./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3862698960

<...>
[   15.742585][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   16.492446][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts.
execve("./syz-executor3862698960", ["./syz-executor3862698960"], 0x7ffd20451540 /* 10 vars */) = 0
brk(NULL)                               = 0x555555962000
brk(0x555555962c40)                     = 0x555555962c40
arch_prctl(ARCH_SET_FS, 0x555555962300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3862698960", 4096) = 28
brk(0x555555983c40)                     = 0x555555983c40
brk(0x555555984000)                     = 0x555555984000
mprotect(0x7f8986ca3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 372
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 373
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 374
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 375
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 376
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 377
./strace-static-x86_64: Process 373 attached
[pid   373] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3
[pid   373] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   373] close(3)                    = 0
[pid   373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 378
./strace-static-x86_64: Process 372 attached
[pid   372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   372] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   372] close(3)                    = 0
[pid   372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 379
./strace-static-x86_64: Process 378 attached
[pid   378] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   378] setpgid(0, 0)               = 0
[pid   378] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   378] write(3, "1000", 4)         = 4
[pid   378] close(3)                    = 0
[pid   378] memfd_create("syzkaller", 0) = 3
[pid   378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000
[pid   378] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   378] munmap(0x7f897e7e8000, 262144) = 0
[pid   378] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   378] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid   378] close(3)                    = 0
[pid   378] mkdir("./file0", 0777)      = 0
[pid   378] mount("/dev/loop1", "./file0", "ext4", 0, ",errors=continue"./strace-static-x86_64: Process 374 attached
 <unfinished ...>
[pid   374] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   374] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   374] close(3)                    = 0
[pid   374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 382
./strace-static-x86_64: Process 382 attached
[pid   382] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   382] setpgid(0, 0)               = 0
[pid   382] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   382] write(3, "1000", 4)         = 4
[pid   382] close(3)                    = 0
[pid   382] memfd_create("syzkaller", 0) = 3
[pid   382] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000
[pid   382] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   382] munmap(0x7f897e7e8000, 262144) = 0
[pid   382] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   382] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 375 attached
 <unfinished ...>
[pid   375] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 379 attached
./strace-static-x86_64: Process 377 attached
./strace-static-x86_64: Process 376 attached
[   19.202683][   T23] audit: type=1400 audit(1669531057.599:73): avc:  denied  { execmem } for  pid=371 comm="syz-executor386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   19.224923][   T23] audit: type=1400 audit(1669531057.599:74): avc:  denied  { read write } for  pid=373 comm="syz-executor386" name="loop1" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
 <unfinished ...>
[pid   379] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   377] openat(AT_FDCWD, "/dev/loop5", O_RDWR <unfinished ...>
[pid   376] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   379] <... prctl resumed>)        = 0
[pid   379] setpgid(0, 0)               = 0
[pid   379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   379] write(3, "1000", 4)         = 4
[pid   379] close(3 <unfinished ...>
[pid   382] <... ioctl resumed>)        = 0
[pid   379] <... close resumed>)        = 0
[pid   379] memfd_create("syzkaller", 0) = 3
[pid   382] close(3 <unfinished ...>
[pid   379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   382] <... close resumed>)        = 0
[pid   379] <... mmap resumed>)         = 0x7f897e7e8000
