./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3908849383
<...>
Warning: Permanently added '10.128.0.242' (ED25519) to the list of known hosts.
execve("./syz-executor3908849383", ["./syz-executor3908849383"], 0x7fff763f2190 /* 10 vars */) = 0
brk(NULL) = 0x55555a46c000
brk(0x55555a46cd40) = 0x55555a46cd40
arch_prctl(ARCH_SET_FS, 0x55555a46c3c0) = 0
set_tid_address(0x55555a46c690) = 5830
set_robust_list(0x55555a46c6a0, 24) = 0
rseq(0x55555a46cce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3908849383", 4096) = 28
getrandom("\x13\xbb\x68\xa9\x3c\x75\x6e\xc5", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55555a46cd40
brk(0x55555a48dd40) = 0x55555a48dd40
brk(0x55555a48e000) = 0x55555a48e000
mprotect(0x7fc3c8f3a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached
<unfinished ...>
[pid 5831] set_robust_list(0x55555a46c6a0, 24 <unfinished ...>
[pid 5830] <... clone resumed>, child_tidptr=0x55555a46c690) = 5831
[pid 5831] <... set_robust_list resumed>) = 0
[pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5831] getppid() = 0
[pid 5831] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid 5831] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid 5831] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid 5831] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid 5831] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid 5831] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid 5831] unshare(CLONE_NEWNS) = 0
[pid 5831] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid 5831] unshare(CLONE_NEWIPC) = 0
[pid 5831] unshare(CLONE_NEWCGROUP) = 0
[pid 5831] unshare(CLONE_NEWUTS) = 0
[pid 5831] unshare(CLONE_SYSVSEM) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "16777216", 8) = 8
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "536870912", 9) = 9
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "1024", 4) = 4
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "8192", 4) = 4
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "1024", 4) = 4
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "1024", 4) = 4
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "1024 1048576 500 1024", 21) = 21
[pid 5831] close(3) = 0
[pid 5831] getpid() = 1
[pid 5831] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5831] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5831] unshare(CLONE_NEWNET) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "0 65535", 7) = 7
[pid 5831] close(3) = 0
[pid 5831] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid 5831] write(3, "100000", 6) = 6
[pid 5831] close(3) = 0
[pid 5831] mkdir("./syz-tmp", 0777) = 0
[pid 5831] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid 5831] mkdir("./syz-tmp/newroot", 0777) = 0
[pid 5831] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid 5831] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid 5831] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid 5831] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid 5831] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid 5831] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid 5831] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid 5831] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid 5831] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid 5831] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid 5831] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid 5831] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid 5831] mkdir("./syz-tmp/pivot", 0777) = 0
[pid 5831] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid 5831] chdir("/") = 0
[pid 5831] umount2("./pivot", MNT_DETACH) = 0
[pid 5831] chroot("./newroot") = 0
[pid 5831] chdir("/") = 0
[pid 5831] mkdir("/dev/binderfs", 0777) = 0
[pid 5831] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid 5831] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5831] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
executing program
[pid 5831] write(1, "executing program\n", 18) = 18
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5831] rt_sigaction(SIGRT_1, {sa_handler=0x7fc3c8ede490, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc3c8ecfb40}, NULL, 8) = 0
[pid 5831] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc3c8e4f000
[pid 5831] mprotect(0x7fc3c8e50000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc3c8e6f990, parent_tid=0x7fc3c8e6f990, exit_signal=0, stack=0x7fc3c8e4f000, stack_size=0x20300, tls=0x7fc3c8e6f6c0}./strace-static-x86_64: Process 5834 attached
=> {parent_tid=[2]}, 88) = 2
[pid 5834] rseq(0x7fc3c8e6ffe0, 0x20, 0, 0x53053053) = 0
[pid 5834] set_robust_list(0x7fc3c8e6f9a0, 24 <unfinished ...>
[pid 5831] rt_sigprocmask(SIG_SETMASK, [], <unfinished ...>
[pid 5834] <... set_robust_list resumed>) = 0
[pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 5834] rt_sigprocmask(SIG_SETMASK, [], <unfinished ...>
[pid 5831] futex(0x7fc3c8f40608, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 5831] <... futex resumed>) = 0
