./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1201817106 <...> Warning: Permanently added '10.128.1.182' (ED25519) to the list of known hosts. execve("./syz-executor1201817106", ["./syz-executor1201817106"], 0x7ffedf65c930 /* 10 vars */) = 0 brk(NULL) = 0x55556fe81000 brk(0x55556fe81d40) = 0x55556fe81d40 arch_prctl(ARCH_SET_FS, 0x55556fe813c0) = 0 set_tid_address(0x55556fe81690) = 5844 set_robust_list(0x55556fe816a0, 24) = 0 rseq(0x55556fe81ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1201817106", 4096) = 28 getrandom("\x39\xab\x64\xdd\x0d\x39\x00\xd8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556fe81d40 brk(0x55556fea2d40) = 0x55556fea2d40 brk(0x55556fea3000) = 0x55556fea3000 mprotect(0x7f5ab5d56000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5845 attached , child_tidptr=0x55556fe81690) = 5845 [pid 5845] set_robust_list(0x55556fe816a0, 24 [pid 5844] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5846 attached [pid 5844] <... clone resumed>, child_tidptr=0x55556fe81690) = 5846 [pid 5846] set_robust_list(0x55556fe816a0, 24 [pid 5845] mkdir("./syzkaller.SVXvCz", 0700 [pid 5844] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5846] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5847 attached [pid 5846] mkdir("./syzkaller.8EGxXD", 0700 [pid 5844] <... clone resumed>, child_tidptr=0x55556fe81690) = 5847 [pid 5847] set_robust_list(0x55556fe816a0, 24 [pid 5846] <... mkdir resumed>) = 0 [pid 5845] <... mkdir resumed>) = 0 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5844] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] chmod("./syzkaller.SVXvCz", 0777 [pid 5847] mkdir("./syzkaller.i3qQS4", 0700 [pid 5846] chmod("./syzkaller.8EGxXD", 0777 [pid 5845] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5848 attached [pid 5848] set_robust_list(0x55556fe816a0, 24 [pid 5844] <... clone resumed>, child_tidptr=0x55556fe81690) = 5848 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5847] <... mkdir resumed>) = 0 [pid 5846] <... chmod resumed>) = 0 [pid 5845] chdir("./syzkaller.SVXvCz" [pid 5844] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5846] chdir("./syzkaller.8EGxXD" [pid 5848] mkdir("./syzkaller.WF8bCX", 0700 [pid 5847] chmod("./syzkaller.i3qQS4", 0777 [pid 5846] <... chdir resumed>) = 0 [pid 5845] <... chdir resumed>) = 0 [pid 5846] mkdir("./0", 0777./strace-static-x86_64: Process 5849 attached [pid 5848] <... mkdir resumed>) = 0 [pid 5847] <... chmod resumed>) = 0 [pid 5845] mkdir("./0", 0777 [pid 5844] <... clone resumed>, child_tidptr=0x55556fe81690) = 5849 [pid 5847] chdir("./syzkaller.i3qQS4" [pid 5849] set_robust_list(0x55556fe816a0, 24 [pid 5848] chmod("./syzkaller.WF8bCX", 0777 [pid 5846] <... mkdir resumed>) = 0 [pid 5845] <... mkdir resumed>) = 0 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5848] <... chmod resumed>) = 0 [pid 5847] <... chdir resumed>) = 0 [pid 5847] mkdir("./0", 0777 [pid 5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5848] chdir("./syzkaller.WF8bCX" [pid 5846] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5849] mkdir("./syzkaller.ZFKQ9U", 0700 [pid 5847] <... mkdir resumed>) = 0 [pid 5845] <... openat resumed>) = 3 [pid 5848] <... chdir resumed>) = 0 [pid 5847] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5846] <... openat resumed>) = 3 [pid 5849] <... mkdir resumed>) = 0 [pid 5848] mkdir("./0", 0777 [pid 5845] ioctl(3, LOOP_CLR_FD [pid 5847] <... openat resumed>) = 3 [pid 5849] chmod("./syzkaller.ZFKQ9U", 0777 [pid 5847] ioctl(3, LOOP_CLR_FD [pid 5846] ioctl(3, LOOP_CLR_FD [pid 5845] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5845] close(3 [pid 5849] <... chmod resumed>) = 0 [pid 5848] <... mkdir resumed>) = 0 [pid 5847] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5846] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5849] chdir("./syzkaller.ZFKQ9U" [pid 5848] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5847] close(3 [pid 5846] close(3 [pid 5849] <... chdir resumed>) = 0 [pid 5847] <... close resumed>) = 0 [pid 5846] <... close resumed>) = 0 [pid 5849] mkdir("./0", 0777 [pid 5848] <... openat resumed>) = 3 [pid 5847] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5846] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] <... close resumed>) = 0 [pid 5848] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5850 attached [pid 5849] <... mkdir resumed>) = 0 [pid 5848] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5845] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached [pid 5850] set_robust_list(0x55556fe816a0, 24 [pid 5851] set_robust_list(0x55556fe816a0, 24 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5851] chdir("./0" [pid 5850] chdir("./0" [pid 5849] <... openat resumed>) = 3 [pid 5851] <... chdir resumed>) = 0 [pid 5850] <... chdir resumed>) = 0 [pid 5848] close(3 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5848] <... close resumed>) = 0 [pid 5847] <... clone resumed>, child_tidptr=0x55556fe81690) = 5851 [pid 5849] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5846] <... clone resumed>, child_tidptr=0x55556fe81690) = 5850 [pid 5849] close(3) = 0 [pid 5849] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5853 attached ./strace-static-x86_64: Process 5852 attached [pid 5851] setpgid(0, 0 [pid 5850] <... prctl resumed>) = 0 [pid 5848] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5851] <... setpgid resumed>) = 0 [pid 5850] setpgid(0, 0 [pid 5852] set_robust_list(0x55556fe816a0, 24 [pid 5845] <... clone resumed>, child_tidptr=0x55556fe81690) = 5852 [pid 5852] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5854 attached [pid 5852] chdir("./0" [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5850] <... setpgid resumed>) = 0 [pid 5854] set_robust_list(0x55556fe816a0, 24 [pid 5852] <... chdir resumed>) = 0 [pid 5851] <... openat resumed>) = 3 [pid 5849] <... clone resumed>, child_tidptr=0x55556fe81690) = 5853 [pid 5854] <... set_robust_list resumed>) = 0 [pid 5853] set_robust_list(0x55556fe816a0, 24 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5848] <... clone resumed>, child_tidptr=0x55556fe81690) = 5854 [pid 5854] chdir("./0" [pid 5852] <... prctl resumed>) = 0 [pid 5850] <... openat resumed>) = 3 [pid 5853] <... set_robust_list resumed>) = 0 [pid 5851] write(3, "1000", 4 [pid 5850] write(3, "1000", 4 [pid 5854] <... chdir resumed>) = 0 [pid 5853] chdir("./0" [pid 5852] setpgid(0, 0 [pid 5851] <... write resumed>) = 4 [pid 5850] <... write resumed>) = 4 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5852] <... setpgid resumed>) = 0 [pid 5851] close(3 [pid 5853] <... chdir resumed>) = 0 [pid 5850] close(3 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5851] <... close resumed>) = 0 [pid 5853] <... prctl resumed>) = 0 [pid 