./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1091976248
<...>
DUID 00:04:06:88:74:a7:04:75:62:cb:55:93:34:09:94:90:e1:fe
forked to background, child pid 4647
[ 35.422225][ T4648] 8021q: adding VLAN 0 to HW filter on device bond0
[ 35.451989][ T4648] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts.
execve("./syz-executor1091976248", ["./syz-executor1091976248"], 0x7fff49a1a770 /* 10 vars */) = 0
brk(NULL) = 0x555556037000
brk(0x555556037c40) = 0x555556037c40
arch_prctl(ARCH_SET_FS, 0x555556037300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1091976248", 4096) = 28
brk(0x555556058c40) = 0x555556058c40
brk(0x555556059000) = 0x555556059000
mprotect(0x7f4a7935b000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0) = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4a70ea1000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576
munmap(0x7f4a70ea1000, 1048576) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_SET_FD, 3) = 0
close(3) = 0
mkdir("./file0", 0777) = 0
mount("/dev/loop0", "./file0", "udf", 0, "nostrict,volume=00000000000000024210,undelete,nostrict") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0") = 0
ioctl(4, LOOP_CLR_FD) = 0
close(4) = 0
unlink("./file1") = 0
syzkaller login: [ 60.252027][ T5073] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5073 'syz-executor109'
[ 60.274982][ T5073] loop0: detected capacity change from 0 to 2048
[ 60.289466][ T5073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 60.316135][ T5073] ------------[ cut here ]------------
[ 60.321868][ T5073] WARNING: CPU: 1 PID: 5073 at fs/udf/namei.c:802 udf_rename+0x914/0xb60
[ 60.330361][ T5073] Modules linked in:
[ 60.334361][ T5073] CPU: 1 PID: 5073 Comm: syz-executor109 Not tainted 6.1.0-next-20221220-syzkaller #0
[ 60.344010][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 60.354161][ T5073] RIP: 0010:udf_rename+0x914/0xb60
[ 60.359281][ T5073] Code: 48 89 da 48 8b 7c 24 58 e8 89 c5 ff ff 31 ff 89 c3 89 c6 e8 3e 38 a2 fe 85 db 0f 84 5d fa ff ff e9 c9 fd ff ff e8 7c 3b a2 fe <0f> 0b 48 8b 7c 24 30 bb 8b ff ff ff e8 8b 58 01 00 e9 ae fd ff ff
[ 60.378944][ T5073] RSP: 0018:ffffc900039df5d0 EFLAGS: 00010293
[ 60.385074][ T5073] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 60.393191][ T5073] RDX: ffff888022559d40 RSI: ffffffff82df1964 RDI: 0000000000000005
[ 60.401261][ T5073] RBP: ffffc900039dfbe8 R08: 0000000000000005 R09: 0000000000000000
[ 60.409250][ T5073] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 60.417304][ T5073] R13: ffff888073571490 R14: ffffc900039df660 R15: ffff888073571af8
[ 60.425331][ T5073] FS: 0000555556037300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 60.434329][ T5073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 60.440987][ T5073] CR2: 00000000005fdeb8 CR3: 000000002a4df000 CR4: 00000000003506e0
[ 60.448972][ T5073] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 60.457025][ T5073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 60.465117][ T5073] Call Trace:
[ 60.468403][ T5073]
[ 60.471391][ T5073] ? unwind_get_return_address+0x55/0xa0
[ 60.477069][ T5073] ? write_profile+0x410/0x410
[ 60.481938][ T5073] ? udf_link+0x3d0/0x3d0
[ 60.486289][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 60.491196][ T5073] ? is_bpf_text_address+0x4/0x170
[ 60.496341][ T5073] ? lock_acquire+0x32/0xc0
[ 60.500904][ T5073] ? is_bpf_text_address+0x9d/0x170
[ 60.506134][ T5073] ? kernel_text_address+0x3d/0x80
[ 60.511329][ T5073] ? __kernel_text_address+0xd/0x30
