./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1946285468 <...> Warning: Permanently added '10.128.0.22' (ED25519) to the list of known hosts. execve("./syz-executor1946285468", ["./syz-executor1946285468"], 0x7ffc38c99d80 /* 10 vars */) = 0 brk(NULL) = 0x55555f19e000 brk(0x55555f19ed00) = 0x55555f19ed00 arch_prctl(ARCH_SET_FS, 0x55555f19e380) = 0 set_tid_address(0x55555f19e650) = 5869 set_robust_list(0x55555f19e660, 24) = 0 rseq(0x55555f19eca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1946285468", 4096) = 28 getrandom("\xfd\xb1\xe9\xa4\x18\xf0\x66\xe7", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555f19ed00 brk(0x55555f1bfd00) = 0x55555f1bfd00 brk(0x55555f1c0000) = 0x55555f1c0000 mprotect(0x7f2058b46000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5870 attached [pid 5870] set_robust_list(0x55555f19e660, 24 [pid 5869] <... clone resumed>, child_tidptr=0x55555f19e650) = 5870 [pid 5870] <... set_robust_list resumed>) = 0 [pid 5869] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5870] mkdir("./syzkaller.EAfHwW", 0700./strace-static-x86_64: Process 5871 attached [pid 5869] <... clone resumed>, child_tidptr=0x55555f19e650) = 5871 [pid 5871] set_robust_list(0x55555f19e660, 24) = 0 [pid 5871] mkdir("./syzkaller.irMO81", 0700 [pid 5870] <... mkdir resumed>) = 0 [pid 5869] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5870] chmod("./syzkaller.EAfHwW", 0777 [pid 5871] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5872 attached [pid 5870] <... chmod resumed>) = 0 [pid 5869] <... clone resumed>, child_tidptr=0x55555f19e650) = 5872 [pid 5869] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5872] set_robust_list(0x55555f19e660, 24 [pid 5871] chmod("./syzkaller.irMO81", 0777 [pid 5870] chdir("./syzkaller.EAfHwW") = 0 [pid 5872] <... set_robust_list resumed>) = 0 [pid 5870] mkdir("./0", 0777 [pid 5872] mkdir("./syzkaller.r3Gv2j", 0700 [pid 5871] <... chmod resumed>) = 0 [pid 5870] <... mkdir resumed>) = 0 [pid 5870] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5873 attached [pid 5872] <... mkdir resumed>) = 0 [pid 5871] chdir("./syzkaller.irMO81" [pid 5869] <... clone resumed>, child_tidptr=0x55555f19e650) = 5873 [pid 5872] chmod("./syzkaller.r3Gv2j", 0777 [pid 5870] <... openat resumed>) = 3 [pid 5869] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5873] set_robust_list(0x55555f19e660, 24 [pid 5872] <... chmod resumed>) = 0 [pid 5871] <... chdir resumed>) = 0 [pid 5870] ioctl(3, LOOP_CLR_FD [pid 5873] <... set_robust_list resumed>) = 0 [pid 5872] chdir("./syzkaller.r3Gv2j" [pid 5871] mkdir("./0", 0777 [pid 5873] mkdir("./syzkaller.v6G89K", 0700./strace-static-x86_64: Process 5874 attached [pid 5872] <... chdir resumed>) = 0 [pid 5874] set_robust_list(0x55555f19e660, 24 [pid 5872] mkdir("./0", 0777 [pid 5869] <... clone resumed>, child_tidptr=0x55555f19e650) = 5874 [pid 5874] <... set_robust_list resumed>) = 0 [pid 5873] <... mkdir resumed>) = 0 [pid 5872] <... mkdir resumed>) = 0 [pid 5870] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5874] mkdir("./syzkaller.hrEia8", 0700 [pid 5871] <... mkdir resumed>) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5870] close(3 [pid 5874] <... mkdir resumed>) = 0 [pid 5873] chmod("./syzkaller.v6G89K", 0777 [pid 5872] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5870] <... close resumed>) = 0 [pid 5873] <... chmod resumed>) = 0 [pid 5874] chmod("./syzkaller.hrEia8", 0777 [pid 5872] <... openat resumed>) = 3 [pid 5871] <... openat resumed>) = 3 [pid 5870] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5871] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5875 attached [pid 5874] <... chmod resumed>) = 