5851] symlink("/dev/binderfs", "./binderfs" [pid 5850] <... close resumed>) = 0 [pid 5854] <... prctl resumed>) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5854] setpgid(0, 0 [pid 5853] setpgid(0, 0 [pid 5851] <... symlink resumed>) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs" [pid 5854] <... setpgid resumed>) = 0 [pid 5853] <... setpgid resumed>) = 0 [pid 5852] <... openat resumed>) = 3 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5852] write(3, "1000", 4 [pid 5854] <... openat resumed>) = 3 [pid 5852] <... write resumed>) = 4 [pid 5852] close(3 [pid 5854] write(3, "1000", 4 [pid 5852] <... close resumed>) = 0 [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5854] <... write resumed>) = 4 [pid 5854] close(3) = 0 [pid 5854] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5852] write(1, "executing program\n", 18) = 18 [pid 5852] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000executing program executing program [pid 5850] <... symlink resumed>) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5852] <... futex resumed>) = 0 [pid 5851] write(1, "executing program\n", 18 [pid 5854] write(1, "executing program\n", 18 [pid 5852] rt_sigaction(SIGRT_1, {sa_handler=0x7f5ab5cf0fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5ab5ce2190}, [pid 5854] <... write resumed>) = 18 [pid 5853] <... openat resumed>) = 3 [pid 5852] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5851] <... write resumed>) = 18 [pid 5854] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5854] <... futex resumed>) = 0 executing program [pid 5853] write(3, "1000", 4 [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] write(1, "executing program\n", 18 [pid 5854] rt_sigaction(SIGRT_1, {sa_handler=0x7f5ab5cf0fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5ab5ce2190}, [pid 5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5851] <... futex resumed>) = 0 [pid 5853] <... write resumed>) = 4 [pid 5851] rt_sigaction(SIGRT_1, {sa_handler=0x7f5ab5cf0fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5ab5ce2190}, [pid 5850] <... write resumed>) = 18 [pid 5853] close(3 [pid 5851] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5850] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... close resumed>) = 0 [pid 5851] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5850] <... futex resumed>) = 0 [pid 5853] symlink("/dev/binderfs", "./binderfs" [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] rt_sigaction(SIGRT_1, {sa_handler=0x7f5ab5cf0fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5ab5ce2190}, [pid 5854] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5853] <... symlink resumed>) = 0 [pid 5852] <... mmap resumed>) = 0x7f5ab5c61000 [pid 5850] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5854] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5852] mprotect(0x7f5ab5c62000, 131072, PROT_READ|PROT_WRITE [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5852] <... mprotect resumed>) = 0 [pid 5854] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5852] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5854] <... mmap resumed>) = 0x7f5ab5c61000 [pid 5852] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5854] mprotect(0x7f5ab5c62000, 131072, PROT_READ|PROT_WRITE [pid 5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c81990, parent_tid=0x7f5ab5c81990, exit_signal=0, stack=0x7f5ab5c61000, stack_size=0x20300, tls=0x7f5ab5c816c0}./strace-static-x86_64: Process 5856 attached [pid 5854] <... mprotect resumed>) = 0 [pid 5856] rseq(0x7f5ab5c81fe0, 0x20, 0, 0x53053053 [pid 5854] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5852] <... clone3 resumed> => {parent_tid=[5856]}, 88) = 5856 [pid 5856] <... rseq resumed>) = 0 [pid 5856] set_robust_list(0x7f5ab5c819a0, 24 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5856] <... set_robust_list resumed>) = 0 [pid 5854] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], executing program [pid 5852] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c81990, parent_tid=0x7f5ab5c81990, exit_signal=0, stack=0x7f5ab5c61000, stack_size=0x20300, tls=0x7f5ab5c816c0} [pid 5853] write(1, "executing program\n", 18 [pid 5851] <... mmap resumed>) = 0x7f5ab5c61000 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5857 attached [pid 5856] memfd_create("syzkaller", 0 [pid 5853] <... write resumed>) = 18 [pid 5852] <... futex resumed>) = 0 [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5851] mprotect(0x7f5ab5c62000, 131072, PROT_READ|PROT_WRITE [pid 5857] rseq(0x7f5ab5c81fe0, 0x20, 0, 0x53053053 [pid 5853] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5851] <... mprotect resumed>) = 0 [pid 5850] <... mmap resumed>) = 0x7f5ab5c61000 [pid 5857] <... rseq resumed>) = 0 [pid 5856] <... memfd_create resumed>) = 3 [pid 5853] <... futex resumed>) = 0 [pid 5857] set_robust_list(0x7f5ab5c819a0, 24 [pid 5854] <... clone3 resumed> => {parent_tid=[5857]}, 88) = 5857 [pid 5851] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5850] mprotect(0x7f5ab5c62000, 131072, PROT_READ|PROT_WRITE [pid 5857] <... set_robust_list resumed>) = 0 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] rt_sigaction(SIGRT_1, {sa_handler=0x7f5ab5cf0fe0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f5ab5ce2190}, [pid 5851] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], [pid 5856] <... mmap resumed>) = 0x7f5aad800000 [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5851] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c81990, parent_tid=0x7f5ab5c81990, exit_signal=0, stack=0x7f5ab5c61000, stack_size=0x20300, tls=0x7f5ab5c816c0} [pid 5850] <... mprotect resumed>) = 0 [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 ./strace-static-x86_64: Process 5858 attached [pid 5857] memfd_create("syzkaller", 0 [pid 5854] <... futex resumed>) = 0 [pid 5853] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5854] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5853] <... mmap resumed>) = 0x7f5ab5c61000 [pid 5851] <... clone3 resumed> => {parent_tid=[5858]}, 88) = 5858 [pid 5858] rseq(0x7f5ab5c81fe0, 0x20, 0, 0x53053053 [pid 5857] <... memfd_create resumed>) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5aad800000 [pid 5856] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5853] mprotect(0x7f5ab5c62000, 131072, PROT_READ|PROT_WRITE [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... rseq resumed>) = 0 [pid 5857] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5856] <... write resumed>) = 65536 [pid 5853] <... mprotect resumed>) = 0 [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5858] set_robust_list(0x7f5ab5c819a0, 24 [pid 5851] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c81990, parent_tid=0x7f5ab5c81990, exit_signal=0, stack=0x7f5ab5c61000, stack_size=0x20300, tls=0x7f5ab5c816c0} [pid 