./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3667959678 <...> Warning: Permanently added '10.128.0.208' (ED25519) to the list of known hosts. execve("./syz-executor3667959678", ["./syz-executor3667959678"], 0x7ffd2d8ecd30 /* 10 vars */) = 0 brk(NULL) = 0x55557532f000 brk(0x55557532fd40) = 0x55557532fd40 arch_prctl(ARCH_SET_FS, 0x55557532f3c0) = 0 set_tid_address(0x55557532f690) = 5823 set_robust_list(0x55557532f6a0, 24) = 0 rseq(0x55557532fce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3667959678", 4096) = 28 getrandom("\xa3\xf6\xc7\x08\xcb\xb1\xbc\xf0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557532fd40 brk(0x555575350d40) = 0x555575350d40 brk(0x555575351000) = 0x555575351000 mprotect(0x7fd5b3a34000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557532f690) = 5824 ./strace-static-x86_64: Process 5824 attached [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] set_robust_list(0x55557532f6a0, 24) = 0 ./strace-static-x86_64: Process 5825 attached [pid 5823] <... clone resumed>, child_tidptr=0x55557532f690) = 5825 [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] set_robust_list(0x55557532f6a0, 24 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5825] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5826 attached [pid 5824] <... openat resumed>) = 3 [pid 5823] <... clone resumed>, child_tidptr=0x55557532f690) = 5826 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] set_robust_list(0x55557532f6a0, 24 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] <... set_robust_list resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5824] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5827 attached [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5823] <... clone resumed>, child_tidptr=0x55557532f690) = 5827 [pid 5827] set_robust_list(0x55557532f6a0, 24 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... set_robust_list resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] close(3 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5828 attached [pid 5826] close(3 [pid 5825] <... close resumed>) = 0 [pid 5824] close(3 [pid 5823] <... clone resumed>, child_tidptr=0x55557532f690) = 5828 [pid 5828] set_robust_list(0x55557532f6a0, 24 [pid 5826] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... openat resumed>) = 3 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5829 attached [pid 5829] set_robust_list(0x55557532f6a0, 24) = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5831 attached ./strace-static-x86_64: Process 5830 attached [pid 5829] <... prctl resumed>) = 0 [pid 5830] set_robust_list(0x55557532f6a0, 24 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5824] <... clone resumed>, child_tidptr=0x55557532f690) = 5829 [pid 5831] set_robust_list(0x55557532f6a0, 24 [pid 5830] <... set_robust_list resumed>) = 0 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] setpgid(0, 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5826] <... clone resumed>, child_tidptr=0x55557532f690) = 5830 [pid 5825] <... clone resumed>, child_tidptr=0x55557532f690) = 5831 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5829] <... setpgid resumed>) = 0 [pid 5828] close(3 [pid 5831] <... prctl resumed>) = 0 [pid 5830] <... prctl resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... close resumed>) = 0 [pid 5827] close(3 [pid 5831] setpgid(0, 0 [pid 5830] setpgid(0, 0 [pid 5831] <... setpgid resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5830] <... setpgid resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] <... openat resumed>) = 3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... openat resumed>) = 3 [pid 5830] <... openat resumed>) = 3 [pid 5829] write(3, "1000", 4./strace-static-x86_64: Process 5833 attached [pid 5830] write(3, "1000", 4 [pid 5829] <... write resumed>) = 4 executing program ./strace-static-x86_64: Process 5834 attached [pid 5833] set_robust_list(0x55557532f6a0, 24 [pid 5831] write(3, "1000", 4 [pid 5830] <... write resumed>) = 4 [pid 5829] close(3 [pid 5828] <... clone resumed>, child_tidptr=0x55557532f690) = 5833 [pid 5829] <... close resumed>) = 0 [pid 5829] write(1, "executing program\n", 18) = 18 [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] set_robust_list(0x55557532f6a0, 24 [pid 5829] <... futex resumed>) = 0 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5830] close(3 [pid 5829] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5831] <... write resumed>) = 4 [pid 5827] <... clone resumed>, child_tidptr=0x55557532f690) = 5834 executing program executing program [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5831] close(3 [pid 5830] <... close resumed>) = 0 [pid 5829] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5833] <... prctl resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 5830] write(1, "executing program\n", 18 [pid 5833] setpgid(0, 0 [pid 5831] write(1, "executing program\n", 18 [pid 5830] <... write resumed>) = 18 [pid 5833] <... setpgid resumed>) = 0 [pid 5831] <... write resumed>) = 18 [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = 0 [pid 5830] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5831] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5830] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5831] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5830] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5831] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5830] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd5b3947000 [pid 5830] <... mmap resumed>) = 0x7fd5b3947000 [pid 5831] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE [pid 5830] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE [pid 5829] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5834] <... prctl resumed>) = 0 [pid 5831] <... mprotect resumed>) = 0 [pid 5830] <... mprotect resumed>) = 0 [pid 5829] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] setpgid(0, 0 [pid 5833] <... openat resumed>) = 3 [pid 5834] <... setpgid resumed>) = 0 [pid 5833] write(3, "1000", 4 [pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5830] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5829] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5833] <... write resumed>) = 4 [pid 5831] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5830] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5829] <... mmap resumed>) = 0x7fd5b3947000 [pid 5834] <... openat resumed>) = 3 [pid 5833] close(3 [pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0} [pid 5830] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0} [pid 5829] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE [pid 5834] write(3, "1000", 4 [pid 5833] <... close resumed>) = 0 [pid 5829] <... mprotect resumed>) = 0 executing program ./strace-static-x86_64: Process 5836 attached ./strace-static-x86_64: Process 5835 attached [pid 5834] <... write resumed>) = 4 [pid 5833] write(1, "executing program\n", 18 [pid 5829] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5836] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5835] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5834] close(3 [pid 5833] <... write resumed>) = 18 [pid 5831] <... clone3 resumed> => {parent_tid=[5836]}, 88) = 5836 [pid 5830] <... clone3 resumed> => {parent_tid=[5835]}, 88) = 5835 [pid 5829] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5836] <... rseq resumed>) = 0 [pid 5835] <... rseq resumed>) = 0 [pid 5834] <... close resumed>) = 0 [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5831] rt_sigprocmask(SIG_SETMASK, [], [pid 5830] rt_sigprocmask(SIG_SETMASK, [], [pid 5829] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0}executing program ./strace-static-x86_64: Process 5837 attached [pid 5836] set_robust_list(0x7fd5b39679a0, 24 [pid 5835] set_robust_list(0x7fd5b39679a0, 24 [pid 5834] write(1, "executing program\n", 18 [pid 5833] <... futex resumed>) = 0 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5835] <... set_robust_list resumed>) = 0 [pid 5834] <... write resumed>) = 18 [pid 5833] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5831] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... clone3 resumed> => {parent_tid=[5837]}, 88) = 5837 [pid 5837] <... rseq resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5835] rt_sigprocmask(SIG_SETMASK, [], [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5833] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5831] <... futex resumed>) = 0 [pid 5830] <... futex resumed>) = 0 [pid 5837] set_robust_list(0x7fd5b39679a0, 24 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5835] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5829] rt_sigprocmask(SIG_SETMASK, [], [pid 5834] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5829] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5829] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5829] <... futex resumed>) = 0 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd5b3947000 [pid 5834] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5833] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5837] <... set_robust_list resumed>) = 0 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0} [pid 5833] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5839 attached [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5836] memfd_create("syzkaller", 0 [pid 5835] memfd_create("syzkaller", 0 [pid 5833] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5839] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5835] <... memfd_create resumed>) = 3 [pid 5834] <... clone3 resumed> => {parent_tid=[5839]}, 88) = 5839 [pid 5833] <... mmap resumed>) = 0x7fd5b3947000 [pid 5839] <... rseq resumed>) = 0 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] <... memfd_create resumed>) = 3 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5833] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE [pid 5839] set_robust_list(0x7fd5b39679a0, 24 [pid 5837] memfd_create("syzkaller", 0 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5835] <... mmap resumed>) = 0x7fd5ab400000 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5833] <... mprotect resumed>) = 0 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5837] <... memfd_create resumed>) = 3 [pid 5836] <... mmap resumed>) = 0x7fd5ab400000 [pid 5834] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5833] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5839] rt_sigprocmask(SIG_SETMASK, [], [pid 5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5836] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5834] <... futex resumed>) = 0 [pid 5833] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5839] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5835] <... write resumed>) = 65536 [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5836] <... write resumed>) = 65536 [pid 5833] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0} [pid 5839] memfd_create("syzkaller", 0 [pid 5837] <... mmap resumed>) = 0x7fd5ab400000 ./strace-static-x86_64: Process 5840 attached [pid 5840] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5839] <... memfd_create resumed>) = 3 [pid 5837] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5836] munmap(0x7fd5ab400000, 138412032 [pid 5835] munmap(0x7fd5ab400000, 138412032 [pid 5840] <... rseq resumed>) = 0 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] <... clone3 resumed> => {parent_tid=[5840]}, 88) = 5840 [pid 5840] set_robust_list(0x7fd5b39679a0, 24 [pid 5839] <... mmap resumed>) = 0x7fd5ab400000 [pid 5833] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... set_robust_list resumed>) = 0 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5839] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5833] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5833] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] memfd_create("syzkaller", 0 [pid 5833] <... futex resumed>) = 0 [pid 5840] <... memfd_create resumed>) = 3 [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5839] <... write resumed>) = 65536 [pid 5836] <... munmap resumed>) = 0 [pid 5835] <... munmap resumed>) = 0 [pid 5837] <... write resumed>) = 65536 [pid 5836] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5835] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5837] munmap(0x7fd5ab400000, 