./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor927585945 <...> Warning: Permanently added '10.128.1.79' (ED25519) to the list of known hosts. execve("./syz-executor927585945", ["./syz-executor927585945"], 0x7ffe76f936d0 /* 10 vars */) = 0 brk(NULL) = 0x555586041000 brk(0x555586041d40) = 0x555586041d40 arch_prctl(ARCH_SET_FS, 0x5555860413c0) = 0 set_tid_address(0x555586041690) = 5829 set_robust_list(0x5555860416a0, 24) = 0 rseq(0x555586041ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor927585945", 4096) = 27 getrandom("\x01\xa2\x3d\x4a\xbd\x44\x23\xb8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555586041d40 brk(0x555586062d40) = 0x555586062d40 brk(0x555586063000) = 0x555586063000 mprotect(0x7fdd8bd3b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached , child_tidptr=0x555586041690) = 5830 [pid 5830] set_robust_list(0x5555860416a0, 24 [pid 5829] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC [pid 5830] <... set_robust_list resumed>) = 0 [pid 5829] <... openat resumed>) = 3 [pid 5829] write(3, "10000000000", 11) = 11 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "20", 2) = 2 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "0", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "0", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "100", 3) = 3 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "0", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "0", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "7 4 1 3", 7) = 7 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "1", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "0", 1) = 1 [pid 5829] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5829] write(3, "5830", 4) = 4 [pid 5829] close(3) = 0 [pid 5829] kill(5830, SIGKILL) = 0 [pid 5830] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5830, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached , child_tidptr=0x555586041690) = 5831 [pid 5831] set_robust_list(0x5555860416a0, 24) = 0 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] mkdir("./syzkaller.3b067R", 0700./strace-static-x86_64: Process 5832 attached [pid 5829] <... clone resumed>, child_tidptr=0x555586041690) = 5832 [pid 5832] set_robust_list(0x5555860416a0, 24 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... set_robust_list resumed>) = 0 [pid 5832] mkdir("./syzkaller.UUstyR", 0700 [pid 5831] <... mkdir resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x555586041690) = 5833 [pid 5831] chmod("./syzkaller.3b067R", 0777./strace-static-x86_64: Process 5833 attached [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... mkdir resumed>) = 0 [pid 5833] set_robust_list(0x5555860416a0, 24 [pid 5832] chmod("./syzkaller.UUstyR", 0777 [pid 5831] <... chmod resumed>) = 0 [pid 5832] <... chmod resumed>) = 0 [pid 5831] chdir("./syzkaller.3b067R"./strace-static-x86_64: Process 5834 attached [pid 5833] <... set_robust_list resumed>) = 0 [pid 5832] chdir("./syzkaller.UUstyR" [pid 5831] <... chdir resumed>) = 0 [pid 5832] <... chdir resumed>) = 0 [pid 5829] <... clone resumed>, child_tidptr=0x555586041690) = 5834 [pid 5834] set_robust_list(0x5555860416a0, 24 [pid 5833] mkdir("./syzkaller.tO2eLM", 0700 [pid 5832] mkdir("./0", 0777 [pid 5831] mkdir("./0", 0777 [pid 5829] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5834] <... set_robust_list resumed>) = 0 [pid 5833] <... mkdir resumed>) = 0 [pid 5832] <... mkdir resumed>) = 0 [pid 5834] mkdir("./syzkaller.v9zOlz", 0700 [pid 5831] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5835 attached [pid 5829] <... clone resumed>, child_tidptr=0x555586041690) = 5835 [pid 5833] chmod("./syzkaller.tO2eLM", 0777 [pid 5832] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5835] set_robust_list(0x5555860416a0, 24 [pid 5834] <... mkdir resumed>) = 0 [pid 5833] <... chmod resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5831] <... openat resumed>) = 3 [pid 5835] <... set_robust_list resumed>) = 0 [pid 5834] chmod("./syzkaller.v9zOlz", 0777 [pid 5833] chdir("./syzkaller.tO2eLM" [pid 5832] ioctl(3, LOOP_CLR_FD [pid 5831] ioctl(3, LOOP_CLR_FD [pid 5835] mkdir("./syzkaller.HjLO0x", 0700 [pid 5834] <... chmod resumed>) = 0 [pid 5833] <... chdir resumed>) = 0 [pid 5832] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5833] mkdir("./0", 0777 [pid 5832] close(3 [pid 5831] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5835] <... mkdir resumed>) = 0 [pid 5834] chdir("./syzkaller.v9zOlz" [pid 5833] <... mkdir resumed>) = 0 [pid 5834] <... chdir resumed>) = 0 [pid 5834] mkdir("./0", 0777 [pid 5833] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5832] <... close resumed>) = 0 [pid 5834] <... mkdir resumed>) = 0 [pid 5831] close(3 [pid 5835] chmod("./syzkaller.HjLO0x", 0777) = 0 [pid 5833] <... openat resumed>) = 3 [pid 5832] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... close resumed>) = 0 [pid 5835] chdir("./syzkaller.HjLO0x" [pid 5833] ioctl(3, LOOP_CLR_FD [pid 5831] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] <... chdir resumed>) = 0 [pid 5834] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5836 attached [pid 5835] mkdir("./0", 0777 [pid 5834] <... openat resumed>) = 3 [pid 5835] <... mkdir resumed>) = 0 [pid 5833] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5834] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5837 attached [pid 5836] set_robust_list(0x5555860416a0, 24 [pid 5834] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5833] close(3 [pid 5831] <... clone resumed>, child_tidptr=0x555586041690) = 5836 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5837] set_robust_list(0x5555860416a0, 24 [pid 5835] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5834] close(3 [pid 5837] <... set_robust_list resumed>) = 0 [pid 5835] <... openat resumed>) = 3 [pid 5834] <... close resumed>) = 0 [pid 5837] chdir("./0" [pid 5836] chdir("./0" [pid 5835] ioctl(3, LOOP_CLR_FD [pid 5834] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... clone resumed>, child_tidptr=0x555586041690) = 5837 ./strace-static-x86_64: Process 5839 attached [pid 5837] <... chdir resumed>) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5835] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5840 attached [pid 5839] set_robust_list(0x5555860416a0, 24 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5833] <... clone resumed>, child_tidptr=0x555586041690) = 5840 [pid 5840] set_robust_list(0x5555860416a0, 24 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5837] <... prctl resumed>) = 0 [pid 5836] <... prctl resumed>) = 0 [pid 5835] close(3 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] chdir("./0" [pid 5837] setpgid(0, 0 [pid 5834] <... clone resumed>, child_tidptr=0x555586041690) = 5839 [pid 5840] chdir("./0" [pid 5839] <... chdir resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5837] <... setpgid resumed>) = 0 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached [pid 5840] <... chdir resumed>) = 0 [pid 5839] setpgid(0, 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... setpgid resumed>) = 0 [pid 5836] setpgid(0, 0 [pid 5841] set_robust_list(0x5555860416a0, 24 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5836] <... setpgid resumed>) = 0 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] <... prctl resumed>) = 0 [pid 5841] chdir("./0" [pid 5840] setpgid(0, 0 [pid 5839] <... openat resumed>) = 3 [pid 5837] <... openat resumed>) = 3 