./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor97244297 <...> Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts. execve("./syz-executor97244297", ["./syz-executor97244297"], 0x7ffc91e6eef0 /* 10 vars */) = 0 brk(NULL) = 0x5555563d5000 brk(0x5555563d5c40) = 0x5555563d5c40 arch_prctl(ARCH_SET_FS, 0x5555563d5300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor97244297", 4096) = 26 brk(0x5555563f6c40) = 0x5555563f6c40 brk(0x5555563f7000) = 0x5555563f7000 mprotect(0x7fa45281c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 open("./file0", O_RDWR|O_CREAT|0x3c, 000) = 3 memfd_create("syzkaller", 0) = 4 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa44a359000 write(4, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536) = 65536 munmap(0x7fa44a359000, 65536) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 ioctl(5, LOOP_SET_FD, 4) = 0 close(4) = 0 mkdir("./file0", 0777) = -1 EEXIST (File exists) mount("/dev/loop0", "./file0", "sysv", 0, "") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOTDIR (Not a directory) ioctl(5, LOOP_CLR_FD) = 0 close(5) = 0 syzkaller login: [ 50.293317][ T3630] loop0: detected capacity change from 0 to 128 [ 50.303901][ T3630] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 50.316072][ T3630] syz-executor972: attempt to access beyond end of device [ 50.316072][ T3630] loop0: rw=0, sector=3245512, nr_sectors = 1 limit=128 [ 50.330700][ T3630] Buffer I/O error on dev loop0, logical block 3245512, async page read [ 50.339676][ T3630] syz-executor972: attempt to access beyond end of device [ 50.339676][ T3630] loop0: rw=0, sector=8767867, nr_sectors = 1 limit=128 [ 50.353741][ T3630] Buffer I/O error on dev loop0, logical block 8767867, async page read [ 50.363068][ T3630] syz-executor972: attempt to access beyond end of device [ 50.363068][ T3630] loop0: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 50.377117][ T3630] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 50.386034][ T3630] syz-executor972: attempt to access beyond end of device [ 50.386034][ T3630] loop0: rw=0, sector=8073605, nr_sectors = 1 limit=128 [ 50.399981][ T3630] Buffer I/O error on dev loop0, logical block 8073605, async page read [ 50.408377][ T3630] syz-executor972: attempt to access beyond end of device [ 50.408377][ T3630] loop0: rw=0, sector=3245515, nr_sectors = 1 limit=128 [ 50.422294][ T3630] Buffer I/O error on dev loop0, logical block 3245515, async page read [ 50.430676][ T3630] syz-executor972: attempt to access beyond end of device [ 50.430676][ T3630] loop0: rw=0, sector=8768635, nr_sectors = 1 limit=128 [ 50.444598][ T3630] Buffer I/O error on dev loop0, logical block 8768635, async page read [ 50.452973][ T3630] syz-executor972: attempt to access beyond end of device [ 50.452973][ T3630] loop0: rw=0, sector=13466417, nr_sectors = 1 limit=128 [ 50.466974][ T3630] Buffer I/O error on dev loop0, logical block 13466417, async page read [ 50.475436][ T3630] syz-executor972: attempt to access beyond end of device [ 50.475436][ T3630] loop0: rw=0, sector=8073605, nr_sectors = 1 limit=128 [ 50.489361][ T3630] Buffer I/O error on dev loop0, logical block 8073605, async page read [ 50.497766][ T3630] BUG: sleeping function called from invalid context at fs/buffer.c:1331 [ 50.506346][ T3630] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3630, name: syz-executor972 [ 50.515844][ T3630] preempt_count: 1, expected: 0 [ 50.520745][ T3630] RCU nest depth: 0, expected: 0 [ 50.525676][ T3630] 3 locks held by syz-executor972/3630: [ 50.531249][ T3630] #0: ffff88801efc11a0 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x7ab/0x1bd0 [ 50.541154][ T3630] #1: ffff88807140c328 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xe9/0x820 [ 50.552344][ T3630] #2: ffffffff8d3e67f8 (pointers_lock){.