./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3811479178
<...>
DUID 00:04:03:2c:e5:fc:a2:19:b8:8b:c5:bf:62:63:19:3a:75:c6
forked to background, child pid 4659
[ 34.258719][ T4660] 8021q: adding VLAN 0 to HW filter on device bond0
[ 34.269666][ T4660] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.179' (ECDSA) to the list of known hosts.
execve("./syz-executor3811479178", ["./syz-executor3811479178"], 0x7ffc59a811b0 /* 10 vars */) = 0
brk(NULL) = 0x555555682000
brk(0x555555682c40) = 0x555555682c40
arch_prctl(ARCH_SET_FS, 0x555555682300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3811479178", 4096) = 28
brk(0x5555556a3c40) = 0x5555556a3c40
brk(0x5555556a4000) = 0x5555556a4000
mprotect(0x7f0873fb8000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5080
mkdir("./syzkaller.mAcrWi", 0700) = 0
chmod("./syzkaller.mAcrWi", 0777) = 0
chdir("./syzkaller.mAcrWi") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5081
./strace-static-x86_64: Process 5081 attached
[pid 5081] chdir("./0") = 0
[pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5081] setpgid(0, 0) = 0
[pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5081] write(3, "1000", 4) = 4
[pid 5081] close(3) = 0
[pid 5081] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5081] memfd_create("syzkaller", 0) = 3
[pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
syzkaller login: [ 54.493266][ T5081] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5081 'syz-executor381'
[pid 5081] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5081] munmap(0x7f086baf4000, 16777216) = 0
[pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5081] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5081] close(3) = 0
[pid 5081] mkdir("./file0", 0777) = 0
[ 54.657790][ T5081] loop0: detected capacity change from 0 to 32768
[ 54.674984][ T5081] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5081] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5081] chdir("./file0") = 0
[pid 5081] ioctl(4, LOOP_CLR_FD) = 0
[pid 5081] close(4) = 0
[pid 5081] exit_group(0) = ?
[pid 5081] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 54.709223][ T5081] XFS (loop0): Ending clean mount
[ 54.717815][ T5081] XFS (loop0): Quotacheck needed: Please wait.
[ 54.742003][ T5081] XFS (loop0): Quotacheck: Done.
[ 54.810993][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5091
./strace-static-x86_64: Process 5091 attached
[pid 5091] chdir("./1") = 0
[pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5091] setpgid(0, 0) = 0
[pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5091] write(3, "1000", 4) = 4
[pid 5091] close(3) = 0
[pid 5091] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5091] memfd_create("syzkaller", 0) = 3
[pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5091] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5091] munmap(0x7f086baf4000, 16777216) = 0
[pid 5091] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5091] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5091] close(3) = 0
[pid 5091] mkdir("./file0", 0777) = 0
[ 55.146374][ T5091] loop0: detected capacity change from 0 to 32768
[ 55.160325][ T5091] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5091] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5091] chdir("./file0") = 0
[pid 5091] ioctl(4, LOOP_CLR_FD) = 0
[pid 5091] close(4) = 0
[pid 5091] exit_group(0) = ?
[pid 5091] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=15 /* 0.15 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 55.202201][ T5091] XFS (loop0): Ending clean mount
[ 55.209057][ T5091] XFS (loop0): Quotacheck needed: Please wait.
[ 55.226262][ T5091] XFS (loop0): Quotacheck: Done.
[ 55.280395][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5100
./strace-static-x86_64: Process 5100 attached
[pid 5100] chdir("./2") = 0
[pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5100] setpgid(0, 0) = 0
[pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5100] write(3, "1000", 4) = 4
[pid 5100] close(3) = 0
[pid 5100] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5100] memfd_create("syzkaller", 0) = 3
[pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5100] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5100] munmap(0x7f086baf4000, 16777216) = 0
[pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5100] close(3) = 0
[pid 5100] mkdir("./file0", 0777) = 0
[ 55.553976][ T5100] loop0: detected capacity change from 0 to 32768
[ 55.567900][ T5100] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 55.607462][ T5100] XFS (loop0): Ending clean mount
[ 55.615413][ T5100] XFS (loop0): Quotacheck needed: Please wait.
[ 55.625199][ T41] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 55.635172][ T41] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 41, name: kworker/u4:2
[ 55.644509][ T41] preempt_count: 0, expected: 0
[ 55.649566][ T41] RCU nest depth: 1, expected: 0
[ 55.654513][ T41] 3 locks held by kworker/u4:2/41:
[ 55.659952][ T41] #0: ffff8880234fc938 ((wq_completion)xfs_iwalk-5100){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[ 55.671406][ T41] #1: ffffc90000b27db0 ((work_completion)(&pwork->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[ 55.683122][ T41] #2: ffffffff8c796440 (rcu_read_lock){....}-{1:2}, at: vm_map_ram+0x7a/0xcf0
[ 55.692347][ T41] CPU: 0 PID: 41 Comm: kworker/u4:2 Not tainted 6.3.0-rc3-next-20230320-syzkaller #0
[ 55.701915][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 55.711983][ T41] Workqueue: xfs_iwalk-5100 xfs_pwork_work
[ 55.717900][ T41] Call Trace:
[ 55.721193][ T41]
[ 55.724136][ T41] dump_stack_lvl+0x136/0x150
[ 55.728847][ T41] __might_resched+0x358/0x580
[ 55.733654][ T41] __mutex_lock+0x9f/0x1350
[ 55.738163][ T41] ? vm_map_ram+0x13d/0xcf0
[ 55.742679][ T41] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 55.748264][ T41] ? lock_sync+0x190/0x190
[ 55.752709][ T41] ? rcu_is_watching+0x12/0xb0
[ 55.757501][ T41] ? trace_lock_acquire+0x12d/0x180
[ 55.762715][ T41] ? vm_map_ram+0x7a/0xcf0
[ 55.767140][ T41] ? lock_acquire+0x32/0xc0
[ 55.771676][ T41] ? vm_map_ram+0x7a/0xcf0
[ 55.776107][ T41] vm_map_ram+0x13d/0xcf0
[ 55.780450][ T41] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 55.786273][ T41] _xfs_buf_map_pages+0x158/0x3a0
[ 55.791311][ T41] xfs_buf_get_map+0x1cb8/0x2fd0
[ 55.796280][ T41] ? rcu_is_watching+0x12/0xb0
[ 55.801104][ T41] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 55.806240][ T41] ? xfs_buf_set_ref+0x24/0x60
[ 55.811019][ T41] ? xfs_btree_set_refs+0x9c/0xb0
[ 55.816053][ T41] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 55.822756][ T41] ? kasan_save_stack+0x32/0x40
[ 55.827645][ T41] xfs_buf_read_map+0xce/0xb10
[ 55.832432][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 55.837649][ T41] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 55.843212][ T41] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 55.848334][ T41] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 55.854254][ T41] xfs_buf_readahead_map+0x8c/0xc0
[ 55.859377][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 55.864594][ T41] ? xfs_buf_read_map+0xb10/0xb10
[ 55.869730][ T41] ? xfs_btree_rec_offset+0x7a/0x120
[ 55.875084][ T41] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 55.880997][ T41] ? xfs_lookup_get_search_key+0x42/0xc0
[ 55.886676][ T41] xfs_btree_reada_bufs+0x170/0x1e0
[ 55.891904][ T41] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 55.897863][ T41] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 55.903045][ T41] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 55.908287][ T41] xfs_iwalk_ag+0x607/0x930
[ 55.912821][ T41] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 55.918474][ T41] ? rcu_is_watching+0x12/0xb0
[ 55.923256][ T41] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 55.928554][ T41] ? xfs_trans_alloc+0x880/0x880
[ 55.933507][ T41] xfs_iwalk_ag_work+0x14a/0x1c0
[ 55.938460][ T41] ? xfs_iwalk_ag+0x930/0x930
[ 55.943155][ T41] xfs_pwork_work+0x7f/0x160
[ 55.947782][ T41] process_one_work+0x99a/0x15e0
[ 55.952778][ T41] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 55.958286][ T41] ? rcu_is_watching+0x12/0xb0
[ 55.963099][ T41] ? spin_bug+0x1c0/0x1c0
[ 55.967477][ T41] ? lock_acquire+0x32/0xc0
[ 55.971994][ T41] ? worker_thread+0x16d/0x10c0
[ 55.977039][ T41] worker_thread+0x67d/0x10c0
[ 55.981742][ T41] ? process_one_work+0x15e0/0x15e0
[ 55.986957][ T41] kthread+0x33e/0x440
[ 55.991035][ T41] ? kthread_complete_and_exit+0x40/0x40
[ 55.996685][ T41] ret_from_fork+0x1f/0x30
[ 56.001133][ T41]
[ 56.008288][ T41]
[ 56.010654][ T41] =============================
[ 56.015760][ T41] [ BUG: Invalid wait context ]
[ 56.020610][ T41] 6.3.0-rc3-next-20230320-syzkaller #0 Tainted: G W
[ 56.028609][ T41] -----------------------------
[ 56.033452][ T41] kworker/u4:2/41 is trying to lock:
[ 56.038734][ T41] ffff88801d967468 (&vb->lock){+.+.}-{3:3}, at: vm_map_ram+0x13d/0xcf0
[ 56.047094][ T41] other info that might help us debug this:
[ 56.052969][ T41] context-{4:4}
[ 56.056425][ T41] 3 locks held by kworker/u4:2/41:
[ 56.061526][ T41] #0: ffff8880234fc938 ((wq_completion)xfs_iwalk-5100){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0
