./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1023382110 <...> Warning: Permanently added '10.128.0.180' (ED25519) to the list of known hosts. execve("./syz-executor1023382110", ["./syz-executor1023382110"], 0x7ffe0fb7ad20 /* 10 vars */) = 0 brk(NULL) = 0x555579f84000 brk(0x555579f84d40) = 0x555579f84d40 arch_prctl(ARCH_SET_FS, 0x555579f843c0) = 0 set_tid_address(0x555579f84690) = 5243 set_robust_list(0x555579f846a0, 24) = 0 rseq(0x555579f84ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1023382110", 4096) = 28 getrandom("\x74\x86\xf0\x78\x7d\x9e\x14\x61", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555579f84d40 brk(0x555579fa5d40) = 0x555579fa5d40 brk(0x555579fa6000) = 0x555579fa6000 mprotect(0x7fa163b89000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555579f84690) = 5244 ./strace-static-x86_64: Process 5244 attached [pid 5243] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5244] set_robust_list(0x555579f846a0, 24) = 0 ./strace-static-x86_64: Process 5245 attached [pid 5243] <... clone resumed>, child_tidptr=0x555579f84690) = 5245 [pid 5243] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5245] set_robust_list(0x555579f846a0, 24 [pid 5244] mkdir("./syzkaller.pzITKt", 0700 [pid 5245] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5246 attached [pid 5245] mkdir("./syzkaller.cLm3gx", 0700 [pid 5243] <... clone resumed>, child_tidptr=0x555579f84690) = 5246 [pid 5246] set_robust_list(0x555579f846a0, 24 [pid 5244] <... mkdir resumed>) = 0 [pid 5243] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5246] <... set_robust_list resumed>) = 0 [pid 5246] mkdir("./syzkaller.vcXiRf", 0700 [pid 5245] <... mkdir resumed>) = 0 [pid 5244] chmod("./syzkaller.pzITKt", 0777 [pid 5246] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5247 attached [pid 5245] chmod("./syzkaller.cLm3gx", 0777 [pid 5244] <... chmod resumed>) = 0 [pid 5243] <... clone resumed>, child_tidptr=0x555579f84690) = 5247 [pid 5247] set_robust_list(0x555579f846a0, 24 [pid 5246] chmod("./syzkaller.vcXiRf", 0777 [pid 5245] <... chmod resumed>) = 0 [pid 5244] chdir("./syzkaller.pzITKt" [pid 5243] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5247] <... set_robust_list resumed>) = 0 [pid 5246] <... chmod resumed>) = 0 [pid 5247] mkdir("./syzkaller.NH38RL", 0700 [pid 5246] chdir("./syzkaller.vcXiRf" [pid 5245] chdir("./syzkaller.cLm3gx" [pid 5244] <... chdir resumed>) = 0 [pid 5246] <... chdir resumed>) = 0 [pid 5245] <... chdir resumed>) = 0 [pid 5244] mkdir("./0", 0777./strace-static-x86_64: Process 5248 attached [pid 5246] mkdir("./0", 0777 [pid 5245] mkdir("./0", 0777 [pid 5243] <... clone resumed>, child_tidptr=0x555579f84690) = 5248 [pid 5248] set_robust_list(0x555579f846a0, 24) = 0 [pid 5247] <... mkdir resumed>) = 0 [pid 5246] <... mkdir resumed>) = 0 [pid 5244] <... mkdir resumed>) = 0 [pid 5246] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5245] <... mkdir resumed>) = 0 [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5247] chmod("./syzkaller.NH38RL", 0777 [pid 5246] <... openat resumed>) = 3 [pid 5245] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5244] <... openat resumed>) = 3 [pid 5247] <... chmod resumed>) = 0 [pid 5248] mkdir("./syzkaller.SGT7UA", 0700 [pid 5245] <... openat resumed>) = 3 [pid 5244] ioctl(3, LOOP_CLR_FD [pid 5246] ioctl(3, LOOP_CLR_FD [pid 5247] chdir("./syzkaller.NH38RL") = 0 [pid 5247] mkdir("./0", 0777) = 0 [pid 5246] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5245] ioctl(3, LOOP_CLR_FD [pid 5244] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5247] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5248] <... mkdir resumed>) = 0 [pid 5246] close(3 [pid 5245] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5244] close(3 [pid 5248] chmod("./syzkaller.SGT7UA", 0777 [pid 5247] <... openat resumed>) = 3 [pid 5246] <... close resumed>) = 0 [pid 5245] close(3 [pid 5244] <... close resumed>) = 0 [pid 5246] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5248] <... chmod resumed>) = 0 [pid 5247] ioctl(3, LOOP_CLR_FD [pid 5245] <... close resumed>) = 0 [pid 5244] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5248] chdir("./syzkaller.SGT7UA" [pid 5247] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5245] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5248] <... chdir resumed>) = 0 [pid 5247] close(3 [pid 5248] mkdir("./0", 0777 [pid 5247] <... close resumed>) = 0 [pid 5248] <... mkdir resumed>) = 0 [pid 5247] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5250 attached [pid 5246] <... clone resumed>, child_tidptr=0x555579f84690) = 5249 [pid 5244] <... clone resumed>, child_tidptr=0x555579f84690) = 5250 [pid 5250] set_robust_list(0x555579f846a0, 24) = 0 ./strace-static-x86_64: Process 5249 attached [pid 5250] chdir("./0"./strace-static-x86_64: Process 5251 attached [pid 5249] set_robust_list(0x555579f846a0, 24 [pid 5250] <... chdir resumed>) = 0 [pid 5245] <... clone resumed>, child_tidptr=0x555579f84690) = 5251 [pid 5251] set_robust_list(0x555579f846a0, 24 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5251] <... set_robust_list resumed>) = 0 [pid 5249] <... set_robust_list resumed>) = 0 [pid 5250] <... prctl resumed>) = 0 [pid 5248] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5252 attached [pid 5250] setpgid(0, 0 [pid 5249] chdir("./0" [pid 5252] set_robust_list(0x555579f846a0, 24 [pid 5251] chdir("./0" [pid 5250] <... setpgid resumed>) = 0 [pid 5248] <... openat resumed>) = 3 [pid 5247] <... clone resumed>, child_tidptr=0x555579f84690) = 5252 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5252] <... set_robust_list resumed>) = 0 [pid 5249] <... chdir resumed>) = 0 [pid 5250] <... openat resumed>) = 3 [pid 5252] chdir("./0" [pid 5251] <... chdir resumed>) = 0 [pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5250] write(3, "1000", 4 [pid 5248] ioctl(3, LOOP_CLR_FD [pid 5252] <... chdir resumed>) = 0 [pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5250] <... write resumed>) = 4 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5251] <... prctl resumed>) = 0 [pid 5250] close(3 [pid 5252] <... prctl resumed>) = 0 [pid 5250] <... close resumed>) = 0 [pid 5252] setpgid(0, 0 [pid 5251] setpgid(0, 0 [pid 5249] <... prctl resumed>) = 0 [pid 5250] symlink("/dev/binderfs", "./binderfs" [pid 5248] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5249] setpgid(0, 0) = 0 [pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5248] close(3 [pid 5249] <... openat resumed>) = 3 [pid 5248] <... close resumed>) = 0 [pid 5249] write(3, "1000", 4 [pid 5248] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5252] <... setpgid resumed>) = 0 [pid 5249] <... write resumed>) = 4 [pid 5250] <... symlink resumed>) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5251] <... setpgid resumed>) = 0 [pid 5250] write(1, "executing program\n", 18executing program [pid 5252] <... openat resumed>) = 3 [pid 5249] close(3 [pid 5252] write(3, "1000", 4 [pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5249] <... close resumed>) = 0 [pid 5250] <... write resumed>) = 18 ./strace-static-x86_64: Process 5254 attached [pid 5252] <... write resumed>) = 4 [pid 5251] <... openat resumed>) = 3 [pid 5249] symlink("/dev/binderfs", "./binderfs" [pid 5250] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] set_robust_list(0x555579f846a0, 24 [pid 5252] close(3 [pid 5251] write(3, "1000", 4 [pid 5249] <... symlink resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5248] <... clone resumed>, child_tidptr=0x555579f84690) = 