./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2769923776 <...> Warning: Permanently added '10.128.0.216' (ED25519) to the list of known hosts. execve("./syz-executor2769923776", ["./syz-executor2769923776"], 0x7ffc742a88e0 /* 10 vars */) = 0 brk(NULL) = 0x55555f7fe000 brk(0x55555f7fed40) = 0x55555f7fed40 arch_prctl(ARCH_SET_FS, 0x55555f7fe3c0) = 0 set_tid_address(0x55555f7fe690) = 5827 set_robust_list(0x55555f7fe6a0, 24) = 0 rseq(0x55555f7fece0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2769923776", 4096) = 28 getrandom("\xca\xe2\xab\xcf\x84\x49\x55\x1f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555f7fed40 brk(0x55555f81fd40) = 0x55555f81fd40 brk(0x55555f820000) = 0x55555f820000 mprotect(0x7f2bc4273000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached [pid 5828] set_robust_list(0x55555f7fe6a0, 24 [pid 5827] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5828 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "10000000000", 11) = 11 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "20", 2) = 2 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "1", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "0", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "0", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "1", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "100", 3) = 3 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "0", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "0", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "7 4 1 3", 7) = 7 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "1", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "1", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "0", 1) = 1 [pid 5827] close(3) = 0 [pid 5827] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] write(3, "5828", 4) = 4 [pid 5827] close(3) = 0 [pid 5827] kill(5828, SIGKILL) = 0 [pid 5828] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5828, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5829 attached , child_tidptr=0x55555f7fe690) = 5829 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] set_robust_list(0x55555f7fe6a0, 24) = 0 ./strace-static-x86_64: Process 5830 attached [pid 5829] mkdir("./syzkaller.ooSGVH", 0700 [pid 5827] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5830 [pid 5830] set_robust_list(0x55555f7fe6a0, 24 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5830] <... set_robust_list resumed>) = 0 [pid 5830] mkdir("./syzkaller.2uFkbG", 0700./strace-static-x86_64: Process 5831 attached [pid 5829] <... mkdir resumed>) = 0 [pid 5829] chmod("./syzkaller.ooSGVH", 0777 [pid 5830] <... mkdir resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5831 [pid 5831] set_robust_list(0x55555f7fe6a0, 24 [pid 5829] <... chmod resumed>) = 0 [pid 5830] chmod("./syzkaller.2uFkbG", 0777 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] chdir("./syzkaller.ooSGVH" [pid 5831] mkdir("./syzkaller.VGvWB9", 0700 [pid 5830] <... chmod resumed>) = 0 [pid 5830] chdir("./syzkaller.2uFkbG") = 0 ./strace-static-x86_64: Process 5832 attached [pid 5831] <... mkdir resumed>) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5832 [pid 5832] set_robust_list(0x55555f7fe6a0, 24 [pid 5831] chmod("./syzkaller.VGvWB9", 0777 [pid 5830] mkdir("./0", 0777 [pid 5829] mkdir("./0", 0777 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5833 attached [pid 5827] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5833 [pid 5831] chdir("./syzkaller.VGvWB9" [pid 5830] <... mkdir resumed>) = 0 [pid 5829] <... mkdir resumed>) = 0 [pid 5832] mkdir("./syzkaller.X2Fy48", 0700 [pid 5833] set_robust_list(0x55555f7fe6a0, 24 [pid 5831] <... chdir resumed>) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5831] mkdir("./0", 0777 [pid 5833] mkdir("./syzkaller.w40gqL", 0700 [pid 5831] <... mkdir resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5832] <... mkdir resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5833] <... mkdir resumed>) = 0 [pid 5832] chmod("./syzkaller.X2Fy48", 0777 [pid 5830] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5833] chmod("./syzkaller.w40gqL", 0777 [pid 5832] <... chmod resumed>) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5830] ioctl(3, LOOP_CLR_FD [pid 5829] ioctl(3, LOOP_CLR_FD [pid 5833] <... chmod resumed>) = 0 [pid 5833] chdir("./syzkaller.w40gqL" [pid 5832] chdir("./syzkaller.X2Fy48" [pid 5831] ioctl(3, LOOP_CLR_FD [pid 5830] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5833] <... chdir resumed>) = 0 [pid 5833] mkdir("./0", 0777 [pid 5832] <... chdir resumed>) = 0 [pid 5831] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5830] close(3 [pid 5831] close(3 [pid 5830] <... close resumed>) = 0 [pid 5829] close(3 [pid 5832] mkdir("./0", 0777 [pid 5831] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5831] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5834 attached [pid 5834] set_robust_list(0x55555f7fe6a0, 24./strace-static-x86_64: Process 5835 attached [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5832] <... mkdir resumed>) = 0 [pid 5831] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5834 [pid 5830] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5829] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5835 [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5833] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5836 attached [pid 5835] set_robust_list(0x55555f7fe6a0, 24 [pid 5834] chdir("./0" [pid 5832] ioctl(3, LOOP_CLR_FD [pid 5836] set_robust_list(0x55555f7fe6a0, 24 [pid 5834] <... chdir resumed>) = 0 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] chdir("./0" [pid 5835] <... set_robust_list resumed>) = 0 [pid 5834] <... prctl resumed>) = 0 [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5832] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5830] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5836 [pid 5834] setpgid(0, 0) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5835] chdir("./0" [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5833] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5832] close(3 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] <... close resumed>) = 0 [pid 5836] setpgid(0, 0) = 0 [pid 5835] <... chdir resumed>) = 0 [pid 5834] <... openat resumed>) = 3 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5833] close(3 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5833] <... close resumed>) = 0 ./strace-static-x86_64: Process 5838 attached [pid 5836] <... openat resumed>) = 3 [pid 5834] write(3, "1000", 4) = 4 [pid 5834] close(3) = 0 [pid 5836] write(3, "1000", 4 [pid 5834] symlink("/dev/binderfs", "./binderfs" [pid 5838] set_robust_list(0x55555f7fe6a0, 24 [pid 5836] <... write resumed>) = 4 [pid 5835] <... prctl resumed>) = 0 [pid 5834] <... symlink resumed>) = 0 [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5838 [pid 5836] close(3) = 0 [pid 5838] <... set_robust_list resumed>) = 0 [pid 5838] chdir("./0" [pid 5836] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5835] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5840 attached executing program executing program [pid 5838] <... chdir resumed>) = 0 [pid 5836] write(1, "executing program\n", 18 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5834] write(1, "executing program\n", 18 [pid 5833] <... clone resumed>, child_tidptr=0x55555f7fe690) = 5840 [pid 5836] <... write resumed>) = 18 [pid 5834] <... write resumed>) = 18 [pid 5835] <... openat resumed>) = 3 [pid 