138412032 [pid 5836] <... openat resumed>) = 4 [pid 5835] <... openat resumed>) = 4 [pid 5840] <... mmap resumed>) = 0x7fd5ab400000 [pid 5839] munmap(0x7fd5ab400000, 138412032 [pid 5836] ioctl(4, LOOP_SET_FD, 3 [pid 5835] ioctl(4, LOOP_SET_FD, 3 [pid 5840] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5839] <... munmap resumed>) = 0 [pid 5840] <... write resumed>) = 65536 [pid 5839] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3 [pid 5835] <... ioctl resumed>) = 0 [pid 5840] munmap(0x7fd5ab400000, 138412032 [pid 5837] <... munmap resumed>) = 0 [pid 5840] <... munmap resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3 [pid 5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5836] <... ioctl resumed>) = 0 [pid 5835] close(3 [pid 5837] <... openat resumed>) = 4 [pid 5836] close(3 [pid 5835] <... close resumed>) = 0 [pid 5837] ioctl(4, LOOP_SET_FD, 3 [pid 5836] <... close resumed>) = 0 [pid 5835] close(4) = 0 [pid 5836] close(4 [pid 5840] <... ioctl resumed>) = 0 [pid 5839] <... ioctl resumed>) = 0 [pid 5837] <... ioctl resumed>) = 0 [pid 5836] <... close resumed>) = 0 [pid 5835] mkdir("./file0", 0777 [pid 5836] mkdir("./file0", 0777 [pid 5840] close(3) = 0 [pid 5839] close(3 [pid 5836] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5835] <... mkdir resumed>) = 0 [pid 5840] close(4 [pid 5839] <... close resumed>) = 0 [pid 5837] close(3 [pid 5836] mount("/dev/loop1", "./file0", "udf", MS_NOEXEC|MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_POSIXACL|MS_I_VERSION|MS_STRICTATIME, "" [pid 5835] mount("/dev/loop2", "./file0", "udf", MS_NOEXEC|MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_POSIXACL|MS_I_VERSION|MS_STRICTATIME, "" [pid 5840] <... close resumed>) = 0 [pid 5839] close(4 [pid 5837] <... close resumed>) = 0 [pid 5840] mkdir("./file0", 0777 [pid 5839] <... close resumed>) = 0 [pid 5837] close(4 [pid 5840] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5839] mkdir("./file0", 0777 [pid 5837] <... close resumed>) = 0 [ 89.764856][ T5835] loop2: detected capacity change from 0 to 128 [ 89.767398][ T5839] loop3: detected capacity change from 0 to 128 [ 89.774056][ T5836] loop1: detected capacity change from 0 to 128 [ 89.788593][ T5840] loop4: detected capacity change from 0 to 128 [ 89.799137][ T5837] loop0: detected capacity change from 0 to 128 [pid 5840] mount("/dev/loop4", "./file0", "udf", MS_NOEXEC|MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_POSIXACL|MS_I_VERSION|MS_STRICTATIME, "" [pid 5837] mkdir("./file0", 0777 [pid 5839] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5837] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5839] mount("/dev/loop3", "./file0", "udf", MS_NOEXEC|MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_POSIXACL|MS_I_VERSION|MS_STRICTATIME, "" [ 89.828712][ T5836] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 89.836287][ T5840] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 89.843255][ T5835] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 89.850725][ T5839] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [pid 5837] mount("/dev/loop0", "./file0", "udf", MS_NOEXEC|MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_POSIXACL|MS_I_VERSION|MS_STRICTATIME, "" [pid 5840] <... mount resumed>) = 0 [pid 5836] <... mount resumed>) = 0 [pid 5840] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5836] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5840] <... openat resumed>) = 3 [pid 5836] <... openat resumed>) = 3 [pid 5840] chdir("./file0" [pid 5836] chdir("./file0" [pid 5840] <... chdir resumed>) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5836] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5840] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5836] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5840] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = 1 [pid 5836] <... futex resumed>) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5840] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5836] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5831] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777) = 4 [pid 5831] <... futex resumed>) = 0 [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5836] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5833] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5833] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5831] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = 0 [pid 5836] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5835] <... mount resumed>) = 0 [pid 5833] <... futex resumed>) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5840] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777 [pid 5836] <... openat resumed>) = 5 [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] <... openat resumed>) = 4 [pid 5836] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] <... openat resumed>) = 3 [pid 5840] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5836] <... futex resumed>) = 0 [pid 5833] <... futex resumed>) = 0 [pid 5840] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5836] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5833] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5833] <... futex resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] <... openat resumed>) = 5 [pid 5840] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5833] <... futex resumed>) = 0 [pid 5840] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5833] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5840] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5833] <... futex resumed>) = 0 [pid 5840] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5835] chdir("./file0") = 0 [pid 5831] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5831] <... futex resumed>) = 1 [pid 5836] <... futex resumed>) = 0 [pid 5836] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5840] <... open resumed>) = 6 [pid 5836] <... open resumed>) = 6 [pid 5835] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5836] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5831] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... futex