./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1538517165 <...> Warning: Permanently added '10.128.0.64' (ED25519) to the list of known hosts. execve("./syz-executor1538517165", ["./syz-executor1538517165"], 0x7fff9c6c99a0 /* 10 vars */) = 0 brk(NULL) = 0x55555a1e8000 brk(0x55555a1e8d40) = 0x55555a1e8d40 arch_prctl(ARCH_SET_FS, 0x55555a1e83c0) = 0 set_tid_address(0x55555a1e8690) = 5220 set_robust_list(0x55555a1e86a0, 24) = 0 rseq(0x55555a1e8ce0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1538517165", 4096) = 28 getrandom("\x1c\x96\x9c\x4a\x91\xfc\xbe\xf2", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555a1e8d40 brk(0x55555a209d40) = 0x55555a209d40 brk(0x55555a20a000) = 0x55555a20a000 mprotect(0x7fe20a691000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5221 attached , child_tidptr=0x55555a1e8690) = 5221 [pid 5220] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC [pid 5221] set_robust_list(0x55555a1e86a0, 24) = 0 [pid 5220] <... openat resumed>) = 3 [pid 5220] write(3, "10000000000", 11) = 11 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "20", 2) = 2 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "0", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "0", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "100", 3) = 3 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "0", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "0", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "7 4 1 3", 7) = 7 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "1", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "0", 1) = 1 [pid 5220] close(3) = 0 [pid 5220] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 5220] write(3, "5221", 4) = 4 [pid 5220] close(3) = 0 [pid 5220] kill(5221, SIGKILL) = 0 [pid 5221] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5221, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- mount(NULL, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, NULL) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x30\x3a\x4d\x3a\x30\x3a\x01\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a", 21) = 21 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x31\x3a\x4d\x3a\x31\x3a\x02\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a\x50\x4f\x43", 24) = 24 close(3) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5222 attached , child_tidptr=0x55555a1e8690) = 5222 [pid 5222] set_robust_list(0x55555a1e86a0, 24) = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5222] setsid() = 1 [pid 5222] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5222] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5222] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5222] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5222] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5222] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5222] unshare(CLONE_NEWNS) = 0 [pid 5222] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5222] unshare(CLONE_NEWIPC) = 0 [pid 5222] unshare(CLONE_NEWCGROUP) = 0 [pid 5222] unshare(CLONE_NEWUTS) = 0 [pid 5222] unshare(CLONE_SYSVSEM) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "16777216", 8) = 8 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "536870912", 9) = 9 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1024", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "8192", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1024", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1024", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5222] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5222] close(3) = 