./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4251384735
<...>
Warning: Permanently added '10.128.0.207' (ED25519) to the list of known hosts.
execve("./syz-executor4251384735", ["./syz-executor4251384735"], 0x7ffeadb017e0 /* 10 vars */) = 0
brk(NULL) = 0x555572b84000
brk(0x555572b84d00) = 0x555572b84d00
arch_prctl(ARCH_SET_FS, 0x555572b84380) = 0
set_tid_address(0x555572b84650) = 5071
set_robust_list(0x555572b84660, 24) = 0
rseq(0x555572b84ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor4251384735", 4096) = 28
getrandom("\x13\x77\x03\x6a\x99\x44\xbc\x10", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555572b84d00
brk(0x555572ba5d00) = 0x555572ba5d00
brk(0x555572ba6000) = 0x555572ba6000
mprotect(0x7fa73ca6d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.i69TsC", 0700) = 0
chmod("./syzkaller.i69TsC", 0777) = 0
chdir("./syzkaller.i69TsC") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached
, child_tidptr=0x555572b84650) = 5072
[pid 5072] set_robust_list(0x555572b84660, 24) = 0
[pid 5072] chdir("./0") = 0
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] setpgid(0, 0) = 0
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5072] write(3, "1000", 4) = 4
[pid 5072] close(3) = 0
[pid 5072] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5072] memfd_create("syzkaller", 0) = 3
[pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa734400000
[pid 5072] write(3, "\xeb\x76\x90\x45\x58\x46\x41\x54\x20\x20\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x08\x00\x00\x00\x88\x00\x00\x00\x0f\x00\x00\x00\x05\x00\x00\x00"..., 131072) = 131072
[pid 5072] munmap(0x7fa734400000, 138412032) = 0
[pid 5072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5072] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5072] close(3) = 0
[pid 5072] close(4) = 0
[pid 5072] mkdir("./file1", 0777) = 0
[ 71.514186][ T5072] loop0: detected capacity change from 0 to 256
[pid 5072] mount("/dev/loop0", "./file1", "exfat", MS_NODEV|MS_NOEXEC|MS_BORN, "errors=remount-ro,discard,errors=continue,uid=0x0000000000000000,dmask=00000000000000000000000,iocha"...) = 0
[pid 5072] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5072] chdir("./file1") = 0
[pid 5072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5072] creat("./bus", 000) = 4
[pid 5072] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
[pid 5072] exit_group(0) = ?
[pid 5072] +++ exited with 0 +++
[ 71.560920][ T5072] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010470, chksum : 0x23280b3e, utbl_chksum : 0xe619d30d)
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555572b856f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0772, st_size=61440, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0772, st_size=61440, ...}, AT_EMPTY_PATH) = 0
[ 86.887824][ T49] cfg80211: failed to load regulatory.db
[ 286.575359][ T29] INFO: task kworker/u8:7:1098 blocked for more than 143 seconds.
[ 286.583320][ T29] Not tainted 6.9.0-rc7-syzkaller-00188-gba16c1cf11c9 #0
[ 286.592341][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.601395][ T29] task:kworker/u8:7 state:D stack:23416 pid:1098 tgid:1098 ppid:2 flags:0x00004000
[ 286.613841][ T29] Workqueue: writeback wb_workfn (flush-7:0)
[ 286.620298][ T29] Call Trace:
[ 286.623601][ T29]
[ 286.626892][ T29] __schedule+0x1796/0x4a00
[ 286.631553][ T29] ? __pfx___schedule+0x10/0x10
[ 286.636871][ T29] ? __blk_flush_plug+0x449/0x500