5835] write(3, "1000", 4 [pid 5836] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] <... write resumed>) = 4 [pid 5834] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 0 [pid 5835] close(3 [pid 5834] <... futex resumed>) = 0 [pid 5836] rt_sigaction(SIGRT_1, {sa_handler=0x7f2bc420e2e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f2bc41ff490}, [pid 5835] <... close resumed>) = 0 [pid 5834] rt_sigaction(SIGRT_1, {sa_handler=0x7f2bc420e2e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f2bc41ff490}, [pid 5840] set_robust_list(0x55555f7fe6a0, 24 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5835] symlink("/dev/binderfs", "./binderfs" [pid 5834] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5838] <... prctl resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5840] chdir("./0" [pid 5838] setpgid(0, 0 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... chdir resumed>) = 0 [pid 5838] <... setpgid resumed>) = 0 [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5836] <... mmap resumed>) = 0x7f2bc417e000 [pid 5834] <... mmap resumed>) = 0x7f2bc417e000 [pid 5840] <... prctl resumed>) = 0 [pid 5838] <... openat resumed>) = 3 [pid 5835] <... symlink resumed>) = 0 [pid 5835] write(1, "executing program\n", 18) = 18 executing program [pid 5840] setpgid(0, 0 [pid 5838] write(3, "1000", 4 [pid 5836] mprotect(0x7f2bc417f000, 131072, PROT_READ|PROT_WRITE [pid 5835] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] mprotect(0x7f2bc417f000, 131072, PROT_READ|PROT_WRITE [pid 5835] <... futex resumed>) = 0 [pid 5838] <... write resumed>) = 4 [pid 5836] <... mprotect resumed>) = 0 [pid 5835] rt_sigaction(SIGRT_1, {sa_handler=0x7f2bc420e2e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f2bc41ff490}, [pid 5834] <... mprotect resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5835] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5838] close(3 [pid 5835] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5834] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5840] <... setpgid resumed>) = 0 [pid 5838] <... close resumed>) = 0 [pid 5836] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5835] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc419e990, parent_tid=0x7f2bc419e990, exit_signal=0, stack=0x7f2bc417e000, stack_size=0x20300, tls=0x7f2bc419e6c0} [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc419e990, parent_tid=0x7f2bc419e990, exit_signal=0, stack=0x7f2bc417e000, stack_size=0x20300, tls=0x7f2bc419e6c0} [pid 5835] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5842 attached ./strace-static-x86_64: Process 5841 attached [pid 5840] <... openat resumed>) = 3 [pid 5838] <... symlink resumed>) = 0 [pid 5834] <... clone3 resumed> => {parent_tid=[5841]}, 88) = 5841 [pid 5840] write(3, "1000", 4 [pid 5838] write(1, "executing program\n", 18executing program [pid 5836] <... clone3 resumed> => {parent_tid=[5842]}, 88) = 5842 [pid 5842] rseq(0x7f2bc419efe0, 0x20, 0, 0x53053053 [pid 5841] rseq(0x7f2bc419efe0, 0x20, 0, 0x53053053 [pid 5835] <... mmap resumed>) = 0x7f2bc417e000 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] <... rseq resumed>) = 0 [pid 5841] <... rseq resumed>) = 0 [pid 5840] <... write resumed>) = 4 [pid 5838] <... write resumed>) = 18 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5835] mprotect(0x7f2bc417f000, 131072, PROT_READ|PROT_WRITE [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] set_robust_list(0x7f2bc419e9a0, 24 [pid 5841] set_robust_list(0x7f2bc419e9a0, 24 [pid 5840] close(3 [pid 5838] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5835] <... mprotect resumed>) = 0 [pid 5834] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] <... close resumed>) = 0 [pid 5838] <... futex resumed>) = 0 [pid 5836] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5834] <... futex resumed>) = 0 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5838] rt_sigaction(SIGRT_1, {sa_handler=0x7f2bc420e2e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f2bc41ff490}, [pid 5836] <... futex resumed>) = 0 [pid 5834] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}executing program [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... symlink resumed>) = 0 [pid 5838] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5836] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5835] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5840] write(1, "executing program\n", 18 [pid 5838] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5835] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc419e990, parent_tid=0x7f2bc419e990, exit_signal=0, stack=0x7f2bc417e000, stack_size=0x20300, tls=0x7f2bc419e6c0} [pid 5840] <... write resumed>) = 18 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5841] memfd_create("syzkaller", 0 [pid 5840] <... futex resumed>) = 0 [pid 5838] <... mmap resumed>) = 0x7f2bc417e000 ./strace-static-x86_64: Process 5843 attached [pid 5840] rt_sigaction(SIGRT_1, {sa_handler=0x7f2bc420e2e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f2bc41ff490}, [pid 5838] mprotect(0x7f2bc417f000, 131072, PROT_READ|PROT_WRITE [pid 5843] rseq(0x7f2bc419efe0, 0x20, 0, 0x53053053 [pid 5840] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5838] <... mprotect resumed>) = 0 [pid 5843] <... rseq resumed>) = 0 [pid 5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5838] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5843] set_robust_list(0x7f2bc419e9a0, 24 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5838] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... mmap resumed>) = 0x7f2bc417e000 [pid 5838] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc419e990, parent_tid=0x7f2bc419e990, exit_signal=0, stack=0x7f2bc417e000, stack_size=0x20300, tls=0x7f2bc419e6c0}./strace-static-x86_64: Process 5844 attached [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] memfd_create("syzkaller", 0 [pid 5841] <... memfd_create resumed>) = 3 [pid 5840] mprotect(0x7f2bc417f000, 131072, PROT_READ|PROT_WRITE [pid 5835] <... clone3 resumed> => {parent_tid=[5843]}, 88) = 5843 [pid 5835] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5835] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5835] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5841] <... mmap resumed>) = 0x7f2bbbc00000 [pid 5835] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] rseq(0x7f2bc419efe0, 0x20, 0, 0x53053053 [pid 5843] memfd_create("syzkaller", 0 [pid 5842] <... memfd_create resumed>) = 3 [pid 5840] <... mprotect resumed>) = 0 [pid 5844] <... rseq resumed>) = 0 [pid 5843] <... memfd_create resumed>) = 3 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5838] <... clone3 resumed> => {parent_tid=[5844]}, 88) = 5844 [pid 5844] set_robust_list(0x7f2bc419e9a0, 24 [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5840] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] <... set_robust_list resumed>) = 0 [pid 5843] <... mmap resumed>) = 0x7f2bbbc00000 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc419e990, parent_tid=0x7f2bc419e990, exit_signal=0, stack=0x7f2bc417e000, stack_size=0x20300, tls=0x7f2bc419e6c0} [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536./strace-static-x86_64: Process 5845 attached [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] <... mmap resumed>) = 0x7f2bbbc00000 [pid 5844] memfd_create("syzkaller", 0 [pid 5840] <... clone3 resumed> => {parent_tid=[5845]}, 88) = 5845 [pid 5838] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... memfd_create