0 [pid 5222] getpid() = 1 [pid 5222] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5232] rseq(0x7fe20a5b7fe0, 0x20, 0, 0x53053053) = 0 [pid 5222] <... clone3 resumed> => {parent_tid=[2]}, 88) = 2 [pid 5232] set_robust_list(0x7fe20a5b79a0, 24 [pid 5222] rt_sigprocmask(SIG_SETMASK, [], [pid 5232] <... set_robust_list resumed>) = 0 [pid 5232] rt_sigprocmask(SIG_SETMASK, [], [pid 5222] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5232] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5232] mknod("./file0", 000 [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5232] <... mknod resumed>) = 0 [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5222] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] <... futex resumed>) = 0 [pid 5222] <... futex resumed>) = 1 [pid 5232] memfd_create("syzkaller", 0 [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5232] <... memfd_create resumed>) = 3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe202000000 [pid 5232] write(3, "\xb5\x84\x31\x7b\xb6\x84\x31\x7b\xb7\x84\x31\x7b\xb8\x84\x31\x7b\xb9\x84\x31\x7b\xba\x84\x31\x7b\xbb\x84\x31\x7b\xbc\x84\x31\x7b\xbd\x84\x31\x7b\xbe\x84\x31\x7b\xbf\x84\x31\x7b\xc0\x84\x31\x7b\xc1\x84\x31\x7b\xc2\x84\x31\x7b\xc3\x84\x31\x7b\xc4\x84\x31\x7b\xc5\x84\x31\x7b\xc6\x84\x31\x7b\xc7\x84\x31\x7b\xc8\x84\x31\x7b\xc9\x84\x31\x7b\xca\x84\x31\x7b\xcb\x84\x31\x7b\xcc\x84\x31\x7b\xcd\x84\x31\x7b"..., 65536) = 65536 [pid 5232] munmap(0x7fe202000000, 138412032) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5232] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5232] close(3) = 0 [pid 5232] close(4) = 0 [pid 5232] mkdir("./file0", 0777) = -1 EEXIST (File exists) [ 84.335115][ T5232] loop0: detected capacity change from 0 to 128 [pid 5232] mount("/dev/loop0", "./file0", "sysv", MS_STRICTATIME, "./file0") = 0 [pid 5232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = -1 ENOTDIR (Not a directory) [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5222] <... futex resumed>) = 0 [ 84.376840][ T5232] VFS: Found a Xenix FS (block size = 512) on device loop0 [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5232] <... futex resumed>) = 0 [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] openat(AT_FDCWD, "./file0", O_WRONLY|O_CREAT|O_NOCTTY|O_SYNC, 000) = 3 [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5222] <... futex resumed>) = 0 [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] open("./bus", O_RDONLY|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 5222] <... futex resumed>) = 0 [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] <... open resumed>) = 4 [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5222] <... futex resumed>) = 0 [pid 5232] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] memfd_create("syzkaller", 0 [pid 5222] <... futex resumed>) = 0 [pid 5232] <... memfd_create resumed>) = 5 [pid 5222] futex(0x7fe20a6976fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5222] <... futex resumed>) = 0 [pid 5232] <... mmap resumed>) = 0x7fe202000000 [pid 5222] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe20a576000 [pid 5222] mprotect(0x7fe20a577000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5222] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5232] write(5, "\xeb\x76\x90\x45\x58\x46\x41\x54\x20\x20\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x08\x00\x00\x00\x88\x00\x00\x00\x0f\x00\x00\x00\x05\x00\x00\x00"..., 131072 [pid 