./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1303289597 <...> Warning: Permanently added '10.128.10.24' (ED25519) to the list of known hosts. execve("./syz-executor1303289597", ["./syz-executor1303289597"], 0x7ffd96840460 /* 10 vars */) = 0 brk(NULL) = 0x55555bdd2000 brk(0x55555bdd2d40) = 0x55555bdd2d40 arch_prctl(ARCH_SET_FS, 0x55555bdd23c0) = 0 set_tid_address(0x55555bdd2690) = 5835 set_robust_list(0x55555bdd26a0, 24) = 0 rseq(0x55555bdd2ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1303289597", 4096) = 28 getrandom("\x60\x8e\xf5\x63\x76\x0d\xbb\x81", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555bdd2d40 brk(0x55555bdf3d40) = 0x55555bdf3d40 brk(0x55555bdf4000) = 0x55555bdf4000 mprotect(0x7f8ff008e000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached [pid 5836] set_robust_list(0x55555bdd26a0, 24 [pid 5835] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5836 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5836] mkdir("./syzkaller.02x1FM", 0700 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached , child_tidptr=0x55555bdd2690) = 5837 [pid 5837] set_robust_list(0x55555bdd26a0, 24 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5838 attached [pid 5836] <... mkdir resumed>) = 0 [pid 5838] set_robust_list(0x55555bdd26a0, 24) = 0 [pid 5837] mkdir("./syzkaller.685rJq", 0700 [pid 5835] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5838 [pid 5836] chmod("./syzkaller.02x1FM", 0777 [pid 5838] mkdir("./syzkaller.Z7lov1", 0700 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5838] <... mkdir resumed>) = 0 [pid 5836] <... chmod resumed>) = 0 [pid 5838] chmod("./syzkaller.Z7lov1", 0777./strace-static-x86_64: Process 5839 attached ) = 0 [pid 5837] <... mkdir resumed>) = 0 [pid 5836] chdir("./syzkaller.02x1FM" [pid 5835] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5839 [pid 5839] set_robust_list(0x55555bdd26a0, 24 [pid 5837] chmod("./syzkaller.685rJq", 0777 [pid 5836] <... chdir resumed>) = 0 [pid 5838] chdir("./syzkaller.Z7lov1" [pid 5836] mkdir("./0", 0777 [pid 5835] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... set_robust_list resumed>) = 0 [pid 5838] <... chdir resumed>) = 0 [pid 5837] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5840 attached [pid 5839] mkdir("./syzkaller.U6egYk", 0700 [pid 5838] mkdir("./0", 0777 [pid 5836] <... mkdir resumed>) = 0 [pid 5840] set_robust_list(0x55555bdd26a0, 24 [pid 5837] chdir("./syzkaller.685rJq") = 0 [pid 5838] <... mkdir resumed>) = 0 [pid 5837] mkdir("./0", 0777 [pid 5835] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5840 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] <... mkdir resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5837] <... mkdir resumed>) = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5840] mkdir("./syzkaller.YYuK7J", 0700 [pid 5838] <... openat resumed>) = 3 [pid 5837] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5836] <... openat resumed>) = 3 [pid 5839] chmod("./syzkaller.U6egYk", 0777 [pid 5838] ioctl(3, LOOP_CLR_FD [pid 5839] <... chmod resumed>) = 0 [pid 5838] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5837] <... openat resumed>) = 3 [pid 5836] ioctl(3, LOOP_CLR_FD [pid 5840] <... mkdir resumed>) = 0 [pid 5837] ioctl(3, LOOP_CLR_FD [pid 5836] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5837] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5840] chmod("./syzkaller.YYuK7J", 0777 [pid 5839] chdir("./syzkaller.U6egYk" [pid 5838] close(3 [pid 5836] close(3 [pid 5839] <... chdir resumed>) = 0 [pid 5840] <... chmod resumed>) = 0 [pid 5837] close(3 [pid 5839] mkdir("./0", 0777 [pid 5838] <... close resumed>) = 0 [pid 5837] <... close resumed>) = 0 [pid 5836] <... close resumed>) = 0 [pid 5840] chdir("./syzkaller.YYuK7J" [pid 5839] <... mkdir resumed>) = 0 [pid 5838] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] <... chdir resumed>) = 0 [pid 5836] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] mkdir("./0", 0777./strace-static-x86_64: Process 5841 attached ./strace-static-x86_64: Process 5842 attached ./strace-static-x86_64: Process 5843 attached [pid 5842] set_robust_list(0x55555bdd26a0, 24 [pid 5841] set_robust_list(0x55555bdd26a0, 24 [pid 5840] <... mkdir resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5839] <... openat resumed>) = 3 [pid 5837] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5841 [pid 5843] set_robust_list(0x55555bdd26a0, 24 [pid 5839] ioctl(3, LOOP_CLR_FD [pid 5838] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5842 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5841] chdir("./0" [pid 5839] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5843] chdir("./0" [pid 5842] chdir("./0" [pid 5840] <... openat resumed>) = 3 [pid 5843] <... chdir resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5839] close(3 [pid 5836] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5843 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5841] <... chdir resumed>) = 0 [pid 5840] ioctl(3, LOOP_CLR_FD [pid 5839] <... close resumed>) = 0 [pid 5843] <... prctl resumed>) = 0 [pid 5842] <... prctl resumed>) = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5840] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5839] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] <... prctl resumed>) = 0 [pid 5840] close(3 [pid 5842] setpgid(0, 0 [pid 5841] setpgid(0, 0 [pid 5843] setpgid(0, 0 [pid 5842] <... setpgid resumed>) = 0 [pid 5841] <... setpgid resumed>) = 0 [pid 5840] <... close resumed>) = 0 ./strace-static-x86_64: Process 5844 attached [pid 5843] <... setpgid resumed>) = 0 [pid 5840] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5845 attached [pid 5844] set_robust_list(0x55555bdd26a0, 24 [pid 5842] <... openat resumed>) = 3 [pid 5841] <... openat resumed>) = 3 [pid 5839] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5844 [pid 5845] set_robust_list(0x55555bdd26a0, 24 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5843] write(3, "1000", 4 [pid 5842] write(3, "1000", 4 [pid 5841] write(3, "1000", 4 [pid 5840] <... clone resumed>, child_tidptr=0x55555bdd2690) = 5845 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5844] chdir("./0" [pid 5843] <... write resumed>) = 4 [pid 5842] <... write resumed>) = 4 [pid 5841] <... write resumed>) = 4 [pid 5845] chdir("./0" [pid 5844] <... chdir resumed>) = 0 [pid 5843] close(3 [pid 5842] close(3 [pid 5841] close(3 [pid 5845] <... chdir resumed>) = 0 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] <... close resumed>) = 0 [pid 5842] <... close resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5844] <... prctl resumed>) = 0 