[pid   382] mkdir("./file0", 0777 <unfinished ...>
[pid   379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   382] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   382] mount("/dev/loop2", "./file0", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   379] <... write resumed>)        = 262144
[pid   379] munmap(0x7f897e7e8000, 262144 <unfinished ...>
[pid   375] <... openat resumed>)       = 3
[pid   375] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   375] close(3)                    = 0
[pid   375] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 386
[pid   379] <... munmap resumed>)       = 0
[pid   379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   379] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   378] <... mount resumed>)        = 0
[pid   378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid   378] chdir("./file0")            = 0
[   19.225890][  T378] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   19.249138][   T23] audit: type=1400 audit(1669531057.599:75): avc:  denied  { open } for  pid=373 comm="syz-executor386" path="/dev/loop1" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid   378] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 386 attached
 <unfinished ...>
[pid   379] <... ioctl resumed>)        = 0
[pid   377] <... openat resumed>)       = 3
[pid   376] <... openat resumed>)       = 3
[pid   377] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   376] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   377] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   376] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[   19.249153][   T23] audit: type=1400 audit(1669531057.599:76): avc:  denied  { ioctl } for  pid=373 comm="syz-executor386" path="/dev/loop1" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   19.249170][   T23] audit: type=1400 audit(1669531057.609:77): avc:  denied  { mounton } for  pid=378 comm="syz-executor386" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   19.288644][  T382] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[pid   377] close(3 <unfinished ...>
[pid   376] close(3 <unfinished ...>
[pid   377] <... close resumed>)        = 0
[pid   376] <... close resumed>)        = 0
[pid   386] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   379] close(3 <unfinished ...>
[pid   386] <... prctl resumed>)        = 0
[pid   379] <... close resumed>)        = 0
[pid   386] setpgid(0, 0 <unfinished ...>
[pid   379] mkdir("./file0", 0777 <unfinished ...>
[pid   386] <... setpgid resumed>)      = 0
[pid   382] <... mount resumed>)        = 0
[pid   379] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   382] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   379] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   377] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   376] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   386] <... openat resumed>)       = 3
./strace-static-x86_64: Process 393 attached
./strace-static-x86_64: Process 391 attached
[pid   378] <... ioctl resumed>)        = 0
[pid   391] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   378] close(4 <unfinished ...>
[pid   376] <... clone resumed>, child_tidptr=0x5555559625d0) = 393
[pid   391] <... prctl resumed>)        = 0
[pid   378] <... close resumed>)        = 0
[pid   391] setpgid(0, 0 <unfinished ...>
[pid   378] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid   391] <... setpgid resumed>)      = 0
[pid   391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   391] write(3, "1000", 4)         = 4
[pid   391] close(3)                    = 0
[pid   391] memfd_create("syzkaller", 0) = 3
[pid   391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000
[pid   391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   391] munmap(0x7f897e7e8000, 262144) = 0
[pid   391] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4
[pid   378] <... openat resumed>)       = 4
[pid   391] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   386] write(3, "1000", 4 <unfinished ...>
[pid   378] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 <unfinished ...>
[pid   386] <... write resumed>)        = 4
[pid   378] <... ioctl resumed>)        = -1 EINVAL (Invalid argument)
[pid   378] exit_group(0)               = ?
[pid   378] +++ exited with 0 +++
[pid   393] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   386] close(3 <unfinished ...>
[pid   373] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=378, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   377] <... clone resumed>, child_tidptr=0x5555559625d0) = 391
[pid   386] <... close resumed>)        = 0
