./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2458812024 <...> [ 3.293598][ T30] audit: type=1400 audit(1677069244.500:10): avc: denied { getattr } for pid=80 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 3.562873][ T97] udevd[97]: starting version 3.2.10 [ 3.686708][ T98] udevd[98]: starting eudev-3.2.10 [ 3.688121][ T97] udevd (97) used greatest stack depth: 23568 bytes left [ 4.449766][ T120] dbus-daemon (120) used greatest stack depth: 23472 bytes left [ 5.023458][ T189] sshd (189) used greatest stack depth: 22512 bytes left [ 11.387687][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 11.387698][ T30] audit: type=1400 audit(1677069252.610:60): avc: denied { transition } for pid=232 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.394399][ T30] audit: type=1400 audit(1677069252.620:61): avc: denied { write } for pid=232 comm="sh" path="pipe:[13183]" dev="pipefs" ino=13183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 12.577923][ T233] sshd (233) used greatest stack depth: 22192 bytes left Warning: Permanently added '10.128.0.241' (ECDSA) to the list of known hosts. execve("./syz-executor2458812024", ["./syz-executor2458812024"], 0x7ffee1546e10 /* 10 vars */) = 0 brk(NULL) = 0x5555572ab000 brk(0x5555572abc40) = 0x5555572abc40 arch_prctl(ARCH_SET_FS, 0x5555572ab300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2458812024", 4096) = 28 brk(0x5555572ccc40) = 0x5555572ccc40 brk(0x5555572cd000) = 0x5555572cd000 mprotect(0x7f267b376000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 323 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 324 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 325 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 326 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 327 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 328 ./strace-static-x86_64: Process 328 attached [pid 328] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 323 attached [pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 328] <... openat resumed>) = 3 [pid 328] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 323] <... openat resumed>) = 3 [pid 323] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 323] close(3) = 0 [pid 328] close(3) = 0 [pid 323] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 328] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 330 [pid 323] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 329 ./strace-static-x86_64: Process 329 attached [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 329] setpgid(0, 0) = 0 [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 329] write(3, "1000", 4) = 4 [pid 329] close(3) = 0 [pid 329] memfd_create("syzkaller", 0) = 3 [pid 329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 329] munmap(0x7f2672ebb000, 262144) = 0 [pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 329] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 330 attached ./strace-static-x86_64: Process 327 attached ./strace-static-x86_64: Process 326 attached ./strace-static-x86_64: Process 325 attached ./strace-static-x86_64: Process 324 attached [ 19.617973][ T30] audit: type=1400 audit(1677069260.840:62): avc: denied { execmem } for pid=322 comm="syz-executor245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.630478][ T329] loop0: detected capacity change from 0 to 512 [ 19.632502][ T30] audit: type=1400 audit(1677069260.850:63): avc: denied { read write } for pid=328 comm="syz-executor245" name="loop5" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 19.632534][ T30] audit: type=1400 audit(1677069260.850:64): avc: denied { open } for pid=328 comm="syz-executor245" path="/dev/loop5" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 327] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 325] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 330] <... prctl resumed>) = 0 [pid 327] <... openat resumed>) = 3 [pid 326] <... openat resumed>) = 3 [pid 325] <... openat resumed>) = 3 [pid 324] <... openat resumed>) = 3 [pid 330] setpgid(0, 0 [pid 327] ioctl(3, LOOP_CLR_FD [pid 326] ioctl(3, LOOP_CLR_FD [pid 325] ioctl(3, LOOP_CLR_FD [pid 324] ioctl(3, LOOP_CLR_FD [pid 330] <... setpgid resumed>) = 0 [pid 327] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 326] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 325] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 324] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 327] close(3 [pid 326] close(3 [pid 325] close(3 [pid 324] close(3 [pid 330] <... openat resumed>) = 3 [pid 327] <... close resumed>) = 0 [pid 326] <... close resumed>) = 0 [pid 325] <... close resumed>) = 0 [pid 324] <... close resumed>) = 0 [pid 330] write(3, "1000", 4 [pid 327] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 325] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 330] <... write resumed>) = 4 [pid 330] close(3 [pid 327] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 336 [pid 326] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 334 [pid 325] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 335 [pid 324] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 333 [pid 330] <... close resumed>) = 0 [pid 330] memfd_create("syzkaller", 0) = 3 [pid 330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 ./strace-static-x86_64: Process 336 attached ./strace-static-x86_64: Process 335 attached ./strace-static-x86_64: Process 334 attached ./strace-static-x86_64: Process 333 attached [pid 330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 329] <... ioctl resumed>) = 0 [pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 330] <... write resumed>) = 262144 [pid 329] close(3 [pid 336] <... prctl resumed>) = 0 [pid 335] <... prctl resumed>) = 0 [pid 334] <... prctl resumed>) = 0 [pid 333] <... prctl resumed>) = 0 [pid 329] <... close resumed>) = 0 [pid 336] setpgid(0, 0 [pid 335] setpgid(0, 0 [pid 334] setpgid(0, 0 [pid 333] setpgid(0, 0 [pid 329] mkdir("./file0", 0777 [pid 336] <... setpgid resumed>) = 0 [pid 335] <... setpgid resumed>) = 0 [pid 