5254 [pid 5254] <... set_robust_list resumed>) = 0 [pid 5252] <... close resumed>) = 0 [pid 5251] <... write resumed>) = 4 [pid 5250] rt_sigaction(SIGRT_1, {sa_handler=0x7fa163b23fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fa163b15190}, executing program [pid 5254] chdir("./0" [pid 5252] symlink("/dev/binderfs", "./binderfs" [pid 5251] close(3 [pid 5250] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5249] write(1, "executing program\n", 18) = 18 [pid 5252] <... symlink resumed>) = 0 [pid 5250] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5254] <... chdir resumed>) = 0 [pid 5251] <... close resumed>) = 0 [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] symlink("/dev/binderfs", "./binderfs" [pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5249] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5249] rt_sigaction(SIGRT_1, {sa_handler=0x7fa163b23fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fa163b15190}, NULL, 8) = 0 [pid 5249] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5251] <... symlink resumed>) = 0 [pid 5249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] <... mmap resumed>) = 0x7fa163a93000 [pid 5249] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5250] mprotect(0x7fa163a94000, 131072, PROT_READ|PROT_WRITEexecuting program [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5252] write(1, "executing program\n", 18 [pid 5249] <... mmap resumed>) = 0x7fa163a93000 [pid 5250] <... mprotect resumed>) = 0 [pid 5254] <... prctl resumed>) = 0 [pid 5249] mprotect(0x7fa163a94000, 131072, PROT_READ|PROT_WRITE [pid 5250] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5254] setpgid(0, 0 [pid 5252] <... write resumed>) = 18 [pid 5254] <... setpgid resumed>) = 0 [pid 5250] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5252] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] write(1, "executing program\n", 18 [pid 5250] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163ab3990, parent_tid=0x7fa163ab3990, exit_signal=0, stack=0x7fa163a93000, stack_size=0x20300, tls=0x7fa163ab36c0}executing program [pid 5249] <... mprotect resumed>) = 0 [pid 5252] <... futex resumed>) = 0 [pid 5251] <... write resumed>) = 18 [pid 5249] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5249] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163ab3990, parent_tid=0x7fa163ab3990, exit_signal=0, stack=0x7fa163a93000, stack_size=0x20300, tls=0x7fa163ab36c0}./strace-static-x86_64: Process 5256 attached [pid 5256] rseq(0x7fa163ab3fe0, 0x20, 0, 0x53053053) = 0 [pid 5249] <... clone3 resumed> => {parent_tid=[5256]}, 88) = 5256 [pid 5256] set_robust_list(0x7fa163ab39a0, 24 [pid 5249] rt_sigprocmask(SIG_SETMASK, [], [pid 5256] <... set_robust_list resumed>) = 0 [pid 5249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5256] rt_sigprocmask(SIG_SETMASK, [], [pid 5249] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5256] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] <... futex resumed>) = 0 [pid 5249] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5255 attached [pid 5256] memfd_create("syzkaller", 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5252] rt_sigaction(SIGRT_1, {sa_handler=0x7fa163b23fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fa163b15190}, [pid 5251] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] <... clone3 resumed> => {parent_tid=[5255]}, 88) = 5255 [pid 5254] <... openat resumed>) = 3 [pid 5252] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5251] <... futex resumed>) = 0 [pid 5250] rt_sigprocmask(SIG_SETMASK, [], [pid 5254] write(3, "1000", 4 [pid 5252] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5251] rt_sigaction(SIGRT_1, {sa_handler=0x7fa163b23fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fa163b15190}, [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5254] <... write resumed>) = 4 [pid 5252] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5250] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] close(3 [pid 5252] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program [pid 5251] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5250] <... futex resumed>) = 0 [pid 5256] <... memfd_create resumed>) = 3 [pid 5255] rseq(0x7fa163ab3fe0, 0x20, 0, 0x53053053 [pid 5254] <... close resumed>) = 0 [pid 5252] <... mmap resumed>) = 0x7fa163a93000 [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5255] <... rseq resumed>) = 0 [pid 5254] symlink("/dev/binderfs", "./binderfs" [pid 5252] mprotect(0x7fa163a94000, 131072, PROT_READ|PROT_WRITE [pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5256] <... mmap resumed>) = 0x7fa15b600000 [pid 5255] set_robust_list(0x7fa163ab39a0, 24 [pid 5254] <... symlink resumed>) = 0 [pid 5252] <... mprotect resumed>) = 0 [pid 5251] <... mmap resumed>) = 0x7fa163a93000 [pid 5254] write(1, "executing program\n", 18 [pid 5252] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5251] mprotect(0x7fa163a94000, 131072, PROT_READ|PROT_WRITE [pid 5254] <... write resumed>) = 18 [pid 5254] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... mprotect resumed>) = 0 [pid 5254] <... futex resumed>) = 0 [pid 5252] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5251] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5254] rt_sigaction(SIGRT_1, {sa_handler=0x7fa163b23fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fa163b15190}, NULL, 8) = 0 [pid 5252] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163ab3990, parent_tid=0x7fa163ab3990, exit_signal=0, stack=0x7fa163a93000, stack_size=0x20300, tls=0x7fa163ab36c0} [pid 5256] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5255] <... set_robust_list resumed>) = 0 [pid 5254] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5255] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5257 attached NULL, 8) = 0 [pid 5254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5252] <... clone3 resumed> => {parent_tid=[5257]}, 88) = 5257 [pid 5251] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5257] rseq(0x7fa163ab3fe0, 0x20, 0, 0x53053053 [pid 5254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5252] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163ab3990, parent_tid=0x7fa163ab3990, exit_signal=0, stack=0x7fa163a93000, stack_size=0x20300, tls=0x7fa163ab36c0} [pid 5257] <... rseq resumed>) = 0 [pid 5255] memfd_create("syzkaller", 0 [pid 5254] <... mmap resumed>) = 0x7fa163a93000 [pid 5252] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5258 attached [pid 5257] set_robust_list(0x7fa163ab39a0, 24 [pid 5254] mprotect(0x7fa163a94000, 131072, PROT_READ|PROT_WRITE [pid 5252] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5258] rseq(0x7fa163ab3fe0, 0x20, 0, 0x53053053 [pid 5257] <... set_robust_list resumed>) = 0 [pid 5254] <... mprotect resumed>) = 0 [pid 5252] <... futex resumed>) = 0 [pid 5255] <... memfd_create resumed>) = 3 [pid 5251] <... clone3 resumed> => {parent_tid=[5258]}, 88) = 5258 [pid 5258] <... rseq resumed>) = 0 [pid 5257] rt_sigprocmask(SIG_SETMASK, [], [pid 5255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5254] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5252] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5258] set_robust_list(0x7fa163ab39a0, 24 [pid 5257] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5255] <... mmap resumed>) = 0x7fa15b600000 [pid 5254] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5251] rt_sigprocmask(SIG_SETMASK, [], [pid 5258] <... set_robust_list resumed>) = 0 [pid 5257] memfd_create("syzkaller", 