./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2636609716 <...> syzkaller login: [ 97.418052][ T92] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts. execve("./syz-executor2636609716", ["./syz-executor2636609716"], 0x7ffd6fe0bab0 /* 10 vars */) = 0 brk(NULL) = 0x555569a1a000 brk(0x555569a1ae00) = 0x555569a1ae00 arch_prctl(ARCH_SET_FS, 0x555569a1a480) = 0 set_tid_address(0x555569a1a750) = 5845 set_robust_list(0x555569a1a760, 24) = 0 rseq(0x555569a1ada0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2636609716", 4096) = 28 getrandom("\xea\xae\x60\xb5\x2e\x28\x39\x80", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555569a1ae00 brk(0x555569a3be00) = 0x555569a3be00 brk(0x555569a3c000) = 0x555569a3c000 mprotect(0x7fb8eed15000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7fb8eec67a60, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fb8eec70590}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7fb8eec67a60, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fb8eec70590}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached , child_tidptr=0x555569a1a750) = 5846 [pid 5846] set_robust_list(0x555569a1a760, 24) = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5846] setpgid(0, 0) = 0 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5846] write(3, "1000", 4) = 4 [pid 5846] close(3) = 0 [pid 5846] write(1, "executing program\n", 18executing program ) = 18 [pid 5846] memfd_create("syzkaller", 0) = 3 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5846] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5846] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5846] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5846] close(3) = 0 [pid 5846] close(4) = 0 [pid 5846] mkdir("./file1", 0777) = 0 [ 101.845682][ T5846] loop0: detected capacity change from 0 to 32768 [ 101.872382][ T5846] ======================================================= [ 101.872382][ T5846] WARNING: The mand mount option has been deprecated and [ 101.872382][ T5846] and is ignored by this kernel. Remove the mand [pid 5846] mount("/dev/loop0", "./file1", "ocfs2", MS_SYNCHRONOUS|MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_STRICTATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,preferred_slot=00000000000000000001,localflocks,"...) = 0 [pid 5846] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5846] chdir("./file1") = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5846] mkdir("./file0", 0777) = 0 [pid 5846] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5846] mkdir("./bus", 0777) = 0 [pid 5846] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5846] mkdirat(AT_FDCWD, "./file1", 0700) = 0 [ 101.872382][ T5846] option from the mount to silence this warning. [ 101.872382][ T5846] ======================================================= [ 101.934637][ T5846] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 101.975859][ T5846] overlayfs: upper fs does not support tmpfile. [ 101.985133][ T5846] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 101.993231][ T5846] [ 101.995585][ T5846] ====================================================== [ 102.002713][ T5846] WARNING: possible circular locking dependency detected [ 102.009804][ T5846] 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 Not tainted [ 102.016919][ T5846] ------------------------------------------------------ [ 102.024131][ T5846] syz-executor263/5846 is trying to acquire lock: [ 102.030547][ T5846] ffff8880734ca640 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.044168][ T5846] [ 102.044168][ T5846] but task is already holding lock: [ 102.051535][ T5846] ffff88807359a378 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0 [ 102.061046][ T5846] [ 102.061046][ T5846] which lock already depends on the new lock. [ 102.061046][ T5846] [ 102.071467][ T5846] [ 102.071467][ T5846] the existing dependency chain (in reverse order) is: [ 102.080492][ T5846] [ 102.080492][ T5846] -> #4 (&oi->ip_xattr_sem){+.+.