./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2533374635 <...> Warning: Permanently added '10.128.0.24' (ED25519) to the list of known hosts. execve("./syz-executor2533374635", ["./syz-executor2533374635"], 0x7ffd4f5fe4d0 /* 10 vars */) = 0 brk(NULL) = 0x555582b1f000 brk(0x555582b1fd00) = 0x555582b1fd00 arch_prctl(ARCH_SET_FS, 0x555582b1f380) = 0 set_tid_address(0x555582b1f650) = 5826 set_robust_list(0x555582b1f660, 24) = 0 rseq(0x555582b1fca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2533374635", 4096) = 28 getrandom("\x40\x39\x28\x6e\x3c\x56\xea\xc0", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555582b1fd00 brk(0x555582b40d00) = 0x555582b40d00 brk(0x555582b41000) = 0x555582b41000 mprotect(0x7fcb377d9000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.6tB9H7", 0700) = 0 chmod("./syzkaller.6tB9H7", 0777) = 0 chdir("./syzkaller.6tB9H7") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached , child_tidptr=0x555582b1f650) = 5828 [pid 5828] set_robust_list(0x555582b1f660, 24) = 0 [pid 5828] chdir("./0") = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5828] write(3, "1000", 4) = 4 [pid 5828] close(3) = 0 [pid 5828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] write(1, "executing program\n", 18executing program ) = 18 [pid 5828] sendmsg(-1, NULL, MSG_ZEROCOPY) = -1 EBADF (Bad file descriptor) [pid 5828] memfd_create("syzkaller", 0) = 3 [pid 5828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcb2f200000 [pid 5828] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5828] munmap(0x7fcb2f200000, 138412032) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5828] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5828] close(3) = 0 [pid 5828] close(4) = 0 [pid 5828] mkdir("./file0", 0777) = 0 [ 75.299175][ T5828] loop0: detected capacity change from 0 to 32768 [ 75.358778][ T5828] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 75.367407][ T5828] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 75.395971][ T5828] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 75.406427][ T8] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 75.413439][ T8] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 75.460377][ T8] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 46ms [ 75.469457][ T8] gfs2: fsid=syz:syz.0: jid=0: Done [ 75.475357][ T5828] gfs2: fsid=syz:syz.0: first mount done, others may mount [pid 5828] mount("/dev/loop0", "./file0", "gfs2", 0, "suiddir,lockproto=lock_nolock,quota,") = 0 [pid 5828] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5828] chdir("./file0") = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] exit_group(0) = ? [pid 5828] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5828, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=45 /* 0.45 s */} --- umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 75.744659][ T5828] gfs2: fsid=syz:syz.0: found 1 quota changes newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x555582b206f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 [ 75.888663][ T5826] ------------[ cut here ]------------ [ 75.894350][ T5826] WARNING: CPU: 0 PID: 5826 at ./include/linux/backing-dev.h:254 __folio_mark_dirty+0xa3a/0xe80 [ 75.904810][ T5826] Modules linked in: [ 75.908710][ T5826] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor253 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 [ 75.919824][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 75.929893][ T5826] RIP: 0010:__folio_mark_dirty+0xa3a/0xe80 [ 75.935759][ T5826] Code: e8 8b 70 c4 ff 4c 89 ef 48 8b 34 24 e8 2f 04 33 00 e9 4a fe ff ff e8 75 70 c4 ff 90 0f 0b 90 e9 08 fe ff ff e8 67 70 c4 ff 90 <0f> 0b 90 e9 00 fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c cc f7 [ 75.955383][ T5826] RSP: 0018:ffffc90003477688 EFLAGS: 00010093 [ 75.961463][ T5826] RAX: ffffffff81daedd9 RBX: 0000000000000000 RCX: ffff8880355b3c00 [ 75.969541][ T5826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 75.977529][ T5826] RBP: ffff888023494cf8 R08: ffffffff81dae7d5 R09: 1ffff1100469299f [ 75.985516][ T5826] R10: dffffc0000000000 R11: ffffed10046929a0 R12: ffff888023494b88 [ 75.993499][ T5826] R13: ffffea0001e314c0 R14: 0000000000000001 R15: 1ffff1100469299f [ 76.001482][ T5826] FS: 0000555582b1f380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 76.010509][ T5826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.017099][ T5826] CR2: 0000555582b286f8 CR3: 00000000343f8000 CR4: 0000000000350ef0 [ 76.025077][ T5826] Call Trace: [ 76.028361][ T5826] [ 76.031295][ T5826] ? __warn+0x165/0x4d0 [ 76.035474][ T5826] ? __folio_mark_dirty+0xa3a/0xe80 [ 76.040678][ T5826] ? report_bug+0x2b3/0x500 [ 76.045214][ T5826] ? __folio_mark_dirty+0xa3a/0xe80 [ 76.050427][ T5826] ? handle_bug+0x60/0x90 [ 76.054777][ T5826] ? exc_invalid_op+0x1a/0x50 [ 76.059466][ T5826] ? asm_exc_invalid_op+0x1a/0x20 [ 76.064507][ T5826] ? __folio_mark_dirty+0x435/0xe80 [ 76.069713][ T5826] ? __folio_mark_dirty+0xa39/0xe80 [ 76.074923][ T5826] ? __folio_mark_dirty+0xa3a/0xe80 [ 76.080129][ T5826] ? __folio_mark_dirty+0xa39/0xe80 [ 76.085351][ T5826] mark_buffer_dirty+0x28e/0x440 [ 76.090301][ T5826] gfs2_unpin+0x129/0xa60 [ 76.094661][ T5826] buf_lo_after_commit+0x14f/0x1a0 [ 76.099788][ T5826] ? __pfx_buf_lo_after_commit+0x10/0x10 [ 76.105439][ T5826] gfs2_log_flush+0x118f/0x2610 [ 76.110308][ T5826] ? __pfx_gfs2_log_flush+0x10/0x10 [ 76.115522][ T5826] ? do_sync+0x9c2/0xc60 [ 76.119782][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.125427][ T5826] ? do_sync+0x9c2/0xc60 [ 76.129687][ T5826] do_sync+0xa0b/0xc60 [ 76.133774][ T5826] ? __pfx_do_sync+0x10/0x10 [ 76.138408][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.144070][ T5826] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.149269][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.154914][ T5826] gfs2_quota_sync+0x3bc/0x4a0 [ 76.159696][ T5826] gfs2_sync_fs+0x4d/0xc0 [ 76.164060][ T5826] sync_filesystem+0xef/0x230 [ 76.168747][ T5826] generic_shutdown_super+0x72/0x2d0 [ 76.174058][ T5826] kill_block_super+0x44/0x90 [ 76.178739][ T5826] deactivate_locked_super+0xc6/0x130 [ 76.184123][ T5826] cleanup_mnt+0x41f/0x4b0 [ 76.188549][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.194199][ T5826] ? lockdep_hardirqs_on+0x99/0x150 [ 76.199407][ T5826] task_work_run+0x251/0x310 [ 76.204012][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 76.209137][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.214788][ T5826] ? path_umount+0x284/0xf70 [ 76.219387][ T5826] ptrace_notify+0x2d2/0x380 [ 76.223988][ T5826] ? __pfx_ptrace_notify+0x10/0x10 [ 76.229105][ T5826] ? kmem_cache_free+0x195/0x410 [ 76.234057][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.239687][ T5826] ? __x64_sys_umount+0x123/0x170 [ 76.244717][ T5826] syscall_exit_work+0xc7/0x1d0 [ 76.249596][ T5826] syscall_exit_to_user_mode+0x24a/0x340 [ 76.255244][ T5826] do_syscall_64+0x100/0x230 [ 76.259848][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.265778][ T5826] RIP: 0033:0x7fcb3772e347 [ 76.270198][ T5826] Code: 0a 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 76.289835][ T5826] RSP: 002b:00007ffe1e019dc8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 76.298262][ T5826] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fcb3772e347 [ 76.306325][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe1e019e80 [ 76.314300][ T5826] RBP: 00007ffe1e019e80 R08: 0000000000000000 R09: 0000000000000000 [ 76.322273][ T5826] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffe1e01aee0 [ 76.330272][ T5826] R13: 0000555582b206c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 76.338269][ T5826] [ 76.341296][ T5826] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 76.348589][ T5826] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor253 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 [ 76.359700][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 76.369849][ T5826] Call Trace: [ 76.373134][ T5826] [ 76.376061][ T5826] dump_stack_lvl+0x241/0x360 [ 76.380749][ T5826] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.385960][ T5826] ? __pfx__printk+0x10/0x10 [ 76.390556][ T5826] ? _printk+0xd5/0x120 [ 76.394741][ T5826] ? __init_begin+0x41000/0x41000 [ 