resumed>) = 3 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5838] <... futex resumed>) = 0 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5840] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2bbbc00000 [pid 5845] rseq(0x7f2bc419efe0, 0x20, 0, 0x53053053) = 0 [pid 5845] set_robust_list(0x7f2bc419e9a0, 24) = 0 [pid 5843] <... write resumed>) = 65536 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5845] memfd_create("syzkaller", 0) = 3 [pid 5843] munmap(0x7f2bbbc00000, 138412032 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5843] <... munmap resumed>) = 0 [pid 5842] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5841] <... write resumed>) = 65536 [pid 5845] <... mmap resumed>) = 0x7f2bbbc00000 [pid 5845] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5844] <... write resumed>) = 65536 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5844] munmap(0x7f2bbbc00000, 138412032 [pid 5842] <... write resumed>) = 65536 [pid 5841] munmap(0x7f2bbbc00000, 138412032 [pid 5843] <... openat resumed>) = 4 [pid 5844] <... munmap resumed>) = 0 [pid 5841] <... munmap resumed>) = 0 [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5842] munmap(0x7f2bbbc00000, 138412032 [pid 5841] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5845] <... write resumed>) = 65536 [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5843] <... ioctl resumed>) = 0 [pid 5842] <... munmap resumed>) = 0 [pid 5844] <... openat resumed>) = 4 [pid 5845] munmap(0x7f2bbbc00000, 138412032) = 0 [pid 5844] ioctl(4, LOOP_SET_FD, 3 [pid 5842] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5845] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5843] close(3 [pid 5842] <... openat resumed>) = 4 [pid 5841] <... ioctl resumed>) = 0 [pid 5845] <... openat resumed>) = 4 [pid 5843] <... close resumed>) = 0 [pid 5845] ioctl(4, LOOP_SET_FD, 3 [pid 5843] close(4 [pid 5841] close(3 [pid 5844] <... ioctl resumed>) = 0 [pid 5842] ioctl(4, LOOP_SET_FD, 3 [pid 5845] <... ioctl resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5845] close(3 [pid 5843] mkdir("./file0", 0777 [pid 5841] close(4 [pid 5845] <... close resumed>) = 0 [pid 5843] <... mkdir resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5845] close(4 [ 90.004156][ T5841] loop2: detected capacity change from 0 to 128 [ 90.004175][ T5843] loop0: detected capacity change from 0 to 128 [ 90.011366][ T5844] loop3: detected capacity change from 0 to 128 [ 90.016672][ T5845] loop4: detected capacity change from 0 to 128 [ 90.019830][ T5842] loop1: detected capacity change from 0 to 128 [ 90.028964][ T5843] ======================================================= [pid 5843] mount("/dev/loop0", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5841] mkdir("./file0", 0777 [pid 5844] close(3 [pid 5842] <... ioctl resumed>) = 0 [pid 5844] <... close resumed>) = 0 [pid 5842] close(3 [pid 5844] close(4 [pid 5842] <... close resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5844] <... close resumed>) = 0 [pid 5841] <... mkdir resumed>) = 0 [pid 5845] mkdir("./file0", 0777 [pid 5844] mkdir("./file0", 0777 [pid 5842] close(4 [pid 5841] mount("/dev/loop2", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5845] <... mkdir resumed>) = 0 [pid 5844] <... mkdir resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5841] <... mount resumed>) = 0 [pid 5845] mount("/dev/loop4", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5844] mount("/dev/loop3", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5842] mkdir("./file0", 0777 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5841] chdir("./file0") = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5841] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5841] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] <... mkdir resumed>) = 0 [pid 5845] <... mount resumed>) = 0 [pid 5843] <... mount resumed>) = 0 [pid 5842] mount("/dev/loop1", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5834] <... futex resumed>) = 0 [pid 5844] <... mount resumed>) = 0 [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5834] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... openat resumed>) = 3 [pid 5845] <... openat resumed>) = 3 [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5843] chdir("./file0" [pid 5841] <... futex resumed>) = 0 [pid 5834] <... futex resumed>) = 1 [pid 5845] chdir("./file0" [pid 5844] <... openat resumed>) = 3 [pid 5843] <... chdir resumed>) = 0 [pid 5842] <... mount resumed>) = 0 [pid 5841] mkdir(".", 0777 [pid 5834] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5845] <... chdir resumed>) = 0 [pid 5844] chdir("./file0" [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5841] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5845] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5844] <... chdir resumed>) = 0 [pid 5843] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5842] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5841] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5843] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5841] <... mount resumed>) = 0 [pid 5841] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5844] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5841] <... openat resumed>) = 4 [pid 5844] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] chdir(".") = 0 [pid 5835] <... futex resumed>) = 0 [pid 5841] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... futex resumed>) = 0 [pid 5841] <... futex resumed>) = 1 [pid 5835] <... futex resumed>) = 1 [pid 5834] <... futex resumed>) = 0 [pid 5843] mkdir(".", 0777 [pid 5842] <... openat resumed>) = 3 [pid 5841] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5835] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5843] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5841] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5834] <... futex resumed>) = 0 [ 90.028964][ T5843] WARNING: The mand mount option has been deprecated and [ 90.028964][ T5843] and is ignored by this kernel. Remove the mand [ 90.028964][ T5843] option from the mount to silence this warning. [ 90.028964][ T5843] ======================================================= [pid 5845] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] <... futex resumed>) = 1 [pid 5843] <... mount resumed>) = 0 [pid 5842] chdir("./file0" [pid 5841] chdir("./file0" [pid 5838] <... futex resumed>) = 0 [pid 5834] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5845] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5842] <... chdir resumed>) = 0 [pid 5845] <... futex resumed>) = 1 [pid 5843] <... openat resumed>) = 4 [pid 5840] <... futex resumed>) = 0 [pid 5838] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] chdir(".") = 0 [pid 5843] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5835] <... futex resumed>) = 0 [pid 5843] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5835] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5835] <... futex resumed>) = 0 [ 90.134239][ T5841] syz-executor276: attempt to access beyond end of device [ 90.134239][ T5841] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 90.154006][ T5841] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 90.159863][ T5843] syz-executor276: attempt to access beyond end of device [ 90.159863][ T5843] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5843] chdir("./file0" [pid 5835] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5845] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5844] <... futex resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5840] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... futex resumed>) = 1 [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5845] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5844] mkdir(".", 0777 [pid 5842] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5838] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5834] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5845] mkdir(".", 0777 [pid 5844] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5842] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] futex(0x7f2bc42796bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "") = 0 [pid 5844] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY) = 4 [pid 5844] chdir(".") = 0 [pid 5844] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 90.164557][ T5841] syz-executor276: attempt to access beyond end of device [ 90.164557][ T5841] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 90.194535][ T5841] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 90.197297][ T5843] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 90.203944][ T5841] syz-executor276: attempt to access beyond end of device [ 90.203944][ T5841] loop2: rw=0, sector=26539618, nr_sectors = 2 limit=128 [pid 5844] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5845] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5842] <... futex resumed>) = 1 [pid 5838] <... futex resumed>) = 0 [pid 5836] <... futex resumed>) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5835] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5835] futex(0x7f2bc42796bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5835] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f2bc415d000 [pid 5835] mprotect(0x7f2bc415e000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5835] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5835] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc417d990, parent_tid=0x7f2bc417d990, exit_signal=0, stack=0x7f2bc415d000, stack_size=0x20300, tls=0x7f2bc417d6c0} => {parent_tid=[5847]}, 88) = 5847 [pid 5835] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5835] futex(0x7f2bc42796b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5835] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5847 attached [pid 5845] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5842] mkdir(".", 0777 [pid 5838] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [ 90.217690][ T5843] syz-executor276: attempt to access beyond end of device [ 90.217690][ T5843] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 90.229219][ T5841] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 90.249848][ T5843] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 90.256281][ T5841] syz-executor276: attempt to access beyond end of device [ 90.256281][ T5841] loop2: rw=0, sector=16147212, nr_sectors = 2 limit=128 [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5847] rseq(0x7f2bc417dfe0, 0x20, 0, 0x53053053 [pid 5845] <... mount resumed>) = 0 [pid 5844] <... futex resumed>) = 0 [pid 5842] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5838] <... futex resumed>) = 1 [pid 5836] <... futex resumed>) = 0 [pid 5834] <... mmap resumed>) = 0x7f2bc415d000 [ 90.267285][ T5843] syz-executor276: attempt to access beyond end of device [ 90.267285][ T5843] loop0: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 90.281436][ T5841] Buffer I/O error on dev loop2, logical block 8073606, async page read [ 90.297651][ T5844] syz-executor276: attempt to access beyond end of device [ 90.297651][ T5844] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 90.306868][ T5841] syz-executor276: attempt to access beyond end of device [pid 5844] chdir("./file0" [pid 5847] <... rseq resumed>) = 0 [pid 5845] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5842] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5838] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5834] mprotect(0x7f2bc415e000, 131072, PROT_READ|PROT_WRITE [pid 5835] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5847] set_robust_list(0x7f2bc417d9a0, 24 [pid 5845] <... openat resumed>) = 4 [pid 5842] <... mount resumed>) = 0 [pid 5834] <... mprotect resumed>) = 0 [ 90.306868][ T5841] loop2: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 90.336999][ T5843] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 90.346798][ T5844] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 90.347815][ T5841] Buffer I/O error on dev loop2, logical block 3245771, async page read [ 90.358175][ T5844] syz-executor276: attempt to access beyond end of device [ 90.358175][ T5844] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5845] chdir("." [pid 5842] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5842] <... openat resumed>) = 4 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc417d990, parent_tid=0x7f2bc417d990, exit_signal=0, stack=0x7f2bc415d000, stack_size=0x20300, tls=0x7f2bc417d6c0} [pid 5845] <... chdir resumed>) = 0 [pid 5842] chdir("." [pid 5845] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... chdir resumed>) = 0 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] <... futex resumed>) = 1 [pid 5840] <... futex resumed>) = 0 [pid 5845] futex(0x7f2bc42796a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5840] <... futex resumed>) = 0 [pid 5845] chdir("./file0" [pid 5840] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] futex(0x7f2bc42796ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5834] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848 [ 90.366659][ T5843] Buffer I/O error on dev loop0, logical block 8073606, async page read ./strace-static-x86_64: Process 5848 attached [pid 5847] fchmodat(AT_FDCWD, ".", 0177431 [pid 5842] <... futex resumed>) = 1 [pid 5838] futex(0x7f2bc42796bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 0 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] chdir("./file0" [pid 5838] <... futex resumed>) = 0 [pid 5836] futex(0x7f2bc42796a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] rseq(0x7f2bc417dfe0, 0x20, 0, 0x53053053 [pid 5838] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5836] <... futex resumed>) = 0 [pid 5848] <... rseq resumed>) = 0 [pid 5838] <... mmap resumed>) = 0x7f2bc415d000 [pid 5836] futex(0x7f2bc42796ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5834] futex(0x7f2bc42796b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] set_robust_list(0x7f2bc417d9a0, 24 [pid 5838] mprotect(0x7f2bc415e000, 131072, PROT_READ|PROT_WRITE [pid 5834] <... futex resumed>) = 0 [pid 5834] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5848] <... set_robust_list resumed>) = 0 [pid 5838] <... mprotect resumed>) = 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5838] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5848] fchmodat(AT_FDCWD, ".", 0177431 [pid 5838] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc417d990, parent_tid=0x7f2bc417d990, exit_signal=0, stack=0x7f2bc415d000, stack_size=0x20300, tls=0x7f2bc417d6c0}./strace-static-x86_64: Process 5849 attached => {parent_tid=[5849]}, 88) = 5849 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] rseq(0x7f2bc417dfe0, 0x20, 0, 0x53053053 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] <... rseq resumed>) = 0 [pid 5838] futex(0x7f2bc42796b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5849] set_robust_list(0x7f2bc417d9a0, 24 [pid 