./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2253804502 <...> Warning: Permanently added '10.128.0.164' (ED25519) to the list of known hosts. execve("./syz-executor2253804502", ["./syz-executor2253804502"], 0x7fff154e2480 /* 10 vars */) = 0 brk(NULL) = 0x555586240000 brk(0x555586240d40) = 0x555586240d40 arch_prctl(ARCH_SET_FS, 0x5555862403c0) = 0 set_tid_address(0x555586240690) = 288 set_robust_list(0x5555862406a0, 24) = 0 rseq(0x555586240ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2253804502", 4096) = 28 getrandom("\xe8\xef\x90\x74\xae\x59\x0a\xc0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555586240d40 brk(0x555586261d40) = 0x555586261d40 brk(0x555586262000) = 0x555586262000 mprotect(0x7fe4d2ba8000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 289 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 290 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 291 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 292 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 293 ./strace-static-x86_64: Process 289 attached ./strace-static-x86_64: Process 291 attached ./strace-static-x86_64: Process 290 attached ./strace-static-x86_64: Process 293 attached [pid 293] set_robust_list(0x5555862406a0, 24) = 0 [pid 291] set_robust_list(0x5555862406a0, 24 [pid 290] set_robust_list(0x5555862406a0, 24 [pid 289] set_robust_list(0x5555862406a0, 24 [pid 293] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 291] <... set_robust_list resumed>) = 0 [pid 290] <... set_robust_list resumed>) = 0 [pid 289] <... set_robust_list resumed>) = 0 executing program [pid 293] <... openat resumed>) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 295 ./strace-static-x86_64: Process 292 attached [pid 292] set_robust_list(0x5555862406a0, 24) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 297 ./strace-static-x86_64: Process 297 attached [pid 297] set_robust_list(0x5555862406a0, 24) = 0 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 297] setpgid(0, 0) = 0 [pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "1000", 4) = 4 [pid 297] close(3) = 0 [pid 297] write(1, "executing program\n", 18) = 18 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, NULL, 8) = 0 [pid 297] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 297] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 297] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 297] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 297] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} => {parent_tid=[298]}, 88) = 298 [pid 297] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 289] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 289] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 289] close(3) = 0 [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 290] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 289] <... clone resumed>, child_tidptr=0x555586240690) = 299 [pid 290] <... openat resumed>) = 3 [pid 290] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 290] close(3) = 0 [pid 290] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 290] <... clone resumed>, child_tidptr=0x555586240690) = 300 ./strace-static-x86_64: Process 300 attached [ 22.774125][ T30] audit: type=1400 audit(1752567444.330:64): avc: denied { execmem } for pid=288 comm="syz-executor225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 22.796005][ T30] audit: type=1400 audit(1752567444.350:65): avc: denied { read write } for pid=293 comm="syz-executor225" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 291] ioctl(3, LOOP_CLR_FDexecuting program [pid 300] set_robust_list(0x5555862406a0, 24./strace-static-x86_64: Process 299 attached ./strace-static-x86_64: Process 298 attached ./strace-static-x86_64: Process 295 attached [pid 291] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 299] set_robust_list(0x5555862406a0, 24) = 0 [pid 299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 299] setpgid(0, 0) = 0 [pid 299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 299] write(3, "1000", 4) = 4 [pid 299] close(3) = 0 [pid 299] write(1, "executing program\n", 18) = 18 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, NULL, 8) = 0 [pid 299] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 299] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 299] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 299] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} => {parent_tid=[301]}, 