./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2779829349
<...>
Warning: Permanently added '10.128.1.175' (ED25519) to the list of known hosts.
execve("./syz-executor2779829349", ["./syz-executor2779829349"], 0x7ffc8eb22dd0 /* 10 vars */) = 0
brk(NULL) = 0x55556e85e000
brk(0x55556e85ed00) = 0x55556e85ed00
arch_prctl(ARCH_SET_FS, 0x55556e85e380) = 0
set_tid_address(0x55556e85e650) = 5833
set_robust_list(0x55556e85e660, 24) = 0
rseq(0x55556e85eca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2779829349", 4096) = 28
getrandom("\x8e\xcf\xcb\x8f\x90\x7a\x1e\xac", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556e85ed00
brk(0x55556e87fd00) = 0x55556e87fd00
brk(0x55556e880000) = 0x55556e880000
mprotect(0x7f83f2723000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.dviKZX", 0700) = 0
chmod("./syzkaller.dviKZX", 0777) = 0
chdir("./syzkaller.dviKZX") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5835 attached
, child_tidptr=0x55556e85e650) = 5835
[pid 5835] set_robust_list(0x55556e85e660, 24) = 0
[pid 5835] chdir("./0") = 0
[pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5835] setpgid(0, 0) = 0
[pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5835] write(3, "1000", 4) = 4
[pid 5835] close(3) = 0
[pid 5835] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5835] write(1, "executing program\n", 18executing program
) = 18
[pid 5835] memfd_create("syzkaller", 0) = 3
[pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5835] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5835] munmap(0x7f83ea200000, 138412032) = 0
[pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5835] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5835] close(3) = 0
[pid 5835] close(4) = 0
[pid 5835] mkdir("./file1", 0777) = 0
[ 77.062680][ T5835] loop0: detected capacity change from 0 to 32768
[ 77.096139][ T5835] =======================================================
[ 77.096139][ T5835] WARNING: The mand mount option has been deprecated and
[pid 5835] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5835] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5835] chdir("./file1") = 0
[ 77.096139][ T5835] and is ignored by this kernel. Remove the mand
[ 77.096139][ T5835] option from the mount to silence this warning.
[ 77.096139][ T5835] =======================================================
[ 77.152022][ T5835] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5835] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5835] lseek(4, -4, SEEK_END) = 5497558139188
[pid 5835] getdents(4, NULL /* 0 entries */, 84) = 0
[pid 5835] exit_group(0) = ?
[pid 5835] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5835, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 77.218273][ T5835] (syz-executor277,5835,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55556e85f6f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55556e867730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55556e867730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file1") = 0
getdents64(3, 0x55556e85f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
[ 77.346412][ T5833] ocfs2: Unmounting device (7,0) on (node local)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5838 attached
, child_tidptr=0x55556e85e650) = 5838
[pid 5838] set_robust_list(0x55556e85e660, 24) = 0
[pid 5838] chdir("./1") = 0
[pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5838] setpgid(0, 0) = 0
[pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5838] write(3, "1000", 4) = 4
[pid 5838] close(3) = 0
[pid 5838] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5838] write(1, "executing program\n", 18executing program
) = 18
[pid 5838] memfd_create("syzkaller", 0) = 3
[pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5838] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5838] munmap(0x7f83ea200000, 138412032) = 0
[pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5838] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5838] close(3) = 0
[pid 5838] close(4) = 0
[pid 5838] mkdir("./file1", 0777) = 0
[ 77.750040][ T5838] loop0: detected capacity change from 0 to 32768
[pid 5838] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5838] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5838] chdir("./file1") = 0
[pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5838] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5838] lseek(4, -4, SEEK_END) = 5497558139188
[ 77.802204][ T5838] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid 5838] getdents(4, NULL /* 0 entries */, 84) = 0
[pid 5838] exit_group(0) = ?