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5836] write(3, "1000", 4) = 4 [pid 5837] write(3, "1000", 4 [pid 5836] close(3 [pid 5837] <... write resumed>) = 4 [pid 5836] <... close resumed>) = 0 [pid 5835] <... clone resumed>, child_tidptr=0x555586041690) = 5841 [pid 5837] close(3 [pid 5836] symlink("/dev/binderfs", "./binderfs" [pid 5837] <... close resumed>) = 0 [pid 5836] <... symlink resumed>) = 0 [pid 5837] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... chdir resumed>) = 0 [pid 5840] <... setpgid resumed>) = 0 [pid 5839] write(3, "1000", 4 [pid 5837] <... symlink resumed>) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5839] <... write resumed>) = 4 [pid 5837] write(1, "executing program\n", 18 [pid 5836] write(1, "executing program\n", 18executing program [pid 5841] <... prctl resumed>) = 0 [pid 5840] <... openat resumed>) = 3 [pid 5839] close(3 [pid 5836] <... write resumed>) = 18 [pid 5841] setpgid(0, 0 [pid 5840] write(3, "1000", 4 [pid 5839] <... close resumed>) = 0 [pid 5837] <... write resumed>) = 18 [pid 5836] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... setpgid resumed>) = 0 [pid 5840] <... write resumed>) = 4 [pid 5839] symlink("/dev/binderfs", "./binderfs" [pid 5837] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 0 [pid 5840] close(3 [pid 5837] <... futex resumed>) = 0 [pid 5836] rt_sigaction(SIGRT_1, {sa_handler=0x7fdd8bcd62e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd8bcc7490}, [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] <... close resumed>) = 0 [pid 5839] <... symlink resumed>) = 0 [pid 5837] rt_sigaction(SIGRT_1, {sa_handler=0x7fdd8bcd62e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd8bcc7490}, executing program [pid 5836] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5839] write(1, "executing program\n", 18 [pid 5837] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5836] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5841] <... openat resumed>) = 3 [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5839] <... write resumed>) = 18 [pid 5837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] write(3, "1000", 4 [pid 5840] <... symlink resumed>) = 0 [pid 5839] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5841] <... write resumed>) = 4 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5836] <... mmap resumed>) = 0x7fdd8bc46000 [pid 5837] <... mmap resumed>) = 0x7fdd8bc46000 [pid 5836] mprotect(0x7fdd8bc47000, 131072, PROT_READ|PROT_WRITE [pid 5837] mprotect(0x7fdd8bc47000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5836] <... mprotect resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5839] <... futex resumed>) = 0 [pid 5841] close(3 [pid 5840] write(1, "executing program\n", 18 [pid 5839] rt_sigaction(SIGRT_1, {sa_handler=0x7fdd8bcd62e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd8bcc7490}, NULL, 8) = 0 [pid 5841] <... close resumed>) = 0 [pid 5839] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5840] <... write resumed>) = 18 [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5837] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5836] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs" [pid 5840] <... futex resumed>) = 0 [pid 5839] <... mmap resumed>) = 0x7fdd8bc46000 [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc66990, parent_tid=0x7fdd8bc66990, exit_signal=0, stack=0x7fdd8bc46000, stack_size=0x20300, tls=0x7fdd8bc666c0} [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc66990, parent_tid=0x7fdd8bc66990, exit_signal=0, stack=0x7fdd8bc46000, stack_size=0x20300, tls=0x7fdd8bc666c0}./strace-static-x86_64: Process 5843 attached ./strace-static-x86_64: Process 5842 attached [pid 5841] <... symlink resumed>) = 0 [pid 5840] rt_sigaction(SIGRT_1, {sa_handler=0x7fdd8bcd62e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd8bcc7490}, [pid 5839] mprotect(0x7fdd8bc47000, 131072, PROT_READ|PROT_WRITE [pid 5843] rseq(0x7fdd8bc66fe0, 0x20, 0, 0x53053053 [pid 5842] rseq(0x7fdd8bc66fe0, 0x20, 0, 0x53053053 [pid 5840] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5837] <... clone3 resumed> => {parent_tid=[5842]}, 88) = 5842 [pid 5836] <... clone3 resumed> => {parent_tid=[5843]}, 88) = 5843 [pid 5843] <... rseq resumed>) = 0 [pid 5842] <... rseq resumed>) = 0 executing program [pid 5841] write(1, "executing program\n", 18 [pid 5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5839] <... mprotect resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] set_robust_list(0x7fdd8bc669a0, 24 [pid 5842] set_robust_list(0x7fdd8bc669a0, 24 [pid 5841] <... write resumed>) = 18 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5839] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5837] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... futex resumed>) = 0 [pid 5840] <... mmap resumed>) = 0x7fdd8bc46000 [pid 5839] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc66990, parent_tid=0x7fdd8bc66990, exit_signal=0, stack=0x7fdd8bc46000, stack_size=0x20300, tls=0x7fdd8bc666c0} [pid 5837] <... futex resumed>) = 0 [pid 5836] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5844 attached [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] rt_sigaction(SIGRT_1, {sa_handler=0x7fdd8bcd62e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd8bcc7490}, [pid 5840] mprotect(0x7fdd8bc47000, 131072, PROT_READ|PROT_WRITE [pid 5837] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5836] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] rseq(0x7fdd8bc66fe0, 0x20, 0, 0x53053053 [pid 5843] memfd_create("syzkaller", 0 [pid 5842] memfd_create("syzkaller", 0 [pid 5841] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5840] <... mprotect resumed>) = 0 [pid 5839] <... clone3 resumed> => {parent_tid=[5844]}, 88) = 5844 [pid 5844] <... rseq resumed>) = 0 [pid 5841] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5839] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] set_robust_list(0x7fdd8bc669a0, 24) = 0 [pid 5843] <... memfd_create resumed>) = 3 [pid 5842] <... memfd_create resumed>) = 3 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5840] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5839] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... mmap resumed>) = 0x7fdd83800000 [pid 5842] <... mmap resumed>) = 0x7fdd83800000 [pid 5841] <... mmap resumed>) = 0x7fdd8bc46000 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc66990, parent_tid=0x7fdd8bc66990, exit_signal=0, stack=0x7fdd8bc46000, stack_size=0x20300, tls=0x7fdd8bc666c0} [pid 5839] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5845 attached [pid 5844] memfd_create("syzkaller", 0 [pid 5841] mprotect(0x7fdd8bc47000, 131072, PROT_READ|PROT_WRITE [pid 5839] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5845] rseq(0x7fdd8bc66fe0, 0x20, 0, 0x53053053 [pid 5844] <... memfd_create resumed>) = 3 [pid 5842] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5841] <... mprotect resumed>) = 0 [pid 5840] <... clone3 resumed> => {parent_tid=[5845]}, 88) = 5845 [pid 5845] <... rseq resumed>) = 0 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5845] set_robust_list(0x7fdd8bc669a0, 24 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] <... set_robust_list resumed>) = 0 [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] <... mmap resumed>) = 0x7fdd83800000 [pid 5841] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5840] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5845] memfd_create("syzkaller", 0 [pid 5843] <... write resumed>) = 65536 [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc66990, parent_tid=0x7fdd8bc66990, exit_signal=0, stack=0x7fdd8bc46000, stack_size=0x20300, tls=0x7fdd8bc666c0} [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5843] munmap(0x7fdd83800000, 138412032 [pid 5842] <... write resumed>) = 65536 [pid 5844] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536./strace-static-x86_64: Process 5847 attached [pid 5843] <... munmap resumed>) = 0 [pid 5842] munmap(0x7fdd83800000, 138412032 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5842] <... munmap resumed>) = 0 [pid 5843] <... openat resumed>) = 4 [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5847] rseq(0x7fdd8bc66fe0, 0x20, 0, 0x53053053 [pid 5845] <... memfd_create resumed>) = 3 [pid 5844] <... write resumed>) = 65536 [pid 5841] <... clone3 resumed> => {parent_tid=[5847]}, 88) = 5847 [pid 5847] <... rseq resumed>) = 0 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] munmap(0x7fdd83800000, 138412032 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] set_robust_list(0x7fdd8bc669a0, 24 [pid 5845] <... mmap resumed>) = 0x7fdd83800000 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5844] <... munmap resumed>) = 0 [pid 5843] <... ioctl resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5843] close(3 [pid 5842] <... openat resumed>) = 4 [pid 5841] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... write resumed>) = 65536 [pid 5844] <... openat resumed>) = 4 [pid 5843] <... close resumed>) = 0 [pid 5842] ioctl(4, LOOP_SET_FD, 3 [pid 5841] <... futex resumed>) = 0 [pid 5847] memfd_create("syzkaller", 0 [pid 5845] munmap(0x7fdd83800000, 138412032 [pid 5844] ioctl(4, LOOP_SET_FD, 3 [pid 5843] close(4 [pid 5842] <... ioctl resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5842] close(3 [pid 5843] mkdir("./file0", 0777 [pid 5842] <... close resumed>) = 0 [pid 5843] <... mkdir resumed>) = 0 [pid 5842] close(4) = 0 [pid 5842] mkdir("./file0", 0777) = 0 [ 74.973361][ T5843] loop0: detected capacity change from 0 to 128 [ 74.998660][ T5842] loop1: detected capacity change from 0 to 128 [ 75.000469][ T5844] loop3: detected capacity change from 0 to 128 [ 75.012015][ T5843] ======================================================= [pid 5843] mount("/dev/loop0", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5847] <... memfd_create resumed>) = 3 [pid 5845] <... munmap resumed>) = 0 [pid 5844] <... ioctl resumed>) = 0 [pid 5842] mount("/dev/loop1", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5841] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5845] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5844] close(3 [pid 5847] <... mmap resumed>) = 0x7fdd83800000 [pid 5845] <... openat resumed>) = 4 [pid 5844] <... close resumed>) = 0 [pid 5847] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5845] ioctl(4, LOOP_SET_FD, 3 [pid 5844] close(4 [pid 5842] <... mount resumed>) = 0 [pid 5847] <... write resumed>) = 65536 [pid 5843] <... mount resumed>) = 0 [pid 5847] munmap(0x7fdd83800000, 138412032 [pid 5844] <... close resumed>) = 0 [pid 5847] <... munmap resumed>) = 0 [pid 5844] mkdir("./file0", 0777 [pid 5847] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5844] <... mkdir resumed>) = 0 [pid 5847] <... openat resumed>) = 4 [pid 5847] ioctl(4, LOOP_SET_FD, 3 [ 75.012015][ T5843] WARNING: The mand mount option has been deprecated and [ 75.012015][ T5843] and is ignored by this kernel. Remove the mand [ 75.012015][ T5843] option from the mount to silence this warning. [ 75.012015][ T5843] ======================================================= [ 75.055925][ T5845] loop2: detected capacity change from 0 to 128 [pid 5842] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5845] <... ioctl resumed>) = 0 [pid 5844] mount("/dev/loop3", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5845] close(3 [pid 5843] <... openat resumed>) = 3 [pid 5842] <... openat resumed>) = 3 [pid 5845] <... close resumed>) = 0 [pid 5843] chdir("./file0" [pid 5842] chdir("./file0" [pid 5845] close(4) = 0 [pid 5845] mkdir("./file0", 0777) = 0 [pid 5844] <... mount resumed>) = 0 [pid 5843] <... chdir resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5845] mount("/dev/loop2", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5842] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5844] <... openat resumed>) = 3 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5844] chdir("./file0" [pid 5842] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] <... chdir resumed>) = 0 [pid 5843] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5844] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 0 [pid 5845] <... mount resumed>) = 0 [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5839] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... openat resumed>) = 3 [pid 5844] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5839] <... futex resumed>) = 0 [pid 5845] chdir("./file0" [pid 5844] mkdir(".", 0777 [pid 5839] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5847] <... ioctl resumed>) = 0 [pid 5845] <... chdir resumed>) = 0 [pid 5844] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5847] close(3 [pid 5845] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5844] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5843] <... futex resumed>) = 1 [pid 5847] <... close resumed>) = 0 [pid 5845] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] <... mount resumed>) = 0 [pid 5843] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5842] <... futex resumed>) = 1 [pid 5836] <... futex resumed>) = 0 [pid 5847] close(4 [pid 5845] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5842] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5836] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... close resumed>) = 0 [pid 5845] <... futex resumed>) = 1 [pid 5844] <... openat resumed>) = 4 [pid 5840] <... futex resumed>) = 0 [pid 5843] <... futex resumed>) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5836] <... futex resumed>) = 1 [pid 5847] mkdir("./file0", 0777 [pid 5845] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5844] chdir("." [pid 5843] mkdir(".", 0777 [pid 5840] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5847] <... mkdir resumed>) = 0 [pid 5845] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5844] <... chdir resumed>) = 0 [pid 5840] <... futex resumed>) = 0 [pid 5845] mkdir(".", 0777 [pid 5844] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5845] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5844] <... futex resumed>) = 1 [pid 5839] <... futex resumed>) = 0 [pid 5847] mount("/dev/loop4", "./file0", "sysv", MS_RDONLY|MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_LAZYTIME, "\xff" [pid 5845] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5844] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5842] <... futex resumed>) = 0 [pid 5839] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] <... futex resumed>) = 1 [pid 5845] <... mount resumed>) = 0 [pid 5839] <... futex resumed>) = 0 [pid 5844] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5839] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5845] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [ 75.068478][ T5847] loop4: detected capacity change from 0 to 128 [pid 5844] chdir("./file0" [pid 5845] <... openat resumed>) = 4 [pid 5843] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5842] mkdir(".", 