[ 286.641960][ T29] ? __pfx_lock_release+0x10/0x10
[ 286.647445][ T29] ? __mutex_trylock_common+0x92/0x2e0
[ 286.652937][ T29] ? kthread_data+0x52/0xd0
[ 286.657886][ T29] ? schedule+0x90/0x320
[ 286.662166][ T29] ? wq_worker_sleeping+0x66/0x240
[ 286.667693][ T29] ? schedule+0x90/0x320
[ 286.671971][ T29] schedule+0x14b/0x320
[ 286.676606][ T29] schedule_preempt_disabled+0x13/0x30
[ 286.682120][ T29] __mutex_lock+0x6a4/0xd70
[ 286.687110][ T29] ? __mutex_lock+0x527/0xd70
[ 286.691826][ T29] ? exfat_write_inode+0x69/0x120
[ 286.697427][ T29] ? __pfx___mutex_lock+0x10/0x10
[ 286.702499][ T29] ? do_raw_spin_unlock+0x13c/0x8b0
[ 286.708271][ T29] exfat_write_inode+0x69/0x120
[ 286.713171][ T29] __writeback_single_inode+0x6b9/0x10b0
[ 286.719329][ T29] writeback_sb_inodes+0x905/0x1260
[ 286.724596][ T29] ? __lock_acquire+0x1346/0x1fd0
[ 286.730136][ T29] ? __pfx_writeback_sb_inodes+0x10/0x10
[ 286.736257][ T29] ? __pfx_down_read_trylock+0x10/0x10
[ 286.741755][ T29] ? __pfx___up_read+0x10/0x10
[ 286.746601][ T29] ? do_raw_spin_lock+0x14f/0x370
[ 286.751665][ T29] __writeback_inodes_wb+0x11b/0x260
[ 286.757570][ T29] wb_writeback+0x46b/0xce0
[ 286.762129][ T29] ? __pfx_wb_writeback+0x10/0x10
[ 286.767556][ T29] wb_workfn+0xc58/0x1090
[ 286.771934][ T29] ? __pfx_wb_workfn+0x10/0x10
[ 286.777172][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 286.783201][ T29] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 286.790124][ T29] ? process_scheduled_works+0x91b/0x17c0
[ 286.796242][ T29] process_scheduled_works+0xa10/0x17c0
[ 286.801864][ T29] ? __pfx_process_scheduled_works+0x10/0x10
[ 286.808184][ T29] ? assign_work+0x364/0x3d0
[ 286.812815][ T29] worker_thread+0x86d/0xd70
[ 286.818043][ T29] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 286.824050][ T29] ? __kthread_parkme+0x169/0x1d0
[ 286.829641][ T29] ? __pfx_worker_thread+0x10/0x10
[ 286.834807][ T29] kthread+0x2f0/0x390
[ 286.839342][ T29] ? __pfx_worker_thread+0x10/0x10
[ 286.844485][ T29] ? __pfx_kthread+0x10/0x10
[ 286.849501][ T29] ret_from_fork+0x4b/0x80
[ 286.853983][ T29] ? __pfx_kthread+0x10/0x10
[ 286.859069][ T29] ret_from_fork_asm+0x1a/0x30
[ 286.863944][ T29]
[ 286.867430][ T29]
[ 286.867430][ T29] Showing all locks held in the system:
[ 286.875164][ T29] 1 lock held by khungtaskd/29:
[ 286.880583][ T29] #0: ffffffff8e334da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 286.890759][ T29] 4 locks held by kworker/u8:7/1098:
[ 286.896319][ T29] #0: ffff888019ae6148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x17c0
[ 286.907944][ T29] #1: ffffc900048afd00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x17c0
[ 286.920775][ T29] #2: ffff8880245840e0 (&type->s_umount_key#44){.+.+}-{3:3}, at: super_trylock_shared+0x22/0xf0
[ 286.931688][ T29] #3: ffff8880245860e0 (&sbi->s_lock){+.+.}-{3:3}, at: exfat_write_inode+0x69/0x120
[ 286.941647][ T29] 2 locks held by getty/4824:
[ 286.946606][ T29] #0: ffff88802a6840a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 286.956801][ T29] #1: ffffc90002f0e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 286.967350][ T29] 3 locks held by syz-executor425/5071:
[ 286.972924][ T29]
[ 286.975745][ T29] =============================================
[ 286.975745][ T29]
[ 286.984192][ T29] NMI backtrace for cpu 1
[ 286.988570][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00188-gba16c1cf11c9 #0
[ 286.998406][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 287.008492][ T29] Call Trace:
[ 287.011789][ T29]
[ 287.014738][ T29] dump_stack_lvl+0x241/0x360
[ 287.019533][ T29] ? __pfx_dump_stack_lvl+0x10/0x10
[ 287.024763][ T29] ? __pfx__printk+0x10/0x10
[ 287.029433][ T29] ? vprintk_emit+0x631/0x770
[ 287.034139][ T29] ? __pfx_vprintk_emit+0x10/0x10
[ 287.039213][ T29] nmi_cpu_backtrace+0x49c/0x4d0
[ 287.044260][ T29] ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 287.049764][ T29] ? _printk+0xd5/0x120
[ 287.053958][ T29] ? __pfx__printk+0x10/0x10
[ 287.058575][ T29] ? __wake_up_klogd+0xcc/0x110
[ 287.063462][ T29] ? __pfx__printk+0x10/0x10
[ 287.068093][ T29] ? __rcu_read_unlock+0xa1/0x110
[ 287.073155][ T29] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 287.079172][ T29] nmi_trigger_cpumask_backtrace+0x198/0x320
[ 287.085234][ T29] watchdog+0xfde/0x1020
[ 287.089533][ T29] ? watchdog+0x1ea/0x1020
[ 287.093955][ T29] ? __pfx_watchdog+0x10/0x10
[ 287.098629][ T29] kthread+0x2f0/0x390
[ 287.102787][ T29] ? __pfx_watchdog+0x10/0x10
[ 287.107475][ T29] ? __pfx_kthread+0x10/0x10
[ 287.112073][ T29] ret_from_fork+0x4b/0x80
[ 287.116524][ T29] ? __pfx_kthread+0x10/0x10
[ 287.121124][ T29] ret_from_fork_asm+0x1a/0x30
[ 287.125916][ T29]
[ 287.129152][ T29] Sending NMI from CPU 1 to CPUs 0:
[ 287.134384][ C0] NMI backtrace for cpu 0
[ 287.134396][ C0] CPU: 0 PID: 5071 Comm: syz-executor425 Not tainted 6.9.0-rc7-syzkaller-00188-gba16c1cf11c9 #0
[ 287.134413][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 287.134422][ C0] RIP: 0010:__sanitizer_cov_trace_switch+0x90/0x120
[ 287.134451][ C0] Code: 85 d2 75 14 e9 9a 00 00 00 41 b8 05 00 00 00 4d 85 d2 0f 84 8b 00 00 00 4c 8b 4c 24 20 65 4c 8b 1c 25 80 d3 03 00 31 d2 eb 08 <48> ff c2 49 39 d2 74 71 4c 8b 74 d6 10 65 8b 05 d4 c5 6d 7e a9 00
[ 287.134464][ C0] RSP: 0018:ffffc900037c7660 EFLAGS: 00000293
[ 287.134478][ C0] RAX: 0000000000000000 RBX: 0000000000000005 RCX: ffffffff821a2849
[ 287.134489][ C0] RDX: 0000000000000002 RSI: ffffffff8e53f440 RDI: 0000000000000005
[ 287.134516][ C0] RBP: 1ffff920006f8f28 R08: 0000000000000005 R09: ffffffff82781de7
[ 287.134529][ C0] R10: 0000000000000003 R11: ffff88802b949e00 R12: dffffc0000000000
[ 287.134541][ C0] R13: 0000000000000005 R14: 00000000ffffffff R15: ffffc900037c7940
[ 287.134553][ C0] FS: 0000555572b84380(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[ 287.134568][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 287.134580][ C0] CR2: 00005557922177f0 CR3: 000000007b1a0000 CR4: 00000000003506f0
[ 287.134595][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 287.134605][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 287.134616][ C0] Call Trace:
[ 287.134622][ C0]
[ 287.134629][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 287.134651][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 287.134677][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 287.134697][ C0] ? nmi_handle+0x2a/0x5a0
[ 287.134791][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20
[ 287.134813][ C0] ? nmi_handle+0x14f/0x5a0
[ 287.134831][ C0] ? nmi_handle+0x2a/0x5a0
[ 287.134849][ C0] ? __sanitizer_cov_trace_switch+0x90/0x120
[ 287.134876][ C0] ? default_do_nmi+0x63/0x160
[ 287.134933][ C0] ? exc_nmi+0x123/0x1f0
[ 287.134953][ C0] ? end_repeat_nmi+0xf/0x53
[ 287.135019][ C0] ? exfat_ent_get+0x1f7/0x400
[ 287.135045][ C0] ? __brelse+0x59/0xa0
[ 287.135068][ C0] ? __sanitizer_cov_trace_switch+0x90/0x120
