./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor140625400
<...>
Warning: Permanently added '10.128.0.219' (ED25519) to the list of known hosts.
execve("./syz-executor140625400", ["./syz-executor140625400"], 0x7ffccde9d630 /* 10 vars */) = 0
brk(NULL) = 0x5555929a5000
brk(0x5555929a5d00) = 0x5555929a5d00
arch_prctl(ARCH_SET_FS, 0x5555929a5380) = 0
set_tid_address(0x5555929a5650) = 5215
set_robust_list(0x5555929a5660, 24) = 0
rseq(0x5555929a5ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor140625400", 4096) = 27
getrandom("\x65\x6c\x86\xda\xf0\x1c\xb5\xcb", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555929a5d00
brk(0x5555929c6d00) = 0x5555929c6d00
brk(0x5555929c7000) = 0x5555929c7000
mprotect(0x7fc314169000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.09cjtW", 0700) = 0
chmod("./syzkaller.09cjtW", 0777) = 0
chdir("./syzkaller.09cjtW") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555929a5650) = 5216
./strace-static-x86_64: Process 5216 attached
[pid 5216] set_robust_list(0x5555929a5660, 24) = 0
[pid 5216] chdir("./0") = 0
[pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5216] setpgid(0, 0) = 0
[pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5216] write(3, "1000", 4) = 4
[pid 5216] close(3) = 0
[pid 5216] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 5216] write(1, "executing program\n", 18) = 18
[pid 5216] memfd_create("syzkaller", 0) = 3
[pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc30bc00000
[pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5216] munmap(0x7fc30bc00000, 138412032) = 0
[pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5216] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5216] close(3) = 0
[pid 5216] close(4) = 0
[pid 5216] mkdir("./file0", 0777) = 0
[ 73.918161][ T5216] loop0: detected capacity change from 0 to 32768
[ 73.949852][ T5216] =======================================================
[ 73.949852][ T5216] WARNING: The mand mount option has been deprecated and
[pid 5216] mount("/dev/loop0", "./file0", "jfs", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME|MS_POSIXACL|MS_LAZYTIME, "discard,iocharset=cp855,errors=remount-ro,integrity,nodiscard,discard=0x0000000000000008,errors=cont"...) = 0
[pid 5216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5216] chdir("./file0") = 0
[pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[ 73.949852][ T5216] and is ignored by this kernel. Remove the mand
[ 73.949852][ T5216] option from the mount to silence this warning.
[ 73.949852][ T5216] =======================================================
[pid 5216] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000) = 4
[pid 5216] mount("/dev/loop0", "./bus", NULL, MS_BIND|MS_REC, NULL) = 0
[pid 5216] exit_group(0) = ?
[pid 5216] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 74.034628][ T29] audit: type=1800 audit(1727360509.909:2): pid=5216 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor140" name="bus" dev="loop0" ino=7 res=0 errno=0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555929a66f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0755, st_size=48, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=48, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555929ae730 /* 8 entries */, 32768) = 232
umount2("./0/file0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0/bus", {st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/file0/bus") = 0
umount2("./0/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/file0/file.cold") = 0
umount2("./0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0/file0", {st_mode=S_IFDIR|0755, st_size=16, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5
newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=16, ...}, AT_EMPTY_PATH) = 0
getdents64(5, 0x5555929b6770 /* 4 entries */, 32768) = 112
umount2("./0/file0/file0/?ile0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "./0/file0/file0/?ile0", 0x7ffd9d3aa590, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
exit_group(1) = ?
