./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2112712976

<...>
Warning: Permanently added '10.128.1.14' (ED25519) to the list of known hosts.
execve("./syz-executor2112712976", ["./syz-executor2112712976"], 0x7fffd99c1670 /* 10 vars */) = 0
brk(NULL)                               = 0x55557b4cd000
brk(0x55557b4cdd00)                     = 0x55557b4cdd00
arch_prctl(ARCH_SET_FS, 0x55557b4cd380) = 0
set_tid_address(0x55557b4cd650)         = 297
set_robust_list(0x55557b4cd660, 24)     = 0
rseq(0x55557b4cdca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2112712976", 4096) = 28
getrandom("\xc4\x16\xb9\xd9\xb7\xcf\x5a\xca", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55557b4cdd00
brk(0x55557b4eed00)                     = 0x55557b4eed00
brk(0x55557b4ef000)                     = 0x55557b4ef000
mprotect(0x7f87e9679000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557b4cd650) = 298
./strace-static-x86_64: Process 298 attached
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   298] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   297] <... clone resumed>, child_tidptr=0x55557b4cd650) = 299
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 299 attached
./strace-static-x86_64: Process 300 attached
 <unfinished ...>
[pid   298] <... set_robust_list resumed>) = 0
[pid   297] <... clone resumed>, child_tidptr=0x55557b4cd650) = 300
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557b4cd650) = 301
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   300] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   299] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   298] mkdir("./syzkaller.ZBCgZH", 0700./strace-static-x86_64: Process 302 attached
 <unfinished ...>
[pid   297] <... clone resumed>, child_tidptr=0x55557b4cd650) = 302
./strace-static-x86_64: Process 301 attached
[pid   299] <... set_robust_list resumed>) = 0
[pid   301] set_robust_list(0x55557b4cd660, 24) = 0
[pid   301] mkdir("./syzkaller.agpvWN", 0700 <unfinished ...>
[pid   298] <... mkdir resumed>)        = 0
[pid   299] mkdir("./syzkaller.TEB4nA", 0700 <unfinished ...>
[pid   301] <... mkdir resumed>)        = 0
[pid   301] chmod("./syzkaller.agpvWN", 0777) = 0
[pid   301] chdir("./syzkaller.agpvWN") = 0
[pid   301] mkdir("./0", 0777 <unfinished ...>
[pid   299] <... mkdir resumed>)        = 0
[pid   299] chmod("./syzkaller.TEB4nA", 0777 <unfinished ...>
[pid   298] chmod("./syzkaller.ZBCgZH", 0777 <unfinished ...>
[pid   302] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   300] <... set_robust_list resumed>) = 0
[pid   301] <... mkdir resumed>)        = 0
[   29.281562][   T30] audit: type=1400 audit(1737423617.818:66): avc:  denied  { execmem } for  pid=297 comm="syz-executor211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid   301] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program
 <unfinished ...>
[pid   299] <... chmod resumed>)        = 0
[pid   298] <... chmod resumed>)        = 0
[pid   301] <... openat resumed>)       = 3
[pid   301] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   301] close(3)                    = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557b4cd650) = 304
./strace-static-x86_64: Process 304 attached
[pid   304] set_robust_list(0x55557b4cd660, 24) = 0
[pid   304] chdir("./0")                = 0
[pid   304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   304] setpgid(0, 0)               = 0
[pid   304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   304] write(3, "1000", 4)         = 4
[pid   304] close(3)                    = 0
[pid   304] symlink("/dev/binderfs", "./binderfs") = 0
[pid   304] write(1, "executing program\n", 18) = 18
[pid   304] memfd_create("syzkaller", 0) = 3
[pid   304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f87e11c5000
[pid   304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536) = 65536
[pid   304] munmap(0x7f87e11c5000, 138412032) = 0
[pid   304] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid   304] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   300] mkdir("./syzkaller.3et5na", 0700 <unfinished ...>
[pid   299] chdir("./syzkaller.TEB4nA" <unfinished ...>
[pid   298] chdir("./syzkaller.ZBCgZH" <unfinished ...>
[pid   302] <... set_robust_list resumed>) = 0
[pid   302] mkdir("./syzkaller.huJ71H", 0700) = 0
[pid   302] chmod("./syzkaller.huJ71H", 0777) = 0
[pid   302] chdir("./syzkaller.huJ71H") = 0
[pid   302] mkdir("./0", 0777)          = 0
[pid   302] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3
