[ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 28.547162] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 28.559131] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 28.579350] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 28.587326] EXT4-fs error (device loop3): ext4_mb_generate_buddy:754: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 28.588731] audit: type=1804 audit(1672077820.028:2): pid=7993 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor524" name="/root/file0/bus" dev="loop1" ino=18 res=1 [ 28.617886] EXT4-fs error (device loop1): ext4_mb_generate_buddy:754: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 28.636409] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 28.650430] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 28.667113] EXT4-fs error (device loop5): ext4_mb_generate_buddy:754: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 28.670755] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 28.682346] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 28.701804] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 28.707097] EXT4-fs (loop5): This should not happen!! Data will be lost [ 28.707097] [ 28.730815] audit: type=1804 audit(1672077820.028:3): pid=7994 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor524" name="/root/file0/bus" dev="loop3" ino=18 res=1 [ 28.731622] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 28.750043] EXT4-fs error (device loop0): ext4_mb_generate_buddy:754: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 28.774297] EXT4-fs (loop1): This should not happen!! Data will be lost [ 28.774297] [ 28.782878] EXT4-fs (loop1): Total free blocks count 0 [ 28.788131] EXT4-fs (loop5): Total free blocks count 0 [ 28.788521] EXT4-fs (loop1): Free/Dirty block details write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory [ 28.797309] EXT4-fs (loop3): This should not happen!! Data will be lost [ 28.797309] [ 28.799557] EXT4-fs (loop1): free_blocks=2415919104 [ 28.812492] EXT4-fs (loop1): dirty_blocks=16 [ 28.817628] EXT4-fs (loop1): Block reservation details [ 28.822663] EXT4-fs (loop5): Free/Dirty block details [ 28.829664] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 28.835415] EXT4-fs error (device loop2): ext4_mb_generate_buddy:754: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters executing program [ 28.850254] ------------[ cut here ]------------ [ 28.855187] kernel BUG at fs/ext4/inline.c:231! [ 28.859979] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 28.862896] audit: type=1804 audit(1672077820.028:4): pid=7994 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop3" ino=18 res=1 [ 28.865324] Modules linked in: [ 28.865335] CPU: 1 PID: 8000 Comm: syz-executor524 Not tainted 4.14.302-syzkaller #0 [ 28.865338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.865343] task: ffff8880b311e4c0 task.stack: ffff8880a2a80000 [ 28.865356] RIP: 0010:ext4_write_inline_data+0x2e6/0x380 [ 28.865359] RSP: 0018:ffff8880a2a874b0 EFLAGS: 00010297 [ 28.865364] RAX: ffff8880b311e4c0 RBX: ffff88808d37b4b0 RCX: 000000000000006c [ 28.865371] RDX: 0000000000000000 RSI: ffff8880a2a87538 RDI: ffff88808d37b978 [ 28.885991] audit: type=1804 audit(1672077820.028:5): pid=7993 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop1" ino=18 res=1 [ 28.886654] RBP: 000000000000006c R08: 0000000000000009 R09: 0000000000000000 [ 28.899234] audit: type=1804 audit(1672077820.028:6): pid=7994 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop3" ino=18 res=1 [ 28.904417] R10: ffff8880a2a87488 R11: 0000000000000000 R12: 0000000000000009 [ 28.904421] R13: ffff8880a2a87538 R14: ffff88808d37b976 R15: ffff88808d37b318 [ 28.904426] FS: 00007f8dc25cf700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 28.904430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.904435] CR2: 00007f8dc26741e8 CR3: 00000000a1fcc000 CR4: 00000000003406e0 [ 28.904442] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.904445] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.904448] Call Trace: [ 28.904466] ext4_write_inline_data_end+0x1db/0x490 [ 28.904474] ? ext4_try_to_write_inline_data+0x1590/0x1590 [ 28.904483] ? lock_downgrade+0x740/0x740 write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory [ 28.904489] ext4_da_write_inline_data_end+0x30/0x410 [ 28.904498] ext4_da_write_end+0x3b5/0x8e0 [ 28.915311] audit: type=1804 audit(1672077820.028:7): pid=7993 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop1" ino=18 res=1 [ 28.915991] generic_perform_write+0x274/0x430 [ 28.916002] ? filemap_page_mkwrite+0x2d0/0x2d0 [ 28.916011] ? current_time+0xb0/0xb0 [ 28.916021] ? ext4_file_write_iter+0x1cc/0xd20 [ 28.922085] audit: type=1804 audit(1672077820.108:8): pid=7998 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor524" name="/root/file0/bus" dev="loop5" ino=18 res=1 [ 28.929162] __generic_file_write_iter+0x227/0x590 [ 28.929175] ext4_file_write_iter+0x276/0xd20 [ 28.929185] ? aa_path_link+0x3a0/0x3a0 [ 28.929193] ? direct_splice_actor+0x115/0x160 [ 28.929199] ? splice_direct_to_actor+0x27c/0x730 [ 28.929204] ? do_splice_direct+0x164/0x210 [ 28.929209] ? ext4_file_read_iter+0x330/0x330 [ 28.929217] ? entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.929226] ? do_splice_direct+0x164/0x210 [ 28.942018] audit: type=1804 audit(1672077820.108:9): pid=7998 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop5" ino=18 res=1 [ 28.954782] ? SyS_sendfile64+0xff/0x110 [ 28.954790] ? do_syscall_64+0x1d5/0x640 [ 28.954797] ? __radix_tree_lookup+0x1b5/0x2e0 [ 28.954806] ? trace_hardirqs_on+0x10/0x10 [ 28.954813] do_iter_readv_writev+0x4cf/0x5f0 [ 28.954820] ? clone_verify_area+0x1e0/0x1e0 [ 28.954831] ? rw_verify_area+0xe1/0x2a0 [ 28.962673] audit: type=1804 audit(1672077820.108:10): pid=7998 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor524" name="/root/file0/bus" dev="loop5" ino=18 res=1 [ 28.980187] do_iter_write+0x152/0x550 [ 28.980197] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 28.980205] vfs_iter_write+0x70/0xa0 [ 28.980215] iter_file_splice_write+0x52b/0xa90 [ 28.980226] ? splice_from_pipe_next.part.0+0x2f0/0x2f0 [ 28.980236] ? rw_verify_area+0xe1/0x2a0 [ 28.980242] ? splice_from_pipe_next.part.0+0x2f0/0x2f0 [ 28.980251] direct_splice_actor+0x115/0x160 [ 28.995937] audit: type=1804 audit(1672077820.108:11): pid=8000 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor524" name="/root/file0/bus" dev="loop0" ino=18 res=1 [ 29.003600] splice_direct_to_actor+0x27c/0x730 [ 29.003609] ? generic_pipe_buf_nosteal+0x10/0x10 [ 29.003617] ? do_splice_to+0x140/0x140 [ 29.003625] ? rw_verify_area+0xe1/0x2a0 [ 29.003631] do_splice_direct+0x164/0x210 [ 29.003638] ? splice_direct_to_actor+0x730/0x730 [ 29.003653] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 29.014939] EXT4-fs (loop3): Total free blocks count 0 [ 29.016877] do_sendfile+0x47f/0xb30 [ 29.016889] ? do_compat_writev+0x180/0x180 [ 29.016896] ? SyS_futex+0x1da/0x290 [ 29.016906] SyS_sendfile64+0xff/0x110 [ 29.024397] EXT4-fs (loop3): Free/Dirty block details [ 29.031509] ? SyS_sendfile+0x130/0x130 [ 29.031517] ? do_syscall_64+0x4c/0x640 [ 29.031524] ? SyS_sendfile+0x130/0x130 [ 29.031530] do_syscall_64+0x1d5/0x640 [ 29.031542] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.031549] RIP: 0033:0x7f8dc262af49 [ 29.031553] RSP: 002b:00007f8dc25cf208 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 29.038667] EXT4-fs (loop3): free_blocks=2415919104 [ 29.039218] RAX: ffffffffffffffda RBX: 00007f8dc26a86c8 RCX: 00007f8dc262af49 [ 29.046125] EXT4-fs (loop3): dirty_blocks=16 [ 29.049781] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 29.049784] RBP: 00007f8dc26a86c0 R08: 0000000000000000 R09: 0000000000000000 [ 29.049788] R10: 0000000080000041 R11: 0000000000000246 R12: 00007f8dc26a86cc [ 29.049791] R13: 00007fff8009f66f R14: 00007f8dc25cf300 R15: 0000000000022000 [ 29.049799] Code: 5f e9 3f 13 9c ff e8 3a 13 9c ff 45 8d 64 [ 29.058247] EXT4-fs (loop3): Block reservation details [ 29.060532] 2c c4 b8 3c 00 00 00 29 e8 89 04 24 e9 e7 fe ff ff e8 21 13 9c ff [ 29.079806] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 29.083454] 0f 0b e8 1a 13 9c ff <0f> 0b e8 33 d3 c5 ff e9 2a fe ff ff 4c 89 f7 e8 26 d3 c5 ff e9 [ 29.083537] RIP: ext4_write_inline_data+0x2e6/0x380 RSP: ffff8880a2a874b0 [ 29.083698] ---[ end trace c1d634e663bab862 ]--- [ 29.100300] syz-executor524 (7994) used greatest stack depth: 23808 bytes left [ 29.115719] Kernel panic - not syncing: Fatal exception [ 29.115787] Kernel Offset: disabled [ 29.477830] Rebooting in 86400 seconds..