[pid 5834] memfd_create("syzkaller", 0 <unfinished ...>
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5834] <... memfd_create resumed>) = 3
[pid 5834] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc3c0a00000
[pid 5834] write(3, "\xeb\x76\x90\x45\x58\x46\x41\x54\x20\x20\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x08\x00\x00\x00\x88\x00\x00\x00\x0f\x00\x00\x00\x05\x00\x00\x00"..., 131072) = 131072
[pid 5834] munmap(0x7fc3c0a00000, 138412032) = 0
[pid 5834] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5834] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5834] close(3) = 0
[pid 5834] close(4) = 0
[pid 5834] mkdir("\xe9\x1f\x71\x89\x59\x1e\x92\x33\x61\x4b", 0777) = 0
[pid 5834] mount("/dev/loop0", "\xe9\x1f\x71\x89\x59\x1e\x92\x33\x61\x4b", "exfat", MS_NOSUID|MS_NOEXEC|MS_POSIXACL|MS_RELATIME|MS_I_VERSION, "") = 0
[pid 5834] openat(AT_FDCWD, "\xe9\x1f\x71\x89\x59\x1e\x92\x33\x61\x4b", O_RDONLY|O_DIRECTORY) = 3
[pid 5834] chdir("\xe9\x1f\x71\x89\x59\x1e\x92\x33\x61\x4b") = 0
[pid 5834] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5834] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5831] <... futex resumed>) = 0
[pid 5834] futex(0x7fc3c8f40608, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5831] futex(0x7fc3c8f40608, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5831] <... futex resumed>) = 0
[pid 5834] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 004 <unfinished ...>
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5834] <... open resumed>) = 4
[pid 5834] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5831] <... futex resumed>) = 0
[pid 5834] <... futex resumed>) = 1
[pid 5831] futex(0x7fc3c8f40608, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5834] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid 5831] <... futex resumed>) = 0
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5834] <... mount resumed>) = 0
[pid 5834] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5831] <... futex resumed>) = 0
[pid 5834] futex(0x7fc3c8f40608, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5831] futex(0x7fc3c8f40608, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5834] <... futex resumed>) = 0
[pid 5834] open("./bus", O_RDONLY|O_LARGEFILE|O_NOFOLLOW|FASYNC <unfinished ...>
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5834] <... open resumed>) = 5
[pid 5834] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5831] <... futex resumed>) = 0
[pid 5834] futex(0x7fc3c8f40608, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5831] futex(0x7fc3c8f40608, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5831] <... futex resumed>) = 0
[pid 5834] ioctl(5, LOOP_SET_STATUS64, {lo_offset=0x2, lo_number=0, lo_flags=0, lo_file_name="\xef\x35\x9f\x41\x3b\xb9\x38\x52\xf7\xd6\xa4\xae\x6d\xdd\xfb\xd1\xce\x5d\x29\xc2\xee\x5e\x5c\x9d", ...} <unfinished ...>
[ 62.394535][ T5834] loop0: detected capacity change from 0 to 256
[pid 5831] futex(0x7fc3c8f4060c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out)
[pid 5831] futex(0x7fc3c8f4061c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc3c8e2e000
[pid 5834] <... ioctl resumed>) = 0
[pid 5831] mprotect(0x7fc3c8e2f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], <unfinished ...>
[pid 5834] futex(0x7fc3c8f4060c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5831] <... rt_sigprocmask resumed>[], 8) = 0
[pid 5834] <... futex resumed>) = 0
[pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc3c8e4e990, parent_tid=0x7fc3c8e4e990, exit_signal=0, stack=0x7fc3c8e2e000, stack_size=0x20300, tls=0x7fc3c8e4e6c0} <unfinished ...>
[pid 5834] futex(0x7fc3c8f40608, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5835 attached
<unfinished ...>
[pid 5831] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3
[pid 5835] rseq(0x7fc3c8e4efe0, 0x20, 0, 0x53053053) = 0
[pid 5831] rt_sigprocmask(SIG_SETMASK, [], <unfinished ...>
[pid 5835] set_robust_list(0x7fc3c8e4e9a0, 24 <unfinished ...>
[pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 5835] <... set_robust_list resumed>) = 0
[pid 5831] futex(0x7fc3c8f40618, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5835] rt_sigprocmask(SIG_SETMASK, [], <unfinished ...>
[pid 5831] <... futex resumed>) = 0
[pid 5835] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 5831] futex(0x7fc3c8f4061c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[ 62.515487][ T5834] loop0: detected capacity change from 256 to 255
[ 62.551542][ T5835] exFAT-fs (loop0): error, in sector 160, dentry 2 should be unused, but 0xff
[pid 5835] openat(AT_FDCWD, "memory.events.local", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = -1 EROFS (Read-only file system)
[pid 5835] futex(0x7fc3c8f4061c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5835] futex(0x7fc3c8f40618, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5831] <... futex resumed>) = 0
[pid 5831] exit_group(1 <unfinished ...>
[pid 5835] <... futex resumed>) = ?