[ 56.072599][ T41] #1: ffffc90000b27db0 ((work_completion)(&pwork->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0
[ 56.083839][ T41] #2: ffffffff8c796440 (rcu_read_lock){....}-{1:2}, at: vm_map_ram+0x7a/0xcf0
[ 56.092901][ T41] stack backtrace:
[ 56.096622][ T41] CPU: 0 PID: 41 Comm: kworker/u4:2 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 56.107549][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 56.117600][ T41] Workqueue: xfs_iwalk-5100 xfs_pwork_work
[ 56.123429][ T41] Call Trace:
[ 56.126715][ T41]
[ 56.129643][ T41] dump_stack_lvl+0xd9/0x150
[ 56.134242][ T41] __lock_acquire+0x159e/0x5df0
[ 56.139100][ T41] ? io_schedule_timeout+0x150/0x150
[ 56.144390][ T41] ? print_usage_bug.part.0+0x660/0x660
[ 56.149978][ T41] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 56.155983][ T41] ? mark_held_locks+0x9f/0xe0
[ 56.160777][ T41] lock_acquire.part.0+0x11c/0x370
[ 56.165913][ T41] ? vm_map_ram+0x13d/0xcf0
[ 56.170422][ T41] ? lock_sync+0x190/0x190
[ 56.174855][ T41] ? rcu_is_watching+0x12/0xb0
[ 56.179631][ T41] ? trace_lock_acquire+0x12d/0x180
[ 56.184830][ T41] ? vm_map_ram+0x13d/0xcf0
[ 56.189329][ T41] ? lock_acquire+0x32/0xc0
[ 56.193835][ T41] ? vm_map_ram+0x13d/0xcf0
[ 56.198355][ T41] __mutex_lock+0x12f/0x1350
[ 56.202955][ T41] ? vm_map_ram+0x13d/0xcf0
[ 56.207459][ T41] ? vm_map_ram+0x13d/0xcf0
[ 56.211965][ T41] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 56.217521][ T41] ? lock_sync+0x190/0x190
[ 56.221941][ T41] ? rcu_is_watching+0x12/0xb0
[ 56.226711][ T41] ? trace_lock_acquire+0x12d/0x180
[ 56.231915][ T41] ? vm_map_ram+0x7a/0xcf0
[ 56.236330][ T41] ? lock_acquire+0x32/0xc0
[ 56.240835][ T41] ? vm_map_ram+0x7a/0xcf0
[ 56.245253][ T41] vm_map_ram+0x13d/0xcf0
[ 56.249582][ T41] ? _raw_spin_unlock_irqrestore+0x54/0x70
[ 56.255391][ T41] _xfs_buf_map_pages+0x158/0x3a0
[ 56.260421][ T41] xfs_buf_get_map+0x1cb8/0x2fd0
[ 56.265365][ T41] ? rcu_is_watching+0x12/0xb0
[ 56.270334][ T41] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 56.275640][ T41] ? xfs_buf_set_ref+0x24/0x60
[ 56.280513][ T41] ? xfs_btree_set_refs+0x9c/0xb0
[ 56.285556][ T41] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 56.292339][ T41] ? kasan_save_stack+0x32/0x40
[ 56.297331][ T41] xfs_buf_read_map+0xce/0xb10
[ 56.302109][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 56.307320][ T41] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 56.312974][ T41] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 56.318180][ T41] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 56.324196][ T41] xfs_buf_readahead_map+0x8c/0xc0
[ 56.329322][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 56.334616][ T41] ? xfs_buf_read_map+0xb10/0xb10
[ 56.339673][ T41] ? xfs_btree_rec_offset+0x7a/0x120
[ 56.345141][ T41] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 56.350978][ T41] ? xfs_lookup_get_search_key+0x42/0xc0
[ 56.356620][ T41] xfs_btree_reada_bufs+0x170/0x1e0
[ 56.361834][ T41] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 56.368356][ T41] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 56.373483][ T41] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 56.378697][ T41] xfs_iwalk_ag+0x607/0x930
[ 56.383230][ T41] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 56.388876][ T41] ? rcu_is_watching+0x12/0xb0
[ 56.393653][ T41] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 56.398946][ T41] ? xfs_trans_alloc+0x880/0x880
[ 56.403898][ T41] xfs_iwalk_ag_work+0x14a/0x1c0
[ 56.408851][ T41] ? xfs_iwalk_ag+0x930/0x930
[ 56.413623][ T41] xfs_pwork_work+0x7f/0x160
[ 56.418248][ T41] process_one_work+0x99a/0x15e0
[ 56.423232][ T41] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 56.428633][ T41] ? rcu_is_watching+0x12/0xb0
[ 56.433435][ T41] ? spin_bug+0x1c0/0x1c0
[ 56.437770][ T41] ? lock_acquire+0x32/0xc0
[ 56.442276][ T41] ? worker_thread+0x16d/0x10c0
[ 56.447136][ T41] worker_thread+0x67d/0x10c0
[ 56.451834][ T41] ? process_one_work+0x15e0/0x15e0
[ 56.457049][ T41] kthread+0x33e/0x440
[pid 5100] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5100] chdir("./file0") = 0
[pid 5100] ioctl(4, LOOP_CLR_FD) = 0
[pid 5100] close(4) = 0
[pid 5100] exit_group(0) = ?
[pid 5100] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 56.461125][ T41] ? kthread_complete_and_exit+0x40/0x40
[ 56.466796][ T41] ret_from_fork+0x1f/0x30
[ 56.471249][ T41]
[ 56.483797][ T5100] XFS (loop0): Quotacheck: Done.
[ 56.512799][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5109
./strace-static-x86_64: Process 5109 attached
[pid 5109] chdir("./3") = 0
[pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5109] setpgid(0, 0) = 0
[pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5109] write(3, "1000", 4) = 4
[pid 5109] close(3) = 0
[pid 5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5109] memfd_create("syzkaller", 0) = 3
[pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5109] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5109] munmap(0x7f086baf4000, 16777216) = 0
[pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5109] close(3) = 0
[pid 5109] mkdir("./file0", 0777) = 0
[ 56.706671][ T5109] loop0: detected capacity change from 0 to 32768
[ 56.717615][ T5109] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 56.746817][ T5109] XFS (loop0): Ending clean mount
[ 56.753294][ T5109] XFS (loop0): Quotacheck needed: Please wait.
[ 56.761400][ T1229] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 56.770847][ T1229] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1229, name: kworker/u4:6
[ 56.780370][ T1229] preempt_count: 0, expected: 0
[ 56.785525][ T1229] RCU nest depth: 1, expected: 0
[ 56.790804][ T1229] INFO: lockdep is turned off.
[ 56.795732][ T1229] CPU: 1 PID: 1229 Comm: kworker/u4:6 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 56.806828][ T1229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 56.817167][ T1229] Workqueue: xfs_iwalk-5109 xfs_pwork_work
[ 56.823025][ T1229] Call Trace:
[ 56.826314][ T1229]
[ 56.829236][ T1229] dump_stack_lvl+0x136/0x150
[ 56.834096][ T1229] __might_resched+0x358/0x580
[ 56.838884][ T1229] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 56.843914][ T1229] __mutex_lock+0x9f/0x1350
[ 56.848696][ T1229] ? rcu_is_watching+0x12/0xb0
[ 56.853457][ T1229] ? xfs_buf_get_map+0xc94/0x2fd0
[ 56.858476][ T1229] ? vm_map_ram+0x13d/0xcf0
[ 56.862976][ T1229] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 56.868609][ T1229] ? rcu_is_watching+0x12/0xb0
[ 56.874672][ T1229] ? trace_lock_acquire+0x12d/0x180
[ 56.879876][ T1229] ? rcu_is_watching+0x12/0xb0
[ 56.884829][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 56.889250][ T1229] ? lock_acquire+0x32/0xc0
[ 56.893828][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 56.898228][ T1229] vm_map_ram+0x13d/0xcf0
[ 56.902545][ T1229] ? rcu_is_watching+0x12/0xb0
[ 56.907312][ T1229] _xfs_buf_map_pages+0x158/0x3a0
[ 56.912324][ T1229] xfs_buf_get_map+0x1cb8/0x2fd0
[ 56.917266][ T1229] ? rcu_is_watching+0x12/0xb0
[ 56.922072][ T1229] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 56.927206][ T1229] ? xfs_buf_set_ref+0x24/0x60
[ 56.931973][ T1229] ? xfs_btree_set_refs+0x9c/0xb0
[ 56.936988][ T1229] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 56.943663][ T1229] ? kasan_save_stack+0x32/0x40
[ 56.948608][ T1229] xfs_buf_read_map+0xce/0xb10
[ 56.953375][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 56.958582][ T1229] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 56.964119][ T1229] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 56.969232][ T1229] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 56.975115][ T1229] xfs_buf_readahead_map+0x8c/0xc0
[ 56.980228][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 56.985476][ T1229] ? xfs_buf_read_map+0xb10/0xb10
[ 56.990497][ T1229] ? xfs_btree_rec_offset+0x7a/0x120
[ 56.995786][ T1229] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 57.001587][ T1229] ? xfs_lookup_get_search_key+0x42/0xc0
[ 57.007211][ T1229] xfs_btree_reada_bufs+0x170/0x1e0
[ 57.012400][ T1229] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 57.018312][ T1229] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 57.023461][ T1229] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 57.028662][ T1229] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 57.033856][ T1229] xfs_iwalk_ag+0x607/0x930
[ 57.038386][ T1229] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 57.044025][ T1229] ? rcu_is_watching+0x12/0xb0
[ 57.048780][ T1229] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 57.054051][ T1229] ? xfs_trans_alloc+0x880/0x880
[ 57.058984][ T1229] xfs_iwalk_ag_work+0x14a/0x1c0
[ 57.063943][ T1229] ? xfs_iwalk_ag+0x930/0x930
[ 57.068621][ T1229] xfs_pwork_work+0x7f/0x160
[ 57.073384][ T1229] process_one_work+0x99a/0x15e0
[ 57.078321][ T1229] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 57.083780][ T1229] ? rcu_is_watching+0x12/0xb0
[ 57.088542][ T1229] ? spin_bug+0x1c0/0x1c0
[ 57.092861][ T1229] ? lock_acquire+0x32/0xc0
[pid 5109] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5109] chdir("./file0") = 0
[pid 5109] ioctl(4, LOOP_CLR_FD) = 0
[pid 5109] close(4) = 0
[pid 5109] exit_group(0) = ?
