./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1457431952

<...>
Warning: Permanently added '10.128.1.3' (ED25519) to the list of known hosts.
execve("./syz-executor1457431952", ["./syz-executor1457431952"], 0x7ffd17241060 /* 10 vars */) = 0
brk(NULL)                               = 0x55557c95f000
brk(0x55557c95fd00)                     = 0x55557c95fd00
arch_prctl(ARCH_SET_FS, 0x55557c95f380) = 0
set_tid_address(0x55557c95f650)         = 5083
set_robust_list(0x55557c95f660, 24)     = 0
rseq(0x55557c95fca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1457431952", 4096) = 28
getrandom("\x83\x7e\x51\x02\x31\x63\x7e\x69", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55557c95fd00
brk(0x55557c980d00)                     = 0x55557c980d00
brk(0x55557c981000)                     = 0x55557c981000
mprotect(0x7f98da5a0000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f98d2000000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
munmap(0x7f98d2000000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./bus", 0777)                    = 0
mount("/dev/loop0", "./bus", "jfs", 0, "") = 0
openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
chdir("./bus")                          = 0
[   74.505988][ T5083] loop0: detected capacity change from 0 to 32768
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = -1 EBUSY (Device or resource busy)
openat(AT_FDCWD, "hugetlb.1GB.usage_in_bytes", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[   74.585685][ T5083] ==================================================================
[   74.593796][ T5083] BUG: KASAN: slab-out-of-bounds in dtSearch+0x1664/0x2520
[   74.601226][ T5083] Read of size 1 at addr ffff88807a61c058 by task syz-executor145/5083
[   74.609908][ T5083] 
[   74.612228][ T5083] CPU: 0 PID: 5083 Comm: syz-executor145 Not tainted 6.9.0-rc5-syzkaller-00042-ge88c4cfcb7b8 #0
[   74.622645][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   74.632729][ T5083] Call Trace:
[   74.636011][ T5083]  <TASK>
[   74.638936][ T5083]  dump_stack_lvl+0x241/0x360
[   74.643640][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.648846][ T5083]  ? __pfx__printk+0x10/0x10
[   74.653448][ T5083]  ? _printk+0xd5/0x120
[   74.657627][ T5083]  ? __virt_addr_valid+0x183/0x520
[   74.662761][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.668406][ T5083]  print_report+0x169/0x550
[   74.672909][ T5083]  ? __virt_addr_valid+0x183/0x520
[   74.678029][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.683670][ T5083]  ? __virt_addr_valid+0x44e/0x520
[   74.688790][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.694446][ T5083]  ? __phys_addr+0xba/0x170
[   74.699053][ T5083]  ? dtSearch+0x1664/0x2520
[   74.703578][ T5083]  kasan_report+0x143/0x180
[   74.708101][ T5083]  ? dtSearch+0x1664/0x2520
[   74.712612][ T5083]  dtSearch+0x1664/0x2520
[   74.716951][ T5083]  ? get_UCSname+0xe3/0x610
[   74.721457][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.727113][ T5083]  jfs_lookup+0x17f/0x410
[   74.731463][ T5083]  ? __pfx_jfs_lookup+0x10/0x10
[   74.736334][ T5083]  ? __pfx_apparmor_path_mknod+0x10/0x10
[   74.742024][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.747711][ T5083]  ? make_vfsuid+0x46/0x90
[   74.752168][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.757879][ T5083]  ? inode_permission+0xff/0x460
[   74.762849][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.768510][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.774388][ T5083]  ? security_inode_create+0xc2/0x110