5838] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5849] <... set_robust_list resumed>) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5849] fchmodat(AT_FDCWD, ".", 0177431 [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5840] futex(0x7f2bc42796bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f2bc415d000 [pid 5840] mprotect(0x7f2bc415e000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc417d990, parent_tid=0x7f2bc417d990, exit_signal=0, stack=0x7f2bc415d000, stack_size=0x20300, tls=0x7f2bc417d6c0}./strace-static-x86_64: Process 5850 attached [pid 5850] rseq(0x7f2bc417dfe0, 0x20, 0, 0x53053053 [pid 5840] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850 [pid 5850] <... rseq resumed>) = 0 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5850] set_robust_list(0x7f2bc417d9a0, 24 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5840] futex(0x7f2bc42796b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... futex resumed>) = 0 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5850] fchmodat(AT_FDCWD, ".", 0177431 [pid 5836] futex(0x7f2bc42796bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5834] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f2bc415d000 [pid 5836] mprotect(0x7f2bc415e000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f2bc417d990, parent_tid=0x7f2bc417d990, exit_signal=0, stack=0x7f2bc415d000, stack_size=0x20300, tls=0x7f2bc417d6c0}./strace-static-x86_64: Process 5851 attached [pid 5851] rseq(0x7f2bc417dfe0, 0x20, 0, 0x53053053 [pid 5836] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5836] futex(0x7f2bc42796b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5836] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... rseq resumed>) = 0 [pid 5851] set_robust_list(0x7f2bc417d9a0, 24) = 0 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5851] fchmodat(AT_FDCWD, ".", 0177431 [pid 5838] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] futex(0x7f2bc42796bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5840] exit_group(0 [pid 5835] exit_group(0 [pid 5840] <... exit_group resumed>) = ? [pid 5835] <... exit_group resumed>) = ? [pid 5834] exit_group(0) = ? [pid 5836] exit_group(0) = ? [pid 5838] exit_group(0) = ? [pid 5831] kill(-5834, SIGKILL) = 0 [pid 5831] kill(5834, SIGKILL) = 0 [pid 5829] kill(-5835, SIGKILL) = 0 [pid 5829] kill(5835, SIGKILL) = 0 [pid 5830] kill(-5836, SIGKILL) = 0 [pid 5830] kill(5836, SIGKILL) = 0 [pid 5832] kill(-5838, SIGKILL) = 0 [pid 5832] kill(5838, SIGKILL) = 0 [pid 5833] kill(-5840, SIGKILL) = 0 [pid 5833] kill(5840, SIGKILL) = 0 [pid 5831] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5831] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5831] getdents64(3, 0x55555f7ff730 /* 2 entries */, 32768) = 48 [pid 5831] getdents64(3, 0x55555f7ff730 /* 0 entries */, 32768) = 0 [pid 5831] close(3) = 0 [pid 5833] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5833] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5833] getdents64(3, 0x55555f7ff730 /* 2 entries */, 32768) = 48 [pid 5833] getdents64(3, 0x55555f7ff730 /* 0 entries */, 32768) = 0 [pid 5833] close(3) = 0 [pid 5830] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5830] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5832] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5830] getdents64(3, [pid 5832] <... openat resumed>) = 3 [pid 5830] <... getdents64 resumed>0x55555f7ff730 /* 2 entries */, 32768) = 48 [pid 5832] newfstatat(3, "", [pid 5830] getdents64(3, [pid 5832] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5830] <... getdents64 resumed>0x55555f7ff730 /* 0 entries */, 32768) = 0 [pid 5832] getdents64(3, [pid 5830] close(3 [pid 5832] <... getdents64 resumed>0x55555f7ff730 /* 2 entries */, 32768) = 48 [pid 5830] <... close resumed>) = 0 [pid 5832] getdents64(3, 0x55555f7ff730 /* 0 entries */, 32768) = 0 [pid 5832] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5829] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5829] getdents64(3, 0x55555f7ff730 /* 2 entries */, 32768) = 48 [pid 5829] getdents64(3, 0x55555f7ff730 /* 0 entries */, 32768) = 0 [pid 5829] close(3) = 0 [ 103.593669][ T46] cfg80211: failed to load regulatory.db [ 253.342130][ T30] INFO: task syz-executor276:5848 blocked for more than 143 seconds. [ 253.350416][ T30] Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 253.411968][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 253.420689][ T30] task:syz-executor276 state:D stack:28848 pid:5848 tgid:5834 ppid:5831 flags:0x00004006 [ 253.491932][ T30] Call Trace: [ 253.495278][ T30] [ 253.498230][ T30] __schedule+0x17fb/0x4be0 [ 253.531935][ T30] ? __pfx___schedule+0x10/0x10 [ 253.536847][ T30] ? __pfx_lock_release+0x10/0x10 [ 253.571913][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 253.577956][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 253.621912][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 253.627097][ T30] ? schedule+0x90/0x320 [ 253.631361][ T30] schedule+0x14b/0x320 [ 253.671921][ T30] schedule_preempt_disabled+0x13/0x30 [ 253.677454][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 253.711910][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 253.717881][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 253.751992][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 253.757073][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 253.781939][ T30] ? __pfx_lock_release+0x10/0x10 [ 253.787021][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 253.811998][ T30] down_write+0x1d7/0x220 [ 253.816383][ T30] ? __pfx_down_write+0x10/0x10 [ 253.841930][ T30] chmod_common+0x1bb/0x4c0 [ 253.846503][ T30] ? __pfx_chmod_common+0x10/0x10 [ 253.851553][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 253.891910][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 253.897169][ T30] ? kmem_cache_free+0x195/0x410 [ 253.912241][ T30] ? user_path_at+0x44/0x60 [ 253.916798][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 253.921851][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 253.947979][ T30] ? do_syscall_64+0x100/0x230 [ 253.981967][ T30] do_syscall_64+0xf3/0x230 [ 253.986524][ T30] ? clear_bhb_loop+0x35/0x90 [ 253.991222][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.041979][ T30] RIP: 0033:0x7f2bc41e7ec9 [ 254.046466][ T30] RSP: 002b:00007f2bc417d218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 254.081994][ T30] RAX: ffffffffffffffda RBX: 00007f2bc42796b8 RCX: 00007f2bc41e7ec9 [ 254.090018][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 254.121978][ T30] RBP: 00007f2bc42796b0 R08: 00007fffc99d52c7 R09: 0000000000000000 [ 254.130004][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796bc [ 254.201906][ T30] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 254.209952][ T30] [ 254.241971][ T30] INFO: task syz-executor276:5847 blocked for more than 144 seconds. [ 254.250080][ T30] Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 254.311911][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 254.320635][ T30] task:syz-executor276 state:D stack:28216 pid:5847 tgid:5835 ppid:5829 flags:0x00004006 [ 254.382320][ T30] Call Trace: [ 254.385660][ T30] [ 254.388607][ T30] __schedule+0x17fb/0x4be0 [ 254.431934][ T30] ? __pfx___schedule+0x10/0x10 [ 254.436858][ T30] ? __pfx_lock_release+0x10/0x10 [ 254.461914][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 254.467961][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 