[pid 5109] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} ---
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
[ 57.097364][ T1229] ? worker_thread+0x16d/0x10c0
[ 57.102216][ T1229] worker_thread+0x67d/0x10c0
[ 57.106886][ T1229] ? process_one_work+0x15e0/0x15e0
[ 57.112081][ T1229] kthread+0x33e/0x440
[ 57.116146][ T1229] ? kthread_complete_and_exit+0x40/0x40
[ 57.121766][ T1229] ret_from_fork+0x1f/0x30
[ 57.126212][ T1229]
[ 57.132298][ T5109] XFS (loop0): Quotacheck: Done.
[ 57.169442][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5118
./strace-static-x86_64: Process 5118 attached
[pid 5118] chdir("./4") = 0
[pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5118] setpgid(0, 0) = 0
[pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5118] write(3, "1000", 4) = 4
[pid 5118] close(3) = 0
[pid 5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5118] memfd_create("syzkaller", 0) = 3
[pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5118] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5118] munmap(0x7f086baf4000, 16777216) = 0
[pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5118] close(3) = 0
[pid 5118] mkdir("./file0", 0777) = 0
[ 57.359947][ T5118] loop0: detected capacity change from 0 to 32768
[ 57.370541][ T5118] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5118] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5118] chdir("./file0") = 0
[pid 5118] ioctl(4, LOOP_CLR_FD) = 0
[pid 5118] close(4) = 0
[pid 5118] exit_group(0) = ?
[pid 5118] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=12 /* 0.12 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 57.400869][ T5118] XFS (loop0): Ending clean mount
[ 57.407144][ T5118] XFS (loop0): Quotacheck needed: Please wait.
[ 57.418890][ T5118] XFS (loop0): Quotacheck: Done.
[ 57.445051][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5127
./strace-static-x86_64: Process 5127 attached
[pid 5127] chdir("./5") = 0
[pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5127] setpgid(0, 0) = 0
[pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5127] write(3, "1000", 4) = 4
[pid 5127] close(3) = 0
[pid 5127] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5127] memfd_create("syzkaller", 0) = 3
[pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5127] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5127] munmap(0x7f086baf4000, 16777216) = 0
[pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5127] close(3) = 0
[pid 5127] mkdir("./file0", 0777) = 0
[ 57.641161][ T5127] loop0: detected capacity change from 0 to 32768
[ 57.651157][ T5127] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5127] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5127] chdir("./file0") = 0
[pid 5127] ioctl(4, LOOP_CLR_FD) = 0
[pid 5127] close(4) = 0
[pid 5127] exit_group(0) = ?
[pid 5127] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} ---
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
[ 57.681678][ T5127] XFS (loop0): Ending clean mount
[ 57.687780][ T5127] XFS (loop0): Quotacheck needed: Please wait.
[ 57.699189][ T5127] XFS (loop0): Quotacheck: Done.
[ 57.723405][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5136
./strace-static-x86_64: Process 5136 attached
[pid 5136] chdir("./6") = 0
[pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5136] setpgid(0, 0) = 0
[pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5136] write(3, "1000", 4) = 4
[pid 5136] close(3) = 0
[pid 5136] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5136] memfd_create("syzkaller", 0) = 3
[pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5136] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5136] munmap(0x7f086baf4000, 16777216) = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5136] close(3) = 0
[pid 5136] mkdir("./file0", 0777) = 0
[ 57.931278][ T5136] loop0: detected capacity change from 0 to 32768
[ 57.942470][ T5136] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 57.971616][ T5136] XFS (loop0): Ending clean mount
[ 57.977787][ T5136] XFS (loop0): Quotacheck needed: Please wait.
[ 57.985688][ T12] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 57.995139][ T12] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12, name: kworker/u4:1
[ 58.004531][ T12] preempt_count: 0, expected: 0
[ 58.009626][ T12] RCU nest depth: 1, expected: 0
[ 58.014797][ T12] INFO: lockdep is turned off.
[ 58.019975][ T12] CPU: 0 PID: 12 Comm: kworker/u4:1 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 58.030908][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 58.040970][ T12] Workqueue: xfs_iwalk-5136 xfs_pwork_work
[ 58.046796][ T12] Call Trace:
[ 58.050073][ T12]
[ 58.053001][ T12] dump_stack_lvl+0x136/0x150
[ 58.057686][ T12] __might_resched+0x358/0x580
[ 58.062462][ T12] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 58.067496][ T12] __mutex_lock+0x9f/0x1350
[ 58.072006][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.076779][ T12] ? xfs_buf_get_map+0xc94/0x2fd0
[ 58.081810][ T12] ? vm_map_ram+0x13d/0xcf0
[ 58.086332][ T12] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 58.092164][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.096937][ T12] ? trace_lock_acquire+0x12d/0x180
[ 58.102138][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.106909][ T12] ? vm_map_ram+0x7a/0xcf0
[ 58.111329][ T12] ? lock_acquire+0x32/0xc0
[ 58.115862][ T12] ? vm_map_ram+0x7a/0xcf0
[ 58.120383][ T12] vm_map_ram+0x13d/0xcf0
[ 58.124714][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.129487][ T12] _xfs_buf_map_pages+0x158/0x3a0
[ 58.134534][ T12] xfs_buf_get_map+0x1cb8/0x2fd0
[ 58.139505][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.144297][ T12] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 58.149442][ T12] ? xfs_buf_set_ref+0x24/0x60
[ 58.154214][ T12] ? xfs_btree_set_refs+0x9c/0xb0
[ 58.159254][ T12] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 58.165933][ T12] ? kasan_save_stack+0x32/0x40
[ 58.170797][ T12] xfs_buf_read_map+0xce/0xb10
[ 58.175565][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 58.180765][ T12] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 58.186314][ T12] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 58.191445][ T12] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 58.197367][ T12] xfs_buf_readahead_map+0x8c/0xc0
[ 58.202513][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 58.207719][ T12] ? xfs_buf_read_map+0xb10/0xb10
[ 58.212747][ T12] ? xfs_btree_rec_offset+0x7a/0x120
[ 58.218036][ T12] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 58.223858][ T12] ? xfs_lookup_get_search_key+0x42/0xc0
[ 58.229513][ T12] xfs_btree_reada_bufs+0x170/0x1e0
[ 58.234721][ T12] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 58.240627][ T12] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 58.245751][ T12] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 58.250957][ T12] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 58.256166][ T12] xfs_iwalk_ag+0x607/0x930
[ 58.260695][ T12] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 58.266360][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.271156][ T12] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 58.276451][ T12] ? xfs_trans_alloc+0x880/0x880
[ 58.281393][ T12] xfs_iwalk_ag_work+0x14a/0x1c0
[ 58.286516][ T12] ? xfs_iwalk_ag+0x930/0x930
[ 58.291205][ T12] xfs_pwork_work+0x7f/0x160
[ 58.295805][ T12] process_one_work+0x99a/0x15e0
[ 58.300781][ T12] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 58.306249][ T12] ? rcu_is_watching+0x12/0xb0
[ 58.311282][ T12] ? spin_bug+0x1c0/0x1c0
[ 58.315632][ T12] ? lock_acquire+0x32/0xc0
[pid 5136] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5136] chdir("./file0") = 0
[pid 5136] ioctl(4, LOOP_CLR_FD) = 0
[pid 5136] close(4) = 0
[pid 5136] exit_group(0) = ?
[pid 5136] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
[ 58.320136][ T12] ? worker_thread+0x16d/0x10c0
[ 58.325000][ T12] worker_thread+0x67d/0x10c0
[ 58.329688][ T12] ? process_one_work+0x15e0/0x15e0
[ 58.334983][ T12] kthread+0x33e/0x440
[ 58.339054][ T12] ? kthread_complete_and_exit+0x40/0x40
[ 58.344689][ T12] ret_from_fork+0x1f/0x30
[ 58.349123][ T12]
[ 58.355348][ T5136] XFS (loop0): Quotacheck: Done.
