./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor75684646

<...>
Warning: Permanently added '10.128.1.10' (ECDSA) to the list of known hosts.
execve("./syz-executor75684646", ["./syz-executor75684646"], 0x7ffd295478e0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555bbb000
brk(0x555555bbbc40)                     = 0x555555bbbc40
arch_prctl(ARCH_SET_FS, 0x555555bbb300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor75684646", 4096) = 26
brk(0x555555bdcc40)                     = 0x555555bdcc40
brk(0x555555bdd000)                     = 0x555555bdd000
mprotect(0x7f7d17c29000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid()                                = 4991
mkdir("./syzkaller.w2SBfA", 0700)       = 0
chmod("./syzkaller.w2SBfA", 0777)       = 0
chdir("./syzkaller.w2SBfA")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bbb5d0) = 4992
./strace-static-x86_64: Process 4992 attached
[pid  4992] chdir("./0")                = 0
[pid  4992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  4992] setpgid(0, 0)               = 0
[pid  4992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  4992] write(3, "1000", 4)         = 4
[pid  4992] close(3)                    = 0
[pid  4992] symlink("/dev/binderfs", "./binderfs") = 0
[pid  4992] memfd_create("syzkaller", 0) = 3
[pid  4992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7d0f76c000
syzkaller login: [   66.190591][ T4992] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4992 'syz-executor756'
[pid  4992] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304
[pid  4992] munmap(0x7f7d0f76c000, 4194304) = 0
[pid  4992] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  4992] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  4992] close(3)                    = 0
[pid  4992] mkdir("./file0", 0777)      = 0
[   66.258630][ T4992] loop0: detected capacity change from 0 to 8192
[   66.271218][ T4992] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   66.284346][ T4992] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[   66.294046][ T4992] REISERFS (device loop0): using ordered data mode
[   66.300956][ T4992] reiserfs: using flush barriers
[   66.307885][ T4992] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   66.324497][ T4992] REISERFS (device loop0): checking transaction log (loop0)
[pid  4992] mount("/dev/loop0", "./file0", "reiserfs", MS_DIRSYNC, "") = 0
[pid  4992] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid  4992] chdir("./file0")            = 0
[pid  4992] ioctl(4, LOOP_CLR_FD)       = 0
[pid  4992] close(4)                    = 0
[pid  4992] mkdir(".", 0777)            = -1 EEXIST (File exists)
[   66.380876][ T4992] REISERFS (device loop0): Using r5 hash to sort names
[   66.388073][ T4992] REISERFS (device loop0): using 3.5.x disk format
[   66.395644][ T4992] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[pid  4992] mount(NULL, ".", 0x20000180, MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "\x14\x27\x0e\x2d\x25\xcc\xcf\xf0\x78\xb9\x14\x0e\x8a\x1e\x19\xf3\xbc\xc3\xbd\x09\x96\x8d\xd1\x91\x1a\xce\xf2\x43\x21\xd7\x64\xd9\xe1\x17\xda\x79\x06\x3a\x62\xe3\xa5\x92\xfb\x42\xf7\xd9\xdd\xb2\x68\x2b\x4c\x2f\xf5\x80\xea\x5f\xa8\xef\xfb\xd5\x3a\xcf\xb0\xf8\x70\xbc\x1e\x49\xd0\x1a\x5b\x7f\xf5\x51\x50\xd2\xbf\x3b\x04\x28\x58\xc5\x32\x5c\x2b\x56\x9b\x32\x0c\xd4\x4e\x49\xe2\x46\xcc\x1e\x41\xf0\x4d\x2e"...) = -1 EINVAL (Invalid argument)
[pid  4992] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|FASYNC, 000) = 4
[   66.422220][ T4992] REISERFS warning (device loop0): super-6502 reiserfs_getopt: unknown mount option "'-%ÌÏðx¹Šó¼Ã½	–Ñ‘ÎòC!×dÙáÚy:bã¥’ûB÷ÙÝ²h+L/õ€ê_¨ïûÕ:Ï°øp¼IÐ[õQPÒ¿;(XÅ2\+V›2ÔNIâFÌAðM.IJÝíZ¤u|òo…kò<³ySºáwJø¤•	"
[   66.447078][   T27] audit: type=1800 audit(1686434342.236:2): pid=4992 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor756" name="bus" dev="loop0" ino=2 res=0 errno=0
[   66.469497][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.483813][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.497920][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.511776][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.525747][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.540173][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.553927][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[pid  4992] ftruncate(4, 33587199)      = 0
[   66.567680][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.584319][ T4992] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[   66.599818][ T4992] REISERFS warning: reiserfs-5090 is_tree_node: node level 0 does not match to the expected one 1
[   66.610485][ T4992] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   66.621080][ T4992] REISERFS (device loop0): Remounting filesystem read-only
[   66.628377][ T4992] REISERFS warning: reiserfs-5090 is_tree_node: node level 0 does not match to the expected one 1
[   66.639046][ T4992] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[   66.649638][ T4992] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 2 0x0 SD] stat data
[   66.662977][ T4992] REISERFS warning (device loop0): clm-6006 reiserfs_dirty_inode: writing inode 2 on readonly FS
[pid  4992] ftruncate(4, 32)            = 0
[pid  4992] exit_group(0)               = ?
