./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2083898886
<...>
DUID 00:04:e3:38:52:80:67:3f:e9:c9:a2:47:22:a3:59:23:7d:1e
forked to background, child pid 3184
[ 20.082466][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0
[ 20.096375][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.7' (ECDSA) to the list of known hosts.
execve("./syz-executor2083898886", ["./syz-executor2083898886"], 0x7ffc509d9180 /* 10 vars */) = 0
brk(NULL) = 0x55555600f000
brk(0x55555600fc40) = 0x55555600fc40
arch_prctl(ARCH_SET_FS, 0x55555600f300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2083898886", 4096) = 28
brk(0x555556030c40) = 0x555556030c40
brk(0x555556031000) = 0x555556031000
mprotect(0x7fd436c47000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0) = 3
ftruncate(3, 135266304) = 0
pwrite64(3, "\x01\x16\x19\x70\x00\x00\x00\x01\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x00\x00\x00\x00\x00\x00\x07\x09\x00\x00\x07\x6c\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x08\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x09\x25\x6c\x6f\x63\x6b"..., 101, 65536) = 101
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_SET_FD, 3) = 0
mkdir("./file0", 0777) = 0
syzkaller login: [ 36.934583][ T3605] loop0: detected capacity change from 0 to 264192
[ 36.945221][ T3605] gfs2: fsid=loop0: Trying to join cluster "lock_nolock", "loop0"
[ 36.953050][ T3605] gfs2: fsid=loop0: Now mounting FS (format 1801)...
[ 36.960397][ T3605] ================================================================================
[ 36.969713][ T3605] UBSAN: shift-out-of-bounds in fs/gfs2/meta_io.c:128:16
[ 36.976812][ T3605] shift exponent 4294967293 is too large for 64-bit type 'u64' (aka 'unsigned long long')
[ 36.986790][ T3605] CPU: 1 PID: 3605 Comm: syz-executor208 Not tainted 6.0.0-syzkaller-09423-g493ffd6605b2 #0
[ 36.996838][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 37.006872][ T3605] Call Trace:
[ 37.010135][ T3605]
[ 37.013049][ T3605] dump_stack_lvl+0x1b1/0x28e
[ 37.017711][ T3605] ? fortify_panic+0x13/0x13
[ 37.022280][ T3605] ? vsnprintf+0x1af/0x1ce0
[ 37.027031][ T3605] ? panic+0x710/0x710
[ 37.031083][ T3605] ? sched_clock_cpu+0x71/0x2b0
[ 37.035914][ T3605] ? print_irqtrace_events+0x220/0x220
[ 37.041355][ T3605] ? do_raw_spin_unlock+0x134/0x8a0
[ 37.046538][ T3605] __ubsan_handle_shift_out_of_bounds+0x33d/0x3b0
[ 37.052940][ T3605] ? name_to_dev_t+0x999/0xc30
[ 37.057689][ T3605] gfs2_getbuf+0x759/0x7d0
[ 37.062093][ T3605] gfs2_meta_read+0x153/0x910
[ 37.066834][ T3605] ? release_firmware_map_entry+0x187/0x187
[ 37.072711][ T3605] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 37.078670][ T3605] ? trace_lock_release+0x7b/0x1a0
[ 37.083764][ T3605] ? gfs2_meta_new+0x150/0x150
[ 37.088506][ T3605] ? lock_release+0x81/0x820
[ 37.093077][ T3605] gfs2_meta_buffer+0x153/0x3a0
[ 37.097910][ T3605] ? gfs2_glock_nq+0xd7b/0x1640
[ 37.102742][ T3605] ? gfs2_journal_wipe+0x9a0/0x9a0
[ 37.107831][ T3605] ? do_raw_spin_lock+0x148/0x360
[ 37.112835][ T3605] ? __lock_acquire+0x1f60/0x1f60
[ 37.117838][ T3605] gfs2_inode_refresh+0xab/0xe90
[ 37.122762][ T3605] ? gfs2_inode_metasync+0xf0/0xf0
[ 37.127853][ T3605] ? _raw_spin_unlock+0x24/0x40
[ 37.132684][ T3605] gfs2_instantiate+0x15e/0x220