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5145
./strace-static-x86_64: Process 5145 attached
[pid 5145] chdir("./7") = 0
[pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5145] setpgid(0, 0) = 0
[pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5145] write(3, "1000", 4) = 4
[pid 5145] close(3) = 0
[ 58.371316][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5145] memfd_create("syzkaller", 0) = 3
[pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5145] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5145] munmap(0x7f086baf4000, 16777216) = 0
[pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5145] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5145] close(3) = 0
[pid 5145] mkdir("./file0", 0777) = 0
[ 58.543244][ T5145] loop0: detected capacity change from 0 to 32768
[ 58.554284][ T5145] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5145] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5145] chdir("./file0") = 0
[pid 5145] ioctl(4, LOOP_CLR_FD) = 0
[pid 5145] close(4) = 0
[pid 5145] exit_group(0) = ?
[pid 5145] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
[ 58.584704][ T5145] XFS (loop0): Ending clean mount
[ 58.590973][ T5145] XFS (loop0): Quotacheck needed: Please wait.
[ 58.601571][ T5145] XFS (loop0): Quotacheck: Done.
[ 58.623192][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5154
./strace-static-x86_64: Process 5154 attached
[pid 5154] chdir("./8") = 0
[pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5154] setpgid(0, 0) = 0
[pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5154] write(3, "1000", 4) = 4
[pid 5154] close(3) = 0
[pid 5154] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5154] memfd_create("syzkaller", 0) = 3
[pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5154] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5154] munmap(0x7f086baf4000, 16777216) = 0
[pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5154] close(3) = 0
[pid 5154] mkdir("./file0", 0777) = 0
[ 58.819544][ T5154] loop0: detected capacity change from 0 to 32768
[ 58.829605][ T5154] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 58.858684][ T5154] XFS (loop0): Ending clean mount
[pid 5154] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5154] chdir("./file0") = 0
[pid 5154] ioctl(4, LOOP_CLR_FD) = 0
[pid 5154] close(4) = 0
[pid 5154] exit_group(0) = ?
[pid 5154] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
[ 58.864710][ T5154] XFS (loop0): Quotacheck needed: Please wait.
[ 58.875756][ T5154] XFS (loop0): Quotacheck: Done.
[ 58.902506][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5163
./strace-static-x86_64: Process 5163 attached
[pid 5163] chdir("./9") = 0
[pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5163] setpgid(0, 0) = 0
[pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5163] write(3, "1000", 4) = 4
[pid 5163] close(3) = 0
[pid 5163] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5163] memfd_create("syzkaller", 0) = 3
[pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5163] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5163] munmap(0x7f086baf4000, 16777216) = 0
[pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5163] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5163] close(3) = 0
[pid 5163] mkdir("./file0", 0777) = 0
[ 59.089983][ T5163] loop0: detected capacity change from 0 to 32768
[ 59.100480][ T5163] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 59.122798][ T5163] XFS (loop0): Ending clean mount
[ 59.128684][ T5163] XFS (loop0): Quotacheck needed: Please wait.
[ 59.135566][ T41] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 59.144994][ T41] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 41, name: kworker/u4:2
[ 59.154083][ T41] preempt_count: 0, expected: 0
[ 59.159073][ T41] RCU nest depth: 1, expected: 0
[ 59.164033][ T41] INFO: lockdep is turned off.
[ 59.168781][ T41] CPU: 1 PID: 41 Comm: kworker/u4:2 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 59.179699][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 59.189749][ T41] Workqueue: xfs_iwalk-5163 xfs_pwork_work
[ 59.195569][ T41] Call Trace:
[ 59.198850][ T41]
[ 59.201778][ T41] dump_stack_lvl+0x136/0x150
[ 59.206472][ T41] __might_resched+0x358/0x580
[ 59.211237][ T41] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 59.216343][ T41] __mutex_lock+0x9f/0x1350
[ 59.220856][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.225630][ T41] ? xfs_buf_get_map+0xc94/0x2fd0
[ 59.230676][ T41] ? vm_map_ram+0x13d/0xcf0
[ 59.235208][ T41] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 59.240785][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.245572][ T41] ? trace_lock_acquire+0x12d/0x180
[ 59.250775][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.255554][ T41] ? vm_map_ram+0x7a/0xcf0
[ 59.259981][ T41] ? lock_acquire+0x32/0xc0
[ 59.264488][ T41] ? vm_map_ram+0x7a/0xcf0
[ 59.268906][ T41] vm_map_ram+0x13d/0xcf0
[ 59.273238][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.278025][ T41] _xfs_buf_map_pages+0x158/0x3a0
[ 59.283074][ T41] xfs_buf_get_map+0x1cb8/0x2fd0
[ 59.288045][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.292836][ T41] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 59.297998][ T41] ? xfs_buf_set_ref+0x24/0x60
[ 59.302792][ T41] ? xfs_btree_set_refs+0x9c/0xb0
[ 59.307836][ T41] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 59.314538][ T41] ? kasan_save_stack+0x32/0x40
[ 59.319408][ T41] xfs_buf_read_map+0xce/0xb10
[ 59.324186][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 59.329394][ T41] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 59.334970][ T41] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 59.340088][ T41] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 59.345991][ T41] xfs_buf_readahead_map+0x8c/0xc0
[ 59.351109][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 59.356332][ T41] ? xfs_buf_read_map+0xb10/0xb10
[ 59.361371][ T41] ? xfs_btree_rec_offset+0x7a/0x120
[ 59.366688][ T41] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 59.372613][ T41] ? xfs_lookup_get_search_key+0x42/0xc0
[ 59.378260][ T41] xfs_btree_reada_bufs+0x170/0x1e0
[ 59.383473][ T41] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 59.389375][ T41] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 59.394501][ T41] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 59.399707][ T41] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 59.404915][ T41] xfs_iwalk_ag+0x607/0x930
[ 59.409431][ T41] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 59.415084][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.419875][ T41] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 59.425247][ T41] ? xfs_trans_alloc+0x880/0x880
[ 59.430195][ T41] xfs_iwalk_ag_work+0x14a/0x1c0
[ 59.435142][ T41] ? xfs_iwalk_ag+0x930/0x930
[ 59.439826][ T41] xfs_pwork_work+0x7f/0x160
[ 59.444426][ T41] process_one_work+0x99a/0x15e0
[ 59.449373][ T41] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 59.454925][ T41] ? rcu_is_watching+0x12/0xb0
[ 59.459697][ T41] ? spin_bug+0x1c0/0x1c0
[ 59.464043][ T41] ? lock_acquire+0x32/0xc0
[ 59.468569][ T41] ? worker_thread+0x16d/0x10c0
[ 59.473467][ T41] worker_thread+0x67d/0x10c0
[ 59.478175][ T41] ? process_one_work+0x15e0/0x15e0
[ 59.483385][ T41] kthread+0x33e/0x440
[pid 5163] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5163] chdir("./file0") = 0
[pid 5163] ioctl(4, LOOP_CLR_FD) = 0
[pid 5163] close(4) = 0
[pid 5163] exit_group(0) = ?
[pid 5163] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
[ 59.487457][ T41] ? kthread_complete_and_exit+0x40/0x40
[ 59.493095][ T41] ret_from_fork+0x1f/0x30
[ 59.497534][ T41]
[ 59.503597][ T5163] XFS (loop0): Quotacheck: Done.
[ 59.530017][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5172
./strace-static-x86_64: Process 5172 attached
[pid 5172] chdir("./10") = 0
[pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5172] setpgid(0, 0) = 0
[pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5172] write(3, "1000", 4) = 4
[pid 5172] close(3) = 0
[pid 5172] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5172] memfd_create("syzkaller", 0) = 3
[pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5172] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5172] munmap(0x7f086baf4000, 16777216) = 0
[pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5172] close(3) = 0
[pid 5172] mkdir("./file0", 0777) = 0
[ 59.715968][ T5172] loop0: detected capacity change from 0 to 32768
[ 59.727557][ T5172] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5172] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5172] chdir("./file0") = 0
[pid 5172] ioctl(4, LOOP_CLR_FD) = 0
[pid 5172] close(4) = 0
[pid 5172] exit_group(0) = ?
[pid 5172] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
[ 59.756518][ T5172] XFS (loop0): Ending clean mount
[ 59.762602][ T5172] XFS (loop0): Quotacheck needed: Please wait.
[ 59.773565][ T5172] XFS (loop0): Quotacheck: Done.
[ 59.799057][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5181
./strace-static-x86_64: Process 5181 attached
[pid 5181] chdir("./11") = 0
[pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5181] setpgid(0, 0) = 0
[pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5181] write(3, "1000", 4) = 4
[pid 5181] close(3) = 0
[pid 5181] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5181] memfd_create("syzkaller", 0) = 3
[pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5181] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5181] munmap(0x7f086baf4000, 16777216) = 0
[pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5181] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5181] close(3) = 0
[pid 5181] mkdir("./file0", 0777) = 0
[ 60.012949][ T5181] loop0: detected capacity change from 0 to 32768
[ 60.024142][ T5181] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5181] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5181] chdir("./file0") = 0
[pid 5181] ioctl(4, LOOP_CLR_FD) = 0
[pid 5181] close(4) = 0
[pid 5181] exit_group(0) = ?
[pid 5181] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
[ 60.055483][ T5181] XFS (loop0): Ending clean mount
[ 60.061842][ T5181] XFS (loop0): Quotacheck needed: Please wait.