334] <... setpgid resumed>) = 0 [pid 333] <... setpgid resumed>) = 0 [pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 330] munmap(0x7f2672ebb000, 262144 [pid 329] <... mkdir resumed>) = 0 [pid 336] <... openat resumed>) = 3 [pid 335] <... openat resumed>) = 3 [pid 334] <... openat resumed>) = 3 [pid 333] <... openat resumed>) = 3 [pid 330] <... munmap resumed>) = 0 [pid 329] mount("/dev/loop0", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 336] write(3, "1000", 4 [pid 335] write(3, "1000", 4 [pid 334] write(3, "1000", 4 [pid 333] write(3, "1000", 4 [pid 330] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 330] ioctl(4, LOOP_SET_FD, 3 [pid 336] <... write resumed>) = 4 [pid 335] <... write resumed>) = 4 [pid 334] <... write resumed>) = 4 [pid 333] <... write resumed>) = 4 [ 19.632561][ T30] audit: type=1400 audit(1677069260.850:65): avc: denied { ioctl } for pid=328 comm="syz-executor245" path="/dev/loop5" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 336] close(3 [pid 335] close(3 [pid 334] close(3 [pid 333] close(3 [pid 336] <... close resumed>) = 0 [pid 335] <... close resumed>) = 0 [pid 334] <... close resumed>) = 0 [pid 333] <... close resumed>) = 0 [pid 336] memfd_create("syzkaller", 0 [pid 335] memfd_create("syzkaller", 0 [pid 334] memfd_create("syzkaller", 0 [pid 336] <... memfd_create resumed>) = 3 [pid 335] <... memfd_create resumed>) = 3 [pid 334] <... memfd_create resumed>) = 3 [pid 336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 333] memfd_create("syzkaller", 0 [pid 335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 336] <... mmap resumed>) = 0x7f2672ebb000 [pid 335] <... mmap resumed>) = 0x7f2672ebb000 [pid 334] <... mmap resumed>) = 0x7f2672ebb000 [pid 333] <... memfd_create resumed>) = 3 [pid 335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 335] <... write resumed>) = 262144 [pid 335] munmap(0x7f2672ebb000, 262144 [pid 334] <... write resumed>) = 262144 [pid 336] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 335] <... munmap resumed>) = 0 [pid 334] munmap(0x7f2672ebb000, 262144 [pid 333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 335] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 334] <... munmap resumed>) = 0 [pid 333] <... mmap resumed>) = 0x7f2672ebb000 [pid 336] <... write resumed>) = 262144 [pid 335] <... openat resumed>) = 4 [pid 336] munmap(0x7f2672ebb000, 262144 [pid 335] ioctl(4, LOOP_SET_FD, 3 [pid 334] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 336] <... munmap resumed>) = 0 [ 19.696653][ T30] audit: type=1400 audit(1677069260.920:66): avc: denied { mounton } for pid=329 comm="syz-executor245" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 19.698044][ T330] loop5: detected capacity change from 0 to 512 [ 19.719713][ T329] EXT4-fs (loop0): Ignoring removed nobh option [ 19.733040][ T329] EXT4-fs (loop0): Ignoring removed nobh option [pid 334] <... openat resumed>) = 4 [pid 330] <... ioctl resumed>) = 0 [pid 330] close(3) = 0 [pid 330] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 330] mount("/dev/loop5", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 334] ioctl(4, LOOP_SET_FD, 3 [pid 333] <... write resumed>) = 262144 [pid 336] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 335] <... ioctl resumed>) = 0 [pid 335] close(3) = 0 [pid 335] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 335] mount("/dev/loop2", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 336] <... openat resumed>) = 4 [pid 334] <... ioctl resumed>) = 0 [pid 333] munmap(0x7f2672ebb000, 262144 [pid 336] ioctl(4, LOOP_SET_FD, 3 [pid 333] <... munmap resumed>) = 0 [pid 333] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 333] ioctl(4, LOOP_SET_FD, 3 [pid 336] <... ioctl resumed>) = 0 [pid 334] close(3 [pid 329] <... mount resumed>) = 0 [pid 336] close(3) = 0 [ 19.760348][ T335] loop2: detected capacity change from 0 to 512 [ 19.768387][ T329] EXT4-fs (loop0): 1 truncate cleaned up [ 19.774250][ T334] loop3: detected capacity change from 0 to 512 [ 19.779597][ T329] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [ 19.790362][ T336] loop4: detected capacity change from 0 to 512 [pid 336] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 336] mount("/dev/loop4", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 334] <... close resumed>) = 0 [ 19.806952][ T333] loop1: detected capacity change from 0 to 512 [ 19.813566][ T330] EXT4-fs (loop5): Ignoring removed nobh option [ 19.813587][ T336] EXT4-fs (loop4): Ignoring removed nobh option [ 19.819875][ T335] EXT4-fs (loop2): Ignoring removed nobh option [ 19.831555][ T30] audit: type=1400 audit(1677069261.040:67): avc: denied { mount } for pid=329 comm="syz-executor245" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 19.832034][ T335] EXT4-fs (loop2): Ignoring removed nobh option [pid 334] mkdir("./file0", 0777 [pid 333] <... ioctl resumed>) = 0 [pid 333] close(3 [pid 334] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 333] <... close resumed>) = 0 [pid 329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 334] mount("/dev/loop3", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 333] mkdir("./file0", 0777 [pid 329] <... openat resumed>) = 3 [pid 333] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 329] chdir("./file0" [pid 333] mount("/dev/loop1", "./file0", "ext4", 0, "inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache"... [pid 329] <... chdir resumed>) = 0 [pid 329] ioctl(4, LOOP_CLR_FD) = 0 [pid 329] close(4) = 0 [ 19.859740][ T336] EXT4-fs (loop4): Ignoring removed nobh option [ 19.866623][ T330] EXT4-fs (loop5): Ignoring removed nobh option [ 19.873390][ T30] audit: type=1400 audit(1677069261.040:68): avc: denied { mounton } for pid=336 comm="syz-executor245" path="/root/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 19.888830][ T335] EXT4-fs (loop2): 1 truncate cleaned up [ 19.902919][ T334] EXT4-fs (loop3): Ignoring removed nobh option [ 19.910472][ T336] EXT4-fs (loop4): 1 truncate cleaned up [ 19.911470][ T30] audit: type=1400 