[ 60.516571][ T5073] ? unwind_get_return_address+0x55/0xa0
[ 60.522258][ T5073] ? write_profile+0x410/0x410
[ 60.527055][ T5073] ? arch_stack_walk+0x97/0xf0
[ 60.532177][ T5073] ? stack_trace_save+0x90/0xc0
[ 60.537050][ T5073] ? filter_irq_stacks+0x90/0x90
[ 60.542111][ T5073] ? lockdep_unlock+0x11b/0x290
[ 60.546997][ T5073] ? __lock_acquire+0x2567/0x56d0
[ 60.552135][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.558158][ T5073] ? lock_release+0x810/0x810
[ 60.562888][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 60.568468][ T5073] ? rcu_read_lock_sched_held+0x3e/0x70
[ 60.574064][ T5073] ? trace_lock_acquire+0x1d1/0x290
[ 60.579291][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 60.584900][ T5073] ? lock_acquire+0x32/0xc0
[ 60.589424][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 60.595074][ T5073] ? down_write_nested+0x15b/0x220
[ 60.600232][ T5073] ? up_read+0x20/0x20
[ 60.604412][ T5073] ? lock_acquire+0x32/0xc0
[ 60.608933][ T5073] ? lockref_get+0x15/0x50
[ 60.613422][ T5073] ? udf_link+0x3d0/0x3d0
[ 60.617771][ T5073] vfs_rename+0x1162/0x1a90
[ 60.622391][ T5073] ? path_openat+0x2a50/0x2a50
[ 60.627190][ T5073] ? d_lookup+0x105/0x170
[ 60.631653][ T5073] ? bpf_lsm_path_rename+0x9/0x10
[ 60.636712][ T5073] ? security_path_rename+0x158/0x230
[ 60.642155][ T5073] do_renameat2+0xb22/0xc30
[ 60.646699][ T5073] ? __ia32_sys_link+0xa0/0xa0
[ 60.651534][ T5073] ? trace_lock_acquire+0x1d1/0x290
[ 60.656758][ T5073] ? __virt_addr_valid+0x61/0x2e0
[ 60.661839][ T5073] ? __phys_addr_symbol+0x30/0x70
[ 60.666900][ T5073] ? strncpy_from_user+0x10e/0x4f0
[ 60.672086][ T5073] __x64_sys_rename+0x81/0xa0
[ 60.676800][ T5073] do_syscall_64+0x39/0xb0
[ 60.681275][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.687193][ T5073] RIP: 0033:0x7f4a792ed819
[ 60.691663][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.711330][ T5073] RSP: 002b:00007ffd557425e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 60.719743][ T5073] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f4a792ed819
[ 60.727794][ T5073] RDX: 00007f4a792ed819 RSI: 0000000020000400 RDI: 00000000200003c0
[ 60.735876][ T5073] RBP: 00007f4a792ad0b0 R08: 0000000000000000 R09: 0000000000000000
[ 60.743912][ T5073] R10: 0000000000000bea R11: 0000000000000246 R12: 00007f4a792ad140
[ 60.751956][ T5073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 60.759948][ T5073]
[ 60.763010][ T5073] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 60.770299][ T5073] CPU: 1 PID: 5073 Comm: syz-executor109 Not tainted 6.1.0-next-20221220-syzkaller #0
[ 60.779832][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 60.789877][ T5073] Call Trace:
[ 60.793147][ T5073]
[ 60.796069][ T5073] dump_stack_lvl+0xd1/0x138
[ 60.800663][ T5073] panic+0x2cc/0x626
[ 60.804557][ T5073] ? panic_print_sys_info.part.0+0x110/0x110
[ 60.810552][ T5073] ? udf_rename+0x914/0xb60
[ 60.815053][ T5073] check_panic_on_warn.cold+0x19/0x35
[ 60.820434][ T5073] __warn+0xf2/0x1a0
[ 60.824352][ T5073] ? udf_rename+0x914/0xb60
[ 60.828849][ T5073] report_bug+0x1c0/0x210
[ 60.833177][ T5073] handle_bug+0x3c/0x70
[ 60.837332][ T5073] exc_invalid_op+0x18/0x50
[ 60.841848][ T5073] asm_exc_invalid_op+0x1a/0x20
[ 60.846719][ T5073] RIP: 0010:udf_rename+0x914/0xb60
[ 60.851854][ T5073] Code: 48 89 da 48 8b 7c 24 58 e8 89 c5 ff ff 31 ff 89 c3 89 c6 e8 3e 38 a2 fe 85 db 0f 84 5d fa ff ff e9 c9 fd ff ff e8 7c 3b a2 fe <0f> 0b 48 8b 7c 24 30 bb 8b ff ff ff e8 8b 58 01 00 e9 ae fd ff ff