[ 60.073709][ T5181] XFS (loop0): Quotacheck: Done.
[ 60.102187][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5190
./strace-static-x86_64: Process 5190 attached
[pid 5190] chdir("./12") = 0
[pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5190] setpgid(0, 0) = 0
[pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5190] write(3, "1000", 4) = 4
[pid 5190] close(3) = 0
[pid 5190] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5190] memfd_create("syzkaller", 0) = 3
[pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5190] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5190] munmap(0x7f086baf4000, 16777216) = 0
[pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5190] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5190] close(3) = 0
[pid 5190] mkdir("./file0", 0777) = 0
[ 60.298281][ T5190] loop0: detected capacity change from 0 to 32768
[ 60.308467][ T5190] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 60.338335][ T5190] XFS (loop0): Ending clean mount
[ 60.344569][ T5190] XFS (loop0): Quotacheck needed: Please wait.
[ 60.352947][ T12] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 60.362354][ T12] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12, name: kworker/u4:1
[ 60.371638][ T12] preempt_count: 0, expected: 0
[ 60.376675][ T12] RCU nest depth: 1, expected: 0
[ 60.381735][ T12] INFO: lockdep is turned off.
[ 60.386669][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 60.397885][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 60.407942][ T12] Workqueue: xfs_iwalk-5190 xfs_pwork_work
[ 60.413802][ T12] Call Trace:
[ 60.417091][ T12]
[ 60.420023][ T12] dump_stack_lvl+0x136/0x150
[ 60.424728][ T12] __might_resched+0x358/0x580
[ 60.429493][ T12] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 60.434786][ T12] __mutex_lock+0x9f/0x1350
[ 60.439292][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.444052][ T12] ? xfs_buf_get_map+0xc94/0x2fd0
[ 60.449100][ T12] ? vm_map_ram+0x13d/0xcf0
[ 60.453598][ T12] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 60.459162][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.464200][ T12] ? trace_lock_acquire+0x12d/0x180
[ 60.469476][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.474234][ T12] ? vm_map_ram+0x7a/0xcf0
[ 60.478658][ T12] ? lock_acquire+0x32/0xc0
[ 60.483164][ T12] ? vm_map_ram+0x7a/0xcf0
[ 60.487587][ T12] vm_map_ram+0x13d/0xcf0
[ 60.492088][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.496857][ T12] _xfs_buf_map_pages+0x158/0x3a0
[ 60.501873][ T12] xfs_buf_get_map+0x1cb8/0x2fd0
[ 60.506801][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.511570][ T12] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 60.516693][ T12] ? xfs_buf_set_ref+0x24/0x60
[ 60.521457][ T12] ? xfs_btree_set_refs+0x9c/0xb0
[ 60.526491][ T12] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 60.533157][ T12] ? kasan_save_stack+0x32/0x40
[ 60.538009][ T12] xfs_buf_read_map+0xce/0xb10
[ 60.542774][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 60.547972][ T12] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 60.553518][ T12] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 60.558636][ T12] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 60.564570][ T12] xfs_buf_readahead_map+0x8c/0xc0
[ 60.569684][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 60.574893][ T12] ? xfs_buf_read_map+0xb10/0xb10
[ 60.579916][ T12] ? xfs_btree_rec_offset+0x7a/0x120
[ 60.585200][ T12] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 60.591002][ T12] ? xfs_lookup_get_search_key+0x42/0xc0
[ 60.596624][ T12] xfs_btree_reada_bufs+0x170/0x1e0
[ 60.601820][ T12] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 60.607711][ T12] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 60.612841][ T12] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 60.618077][ T12] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 60.623274][ T12] xfs_iwalk_ag+0x607/0x930
[ 60.627771][ T12] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 60.633435][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.638282][ T12] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 60.643566][ T12] ? xfs_trans_alloc+0x880/0x880
[ 60.648526][ T12] xfs_iwalk_ag_work+0x14a/0x1c0
[ 60.653487][ T12] ? xfs_iwalk_ag+0x930/0x930
[ 60.658178][ T12] xfs_pwork_work+0x7f/0x160
[ 60.662763][ T12] process_one_work+0x99a/0x15e0
[ 60.667698][ T12] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 60.673066][ T12] ? rcu_is_watching+0x12/0xb0
[ 60.677849][ T12] ? spin_bug+0x1c0/0x1c0
[ 60.682179][ T12] ? lock_acquire+0x32/0xc0
[ 60.686778][ T12] ? worker_thread+0x16d/0x10c0
[ 60.691633][ T12] worker_thread+0x67d/0x10c0
[pid 5190] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5190] chdir("./file0") = 0
[pid 5190] ioctl(4, LOOP_CLR_FD) = 0
[pid 5190] close(4) = 0
[pid 5190] exit_group(0) = ?
[pid 5190] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} ---
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
[ 60.696324][ T12] ? process_one_work+0x15e0/0x15e0
[ 60.701522][ T12] kthread+0x33e/0x440
[ 60.705584][ T12] ? kthread_complete_and_exit+0x40/0x40
[ 60.711229][ T12] ret_from_fork+0x1f/0x30
[ 60.715773][ T12]
[ 60.723619][ T5190] XFS (loop0): Quotacheck: Done.
[ 60.749489][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5199
./strace-static-x86_64: Process 5199 attached
[pid 5199] chdir("./13") = 0
[pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5199] setpgid(0, 0) = 0
[pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5199] write(3, "1000", 4) = 4
[pid 5199] close(3) = 0
[pid 5199] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5199] memfd_create("syzkaller", 0) = 3
[pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5199] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5199] munmap(0x7f086baf4000, 16777216) = 0
[pid 5199] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5199] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5199] close(3) = 0
[pid 5199] mkdir("./file0", 0777) = 0
[ 60.938391][ T5199] loop0: detected capacity change from 0 to 32768
[ 60.949956][ T5199] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5199] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5199] chdir("./file0") = 0
[pid 5199] ioctl(4, LOOP_CLR_FD) = 0
[pid 5199] close(4) = 0
[pid 5199] exit_group(0) = ?
[pid 5199] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
[ 60.981466][ T5199] XFS (loop0): Ending clean mount
[ 60.987514][ T5199] XFS (loop0): Quotacheck needed: Please wait.
[ 60.998085][ T5199] XFS (loop0): Quotacheck: Done.
[ 61.022333][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5208
./strace-static-x86_64: Process 5208 attached
[pid 5208] chdir("./14") = 0
[pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5208] setpgid(0, 0) = 0
[pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5208] write(3, "1000", 4) = 4
[pid 5208] close(3) = 0
[pid 5208] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5208] memfd_create("syzkaller", 0) = 3
[pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5208] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5208] munmap(0x7f086baf4000, 16777216) = 0
[pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5208] close(3) = 0
[pid 5208] mkdir("./file0", 0777) = 0
[ 61.228870][ T5208] loop0: detected capacity change from 0 to 32768
[ 61.238716][ T5208] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 61.267847][ T5208] XFS (loop0): Ending clean mount
[pid 5208] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5208] chdir("./file0") = 0
[pid 5208] ioctl(4, LOOP_CLR_FD) = 0
[pid 5208] close(4) = 0
[pid 5208] exit_group(0) = ?
[pid 5208] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} ---
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./14/binderfs") = 0
[ 61.274111][ T5208] XFS (loop0): Quotacheck needed: Please wait.
[ 61.286561][ T5208] XFS (loop0): Quotacheck: Done.
[ 61.314427][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5217
./strace-static-x86_64: Process 5217 attached
[pid 5217] chdir("./15") = 0
[pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5217] setpgid(0, 0) = 0
[pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5217] write(3, "1000", 4) = 4
[pid 5217] close(3) = 0
[pid 5217] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5217] memfd_create("syzkaller", 0) = 3
[pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5217] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5217] munmap(0x7f086baf4000, 16777216) = 0
[pid 5217] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5217] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5217] close(3) = 0
[pid 5217] mkdir("./file0", 0777) = 0
[ 61.517899][ T5217] loop0: detected capacity change from 0 to 32768
[ 61.527886][ T5217] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 61.556925][ T5217] XFS (loop0): Ending clean mount
[ 61.563201][ T5217] XFS (loop0): Quotacheck needed: Please wait.
[ 61.570794][ T12] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 61.580306][ T12] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12, name: kworker/u4:1
[ 61.589545][ T12] preempt_count: 0, expected: 0
[ 61.594404][ T12] RCU nest depth: 1, expected: 0
[ 61.599639][ T12] INFO: lockdep is turned off.