5858] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 5859 attached [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] <... futex resumed>) = 0 [pid 5856] munmap(0x7f5aad800000, 138412032 [pid 5859] rseq(0x7f5ab5c81fe0, 0x20, 0, 0x53053053 [pid 5858] memfd_create("syzkaller", 0 [pid 5856] <... munmap resumed>) = 0 [pid 5851] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] <... clone3 resumed> => {parent_tid=[5859]}, 88) = 5859 [pid 5859] <... rseq resumed>) = 0 [pid 5858] <... memfd_create resumed>) = 3 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5859] set_robust_list(0x7f5ab5c819a0, 24 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5856] <... openat resumed>) = 4 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5859] <... set_robust_list resumed>) = 0 [pid 5858] <... mmap resumed>) = 0x7f5aad800000 [pid 5857] <... write resumed>) = 65536 [pid 5856] ioctl(4, LOOP_SET_FD, 3 [pid 5853] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c81990, parent_tid=0x7f5ab5c81990, exit_signal=0, stack=0x7f5ab5c61000, stack_size=0x20300, tls=0x7f5ab5c816c0} [pid 5850] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5859] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5850] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5860 attached [pid 5859] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] <... write resumed>) = 65536 [pid 5857] munmap(0x7f5aad800000, 138412032 [pid 5856] <... ioctl resumed>) = 0 [pid 5853] <... clone3 resumed> => {parent_tid=[5860]}, 88) = 5860 [pid 5850] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5860] rseq(0x7f5ab5c81fe0, 0x20, 0, 0x53053053 [pid 5859] memfd_create("syzkaller", 0 [pid 5858] munmap(0x7f5aad800000, 138412032 [pid 5857] <... munmap resumed>) = 0 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], [pid 5860] <... rseq resumed>) = 0 [pid 5859] <... memfd_create resumed>) = 3 [pid 5858] <... munmap resumed>) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5856] close(3 [pid 5853] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5860] set_robust_list(0x7f5ab5c819a0, 24 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5858] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5857] <... openat resumed>) = 4 [pid 5856] <... close resumed>) = 0 [pid 5853] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] <... set_robust_list resumed>) = 0 [pid 5859] <... mmap resumed>) = 0x7f5aad800000 [pid 5858] <... openat resumed>) = 4 [pid 5857] ioctl(4, LOOP_SET_FD, 3 [pid 5853] <... futex resumed>) = 0 [pid 5860] rt_sigprocmask(SIG_SETMASK, [], [pid 5859] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5858] ioctl(4, LOOP_SET_FD, 3 [pid 5856] close(4 [pid 5853] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5860] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5856] <... close resumed>) = 0 [pid 5860] memfd_create("syzkaller", 0 [pid 5856] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5860] <... memfd_create resumed>) = 3 [pid 5856] <... mkdir resumed>) = 0 [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5856] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "" [pid 5860] <... mmap resumed>) = 0x7f5aad800000 [ 126.042340][ T5856] loop0: detected capacity change from 0 to 128 [ 126.068629][ T5857] loop3: detected capacity change from 0 to 128 [pid 5860] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536 [pid 5859] <... write resumed>) = 65536 [pid 5857] <... ioctl resumed>) = 0 [pid 5857] close(3 [pid 5859] munmap(0x7f5aad800000, 138412032 [pid 5858] <... ioctl resumed>) = 0 [pid 5859] <... munmap resumed>) = 0 [pid 5857] <... close resumed>) = 0 [pid 5856] <... mount resumed>) = 0 [pid 5858] close(3 [pid 5860] <... write resumed>) = 65536 [pid 5859] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5860] munmap(0x7f5aad800000, 138412032 [pid 5857] close(4 [pid 5860] <... munmap resumed>) = 0 [pid 5857] <... close resumed>) = 0 [pid 5857] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5856] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5860] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5860] ioctl(4, LOOP_SET_FD, 3 [pid 5859] <... openat resumed>) = 4 [pid 5858] <... close resumed>) = 0 [pid 5859] ioctl(4, LOOP_SET_FD, 3 [pid 5858] close(4 [pid 5857] mount("/dev/loop3", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "" [pid 5856] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5858] <... close resumed>) = 0 [pid 5856] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5856] futex(0x7f5ab5d5c6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5858] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777 [pid 5852] <... futex resumed>) = 0 [pid 5852] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5856] <... futex resumed>) = 0 [pid 5852] <... futex resumed>) = 1 [pid 5856] getdents64(3, [pid 5852] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5860] <... ioctl resumed>) = 0 [pid 5859] <... ioctl resumed>) = 0 [pid 5858] <... mkdir resumed>) = 0 [pid 5858] mount("/dev/loop2", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "" [pid 5859] close(3 [pid 5860] close(3) = 0 [pid 5860] close(4) = 0 [pid 5860] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5857] <... mount resumed>) = 0 [pid 5860] mount("/dev/loop4", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "" [pid 5857] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5858] <... mount resumed>) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5859] <... close resumed>) = 0 [pid 5857] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5859] close(4) = 0 [pid 5857] <... futex resumed>) = 1 [pid 5857] futex(0x7f5ab5d5c6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5859] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [pid 5858] <... openat resumed>) = 3 [pid 5859] mount("/dev/loop1", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "sysv", MS_SILENT|MS_RELATIME|MS_STRICTATIME, "" [pid 5858] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5854] <... futex resumed>) = 0 [ 126.087511][ T5858] loop2: detected capacity change from 0 to 128 [ 126.110968][ T5860] loop4: detected capacity change from 0 to 128 [ 126.118784][ T5859] loop1: detected capacity change from 0 to 128 [ 126.128070][ T5856] syz-executor120: attempt to access beyond end of device [ 126.128070][ T5856] loop0: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5860] <... mount resumed>) = 0 [pid 5858] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5854] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5857] <... futex resumed>) = 0 [pid 5854] <... futex resumed>) = 1 [pid 5857] getdents64(3, [pid 5854] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5858] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5859] <... mount