[pid 5834] <... futex resumed>) = ?
[pid 5835] +++ exited with 1 +++
[pid 5831] <... exit_group resumed>) = ?
[ 62.560649][ T5835] exFAT-fs (loop0): Filesystem has been set read-only
[ 62.599587][ C1] ------------[ cut here ]------------
[ 62.605103][ C1] VFS: brelse: Trying to free free buffer
[ 62.610955][ C1] WARNING: CPU: 1 PID: 19 at fs/buffer.c:1229 invalidate_bh_lru+0x102/0x1b0
[ 62.619653][ C1] Modules linked in:
[ 62.623558][ C1] CPU: 1 UID: 0 PID: 19 Comm: rcu_exp_gp_kthr Not tainted 6.12.0-next-20241122-syzkaller #0
[ 62.633611][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 62.643666][ C1] RIP: 0010:invalidate_bh_lru+0x102/0x1b0
[ 62.649386][ C1] Code: 44 ee da ff f0 ff 0b eb 25 e8 ba fa 6f ff 41 80 3c 2e 00 75 2a eb 30 e8 ac fa 6f ff 90 48 c7 c7 20 e1 18 8c e8 2f 99 30 ff 90 <0f> 0b 90 90 48 bd 00 00 00 00 00 fc ff df 41 80 3c 2e 00 74 08 4c
[ 62.668990][ C1] RSP: 0018:ffffc90000a18f30 EFLAGS: 00010046
[ 62.675071][ C1] RAX: afdf066f14dbf600 RBX: ffff8880725144e8 RCX: ffff88801ced3c00
[ 62.683036][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 62.691006][ C1] RBP: 0000000000000000 R08: ffffffff81601b32 R09: 1ffff110170e519a
[ 62.698969][ C1] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff8880b8739838
[ 62.706942][ C1] R13: 0000000000000000 R14: 1ffff110170e7307 R15: ffff8880b8739838
[ 62.715000][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 62.724006][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 62.730579][ C1] CR2: 00007fc3c8e4ed58 CR3: 000000002fbf8000 CR4: 00000000003526f0
[ 62.738547][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 62.746509][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 62.754487][ C1] Call Trace:
[ 62.757770][ C1] <IRQ>
[ 62.760615][ C1] ? __warn+0x168/0x4e0
[ 62.764777][ C1] ? invalidate_bh_lru+0x102/0x1b0
[ 62.769893][ C1] ? report_bug+0x2b3/0x500
[ 62.774662][ C1] ? invalidate_bh_lru+0x102/0x1b0
[ 62.779777][ C1] ? handle_bug+0x60/0x90
[ 62.784097][ C1] ? exc_invalid_op+0x1a/0x50
[ 62.788765][ C1] ? asm_exc_invalid_op+0x1a/0x20
[ 62.793800][ C1] ? __warn_printk+0x292/0x360
[ 62.798562][ C1] ? invalidate_bh_lru+0x102/0x1b0
[ 62.803671][ C1] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 62.809125][ C1] __flush_smp_call_function_queue+0x3fc/0x1690
[ 62.815362][ C1] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 62.820850][ C1] __sysvec_call_function_single+0xb8/0x430
[ 62.826757][ C1] sysvec_call_function_single+0x9e/0xc0
[ 62.832410][ C1] </IRQ>
[ 62.835345][ C1] <TASK>
[ 62.838274][ C1] asm_sysvec_call_function_single+0x1a/0x20
[ 62.844299][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 62.850814][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ae 59 3f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 71 a2 f5 65 8b 05 a4 c4 38 74 85 c0 74 43 48 c7 04 24 0e 36