resumed>) = 0 [pid 5835] <... futex resumed>) = 1 [pid 5831] <... futex resumed>) = 1 [pid 5836] write(6, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5831] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5840] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... mount resumed>) = 0 [pid 5835] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5830] <... futex resumed>) = 0 [pid 5840] <... futex resumed>) = 1 [pid 5839] chdir("./file0" [pid 5833] <... futex resumed>) = 0 [pid 5840] write(6, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5839] <... chdir resumed>) = 0 [ 89.871045][ T5837] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 89.899052][ T30] audit: type=1800 audit(1750750236.958:2): pid=5836 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="loop4" ino=94 res=0 errno=0 [pid 5833] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5837] <... mount resumed>) = 0 [pid 5835] <... futex resumed>) = 0 [pid 5833] <... futex resumed>) = 0 [pid 5830] <... futex resumed>) = 1 [pid 5839] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5839] <... futex resumed>) = 1 [pid 5837] <... openat resumed>) = 3 [pid 5839] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] chdir("./file0") = 0 [pid 5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5837] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5837] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] <... futex resumed>) = 0 [pid 5834] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 0 [pid 5834] <... futex resumed>) = 1 [pid 5839] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777 [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5829] <... futex resumed>) = 0 [pid 5829] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] <... futex resumed>) = 0 [pid 5829] <... futex resumed>) = 1 [pid 5837] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777 [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... openat resumed>) = 4 [pid 5837] <... openat resumed>) = 4 [pid 5835] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777 [pid 5839] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 1 [pid 5837] <... futex resumed>) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5839] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5834] <... futex resumed>) = 0 [pid 5829] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5839] <... openat resumed>) = 5 [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5835] <... openat resumed>) = 4 [pid 5834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5829] <... futex resumed>) = 1 [pid 5831] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5839] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5834] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5837] <... openat resumed>) = 5 [pid 5834] <... futex resumed>) = 0 [pid 5839] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5837] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... open resumed>) = 6 [pid 5837] <... futex resumed>) = 1 [pid 5831] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... futex resumed>) = 0 [pid 5839] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5829] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 1 [pid 5837] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5834] <... futex resumed>) = 0 [pid 5829] <... futex resumed>) = 0 [pid 5839] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5834] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5834] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = 0 [pid 5839] write(6, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5837] <... open resumed>) = 6 [pid 5834] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [ 89.940909][ T5836] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 89.953093][ T30] audit: type=1800 audit(1750750236.958:3): pid=5840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="loop4" ino=94 res=0 errno=0 [pid 5837] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5829] <... futex resumed>) = 0 [pid 5837] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5829] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5829] <... futex resumed>) = 0 [pid 5837] write(6, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5836] <... write resumed>) = -1 EIO (Input/output error) [pid 5829] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5836] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5833] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5833] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5833] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5833] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd5b3926000 [pid 5833] mprotect(0x7fd5b3927000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5833] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5833] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3946990, parent_tid=0x7fd5b3946990, exit_signal=0, stack=0x7fd5b3926000, stack_size=0x20300, tls=0x7fd5b39466c0} => {parent_tid=[5842]}, 88) = 5842 [pid 5833] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5842 attached NULL, 8) = 0 [pid 5842] rseq(0x7fd5b3946fe0, 0x20, 0, 0x53053053 [pid 5833] futex(0x7fd5b3a3a618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... rseq resumed>) = 0 [pid 5833] <... futex resumed>) = 0 [pid 5842] set_robust_list(0x7fd5b39469a0, 24) = 0 [pid 5833] futex(0x7fd5b3a3a61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5842] sendfile(4, 5, NULL, 553647746 [pid 5835] <... futex resumed>) = 1 [pid 5831] <... mmap resumed>) = 0x7fd5b3926000 [pid 5830] <... futex resumed>) = 0 [ 89.996430][ T30] audit: type=1800 audit(1750750237.038:4): pid=5837 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="loop0" ino=94 res=0 errno=0 [ 90.020209][ T5842] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [pid 5835] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5831] mprotect(0x7fd5b3927000, 131072, PROT_READ|PROT_WRITE [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5831] <... mprotect resumed>) = 0 [pid 5830] <... futex resumed>) = 0 [pid 