[   74.779783][ T5083]  ? __pfx_jfs_lookup+0x10/0x10
[   74.784654][ T5083]  path_openat+0x1035/0x3240
[   74.789301][ T5083]  ? __pfx_path_openat+0x10/0x10
[   74.794308][ T5083]  do_filp_open+0x235/0x490
[   74.798859][ T5083]  ? __pfx_do_filp_open+0x10/0x10
[   74.803942][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.809587][ T5083]  ? _raw_spin_unlock+0x28/0x50
[   74.814451][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.820104][ T5083]  ? alloc_fd+0x59d/0x640
[   74.824456][ T5083]  do_sys_openat2+0x13e/0x1d0
[   74.829148][ T5083]  ? __pfx_do_sys_openat2+0x10/0x10
[   74.835230][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.840897][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.846597][ T5083]  ? _raw_spin_unlock_irq+0x2e/0x50
[   74.852164][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.857977][ T5083]  ? ptrace_notify+0x279/0x380
[   74.862764][ T5083]  __x64_sys_creat+0x123/0x170
[   74.867549][ T5083]  ? __pfx___x64_sys_creat+0x10/0x10
[   74.872861][ T5083]  ? do_syscall_64+0x102/0x240
[   74.877668][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   74.883317][ T5083]  do_syscall_64+0xf5/0x240
[   74.887840][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.893737][ T5083] RIP: 0033:0x7f98da527639
[   74.898182][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   74.917977][ T5083] RSP: 002b:00007ffcec1376d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   74.926436][ T5083] RAX: ffffffffffffffda RBX: 00007ffcec1378b8 RCX: 00007f98da527639
[   74.934416][ T5083] RDX: 00007f98da527639 RSI: 0000000000000000 RDI: 0000000020000000
[   74.942649][ T5083] RBP: 00007f98da5a0610 R08: 0000000000000000 R09: 0000000000000000
[   74.950621][ T5083] R10: 0000000000006152 R11: 0000000000000246 R12: 0000000000000001
[   74.958701][ T5083] R13: 00007ffcec1378a8 R14: 0000000000000001 R15: 0000000000000001
[   74.966689][ T5083]  </TASK>
[   74.969812][ T5083] 
[   74.972215][ T5083] Allocated by task 5083:
[   74.976538][ T5083]  kasan_save_track+0x3f/0x80
[   74.981222][ T5083]  __kasan_slab_alloc+0x66/0x80
[   74.986089][ T5083]  kmem_cache_alloc_lru+0x178/0x350
[   74.991404][ T5083]  jfs_alloc_inode+0x28/0x70
[   74.996003][ T5083]  new_inode_pseudo+0x6b/0x1e0
[   75.000764][ T5083]  new_inode+0x22/0x1d0
[   75.004913][ T5083]  ialloc+0x4c/0x900
[   75.008815][ T5083]  jfs_create+0x1be/0xb90
[   75.013146][ T5083]  path_openat+0x1427/0x3240
[   75.017741][ T5083]  do_filp_open+0x235/0x490
[   75.022285][ T5083]  do_sys_openat2+0x13e/0x1d0
[   75.026986][ T5083]  __x64_sys_openat+0x247/0x2a0
[   75.032030][ T5083]  do_syscall_64+0xf5/0x240
[   75.036550][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.042444][ T5083] 
[   75.044765][ T5083] The buggy address belongs to the object at ffff88807a61b780
[   75.044765][ T5083]  which belongs to the cache jfs_ip of size 2240
[   75.058466][ T5083] The buggy address is located 24 bytes to the right of
[   75.058466][ T5083]  allocated 2240-byte region [ffff88807a61b780, ffff88807a61c040)
[   75.073143][ T5083] 
[   75.075462][ T5083] The buggy address belongs to the physical page:
[   75.081885][ T5083] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a618
[   75.090641][ T5083] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   75.098201][ T5083] flags: 0xfff80000000840(slab|head|node=0|zone=1|lastcpupid=0xfff)
[   75.106184][ T5083] page_type: 0xffffffff()
[   75.110509][ T5083] raw: 00fff80000000840 ffff888019360000 dead000000000122 0000000000000000