+++ exited with 1 +++
[ 79.059312][ T112] ------------[ cut here ]------------
[ 79.064935][ T112] WARNING: CPU: 0 PID: 112 at fs/jfs/jfs_dmap.c:2875 dbAdjTree+0x420/0x520
[ 79.073729][ T112] Modules linked in:
[ 79.077796][ T112] CPU: 0 UID: 0 PID: 112 Comm: jfsCommit Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[ 79.088095][ T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 79.098298][ T112] RIP: 0010:dbAdjTree+0x420/0x520
[ 79.103365][ T112] Code: 9f 6b fe eb 0c e8 50 9f 6b fe eb 05 e8 49 9f 6b fe 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 31 9f 6b fe 90 <0f> 0b 90 eb e2 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 14 fc ff ff 48
[ 79.123171][ T112] RSP: 0018:ffffc9000262f4f8 EFLAGS: 00010293
[ 79.129429][ T112] RAX: ffffffff832915bf RBX: 0000000000000155 RCX: ffff88801e311e00
[ 79.137584][ T112] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[ 79.145600][ T112] RBP: ffff88807b53d018 R08: ffffffff832911f7 R09: 1ffffd40003da9e8
[ 79.153711][ T112] R10: dffffc0000000000 R11: fffff940003da9e9 R12: dffffc0000000000
[ 79.161806][ T112] R13: 0000000000000004 R14: ffff88807b53d010 R15: 0000000000020056
[ 79.169889][ T112] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 79.178928][ T112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 79.185627][ T112] CR2: 0000000000672720 CR3: 000000000e734000 CR4: 00000000003506f0
[ 79.193731][ T112] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 79.202360][ T112] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 79.210438][ T112] Call Trace:
[ 79.213780][ T112]
[ 79.216857][ T112] ? __warn+0x168/0x4e0
[ 79.221114][ T112] ? dbAdjTree+0x420/0x520
[ 79.225618][ T112] ? report_bug+0x2b3/0x500
[ 79.231054][ T112] ? dbAdjTree+0x420/0x520
[ 79.235678][ T112] ? handle_bug+0x60/0x90
[ 79.240272][ T112] ? exc_invalid_op+0x1a/0x50
[ 79.245123][ T112] ? asm_exc_invalid_op+0x1a/0x20
[ 79.250255][ T112] ? dbAdjTree+0x57/0x520
[ 79.254647][ T112] ? dbAdjTree+0x41f/0x520
[ 79.259202][ T112] ? dbAdjTree+0x420/0x520
[ 79.263756][ T112] ? dbAdjTree+0x41f/0x520
[ 79.268521][ T112] ? folio_mark_accessed+0x6f6/0x11b0
[ 79.273976][ T112] ? __pfx_reacquire_held_locks+0x10/0x10
[ 79.279842][ T112] dbJoin+0x255/0x310
[ 79.283886][ T112] ? do_read_cache_folio+0x77a/0x850
[ 79.289264][ T112] dbFreeBits+0x4db/0xd90
[ 79.293658][ T112] dbFree+0x35b/0x680
[ 79.297859][ T112] txFreeMap+0x96a/0xd50
[ 79.302343][ T112] ? _raw_spin_unlock+0x28/0x50
[ 79.307319][ T112] ? __mark_inode_dirty+0x5b2/0xe90
[ 79.312613][ T112] xtTruncate+0xe65/0x3270
[ 79.317240][ T112] ? __pfx_xtTruncate+0x10/0x10
[ 79.322161][ T112] jfs_free_zero_link+0x46e/0x6e0
[ 79.327327][ T112] ? inode_wait_for_writeback+0x111/0x2a0
[ 79.333112][ T112] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 79.338808][ T112] jfs_evict_inode+0x35f/0x440
[ 79.343618][ T112] ? __pfx_jfs_evict_inode+0x10/0x10
[ 79.348998][ T112] evict+0x4e8/0x9b0
[ 79.352941][ T112] ? __pfx_evict+0x10/0x10
[ 79.357470][ T112] ? iput+0x713/0xa50
[ 79.361495][ T112] txUpdateMap+0x931/0xb10
[ 79.366134][ T112] ? __pfx_txUpdateMap+0x10/0x10
[ 79.371184][ T112] jfs_lazycommit+0x49a/0xb80
[ 79.375918][ T112] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 79.382113][ T112] ? lockdep_hardirqs_on+0x99/0x150
[ 79.387481][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.392733][ T112] ? __pfx_default_wake_function+0x10/0x10
[ 79.398670][ T112] ? __kthread_parkme+0x169/0x1d0
[ 79.403751][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.409061][ T112] kthread+0x2f0/0x390
[ 79.413176][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.418530][ T112] ? __pfx_kthread+0x10/0x10
[ 79.423180][ T112] ret_from_fork+0x4b/0x80
[ 79.427770][ T112] ? __pfx_kthread+0x10/0x10
[ 79.432439][ T112] ret_from_fork_asm+0x1a/0x30
[ 79.437368][ T112]