88) = 301 [pid 299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 301 attached [pid 301] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 301] memfd_create("syzkaller", 0) = 3 [pid 301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [pid 300] <... set_robust_list resumed>) = 0 [pid 298] set_robust_list(0x7fe4d2adf9a0, 24 [pid 295] set_robust_list(0x5555862406a0, 24 [ 22.826659][ T30] audit: type=1400 audit(1752567444.350:66): avc: denied { open } for pid=293 comm="syz-executor225" path="/dev/loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 291] close(3 [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 298] <... set_robust_list resumed>) = 0 [pid 295] <... set_robust_list resumed>) = 0 [pid 291] <... close resumed>) = 0 [pid 300] <... prctl resumed>) = 0 [pid 298] rt_sigprocmask(SIG_SETMASK, [], [pid 295] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] memfd_create("syzkaller", 0 [pid 300] setpgid(0, 0 [pid 295] <... prctl resumed>) = 0 [pid 298] <... memfd_create resumed>) = 3 [pid 300] <... setpgid resumed>) = 0 [pid 295] setpgid(0, 0 [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 295] <... setpgid resumed>) = 0 [pid 298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 291] <... clone resumed>, child_tidptr=0x555586240690) = 303 [pid 300] <... openat resumed>) = 3 [pid 295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 298] <... mmap resumed>) = 0x7fe4ca6bf000 [pid 295] <... openat resumed>) = 3 [pid 300] write(3, "1000", 4) = 4 [pid 295] write(3, "1000", 4 [pid 300] close(3 [pid 295] <... write resumed>) = 4 [pid 300] <... close resumed>) = 0 [pid 295] close(3 [pid 300] write(1, "executing program\n", 18 [pid 295] <... close resumed>) = 0 ./strace-static-x86_64: Process 303 attached executing program [pid 300] <... write resumed>) = 18 [pid 295] write(1, "executing program\n", 18executing program ) = 18 [pid 300] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 300] <... futex resumed>) = 0 [pid 300] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, [pid 295] <... futex resumed>) = 0 [pid 303] set_robust_list(0x5555862406a0, 24 [pid 300] <... rt_sigaction resumed>NULL, 8) = 0 [pid 295] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, [pid 303] <... set_robust_list resumed>) = 0 [pid 295] <... rt_sigaction resumed>NULL, 8) = 0 [pid 300] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 295] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 300] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 300] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 300] <... mprotect resumed>) = 0 [pid 295] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE [pid 303] <... prctl resumed>) = 0 [pid 295] <... mprotect resumed>) = 0 [pid 300] rt_sigprocmask(SIG_BLOCK, ~[], [pid 295] rt_sigprocmask(SIG_BLOCK, ~[], [pid 300] <... rt_sigprocmask resumed>[], 8) = 0 [pid 295] <... rt_sigprocmask resumed>[], 8) = 0 [pid 300] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} [pid 295] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} [pid 300] <... clone3 resumed> => {parent_tid=[304]}, 88) = 304 [pid 303] setpgid(0, 0 [pid 300] rt_sigprocmask(SIG_SETMASK, [], [pid 303] <... setpgid resumed>) = 0 [pid 295] <... clone3 resumed> => {parent_tid=[305]}, 88) = 305 [pid 295] rt_sigprocmask(SIG_SETMASK, [], [pid 300] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 295] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 300] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 300] <... futex resumed>) = 0 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 300] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 303] write(3, "1000", 4) = 4 [pid 303] close(3) = 0 [pid 303] write(1, "executing program\n", 18executing program ) = 18 ./strace-static-x86_64: Process 304 attached [pid 304] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] memfd_create("syzkaller", 0 [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, [pid 304] <... memfd_create resumed>) = 3 [pid 303] <... rt_sigaction resumed>NULL, 8) = 0 [pid 303] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [pid 303] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 ./strace-static-x86_64: Process 305 attached [pid 303] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE [pid 305] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] <... mprotect resumed>) = 0 [pid 303] rt_sigprocmask(SIG_BLOCK, ~[], [pid 