[pid   382] <... openat resumed>)       = 3
[pid   386] memfd_create("syzkaller", 0 <unfinished ...>
[pid   382] chdir("./file0" <unfinished ...>
[pid   386] <... memfd_create resumed>) = 3
[pid   373] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   382] <... chdir resumed>)        = 0
[pid   386] <... mmap resumed>)         = 0x7f897e7e8000
[pid   382] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   393] <... prctl resumed>)        = 0
[pid   393] setpgid(0, 0)               = 0
[pid   393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   393] <... openat resumed>)       = 3
[pid   386] <... write resumed>)        = 262144
[pid   386] munmap(0x7f897e7e8000, 262144) = 0
[   19.322962][   T23] audit: type=1400 audit(1669531057.679:78): avc:  denied  { mount } for  pid=378 comm="syz-executor386" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   19.362900][   T23] audit: type=1400 audit(1669531057.749:79): avc:  denied  { mounton } for  pid=379 comm="syz-executor386" path="/root/file0" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[pid   386] openat(AT_FDCWD, "/dev/loop3", O_RDWR <unfinished ...>
[pid   393] write(3, "1000", 4 <unfinished ...>
[pid   391] <... ioctl resumed>)        = 0
[pid   386] <... openat resumed>)       = 4
[pid   382] <... ioctl resumed>)        = 0
[pid   373] <... openat resumed>)       = 3
[pid   391] close(3)                    = 0
[pid   391] mkdir("./file0", 0777)      = -1 EEXIST (File exists)
[pid   391] mount("/dev/loop5", "./file0", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   393] <... write resumed>)        = 4
[pid   386] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   382] close(4 <unfinished ...>
[pid   373] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   393] close(3 <unfinished ...>
[pid   382] <... close resumed>)        = 0
[pid   379] <... mount resumed>)        = 0
[pid   379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid   379] chdir("./file0")            = 0
[pid   379] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   393] <... close resumed>)        = 0
[pid   393] memfd_create("syzkaller", 0) = 3
[pid   393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f897e7e8000
[pid   393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid   393] munmap(0x7f897e7e8000, 262144 <unfinished ...>
[pid   382] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid   386] <... ioctl resumed>)        = 0
[pid   382] <... openat resumed>)       = 4
[   19.396461][  T379] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[   19.396843][   T23] audit: type=1400 audit(1669531057.759:80): avc:  denied  { write } for  pid=378 comm="syz-executor386" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   19.428462][   T23] audit: type=1400 audit(1669531057.759:81): avc:  denied  { add_name } for  pid=378 comm="syz-executor386" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[pid   379] <... ioctl resumed>)        = 0
[pid   373] <... ioctl resumed>)        = 0
[pid   373] close(3)                    = 0
[pid   373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   379] close(4)                    = 0
[pid   373] <... clone resumed>, child_tidptr=0x5555559625d0) = 398
[pid   379] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid   379] ioctl(4, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument)
[pid   379] exit_group(0)               = ?
[pid   379] +++ exited with 0 +++
[pid   372] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=379, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   372] ioctl(3, LOOP_CLR_FD)       = 0
[pid   372] close(3)                    = 0
[pid   372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 399
./strace-static-x86_64: Process 399 attached
./strace-static-x86_64: Process 398 attached
[pid   393] <... munmap resumed>)       = 0
[pid   386] close(3 <unfinished ...>
[pid   382] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 <unfinished ...>
[pid   399] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   398] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   393] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   386] <... close resumed>)        = 0
[pid   382] <... ioctl resumed>)        = -1 EINVAL (Invalid argument)
[pid   399] <... prctl resumed>)        = 0
[pid   398] <... prctl resumed>)        = 0
[pid   393] <... openat resumed>)       = 4
[pid   386] mkdir("./file0", 0777 <unfinished ...>
[pid   382] exit_group(0 <unfinished ...>
[pid   399] setpgid(0, 0 <unfinished ...>
[pid   398] setpgid(0, 0 <unfinished ...>
[pid   386] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   382] <... exit_group resumed>)   = ?
