./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor986789708 <...> forked to background, child pid 5434 no interfaces have a carrier [ 125.193643][ T5435] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.222001][ T5435] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.10.19' (ED25519) to the list of known hosts. execve("./syz-executor986789708", ["./syz-executor986789708"], 0x7ffde5212650 /* 10 vars */) = 0 brk(NULL) = 0x55559322c000 brk(0x55559322cd00) = 0x55559322cd00 arch_prctl(ARCH_SET_FS, 0x55559322c380) = 0 set_tid_address(0x55559322c650) = 5781 set_robust_list(0x55559322c660, 24) = 0 rseq(0x55559322cca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor986789708", 4096) = 27 getrandom("\xdd\xe3\x14\x25\xa7\xfc\x6d\xc9", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55559322cd00 brk(0x55559324dd00) = 0x55559324dd00 brk(0x55559324e000) = 0x55559324e000 mprotect(0x7ff623912000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55559322c650) = 5782 ./strace-static-x86_64: Process 5782 attached [pid 5782] set_robust_list(0x55559322c660, 24) = 0 [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5782] setpgid(0, 0) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5782] write(3, "1000", 4) = 4 [pid 5782] close(3) = 0 [pid 5782] write(1, "executing program\n", 18executing program ) = 18 [pid 5782] memfd_create("syzkaller", 0) = 3 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ff61b400000 [pid 5782] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 5782] munmap(0x7ff61b400000, 138412032) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5782] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5782] close(3) = 0 [pid 5782] close(4) = 0 [pid 5782] mkdir("./file0", 0777) = 0 syzkaller login: [ 180.593713][ T5782] loop0: detected capacity change from 0 to 40427 [ 180.615987][ T5782] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 180.624124][ T5782] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 180.653590][ T5782] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 5782] mount("/dev/loop0", "./file0", "f2fs", MS_SYNCHRONOUS|MS_NOATIME|MS_SILENT|MS_LAZYTIME, "") = 0 [pid 5782] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5782] chdir("./file0") = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 180.825486][ T5782] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 180.833228][ T5782] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 180.851147][ T5782] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 180.863020][ T5782] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 180.995719][ T5782] ===================================================== [ 181.002987][ T5782] BUG: KMSAN: uninit-value in f2fs_new_node_page+0x14c5/0x1690 [ 181.010783][ T5782] f2fs_new_node_page+0x14c5/0x1690 [ 181.016177][ T5782] f2fs_new_inode_page+0xb6/0x100 [ 181.021450][ T5782] f2fs_init_inode_metadata+0x18b/0x1e40 [ 181.027262][ T5782] f2fs_add_inline_entry+0x5f5/0xbe0 [ 181.032760][ T5782] f2fs_do_add_link+0x4b0/0xad0 [ 181.037790][ T5782] f2fs_symlink+0x6d5/0xf80 [ 181.042668][ T5782] vfs_symlink+0x1ed/0x460 [ 181.047265][ T5782] do_symlinkat+0x253/0x8b0 [ 181.052049][ T5782] __x64_sys_symlink+0xe0/0x140 [ 181.057084][ T5782] x64_sys_call+0x31ca/0x3c30 [ 181.062027][ T5782] do_syscall_64+0xcd/0x1e0 [ 181.066756][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.072966][ T5782] [ 181.075368][ T5782] Local variable new_ni created at: [ 181.080759][ T5782] f2fs_new_node_page+0xa4/0x1690 [ 181.085957][ T5782] f2fs_new_inode_page+0xb6/0x100 [ 181.091202][ T5782] [ 181.093622][ T5782] CPU: 0 UID: 0 PID: 5782 Comm: syz-executor986 Not tainted 6.12.0-syzkaller-11930-g0e287d31b62b #0 [ 181.104634][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.114933][ T5782] ===================================================== [ 181.122073][ T5782] Disabling lock debugging due to kernel taint [ 181.128319][ T5782] Kernel panic - not syncing: kmsan.panic set ... [ 181.134841][ T5782] CPU: 0 UID: 0 PID: 5782 Comm: syz-executor986 Tainted: G B 6.12.0-syzkaller-11930-g0e287d31b62b #0 [ 181.147308][ T5782] Tainted: [B]=BAD_PAGE [ 181.151510][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 181.161647][ T5782] Call Trace: [ 181.164983][ T5782] [ 181.167967][ T5782] dump_stack_lvl+0x216/0x2d0 [ 181.172773][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 181.178739][ T5782] dump_stack+0x1e/0x30 [ 181.183030][ T5782] panic+0x4e2/0xcf0 [ 181.187046][ T5782] ? kmsan_get_metadata+0xc1/0x1c0 [ 181.192331][ T5782] kmsan_report+0x2c7/0x2d0 [ 181.197040][ T5782] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 181.203516][ T5782] ? __msan_warning+0x95/0x120 [ 181.208459][ T5782] ? f2fs_new_node_page+0x14c5/0x1690 [ 181.213966][ T5782] ? f2fs_new_inode_page+0xb6/0x100 [ 181.219345][ T5782] ? f2fs_init_inode_metadata+0x18b/0x1e40 [ 181.225291][ T5782] ? f2fs_add_inline_entry+0x5f5/0xbe0 [ 181.230906][ T5782] ? f2fs_do_add_link+0x4b0/0xad0 [ 181.236046][ T5782] ? f2fs_symlink+0x6d5/0xf80 [ 181.240824][ T5782] ? vfs_symlink+0x1ed/0x460 [ 181.245529][ T5782] ? do_symlinkat+0x253/0x8b0 [ 181.250316][ T5782] ? __x64_sys_symlink+0xe0/0x140 [ 181.255479][ T5782] ? x64_sys_call+0x31ca/0x3c30 [ 181.260469][ T5782] ? do_syscall_64+0xcd/0x1e0 [ 181.265298][ T5782] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.271596][ T5782] ? dquot_free_inode+0xc64/0x1320 [ 181.276877][ T5782] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 181.283087][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 181.288416][ T5782] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 181.294860][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 181.300198][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 181.306153][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 181.311477][ T5782] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 181.317943][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 181.323270][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 181.329205][ T5782] __msan_warning+0x95/0x120 [ 181.333905][ T5782] f2fs_new_node_page+0x14c5/0x1690 [ 181.339269][ T5782] f2fs_new_inode_page+0xb6/0x100 [ 181.344476][ T5782] f2fs_init_inode_metadata+0x18b/0x1e40 [ 181.350266][ T5782] ? kmsan_get_metadata+0x13e/0x1c0 [ 181.355661][ T5782] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 181.361630][ T5782] f2fs_add_inline_entry+0x5f5/0xbe0 [ 181.367089][ T5782] f2fs_do_add_link+0x4b0/0xad0 [ 181.372061][ T5782] f2fs_symlink+0x6d5/0xf80 [ 181.376728][ T5782] ? __pfx_f2fs_symlink+0x10/0x10 [ 181.381854][ T5782] vfs_symlink+0x1ed/0x460 [ 181.386395][ T5782] do_symlinkat+0x253/0x8b0 [ 181.391027][ T5782] __x64_sys_symlink+0xe0/0x140 [ 181.396037][ T5782] x64_sys_call+0x31ca/0x3c30 [ 181.400869][ T5782] do_syscall_64+0xcd/0x1e0 [ 181.405495][ T5782] ? clear_bhb_loop+0x25/0x80 [ 181.410286][ T5782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.416305][ T5782] RIP: 0033:0x7ff623899cd9 [ 181.420798][ T5782] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 181.440554][ T5782] RSP: 002b:00007fff0b75b1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 181.449146][ T5782] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007ff623899cd9 [ 181.457209][ T5782] RDX: 00007ff623898cd1 RSI: 0000000020000cc0 RDI: 0000000020000dc0 [ 181.465269][ T5782] RBP: 00007ff6239125f0 R08: 000000000000555c R09: 000055559322d4c0 [ 181.473321][ T5782] R10: 00007fff0b75b070 R11: 0000000000000246 R12: 00007fff0b75b1d0 [ 181.481377][ T5782] R13: 00007fff0b75b3f8 R14: 431bde82d7b634db R15: 00007ff6238e203b [ 181.489450][ T5782] [ 181.492802][ T5782] Kernel Offset: disabled [ 181.497194][ T5782] Rebooting in 86400 seconds..