}-{4:4}: [ 102.088327][ T5846] lock_acquire+0x120/0x360 [ 102.093378][ T5846] down_write+0x96/0x1f0 [ 102.098163][ T5846] ocfs2_xattr_set_handle+0x3b0/0x7a0 [ 102.104152][ T5846] ocfs2_init_security_set+0xbd/0xe0 [ 102.109966][ T5846] ocfs2_mknod+0x137f/0x2050 [ 102.115080][ T5846] ocfs2_mkdir+0x191/0x440 [ 102.120043][ T5846] vfs_mkdir+0x303/0x510 [ 102.124904][ T5846] do_mkdirat+0x247/0x590 [ 102.129765][ T5846] __x64_sys_mkdir+0x6c/0x80 [ 102.134883][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.139915][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.146354][ T5846] [ 102.146354][ T5846] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 102.153656][ T5846] lock_acquire+0x120/0x360 [ 102.158681][ T5846] start_this_handle+0x1fa7/0x21c0 [ 102.164340][ T5846] jbd2__journal_start+0x2c1/0x5b0 [ 102.170084][ T5846] jbd2_journal_start+0x2a/0x40 [ 102.175470][ T5846] ocfs2_start_trans+0x376/0x6d0 [ 102.180959][ T5846] ocfs2_reserve_suballoc_bits+0x711/0x4640 [ 102.187557][ T5846] ocfs2_reserve_new_metadata_blocks+0x403/0x940 [ 102.194421][ T5846] ocfs2_mknod+0xe08/0x2050 [ 102.199462][ T5846] ocfs2_mkdir+0x191/0x440 [ 102.204422][ T5846] vfs_mkdir+0x303/0x510 [ 102.209204][ T5846] do_mkdirat+0x247/0x590 [ 102.214095][ T5846] __x64_sys_mkdir+0x6c/0x80 [ 102.219235][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.224262][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.230737][ T5846] [ 102.230737][ T5846] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 102.239320][ T5846] lock_acquire+0x120/0x360 [ 102.244391][ T5846] down_read+0x46/0x2e0 [ 102.249085][ T5846] ocfs2_start_trans+0x36a/0x6d0 [ 102.254665][ T5846] ocfs2_reserve_suballoc_bits+0x711/0x4640 [ 102.261090][ T5846] ocfs2_reserve_new_metadata_blocks+0x403/0x940 [ 102.267974][ T5846] ocfs2_mknod+0xe08/0x2050 [ 102.273007][ T5846] ocfs2_mkdir+0x191/0x440 [ 102.277977][ T5846] vfs_mkdir+0x303/0x510 [ 102.282759][ T5846] do_mkdirat+0x247/0x590 [ 102.287624][ T5846] __x64_sys_mkdir+0x6c/0x80 [ 102.292754][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.297792][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.304216][ T5846] [ 102.304216][ T5846] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 102.311816][ T5846] lock_acquire+0x120/0x360 [ 102.316854][ T5846] ocfs2_start_trans+0x26b/0x6d0 [ 102.322328][ T5846] ocfs2_mknod+0xe93/0x2050 [ 102.327361][ T5846] ocfs2_mkdir+0x191/0x440 [ 102.332313][ T5846] vfs_mkdir+0x303/0x510 [ 102.337095][ T5846] do_mkdirat+0x247/0x590 [ 102.342050][ T5846] __x64_sys_mkdir+0x6c/0x80 [ 102.347189][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.352218][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.358732][ T5846] [ 102.358732][ T5846] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}: [ 102.369355][ T5846] validate_chain+0xb9b/0x2140 [ 102.374650][ T5846] __lock_acquire+0xab9/0xd20 [ 102.379876][ T5846] lock_acquire+0x120/0x360 [ 102.384905][ T5846] down_write+0x96/0x1f0 [ 102.389686][ T5846] ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.396467][ T5846] ocfs2_reserve_clusters_with_limit+0x1be/0xba0 [ 102.403332][ T5846] ocfs2_init_xattr_set_ctxt+0x376/0x700 [ 102.409503][ T5846] ocfs2_xattr_set+0xb70/0x11f0 [ 102.414976][ T5846] __vfs_setxattr+0x439/0x480 [ 102.420182][ T5846] __vfs_setxattr_noperm+0x12d/0x660 [ 102.426000][ T5846] vfs_setxattr+0x16b/0x2f0 [ 102.431044][ T5846] ovl_get_workdir+0xbb7/0x1730 [ 102.436516][ T5846] ovl_fill_super+0x1386/0x35d0 [ 102.441995][ T5846] get_tree_nodev+0xbb/0x150 [ 102.447122][ T5846] vfs_get_tree+0x8f/0x2b0 [ 102.452066][ T5846] do_new_mount+0x24a/0xa40 [ 102.457099][ T5846] __se_sys_mount+0x317/0x410 [ 102.462322][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.467358][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.473797][ T5846] [ 102.473797][ T5846] other info that might help us debug this: [ 102.473797][ T5846] [ 102.484033][ T5846] Chain exists of: [ 102.484033][ T5846] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> jbd2_handle --> &oi->ip_xattr_sem [ 102.484033][ T5846] [ 102.499806][ T5846] Possible unsafe locking scenario: [ 102.499806][ T5846] [ 102.507259][ T5846] CPU0 CPU1 [ 102.512650][ T5846] ---- ---- [ 102.518024][ T5846] lock(&oi->ip_xattr_sem); [ 102.522627][ T5846] lock(jbd2_handle); [ 102.529227][ T5846] lock(&oi->ip_xattr_sem); [ 102.536350][ T5846] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 102.543648][ T5846] [ 102.543648][ T5846] *** DEADLOCK *** [ 102.543648][ T5846] [ 102.551794][ T5846] 4 locks held by syz-executor263/5846: [ 102.557343][ T5846] #0: ffff8880357ca0e0 (&type->s_umount_key#43/1){+.+.