0 [pid 5256] <... write resumed>) = 65536 [pid 5254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163ab3990, parent_tid=0x7fa163ab3990, exit_signal=0, stack=0x7fa163a93000, stack_size=0x20300, tls=0x7fa163ab36c0} [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5258] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5258] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5251] <... futex resumed>) = 0 [pid 5258] memfd_create("syzkaller", 0 [pid 5257] <... memfd_create resumed>) = 3 [pid 5251] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5254] <... clone3 resumed> => {parent_tid=[5259]}, 88) = 5259 [pid 5257] <... mmap resumed>) = 0x7fa15b600000 [pid 5254] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5259 attached [pid 5258] <... memfd_create resumed>) = 3 [pid 5257] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5256] munmap(0x7fa15b600000, 138412032 [pid 5254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5259] rseq(0x7fa163ab3fe0, 0x20, 0, 0x53053053) = 0 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5256] <... munmap resumed>) = 0 [pid 5255] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5254] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] set_robust_list(0x7fa163ab39a0, 24 [pid 5258] <... mmap resumed>) = 0x7fa15b600000 [pid 5254] <... futex resumed>) = 0 [pid 5255] <... write resumed>) = 65536 [pid 5254] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5259] <... set_robust_list resumed>) = 0 [pid 5259] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5258] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5256] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5255] munmap(0x7fa15b600000, 138412032 [pid 5257] <... write resumed>) = 65536 [pid 5257] munmap(0x7fa15b600000, 138412032) = 0 [pid 5256] <... openat resumed>) = 4 [pid 5257] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5257] ioctl(4, LOOP_SET_FD, 3 [pid 5259] memfd_create("syzkaller", 0 [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 5255] <... munmap resumed>) = 0 [pid 5258] <... write resumed>) = 65536 [pid 5259] <... memfd_create resumed>) = 3 [pid 5257] <... ioctl resumed>) = 0 [pid 5256] <... ioctl resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa15b600000 [pid 5258] munmap(0x7fa15b600000, 138412032 [pid 5257] close(3 [pid 5256] close(3 [pid 5255] <... openat resumed>) = 4 [pid 5256] <... close resumed>) = 0 [pid 5255] ioctl(4, LOOP_SET_FD, 3 [pid 5258] <... munmap resumed>) = 0 [pid 5257] <... close resumed>) = 0 [pid 5256] close(4 [pid 5257] close(4 [pid 5256] <... close resumed>) = 0 [pid 5256] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5257] <... close resumed>) = 0 [pid 5256] <... mkdir resumed>) = 0 [pid 5257] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5258] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5257] <... mkdir resumed>) = 0 [pid 5258] <... openat resumed>) = 4 [pid 5258] ioctl(4, LOOP_SET_FD, 3 [pid 5259] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x00\x80\x00\x00\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5257] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [ 181.883730][ T5256] loop2: detected capacity change from 0 to 128 [ 181.888373][ T5257] loop3: detected capacity change from 0 to 128 [ 181.904674][ T5255] loop0: detected capacity change from 0 to 128 [ 181.911808][ T5258] loop1: detected capacity change from 0 to 128 [ 181.920684][ T5256] ======================================================= [pid 5256] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5259] <... write resumed>) = 65536 [pid 5258] <... ioctl resumed>) = 0 [pid 5255] <... ioctl resumed>) = 0 [pid 5259] munmap(0x7fa15b600000, 138412032 [pid 5258] close(3 [pid 5255] close(3) = 0 [pid 5255] close(4 [pid 5259] <... munmap resumed>) = 0 [pid 5258] <... close resumed>) = 0 [pid 5255] <... close resumed>) = 0 [pid 5255] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5258] close(4) = 0 [pid 5255] <... mkdir resumed>) = 0 [pid 5258] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5255] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5258] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5259] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5259] ioctl(4, LOOP_SET_FD, 3 [pid 5257] <... mount resumed>) = 0 [ 181.920684][ T5256] WARNING: The mand mount option has been deprecated and [ 181.920684][ T5256] and is ignored by this kernel. Remove the mand [ 181.920684][ T5256] option from the mount to silence this warning. [ 181.920684][ T5256] ======================================================= [pid 5257] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5259] <... ioctl resumed>) = 0 [pid 5257] <... openat resumed>) = 3 [pid 5257] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5257] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5259] close(3 [pid 5258] <... mount resumed>) = 0 [pid 5255] <... mount resumed>) = 0 [pid 5258] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5257] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5255] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5257] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] <... close resumed>) = 0 [pid 5257] <... futex resumed>) = 1 [pid 5255] <... openat resumed>) = 3 [pid 5252] <... futex resumed>) = 0 [pid 5258] <... openat resumed>) = 3 [pid 5257] futex(0x7fa163b8f6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5252] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] close(4 [pid 5257] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5255] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5257] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5252] <... futex resumed>) = 0 [pid 5258] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5255] <... chdir resumed>) = 0 [pid 5259] <... close resumed>) = 0 [pid 5259] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5259] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff") = 0 [pid 5258] <... chdir resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5252] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5258] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5259] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5258] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5255] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5259] <... openat resumed>) = 3 [pid 5259] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5259] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5259] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5259] futex(0x7fa163b8f6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5254] <... futex resumed>) = 0 [pid 5258] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5255] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5258] <... futex resumed>) = 1 [pid 5255] <... futex resumed>) = 1 [pid 5258] futex(0x7fa163b8f6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5254] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5255] futex(0x7fa163b8f6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5259] <... futex resumed>) = 0 [ 181.978510][ T5259] loop4: detected capacity change from 0 to 128 [ 182.003006][ T5257] syz-executor102: attempt to access beyond end of device [ 182.003006][ T5257] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5256] <... mount resumed>) = 0 [pid 5254] <... futex resumed>) = 1 [pid 5251] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5259] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5250] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5256] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5254] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5251] <... futex