305] memfd_create("syzkaller", 0 [pid 303] <... rt_sigprocmask resumed>[], 8) = 0 [pid 303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} [pid 305] <... memfd_create resumed>) = 3 [pid 305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [pid 303] <... clone3 resumed> => {parent_tid=[306]}, 88) = 306 [pid 303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 306 attached [pid 306] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] memfd_create("syzkaller", 0) = 3 [pid 306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [ 22.852362][ T30] audit: type=1400 audit(1752567444.350:67): avc: denied { ioctl } for pid=293 comm="syz-executor225" path="/dev/loop4" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 301] <... write resumed>) = 20699119 [pid 301] munmap(0x7fe4ca6bf000, 138412032) = 0 [pid 298] <... write resumed>) = 20699119 [pid 301] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 298] munmap(0x7fe4ca6bf000, 138412032) = 0 [pid 301] <... openat resumed>) = 4 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 301] ioctl(4, LOOP_SET_FD, 3 [pid 298] <... openat resumed>) = 4 [pid 298] ioctl(4, LOOP_SET_FD, 3 [pid 301] <... ioctl resumed>) = 0 [pid 301] close(3) = 0 [pid 301] close(4) = 0 [pid 301] mkdir("./file0", 0777) = 0 [pid 301] mount("/dev/loop0", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 298] <... ioctl resumed>) = 0 [pid 298] close(3) = 0 [pid 298] close(4) = 0 [ 23.336894][ T301] loop0: detected capacity change from 0 to 40427 [ 23.344300][ T298] loop3: detected capacity change from 0 to 40427 [pid 298] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 298] mount("/dev/loop3", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 306] <... write resumed>) = 20699119 [pid 305] <... write resumed>) = 20699119 [pid 306] munmap(0x7fe4ca6bf000, 138412032 [pid 305] munmap(0x7fe4ca6bf000, 138412032 [pid 306] <... munmap resumed>) = 0 [pid 305] <... munmap resumed>) = 0 [pid 305] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 306] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 305] <... openat resumed>) = 4 [pid 306] <... openat resumed>) = 4 [pid 306] ioctl(4, LOOP_SET_FD, 3 [pid 305] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 306] <... ioctl resumed>) = 0 [pid 306] close(3 [pid 305] close(3 [pid 306] <... close resumed>) = 0 [pid 306] close(4 [pid 305] <... close resumed>) = 0 [ 23.366472][ T30] audit: type=1400 audit(1752567444.920:68): avc: denied { mounton } for pid=299 comm="syz-executor225" path="/root/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 23.369852][ T301] F2FS-fs (loop0): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 23.412460][ T306] loop2: detected capacity change from 0 to 40427 [ 23.419652][ T298] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 23.428167][ T305] loop4: detected capacity change from 0 to 40427 [pid 305] close(4 [pid 304] <... write resumed>) = 20699119 [pid 306] <... close resumed>) = 0 [pid 305] <... close resumed>) = 0 [pid 306] mkdir("./file0", 0777 [pid 305] mkdir("./file0", 0777 [pid 306] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 305] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 306] mount("/dev/loop2", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 305] mount("/dev/loop4", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [ 23.436973][ T298] F2FS-fs (loop3): Found nat_bits in checkpoint [ 23.437466][ T301] F2FS-fs (loop0): Found nat_bits in checkpoint [ 23.477181][ T305] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [pid 304] munmap(0x7fe4ca6bf000, 138412032) = 0 [pid 304] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 304] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 304] close(3) = 0 [pid 304] close(4) = 0 [pid 304] mkdir("./file0", 0777) = -1 EEXIST (File exists) [ 23.485611][ T306] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 23.495583][ T304] loop1: detected capacity change from 0 to 40427 [ 23.516195][ T305] F2FS-fs (loop4): Found nat_bits in checkpoint [ 23.530185][ T301] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 23.537940][ T306] F2FS-fs (loop2): Found nat_bits in checkpoint [ 23.537943][ T304] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 23.556188][ T301] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 23.557043][ T298] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 23.566117][ T301] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [pid 