./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor522994706

<...>
Warning: Permanently added '10.128.1.29' (ED25519) to the list of known hosts.
execve("./syz-executor522994706", ["./syz-executor522994706"], 0x7fff9ac91730 /* 10 vars */) = 0
brk(NULL)                               = 0x555562583000
brk(0x555562583d00)                     = 0x555562583d00
arch_prctl(ARCH_SET_FS, 0x555562583380) = 0
set_tid_address(0x555562583650)         = 5828
set_robust_list(0x555562583660, 24)     = 0
rseq(0x555562583ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor522994706", 4096) = 27
getrandom("\x84\xf1\xd6\x8e\x8e\x8d\xff\x7c", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555562583d00
brk(0x5555625a4d00)                     = 0x5555625a4d00
brk(0x5555625a5000)                     = 0x5555625a5000
mprotect(0x7f7382e88000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.uYhca7", 0700)       = 0
chmod("./syzkaller.uYhca7", 0777)       = 0
chdir("./syzkaller.uYhca7")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached
, child_tidptr=0x555562583650) = 5830
[pid  5830] set_robust_list(0x555562583660, 24) = 0
[pid  5830] chdir("./0")                = 0
[pid  5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5830] setpgid(0, 0)               = 0
[pid  5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1000", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5830] write(1, "executing program\n", 18executing program
) = 18
[pid  5830] memfd_create("syzkaller", 0) = 3
[pid  5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f737a800000
[pid  5830] write(3, "\xeb\x76\x90\x45\x58\x46\x41\x54\x20\x20\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x08\x00\x00\x00\x88\x00\x00\x00\x0f\x00\x00\x00\x05\x00\x00\x00"..., 131072) = 131072
[pid  5830] munmap(0x7f737a800000, 138412032) = 0
[pid  5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5830] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5830] close(3)                    = 0
[pid  5830] close(4)                    = 0
[pid  5830] mkdir("./bus", 0777)        = 0
[   62.560933][ T5830] loop0: detected capacity change from 0 to 256
[   62.595803][ T5830] exfat: Deprecated parameter 'namecase'
[   62.601479][ T5830] exfat: Deprecated parameter 'utf8'
[pid  5830] mount("/dev/loop0", "./bus", "exfat", MS_DIRSYNC|MS_NODIRATIME|MS_RELATIME, "errors=continue,namecase=1,keep_last_dots,utf8,namecase=1,") = 0
[pid  5830] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid  5830] chdir("./bus")              = 0
[pid  5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[   62.607182][ T5830] exfat: Deprecated parameter 'namecase'
[   62.619714][ T5830] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[pid  5830] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", S_ISGID|010) = 0
[pid  5830] exit_group(0)               = ?
[pid  5830] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555625846f0 /* 4 entries */, 32768) = 104
[   62.671835][ T5830] exFAT-fs (loop0): error, in sector 160, dentry 12 should be unused, but 0x85
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
[   62.762895][ T5828] ------------[ cut here ]------------
[   62.768429][ T5828] VFS: brelse: Trying to free free buffer
[   62.774239][ T5828] WARNING: CPU: 1 PID: 5828 at fs/buffer.c:1229 invalidate_bh_lru+0x102/0x1b0
[   62.783094][ T5828] Modules linked in:
[   62.786988][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: syz-executor522 Not tainted 6.12.0-next-20241122-syzkaller #0
[   62.797214][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   62.807266][ T5828] RIP: 0010:invalidate_bh_lru+0x102/0x1b0
[   62.812981][ T5828] Code: 44 ee da ff f0 ff 0b eb 25 e8 ba fa 6f ff 41 80 3c 2e 00 75 2a eb 30 e8 ac fa 6f ff 90 48 c7 c7 20 e1 18 8c e8 2f 99 30 ff 90 <0f> 0b 90 90 48 bd 00 00 00 00 00 fc ff df 41 80 3c 2e 00 74 08 4c