[pid   302] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[   29.323491][   T30] audit: type=1400 audit(1737423617.868:67): avc:  denied  { read write } for  pid=301 comm="syz-executor211" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   29.341403][  T304] loop3: detected capacity change from 0 to 128
[pid   302] close(3)                    = 0
[pid   302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557b4cd650) = 305
[pid   304] <... ioctl resumed>)        = 0
[pid   304] close(3)                    = 0
[pid   304] close(4 <unfinished ...>
[pid   300] <... mkdir resumed>)        = 0
[pid   299] <... chdir resumed>)        = 0
[pid   298] <... chdir resumed>)        = 0
[pid   300] chmod("./syzkaller.3et5na", 0777./strace-static-x86_64: Process 305 attached
) = 0
[pid   299] mkdir("./0", 0777 <unfinished ...>
[pid   298] mkdir("./0", 0777 <unfinished ...>
[pid   305] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   300] chdir("./syzkaller.3et5na" <unfinished ...>
[pid   299] <... mkdir resumed>)        = 0
[pid   298] <... mkdir resumed>)        = 0
[pid   300] <... chdir resumed>)        = 0
[pid   305] <... set_robust_list resumed>) = 0
[pid   299] openat(AT_FDCWD, "/dev/loop1", O_RDWR <unfinished ...>
[pid   298] openat(AT_FDCWD, "/dev/loop0", O_RDWR <unfinished ...>
[pid   300] mkdir("./0", 0777 <unfinished ...>
[pid   305] chdir("./0" <unfinished ...>
[pid   299] <... openat resumed>)       = 3
[pid   298] <... openat resumed>)       = 3
[pid   305] <... chdir resumed>)        = 0
[pid   305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   305] setpgid(0, 0 <unfinished ...>
[pid   300] <... mkdir resumed>)        = 0
[pid   299] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   298] ioctl(3, LOOP_CLR_FD <unfinished ...>
[pid   305] <... setpgid resumed>)      = 0
[pid   300] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3
[pid   300] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[pid   300] close(3executing program
 <unfinished ...>
[pid   305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   300] <... close resumed>)        = 0
[pid   299] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   298] <... ioctl resumed>)        = -1 ENXIO (No such device or address)
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557b4cd650) = 306
./strace-static-x86_64: Process 306 attached
[pid   306] set_robust_list(0x55557b4cd660, 24) = 0
[pid   306] chdir("./0")                = 0
[pid   306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   306] setpgid(0, 0)               = 0
[pid   306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   306] write(3, "1000", 4)         = 4
[pid   306] close(3)                    = 0
[pid   306] symlink("/dev/binderfs", "./binderfs") = 0
[pid   306] write(1, "executing program\n", 18) = 18
[pid   306] memfd_create("syzkaller", 0 <unfinished ...>
[pid   299] close(3 <unfinished ...>
[pid   298] close(3 <unfinished ...>
[pid   306] <... memfd_create resumed>) = 3
[pid   305] <... openat resumed>)       = 3
[pid   298] <... close resumed>)        = 0
[pid   299] <... close resumed>)        = 0
[pid   305] write(3, "1000", 4 <unfinished ...>
[pid   306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f87e11c5000
[   29.360166][   T30] audit: type=1400 audit(1737423617.868:68): avc:  denied  { open } for  pid=301 comm="syz-executor211" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   29.397858][   T30] audit: type=1400 audit(1737423617.868:69): avc:  denied  { ioctl } for  pid=301 comm="syz-executor211" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   305] <... write resumed>)        = 4
[pid   299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536) = 65536
[pid   306] munmap(0x7f87e11c5000, 138412032) = 0
[pid   306] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   306] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   305] close(3)                    = 0
[pid   299] <... clone resumed>, child_tidptr=0x55557b4cd650) = 308
[pid   298] <... clone resumed>, child_tidptr=0x55557b4cd650) = 307
[pid   305] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 307 attached
 <unfinished ...>
[pid   307] set_robust_list(0x55557b4cd660, 24) = 0
[pid   307] chdir("./0")                = 0
[pid   307] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   305] <... symlink resumed>)      = 0
[pid   307] <... prctl resumed>)        = 0
[pid   307] setpgid(0, 0)               = 0
[pid   307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   305] write(1, "executing program\n", 18 <unfinished ...>
[pid   307] <... openat resumed>)       = 3
[pid   307] write(3, "1000", 4)         = 4
[pid   307] close(3)                    = 0