[pid   399] <... setpgid resumed>)      = 0
[pid   398] <... setpgid resumed>)      = 0
[pid   393] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   386] mount("/dev/loop3", "./file0", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   382] +++ exited with 0 +++
[pid   399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   374] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=382, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   399] <... openat resumed>)       = 3
[pid   398] <... openat resumed>)       = 3
[pid   374] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   399] write(3, "1000", 4 <unfinished ...>
[pid   398] write(3, "1000", 4 <unfinished ...>
[pid   374] <... restart_syscall resumed>) = 0
[pid   399] <... write resumed>)        = 4
[pid   398] <... write resumed>)        = 4
[pid   399] close(3 <unfinished ...>
[pid   398] close(3 <unfinished ...>
[pid   399] <... close resumed>)        = 0
[pid   398] <... close resumed>)        = 0
[pid   374] openat(AT_FDCWD, "/dev/loop2", O_RDWR <unfinished ...>
[pid   399] memfd_create("syzkaller", 0 <unfinished ...>
[pid   398] memfd_create("syzkaller", 0 <unfinished ...>
[pid   399] <... memfd_create resumed>) = 3
[pid   399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   398] <... memfd_create resumed>) = 3
[pid   399] <... mmap resumed>)         = 0x7f897e7e8000
[pid   398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   398] <... mmap resumed>)         = 0x7f897e7e8000
[pid   393] <... ioctl resumed>)        = 0
[pid   374] <... openat resumed>)       = 3
[pid   374] ioctl(3, LOOP_CLR_FD)       = 0
[pid   374] close(3 <unfinished ...>
[pid   398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   374] <... close resumed>)        = 0
[pid   399] <... write resumed>)        = 262144
[pid   374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 402
./strace-static-x86_64: Process 402 attached
[pid   399] munmap(0x7f897e7e8000, 262144 <unfinished ...>
[pid   398] <... write resumed>)        = 262144
[pid   393] close(3 <unfinished ...>
[pid   391] <... mount resumed>)        = 0
[pid   386] <... mount resumed>)        = 0
[pid   399] <... munmap resumed>)       = 0
[pid   398] munmap(0x7f897e7e8000, 262144 <unfinished ...>
[pid   393] <... close resumed>)        = 0
[pid   386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   399] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   398] <... munmap resumed>)       = 0
[pid   393] mkdir("./file0", 0777 <unfinished ...>
[pid   386] <... openat resumed>)       = 3
[pid   399] <... openat resumed>)       = 4
[pid   398] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   393] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid   386] chdir("./file0" <unfinished ...>
[pid   399] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   398] <... openat resumed>)       = 4
[pid   393] mount("/dev/loop4", "./file0", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   386] <... chdir resumed>)        = 0
[pid   399] <... ioctl resumed>)        = -1 EBUSY (Device or resource busy)
[pid   398] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   386] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   399] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   398] <... ioctl resumed>)        = -1 EBUSY (Device or resource busy)
[pid   386] <... ioctl resumed>)        = 0
[pid   399] <... ioctl resumed>)        = 0
[pid   398] ioctl(4, LOOP_CLR_FD <unfinished ...>
[pid   386] close(4 <unfinished ...>
[pid   391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY <unfinished ...>
[pid   398] <... ioctl resumed>)        = 0
[pid   391] <... openat resumed>)       = 3
[pid   386] <... close resumed>)        = 0
[pid   391] chdir("./file0" <unfinished ...>
[pid   386] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000 <unfinished ...>
[pid   391] <... chdir resumed>)        = 0
[pid   386] <... openat resumed>)       = 4
[pid   402] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   391] ioctl(4, LOOP_CLR_FD <unfinished ...>
[   19.451206][   T23] audit: type=1400 audit(1669531057.759:82): avc:  denied  { create } for  pid=378 comm="syz-executor386" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   19.476366][  T391] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[   19.493970][  T386] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[pid   386] ioctl(4, FS_IOC_GETFSMAP, 0x20000200 <unfinished ...>
[pid   402] <... prctl resumed>)        = 0
[pid   391] <... ioctl resumed>)        = 0
[pid   402] setpgid(0, 0 <unfinished ...>
[pid   399] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   398] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   391] close(4 <unfinished ...>
[pid   393] <... mount resumed>)        = 0
[pid   393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid   393] chdir("./file0")            = 0
[pid   393] ioctl(4, LOOP_CLR_FD)       = 0
[pid   393] close(4)                    = 0
[pid   393] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid   393] ioctl(4, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument)
[pid   393] exit_group(0)               = ?