[ 37.137515][ T3605] gfs2_glock_wait+0x1d9/0x2a0
[ 37.142258][ T3605] gfs2_lookupi+0x40c/0x650
[ 37.146743][ T3605] ? gfs2_lookup_simple+0x170/0x170
[ 37.151920][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.157532][ T3605] ? gfs2_lookup_simple+0xec/0x170
[ 37.162623][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.168232][ T3605] ? crc32_le_base+0x7a0/0xd00
[ 37.172976][ T3605] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 37.178936][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.184548][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.190161][ T3605] gfs2_lookup_simple+0xec/0x170
[ 37.195080][ T3605] ? lockref_put_or_lock+0x6f/0xb0
[ 37.200627][ T3605] ? trace_lock_release+0x7b/0x1a0
[ 37.206229][ T3605] ? gfs2_lookup_by_inum+0xe0/0xe0
[ 37.211331][ T3605] ? format_decode+0x43e/0x1a50
[ 37.216169][ T3605] init_journal+0x19b/0x22c0
[ 37.220743][ T3605] ? string+0x289/0x2d0
[ 37.224888][ T3605] ? vsnprintf+0x1fa/0x1ce0
[ 37.229385][ T3605] ? memcpy+0x3c/0x60
[ 37.233350][ T3605] ? vsnprintf+0x1c02/0x1ce0
[ 37.237923][ T3605] ? _compound_head+0x130/0x130
[ 37.242755][ T3605] ? __ptr_to_hashval+0x2f0/0x2f0
[ 37.247762][ T3605] ? init_sb+0xb7b/0x12b0
[ 37.252074][ T3605] ? snprintf+0xc0/0x110
[ 37.256301][ T3605] ? gfs2_fill_super+0x1a58/0x2610
[ 37.261419][ T3605] ? vscnprintf+0x80/0x80
[ 37.265753][ T3605] init_inodes+0xdc/0x340
[ 37.270074][ T3605] gfs2_fill_super+0x1ad8/0x2610
[ 37.275017][ T3605] ? gfs2_reconfigure+0xce0/0xce0
[ 37.280025][ T3605] ? __ptr_to_hashval+0x2f0/0x2f0
[ 37.285044][ T3605] ? up_write+0x131/0x4d0
[ 37.289358][ T3605] ? init_locking+0xbd/0x220
[ 37.293933][ T3605] ? vscnprintf+0x80/0x80
[ 37.298245][ T3605] ? set_blocksize+0x1d5/0x360
[ 37.303015][ T3605] get_tree_bdev+0x400/0x620
[ 37.307597][ T3605] ? gfs2_reconfigure+0xce0/0xce0
[ 37.312621][ T3605] gfs2_get_tree+0x50/0x210
[ 37.317105][ T3605] ? bpf_lsm_capable+0x5/0x10
[ 37.321769][ T3605] vfs_get_tree+0x88/0x270
[ 37.326177][ T3605] do_new_mount+0x289/0xad0
[ 37.330665][ T3605] ? do_move_mount_old+0x150/0x150
[ 37.335756][ T3605] ? user_path_at_empty+0x149/0x1a0
[ 37.340935][ T3605] __se_sys_mount+0x2d3/0x3c0
[ 37.345593][ T3605] ? __x64_sys_mount+0xc0/0xc0
[ 37.350337][ T3605] ? __x64_sys_mount+0x1c/0xc0
[ 37.355081][ T3605] do_syscall_64+0x3d/0xb0
[ 37.359508][ T3605] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 37.365402][ T3605] RIP: 0033:0x7fd436bdc42a
[ 37.369806][ T3605] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 37.389479][ T3605] RSP: 002b:00007ffca30177e8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[ 37.397958][ T3605] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fd436bdc42a
[ 37.405908][ T3605] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffca3017800
[ 37.413858][ T3605] RBP: 00007ffca3017800 R08: 00007ffca3017840 R09: 000055555600f2c0
[ 37.421810][ T3605] R10: 0000000000000008 R11: 0000000000000282 R12: 0000000000000004
[ 37.429759][ T3605] R13: 00007ffca3017840 R14: 0000000000000001 R15: 0000000020000218
[ 37.437713][ T3605]
[ 37.441337][ T3605] ================================================================================
[ 37.450643][ T3605] Kernel panic - not syncing: panic_on_warn set ...