[pid   307] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid   305] <... write resumed>)        = 18
[pid   307] write(1, "executing program\n", 18executing program
) = 18
[pid   307] memfd_create("syzkaller", 0) = 3
[pid   307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f87e11c5000
[pid   305] memfd_create("syzkaller", 0) = 3
[pid   305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f87e11c5000
[pid   307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536) = 65536
[pid   307] munmap(0x7f87e11c5000, 138412032) = 0
[pid   307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536 <unfinished ...>
[pid   307] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 308 attached
 <unfinished ...>
[pid   306] <... ioctl resumed>)        = 0
[pid   305] <... write resumed>)        = 65536
[pid   308] set_robust_list(0x55557b4cd660, 24 <unfinished ...>
[pid   306] close(3 <unfinished ...>
[pid   305] munmap(0x7f87e11c5000, 138412032 <unfinished ...>
[pid   304] <... close resumed>)        = 0
[pid   304] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 <unfinished ...>
[pid   308] <... set_robust_list resumed>) = 0
[pid   306] <... close resumed>)        = 0
[pid   305] <... munmap resumed>)       = 0
[pid   304] <... mkdir resumed>)        = 0
[pid   304] mount("/dev/loop3", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   305] openat(AT_FDCWD, "/dev/loop4", O_RDWR <unfinished ...>
[pid   308] chdir("./0" <unfinished ...>
[pid   307] <... ioctl resumed>)        = 0
[pid   306] close(4 <unfinished ...>
[pid   305] <... openat resumed>)       = 4
[   29.437312][  T306] loop2: detected capacity change from 0 to 128
[   29.448110][  T307] loop0: detected capacity change from 0 to 128
[pid   308] <... chdir resumed>)        = 0
[pid   305] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   308] setpgid(0, 0)               = 0
[pid   308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   308] write(3, "1000", 4)         = 4
[pid   308] close(3)                    = 0
[pid   308] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid   308] write(1, "executing program\n", 18) = 18
[pid   308] memfd_create("syzkaller", 0) = 3
[pid   308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f87e11c5000
[pid   308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65536) = 65536
[pid   308] munmap(0x7f87e11c5000, 138412032) = 0
[pid   308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[   29.458223][   T30] audit: type=1400 audit(1737423617.998:70): avc:  denied  { mounton } for  pid=304 comm="syz-executor211" path="/root/syzkaller.agpvWN/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="sda1" ino=1941 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   29.466376][  T305] loop4: detected capacity change from 0 to 128
[   29.514403][  T304] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid   308] ioctl(4, LOOP_SET_FD, 3 <unfinished ...>
[pid   307] close(3)                    = 0
[pid   307] close(4 <unfinished ...>
[pid   308] <... ioctl resumed>)        = 0
[pid   308] close(3)                    = 0
[pid   308] close(4 <unfinished ...>
[pid   305] <... ioctl resumed>)        = 0
[pid   305] close(3)                    = 0
[   29.526460][  T308] loop1: detected capacity change from 0 to 128
[   29.538641][  T304] ext4 filesystem being mounted at /root/syzkaller.agpvWN/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[pid   305] close(4 <unfinished ...>
[pid   306] <... close resumed>)        = 0
[pid   304] <... mount resumed>)        = 0
[pid   306] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777) = 0
[pid   306] mount("/dev/loop2", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   304] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3
[pid   304] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   304] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4
[pid   304] ioctl(4, LOOP_CLR_FD)       = 0
[pid   304] close(4)                    = 0
[pid   304] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4
[pid   304] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid   304] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   304] rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   304] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|FASYNC, 000) = 5
[pid   304] mount("/dev/loop3", "./bus", NULL, MS_BIND, NULL) = 0
[pid   304] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_DIRECT|O_CLOEXEC) = 6
[pid   304] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x20000000
[pid   304] bpf(BPF_PROG_LOAD, 0x20000080, 144) = -1 E2BIG (Argument list too long)
[pid   304] exit_group(0)               = ?