304] mount("/dev/loop1", "./file0", "f2fs", 0, "resuid=0x000000000000ee01,background_gc=off,nodiscard,grpjquota=:-(,usrjquota=\\A,jqfmt=vfsv1,active_"... [pid 301] <... mount resumed>) = 0 [pid 301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 23.586734][ T301] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 23.586939][ T298] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 23.600891][ T304] F2FS-fs (loop1): Found nat_bits in checkpoint [ 23.608920][ T30] audit: type=1400 audit(1752567445.150:69): avc: denied { mount } for pid=299 comm="syz-executor225" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 23.615643][ T306] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [pid 301] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 301] ioctl(4, LOOP_CLR_FD) = 0 [pid 301] close(4) = 0 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... mount resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 299] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] fspick(AT_FDCWD, "./file0", 0 [pid 299] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 298] ioctl(4, LOOP_CLR_FD) = 0 [pid 298] close(4) = 0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = 0 [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = 0 [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 301] <... fspick resumed>) = 4 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 299] <... futex resumed>) = 0 [pid 301] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 298] <... fsconfig resumed>) = 0 [pid 301] <... fsconfig resumed>) = 0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 298] openat(AT_FDCWD, "./file0", O_RDONLY [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 299] <... futex resumed>) = 0 [pid 298] <... openat resumed>) = 5 [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... futex resumed>) = 0 [pid 299] <... futex resumed>) = 1 [pid 298] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] openat(AT_FDCWD, "./file0", O_RDONLY [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... openat resumed>) = 5 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... futex resumed>) = 0 [pid 301] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 299] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... ioctl resumed>) = -1 EIO (Input/output error) [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 23.637821][ T298] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 23.641282][ T306] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 23.651613][ T298] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 23.655451][ T305] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [pid 301] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 299] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 299] <... futex resumed>) = 1 [pid 301] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=139}, [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... prlimit64 resumed>NULL) = 0 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] sched_setscheduler(0, SCHED_FIFO, [7]) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 299] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] mmap(0x200000000000, 11755520, PROT_WRITE|PROT_EXEC|PROT_SEM|PROT_GROWSUP|0xb635773f04ebbee0, MAP_SHARED|MAP_FIXED|MAP_ANONYMOUS|MAP_POPULATE, -1, 0 [pid 299] <... futex resumed>) = 0 [pid 299] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... ioctl resumed>) = 0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 298] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=139}, [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 297] <... futex resumed>) = 0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] sched_setscheduler(0, SCHED_FIFO, [7] [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... sched_setscheduler resumed>) = 0 [pid 297] <... futex resumed>) = 0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 298] mmap(0x200000000000, 11755520, PROT_WRITE|PROT_EXEC|PROT_SEM|PROT_GROWSUP|0xb635773f04ebbee0, MAP_SHARED|MAP_FIXED|MAP_ANONYMOUS|MAP_POPULATE, -1, 0 [pid 297] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... mmap resumed>) = 0x200000000000 [pid 299] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 298] <... mmap resumed>) = 0x200000000000 [pid 301] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] exit_group(0 [pid 298] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = ? [pid 299] <... exit_group resumed>) = ? [pid 