[ 287.135097][ C0] ? __sanitizer_cov_trace_switch+0x90/0x120
[ 287.135126][ C0] ? __sanitizer_cov_trace_switch+0x90/0x120
[ 287.135155][ C0]
[ 287.135162][ C0]
[ 287.135170][ C0] exfat_ent_get+0x1f7/0x400
[ 287.135197][ C0] exfat_iterate+0x1376/0x33e0
[ 287.135251][ C0] ? __pfx_exfat_iterate+0x10/0x10
[ 287.135330][ C0] ? __pfx___down_write_common+0x10/0x10
[ 287.135356][ C0] ? __pfx___mutex_lock+0x10/0x10
[ 287.135378][ C0] ? __pfx_exfat_iterate+0x10/0x10
[ 287.135399][ C0] wrap_directory_iterator+0x94/0xe0
[ 287.135421][ C0] iterate_dir+0x539/0x6f0
[ 287.135443][ C0] __se_sys_getdents64+0x20d/0x4f0
[ 287.135463][ C0] ? _raw_spin_unlock_irq+0x2e/0x50
[ 287.135492][ C0] ? __pfx___se_sys_getdents64+0x10/0x10
[ 287.135511][ C0] ? __pfx_filldir64+0x10/0x10
[ 287.135532][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 287.135550][ C0] ? exc_page_fault+0x577/0x8a0
[ 287.135579][ C0] do_syscall_64+0xf5/0x240
[ 287.135606][ C0] ? clear_bhb_loop+0x35/0x90
[ 287.135628][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 287.135668][ C0] RIP: 0033:0x7fa73ca20063
[ 287.135692][ C0] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 b2 48 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[ 287.135716][ C0] RSP: 002b:00007ffc3fbf3b48 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 287.135732][ C0] RAX: ffffffffffffffda RBX: 0000555572b8d730 RCX: 00007fa73ca20063
[ 287.135742][ C0] RDX: 0000000000008000 RSI: 0000555572b8d730 RDI: 0000000000000004
[ 287.135752][ C0] RBP: 0000555572b8d704 R08: 0000000000000000 R09: 0000000000000000
[ 287.135761][ C0] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[ 287.135771][ C0] R13: 0000000000000010 R14: 0000555572b8d700 R15: 00007ffc3fbf5dc0
[ 287.135789][ C0]
[ 287.135795][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.411 msecs
[ 287.147945][ T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 287.147960][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.9.0-rc7-syzkaller-00188-gba16c1cf11c9 #0
[ 287.147980][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 287.147991][ T29] Call Trace:
[ 287.148000][ T29]
[ 287.148008][ T29] dump_stack_lvl+0x241/0x360
[ 287.148045][ T29] ? __pfx_dump_stack_lvl+0x10/0x10
[ 287.148075][ T29] ? __pfx__printk+0x10/0x10
[ 287.148100][ T29] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 287.148128][ T29] ? vscnprintf+0x5d/0x90
[ 287.148151][ T29] panic+0x349/0x860
[ 287.148188][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 287.148212][ T29] ? __pfx_panic+0x10/0x10
[ 287.148236][ T29] ? tick_nohz_tick_stopped+0x82/0xb0
[ 287.148276][ T29] ? __irq_work_queue_local+0x137/0x410
[ 287.148310][ T29] ? preempt_schedule_thunk+0x1a/0x30
[ 287.148332][ T29] ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 287.148354][ T29] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 287.148378][ T29] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 287.148404][ T29] watchdog+0x101d/0x1020
[ 287.148424][ T29] ? watchdog+0x1ea/0x1020
[ 287.148449][ T29] ? __pfx_watchdog+0x10/0x10
[ 287.148477][ T29] kthread+0x2f0/0x390
[ 287.148501][ T29] ? __pfx_watchdog+0x10/0x10
[ 287.148518][ T29] ? __pfx_kthread+0x10/0x10
[ 287.148543][ T29] ret_from_fork+0x4b/0x80
[ 287.148571][ T29] ? __pfx_kthread+0x10/0x10
[ 287.148595][ T29] ret_from_fork_asm+0x1a/0x30
[ 287.148636][ T29]
[ 287.150958][ T29] Kernel Offset: disabled
[ 287.689568][ T29] Rebooting in 86400 seconds..