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5842] symlink("/dev/binderfs", "./binderfs" [pid 5841] symlink("/dev/binderfs", "./binderfs" [pid 5845] <... prctl resumed>) = 0 [pid 5844] setpgid(0, 0 [pid 5843] <... symlink resumed>) = 0 [pid 5843] write(1, "executing program\n", 18 executing program [pid 5845] setpgid(0, 0 [pid 5844] <... setpgid resumed>) = 0 [pid 5841] <... symlink resumed>) = 0 [pid 5843] <... write resumed>) = 18 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ff0028f60, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ff001a110}, NULL, 8) = 0 [pid 5843] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8feff99000 [pid 5843] mprotect(0x7f8feff9a000, 131072, PROT_READ|PROT_WRITEexecuting program ) = 0 [pid 5845] <... setpgid resumed>) = 0 [pid 5844] <... openat resumed>) = 3 [pid 5842] <... symlink resumed>) = 0 [pid 5841] write(1, "executing program\n", 18 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5841] <... write resumed>) = 18 [pid 5844] write(3, "1000", 4 [pid 5841] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5844] <... write resumed>) = 4 [pid 5841] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ff0028f60, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ff001a110}, [pid 5845] <... openat resumed>) = 3 [pid 5844] close(3 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 5842] write(1, "executing program\n", 18 [pid 5841] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5845] write(3, "1000", 4 [pid 5844] <... close resumed>) = 0 [pid 5843] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5842] <... write resumed>) = 18 [pid 5841] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5845] <... write resumed>) = 4 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] close(3 [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5845] <... close resumed>) = 0 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5842] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feffb9990, parent_tid=0x7f8feffb9990, exit_signal=0, stack=0x7f8feff99000, stack_size=0x20300, tls=0x7f8feffb96c0} [pid 5842] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5847 attached [pid 5845] <... symlink resumed>) = 0 [pid 5842] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ff0028f60, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ff001a110}, executing program [pid 5847] rseq(0x7f8feffb9fe0, 0x20, 0, 0x53053053 [pid 5845] write(1, "executing program\n", 18 [pid 5843] <... clone3 resumed> => {parent_tid=[5847]}, 88) = 5847 executing program [pid 5842] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5841] <... mmap resumed>) = 0x7f8feff99000 [pid 5847] <... rseq resumed>) = 0 [pid 5845] <... write resumed>) = 18 [pid 5844] <... symlink resumed>) = 0 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] mprotect(0x7f8feff9a000, 131072, PROT_READ|PROT_WRITE [pid 5845] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] write(1, "executing program\n", 18 [pid 5845] <... futex resumed>) = 0 [pid 5844] <... write resumed>) = 18 [pid 5845] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ff0028f60, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ff001a110}, [pid 5841] <... mprotect resumed>) = 0 [pid 5845] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5844] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5844] <... futex resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] rt_sigaction(SIGRT_1, {sa_handler=0x7f8ff0028f60, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f8ff001a110}, [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5847] set_robust_list(0x7f8feffb99a0, 24 [pid 5845] <... mmap resumed>) = 0x7f8feff99000 [pid 5844] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5847] <... set_robust_list resumed>) = 0 [pid 5845] mprotect(0x7f8feff9a000, 131072, PROT_READ|PROT_WRITE [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] <... mprotect resumed>) = 0 [pid 5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5843] <... futex resumed>) = 0 [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5841] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5844] <... mmap resumed>) = 0x7f8feff99000 [pid 5843] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5842] <... mmap resumed>) = 0x7f8feff99000 [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feffb9990, parent_tid=0x7f8feffb9990, exit_signal=0, stack=0x7f8feff99000, stack_size=0x20300, tls=0x7f8feffb96c0}./strace-static-x86_64: Process 5848 attached [pid 5847] memfd_create("syzkaller", 0 [pid 5845] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5844] mprotect(0x7f8feff9a000, 131072, PROT_READ|PROT_WRITE [pid 5842] mprotect(0x7f8feff9a000, 131072, PROT_READ|PROT_WRITE [pid 5848] rseq(0x7f8feffb9fe0, 0x20, 0, 0x53053053 [pid 5847] <... memfd_create resumed>) = 3 [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feffb9990, parent_tid=0x7f8feffb9990, exit_signal=0, stack=0x7f8feff99000, stack_size=0x20300, tls=0x7f8feffb96c0} [pid 5844] <... mprotect resumed>) = 0 [pid 5842] <... mprotect resumed>) = 0 [pid 5848] <... rseq resumed>) = 0 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5841] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848 ./strace-static-x86_64: Process 5849 attached [pid 5848] set_robust_list(0x7f8feffb99a0, 24 [pid 5847] <... mmap resumed>) = 0x7f8fe7a00000 [pid 5845] <... clone3 resumed> => {parent_tid=[5849]}, 88) = 5849 [pid 5844] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5842] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] rseq(0x7f8feffb9fe0, 0x20, 0, 0x53053053 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feffb9990, parent_tid=0x7f8feffb9990, exit_signal=0, stack=0x7f8feff99000, stack_size=0x20300, tls=0x7f8feffb96c0} [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5850 attached [pid 5849] <... rseq resumed>) = 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feffb9990, parent_tid=0x7f8feffb9990, exit_signal=0, stack=0x7f8feff99000, stack_size=0x20300, tls=0x7f8feffb96c0} [pid 5841] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] set_robust_list(0x7f8feffb99a0, 24 [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] rseq(0x7f8feffb9fe0, 0x20, 0, 0x53053053 [pid 5845] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5851 attached [pid 5850] <... rseq resumed>) = 0 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5848] memfd_create("syzkaller", 0 [pid 5845] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850 [pid 5842] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5841] <... futex resumed>) = 0 [pid 5851] rseq(0x7f8feffb9fe0, 0x20, 0, 0x53053053 [pid 5850] set_robust_list(0x7f8feffb99a0, 24 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] <... memfd_create