}-{4:4}, at: alloc_super+0x204/0x970 [ 102.567479][ T5846] #1: ffff88803228a428 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 102.576732][ T5846] #2: ffff88807359a640 (&sb->s_type->i_mutex_key#16){++++}-{4:4}, at: vfs_setxattr+0x144/0x2f0 [ 102.587202][ T5846] #3: ffff88807359a378 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0 [ 102.597158][ T5846] [ 102.597158][ T5846] stack backtrace: [ 102.603079][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor263 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 102.603101][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 102.603122][ T5846] Call Trace: [ 102.603135][ T5846] [ 102.603143][ T5846] dump_stack_lvl+0x189/0x250 [ 102.603166][ T5846] ? __pfx_dump_stack_lvl+0x10/0x10 [ 102.603183][ T5846] ? __pfx__printk+0x10/0x10 [ 102.603204][ T5846] ? print_lock_name+0xde/0x100 [ 102.603224][ T5846] print_circular_bug+0x2ee/0x310 [ 102.603245][ T5846] check_noncircular+0x134/0x160 [ 102.603266][ T5846] validate_chain+0xb9b/0x2140 [ 102.603285][ T5846] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 102.603305][ T5846] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 102.603326][ T5846] __lock_acquire+0xab9/0xd20 [ 102.603342][ T5846] ? ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.603358][ T5846] lock_acquire+0x120/0x360 [ 102.603372][ T5846] ? ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.603394][ T5846] ? is_bpf_text_address+0x26/0x2b0 [ 102.603411][ T5846] ? kernel_text_address+0xa5/0xe0 [ 102.603436][ T5846] down_write+0x96/0x1f0 [ 102.603454][ T5846] ? ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.603470][ T5846] ? __pfx_down_write+0x10/0x10 [ 102.603491][ T5846] ocfs2_reserve_local_alloc_bits+0x125/0x24e0 [ 102.603511][ T5846] ? check_noncircular+0xe0/0x160 [ 102.603531][ T5846] ? lockdep_unlock+0x89/0x120 [ 102.603553][ T5846] ? validate_chain+0x897/0x2140 [ 102.603571][ T5846] ? __pfx_ocfs2_reserve_local_alloc_bits+0x10/0x10 [ 102.603587][ T5846] ? get_tree_nodev+0xbb/0x150 [ 102.603622][ T5846] ? __lock_acquire+0xab9/0xd20 [ 102.603645][ T5846] ? do_raw_spin_unlock+0x122/0x240 [ 102.603666][ T5846] ? _raw_spin_unlock+0x28/0x50 [ 102.603689][ T5846] ? ocfs2_alloc_should_use_local+0x152/0x310 [ 102.603703][ T5846] ? ocfs2_reserve_clusters_with_limit+0x16b/0xba0 [ 102.603725][ T5846] ocfs2_reserve_clusters_with_limit+0x1be/0xba0 [ 102.603749][ T5846] ? __pfx_ocfs2_reserve_clusters_with_limit+0x10/0x10 [ 102.603773][ T5846] ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10 [ 102.603790][ T5846] ? __lock_acquire+0xab9/0xd20 [ 102.603808][ T5846] ocfs2_init_xattr_set_ctxt+0x376/0x700 [ 102.603832][ T5846] ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10 [ 102.603857][ T5846] ? ocfs2_xattr_set+0xb36/0x11f0 [ 102.603879][ T5846] ? up_write+0x1c4/0x420 [ 102.603896][ T5846] ? ocfs2_xattr_set+0x334/0x11f0 [ 102.603918][ T5846] ocfs2_xattr_set+0xb70/0x11f0 [ 102.603947][ T5846] ? __pfx_ocfs2_xattr_set+0x10/0x10 [ 102.603969][ T5846] ? up+0xde/0x150 [ 102.603987][ T5846] ? smack_log+0xef/0x3f0 [ 102.604010][ T5846] ? __pfx___console_unlock+0x10/0x10 [ 102.604029][ T5846] ? smk_access+0x14c/0x4e0 [ 102.604051][ T5846] ? smk_tskacc+0x2fc/0x370 [ 102.604075][ T5846] ? posix_xattr_acl+0x93/0xc0 [ 102.604095][ T5846] ? evm_protect_xattr+0x4d4/0xa90 [ 102.604115][ T5846] ? __pfx_evm_protect_xattr+0x10/0x10 [ 102.604132][ T5846] ? safesetid_security_capable+0xa9/0x1a0 [ 102.604149][ T5846] ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10 [ 102.604171][ T5846] __vfs_setxattr+0x439/0x480 [ 102.604193][ T5846] __vfs_setxattr_noperm+0x12d/0x660 [ 102.604212][ T5846] vfs_setxattr+0x16b/0x2f0 [ 102.604231][ T5846] ? __pfx_vfs_setxattr+0x10/0x10 [ 102.604248][ T5846] ? up_write+0x1c4/0x420 [ 102.604269][ T5846] ovl_get_workdir+0xbb7/0x1730 [ 102.604293][ T5846] ? __pfx_ovl_get_workdir+0x10/0x10 [ 102.604323][ T5846] ? do_raw_spin_unlock+0x122/0x240 [ 102.604344][ T5846] ? _raw_spin_unlock+0x28/0x50 [ 102.604366][ T5846] ? ovl_inuse_trylock+0xae/0xf0 [ 102.604393][ T5846] ovl_fill_super+0x1386/0x35d0 [ 102.604417][ T5846] ? rcu_is_watching+0x15/0xb0 [ 102.604437][ T5846] ? shrinker_register+0x124/0x230 [ 102.604461][ T5846] ? __pfx_ovl_fill_super+0x10/0x10 [ 102.604480][ T5846] ? __pfx___mutex_lock+0x10/0x10 [ 102.604496][ T5846] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 102.604516][ T5846] ? __raw_spin_lock_init+0x45/0x100 [ 102.604541][ T5846] ? sget_fc+0x962/0xa40 [ 102.604563][ T5846] ? __pfx_set_anon_super_fc+0x10/0x10 [ 102.604586][ T5846] ? __pfx_ovl_fill_super+0x10/0x10 [ 102.604605][ T5846] get_tree_nodev+0xbb/0x150 [ 102.604629][ T5846] vfs_get_tree+0x8f/0x2b0 [ 102.604646][ T5846] do_new_mount+0x24a/0xa40 [ 102.604667][ T5846] __se_sys_mount+0x317/0x410 [ 102.604686][ T5846] ? __pfx___se_sys_mount+0x10/0x10 [ 102.604703][ T5846] ? rcu_is_watching+0x15/0xb0 [ 102.604721][ T5846] ? __x64_sys_mount+0x20/0xc0 [ 102.604738][ T5846] do_syscall_64+0xfa/0x3b0 [ 102.604756][ T5846] ? lockdep_hardirqs_on+0x9c/0x150 [ 102.604771][ T5846] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.604786][ T5846] ? clear_bhb_loop+0x60/0xb0 [ 102.604803][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.604819][ T5846] RIP: 0033:0x7fb8eec9d619 [ 102.604837][ T5846] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 102.604850][ T5846] RSP: 002b:00007ffe5e9daff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 102.604868][ T5846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb8eec9d619 [ 102.604879][ T5846] RDX: 0000200000000b80 RSI: 0000200000000400 RDI: 0000000000000000 [ 102.604889][ T5846] RBP: 0000000000000000 R08: 0000200000000380 R09: 00007ffe5e9db030 [ 102.604900][ T5846] R10: 0000000000200008 R11: 0000000000000246 R12: 00007ffe5e9db030 [ 102.604910][ T5846] R13: 00007ffe5e9db2b8 R14: 431bde82d7b634db R15: 00007fb8eece603b [ 102.604928][ T5846] [pid 5846] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 103.133094][ T5846] overlayfs: upper fs missing required features. [pid 5846] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5846] exit_group(0) = ? [pid 5846] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=21 /* 0.21 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached , child_tidptr=0x555569a1a750) = 5850 [pid 5850] set_robust_list(0x555569a1a760, 24) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5850] write(3, "1000", 4) = 4 [pid 5850] close(3) = 0 executing program [pid 5850] write(1, "executing program\n", 18) = 18 [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5850] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5850] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] close(3) = 0 [pid 5850] mkdir("./file0", 0777) = 0 [pid 5850] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5850] mkdir("./bus", 0777) = 0 [pid 5850] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5850] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5850] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = 0 [pid 5850] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5850] exit_group(0) = ? [pid 5850] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=12 /* 0.12 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached , child_tidptr=0x555569a1a750) = 5851 [pid 5851] set_robust_list(0x555569a1a760, 24) = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5851] write(1, "executing program\n", 18executing program ) = 18 [pid 5851] memfd_create("syzkaller", 0) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5851] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5851] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5851] close(3) = 0 [pid 5851] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5851] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5851] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5851] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5851] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5851] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 105.834674][ T5851] overlay: filesystem on ./bus not supported as upperdir [pid 5851] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5851] exit_group(0) = ? [pid 5851] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=11 /* 0.11 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached , child_tidptr=0x555569a1a750) = 5852 [pid 5852] set_robust_list(0x555569a1a760, 24) = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] setpgid(0, 0) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5852] write(3, "1000", 4) = 4 [pid 5852] close(3) = 0 executing program [pid 5852] write(1, "executing program\n", 18) = 18 [pid 5852] memfd_create("syzkaller", 0) = 3 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5852] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5852] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5852] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5852] close(3) = 