[pid   393] +++ exited with 0 +++
[pid   376] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=393, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   376] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   402] <... setpgid resumed>)      = 0
[pid   402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   376] <... restart_syscall resumed>) = 0
[pid   402] write(3, "1000", 4)         = 4
[pid   402] close(3 <unfinished ...>
[pid   376] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   402] <... close resumed>)        = 0
[pid   376] <... openat resumed>)       = 3
[pid   402] memfd_create("syzkaller", 0 <unfinished ...>
[pid   376] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   402] <... memfd_create resumed>) = 3
[pid   376] <... ioctl resumed>)        = 0
[pid   402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid   376] close(3 <unfinished ...>
[pid   402] <... mmap resumed>)         = 0x7f897e7e8000
[pid   376] <... close resumed>)        = 0
[   19.508510][  T386] ------------[ cut here ]------------
[   19.514313][  T386] kernel BUG at fs/ext4/ext4.h:3248!
[   19.517189][  T393] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   19.519667][  T386] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   19.534487][  T386] CPU: 1 PID: 386 Comm: syz-executor386 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[   19.544723][  T386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[pid   402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144 <unfinished ...>
[pid   376] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   402] <... write resumed>)        = 262144
[pid   402] munmap(0x7f897e7e8000, 262144 <unfinished ...>
[pid   376] <... clone resumed>, child_tidptr=0x5555559625d0) = 404
[pid   402] <... munmap resumed>)       = 0
[pid   402] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   402] ioctl(4, LOOP_SET_FD, 3)    = -1 EBUSY (Device or resource busy)
[pid   402] ioctl(4, LOOP_CLR_FD)       = 0
[pid   402] ioctl(4, LOOP_SET_FD, 3)    = -1 EBUSY (Device or resource busy)
[pid   402] close(4)                    = 0
[pid   402] close(3)                    = 0
[pid   402] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
[pid   402] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument)
[pid   402] exit_group(0)               = ?
[pid   402] +++ exited with 0 +++
[pid   374] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=402, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   374] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   374] ioctl(3, LOOP_CLR_FD)       = 0
[pid   374] close(3)                    = 0
[pid   374] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 405
[pid   399] <... ioctl resumed>)        = -1 EBUSY (Device or resource busy)
[pid   399] close(4)                    = 0
[pid   399] close(3)                    = 0
[pid   399] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
[pid   399] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument)
[pid   399] exit_group(0)               = ?
[pid   399] +++ exited with 0 +++
[pid   372] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=399, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid   372] ioctl(3, LOOP_CLR_FD)       = 0
[pid   372] close(3)                    = 0
[pid   372] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 406
[   19.554785][  T386] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0
[   19.560932][  T386] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83
[   19.580534][  T386] RSP: 0018:ffffc90000c471f8 EFLAGS: 00010293
[   19.586606][  T386] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff8881067f3b40
[   19.595008][  T386] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[pid   398] <... ioctl resumed>)        = -1 EBUSY (Device or resource busy)
[pid   398] close(4)                    = 0
[pid   398] close(3)                    = 0
[pid   398] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 3
[pid   398] ioctl(3, FS_IOC_GETFSMAP, 0x20000200) = -1 EINVAL (Invalid argument)
[pid   398] exit_group(0)               = ?
[pid   398] +++ exited with 0 +++
[pid   373] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=398, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   373] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   373] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3
[pid   373] ioctl(3, LOOP_CLR_FD)       = 0
[pid   373] close(3)                    = 0
[pid   373] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555559625d0) = 407
[pid   391] <... close resumed>)        = 0
[pid   391] openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   19.602974][  T386] RBP: ffffc90000c47290 R08: ffffffff81dee0ac R09: ffffc90000c47320
[   19.610965][  T386] R10: fffff52000188e6b R11: 1ffff92000188e64 R12: 1ffff1102142f879
[   19.618933][  T386] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000
[   19.626901][  T386] FS:  0000555555962300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   19.635821][  T386] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   19.636777][  T391] ------------[ cut here ]------------
[   19.642566][  T386] CR2: 00007f8986bf195f CR3: 000000011e60c000 CR4: 00000000003506a0
[   19.642574][  T386] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   19.642580][  T386] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   19.642583][  T386] Call Trace:
[   19.642608][  T386]  ext4_mballoc_query_range+0xb8/0x7a0
[   19.654613][  T391] kernel BUG at fs/ext4/ext4.h:3248!