[ 61.604402][ T12] CPU: 0 PID: 12 Comm: kworker/u4:1 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 61.615342][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 61.625388][ T12] Workqueue: xfs_iwalk-5217 xfs_pwork_work
[ 61.631213][ T12] Call Trace:
[ 61.634489][ T12]
[ 61.637404][ T12] dump_stack_lvl+0x136/0x150
[ 61.642080][ T12] __might_resched+0x358/0x580
[ 61.646876][ T12] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 61.652006][ T12] __mutex_lock+0x9f/0x1350
[ 61.656604][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.661384][ T12] ? xfs_buf_get_map+0xc94/0x2fd0
[ 61.666419][ T12] ? vm_map_ram+0x13d/0xcf0
[ 61.670950][ T12] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 61.676511][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.681292][ T12] ? trace_lock_acquire+0x12d/0x180
[ 61.686509][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.691280][ T12] ? vm_map_ram+0x7a/0xcf0
[ 61.695695][ T12] ? lock_acquire+0x32/0xc0
[ 61.700285][ T12] ? vm_map_ram+0x7a/0xcf0
[ 61.704702][ T12] vm_map_ram+0x13d/0xcf0
[ 61.709034][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.713809][ T12] _xfs_buf_map_pages+0x158/0x3a0
[ 61.718942][ T12] xfs_buf_get_map+0x1cb8/0x2fd0
[ 61.724322][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.729108][ T12] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 61.734224][ T12] ? xfs_buf_set_ref+0x24/0x60
[ 61.739010][ T12] ? xfs_btree_set_refs+0x9c/0xb0
[ 61.744037][ T12] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 61.750717][ T12] ? kasan_save_stack+0x32/0x40
[ 61.755599][ T12] xfs_buf_read_map+0xce/0xb10
[ 61.760375][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 61.765584][ T12] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 61.771322][ T12] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 61.776498][ T12] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 61.782400][ T12] xfs_buf_readahead_map+0x8c/0xc0
[ 61.787543][ T12] ? xfs_buf_readahead_map+0x4/0xc0
[ 61.792834][ T12] ? xfs_buf_read_map+0xb10/0xb10
[ 61.797877][ T12] ? xfs_btree_rec_offset+0x7a/0x120
[ 61.803435][ T12] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 61.809440][ T12] ? xfs_lookup_get_search_key+0x42/0xc0
[ 61.815113][ T12] xfs_btree_reada_bufs+0x170/0x1e0
[ 61.820328][ T12] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 61.826234][ T12] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 61.831367][ T12] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 61.836593][ T12] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 61.841801][ T12] xfs_iwalk_ag+0x607/0x930
[ 61.846330][ T12] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 61.851995][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.856782][ T12] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 61.862081][ T12] ? xfs_trans_alloc+0x880/0x880
[ 61.867030][ T12] xfs_iwalk_ag_work+0x14a/0x1c0
[ 61.871974][ T12] ? xfs_iwalk_ag+0x930/0x930
[ 61.876675][ T12] xfs_pwork_work+0x7f/0x160
[ 61.881365][ T12] process_one_work+0x99a/0x15e0
[ 61.886328][ T12] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 61.891722][ T12] ? rcu_is_watching+0x12/0xb0
[ 61.896498][ T12] ? spin_bug+0x1c0/0x1c0
[ 61.900834][ T12] ? lock_acquire+0x32/0xc0
[ 61.905341][ T12] ? worker_thread+0x16d/0x10c0
[ 61.910407][ T12] worker_thread+0x67d/0x10c0
[pid 5217] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5217] chdir("./file0") = 0
[pid 5217] ioctl(4, LOOP_CLR_FD) = 0
[pid 5217] close(4) = 0
[pid 5217] exit_group(0) = ?
[pid 5217] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
[ 61.915200][ T12] ? process_one_work+0x15e0/0x15e0
[ 61.920408][ T12] kthread+0x33e/0x440
[ 61.924569][ T12] ? kthread_complete_and_exit+0x40/0x40
[ 61.930206][ T12] ret_from_fork+0x1f/0x30
[ 61.934651][ T12]
[ 61.943969][ T5217] XFS (loop0): Quotacheck: Done.
[ 61.965686][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5226 attached
, child_tidptr=0x5555556825d0) = 5226
[pid 5226] chdir("./16") = 0
[pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5226] setpgid(0, 0) = 0
[pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5226] write(3, "1000", 4) = 4
[pid 5226] close(3) = 0
[pid 5226] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5226] memfd_create("syzkaller", 0) = 3
[pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5226] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5226] munmap(0x7f086baf4000, 16777216) = 0
[pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5226] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5226] close(3) = 0
[pid 5226] mkdir("./file0", 0777) = 0
[ 62.165003][ T5226] loop0: detected capacity change from 0 to 32768
[ 62.176034][ T5226] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 62.205019][ T5226] XFS (loop0): Ending clean mount
[pid 5226] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5226] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5226] chdir("./file0") = 0
[pid 5226] ioctl(4, LOOP_CLR_FD) = 0
[pid 5226] close(4) = 0
[pid 5226] exit_group(0) = ?
[pid 5226] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
[ 62.211180][ T5226] XFS (loop0): Quotacheck needed: Please wait.
[ 62.222273][ T5226] XFS (loop0): Quotacheck: Done.
[ 62.244153][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5235
./strace-static-x86_64: Process 5235 attached
[pid 5235] chdir("./17") = 0
[pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5235] setpgid(0, 0) = 0
[pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5235] write(3, "1000", 4) = 4
[pid 5235] close(3) = 0
[pid 5235] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5235] memfd_create("syzkaller", 0) = 3
[pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5235] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5235] munmap(0x7f086baf4000, 16777216) = 0
[pid 5235] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5235] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5235] close(3) = 0
[pid 5235] mkdir("./file0", 0777) = 0
[ 62.448363][ T5235] loop0: detected capacity change from 0 to 32768
[ 62.458465][ T5235] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 62.488450][ T5235] XFS (loop0): Ending clean mount
[pid 5235] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5235] chdir("./file0") = 0
[pid 5235] ioctl(4, LOOP_CLR_FD) = 0
[pid 5235] close(4) = 0
[pid 5235] exit_group(0) = ?
[pid 5235] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} ---
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
[ 62.494559][ T5235] XFS (loop0): Quotacheck needed: Please wait.
[ 62.504125][ T5235] XFS (loop0): Quotacheck: Done.
[ 62.514900][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5244
./strace-static-x86_64: Process 5244 attached
[pid 5244] chdir("./18") = 0
[pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5244] setpgid(0, 0) = 0
[pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5244] write(3, "1000", 4) = 4
[pid 5244] close(3) = 0
[pid 5244] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5244] memfd_create("syzkaller", 0) = 3
[pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5244] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5244] munmap(0x7f086baf4000, 16777216) = 0
[pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5244] close(3) = 0
[pid 5244] mkdir("./file0", 0777) = 0
[ 62.737246][ T5244] loop0: detected capacity change from 0 to 32768
[ 62.747126][ T5244] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 62.770145][ T5244] XFS (loop0): Ending clean mount
[ 62.775965][ T5244] XFS (loop0): Quotacheck needed: Please wait.
[ 62.784197][ T1229] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 62.793832][ T1229] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1229, name: kworker/u4:6
[ 62.803342][ T1229] preempt_count: 0, expected: 0
[ 62.808312][ T1229] RCU nest depth: 1, expected: 0
[ 62.813584][ T1229] INFO: lockdep is turned off.
[ 62.818547][ T1229] CPU: 0 PID: 1229 Comm: kworker/u4:6 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 62.829644][ T1229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 62.839686][ T1229] Workqueue: xfs_iwalk-5244 xfs_pwork_work
[ 62.845511][ T1229] Call Trace:
[ 62.848775][ T1229]
[ 62.851690][ T1229] dump_stack_lvl+0x136/0x150
[ 62.856357][ T1229] __might_resched+0x358/0x580
[ 62.861119][ T1229] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 62.866154][ T1229] __mutex_lock+0x9f/0x1350
[ 62.870670][ T1229] ? rcu_is_watching+0x12/0xb0
[ 62.875432][ T1229] ? xfs_buf_get_map+0xc94/0x2fd0
[ 62.880447][ T1229] ? vm_map_ram+0x13d/0xcf0
[ 62.884936][ T1229] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 62.890475][ T1229] ? rcu_is_watching+0x12/0xb0
[ 62.895228][ T1229] ? trace_lock_acquire+0x12d/0x180
[ 62.900412][ T1229] ? rcu_is_watching+0x12/0xb0
[ 62.905162][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 62.909578][ T1229] ? lock_acquire+0x32/0xc0
[ 62.914081][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 62.918488][ T1229] vm_map_ram+0x13d/0xcf0
[ 62.922809][ T1229] ? rcu_is_watching+0x12/0xb0
[ 62.927566][ T1229] _xfs_buf_map_pages+0x158/0x3a0
[ 62.932595][ T1229] xfs_buf_get_map+0x1cb8/0x2fd0
[ 62.937535][ T1229] ? rcu_is_watching+0x12/0xb0
[ 62.942322][ T1229] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 62.947429][ T1229] ? xfs_buf_set_ref+0x24/0x60
[ 62.952208][ T1229] ? xfs_btree_set_refs+0x9c/0xb0
[ 62.957230][ T1229] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 62.963909][ T1229] ? kasan_save_stack+0x32/0x40
[ 62.968760][ T1229] xfs_buf_read_map+0xce/0xb10
[ 62.973525][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 62.978719][ T1229] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 62.984260][ T1229] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 62.989381][ T1229] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 62.995272][ T1229] xfs_buf_readahead_map+0x8c/0xc0
[ 63.000372][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 63.005566][ T1229] ? xfs_buf_read_map+0xb10/0xb10
[ 63.010586][ T1229] ? xfs_btree_rec_offset+0x7a/0x120
[ 63.015872][ T1229] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 63.021680][ T1229] ? xfs_lookup_get_search_key+0x42/0xc0
[ 63.027318][ T1229] xfs_btree_reada_bufs+0x170/0x1e0
[ 63.032528][ T1229] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 63.038418][ T1229] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 63.043526][ T1229] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 63.048713][ T1229] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 63.053900][ T1229] xfs_iwalk_ag+0x607/0x930
[ 63.058395][ T1229] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 63.064033][ T1229] ? rcu_is_watching+0x12/0xb0
[ 63.068791][ T1229] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 63.074063][ T1229] ? xfs_trans_alloc+0x880/0x880
[ 63.078993][ T1229] xfs_iwalk_ag_work+0x14a/0x1c0
[ 63.083925][ T1229] ? xfs_iwalk_ag+0x930/0x930
[ 63.088592][ T1229] xfs_pwork_work+0x7f/0x160
[ 63.093174][ T1229] process_one_work+0x99a/0x15e0
[ 63.098114][ T1229] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 63.103486][ T1229] ? rcu_is_watching+0x12/0xb0
[ 63.108264][ T1229] ? spin_bug+0x1c0/0x1c0
[ 63.112594][ T1229] ? lock_acquire+0x32/0xc0
[ 63.117086][ T1229] ? worker_thread+0x16d/0x10c0
[ 63.121934][ T1229] worker_thread+0x67d/0x10c0
[ 63.126623][ T1229] ? process_one_work+0x15e0/0x15e0
[ 63.131822][ T1229] kthread+0x33e/0x440
[pid 5244] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5244] chdir("./file0") = 0
[pid 5244] ioctl(4, LOOP_CLR_FD) = 0
[pid 5244] close(4) = 0
[pid 5244] exit_group(0) = ?