+.+}-{2:2}, at: get_block+0x159/0x16d0 [ 50.561432][ T3630] Preemption disabled at: [ 50.561439][ T3630] [<0000000000000000>] 0x0 [ 50.570181][ T3630] CPU: 1 PID: 3630 Comm: syz-executor972 Not tainted 6.1.0-rc8-syzkaller #0 [ 50.578854][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 50.588895][ T3630] Call Trace: [ 50.592163][ T3630] [ 50.595077][ T3630] dump_stack_lvl+0x1b1/0x28e [ 50.599740][ T3630] ? nf_tcp_handle_invalid+0x62e/0x62e [ 50.605178][ T3630] ? panic+0x710/0x710 [ 50.609237][ T3630] __might_resched+0x4e9/0x6b0 [ 50.613982][ T3630] ? __lock_acquire+0x1292/0x1f60 [ 50.618991][ T3630] ? __might_sleep+0xc0/0xc0 [ 50.623573][ T3630] __getblk_gfp+0x41/0x290 [ 50.627978][ T3630] ? get_block+0x184/0x16d0 [ 50.632473][ T3630] __bread_gfp+0x28/0x320 [ 50.636804][ T3630] get_branch+0x2ce/0x680 [ 50.641137][ T3630] get_block+0x175/0x16d0 [ 50.645465][ T3630] ? trace_lock_release+0x95/0x220 [ 50.650580][ T3630] ? create_page_buffers+0x1c8/0x4b0 [ 50.655862][ T3630] ? alloc_buffer_head+0xd3/0xf0 [ 50.660798][ T3630] ? sysv_truncate+0x1040/0x1040 [ 50.665728][ T3630] ? alloc_page_buffers+0x326/0x460 [ 50.670927][ T3630] ? folio_attach_private+0xd9/0x200 [ 50.676206][ T3630] ? do_raw_spin_unlock+0x134/0x8a0 [ 50.681406][ T3630] ? create_page_buffers+0x244/0x4b0 [ 50.686693][ T3630] block_read_full_folio+0x3b3/0xfa0 [ 50.691988][ T3630] ? sysv_truncate+0x1040/0x1040 [ 50.696919][ T3630] ? block_is_partially_uptodate+0x620/0x620 [ 50.702906][ T3630] ? __readahead_folio+0x211/0x510 [ 50.708011][ T3630] ? sysv_writepage+0x30/0x30 [ 50.712680][ T3630] read_pages+0x74b/0x9c0 [ 50.717005][ T3630] ? folio_add_lru+0x480/0x960 [ 50.721767][ T3630] ? filemap_add_folio+0x22a/0x5c0 [ 50.726874][ T3630] ? page_cache_ra_unbounded+0x820/0x820 [ 50.732507][ T3630] ? trace_mm_filemap_add_to_page_cache+0x2b0/0x2b0 [ 50.739092][ T3630] ? __down_read_common+0x156/0x2a0 [ 50.744287][ T3630] page_cache_ra_unbounded+0x703/0x820 [ 50.749749][ T3630] filemap_get_pages+0x465/0x10d0 [ 50.754768][ T3630] ? stack_trace_save+0x1e0/0x1e0 [ 50.759807][ T3630] ? filemap_read+0xea0/0xea0 [ 50.764477][ T3630] ? rcu_read_lock_sched_held+0x87/0x110 [ 50.770101][ T3630] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 50.776073][ T3630] ? __might_sleep+0xc0/0xc0 [ 50.780664][ T3630] ? __stack_depot_save+0x41c/0x4a0 [ 50.785871][ T3630] ? trace_lock_release+0x95/0x220 [ 50.790982][ T3630] filemap_read+0x3cf/0xea0 [ 50.795492][ T3630] ? do_raw_spin_unlock+0x134/0x8a0 [ 50.800687][ T3630] ? _raw_spin_unlock_irqrestore+0x8b/0x120 [ 50.806580][ T3630] ? find_get_pages_range_tag+0x780/0x780 [ 50.812289][ T3630] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 50.818181][ T3630] ? _raw_spin_unlock+0x40/0x40 [ 50.823028][ T3630] ? stack_trace_save+0x104/0x1e0 [ 50.828074][ T3630] ? stack_trace_snprint+0xf0/0xf0 [ 50.833198][ T3630] ? generic_file_read_iter+0x8f/0x540 [ 50.838665][ T3630] ? __stack_depot_save+0x41c/0x4a0 [ 50.843880][ T3630] ? iov_iter_kvec+0x4a/0x1a0 [ 50.848565][ T3630] __kernel_read+0x3fc/0x830 [ 50.853155][ T3630] ? kasan_set_track+0x3d/0x60 [ 50.857921][ T3630] ? __kasan_kmalloc+0x97/0xb0 [ 50.862690][ T3630] ? rw_verify_area+0x1a0/0x1a0 [ 50.867542][ T3630] ? __kmem_cache_alloc_node+0x41/0x310 [ 50.873081][ T3630] ? rcu_read_lock_sched_held+0x87/0x110 [ 50.878722][ T3630] integrity_kernel_read+0xac/0xf0 [ 50.883833][ T3630] ? integrity_inode_free+0x240/0x240 [ 50.889211][ T3630] ima_calc_file_hash+0x178f/0x1ca0 [ 