0777 [pid 5837] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5842] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5843] <... mount resumed>) = 0 [pid 5842] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [pid 5843] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5842] <... mount resumed>) = 0 [pid 5843] <... openat resumed>) = 4 [pid 5842] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5847] <... mount resumed>) = 0 [pid 5842] <... openat resumed>) = 4 [pid 5843] chdir("." [pid 5842] chdir("." [pid 5847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5842] <... chdir resumed>) = 0 [pid 5843] <... chdir resumed>) = 0 [pid 5842] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... openat resumed>) = 3 [pid 5845] chdir("." [pid 5842] <... futex resumed>) = 1 [pid 5837] <... futex resumed>) = 0 [pid 5842] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5837] <... futex resumed>) = 0 [pid 5847] chdir("./file0" [pid 5845] <... chdir resumed>) = 0 [pid 5843] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] chdir("./file0" [pid 5837] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] <... chdir resumed>) = 0 [pid 5845] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] <... futex resumed>) = 1 [pid 5847] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5845] <... futex resumed>) = 1 [pid 5843] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5847] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5845] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5847] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = 0 [pid 5847] <... futex resumed>) = 1 [pid 5841] <... futex resumed>) = 0 [pid 5840] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5845] <... futex resumed>) = 0 [pid 5841] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = 1 [pid 5847] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5845] chdir("./file0" [pid 5841] <... futex resumed>) = 0 [pid 5847] mkdir(".", 0777 [pid 5840] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] <... futex resumed>) = 0 [pid 5839] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5839] futex(0x7fdd8bd416bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 1 [pid 5847] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5843] <... futex resumed>) = 0 [pid 5847] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION, "" [ 75.097753][ T5844] syz-executor927: attempt to access beyond end of device [ 75.097753][ T5844] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.117620][ T5842] syz-executor927: attempt to access beyond end of device [ 75.117620][ T5842] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.120025][ T5845] syz-executor927: attempt to access beyond end of device [ 75.120025][ T5845] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5843] chdir("./file0" [pid 5847] <... mount resumed>) = 0 [pid 5839] <... futex resumed>) = 0 [ 75.148703][ T5843] syz-executor927: attempt to access beyond end of device [ 75.148703][ T5843] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.162235][ T5842] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 75.163896][ T5844] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 75.172281][ T5842] syz-executor927: attempt to access beyond end of device [ 75.172281][ T5842] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5836] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] openat(AT_FDCWD, ".", O_RDONLY|O_DIRECTORY [pid 5839] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5847] <... openat resumed>) = 4 [pid 5847] chdir(".") = 0 [pid 5847] futex(0x7fdd8bd416ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5847] futex(0x7fdd8bd416a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5837] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] <... futex resumed>) = 0 [pid 5839] <... mmap resumed>) = 0x7fdd8bc25000 [pid 5837] futex(0x7fdd8bd416bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] futex(0x7fdd8bd416bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fdd8bc25000 [pid 5840] mprotect(0x7fdd8bc26000, 131072, PROT_READ|PROT_WRITE [pid 5839] mprotect(0x7fdd8bc26000, 131072, PROT_READ|PROT_WRITE [pid 5837] <... futex resumed>) = 0 [pid 5841] futex(0x7fdd8bd416a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5841] <... futex resumed>) = 1 [pid 5847] <... futex resumed>) = 0 [pid 5841] futex(0x7fdd8bd416ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] <... mprotect resumed>) = 0 [pid 5837] <... mmap resumed>) = 0x7fdd8bc25000 [pid 5847] chdir("./file0" [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5837] mprotect(0x7fdd8bc26000, 131072, PROT_READ|PROT_WRITE [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc45990, parent_tid=0x7fdd8bc45990, exit_signal=0, stack=0x7fdd8bc25000, stack_size=0x20300, tls=0x7fdd8bc456c0} => {parent_tid=[5848]}, 88) = 5848 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5839] <... mprotect resumed>) = 0 [pid 5837] <... mprotect resumed>) = 0 [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] futex(0x7fdd8bd416bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] futex(0x7fdd8bd416b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5840] <... futex resumed>) = 0 [pid 5839] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc45990, parent_tid=0x7fdd8bc45990, exit_signal=0, stack=0x7fdd8bc25000, stack_size=0x20300, tls=0x7fdd8bc456c0} [pid 5837] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5836] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5848 attached [pid 5840] futex(0x7fdd8bd416bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc45990, parent_tid=0x7fdd8bc45990, exit_signal=0, stack=0x7fdd8bc25000, stack_size=0x20300, tls=0x7fdd8bc456c0} [ 75.181707][ T5843] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 75.206262][ T5847] syz-executor927: attempt to access beyond end of device [ 75.206262][ T5847] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.207265][ T5842] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 75.231937][ T5844] syz-executor927: attempt to access beyond end of device [ 75.231937][ T5844] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5850 attached [pid 5848] rseq(0x7fdd8bc45fe0, 0x20, 0, 0x53053053 [pid 5839] <... clone3 resumed> => {parent_tid=[5849]}, 88) = 5849 [pid 5836] <... mmap resumed>) = 0x7fdd8bc25000 ./strace-static-x86_64: Process 5849 attached [pid 5850] rseq(0x7fdd8bc45fe0, 0x20, 0, 0x53053053 [pid 5848] <... rseq resumed>) = 0 [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5839] rt_sigprocmask(SIG_SETMASK, [], [pid 5837] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850 [pid 5836] mprotect(0x7fdd8bc26000, 131072, PROT_READ|PROT_WRITE [pid 5849] rseq(0x7fdd8bc45fe0, 0x20, 0, 0x53053053 [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5839] futex(0x7fdd8bd416b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... mprotect resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] futex(0x7fdd8bd416bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] <... rseq resumed>) = 0 [pid 5848] set_robust_list(0x7fdd8bc459a0, 24 [pid 5841] <... futex resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] <... rseq resumed>) = 0 [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5839] <... futex resumed>) = 0 [pid 5837] futex(0x7fdd8bd416b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] set_robust_list(0x7fdd8bc459a0, 24 [pid 5836] <... rt_sigprocmask