resumed>) = 3 [pid 5847] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5851] <... rseq resumed>) = 0 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] set_robust_list(0x7f8feffb99a0, 24 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] memfd_create("syzkaller", 0 [pid 5847] <... write resumed>) = 65536 [pid 5844] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] <... mmap resumed>) = 0x7f8fe7a00000 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] <... memfd_create resumed>) = 3 [pid 5842] <... futex resumed>) = 0 [pid 5850] memfd_create("syzkaller", 0 [pid 5844] <... futex resumed>) = 0 [pid 5844] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] <... memfd_create resumed>) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8fe7a00000 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5848] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5847] munmap(0x7f8fe7a00000, 138412032 [pid 5842] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5849] <... mmap resumed>) = 0x7f8fe7a00000 [pid 5850] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5847] <... munmap resumed>) = 0 [pid 5850] <... write resumed>) = 65536 [pid 5849] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5850] munmap(0x7f8fe7a00000, 138412032 [pid 5848] <... write resumed>) = 65536 [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] memfd_create("syzkaller", 0 [pid 5849] <... write resumed>) = 65536 [pid 5848] munmap(0x7f8fe7a00000, 138412032 [pid 5847] <... openat resumed>) = 4 [pid 5851] <... memfd_create resumed>) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8fe7a00000 [pid 5850] <... munmap resumed>) = 0 [pid 5849] munmap(0x7f8fe7a00000, 138412032 [pid 5848] <... munmap resumed>) = 0 [pid 5847] ioctl(4, LOOP_SET_FD, 3 [pid 5850] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5849] <... munmap resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5847] <... ioctl resumed>) = 0 [pid 5851] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5849] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5848] <... openat resumed>) = 4 [pid 5849] <... openat resumed>) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5850] <... ioctl resumed>) = 0 [pid 5847] close(3 [pid 5850] close(3 [pid 5847] <... close resumed>) = 0 [pid 5850] <... close resumed>) = 0 [pid 5847] close(4 [pid 5850] close(4 [pid 5848] <... ioctl resumed>) = 0 [pid 5851] <... write resumed>) = 65536 [pid 5850] <... close resumed>) = 0 [pid 5847] <... close resumed>) = 0 [pid 5851] munmap(0x7f8fe7a00000, 138412032 [pid 5850] mkdir("./file0", 0777 [pid 5848] close(3 [pid 5847] mkdir("./file0", 0777 [pid 5851] <... munmap resumed>) = 0 [pid 5850] <... mkdir resumed>) = 0 [pid 5848] <... close resumed>) = 0 [pid 5847] <... mkdir resumed>) = 0 [ 75.137421][ T5847] loop0: detected capacity change from 0 to 128 [ 75.137813][ T5850] loop3: detected capacity change from 0 to 128 [ 75.157500][ T5848] loop1: detected capacity change from 0 to 128 [ 75.164665][ T5849] loop4: detected capacity change from 0 to 128 [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5850] mount("/dev/loop3", "./file0", "sysv", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_STRICTATIME|MS_LAZYTIME, "\xff\xff\xff\xff\xff\xff\xff\xff" [pid 5849] <... ioctl resumed>) = 0 [pid 5848] close(4 [pid 5847] mount("/dev/loop0", "./file0", "sysv", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_STRICTATIME|MS_LAZYTIME, "\xff\xff\xff\xff\xff\xff\xff\xff" [pid 5851] <... openat resumed>) = 4 [pid 5849] close(3 [pid 5848] <... close resumed>) = 0 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5849] <... close resumed>) = 0 [pid 5848] mkdir("./file0", 0777) = 0 [pid 5849] close(4) = 0 [pid 5851] <... ioctl resumed>) = 0 [pid 5849] mkdir("./file0", 0777 [pid 5850] <... mount resumed>) = 0 [pid 5848] mount("/dev/loop1", "./file0", "sysv", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_STRICTATIME|MS_LAZYTIME, "\xff\xff\xff\xff\xff\xff\xff\xff" [pid 5847] <... mount resumed>) = 0 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5849] <... mkdir resumed>) = 0 [pid 5849] mount("/dev/loop4", "./file0", "sysv", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_STRICTATIME|MS_LAZYTIME, "\xff\xff\xff\xff\xff\xff\xff\xff" [pid 5850] <... openat resumed>) = 3 [pid 5850] chdir("./file0") = 0 [pid 5849] <... mount resumed>) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5850] futex(0x7f8ff00946a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] <... futex resumed>) = 0 [pid 5849] <... openat resumed>) = 3 [pid 5844] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] chdir("./file0" [pid 5850] <... futex resumed>) = 0 [pid 5844] <... futex resumed>) = 1 [ 75.197856][ T5847] ======================================================= [ 75.197856][ T5847] WARNING: The mand mount option has been deprecated and [ 75.197856][ T5847] and is ignored by this kernel. Remove the mand [ 75.197856][ T5847] option from the mount to silence this warning. [ 75.197856][ T5847] ======================================================= [ 75.198302][ T5851] loop2: detected capacity change from 0 to 128 [pid 5851] close(3 [pid 5850] rename("./file2", "./file1" [pid 5849] <... chdir resumed>) = 0 [pid 5847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... close resumed>) = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5848] <... mount resumed>) = 0 [pid 5851] close(4 [pid 5849] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5849] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5849] futex(0x7f8ff00946a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5851] <... close resumed>) = 0 [pid 5848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5851] mkdir("./file0", 0777 [pid 5848] <... openat resumed>) = 3 [pid 5851] <... mkdir resumed>) = 0 [pid 5848] chdir("./file0") = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5848] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5848] futex(0x7f8ff00946a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5851] mount("/dev/loop2", "./file0", "sysv", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_SILENT|MS_STRICTATIME|MS_LAZYTIME, "\xff\xff\xff\xff\xff\xff\xff\xff") = 0 [pid 5851] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5851] chdir("./file0") = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5851] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5842] <... futex resumed>) = 0 [pid 5845] <... futex resumed>) = 0 [pid 5841] <... futex resumed>) = 0 [pid 5847] <... openat resumed>) = 3 [pid 5841] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] chdir("./file0" [pid 5841] <... futex resumed>) = 1 [pid 