298] <... futex resumed>) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] +++ exited with 0 +++ [pid 298] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] exit_group(0 [pid 298] <... futex resumed>) = ? [pid 297] <... exit_group resumed>) = ? [pid 298] +++ exited with 0 +++ [pid 306] <... mount resumed>) = 0 [pid 306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 23.773630][ T306] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2 [ 23.774909][ T304] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 23.786776][ T306] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 23.794735][ T304] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 23.801433][ T305] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 23.807944][ T305] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 23.814962][ T304] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [pid 306] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 306] ioctl(4, LOOP_CLR_FD) = 0 [pid 306] close(4) = 0 [pid 306] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 1 [pid 306] fspick(AT_FDCWD, "./file0", 0 [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... fspick resumed>) = 4 [pid 306] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 1 [pid 306] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] +++ exited with 0 +++ [pid 305] <... mount resumed>) = 0 [pid 304] <... mount resumed>) = 0 [pid 299] +++ exited with 0 +++ [pid 306] <... fsconfig resumed>) = 0 [pid 289] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=7, si_stime=30} --- [pid 289] restart_syscall(<... resuming interrupted clone ...> [pid 305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 289] <... restart_syscall resumed>) = 0 [pid 289] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 306] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=297, si_uid=0, si_status=0, si_utime=10, si_stime=31} --- [pid 289] <... openat resumed>) = 3 [pid 289] ioctl(3, LOOP_CLR_FD) = 0 [pid 289] close(3) = 0 [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program , child_tidptr=0x555586240690) = 321 [pid 305] <... openat resumed>) = 3 [pid 305] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 305] ioctl(4, LOOP_CLR_FD) = 0 [pid 305] close(4) = 0 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 321 attached [pid 321] set_robust_list(0x5555862406a0, 24) = 0 [pid 321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 321] setpgid(0, 0) = 0 [pid 321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 321] write(3, "1000", 4) = 4 [pid 321] close(3) = 0 [pid 321] write(1, "executing program\n", 18) = 18 [pid 321] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 321] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, NULL, 8) = 0 [pid 321] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 321] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 321] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 321] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 321] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} => {parent_tid=[322]}, 88) = 322 [pid 321] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] <... futex resumed>) = 0 [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 295] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] fspick(AT_FDCWD, "./file0", 0) = 4 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] openat(AT_FDCWD, "./file0", O_RDONLY [pid 303] <... futex resumed>) = 0 [pid 295] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 321] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... openat resumed>) = 5 [pid 304] <... openat resumed>) = 3 [pid 295] <... futex resumed>) = 1 [pid 306] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 305] <... futex resumed>) = 0 [pid 305] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 306] <... futex resumed>) = 1 [pid 304] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 303] <... futex resumed>) = 0 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... openat resumed>) = 3 [pid 306] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 304] <... openat resumed>) = 4 [pid 303] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [ 23.822030][ T304] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 23.830359][ T305] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 23.861706][ T306] ================================================================== [ 23.869838][ T306] BUG: KASAN: null-ptr-deref in kthread_stop+0x3a/0x3e0 [ 23.876835][ T306] Write of size 4 at addr 0000000000000028 by task syz-executor225/306 [ 23.885089][ T306] [ 23.887447][ T306] CPU: 0 PID: 306 Comm: syz-executor225 Not tainted 5.15.187-syzkaller-00603-geabc268e4fb2 #0 [ 23.897708][ T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 23.907803][ T306] Call Trace: [ 23.911103][ T306] [ 23.914058][ T306] __dump_stack+0x21/0x30 [ 23.918414][ T306] dump_stack_lvl+0xee/0x150 [ 23.923020][ T306] ? show_regs_print_info+0x20/0x20 [ 23.928247][ T306] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 23.934067][ T306] ? __wake_up+0x116/0x180 [ 23.938501][ T306] ? kthread_stop+0x3a/0x3e0 [ 23.943109][ T306] kasan_report+0xe7/0x140 [ 23.947546][ T306] ? kthread_stop+0x3a/0x3e0 [ 23.952149][ T306] kasan_check_range+0x280/0x290 [ 23.957106][ T306] __kasan_check_write+0x14/0x20 [ 23.962064][ T306] kthread_stop+0x3a/0x3e0 [ 23.966500][ T306] f2fs_stop_gc_thread+0x65/0xb0 [ 23.971465][ T306] __f2fs_ioctl+0x5c36/0xb150 [ 23.976169][ T306] ? avc_flush+0x2b0/0x2b0 [ 23.980603][ T306] ? do_vfs_ioctl+0xc1a/0x1d00 [ 23.985393][ T306] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 23.991049][ T306] ? f2fs_ioctl+0x240/0x240 [ 23.995584][ T306] ? ioctl_has_perm+0x394/0x4d0 [ 24.000467][ T306] ? has_cap_mac_admin+0x330/0x330 [ 24.005602][ T306] ? _raw_spin_lock_irq+0x8f/0xe0 [ 24.010642][ T306] ? _raw_spin_lock_irqsave+0x110/0x110 [ 24.016206][ T306] ? cgroup_update_frozen+0x15c/0x970 [pid 292] ioctl(3, LOOP_CLR_FD [pid 303] <... futex resumed>) = 0 [pid 292] <... ioctl resumed>) = 0 [pid 321] <... futex resumed>) = 0 [pid 321] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 303] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] close(3) = 0 [pid 305] <... fsconfig resumed>) = 0 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 322 attached [pid 322] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 322] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 322] memfd_create("syzkaller", 0) = 3 [pid 322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [pid 295] <... futex resumed>) = 0 [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 295] <... futex resumed>) = 1 [pid 305] openat(AT_FDCWD, "./file0", O_RDONLY [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... openat resumed>) = 5 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] <... futex resumed>) = 0 [pid 305] ioctl(5, F2FS_IOC_SHUTDOWN, 0x200000000140 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... ioctl resumed>) = -1 EIO (Input/output error) [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] <... futex resumed>) = 0 [pid 305] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=139}, [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... prlimit64 resumed>NULL) = 0 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] <... futex resumed>) = 0 [pid 305] sched_setscheduler(0, SCHED_FIFO, [7] [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... sched_setscheduler resumed>) = 0 [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 295] <... futex resumed>) = 0 [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 295] <... futex resumed>) = 1 [pid 305] mmap(0x200000000000, 11755520, PROT_WRITE|PROT_EXEC|PROT_SEM|PROT_GROWSUP|0xb635773f04ebbee0, MAP_SHARED|MAP_FIXED|MAP_ANONYMOUS|MAP_POPULATE, -1, 0) = 0x200000000000 [pid 295] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] futex(0x7fe4d2bae6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] exit_group(0 [pid 305] <... futex resumed>) = ? [pid 295] <... exit_group resumed>) = ? [pid 305] +++ exited with 0 +++ [pid 295] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=295, si_uid=0, si_status=0, si_utime=9, si_stime=28} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = 0 [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 325 [ 24.021601][ T306] ? selinux_file_ioctl+0x377/0x480 [ 24.026821][ T306] ? selinux_file_alloc_security+0x120/0x120 [ 24.032821][ T306] ? __fget_files+0x2c4/0x320 [ 24.037518][ T306] f2fs_ioctl+0x149/0x240 [ 24.041863][ T306] ? f2fs_precache_extents+0x260/0x260 [ 24.047345][ T306] __se_sys_ioctl+0x121/0x1a0 [ 24.052038][ T306] __x64_sys_ioctl+0x7b/0x90 [ 24.056654][ T306] x64_sys_call+0x2f/0x9a0 [ 24.061096][ T306] do_syscall_64+0x4c/0xa0 [ 24.065539][ T306] ? clear_bhb_loop+0x50/0xa0 [ 24.070255][ T306] ? clear_bhb_loop+0x50/0xa0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555586240690) = 