audit(1677069261.130:69): avc: denied { write } for pid=329 comm="syz-executor245" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 19.916492][ T330] EXT4-fs (loop5): 1 truncate cleaned up [ 19.937597][ T30] audit: type=1400 audit(1677069261.130:70): avc: denied { add_name } for pid=329 comm="syz-executor245" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 19.937626][ T30] audit: type=1400 audit(1677069261.130:71): avc: denied { create } for pid=329 comm="syz-executor245" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 19.937684][ T335] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [pid 329] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 335] <... mount resumed>) = 0 [pid 329] <... openat resumed>) = 4 [pid 329] ioctl(4, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 329] exit_group(0) = ? [pid 329] +++ exited with 0 +++ [pid 323] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 335] chdir("./file0" [pid 323] <... openat resumed>) = 3 [pid 335] <... chdir resumed>) = 0 [pid 323] ioctl(3, LOOP_CLR_FD [pid 335] ioctl(4, LOOP_CLR_FD [pid 323] <... ioctl resumed>) = 0 [pid 335] <... ioctl resumed>) = 0 [pid 323] close(3 [pid 335] close(4 [pid 323] <... close resumed>) = 0 [pid 335] <... close resumed>) = 0 [pid 323] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 335] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 323] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 346 [pid 335] ioctl(4, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 335] exit_group(0) = ? [pid 335] +++ exited with 0 +++ [pid 325] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=6} --- [pid 325] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 325] ioctl(3, LOOP_CLR_FD) = 0 [pid 325] close(3) = 0 [pid 325] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 347 ./strace-static-x86_64: Process 346 attached [pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 346] setpgid(0, 0) = 0 [pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 346] write(3, "1000", 4) = 4 [pid 346] close(3) = 0 [pid 346] memfd_create("syzkaller", 0) = 3 [pid 346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 ./strace-static-x86_64: Process 347 attached [pid 346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 336] <... mount resumed>) = 0 [pid 347] setpgid(0, 0 [pid 336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 347] <... setpgid resumed>) = 0 [pid 346] <... write resumed>) = 262144 [pid 336] <... openat resumed>) = 3 [pid 347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 336] chdir("./file0" [pid 347] <... openat resumed>) = 3 [pid 336] <... chdir resumed>) = 0 [pid 347] write(3, "1000", 4 [pid 336] ioctl(4, LOOP_CLR_FD [pid 347] <... write resumed>) = 4 [pid 336] <... ioctl resumed>) = 0 [pid 347] close(3 [pid 336] close(4 [pid 347] <... close resumed>) = 0 [pid 336] <... close resumed>) = 0 [pid 347] memfd_create("syzkaller", 0 [ 19.952021][ T334] EXT4-fs (loop3): Ignoring removed nobh option [ 19.965400][ T333] EXT4-fs (loop1): Ignoring removed nobh option [ 20.010169][ T336] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [ 20.014457][ T330] EXT4-fs (loop5): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [pid 336] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 347] <... memfd_create resumed>) = 3 [pid 346] munmap(0x7f2672ebb000, 262144 [pid 336] <... openat resumed>) = 4 [pid 330] <... mount resumed>) = 0 [pid 347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 346] <... munmap resumed>) = 0 [pid 336] ioctl(4, FS_IOC_GETFSMAP, 0x20000380 [pid 347] <... write resumed>) = 262144 [pid 346] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 20.055546][ T333] EXT4-fs (loop1): Ignoring removed nobh option [ 20.071025][ T336] ------------[ cut here ]------------ [ 20.081619][ T336] kernel BUG at fs/ext4/ext4.h:3355! [ 20.086864][ T336] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 20.090285][ T334] EXT4-fs (loop3): 1 truncate cleaned up [ 20.092747][ T336] CPU: 1 PID: 336 Comm: syz-executor245 Not tainted 5.15.94-syzkaller-03204-g5448b2fda85f #0 [ 20.092771][ T336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 20.092782][ T336] RIP: 0010:ext4_mb_load_buddy_gfp+0xee5/0xf00 [ 20.092817][ T336] Code: b1 11 c8 ff e9 0d f4 ff ff e8 57 d7 86 ff 48 c7 c7 80 78 69 86 4c 89 fe 4c 89 f2 e8 95 4e 94 00 e9 87 f2 ff ff e8 3b d7 86 ff <0f> 0b e8 34 d7 86 ff 0f 0b e8 2d d7 86 ff 0f 0b 66 2e 0f 1f 84 00 [ 20.092833][ T336] RSP: 0018:ffffc90000a87320 EFLAGS: 00010293 [ 20.092852][ T336] RAX: ffffffff81e89a85 RBX: 0000000000000001 RCX: ffff888105b92780 [ 20.098468][ T334] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [ 20.108191][ T336] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 20.108206][ T336] RBP: ffffc90000a873b0 R08: ffffffff81e88cb4 R09: ffffc90000a87460 [ 20.108221][ T336] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102037b879 [ 20.121089][ T333] EXT4-fs (loop1): 1 truncate cleaned up [pid 330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 347] munmap(0x7f2672ebb000, 262144 [pid 346] <... openat resumed>) = 4 [pid 347] <... munmap resumed>) = 0 [pid 346] ioctl(4, LOOP_SET_FD, 3 [pid 347] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 346] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 347] <... openat resumed>) = 4 [pid 346] ioctl(4, LOOP_CLR_FD [pid 347] ioctl(4, LOOP_SET_FD, 3 [pid 346] <... ioctl resumed>) = 0 [pid 347] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 347] ioctl(4, LOOP_CLR_FD) = 0 [pid 346] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 346] close(4) = 0 [pid 346] close(3) = 0 [pid 347] ioctl(4, LOOP_SET_FD, 3 [pid 346] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 347] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 346] <... openat resumed>) = 3 [pid 347] close(4 [pid 346] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 347] <... close resumed>) = 0 [pid 346] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 347] close(3 [pid 346] exit_group(0 [pid 347] <... close resumed>) = 0 [pid 346] <... exit_group