5222] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5222] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fe20a596990, parent_tid=0x7fe20a596990, exit_signal=0, stack=0x7fe20a576000, stack_size=0x20300, tls=0x7fe20a5966c0}./strace-static-x86_64: Process 5233 attached [pid 5233] rseq(0x7fe20a596fe0, 0x20, 0, 0x53053053) = 0 [pid 5232] <... write resumed>) = 131072 [pid 5233] set_robust_list(0x7fe20a5969a0, 24 [pid 5222] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 5233] <... set_robust_list resumed>) = 0 [pid 5222] rt_sigprocmask(SIG_SETMASK, [], [pid 5233] rt_sigprocmask(SIG_SETMASK, [], [pid 5222] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5233] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5222] futex(0x7fe20a6976f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL [pid 5222] <... futex resumed>) = 0 [pid 5232] munmap(0x7fe202000000, 138412032 [pid 5222] futex(0x7fe20a6976fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5233] <... mount resumed>) = 0 [pid 5233] futex(0x7fe20a6976fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5233] futex(0x7fe20a6976f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5232] <... munmap resumed>) = 0 [pid 5222] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5222] futex(0x7fe20a6976f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] <... futex resumed>) = 0 [pid 5232] close(5 [pid 5222] <... futex resumed>) = 1 [pid 5233] open("./bus", O_RDONLY [pid 5232] <... close resumed>) = 0 [pid 5222] futex(0x7fe20a6976fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5233] <... open resumed>) = 5 [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] futex(0x7fe20a6976fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5232] <... futex resumed>) = 0 [pid 5222] <... futex resumed>) = 0 [pid 5233] futex(0x7fe20a6976f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5222] <... futex resumed>) = 0 [pid 5232] ioctl(5, LOOP_SET_STATUS, {lo_number=0, lo_offset=0x2c6575, lo_encrypt_type=0x1a37ee8e /* LO_CRYPT_??? */, lo_encrypt_key_size=645265316, lo_flags=LO_FLAGS_USE_AOPS|LO_FLAGS_PARTSCAN|LO_FLAGS_DIRECT_IO|0xb0d98de0, lo_name="\x8d\x64\x12\x75\x79\xdc\xb5\x50\x04\x30\xe2\xd3\xb3\x7d\xdc\xbf\x2e\x63\x0f\x2b\x95\xd8\x99\xd8\x23\x86\xe9\x33\x66\x4e\x7e\xd6\xcc\x1c\xad\x9f\xe9\x1d\x8c\x80\x20\x60\x84\xe8\x32\x21\xde\x24\x8d\xd3\xe3\x92\x1e\x1d\xc6\x3f\xc0\x29\x09\x34\x0d\x4e\x03"..., lo_encrypt_key="\xd7\xe0\x54\x61\x90\xe0\x53\x1c\x6d\x5c\x64\x57\xed\xd7\x91\xed\x75\x89\x4f\x68\x0e\x9b\x34\xf2\xb8\xa2\x35\xa0\xde\x9a\x0c\x66", ...} [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] <... ioctl resumed>) = 0 [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5222] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5232] futex(0x7fe20a6976e8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5222] futex(0x7fe20a6976e8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5232] <... futex resumed>) = 0 [pid 5222] <... futex resumed>) = 1 [pid 5232] truncate("./file0", 255 [ 84.575178][ T5232] loop0: detected capacity change from 128 to 0 [ 84.597478][ T5232] sysv_free_block: trying to free block not in datazone [ 84.605323][ T5232] syz-executor153: attempt to access beyond end of device [ 84.605323][ T5232] loop0: rw=0, sector=13662976, nr_sectors = 1 limit=0 [pid 5222] futex(0x7fe20a6976ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] <... truncate resumed>) = 0 [pid 5222] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5232] truncate("./file0", 255 [pid 5222] futex(0x7fe20a6976f8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5233] <... futex resumed>) = 0 [pid 5232] <... truncate resumed>) = 0 [pid 5222] <... futex