resumed>) = 0 [pid 5858] <... futex resumed>) = 1 [pid 5852] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5851] <... futex resumed>) = 0 [pid 5859] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY [pid 5858] futex(0x7f5ab5d5c6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5851] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5851] <... futex resumed>) = 0 [pid 5858] getdents64(3, [pid 5851] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5859] <... openat resumed>) = 3 [pid 5860] <... openat resumed>) = 3 [pid 5852] futex(0x7f5ab5d5c6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5852] <... futex resumed>) = 0 [pid 5860] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5860] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... mmap resumed>) = 0x7f5ab5c40000 [pid 5860] <... futex resumed>) = 1 [pid 5852] mprotect(0x7f5ab5c41000, 131072, PROT_READ|PROT_WRITE [pid 5860] futex(0x7f5ab5d5c6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5852] <... mprotect resumed>) = 0 [pid 5859] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5853] <... futex resumed>) = 0 [pid 5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c60990, parent_tid=0x7f5ab5c60990, exit_signal=0, stack=0x7f5ab5c40000, stack_size=0x20300, tls=0x7f5ab5c606c0} [ 126.162798][ T5857] syz-executor120: attempt to access beyond end of device [ 126.162798][ T5857] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 126.180262][ T5858] syz-executor120: attempt to access beyond end of device [ 126.180262][ T5858] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 126.183503][ T5856] Buffer I/O error on dev loop0, logical block 3245768, async page read [pid 5853] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... clone3 resumed> => {parent_tid=[5864]}, 88) = 5864 [pid 5859] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5864 attached [pid 5853] <... futex resumed>) = 1 [pid 5864] rseq(0x7f5ab5c60fe0, 0x20, 0, 0x53053053 [pid 5853] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5860] <... futex resumed>) = 0 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5860] getdents64(3, [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] <... rseq resumed>) = 0 [pid 5859] futex(0x7f5ab5d5c6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] futex(0x7f5ab5d5c6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5852] futex(0x7f5ab5d5c6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5864] set_robust_list(0x7f5ab5c609a0, 24 [pid 5859] <... futex resumed>) = 1 [pid 5851] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5850] <... futex resumed>) = 0 [pid 5854] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5854] futex(0x7f5ab5d5c6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5854] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5ab5c40000 [pid 5854] mprotect(0x7f5ab5c41000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5854] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5854] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c60990, parent_tid=0x7f5ab5c60990, exit_signal=0, stack=0x7f5ab5c40000, stack_size=0x20300, tls=0x7f5ab5c606c0} => {parent_tid=[5865]}, 88) = 5865 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5854] futex(0x7f5ab5d5c6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 126.207258][ T5860] syz-executor120: attempt to access beyond end of device [ 126.207258][ T5860] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 126.217216][ T5858] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 126.229135][ T5857] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 126.230893][ T5858] syz-executor120: attempt to access beyond end of device [ 126.230893][ T5858] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 126.245912][ T5860] Buffer I/O error on dev loop4, logical block 3245768, async page read [pid 5854] futex(0x7f5ab5d5c6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5865 attached [pid 5864] <... set_robust_list resumed>) = 0 [pid 5859] futex(0x7f5ab5d5c6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5851] futex(0x7f5ab5d5c6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] futex(0x7f5ab5d5c6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 0 [pid 5851] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5850] futex(0x7f5ab5d5c6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... mmap resumed>) = 0x7f5ab5c40000 [pid 5851] mprotect(0x7f5ab5c41000, 131072, PROT_READ|PROT_WRITE [pid 5859] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5853] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5864] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] <... mprotect resumed>) = 0 [pid 5865] rseq(0x7f5ab5c60fe0, 0x20, 0, 0x53053053 [pid 5859] getdents64(3, [pid 5853] futex(0x7f5ab5d5c6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5851] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c60990, parent_tid=0x7f5ab5c60990, exit_signal=0, stack=0x7f5ab5c40000, stack_size=0x20300, tls=0x7f5ab5c606c0} => {parent_tid=[5866]}, 88) = 5866 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5851] futex(0x7f5ab5d5c6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 126.253798][ T5858] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 126.270077][ T5858] syz-executor120: attempt to access beyond end of device [ 126.270077][ T5858] loop2: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 126.273991][ T5857] syz-executor120: attempt to access beyond end of device [ 126.273991][ T5857] loop3: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 126.285360][ T5859] syz-executor120: attempt to access beyond end of device [ 126.285360][ T5859] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [pid 5865] <... rseq resumed>) = 0 [pid 5854] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5853] <... futex resumed>) = 0 [pid 5851] futex(0x7f5ab5d5c6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5866 attached [pid 5865] set_robust_list(0x7f5ab5c609a0, 24 [pid 5864] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5852] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5866] rseq(0x7f5ab5c60fe0, 0x20, 0, 0x53053053 [pid 5865] <... set_robust_list resumed>) = 0 [pid 5864] unlinkat(3, "./file0", AT_REMOVEDIR [pid 5853] <... mmap resumed>) = 0x7f5ab5c40000 [pid 5850] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5850] futex(0x7f5ab5d5c6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f5ab5c40000 [pid 5850] mprotect(0x7f5ab5c41000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c60990, parent_tid=0x7f5ab5c60990, exit_signal=0, stack=0x7f5ab5c40000, stack_size=0x20300, tls=0x7f5ab5c606c0} => {parent_tid=[5867]}, 88) = 5867 