./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1438843518 <...> Warning: Permanently added '10.128.0.154' (ED25519) to the list of known hosts. execve("./syz-executor1438843518", ["./syz-executor1438843518"], 0x7fff6ee3f780 /* 10 vars */) = 0 brk(NULL) = 0x5555806b3000 brk(0x5555806b3d00) = 0x5555806b3d00 arch_prctl(ARCH_SET_FS, 0x5555806b3380) = 0 set_tid_address(0x5555806b3650) = 5835 set_robust_list(0x5555806b3660, 24) = 0 rseq(0x5555806b3ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1438843518", 4096) = 28 getrandom("\x6a\x71\xd6\xbf\x91\x6c\x40\x65", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555806b3d00 brk(0x5555806d4d00) = 0x5555806d4d00 brk(0x5555806d5000) = 0x5555806d5000 mprotect(0x7fad65416000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 getrandom("\xea\xce\xb6\x6f\xc8\xec\x86\x56", 8, GRND_NONBLOCK) = 8 mkdir("./syzkaller.Obvi5f", 0700) = 0 chmod("./syzkaller.Obvi5f", 0777) = 0 chdir("./syzkaller.Obvi5f") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached [pid 5836] set_robust_list(0x5555806b3660, 24) = 0 [pid 5836] chdir("./0") = 0 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5835] <... clone resumed>, child_tidptr=0x5555806b3650) = 5836 [pid 5836] <... prctl resumed>) = 0 [pid 5836] setpgid(0, 0) = 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5836] write(3, "1000", 4) = 4 [pid 5836] close(3) = 0 [pid 5836] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5836] write(1, "executing program\n", 18executing program ) = 18 [pid 5836] memfd_create("syzkaller", 0) = 3 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad5ce00000 [pid 5836] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5836] munmap(0x7fad5ce00000, 138412032) = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5836] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5836] close(3) = 0 [pid 5836] close(4) = 0 [pid 5836] mkdir("./file1", 0777) = 0 [pid 5836] mount("/dev/loop0", "./file1", "jfs", MS_DIRSYNC|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL, "") = 0 [pid 5836] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 91.090926][ T5836] loop0: detected capacity change from 0 to 32768 [pid 5836] chdir("./file1") = 0 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5836] open("./file1", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_LARGEFILE|O_NOATIME|0x3c, 006) = 4 [pid 5836] exit_group(0) = ? [pid 5836] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=20 /* 0.20 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555806b46f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 91.266092][ T113] ------------[ cut here ]------------ [ 91.271782][ T113] WARNING: CPU: 1 PID: 113 at fs/jfs/jfs_dmap.c:2863 dbAdjTree+0x483/0x590 [ 91.280449][ T113] Modules linked in: [ 91.284423][ T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 91.296280][ T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 91.306382][ T113] RIP: 0010:dbAdjTree+0x483/0x590 [ 91.311413][ T113] Code: c5 64 fe eb 0c e8 9d c5 64 fe eb 05 e8 96 c5 64 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6e 49 b2 fd e8 7e c5 64 fe 90 <0f> 0b 90 eb e2 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c b1 fb ff ff 48 [ 91.331081][ T113] RSP: 0018:ffffc90002d9f9b0 EFLAGS: 00010293 [ 91.337222][ T113] RAX: ffffffff835df7a2 RBX: 0000000000000155 RCX: ffff888020331e00 [ 91.345372][ T113] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 000000005ff20056 [ 91.353430][ T113] RBP: ffff88807968e018 R08: ffffffff835df377 R09: 1ffffd40003cb470 [ 91.361424][ T113] R10: dffffc0000000000 R11: fffff940003cb471 R12: 000000005ff20056 [ 91.369447][ T113] R13: 0000000000000004 R14: dffffc0000000000 R15: ffff88807968e010 [ 91.377459][ T113] FS: 0000000000000000(0000) GS:ffff88812509a000(0000) knlGS:0000000000000000 [ 91.386445][ T113] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.393058][ T113] CR2: 000000000045bdd0 CR3: 00000000795ec000 CR4: 0000000000350ef0 [ 91.401024][ T113] Call Trace: [ 91.404355][ T113] [ 91.407292][ T113] ? __pfx_lock_metapage+0x10/0x10 [ 91.412468][ T113] dbJoin+0x255/0x310 [ 91.416482][ T113] dbFreeBits+0x4ea/0xdd0 [ 91.420820][ T113] dbFree+0x35c/0x680 [ 91.424954][ T113] txFreeMap+0x798/0xd50 [ 91.429222][ T113] txUpdateMap+0x353/0xb20 [ 91.433696][ T113] ? __pfx_txUpdateMap+0x10/0x10 [ 91.438701][ T113] ? schedule+0x90/0x360 [ 91.443105][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.448770][ T113] jfs_lazycommit+0x49c/0xba0 [ 91.453492][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.459146][ T113] ? lockdep_hardirqs_on+0x9d/0x150 [ 91.464418][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.469696][ T113] ? __pfx_default_wake_function+0x10/0x10 [ 91.475612][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.481281][ T113] ? __kthread_parkme+0x1a8/0x200 [ 91.486395][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.491652][ T113] kthread+0x7b9/0x940 [ 91.495810][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.501023][ T113] ? __pfx_kthread+0x10/0x10 [ 91.505663][ T113] ? __pfx_kthread+0x10/0x10 [ 91.510274][ T113] ? __pfx_kthread+0x10/0x10 [ 91.514906][ T113] ? __pfx_kthread+0x10/0x10 [ 91.519516][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.525204][ T113] ? lockdep_hardirqs_on+0x9d/0x150 [ 91.530425][ T113] ? __pfx_kthread+0x10/0x10 [ 91.535083][ T113] ret_from_fork+0x4d/0x80 [ 91.539522][ T113] ? __pfx_kthread+0x10/0x10 [ 91.544192][ T113] ret_from_fork_asm+0x1a/0x30 [ 91.548987][ T113] [ 91.551999][ T113] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 91.559274][ T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 91.571172][ T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 91.581236][ T113] Call Trace: [ 91.584527][ T113] [ 91.587456][ T113] dump_stack_lvl+0x241/0x360 [ 91.592154][ T113] ? __pfx_dump_stack_lvl+0x10/0x10 [ 91.597372][ T113] ? __pfx__printk+0x10/0x10 [ 91.601979][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.607623][ T113] ? vscnprintf+0x5d/0x90 [ 91.611971][ T113] panic+0x349/0x880 [ 91.615884][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.621529][ T113] ? __warn+0x174/0x4d0 [ 91.625698][ T113] ? __pfx_panic+0x10/0x10 [ 91.630138][ T113] ? ret_from_fork_asm+0x1a/0x30 [ 91.635085][ T113] __warn+0x344/0x4d0 [ 91.639079][ T113] ? dbAdjTree+0x483/0x590 [ 91.643523][ T113] report_bug+0x2b3/0x500 [ 91.647865][ T113] ? dbAdjTree+0x483/0x590 [ 91.652285][ T113] ? dbAdjTree+0x483/0x590 [ 91.656706][ T113] ? dbAdjTree+0x485/0x590 [ 91.661126][ T113] handle_bug+0x89/0x170 [ 91.665463][ T113] exc_invalid_op+0x1a/0x50 [ 91.669976][ T113] asm_exc_invalid_op+0x1a/0x20 [ 91.674829][ T113] RIP: 0010:dbAdjTree+0x483/0x590 [ 91.679858][ T113] Code: c5 64 fe eb 0c e8 9d c5 64 fe eb 05 e8 96 c5 64 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6e 49 b2 fd e8 7e c5 64 fe 90 <0f> 0b 90 eb e2 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c b1 fb ff ff 48 [ 91.699475][ T113] RSP: 0018:ffffc90002d9f9b0 EFLAGS: 00010293 [ 91.705559][ T113] RAX: ffffffff835df7a2 RBX: 0000000000000155 RCX: ffff888020331e00 [ 91.713536][ T113] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 000000005ff20056 [ 91.721507][ T113] RBP: ffff88807968e018 R08: ffffffff835df377 R09: 1ffffd40003cb470 [ 91.729488][ T113] R10: dffffc0000000000 R11: fffff940003cb471 R12: 000000005ff20056 [ 91.737467][ T113] R13: 0000000000000004 R14: dffffc0000000000 R15: ffff88807968e010 [ 91.745462][ T113] ? dbAdjTree+0x57/0x590 [ 91.749805][ T113] ? dbAdjTree+0x482/0x590 [ 91.754238][ T113] ? __pfx_lock_metapage+0x10/0x10 [ 91.759370][ T113] dbJoin+0x255/0x310 [ 91.763367][ T113] dbFreeBits+0x4ea/0xdd0 [ 91.767715][ T113] dbFree+0x35c/0x680 [ 91.771712][ T113] txFreeMap+0x798/0xd50 [ 91.775970][ T113] txUpdateMap+0x353/0xb20 [ 91.780413][ T113] ? __pfx_txUpdateMap+0x10/0x10 [ 91.785353][ T113] ? schedule+0x90/0x360 [ 91.789617][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.795263][ T113] jfs_lazycommit+0x49c/0xba0 [ 91.800117][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.805758][ T113] ? lockdep_hardirqs_on+0x9d/0x150 [ 91.810969][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.816170][ T113] ? __pfx_default_wake_function+0x10/0x10 [ 91.821992][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.827629][ T113] ? __kthread_parkme+0x1a8/0x200 [ 91.832659][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.837860][ T113] kthread+0x7b9/0x940 [ 91.841939][ T113] ? __pfx_jfs_lazycommit+0x10/0x10 [ 91.847142][ T113] ? __pfx_kthread+0x10/0x10 [ 91.851737][ T113] ? __pfx_kthread+0x10/0x10 [ 91.856331][ T113] ? __pfx_kthread+0x10/0x10 [ 91.860935][ T113] ? __pfx_kthread+0x10/0x10 [ 91.865536][ T113] ? srso_alias_return_thunk+0x5/0xfbef5 [ 91.871178][ T113] ? lockdep_hardirqs_on+0x9d/0x150 [ 91.876381][ T113] ? __pfx_kthread+0x10/0x10 [ 91.880979][ T113] ret_from_fork+0x4d/0x80 [ 91.885397][ T113] ? __pfx_kthread+0x10/0x10 [ 91.890167][ T113] ret_from_fork_asm+0x1a/0x30 [ 91.894957][ T113] [ 91.898241][ T113] Kernel Offset: disabled [ 91.902566][ T113] Rebooting in 86400 seconds..