resumed>) = ? [pid 347] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 346] +++ exited with 0 +++ [pid 347] <... openat resumed>) = 3 [pid 323] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 347] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 347] exit_group(0) = ? [pid 347] +++ exited with 0 +++ [pid 325] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 325] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 325] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 325] <... openat resumed>) = 3 [pid 323] <... openat resumed>) = 3 [pid 325] ioctl(3, LOOP_CLR_FD [pid 323] ioctl(3, LOOP_CLR_FD [pid 325] <... ioctl resumed>) = 0 [pid 323] <... ioctl resumed>) = 0 [pid 325] close(3 [pid 323] close(3 [pid 325] <... close resumed>) = 0 [pid 323] <... close resumed>) = 0 [pid 325] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 323] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 325] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 352 [pid 323] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 353 [pid 334] <... mount resumed>) = 0 [pid 334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 334] chdir("./file0") = 0 [pid 334] ioctl(4, LOOP_CLR_FD) = 0 [pid 334] close(4) = 0 [pid 334] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 334] ioctl(4, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 334] exit_group(0) = ? [pid 334] +++ exited with 0 +++ [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=5} --- [pid 326] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 354 [pid 333] <... mount resumed>) = 0 [pid 333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 333] chdir("./file0") = 0 [pid 333] ioctl(4, LOOP_CLR_FD) = 0 [pid 333] close(4) = 0 [pid 333] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4 [pid 333] ioctl(4, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 333] exit_group(0) = ? [pid 333] +++ exited with 0 +++ [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=8} --- [ 20.124076][ T336] R13: ffff888101bdc3c8 R14: 0000000000000001 R15: ffff88810a146000 [ 20.124093][ T336] FS: 00005555572ab300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 20.210054][ T333] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000,block_validity,debug_want_extra_isize=0x0000000000000064,nombcache,nobh,nobh,,errors=continue. Quota mode: writeback. [ 20.214339][ T336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.214358][ T336] CR2: 000055c7b0d11618 CR3: 000000011faf3000 CR4: 00000000003506a0 [pid 324] restart_syscall(<... resuming interrupted clone ...> [pid 330] chdir("./file0") = 0 [pid 330] ioctl(4, LOOP_CLR_FD) = 0 [pid 324] <... restart_syscall resumed>) = 0 [pid 330] close(4) = 0 [pid 330] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 330] <... openat resumed>) = 4 [pid 324] <... openat resumed>) = 3 [pid 330] ioctl(4, FS_IOC_GETFSMAP, 0x20000380 [pid 324] ioctl(3, LOOP_CLR_FD [pid 330] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 324] <... ioctl resumed>) = 0 [pid 330] exit_group(0 [pid 324] close(3 [pid 330] <... exit_group resumed>) = ? [pid 324] <... close resumed>) = 0 [pid 330] +++ exited with 0 +++ [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 328] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 324] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 355 [pid 328] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 328] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 328] ioctl(3, LOOP_CLR_FD) = 0 [pid 328] close(3) = 0 [pid 328] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 356 ./strace-static-x86_64: Process 352 attached [pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 352] setpgid(0, 0) = 0 [pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 352] write(3, "1000", 4) = 4 [pid 352] close(3) = 0 [pid 352] memfd_create("syzkaller", 0) = 3 [pid 352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 352] munmap(0x7f2672ebb000, 262144) = 0 [pid 352] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 352] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 352] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 353 attached [pid 353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 20.214379][ T336] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.214392][ T336] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.273377][ T336] Call Trace: [ 20.276491][ T336] [ 20.279271][ T336] ext4_mballoc_query_range+0xc5/0x7b0 [ 20.284561][ T336] ? ext4_getfsmap_dev_compare+0x90/0x90 [ 20.290028][ T336] ? ext4_trim_fs+0x17f0/0x17f0 [ 20.294716][ T336] ? __kasan_kmalloc+0x9/0x10 [ 20.299234][ T336] ext4_getfsmap_datadev+0x1cc8/0x2950 [ 20.304528][ T336] ? ext4_getfsmap+0x1060/0x1060 [pid 352] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 352] close(4) = 0 [pid 352] close(3) = 0 [pid 353] setpgid(0, 0) = 0 [pid 353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 353] write(3, "1000", 4 [pid 352] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 353] <... write resumed>) = 4 [pid 352] <... openat resumed>) = 3 [pid 353] close(3 [pid 352] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 353] <... close resumed>) = 0 [pid 353] memfd_create("syzkaller", 0 [pid 352] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 353] <... memfd_create resumed>) = 3 [pid 352] exit_group(0 [pid 353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 352] <... exit_group resumed>) = ? [pid 353] <... mmap resumed>) = 0x7f2672ebb000 [pid 352] +++ exited with 0 +++ [pid 353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 325] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 325] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 353] <... write resumed>) = 262144 [pid 325] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 325] ioctl(3, LOOP_CLR_FD) = 0 [pid 325] close(3) = 0 [pid 325] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 357 [pid 353] munmap(0x7f2672ebb000, 262144) = 0 [pid 353] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 353] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 353] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 354 attached [pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 354] setpgid(0, 0) = 0 [ 20.309296][ T336] ? ext4_getfsmap+0x1060/0x1060 [ 20.314084][ T336] ext4_getfsmap+0xcc6/0x1060 [ 20.318583][ T336] ? ext4_getfsmap+0x1060/0x1060 [ 20.323356][ T336] ? page_remove_rmap+0xebe/0x1420 [ 20.328307][ T336] ? ext4_fsmap_to_internal+0x310/0x310 [ 20.333689][ T336] ? ext4_getfsmap+0x1060/0x1060 [ 20.338462][ T336] ? ext4_dax_dontcache+0x160/0x160 [ 20.343496][ T336] ? memcpy+0x56/0x70 [ 20.347310][ T336] ? ext4_fsmap_to_internal+0x1c8/0x310 [ 20.352702][ T336] ext4_ioctl+0x3463/0x5800 [ 20.357033][ T336] ? __kasan_check_write+0x14/0x20 [pid 353] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 353] close(4) = 0 [pid 353] close(3) = 0 [pid 353] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 353] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 353] exit_group(0) = ? [pid 353] +++ exited with 0 +++ [pid 323] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=353, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 323] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 323] ioctl(3, LOOP_CLR_FD) = 0 [pid 323] close(3) = 0 [pid 323] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 358 [pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 354] write(3, "1000", 4) = 4 [pid 354] close(3) = 0 [pid 354] memfd_create("syzkaller", 0) = 3 [pid 354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 354] munmap(0x7f2672ebb000, 262144) = 0 [pid 354] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 354] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 354] ioctl(4, LOOP_CLR_FD) = 0 [pid 354] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 354] close(4) = 0 [pid 354] close(3) = 0 [ 20.361980][ T336] ? __switch_to+0x62a/0x1190 [ 20.366491][ T336] ? do_vfs_ioctl+0x1a90/0x2a80 [ 20.371177][ T336] ? ext4_fileattr_set+0x1740/0x1740 [ 20.376299][ T336] ? __x64_compat_sys_ioctl+0x90/0x90 [ 20.381506][ T336] ? native_set_ldt+0x360/0x360 [ 20.386196][ T336] ? finish_task_switch+0x167/0x7b0 [ 20.391230][ T336] ? ioctl_has_perm+0x3f5/0x560 [ 20.395921][ T336] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.400950][ T336] ? cgroup_leave_frozen+0x164/0x2c0 [ 20.406071][ T336] ? selinux_file_ioctl+0x3cc/0x540 [ 20.411102][ T336] ? selinux_file_alloc_security+0x120/0x120 [ 20.416919][ T336] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.421950][ T336] ? ptrace_notify+0x24c/0x350 [ 20.426554][ T336] ? security_file_ioctl+0x84/0xb0 [ 20.431499][ T336] ? ext4_fileattr_set+0x1740/0x1740 [ 20.436629][ T336] __se_sys_ioctl+0x114/0x190 [ 20.441136][ T336] __x64_sys_ioctl+0x7b/0x90 [ 20.445560][ T336] do_syscall_64+0x3d/0xb0 [ 20.449818][ T336] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.455543][ T336] RIP: 0033:0x7f267b3083f9 [ 20.459794][ T336] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 20.479366][ T336] RSP: 002b:00007ffc9de2d958 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 20.487612][ T336] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f267b3083f9 [ 20.495419][ T336] RDX: 0000000020000380 RSI: 00000000c0c0583b RDI: 0000000000000004 [ 20.503231][ T336] RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d [pid 354] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 354] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 354] exit_group(0) = ? [pid 354] +++ exited with 0 +++ [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 359 ./strace-static-x86_64: Process 359 attached [pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 359] setpgid(0, 0) = 0 [pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 359] write(3, "1000", 4) = 4 [pid 359] close(3) = 0 [pid 359] memfd_create("syzkaller", 0) = 3 [pid 359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 359] munmap(0x7f2672ebb000, 262144) = 0 [pid 359] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 359] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 359] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 355 attached [pid 355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 359] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 359] close(4) = 0 [pid 359] close(3 [pid 355] setpgid(0, 0) = 0 [pid 355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 355] write(3, "1000", 4) = 4 [pid 355] close(3) = 0 [pid 355] memfd_create("syzkaller", 0 [pid 359] <... close resumed>) = 0 [pid 355] <... memfd_create resumed>) = 3 [pid 355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 359] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 355] <... mmap resumed>) = 0x7f2672ebb000 [pid 359] <... openat resumed>) = 3 [pid 355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 359] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 359] exit_group(0) = ? [pid 359] +++ exited with 0 +++ [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=359, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 326] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 360 [pid 355] <... write resumed>) = 262144 [pid 355] munmap(0x7f2672ebb000, 262144) = 0 [pid 355] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 355] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 355] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 360 attached [pid 360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 360] setpgid(0, 0 [pid 355] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 355] close(4) = 0 [pid 355] close(3) = 0 [pid 355] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 360] <... setpgid resumed>) = 0 [pid 355] <... openat resumed>) = 3 [pid 360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 355] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 360] <... openat resumed>) = 3 [pid 355] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 360] write(3, "1000", 4 [pid 355] exit_group(0 [pid 360] <... write resumed>) = 4 [pid 355] <... exit_group resumed>) = ? [pid 360] close(3 [pid 355] +++ exited with 0 +++ [pid 360] <... close resumed>) = 0 [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=355, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 360] memfd_create("syzkaller", 0 [pid 324] restart_syscall(<... resuming interrupted clone ...