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] futex(0x7f5ab5d5c6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] futex(0x7f5ab5d5c6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5867 attached [pid 5866] <... rseq resumed>) = 0 [pid 5865] rt_sigprocmask(SIG_SETMASK, [], [ 126.312950][ T5859] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 126.314963][ T5856] syz-executor120: attempt to access beyond end of device [ 126.314963][ T5856] loop0: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 126.321808][ T5858] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 126.344586][ T5860] syz-executor120: attempt to access beyond end of device [ 126.344586][ T5860] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [pid 5853] mprotect(0x7f5ab5c41000, 131072, PROT_READ|PROT_WRITE [pid 5867] rseq(0x7f5ab5c60fe0, 0x20, 0, 0x53053053 [pid 5866] set_robust_list(0x7f5ab5c609a0, 24 [pid 5865] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] <... mprotect resumed>) = 0 [pid 5851] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5867] <... rseq resumed>) = 0 [pid 5866] <... set_robust_list resumed>) = 0 [pid 5865] unlinkat(3, "./file0", AT_REMOVEDIR [pid 5853] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5867] set_robust_list(0x7f5ab5c609a0, 24 [pid 5866] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5867] <... set_robust_list resumed>) = 0 [pid 5866] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f5ab5c60990, parent_tid=0x7f5ab5c60990, exit_signal=0, stack=0x7f5ab5c40000, stack_size=0x20300, tls=0x7f5ab5c606c0} [pid 5867] rt_sigprocmask(SIG_SETMASK, [], [pid 5850] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) ./strace-static-x86_64: Process 5868 attached [pid 5867] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5866] unlinkat(3, "./file0", AT_REMOVEDIR [pid 5868] rseq(0x7f5ab5c60fe0, 0x20, 0, 0x53053053 [pid 5867] unlinkat(3, "./file0", AT_REMOVEDIR [pid 5853] <... clone3 resumed> => {parent_tid=[5868]}, 88) = 5868 [pid 5868] <... rseq resumed>) = 0 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], [pid 5868] set_robust_list(0x7f5ab5c609a0, 24 [pid 5853] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5868] <... set_robust_list resumed>) = 0 [pid 5853] futex(0x7f5ab5d5c6d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] <... futex resumed>) = 0 [pid 5868] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] futex(0x7f5ab5d5c6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 126.345995][ T5859] Buffer I/O error on dev loop1, logical block 8833403, async page read [ 126.360900][ T5856] Buffer I/O error on dev loop0, logical block 8833403, async page read [ 126.368059][ T5859] Buffer I/O error on dev loop1, logical block 13269809, async page read [pid 5868] unlinkat(3, "./file0", AT_REMOVEDIR [pid 5853] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5854] exit_group(0) = ? [pid 5851] exit_group(0) = ? [pid 5850] exit_group(0) = ? [pid 5852] exit_group(0) = ? [pid 5853] exit_group(0) = ? [pid 5846] kill(-5850, SIGKILL) = 0 [pid 5846] kill(5850, SIGKILL [pid 5847] kill(-5851, SIGKILL [pid 5846] <... kill resumed>) = 0 [pid 5847] <... kill resumed>) = 0 [pid 5847] kill(5851, SIGKILL) = 0 [pid 5848] kill(-5854, SIGKILL [pid 5845] kill(-5852, SIGKILL [pid 5848] <... kill resumed>) = 0 [pid 5845] <... kill resumed>) = 0 [pid 5848] kill(5854, SIGKILL [pid 5845] kill(5852, SIGKILL [pid 5848] <... kill resumed>) = 0 [pid 5845] <... kill resumed>) = 0 [pid 5849] kill(-5853, SIGKILL) = 0 [pid 5849] kill(5853, SIGKILL) = 0 [pid 5849] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5849] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5849] getdents64(3, 0x55556fe82730 /* 2 entries */, 32768) = 48 [pid 5849] getdents64(3, 0x55556fe82730 /* 0 entries */, 32768) = 0 [pid 5849] close(3) = 0 [pid 5846] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5846] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5846] getdents64(3, 0x55556fe82730 /* 2 entries */, 32768) = 48 [pid 5846] getdents64(3, 0x55556fe82730 /* 0 entries */, 32768) = 0 [pid 5846] close(3) = 0 [pid 5845] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5845] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5845] getdents64(3, 0x55556fe82730 /* 2 entries */, 32768) = 48 [pid 5845] getdents64(3, 0x55556fe82730 /* 0 entries */, 32768) = 0 [pid 5845] close(3) = 0 [pid 5848] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5848] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5848] getdents64(3, 0x55556fe82730 /* 2 entries */, 32768) = 48 [pid 5848] getdents64(3, 0x55556fe82730 /* 0 entries */, 32768) = 0 [pid 5848] close(3) = 0 [pid 5847] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5847] newfstatat(3, "", {st_mode=S_IFDIR|0755, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 5847] getdents64(3, 0x55556fe82730 /* 2 entries */, 32768) = 48 [pid 5847] getdents64(3, 0x55556fe82730 /* 0 entries */, 32768) = 0 [pid 5847] close(3) = 0 [ 286.608215][ T30] INFO: task syz-executor120:5867 blocked for more than 143 seconds. [ 286.646932][ T30] Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 286.654650][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.726980][ T30] task:syz-executor120 state:D stack:29104 pid:5867 tgid:5850 ppid:5846 flags:0x00004006 [ 286.767011][ T30] Call Trace: [ 286.770395][ T30] [ 286.773361][ T30] __schedule+0x17fa/0x4bd0 [ 286.796986][ T30] ? __pfx___schedule+0x10/0x10 [ 286.802645][ T30] ? __pfx_lock_release+0x10/0x10 [ 286.837022][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.843143][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.876953][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 286.882266][ T30] ? schedule+0x90/0x320 [ 286.886576][ T30] schedule+0x14b/0x320 [ 286.916992][ T30] schedule_preempt_disabled+0x13/0x30 [ 286.922741][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 286.956948][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 286.962980][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.007045][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.012173][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.036979][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.042274][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.077413][ T30] down_write_nested+0x1e0/0x220 [ 287.082588][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 287.116947][ T30] do_rmdir+0x263/0x580 [ 287.121246][ T30] ? __pfx_do_rmdir+0x10/0x10 [ 287.125978][ T30] ? getname_flags+0x1e3/0x540 [ 287.166979][ T30] __x64_sys_unlinkat+0xde/0xf0 [ 287.172123][ T30] do_syscall_64+0xf3/0x230 [ 287.196937][ T30] ? clear_bhb_loop+0x35/0x90 [ 287.201716][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.236951][ T30] RIP: 0033:0x7f5ab5ccabc9 [ 287.241461][ T30] RSP: 002b:00007f5ab5c60228 