[ 62.870434][ C1] RSP: 0018:ffffc90000187ba0 EFLAGS: 00000206
[ 62.876506][ C1] RAX: afdf066f14dbf600 RBX: 1ffff92000030f78 RCX: ffffffff817b230a
[ 62.884476][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0a9640 RDI: 0000000000000001
[ 62.892452][ C1] RBP: ffffc90000187c30 R08: ffffffff9428a897 R09: 1ffffffff2851512
[ 62.900507][ C1] R10: dffffc0000000000 R11: fffffbfff2851513 R12: dffffc0000000000
[ 62.908560][ C1] R13: 1ffff92000030f74 R14: ffffc90000187bc0 R15: 0000000000000246
[ 62.916533][ C1] ? mark_lock+0x9a/0x360
[ 62.920868][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 62.927191][ C1] ? do_raw_spin_lock+0x14f/0x370
[ 62.932211][ C1] ? autoremove_wake_function+0x37/0x110
[ 62.937834][ C1] __wake_up_common_lock+0x18c/0x1e0
[ 62.943118][ C1] rcu_exp_sel_wait_wake+0x18bf/0x1dc0
[ 62.948585][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 62.954561][ C1] ? __pfx_rcu_exp_sel_wait_wake+0x10/0x10
[ 62.960354][ C1] ? _raw_spin_lock_irq+0xdf/0x120
[ 62.965467][ C1] kthread_worker_fn+0x500/0xb70
[ 62.970396][ C1] ? kthread_worker_fn+0xdc/0xb70
[ 62.975412][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 62.980690][ C1] ? __pfx_kthread_worker_fn+0x10/0x10
[ 62.986138][ C1] kthread+0x2f0/0x390
[ 62.990206][ C1] ? __pfx_kthread_worker_fn+0x10/0x10
[ 62.995654][ C1] ? __pfx_kthread+0x10/0x10
[ 63.000233][ C1] ret_from_fork+0x4b/0x80
[ 63.004643][ C1] ? __pfx_kthread+0x10/0x10
[ 63.009233][ C1] ret_from_fork_asm+0x1a/0x30
[ 63.014003][ C1] </TASK>
[ 63.017031][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 63.024302][ C1] CPU: 1 UID: 0 PID: 19 Comm: rcu_exp_gp_kthr Not tainted 6.12.0-next-20241122-syzkaller #0
[ 63.034352][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 63.044398][ C1] Call Trace:
[ 63.047672][ C1] <IRQ>
[ 63.050538][ C1] dump_stack_lvl+0x241/0x360
[ 63.055230][ C1] ? __pfx_dump_stack_lvl+0x10/0x10
[ 63.060435][ C1] ? __pfx__printk+0x10/0x10
[ 63.065036][ C1] ? _printk+0xd5/0x120
[ 63.069197][ C1] ? __init_begin+0x41000/0x41000
[ 63.074231][ C1] ? vscnprintf+0x5d/0x90
[ 63.078565][ C1] panic+0x349/0x880
[ 63.082481][ C1] ? __warn+0x177/0x4e0
[ 63.086645][ C1] ? __pfx_panic+0x10/0x10
[ 63.091165][ C1] ? show_trace_log_lvl+0x3b2/0x410
[ 63.096380][ C1] ? ret_from_fork_asm+0x1a/0x30
[ 63.101322][ C1] __warn+0x34b/0x4e0
[ 63.105299][ C1] ? invalidate_bh_lru+0x102/0x1b0
[ 63.110406][ C1] report_bug+0x2b3/0x500
[ 63.114754][ C1] ? invalidate_bh_lru+0x102/0x1b0
[ 63.119876][ C1] handle_bug+0x60/0x90
[ 63.124030][ C1] exc_invalid_op+0x1a/0x50
[ 63.128540][ C1] asm_exc_invalid_op+0x1a/0x20
[ 63.133391][ C1] RIP: 0010:invalidate_bh_lru+0x102/0x1b0
[ 63.139106][ C1] Code: 44 ee da ff f0 ff 0b eb 25 e8 ba fa 6f ff 41 80 3c 2e 00 75 2a eb 30 e8 ac fa 6f ff 90 48 c7 c7 20 e1 18 8c e8 2f 99 30 ff 90 <0f> 0b 90 90 48 bd 00 00 00 00 00 fc ff df 41 80 3c 2e 00 74 08 4c