[pid 5838] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} ---
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 77.856258][ T5838] (syz-executor277,5838,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55556e85f6f0 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55556e867730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55556e867730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file1") = 0
getdents64(3, 0x55556e85f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
[ 78.004897][ T5833] ocfs2: Unmounting device (7,0) on (node local)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached
, child_tidptr=0x55556e85e650) = 5841
[pid 5841] set_robust_list(0x55556e85e660, 24) = 0
[pid 5841] chdir("./2") = 0
[pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5841] setpgid(0, 0) = 0
[pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5841] write(3, "1000", 4) = 4
[pid 5841] close(3) = 0
[pid 5841] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5841] write(1, "executing program\n", 18executing program
) = 18
[pid 5841] memfd_create("syzkaller", 0) = 3
[pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5841] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5841] munmap(0x7f83ea200000, 138412032) = 0
[pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5841] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5841] close(3) = 0
[pid 5841] close(4) = 0
[pid 5841] mkdir("./file1", 0777) = 0
[ 78.403282][ T5841] loop0: detected capacity change from 0 to 32768
[pid 5841] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5841] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5841] chdir("./file1") = 0
[pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5841] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5841] lseek(4, -4, SEEK_END) = 5497558139188
[pid 5841] getdents(4, NULL /* 0 entries */, 84) = 0
[pid 5841] exit_group(0) = ?
[pid 5841] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} ---
[ 78.447978][ T5841] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 78.463400][ T5841] (syz-executor277,5841,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=345369796431645952, rec_len=0, name_len=1
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55556e85f6f0 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 78.616703][ T5833] ocfs2: Unmounting device (7,0) on (node local)
openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55556e867730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55556e867730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file1") = 0
getdents64(3, 0x55556e85f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5844 attached
, child_tidptr=0x55556e85e650) = 5844
[pid 5844] set_robust_list(0x55556e85e660, 24) = 0
[pid 5844] chdir("./3") = 0
[pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5844] setpgid(0, 0) = 0
[pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5844] write(3, "1000", 4) = 4
[pid 5844] close(3) = 0
[pid 5844] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 5844] write(1, "executing program\n", 18) = 18
[pid 5844] memfd_create("syzkaller", 0) = 3
[pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5844] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5844] munmap(0x7f83ea200000, 138412032) = 0
[pid 5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5844] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5844] close(3) = 0
[pid 5844] close(4) = 0
[pid 5844] mkdir("./file1", 0777) = 0
[ 79.179288][ T5844] loop0: detected capacity change from 0 to 32768
[pid 5844] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5844] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5844] chdir("./file1") = 0
[pid 5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5844] openat(AT_FDCWD, ".", O_RDONLY) = 4
[ 79.225666][ T5844] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid 5844] lseek(4, -4, SEEK_END) = 5497558139188
[pid 5844] getdents(4, NULL /* 0 entries */, 84) = 0
[pid 5844] exit_group(0) = ?
[pid 5844] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=19 /* 0.19 s */} ---
[ 79.288236][ T5844] (syz-executor277,5844,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=26105, inode=0, rec_len=0, name_len=0
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55556e85f6f0 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55556e867730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55556e867730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file1") = 0
getdents64(3, 0x55556e85f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
[ 79.468541][ T5833] ocfs2: Unmounting device (7,0) on (node local)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5847 attached
, child_tidptr=0x55556e85e650) = 5847
[pid 5847] set_robust_list(0x55556e85e660, 24) = 0
[pid 5847] chdir("./4") = 0
[pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5847] setpgid(0, 0) = 0
[pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5847] write(3, "1000", 4) = 4
[pid 5847] close(3) = 0
[pid 5847] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5847] write(1, "executing program\n", 18executing program
) = 18
[pid 5847] memfd_create("syzkaller", 0) = 3
[pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5847] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5847] munmap(0x7f83ea200000, 138412032) = 0
[pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5847] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5847] close(3) = 0
[pid 5847] close(4) = 0
[pid 5847] mkdir("./file1", 0777) = 0
[ 79.852637][ T5847] loop0: detected capacity change from 0 to 32768
[pid 5847] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5847] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5847] chdir("./file1") = 0
[pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5847] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid 5847] lseek(4, -4, SEEK_END) = 5497558139188
[ 79.896766][ T5847] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid 5847] getdents(4, NULL /* 0 entries */, 84) = 0
[pid 5847] exit_group(0) = ?