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 287.286975][ T30] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6d8 RCX: 00007f5ab5ccabc9 [ 287.295019][ T30] RDX: 0000000000000200 RSI: 0000000020000100 RDI: 0000000000000003 [ 287.366912][ T30] RBP: 00007f5ab5d5c6d0 R08: 00007ffee618ebd7 R09: 00007f5ab5c606c0 [ 287.375156][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ab5d5c6dc [ 287.416912][ T30] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 287.425508][ T30] [ 287.456982][ T30] INFO: task syz-executor120:5866 blocked for more than 144 seconds. [ 287.465243][ T30] Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 287.517011][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.526485][ T30] task:syz-executor120 state:D stack:29104 pid:5866 tgid:5851 ppid:5847 flags:0x00004006 [ 287.606928][ T30] Call Trace: [ 287.610295][ T30] [ 287.613437][ T30] __schedule+0x17fa/0x4bd0 [ 287.647016][ T30] ? __pfx___schedule+0x10/0x10 [ 287.652004][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.676980][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 287.683163][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 287.726917][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 287.732135][ T30] ? schedule+0x90/0x320 [ 287.756986][ T30] schedule+0x14b/0x320 [ 287.761662][ T30] schedule_preempt_disabled+0x13/0x30 [ 287.796998][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 287.804620][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 287.846953][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 287.853659][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.886949][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 287.892315][ T30] ? __pfx_lock_release+0x10/0x10 [ 287.926971][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 287.932597][ T30] down_write_nested+0x1e0/0x220 [ 287.957015][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 287.962868][ T30] do_rmdir+0x263/0x580 [ 288.006930][ T30] ? __pfx_do_rmdir+0x10/0x10 [ 288.011978][ T30] ? getname_flags+0x1e3/0x540 [ 288.046939][ T30] __x64_sys_unlinkat+0xde/0xf0 [ 288.053554][ T30] do_syscall_64+0xf3/0x230 [ 288.086919][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.091966][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.116995][ T30] RIP: 0033:0x7f5ab5ccabc9 [ 288.121634][ T30] RSP: 002b:00007f5ab5c60228 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 288.154182][ T30] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6d8 RCX: 00007f5ab5ccabc9 [ 288.186913][ T30] RDX: 0000000000000200 RSI: 0000000020000100 RDI: 0000000000000003 [ 288.196638][ T30] RBP: 00007f5ab5d5c6d0 R08: 00007ffee618ebd7 R09: 00007f5ab5c606c0 [ 288.267008][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ab5d5c6dc [ 288.275789][ T30] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 288.307203][ T30] [ 288.327366][ T30] INFO: task syz-executor120:5864 blocked for more than 145 seconds. [ 288.335515][ T30] Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 288.367304][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 288.376394][ T30] task:syz-executor120 state:D stack:28240 pid:5864 tgid:5852 ppid:5845 flags:0x00004006 [ 288.436941][ T30] Call Trace: [ 288.440426][ T30] [ 288.443867][ T30] __schedule+0x17fa/0x4bd0 [ 288.487034][ T30] ? __pfx___schedule+0x10/0x10 [ 288.492097][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.516908][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 288.523755][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 288.556947][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 288.562904][ T30] ? schedule+0x90/0x320 [ 288.587362][ T30] schedule+0x14b/0x320 [ 288.591590][ T30] schedule_preempt_disabled+0x13/0x30 [ 288.627013][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 288.633273][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 288.676919][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 288.683205][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.706909][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 288.712020][ T30] ? __pfx_lock_release+0x10/0x10 [ 288.746913][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 288.752463][ T30] down_write_nested+0x1e0/0x220 [ 288.786929][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 288.792502][ T30] do_rmdir+0x263/0x580 [ 288.796719][ T30] ? __pfx_do_rmdir+0x10/0x10 [ 288.826992][ T30] ? getname_flags+0x1e3/0x540 [ 288.831856][ T30] __x64_sys_unlinkat+0xde/0xf0 [ 288.856982][ T30] do_syscall_64+0xf3/0x230 [ 288.861604][ T30] ? clear_bhb_loop+0x35/0x90 [ 288.866329][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.926990][ T30] RIP: 0033:0x7f5ab5ccabc9 [ 288.931493][ T30] RSP: 002b:00007f5ab5c60228 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 288.977395][ T30] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6d8 RCX: 00007f5ab5ccabc9 [ 288.985541][ T30] RDX: 0000000000000200 RSI: 0000000020000100 RDI: 0000000000000003 [ 289.017428][ T30] RBP: 00007f5ab5d5c6d0 R08: 00007ffee618ebd7 R09: 00007f5ab5c606c0 [ 289.025569][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ab5d5c6dc [ 289.087365][ T30] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 289.096407][ T30] [ 289.127002][ T30] INFO: task syz-executor120:5868 blocked for more than 145 seconds. [ 289.135424][ T30] Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 289.176936][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 289.185839][ T30] task:syz-executor120 state:D stack:29104 pid:5868 tgid:5853 ppid:5849 flags:0x00004006 [ 289.247061][ T30] Call Trace: [ 289.250418][ T30] [ 289.253387][ T30] __schedule+0x17fa/0x4bd0 [ 289.287009][ T30] ? __pfx___schedule+0x10/0x10 [ 289.291960][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.316948][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 289.323038][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.356971][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 289.362292][ T30] ? schedule+0x90/0x320 [ 289.366670][ T30] schedule+0x14b/0x320 [ 289.406992][ T30] schedule_preempt_disabled+0x13/0x30 [ 289.412535][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 289.457155][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 289.463167][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 289.496907][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.502032][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 289.526981][ T30] ? __pfx_lock_release+0x10/0x10 [ 289.532105][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 289.556933][ T30] down_write_nested+0x1e0/0x220 [ 289.561983][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 289.606936][ T30] do_rmdir+0x263/0x580 [ 289.611204][ T30] ? __pfx_do_rmdir+0x10/0x10 [ 289.615950][ T30] ? getname_flags+0x1e3/0x540 [ 289.656948][ T30] __x64_sys_unlinkat+0xde/0xf0 [ 289.661922][ T30] do_syscall_64+0xf3/0x230 [ 289.666477][ T30] ? clear_bhb_loop+0x35/0x90 [ 289.706916][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.713069][ T30] RIP: 0033:0x7f5ab5ccabc9 [ 289.756987][ T30] RSP: 002b:00007f5ab5c60228 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 289.765755][ T30] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6d8 RCX: 00007f5ab5ccabc9 [ 289.806926][ T30] RDX: 0000000000000200 RSI: 0000000020000100 RDI: 0000000000000003 [ 289.815093][ T30] RBP: 00007f5ab5d5c6d0 R08: 00007ffee618ebd7 R09: 00007f5ab5c606c0 [ 289.857010][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ab5d5c6dc [ 289.865957][ T30] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 289.926926][ T30] [ 289.930065][ T30] INFO: task syz-executor120:5865 blocked for more than 146 seconds. [ 289.966934][ T30] Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 289.974736][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 290.007053][ T30] task:syz-executor120 state:D stack:28088 pid:5865 tgid:5854 ppid:5848 flags:0x00004006 [ 290.056969][ T30] Call Trace: [ 290.060354][ T30] [ 290.063329][ T30] __schedule+0x17fa/0x4bd0 [ 290.087045][ T30] ? __pfx___schedule+0x10/0x10 [ 290.092004][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.126941][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 290.133023][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 290.176948][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 290.182597][ T30] ? schedule+0x90/0x320 [ 290.217022][ T30] schedule+0x14b/0x320 [ 290.221467][ T30] schedule_preempt_disabled+0x13/0x30 [ 290.256981][ T30] rwsem_down_write_slowpath+0xeee/0x13b0 [ 290.262915][ T30] ? rwsem_down_write_slowpath+0xa09/0x13b0 [ 290.307000][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 290.313268][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.356970][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 290.362177][ T30] ? __pfx_lock_release+0x10/0x10 [ 290.396969][ T30] ? rcu_read_lock_any_held+0xb7/0x160 [ 290.402971][ T30] down_write_nested+0x1e0/0x220 [ 290.435262][ T30] ? __pfx_down_write_nested+0x10/0x10 [ 290.445465][ T30] do_rmdir+0x263/0x580 [ 290.466921][ T30] ? __pfx_do_rmdir+0x10/0x10 [ 290.473334][ T30] ? getname_flags+0x1e3/0x540 [ 290.506944][ T30] __x64_sys_unlinkat+0xde/0xf0 [ 290.512695][ T30] do_syscall_64+0xf3/0x230 [ 290.537153][ T30] ? clear_bhb_loop+0x35/0x90 [ 290.542251][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.586918][ T30] RIP: 0033:0x7f5ab5ccabc9 [ 290.591417][ T30] RSP: 002b:00007f5ab5c60228 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 290.627044][ T30] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6d8 RCX: 00007f5ab5ccabc9 [ 290.635238][ T30] RDX: 0000000000000200 RSI: 0000000020000100 RDI: 0000000000000003 [ 290.677036][ T30] RBP: 00007f5ab5d5c6d0 R08: 00007ffee618ebd7 R09: 00007f5ab5c606c0 [ 290.685106][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ab5d5c6dc [ 290.746920][ T30] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 290.755254][ T30] [ 290.796997][ T30] [ 290.796997][ T30] Showing all locks held in the system: [ 290.804809][ T30] 1 lock held by khungtaskd/30: [ 290.847383][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 290.886921][ T30] 1 lock held by kswapd0/89: [ 290.891809][ T30] 2 locks held by getty/5586: [ 290.896669][ T30] #0: ffff88803521a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 290.957372][ T30] #1: ffffc900032332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 290.997069][ T30] 3 locks held by syz-executor120/5859: [ 291.002723][ T30] 2 locks held by syz-executor120/5867: [ 291.046919][ T30] #0: ffff88807b4ee420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.056536][ T30] #1: ffff888071e4c6c0 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580 [ 291.126949][ T30] 2 locks held by syz-executor120/5858: [ 291.132659][ T30] 2 locks held by syz-executor120/5866: [ 291.166940][ T30] #0: ffff88807b0e2420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.176473][ T30] #1: ffff888071e4c180 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580 [ 291.236935][ T30] 4 locks held by syz-executor120/5856: [ 291.242640][ T30] 2 locks held by syz-executor120/5864: [ 291.266965][ T30] #0: ffff8880339e2420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.276401][ T30] #1: ffff888071e10180 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580 [ 291.347024][ T30] 2 locks held by syz-executor120/5860: [ 291.352676][ T30] 2 locks held by syz-executor120/5868: [ 291.396912][ T30] #0: ffff8880339ce420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.406284][ T30] #1: ffff888071e10c00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580 [ 291.456914][ T30] 2 locks held by syz-executor120/5857: [ 291.462538][ T30] 2 locks held by syz-executor120/5865: [ 291.496951][ T30] #0: ffff88807b61a420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 291.506318][ T30] #1: ffff888071e106c0 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580 [ 291.556938][ T30] [ 291.560120][ T30] ============================================= [ 291.560120][ T30] [ 291.587042][ T30] NMI backtrace for cpu 0 [ 291.591727][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 291.602272][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 291.612366][ T30] Call Trace: [ 291.615667][ T30] [ 291.618719][ T30] dump_stack_lvl+0x241/0x360 [ 291.623440][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.628694][ T30] ? __pfx__printk+0x10/0x10 [ 291.633335][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 291.638358][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.644511][ T30] ? _printk+0xd5/0x120 [ 291.648725][ T30] ? __pfx__printk+0x10/0x10 [ 291.653359][ T30] ? __wake_up_klogd+0xcc/0x110 [ 291.658295][ T30] ? __pfx__printk+0x10/0x10 [ 291.663009][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 291.668187][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 291.674257][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 291.680304][ T30] watchdog+0xff4/0x1040 [ 291.685067][ T30] ? watchdog+0x1ea/0x1040 [ 291.689535][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.694262][ T30] kthread+0x2f0/0x390 [ 291.698502][ T30] ? __pfx_watchdog+0x10/0x10 [ 291.703442][ T30] ? __pfx_kthread+0x10/0x10 [ 291.708246][ T30] ret_from_fork+0x4b/0x80 [ 291.713397][ T30] ? __pfx_kthread+0x10/0x10 [ 291.718431][ T30] ret_from_fork_asm+0x1a/0x30 [ 291.723596][ T30] [ 291.727047][ T30] Sending NMI from CPU 0 to CPUs 1: [ 291.732507][ C1] NMI backtrace for cpu 1 [ 291.732528][ C1] CPU: 1 UID: 0 PID: 5859 Comm: syz-executor120 Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 