./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor976860896 <...> Warning: Permanently added '10.128.10.0' (ED25519) to the list of known hosts. execve("./syz-executor976860896", ["./syz-executor976860896"], 0x7ffe2aa91b80 /* 10 vars */) = 0 brk(NULL) = 0x5555573e4000 brk(0x5555573e4d00) = 0x5555573e4d00 arch_prctl(ARCH_SET_FS, 0x5555573e4380) = 0 set_tid_address(0x5555573e4650) = 5054 set_robust_list(0x5555573e4660, 24) = 0 rseq(0x5555573e4ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor976860896", 4096) = 27 getrandom("\xfb\xf3\x4e\x17\x64\x83\x8b\x3a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555573e4d00 brk(0x555557405d00) = 0x555557405d00 brk(0x555557406000) = 0x555557406000 mprotect(0x7f404b075000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5055 attached , child_tidptr=0x5555573e4650) = 5055 [pid 5054] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5055] set_robust_list(0x5555573e4660, 24) = 0 ./strace-static-x86_64: Process 5056 attached [pid 5054] <... clone resumed>, child_tidptr=0x5555573e4650) = 5056 [pid 5056] set_robust_list(0x5555573e4660, 24 [pid 5054] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5055] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5056] <... set_robust_list resumed>) = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5055] <... openat resumed>) = 3 [pid 5056] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5057 attached [pid 5055] ioctl(3, LOOP_CLR_FD [pid 5054] <... clone resumed>, child_tidptr=0x5555573e4650) = 5057 [pid 5054] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5057] set_robust_list(0x5555573e4660, 24 [pid 5056] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5055] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5056] close(3./strace-static-x86_64: Process 5058 attached [pid 5057] <... set_robust_list resumed>) = 0 [pid 5055] close(3 [pid 5054] <... clone resumed>, child_tidptr=0x5555573e4650) = 5058 [pid 5054] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5058] set_robust_list(0x5555573e4660, 24 [pid 5057] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5056] <... close resumed>) = 0 [pid 5055] <... close resumed>) = 0 [pid 5058] <... set_robust_list resumed>) = 0 [pid 5055] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5058] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5060 attached ./strace-static-x86_64: Process 5059 attached [pid 5057] <... openat resumed>) = 3 [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5054] <... clone resumed>, child_tidptr=0x5555573e4650) = 5060 [pid 5054] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5060] set_robust_list(0x5555573e4660, 24 [pid 5058] <... openat resumed>) = 3 [pid 5057] ioctl(3, LOOP_CLR_FD [pid 5059] set_robust_list(0x5555573e4660, 24 [pid 5057] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5055] <... clone resumed>, child_tidptr=0x5555573e4650) = 5059 ./strace-static-x86_64: Process 5061 attached ./strace-static-x86_64: Process 5062 attached [pid 5060] <... set_robust_list resumed>) = 0 [pid 5059] <... set_robust_list resumed>) = 0 [pid 5058] ioctl(3, LOOP_CLR_FD [pid 5057] close(3 [pid 5054] <... clone resumed>, child_tidptr=0x5555573e4650) = 5062 [pid 5061] set_robust_list(0x5555573e4660, 24 [pid 5062] set_robust_list(0x5555573e4660, 24 [pid 5060] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5059] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5058] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5057] <... close resumed>) = 0 [pid 5061] <... set_robust_list resumed>) = 0 [pid 5062] <... set_robust_list resumed>) = 0 [pid 5059] <... prctl resumed>) = 0 [pid 5058] close(3 [pid 5057] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5056] <... clone resumed>, child_tidptr=0x5555573e4650) = 5061 [pid 5059] setpgid(0, 0 [pid 5061] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5059] <... setpgid resumed>) = 0 [pid 5058] <... close resumed>) = 0 [pid 5060] <... openat resumed>) = 3 [pid 5059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5058] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5061] <... prctl resumed>) = 0 [pid 5060] ioctl(3, LOOP_CLR_FD [pid 5059] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5064 attached [pid 5061] setpgid(0, 0 [pid 5057] <... clone resumed>, child_tidptr=0x5555573e4650) = 5064 [pid 5064] set_robust_list(0x5555573e4660, 24 [pid 5061] <... setpgid resumed>) = 0 [pid 5062] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5060] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5059] write(3, "1000", 4./strace-static-x86_64: Process 5065 attached [pid 5064] <... set_robust_list resumed>) = 0 [pid 5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5060] close(3 [pid 5059] <... write resumed>) = 4 [pid 5065] set_robust_list(0x5555573e4660, 24 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5062] <... openat resumed>) = 3 [pid 5059] close(3 [pid 5058] <... clone resumed>, child_tidptr=0x5555573e4650) = 5065 [pid 5060] <... close resumed>) = 0 [pid 5059] <... close resumed>) = 0 [pid 5065] <... set_robust_list resumed>) = 0 [pid 5064] <... prctl resumed>) = 0 [pid 5061] <... openat resumed>) = 3 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] setpgid(0, 0 [pid 5062] ioctl(3, LOOP_CLR_FD [pid 5059] memfd_create("syzkaller", 0 [pid 5065] <... prctl resumed>) = 0 [pid 5062] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5059] <... memfd_create resumed>) = 3 [pid 5064] <... setpgid resumed>) = 0 [pid 5061] write(3, "1000", 4 [pid 5065] setpgid(0, 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... write resumed>) = 4 [pid 5062] close(3 [pid 5059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5065] <... setpgid resumed>) = 0 [pid 5061] close(3 [pid 5062] <... close resumed>) = 0 [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5061] <... close resumed>) = 0 [pid 5062] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5059] <... mmap resumed>) = 0x7f4042a00000 [pid 5065] <... openat resumed>) = 3 [pid 5061] memfd_create("syzkaller", 0 [pid 5064] <... openat resumed>) = 3 [pid 5060] <... clone resumed>, child_tidptr=0x5555573e4650) = 5066 ./strace-static-x86_64: Process 5066 attached [pid 5061] <... memfd_create resumed>) = 3 [pid 5066] set_robust_list(0x5555573e4660, 24 [pid 5065] write(3, "1000", 4 [pid 5062] <... clone resumed>, child_tidptr=0x5555573e4650) = 5067 ./strace-static-x86_64: Process 5067 attached [pid 5067] set_robust_list(0x5555573e4660, 24 [pid 5065] <... write resumed>) = 4 [pid 5067] <... set_robust_list resumed>) = 0 [pid 5065] close(3 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5065] <... close resumed>) = 0 [pid 5067] <... prctl resumed>) = 0 [pid 5066] <... set_robust_list resumed>) = 0 [pid 5065] memfd_create("syzkaller", 0 [pid 5064] write(3, "1000", 4 [pid 5061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] setpgid(0, 0 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5061] <... mmap resumed>) = 0x7f4042a00000 [pid 5064] <... write resumed>) = 4 [pid 5067] <... setpgid resumed>) = 0 [pid 5065] <... memfd_create resumed>) = 3 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5065] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4042a00000 [pid 5064] close(3 [pid 5067] <... openat resumed>) = 3 [pid 5066] <... prctl resumed>) = 0 [pid 5064] <... close resumed>) = 0 [pid 5067] write(3, "1000", 4 [pid 5066] setpgid(0, 0 [pid 5064] memfd_create("syzkaller", 0 [pid 5067] <... write resumed>) = 4 [pid 5067] close(3) = 0 [pid 5067] memfd_create("syzkaller", 0) = 3 [pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5064] <... memfd_create resumed>) = 3 [pid 5066] <... setpgid resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5067] <... mmap resumed>) = 0x7f4042a00000 [pid 5064] <... mmap resumed>) = 0x7f4042a00000 [pid 5066] <... openat resumed>) = 3 [pid 5066] write(3, "1000", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] memfd_create("syzkaller", 0) = 3 [pid 5066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4042a00000 [pid 5061] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5059] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5064] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5065] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5066] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216 [pid 5061] <... write resumed>) = 16777216 [pid 5061] munmap(0x7f4042a00000, 138412032) = 0 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5061] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5061] close(3) = 0 [pid 5061] close(4) = 0 [ 81.102388][ T5061] loop1: detected capacity change from 0 to 32768 [pid 5061] mkdir("./bus", 0777) = 0 [pid 5066] <... write resumed>) = 16777216 [pid 5061] mount("/dev/loop1", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [pid 5067] <... write resumed>) = 16777216 [pid 5066] munmap(0x7f4042a00000, 138412032 [pid 5064] <... write resumed>) = 16777216 [pid 5067] munmap(0x7f4042a00000, 138412032 [pid 5065] <... write resumed>) = 16777216 [ 81.228626][ T5061] read_mapping_page failed! [ 81.233493][ T5061] diRead: diIAGRead returned -5 [pid 5064] munmap(0x7f4042a00000, 138412032 [pid 5066] <... munmap resumed>) = 0 [pid 5065] munmap(0x7f4042a00000, 138412032 [pid 5067] <... munmap resumed>) = 0 [pid 5066] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5061] <... mount resumed>) = -1 EIO (Input/output error) [pid 5066] <... openat resumed>) = 4 [pid 5061] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5066] ioctl(4, LOOP_SET_FD, 3 [pid 5061] <... openat resumed>) = 3 [pid 5059] <... write resumed>) = 16777216 [pid 5059] munmap(0x7f4042a00000, 138412032 [pid 5067] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5066] <... ioctl resumed>) = 0 [pid 5061] ioctl(3, LOOP_CLR_FD [pid 5066] close(3 [pid 5061] <... ioctl resumed>) = 0 [pid 5067] <... openat resumed>) = 4 [pid 5066] <... close resumed>) = 0 [pid 5061] close(3 [pid 5067] ioctl(4, LOOP_SET_FD, 3 [pid 5066] close(4 [pid 5061] <... close resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5065] <... munmap resumed>) = 0 [pid 5061] exit_group(0 [pid 5067] <... ioctl resumed>) = 0 [pid 5067] close(3 [pid 5061] <... exit_group resumed>) = ? [ 81.310053][ T5066] loop4: detected capacity change from 0 to 32768 [ 81.325395][ T5067] loop5: detected capacity change from 0 to 32768 [pid 5065] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5067] <... close resumed>) = 0 [pid 5067] close(4) = 0 [pid 5065] <... openat resumed>) = 4 [pid 5065] ioctl(4, LOOP_SET_FD, 3 [pid 5067] mkdir("./bus", 0777 [pid 5066] mkdir("./bus", 0777 [pid 5064] <... munmap resumed>) = 0 [pid 5061] +++ exited with 0 +++ [pid 5067] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5067] mount("/dev/loop5", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [pid 5066] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5064] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5056] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5061, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=29 /* 0.29 s */} --- [pid 5066] mount("/dev/loop4", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [pid 5064] ioctl(4, LOOP_SET_FD, 3 [pid 5059] <... munmap resumed>) = 0 [pid 5056] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5056] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5056] close(3) = 0 [pid 5056] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5065] <... ioctl resumed>) = 0 [pid 5065] close(3) = 0 [pid 5065] close(4) = 0 [pid 5065] mkdir("./bus", 0777./strace-static-x86_64: Process 5069 attached ) = -1 EEXIST (File exists) [pid 5056] <... clone resumed>, child_tidptr=0x5555573e4650) = 5069 [ 81.371992][ T5065] loop3: detected capacity change from 0 to 32768 [ 81.400132][ T5064] loop2: detected capacity change from 0 to 32768 [pid 5065] mount("/dev/loop3", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [pid 5059] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] set_robust_list(0x5555573e4660, 24 [pid 5064] <... ioctl resumed>) = 0 [pid 5059] <... openat resumed>) = 4 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5064] close(3) = 0 [pid 5064] close(4) = 0 [pid 5059] ioctl(4, LOOP_SET_FD, 3 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] mkdir("./bus", 0777 [pid 5069] setpgid(0, 0) = 0 [pid 5064] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5064] mount("/dev/loop2", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [ 81.419947][ T5066] read_mapping_page failed! [ 81.425435][ T5067] read_mapping_page failed! [ 81.431482][ T5065] read_mapping_page failed! [ 81.436050][ T5065] diRead: diIAGRead returned -5 [ 81.441085][ T5067] diRead: diIAGRead returned -5 [ 81.441117][ T5066] diRead: diIAGRead returned -5 [ 81.455442][ T5059] loop0: detected capacity change from 0 to 32768 [ 81.478236][ T5065] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN [ 81.490017][ T5065] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 81.498547][ T5065] CPU: 1 PID: 5065 Comm: syz-executor976 Not tainted 6.7.0-syzkaller-12991-g7a396820222d #0 [ 81.508645][ T5065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 81.518743][ T5065] RIP: 0010:jfs_flush_journal+0x812/0xec0 [ 81.524492][ T5065] Code: a8 fe 49 8d 5f f0 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 9c 99 d2 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 7f 99 d2 fe 48 8b 3b e8 a7 5b a8 [ 81.544111][ T5065] RSP: 0018:ffffc9000427f920 EFLAGS: 00010206 [ 81.550202][ T5065] RAX: 0000000000000006 RBX: 0000000000000030 RCX: 842d5790c8575800 [ 81.558194][ T5065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.566175][ T5065] RBP: ffffc9000427fa60 R08: ffffffff81c19c9a R09: 0000000000000000 [ 81.574149][ T5065] R10: ffffc9000427f870 R11: fffff5200084ff11 R12: 1ffff9200084ff30 [ 81.582122][ T5065] R13: dffffc0000000000 R14: ffff88802024e000 R15: ffff888021805438 [ 81.590276][ T5065] FS: 00005555573e4380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 81.599209][ T5065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.605795][ T5065] CR2: 00007f4a51795ed8 CR3: 00000000745f2000 CR4: 00000000003506f0 [ 81.613773][ T5065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.621770][ T5065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.629833][ T5065] Call Trace: [ 81.633119][ T5065] [ 81.636052][ T5065] ? __die_body+0x8b/0xe0 [ 81.640435][ T5065] ? die_addr+0xc9/0x100 [ 81.644684][ T5065] ? exc_general_protection+0x3da/0x5c0 [ 81.650443][ T5065] ? asm_exc_general_protection+0x26/0x30 [ 81.656179][ T5065] ? filemap_fdatawrite_wbc+0xaa/0x180 [ 81.661651][ T5065] ? jfs_flush_journal+0x812/0xec0 [ 81.666776][ T5065] ? lmLogShutdown+0x970/0x970 [ 81.671579][ T5065] ? rcu_force_quiescent_state+0x250/0x250 [ 81.677391][ T5065] jfs_umount+0x170/0x3a0 [ 81.681737][ T5065] jfs_fill_super+0x91a/0xc50 [ 81.686426][ T5065] ? jfs_do_mount+0x40/0x40 [ 81.690938][ T5065] ? setup_bdev_super+0x4c8/0x5c0 [ 81.695974][ T5065] mount_bdev+0x206/0x2d0 [ 81.700343][ T5065] ? jfs_do_mount+0x40/0x40 [ 81.704866][ T5065] ? get_tree_bdev+0x560/0x560 [ 81.709641][ T5065] ? vfs_parse_fs_string+0x190/0x230 [ 81.714933][ T5065] ? vfs_parse_fs_param+0x410/0x410 [ 81.720133][ T5065] ? cap_capable+0x1b4/0x240 [ 81.724731][ T5065] legacy_get_tree+0xef/0x190 [ 81.729424][ T5065] ? jfs_error+0x2e0/0x2e0 [ 81.733846][ T5065] vfs_get_tree+0x8c/0x2a0 [ 81.738278][ T5065] do_new_mount+0x2be/0xb40 [ 81.742789][ T5065] ? ns_capable+0x89/0xe0 [ 81.747130][ T5065] ? do_move_mount_old+0x170/0x170 [ 81.752252][ T5065] __se_sys_mount+0x2d9/0x3c0 [ 81.756947][ T5065] ? __x64_sys_mount+0xc0/0xc0 [ 81.761717][ T5065] ? do_syscall_64+0x102/0x230 [ 81.766497][ T5065] ? __x64_sys_mount+0x20/0xc0 [ 81.771277][ T5065] do_syscall_64+0xf5/0x230 [ 81.775792][ T5065] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 81.781692][ T5065] RIP: 0033:0x7f404affdf1a [ 81.786109][ T5065] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 81.805725][ T5065] RSP: 002b:00007ffcf89bb038 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 81.814150][ T5065] RAX: ffffffffffffffda RBX: 00007ffcf89bb050 RCX: 00007f404affdf1a [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 81.822245][ T5065] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 00007ffcf89bb050 [ 81.840891][ T5065] RBP: 0000000000000004 R08: 00007ffcf89bb090 R09: 000000000000614a [ 81.850386][ T5065] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [ 81.858408][ T5065] R13: 00007ffcf89bb090 R14: 0000000000000003 R15: 0000000001000000 [ 81.866507][ T5065] [ 81.869546][ T5065] Modules linked in: [ 81.934527][ T5064] read_mapping_page failed! [ 81.939167][ T5064] diRead: diIAGRead returned -5 [ 81.944107][ T5064] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#2] PREEMPT SMP KASAN [ 81.955847][ T5064] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 81.964277][ T5064] CPU: 0 PID: 5064 Comm: syz-executor976 Tainted: G D 6.7.0-syzkaller-12991-g7a396820222d #0 [ 81.975830][ T5064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 81.985897][ T5064] RIP: 0010:jfs_flush_journal+0x7d3/0xec0 [ 81.991646][ T5064] Code: 00 00 49 8d 5f d8 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 db 99 d2 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 be 99 d2 fe 48 8b 3b e8 e6 5b a8 [ 82.011449][ T5064] RSP: 0018:ffffc9000426f920 EFLAGS: 00010206 [ 82.017969][ T5064] RAX: 0000000000000006 RBX: 0000000000000030 RCX: ffff88807c75d940 [ 82.026095][ T5064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.034086][ T5064] RBP: ffffc9000426fa60 R08: ffffffff81c19c9a R09: 0000000000000000 [ 82.042119][ T5064] R10: ffffc9000426f870 R11: fffff5200084df11 R12: 1ffff9200084df30 [ 82.050733][ T5064] R13: dffffc0000000000 R14: ffff88802024e000 R15: ffff888021805a38 [ 82.058728][ T5064] FS: 00005555573e4380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 82.067674][ T5064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.074270][ T5064] CR2: 00005650cb5bdf68 CR3: 0000000074668000 CR4: 00000000003506f0 [ 82.082246][ T5064] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.090224][ T5064] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.098205][ T5064] Call Trace: [ 82.101574][ T5064] [ 82.104506][ T5064] ? __die_body+0x8b/0xe0 [ 82.108859][ T5064] ? die_addr+0xc9/0x100 [ 82.113108][ T5064] ? exc_general_protection+0x3da/0x5c0 [ 82.118676][ T5064] ? asm_exc_general_protection+0x26/0x30 [ 82.124409][ T5064] ? filemap_fdatawrite_wbc+0xaa/0x180 [ 82.129879][ T5064] ? jfs_flush_journal+0x7d3/0xec0 [ 82.135010][ T5064] ? lmLogShutdown+0x970/0x970 [ 82.146569][ T5064] ? rcu_force_quiescent_state+0x250/0x250 [ 82.156203][ T5064] jfs_umount+0x170/0x3a0 [ 82.161780][ T5064] jfs_fill_super+0x91a/0xc50 [ 82.167582][ T5064] ? jfs_do_mount+0x40/0x40 [ 82.173522][ T5064] ? setup_bdev_super+0x4c8/0x5c0 [ 82.178573][ T5064] mount_bdev+0x206/0x2d0 [ 82.182923][ T5064] ? jfs_do_mount+0x40/0x40 [ 82.187445][ T5064] ? get_tree_bdev+0x560/0x560 [ 82.192248][ T5064] ? vfs_parse_fs_string+0x190/0x230 [ 82.197578][ T5064] ? vfs_parse_fs_param+0x410/0x410 [ 82.202804][ T5064] ? cap_capable+0x1b4/0x240 [ 82.207508][ T5064] legacy_get_tree+0xef/0x190 [ 82.212201][ T5064] ? jfs_error+0x2e0/0x2e0 [ 82.216636][ T5064] vfs_get_tree+0x8c/0x2a0 [ 82.221076][ T5064] do_new_mount+0x2be/0xb40 [ 82.225597][ T5064] ? ns_capable+0x89/0xe0 [ 82.229948][ T5064] ? do_move_mount_old+0x170/0x170 [ 82.235085][ T5064] __se_sys_mount+0x2d9/0x3c0 [ 82.239789][ T5064] ? __x64_sys_mount+0xc0/0xc0 [ 82.244572][ T5064] ? do_syscall_64+0x102/0x230 [ 82.249356][ T5064] ? __x64_sys_mount+0x20/0xc0 [ 82.254156][ T5064] do_syscall_64+0xf5/0x230 [ 82.258733][ T5064] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 82.264650][ T5064] RIP: 0033:0x7f404affdf1a [ 82.269081][ T5064] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.288697][ T5064] RSP: 002b:00007ffcf89bb038 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 82.297120][ T5064] RAX: ffffffffffffffda RBX: 00007ffcf89bb050 RCX: 00007f404affdf1a [ 82.305117][ T5064] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 00007ffcf89bb050 [ 82.313197][ T5064] RBP: 0000000000000004 R08: 00007ffcf89bb090 R09: 000000000000614a [ 82.321202][ T5064] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [pid 5069] write(3, "1000", 4) = 4 [pid 5059] <... ioctl resumed>) = 0 [ 82.329198][ T5064] R13: 00007ffcf89bb090 R14: 0000000000000003 R15: 0000000001000000 [ 82.337182][ T5064] [ 82.340203][ T5064] Modules linked in: [ 82.361127][ T5064] ---[ end trace 0000000000000000 ]--- [ 82.366515][ T5065] ---[ end trace 0000000000000000 ]--- [ 82.366663][ T5064] RIP: 0010:jfs_flush_journal+0x812/0xec0 [ 82.372078][ T5065] RIP: 0010:jfs_flush_journal+0x812/0xec0 [ 82.372108][ T5065] Code: a8 fe 49 8d 5f f0 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 9c 99 d2 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 7f 99 d2 fe 48 8b 3b e8 a7 5b a8 [ 82.378587][ T5064] Code: a8 fe 49 8d 5f f0 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 9c 99 d2 fe 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 7f 99 d2 fe 48 8b 3b e8 a7 5b a8 [pid 5069] close(3 [pid 5059] close(3 [pid 5067] <... mount resumed>) = -1 EIO (Input/output error) [pid 5067] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5067] ioctl(3, LOOP_CLR_FD [pid 5066] <... mount resumed>) = -1 EIO (Input/output error) [pid 5066] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5066] ioctl(3, LOOP_CLR_FD) = 0 [pid 5066] close(3 [pid 5069] <... close resumed>) = 0 [pid 5069] memfd_create("syzkaller", 0) = 3 [pid 5069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4042a00000 [pid 5066] <... close resumed>) = 0 [ 82.437131][ T5064] RSP: 0018:ffffc9000427f920 EFLAGS: 00010206 [ 82.443670][ T5064] RAX: 0000000000000006 RBX: 0000000000000030 RCX: 842d5790c8575800 [ 82.452048][ T5064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.460473][ T5064] RBP: ffffc9000427fa60 R08: ffffffff81c19c9a R09: 0000000000000000 [ 82.468866][ T5064] R10: ffffc9000427f870 R11: fffff5200084ff11 R12: 1ffff9200084ff30 [pid 5066] exit_group(0) = ? [pid 5066] +++ exited with 0 +++ [pid 5060] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=6 /* 0.06 s */, si_stime=34 /* 0.34 s */} --- [pid 5059] <... close resumed>) = 0 [pid 5059] close(4) = 0 [ 82.486842][ T5065] RSP: 0018:ffffc9000427f920 EFLAGS: 00010206 [ 82.493456][ T5065] RAX: 0000000000000006 RBX: 0000000000000030 RCX: 842d5790c8575800 [ 82.505404][ T5064] R13: dffffc0000000000 R14: ffff88802024e000 R15: ffff888021805438 [pid 5060] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5059] mkdir("./bus", 0777 [pid 5060] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5060] close(3) = 0 [pid 5060] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555573e4650) = 5073 ./strace-static-x86_64: Process 5073 attached [pid 5073] set_robust_list(0x5555573e4660, 24) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4 [pid 5059] <... mkdir resumed>) = -1 EEXIST (File exists) [pid 5073] <... write resumed>) = 4 [pid 5073] close(3) = 0 [pid 5073] memfd_create("syzkaller", 0 [pid 5059] mount("/dev/loop0", "./bus", "jfs", 0, "errors=remount-ro,integrity,integrity,nointegrity," [pid 5073] <... memfd_create resumed>) = 3 [pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4042a00000 [ 82.536265][ T5065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.544769][ T5065] RBP: ffffc9000427fa60 R08: ffffffff81c19c9a R09: 0000000000000000 [ 82.580073][ T5059] read_mapping_page failed! [ 82.584641][ T5059] diRead: diIAGRead returned -5 [ 82.589694][ T5064] FS: 00005555573e4380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 82.596445][ T5065] R10: ffffc9000427f870 R11: fffff5200084ff11 R12: 1ffff9200084ff30 [pid 5059] <... mount resumed>) = -1 EIO (Input/output error) [ 82.629568][ T5070] I/O error, dev loop5, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 82.645631][ T5064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.666010][ T5065] R13: dffffc0000000000 R14: ffff88802024e000 R15: ffff888021805438 [pid 5059] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 82.675647][ T5064] CR2: 00005650cb5cb7d8 CR3: 0000000074668000 CR4: 00000000003506f0 [ 82.706264][ T5065] FS: 00005555573e4380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 82.715859][ T5065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.724101][ T5065] CR2: 00007ffe4da51dd4 CR3: 00000000745f2000 CR4: 00000000003506f0 [ 82.724862][ T5064] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.756308][ T5065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.778175][ T5065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.791057][ T5064] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.804319][ T5065] Kernel panic - not syncing: Fatal exception [ 82.810657][ T5065] Kernel Offset: disabled [ 82.814992][ T5065] Rebooting in 86400 seconds..