326 [ 24.074957][ T306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.080866][ T306] RIP: 0033:0x7fe4d2b22909 [ 24.085292][ T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.104917][ T306] RSP: 002b:00007fe4d2adf218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 24.113361][ T306] RAX: ffffffffffffffda RBX: 00007fe4d2bae6c8 RCX: 00007fe4d2b22909 [pid 322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 325 attached [pid 325] set_robust_list(0x5555862406a0, 24) = 0 [pid 325] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program ) = 0 [pid 325] setpgid(0, 0) = 0 [pid 325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 325] write(3, "1000", 4) = 4 [pid 325] close(3) = 0 [pid 325] write(1, "executing program\n", 18) = 18 [pid 325] futex(0x7fe4d2bae6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 325] rt_sigaction(SIGRT_1, {sa_handler=0x7fe4d2b487f0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe4d2b39ea0}, NULL, 8) = 0 [pid 325] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 325] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2abf000 [pid 325] mprotect(0x7fe4d2ac0000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 325] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 325] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2adf990, parent_tid=0x7fe4d2adf990, exit_signal=0, stack=0x7fe4d2abf000, stack_size=0x20300, tls=0x7fe4d2adf6c0} => {parent_tid=[327]}, 88) = 327 [pid 325] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 325] futex(0x7fe4d2bae6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 325] futex(0x7fe4d2bae6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 327 attached [pid 327] set_robust_list(0x7fe4d2adf9a0, 24) = 0 [pid 327] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 327] memfd_create("syzkaller", 0) = 3 [pid 327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe4ca6bf000 [pid 303] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 303] futex(0x7fe4d2bae6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe4d2a9e000 [pid 303] mprotect(0x7fe4d2a9f000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 303] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 326 attached [pid 304] ioctl(4, LOOP_CLR_FD [pid 303] <... rt_sigprocmask resumed>[], 8) = 0 [ 24.121351][ T306] RDX: 0000200000000140 RSI: 000000008004587d RDI: 0000000000000005 [ 24.129333][ T306] RBP: 00007fe4d2bae6c0 R08: 0000000000000000 R09: 0000000000000000 [ 24.137319][ T306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe4d2b7b8fc [ 24.145310][ T306] R13: 3505e258dcaaa166 R14: 0000200000000000 R15: b635773f06ebbeee [ 24.153314][ T306] [ 24.156349][ T306] ================================================================== [ 24.164423][ T306] Disabling lock debugging due to kernel taint [ 24.174560][ T306] BUG: kernel NULL pointer dereference, address: 0000000000000028 [ 24.182393][ T306] #PF: supervisor write access in kernel mode [ 24.188470][ T306] #PF: error_code(0x0002) - not-present page [ 24.194455][ T306] PGD 0 P4D 0 [ 24.197864][ T306] Oops: 0002 [#1] PREEMPT SMP KASAN [ 24.203086][ T306] CPU: 0 PID: 306 Comm: syz-executor225 Tainted: G B 5.15.187-syzkaller-00603-geabc268e4fb2 #0 [ 24.214729][ T306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [pid 303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe4d2abe990, parent_tid=0x7fe4d2abe990, exit_signal=0, stack=0x7fe4d2a9e000, stack_size=0x20300, tls=0x7fe4d2abe6c0} => {parent_tid=[328]}, 88) = 328 [pid 303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] futex(0x7fe4d2bae6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fe4d2bae6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 328 attached [pid 328] set_robust_list(0x7fe4d2abe9a0, 24) = 0 [pid 328] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 328] prlimit64(0, RLIMIT_RTPRIO, {rlim_cur=8, rlim_max=139}, NULL) = 0 [pid 328] futex(0x7fe4d2bae6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fe4d2bae6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fe4d2bae6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 328] <... futex resumed>) = 1 [pid 328] sched_setscheduler(0, SCHED_FIFO, [7]) = 0 [pid 328] futex(0x7fe4d2bae6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 328] futex(0x7fe4d2bae6d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7fe4d2bae6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 328] <... futex resumed>) = 