50.894421][ T3630] ? stack_trace_save+0x1e0/0x1e0 [ 50.899439][ T3630] ? kernel_text_address+0x9e/0xd0 [ 50.904549][ T3630] ? ima_alloc_tfm+0x330/0x330 [ 50.909307][ T3630] ? register_lock_class+0xc2/0x930 [ 50.914501][ T3630] ? is_dynamic_key+0x1f0/0x1f0 [ 50.919348][ T3630] ? mark_lock+0x9a/0x350 [ 50.923673][ T3630] ? __lock_acquire+0x1292/0x1f60 [ 50.928719][ T3630] ? rcu_read_lock_sched_held+0x87/0x110 [ 50.934343][ T3630] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 50.940319][ T3630] ? trace_raw_output_contention_end+0xd0/0xd0 [ 50.946477][ T3630] ? trace_contention_end+0x72/0x1d0 [ 50.951759][ T3630] ima_collect_measurement+0x444/0x8c0 [ 50.957224][ T3630] ? ima_get_action+0xa0/0xa0 [ 50.961898][ T3630] ? is_bad_inode+0x9/0x40 [ 50.966337][ T3630] process_measurement+0xf4b/0x1bd0 [ 50.971547][ T3630] ? ima_file_mmap+0x150/0x150 [ 50.976322][ T3630] ? tomoyo_check_path_number_acl+0x270/0x270 [ 50.982389][ T3630] ? aa_get_newest_label+0xf4/0x640 [ 50.987589][ T3630] ? apparmor_task_kill+0x540/0x540 [ 50.992789][ T3630] ? apparmor_file_open+0x5c7/0x7c0 [ 50.997987][ T3630] ? apparmor_inode_getattr+0x680/0x680 [ 51.003537][ T3630] ima_file_check+0xd8/0x130 [ 51.008125][ T3630] ? do_dentry_open+0xcad/0x11b0 [ 51.013062][ T3630] ? ima_bprm_check+0x270/0x270 [ 51.017918][ T3630] path_openat+0x2642/0x2df0 [ 51.022530][ T3630] ? stack_trace_snprint+0xf0/0xf0 [ 51.027651][ T3630] ? __stack_depot_save+0x36/0x4a0 [ 51.032795][ T3630] ? do_filp_open+0x4f0/0x4f0 [ 51.037494][ T3630] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.043126][ T3630] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 51.049121][ T3630] do_filp_open+0x264/0x4f0 [ 51.053630][ T3630] ? vfs_tmpfile+0x490/0x490 [ 51.058238][ T3630] ? do_raw_spin_unlock+0x134/0x8a0 [ 51.063443][ T3630] ? _raw_spin_unlock+0x24/0x40 [ 51.068293][ T3630] ? alloc_fd+0x5a7/0x640 [ 51.072630][ T3630] do_sys_openat2+0x124/0x4e0 [ 51.077302][ T3630] ? print_irqtrace_events+0x220/0x220 [ 51.082756][ T3630] ? ptrace_stop+0x74d/0x970 [ 51.087343][ T3630] ? do_sys_open+0x220/0x220 [ 51.091931][ T3630] ? lockdep_hardirqs_on+0x8d/0x130 [ 51.097123][ T3630] ? _raw_spin_unlock_irq+0x2a/0x40 [ 51.102320][ T3630] ? ptrace_notify+0x245/0x340 [ 51.107076][ T3630] __x64_sys_open+0x221/0x270 [ 51.111751][ T3630] ? do_sys_openat2+0x4e0/0x4e0 [ 51.116602][ T3630] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 51.122579][ T3630] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 51.128558][ T3630] do_syscall_64+0x3d/0xb0 [ 51.132970][ T3630] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 51.138856][ T3630] RIP: 0033:0x7fa4527a5769 [ 51.143264][ T3630] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 51.162862][ T3630] RSP: 002b:00007ffe07d1e358 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 51.171267][ T3630] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007fa4527a5769 [ 51.179232][ T3630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 51.187196][ T3630] RBP: 00007fa452765000 R08: 0000000000009e07 R09: 0000000000000000 [ 51.195160][ T3630] R10: 00007ffe07d1e220 R11: 0000000000000246 R12: 00007fa452765090 [ 51.203123][ T3630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 51.211101][ T3630] [ 51.215380][ T3630] syz-executor972: attempt to access beyond end of device [ 51.215380][ T3630] loop0: rw=0, sector=3245518, nr_sectors = 1 limit=128 [ 51.229475][ T3630] Buffer I/O error on dev loop0, logical block 3245518, async page read [ 51.237818][ T3630] syz-executor972: attempt to access beyond end of device open("./file0", O_RDONLY) = 4 exit_group(0) = ? +++ exited with 0 +++ [ 51.237818][ T3630] loop0: r