254.492338][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 254.497522][ T30] ? schedule+0x90/0x320 [ 254.501784][ T30] schedule+0x14b/0x320 [ 254.531927][ T30] schedule_preempt_disabled+0x13/0x30 [ 254.537444][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 254.571925][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 254.577889][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 254.611930][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 254.617024][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 254.642325][ T30] ? __pfx_lock_release+0x10/0x10 [ 254.647418][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 254.671922][ T30] down_write+0x1d7/0x220 [ 254.676327][ T30] ? __pfx_down_write+0x10/0x10 [ 254.681206][ T30] chmod_common+0x1bb/0x4c0 [ 254.721968][ T30] ? __pfx_chmod_common+0x10/0x10 [ 254.727074][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 254.761921][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 254.767196][ T30] ? kmem_cache_free+0x195/0x410 [ 254.801911][ T30] ? user_path_at+0x44/0x60 [ 254.806483][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 254.811535][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 254.851912][ T30] ? do_syscall_64+0x100/0x230 [ 254.856757][ T30] do_syscall_64+0xf3/0x230 [ 254.861284][ T30] ? clear_bhb_loop+0x35/0x90 [ 254.891958][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.897908][ T30] RIP: 0033:0x7f2bc41e7ec9 [ 254.921912][ T30] RSP: 002b:00007f2bc417d218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 254.930383][ T30] RAX: ffffffffffffffda RBX: 00007f2bc42796b8 RCX: 00007f2bc41e7ec9 [ 254.992024][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 255.000062][ T30] RBP: 00007f2bc42796b0 R08: 00007fffc99d52c7 R09: 0000000000000000 [ 255.042337][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796bc [ 255.050370][ T30] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 255.101931][ T30] [ 255.105110][ T30] INFO: task syz-executor276:5851 blocked for more than 145 seconds. [ 255.131955][ T30] Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 255.139636][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 255.181964][ T30] task:syz-executor276 state:D stack:28848 pid:5851 tgid:5836 ppid:5830 flags:0x00004006 [ 255.221950][ T30] Call Trace: [ 255.225285][ T30] [ 255.228236][ T30] __schedule+0x17fb/0x4be0 [ 255.272157][ T30] ? __pfx___schedule+0x10/0x10 [ 255.277078][ T30] ? __pfx_lock_release+0x10/0x10 [ 255.301918][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 255.307957][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 255.340384][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 255.348206][ T30] ? schedule+0x90/0x320 [ 255.371919][ T30] schedule+0x14b/0x320 [ 255.376131][ T30] schedule_preempt_disabled+0x13/0x30 [ 255.381607][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 255.411924][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 255.417888][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 255.451918][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 255.457011][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 255.481926][ T30] ? __pfx_lock_release+0x10/0x10 [ 255.487019][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 255.521970][ T30] down_write+0x1d7/0x220 [ 255.526359][ T30] ? __pfx_down_write+0x10/0x10 [ 255.531243][ T30] chmod_common+0x1bb/0x4c0 [ 255.561992][ T30] ? __pfx_chmod_common+0x10/0x10 [ 255.567086][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 255.601959][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 255.607234][ T30] ? kmem_cache_free+0x195/0x410 [ 255.641971][ T30] ? user_path_at+0x44/0x60 [ 255.646560][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 255.651613][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 255.691916][ T30] ? do_syscall_64+0x100/0x230 [ 255.696758][ T30] do_syscall_64+0xf3/0x230 [ 255.701296][ T30] ? clear_bhb_loop+0x35/0x90 [ 255.731914][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.737868][ T30] RIP: 0033:0x7f2bc41e7ec9 [ 255.771934][ T30] RSP: 002b:00007f2bc417d218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 255.780412][ T30] RAX: ffffffffffffffda RBX: 00007f2bc42796b8 RCX: 00007f2bc41e7ec9 [ 255.832358][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 255.840397][ T30] RBP: 00007f2bc42796b0 R08: 00007fffc99d52c7 R09: 0000000000000000 [ 255.871911][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796bc [ 255.879934][ T30] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 255.951962][ T30] [ 255.955121][ T30] INFO: task syz-executor276:5849 blocked for more than 145 seconds. [ 255.991952][ T30] Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 255.999628][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 256.041925][ T30] task:syz-executor276 state:D stack:28848 pid:5849 tgid:5838 ppid:5832 flags:0x00004006 [ 256.081916][ T30] Call Trace: [ 256.085254][ T30] [ 256.088201][ T30] __schedule+0x17fb/0x4be0 [ 256.131931][ T30] ? __pfx___schedule+0x10/0x10 [ 256.136850][ T30] ? __pfx_lock_release+0x10/0x10 [ 256.171914][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 256.177959][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 256.201909][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 256.207077][ T30] ? schedule+0x90/0x320 [ 256.211344][ T30] schedule+0x14b/0x320 [ 256.242111][ T30] schedule_preempt_disabled+0x13/0x30 [ 256.247638][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 256.281931][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 256.287897][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 256.321912][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 256.326996][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 256.361919][ T30] ? __pfx_lock_release+0x10/0x10 [ 256.367011][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 256.401922][ T30] down_write+0x1d7/0x220 [ 256.406309][ T30] ? __pfx_down_write+0x10/0x10 [ 256.411187][ T30] chmod_common+0x1bb/0x4c0 [ 256.441923][ T30] ? __pfx_chmod_common+0x10/0x10 [ 256.447011][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 256.474165][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 256.479437][ T30] ? kmem_cache_free+0x195/0x410 [ 256.511919][ T30] ? user_path_at+0x44/0x60 [ 256.516489][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 256.521542][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 256.551934][ T30] ? do_syscall_64+0x100/0x230 [ 256.556761][ T30] do_syscall_64+0xf3/0x230 [ 256.561286][ T30] ? clear_bhb_loop+0x35/0x90 [ 256.591916][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.597866][ T30] RIP: 0033:0x7f2bc41e7ec9 [ 256.632339][ T30] RSP: 002b:00007f2bc417d218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 256.640813][ T30] RAX: ffffffffffffffda RBX: 00007f2bc42796b8 RCX: 00007f2bc41e7ec9 [ 256.701913][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 256.709949][ T30] RBP: 00007f2bc42796b0 R08: 00007fffc99d52c7 R09: 0000000000000000 [ 256.771910][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796bc [ 256.779949][ T30] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 256.821923][ T30] [ 256.832192][ T30] INFO: task syz-executor276:5850 blocked for more than 146 seconds. [ 256.861984][ T30] Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 256.869664][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 256.911938][ T30] task:syz-executor276 state:D stack:28848 pid:5850 tgid:5840 ppid:5833 flags:0x00004006 [ 256.951909][ T30] Call Trace: [ 256.955240][ T30] [ 