./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3658186789 <...> DUID 00:04:f8:b5:8a:47:ae:09:95:3a:43:2d:d7:42:86:31:94:89 forked to background, child pid 3209 [ 30.491819][ T3210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.507546][ T3210] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts. execve("./syz-executor3658186789", ["./syz-executor3658186789"], 0x7ffd4d567440 /* 10 vars */) = 0 brk(NULL) = 0x555556de7000 brk(0x555556de7c40) = 0x555556de7c40 arch_prctl(ARCH_SET_FS, 0x555556de7300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3658186789", 4096) = 28 brk(0x555556e08c40) = 0x555556e08c40 brk(0x555556e09000) = 0x555556e09000 mprotect(0x7f345f0b7000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 open("./file0", O_RDWR|O_CREAT|0x3c, 000) = 3 memfd_create("syzkaller", 0) = 4 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3456a00000 write(4, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536) = 65536 munmap(0x7f3456a00000, 65536) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 ioctl(5, LOOP_SET_FD, 4) = 0 close(4) = 0 mkdir("./file0", 0777) = -1 EEXIST (File exists) mount("/dev/loop0", "./file0", "sysv", 0, "") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOTDIR (Not a directory) ioctl(5, LOOP_CLR_FD) = 0 close(5) = 0 syzkaller login: [ 58.105437][ T3631] loop0: detected capacity change from 0 to 128 [ 58.115697][ T3631] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 58.127240][ T3631] syz-executor365: attempt to access beyond end of device [ 58.127240][ T3631] loop0: rw=0, sector=3245512, nr_sectors = 1 limit=128 [ 58.141760][ T3631] Buffer I/O error on dev loop0, logical block 3245512, async page read [ 58.150374][ T3631] syz-executor365: attempt to access beyond end of device [ 58.150374][ T3631] loop0: rw=0, sector=8767867, nr_sectors = 1 limit=128 [ 58.164343][ T3631] Buffer I/O error on dev loop0, logical block 8767867, async page read [ 58.173120][ T3631] syz-executor365: attempt to access beyond end of device [ 58.173120][ T3631] loop0: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 58.187174][ T3631] Buffer I/O error on dev loop0, logical block 13269809, async page read [ 58.195825][ T3631] syz-executor365: attempt to access beyond end of device [ 58.195825][ T3631] loop0: rw=0, sector=8073605, nr_sectors = 1 limit=128 [ 58.209808][ T3631] Buffer I/O error on dev loop0, logical block 8073605, async page read [ 58.218227][ T3631] syz-executor365: attempt to access beyond end of device [ 58.218227][ T3631] loop0: rw=0, sector=3245515, nr_sectors = 1 limit=128 [ 58.232160][ T3631] Buffer I/O error on dev loop0, logical block 3245515, async page read [ 58.240580][ T3631] syz-executor365: attempt to access beyond end of device [ 58.240580][ T3631] loop0: rw=0, sector=8768635, nr_sectors = 1 limit=128 [ 58.254512][ T3631] Buffer I/O error on dev loop0, logical block 8768635, async page read [ 58.262952][ T3631] syz-executor365: attempt to access beyond end of device [ 58.262952][ T3631] loop0: rw=0, sector=13466417, nr_sectors = 1 limit=128 [ 58.276994][ T3631] Buffer I/O error on dev loop0, logical block 13466417, async page read [ 58.285492][ T3631] syz-executor365: attempt to access beyond end of device [ 58.285492][ T3631] loop0: rw=0, sector=8073605, nr_sectors = 1 limit=128 [ 58.299616][ T3631] Buffer I/O error on dev loop0, logical block 8073605, async page read [ 58.308196][ T3631] BUG: sleeping function called from invalid context at fs/buffer.c:1331 [ 58.316792][ T3631] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3631, name: syz-executor365 [ 58.326309][ T3631] preempt_count: 1, expected: 0 [ 58.331205][ T3631] RCU nest depth: 0, expected: 0 [ 58.336136][ T3631] 3 locks held by syz-executor365/3631: [ 58.341706][ T3631] #0: ffff88801f31b500 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x7ab/0x1bd0 [ 58.351608][ T3631] #1: ffff888071574328 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xe9/0x820 [ 58.362803][ T3631] #2: ffffffff8d3e65b8 (pointers_lock){.