resumed>) = 1 [pid 5256] <... openat resumed>) = 3 [pid 5251] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5256] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f" [pid 5250] <... futex resumed>) = 1 [pid 5256] <... chdir resumed>) = 0 [pid 5250] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5256] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5256] futex(0x7fa163b8f6ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5256] futex(0x7fa163b8f6a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5258] <... futex resumed>) = 0 [pid 5255] <... futex resumed>) = 0 [pid 5252] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5258] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5255] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5252] futex(0x7fa163b8f6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5249] <... futex resumed>) = 0 [pid 5249] futex(0x7fa163b8f6a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5256] <... futex resumed>) = 0 [pid 5252] <... futex resumed>) = 0 [pid 5249] <... futex resumed>) = 1 [ 182.038869][ T5257] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 182.043121][ T5259] syz-executor102: attempt to access beyond end of device [ 182.043121][ T5259] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 182.048543][ T5257] syz-executor102: attempt to access beyond end of device [ 182.048543][ T5257] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 182.077576][ T5255] syz-executor102: attempt to access beyond end of device [pid 5256] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5252] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5249] futex(0x7fa163b8f6ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5250] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5254] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5251] futex(0x7fa163b8f6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7fa163b8f6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] futex(0x7fa163b8f6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [pid 5254] <... futex resumed>) = 0 [pid 5251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5251] <... mmap resumed>) = 0x7fa163a72000 [pid 5250] <... mmap resumed>) = 0x7fa163a72000 [pid 5254] <... mmap resumed>) = 0x7fa163a72000 [pid 5251] mprotect(0x7fa163a73000, 131072, PROT_READ|PROT_WRITE [pid 5250] mprotect(0x7fa163a73000, 131072, PROT_READ|PROT_WRITE [pid 5252] <... mmap resumed>) = 0x7fa163a72000 [pid 5254] mprotect(0x7fa163a73000, 131072, PROT_READ|PROT_WRITE [pid 5252] mprotect(0x7fa163a73000, 131072, PROT_READ|PROT_WRITE [pid 5251] <... mprotect resumed>) = 0 [pid 5250] <... mprotect resumed>) = 0 [pid 5254] <... mprotect resumed>) = 0 [pid 5251] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5250] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5254] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5251] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5250] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5254] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163a92990, parent_tid=0x7fa163a92990, exit_signal=0, stack=0x7fa163a72000, stack_size=0x20300, tls=0x7fa163a926c0} [pid 5250] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163a92990, parent_tid=0x7fa163a92990, exit_signal=0, stack=0x7fa163a72000, stack_size=0x20300, tls=0x7fa163a926c0} [pid 5254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163a92990, parent_tid=0x7fa163a92990, exit_signal=0, stack=0x7fa163a72000, stack_size=0x20300, tls=0x7fa163a926c0} [pid 5251] <... clone3 resumed> => {parent_tid=[5263]}, 88) = 5263 [pid 5250] <... clone3 resumed> => {parent_tid=[5262]}, 88) = 5262 [pid 5254] <... clone3 resumed> => {parent_tid=[5264]}, 88) = 5264 [pid 5251] rt_sigprocmask(SIG_SETMASK, [], [pid 5250] rt_sigprocmask(SIG_SETMASK, [], [pid 5254] rt_sigprocmask(SIG_SETMASK, [], [pid 5251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5250] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5263 attached [pid 5254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5252] <... mprotect resumed>) = 0 [pid 5251] futex(0x7fa163b8f6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5250] futex(0x7fa163b8f6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5254] futex(0x7fa163b8f6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = 0 [pid 5250] <... futex resumed>) = 0 [ 182.077576][ T5255] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 182.084583][ T5256] syz-executor102: attempt to access beyond end of device [ 182.084583][ T5256] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 182.094250][ T5258] syz-executor102: attempt to access beyond end of device [ 182.094250][ T5258] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 182.125133][ T5255] Buffer I/O error on dev loop0, logical block 3245768, async page read ./strace-static-x86_64: Process 5262 attached [pid 5263] rseq(0x7fa163a92fe0, 0x20, 0, 0x53053053 [pid 5254] <... futex resumed>) = 0 [pid 5252] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5251] futex(0x7fa163b8f6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5250] futex(0x7fa163b8f6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5264 attached [pid 5262] rseq(0x7fa163a92fe0, 0x20, 0, 0x53053053 [pid 5254] futex(0x7fa163b8f6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5264] rseq(0x7fa163a92fe0, 0x20, 0, 0x53053053 [pid 5263] <... rseq resumed>) = 0 [pid 5262] <... rseq resumed>) = 0 [pid 5252] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5264] <... rseq resumed>) = 0 [pid 5262] set_robust_list(0x7fa163a929a0, 24 [pid 5264] set_robust_list(0x7fa163a929a0, 24 [pid 5262] <... set_robust_list resumed>) = 0 [pid 5264] <... set_robust_list resumed>) = 0 [pid 5262] rt_sigprocmask(SIG_SETMASK, [], [pid 5264] rt_sigprocmask(SIG_SETMASK, [], [pid 5262] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5262] openat(AT_FDCWD, "cpuacct.usage_percpu_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [ 182.134601][ T5255] syz-executor102: attempt to access beyond end of device [ 182.134601][ T5255] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 182.136735][ T5259] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 182.149249][ T5257] Buffer I/O error on dev loop3, logical block 8833403, async page read [ 182.166516][ T5258] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 182.171093][ T5259] syz-executor102: attempt to access beyond end of device [ 182.171093][ T5259] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5264] openat(AT_FDCWD, "cpuacct.usage_percpu_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5263] set_robust_list(0x7fa163a929a0, 24 [pid 5252] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163a92990, parent_tid=0x7fa163a92990, exit_signal=0, stack=0x7fa163a72000, stack_size=0x20300, tls=0x7fa163a926c0} [pid 5249] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5263] <... set_robust_list resumed>) = 0 [pid 5249] futex(0x7fa163b8f6bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5251] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5250] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) ./strace-static-x86_64: Process 5265 attached [pid 5254] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5265] rseq(0x7fa163a92fe0, 0x20, 0, 0x53053053) = 0 [pid 5265] set_robust_list(0x7fa163a929a0, 24) = 0 [pid 