5845] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] <... futex resumed>) = 0 [ 75.269057][ T5850] syz-executor130: attempt to access beyond end of device [ 75.269057][ T5850] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.285900][ T5850] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 75.286798][ T5851] syz-executor130: attempt to access beyond end of device [ 75.286798][ T5851] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.294704][ T5850] syz-executor130: attempt to access beyond end of device [pid 5851] rename("./file2", "./file1" [pid 5849] <... futex resumed>) = 0 [pid 5848] rename("./file2", "./file1" [pid 5847] <... chdir resumed>) = 0 [pid 5845] <... futex resumed>) = 1 [pid 5842] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5849] rename("./file2", "./file1" [pid 5845] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] <... futex resumed>) = 0 [pid 5842] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5844] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5844] futex(0x7f8ff00946bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] <... futex resumed>) = 0 [ 75.294704][ T5850] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 75.313616][ T5849] syz-executor130: attempt to access beyond end of device [ 75.313616][ T5849] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.323226][ T5848] syz-executor130: attempt to access beyond end of device [ 75.323226][ T5848] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.352746][ T5850] Buffer I/O error on dev loop3, logical block 8833403, async page read [pid 5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5847] futex(0x7f8ff00946ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... mmap resumed>) = 0x7f8feff78000 [pid 5847] <... futex resumed>) = 1 [pid 5844] mprotect(0x7f8feff79000, 131072, PROT_READ|PROT_WRITE [pid 5842] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5842] futex(0x7f8ff00946bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8feff78000 [pid 5842] mprotect(0x7f8feff79000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feff98990, parent_tid=0x7f8feff98990, exit_signal=0, stack=0x7f8feff78000, stack_size=0x20300, tls=0x7f8feff986c0} => {parent_tid=[5854]}, 88) = 5854 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5842] futex(0x7f8ff00946b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5842] futex(0x7f8ff00946bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] <... futex resumed>) = 0 [pid 5843] futex(0x7f8ff00946a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] futex(0x7f8ff00946bc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5854 attached [pid 5844] <... mprotect resumed>) = 0 [pid 5843] <... futex resumed>) = 0 [pid 5841] <... futex resumed>) = 0 [pid 5845] futex(0x7f8ff00946bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] rename("./file2", "./file1" [pid 5854] rseq(0x7f8feff98fe0, 0x20, 0, 0x53053053 [pid 5843] futex(0x7f8ff00946ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5854] <... rseq resumed>) = 0 [pid 5854] set_robust_list(0x7f8feff989a0, 24) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 75.361944][ T5849] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 75.364099][ T5848] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 75.371180][ T5851] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 75.379803][ T5850] syz-executor130: attempt to access beyond end of device [ 75.379803][ T5850] loop3: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 75.405383][ T5847] syz-executor130: attempt to access beyond end of device [ 75.405383][ T5847] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 75.406001][ T5849] syz-executor130: attempt to access beyond end of device [ 75.406001][ T5849] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 75.419882][ T5847] Buffer I/O error on dev loop0, logical block 3245768, async page read [ 75.442280][ T5848] syz-executor130: attempt to access beyond end of device [ 75.442280][ T5848] loop1: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 75.442857][ T5851] syz-executor130: attempt to access beyond end of device [pid 5854] unlink("./file1" [pid 5845] <... futex resumed>) = 0 [pid 5842] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5845] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5841] <... mmap resumed>) = 0x7f8feff78000 [pid 5843] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5843] futex(0x7f8ff00946bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f8feff78000 [pid 5843] mprotect(0x7f8feff79000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feff98990, parent_tid=0x7f8feff98990, exit_signal=0, stack=0x7f8feff78000, stack_size=0x20300, tls=0x7f8feff986c0} => {parent_tid=[5855]}, 88) = 5855 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5843] futex(0x7f8ff00946b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] futex(0x7f8ff00946bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5855 attached [pid 5855] rseq(0x7f8feff98fe0, 0x20, 0, 0x53053053) = 0 [pid 5855] set_robust_list(0x7f8feff989a0, 24) = 0 [pid 5855] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feff98990, parent_tid=0x7f8feff98990, exit_signal=0, stack=0x7f8feff78000, stack_size=0x20300, tls=0x7f8feff986c0} [pid 5841] mprotect(0x7f8feff79000, 131072, PROT_READ|PROT_WRITE [pid 5845] <... mmap resumed>) = 0x7f8feff78000 [pid 5855] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] mprotect(0x7f8feff79000, 131072, PROT_READ|PROT_WRITE [pid 5855] unlink("./file1" [pid 5845] <... mprotect resumed>) = 0 [pid 5841] <... mprotect resumed>) = 0 ./strace-static-x86_64: Process 5856 attached [pid 5845] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5841] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5856] rseq(0x7f8feff98fe0, 0x20, 0, 0x53053053 [pid 5845] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5844] <... clone3 resumed> => {parent_tid=[5856]}, 88) = 5856 [pid 5841] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5841] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feff98990, parent_tid=0x7f8feff98990, exit_signal=0, stack=0x7f8feff78000, stack_size=0x20300, tls=0x7f8feff986c0} [pid 5856] <... rseq resumed>) = 0 [pid 5845] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f8feff98990, parent_tid=0x7f8feff98990, exit_signal=0, stack=0x7f8feff78000, stack_size=0x20300, tls=0x7f8feff986c0} [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5856] set_robust_list(0x7f8feff989a0, 24 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5857 attached [pid 5856] <... set_robust_list resumed>) = 0 [pid 5845] <... clone3 resumed> => {parent_tid=[5857]}, 88) = 5857 [pid 