[pid 5847] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5847, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} ---
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 79.950321][ T5847] (syz-executor277,5847,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=614668, inode=474003903753683488, rec_len=15, name_len=2
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55556e85f6f0 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 80.090351][ T5833] ocfs2: Unmounting device (7,0) on (node local)
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55556e867730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55556e867730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file1") = 0
getdents64(3, 0x55556e85f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached
, child_tidptr=0x55556e85e650) = 5850
[pid 5850] set_robust_list(0x55556e85e660, 24) = 0
[pid 5850] chdir("./5") = 0
[pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5850] setpgid(0, 0) = 0
[pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5850] write(3, "1000", 4) = 4
[pid 5850] close(3) = 0
[pid 5850] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 5850] write(1, "executing program\n", 18) = 18
[pid 5850] memfd_create("syzkaller", 0) = 3
[pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f83ea200000
[pid 5850] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid 5850] munmap(0x7f83ea200000, 138412032) = 0
[pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5850] close(3) = 0
[pid 5850] close(4) = 0
[pid 5850] mkdir("./file1", 0777) = 0
[ 80.681816][ T5850] loop0: detected capacity change from 0 to 32768
[pid 5850] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,coherency=full,noacl,") = 0
[pid 5850] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid 5850] chdir("./file1") = 0
[pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid 5850] openat(AT_FDCWD, ".", O_RDONLY) = 4
[ 80.732883][ T5850] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid 5850] lseek(4, -4, SEEK_END) = 5497558139188
[ 80.814542][ T5850] ==================================================================
[ 80.822644][ T5850] BUG: KASAN: use-after-free in ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 80.830654][ T5850] Read of size 2 at addr ffff8880757448c9 by task syz-executor277/5850
[ 80.838891][ T5850]
[ 80.841210][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor277 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[ 80.841231][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 80.841242][ T5850] Call Trace:
[ 80.841252][ T5850]
[ 80.841260][ T5850] dump_stack_lvl+0x241/0x360
[ 80.841285][ T5850] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.841304][ T5850] ? __pfx__printk+0x10/0x10
[ 80.841333][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841371][ T5850] ? _printk+0xd5/0x120
[ 80.841398][ T5850] ? __virt_addr_valid+0x183/0x530
[ 80.841425][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841456][ T5850] print_report+0x169/0x550
[ 80.841484][ T5850] ? __virt_addr_valid+0x183/0x530
[ 80.841511][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841539][ T5850] ? __virt_addr_valid+0x45f/0x530
[ 80.841565][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841593][ T5850] ? __phys_addr+0xba/0x170
[ 80.841620][ T5850] ? ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 80.841643][ T5850] kasan_report+0x143/0x180
[ 80.841672][ T5850] ? ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 80.841697][ T5850] ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 80.841722][ T5850] ? do_raw_spin_unlock+0x13c/0x8b0
[ 80.841745][ T5850] ? _raw_spin_unlock+0x28/0x50
[ 80.841777][ T5850] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 80.841800][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841828][ T5850] ? ocfs2_inode_lock_atime+0x25f/0x5b0
[ 80.841859][ T5850] ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[ 80.841889][ T5850] ? __pfx___might_resched+0x10/0x10
[ 80.841911][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.841942][ T5850] ocfs2_readdir+0x2a1/0x5e0
[ 80.841965][ T5850] ? __pfx_ocfs2_readdir+0x10/0x10