[   62.832585][ T5828] RSP: 0018:ffffc90003cf78c8 EFLAGS: 00010046
[   62.838651][ T5828] RAX: e60a9415cbab7600 RBX: ffff888077f60d10 RCX: ffff88802fc10000
[   62.846614][ T5828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   62.854575][ T5828] RBP: 0000000000000000 R08: ffffffff81601b32 R09: 1ffff110170e519a
[   62.862536][ T5828] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff8880b8739838
[   62.870499][ T5828] R13: 0000000000000010 R14: 1ffff110170e7309 R15: ffff8880b8739848
[   62.878463][ T5828] FS:  0000555562583380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[   62.887384][ T5828] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   62.893961][ T5828] CR2: 000055556258c6f8 CR3: 0000000072c34000 CR4: 00000000003526f0
[   62.901927][ T5828] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   62.909889][ T5828] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   62.917851][ T5828] Call Trace:
[   62.921121][ T5828]  <TASK>
[   62.924085][ T5828]  ? __warn+0x168/0x4e0
[   62.928243][ T5828]  ? invalidate_bh_lru+0x102/0x1b0
[   62.933353][ T5828]  ? report_bug+0x2b3/0x500
[   62.937884][ T5828]  ? invalidate_bh_lru+0x102/0x1b0
[   62.942994][ T5828]  ? handle_bug+0x60/0x90
[   62.947320][ T5828]  ? exc_invalid_op+0x1a/0x50
[   62.951999][ T5828]  ? asm_exc_invalid_op+0x1a/0x20
[   62.957018][ T5828]  ? __warn_printk+0x292/0x360
[   62.961776][ T5828]  ? invalidate_bh_lru+0x102/0x1b0
[   62.966896][ T5828]  ? invalidate_bh_lru+0x101/0x1b0
[   62.972013][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   62.977469][ T5828]  smp_call_function_many_cond+0x1760/0x2ca0
[   62.983447][ T5828]  ? __pfx_has_bh_in_lru+0x10/0x10
[   62.988555][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   62.994023][ T5828]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[   63.000351][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   63.005807][ T5828]  ? __pfx_has_bh_in_lru+0x10/0x10
[   63.010922][ T5828]  on_each_cpu_cond_mask+0x3f/0x80
[   63.016034][ T5828]  blkdev_flush_mapping+0xfe/0x270
[   63.021172][ T5828]  ? bdev_release+0x456/0x700
[   63.025847][ T5828]  bdev_release+0x460/0x700
[   63.030375][ T5828]  blkdev_release+0x15/0x20
[   63.034966][ T5828]  ? __pfx_blkdev_release+0x10/0x10
[   63.040163][ T5828]  __fput+0x23c/0xa50
[   63.044146][ T5828]  task_work_run+0x24f/0x310
[   63.048734][ T5828]  ? __pfx_task_work_run+0x10/0x10
[   63.053843][ T5828]  ? path_umount+0x284/0xf70
[   63.058439][ T5828]  ptrace_notify+0x2d2/0x380
[   63.063024][ T5828]  ? __pfx_ptrace_notify+0x10/0x10
[   63.068137][ T5828]  ? kmem_cache_free+0x195/0x410
[   63.073078][ T5828]  ? __x64_sys_umount+0x123/0x170
[   63.078099][ T5828]  syscall_exit_work+0xe3/0x220
[   63.082944][ T5828]  syscall_exit_to_user_mode+0x24a/0x340
[   63.088575][ T5828]  do_syscall_64+0x100/0x230
[   63.093163][ T5828]  ? clear_bhb_loop+0x35/0x90
[   63.097840][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.103733][ T5828] RIP: 0033:0x7f7382e14407
[   63.108151][ T5828] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[   63.127750][ T5828] RSP: 002b:00007ffdd8261738 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   63.136160][ T5828] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f7382e14407
[   63.144122][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd82617f0
[   63.152085][ T5828] RBP: 00007ffdd82617f0 R08: 0000000000000000 R09: 0000000000000000
[   63.160051][ T5828] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffdd8262850
[   63.168042][ T5828] R13: 00005555625846c0 R14: 0000000000000001 R15: 431bde82d7b634db
[   63.176039][ T5828]  </TASK>
[   63.179066][ T5828] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   63.186340][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: syz-executor522 Not tainted 6.12.0-next-20241122-syzkaller #0
[   63.196566][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.206609][ T5828] Call Trace:
[   63.209908][ T5828]  <TASK>
[   63.212832][ T5828]  dump_stack_lvl+0x241/0x360
[   63.217517][ T5828]  ? __pfx_dump_stack_lvl+0x10/0x10
[   63.222710][ T5828]  ? __pfx__printk+0x10/0x10
[   63.227301][ T5828]  ? vscnprintf+0x5d/0x90
[   63.231628][ T5828]  panic+0x349/0x880
[   63.235526][ T5828]  ? __warn+0x177/0x4e0
[   63.239677][ T5828]  ? __pfx_panic+0x10/0x10
[   63.244099][ T5828]  __warn+0x34b/0x4e0
[   63.248071][ T5828]  ? invalidate_bh_lru+0x102/0x1b0
[   63.253180][ T5828]  report_bug+0x2b3/0x500
[   63.257508][ T5828]  ? invalidate_bh_lru+0x102/0x1b0
[   63.262620][ T5828]  handle_bug+0x60/0x90
[   63.266769][ T5828]  exc_invalid_op+0x1a/0x50
[   63.271262][ T5828]  asm_exc_invalid_op+0x1a/0x20
[   63.276112][ T5828] RIP: 0010:invalidate_bh_lru+0x102/0x1b0
[   63.281830][ T5828] Code: 44 ee da ff f0 ff 0b eb 25 e8 ba fa 6f ff 41 80 3c 2e 00 75 2a eb 30 e8 ac fa 6f ff 90 48 c7 c7 20 e1 18 8c e8 2f 99 30 ff 90 <0f> 0b 90 90 48 bd 00 00 00 00 00 fc ff df 41 80 3c 2e 00 74 08 4c
[   63.301435][ T5828] RSP: 0018:ffffc90003cf78c8 EFLAGS: 00010046
[   63.307499][ T5828] RAX: e60a9415cbab7600 RBX: ffff888077f60d10 RCX: ffff88802fc10000
[   63.315470][ T5828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   63.323432][ T5828] RBP: 0000000000000000 R08: ffffffff81601b32 R09: 1ffff110170e519a
[   63.331395][ T5828] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff8880b8739838
[   63.339358][ T5828] R13: 0000000000000010 R14: 1ffff110170e7309 R15: ffff8880b8739848
[   63.347328][ T5828]  ? __warn_printk+0x292/0x360
[   63.352093][ T5828]  ? invalidate_bh_lru+0x101/0x1b0
[   63.357200][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   63.362657][ T5828]  smp_call_function_many_cond+0x1760/0x2ca0
[   63.368636][ T5828]  ? __pfx_has_bh_in_lru+0x10/0x10
[   63.373765][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   63.379257][ T5828]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[   63.385617][ T5828]  ? __pfx_invalidate_bh_lru+0x10/0x10
[   63.391084][ T5828]  ? __pfx_has_bh_in_lru+0x10/0x10
[   63.396198][ T5828]  on_each_cpu_cond_mask+0x3f/0x80
[   63.401317][ T5828]  blkdev_flush_mapping+0xfe/0x270
[   63.406426][ T5828]  ? bdev_release+0x456/0x700
[   63.411122][ T5828]  bdev_release+0x460/0x700
[   63.415643][ T5828]  blkdev_release+0x15/0x20
[   63.420152][ T5828]  ? __pfx_blkdev_release+0x10/0x10
[   63.425354][ T5828]  __fput+0x23c/0xa50
[   63.429343][ T5828]  task_work_run+0x24f/0x310
[   63.433940][ T5828]  ? __pfx_task_work_run+0x10/0x10
[   63.439078][ T5828]  ? path_umount+0x284/0xf70
[   63.443708][ T5828]  ptrace_notify+0x2d2/0x380
[   63.448333][ T5828]  ? __pfx_ptrace_notify+0x10/0x10
[   63.453456][ T5828]  ? kmem_cache_free+0x195/0x410
[   63.458398][ T5828]  ? __x64_sys_umount+0x123/0x170
[   63.463422][ T5828]  syscall_exit_work+0xe3/0x220
[   63.468271][ T5828]  syscall_exit_to_user_mode+0x24a/0x340
[   63.473905][ T5828]  do_syscall_64+0x100/0x230
[   63.478489][ T5828]  ? clear_bhb_loop+0x35/0x90
[   63.483157][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.489050][ T5828] RIP: 0033:0x7f7382e14407
[   63.493458][ T5828] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8
[   63.513059][ T5828] RSP: 002b:00007ffdd8261738 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   63.521472][ T5828] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f7382e14407
[   63.529436][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd82617f0
[   63.537401][ T5828] RBP: 00007ffdd82617f0 R08: 0000000000000000 R09: 0000000000000000
[   63.545361][ T5828] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffdd8262850
[   63.553323][ T5828] R13: 00005555625846c0 R14: 0000000000000001 R15: 431bde82d7b634db
[   63.561303][ T5828]  </TASK>
[   63.564587][ T5828] Kernel Offset: disabled
[   63.568953][ T5828] Rebooting in 86400 seconds..