resumed>[], 8) = 0 [ 75.232737][ T5842] syz-executor927: attempt to access beyond end of device [ 75.232737][ T5842] loop1: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 75.246943][ T5845] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 75.261645][ T5842] Buffer I/O error on dev loop1, logical block 13269809, async page read [ 75.279212][ T5847] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 75.280408][ T5842] syz-executor927: attempt to access beyond end of device [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] set_robust_list(0x7fdd8bc459a0, 24 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... mmap resumed>) = 0x7fdd8bc25000 [pid 5840] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5839] futex(0x7fdd8bd416bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5837] <... futex resumed>) = 0 [pid 5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc45990, parent_tid=0x7fdd8bc45990, exit_signal=0, stack=0x7fdd8bc25000, stack_size=0x20300, tls=0x7fdd8bc456c0} [pid 5849] <... set_robust_list resumed>) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5849] fchmodat(AT_FDCWD, ".", 0177431 [pid 5837] futex(0x7fdd8bd416bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5851 attached [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] mprotect(0x7fdd8bc26000, 131072, PROT_READ|PROT_WRITE [pid 5836] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... mprotect resumed>) = 0 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] rseq(0x7fdd8bc45fe0, 0x20, 0, 0x53053053 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] fchmodat(AT_FDCWD, ".", 0177431 [pid 5851] <... rseq resumed>) = 0 [pid 5850] fchmodat(AT_FDCWD, ".", 0177431 [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5839] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5836] futex(0x7fdd8bd416b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5836] <... futex resumed>) = 0 [pid 5851] set_robust_list(0x7fdd8bc459a0, 24) = 0 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fdd8bc45990, parent_tid=0x7fdd8bc45990, exit_signal=0, stack=0x7fdd8bc25000, stack_size=0x20300, tls=0x7fdd8bc456c0} [pid 5836] futex(0x7fdd8bd416bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5852 attached [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5851] fchmodat(AT_FDCWD, ".", 0177431 [pid 5841] <... clone3 resumed> => {parent_tid=[5852]}, 88) = 5852 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5852] rseq(0x7fdd8bc45fe0, 0x20, 0, 0x53053053 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] futex(0x7fdd8bd416b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5852] <... rseq resumed>) = 0 [pid 5841] futex(0x7fdd8bd416bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 75.280408][ T5842] loop1: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 75.304222][ T5844] Buffer I/O error on dev loop3, logical block 8833403, async page read [ 75.305624][ T5842] Buffer I/O error on dev loop1, logical block 8073606, async page read [ 75.312748][ T5847] syz-executor927: attempt to access beyond end of device [ 75.312748][ T5847] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 75.322012][ T5842] Buffer I/O error on dev loop1, logical block 3245771, async page read [pid 5852] set_robust_list(0x7fdd8bc459a0, 24) = 0 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5852] fchmodat(AT_FDCWD, ".", 0177431 [pid 5836] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5837] exit_group(0) = ? [pid 5839] exit_group(0) = ? [pid 5840] exit_group(0 [pid 5836] exit_group(0 [pid 5840] <... exit_group resumed>) = ? [pid 5836] <... exit_group resumed>) = ? [pid 5841] exit_group(0) = ? [pid 5831] kill(-5836, SIGKILL) = 0 [pid 5831] kill(5836, SIGKILL) = 0 [pid 5833] kill(-5840, SIGKILL [pid 5832] kill(-5837, SIGKILL [pid 5833] <... kill resumed>) = 0 [pid 5832] <... kill resumed>) = 0 [pid 5833] kill(5840, SIGKILL [pid 5832] kill(5837, SIGKILL [pid 5833] <... kill resumed>) = 0 [pid 5832] <... kill resumed>) = 0 [pid 5835] kill(-5841, SIGKILL) = 0 [pid 5834] kill(-5839, SIGKILL [pid 5835] kill(5841, SIGKILL [pid 5834] <... kill resumed>) = 0 [pid 5835] <... kill resumed>) = 0 [pid 5834] kill(5839, SIGKILL) = 0 [pid 5831] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5831] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5833] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] getdents64(3, [pid 5833] <... openat resumed>) = 3 [pid 5831] <... getdents64 resumed>0x555586042730 /* 2 entries */, 32768) = 48 [pid 5833] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5831] getdents64(3, [pid 5833] getdents64(3, 0x555586042730 /* 2 entries */, 32768) = 48 [pid 5831] <... getdents64 resumed>0x555586042730 /* 0 entries */, 32768) = 0 [pid 5833] getdents64(3, [pid 5831] close(3 [pid 5833] <... getdents64 resumed>0x555586042730 /* 0 entries */, 32768) = 0 [pid 5831] <... close resumed>) = 0 [pid 5833] close(3) = 0 [pid 5834] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5834] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5834] getdents64(3, 0x555586042730 /* 2 entries */, 32768) = 48 [pid 5834] getdents64(3, 0x555586042730 /* 0 entries */, 32768) = 0 [pid 5834] close(3) = 0 [pid 5832] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5832] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5832] getdents64(3, 0x555586042730 /* 2 entries */, 32768) = 48 [pid 5832] getdents64(3, 0x555586042730 /* 0 entries */, 32768) = 0 [pid 5832] close(3) = 0 [pid 5835] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5835] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5835] getdents64(3, 0x555586042730 /* 2 entries */, 32768) = 48 [pid 5835] getdents64(3, 0x555586042730 /* 0 entries */, 32768) = 0 [pid 5835] close(3) = 0 [ 86.948143][ T25] cfg80211: failed to load regulatory.db [ 237.976207][ T30] INFO: task syz-executor927:5851 blocked for more than 143 seconds. [ 237.984610][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 238.025969][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.034706][ T30] task:syz-executor927 state:D stack:28848 pid:5851 tgid:5836 ppid:5831 flags:0x00004006 [ 238.045549][ T30] Call Trace: [ 238.049170][ T30] [ 238.052147][ T30] __schedule+0x189f/0x4c80 [ 238.057311][ T30] ? __pfx___schedule+0x10/0x10 [ 238.062232][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.068480][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 238.074520][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.081341][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 238.086794][ T30] ? schedule+0x90/0x320 [ 238.091093][ T30] schedule+0x14b/0x320 [ 238.095296][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.101442][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 238.107813][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 238.113780][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 238.126613][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 238.131701][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 238.156000][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.161124][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 238.176040][ T30] down_write+0x1d7/0x220 [ 238.180435][ T30] ? __pfx_down_write+0x10/0x10 [ 238.206019][ T30] chmod_common+0x1bb/0x4c0 [ 238.210614][ T30] ? __pfx_chmod_common+0x10/0x10 [ 238.215682][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 238.246007][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 238.251302][ T30] ? kmem_cache_free+0x195/0x410 [ 238.285977][ T30] ? user_path_at+0x44/0x60 [ 238.290592][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 238.295666][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 238.345978][ T30] ? do_syscall_64+0x100/0x230 [ 238.350827][ T30] do_syscall_64+0xf3/0x230 [ 238.355370][ T30] ? clear_bhb_loop+0x35/0x90 [ 238.405996][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.411978][ T30] RIP: 0033:0x7fdd8bcafec9 [ 238.436015][ T30] RSP: 002b:00007fdd8bc45218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 238.444501][ T30] RAX: ffffffffffffffda RBX: 00007fdd8bd416b8 RCX: 00007fdd8bcafec9 [ 238.506020][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 238.514068][ T30] RBP: 00007fdd8bd416b0 R08: 00007ffe7565dd17 R09: 0000000000000000 [ 238.555975][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416bc [ 238.564024][ T30] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 238.616001][ T30] [ 238.619199][ T30] INFO: task syz-executor927:5850 blocked for more than 143 seconds. [ 238.646005][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 238.653186][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.705997][ T30] task:syz-executor927 state:D stack:27928 pid:5850 tgid:5837 ppid:5832 flags:0x00004006 [ 238.756014][ T30] Call Trace: [ 238.759358][ T30] [ 238.762329][ T30] __schedule+0x189f/0x4c80 [ 238.795997][ T30] ? __pfx___schedule+0x10/0x10 [ 238.800937][ T30] ? __pfx_lock_release+0x10/0x10 [ 238.836031][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 238.842134][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 238.886033][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 238.891244][ T30] ? schedule+0x90/0x320 [ 238.895532][ T30] schedule+0x14b/0x320 [ 238.935988][ T30] schedule_preempt_disabled+0x13/0x30 [ 238.941538][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 238.966425][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 238.972418][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 239.005989][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 239.011107][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 239.036106][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.041238][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 239.076018][ T30] down_write+0x1d7/0x220 [ 239.080453][ T30] ? __pfx_down_write+0x10/0x10 [ 239.085364][ T30] chmod_common+0x1bb/0x4c0 [ 239.135987][ T30] ? __pfx_chmod_common+0x10/0x10 [ 239.141106][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 239.176555][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 239.181860][ T30] ? kmem_cache_free+0x195/0x410 [ 239.215991][ T30] ? user_path_at+0x44/0x60 [ 239.220592][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 239.225670][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 239.266009][ T30] ? do_syscall_64+0x100/0x230 [ 239.270871][ T30] do_syscall_64+0xf3/0x230 [ 239.275416][ T30] ? clear_bhb_loop+0x35/0x90 [ 239.315987][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.321976][ T30] RIP: 0033:0x7fdd8bcafec9 [ 239.355997][ T30] RSP: 002b:00007fdd8bc45218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 239.364518][ T30] RAX: ffffffffffffffda RBX: 00007fdd8bd416b8 RCX: 00007fdd8bcafec9 [ 239.436075][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 239.444133][ T30] RBP: 00007fdd8bd416b0 R08: 00007ffe7565dd17 R09: 0000000000000000 [ 239.496005][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416bc [ 239.504060][ T30] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 239.576004][ T30] [ 239.579172][ T30] INFO: task syz-executor927:5849 blocked for more than 144 seconds. [ 239.615986][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 239.623170][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 239.658661][ T30] task:syz-executor927 state:D stack:28216 pid:5849 tgid:5839 ppid:5834 flags:0x00004006 [ 239.695982][ T30] Call Trace: [ 239.699329][ T30] [ 239.702294][ T30] __schedule+0x189f/0x4c80 [ 239.726022][ T30] ? __pfx___schedule+0x10/0x10 [ 239.730970][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.755989][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 239.762069][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 239.796022][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 239.801231][ T30] ? schedule+0x90/0x320 [ 239.805524][ T30] schedule+0x14b/0x320 [ 239.846015][ T30] schedule_preempt_disabled+0x13/0x30 [ 239.851604][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 239.886025][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 239.892031][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 239.926004][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 239.931120][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 239.955993][ T30] ? __pfx_lock_release+0x10/0x10 [ 239.961123][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 239.995986][ T30] down_write+0x1d7/0x220 [ 240.000400][ T30] ? __pfx_down_write+0x10/0x10 [ 240.005308][ T30] chmod_common+0x1bb/0x4c0 [ 240.036032][ T30] ? __pfx_chmod_common+0x10/0x10 [ 240.041163][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 240.070302][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 240.075600][ T30] ? kmem_cache_free+0x195/0x410 [ 240.105982][ T30] ? user_path_at+0x44/0x60 [ 240.110583][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 240.115667][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 240.156035][ T30] ? do_syscall_64+0x100/0x230 [ 240.160926][ T30] do_syscall_64+0xf3/0x230 [ 240.165496][ T30] ? clear_bhb_loop+0x35/0x90 [ 240.206059][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.212060][ T30] RIP: 0033:0x7fdd8bcafec9 [ 240.235978][ T30] RSP: 002b:00007fdd8bc45218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 240.244479][ T30] RAX: ffffffffffffffda RBX: 00007fdd8bd416b8 RCX: 00007fdd8bcafec9 [ 240.295980][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 240.304038][ T30] RBP: 00007fdd8bd416b0 R08: 00007ffe7565dd17 R09: 0000000000000000 [ 240.355980][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416bc [ 240.364036][ T30] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 240.406090][ T30] [ 240.426312][ T30] INFO: task syz-executor927:5848 blocked for more than 145 seconds. [ 240.434532][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 240.485983][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 240.494729][ T30] task:syz-executor927 state:D stack:28848 pid:5848 tgid:5840 ppid:5833 flags:0x00004006 [ 240.545980][ T30] Call Trace: [ 240.549337][ T30] [ 240.552309][ T30] __schedule+0x189f/0x4c80 [ 240.586524][ T30] ? __pfx___schedule+0x10/0x10 [ 240.591558][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.625983][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 240.632053][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 240.676069][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 240.681298][ T30] ? schedule+0x90/0x320 [ 240.685592][ T30] schedule+0x14b/0x320 [ 240.735999][ T30] schedule_preempt_disabled+0x13/0x30 [ 240.741556][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 240.775999][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 240.782028][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 240.816034][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 240.821161][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 240.846001][ T30] ? __pfx_lock_release+0x10/0x10 [ 