[pid 5244] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=11 /* 0.11 s */} ---
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
[ 63.135889][ T1229] ? kthread_complete_and_exit+0x40/0x40
[ 63.141530][ T1229] ret_from_fork+0x1f/0x30
[ 63.145959][ T1229]
[ 63.154461][ T5244] XFS (loop0): Quotacheck: Done.
[ 63.180419][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5253
./strace-static-x86_64: Process 5253 attached
[pid 5253] chdir("./19") = 0
[pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5253] setpgid(0, 0) = 0
[pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5253] write(3, "1000", 4) = 4
[pid 5253] close(3) = 0
[pid 5253] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5253] memfd_create("syzkaller", 0) = 3
[pid 5253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5253] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5253] munmap(0x7f086baf4000, 16777216) = 0
[pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5253] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5253] close(3) = 0
[pid 5253] mkdir("./file0", 0777) = 0
[ 63.371187][ T5253] loop0: detected capacity change from 0 to 32768
[ 63.382182][ T5253] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5253] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5253] chdir("./file0") = 0
[pid 5253] ioctl(4, LOOP_CLR_FD) = 0
[pid 5253] close(4) = 0
[pid 5253] exit_group(0) = ?
[pid 5253] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5253, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} ---
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
[ 63.412944][ T5253] XFS (loop0): Ending clean mount
[ 63.419441][ T5253] XFS (loop0): Quotacheck needed: Please wait.
[ 63.431110][ T5253] XFS (loop0): Quotacheck: Done.
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
[ 63.457269][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5262
./strace-static-x86_64: Process 5262 attached
[pid 5262] chdir("./20") = 0
[pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5262] setpgid(0, 0) = 0
[pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5262] write(3, "1000", 4) = 4
[pid 5262] close(3) = 0
[pid 5262] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5262] memfd_create("syzkaller", 0) = 3
[pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5262] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5262] munmap(0x7f086baf4000, 16777216) = 0
[pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5262] close(3) = 0
[pid 5262] mkdir("./file0", 0777) = 0
[ 63.638724][ T5262] loop0: detected capacity change from 0 to 32768
[ 63.648405][ T5262] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 63.678114][ T5262] XFS (loop0): Ending clean mount
[pid 5262] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5262] chdir("./file0") = 0
[pid 5262] ioctl(4, LOOP_CLR_FD) = 0
[pid 5262] close(4) = 0
[pid 5262] exit_group(0) = ?
[pid 5262] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} ---
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
[ 63.684369][ T5262] XFS (loop0): Quotacheck needed: Please wait.
[ 63.696203][ T5262] XFS (loop0): Quotacheck: Done.
[ 63.717952][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5271
./strace-static-x86_64: Process 5271 attached
[pid 5271] chdir("./21") = 0
[pid 5271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5271] setpgid(0, 0) = 0
[pid 5271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5271] write(3, "1000", 4) = 4
[pid 5271] close(3) = 0
[pid 5271] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5271] memfd_create("syzkaller", 0) = 3
[pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5271] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5271] munmap(0x7f086baf4000, 16777216) = 0
[pid 5271] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5271] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5271] close(3) = 0
[pid 5271] mkdir("./file0", 0777) = 0
[ 63.912763][ T5271] loop0: detected capacity change from 0 to 32768
[ 63.934480][ T5271] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 63.966170][ T5271] XFS (loop0): Ending clean mount
[ 63.972623][ T5271] XFS (loop0): Quotacheck needed: Please wait.
[ 63.981364][ T1229] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 63.990706][ T1229] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1229, name: kworker/u4:6
[ 63.999920][ T1229] preempt_count: 0, expected: 0
[ 64.004792][ T1229] RCU nest depth: 1, expected: 0
[ 64.009834][ T1229] INFO: lockdep is turned off.
[ 64.014617][ T1229] CPU: 1 PID: 1229 Comm: kworker/u4:6 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 64.025716][ T1229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 64.035762][ T1229] Workqueue: xfs_iwalk-5271 xfs_pwork_work
[ 64.041578][ T1229] Call Trace:
[ 64.044863][ T1229]
[ 64.047805][ T1229] dump_stack_lvl+0x136/0x150
[ 64.052504][ T1229] __might_resched+0x358/0x580
[ 64.057297][ T1229] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 64.062346][ T1229] __mutex_lock+0x9f/0x1350
[ 64.066857][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.071708][ T1229] ? xfs_buf_get_map+0xc94/0x2fd0
[ 64.076733][ T1229] ? vm_map_ram+0x13d/0xcf0
[ 64.081458][ T1229] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 64.087014][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.091779][ T1229] ? trace_lock_acquire+0x12d/0x180
[ 64.096971][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.101753][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 64.106354][ T1229] ? lock_acquire+0x32/0xc0
[ 64.110886][ T1229] ? vm_map_ram+0x7a/0xcf0
[ 64.115307][ T1229] vm_map_ram+0x13d/0xcf0
[ 64.119626][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.124481][ T1229] _xfs_buf_map_pages+0x158/0x3a0
[ 64.129502][ T1229] xfs_buf_get_map+0x1cb8/0x2fd0
[ 64.134434][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.139206][ T1229] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 64.144332][ T1229] ? xfs_buf_set_ref+0x24/0x60
[ 64.149122][ T1229] ? xfs_btree_set_refs+0x9c/0xb0
[ 64.154181][ T1229] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 64.160886][ T1229] ? kasan_save_stack+0x32/0x40
[ 64.165823][ T1229] xfs_buf_read_map+0xce/0xb10
[ 64.170604][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 64.175803][ T1229] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 64.181342][ T1229] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 64.186458][ T1229] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 64.192374][ T1229] xfs_buf_readahead_map+0x8c/0xc0
[ 64.197582][ T1229] ? xfs_buf_readahead_map+0x4/0xc0
[ 64.202797][ T1229] ? xfs_buf_read_map+0xb10/0xb10
[ 64.207832][ T1229] ? xfs_btree_rec_offset+0x7a/0x120
[ 64.213130][ T1229] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 64.219129][ T1229] ? xfs_lookup_get_search_key+0x42/0xc0
[ 64.224768][ T1229] xfs_btree_reada_bufs+0x170/0x1e0
[ 64.229963][ T1229] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 64.235851][ T1229] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 64.240959][ T1229] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 64.246241][ T1229] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 64.251437][ T1229] xfs_iwalk_ag+0x607/0x930
[ 64.255939][ T1229] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 64.261764][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.266638][ T1229] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 64.271917][ T1229] ? xfs_trans_alloc+0x880/0x880
[ 64.276956][ T1229] xfs_iwalk_ag_work+0x14a/0x1c0
[ 64.282067][ T1229] ? xfs_iwalk_ag+0x930/0x930
[ 64.286741][ T1229] xfs_pwork_work+0x7f/0x160
[ 64.291328][ T1229] process_one_work+0x99a/0x15e0
[ 64.296261][ T1229] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 64.301972][ T1229] ? rcu_is_watching+0x12/0xb0
[ 64.306753][ T1229] ? spin_bug+0x1c0/0x1c0
[ 64.311092][ T1229] ? lock_acquire+0x32/0xc0
[pid 5271] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5271] chdir("./file0") = 0
[pid 5271] ioctl(4, LOOP_CLR_FD) = 0
[pid 5271] close(4) = 0
[pid 5271] exit_group(0) = ?
[pid 5271] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5271, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
[ 64.315603][ T1229] ? worker_thread+0x16d/0x10c0
[ 64.320470][ T1229] worker_thread+0x67d/0x10c0
[ 64.325179][ T1229] ? process_one_work+0x15e0/0x15e0
[ 64.330380][ T1229] kthread+0x33e/0x440
[ 64.334469][ T1229] ? kthread_complete_and_exit+0x40/0x40
[ 64.340122][ T1229] ret_from_fork+0x1f/0x30
[ 64.344537][ T1229]
[ 64.352036][ T5271] XFS (loop0): Quotacheck: Done.