5829] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] <... openat resumed>) = 5 [pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5831] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5829] <... futex resumed>) = 0 [pid 5829] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3946990, parent_tid=0x7fd5b3946990, exit_signal=0, stack=0x7fd5b3926000, stack_size=0x20300, tls=0x7fd5b39466c0} [pid 5829] <... mmap resumed>) = 0x7fd5b3926000 [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5829] mprotect(0x7fd5b3927000, 131072, PROT_READ|PROT_WRITE [pid 5834] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... mprotect resumed>) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5833] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5829] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5831] <... clone3 resumed> => {parent_tid=[5844]}, 88) = 5844 [pid 5829] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3946990, parent_tid=0x7fd5b3946990, exit_signal=0, stack=0x7fd5b3926000, stack_size=0x20300, tls=0x7fd5b39466c0} [pid 5834] <... mmap resumed>) = 0x7fd5b3926000 [pid 5834] mprotect(0x7fd5b3927000, 131072, PROT_READ|PROT_WRITE [pid 5829] <... clone3 resumed> => {parent_tid=[5846]}, 88) = 5846 [pid 5834] <... mprotect resumed>) = 0 [pid 5829] rt_sigprocmask(SIG_SETMASK, [], [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5829] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5829] futex(0x7fd5b3a3a618, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5844 attached [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3946990, parent_tid=0x7fd5b3946990, exit_signal=0, stack=0x7fd5b3926000, stack_size=0x20300, tls=0x7fd5b39466c0} [pid 5829] <... futex resumed>) = 0 [pid 5831] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5846 attached [pid 5844] rseq(0x7fd5b3946fe0, 0x20, 0, 0x53053053 [pid 5835] <... futex resumed>) = 1 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] <... futex resumed>) = 0 [pid 5829] futex(0x7fd5b3a3a61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5847 attached [pid 5834] <... clone3 resumed> => {parent_tid=[5847]}, 88) = 5847 [pid 5847] rseq(0x7fd5b3946fe0, 0x20, 0, 0x53053053 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] <... rseq resumed>) = 0 [pid 5846] rseq(0x7fd5b3946fe0, 0x20, 0, 0x53053053 [pid 5844] <... rseq resumed>) = 0 [pid 5835] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5831] futex(0x7fd5b3a3a618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] set_robust_list(0x7fd5b39469a0, 24 [pid 5834] futex(0x7fd5b3a3a618, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5831] <... futex resumed>) = 0 [pid 5830] <... futex resumed>) = 0 [pid 5844] set_robust_list(0x7fd5b39469a0, 24 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [ 90.033965][ T30] audit: type=1800 audit(1750750237.038:5): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="loop3" ino=94 res=0 errno=0 [ 90.062887][ T5839] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.065880][ T5837] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.118180][ T5842] ------------[ cut here ]------------ [ 90.123746][ T5840] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.123849][ T5842] WARNING: CPU: 0 PID: 5842 at fs/udf/truncate.c:224 udf_truncate_extents+0xd4c/0xec0 [ 90.147510][ T5842] Modules linked in: [ 90.150052][ T30] audit: type=1800 audit(1750750237.038:6): pid=5835 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="loop2" ino=94 res=0 errno=0 [ 90.151500][ T5842] CPU: 0 UID: 0 PID: 5842 Comm: syz-executor366 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 90.183944][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 90.194081][ T5842] RIP: 0010:udf_truncate_extents+0xd4c/0xec0 [ 90.200103][ T5842] Code: 01 64 0f 48 3b 84 24 80 01 00 00 75 77 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 25 7d 8a fe 90 <0f> 0b 90 eb 88 44 89 e9 80 e1 07 38 c1 0f 8c e4 f3 ff ff 4c 89 ef [ 90.219817][ T5842] RSP: 0018:ffffc9000430f3e0 EFLAGS: 00010293 [ 90.226415][ T5842] RAX: ffffffff8335cefb RBX: 1ffff1100eea51a0 RCX: ffff88802f670000 [ 90.234494][ T5842] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000000 [ 90.242501][ T5842] RBP: ffffc9000430f5b8 R08: ffff88802f670000 R09: 0000000000000002 [ 90.250573][ T5842] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 90.258617][ T5842] R13: 0000000000000000 R14: 000000000000000a R15: 000000000000000a [ 90.266679][ T5842] FS: 00007fd5b39466c0(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000 [ 90.275672][ T5842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.282291][ T5842] CR2: 000055f060ed5ec8 CR3: 00000000764e2000 CR4: 00000000003526f0 [ 90.290370][ T5842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 90.298407][ T5842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 90.306474][ T5842] Call Trace: [ 90.309789][ T5842] [ 90.312779][ T5842] ? __pfx_udf_truncate_extents+0x10/0x10 [ 90.318651][ T5842] ? do_raw_spin_lock+0x121/0x290 [ 90.323762][ T5842] ? do_raw_spin_unlock+0x122/0x240 [ 90.329004][ T5842] udf_write_failed+0x185/0x1c0 [ 90.333957][ T5842] udf_write_begin+0x1fd/0x260 [ 90.338770][ T5842] generic_perform_write+0x2c7/0x910 [ 90.344158][ T5842] ? __pfx_generic_perform_write+0x10/0x10 [ 90.350016][ T5842] ? __mark_inode_dirty+0x3ab/0xdf0 [ 90.355324][ T5842] ? generic_file_direct_write+0x17d/0x3e0 [ 90.361169][ T5842] ? file_update_time+0x416/0x490 [ 90.366280][ T5842] __generic_file_write_iter+0x1ae/0x230 [ 90.371965][ T5842] udf_file_write_iter+0x2d5/0x6c0 [ 90.377196][ T5842] iter_file_splice_write+0x93a/0x1000 [ 90.382718][ T5842] ? __pfx_iter_file_splice_write+0x10/0x10 [ 90.388707][ T5842] ? rcu_read_lock_any_held+0xb3/0x120 [ 90.394258][ T5842] ? __pfx_iter_file_splice_write+0x10/0x10 [ 90.400203][ T5842] direct_splice_actor+0x101/0x160 [ 90.405426][ T5842] splice_direct_to_actor+0x5a5/0xcc0 [pid 5834] futex(0x7fd5b3a3a61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5846] <... rseq resumed>) = 0 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5840] <... write resumed>) = -1 EIO (Input/output error) [pid 5839] <... write resumed>) = -1 EIO (Input/output