0 [pid 5852] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5852] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5852] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5852] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5852] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5852] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 107.240368][ T5852] overlay: filesystem on ./bus not supported as upperdir [pid 5852] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5852] exit_group(0) = ? [pid 5852] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=13 /* 0.13 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5854 attached , child_tidptr=0x555569a1a750) = 5854 [pid 5854] set_robust_list(0x555569a1a760, 24) = 0 [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5854] setpgid(0, 0) = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] write(3, "1000", 4) = 4 [pid 5854] close(3) = 0 [pid 5854] write(1, "executing program\n", 18executing program ) = 18 [pid 5854] memfd_create("syzkaller", 0) = 3 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5854] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5854] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5854] close(3) = 0 [pid 5854] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5854] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5854] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5854] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5854] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5854] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 108.638193][ T5854] overlay: filesystem on ./bus not supported as upperdir [pid 5854] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5854] exit_group(0) = ? [pid 5854] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=14 /* 0.14 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached , child_tidptr=0x555569a1a750) = 5855 [pid 5855] set_robust_list(0x555569a1a760, 24) = 0 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5855] setpgid(0, 0) = 0 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5855] write(3, "1000", 4) = 4 [pid 5855] close(3) = 0 [pid 5855] write(1, "executing program\n", 18executing program ) = 18 [pid 5855] memfd_create("syzkaller", 0) = 3 [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5855] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5855] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5855] close(3) = 0 [pid 5855] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5855] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5855] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5855] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5855] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5855] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 110.025126][ T5855] overlay: filesystem on ./bus not supported as upperdir [pid 5855] poll(NULL, 0, 1023) = 0 (Timeout) [pid 5855] exit_group(0) = ? [pid 5855] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=11 /* 0.11 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5857 attached , child_tidptr=0x555569a1a750) = 5857 [pid 5857] set_robust_list(0x555569a1a760, 24) = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5857] setpgid(0, 0) = 0 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5857] write(3, "1000", 4) = 4 [pid 5857] close(3) = 0 [pid 5857] write(1, "executing program\n", 18executing program ) = 18 [pid 5857] memfd_create("syzkaller", 0) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb8e6800000 [pid 5857] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5857] munmap(0x7fb8e6800000, 138412032) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5857] close(3) = 0 [pid 5857] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5857] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5857] mkdir("./bus", 0777) = -1 EEXIST (File exists) [pid 5857] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5857] mkdirat(AT_FDCWD, "./file1", 0700) = -1 EEXIST (File exists) [pid 5857] mount(NULL, "./bus", "overlay", MS_NOEXEC|MS_RELATIME, "workdir=./bus,lowerdir=./file1,upperdir=./file0,") = -1 EINVAL (Invalid argument) [ 111.423812][ T5857] overlay: filesystem on ./bus not supported as upperdir