./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1716228494 <...> Warning: Permanently added '10.128.1.34' (ED25519) to the list of known hosts. execve("./syz-executor1716228494", ["./syz-executor1716228494"], 0x7ffe78c83730 /* 10 vars */) = 0 brk(NULL) = 0x5555669c8000 brk(0x5555669c8d00) = 0x5555669c8d00 arch_prctl(ARCH_SET_FS, 0x5555669c8380) = 0 set_tid_address(0x5555669c8650) = 5794 set_robust_list(0x5555669c8660, 24) = 0 rseq(0x5555669c8ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1716228494", 4096) = 28 getrandom("\xf4\x04\x50\x1e\x10\xe7\x61\x25", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555669c8d00 brk(0x5555669e9d00) = 0x5555669e9d00 brk(0x5555669ea000) = 0x5555669ea000 mprotect(0x7fb3df907000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5795 attached , child_tidptr=0x5555669c8650) = 5795 [pid 5795] set_robust_list(0x5555669c8660, 24) = 0 [pid 5795] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5795] setpgid(0, 0) = 0 [pid 5795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5795] write(3, "1000", 4) = 4 executing program [pid 5795] close(3) = 0 [pid 5795] write(1, "executing program\n", 18) = 18 [pid 5795] memfd_create("syzkaller", 0) = 3 [pid 5795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb3d7400000 [pid 5795] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5795] munmap(0x7fb3d7400000, 138412032) = 0 [pid 5795] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5795] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5795] close(3) = 0 [pid 5795] close(4) = 0 [pid 5795] mkdir("./file0", 0777) = 0 [ 181.930085][ T5795] loop0: detected capacity change from 0 to 32768 [ 181.956581][ T5795] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 181.965193][ T5795] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 181.987700][ T5795] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms [ 182.002644][ T44] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 182.009737][ T44] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 182.090925][ T44] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 81ms [ 182.099409][ T44] gfs2: fsid=syz:syz.0: jid=0: Done [ 182.105674][ T5795] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 182.288341][ T5795] syz-executor171: attempt to access beyond end of device [ 182.288341][ T5795] loop0: rw=12288, sector=2251799813685248, nr_sectors = 8 limit=32768 [ 182.303881][ T5795] ===================================================== [ 182.311008][ T5795] BUG: KMSAN: uninit-value in gfs2_quota_init+0x22c4/0x2950 [ 182.318606][ T5795] gfs2_quota_init+0x22c4/0x2950 [ 182.323819][ T5795] gfs2_make_fs_rw+0x4cf/0x6a0 [ 182.328753][ T5795] gfs2_fill_super+0x43f5/0x45a0 [ 182.333904][ T5795] get_tree_bdev_flags+0x6ec/0x910 [ 182.339210][ T5795] get_tree_bdev+0x37/0x50 [ 182.343850][ T5795] gfs2_get_tree+0x5c/0x340 [ 182.348537][ T5795] vfs_get_tree+0xb1/0x5a0 [ 182.353242][ T5795] do_new_mount+0x71f/0x15e0 [ 182.358015][ T5795] path_mount+0x742/0x1f10 [ 182.362735][ T5795] __se_sys_mount+0x722/0x810 [ 182.367603][ T5795] __x64_sys_mount+0xe4/0x150 [ 182.372513][ T5795] x64_sys_call+0x39bf/0x3c30 [ 182.377365][ T5795] do_syscall_64+0xcd/0x1e0 [ 182.382125][ T5795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.388189][ T5795] [ 182.390563][ T5795] Uninit was created at: [ 182.395098][ T5795] __alloc_pages_noprof+0x9a7/0xe00 [ 182.400451][ T5795] alloc_pages_mpol_noprof+0x299/0x990 [ 182.406135][ T5795] folio_alloc_noprof+0x1db/0x310 [ 182.411381][ T5795] filemap_alloc_folio_noprof+0xa6/0x440 [ 182.417119][ T5795] __filemap_get_folio+0xac4/0x1550 [ 182.422586][ T5795] gfs2_getbuf+0x23f/0xcd0 [ 182.427186][ T5795] gfs2_meta_ra+0x17f/0x7b0 [ 182.431983][ T5795] gfs2_quota_init+0x78d/0x2950 [ 182.437033][ T5795] gfs2_make_fs_rw+0x4cf/0x6a0 [ 182.442011][ T5795] gfs2_fill_super+0x43f5/0x45a0 [ 182.447121][ T5795] get_tree_bdev_flags+0x6ec/0x910 [ 182.452452][ T5795] get_tree_bdev+0x37/0x50 [ 182.457034][ T5795] gfs2_get_tree+0x5c/0x340 [ 182.461744][ T5795] vfs_get_tree+0xb1/0x5a0 [ 182.466332][ T5795] do_new_mount+0x71f/0x15e0 [ 182.471047][ T5795] path_mount+0x742/0x1f10 [ 182.475738][ T5795] __se_sys_mount+0x722/0x810 [ 182.480536][ T5795] __x64_sys_mount+0xe4/0x150 [ 182.485496][ T5795] x64_sys_call+0x39bf/0x3c30 [ 182.490370][ T5795] do_syscall_64+0xcd/0x1e0 [ 182.495154][ T5795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.501313][ T5795] [ 182.503733][ T5795] CPU: 0 UID: 0 PID: 5795 Comm: syz-executor171 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 182.514707][ T5795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 182.524990][ T5795] ===================================================== [ 182.532088][ T5795] Disabling lock debugging due to kernel taint [ 182.538350][ T5795] Kernel panic - not syncing: kmsan.panic set ... [ 182.544853][ T5795] CPU: 0 UID: 0 PID: 5795 Comm: syz-executor171 Tainted: G B 6.12.0-syzkaller-09073-g9f16d5e6f220 #0 [ 182.557228][ T5795] Tainted: [B]=BAD_PAGE [ 182.561474][ T5795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 182.571626][ T5795] Call Trace: [ 182.574978][ T5795] [ 182.577962][ T5795] dump_stack_lvl+0x216/0x2d0 [ 182.582771][ T5795] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 182.588714][ T5795] dump_stack+0x1e/0x30 [ 182.593004][ T5795] panic+0x4e2/0xcf0 [ 182.597075][ T5795] ? kmsan_get_metadata+0x81/0x1c0 [ 182.602324][ T5795] kmsan_report+0x2c7/0x2d0 [ 182.606956][ T5795] ? __msan_warning+0x95/0x120 [ 182.611920][ T5795] ? gfs2_quota_init+0x22c4/0x2950 [ 182.617160][ T5795] ? gfs2_make_fs_rw+0x4cf/0x6a0 [ 182.622204][ T5795] ? gfs2_fill_super+0x43f5/0x45a0 [ 182.627417][ T5795] ? get_tree_bdev_flags+0x6ec/0x910 [ 182.632819][ T5795] ? get_tree_bdev+0x37/0x50 [ 182.637625][ T5795] ? gfs2_get_tree+0x5c/0x340 [ 182.642451][ T5795] ? vfs_get_tree+0xb1/0x5a0 [ 182.647155][ T5795] ? do_new_mount+0x71f/0x15e0 [ 182.652034][ T5795] ? path_mount+0x742/0x1f10 [ 182.656737][ T5795] ? __se_sys_mount+0x722/0x810 [ 182.661704][ T5795] ? __x64_sys_mount+0xe4/0x150 [ 182.666674][ T5795] ? x64_sys_call+0x39bf/0x3c30 [ 182.671660][ T5795] ? do_syscall_64+0xcd/0x1e0 [ 182.676507][ T5795] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.682684][ T5795] ? submit_bio+0x58a/0x5b0 [ 182.687299][ T5795] ? submit_bh_wbc+0x82b/0x8a0 [ 182.692191][ T5795] ? kmsan_get_metadata+0x13e/0x1c0 [ 182.697525][ T5795] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 182.703467][ T5795] ? kmsan_get_metadata+0x13e/0x1c0 [ 182.708816][ T5795] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 182.714760][ T5795] __msan_warning+0x95/0x120 [ 182.719556][ T5795] gfs2_quota_init+0x22c4/0x2950 [ 182.724649][ T5795] gfs2_make_fs_rw+0x4cf/0x6a0 [ 182.729556][ T5795] gfs2_fill_super+0x43f5/0x45a0 [ 182.734665][ T5795] ? sb_set_blocksize+0x12a/0x160 [ 182.739824][ T5795] ? setup_bdev_super+0xa2c/0xa90 [ 182.745124][ T5795] ? init_locking+0xf0/0x510 [ 182.749819][ T5795] get_tree_bdev_flags+0x6ec/0x910 [ 182.755062][ T5795] ? __pfx_gfs2_fill_super+0x10/0x10 [ 182.760456][ T5795] ? __pfx_gfs2_fill_super+0x10/0x10 [ 182.765873][ T5795] get_tree_bdev+0x37/0x50 [ 182.770406][ T5795] gfs2_get_tree+0x5c/0x340 [ 182.775049][ T5795] ? __pfx_gfs2_get_tree+0x10/0x10 [ 182.780321][ T5795] vfs_get_tree+0xb1/0x5a0 [ 182.784855][ T5795] ? mount_capable+0x97/0x120 [ 182.789643][ T5795] do_new_mount+0x71f/0x15e0 [ 182.794380][ T5795] ? kmsan_get_metadata+0x13e/0x1c0 [ 182.799748][ T5795] path_mount+0x742/0x1f10 [ 182.804308][ T5795] ? user_path_at+0x374/0x3e0 [ 182.809162][ T5795] __se_sys_mount+0x722/0x810 [ 182.814061][ T5795] ? ptrace_notify+0x263/0x320 [ 182.818957][ T5795] __x64_sys_mount+0xe4/0x150 [ 182.823786][ T5795] x64_sys_call+0x39bf/0x3c30 [ 182.828596][ T5795] do_syscall_64+0xcd/0x1e0 [ 182.833248][ T5795] ? clear_bhb_loop+0x25/0x80 [ 182.838132][ T5795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.844156][ T5795] RIP: 0033:0x7fb3df882daa [ 182.848660][ T5795] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 182.868393][ T5795] RSP: 002b:00007fff061b09e8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 182.876953][ T5795] RAX: ffffffffffffffda RBX: 00007fff061b0a00 RCX: 00007fb3df882daa [ 182.885093][ T5795] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 00007fff061b0a00 [ 182.893171][ T5795] RBP: 0000000000000004 R08: 00007fff061b0a40 R09: 000000000001254b [ 182.901360][ T5795] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [ 182.909439][ T5795] R13: 00007fff061b0a40 R14: 0000000000000003 R15: 0000000001000000 [ 182.917525][ T5795] [ 182.920794][ T5795] Kernel Offset: disabled [ 182.925185][ T5795] Rebooting in 86400 seconds..