[pid   304] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=7} ---
[pid   301] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   301] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   301] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   301] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   301] getdents64(3, 0x55557b4ce6f0 /* 4 entries */, 32768) = 352
[pid   301] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   301] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   301] unlink("./0/binderfs")      = 0
[pid   301] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   301] newfstatat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   301] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   301] openat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   301] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_EMPTY_PATH) = 0
[   29.541932][   T30] audit: type=1400 audit(1737423618.088:71): avc:  denied  { mount } for  pid=304 comm="syz-executor211" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   29.600811][  T301] ==================================================================
[   29.616624][  T306] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   29.619913][  T301] BUG: KASAN: use-after-free in ext4_htree_fill_tree+0x131b/0x13e0
[   29.633164][  T306] ext4 filesystem being mounted at /root/syzkaller.3et5na/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   29.641536][  T301] Read of size 1 at addr ffff88812496fd1b by task syz-executor211/301
[   29.641557][  T301] 
[   29.641562][  T301] CPU: 0 PID: 301 Comm: syz-executor211 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0
[   29.641579][  T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   29.641598][  T301] Call Trace:
[   29.641605][  T301]  <TASK>
[   29.641611][  T301]  dump_stack_lvl+0x151/0x1c0
[pid   301] getdents64(4,  <unfinished ...>
[pid   306] <... mount resumed>)        = 0
[pid   306] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3
[pid   306] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   306] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4
[pid   306] ioctl(4, LOOP_CLR_FD)       = 0
[pid   306] close(4)                    = 0
[pid   306] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4
[pid   306] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid   306] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   306] rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   306] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|FASYNC, 000) = 5
[pid   306] mount("/dev/loop2", "./bus", NULL, MS_BIND, NULL) = 0
[pid   306] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_DIRECT|O_CLOEXEC) = 6
[pid   306] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x20000000
[pid   306] bpf(BPF_PROG_LOAD, 0x20000080, 144) = -1 E2BIG (Argument list too long)
[pid   306] exit_group(0)               = ?
[pid   306] +++ exited with 0 +++
[   29.679770][   T30] audit: type=1400 audit(1737423618.138:72): avc:  denied  { write } for  pid=304 comm="syz-executor211" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   29.688992][  T301]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.689032][  T301]  ? panic+0x760/0x760
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
[pid   300] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   300] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   300] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   300] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   300] getdents64(3, 0x55557b4ce6f0 /* 4 entries */, 32768) = 352
[pid   300] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   300] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   300] unlink("./0/binderfs")      = 0
[pid   300] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   300] newfstatat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   300] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   300] openat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   300] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_EMPTY_PATH) = 0
[   29.692901][   T30] audit: type=1400 audit(1737423618.138:73): avc:  denied  { add_name } for  pid=304 comm="syz-executor211" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   29.713701][  T301]  print_address_description+0x87/0x3b0
[   29.713735][  T301]  kasan_report+0x179/0x1c0
[   29.713750][  T301]  ? ext4_htree_fill_tree+0x131b/0x13e0
[   29.713767][  T301]  ? ext4_htree_fill_tree+0x131b/0x13e0
[pid   300] getdents64(4, 0x55557b4d6730 /* 7 entries */, 32768) = 1112
[pid   300] umount2("\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   300] newfstatat(AT_FDCWD, "\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", 0x7ffd827ef000, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   300] exit_group(1)               = ?