0 [pid 5873] chdir("./syzkaller.v6G89K" [pid 5872] ioctl(3, LOOP_CLR_FD [pid 5871] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5873] <... chdir resumed>) = 0 [pid 5874] chdir("./syzkaller.hrEia8" [pid 5872] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5873] mkdir("./0", 0777 [pid 5875] set_robust_list(0x55555f19e660, 24) = 0 [pid 5875] chdir("./0" [pid 5871] close(3) = 0 [pid 5875] <... chdir resumed>) = 0 [pid 5874] <... chdir resumed>) = 0 [pid 5873] <... mkdir resumed>) = 0 [pid 5871] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 5872] close(3./strace-static-x86_64: Process 5877 attached [pid 5874] mkdir("./0", 0777 [pid 5873] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5870] <... clone resumed>, child_tidptr=0x55555f19e650) = 5875 [pid 5872] <... close resumed>) = 0 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5877] set_robust_list(0x55555f19e660, 24 [pid 5875] setpgid(0, 0 [pid 5877] <... set_robust_list resumed>) = 0 [pid 5875] <... setpgid resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5874] <... mkdir resumed>) = 0 [pid 5872] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5873] <... openat resumed>) = 3 [pid 5877] chdir("./0") = 0 [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5875] write(3, "1000", 4 [pid 5877] <... prctl resumed>) = 0 [pid 5875] <... write resumed>) = 4 [pid 5877] setpgid(0, 0 [pid 5875] close(3 [pid 5871] <... clone resumed>, child_tidptr=0x55555f19e650) = 5877 [pid 5877] <... setpgid resumed>) = 0 [pid 5875] <... close resumed>) = 0 [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5875] symlink("/dev/binderfs", "./binderfs" [pid 5877] <... openat resumed>) = 3 [pid 5875] <... symlink resumed>) = 0 [pid 5877] write(3, "1000", 4) = 4 [pid 5877] close(3) = 0 [pid 5877] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5875] write(1, "executing program\n", 18) = 18 executing program [pid 5875] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5878 attached [pid 5877] write(1, "executing program\n", 18 [pid 5874] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5873] ioctl(3, LOOP_CLR_FD [pid 5878] set_robust_list(0x55555f19e660, 24) = 0 [pid 5878] chdir("./0" [pid 5877] <... write resumed>) = 18 [pid 5874] <... openat resumed>) = 3 [pid 5873] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5872] <... clone resumed>, child_tidptr=0x55555f19e650) = 5878 [pid 5878] <... chdir resumed>) = 0 [pid 5877] memfd_create("syzkaller", 0 [pid 5875] <... memfd_create resumed>) = 3 [pid 5874] ioctl(3, LOOP_CLR_FD [pid 5873] close(3 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5877] <... memfd_create resumed>) = 3 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5878] <... prctl resumed>) = 0 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5875] <... mmap resumed>) = 0x7f2050600000 [pid 5874] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5873] <... close resumed>) = 0 [pid 5878] setpgid(0, 0) = 0 [pid 5877] <... mmap resumed>) = 0x7f2050600000 [pid 5874] close(3 [pid 5873] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5874] <... close resumed>) = 0 ./strace-static-x86_64: Process 5879 attached [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5874] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5879] set_robust_list(0x55555f19e660, 24 [pid 5878] <... openat resumed>) = 3 [pid 5878] write(3, "1000", 4) = 4 [pid 5878] close(3) = 0 [pid 5878] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5880 attached [pid 5879] <... set_robust_list resumed>) = 0 [pid 5878] <... symlink resumed>) = 0 executing program [pid 5873] <... clone resumed>, child_tidptr=0x55555f19e650) = 5879 [pid 