256.958187][ T30] __schedule+0x17fb/0x4be0 [ 256.991942][ T30] ? __pfx___schedule+0x10/0x10 [ 256.996856][ T30] ? __pfx_lock_release+0x10/0x10 [ 257.021964][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 257.027998][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 257.051907][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 257.057068][ T30] ? schedule+0x90/0x320 [ 257.061594][ T30] schedule+0x14b/0x320 [ 257.102030][ T30] schedule_preempt_disabled+0x13/0x30 [ 257.107545][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 257.151915][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 257.157886][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 257.191913][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 257.196991][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 257.222157][ T30] ? __pfx_lock_release+0x10/0x10 [ 257.227245][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 257.271929][ T30] down_write+0x1d7/0x220 [ 257.276310][ T30] ? __pfx_down_write+0x10/0x10 [ 257.281190][ T30] chmod_common+0x1bb/0x4c0 [ 257.311919][ T30] ? __pfx_chmod_common+0x10/0x10 [ 257.317007][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 257.351907][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 257.357169][ T30] ? kmem_cache_free+0x195/0x410 [ 257.381955][ T30] ? user_path_at+0x44/0x60 [ 257.386518][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 257.391568][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 257.431917][ T30] ? do_syscall_64+0x100/0x230 [ 257.436761][ T30] do_syscall_64+0xf3/0x230 [ 257.441309][ T30] ? clear_bhb_loop+0x35/0x90 [ 257.481937][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.487904][ T30] RIP: 0033:0x7f2bc41e7ec9 [ 257.522120][ T30] RSP: 002b:00007f2bc417d218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 257.530599][ T30] RAX: ffffffffffffffda RBX: 00007f2bc42796b8 RCX: 00007f2bc41e7ec9 [ 257.581913][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 257.589970][ T30] RBP: 00007f2bc42796b0 R08: 00007fffc99d52c7 R09: 0000000000000000 [ 257.632334][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796bc [ 257.640378][ T30] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 257.681929][ T30] [ 257.692920][ T30] [ 257.692920][ T30] Showing all locks held in the system: [ 257.700673][ T30] 1 lock held by khungtaskd/30: [ 257.742400][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 257.791916][ T30] 1 lock held by kswapd0/89: [ 257.796587][ T30] 2 locks held by getty/5581: [ 257.801276][ T30] #0: ffff8880353120a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 257.841955][ T30] #1: ffffc9000330b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 257.881962][ T30] 1 lock held by syz-executor276/5841: [ 257.887464][ T30] 2 locks held by syz-executor276/5848: [ 257.921967][ T30] #0: ffff8880790ca420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 257.931296][ T30] #1: ffff888078bc8180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 258.001912][ T30] 2 locks held by syz-executor276/5843: [ 258.007508][ T30] 2 locks held by syz-executor276/5847: [ 258.051942][ T30] #0: ffff88807ca24420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 258.061279][ T30] #1: ffff888078bc86c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 258.111923][ T30] 1 lock held by syz-executor276/5842: [ 258.117445][ T30] 2 locks held by syz-executor276/5851: [ 258.162018][ T30] #0: ffff8880119c6420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 258.171354][ T30] #1: ffff888073094c00 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 258.221968][ T30] 1 lock held by syz-executor276/5844: [ 258.227485][ T30] 2 locks held by syz-executor276/5849: [ 258.251960][ T30] #0: ffff888072f66420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 258.261290][ T30] #1: ffff8880730946c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 258.321942][ T30] 2 locks held by syz-executor276/5845: [ 258.327541][ T30] 2 locks held by syz-executor276/5850: [ 258.371919][ T30] #0: ffff888072ffc420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 258.381246][ T30] #1: ffff888073094180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 258.431961][ T30] 2 locks held by dhcpcd/5874: [ 258.436780][ T30] #0: ffff888078aeb808 (&sb->s_type->i_mutex_key#9){+.+.}-{4:4}, at: sock_close+0x90/0x240 [ 258.471983][ T30] #1: ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x381/0x830 [ 258.522366][ T30] [ 258.524741][ T30] ============================================= [ 258.524741][ T30] [ 258.581974][ T30] NMI backtrace for cpu 1 [ 258.586360][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 258.596890][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 258.606975][ T30] Call Trace: [ 258.610264][ T30] [ 258.613210][ T30] dump_stack_lvl+0x241/0x360 [ 258.617917][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 258.623140][ T30] ? __pfx__printk+0x10/0x10 [ 258.627758][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 258.632717][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 258.638199][ T30] ? _printk+0xd5/0x120 [ 258.642384][ T30] ? __pfx__printk+0x10/0x10 [ 258.646994][ T30] ? __wake_up_klogd+0xcc/0x110 [ 258.651872][ T30] ? __pfx__printk+0x10/0x10 [ 258.656490][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 258.661530][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 258.667533][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 258.673544][ T30] watchdog+0xff6/0x1040 [ 258.677812][ T30] ? watchdog+0x1ea/0x1040 [ 258.682250][ T30] ? __pfx_watchdog+0x10/0x10 [ 258.686942][ T30] kthread+0x2f0/0x390 [ 258.691024][ T30] ? __pfx_watchdog+0x10/0x10 [ 258.695720][ T30] ? __pfx_kthread+0x10/0x10 [ 258.700328][ T30] ret_from_fork+0x4b/0x80 [ 258.704758][ T30] ? __pfx_kthread+0x10/0x10 [ 258.709364][ T30] ret_from_fork_asm+0x1a/0x30 [ 258.714164][ T30] [ 258.717492][ T30] Sending NMI from CPU 1 to CPUs 0: [ 258.722932][ C0] NMI backtrace for cpu 0 [ 258.722945][ C0] CPU: 0 UID: 0 PID: 5844 Comm: syz-executor276 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 258.722963][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 258.722972][ C0] RIP: 0010:stack_trace_consume_entry+0xd/0x280 [ 258.722996][ C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 41 54 <53> 48 83 ec 18 48 89 fb 48 ba 00 00 00 00 00 fc ff df 4c 8d 4f 10 [ 258.723008][ C0] RSP: 0018:ffffc9000408eb10 EFLAGS: 00000286 [ 258.723023][ C0] RAX: ffffffff82272e6a RBX: ffffc9000408eb40 RCX: ffffffff91774000 [ 258.723042][ C0] RDX: ffffffff91923001 RSI: ffffffff82272e6a RDI: ffffc9000408ec20 [ 258.723056][ C0] RBP: ffffc9000408ebd0 R08: ffffc9000408f590 R09: 0000000000000000 [ 258.723067][ C0] R10: ffffc9000408eb90 R11: ffffffff818b3980 R12: ffff888032b8bc00 [ 258.723079][ C0] R13: ffffffff818b3980 R14: ffffc9000408ec20 R15: 0000000000000000 [ 258.723090][ C0] FS: 00007f2bc419e6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 258.723104][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 258.723115][ C0] CR2: 00007fc356926b90 CR3: 000000007d3ae000 CR4: 00000000003526f0 [ 258.723129][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 258.723138][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 258.723148][ C0] Call Trace: [ 258.723154][ C0] [ 258.723160][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 258.723177][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 258.723195][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 258.723211][ C0] ? nmi_handle+0x2a/0x5a0 [ 