[   75.119096][ T5083] raw: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000
[   75.127686][ T5083] head: 00fff80000000840 ffff888019360000 dead000000000122 0000000000000000
[   75.136355][ T5083] head: 0000000000000000 00000000800d000d 00000001ffffffff 0000000000000000
[   75.145027][ T5083] head: 00fff80000000003 ffffea0001e98601 dead000000000122 00000000ffffffff
[   75.153960][ T5083] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000
[   75.162650][ T5083] page dumped because: kasan: bad access detected
[   75.169059][ T5083] page_owner tracks the page as allocated
[   75.174782][ T5083] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5083, tgid 1528730103 (syz-executor145), ts 5083, free_ts 25220045816
[   75.199394][ T5083]  post_alloc_hook+0x1ea/0x210
[   75.204163][ T5083]  get_page_from_freelist+0x3410/0x35b0
[   75.209712][ T5083]  __alloc_pages+0x256/0x6c0
[   75.214302][ T5083]  alloc_slab_page+0x5f/0x160
[   75.218984][ T5083]  new_slab+0x84/0x2f0
[   75.223272][ T5083]  ___slab_alloc+0xc73/0x1260
[   75.227972][ T5083]  kmem_cache_alloc_lru+0x253/0x350
[   75.233174][ T5083]  jfs_alloc_inode+0x28/0x70
[   75.237767][ T5083]  new_inode_pseudo+0x6b/0x1e0
[   75.242532][ T5083]  new_inode+0x22/0x1d0
[   75.246688][ T5083]  jfs_fill_super+0x408/0xc50
[   75.251367][ T5083]  mount_bdev+0x20c/0x2d0
[   75.255698][ T5083]  legacy_get_tree+0xf0/0x190
[   75.260383][ T5083]  vfs_get_tree+0x92/0x2a0
[   75.264795][ T5083]  do_new_mount+0x2be/0xb40
[   75.269304][ T5083]  __se_sys_mount+0x2d9/0x3c0
[   75.273978][ T5083] page last free pid 1 tgid 1 stack trace:
[   75.279772][ T5083]  free_unref_page_prepare+0x986/0xab0
[   75.285258][ T5083]  free_unref_page+0x37/0x3f0
[   75.289957][ T5083]  free_contig_range+0x9e/0x160
[   75.294810][ T5083]  destroy_args+0x8a/0x890
[   75.299233][ T5083]  debug_vm_pgtable+0x4be/0x550
[   75.304081][ T5083]  do_one_initcall+0x24a/0x880
[   75.308844][ T5083]  do_initcall_level+0x157/0x210
[   75.313789][ T5083]  do_initcalls+0x3f/0x80
[   75.318114][ T5083]  kernel_init_freeable+0x435/0x5d0
[   75.323309][ T5083]  kernel_init+0x1d/0x2b0
[   75.327637][ T5083]  ret_from_fork+0x4d/0x80
[   75.332060][ T5083]  ret_from_fork_asm+0x1a/0x30
[   75.336828][ T5083] 
[   75.339142][ T5083] Memory state around the buggy address:
[   75.344764][ T5083]  ffff88807a61bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.352817][ T5083]  ffff88807a61bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   75.360886][ T5083] >ffff88807a61c000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   75.368942][ T5083]                                                     ^
[   75.375890][ T5083]  ffff88807a61c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.383949][ T5083]  ffff88807a61c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   75.391998][ T5083] ==================================================================
[   75.400529][ T5083] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   75.407748][ T5083] CPU: 0 PID: 5083 Comm: syz-executor145 Not tainted 6.9.0-rc5-syzkaller-00042-ge88c4cfcb7b8 #0
[   75.418171][ T5083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   75.428232][ T5083] Call Trace:
[   75.431513][ T5083]  <TASK>
[   75.434451][ T5083]  dump_stack_lvl+0x241/0x360
[   75.439152][ T5083]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.444368][ T5083]  ? __pfx__printk+0x10/0x10