[ 80.841986][ T5850] ? down_write+0x18c/0x220
[ 80.842010][ T5850] ? __pfx_down_write+0x10/0x10
[ 80.842035][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.842063][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.842093][ T5850] ? __pfx_ocfs2_readdir+0x10/0x10
[ 80.842115][ T5850] wrap_directory_iterator+0x93/0xd0
[ 80.842142][ T5850] iterate_dir+0x5ab/0x760
[ 80.842168][ T5850] __se_sys_getdents+0x1fd/0x4e0
[ 80.842192][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.842220][ T5850] ? _raw_spin_unlock_irq+0x2e/0x50
[ 80.842238][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.842269][ T5850] ? __pfx___se_sys_getdents+0x10/0x10
[ 80.842294][ T5850] ? __pfx_filldir+0x10/0x10
[ 80.842319][ T5850] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 80.842349][ T5850] ? do_syscall_64+0x100/0x230
[ 80.842374][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 80.842403][ T5850] do_syscall_64+0xf3/0x230
[ 80.842429][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 80.842454][ T5850] RIP: 0033:0x7f83f26ab269
[ 80.842470][ T5850] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.842484][ T5850] RSP: 002b:00007ffc24332ce8 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 80.842503][ T5850] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f83f26ab269
[ 80.842516][ T5850] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[ 80.842527][ T5850] RBP: 0000000000000000 R08: 00007ffc24332d20 R09: 00007ffc24332d20
[ 80.842539][ T5850] R10: 00007ffc24332d20 R11: 0000000000000246 R12: 00007ffc24332d0c
[ 80.842551][ T5850] R13: 0000000000000005 R14: 431bde82d7b634db R15: 00007ffc24332d40
[ 80.842569][ T5850]
[ 80.842576][ T5850]
[ 81.179919][ T5850] The buggy address belongs to the physical page:
[ 81.186318][ T5850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x577 pfn:0x75744
[ 81.195247][ T5850] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 81.202356][ T5850] raw: 00fff00000000000 ffffea0001d5d0c8 ffffea0001d5d148 0000000000000000
[ 81.210928][ T5850] raw: 0000000000000577 0000000000000000 00000000ffffffff 0000000000000000
[ 81.219493][ T5850] page dumped because: kasan: bad access detected
[ 81.225899][ T5850] page_owner tracks the page as freed
[ 81.231248][ T5850] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 5847, tgid 5847 (syz-executor277), ts 79754964454, free_ts 80349848109
[ 81.249206][ T5850] post_alloc_hook+0x1f4/0x240
[ 81.253964][ T5850] get_page_from_freelist+0x365c/0x37a0
[ 81.259529][ T5850] __alloc_frozen_pages_noprof+0x292/0x710
[ 81.265334][ T5850] alloc_pages_mpol+0x311/0x660
[ 81.270174][ T5850] folio_alloc_mpol_noprof+0x36/0x70
[ 81.275454][ T5850] shmem_alloc_and_add_folio+0x4a0/0x1090
[ 81.281193][ T5850] shmem_get_folio_gfp+0x621/0x1840
[ 81.286406][ T5850] shmem_write_begin+0x165/0x350
[ 81.291342][ T5850] generic_perform_write+0x348/0x990
[ 81.296628][ T5850] shmem_file_write_iter+0xf9/0x120
[ 81.301821][ T5850] vfs_write+0xad1/0xd10
[ 81.306058][ T5850] ksys_write+0x18f/0x2b0
[ 81.310387][ T5850] do_syscall_64+0xf3/0x230
[ 81.314894][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.320782][ T5850] page last free pid 5833 tgid 5833 stack trace:
[ 81.327092][ T5850] free_unref_folios+0xe40/0x18b0
[ 81.332110][ T5850] folios_put_refs+0x76c/0x860
[ 81.336869][ T5850] shmem_undo_range+0x593/0x1820
[ 81.341798][ T5850] shmem_evict_inode+0x29b/0xa80
[ 81.346730][ T5850] evict+0x4ea/0x9a0
[ 81.350639][ T5850] __dentry_kill+0x20d/0x630
[ 81.355218][ T5850] dput+0x19f/0x2b0
[ 81.359014][ T5850] __fput+0x60b/0x9f0
[ 81.362984][ T5850] task_work_run+0x251/0x310
[ 81.367575][ T5850] ptrace_notify+0x2d2/0x380
[ 81.372177][ T5850] syscall_exit_work+0xc7/0x1d0
[ 81.377023][ T5850] syscall_exit_to_user_mode+0x24a/0x340
[ 81.382648][ T5850] do_syscall_64+0x100/0x230
[ 81.387253][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.393141][ T5850]
[ 81.395448][ T5850] Memory state around the buggy address:
[ 81.401060][ T5850] ffff888075744780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.409108][ T5850] ffff888075744800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.417153][ T5850] >ffff888075744880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.425197][ T5850] ^