> [pid 360] <... memfd_create resumed>) = 3 [pid 324] <... restart_syscall resumed>) = 0 [pid 360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 360] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 324] ioctl(3, LOOP_CLR_FD) = 0 [pid 324] close(3) = 0 [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 360] <... write resumed>) = 262144 [pid 324] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 361 [pid 360] munmap(0x7f2672ebb000, 262144) = 0 [pid 360] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 360] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 360] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 361 attached [pid 361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 361] setpgid(0, 0 [pid 360] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 360] close(4 [pid 361] <... setpgid resumed>) = 0 [pid 361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 360] <... close resumed>) = 0 [pid 361] <... openat resumed>) = 3 [pid 360] close(3 [pid 361] write(3, "1000", 4 [pid 360] <... close resumed>) = 0 [pid 361] <... write resumed>) = 4 [pid 360] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 361] close(3 [pid 360] <... openat resumed>) = 3 [pid 361] <... close resumed>) = 0 [pid 360] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 361] memfd_create("syzkaller", 0 [pid 360] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 361] <... memfd_create resumed>) = 3 [pid 360] exit_group(0 [pid 361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 360] <... exit_group resumed>) = ? [pid 361] <... mmap resumed>) = 0x7f2672ebb000 [pid 360] +++ exited with 0 +++ [pid 361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=360, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 361] <... write resumed>) = 262144 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 362 [pid 361] munmap(0x7f2672ebb000, 262144) = 0 [pid 361] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 361] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 361] ioctl(4, LOOP_CLR_FD) = 0 [pid 361] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 361] close(4) = 0 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 ./strace-static-x86_64: Process 362 attached [pid 361] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 362] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 361] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 362] <... prctl resumed>) = 0 [pid 361] exit_group(0 [pid 362] setpgid(0, 0 [pid 361] <... exit_group resumed>) = ? [pid 362] <... setpgid resumed>) = 0 [pid 361] +++ exited with 0 +++ [pid 362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=361, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 362] <... openat resumed>) = 3 [pid 362] write(3, "1000", 4) = 4 [pid 362] close(3) = 0 [pid 362] memfd_create("syzkaller", 0) = 3 [pid 362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 362] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 324] ioctl(3, LOOP_CLR_FD) = 0 [pid 324] close(3) = 0 [pid 362] <... write resumed>) = 262144 [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 363 [pid 362] munmap(0x7f2672ebb000, 262144) = 0 [pid 362] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 362] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 362] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 358 attached ./strace-static-x86_64: Process 357 attached ./strace-static-x86_64: Process 356 attached [pid 362] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 362] close(4) = 0 [pid 362] close(3) = 0 [pid 362] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000./strace-static-x86_64: Process 363 attached ) = 3 [pid 363] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 362] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 363] <... prctl resumed>) = 0 [pid 362] exit_group(0 [pid 363] setpgid(0, 0) = 0 [pid 362] <... exit_group resumed>) = ? [pid 363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 362] +++ exited with 0 +++ [pid 363] <... openat resumed>) = 3 [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=362, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 363] write(3, "1000", 4) = 4 [pid 363] close(3) = 0 [pid 363] memfd_create("syzkaller", 0) = 3 [pid 363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 358] <... prctl resumed>) = 0 [pid 357] <... prctl resumed>) = 0 [pid 356] <... prctl resumed>) = 0 [pid 363] <... mmap resumed>) = 0x7f2672ebb000 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 326] <... openat resumed>) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 364 [pid 363] <... write resumed>) = 262144 [pid 363] munmap(0x7f2672ebb000, 262144) = 0 [pid 363] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 363] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 363] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 364 attached [pid 364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 364] setpgid(0, 0) = 0 [pid 363] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 363] close(4) = 0 [pid 363] close(3) = 0 [pid 363] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 363] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 363] exit_group(0 [pid 364] <... openat resumed>) = 3 [pid 363] <... exit_group resumed>) = ? [ 20.511045][ T336] R10: 000000000000041b R11: 0000000000000246 R12: 00007f267b2c75d0 [ 20.518862][ T336] R13: 00007ffc9de2d980 R14: 00007ffc9de2d96c R15: 00007ffc9de2d970 [ 20.526669][ T336] [ 20.529529][ T336] Modules linked in: [ 20.534625][ T336] ---[ end trace f7840bb66e83e6ee ]--- [ 20.540713][ T336] RIP: 0010:ext4_mb_load_buddy_gfp+0xee5/0xf00 [pid 364] write(3, "1000", 4 [pid 363] +++ exited with 0 +++ [pid 364] <... write resumed>) = 4 [pid 364] close(3 [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=363, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 364] <... close