[ 79.440506][ T112] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 79.447909][ T112] CPU: 0 UID: 0 PID: 112 Comm: jfsCommit Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[ 79.458067][ T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 79.468127][ T112] Call Trace:
[ 79.471430][ T112]
[ 79.474814][ T112] dump_stack_lvl+0x241/0x360
[ 79.479512][ T112] ? __pfx_dump_stack_lvl+0x10/0x10
[ 79.484758][ T112] ? __pfx__printk+0x10/0x10
[ 79.489384][ T112] ? _printk+0xd5/0x120
[ 79.493653][ T112] ? __init_begin+0x41000/0x41000
[ 79.498717][ T112] ? vscnprintf+0x5d/0x90
[ 79.503169][ T112] panic+0x349/0x880
[ 79.507079][ T112] ? __warn+0x177/0x4e0
[ 79.511244][ T112] ? __pfx_panic+0x10/0x10
[ 79.515681][ T112] ? show_trace_log_lvl+0x3b2/0x410
[ 79.521454][ T112] ? ret_from_fork_asm+0x1a/0x30
[ 79.526417][ T112] __warn+0x34b/0x4e0
[ 79.530431][ T112] ? dbAdjTree+0x420/0x520
[ 79.534893][ T112] report_bug+0x2b3/0x500
[ 79.539298][ T112] ? dbAdjTree+0x420/0x520
[ 79.543774][ T112] handle_bug+0x60/0x90
[ 79.547971][ T112] exc_invalid_op+0x1a/0x50
[ 79.552506][ T112] asm_exc_invalid_op+0x1a/0x20
[ 79.557377][ T112] RIP: 0010:dbAdjTree+0x420/0x520
[ 79.562535][ T112] Code: 9f 6b fe eb 0c e8 50 9f 6b fe eb 05 e8 49 9f 6b fe 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 31 9f 6b fe 90 <0f> 0b 90 eb e2 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 14 fc ff ff 48
[ 79.583644][ T112] RSP: 0018:ffffc9000262f4f8 EFLAGS: 00010293
[ 79.590106][ T112] RAX: ffffffff832915bf RBX: 0000000000000155 RCX: ffff88801e311e00
[ 79.598116][ T112] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[ 79.606099][ T112] RBP: ffff88807b53d018 R08: ffffffff832911f7 R09: 1ffffd40003da9e8
[ 79.614087][ T112] R10: dffffc0000000000 R11: fffff940003da9e9 R12: dffffc0000000000
[ 79.622284][ T112] R13: 0000000000000004 R14: ffff88807b53d010 R15: 0000000000020056
[ 79.630299][ T112] ? dbAdjTree+0x57/0x520
[ 79.634693][ T112] ? dbAdjTree+0x41f/0x520
[ 79.639318][ T112] ? dbAdjTree+0x41f/0x520
[ 79.643760][ T112] ? folio_mark_accessed+0x6f6/0x11b0
[ 79.649146][ T112] ? __pfx_reacquire_held_locks+0x10/0x10
[ 79.654879][ T112] dbJoin+0x255/0x310
[ 79.658894][ T112] ? do_read_cache_folio+0x77a/0x850
[ 79.664231][ T112] dbFreeBits+0x4db/0xd90
[ 79.668600][ T112] dbFree+0x35b/0x680
[ 79.672624][ T112] txFreeMap+0x96a/0xd50
[ 79.676900][ T112] ? _raw_spin_unlock+0x28/0x50
[ 79.681851][ T112] ? __mark_inode_dirty+0x5b2/0xe90
[ 79.687094][ T112] xtTruncate+0xe65/0x3270
[ 79.691837][ T112] ? __pfx_xtTruncate+0x10/0x10
[ 79.696747][ T112] jfs_free_zero_link+0x46e/0x6e0
[ 79.701797][ T112] ? inode_wait_for_writeback+0x111/0x2a0
[ 79.707535][ T112] ? __pfx_jfs_free_zero_link+0x10/0x10
[ 79.713193][ T112] jfs_evict_inode+0x35f/0x440
[ 79.718072][ T112] ? __pfx_jfs_evict_inode+0x10/0x10
[ 79.723376][ T112] evict+0x4e8/0x9b0
[ 79.727299][ T112] ? __pfx_evict+0x10/0x10
[ 79.731729][ T112] ? iput+0x713/0xa50
[ 79.735735][ T112] txUpdateMap+0x931/0xb10
[ 79.740171][ T112] ? __pfx_txUpdateMap+0x10/0x10
[ 79.745134][ T112] jfs_lazycommit+0x49a/0xb80
[ 79.749825][ T112] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 79.755905][ T112] ? lockdep_hardirqs_on+0x99/0x150
[ 79.761123][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.766334][ T112] ? __pfx_default_wake_function+0x10/0x10
[ 79.772184][ T112] ? __kthread_parkme+0x169/0x1d0
[ 79.777444][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.782856][ T112] kthread+0x2f0/0x390
[ 79.786947][ T112] ? __pfx_jfs_lazycommit+0x10/0x10
[ 79.792250][ T112] ? __pfx_kthread+0x10/0x10
[ 79.796938][ T112] ret_from_fork+0x4b/0x80
[ 79.801381][ T112] ? __pfx_kthread+0x10/0x10
[ 79.806082][ T112] ret_from_fork_asm+0x1a/0x30
[ 79.810969][ T112]
[ 79.814303][ T112] Kernel Offset: disabled
[ 79.818764][ T112] Rebooting in 86400 seconds..