.094833][ T386] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 20.102453][ T391] ? ext4_fsmap_to_internal+0x260/0x260 [ 20.102465][ T391] ? ext4_getfsmap+0x10c0/0x10c0 [ 20.102474][ T391] ? ext4_shutdown+0x4d0/0x4d0 [ 20.102494][ T391] ? __reset_page_pinner+0x4d0/0x4d0 [ 20.110675][ T386] RBP: ffffc90000c47290 R08: ffffffff81dee0ac R09: ffffc90000c47320 [ 20.119431][ T391] ? ext4_fsmap_to_internal+0x25/0x260 [ 20.119441][ T391] ext4_ioctl+0x35bd/0x6330 [ 20.119460][ T391] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 20.126480][ T386] R10: fffff52000188e6b R11: 1ffff92000188e64 R12: 1ffff1102142f879 [ 20.132076][ T391] ? avc_has_extended_perms+0x731/0x1270 [ 20.140770][ T386] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000 [ 20.148402][ T391] ? memcpy+0x56/0x70 [ 20.148413][ T391] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 20.148429][ T391] ? avc_has_extended_perms+0xb66/0x1270 [ 20.156607][ T386] FS: 0000555555962300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 20.159636][ T391] ? avc_ss_reset+0x290/0x290 [ 20.165226][ T386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.170664][ T391] ? __kasan_check_write+0x14/0x20 [ 20.175990][ T386] CR2: 00005555559625d0 CR3: 000000011e60c000 CR4: 00000000003506a0 [ 20.178132][ T391] ? __switch_to+0x5e4/0x1220 [ 20.183797][ T386] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.189079][ T391] ? ioctl_has_perm+0x3da/0x560 [ 20.193539][ T386] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.198297][ T391] ? __x32_compat_sys_ioctl+0x90/0x90 [ 20.206394][ T386] Kernel panic - not syncing: Fatal exception [ 20.211157][ T391] ? has_cap_mac_admin+0xb0/0xb0 [ 20.392927][ T391] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 20.398026][ T391] ? __kasan_check_write+0x14/0x20 [ 20.403115][ T391] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 20.408207][ T391] ? cgroup_update_frozen+0x155/0x320 [ 20.413554][ T391] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.418729][ T391] ? selinux_file_ioctl+0x3c9/0x530 [ 20.423914][ T391] ? ptrace_stop+0x6ff/0x9f0 [ 20.428492][ T391] ? selinux_file_alloc_security+0x120/0x120 [ 20.434459][ T391] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.439653][ T391] ? ptrace_notify+0x248/0x340 [ 20.444497][ T391] ? do_notify_parent+0xa40/0xa40 [ 20.449504][ T391] ? security_file_ioctl+0xb1/0xd0 [ 20.454598][ T391] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 20.460151][ T391] __se_sys_ioctl+0x115/0x190 [ 20.464809][ T391] __x64_sys_ioctl+0x7b/0x90 [ 20.469381][ T391] do_syscall_64+0x34/0x70 [ 20.473782][ T391] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 20.479658][ T391] RIP: 0033:0x7f8986c353e9 [ 20.484066][ T391] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 20.503659][ T391] RSP: 002b:00007ffca4a1dde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 20.512061][ T391] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f8986c353e9 [ 20.520016][ T391] RDX: 0000000020000200 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 20.527973][ T391] RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d [ 20.536046][ T391] R10: 00000000000003f1 R11: 0000000000000246 R12: 00007f8986bf45c0 [ 20.544005][ T391] R13: 00007ffca4a1de10 R14: 00007ffca4a1ddfc R15: 00007ffca4a1de00 [ 20.551964][ T391] Modules linked in: [ 20.556019][ T386] Kernel Offset: disabled [ 20.560338][ T386] Rebooting in 86400 seconds..