5844] futex(0x7f8ff00946b8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5858 attached [pid 5857] rseq(0x7f8feff98fe0, 0x20, 0, 0x53053053 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] <... futex resumed>) = 0 [pid 5841] <... clone3 resumed> => {parent_tid=[5858]}, 88) = 5858 [pid 5856] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] futex(0x7f8ff00946bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5858] rseq(0x7f8feff98fe0, 0x20, 0, 0x53053053 [pid 5857] <... rseq resumed>) = 0 [pid 5856] unlink("./file1" [pid 5845] futex(0x7f8ff00946b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... rseq resumed>) = 0 [pid 5857] set_robust_list(0x7f8feff989a0, 24 [pid 5858] set_robust_list(0x7f8feff989a0, 24 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5845] <... futex resumed>) = 0 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] rt_sigprocmask(SIG_SETMASK, [], [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] futex(0x7f8ff00946bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5841] futex(0x7f8ff00946b8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5857] unlink("./file1" [pid 5858] unlink("./file1" [pid 5841] <... futex resumed>) = 0 [pid 5841] futex(0x7f8ff00946bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5843] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 75.442857][ T5851] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 75.456945][ T5850] Buffer I/O error on dev loop3, logical block 13269809, async page read [ 75.481622][ T5848] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 75.482593][ T5849] Buffer I/O error on dev loop4, logical block 8833403, async page read [ 75.490877][ T5847] Buffer I/O error on dev loop0, logical block 8833403, async page read [pid 5844] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5845] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5841] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5842] exit_group(0) = ? [pid 5843] exit_group(0) = ? [pid 5845] exit_group(0) = ? [pid 5841] exit_group(0) = ? [pid 5844] exit_group(0) = ? [pid 5838] kill(-5842, SIGKILL [pid 5837] kill(-5841, SIGKILL [pid 5838] <... kill resumed>) = 0 [pid 5837] <... kill resumed>) = 0 [pid 5838] kill(5842, SIGKILL [pid 5837] kill(5841, SIGKILL [pid 5838] <... kill resumed>) = 0 [pid 5837] <... kill resumed>) = 0 [pid 5836] kill(-5843, SIGKILL) = 0 [pid 5836] kill(5843, SIGKILL) = 0 [pid 5839] kill(-5844, SIGKILL) = 0 [pid 5839] kill(5844, SIGKILL) = 0 [pid 5840] kill(-5845, SIGKILL) = 0 [pid 5840] kill(5845, SIGKILL) = 0 [pid 5838] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5838] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5838] getdents64(3, 0x55555bdd3730 /* 2 entries */, 32768) = 48 [pid 5838] getdents64(3, 0x55555bdd3730 /* 0 entries */, 32768) = 0 [pid 5837] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5838] close(3 [pid 5837] <... openat resumed>) = 3 [pid 5837] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5837] getdents64(3, [pid 5838] <... close resumed>) = 0 [pid 5837] <... getdents64 resumed>0x55555bdd3730 /* 2 entries */, 32768) = 48 [pid 5837] getdents64(3, 0x55555bdd3730 /* 0 entries */, 32768) = 0 [pid 5837] close(3) = 0 [pid 5836] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5839] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5836] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5836] newfstatat(3, "", [pid 5839] newfstatat(3, "", [pid 5836] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5839] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5836] getdents64(3, 0x55555bdd3730 /* 2 entries */, 32768) = 48 [pid 5836] getdents64(3, 0x55555bdd3730 /* 0 entries */, 32768) = 0 [pid 5839] getdents64(3, [pid 5836] close(3 [pid 5839] <... getdents64 resumed>0x55555bdd3730 /* 2 entries */, 32768) = 48 [pid 5836] <... close resumed>) = 0 [pid 5839] getdents64(3, 0x55555bdd3730 /* 0 entries */, 32768) = 0 [pid 5839] close(3) = 0 [pid 5840] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5840] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5840] getdents64(3, 0x55555bdd3730 /* 2 entries */, 32768) = 48 [pid 5840] getdents64(3, 0x55555bdd3730 /* 0 entries */, 32768) = 0 [pid 5840] close(3) = 0 [ 86.857057][ T973] cfg80211: failed to load regulatory.db [ 286.525227][ T30] INFO: task syz-executor130:5858 blocked for more than 143 seconds. [ 286.533664][ T30] Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 286.575120][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.583880][ T30] task:syz-executor130 state:D stack:29072 pid:5858 tgid:5841 ppid:5837 flags:0x00004006 [ 286.655113][ T30] Call Trace: [ 286.658498][ T30] [ 286.661726][ T30] __schedule+0x17fb/0x4be0 [ 286.725526][ T30] ? __pfx___schedule+0x10/0x10 [ 286.730498][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.765111][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.771188][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.795180][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.800377][ T30] ? schedule+0x90/0x320 [ 286.804646][ T30] schedule+0x14b/0x320 [ 286.855145][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.860703][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 286.885288][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 286.891289][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 286.925125][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 286.930230][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 286.955168][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.960314][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.005136][ T30] down_write_nested+0x1e0/0x220 [ 287.010159][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 287.055166][ T30] do_unlinkat+0x26a/0x830 [ 287.059685][ T30] ? __pfx_do_unlinkat+0x10/0x10 [ 287.064657][ T30] ? __might_fault+0xc6/0x120 [ 287.115142][ T30] ? strncpy_from_user+0x152/0x270 [ 287.120373][ T30] ? getname_flags+0x1e3/0x540 [ 287.155148][ T30] __x64_sys_unlink+0x47/0x50 [ 287.159908][ T30] do_syscall_64+0xf3/0x230 [ 287.164447][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.205098][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.211079][ T30] RIP: 0033:0x7f8ff0002b49 [ 287.245120][ T30] RSP: 002b:00007f8feff98218 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 287.253717][ T30] RAX: ffffffffffffffda RBX: 00007f8ff00946b8 RCX: 00007f8ff0002b49 [ 287.325144][ T30] RDX: 00007f8feffdc0f6 RSI: 0000000000000000 RDI: 0000000020000580 [ 287.333201][ T30] RBP: 00007f8ff00946b0 R08: 00007fffff5b63d7 R09: 0000000000000000 [ 287.375144][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0031656c69662f2e [ 287.383197][ T30] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 