76.399767][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.405401][ T5826] ? vscnprintf+0x5d/0x90 [ 76.409736][ T5826] panic+0x349/0x880 [ 76.413737][ T5826] ? __warn+0x174/0x4d0 [ 76.417929][ T5826] ? __pfx_panic+0x10/0x10 [ 76.422367][ T5826] __warn+0x344/0x4d0 [ 76.426351][ T5826] ? __folio_mark_dirty+0xa3a/0xe80 [ 76.431568][ T5826] report_bug+0x2b3/0x500 [ 76.435911][ T5826] ? __folio_mark_dirty+0xa3a/0xe80 [ 76.441249][ T5826] handle_bug+0x60/0x90 [ 76.445431][ T5826] exc_invalid_op+0x1a/0x50 [ 76.449970][ T5826] asm_exc_invalid_op+0x1a/0x20 [ 76.454841][ T5826] RIP: 0010:__folio_mark_dirty+0xa3a/0xe80 [ 76.460655][ T5826] Code: e8 8b 70 c4 ff 4c 89 ef 48 8b 34 24 e8 2f 04 33 00 e9 4a fe ff ff e8 75 70 c4 ff 90 0f 0b 90 e9 08 fe ff ff e8 67 70 c4 ff 90 <0f> 0b 90 e9 00 fa ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c cc f7 [ 76.480279][ T5826] RSP: 0018:ffffc90003477688 EFLAGS: 00010093 [ 76.486368][ T5826] RAX: ffffffff81daedd9 RBX: 0000000000000000 RCX: ffff8880355b3c00 [ 76.494361][ T5826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 76.502348][ T5826] RBP: ffff888023494cf8 R08: ffffffff81dae7d5 R09: 1ffff1100469299f [ 76.510339][ T5826] R10: dffffc0000000000 R11: ffffed10046929a0 R12: ffff888023494b88 [ 76.518324][ T5826] R13: ffffea0001e314c0 R14: 0000000000000001 R15: 1ffff1100469299f [ 76.526314][ T5826] ? __folio_mark_dirty+0x435/0xe80 [ 76.531524][ T5826] ? __folio_mark_dirty+0xa39/0xe80 [ 76.536736][ T5826] ? __folio_mark_dirty+0xa39/0xe80 [ 76.541952][ T5826] mark_buffer_dirty+0x28e/0x440 [ 76.546894][ T5826] gfs2_unpin+0x129/0xa60 [ 76.551241][ T5826] buf_lo_after_commit+0x14f/0x1a0 [ 76.556359][ T5826] ? __pfx_buf_lo_after_commit+0x10/0x10 [ 76.562002][ T5826] gfs2_log_flush+0x118f/0x2610 [ 76.566870][ T5826] ? __pfx_gfs2_log_flush+0x10/0x10 [ 76.572073][ T5826] ? do_sync+0x9c2/0xc60 [ 76.576324][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.581955][ T5826] ? do_sync+0x9c2/0xc60 [ 76.586207][ T5826] do_sync+0xa0b/0xc60 [ 76.590286][ T5826] ? __pfx_do_sync+0x10/0x10 [ 76.594894][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.600524][ T5826] ? do_raw_spin_unlock+0x13c/0x8b0 [ 76.605720][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.611358][ T5826] gfs2_quota_sync+0x3bc/0x4a0 [ 76.616136][ T5826] gfs2_sync_fs+0x4d/0xc0 [ 76.620465][ T5826] sync_filesystem+0xef/0x230 [ 76.625171][ T5826] generic_shutdown_super+0x72/0x2d0 [ 76.630483][ T5826] kill_block_super+0x44/0x90 [ 76.635167][ T5826] deactivate_locked_super+0xc6/0x130 [ 76.640559][ T5826] cleanup_mnt+0x41f/0x4b0 [ 76.644989][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.650631][ T5826] ? lockdep_hardirqs_on+0x99/0x150 [ 76.655855][ T5826] task_work_run+0x251/0x310 [ 76.660463][ T5826] ? __pfx_task_work_run+0x10/0x10 [ 76.665589][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.671254][ T5826] ? path_umount+0x284/0xf70 [ 76.675851][ T5826] ptrace_notify+0x2d2/0x380 [ 76.680452][ T5826] ? __pfx_ptrace_notify+0x10/0x10 [ 76.685571][ T5826] ? kmem_cache_free+0x195/0x410 [ 76.690525][ T5826] ? srso_alias_return_thunk+0x5/0xfbef5 [ 76.696176][ T5826] ? __x64_sys_umount+0x123/0x170 [ 76.701233][ T5826] syscall_exit_work+0xc7/0x1d0 [ 76.706101][ T5826] syscall_exit_to_user_mode+0x24a/0x340 [ 76.711749][ T5826] do_syscall_64+0x100/0x230 [ 76.716357][ T5826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.722309][ T5826] RIP: 0033:0x7fcb3772e347 [ 76.726723][ T5826] Code: 0a 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 76.746339][ T5826] RSP: 002b:00007ffe1e019dc8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 76.754764][ T5826] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fcb3772e347 [ 76.762735][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe1e019e80 [ 76.770707][ T5826] RBP: 00007ffe1e019e80 R08: 0000000000000000 R09: 0000000000000000 [ 76.778713][ T5826] R10: 00000000ffffffff R11: 0000000000000202 R12: 00007ffe1e01aee0 [ 76.786692][ T5826] R13: 0000555582b206c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 76.794684][ T5826] [ 76.797945][ T5826] Kernel Offset: disabled [ 76.802537][ T5826] Rebooting in 86400 seconds..