./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2956823754
<...>
Warning: Permanently added '10.128.1.182' (ECDSA) to the list of known hosts.
execve("./syz-executor2956823754", ["./syz-executor2956823754"], 0x7fffb16e87b0 /* 10 vars */) = 0
brk(NULL) = 0x5555565c9000
brk(0x5555565c9c40) = 0x5555565c9c40
arch_prctl(ARCH_SET_FS, 0x5555565c9300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2956823754", 4096) = 28
brk(0x5555565eac40) = 0x5555565eac40
brk(0x5555565eb000) = 0x5555565eb000
mprotect(0x7f3830cd3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
creat("./file1", 000) = 3
memfd_create("syzkaller", 0) = 4
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3828810000
write(4, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536) = 65536
munmap(0x7f3828810000, 65536) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
ioctl(5, LOOP_SET_FD, 4) = 0
close(4) = 0
mkdir("./file1", 0777) = -1 EEXIST (File exists)
mount("/dev/loop0", "./file1", "sysv", 0, "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x31\x38\x34\x34\x36\x37\x34\x34\x30\x37\x33\x37\x30\x39\x35\x35\x31\x36\x31\x35\xff\xff\xff\xff\x30\x78\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\x66\xff\xff") = 0
openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = -1 ENOTDIR (Not a directory)
ioctl(5, LOOP_CLR_FD) = 0
close(5) = 0
open("./file1", O_WRONLY|O_TRUNC) = 4
[ 64.649410][ T4998] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4998 'syz-executor295'
[ 64.663652][ T4998] loop0: detected capacity change from 0 to 128
[ 64.673844][ T4998] VFS: Found a Xenix FS (block size = 512) on device loop0
[ 64.686022][ T4998] sysv_free_block: trying to free block not in datazone
[ 64.694608][ T4998] ==================================================================
[ 64.702675][ T4998] BUG: KASAN: null-ptr-deref in get_block+0x3e6/0x1580
[ 64.709559][ T4998] Write of size 8 at addr 0000000000000000 by task syz-executor295/4998
[ 64.717856][ T4998]
[ 64.720163][ T4998] CPU: 0 PID: 4998 Comm: syz-executor295 Not tainted 6.4.0-rc7-syzkaller-00194-g8a28a0b6f1a1 #0
[ 64.730550][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 64.740585][ T4998] Call Trace:
[ 64.743845][ T4998]
[ 64.746757][ T4998] dump_stack_lvl+0xd9/0x150
[ 64.751341][ T4998] ? get_block+0x3e6/0x1580
[ 64.755854][ T4998] kasan_report+0xec/0x130
[ 64.760274][ T4998] ? get_block+0x3e6/0x1580
[ 64.764767][ T4998] kasan_check_range+0x141/0x190
[ 64.769681][ T4998] get_block+0x3e6/0x1580
[ 64.774011][ T4998] ? free_branches+0x3d0/0x3d0
[ 64.778843][ T4998] ? folio_create_buffers+0x10b/0x160
[ 64.784194][ T4998] ? lock_downgrade+0x690/0x690
[ 64.789026][ T4998] ? folio_flags.constprop.0+0x53/0x150
[ 64.794552][ T4998] ? do_raw_spin_unlock+0x175/0x230
[ 64.799735][ T4998] ? _raw_spin_unlock+0x28/0x40
[ 64.804565][ T4998] __block_write_begin_int+0x3bd/0x14b0
[ 64.810102][ T4998] ? free_branches+0x3d0/0x3d0
[ 64.814849][ T4998] ? invalidate_bh_lrus_cpu+0x140/0x140
[ 64.820372][ T4998] ? folio_flags.constprop.0+0x53/0x150
[ 64.825902][ T4998] ? free_branches+0x3d0/0x3d0
[ 64.830643][ T4998] block_write_begin+0xb9/0x4d0
[ 64.835468][ T4998] sysv_write_begin+0x31/0xd0
[ 64.840126][ T4998] generic_perform_write+0x256/0x570
[ 64.845390][ T4998] ? generic_file_readonly_mmap+0x180/0x180
[ 64.851260][ T4998] ? new_inode+0x280/0x280
[ 64.855653][ T4998] ? generic_write_checks+0x2c0/0x400
[ 64.861001][ T4998] __generic_file_write_iter+0x2ae/0x500
[ 64.866611][ T4998] generic_file_write_iter+0xe3/0x350
[ 64.871959][ T4998] do_iter_readv_writev+0x20b/0x3b0
[ 64.877142][ T4998] ? generic_copy_file_range+0x1d0/0x1d0
[ 64.882760][ T4998] ? bpf_lsm_file_permission+0x9/0x10
[ 64.888107][ T4998] ? security_file_permission+0xaf/0xd0
[ 64.893644][ T4998] do_iter_write+0x185/0x7e0
[ 64.898215][ T4998] vfs_writev+0x1aa/0x670
[ 64.902545][ T4998] ? vfs_iter_write+0xa0/0xa0
[ 64.907217][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 64.912228][ T4998] ? spin_bug+0x1c0/0x1c0
[ 64.916541][ T4998] ? recalc_sigpending_tsk+0x18b/0x1d0
[ 64.921980][ T4998] ? ptrace_notify+0xfe/0x140
[ 64.926639][ T4998] ? lock_downgrade+0x690/0x690
[ 64.931474][ T4998] __x64_sys_pwritev+0x22f/0x310
[ 64.936392][ T4998] ? __ia32_sys_preadv2+0x150/0x150
[ 64.941569][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 64.946779][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.951961][ T4998] ? ptrace_notify+0xfe/0x140
[ 64.956620][ T4998] do_syscall_64+0x39/0xb0