error) [pid 5837] <... write resumed>) = -1 EIO (Input/output error) [pid 5835] <... open resumed>) = 6 [pid 5834] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5831] futex(0x7fd5b3a3a61c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5829] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5846] set_robust_list(0x7fd5b39469a0, 24 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5846] <... set_robust_list resumed>) = 0 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] <... futex resumed>) = 0 [pid 5839] <... futex resumed>) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5835] <... futex resumed>) = 0 [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] sendfile(4, 5, NULL, 553647746 [pid 5840] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5839] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5835] write(6, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5830] <... futex resumed>) = 0 [ 90.407619][ T5835] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.410828][ T5842] ? __pfx_direct_splice_actor+0x10/0x10 [ 90.430918][ T5842] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 90.436948][ T5842] do_splice_direct+0x181/0x270 [ 90.441856][ T5842] ? __pfx_do_splice_direct+0x10/0x10 [ 90.447295][ T5842] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 90.453266][ T5842] ? rw_verify_area+0x258/0x650 [ 90.458992][ T5842] do_sendfile+0x4da/0x7e0 [pid 5847] sendfile(4, 5, NULL, 553647746 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5835] <... write resumed>) = -1 EIO (Input/output error) [pid 5831] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5846] sendfile(4, 5, NULL, 553647746 [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5830] <... futex resumed>) = 0 [pid 5830] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5830] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] <... sendfile resumed>) = -1 EIO (Input/output error) [ 90.459102][ T5847] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.463538][ T5842] ? __pfx_do_sendfile+0x10/0x10 [ 90.482600][ T5842] ? _raw_spin_unlock_irq+0x2e/0x50 [ 90.488417][ T5842] ? ptrace_notify+0x22d/0x2c0 [ 90.492816][ T5846] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.493276][ T5842] __se_sys_sendfile64+0x13e/0x190 [ 90.514575][ T5842] ? __pfx___se_sys_sendfile64+0x10/0x10 [pid 5835] sendfile(4, 5, NULL, 553647746 [pid 5847] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5834] exit_group(0 [pid 5839] <... futex resumed>) = ? [pid 5834] <... exit_group resumed>) = ? [pid 5847] +++ exited with 0 +++ [pid 5839] +++ exited with 0 +++ [pid 5834] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5849 attached [pid 5849] set_robust_list(0x55557532f6a0, 24 [pid 5827] <... clone resumed>, child_tidptr=0x55557532f690) = 5849 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5849] setpgid(0, 0) = 0 [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5846] <... sendfile resumed>) = -1 EIO (Input/output error) [pid 5846] futex(0x7fd5b3a3a61c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] write(3, "1000", 4 [pid 5846] <... futex resumed>) = 0 [pid 5849] <... write resumed>) = 4 [pid 5846] futex(0x7fd5b3a3a618, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] close(3 [pid 5829] exit_group(0 [pid 5849] <... close resumed>) = 0 [pid 5846] <... futex resumed>) = ? [pid 5837] <... futex resumed>) = ? [pid 5835] <... sendfile resumed>) = -1 EIO (Input/output error) [pid 5829] <... exit_group resumed>) = ? [pid 5849] write(1, "executing program\n", 18executing program [pid 5846] +++ exited with 0 +++ [pid 5837] +++ exited with 0 +++ [pid 5835] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] +++ exited with 0 +++ [pid 5849] <... write resumed>) = 18 [pid 5835] <... futex resumed>) = 0 [pid 5830] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5830] exit_group(0 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5849] <... futex resumed>) = 0 [pid 5835] <... futex resumed>) = ? [pid 5830] <... exit_group resumed>) = ? [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5849] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5835] +++ exited with 0 +++ [pid 5830] +++ exited with 0 +++ [pid 5849] <... rt_sigaction resumed>NULL, 8) = 0 [ 90.521847][ T5842] ? rcu_is_watching+0x15/0xb0 [ 90.526101][ T5835] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 90.526713][ T5842] do_syscall_64+0xfa/0x3b0 [ 90.545687][ T5842] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.553649][ T5842] ? __switch_to_asm+0x39/0x70 [ 90.559263][ T5842] ? clear_bhb_loop+0x60/0xb0 [ 90.564368][ T5842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5849] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd5b3947000 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5849] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5849] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5826] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached [pid 5850] set_robust_list(0x55557532f6a0, 24 [pid 5826] <... clone resumed>, child_tidptr=0x55557532f690) = 5850 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5849] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0} => {parent_tid=[5851]}, 88) = 5851 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5851 attached [pid 5850] <... prctl resumed>) = 0 [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] setpgid(0, 0 [pid 5849] <... futex resumed>) = 0 [pid 5850] <... setpgid resumed>) = 0 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5851] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5850] <... openat resumed>) = 3 [pid 5851] <... rseq resumed>) = 0 [pid 5850] write(3, "1000", 4 [pid 5851] set_robust_list(0x7fd5b39679a0, 24 [pid 5850] <... write resumed>) = 4 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5850] close(3 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5850] <... close resumed>) = 0 executing program [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] write(1, "executing program\n", 18 [pid 5851] memfd_create("syzkaller", 0 [pid 5850] <... write resumed>) = 18 [pid 5851] <... memfd_create resumed>) = 3 [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5850] <... futex resumed>) = 0 [pid 5851] <... mmap resumed>) = 0x7fd5ab400000 [pid 5850] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5851] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5850] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5850] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5851] <... write resumed>) = 65536 [pid 5850] <... mmap resumed>) = 0x7fd5b3947000 [pid 5851] munmap(0x7fd5ab400000, 138412032 [pid 5850] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE [pid 5851] <... munmap resumed>) = 0 [pid 5850] <... mprotect resumed>) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5851] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5851] close(3 [pid 5850] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5851] <... close resumed>) = 0 [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0}./strace-static-x86_64: Process 5852 attached [pid 5851] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... futex resumed>) = 0 [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] <... futex resumed>) = 1 [pid 5850] <... clone3 resumed> => {parent_tid=[5852]}, 88) = 5852 [pid 5851] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777) = 3 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [ 90.570584][ T5842] RIP: 0033:0x7fd5b39b2639 [ 90.576949][ T5842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 90.596681][ T5842] RSP: 002b:00007fd5b3946218 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 90.606054][ T5842] RAX: ffffffffffffffda RBX: 00007fd5b3a3a618 RCX: 00007fd5b39b2639 [ 90.614143][ T5842] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [pid 5852] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053) = 0 [pid 5851] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] set_robust_list(0x7fd5b39679a0, 24 [pid 5851] <... futex resumed>) = 1 [pid 5849] <... futex resumed>) = 0 [pid 5824] <... clone resumed>, child_tidptr=0x55557532f690) = 5853 [pid 5851] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] <... openat resumed>) = 4 [pid 5849] <... futex resumed>) = 0 [pid 5851] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5852] <... set_robust_list resumed>) = 0 [pid 5851] <... futex resumed>) = 0 [pid 5849] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] <... open resumed>) = 5 [pid 5849] <... futex resumed>) = 0 [pid 5852] memfd_create("syzkaller", 0 [pid 5851] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5852] <... memfd_create resumed>) = 3 [pid 5851] <... futex resumed>) = 0 [pid 5849] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) ./strace-static-x86_64: Process 5853 attached [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5851] write(5, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... mmap resumed>) = 0x7fd5ab400000 [pid 5849] <... futex resumed>) = 0 [pid 5853] set_robust_list(0x55557532f6a0, 24 [pid 5852] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5852] <... write resumed>) = 65536 [pid 5852] munmap(0x7fd5ab400000, 138412032) = 0 [pid 5852] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5853] <... set_robust_list resumed>) = 0 [pid 5852] close(3) = 0 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5852] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... prctl resumed>) = 0 [pid 5852] <... futex resumed>) = 1 [pid 5853] setpgid(0, 0 [pid 5852] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5853] <... setpgid resumed>) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] write(3, "1000", 4 [pid 5850] <... futex resumed>) = 0 [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 1 [pid 5852] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_DIRECT|O_NOATIME|O_CLOEXEC, 0777) = 3 [pid 5852] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5852] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 1 [pid 5852] openat(AT_FDCWD, "/dev/nullb0", O_RDONLY|FASYNC [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5852] <... openat resumed>) = 4 [pid 5852] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5850] <... futex resumed>) = 0 [pid 5852] futex(0x7fd5b3a3a608, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5850] <... futex resumed>) = 0 [pid 5852] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] <... write resumed>) = 4 [pid 5853] close(3 [pid 5852] <... open resumed>) = 5 [ 90.620920][ T30] audit: type=1800 audit(1750750237.678:7): pid=5851 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor366" name="file1" dev="sda1" ino=2025 res=0 errno=0 [ 90.624904][ T5842] RBP: 00007fd5b3a3a610 R08: 00007fff91855dc7 R09: 0000000000000000 [ 90.650792][ T5842] R10: 0000000020fffe82 R11: 0000000000000246 R12: 00007fd5b3a0757c [ 90.658873][ T5842] R13: 7947d390134939b0 R14: 0000200000002484 R15: 0000200000002480 [ 90.667517][ T5842] [pid 5853] <... close resumed>) = 0 [pid 5851] <... write resumed>) = 4102 executing program [pid 5853] write(1, "executing program\n", 18 [pid 5851] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... write resumed>) = 18 [pid 5851] <... futex resumed>) = 1 [pid 5849] <... futex resumed>) = 0 [pid 5853] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] sendfile(3, 4, NULL, 553647746 [pid 5849] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... futex resumed>) = 0 [pid 5852] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... futex resumed>) = 0 [pid 5853] rt_sigaction(SIGRT_1, {sa_handler=0x7fd5b39d8520, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fd5b39c9bd0}, [pid 5852] <... futex resumed>) = 1 [pid 5850] <... futex resumed>) = 0 [pid 5849] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5852] write(5, "\x08\x00\x00\x00\x7f\x3b\x57\x0f\xf6\x23\xeb\xaa\xd5\x14\x34\x40\xb0\x30\xbd\x16\x18\x9e\x21\x07\xc6\x5c\x39\x90\x9c\x83\xde\x4f\x32\x38\xd3\x51\x91\xac\xe2\x1b\xf4\x16\xe0\x8e\x5d\x12\xa3\x67\x74\xb8\x00\x5c\x6b\xbd\x53\x03\x47\x8e\xc4\xe1\xf6\x6a\xbf\xdc\x8f\xd6\x56\xc8\x9c\xf7\x12\x30\xff\xb0\x8e\x76\xbc\xde\xe4\xf6\xad\xe4\x65\xc4\xd8\xc2\xa5\x8f\xad\x96\xf4\x20\x9d\x82\x65\xb6\x1b\xca\x7f\x6f"..., 4102 [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5850] <... futex resumed>) = 