[ 37.457208][ T3605] CPU: 1 PID: 3605 Comm: syz-executor208 Not tainted 6.0.0-syzkaller-09423-g493ffd6605b2 #0
[ 37.467250][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[ 37.477281][ T3605] Call Trace:
[ 37.480540][ T3605]
[ 37.483452][ T3605] dump_stack_lvl+0x1b1/0x28e
[ 37.488125][ T3605] ? fortify_panic+0x13/0x13
[ 37.492694][ T3605] ? panic+0x710/0x710
[ 37.496757][ T3605] ? __irq_work_queue_local+0x121/0x180
[ 37.502286][ T3605] ? vscnprintf+0x59/0x80
[ 37.506600][ T3605] panic+0x2d6/0x710
[ 37.510480][ T3605] ? __ubsan_handle_shift_out_of_bounds+0x360/0x3b0
[ 37.517137][ T3605] ? fb_is_primary_device+0xcc/0xcc
[ 37.522318][ T3605] ? panic+0x710/0x710
[ 37.526370][ T3605] ? sched_clock_cpu+0x71/0x2b0
[ 37.531213][ T3605] ? print_irqtrace_events+0x220/0x220
[ 37.536651][ T3605] ? do_raw_spin_unlock+0x134/0x8a0
[ 37.541931][ T3605] __ubsan_handle_shift_out_of_bounds+0x3af/0x3b0
[ 37.548330][ T3605] ? name_to_dev_t+0x999/0xc30
[ 37.553080][ T3605] gfs2_getbuf+0x759/0x7d0
[ 37.557479][ T3605] gfs2_meta_read+0x153/0x910
[ 37.562135][ T3605] ? release_firmware_map_entry+0x187/0x187
[ 37.568102][ T3605] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 37.574097][ T3605] ? trace_lock_release+0x7b/0x1a0
[ 37.579188][ T3605] ? gfs2_meta_new+0x150/0x150
[ 37.583940][ T3605] ? lock_release+0x81/0x820
[ 37.588514][ T3605] gfs2_meta_buffer+0x153/0x3a0
[ 37.593346][ T3605] ? gfs2_glock_nq+0xd7b/0x1640
[ 37.598179][ T3605] ? gfs2_journal_wipe+0x9a0/0x9a0
[ 37.603358][ T3605] ? do_raw_spin_lock+0x148/0x360
[ 37.608366][ T3605] ? __lock_acquire+0x1f60/0x1f60
[ 37.613377][ T3605] gfs2_inode_refresh+0xab/0xe90
[ 37.618297][ T3605] ? gfs2_inode_metasync+0xf0/0xf0
[ 37.623390][ T3605] ? _raw_spin_unlock+0x24/0x40
[ 37.628222][ T3605] gfs2_instantiate+0x15e/0x220
[ 37.633054][ T3605] gfs2_glock_wait+0x1d9/0x2a0
[ 37.637803][ T3605] gfs2_lookupi+0x40c/0x650
[ 37.642291][ T3605] ? gfs2_lookup_simple+0x170/0x170
[ 37.647492][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.653109][ T3605] ? gfs2_lookup_simple+0xec/0x170
[ 37.658201][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.663810][ T3605] ? crc32_le_base+0x7a0/0xd00
[ 37.668555][ T3605] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 37.674519][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.680132][ T3605] ? rcu_read_lock_sched_held+0x5d/0x110
[ 37.685744][ T3605] gfs2_lookup_simple+0xec/0x170
[ 37.690662][ T3605] ? lockref_put_or_lock+0x6f/0xb0