291.732548][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 291.732562][ C1] RIP: 0010:__lock_acquire+0x724/0x2050 [ 291.732591][ C1] Code: 84 db 40 0f b6 c5 0f b6 cb 0f 44 c8 89 4c 24 54 48 8b 44 24 38 0f b6 04 10 84 c0 0f 85 74 13 00 00 41 8b 6d 00 41 89 ec ff cd <0f> 88 a2 00 00 00 89 eb 83 fd 31 73 79 48 8d 04 9b 48 8d 5c c6 20 [ 291.732610][ C1] RSP: 0018:ffffc90004077170 EFLAGS: 00000002 [ 291.732625][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000001 [ 291.732635][ C1] RDX: dffffc0000000000 RSI: ffff8880305c0ae0 RDI: 000000000000000f [ 291.732646][ C1] RBP: 0000000000000002 R08: ffffffff94298807 R09: 1ffffffff2853100 [ 291.732656][ C1] R10: dffffc0000000000 R11: fffffbfff2853101 R12: 0000000000000003 [ 291.732667][ C1] R13: ffff8880305c0ad8 R14: 1ffff110060b816f R15: ffff8880305c0b78 [ 291.732678][ C1] FS: 00007f5ab5c816c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 291.732692][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 291.732703][ C1] CR2: 00005611646182f8 CR3: 000000007437c000 CR4: 00000000003526f0 [ 291.732717][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 291.732726][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 291.732736][ C1] Call Trace: [ 291.732742][ C1] [ 291.732748][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 291.732776][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.732801][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 291.732830][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 291.732849][ C1] ? nmi_handle+0x14f/0x5a0 [ 291.732869][ C1] ? nmi_handle+0x2a/0x5a0 [ 291.732884][ C1] ? __lock_acquire+0x724/0x2050 [ 291.732903][ C1] ? default_do_nmi+0x63/0x160 [ 291.732925][ C1] ? exc_nmi+0x123/0x1f0 [ 291.732944][ C1] ? end_repeat_nmi+0xf/0x53 [ 291.732964][ C1] ? __lock_acquire+0x724/0x2050 [ 291.732983][ C1] ? __lock_acquire+0x724/0x2050 [ 291.733003][ C1] ? __lock_acquire+0x724/0x2050 [ 291.733022][ C1] [ 291.733031][ C1] [ 291.733042][ C1] lock_acquire+0x1ed/0x550 [ 291.733061][ C1] ? folio_try_get+0x1e/0x350 [ 291.733114][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 291.733138][ C1] ? xas_load+0x59b/0x5c0 [ 291.733154][ C1] ? folio_try_get+0x1e/0x350 [ 291.733173][ C1] folio_try_get+0x3b/0x350 [ 291.733192][ C1] ? folio_try_get+0x1e/0x350 [ 291.733218][ C1] filemap_get_entry+0x240/0x3b0 [ 291.733238][ C1] ? filemap_get_entry+0x123/0x3b0 [ 291.733257][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 291.733280][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 291.733301][ C1] __filemap_get_folio+0x71/0xbd0 [ 291.733324][ C1] __find_get_block+0x28a/0x1150 [ 291.733349][ C1] ? __pfx_filemap_get_entry+0x10/0x10 [ 291.733368][ C1] ? __find_get_block+0x3a1/0x1150 [ 291.733386][ C1] ? __pfx___find_get_block+0x10/0x10 [ 291.733403][ C1] ? folio_mark_accessed+0x6f6/0x11b0 [ 291.733427][ C1] ? folio_contains+0x22e/0x540 [ 291.733441][ C1] ? __asan_memset+0x23/0x50 [ 291.733469][ C1] ? folio_unlock+0x126/0x2f0 [ 291.733488][ C1] bdev_getblk+0x33/0x550 [ 291.733508][ C1] __bread_gfp+0x86/0x400 [ 291.733526][ C1] get_branch+0x2c3/0x6e0 [ 291.733568][ C1] get_block+0x180/0x16d0 [ 291.733587][ C1] ? create_empty_buffers+0x53e/0x740 [ 291.733605][ C1] ? __pfx_lock_release+0x10/0x10 [ 291.733623][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 291.733641][ C1] ? __pfx_get_block+0x10/0x10 [ 291.733661][ C1] ? zero_user_segments+0x2b4/0x320 [ 291.733676][ C1] block_read_full_folio+0x418/0xcd0 [ 291.733699][ C1] ? __pfx_get_block+0x10/0x10 [ 291.733713][ C1] ? __pfx_block_read_full_folio+0x10/0x10 [ 291.733735][ C1] ? folio_add_lru+0x1cd/0x4f0 [ 291.733750][ C1] filemap_read_folio+0x14b/0x630 [ 291.733764][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.733780][ C1] ? __pfx_filemap_read_folio+0x10/0x10 [ 291.733797][ C1] do_read_cache_folio+0x3f5/0x850 [ 291.733813][ C1] ? __pfx_sysv_read_folio+0x10/0x10 [ 291.733830][ C1] sysv_readdir+0x193/0x540 [ 291.733846][ C1] ? __fget_files+0x3f3/0x470 [ 291.733867][ C1] iterate_dir+0x571/0x800 [ 291.733887][ C1] __se_sys_getdents64+0x1d3/0x4a0 [ 291.733904][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 291.733922][ C1] ? __pfx___se_sys_getdents64+0x10/0x10 [ 291.733939][ C1] ? __pfx_filldir64+0x10/0x10 [ 291.733964][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 291.733984][ C1] ? do_syscall_64+0x100/0x230 [ 291.734004][ C1] do_syscall_64+0xf3/0x230 [ 291.734021][ C1] ? clear_bhb_loop+0x35/0x90 [ 291.734038][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.734054][ C1] RIP: 0033:0x7f5ab5ccabc9 [ 291.734068][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 291.734080][ C1] RSP: 002b:00007f5ab5c81228 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 291.734095][ C1] RAX: ffffffffffffffda RBX: 00007f5ab5d5c6c8 RCX: 00007f5ab5ccabc9 [ 291.734106][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 291.734116][ C1] RBP: 00007f5ab5d5c6c0 R08: 00007f5ab5c816c0 R09: 00007f5ab5c816c0 [ 291.734126][ C1] R10: 00007f5ab5c816c0 R11: 0000000000000246 R12: 00007f5ab5d5c6cc [ 291.734137][ C1] R13: 00007f5ab5d1f0c0 R14: 0030656c69662f2e R15: 00007ffee618ebd8 [ 291.734153][ C1] [ 291.734160][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.655 msecs [ 292.556949][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 292.563899][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 [ 292.574661][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 292.585452][ T30] Call Trace: [ 292.588804][ T30] [ 292.591762][ T30] dump_stack_lvl+0x241/0x360 [ 292.596482][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.601905][ T30] ? __pfx__printk+0x10/0x10 [ 292.607050][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 292.613171][ T30] ? vscnprintf+0x5d/0x90 [ 292.617650][ T30] panic+0x349/0x880 [ 292.621605][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.627801][ T30] ? __pfx_panic+0x10/0x10 [ 292.632443][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 292.638319][ T30] ? __irq_work_queue_local+0x137/0x410 [ 292.646725][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 292.652521][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 292.658884][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 292.665371][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 292.671826][ T30] watchdog+0x1033/0x1040 [ 292.676202][ T30] ? watchdog+0x1ea/0x1040 [ 292.680666][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.685384][ T30] kthread+0x2f0/0x390 [ 292.689502][ T30] ? __pfx_watchdog+0x10/0x10 [ 292.694401][ T30] ? __pfx_kthread+0x10/0x10 [ 292.699028][ T30] ret_from_fork+0x4b/0x80 [ 292.703487][ T30] ? __pfx_kthread+0x10/0x10 [ 292.708107][ T30] ret_from_fork_asm+0x1a/0x30 [ 292.712932][ T30] [ 292.716340][ T30] Kernel Offset: disabled [ 292.720719][ T30] Rebooting in 86400 seconds..