[ 64.961031][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 64.966923][ T4998] RIP: 0033:0x7f3830c5cb19
[ 64.971325][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 64.990911][ T4998] RSP: 002b:00007ffd8b0f5988 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 64.999303][ T4998] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f3830c5cb19
[ 65.007251][ T4998] RDX: 0000000000000005 RSI: 0000000020000480 RDI: 0000000000000004
[ 65.015457][ T4998] RBP: 00007f3830c1c150 R08: 0000000000000000 R09: 0000000000000000
[ 65.023404][ T4998] R10: 0000000000007fff R11: 0000000000000246 R12: 00007f3830c1c1e0
[ 65.031353][ T4998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 65.039319][ T4998]
[ 65.042317][ T4998] ==================================================================
[ 65.050860][ T4998] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 65.058048][ T4998] CPU: 0 PID: 4998 Comm: syz-executor295 Not tainted 6.4.0-rc7-syzkaller-00194-g8a28a0b6f1a1 #0
[ 65.068434][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 65.078725][ T4998] Call Trace:
[ 65.081981][ T4998]
[ 65.084892][ T4998] dump_stack_lvl+0xd9/0x150
[ 65.089462][ T4998] panic+0x686/0x730
[ 65.093343][ T4998] ? panic_smp_self_stop+0xa0/0xa0
[ 65.098431][ T4998] ? preempt_schedule_thunk+0x1a/0x20
[ 65.103782][ T4998] ? preempt_schedule_common+0x45/0xb0
[ 65.110626][ T4998] check_panic_on_warn+0xb1/0xc0
[ 65.115560][ T4998] end_report+0xe9/0x120
[ 65.119788][ T4998] ? get_block+0x3e6/0x1580
[ 65.124271][ T4998] kasan_report+0xf9/0x130
[ 65.128693][ T4998] ? get_block+0x3e6/0x1580
[ 65.133175][ T4998] kasan_check_range+0x141/0x190
[ 65.138088][ T4998] get_block+0x3e6/0x1580
[ 65.142403][ T4998] ? free_branches+0x3d0/0x3d0
[ 65.147146][ T4998] ? folio_create_buffers+0x10b/0x160
[ 65.152500][ T4998] ? lock_downgrade+0x690/0x690
[ 65.157350][ T4998] ? folio_flags.constprop.0+0x53/0x150
[ 65.162875][ T4998] ? do_raw_spin_unlock+0x175/0x230
[ 65.168052][ T4998] ? _raw_spin_unlock+0x28/0x40
[ 65.172884][ T4998] __block_write_begin_int+0x3bd/0x14b0
[ 65.178405][ T4998] ? free_branches+0x3d0/0x3d0
[ 65.183157][ T4998] ? invalidate_bh_lrus_cpu+0x140/0x140
[ 65.188681][ T4998] ? folio_flags.constprop.0+0x53/0x150
[ 65.194210][ T4998] ? free_branches+0x3d0/0x3d0
[ 65.198954][ T4998] block_write_begin+0xb9/0x4d0
[ 65.203795][ T4998] sysv_write_begin+0x31/0xd0
[ 65.208555][ T4998] generic_perform_write+0x256/0x570
[ 65.213831][ T4998] ? generic_file_readonly_mmap+0x180/0x180
[ 65.219720][ T4998] ? new_inode+0x280/0x280
[ 65.224122][ T4998] ? generic_write_checks+0x2c0/0x400
[ 65.229474][ T4998] __generic_file_write_iter+0x2ae/0x500
[ 65.235088][ T4998] generic_file_write_iter+0xe3/0x350
[ 65.240451][ T4998] do_iter_readv_writev+0x20b/0x3b0
[ 65.245633][ T4998] ? generic_copy_file_range+0x1d0/0x1d0
[ 65.251248][ T4998] ? bpf_lsm_file_permission+0x9/0x10
[ 65.256598][ T4998] ? security_file_permission+0xaf/0xd0
[ 65.262137][ T4998] do_iter_write+0x185/0x7e0
[ 65.266711][ T4998] vfs_writev+0x1aa/0x670
[ 65.271027][ T4998] ? vfs_iter_write+0xa0/0xa0
[ 65.275683][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 65.280688][ T4998] ? spin_bug+0x1c0/0x1c0
[ 65.284995][ T4998] ? recalc_sigpending_tsk+0x18b/0x1d0
[ 65.290455][ T4998] ? ptrace_notify+0xfe/0x140
[ 65.295123][ T4998] ? lock_downgrade+0x690/0x690
[ 65.299960][ T4998] __x64_sys_pwritev+0x22f/0x310
[ 65.304878][ T4998] ? __ia32_sys_preadv2+0x150/0x150
[ 65.310053][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 65.315230][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 65.320496][ T4998] ? ptrace_notify+0xfe/0x140
[ 65.325170][ T4998] do_syscall_64+0x39/0xb0
[ 65.329578][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 65.335459][ T4998] RIP: 0033:0x7f3830c5cb19
[ 65.339854][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 65.359439][ T4998] RSP: 002b:00007ffd8b0f5988 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[ 65.367877][ T4998] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f3830c5cb19
[ 65.375826][ T4998] RDX: 0000000000000005 RSI: 0000000020000480 RDI: 0000000000000004
[ 65.383811][ T4998] RBP: 00007f3830c1c150 R08: 0000000000000000 R09: 0000000000000000
[ 65.391757][ T4998] R10: 0000000000007fff R11: 0000000000000246 R12: 00007f3830c1c1e0
[ 65.399707][ T4998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 65.407669][ T4998]
[ 65.411466][ T4998] Kernel Offset: disabled
[ 65.415773][ T4998] Rebooting in 86400 seconds..