[pid  4992] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4992, si_uid=0, si_status=0, si_utime=0, si_stime=38 /* 0.38 s */} ---
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555bbc620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs")                  = 0
[   66.708956][ T4991] ------------[ cut here ]------------
[   66.714519][ T4991] kernel BUG at fs/reiserfs/journal.c:1452!
[   66.720542][ T4991] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   66.726666][ T4991] CPU: 1 PID: 4991 Comm: syz-executor756 Not tainted 6.4.0-rc5-syzkaller-00245-g64569520920a #0
[   66.737075][ T4991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[   66.747119][ T4991] RIP: 0010:flush_journal_list+0x1c33/0x1c70
[   66.753119][ T4991] Code: dc 38 85 8c 48 c7 c1 c0 07 fc 8a e8 07 58 fb ff e8 d2 13 59 ff 0f 0b e8 cb 13 59 ff 0f 0b e8 c4 13 59 ff 0f 0b e8 bd 13 59 ff <0f> 0b e8 b6 13 59 ff 0f 0b e8 af 13 59 ff 0f 0b e8 a8 13 59 ff 0f
[   66.772720][ T4991] RSP: 0018:ffffc900039ff5f0 EFLAGS: 00010293
[   66.778782][ T4991] RAX: ffffffff82326be3 RBX: 0000000000000001 RCX: ffff888021d43b80
[   66.786758][ T4991] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   66.794718][ T4991] RBP: 0000000000000000 R08: ffffffff82325675 R09: ffffed100e89fd06
[   66.802677][ T4991] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8880744fe828
[   66.810637][ T4991] R13: ffffc90003a930d8 R14: 1ffff1100e89fd05 R15: 1ffff9200075261d
[   66.818598][ T4991] FS:  0000555555bbb300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   66.827527][ T4991] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   66.834112][ T4991] CR2: 0000555555bc4628 CR3: 0000000019345000 CR4: 00000000003506e0
[   66.842091][ T4991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   66.850062][ T4991] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   66.858032][ T4991] Call Trace:
[   66.861312][ T4991]  <TASK>
[   66.864242][ T4991]  ? __die_body+0x5e/0xa0
[   66.868581][ T4991]  ? die+0x87/0xb0
[   66.872302][ T4991]  ? do_trap+0x11e/0x350
[   66.876551][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.881924][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.887301][ T4991]  ? do_error_trap+0x141/0x1f0
[   66.892075][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.897450][ T4991]  ? do_int3+0x30/0x30
[   66.901539][ T4991]  ? handle_invalid_op+0x2c/0x40
[   66.906488][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.911863][ T4991]  ? exc_invalid_op+0x33/0x50
[   66.916550][ T4991]  ? asm_exc_invalid_op+0x1a/0x20
[   66.921595][ T4991]  ? flush_journal_list+0x6c5/0x1c70
[   66.926881][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.932257][ T4991]  ? flush_journal_list+0x1c33/0x1c70
[   66.937642][ T4991]  flush_journal_list+0xea7/0x1c70
[   66.942765][ T4991]  do_journal_end+0x3170/0x4770
[   66.947636][ T4991]  ? journal_mark_dirty+0xe40/0xe40
[   66.952838][ T4991]  ? trace_contention_end+0x3c/0xf0
[   66.958049][ T4991]  ? journal_mark_dirty+0x22f/0xe40
[   66.963257][ T4991]  do_journal_release+0x47c/0x4d0
[   66.968284][ T4991]  ? journal_release+0x30/0x30
[   66.973060][ T4991]  journal_release+0x1f/0x30
[   66.977654][ T4991]  reiserfs_put_super+0x23b/0x4c0
[   66.982686][ T4991]  ? hook_inode_free_security+0xb0/0xb0