resumed>) = 0 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 364] memfd_create("syzkaller", 0 [pid 324] <... openat resumed>) = 3 [pid 364] <... memfd_create resumed>) = 3 [pid 324] ioctl(3, LOOP_CLR_FD [pid 364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 358] setpgid(0, 0 [pid 357] setpgid(0, 0 [pid 356] setpgid(0, 0 [pid 324] <... ioctl resumed>) = 0 [pid 364] <... mmap resumed>) = 0x7f2672ebb000 [pid 324] close(3 [pid 364] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 324] <... close resumed>) = 0 [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 358] <... setpgid resumed>) = 0 [pid 357] <... setpgid resumed>) = 0 [pid 356] <... setpgid resumed>) = 0 [pid 364] <... write resumed>) = 262144 [pid 358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 324] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 365 [pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 364] munmap(0x7f2672ebb000, 262144) = 0 [pid 364] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 364] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 364] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 365 attached [pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 365] setpgid(0, 0) = 0 [pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 364] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 364] close(4) = 0 [pid 364] close(3) = 0 [pid 364] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 365] <... openat resumed>) = 3 [pid 364] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 365] write(3, "1000", 4 [pid 364] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 365] <... write resumed>) = 4 [pid 364] exit_group(0 [pid 365] close(3) = 0 [pid 364] <... exit_group resumed>) = ? [pid 365] memfd_create("syzkaller", 0 [pid 364] +++ exited with 0 +++ [pid 365] <... memfd_create resumed>) = 3 [pid 358] <... openat resumed>) = 3 [pid 357] <... openat resumed>) = 3 [pid 356] <... openat resumed>) = 3 [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=364, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2672ebb000 [pid 365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 326] ioctl(3, LOOP_CLR_FD) = 0 [pid 326] close(3) = 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 358] write(3, "1000", 4 [pid 357] write(3, "1000", 4 [pid 356] write(3, "1000", 4 [pid 365] <... write resumed>) = 262144 [pid 326] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 366 [pid 365] munmap(0x7f2672ebb000, 262144) = 0 [pid 365] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 358] <... write resumed>) = 4 [pid 357] <... write resumed>) = 4 [pid 356] <... write resumed>) = 4 [pid 365] <... openat resumed>) = 4 [pid 365] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 365] ioctl(4, LOOP_CLR_FD) = 0 [ 20.547345][ T336] Code: b1 11 c8 ff e9 0d f4 ff ff e8 57 d7 86 ff 48 c7 c7 80 78 69 86 4c 89 fe 4c 89 f2 e8 95 4e 94 00 e9 87 f2 ff ff e8 3b d7 86 ff <0f> 0b e8 34 d7 86 ff 0f 0b e8 2d d7 86 ff 0f 0b 66 2e 0f 1f 84 00 [ 20.576191][ T336] RSP: 0018:ffffc90000a87320 EFLAGS: 00010293 [ 20.587542][ T336] RAX: ffffffff81e89a85 RBX: 0000000000000001 RCX: ffff888105b92780 [ 20.599181][ T336] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [pid 365] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 366 attached ) = -1 EBUSY (Device or resource busy) [pid 366] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 365] close(4 [pid 366] <... prctl resumed>) = 0 [pid 365] <... close resumed>) = 0 [pid 366] setpgid(0, 0 [pid 365] close(3 [pid 366] <... setpgid resumed>) = 0 [pid 365] <... close resumed>) = 0 [pid 366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 365] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 366] <... openat resumed>) = 3 [pid 365] <... openat resumed>) = 3 [pid 358] close(3 [pid 357] close(3 [pid 356] close(3 [pid 366] write(3, "1000", 4 [pid 365] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 358] <... close resumed>) = 0 [pid 357] <... close resumed>) = 0 [pid 356] <... close resumed>) = 0 [pid 366] <... write resumed>) = 4 [pid 365] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 358] memfd_create("syzkaller", 0 [pid 357] memfd_create("syzkaller", 0 [pid 356] memfd_create("syzkaller", 0 [pid 366] close(3 [pid 365] exit_group(0 [pid 358] <... memfd_create resumed>) = 3 [pid 357] <... memfd_create resumed>) = 3 [pid 356] <... memfd_create resumed>) = 3 [pid 366] <... close resumed>) = 0 [pid 365] <... exit_group resumed>) = ? [pid 366] memfd_create("syzkaller", 0 [pid 365] +++ exited with 0 +++ [pid 366] <... memfd_create resumed>) = 3 [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=365, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 324] restart_syscall(<... resuming interrupted clone ...> [pid 366] <... mmap resumed>) = 0x7f2672ebb000 [pid 324] <... restart_syscall resumed>) = 0 [pid 366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 366] <... write resumed>) = 262144 [pid 324] ioctl(3, LOOP_CLR_FD) = 0 [pid 324] close(3) = 0 [pid 366] munmap(0x7f2672ebb000, 262144 [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 366] <... munmap resumed>) = 0 [pid 358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 366] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 324] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 367 [pid 366] <... openat resumed>) = 4 [pid 366] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 366] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 367 attached [pid 367] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 366] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 366] close(4) = 0 [pid 366] close(3) = 0 [pid 366] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 366] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 366] exit_group(0 [pid 367] <... prctl resumed>) = 0 [pid 366] <... exit_group resumed>) = ? [pid 367] setpgid(0, 0 [pid 366] +++ exited with 0 +++ [pid 367] <... setpgid resumed>) = 0 [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=366, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 