5880] set_robust_list(0x55555f19e660, 24 [pid 5879] chdir("./0" [pid 5878] write(1, "executing program\n", 18 [pid 5879] <... chdir resumed>) = 0 [pid 5880] <... set_robust_list resumed>) = 0 [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5874] <... clone resumed>, child_tidptr=0x55555f19e650) = 5880 [pid 5879] <... prctl resumed>) = 0 [pid 5878] <... write resumed>) = 18 [pid 5880] chdir("./0" [pid 5879] setpgid(0, 0 [pid 5878] memfd_create("syzkaller", 0 [pid 5880] <... chdir resumed>) = 0 [pid 5879] <... setpgid resumed>) = 0 [pid 5878] <... memfd_create resumed>) = 3 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5880] <... prctl resumed>) = 0 [pid 5878] <... mmap resumed>) = 0x7f2050600000 [pid 5879] <... openat resumed>) = 3 [pid 5880] setpgid(0, 0 [pid 5879] write(3, "1000", 4 [pid 5880] <... setpgid resumed>) = 0 [pid 5879] <... write resumed>) = 4 [pid 5879] close(3) = 0 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5879] symlink("/dev/binderfs", "./binderfs"executing program [pid 5880] <... openat resumed>) = 3 [pid 5879] <... symlink resumed>) = 0 [pid 5880] write(3, "1000", 4) = 4 [pid 5879] write(1, "executing program\n", 18 [pid 5880] close(3 [pid 5879] <... write resumed>) = 18 [pid 5880] <... close resumed>) = 0 [pid 5879] memfd_create("syzkaller", 0 [pid 5880] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5879] <... memfd_create resumed>) = 3 [pid 5880] write(1, "executing program\n", 18 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2050600000 executing program [pid 5880] <... write resumed>) = 18 [pid 5880] memfd_create("syzkaller", 0) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2050600000 [pid 5880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5875] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5878] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5879] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5880] <... write resumed>) = 16777216 [pid 5880] munmap(0x7f2050600000, 138412032) = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5877] <... write resumed>) = 16777216 [pid 5880] <... openat resumed>) = 4 [pid 5877] munmap(0x7f2050600000, 138412032 [pid 5880] ioctl(4, LOOP_SET_FD, 3 [pid 5875] <... write resumed>) = 16777216 [pid 5875] munmap(0x7f2050600000, 138412032 [pid 5880] <... ioctl resumed>) = 0 [pid 5880] close(3) = 0 [pid 5877] <... munmap resumed>) = 0 [pid 5880] close(4) = 0 [pid 5880] mkdir("./file1", 0777 [pid 5877] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5880] <... mkdir resumed>) = 0 [pid 5877] <... openat resumed>) = 4 [pid 5880] mount("/dev/loop4", "./file1", "jfs", MS_NODIRATIME|MS_SILENT, "nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity" [pid 5877] ioctl(4, LOOP_SET_FD, 3 [pid 5878] <... write resumed>) = 16777216 [pid 5879] <... write resumed>) = 16777216 [pid 5875] <... munmap resumed>) = 0 [pid 5878] munmap(0x7f2050600000, 138412032 [pid 5879] munmap(0x7f2050600000, 138412032 [pid 5877] <... ioctl resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 90.556566][ T5880] loop4: detected capacity change from 0 to 32768 [ 90.583404][ T5877] loop1: detected capacity change from 0 to 32768 [pid 5875] ioctl(4, LOOP_SET_FD, 3 [pid 5880] <... mount resumed>) = 0 [pid 5877] close(3) = 0 [pid 5880] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5877] close(4 [pid 5880] <... openat resumed>) = 3 [pid 5879] <... munmap resumed>) = 0 [pid 5877] <... close resumed>) = 0 [pid 5877] mkdir("./file1", 0777) = 0 [pid 5880] chdir("./file1") = 0 [pid 5879] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5877] mount("/dev/loop1", "./file1", "jfs", MS_NODIRATIME|MS_SILENT, "nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity" [pid 