[   19.655982][  T386]  ? ext4_getfsmap_dev_compare+0x80/0x80
[   19.656000][  T386]  ? ext4_trim_all_free+0xb80/0xb80
[   19.696570][  T386]  ? kmem_cache_alloc_trace+0x1dd/0x330
[   19.702089][  T386]  ext4_getfsmap_datadev+0x1b7f/0x2710
[   19.707525][  T386]  ? sort_r+0x1387/0x13a0
[   19.711832][  T386]  ? ext4_getfsmap+0x10c0/0x10c0
[   19.716739][  T386]  ? ext4_getfsmap+0x10c0/0x10c0
[   19.721645][  T386]  ? ext4_getfsmap+0xb97/0x10c0
[   19.726465][  T386]  ? ext4_getfsmap+0x10c0/0x10c0
[   19.731379][  T386]  ext4_getfsmap+0xd66/0x10c0
[   19.736041][  T386]  ? ext4_fsmap_to_internal+0x260/0x260
[   19.741562][  T386]  ? ext4_getfsmap+0x10c0/0x10c0
[   19.746473][  T386]  ? ext4_shutdown+0x4d0/0x4d0
[   19.751210][  T386]  ? __reset_page_pinner+0x4d0/0x4d0
[   19.756465][  T386]  ? ext4_fsmap_to_internal+0x25/0x260
[   19.761893][  T386]  ext4_ioctl+0x35bd/0x6330
[   19.766367][  T386]  ? avc_has_extended_perms+0x731/0x1270
[   19.771968][  T386]  ? memcpy+0x56/0x70
[   19.775921][  T386]  ? ext4_has_metadata_csum+0x1f0/0x1f0
[   19.781435][  T386]  ? avc_has_extended_perms+0xb66/0x1270
[   19.787049][  T386]  ? avc_ss_reset+0x290/0x290
[   19.791700][  T386]  ? __kasan_check_write+0x14/0x20
[   19.796782][  T386]  ? __switch_to+0x5e4/0x1220
[   19.801433][  T386]  ? ioctl_has_perm+0x3da/0x560
[   19.806257][  T386]  ? __x32_compat_sys_ioctl+0x90/0x90
[   19.811599][  T386]  ? has_cap_mac_admin+0xb0/0xb0
[   19.816572][  T386]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   19.821657][  T386]  ? __kasan_check_write+0x14/0x20
[   19.826763][  T386]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   19.831888][  T386]  ? cgroup_update_frozen+0x155/0x320
[   19.837233][  T386]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.842408][  T386]  ? selinux_file_ioctl+0x3c9/0x530
[   19.847580][  T386]  ? ptrace_stop+0x6ff/0x9f0
[   19.852149][  T386]  ? selinux_file_alloc_security+0x120/0x120
[   19.858103][  T386]  ? _raw_spin_unlock_irq+0x4e/0x70
[   19.863286][  T386]  ? ptrace_notify+0x248/0x340
[   19.868042][  T386]  ? do_notify_parent+0xa40/0xa40
[   19.873127][  T386]  ? security_file_ioctl+0xb1/0xd0
[   19.878334][  T386]  ? ext4_has_metadata_csum+0x1f0/0x1f0
[   19.883855][  T386]  __se_sys_ioctl+0x115/0x190
[   19.888509][  T386]  __x64_sys_ioctl+0x7b/0x90
[   19.893082][  T386]  do_syscall_64+0x34/0x70
[   19.897593][  T386]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   19.903470][  T386] RIP: 0033:0x7f8986c353e9
[   19.907867][  T386] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   19.927453][  T386] RSP: 002b:00007ffca4a1dde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   19.935840][  T386] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f8986c353e9
[   19.943781][  T386] RDX: 0000000020000200 RSI: 00000000c0c0583b RDI: 0000000000000004
[   19.951723][  T386] RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d
[   19.959688][  T386] R10: 00000000000003f1 R11: 0000000000000246 R12: 00007f8986bf45c0
[   19.967684][  T386] R13: 00007ffca4a1de10 R14: 00007ffca4a1ddfc R15: 00007ffca4a1de00