5265] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5265] futex(0x7fa163b8f6b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5263] rt_sigprocmask(SIG_SETMASK, [], [pid 5252] <... clone3 resumed> => {parent_tid=[5265]}, 88) = 5265 [pid 5249] <... futex resumed>) = 0 [ 182.175276][ T5258] syz-executor102: attempt to access beyond end of device [ 182.175276][ T5258] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 182.191426][ T5259] Buffer I/O error on dev loop4, logical block 8833403, async page read [ 182.204529][ T5255] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 182.220741][ T5257] syz-executor102: attempt to access beyond end of device [ 182.220741][ T5257] loop3: rw=0, sector=26539618, nr_sectors = 2 limit=128 [pid 5263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5252] rt_sigprocmask(SIG_SETMASK, [], [pid 5249] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5263] openat(AT_FDCWD, "cpuacct.usage_percpu_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5252] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] <... mmap resumed>) = 0x7fa163a72000 [pid 5252] futex(0x7fa163b8f6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5249] mprotect(0x7fa163a73000, 131072, PROT_READ|PROT_WRITE [pid 5265] <... futex resumed>) = 0 [pid 5252] <... futex resumed>) = 1 [pid 5249] <... mprotect resumed>) = 0 [pid 5252] futex(0x7fa163b8f6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5249] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5265] openat(AT_FDCWD, "cpuacct.usage_percpu_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5249] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5249] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fa163a92990, parent_tid=0x7fa163a92990, exit_signal=0, stack=0x7fa163a72000, stack_size=0x20300, tls=0x7fa163a926c0}./strace-static-x86_64: Process 5266 attached => {parent_tid=[5266]}, 88) = 5266 [ 182.221741][ T5259] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 182.235248][ T5255] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 182.244933][ T5256] Buffer I/O error on dev loop2, logical block 3245768, async page read [pid 5266] rseq(0x7fa163a92fe0, 0x20, 0, 0x53053053 [pid 5249] rt_sigprocmask(SIG_SETMASK, [], [pid 5266] <... rseq resumed>) = 0 [pid 5249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5266] set_robust_list(0x7fa163a929a0, 24) = 0 [pid 5249] futex(0x7fa163b8f6b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5266] rt_sigprocmask(SIG_SETMASK, [], [pid 5249] <... futex resumed>) = 0 [pid 5266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5249] futex(0x7fa163b8f6bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5266] openat(AT_FDCWD, "cpuacct.usage_percpu_sys", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 [pid 5252] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5249] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5250] exit_group(0 [pid 5254] exit_group(0 [pid 5250] <... exit_group resumed>) = ? [pid 5254] <... exit_group resumed>) = ? [pid 5251] exit_group(0) = ? [pid 5252] exit_group(0 [pid 5249] exit_group(0 [pid 5252] <... exit_group resumed>) = ? [pid 5249] <... exit_group resumed>) = ? [pid 5246] kill(-5249, SIGKILL [pid 5245] kill(-5251, SIGKILL [pid 5244] kill(-5250, SIGKILL [pid 5246] <... kill resumed>) = 0 [pid 5245] <... kill resumed>) = 0 [pid 5246] kill(5249, SIGKILL [pid 5245] kill(5251, SIGKILL [pid 5246] <... kill resumed>) = 0 [pid 5245] <... kill resumed>) = 0 [pid 5244] <... kill resumed>) = 0 [pid 5244] kill(5250, SIGKILL) = 0 [pid 5247] kill(-5252, SIGKILL) = 0 [pid 5247] kill(5252, SIGKILL) = 0 [pid 5248] kill(-5254, SIGKILL) = 0 [pid 5248] kill(5254, SIGKILL) = 0 [pid 5246] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5246] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5246] getdents64(3, 0x555579f85730 /* 2 entries */, 32768) = 48 [pid 5246] getdents64(3, 0x555579f85730 /* 0 entries */, 32768) = 0 [pid 5246] close(3) = 0 [pid 5247] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5247] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5247] getdents64(3, 0x555579f85730 /* 2 entries */, 32768) = 48 [pid 5247] getdents64(3, 0x555579f85730 /* 0 entries */, 32768) = 0 [pid 5247] close(3) = 0 [pid 5245] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5245] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5245] getdents64(3, 0x555579f85730 /* 2 entries */, 32768) = 48 [pid 5245] getdents64(3, 0x555579f85730 /* 0 entries */, 32768) = 0 [pid 5245] close(3) = 0 [pid 5248] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5248] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5248] getdents64(3, 0x555579f85730 /* 2 entries */, 32768) = 48 [pid 5248] getdents64(3, 0x555579f85730 /* 0 entries */, 32768) = 0 [pid 5248] close(3) = 0 [pid 5244] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5244] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5244] getdents64(3, 0x555579f85730 /* 2 entries */, 32768) = 48 [pid 5244] getdents64(3, 0x555579f85730 /* 0 entries */, 32768) = 0 [pid 5244] close(3) = 0 [ 430.142313][ T30] INFO: task syz-executor102:5262 blocked for more than 143 seconds. [ 430.150704][ T30] Not tainted 6.11.0-rc7-syzkaller #0 [ 430.202199][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.210960][ T30] task:syz-executor102 state:D stack:27320 pid:5262 tgid:5250 ppid:5244 flags:0x00004006 [ 430.282195][ T30] Call Trace: [ 430.285559][ T30] [ 430.288534][ T30] __schedule+0x17ae/0x4a10 [ 430.332240][ T30] ? __pfx___schedule+0x10/0x10 [ 430.337201][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.372333][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 430.378405][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 430.422199][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 430.427413][ T30] ? schedule+0x90/0x320 [ 430.431727][ T30] schedule+0x14b/0x320 [ 430.472190][ T30] schedule_preempt_disabled+0x13/0x30 [ 430.477745][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 430.522223][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 430.528232][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 430.572193][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 430.577421][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 430.612189][ T30] down_write+0x1d7/0x220 [ 430.616609][ T30] ? __pfx_down_write+0x10/0x10 [ 430.621503][ T30] ? sb_end_write+0xe9/0x1c0 [ 430.662225][ T30] path_openat+0x7fb/0x3470 [ 430.666837][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 430.702241][ T30] ? __lock_acquire+0x137a/0x2040 [ 430.707385][ T30] ? __pfx_path_openat+0x10/0x10 [ 430.742227][ T30] do_filp_open+0x235/0x490 [ 430.746841][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 430.751953][ T30] ? _raw_spin_unlock+0x28/0x50 [ 430.809220][ T30] ? alloc_fd+0x5a1/0x640 [ 430.832209][ T30] do_sys_openat2+0x13e/0x1d0 [ 430.836973][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 430.872191][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 430.877560][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 430.912181][ T30] ? ptrace_notify+0x279/0x380 [ 430.917041][ T30] __x64_sys_openat+0x247/0x2a0 [ 430.921940][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 430.982205][ T30] ? do_syscall_64+0x100/0x230 [ 430.987071][ T30] do_syscall_64+0xf3/0x230 [ 430.991613][ T30] ? clear_bhb_loop+0x35/0x90 [ 431.032243][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.038242][ T30] RIP: 0033:0x7fa163afdbc9 [ 431.072197][ T30] RSP: 002b:00007fa163a92238 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 431.080698][ T30] RAX: ffffffffffffffda