[   75.448974][ T5083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.454996][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.460648][ T5083]  ? vscnprintf+0x5d/0x90
[   75.464990][ T5083]  panic+0x349/0x860
[   75.468902][ T5083]  ? check_panic_on_warn+0x21/0xb0
[   75.474031][ T5083]  ? __pfx_panic+0x10/0x10
[   75.478464][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.484115][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.489767][ T5083]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   75.495793][ T5083]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.502142][ T5083]  check_panic_on_warn+0x86/0xb0
[   75.507101][ T5083]  ? dtSearch+0x1664/0x2520
[   75.511619][ T5083]  end_report+0x77/0x160
[   75.515873][ T5083]  kasan_report+0x154/0x180
[   75.520383][ T5083]  ? dtSearch+0x1664/0x2520
[   75.524905][ T5083]  dtSearch+0x1664/0x2520
[   75.529605][ T5083]  ? get_UCSname+0xe3/0x610
[   75.534165][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.539856][ T5083]  jfs_lookup+0x17f/0x410
[   75.544210][ T5083]  ? __pfx_jfs_lookup+0x10/0x10
[   75.549113][ T5083]  ? __pfx_apparmor_path_mknod+0x10/0x10
[   75.554775][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.560436][ T5083]  ? make_vfsuid+0x46/0x90
[   75.564934][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.570694][ T5083]  ? inode_permission+0xff/0x460
[   75.575661][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.581315][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.586971][ T5083]  ? security_inode_create+0xc2/0x110
[   75.592360][ T5083]  ? __pfx_jfs_lookup+0x10/0x10
[   75.597256][ T5083]  path_openat+0x1035/0x3240
[   75.602136][ T5083]  ? __pfx_path_openat+0x10/0x10
[   75.607105][ T5083]  do_filp_open+0x235/0x490
[   75.611649][ T5083]  ? __pfx_do_filp_open+0x10/0x10
[   75.616706][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.622353][ T5083]  ? _raw_spin_unlock+0x28/0x50
[   75.627225][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.632873][ T5083]  ? alloc_fd+0x59d/0x640
[   75.637214][ T5083]  do_sys_openat2+0x13e/0x1d0
[   75.641910][ T5083]  ? __pfx_do_sys_openat2+0x10/0x10
[   75.647119][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.652769][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.658414][ T5083]  ? _raw_spin_unlock_irq+0x2e/0x50
[   75.663632][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.669281][ T5083]  ? ptrace_notify+0x279/0x380
[   75.674055][ T5083]  __x64_sys_creat+0x123/0x170
[   75.678832][ T5083]  ? __pfx___x64_sys_creat+0x10/0x10
[   75.684225][ T5083]  ? do_syscall_64+0x102/0x240
[   75.689015][ T5083]  ? srso_alias_return_thunk+0x5/0xfbef5
[   75.694667][ T5083]  do_syscall_64+0xf5/0x240
[   75.699192][ T5083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.705095][ T5083] RIP: 0033:0x7f98da527639
[   75.709516][ T5083] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   75.729210][ T5083] RSP: 002b:00007ffcec1376d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   75.737665][ T5083] RAX: ffffffffffffffda RBX: 00007ffcec1378b8 RCX: 00007f98da527639
[   75.745640][ T5083] RDX: 00007f98da527639 RSI: 0000000000000000 RDI: 0000000020000000
[   75.753623][ T5083] RBP: 00007f98da5a0610 R08: 0000000000000000 R09: 0000000000000000
[   75.761599][ T5083] R10: 0000000000006152 R11: 0000000000000246 R12: 0000000000000001
[   75.769579][ T5083] R13: 00007ffcec1378a8 R14: 0000000000000001 R15: 0000000000000001
[   75.777568][ T5083]  </TASK>
[   75.780834][ T5083] Kernel Offset: disabled
[   75.785154][ T5083] Rebooting in 86400 seconds..