5875] <... ioctl resumed>) = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5878] <... munmap resumed>) = 0 [pid 5877] <... mount resumed>) = 0 [pid 5877] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5880] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5878] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5875] close(3 [pid 5880] exit_group(0 [pid 5878] <... openat resumed>) = 4 [ 90.608501][ T5875] loop0: detected capacity change from 0 to 32768 [pid 5875] <... close resumed>) = 0 [pid 5878] ioctl(4, LOOP_SET_FD, 3 [pid 5875] close(4 [pid 5877] <... openat resumed>) = 3 [pid 5880] <... exit_group resumed>) = ? [pid 5875] <... close resumed>) = 0 [pid 5877] chdir("./file1") = 0 [pid 5879] <... openat resumed>) = 4 [pid 5875] mkdir("./file1", 0777 [pid 5877] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5875] <... mkdir resumed>) = 0 [pid 5877] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5875] mount("/dev/loop0", "./file1", "jfs", MS_NODIRATIME|MS_SILENT, "nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity" [pid 5880] +++ exited with 0 +++ [pid 5879] ioctl(4, LOOP_SET_FD, 3 [pid 5877] exit_group(0) = ? [pid 5874] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=31 /* 0.31 s */} --- [pid 5874] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5874] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5877] +++ exited with 0 +++ [pid 5874] <... openat resumed>) = 3 [pid 5874] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5871] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=24 /* 0.24 s */} --- [pid 5874] getdents64(3, [pid 5871] restart_syscall(<... resuming interrupted clone ...> [pid 5874] <... getdents64 resumed>0x55555f19f6f0 /* 4 entries */, 32768) = 112 [pid 5874] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] <... ioctl resumed>) = 0 [pid 5878] close(3) = 0 [pid 5878] close(4) = 0 [pid 5878] mkdir("./file1", 0777) = 0 [pid 5878] mount("/dev/loop2", "./file1", "jfs", MS_NODIRATIME|MS_SILENT, "nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity" [pid 5871] <... restart_syscall resumed>) = 0 [pid 5879] <... ioctl resumed>) = 0 [pid 5871] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] close(3) = 0 [pid 5871] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5879] close(4) = 0 [pid 5871] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5879] mkdir("./file1", 0777 [pid 5871] <... openat resumed>) = 3 [pid 5871] newfstatat(3, "", [pid 5879] <... mkdir resumed>) = 0 [pid 5871] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5879] mount("/dev/loop3", "./file1", "jfs", MS_NODIRATIME|MS_SILENT, "nodiscard,quota,iocharset=cp950,grpquota,quota,noquota,nointegrity" [pid 5878] <... mount resumed>) = 0 [pid 5875] <... mount resumed>) = 0 [pid 5871] getdents64(3, [pid 5875] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5871] <... getdents64 resumed>0x55555f19f6f0 /* 4 entries */, 32768) = 112 [pid 5875] chdir("./file1") = 0 [pid 5871] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5878] <... openat resumed>) = 3 [pid 5875] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5878] chdir("./file1" [pid 5875] exit_group(0 [pid 5878] <... chdir resumed>) = 0 [pid 5875] <... exit_group resumed>) = ? [pid 5878] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5875] +++ exited with 0 +++ [pid 5878] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5878] exit_group(0) = ? [pid 5870] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} --- [pid 5870] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 90.661074][ T5878] loop2: detected capacity change from 0 to 32768 [ 90.683433][ T5879] loop3: detected capacity