[   66.988234][ T4991]  ? reiserfs_dirty_inode+0x240/0x240
[   66.993617][ T4991]  ? fscrypt_destroy_keyring+0x273/0x290
[   66.999269][ T4991]  ? reiserfs_dirty_inode+0x240/0x240
[   67.004662][ T4991]  generic_shutdown_super+0x134/0x340
[   67.010049][ T4991]  kill_block_super+0x84/0xf0
[   67.014735][ T4991]  deactivate_locked_super+0xa4/0x110
[   67.020110][ T4991]  cleanup_mnt+0x426/0x4c0
[   67.024540][ T4991]  ? _raw_spin_unlock_irq+0x23/0x50
[   67.029752][ T4991]  task_work_run+0x24a/0x300
[   67.034711][ T4991]  ? dput+0x3a1/0x420
[   67.038700][ T4991]  ? task_work_cancel+0x2b0/0x2b0
[   67.043745][ T4991]  ? __x64_sys_umount+0x126/0x170
[   67.048780][ T4991]  ptrace_notify+0x2cd/0x380
[   67.053375][ T4991]  ? do_notify_parent+0xf50/0xf50
[   67.058404][ T4991]  ? user_path_at_empty+0x12f/0x180
[   67.063700][ T4991]  ? __x64_sys_umount+0x126/0x170
[   67.068728][ T4991]  ? path_umount+0xea0/0xea0
[   67.073323][ T4991]  ? syscall_enter_from_user_mode+0x32/0x230
[   67.079319][ T4991]  syscall_exit_to_user_mode+0x157/0x280
[   67.085134][ T4991]  do_syscall_64+0x4d/0xc0
[   67.089551][ T4991]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   67.095460][ T4991] RIP: 0033:0x7f7d17bbaf57
[   67.099873][ T4991] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   67.119561][ T4991] RSP: 002b:00007fff15fe9e38 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[   67.127976][ T4991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f7d17bbaf57
[   67.135949][ T4991] RDX: 00007fff15fe9ef9 RSI: 000000000000000a RDI: 00007fff15fe9ef0
[   67.143926][ T4991] RBP: 00007fff15fe9ef0 R08: 00000000ffffffff R09: 00007fff15fe9cd0
[   67.151897][ T4991] R10: 0000555555bbc653 R11: 0000000000000202 R12: 00007fff15feaf60
[   67.159864][ T4991] R13: 0000555555bbc5f0 R14: 00007fff15fe9e60 R15: 0000000000000001
[   67.167931][ T4991]  </TASK>
[   67.170959][ T4991] Modules linked in:
[   67.175277][ T4991] ---[ end trace 0000000000000000 ]---
[   67.180758][ T4991] RIP: 0010:flush_journal_list+0x1c33/0x1c70
[   67.186965][ T4991] Code: dc 38 85 8c 48 c7 c1 c0 07 fc 8a e8 07 58 fb ff e8 d2 13 59 ff 0f 0b e8 cb 13 59 ff 0f 0b e8 c4 13 59 ff 0f 0b e8 bd 13 59 ff <0f> 0b e8 b6 13 59 ff 0f 0b e8 af 13 59 ff 0f 0b e8 a8 13 59 ff 0f
[   67.206932][ T4991] RSP: 0018:ffffc900039ff5f0 EFLAGS: 00010293
[   67.213019][ T4991] RAX: ffffffff82326be3 RBX: 0000000000000001 RCX: ffff888021d43b80
[   67.221073][ T4991] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   67.229094][ T4991] RBP: 0000000000000000 R08: ffffffff82325675 R09: ffffed100e89fd06
[   67.237164][ T4991] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8880744fe828
[   67.245240][ T4991] R13: ffffc90003a930d8 R14: 1ffff1100e89fd05 R15: 1ffff9200075261d
[   67.253254][ T4991] FS:  0000555555bbb300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[   67.262266][ T4991] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   67.268895][ T4991] CR2: 000000000045bd60 CR3: 0000000019345000 CR4: 00000000003506f0
[   67.276921][ T4991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   67.284916][ T4991] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   67.293141][ T4991] Kernel panic - not syncing: Fatal exception
[   67.299437][ T4991] Kernel Offset: disabled
[   67.303766][ T4991] Rebooting in 86400 seconds..