[   19.975629][  T386] Modules linked in:
[   19.979551][  T391] invalid opcode: 0000 [#2] PREEMPT SMP KASAN
[   19.983290][  T386] ---[ end trace e37d997476fbb1ed ]---
[   19.985613][  T391] CPU: 0 PID: 391 Comm: syz-executor386 Tainted: G      D           5.10.153-syzkaller-00570-g673a7341bdab #0
[   19.991055][  T386] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0
[   20.002634][  T391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   20.002647][  T391] RIP: 0010:ext4_mb_load_buddy_gfp+0xe54/0xec0
[   20.002656][  T391] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83
[   20.002661][  T391] RSP: 0018:ffffc90000cb71f8 EFLAGS: 00010293
[   20.002671][  T391] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff888101d962c0
[   20.002684][  T391] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   20.009021][  T386] Code: ff e8 a0 1a c8 ff e9 c8 f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 14 f4 ff ff e8 a6 1a c8 ff e9 0a f4 ff ff e8 9c f5 8d ff <0f> 0b e8 95 f5 8d ff 4c 89 ef e8 dd 64 cd ff e9 34 fc ff ff e8 83
[   20.018832][  T391] RBP: ffffc90000cb7290 R08: ffffffff81dee0ac R09: ffffc90000cb7320
[   20.018838][  T391] R10: fffff52000196e6b R11: 1ffff92000196e64 R12: 1ffff1102142f879
[   20.018844][  T391] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000
[   20.018852][  T391] FS:  0000555555962300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   20.018865][  T391] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   20.025754][  T386] RSP: 0018:ffffc90000c471f8 EFLAGS: 00010293
[   20.044660][  T391] CR2: 00007f8986ca7138 CR3: 00000001041fc000 CR4: 00000000003506b0
[   20.044669][  T391] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   20.044675][  T391] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   20.044678][  T391] Call Trace:
[   20.044699][  T391]  ext4_mballoc_query_range+0xb8/0x7a0
[   20.044711][  T391]  ? ext4_getfsmap_dev_compare+0x80/0x80
[   20.044730][  T391]  ? ext4_trim_all_free+0xb80/0xb80
[   20.051003][  T386] 
[   20.058732][  T391]  ? kmem_cache_alloc_trace+0x1dd/0x330
[   20.058743][  T391]  ext4_getfsmap_datadev+0x1b7f/0x2710
[   20.058754][  T391]  ? sort_r+0x1387/0x13a0
[   20.058770][  T391]  ? ext4_getfsmap+0x10c0/0x10c0
[   20.067444][  T386] RAX: ffffffff81deee24 RBX: 0000000000000001 RCX: ffff8881067f3b40
[   20.086309][  T391]  ? ext4_getfsmap+0x10c0/0x10c0
[   20.086318][  T391]  ? ext4_getfsmap+0xb97/0x10c0
[   20.086326][  T391]  ? ext4_getfsmap+0x10c0/0x10c0
[   20.086342][  T391]  ext4_getfsmap+0xd66/0x10c0
[   20.094833][  T386] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   20.102453][  T391]  ? ext4_fsmap_to_internal+0x260/0x260
[   20.102465][  T391]  ? ext4_getfsmap+0x10c0/0x10c0
[   20.102474][  T391]  ? ext4_shutdown+0x4d0/0x4d0
[   20.102494][  T391]  ? __reset_page_pinner+0x4d0/0x4d0
[   20.110675][  T386] RBP: ffffc90000c47290 R08: ffffffff81dee0ac R09: ffffc90000c47320
[   20.119431][  T391]  ? ext4_fsmap_to_internal+0x25/0x260
[   20.119441][  T391]  ext4_ioctl+0x35bd/0x6330