change from 0 to 32768 [pid 5870] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5870] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5870] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5870] getdents64(3, 0x55555f19f6f0 /* 4 entries */, 32768) = 112 [pid 5870] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] <... umount2 resumed>) = 0 [pid 5874] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5874] newfstatat(AT_FDCWD, "./0/file1", [pid 5878] +++ exited with 0 +++ [pid 5872] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=30 /* 0.30 s */} --- [pid 5872] restart_syscall(<... resuming interrupted clone ...> [pid 5874] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5874] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] <... mount resumed>) = 0 [pid 5874] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5879] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5872] <... restart_syscall resumed>) = 0 [pid 5872] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5872] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5879] <... openat resumed>) = 3 [pid 5872] <... openat resumed>) = 3 [pid 5872] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5872] getdents64(3, 0x55555f19f6f0 /* 4 entries */, 32768) = 112 [pid 5872] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] chdir("./file1") = 0 [pid 5879] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5874] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5879] exit_group(0 [pid 5874] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5874] getdents64(4, [pid 5879] <... exit_group resumed>) = ? [pid 5879] +++ exited with 0 +++ [pid 5874] <... getdents64 resumed>0x55555f1a7730 /* 2 entries */, 32768) = 48 [pid 5873] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=27 /* 0.27 s */} --- [pid 5873] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5873] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5873] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5873] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5873] getdents64(3, 0x55555f19f6f0 /* 4 entries */, 32768) = 112 [ 90.768893][ T5870] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN PTI [ 90.781026][ T5870] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 90.789497][ T5870] CPU: 0 UID: 0 PID: 5870 Comm: syz-executor194 Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) [ 90.801156][ T5870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 90.811241][ T5870] RIP: 0010:lmLogSync+0x22e/0x9d0 [ 90.816304][ T5870] Code: f7 b4 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 80 ef e1 fe 4d 8b 3f 49 83 c7 30 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 64 ef e1 fe 49 8b 3f e8 cc f6 b4 fe [ 90.836181][ T5870] RSP: 0018:ffffc90003e8fa80 EFLAGS: 00010206 [ 90.842265][ T5870] RAX: 0000000000000006 RBX: dffffc0000000000 RCX: ffff888032461e00 [ 90.850241][ T5870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.858248][ T5870] RBP: ffffc90003e8fb88 R08: ffffc90003e8f9cf R09: 0000000000000000 [ 90.866360][ T5870] R10: ffffc90003e8f868 R11: fffff520007d1f3a R12: ffff888027c5e000 [ 90.874397][ T5870] R13: dffffc0000000000 R14: ffff888025011c38 R15: 0000000000000030 [ 90.882376][ T5870] FS: 000055555f19e380(0000) GS:ffff888125c15000(0000) knlGS:0000000000000000 [ 90.891431][ T5870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.898046][ T5870] CR2: 0000559e06196048 CR3: 000000007441c000 CR4: 00000000003526f0 [ 90.906024][ T5870] Call Trace: [ 90.909390][ T5870] [ 90.912417][ T5870] ? __pfx___mutex_lock+0x10/0x10 [ 90.917467][ T5870] ? __pfx_lmLogSync+0x10/0x10 [ 90.922323][ T5870] ? __pfx_dquot_writeback_dquots+0x10/0x10 [ 90.928219][ T5870] ? __pfx___writeback_inodes_sb_nr+0x10/0x10 [ 90.934377][ T5870] jfs_syncpt+0x7b/0x90 [ 90.938623][ T5870] jfs_sync_fs+0x87/0xa0 [ 90.942870][ T5870] sync_filesystem+0xee/0x230 [ 90.947548][ T5870] generic_shutdown_super+0x6f/0x2c0 [ 90.952843][ T5870] kill_block_super+0x44/0x90 [ 90.957548][ T5870] deactivate_locked_super+0xb9/0x130 [ 90.962922][ T5870] cleanup_mnt+0x425/0x4c0 [ 90.967364][ T5870] ? lockdep_hardirqs_on+0x9c/0x150 [ 90.972656][ T5870] task_work_run+0x1d1/0x260 [ 90.977251][ T5870] ? __pfx_task_work_run+0x10/0x10 [ 90.982370][ T5870] ? path_umount+0x1ea/0xb70 [ 90.986970][ T5870] ptrace_notify+0x281/0x2c0 [ 90.991561][ T5870] ? __pfx_ptrace_notify+0x10/0x10 [ 90.996671][ T5870] ? __x64_sys_umount+0x122/0x160 [ 91.001792][ T5870] ? __pfx___x64_sys_umount+0x10/0x10 [ 91.007169][ T5870] syscall_exit_work+0xc6/0x1d0 [ 91.012026][ T5870] do_syscall_64+0x2ad/0x3b0 [ 91.016623][ T5870] ? lockdep_hardirqs_on+0x9c/0x150 [ 91.021835][ T5870] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.027917][ T5870] ? clear_bhb_loop+0x60/0xb0 [ 91.032594][ T5870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.038487][ T5870] RIP: 0033:0x7f2058acd5b7 [ 91.042906][ T5870] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 [ 91.062525][ T5870] RSP: 002b:00007fffb2021d18 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6 [ 91.071028][ T5870] RAX: 0000000000000000 RBX: 0000000000015e2d RCX: 00007f2058acd5b7 [ 91.079361][ T5870] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb2021dd0 [ 91.087339][ T5870] RBP: 00007fffb2021dd0 R08: 0000000000000000 R09: 0000000000000000 [ 91.095399][ T5870] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007fffb2022e40 [ 91.103454][ T5870] R13: 000055555f19f6c0 R14: 0000000000000001 R15: 431bde82d7b634db [ 91.111460][ T5870] [ 91.114481][ T5870] Modules linked in: [pid 5873] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] getdents64(4, 0x55555f1a7730 /* 0 entries */, 32768) = 0 [pid 5874] close(4) = 0 [ 91.118639][ T5870] ---[ end trace 0000000000000000 ]--- [pid 5874] rmdir("./0/file1") = 0 [pid 5874] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5874] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 91.161089][ T5870] RIP: 0010:lmLogSync+0x22e/0x9d0 [ 91.169045][ T5870] Code: f7 b4 fe 4d 8d 7e f0 4c 89 f8 48 c1 e8 03 80 3c 18 00 74 08 4c 89 ff e8 80 ef e1 fe 4d 8b 3f 49 83 c7 30 4c 89 f8 48 c1 e8 03 <80> 3c 18 00 74 08 4c 89 ff e8 64 ef e1 fe 49 8b 3f e8 cc f6 b4 fe [ 91.189719][ T5870] RSP: 0018:ffffc90003e8fa80 EFLAGS: 00010206 [ 91.196813][ T5870] RAX: 0000000000000006 RBX: dffffc0000000000 RCX: ffff888032461e00 [pid 5874] unlink("./0/binderfs") = 0 [pid 5874] getdents64(3, 0x55555f19f6f0 /* 0 entries */, 32768) = 0 [pid 5874] close(3) = 0 [pid 5874] rmdir("./0") = 0 [pid 5874] mkdir("./1", 0777) = 0 [ 91.205853][ T5870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.213951][ T5870] RBP: ffffc90003e8fb88 R08: ffffc90003e8f9cf R09: 0000000000000000 [ 91.223834][ T5870] R10: ffffc90003e8f868 R11: fffff520007d1f3a R12: ffff888027c5e000 [ 91.232680][ T5870] R13: dffffc0000000000 R14: ffff888025011c38 R15: 0000000000000030 [ 91.242067][ T5870] FS: 000055555f19e380(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000 [ 91.252278][ T5870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [pid 5874] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5874] ioctl(3, LOOP_CLR_FD) = 0 [ 91.259514][ T5870] CR2: 0000559e34361a58 CR3: 000000007441c000 CR4: 00000000003526f0 [ 91.269251][ T5870] Kernel panic - not syncing: Fatal exception [ 91.275657][ T5870] Kernel Offset: disabled [ 91.279987][ T5870] Rebooting in 86400 seconds..