258.723238][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 258.723257][ C0] ? nmi_handle+0x14f/0x5a0 [ 258.723272][ C0] ? nmi_handle+0x2a/0x5a0 [ 258.723288][ C0] ? stack_trace_consume_entry+0xd/0x280 [ 258.723307][ C0] ? default_do_nmi+0x63/0x160 [ 258.723323][ C0] ? exc_nmi+0x123/0x1f0 [ 258.723338][ C0] ? end_repeat_nmi+0xf/0x53 [ 258.723352][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 258.723372][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 258.723391][ C0] ? create_empty_buffers+0x3a/0x530 [ 258.723410][ C0] ? __init_begin+0x41000/0x41000 [ 258.723426][ C0] ? no_hash_pointers_enable+0x91/0xe0 [ 258.723441][ C0] ? create_empty_buffers+0x3a/0x530 [ 258.723464][ C0] ? stack_trace_consume_entry+0xd/0x280 [ 258.723484][ C0] ? stack_trace_consume_entry+0xd/0x280 [ 258.723504][ C0] ? no_hash_pointers_enable+0x91/0xe0 [ 258.723518][ C0] ? stack_trace_consume_entry+0xd/0x280 [ 258.723537][ C0] [ 258.723542][ C0] [ 258.723548][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 258.723568][ C0] arch_stack_walk+0x10e/0x150 [ 258.723586][ C0] ? create_empty_buffers+0x3a/0x530 [ 258.723607][ C0] stack_trace_save+0x118/0x1d0 [ 258.723627][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 258.723656][ C0] save_stack+0xfb/0x1f0 [ 258.723673][ C0] ? mark_lock+0x9a/0x360 [ 258.723689][ C0] ? __pfx_save_stack+0x10/0x10 [ 258.723705][ C0] ? post_alloc_hook+0x1f3/0x230 [ 258.723721][ C0] ? get_page_from_freelist+0x3651/0x37a0 [ 258.723738][ C0] ? __alloc_pages_noprof+0x292/0x710 [ 258.723754][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 258.723773][ C0] ? alloc_slab_page+0x6a/0x110 [ 258.723789][ C0] ? allocate_slab+0x5a/0x2b0 [ 258.723805][ C0] ? ___slab_alloc+0xc27/0x14a0 [ 258.723819][ C0] ? __slab_alloc+0x58/0xa0 [ 258.723833][ C0] ? kmem_cache_alloc_noprof+0x268/0x380 [ 258.723852][ C0] ? alloc_buffer_head+0x2a/0x290 [ 258.723869][ C0] ? folio_alloc_buffers+0x31f/0x640 [ 258.723894][ C0] __set_page_owner+0x92/0x800 [ 258.723911][ C0] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 258.723932][ C0] ? get_page_from_freelist+0x895/0x37a0 [ 258.723949][ C0] ? __pfx_lock_release+0x10/0x10 [ 258.723965][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 258.723986][ C0] post_alloc_hook+0x1f3/0x230 [ 258.724003][ C0] get_page_from_freelist+0x3651/0x37a0 [ 258.724029][ C0] ? __pfx___might_resched+0x10/0x10 [ 258.724051][ C0] ? kernel_text_address+0xa7/0xe0 [ 258.724071][ C0] ? should_fail_alloc_page+0x75/0x110 [ 258.724096][ C0] __alloc_pages_noprof+0x292/0x710 [ 258.724119][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 258.724145][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 258.724167][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 258.724187][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 258.724203][ C0] ? alloc_pages_noprof+0xef/0x170 [ 258.724224][ C0] alloc_slab_page+0x6a/0x110 [ 258.724241][ C0] allocate_slab+0x5a/0x2b0 [ 258.724259][ C0] ___slab_alloc+0xc27/0x14a0 [ 258.724277][ C0] ? alloc_buffer_head+0x2a/0x290 [ 258.724297][ C0] ? alloc_buffer_head+0x2a/0x290 [ 258.724314][ C0] __slab_alloc+0x58/0xa0 [ 258.724330][ C0] ? alloc_buffer_head+0x2a/0x290 [ 258.724347][ C0] kmem_cache_alloc_noprof+0x268/0x380 [ 258.724370][ C0] alloc_buffer_head+0x2a/0x290 [ 258.724388][ C0] ? folio_alloc_buffers+0x39f/0x640 [ 258.724407][ C0] folio_alloc_buffers+0x31f/0x640 [ 258.724429][ C0] create_empty_buffers+0x3a/0x530 [ 258.724450][ C0] block_read_full_folio+0x244/0xae0 [ 258.724467][ C0] ? __folio_batch_add_and_move+0x83c/0xd70 [ 258.724487][ C0] ? __pfx_get_block+0x10/0x10 [ 258.724504][ C0] ? __pfx_block_read_full_folio+0x10/0x10 [ 258.724523][ C0] ? folio_add_lru+0x187/0x230 [ 258.724543][ C0] filemap_read_folio+0x148/0x3b0 [ 258.724558][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 258.724576][ C0] ? __pfx_filemap_read_folio+0x10/0x10 [ 258.724590][ C0] ? __filemap_get_folio+0x848/0x940 [ 258.724612][ C0] do_read_cache_folio+0x373/0x5b0 [ 258.724627][ C0] ? __pfx_sysv_read_folio+0x10/0x10 [ 258.724644][ C0] ? read_cache_folio+0x43/0x70 [ 258.724669][ C0] sysv_find_entry+0x16c/0x590 [ 258.724691][ C0] sysv_inode_by_name+0x98/0x2a0 [ 258.724709][ C0] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 258.724731][ C0] sysv_lookup+0x6b/0xe0 [ 258.724748][ C0] __lookup_slow+0x28c/0x3f0 [ 258.724765][ C0] ? __pfx___lookup_slow+0x10/0x10 [ 258.724780][ C0] ? __d_lookup+0x64/0x7b0 [ 258.724799][ C0] ? make_vfsuid+0x52/0xa0 [ 258.724814][ C0] ? link_path_walk+0xc60/0xea0 [ 258.724836][ C0] lookup_slow+0x53/0x70 [ 258.724852][ C0] walk_component+0x2e1/0x410 [ 258.724868][ C0] path_lookupat+0x16f/0x450 [ 258.724886][ C0] filename_lookup+0x2a3/0x670 [ 258.724900][ C0] ? __virt_addr_valid+0x183/0x530 [ 258.724920][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 258.724945][ C0] ? strncpy_from_user+0x152/0x270 [ 258.724967][ C0] ? getname_flags+0x1e3/0x540 [ 258.724980][ C0] ? ptrace_notify+0x279/0x380 [ 258.724999][ C0] user_path_at+0x3a/0x60 [ 258.725015][ C0] __se_sys_chdir+0xbc/0x220 [ 258.725033][ C0] ? __pfx___se_sys_chdir+0x10/0x10 [ 258.725051][ C0] ? do_syscall_64+0x100/0x230 [ 258.725073][ C0] do_syscall_64+0xf3/0x230 [ 258.725091][ C0] ? clear_bhb_loop+0x35/0x90 [ 258.725105][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.725124][ C0] RIP: 0033:0x7f2bc41e7ec9 [ 258.725143][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 258.725154][ C0] RSP: 002b:00007f2bc419e218 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 258.725170][ C0] RAX: ffffffffffffffda RBX: 00007f2bc42796a8 RCX: 00007f2bc41e7ec9 [ 258.725181][ C0] RDX: 00007f2bc41e7ec9 RSI: 0000000000000000 RDI: 0000000020000140 [ 258.725191][ C0] RBP: 00007f2bc42796a0 R08: 0000000000000000 R09: 0000000000000000 [ 258.725201][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bc42796ac [ 258.725211][ C0] R13: 0030656c69662f2e R14: 00007f2bc423c160 R15: 00000000ffffff19 [ 258.725229][ C0] [ 260.071925][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 260.078836][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 [ 260.089349][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 260.099413][ T30] Call Trace: [ 260.102702][ T30] [ 260.105643][ T30] dump_stack_lvl+0x241/0x360 [ 260.110339][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 260.115555][ T30] ? __pfx__printk+0x10/0x10 [ 260.120158][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 260.126154][ T30] ? vscnprintf+0x5d/0x90 [ 260.130495][ T30] panic+0x349/0x880 [ 260.134419][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 260.140590][ T30] ? __pfx_panic+0x10/0x10 [ 260.145014][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 260.150399][ T30] ? __irq_work_queue_local+0x137/0x410 [ 260.155955][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 260.161336][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 260.167505][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 260.173672][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 260.179840][ T30] watchdog+0x1035/0x1040 [ 260.184184][ T30] ? watchdog+0x1ea/0x1040 [ 260.188625][ T30] ? __pfx_watchdog+0x10/0x10 [ 260.193309][ T30] kthread+0x2f0/0x390 [ 260.197388][ T30] ? __pfx_watchdog+0x10/0x10 [ 260.202076][ T30] ? __pfx_kthread+0x10/0x10 [ 260.206682][ T30] ret_from_fork+0x4b/0x80 [ 260.211104][ T30] ? __pfx_kthread+0x10/0x10 [ 260.215706][ T30] ret_from_fork_asm+0x1a/0x30 [ 260.220499][ T30] [ 260.223785][ T30] Kernel Offset: disabled [ 260.228112][ T30] Rebooting in 86400 seconds..