+.+}-{2:2}, at: get_block+0x159/0x16d0 [ 58.371896][ T3631] Preemption disabled at: [ 58.371903][ T3631] [<0000000000000000>] 0x0 [ 58.380746][ T3631] CPU: 1 PID: 3631 Comm: syz-executor365 Not tainted 6.1.0-rc7-syzkaller-00101-g01f856ae6d0c #0 [ 58.391161][ T3631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 58.401203][ T3631] Call Trace: [ 58.404492][ T3631] [ 58.407412][ T3631] dump_stack_lvl+0x1b1/0x28e [ 58.412078][ T3631] ? nf_tcp_handle_invalid+0x62e/0x62e [ 58.417521][ T3631] ? panic+0x710/0x710 [ 58.421580][ T3631] __might_resched+0x4e9/0x6b0 [ 58.426761][ T3631] ? __lock_acquire+0x1292/0x1f60 [ 58.431770][ T3631] ? __might_sleep+0xc0/0xc0 [ 58.436355][ T3631] __getblk_gfp+0x41/0x290 [ 58.440761][ T3631] ? get_block+0x184/0x16d0 [ 58.445263][ T3631] __bread_gfp+0x28/0x320 [ 58.449599][ T3631] get_branch+0x2ce/0x680 [ 58.453962][ T3631] get_block+0x175/0x16d0 [ 58.458315][ T3631] ? trace_lock_release+0x95/0x220 [ 58.463441][ T3631] ? create_page_buffers+0x1c8/0x4b0 [ 58.468721][ T3631] ? alloc_buffer_head+0xd3/0xf0 [ 58.473656][ T3631] ? sysv_truncate+0x1040/0x1040 [ 58.478584][ T3631] ? alloc_page_buffers+0x326/0x460 [ 58.483780][ T3631] ? folio_attach_private+0xd9/0x200 [ 58.489082][ T3631] ? do_raw_spin_unlock+0x134/0x8a0 [ 58.494291][ T3631] ? create_page_buffers+0x244/0x4b0 [ 58.499581][ T3631] block_read_full_folio+0x3b3/0xfa0 [ 58.504964][ T3631] ? sysv_truncate+0x1040/0x1040 [ 58.509905][ T3631] ? block_is_partially_uptodate+0x620/0x620 [ 58.515893][ T3631] ? __readahead_folio+0x211/0x510 [ 58.520997][ T3631] ? sysv_writepage+0x30/0x30 [ 58.525669][ T3631] read_pages+0x74b/0x9c0 [ 58.529993][ T3631] ? folio_add_lru+0x480/0x960 [ 58.534754][ T3631] ? filemap_add_folio+0x22a/0x5c0 [ 58.539868][ T3631] ? page_cache_ra_unbounded+0x820/0x820 [ 58.545679][ T3631] ? trace_mm_filemap_add_to_page_cache+0x2b0/0x2b0 [ 58.552262][ T3631] ? folio_alloc+0x47/0x50 [ 58.556672][ T3631] ? filemap_alloc_folio+0x1ac/0x1c0 [ 58.561955][ T3631] page_cache_ra_unbounded+0x703/0x820 [ 58.567421][ T3631] filemap_get_pages+0x465/0x10d0 [ 58.572451][ T3631] ? stack_trace_save+0x1e0/0x1e0 [ 58.577585][ T3631] ? filemap_read+0xea0/0xea0 [ 58.582286][ T3631] ? rcu_read_lock_sched_held+0x87/0x110 [ 58.587930][ T3631] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 58.593905][ T3631] ? __might_sleep+0xc0/0xc0 [ 58.598497][ T3631] ? __stack_depot_save+0x41c/0x4a0 [ 58.603703][ T3631] ? trace_lock_release+0x95/0x220 [ 58.608902][ T3631] filemap_read+0x3cf/0xea0 [ 58.613415][ T3631] ? do_raw_spin_unlock+0x134/0x8a0 [ 58.618618][ T3631] ? _raw_spin_unlock_irqrestore+0x8b/0x120 [ 58.624516][ T3631] ? find_get_pages_range_tag+0x780/0x780 [ 58.630233][ T3631] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 58.636130][ T3631] ? _raw_spin_unlock+0x40/0x40 [ 58.640979][ T3631] ? stack_trace_save+0x104/0x1e0 [ 58.645996][ T3631] ? stack_trace_snprint+0xf0/0xf0 [ 58.651106][ T3631] ? generic_file_read_iter+0x8f/0x540 [ 58.656560][ T3631] ? __stack_depot_save+0x41c/0x4a0 [ 58.661758][ T3631] ? iov_iter_kvec+0x4a/0x1a0 [ 58.666436][ T3631] __kernel_read+0x3fc/0x830 [ 58.671020][ T3631] ? kasan_set_track+0x3d/0x60 [ 58.675774][ T3631] ? __kasan_kmalloc+0x97/0xb0 [ 58.680537][ T3631] ? rw_verify_area+0x1a0/0x1a0 [ 58.685480][ T3631] ? __kmem_cache_alloc_node+0x41/0x310 [ 58.691020][ T3631] ? rcu_read_lock_sched_held+0x87/0x110 [ 58.696659][ T3631] integrity_kernel_read+0xac/0xf0 [ 58.701772][ T3631] ? integrity_inode_free+0x240/0x240 [ 58.707150][ T3631] ima_calc_file_hash+0x178f/0x1ca0 [ 58.712367][ T3631] ? stack_trace_save+0x1e0/0x1e0 [ 58.717393][ T3631] ? kernel_text_address+0x9e/0xd0 [ 58.722505][ T3631] ? ima_alloc_tfm+0x330/0x330 [ 58.727260][ T3631] ? register_lock_class+0xc2/0x930 [ 58.732461][ T3631] ? is_dynamic_key+0x1f0/0x1f0 [ 58.737317][ T3631] ? mark_lock+0x9a/0x350 [ 58.741644][ T3631] ? __lock_acquire+0x1292/0x1f60 [ 58.746688][ T3631] ? rcu_read_lock_sched_held+0x87/0x110 [ 58.752318][ T3631] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 58.758291][ T3631] ? trace_raw_output_contention_end+0xd0/0xd0 [ 58.764455][ T3631] ? trace_contention_end+0x72/0x1d0 [ 58.769824][ T3631] ima_collect_measurement+0x444/0x8c0 [ 58.775304][ T3631] ? ima_get_action+0xa0/0xa0 [ 58.779981][ T3631] ? is_bad_inode+0x9/0x40 [ 58.784412][ T3631] process_measurement+0xf4b/0x1bd0 [ 58.789621][ T3631] ? ima_file_mmap+0x150/0x150 [ 58.794383][ T3631] ? tomoyo_check_path_number_acl+0x270/0x270 [ 58.800450][ T3631] ? aa_get_newest_label+0xf4/0x640 [ 58.805646][ T3631] ? apparmor_task_kill+0x540/0x540 [ 58.810848][ T3631] ? apparmor_file_open+0x5c7/0x7c0 [ 58.816044][ T3631] ? apparmor_inode_getattr+0x680/0x680 [ 58.821629][ T3631] ima_file_check+0xd8/0x130 [ 58.826214][ T3631] ? do_dentry_open+0xcad/0x11b0 [ 58.831147][ T3631] ? ima_bprm_check+0x270/0x270 [ 58.836002][ T3631] path_openat+0x2642/0x2df0 [ 58.840590][ T3631] ? stack_trace_snprint+0xf0/0xf0 [ 58.845702][ T3631] ? __stack_depot_save+0x36/0x4a0 [ 58.850826][ T3631] ? do_filp_open+0x4f0/0x4f0 [ 58.855499][ T3631] ? rcu_read_lock_sched_held+0x87/0x110 [ 58.861129][ T3631] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 58.867138][ T3631] do_filp_open+0x264/0x4f0 [ 58.871652][ T3631] ? vfs_tmpfile+0x490/0x490 [ 58.876272][ T3631] ? do_raw_spin_unlock+0x134/0x8a0 [ 58.881485][ T3631] ? _raw_spin_unlock+0x24/0x40 [ 58.886340][ T3631] ? alloc_fd+0x5a7/0x640 [ 58.890684][ T3631] do_sys_openat2+0x124/0x4e0 [ 58.895361][ T3631] ? print_irqtrace_events+0x220/0x220 [ 58.900813][ T3631] ? ptrace_stop+0x74d/0x970 [ 58.905402][ T3631] ? do_sys_open+0x220/0x220 [ 58.909991][ T3631] ? lockdep_hardirqs_on+0x8d/0x130 [ 58.915208][ T3631] ? _raw_spin_unlock_irq+0x2a/0x40 [ 58.920432][ T3631] ? ptrace_notify+0x245/0x340 [ 58.925199][ T3631] __x64_sys_open+0x221/0x270 [ 58.929888][ T3631] ? do_sys_openat2+0x4e0/0x4e0 [ 58.934745][ T3631] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 58.940741][ T3631] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 58.946736][ T3631] do_syscall_64+0x3d/0xb0 [ 58.951240][ T3631] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 58.957151][ T3631] RIP: 0033:0x7f345f040769 [ 58.961579][ T3631] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 58.981200][ T3631] RSP: 002b:00007ffc627c78b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 58.989719][ T3631] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f345f040769 [ 58.997714][ T3631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 59.005700][ T3631] RBP: 00007f345f000000 R08: 0000000000009e07 R09: 0000000000000000 [ 59.013670][ T3631] R10: 00007ffc627c7780 R11: 0000000000000246 R12: 00007f345f000090 [ 59.021814][ T3631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 59.029814][ T3631] [ 59.033893][ T3631] syz-executor365: attempt to access beyond end of device [ 59.033893][ T3631] loop0: rw=0, sector=3245518, nr_sectors = 1 limit=128 [ 59.047930][ T3631] Buffer I/O error on dev loop0, logical block 3245518, async page read open("./file0", O_RDONLY) = 4 exit_group(0) = ? +++ exited with 0 +++ [ 59.056494][ T3631] syz-executor36