287.455114][ T30] [ 287.458293][ T30] INFO: task syz-executor130:5854 blocked for more than 144 seconds. [ 287.495132][ T30] Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 287.502494][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.575080][ T30] task:syz-executor130 state:D stack:28440 pid:5854 tgid:5842 ppid:5838 flags:0x00004006 [ 287.615100][ T30] Call Trace: [ 287.618541][ T30] [ 287.621566][ T30] __schedule+0x17fb/0x4be0 [ 287.655119][ T30] ? __pfx___schedule+0x10/0x10 [ 287.660066][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.695101][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.701181][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.745131][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.750339][ T30] ? schedule+0x90/0x320 [ 287.754628][ T30] schedule+0x14b/0x320 [ 287.795108][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.800680][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.845117][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.851124][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.895124][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.900227][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.935092][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.940204][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.975107][ T30] down_write_nested+0x1e0/0x220 [ 287.980136][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 288.025140][ T30] do_unlinkat+0x26a/0x830 [ 288.029765][ T30] ? __pfx_do_unlinkat+0x10/0x10 [ 288.034751][ T30] ? __might_fault+0xc6/0x120 [ 288.075145][ T30] ? strncpy_from_user+0x152/0x270 [ 288.080345][ T30] ? getname_flags+0x1e3/0x540 [ 288.125098][ T30] __x64_sys_unlink+0x47/0x50 [ 288.129849][ T30] do_syscall_64+0xf3/0x230 [ 288.134401][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.175161][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.181137][ T30] RIP: 0033:0x7f8ff0002b49 [ 288.225097][ T30] RSP: 002b:00007f8feff98218 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 288.233592][ T30] RAX: ffffffffffffffda RBX: 00007f8ff00946b8 RCX: 00007f8ff0002b49 [ 288.295131][ T30] RDX: 00007f8feffdc0f6 RSI: 0000000000000000 RDI: 0000000020000580 [ 288.303179][ T30] RBP: 00007f8ff00946b0 R08: 00007fffff5b63d7 R09: 0000000000000000 [ 288.344677][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0031656c69662f2e [ 288.385130][ T30] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 288.393214][ T30] [ 288.435160][ T30] INFO: task syz-executor130:5855 blocked for more than 145 seconds. [ 288.443724][ T30] Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 288.505110][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.513939][ T30] task:syz-executor130 state:D stack:28912 pid:5855 tgid:5843 ppid:5836 flags:0x00004006 [ 288.575088][ T30] Call Trace: [ 288.578463][ T30] [ 288.581514][ T30] __schedule+0x17fb/0x4be0 [ 288.615119][ T30] ? __pfx___schedule+0x10/0x10 [ 288.620082][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.655081][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.661136][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.705100][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.710305][ T30] ? schedule+0x90/0x320 [ 288.714680][ T30] schedule+0x14b/0x320 [ 288.765102][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.770651][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 288.815106][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 288.821111][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.865148][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.870375][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.905189][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.910302][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 288.945347][ T30] down_write_nested+0x1e0/0x220 [ 288.950395][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 289.005128][ T30] do_unlinkat+0x26a/0x830 [ 289.009735][ T30] ? __pfx_do_unlinkat+0x10/0x10 [ 289.055104][ T30] ? __might_fault+0xc6/0x120 [ 289.060062][ T30] ? strncpy_from_user+0x152/0x270 [ 289.095107][ T30] ? getname_flags+0x1e3/0x540 [ 289.099945][ T30] __x64_sys_unlink+0x47/0x50 [ 289.104642][ T30] do_syscall_64+0xf3/0x230 [ 289.145140][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.149910][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.185176][ T30] RIP: 0033:0x7f8ff0002b49 [ 289.189696][ T30] RSP: 002b:00007f8feff98218 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 289.235144][ T30] RAX: ffffffffffffffda RBX: 00007f8ff00946b8 RCX: 00007f8ff0002b49 [ 289.243202][ T30] RDX: 00007f8feffdc0f6 RSI: 0000000000000000 RDI: 0000000020000580 [ 289.295096][ T30] RBP: 00007f8ff00946b0 R08: 00007fffff5b63d7 R09: 0000000000000000 [ 289.303144][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0031656c69662f2e [ 289.344600][ T30] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 289.375119][ T30] [ 289.378467][ T30] INFO: task syz-executor130:5856 blocked for more than 146 seconds. [ 289.405128][ T30] Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 289.412470][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.445982][ T30] task:syz-executor130 state:D stack:29072 pid:5856 tgid:5844 ppid:5839 flags:0x00004006 [ 289.485095][ T30] Call Trace: [ 289.488459][ T30] [ 289.493515][ T30] __schedule+0x17fb/0x4be0 [ 289.535140][ T30] ? __pfx___schedule+0x10/0x10 [ 289.540074][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.575088][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.581242][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.615095][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.620375][ T30] ? schedule+0x90/0x320 [ 289.624659][ T30] schedule+0x14b/0x320 [ 289.655096][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.660730][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 289.705119][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 289.711117][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.755126][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.760238][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.795131][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.800349][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 289.835089][ T30] down_write_nested+0x1e0/0x220 [ 289.840115][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 289.875122][ T30] do_unlinkat+0x26a/0x830 [ 289.879641][ T30] ? __pfx_do_unlinkat+0x10/0x10 [ 289.884624][ T30] ? __might_fault+0xc6/0x120 [ 289.945154][ T30] ? strncpy_from_user+0x152/0x270 [ 289.950370][ T30] ? getname_flags+0x1e3/0x540 [ 289.985135][ T30] __x64_sys_unlink+0x47/0x50 [ 289.989911][ T30] do_syscall_64+0xf3/0x230 [ 289.994466][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.035090][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.041173][ T30] RIP: 0033:0x7f8ff0002b49 [ 290.085114][ T30] RSP: 002b:00007f8feff98218 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 290.093615][ T30] RAX: ffffffffffffffda RBX: 00007f8ff00946b8 RCX: 00007f8ff0002b49 [ 290.145122][ T30] RDX: 00007f8feffdc0f6 RSI: 0000000000000000 RDI: 0000000020000580 [ 290.153176][ T30] RBP: 00007f8ff00946b0 R08: 00007fffff5b63d7 R09: 0000000000000000 [ 290.215136][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0031656c69662f2e [ 290.223363][ T30] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 290.285144][ T30] [ 290.295181][ T30] INFO: task syz-executor130:5857 blocked for more than 147 seconds. [ 290.303400][ T30] Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 290.344542][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.385099][ T30] task:syz-executor130 state:D stack:29072 pid:5857 tgid:5845 ppid:5840 flags:0x00004006 [ 290.425464][ T30] Call Trace: [ 290.428820][ T30] [ 290.431785][ T30] __schedule+0x17fb/0x4be0 [ 290.475107][ T30] ? __pfx___schedule+0x10/0x10 [ 290.480037][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.515091][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.521232][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.575095][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.580385][ T30] ? schedule+0x90/0x320 [ 290.584669][ T30] schedule+0x14b/0x320 [ 290.625102][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.630902][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 290.675094][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 290.681096][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.725168][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.730301][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.765106][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.770226][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 290.815119][ T30] down_write_nested+0x1e0/0x220 [ 290.820156][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 290.851533][ T30] do_unlinkat+0x26a/0x830 [ 290.875123][ T30] ? __pfx_do_unlinkat+0x10/0x10 [ 290.880225][ T30] ? __might_fault+0xc6/0x120 [ 290.884949][ T30] ? strncpy_from_user+0x152/0x270 [ 290.915101][ T30] ? getname_flags+0x1e3/0x540 [ 290.919957][ T30] __x64_sys_unlink+0x47/0x50 [ 290.924665][ T30] do_syscall_64+0xf3/0x230 [ 290.955124][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.959913][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.005108][ T30] RIP: 0033:0x7f8ff0002b49 [ 291.009620][ T30] RSP: 002b:00007f8feff98218 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 291.055170][ T30] RAX: ffffffffffffffda RBX: 00007f8ff00946b8 RCX: 00007f8ff0002b49 [ 291.063224][ T30] RDX: 00007f8feffdc0f6 RSI: 0000000000000000 RDI: 0000000020000580 [ 291.095150][ T30] RBP: 00007f8ff00946b0 R08: 00007fffff5b63d7 R09: 0000000000000000 [ 291.103288][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0031656c69662f2e [ 291.155191][ T30] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 291.163267][ T30] [ 291.185122][ T30] [ 291.185122][ T30] Showing all locks held in the system: [ 291.192934][ T30] 1 lock held by khungtaskd/30: [ 291.225102][ T30] #0: ffffffff8e93c520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 291.255119][ T30] 1 lock held by kswapd0/88: [ 291.259816][ T30] 2 locks held by getty/5592: [ 291.264516][ T30] #0: ffff88814cf5a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 291.335400][ T30] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 291.365113][ T30] 2 locks held by syz-executor130/5848: [ 291.370742][ T30] 2 locks held by syz-executor130/5858: [ 291.395122][ T30] #0: ffff88804b276420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.404399][ T30] #1: ffff88807720c6c0 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 291.475098][ T30] 3 locks held by syz-executor130/5851: [ 291.480749][ T30] 2 locks held by syz-executor130/5854: [ 291.515131][ T30] #0: ffff88804bba2420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.524420][ T30] #1: ffff88807720cc00 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 291.575107][ T30] 2 locks held by syz-executor130/5847: [ 291.580726][ T30] 2 locks held by syz-executor130/5855: [ 291.615100][ T30] #0: ffff88807d41c420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.624495][ T30] #1: ffff8880770886c0 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 291.695121][ T30] 3 locks held by syz-executor130/5850: [ 291.700775][ T30] 2 locks held by syz-executor130/5856: [ 291.735127][ T30] #0: ffff88804b886420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.744479][ T30] #1: ffff888077088180 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 291.795103][ T30] 2 locks held by syz-executor130/5849: [ 291.800806][ T30] 2 locks held by syz-executor130/5857: [ 291.835129][ T30] #0: ffff88804b046420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.844399][ T30] #1: ffff88807720c180 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_unlinkat+0x26a/0x830 [ 291.915113][ T30] [ 291.917518][ T30] ============================================= [ 291.917518][ T30] [ 291.955203][ T30] NMI backtrace for cpu 0 [ 291.959609][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 291.969795][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.979974][ T30] Call Trace: [ 291.983275][ T30] [ 291.986228][ T30] dump_stack_lvl+0x241/0x360 [ 291.990949][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.996189][ T30] ? __pfx__printk+0x10/0x10 [ 292.000833][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 292.006075][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.011755][ T30] ? _printk+0xd5/0x120 [ 292.015943][ T30] ? __pfx__printk+0x10/0x10 [ 292.020556][ T30] ? __wake_up_klogd+0xcc/0x110 [ 292.025443][ T30] ? __pfx__printk+0x10/0x10 [ 292.030078][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 292.035160][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 292.041281][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 292.047309][ T30] watchdog+0xff4/0x1040 [ 292.051581][ T30] ? watchdog+0x1ea/0x1040 [ 292.056035][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.060740][ T30] kthread+0x2f0/0x390 [ 292.064835][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.069625][ T30] ? __pfx_kthread+0x10/0x10 [ 292.074252][ T30] ret_from_fork+0x4b/0x80 [ 292.078708][ T30] ? __pfx_kthread+0x10/0x10 [ 292.083317][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.088147][ T30] [ 292.091359][ T30] Sending NMI from CPU 0 to CPUs 1: [ 292.096660][ C1] NMI backtrace for cpu 1 [ 292.096672][ C1] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor130 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 292.096691][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 292.096700][ C1] RIP: 0010:__find_get_block+0x831/0x1150 [ 292.096722][ C1] Code: 75 74 73 ff e8 90 3c 7b ff fb 48 c7 44 24 40 0e 36 e0 45 48 b8 00 00 00 00 00 fc ff df 48 8b 4c 24 38 48 c7 04 08 00 00 00 00 <48> c7 44 08 09 00 00 00 00 66 c7 44 08 11 00 00 c6 44 08 13 00 65 [ 292.096735][ C1] RSP: 0018:ffffc90003f6f340 EFLAGS: 00000246 [ 292.096751][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff920007ede70 [ 292.096763][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 292.096772][ C1] RBP: ffffc90003f6f478 R08: ffffffff8222697d R09: 1ffffd40002f172e [ 292.096784][ C1] R10: dffffc0000000000 R11: fffff940002f172f R12: 0000000000000000 [ 292.096795][ C1] R13: ffffea000178b940 R14: ffffea000178b900 R15: 00000000003186d1 [ 292.096807][ C1] FS: 00007f8feffb96c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 292.096821][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 292.096832][ C1] CR2: 0000561c4fca3600 CR3: 00000000766a6000 CR4: 00000000003526f0 [ 292.096846][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 292.096855][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 292.096865][ C1] Call Trace: [ 292.096870][ C1] [ 292.096876][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 292.096901][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 292.096920][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 292.096943][ C1] ? nmi_handle+0x2a/0x5a0 [ 292.096967][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 292.096990][ C1] ? nmi_handle+0x14f/0x5a0 [ 292.097007][ C1] ? nmi_handle+0x2a/0x5a0 [ 292.097025][ C1] ? __find_get_block+0x831/0x1150 [ 292.097041][ C1] ? default_do_nmi+0x63/0x160 [ 292.097056][ C1] ? exc_nmi+0x123/0x1f0 [ 292.097070][ C1] ? end_repeat_nmi+0xf/0x53 [ 292.097096][ C1] ? __find_get_block+0x63d/0x1150 [ 292.097133][ C1] ? __find_get_block+0x831/0x1150 [ 292.097151][ C1] ? __find_get_block+0x831/0x1150 [ 292.097189][ C1] ? __find_get_block+0x831/0x1150 [ 292.097206][ C1] [ 292.097212][ C1] [ 292.097219][ C1] ? __find_get_block+0x3c1/0x1150 [ 292.097253][ C1] ? __pfx___find_get_block+0x10/0x10 [ 292.097270][ C1] ? __pfx___might_resched+0x10/0x10 [ 292.097298][ C1] ? stack_depot_save_flags+0x29/0x830 [ 292.097326][ C1] ? fs_reclaim_acquire+0x93/0x130 [ 292.097352][ C1] bdev_getblk+0x18d/0x550 [ 292.097375][ C1] __bread_gfp+0x86/0x400 [ 292.097394][ C1] get_branch+0x2c3/0x6e0 [ 292.097416][ C1] get_block+0x180/0x16d0 [ 292.097448][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 292.097465][ C1] ? create_empty_buffers+0x53e/0x740 [ 292.097486][ C1] ? __pfx_lock_release+0x10/0x10 [ 292.097503][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 292.097528][ C1] ? __pfx_get_block+0x10/0x10 [ 292.097561][ C1] ? _raw_spin_unlock+0x28/0x50 [ 292.097580][ C1] ? create_empty_buffers+0x53e/0x740 [ 292.097599][ C1] ? rcu_is_watching+0x15/0xb0 [ 292.097625][ C1] block_read_full_folio+0x418/0xcd0 [ 292.097652][ C1] ? __pfx_get_block+0x10/0x10 [ 292.097678][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 292.097704][ C1] ? folio_add_lru+0x1cd/0x4f0 [ 292.097733][ C1] filemap_read_folio+0x14b/0x630 [ 292.097751][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.097767][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 292.097789][ C1] do_read_cache_folio+0x3f5/0x850 [ 292.097807][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 292.097826][ C1] sysv_find_entry+0x16a/0x4b0 [ 292.097848][ C1] sysv_inode_by_name+0x98/0x2a0 [ 292.097866][ C1] ? __pfx_sysv_inode_by_name+0x10/0x10 [ 292.097889][ C1] sysv_lookup+0x6b/0xe0 [ 292.097906][ C1] lookup_one_qstr_excl+0x11f/0x260 [ 292.097930][ C1] do_renameat2+0x670/0x13f0 [ 292.097957][ C1] ? __virt_addr_valid+0x183/0x530 [ 292.097980][ C1] ? __pfx_do_renameat2+0x10/0x10 [ 292.098003][ C1] ? __virt_addr_valid+0x183/0x530 [ 292.098023][ C1] ? __check_object_size+0x48e/0x900 [ 292.098044][ C1] ? strncpy_from_user+0x152/0x270 [ 292.098070][ C1] ? getname_flags+0x1e3/0x540 [ 292.098092][ C1] __x64_sys_rename+0x82/0x90 [ 292.098110][ C1] do_syscall_64+0xf3/0x230 [ 292.098132][ C1] ? clear_bhb_loop+0x35/0x90 [ 292.098159][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.098183][ C1] RIP: 0033:0x7f8ff0002b49 [ 292.098198][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 292.098212][ C1] RSP: 002b:00007f8feffb9218 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 292.098235][ C1] RAX: ffffffffffffffda RBX: 00007f8ff00946a8 RCX: 00007f8ff0002b49 [ 292.098272][ C1] RDX: 00007f8ff0002b49 RSI: 0000000020000080 RDI: 00000000200000c0 [ 292.098283][ C1] RBP: 00007f8ff00946a0 R08: 0000000000000000 R09: 0000000000000000 [ 292.098294][ C1] R10: 00ffffffffffffff R11: 0000000000000246 R12: 0031656c69662f2e [ 292.098306][ C1] R13: 00007f8ff00570c0 R14: 0030656c69662f2e R15: 0032656c69662f2e [ 292.098326][ C1] [ 292.098333][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.677 msecs [ 293.105173][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 293.112095][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 293.122289][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 293.132371][ T30] Call Trace: [ 293.135672][ T30] [ 293.138621][ T30] dump_stack_lvl+0x241/0x360 [ 293.143344][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 293.148575][ T30] ? __pfx__printk+0x10/0x10 [ 293.153201][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 293.159312][ T30] ? vscnprintf+0x5d/0x90 [ 293.163687][ T30] panic+0x349/0x880 [ 293.167616][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 293.173817][ T30] ? __pfx_panic+0x10/0x10 [ 293.178281][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 293.183699][ T30] ? __irq_work_queue_local+0x137/0x410 [ 293.189274][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 293.194677][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 293.200864][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 293.207077][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 293.213364][ T30] watchdog+0x1033/0x1040 [ 293.217727][ T30] ? watchdog+0x1ea/0x1040 [ 293.222207][ T30] ? __pfx_watchdog+0x10/0x10 [ 293.226921][ T30] kthread+0x2f0/0x390 [ 293.231023][ T30] ? __pfx_watchdog+0x10/0x10 [ 293.235735][ T30] ? __pfx_kthread+0x10/0x10 [ 293.240356][ T30] ret_from_fork+0x4b/0x80 [ 293.244797][ T30] ? __pfx_kthread+0x10/0x10 [ 293.249420][ T30] ret_from_fork_asm+0x1a/0x30 [ 293.254242][ T30] [ 293.257574][ T30] Kernel Offset: disabled [ 293.261992][ T30] Rebooting in 86400 seconds..