[ 37.695754][ T3605] ? trace_lock_release+0x7b/0x1a0
[ 37.700845][ T3605] ? gfs2_lookup_by_inum+0xe0/0xe0
[ 37.705934][ T3605] ? format_decode+0x43e/0x1a50
[ 37.710774][ T3605] init_journal+0x19b/0x22c0
[ 37.715347][ T3605] ? string+0x289/0x2d0
[ 37.719482][ T3605] ? vsnprintf+0x1fa/0x1ce0
[ 37.723983][ T3605] ? memcpy+0x3c/0x60
[ 37.727967][ T3605] ? vsnprintf+0x1c02/0x1ce0
[ 37.732540][ T3605] ? _compound_head+0x130/0x130
[ 37.737374][ T3605] ? __ptr_to_hashval+0x2f0/0x2f0
[ 37.742380][ T3605] ? init_sb+0xb7b/0x12b0
[ 37.746698][ T3605] ? snprintf+0xc0/0x110
[ 37.750922][ T3605] ? gfs2_fill_super+0x1a58/0x2610
[ 37.756016][ T3605] ? vscnprintf+0x80/0x80
[ 37.760328][ T3605] init_inodes+0xdc/0x340
[ 37.764638][ T3605] gfs2_fill_super+0x1ad8/0x2610
[ 37.769563][ T3605] ? gfs2_reconfigure+0xce0/0xce0
[ 37.774569][ T3605] ? __ptr_to_hashval+0x2f0/0x2f0
[ 37.779583][ T3605] ? up_write+0x131/0x4d0
[ 37.783894][ T3605] ? init_locking+0xbd/0x220
[ 37.788468][ T3605] ? vscnprintf+0x80/0x80
[ 37.792778][ T3605] ? set_blocksize+0x1d5/0x360
[ 37.797520][ T3605] get_tree_bdev+0x400/0x620
[ 37.802110][ T3605] ? gfs2_reconfigure+0xce0/0xce0
[ 37.807116][ T3605] gfs2_get_tree+0x50/0x210
[ 37.811599][ T3605] ? bpf_lsm_capable+0x5/0x10
[ 37.816257][ T3605] vfs_get_tree+0x88/0x270
[ 37.820919][ T3605] do_new_mount+0x289/0xad0
[ 37.825402][ T3605] ? do_move_mount_old+0x150/0x150
[ 37.830491][ T3605] ? user_path_at_empty+0x149/0x1a0
[ 37.835669][ T3605] __se_sys_mount+0x2d3/0x3c0
[ 37.840412][ T3605] ? __x64_sys_mount+0xc0/0xc0
[ 37.845156][ T3605] ? __x64_sys_mount+0x1c/0xc0
[ 37.849899][ T3605] do_syscall_64+0x3d/0xb0
[ 37.854311][ T3605] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 37.860184][ T3605] RIP: 0033:0x7fd436bdc42a
[ 37.864590][ T3605] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 37.884440][ T3605] RSP: 002b:00007ffca30177e8 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5
[ 37.892833][ T3605] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fd436bdc42a
[ 37.900786][ T3605] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffca3017800
[ 37.908735][ T3605] RBP: 00007ffca3017800 R08: 00007ffca3017840 R09: 000055555600f2c0
[ 37.916772][ T3605] R10: 0000000000000008 R11: 0000000000000282 R12: 0000000000000004
[ 37.924722][ T3605] R13: 00007ffca3017840 R14: 0000000000000001 R15: 0000000020000218
[ 37.932676][ T3605]
[ 37.935850][ T3605] Kernel Offset: disabled
[ 37.940158][ T3605] Rebooting in 86400 seconds..