RBX: 00007fa163b8f6b8 RCX: 00007fa163afdbc9 [ 431.152182][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 431.160235][ T30] RBP: 00007fa163b8f6b0 R08: 00007ffc941efc27 R09: 00007fa163a926c0 [ 431.202204][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa163b520c0 [ 431.210252][ T30] R13: 000000000000006e R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 431.282242][ T30] [ 431.285416][ T30] INFO: task syz-executor102:5266 blocked for more than 144 seconds. [ 431.322389][ T30] Not tainted 6.11.0-rc7-syzkaller #0 [ 431.328352][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 431.372197][ T30] task:syz-executor102 state:D stack:26808 pid:5266 tgid:5249 ppid:5246 flags:0x00004006 [ 431.412318][ T30] Call Trace: [ 431.415666][ T30] [ 431.418632][ T30] __schedule+0x17ae/0x4a10 [ 431.462233][ T30] ? __pfx___schedule+0x10/0x10 [ 431.467189][ T30] ? __pfx_lock_release+0x10/0x10 [ 431.502197][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 431.508270][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 431.562203][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 431.567501][ T30] ? schedule+0x90/0x320 [ 431.571794][ T30] schedule+0x14b/0x320 [ 431.612202][ T30] schedule_preempt_disabled+0x13/0x30 [ 431.617808][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 431.662187][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 431.668234][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 431.712233][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 431.717365][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 431.752208][ T30] down_write+0x1d7/0x220 [ 431.756623][ T30] ? __pfx_down_write+0x10/0x10 [ 431.761519][ T30] ? sb_end_write+0xe9/0x1c0 [ 431.802202][ T30] path_openat+0x7fb/0x3470 [ 431.806890][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 431.842191][ T30] ? __lock_acquire+0x137a/0x2040 [ 431.847338][ T30] ? __pfx_path_openat+0x10/0x10 [ 431.882215][ T30] do_filp_open+0x235/0x490 [ 431.886812][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 431.891923][ T30] ? _raw_spin_unlock+0x28/0x50 [ 431.952208][ T30] ? alloc_fd+0x5a1/0x640 [ 431.956642][ T30] do_sys_openat2+0x13e/0x1d0 [ 431.961369][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.002185][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 432.007464][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 432.052205][ T30] ? ptrace_notify+0x279/0x380 [ 432.057065][ T30] __x64_sys_openat+0x247/0x2a0 [ 432.061959][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.112209][ T30] ? do_syscall_64+0x100/0x230 [ 432.117062][ T30] do_syscall_64+0xf3/0x230 [ 432.121602][ T30] ? clear_bhb_loop+0x35/0x90 [ 432.162202][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.168179][ T30] RIP: 0033:0x7fa163afdbc9 [ 432.212277][ T30] RSP: 002b:00007fa163a92238 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.220774][ T30] RAX: ffffffffffffffda RBX: 00007fa163b8f6b8 RCX: 00007fa163afdbc9 [ 432.282190][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 432.290239][ T30] RBP: 00007fa163b8f6b0 R08: 00007ffc941efc27 R09: 00007fa163a926c0 [ 432.342197][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa163b520c0 [ 432.350239][ T30] R13: 000000000000006e R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 432.412651][ T30] [ 432.415808][ T30] INFO: task syz-executor102:5263 blocked for more than 145 seconds. [ 432.452301][ T30] Not tainted 6.11.0-rc7-syzkaller #0 [ 432.458255][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 432.502195][ T30] task:syz-executor102 state:D stack:27952 pid:5263 tgid:5251 ppid:5245 flags:0x00004006 [ 432.542186][ T30] Call Trace: [ 432.545538][ T30] [ 432.548505][ T30] __schedule+0x17ae/0x4a10 [ 432.602234][ T30] ? __pfx___schedule+0x10/0x10 [ 432.607180][ T30] ? __pfx_lock_release+0x10/0x10 [ 432.642457][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 432.648529][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 432.692214][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 432.697442][ T30] ? schedule+0x90/0x320 [ 432.701760][ T30] schedule+0x14b/0x320 [ 432.742194][ T30] schedule_preempt_disabled+0x13/0x30 [ 432.747933][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 432.792207][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 432.798211][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 432.842215][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 432.847368][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 432.882190][ T30] down_write+0x1d7/0x220 [ 432.886700][ T30] ? __pfx_down_write+0x10/0x10 [ 432.891609][ T30] ? sb_end_write+0xe9/0x1c0 [ 432.932212][ T30] path_openat+0x7fb/0x3470 [ 432.936835][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 432.972211][ T30] ? __lock_acquire+0x137a/0x2040 [ 432.977344][ T30] ? __pfx_path_openat+0x10/0x10 [ 433.022256][ T30] do_filp_open+0x235/0x490 [ 433.026856][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 433.032041][ T30] ? _raw_spin_unlock+0x28/0x50 [ 433.082202][ T30] ? alloc_fd+0x5a1/0x640 [ 433.086637][ T30] do_sys_openat2+0x13e/0x1d0 [ 433.091357][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 433.132226][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 433.137505][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 433.182232][ T30] ? ptrace_notify+0x279/0x380 [ 433.187088][ T30] __x64_sys_openat+0x247/0x2a0 [ 433.191983][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 433.242189][ T30] ? do_syscall_64+0x100/0x230 [ 433.247052][ T30] do_syscall_64+0xf3/0x230 [ 433.251609][ T30] ? clear_bhb_loop+0x35/0x90 [ 433.302187][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.308174][ T30] RIP: 0033:0x7fa163afdbc9 [ 433.342187][ T30] RSP: 002b:00007fa163a92238 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 433.350686][ T30] RAX: ffffffffffffffda RBX: 00007fa163b8f6b8 RCX: 00007fa163afdbc9 [ 433.412287][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 433.420341][ T30] RBP: 00007fa163b8f6b0 R08: 00007ffc941efc27 R09: 00007fa163a926c0 [ 433.482184][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa163b520c0 [ 433.490247][ T30] R13: 000000000000006e R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 433.542219][ T30] [ 433.545400][ T30] INFO: task syz-executor102:5265 blocked for more than 146 seconds. [ 433.582215][ T30] Not tainted 6.11.0-rc7-syzkaller #0 [ 433.588193][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 433.642216][ T30] task:syz-executor102 state:D stack:27952 pid:5265 tgid:5252 ppid:5247 flags:0x00004006 [ 433.692181][ T30] Call Trace: [ 433.695536][ T30] [ 433.698551][ T30] __schedule+0x17ae/0x4a10 [ 433.742234][ T30] ? __pfx___schedule+0x10/0x10 [ 433.747191][ T30] ? __pfx_lock_release+0x10/0x10 [ 433.782511][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 433.788600][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 433.832185][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 433.837423][ T30] ? schedule+0x90/0x320 [ 433.841712][ T30] schedule+0x14b/0x320 [ 433.882207][ T30] schedule_preempt_disabled+0x13/0x30 [ 433.887764][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 433.932203][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 433.938223][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 433.982198][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 433.987335][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 434.022225][ T30] down_write+0x1d7/0x220 [ 434.026680][ T30] ? __pfx_down_write+0x10/0x10 [ 434.031584][ T30] ? sb_end_write+0xe9/0x1c0 [ 434.072216][ T30] path_openat+0x7fb/0x3470 [ 434.076828][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 434.112189][ T30] ? __lock_acquire+0x137a/0x2040 [ 434.117318][ T30] ? __pfx_path_openat+0x10/0x10 [ 434.152215][ T30] do_filp_open+0x235/0x490 [ 434.156818][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 434.161919][ T30] ? _raw_spin_unlock+0x28/0x50 [ 434.222216][ T30] ? alloc_fd+0x5a1/0x640 [ 434.226652][ T30] do_sys_openat2+0x13e/0x1d0 [ 434.231372][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 434.272187][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 434.277560][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 434.322212][ T30] ? ptrace_notify+0x279/0x380 [ 434.327085][ T30] __x64_sys_openat+0x247/0x2a0 [ 434.331986][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 434.382204][ T30] ? do_syscall_64+0x100/0x230 [ 434.387068][ T30] do_syscall_64+0xf3/0x230 [ 434.391626][ T30] ? clear_bhb_loop+0x35/0x90 [ 434.442198][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.448194][ T30] RIP: 0033:0x7fa163afdbc9 [ 434.482187][ T30] RSP: 002b:00007fa163a92238 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 434.490697][ T30] RAX: ffffffffffffffda RBX: 00007fa163b8f6b8 RCX: 00007fa163afdbc9 [ 434.552179][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 434.560232][ T30] RBP: 00007fa163b8f6b0 R08: 00007fa163a926c0 R09: 00007fa163a926c0 [ 434.622194][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa163b520c0 [ 434.630245][ T30] R13: 000000000000006e R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 434.682198][ T30] [ 434.702201][ T30] INFO: task syz-executor102:5264 blocked for more than 147 seconds. [ 434.710363][ T30] Not tainted 6.11.0-rc7-syzkaller #0 [ 434.752237][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 434.760988][ T30] task:syz-executor102 state:D stack:27952 pid:5264 tgid:5254 ppid:5248 flags:0x00004006 [ 434.832209][ T30] Call Trace: [ 434.835565][ T30] [ 434.838526][ T30] __schedule+0x17ae/0x4a10 [ 434.872235][ T30] ? __pfx___schedule+0x10/0x10 [ 434.877178][ T30] ? __pfx_lock_release+0x10/0x10 [ 434.912426][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 434.918510][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 434.972251][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 434.977464][ T30] ? schedule+0x90/0x320 [ 434.981754][ T30] schedule+0x14b/0x320 [ 435.022191][ T30] schedule_preempt_disabled+0x13/0x30 [ 435.027741][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 435.062195][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 435.068197][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 435.122206][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 435.127360][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 435.162202][ T30] down_write+0x1d7/0x220 [ 435.166637][ T30] ? __pfx_down_write+0x10/0x10 [ 435.171536][ T30] ? sb_end_write+0xe9/0x1c0 [ 435.212266][ T30] path_openat+0x7fb/0x3470 [ 435.217044][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 435.262364][ T30] ? __lock_acquire+0x137a/0x2040 [ 435.267841][ T30] ? __pfx_path_openat+0x10/0x10 [ 435.302220][ T30] do_filp_open+0x235/0x490 [ 435.306812][ T30] ? __pfx_do_filp_open+0x10/0x10 [ 435.311906][ T30] ? _raw_spin_unlock+0x28/0x50 [ 435.362257][ T30] ? alloc_fd+0x5a1/0x640 [ 435.366688][ T30] do_sys_openat2+0x13e/0x1d0 [ 435.371413][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 435.422256][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 435.427555][ T30] ? _raw_spin_unlock_irq+0x2e/0x50 [ 435.472279][ T30] ? ptrace_notify+0x279/0x380 [ 435.477493][ T30] __x64_sys_openat+0x247/0x2a0 [ 435.512188][ T30] ? __pfx___x64_sys_openat+0x10/0x10 [ 435.517657][ T30] ? do_syscall_64+0x100/0x230 [ 435.552202][ T30] do_syscall_64+0xf3/0x230 [ 435.556791][ T30] ? clear_bhb_loop+0x35/0x90 [ 435.561512][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.602256][ T30] RIP: 0033:0x7fa163afdbc9 [ 435.606956][ T30] RSP: 002b:00007fa163a92238 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 435.672196][ T30] RAX: ffffffffffffffda RBX: 00007fa163b8f6b8 RCX: 00007fa163afdbc9 [ 435.680245][ T30] RDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c [ 435.722264][ T30] RBP: 00007fa163b8f6b0 R08: 00007ffc941efc27 R09: 00007fa163a926c0 [ 435.730314][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa163b520c0 [ 435.802180][ T30] R13: 000000000000006e R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 435.810248][ T30] [ 435.842190][ T30] [ 435.842190][ T30] Showing all locks held in the system: [ 435.849974][ T30] 1 lock held by khungtaskd/30: [ 435.892223][ T30] #0: ffffffff8e738320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 435.932201][ T30] 1 lock held by kswapd0/90: [ 435.936862][ T30] 1 lock held by kswapd1/91: [ 435.941558][ T30] 2 locks held by getty/4980: [ 435.992196][ T30] #0: ffff88803086b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 436.002083][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 436.072204][ T30] 1 lock held by syz-executor102/5255: [ 436.077749][ T30] 1 lock held by syz-executor102/5262: [ 436.123114][ T30] #0: ffff888078304c00 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x7fb/0x3470 [ 436.172195][ T30] 2 locks held by syz-executor102/5256: [ 436.177819][ T30] 1 lock held by syz-executor102/5266: [ 436.212298][ T30] #0: ffff888078305140 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x7fb/0x3470 [ 436.252222][ T30] 1 lock held by syz-executor102/5258: [ 436.257757][ T30] 1 lock held by syz-executor102/5263: [ 436.292203][ T30] #0: ffff8880783046c0 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x7fb/0x3470 [ 436.332217][ T30] 2 locks held by syz-executor102/5257: [ 436.337831][ T30] 1 lock held by syz-executor102/5265: [ 436.382190][ T30] #0: ffff888078304180 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x7fb/0x3470 [ 436.422188][ T30] 1 lock held by syz-executor102/5259: [ 436.427710][ T30] 1 lock held by syz-executor102/5264: [ 436.462180][ T30] #0: ffff888072498180 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x7fb/0x3470 [ 436.512221][ T30] [ 436.514609][ T30] ============================================= [ 436.514609][ T30] [ 436.552187][ T30] NMI backtrace for cpu 0 [ 436.556609][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller #0 [ 436.565409][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 436.575474][ T30] Call Trace: [ 436.578760][ T30] [ 436.581717][ T30] dump_stack_lvl+0x241/0x360 [ 436.586410][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 436.591706][ T30] ? __pfx__printk+0x10/0x10 [ 436.596300][ T30] ? vprintk_emit+0x667/0x7c0 [ 436.600986][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 436.606116][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 436.611081][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 436.616554][ T30] ? _printk+0xd5/0x120 [ 436.620717][ T30] ? __pfx__printk+0x10/0x10 [ 436.625315][ T30] ? __wake_up_klogd+0xcc/0x110 [ 436.630177][ T30] ? __pfx__printk+0x10/0x10 [ 436.634834][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 436.639887][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 436.645890][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 436.651895][ T30] watchdog+0xff4/0x1040 [ 436.656156][ T30] ? watchdog+0x1ea/0x1040 [ 436.660594][ T30] ? __pfx_watchdog+0x10/0x10 [ 436.665286][ T30] kthread+0x2f0/0x390 [ 436.669377][ T30] ? __pfx_watchdog+0x10/0x10 [ 436.674083][ T30] ? __pfx_kthread+0x10/0x10 [ 436.678708][ T30] ret_from_fork+0x4b/0x80 [ 436.683152][ T30] ? __pfx_kthread+0x10/0x10 [ 436.687758][ T30] ret_from_fork_asm+0x1a/0x30 [ 436.692724][ T30] [ 436.695933][ T30] Sending NMI from CPU 0 to CPUs 1: [ 436.701207][ C1] NMI backtrace for cpu 1 [ 436.701222][ C1] CPU: 1 UID: 0 PID: 5259 Comm: syz-executor102 Not tainted 6.11.0-rc7-syzkaller #0 [ 436.701243][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 436.701254][ C1] RIP: 0010:xas_load+0x88/0x5c0 [ 436.701276][ C1] Code: 4c 89 64 24 08 4c 89 6c 24 30 44 89 f3 83 e3 03 bf 02 00 00 00 48 89 de e8 85 6f e7 f5 49 81 fe 01 10 00 00 0f 82 00 05 00 00 <83> fb 02 0f 85 f7 04 00 00 49 8d 5e fe 48 8b 44 24 38 0f b6 04 28 [ 436.701296][ C1] RSP: 0018:ffffc90003d26e40 EFLAGS: 00000282 [ 436.701312][ C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffff888079808000 [ 436.701325][ C1] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 436.701335][ C1] RBP: dffffc0000000000 R08: ffffffff8bac21bb R09: 1ffffffff27f4d08 [ 436.701348][ C1] R10: dffffc0000000000 R11: fffffbfff27f4d09 R12: ffffc90003d26f00 [ 436.701362][ C1] R13: ffffc90003d26f08 R14: ffff88805f254dc2 R15: ffff888022d3d918 [ 436.701375][ C1] FS: 00007fa163ab36c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 436.701391][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 436.701403][ C1] CR2: 00005610bcdf07f0 CR3: 0000000074eac000 CR4: 00000000003506f0 [ 436.701418][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 436.701428][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 436.701440][ C1] Call Trace: [ 436.701447][ C1] [ 436.701454][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 436.701478][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 436.701506][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 436.701529][ C1] ? nmi_handle+0x2a/0x5a0 [ 436.701556][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 436.701578][ C1] ? nmi_handle+0x14f/0x5a0 [ 436.701595][ C1] ? nmi_handle+0x2a/0x5a0 [ 436.701613][ C1] ? xas_load+0x88/0x5c0 [ 436.701628][ C1] ? default_do_nmi+0x63/0x160 [ 436.701653][ C1] ? exc_nmi+0x123/0x1f0 [ 436.701675][ C1] ? end_repeat_nmi+0xf/0x53 [ 436.701702][ C1] ? xas_load+0x7b/0x5c0 [ 436.701719][ C1] ? xas_load+0x88/0x5c0 [ 436.701735][ C1] ? xas_load+0x88/0x5c0 [ 436.701752][ C1] ? xas_load+0x88/0x5c0 [ 436.701767][ C1] [ 436.701773][ C1] [ 436.701786][ C1] filemap_get_entry+0x1f0/0x3b0 [ 436.701812][ C1] ? filemap_get_entry+0x123/0x3b0 [ 436.701836][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 436.701866][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 436.701894][ C1] __filemap_get_folio+0x79/0xc10 [ 436.701935][ C1] __find_get_block+0x28a/0x1150 [ 436.701959][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 436.701981][ C1] ? __find_get_block+0x321/0x1150 [ 436.702005][ C1] ? __pfx___find_get_block+0x10/0x10 [ 436.702030][ C1] ? folio_mark_accessed+0x6f6/0x11b0 [ 436.702055][ C1] ? folio_contains+0x22e/0x540 [ 436.702080][ C1] ? __asan_memset+0x23/0x50 [ 436.702098][ C1] ? folio_unlock+0x126/0x2f0 [ 436.702121][ C1] bdev_getblk+0x33/0x550 [ 436.702155][ C1] __bread_gfp+0x86/0x400 [ 436.702183][ C1] get_branch+0x2c3/0x6e0 [ 436.702223][ C1] get_block+0x180/0x16d0 [ 436.702256][ C1] ? create_empty_buffers+0x53e/0x740 [ 436.702281][ C1] ? __pfx_lock_release+0x10/0x10 [ 436.702322][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 436.702355][ C1] ? __pfx_get_block+0x10/0x10 [ 436.702389][ C1] ? zero_user_segments+0x2b4/0x320 [ 436.702410][ C1] block_read_full_folio+0x418/0xcd0 [ 436.702443][ C1] ? __pfx_get_block+0x10/0x10 [ 436.702467][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 436.702497][ C1] ? __pfx_lru_add_fn+0x10/0x10 [ 436.702523][ C1] ? folio_add_lru+0x4b3/0x9e0 [ 436.702546][ C1] ? folio_add_lru+0x27b/0x9e0 [ 436.702571][ C1] filemap_read_folio+0x1a0/0x790 [ 436.702597][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 436.702622][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 436.702648][ C1] ? __filemap_get_folio+0x984/0xc10 [ 436.702677][ C1] do_read_cache_folio+0x134/0x820 [ 436.702703][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 436.702730][ C1] do_read_cache_page+0x30/0x200 [ 436.702758][ C1] sysv_find_entry+0x1af/0x410 [ 436.702792][ C1] sysv_inode_by_name+0x98/0x1f0 [ 436.702809][ C1] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 436.702831][ C1] sysv_lookup+0x6b/0xe0 [ 436.702846][ C1] ? __pfx_sysv_lookup+0x10/0x10 [ 436.702862][ C1] path_openat+0x11cc/0x3470 [ 436.702904][ C1] ? __pfx_path_openat+0x10/0x10 [ 436.702938][ C1] do_filp_open+0x235/0x490 [ 436.702962][ C1] ? __pfx_do_filp_open+0x10/0x10 [ 436.702999][ C1] ? _raw_spin_unlock+0x28/0x50 [ 436.703023][ C1] ? alloc_fd+0x5a1/0x640 [ 436.703054][ C1] do_sys_openat2+0x13e/0x1d0 [ 436.703075][ C1] ? __pfx_do_sys_openat2+0x10/0x10 [ 436.703096][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 436.703113][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 436.703137][ C1] ? ptrace_notify+0x279/0x380 [ 436.703159][ C1] __x64_sys_open+0x225/0x270 [ 436.703180][ C1] ? __pfx___x64_sys_open+0x10/0x10 [ 436.703207][ C1] ? do_syscall_64+0x100/0x230 [ 436.703231][ C1] do_syscall_64+0xf3/0x230 [ 436.703249][ C1] ? clear_bhb_loop+0x35/0x90 [ 436.703272][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.703292][ C1] RIP: 0033:0x7fa163afdbc9 [ 436.703307][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 436.703320][ C1] RSP: 002b:00007fa163ab3238 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 436.703337][ C1] RAX: ffffffffffffffda RBX: 00007fa163b8f6a8 RCX: 00007fa163afdbc9 [ 436.703349][ C1] RDX: 0000000000000000 RSI: 000000000014927e RDI: 0000000020000180 [ 436.703360][ C1] RBP: 00007fa163b8f6a0 R08: 00007fa163ab36c0 R09: 00007fa163ab36c0 [ 436.703372][ C1] R10: 00007fa163ab36c0 R11: 0000000000000246 R12: 00007fa163b520c0 [ 436.703383][ C1] R13: 0000000000000006 R14: 00007ffc941efb40 R15: 00007ffc941efc28 [ 436.703403][ C1] [ 436.703411][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.204 msecs [ 437.192201][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 437.192227][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller #0 [ 437.192262][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 437.192277][ T30] Call Trace: [ 437.192287][ T30] [ 437.192299][ T30] dump_stack_lvl+0x241/0x360 [ 437.192337][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 437.192365][ T30] ? __pfx__printk+0x10/0x10 [ 437.192387][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 437.192429][ T30] ? vscnprintf+0x5d/0x90 [ 437.192462][ T30] panic+0x349/0x860 [ 437.192489][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 437.192523][ T30] ? __pfx_panic+0x10/0x10 [ 437.192544][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 437.192573][ T30] ? __irq_work_queue_local+0x137/0x410 [ 437.192607][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 437.192633][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 437.192665][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 437.192699][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 437.192735][ T30] watchdog+0x1033/0x1040 [ 437.192771][ T30] ? watchdog+0x1ea/0x1040 [ 437.192811][ T30] ? __pfx_watchdog+0x10/0x10 [ 437.192844][ T30] kthread+0x2f0/0x390 [ 437.192880][ T30] ? __pfx_watchdog+0x10/0x10 [ 437.192912][ T30] ? __pfx_kthread+0x10/0x10 [ 437.192949][ T30] ret_from_fork+0x4b/0x80 [ 437.192981][ T30] ? __pfx_kthread+0x10/0x10 [ 437.193016][ T30] ret_from_fork_asm+0x1a/0x30 [ 437.193065][ T30] [ 437.193889][ T30] Kernel Offset: disabled [ 437.443082][ T30] Rebooting in 86400 seconds..