[   20.119460][  T391]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[   20.126480][  T386] R10: fffff52000188e6b R11: 1ffff92000188e64 R12: 1ffff1102142f879
[   20.132076][  T391]  ? avc_has_extended_perms+0x731/0x1270
[   20.140770][  T386] R13: ffff88810a179000 R14: 0000000000000001 R15: dffffc0000000000
[   20.148402][  T391]  ? memcpy+0x56/0x70
[   20.148413][  T391]  ? ext4_has_metadata_csum+0x1f0/0x1f0
[   20.148429][  T391]  ? avc_has_extended_perms+0xb66/0x1270
[   20.156607][  T386] FS:  0000555555962300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   20.159636][  T391]  ? avc_ss_reset+0x290/0x290
[   20.165226][  T386] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   20.170664][  T391]  ? __kasan_check_write+0x14/0x20
[   20.175990][  T386] CR2: 00005555559625d0 CR3: 000000011e60c000 CR4: 00000000003506a0
[   20.178132][  T391]  ? __switch_to+0x5e4/0x1220
[   20.183797][  T386] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   20.189079][  T391]  ? ioctl_has_perm+0x3da/0x560
[   20.193539][  T386] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   20.198297][  T391]  ? __x32_compat_sys_ioctl+0x90/0x90
[   20.206394][  T386] Kernel panic - not syncing: Fatal exception
[   20.211157][  T391]  ? has_cap_mac_admin+0xb0/0xb0
[   20.392927][  T391]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   20.398026][  T391]  ? __kasan_check_write+0x14/0x20
[   20.403115][  T391]  ? _raw_spin_lock_irq+0xa4/0x1b0
[   20.408207][  T391]  ? cgroup_update_frozen+0x155/0x320
[   20.413554][  T391]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.418729][  T391]  ? selinux_file_ioctl+0x3c9/0x530
[   20.423914][  T391]  ? ptrace_stop+0x6ff/0x9f0
[   20.428492][  T391]  ? selinux_file_alloc_security+0x120/0x120
[   20.434459][  T391]  ? _raw_spin_unlock_irq+0x4e/0x70
[   20.439653][  T391]  ? ptrace_notify+0x248/0x340
[   20.444497][  T391]  ? do_notify_parent+0xa40/0xa40
[   20.449504][  T391]  ? security_file_ioctl+0xb1/0xd0
[   20.454598][  T391]  ? ext4_has_metadata_csum+0x1f0/0x1f0
[   20.460151][  T391]  __se_sys_ioctl+0x115/0x190
[   20.464809][  T391]  __x64_sys_ioctl+0x7b/0x90
[   20.469381][  T391]  do_syscall_64+0x34/0x70
[   20.473782][  T391]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   20.479658][  T391] RIP: 0033:0x7f8986c353e9
[   20.484066][  T391] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   20.503659][  T391] RSP: 002b:00007ffca4a1dde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   20.512061][  T391] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f8986c353e9
[   20.520016][  T391] RDX: 0000000020000200 RSI: 00000000c0c0583b RDI: 0000000000000004
[   20.527973][  T391] RBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d
[   20.536046][  T391] R10: 00000000000003f1 R11: 0000000000000246 R12: 00007f8986bf45c0
[   20.544005][  T391] R13: 00007ffca4a1de10 R14: 00007ffca4a1ddfc R15: 00007ffca4a1de00
[   20.551964][  T391] Modules linked in:
[   20.556019][  T386] Kernel Offset: disabled
[   20.560338][  T386] Rebooting in 86400 seconds..