240.851191][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 240.876013][ T30] down_write+0x1d7/0x220 [ 240.880448][ T30] ? __pfx_down_write+0x10/0x10 [ 240.885371][ T30] chmod_common+0x1bb/0x4c0 [ 240.926013][ T30] ? __pfx_chmod_common+0x10/0x10 [ 240.931143][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 240.985974][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 240.991274][ T30] ? kmem_cache_free+0x195/0x410 [ 241.015988][ T30] ? user_path_at+0x44/0x60 [ 241.020595][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 241.025696][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 241.066020][ T30] ? do_syscall_64+0x100/0x230 [ 241.070890][ T30] do_syscall_64+0xf3/0x230 [ 241.075433][ T30] ? clear_bhb_loop+0x35/0x90 [ 241.110049][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.136043][ T30] RIP: 0033:0x7fdd8bcafec9 [ 241.140545][ T30] RSP: 002b:00007fdd8bc45218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 241.176068][ T30] RAX: ffffffffffffffda RBX: 00007fdd8bd416b8 RCX: 00007fdd8bcafec9 [ 241.206000][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 241.214063][ T30] RBP: 00007fdd8bd416b0 R08: 00007ffe7565dd17 R09: 0000000000000000 [ 241.246022][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416bc [ 241.254084][ T30] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 241.316031][ T30] [ 241.319161][ T30] INFO: task syz-executor927:5852 blocked for more than 146 seconds. [ 241.356001][ T30] Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 241.363198][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 241.396052][ T30] task:syz-executor927 state:D stack:28848 pid:5852 tgid:5841 ppid:5835 flags:0x00004006 [ 241.426315][ T30] Call Trace: [ 241.429689][ T30] [ 241.432654][ T30] __schedule+0x189f/0x4c80 [ 241.476002][ T30] ? __pfx___schedule+0x10/0x10 [ 241.480952][ T30] ? __pfx_lock_release+0x10/0x10 [ 241.515990][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 241.522071][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 241.546011][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 241.551219][ T30] ? schedule+0x90/0x320 [ 241.555515][ T30] schedule+0x14b/0x320 [ 241.586120][ T30] schedule_preempt_disabled+0x13/0x30 [ 241.591694][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 241.646294][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 241.652308][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 241.695998][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 241.701120][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 241.736004][ T30] ? __pfx_lock_release+0x10/0x10 [ 241.741139][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 241.765982][ T30] down_write+0x1d7/0x220 [ 241.770410][ T30] ? __pfx_down_write+0x10/0x10 [ 241.775323][ T30] chmod_common+0x1bb/0x4c0 [ 241.805988][ T30] ? __pfx_chmod_common+0x10/0x10 [ 241.811109][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 241.835990][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 241.841282][ T30] ? kmem_cache_free+0x195/0x410 [ 241.886271][ T30] ? user_path_at+0x44/0x60 [ 241.890876][ T30] __x64_sys_fchmodat+0x11d/0x1c0 [ 241.925989][ T30] ? __pfx___x64_sys_fchmodat+0x10/0x10 [ 241.931644][ T30] ? do_syscall_64+0x100/0x230 [ 241.956073][ T30] do_syscall_64+0xf3/0x230 [ 241.960665][ T30] ? clear_bhb_loop+0x35/0x90 [ 241.965406][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.996027][ T30] RIP: 0033:0x7fdd8bcafec9 [ 242.000523][ T30] RSP: 002b:00007fdd8bc45218 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 242.056001][ T30] RAX: ffffffffffffffda RBX: 00007fdd8bd416b8 RCX: 00007fdd8bcafec9 [ 242.064073][ T30] RDX: 00000000ffffff19 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 242.116012][ T30] RBP: 00007fdd8bd416b0 R08: 00007ffe7565dd17 R09: 0000000000000000 [ 242.124069][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416bc [ 242.185982][ T30] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 242.194055][ T30] [ 242.236019][ T30] [ 242.236019][ T30] Showing all locks held in the system: [ 242.243820][ T30] 1 lock held by khungtaskd/30: [ 242.275983][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 242.315985][ T30] 1 lock held by kswapd0/88: [ 242.346016][ T30] 2 locks held by getty/5588: [ 242.350763][ T30] #0: ffff8880352820a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 242.395992][ T30] #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 242.435997][ T30] 3 locks held by syz-executor927/5843: [ 242.441610][ T30] 2 locks held by syz-executor927/5851: [ 242.476042][ T30] #0: ffff88802079a420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 242.485428][ T30] #1: ffff8880735fc6c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 242.536149][ T30] 1 lock held by syz-executor927/5842: [ 242.541682][ T30] 2 locks held by syz-executor927/5850: [ 242.576029][ T30] #0: ffff8880309c8420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 242.585399][ T30] #1: ffff8880735fc180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 242.656040][ T30] 2 locks held by syz-executor927/5844: [ 242.661654][ T30] 2 locks held by syz-executor927/5849: [ 242.685997][ T30] #0: ffff88807d020420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 242.695626][ T30] #1: ffff888073590180 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 242.746059][ T30] 2 locks held by syz-executor927/5845: [ 242.751672][ T30] 2 locks held by syz-executor927/5848: [ 242.795975][ T30] #0: ffff8880335de420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 242.805367][ T30] #1: ffff8880735906c0 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 242.865984][ T30] 1 lock held by syz-executor927/5847: [ 242.871777][ T30] 2 locks held by syz-executor927/5852: [ 242.916011][ T30] #0: ffff888031550420 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 242.925394][ T30] #1: ffff888073590c00 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: chmod_common+0x1bb/0x4c0 [ 242.986015][ T30] 2 locks held by dhcpcd/5874: [ 242.990869][ T30] #0: ffff888030e65608 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x90/0x240 [ 243.036049][ T30] #1: ffffffff8e93d278 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x381/0x830 [ 243.086012][ T30] 2 locks held by dhcpcd/5875: [ 243.090859][ T30] #0: ffff8880257ec258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 243.145990][ T30] #1: ffffffff8e93d278 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830 [ 243.193664][ T30] [ 243.205877][ T30] ============================================= [ 243.205877][ T30] [ 243.236026][ T30] NMI backtrace for cpu 0 [ 243.236065][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 243.236095][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 243.236108][ T30] Call Trace: [ 243.236116][ T30] [ 243.236126][ T30] dump_stack_lvl+0x241/0x360 [ 243.236162][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.236186][ T30] ? __pfx__printk+0x10/0x10 [ 243.236232][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 243.236263][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.236298][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 243.236326][ T30] ? irqentry_exit+0x63/0x90 [ 243.236358][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 243.236402][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 243.236430][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 243.236464][ T30] watchdog+0xff6/0x1040 [ 243.236494][ T30] ? watchdog+0x1ea/0x1040 [ 