0 [ 24.224802][ T306] RIP: 0010:kthread_stop+0x40/0x3e0 [ 24.230032][ T306] Code: 00 fc ff df e8 e1 c4 23 00 0f 1f 44 00 00 e8 d7 c4 23 00 4c 8d 73 28 4c 89 f7 be 04 00 00 00 e8 d6 3d 62 00 41 bf 01 00 00 00 44 0f c1 7b 28 31 ff 44 89 fe e8 60 c8 23 00 45 85 ff 0f 84 32 [ 24.249661][ T306] RSP: 0018:ffffc90000b47918 EFLAGS: 00010246 [ 24.255744][ T306] RAX: ffff88811e4d1300 RBX: 0000000000000000 RCX: ffff88811e4d13c0 [ 24.263721][ T306] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff [ 24.271742][ T306] RBP: ffffc90000b47940 R08: 0000000000000004 R09: 0000000000000003 [ 24.279723][ T306] R10: fffffbfff0e17c4c R11: 1ffffffff0e17c4c R12: 1ffff11021509523 [ 24.287705][ T306] R13: dffffc0000000000 R14: 0000000000000028 R15: 0000000000000001 [ 24.295677][ T306] FS: 00007fe4d2adf6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 24.304615][ T306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.311204][ T306] CR2: 0000000000000028 CR3: 0000000122566000 CR4: 00000000003506b0 [ 24.319264][ T306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.327239][ T306] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.335209][ T306] Call Trace: [ 24.338490][ T306] [ 24.341420][ T306] f2fs_stop_gc_thread+0x65/0xb0 [ 24.346369][ T306] __f2fs_ioctl+0x5c36/0xb150 [ 24.351053][ T306] ? avc_flush+0x2b0/0x2b0 [ 24.355473][ T306] ? do_vfs_ioctl+0xc1a/0x1d00 [ 24.360280][ T306] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 24.365921][ T306] ? f2fs_ioctl+0x240/0x240 [ 24.370427][ T306] ? ioctl_has_perm+0x394/0x4d0 [ 24.375278][ T306] ? has_cap_mac_admin+0x330/0x330 [ 24.380402][ T306] ? _raw_spin_lock_irq+0x8f/0xe0 [ 24.385431][ T306] ? _raw_spin_lock_irqsave+0x110/0x110 [ 24.391239][ T306] ? cgroup_update_frozen+0x15c/0x970 [ 24.396805][ T306] ? selinux_file_ioctl+0x377/0x480 [ 24.402051][ T306] ? selinux_file_alloc_security+0x120/0x120 [ 24.408176][ T306] ? __fget_files+0x2c4/0x320 [ 24.412861][ T306] f2fs_ioctl+0x149/0x240 [ 24.417206][ T306] ? f2fs_precache_extents+0x260/0x260 [ 24.422671][ T306] __se_sys_ioctl+0x121/0x1a0 [ 24.427355][ T306] __x64_sys_ioctl+0x7b/0x90 [ 24.431950][ T306] x64_sys_call+0x2f/0x9a0 [ 24.436370][ T306] do_syscall_64+0x4c/0xa0 [ 24.440790][ T306] ? clear_bhb_loop+0x50/0xa0 [ 24.445471][ T306] ? clear_bhb_loop+0x50/0xa0 [ 24.450150][ T306] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.456042][ T306] RIP: 0033:0x7fe4d2b22909 [ 24.460458][ T306] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 24.480179][ T306] RSP: 002b:00007fe4d2adf218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 24.488595][ T306] RAX: ffffffffffffffda RBX: 00007fe4d2bae6c8 RCX: 00007fe4d2b22909 [ 24.496655][ T306] RDX: 0000200000000140 RSI: 000000008004587d RDI: 0000000000000005 [ 24.504631][ T306] RBP: 00007fe4d2bae6c0 R08: 0000000000000000 R09: 0000000000000000 [ 24.512618][ T306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe4d2b7b8fc [ 24.520590][ T306] R13: 3505e258dcaaa166 R14: 0000200000000000 R15: b635773f06ebbeee [ 24.528568][ T306] [ 24.531594][ T306] Modules linked in: [ 24.535500][ T306] CR2: 0000000000000028 [ 24.539671][ T306] ---[ end trace d1803461e1853f5a ]--- [ 24.545144][ T306] RIP: 0010:kthread_stop+0x40/0x3e0 [ 24.550348][ T306] Code: 00 fc ff df e8 e1 c4 23 00 0f 1f 44 00 00 e8 d7 c4 23 00 4c 8d 73 28 4c 89 f7 be 04 00 00 00 e8 d6 3d 62 00 41 bf 01 00 00 00 44 0f c1 7b 28 31 ff 44 89 fe e8 60 c8 23 00 45 85 ff 0f 84 32 [ 24.569962][ T306] RSP: 0018:ffffc90000b47918 EFLAGS: 00010246 [ 24.576033][ T306] RAX: ffff88811e4d1300 RBX: 0000000000000000 RCX: ffff88811e4d13c0 [ 24.584004][ T306] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff [ 24.591976][ T306] RBP: ffffc90000b47940 R08: 0000000000000004 R09: 0000000000000003 [ 24.599951][ T306] R10: fffffbfff0e17c4c R11: 1ffffffff0e17c4c R12: 1ffff11021509523 [ 24.607925][ T306] R13: dffffc0000000000 R14: 0000000000000028 R15: 0000000000000001 [ 24.615902][ T306] FS: 00007fe4d2adf6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 24.624837][ T306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.631424][ T306] CR2: 0000000000000028 CR3: 0000000122566000 CR4: 00000000003506b0 [ 24.639402][ T306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.647613][ T306] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.655606][ T306] Kernel panic - not syncing: Fatal exception [ 24.661929][ T306] Kernel Offset: disabled [ 24.666275][ T306] Rebooting in 86400 seconds..