[ 60.871473][ T5073] RSP: 0018:ffffc900039df5d0 EFLAGS: 00010293
[ 60.877562][ T5073] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 60.885547][ T5073] RDX: ffff888022559d40 RSI: ffffffff82df1964 RDI: 0000000000000005
[ 60.893531][ T5073] RBP: ffffc900039dfbe8 R08: 0000000000000005 R09: 0000000000000000
[ 60.901516][ T5073] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 60.909494][ T5073] R13: ffff888073571490 R14: ffffc900039df660 R15: ffff888073571af8
[ 60.917492][ T5073] ? udf_rename+0x914/0xb60
[ 60.922038][ T5073] ? unwind_get_return_address+0x55/0xa0
[ 60.927690][ T5073] ? write_profile+0x410/0x410
[ 60.932496][ T5073] ? udf_link+0x3d0/0x3d0
[ 60.936844][ T5073] ? lock_downgrade+0x6e0/0x6e0
[ 60.941716][ T5073] ? is_bpf_text_address+0x4/0x170
[ 60.946852][ T5073] ? lock_acquire+0x32/0xc0
[ 60.951376][ T5073] ? is_bpf_text_address+0x9d/0x170
[ 60.956612][ T5073] ? kernel_text_address+0x3d/0x80
[ 60.961754][ T5073] ? __kernel_text_address+0xd/0x30
[ 60.966999][ T5073] ? unwind_get_return_address+0x55/0xa0
[ 60.972664][ T5073] ? write_profile+0x410/0x410
[ 60.977481][ T5073] ? arch_stack_walk+0x97/0xf0
[ 60.982293][ T5073] ? stack_trace_save+0x90/0xc0
[ 60.987204][ T5073] ? filter_irq_stacks+0x90/0x90
[ 60.992211][ T5073] ? lockdep_unlock+0x11b/0x290
[ 60.997099][ T5073] ? __lock_acquire+0x2567/0x56d0
[ 61.002158][ T5073] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.008183][ T5073] ? lock_release+0x810/0x810
[ 61.012878][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 61.018455][ T5073] ? rcu_read_lock_sched_held+0x3e/0x70
[ 61.024016][ T5073] ? trace_lock_acquire+0x1d1/0x290
[ 61.029235][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 61.034810][ T5073] ? lock_acquire+0x32/0xc0
[ 61.039328][ T5073] ? lock_two_nondirectories+0xd5/0x110
[ 61.044933][ T5073] ? down_write_nested+0x15b/0x220
[ 61.050085][ T5073] ? up_read+0x20/0x20
[ 61.054185][ T5073] ? lock_acquire+0x32/0xc0
[ 61.058727][ T5073] ? lockref_get+0x15/0x50
[ 61.063188][ T5073] ? udf_link+0x3d0/0x3d0
[ 61.067551][ T5073] vfs_rename+0x1162/0x1a90
[ 61.072104][ T5073] ? path_openat+0x2a50/0x2a50
[ 61.076903][ T5073] ? d_lookup+0x105/0x170
[ 61.081263][ T5073] ? bpf_lsm_path_rename+0x9/0x10
[ 61.086310][ T5073] ? security_path_rename+0x158/0x230
[ 61.091720][ T5073] do_renameat2+0xb22/0xc30
[ 61.096264][ T5073] ? __ia32_sys_link+0xa0/0xa0
[ 61.101057][ T5073] ? trace_lock_acquire+0x1d1/0x290
[ 61.106281][ T5073] ? __virt_addr_valid+0x61/0x2e0
[ 61.111352][ T5073] ? __phys_addr_symbol+0x30/0x70
[ 61.116440][ T5073] ? strncpy_from_user+0x10e/0x4f0
[ 61.121615][ T5073] __x64_sys_rename+0x81/0xa0
[ 61.126333][ T5073] do_syscall_64+0x39/0xb0
[ 61.130783][ T5073] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.136699][ T5073] RIP: 0033:0x7f4a792ed819
[ 61.141130][ T5073] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 61.160857][ T5073] RSP: 002b:00007ffd557425e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 61.169298][ T5073] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f4a792ed819
[ 61.177284][ T5073] RDX: 00007f4a792ed819 RSI: 0000000020000400 RDI: 00000000200003c0
[ 61.185269][ T5073] RBP: 00007f4a792ad0b0 R08: 0000000000000000 R09: 0000000000000000
[ 61.193251][ T5073] R10: 0000000000000bea R11: 0000000000000246 R12: 00007f4a792ad140
[ 61.201232][ T5073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 61.209236][ T5073]
[ 61.212400][ T5073] Kernel Offset: disabled
[ 61.216799][ T5073] Rebooting in 86400 seconds..