[pid   300] +++ exited with 1 +++
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=1, si_utime=0, si_stime=5} ---
[   29.725409][   T30] audit: type=1400 audit(1737423618.138:74): avc:  denied  { create } for  pid=304 comm="syz-executor211" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   29.728477][  T301]  __asan_report_load1_noabort+0x14/0x20
[   29.731605][   T30] audit: type=1400 audit(1737423618.138:75): avc:  denied  { write open } for  pid=304 comm="syz-executor211" path="/root/syzkaller.agpvWN/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   29.736917][  T301]  ext4_htree_fill_tree+0x131b/0x13e0
[   29.736937][  T301]  ? ext4_handle_dirty_dirblock+0x6d0/0x6d0
[   29.736954][  T301]  ? __kasan_kmalloc+0x9/0x10
[   29.776318][  T300] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm syz-executor211: Invalid inode table block 14875662660405297151 in block_group 0
[   29.822858][  T301]  ? ext4_readdir+0x523/0x3960
[   29.822893][  T301]  ext4_readdir+0x2f75/0x3960
[   29.822909][  T301]  ? __kasan_check_write+0x14/0x20
[   29.822926][  T301]  ? compat_start_thread+0x20/0x20
[   29.829851][  T300] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   29.835138][  T301]  ? down_read_killable+0x1035/0x1b10
[   29.835170][  T301]  ? down_read_interruptible+0x1bf0/0x1bf0
[   29.835187][  T301]  ? finish_task_switch+0x167/0x7b0
[   29.842078][  T300] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #2: comm syz-executor211: mark_inode_dirty error
[   29.847161][  T301]  ? ext4_dir_llseek+0x540/0x540
[   29.847190][  T301]  ? __schedule+0xcd4/0x1590
[   29.847208][  T301]  ? __kasan_check_read+0x11/0x20
[   29.847227][  T301]  ? security_file_permission+0x86/0xb0
[   30.151137][  T301]  iterate_dir+0x265/0x600
[   30.155736][  T301]  ? ext4_dir_llseek+0x540/0x540
[   30.163781][  T301]  __se_sys_getdents64+0x1c1/0x460
[   30.172426][  T301]  ? __x64_sys_getdents64+0x90/0x90
[   30.177787][  T301]  ? filldir+0x680/0x680
[   30.185259][  T301]  __x64_sys_getdents64+0x7b/0x90
[   30.191797][  T301]  x64_sys_call+0x5ae/0x9a0
[   30.197186][  T301]  do_syscall_64+0x3b/0xb0
[   30.201992][  T301]  ? clear_bhb_loop+0x35/0x90
[   30.208023][  T301]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   30.216798][  T301] RIP: 0033:0x7f87e962c2f3
[   30.221866][  T301] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 47 fb ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8
[   30.246638][  T301] RSP: 002b:00007ffd827eef98 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   30.255651][  T301] RAX: ffffffffffffffda RBX: 000055557b4d6730 RCX: 00007f87e962c2f3
[   30.264973][  T301] RDX: 0000000000008000 RSI: 000055557b4d6730 RDI: 0000000000000004
[   30.275615][  T301] RBP: 000055557b4d6704 R08: 0000000000000000 R09: 0000000000000000
[   30.286758][  T301] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffb8
[   30.301955][  T301] R13: 0000000000000010 R14: 000055557b4d6700 R15: 00007ffd827f1210
[   30.313317][  T301]  </TASK>
[   30.316320][  T301] 
[   30.318781][  T301] The buggy address belongs to the page:
[   30.327235][  T301] page:ffffea0004925bc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x12496f
[   30.341320][  T301] flags: 0x4000000000000000(zone=1)
[   30.349515][  T301] raw: 4000000000000000 ffffea0004925c08 ffffea0004925b88 0000000000000000
[   30.358306][  T301] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[   30.370380][  T301] page dumped because: kasan: bad access detected
[   30.376769][  T301] page_owner tracks the page as freed
[   30.384009][  T301] page last allocated via order 0, migratetype Movable, gfp_mask 0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 278, ts 22666901509, free_ts 22727872431
[   30.405053][  T301]  post_alloc_hook+0x1a3/0x1b0
[   30.410908][  T301]  prep_new_page+0x1b/0x110
[   30.416437][  T301]  get_page_from_freelist+0x3550/0x35d0
[   30.423293][  T301]  __alloc_pages+0x27e/0x8f0
[   30.430521][  T301]  handle_pte_fault+0xe7e/0x25c0
[   30.435794][  T301]  do_handle_mm_fault+0x20bc/0x2400
[   30.446979][  T301]  exc_page_fault+0x3b5/0x7f0
[   30.460071][  T301]  asm_exc_page_fault+0x27/0x30
[   30.466473][  T301] page last free stack trace:
[   30.475209][  T301]  free_unref_page_prepare+0x7c8/0x7d0
[   30.484491][  T301]  free_unref_page_list+0x14b/0xa60