243.236527][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.236555][ T30] kthread+0x7a9/0x920 [ 243.236584][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236617][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.236645][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236674][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236707][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236736][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 243.236765][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 243.236797][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236835][ T30] ret_from_fork+0x4b/0x80 [ 243.236863][ T30] ? __pfx_kthread+0x10/0x10 [ 243.236894][ T30] ret_from_fork_asm+0x1a/0x30 [ 243.236934][ T30] [ 243.236943][ T30] Sending NMI from CPU 0 to CPUs 1: [ 243.400668][ C1] NMI backtrace for cpu 1 [ 243.400685][ C1] CPU: 1 UID: 0 PID: 5844 Comm: syz-executor927 Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 243.400706][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 243.400717][ C1] RIP: 0010:kasan_check_range+0x86/0x290 [ 243.400752][ C1] Code: 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 <0f> 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc [ 243.400766][ C1] RSP: 0018:ffffc90003fcf570 EFLAGS: 00000246 [ 243.400783][ C1] RAX: 0000000000000001 RBX: 1ffffffff203563e RCX: ffffffff819ab2c0 [ 243.400796][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff901ab1f0 [ 243.400808][ C1] RBP: ffffffffffffffff R08: ffffffff901ab1f7 R09: 1ffffffff203563e [ 243.400822][ C1] R10: dffffc0000000000 R11: fffffbfff203563e R12: 1ffff920007f9ec0 [ 243.400841][ C1] R13: ffffffff822d42f8 R14: dffffc0000000001 R15: fffffbfff203563f [ 243.400855][ C1] FS: 00007fdd8bc666c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 243.400871][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.400883][ C1] CR2: 000055b44c034600 CR3: 000000007948e000 CR4: 00000000003526f0 [ 243.400898][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 243.400909][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 243.400920][ C1] Call Trace: [ 243.400926][ C1] [ 243.400933][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 243.400956][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 243.400982][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 243.401004][ C1] ? nmi_handle+0x2a/0x5a0 [ 243.401037][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 243.401058][ C1] ? nmi_handle+0x14f/0x5a0 [ 243.401083][ C1] ? nmi_handle+0x2a/0x5a0 [ 243.401109][ C1] ? kasan_check_range+0x86/0x290 [ 243.401134][ C1] ? default_do_nmi+0x63/0x160 [ 243.401156][ C1] ? exc_nmi+0x123/0x1f0 [ 243.401176][ C1] ? end_repeat_nmi+0xf/0x53 [ 243.401202][ C1] ? get_mem_cgroup_from_mm+0x38/0x2a0 [ 243.401223][ C1] ? lock_release+0xb0/0xa30 [ 243.401246][ C1] ? kasan_check_range+0x86/0x290 [ 243.401272][ C1] ? kasan_check_range+0x86/0x290 [ 243.401299][ C1] ? kasan_check_range+0x86/0x290 [ 243.401325][ C1] [ 243.401331][ C1] [ 243.401337][ C1] ? get_mem_cgroup_from_mm+0x38/0x2a0 [ 243.401356][ C1] lock_release+0xb0/0xa30 [ 243.401383][ C1] ? __pfx_lock_release+0x10/0x10 [ 243.401406][ C1] ? __pfx_rcu_read_lock_sched_held+0x10/0x10 [ 243.401423][ C1] ? xas_load+0x59b/0x5c0 [ 243.401454][ C1] ? get_mem_cgroup_from_mm+0x38/0x2a0 [ 243.401473][ C1] get_mem_cgroup_from_mm+0x1ad/0x2a0 [ 243.401493][ C1] __mem_cgroup_charge+0x16/0x80 [ 243.401517][ C1] filemap_add_folio+0xb7/0x380 [ 243.401535][ C1] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 243.401553][ C1] ? filemap_read_folio+0x30a/0x3b0 [ 243.401575][ C1] ? __pfx_filemap_add_folio+0x10/0x10 [ 243.401594][ C1] ? __filemap_get_folio+0x848/0x940 [ 243.401617][ C1] do_read_cache_folio+0x349/0x5b0 [ 243.401639][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 243.401667][ C1] sysv_find_entry+0x16c/0x590 [ 243.401696][ C1] sysv_inode_by_name+0x98/0x2a0 [ 243.401721][ C1] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 243.401751][ C1] sysv_lookup+0x6b/0xe0 [ 243.401776][ C1] __lookup_slow+0x28c/0x3f0 [ 243.401797][ C1] ? __pfx___lookup_slow+0x10/0x10 [ 243.401821][ C1] ? try_to_unlazy+0x35c/0x5b0 [ 243.401849][ C1] lookup_slow+0x53/0x70 [ 243.401869][ C1] walk_component+0x2e1/0x410 [ 243.401889][ C1] path_lookupat+0x16f/0x450 [ 243.401911][ C1] filename_lookup+0x2a3/0x670 [ 243.401930][ C1] ? __virt_addr_valid+0x183/0x530 [ 243.401959][ C1] ? __pfx_filename_lookup+0x10/0x10 [ 243.401989][ C1] ? strncpy_from_user+0x152/0x270 [ 243.402023][ C1] ? getname_flags+0x1e3/0x540 [ 243.402039][ C1] ? ptrace_notify+0x279/0x380 [ 243.402057][ C1] user_path_at+0x3a/0x60 [ 243.402077][ C1] __se_sys_chdir+0xbc/0x220 [ 243.402103][ C1] ? __pfx___se_sys_chdir+0x10/0x10 [ 243.402134][ C1] ? do_syscall_64+0x100/0x230 [ 243.402154][ C1] do_syscall_64+0xf3/0x230 [ 243.402170][ C1] ? clear_bhb_loop+0x35/0x90 [ 243.402196][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.402219][ C1] RIP: 0033:0x7fdd8bcafec9 [ 243.402235][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 243.402249][ C1] RSP: 002b:00007fdd8bc66218 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 243.402266][ C1] RAX: ffffffffffffffda RBX: 00007fdd8bd416a8 RCX: 00007fdd8bcafec9 [ 243.402279][ C1] RDX: ffffffffffffffb0 RSI: 0000000000000000 RDI: 0000000020000140 [ 243.402291][ C1] RBP: 00007fdd8bd416a0 R08: 0000000000000000 R09: 0000000000000000 [ 243.402302][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd8bd416ac [ 243.402314][ C1] R13: 0030656c69662f2e R14: 00007fdd8bd04160 R15: 00000000ffffff19 [ 243.402334][ C1] [ 243.745992][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 243.746016][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-next-20241220-syzkaller #0 [ 243.746046][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 243.746061][ T30] Call Trace: [ 243.746070][ T30] [ 243.746081][ T30] dump_stack_lvl+0x241/0x360 [ 243.746117][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.746143][ T30] ? __pfx__printk+0x10/0x10 [ 243.746176][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.746218][ T30] ? vscnprintf+0x5d/0x90 [ 243.746251][ T30] panic+0x349/0x880 [ 243.746289][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 243.746323][ T30] ? __pfx_panic+0x10/0x10 [ 243.746355][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 243.746382][ T30] ? __irq_work_queue_local+0x137/0x410 [ 243.746414][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 243.746447][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 243.746477][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 243.746511][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 243.746546][ T30] watchdog+0x1035/0x1040 [ 243.746584][ T30] ? watchdog+0x1ea/0x1040 [ 243.746620][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.746650][ T30] kthread+0x7a9/0x920 [ 243.746681][ T30] ? __pfx_kthread+0x10/0x10 [ 243.746715][ T30] ? __pfx_watchdog+0x10/0x10 [ 243.746746][ T30] ? __pfx_kthread+0x10/0x10 [ 243.746777][ T30] ? __pfx_kthread+0x10/0x10 [ 243.746812][ T30] ? __pfx_kthread+0x10/0x10 [ 243.746842][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 243.746873][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 243.746908][ T30] ? __pfx_kthread+0x10/0x10 [ 243.746941][ T30] ret_from_fork+0x4b/0x80 [ 243.746970][ T30] ? __pfx_kthread+0x10/0x10 [ 243.747003][ T30] ret_from_fork_asm+0x1a/0x30 [ 243.747044][ T30] [ 244.076302][ T30] Kernel Offset: disabled [ 244.080630][ T30] Rebooting in 86400 seconds..