[ 81.431593][ T5850] ffff888075744900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.439641][ T5850] ffff888075744980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.447686][ T5850] ==================================================================
[ 81.457047][ T5850] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 81.464254][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor277 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[ 81.475041][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 81.485089][ T5850] Call Trace:
[ 81.488358][ T5850]
[ 81.491278][ T5850] dump_stack_lvl+0x241/0x360
[ 81.495951][ T5850] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.501142][ T5850] ? __pfx__printk+0x10/0x10
[ 81.505754][ T5850] ? preempt_schedule+0xe1/0xf0
[ 81.510600][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.516236][ T5850] ? vscnprintf+0x5d/0x90
[ 81.520558][ T5850] panic+0x349/0x880
[ 81.524456][ T5850] ? check_panic_on_warn+0x21/0xb0
[ 81.529564][ T5850] ? __pfx_panic+0x10/0x10
[ 81.533979][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.539614][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.545253][ T5850] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 81.551227][ T5850] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.557548][ T5850] ? print_report+0x502/0x550
[ 81.562230][ T5850] check_panic_on_warn+0x86/0xb0
[ 81.567169][ T5850] ? ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 81.572797][ T5850] end_report+0x77/0x160
[ 81.577040][ T5850] kasan_report+0x154/0x180
[ 81.581545][ T5850] ? ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 81.587176][ T5850] ocfs2_dir_foreach_blk+0x132c/0x1b20
[ 81.592633][ T5850] ? do_raw_spin_unlock+0x13c/0x8b0
[ 81.597831][ T5850] ? _raw_spin_unlock+0x28/0x50
[ 81.602673][ T5850] ? __pfx_ocfs2_dir_foreach_blk+0x10/0x10
[ 81.608473][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.614105][ T5850] ? ocfs2_inode_lock_atime+0x25f/0x5b0
[ 81.619655][ T5850] ? __pfx_ocfs2_inode_lock_atime+0x10/0x10
[ 81.625552][ T5850] ? __pfx___might_resched+0x10/0x10
[ 81.630831][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.636467][ T5850] ocfs2_readdir+0x2a1/0x5e0
[ 81.641053][ T5850] ? __pfx_ocfs2_readdir+0x10/0x10
[ 81.646246][ T5850] ? down_write+0x18c/0x220
[ 81.650748][ T5850] ? __pfx_down_write+0x10/0x10
[ 81.655592][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.661224][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.666863][ T5850] ? __pfx_ocfs2_readdir+0x10/0x10
[ 81.671968][ T5850] wrap_directory_iterator+0x93/0xd0
[ 81.677255][ T5850] iterate_dir+0x5ab/0x760
[ 81.681674][ T5850] __se_sys_getdents+0x1fd/0x4e0
[ 81.686616][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.692267][ T5850] ? _raw_spin_unlock_irq+0x2e/0x50
[ 81.697468][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.703106][ T5850] ? __pfx___se_sys_getdents+0x10/0x10
[ 81.708563][ T5850] ? __pfx_filldir+0x10/0x10
[ 81.713153][ T5850] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 81.719565][ T5850] ? do_syscall_64+0x100/0x230
[ 81.724326][ T5850] ? srso_alias_return_thunk+0x5/0xfbef5
[ 81.729965][ T5850] do_syscall_64+0xf3/0x230
[ 81.734467][ T5850] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.740360][ T5850] RIP: 0033:0x7f83f26ab269
[ 81.744775][ T5850] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.764374][ T5850] RSP: 002b:00007ffc24332ce8 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 81.772782][ T5850] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f83f26ab269
[ 81.780749][ T5850] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000004
[ 81.788716][ T5850] RBP: 0000000000000000 R08: 00007ffc24332d20 R09: 00007ffc24332d20
[ 81.796691][ T5850] R10: 00007ffc24332d20 R11: 0000000000000246 R12: 00007ffc24332d0c
[ 81.804652][ T5850] R13: 0000000000000005 R14: 431bde82d7b634db R15: 00007ffc24332d40
[ 81.812620][ T5850]
[ 81.815862][ T5850] Kernel Offset: disabled
[ 81.820177][ T5850] Rebooting in 86400 seconds..