[   30.492667][  T301]  release_pages+0x1310/0x1370
[   30.498104][  T301]  free_pages_and_swap_cache+0x8a/0xa0
[   30.506291][  T301]  tlb_finish_mmu+0x177/0x320
[   30.512287][  T301]  unmap_region+0x304/0x350
[   30.517695][  T301]  __do_munmap+0x13e4/0x19d0
[   30.524948][  T301]  __vm_munmap+0x166/0x2a0
[   30.531630][  T301]  __x64_sys_munmap+0x6b/0x80
[   30.536726][  T301]  x64_sys_call+0x75/0x9a0
[   30.543622][  T301]  do_syscall_64+0x3b/0xb0
[   30.550429][  T301]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   30.556948][  T301] 
[   30.560471][  T301] Memory state around the buggy address:
[   30.570578][  T301]  ffff88812496fc00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.580232][  T301]  ffff88812496fc80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.590406][  T301] >ffff88812496fd00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.598641][  T301]                             ^
[   30.607142][  T301]  ffff88812496fd80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.616079][  T301]  ffff88812496fe00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   30.629130][  T301] ==================================================================
[pid   297] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   308] <... close resumed>)        = 0
[pid   307] <... close resumed>)        = 0
[pid   305] <... close resumed>)        = 0
[pid   308] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 <unfinished ...>
[pid   305] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 <unfinished ...>
[pid   308] <... mkdir resumed>)        = 0
[pid   307] mkdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 0777 <unfinished ...>
[pid   305] <... mkdir resumed>)        = 0
[pid   305] mount("/dev/loop4", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", 0, ",errors=continue" <unfinished ...>
[   30.642060][  T301] Disabling lock debugging due to kernel taint
[   30.654179][  T301] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm syz-executor211: Invalid inode table block 14875662660405297151 in block_group 0
[   30.670594][  T301] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   30.684054][  T301] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz-executor211: mark_inode_dirty error
[pid   308] mount("/dev/loop1", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   307] <... mkdir resumed>)        = 0
[pid   307] mount("/dev/loop0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "ext4", 0, ",errors=continue" <unfinished ...>
[pid   301] <... getdents64 resumed>0x55557b4d6730 /* 1 entries */, 32768) = 192
[pid   301] umount2("\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   301] newfstatat(AT_FDCWD, "\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", 0x7ffd827ef000, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   301] exit_group(1)               = ?
[pid   301] +++ exited with 1 +++
[pid   297] <... restart_syscall resumed>) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=1, si_utime=0, si_stime=3} ---
[   30.690135][  T305] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   30.703448][  T307] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid   297] restart_syscall(<... resuming interrupted restart_syscall ...> <unfinished ...>
[pid   305] <... mount resumed>)        = 0
[pid   305] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3
[pid   305] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   305] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4
[pid   305] ioctl(4, LOOP_CLR_FD)       = 0
[pid   305] close(4)                    = 0
[pid   305] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4
[pid   305] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid   305] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   305] rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   305] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|FASYNC, 000) = 5
[pid   305] mount("/dev/loop4", "./bus", NULL, MS_BIND, NULL) = 0
[pid   305] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_DIRECT|O_CLOEXEC) = 6
[pid   305] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x20000000
[pid   305] bpf(BPF_PROG_LOAD, 0x20000080, 144) = -1 E2BIG (Argument list too long)
[pid   305] exit_group(0)               = ?