resumed>) = 1 [pid 5233] pwritev(3, [{iov_base="\xda\xe3", iov_len=2}], 1, 8388607 [pid 5222] futex(0x7fe20a6976fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5232] truncate("./file0", 255) = 0 [ 84.619480][ T5232] syz-executor153: attempt to access beyond end of device [ 84.619480][ T5232] loop0: rw=0, sector=8073605, nr_sectors = 1 limit=0 [ 84.633674][ T5232] syz-executor153: attempt to access beyond end of device [ 84.633674][ T5232] loop0: rw=0, sector=3245521, nr_sectors = 1 limit=0 [ 84.653403][ T5233] syz-executor153: attempt to access beyond end of device [ 84.653403][ T5233] loop0: rw=2049, sector=2, nr_sectors = 1 limit=0 [ 84.667449][ T5233] Buffer I/O error on dev loop0, logical block 2, lost sync page write [pid 5232] truncate("./file0", 255 [pid 5233] <... pwritev resumed>) = -1 EIO (Input/output error) [pid 5232] <... truncate resumed>) = 0 [pid 5233] futex(0x7fe20a6976fc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5232] truncate("./file0", 255 [pid 5233] futex(0x7fe20a6976f8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5232] <... truncate resumed>) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5222] <... futex resumed>) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [ 84.676812][ T5233] IO error syncing sysv inode [loop0:00000002] [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] truncate("./file0", 255) = 0 [pid 5232] futex(0x7fe20a6976ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 5222] exit_group(1 [pid 5232] <... futex resumed>) = 0 [pid 5233] <... futex resumed>) = ? [pid 5222] <... exit_group resumed>) = ? [pid 5232] +++ exited with 1 +++ [ 85.007983][ T5233] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 85.019407][ T5233] ------------[ cut here ]------------ [ 85.025121][ T5233] WARNING: CPU: 1 PID: 5233 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520 [ 85.034129][ T5233] Modules linked in: [ 85.038186][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: syz-executor153 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 85.049461][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 85.059601][ T5233] RIP: 0010:mark_buffer_dirty+0x2e5/0x520 [ 85.065395][ T5233] Code: 89 df e8 9e 89 db ff 48 8b 3b be 20 00 00 00 5b 41 5e 41 5f 5d e9 fb e8 fb ff e8 76 fc 74 ff e9 73 ff ff ff e8 6c fc 74 ff 90 <0f> 0b 90 e9 61 fd ff ff e8 5e fc 74 ff 90 0f 0b 90 e9 88 fd ff ff [ 85.085107][ T5233] RSP: 0018:ffffc900034ef8a8 EFLAGS: 00010293 [ 85.091239][ T5233] RAX: ffffffff821fea94 RBX: 1ffff11005f3a601 RCX: ffff88802e628000 [ 85.099283][ T5233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.107339][ T5233] RBP: 0000000000000000 R08: ffffffff821fe7f1 R09: 1ffff1100e23f979 [ 85.115653][ T5233] R10: dffffc0000000000 R11: ffffed100e23f97a R12: dffffc0000000000 [ 85.123676][ T5233] R13: dffffc0000000000 R14: ffff8880711fcbc8 R15: ffff88802f9d3038 [ 85.131717][ T5233] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 85.140714][ T5233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.147354][ T5233] CR2: 00007fe20a657d28 CR3: 0000000029402000 CR4: 00000000003526f0 [ 85.155405][ T5233] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.163397][ T5233] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.171457][ T5233] Call Trace: [ 85.174833][ T5233] [ 85.177813][ T5233] ? __warn+0x168/0x4e0 [ 85.181994][ T5233] ? mark_buffer_dirty+0x2e5/0x520 [ 85.187218][ T5233] ? report_bug+0x2b3/0x500 [ 85.191763][ T5233] ? mark_buffer_dirty+0x2e5/0x520 [ 85.197025][ T5233] ? handle_bug+0x60/0x90 [ 85.201383][ T5233] ? exc_invalid_op+0x1a/0x50 [ 85.206126][ T5233] ? asm_exc_invalid_op+0x1a/0x20 [ 85.211194][ T5233] ? mark_buffer_dirty+0x41/0x520 [ 85.216312][ T5233] ? mark_buffer_dirty+0x2e4/0x520 [ 85.221474][ T5233] ? mark_buffer_dirty+0x2e5/0x520 [ 85.226667][ T5233] ? mark_buffer_dirty+0x2e4/0x520 [ 85.231831][ T5233] sysv_put_super+0x93/0x180 [ 85.236529][ T5233] ? __pfx_sysv_put_super+0x10/0x10 [ 85.241857][ T5233] generic_shutdown_super+0x139/0x2d0 [ 85.247311][ T5233] kill_block_super+0x44/0x90 [ 85.252461][ T5233] deactivate_locked_super+0xc4/0x130 [ 85.257903][ T5233] cleanup_mnt+0x41f/0x4b0 [ 85.262392][ T5233] ? lockdep_hardirqs_on+0x99/0x150 [ 85.267720][ T5233] task_work_run+0x24f/0x310 [ 85.272359][ T5233] ? kasan_quarantine_put+0xdc/0x230 [ 85.277737][ T5233] ? __pfx_task_work_run+0x10/0x10 [ 85.282887][ T5233] ? do_exit+0xa2a/0x28e0 [ 85.287277][ T5233] ? kmem_cache_free+0x1a2/0x420 [ 85.292256][ T5233] ? do_exit+0xa2a/0x28e0 [ 85.296648][ T5233] do_exit+0xa2f/0x28e0 [ 85.300841][ T5233] ? __pfx_do_exit+0x10/0x10 [ 85.305593][ T5233] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 85.311016][ T5233] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 85.317091][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.323473][ T5233] ? _raw_spin_lock_irq+0xdf/0x120 [ 85.328675][ T5233] do_group_exit+0x207/0x2c0 [ 85.333321][ T5233] ? _raw_spin_unlock_irq+0x23/0x50 [ 85.338666][ T5233] ? lockdep_hardirqs_on+0x99/0x150 [ 85.343908][ T5233] get_signal+0x16a3/0x1740 [ 85.348558][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.355297][ T5233] ? __pfx_get_signal+0x10/0x10 [ 85.360461][ T5233] arch_do_signal_or_restart+0x96/0x860 [ 85.366112][ T5233] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 85.372299][ T5233] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 85.378414][ T5233] ? syscall_exit_to_user_mode+0xa3/0x370 [ 85.384183][ T5233] syscall_exit_to_user_mode+0xc9/0x370 [ 85.389821][ T5233] do_syscall_64+0x100/0x230 [ 85.394450][ T5233] ? clear_bhb_loop+0x35/0x90 [ 85.399205][ T5233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.405160][ T5233] RIP: 0033:0x7fe20a60bb09 [ 85.409589][ T5233] Code: Unable to access opcode bytes at 0x7fe20a60badf. [ 85.416652][ T5233] RSP: 002b:00007fe20a596218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 85.425130][ T5233] RAX: fffffffffffffe00 RBX: 00007fe20a6976f8 RCX: 00007fe20a60bb09 [ 85.433108][ T5233] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe20a6976f8 [ 85.441163][ T5233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.449217][ T5233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe20a6976f0 [ 85.457247][ T5233] R13: 00007fe20a663aa0 R14: 0030656c69662f2e R15: 00007fe20a658047 [ 85.465324][ T5233] [ 85.468375][ T5233] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.475686][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: syz-executor153 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 85.486830][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 85.496992][ T5233] Call Trace: [ 85.500279][ T5233] [ 85.503217][ T5233] dump_stack_lvl+0x241/0x360 [ 85.507914][ T5233] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.513129][ T5233] ? __pfx__printk+0x10/0x10 [ 85.517737][ T5233] ? vscnprintf+0x5d/0x90 [ 85.522083][ T5233] panic+0x349/0x880 [ 85.526076][ T5233] ? __warn+0x177/0x4e0 [ 85.530242][ T5233] ? __pfx_panic+0x10/0x10 [ 85.534687][ T5233] __warn+0x34b/0x4e0 [ 85.538767][ T5233] ? mark_buffer_dirty+0x2e5/0x520 [ 85.543897][ T5233] report_bug+0x2b3/0x500 [ 85.548245][ T5233] ? mark_buffer_dirty+0x2e5/0x520 [ 85.553389][ T5233] handle_bug+0x60/0x90 [ 85.557554][ T5233] exc_invalid_op+0x1a/0x50 [ 85.562069][ T5233] asm_exc_invalid_op+0x1a/0x20 [ 85.566936][ T5233] RIP: 0010:mark_buffer_dirty+0x2e5/0x520 [ 85.572670][ T5233] Code: 89 df e8 9e 89 db ff 48 8b 3b be 20 00 00 00 5b 41 5e 41 5f 5d e9 fb e8 fb ff e8 76 fc 74 ff e9 73 ff ff ff e8 6c fc 74 ff 90 <0f> 0b 90 e9 61 fd ff ff e8 5e fc 74 ff 90 0f 0b 90 e9 88 fd ff ff [ 85.592286][ T5233] RSP: 0018:ffffc900034ef8a8 EFLAGS: 00010293 [ 85.598388][ T5233] RAX: ffffffff821fea94 RBX: 1ffff11005f3a601 RCX: ffff88802e628000 [ 85.606415][ T5233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.614406][ T5233] RBP: 0000000000000000 R08: ffffffff821fe7f1 R09: 1ffff1100e23f979 [ 85.622398][ T5233] R10: dffffc0000000000 R11: ffffed100e23f97a R12: dffffc0000000000 [ 85.630405][ T5233] R13: dffffc0000000000 R14: ffff8880711fcbc8 R15: ffff88802f9d3038 [ 85.638400][ T5233] ? mark_buffer_dirty+0x41/0x520 [ 85.643449][ T5233] ? mark_buffer_dirty+0x2e4/0x520 [ 85.648574][ T5233] ? mark_buffer_dirty+0x2e4/0x520 [ 85.653696][ T5233] sysv_put_super+0x93/0x180 [ 85.658294][ T5233] ? __pfx_sysv_put_super+0x10/0x10 [ 85.663502][ T5233] generic_shutdown_super+0x139/0x2d0 [ 85.668884][ T5233] kill_block_super+0x44/0x90 [ 85.673571][ T5233] deactivate_locked_super+0xc4/0x130 [ 85.678952][ T5233] cleanup_mnt+0x41f/0x4b0 [ 85.683375][ T5233] ? lockdep_hardirqs_on+0x99/0x150 [ 85.688596][ T5233] task_work_run+0x24f/0x310 [ 85.693201][ T5233] ? kasan_quarantine_put+0xdc/0x230 [ 85.698512][ T5233] ? __pfx_task_work_run+0x10/0x10 [ 85.703633][ T5233] ? do_exit+0xa2a/0x28e0 [ 85.707973][ T5233] ? kmem_cache_free+0x1a2/0x420 [ 85.712944][ T5233] ? do_exit+0xa2a/0x28e0 [ 85.717284][ T5233] do_exit+0xa2f/0x28e0 [ 85.721459][ T5233] ? __pfx_do_exit+0x10/0x10 [ 85.726150][ T5233] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 85.731536][ T5233] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 85.737531][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.743891][ T5233] ? _raw_spin_lock_irq+0xdf/0x120 [ 85.749021][ T5233] do_group_exit+0x207/0x2c0 [ 85.753622][ T5233] ? _raw_spin_unlock_irq+0x23/0x50 [ 85.758838][ T5233] ? lockdep_hardirqs_on+0x99/0x150 [ 85.764170][ T5233] get_signal+0x16a3/0x1740 [ 85.768693][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.775039][ T5233] ? __pfx_get_signal+0x10/0x10 [ 85.779907][ T5233] arch_do_signal_or_restart+0x96/0x860 [ 85.785471][ T5233] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 85.791653][ T5233] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 85.797667][ T5233] ? syscall_exit_to_user_mode+0xa3/0x370 [ 85.803396][ T5233] syscall_exit_to_user_mode+0xc9/0x370 [ 85.808959][ T5233] do_syscall_64+0x100/0x230 [ 85.813555][ T5233] ? clear_bhb_loop+0x35/0x90 [ 85.818244][ T5233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.824157][ T5233] RIP: 0033:0x7fe20a60bb09 [ 85.828574][ T5233] Code: Unable to access opcode bytes at 0x7fe20a60badf. [ 85.835610][ T5233] RSP: 002b:00007fe20a596218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 85.844035][ T5233] RAX: fffffffffffffe00 RBX: 00007fe20a6976f8 RCX: 00007fe20a60bb09 [ 85.852013][ T5233] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe20a6976f8 [ 85.859990][ T5233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.867982][ T5233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe20a6976f0 [ 85.875961][ T5233] R13: 00007fe20a663aa0 R14: 0030656c69662f2e R15: 00007fe20a658047 [ 85.883954][ T5233] [ 85.887109][ T5233] Kernel Offset: disabled [ 85.891475][ T5233] Rebooting in 86400 seconds..