358] <... mmap resumed>) = 0x7f2672ebb000 [pid 357] <... mmap resumed>) = 0x7f2672ebb000 [pid 356] <... mmap resumed>) = 0x7f2672ebb000 [pid 367] <... openat resumed>) = 3 [pid 367] write(3, "1000", 4 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 367] <... write resumed>) = 4 [pid 326] <... openat resumed>) = 3 [pid 367] close(3 [pid 326] ioctl(3, LOOP_CLR_FD [pid 367] <... close resumed>) = 0 [pid 326] <... ioctl resumed>) = 0 [pid 367] memfd_create("syzkaller", 0 [pid 326] close(3 [pid 367] <... memfd_create resumed>) = 3 [pid 326] <... close resumed>) = 0 [pid 367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 326] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 367] <... mmap resumed>) = 0x7f2672ebb000 [pid 367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 326] <... clone resumed>, child_tidptr=0x5555572ab5d0) = 368 [pid 357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 367] <... write resumed>) = 262144 [pid 367] munmap(0x7f2672ebb000, 262144) = 0 [pid 367] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 367] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 367] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 368 attached [pid 368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 368] setpgid(0, 0) = 0 [pid 367] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 367] close(4) = 0 [pid 367] close(3) = 0 [pid 367] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3 [pid 367] ioctl(3, FS_IOC_GETFSMAP, 0x20000380) = -1 EINVAL (Invalid argument) [pid 368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 367] exit_group(0 [pid 368] <... openat resumed>) = 3 [pid 367] <... exit_group resumed>) = ? [pid 368] write(3, "1000", 4 [pid 367] +++ exited with 0 +++ [pid 368] <... write resumed>) = 4 [pid 324] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=367, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 368] close(3) = 0 [ 20.610927][ T336] RBP: ffffc90000a873b0 R08: ffffffff81e88cb4 R09: ffffc90000a87460 [ 20.623669][ T336] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1102037b879 [ 20.632479][ T336] R13: ffff888101bdc3c8 R14: 0000000000000001 R15: ffff88810a146000 [ 20.652369][ T336] FS: 00005555572ab300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [pid 368] memfd_create("syzkaller", 0 [pid 358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 357] <... write resumed>) = 262144 [pid 356] <... write resumed>) = 262144 [pid 324] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 368] <... memfd_create resumed>) = 3 [pid 324] <... openat resumed>) = 3 [pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 324] ioctl(3, LOOP_CLR_FD [pid 368] <... mmap resumed>) = 0x7f2672ebb000 [pid 324] <... ioctl resumed>) = 0 [pid 368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 324] close(3 [pid 358] <... write resumed>) = 262144 [pid 357] munmap(0x7f2672ebb000, 262144 [pid 356] munmap(0x7f2672ebb000, 262144 [pid 324] <... close resumed>) = 0 [pid 324] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555572ab5d0) = 369 [pid 368] <... write resumed>) = 262144 [pid 368] munmap(0x7f2672ebb000, 262144) = 0 [pid 368] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 358] munmap(0x7f2672ebb000, 262144 [pid 368] ioctl(4, LOOP_SET_FD, 3 [pid 357] <... munmap resumed>) = 0 [pid 356] <... munmap resumed>) = 0 [pid 368] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 368] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 369 attached [pid 369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 369] setpgid(0, 0) = 0 [pid 368] ioctl(4, LOOP_SET_FD, 3 [pid 369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 368] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 369] <... openat resumed>) = 3 [pid 368] close(4 [pid 369] write(3, "1000", 4 [pid 368] <... close resumed>) = 0 [pid 369] <... write resumed>) = 4 [pid 368] close(3 [pid 369] close(3 [pid 368] <... close resumed>) = 0 [pid 358] <... munmap resumed>) = 0 [pid 357] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 356] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 369] <... close resumed>) = 0 [pid 368] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 369] memfd_create("syzkaller", 0 [pid 368] <... openat resumed>) = 3 [pid 369] <... memfd_create resumed>) = 3 [pid 368] ioctl(3, FS_IOC_GETFSMAP, 0x20000380 [pid 369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 368] <... ioctl resumed>) = -1 EINVAL (Invalid argument) [pid 369] <... mmap resumed>) = 0x7f2672ebb000 [pid 368] exit_group(0 [pid 358] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 357] <... openat resumed>) = 4 [pid 356] <... openat resumed>) = 4 [pid 369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 [pid 368] <... exit_group resumed>) = ? [pid 369] <... write resumed>) = 262144 [pid 368] +++ exited with 0 +++ [pid 326] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=368, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 369] munmap(0x7f2672ebb000, 262144) = 0 [pid 369] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 369] ioctl(4, LOOP_SET_FD, 3 [pid 326] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 369] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 326] ioctl(3, LOOP_CLR_FD [pid 369] ioctl(4, LOOP_CLR_FD [pid 326] <... ioctl resumed>) = 0 [pid 369] <... ioctl resumed>) = 0 [pid 358] <... openat resumed>) = 4 [pid 357] ioctl(4, LOOP_SET_FD, 3 [pid 356] ioctl(4, LOOP_SET_FD, 3 [pid 326] close(3 [pid 358] ioctl(4, LOOP_SET_FD, 3 [pid 357] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 356] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [ 20.668299][ T336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.675904][ T336] CR2: 00007f2672efa000 CR3: 000000011faf3000 CR4: 00000000003506a0 [ 20.684427][ T336] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.697871][ T336] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.706296][ T336] Kernel panic - not syncing: Fatal exception [ 20.712382][ T336] Kernel Offset: disabled [ 20.716525][ T336] Rebooting in 86400 seconds..