[pid   305] +++ exited with 0 +++
[pid   302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   302] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   302] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   302] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   302] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   302] getdents64(3, 0x55557b4ce6f0 /* 4 entries */, 32768) = 352
[pid   302] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   302] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   302] unlink("./0/binderfs")      = 0
[pid   302] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   302] newfstatat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   302] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   302] openat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[   30.709814][  T305] ext4 filesystem being mounted at /root/syzkaller.huJ71H/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   30.722366][  T307] ext4 filesystem being mounted at /root/syzkaller.ZBCgZH/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[pid   302] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_EMPTY_PATH) = 0
[pid   302] getdents64(4,  <unfinished ...>
[pid   307] <... mount resumed>)        = 0
[pid   307] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3
[   30.796695][  T302] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm syz-executor211: Invalid inode table block 14875662660405297151 in block_group 0
[   30.817458][  T308] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   30.818592][  T302] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5837: Corrupt filesystem
[pid   308] <... mount resumed>)        = 0
[pid   307] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" <unfinished ...>
[pid   308] openat(AT_FDCWD, "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_DIRECTORY) = 3
[pid   308] chdir("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4
[pid   308] ioctl(4, LOOP_CLR_FD)       = 0
[pid   308] close(4)                    = 0
[pid   308] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4
[pid   308] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid   308] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   308] rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   308] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|FASYNC, 000) = 5
[pid   308] mount("/dev/loop1", "./bus", NULL, MS_BIND, NULL) = 0
[pid   308] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_DIRECT|O_CLOEXEC) = 6
[pid   308] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0) = 0x20000000
[pid   308] bpf(BPF_PROG_LOAD, 0x20000080, 144) = -1 E2BIG (Argument list too long)
[pid   308] exit_group(0)               = ?
[pid   308] +++ exited with 0 +++
[pid   299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=4} ---
[pid   299] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   307] <... chdir resumed>)        = 0
[pid   307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid   307] ioctl(4, LOOP_CLR_FD)       = 0
[pid   307] close(4)                    = 0
[pid   307] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4
[pid   307] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid   307] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   307] rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid   307] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE|FASYNC, 000) = 5
[pid   307] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL <unfinished ...>
[pid   299] <... restart_syscall resumed>) = 0
[pid   299] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   299] getdents64(3, 0x55557b4ce6f0 /* 4 entries */, 32768) = 352
[pid   299] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   299] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   299] unlink("./0/binderfs")      = 0
[pid   299] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   307] <... mount resumed>)        = 0
[pid   299] newfstatat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   307] open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_DIRECT|O_CLOEXEC <unfinished ...>
[pid   299] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   307] <... open resumed>)         = 6
[pid   299] <... umount2 resumed>)      = -1 EBUSY (Device or resource busy)
[pid   307] mmap(0x20000000, 11755520, PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE|MAP_STACK, 6, 0 <unfinished ...>
[pid   299] openat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   299] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_EMPTY_PATH) = 0
[   30.829370][  T308] ext4 filesystem being mounted at /root/syzkaller.TEB4nA/0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   30.853601][  T302] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #2: comm syz-executor211: mark_inode_dirty error
[pid   299] getdents64(4,  <unfinished ...>
[pid   307] <... mmap resumed>)         = 0x20000000
[pid   302] <... getdents64 resumed>0x55557b4d6730 /* 1 entries */, 32768) = 192
[pid   307] bpf(BPF_PROG_LOAD, 0x20000080, 144) = -1 E2BIG (Argument list too long)
[pid   307] exit_group(0)               = ?