[ 63.158702][ C1] RSP: 0018:ffffc90000a18f30 EFLAGS: 00010046
[ 63.164762][ C1] RAX: afdf066f14dbf600 RBX: ffff8880725144e8 RCX: ffff88801ced3c00
[ 63.172740][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 63.180876][ C1] RBP: 0000000000000000 R08: ffffffff81601b32 R09: 1ffff110170e519a
[ 63.188840][ C1] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff8880b8739838
[ 63.196802][ C1] R13: 0000000000000000 R14: 1ffff110170e7307 R15: ffff8880b8739838
[ 63.204771][ C1] ? __warn_printk+0x292/0x360
[ 63.209534][ C1] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 63.214987][ C1] __flush_smp_call_function_queue+0x3fc/0x1690
[ 63.221219][ C1] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 63.226673][ C1] __sysvec_call_function_single+0xb8/0x430
[ 63.232560][ C1] sysvec_call_function_single+0x9e/0xc0
[ 63.238186][ C1] </IRQ>
[ 63.241110][ C1] <TASK>
[ 63.244035][ C1] asm_sysvec_call_function_single+0x1a/0x20
[ 63.250004][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[ 63.256498][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ae 59 3f f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 71 a2 f5 65 8b 05 a4 c4 38 74 85 c0 74 43 48 c7 04 24 0e 36
[ 63.276097][ C1] RSP: 0018:ffffc90000187ba0 EFLAGS: 00000206
[ 63.282158][ C1] RAX: afdf066f14dbf600 RBX: 1ffff92000030f78 RCX: ffffffff817b230a
[ 63.290139][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0a9640 RDI: 0000000000000001
[ 63.298102][ C1] RBP: ffffc90000187c30 R08: ffffffff9428a897 R09: 1ffffffff2851512
[ 63.306064][ C1] R10: dffffc0000000000 R11: fffffbfff2851513 R12: dffffc0000000000
[ 63.314025][ C1] R13: 1ffff92000030f74 R14: ffffc90000187bc0 R15: 0000000000000246
[ 63.321995][ C1] ? mark_lock+0x9a/0x360
[ 63.326326][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 63.332647][ C1] ? do_raw_spin_lock+0x14f/0x370
[ 63.337670][ C1] ? autoremove_wake_function+0x37/0x110
[ 63.343294][ C1] __wake_up_common_lock+0x18c/0x1e0
[ 63.348584][ C1] rcu_exp_sel_wait_wake+0x18bf/0x1dc0
[ 63.354046][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 63.360017][ C1] ? __pfx_rcu_exp_sel_wait_wake+0x10/0x10
[ 63.365810][ C1] ? _raw_spin_lock_irq+0xdf/0x120
[ 63.370922][ C1] kthread_worker_fn+0x500/0xb70
[ 63.375861][ C1] ? kthread_worker_fn+0xdc/0xb70
[ 63.380889][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 63.386168][ C1] ? __pfx_kthread_worker_fn+0x10/0x10
[ 63.391619][ C1] kthread+0x2f0/0x390
[ 63.395676][ C1] ? __pfx_kthread_worker_fn+0x10/0x10
[ 63.401124][ C1] ? __pfx_kthread+0x10/0x10
[ 63.405702][ C1] ret_from_fork+0x4b/0x80
[ 63.410108][ C1] ? __pfx_kthread+0x10/0x10
[ 63.414689][ C1] ret_from_fork_asm+0x1a/0x30
[ 63.419454][ C1] </TASK>
[ 63.422710][ C1] Kernel Offset: disabled
[ 63.427055][ C1] Rebooting in 86400 seconds..