[ 64.377000][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5280
./strace-static-x86_64: Process 5280 attached
[pid 5280] chdir("./22") = 0
[pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5280] setpgid(0, 0) = 0
[pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5280] write(3, "1000", 4) = 4
[pid 5280] close(3) = 0
[pid 5280] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5280] memfd_create("syzkaller", 0) = 3
[pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5280] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5280] munmap(0x7f086baf4000, 16777216) = 0
[pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5280] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5280] close(3) = 0
[pid 5280] mkdir("./file0", 0777) = 0
[ 64.590233][ T5280] loop0: detected capacity change from 0 to 32768
[ 64.601974][ T5280] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5280] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5280] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5280] chdir("./file0") = 0
[pid 5280] ioctl(4, LOOP_CLR_FD) = 0
[pid 5280] close(4) = 0
[pid 5280] exit_group(0) = ?
[pid 5280] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./22/binderfs") = 0
[ 64.632787][ T5280] XFS (loop0): Ending clean mount
[ 64.639234][ T5280] XFS (loop0): Quotacheck needed: Please wait.
[ 64.649983][ T5280] XFS (loop0): Quotacheck: Done.
[ 64.672817][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5289
./strace-static-x86_64: Process 5289 attached
[pid 5289] chdir("./23") = 0
[pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5289] setpgid(0, 0) = 0
[pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5289] write(3, "1000", 4) = 4
[pid 5289] close(3) = 0
[pid 5289] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5289] memfd_create("syzkaller", 0) = 3
[pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5289] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5289] munmap(0x7f086baf4000, 16777216) = 0
[pid 5289] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5289] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5289] close(3) = 0
[pid 5289] mkdir("./file0", 0777) = 0
[ 64.873190][ T5289] loop0: detected capacity change from 0 to 32768
[ 64.893185][ T5289] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[pid 5289] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5289] chdir("./file0") = 0
[pid 5289] ioctl(4, LOOP_CLR_FD) = 0
[pid 5289] close(4) = 0
[pid 5289] exit_group(0) = ?
[pid 5289] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
[ 64.922179][ T5289] XFS (loop0): Ending clean mount
[ 64.928279][ T5289] XFS (loop0): Quotacheck needed: Please wait.
[ 64.939721][ T5289] XFS (loop0): Quotacheck: Done.
[ 64.958233][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555556825d0) = 5298
./strace-static-x86_64: Process 5298 attached
[pid 5298] chdir("./24") = 0
[pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5298] setpgid(0, 0) = 0
[pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5298] write(3, "1000", 4) = 4
[pid 5298] close(3) = 0
[pid 5298] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5298] memfd_create("syzkaller", 0) = 3
[pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f086baf4000
[pid 5298] write(3, "\x58\x46\x53\x42\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbf\xdc\x47\xfc\x10\xd8\x4e\xed\xa5\x62\x11\xa8\x31\xb3\xf7\x91\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00\x24\x40\x00\x00\x00\x00\x00\x00\x24\x41\x00\x00\x00\x00\x00\x00\x24\x42\x00\x00\x00\x02\x00\x00\x20\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x12\x00"..., 16777216) = 16777216
[pid 5298] munmap(0x7f086baf4000, 16777216) = 0
[pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5298] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5298] close(3) = 0
[pid 5298] mkdir("./file0", 0777) = 0
[ 65.147807][ T5298] loop0: detected capacity change from 0 to 32768
[ 65.157755][ T5298] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 65.187287][ T5298] XFS (loop0): Ending clean mount
[ 65.193515][ T5298] XFS (loop0): Quotacheck needed: Please wait.
[ 65.201737][ T41] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580
[ 65.211192][ T41] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 41, name: kworker/u4:2
[ 65.220264][ T41] preempt_count: 0, expected: 0
[ 65.225124][ T41] RCU nest depth: 1, expected: 0
[ 65.230074][ T41] INFO: lockdep is turned off.
[ 65.234829][ T41] CPU: 1 PID: 41 Comm: kworker/u4:2 Tainted: G W 6.3.0-rc3-next-20230320-syzkaller #0
[ 65.245846][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[ 65.255899][ T41] Workqueue: xfs_iwalk-5298 xfs_pwork_work
[ 65.261744][ T41] Call Trace:
[ 65.265014][ T41]
[ 65.268034][ T41] dump_stack_lvl+0x136/0x150
[ 65.272832][ T41] __might_resched+0x358/0x580
[ 65.277617][ T41] ? xfs_buf_get_map+0xa3a/0x2fd0
[ 65.282727][ T41] __mutex_lock+0x9f/0x1350
[ 65.287430][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.292190][ T41] ? xfs_buf_get_map+0xc94/0x2fd0
[ 65.297210][ T41] ? vm_map_ram+0x13d/0xcf0
[ 65.301857][ T41] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 65.307397][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.312419][ T41] ? trace_lock_acquire+0x12d/0x180
[ 65.317711][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.322479][ T41] ? vm_map_ram+0x7a/0xcf0
[ 65.326911][ T41] ? lock_acquire+0x32/0xc0
[ 65.331404][ T41] ? vm_map_ram+0x7a/0xcf0
[ 65.335813][ T41] vm_map_ram+0x13d/0xcf0
[ 65.340394][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.345157][ T41] _xfs_buf_map_pages+0x158/0x3a0
[ 65.350172][ T41] xfs_buf_get_map+0x1cb8/0x2fd0
[ 65.355122][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.359881][ T41] ? xfs_buf_find_lock+0x4f0/0x4f0
[ 65.364987][ T41] ? xfs_buf_set_ref+0x24/0x60
[ 65.369765][ T41] ? xfs_btree_set_refs+0x9c/0xb0
[ 65.374784][ T41] ? xfs_btree_read_buf_block.constprop.0+0xbb/0x350
[ 65.381464][ T41] ? kasan_save_stack+0x32/0x40
[ 65.386337][ T41] xfs_buf_read_map+0xce/0xb10
[ 65.391125][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 65.396321][ T41] ? xfs_btree_ptr_to_daddr+0x2a4/0x7f0
[ 65.401880][ T41] ? xfs_buf_get_map+0x2fd0/0x2fd0
[ 65.407005][ T41] ? xfs_btree_lookup_get_block+0x438/0x6f0
[ 65.412898][ T41] xfs_buf_readahead_map+0x8c/0xc0
[ 65.418005][ T41] ? xfs_buf_readahead_map+0x4/0xc0
[ 65.423329][ T41] ? xfs_buf_read_map+0xb10/0xb10
[ 65.428369][ T41] ? xfs_btree_rec_offset+0x7a/0x120
[ 65.433692][ T41] ? xfs_inobt_init_key_from_rec+0x11/0x70
[ 65.439506][ T41] ? xfs_lookup_get_search_key+0x42/0xc0
[ 65.445139][ T41] xfs_btree_reada_bufs+0x170/0x1e0
[ 65.450341][ T41] ? xfs_btree_readahead.isra.0+0x2c0/0x2c0
[ 65.456236][ T41] xfs_iwalk_ichunk_ra+0x2a1/0x3e0
[ 65.461371][ T41] ? xfs_iwalk_ag_start+0x5d0/0x5d0
[ 65.466592][ T41] ? xfs_iwalk_ag_start+0x1e3/0x5d0
[ 65.471806][ T41] xfs_iwalk_ag+0x607/0x930
[ 65.476326][ T41] ? xfs_iwalk_run_callbacks+0x4b0/0x4b0
[ 65.481971][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.486763][ T41] ? xfs_trans_alloc_empty+0x8d/0xc0
[ 65.492056][ T41] ? xfs_trans_alloc+0x880/0x880
[ 65.497023][ T41] xfs_iwalk_ag_work+0x14a/0x1c0
[ 65.502016][ T41] ? xfs_iwalk_ag+0x930/0x930
[ 65.506737][ T41] xfs_pwork_work+0x7f/0x160
[ 65.511328][ T41] process_one_work+0x99a/0x15e0
[ 65.516419][ T41] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 65.521887][ T41] ? rcu_is_watching+0x12/0xb0
[ 65.526670][ T41] ? spin_bug+0x1c0/0x1c0
[ 65.530997][ T41] ? lock_acquire+0x32/0xc0
[ 65.535676][ T41] ? worker_thread+0x16d/0x10c0
[ 65.540550][ T41] worker_thread+0x67d/0x10c0
[pid 5298] mount("/dev/loop0", "./file0", "xfs", MS_NODIRATIME|MS_RELATIME, "pqnoenforce,,nouuid") = 0
[pid 5298] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5298] chdir("./file0") = 0
[pid 5298] ioctl(4, LOOP_CLR_FD) = 0
[pid 5298] close(4) = 0
[pid 5298] exit_group(0) = ?
[pid 5298] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=11 /* 0.11 s */} ---
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555683620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./24/binderfs") = 0
[ 65.545259][ T41] ? process_one_work+0x15e0/0x15e0
[ 65.550490][ T41] kthread+0x33e/0x440
[ 65.554602][ T41] ? kthread_complete_and_exit+0x40/0x40
[ 65.560247][ T41] ret_from_fork+0x1f/0x30
[ 65.564674][ T41]
[ 65.572491][ T5298] XFS (loop0): Quotacheck: Done.
[ 65.594506][ T5080] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x55555568b660 /* 2 entries */, 32768) = 48
getdents64(4, 0x55555568b660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555555683620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)