[pid   307] +++ exited with 0 +++
[pid   302] umount2("\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", MNT_FORCE|UMOUNT_NOFOLLOW <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=4} ---
[pid   298] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   298] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid   298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[pid   298] getdents64(3, 0x55557b4ce6f0 /* 4 entries */, 32768) = 352
[pid   298] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid   298] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   298] unlink("./0/binderfs")      = 0
[pid   298] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   298] newfstatat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid   298] umount2("./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy)
[pid   298] openat(AT_FDCWD, "./0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid   298] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=3072, ...}, AT_EMPTY_PATH) = 0
[pid   298] getdents64(4,  <unfinished ...>
[pid   302] <... umount2 resumed>)      = -1 ENOENT (No such file or directory)
[pid   302] newfstatat(AT_FDCWD, "\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", 0x7ffd827ef000, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   302] exit_group(1)               = ?
[pid   302] +++ exited with 1 +++
[   30.895072][  T299] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm syz-executor211: Invalid inode table block 14875662660405297151 in block_group 0
[   30.919686][  T298] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm syz-executor211: Invalid inode table block 14875662660405297151 in block_group 0
[   30.920860][  T299] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[pid   297] <... restart_syscall resumed>) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=1, si_utime=0, si_stime=4} ---
[pid   297] restart_syscall(<... resuming interrupted restart_syscall ...> <unfinished ...>
[pid   299] <... getdents64 resumed>0x55557b4d6730 /* 1 entries */, 32768) = 192
[pid   299] umount2("\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   299] newfstatat(AT_FDCWD, "\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", 0x7ffd827ef000, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   299] exit_group(1)               = ?
[pid   299] +++ exited with 1 +++
[pid   297] <... restart_syscall resumed>) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=1, si_utime=0, si_stime=5} ---
[pid   297] restart_syscall(<... resuming interrupted restart_syscall ...> <unfinished ...>
[pid   298] <... getdents64 resumed>0x55557b4d6730 /* 7 entries */, 32768) = 1344
[pid   298] umount2("\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   298] newfstatat(AT_FDCWD, "\x2e\x2f\x30\x2f\x66\x69\x6c\x65\x30\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x2f\xc5\xc1\xca\x7a\xa5\x02\x61\xa3\x08\x9a\x1e\xbf\x07\x2e", 0x7ffd827ef000, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory)
[pid   298] exit_group(1)               = ?
[pid   298] +++ exited with 1 +++
<... restart_syscall resumed>)          = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=298, si_uid=0, si_status=1, si_utime=0, si_stime=4} ---
[   30.939679][  T298] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   30.947226][  T299] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz-executor211: mark_inode_dirty error
[   30.957838][  T298] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz-executor211: mark_inode_dirty error
[   34.544881][  T318] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.564316][  T318] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.581618][  T318] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.599188][  T318] EXT4-fs error (device loop3): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.624919][  T318] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.643243][  T318] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.660006][  T318] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   34.679640][  T318] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   35.744937][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm kworker/u4:1: Invalid inode table block 14875662660405297151 in block_group 0
[   35.744936][  T318] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   35.745135][  T318] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   35.761325][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm kworker/u4:1: Invalid inode table block 14875662660405297151 in block_group 0
[   35.777848][  T318] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   35.794270][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm kworker/u4:1: Invalid inode table block 14875662660405297151 in block_group 0
[   35.809551][  T318] EXT4-fs error (device loop4): __ext4_get_inode_loc:4351: comm kworker/u4:3: Invalid inode table block 14875662660405297151 in block_group 0
[   35.826296][   T45] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm kworker/u4:2: Invalid inode table block 14875662660405297151 in block_group 0
[   35.844051][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4351: comm kworker/u4:1: Invalid inode table block 14875662660405297151 in block_group 0
[   35.858718][   T45] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm kworker/u4:2: Invalid inode table block 14875662660405297151 in block_group 0
[   35.924570][   T45] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm kworker/u4:2: Invalid inode table block 14875662660405297151 in block_group 0
[   35.949486][   T45] EXT4-fs error (device loop1): __ext4_get_inode_loc:4351: comm kworker/u4:2: Invalid inode table block 14875662660405297151 in block_group 0