0 [pid 5853] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd5b3947000 [pid 5853] mprotect(0x7fd5b3948000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5853] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5853] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fd5b3967990, parent_tid=0x7fd5b3967990, exit_signal=0, stack=0x7fd5b3947000, stack_size=0x20300, tls=0x7fd5b39676c0}./strace-static-x86_64: Process 5854 attached [pid 5852] <... write resumed>) = 4102 [pid 5852] futex(0x7fd5b3a3a60c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5850] <... futex resumed>) = 0 [pid 5850] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] <... clone3 resumed> => {parent_tid=[5854]}, 88) = 5854 [pid 5852] sendfile(3, 4, NULL, 553647746 [pid 5854] rseq(0x7fd5b3967fe0, 0x20, 0, 0x53053053 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... rseq resumed>) = 0 [pid 5853] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] set_robust_list(0x7fd5b39679a0, 24 [pid 5853] futex(0x7fd5b3a3a608, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5853] futex(0x7fd5b3a3a60c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5854] <... set_robust_list resumed>) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5854] memfd_create("syzkaller", 0) = 3 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd5ab400000 [pid 5854] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536) = 65536 [ 90.670861][ T5842] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 90.678184][ T5842] CPU: 0 UID: 0 PID: 5842 Comm: syz-executor366 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 90.690626][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 90.700713][ T5842] Call Trace: [ 90.704038][ T5842] [ 90.707001][ T5842] dump_stack_lvl+0x99/0x250 [ 90.711718][ T5842] ? __asan_memcpy+0x40/0x70 [ 90.716327][ T5842] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.721539][ T5842] ? __pfx__printk+0x10/0x10 [ 90.726147][ T5842] panic+0x2db/0x790 [ 90.730063][ T5842] ? __pfx_panic+0x10/0x10 [ 90.734486][ T5842] ? show_trace_log_lvl+0x4fb/0x550 [ 90.739740][ T5842] __warn+0x31b/0x4b0 [ 90.744170][ T5842] ? udf_truncate_extents+0xd4c/0xec0 [ 90.749545][ T5842] ? udf_truncate_extents+0xd4c/0xec0 [ 90.754919][ T5842] report_bug+0x2be/0x4f0 [ 90.759256][ T5842] ? udf_truncate_extents+0xd4c/0xec0 [ 90.764635][ T5842] ? udf_truncate_extents+0xd4c/0xec0 [ 90.770015][ T5842] ? udf_truncate_extents+0xd4e/0xec0 [ 90.775403][ T5842] handle_bug+0x84/0x160 [ 90.779652][ T5842] exc_invalid_op+0x1a/0x50 [ 90.784171][ T5842] asm_exc_invalid_op+0x1a/0x20 [ 90.789050][ T5842] RIP: 0010:udf_truncate_extents+0xd4c/0xec0 [ 90.795411][ T5842] Code: 01 64 0f 48 3b 84 24 80 01 00 00 75 77 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 25 7d 8a fe 90 <0f> 0b 90 eb 88 44 89 e9 80 e1 07 38 c1 0f 8c e4 f3 ff ff 4c 89 ef [ 90.815046][ T5842] RSP: 0018:ffffc9000430f3e0 EFLAGS: 00010293 [ 90.821138][ T5842] RAX: ffffffff8335cefb RBX: 1ffff1100eea51a0 RCX: ffff88802f670000 [ 90.829141][ T5842] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000000 [ 90.837134][ T5842] RBP: ffffc9000430f5b8 R08: ffff88802f670000 R09: 0000000000000002 [ 90.845125][ T5842] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 90.853122][ T5842] R13: 0000000000000000 R14: 000000000000000a R15: 000000000000000a [ 90.861115][ T5842] ? udf_truncate_extents+0xd4b/0xec0 [ 90.866533][ T5842] ? __pfx_udf_truncate_extents+0x10/0x10 [ 90.872272][ T5842] ? do_raw_spin_lock+0x121/0x290 [ 90.877354][ T5842] ? do_raw_spin_unlock+0x122/0x240 [ 90.882563][ T5842] udf_write_failed+0x185/0x1c0 [ 90.887429][ T5842] udf_write_begin+0x1fd/0x260 [ 90.892203][ T5842] generic_perform_write+0x2c7/0x910 [ 90.897513][ T5842] ? __pfx_generic_perform_write+0x10/0x10 [ 90.903326][ T5842] ? __mark_inode_dirty+0x3ab/0xdf0 [ 90.908536][ T5842] ? generic_file_direct_write+0x17d/0x3e0 [ 90.914366][ T5842] ? file_update_time+0x416/0x490 [ 90.919410][ T5842] __generic_file_write_iter+0x1ae/0x230 [ 90.925058][ T5842] udf_file_write_iter+0x2d5/0x6c0 [ 90.930192][ T5842] iter_file_splice_write+0x93a/0x1000 [ 90.935680][ T5842] ? __pfx_iter_file_splice_write+0x10/0x10 [ 90.941600][ T5842] ? rcu_read_lock_any_held+0xb3/0x120 [ 90.947089][ T5842] ? __pfx_iter_file_splice_write+0x10/0x10 [ 90.953010][ T5842] direct_splice_actor+0x101/0x160 [ 90.958133][ T5842] splice_direct_to_actor+0x5a5/0xcc0 [ 90.963532][ T5842] ? __pfx_direct_splice_actor+0x10/0x10 [ 90.969170][ T5842] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 90.975079][ T5842] do_splice_direct+0x181/0x270 [ 90.979942][ T5842] ? __pfx_do_splice_direct+0x10/0x10 [ 90.985500][ T5842] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 90.991409][ T5842] ? rw_verify_area+0x258/0x650 [ 90.996271][ T5842] do_sendfile+0x4da/0x7e0 [ 91.000703][ T5842] ? __pfx_do_sendfile+0x10/0x10 [ 91.005651][ T5842] ? _raw_spin_unlock_irq+0x2e/0x50 [ 91.010888][ T5842] ? ptrace_notify+0x22d/0x2c0 [ 91.015668][ T5842] __se_sys_sendfile64+0x13e/0x190 [ 91.020793][ T5842] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 91.026448][ T5842] ? rcu_is_watching+0x15/0xb0 [ 91.031356][ T5842] do_syscall_64+0xfa/0x3b0 [ 91.036240][ T5842] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.042343][ T5842] ? __switch_to_asm+0x39/0x70 [ 91.047141][ T5842] ? clear_bhb_loop+0x60/0xb0 [ 91.051841][ T5842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.057755][ T5842] RIP: 0033:0x7fd5b39b2639 [ 91.062186][ T5842] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 91.081810][ T5842] RSP: 002b:00007fd5b3946218 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 91.090240][ T5842] RAX: ffffffffffffffda RBX: 00007fd5b3a3a618 RCX: 00007fd5b39b2639 [ 91.098303][ T5842] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 91.106301][ T5842] RBP: 00007fd5b3a3a610 R08: 00007fff91855dc7 R09: 0000000000000000 [ 91.114297][ T5842] R10: 0000000020fffe82 R11: 0000000000000246 R12: 00007fd5b3a0757c [ 91.122287][ T5842] R13: 7947d390134939b0 R14: 0000200000002484 R15: 0000200000002480 [ 91.130378][ T5842] [ 91.133554][ T5842] Kernel Offset: disabled [ 91.137887][ T5842] Rebooting in 86400 seconds..