./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1592052957 <...> forked to background, child pid 4639 no interfaces have a carrier [ 26.872153][ T4640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.881061][ T4640] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.51' (ECDSA) to the list of known hosts. execve("./syz-executor1592052957", ["./syz-executor1592052957"], 0x7ffe60038110 /* 10 vars */) = 0 brk(NULL) = 0x5555570e8000 brk(0x5555570e8c40) = 0x5555570e8c40 arch_prctl(ARCH_SET_FS, 0x5555570e8300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1592052957", 4096) = 28 brk(0x555557109c40) = 0x555557109c40 brk(0x55555710a000) = 0x55555710a000 mprotect(0x7fcd1dcf0000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcd15825000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7fcd15825000, 16777216) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 syzkaller login: [ 51.820571][ T5068] loop0: detected capacity change from 0 to 32768 [ 51.833897][ T5068] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 51.842137][ T5068] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 51.853385][ T5068] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 51.862292][ T7] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 51.869228][ T7] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 51.900216][ T7] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 30ms [ 51.908034][ T7] gfs2: fsid=syz:syz.0: jid=0: Done [ 51.913309][ T5068] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 51.922453][ T5068] ------------[ cut here ]------------ [ 51.928038][ T5068] WARNING: CPU: 0 PID: 5068 at fs/iomap/buffered-io.c:226 iomap_read_inline_data+0x48c/0x570 [ 51.938305][ T5068] Modules linked in: [ 51.942212][ T5068] CPU: 0 PID: 5068 Comm: syz-executor159 Not tainted 6.1.0-syzkaller-13031-g77856d911a8c #0 [ 51.952331][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 51.962432][ T5068] RIP: 0010:iomap_read_inline_data+0x48c/0x570 [ 51.969371][ T5068] Code: 80 3c 02 00 0f 85 ca 00 00 00 48 8b 5d 28 e9 d4 fe ff ff e8 c6 6e 84 ff 0f 0b 41 bc fb ff ff ff e9 73 fd ff ff e8 b4 6e 84 ff <0f> 0b 41 bc fb ff ff ff e9 61 fd ff ff e8 a2 6e 84 ff 0f 0b 41 bc [ 51.989040][ T5068] RSP: 0018:ffffc90003c2f0d0 EFLAGS: 00010293 [ 51.995265][ T5068] RAX: 0000000000000000 RBX: ffffc90003c2f2a0 RCX: 0000000000000000 [ 52.003253][ T5068] RDX: ffff8880208c57c0 RSI: ffffffff81fce24c RDI: 0000000000000006 [ 52.011318][ T5068] RBP: ffffea0001cb2ac0 R08: 0000000000000006 R09: 0000000000001000 [ 52.019362][ T5068] R10: 00000040000000c0 R11: 0000000000000000 R12: 0000000000000000 [ 52.027410][ T5068] R13: ffffc90003c2f2c8 R14: 00000040000000c0 R15: 0000000000001000 [ 52.035417][ T5068] FS: 00005555570e8300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 52.044669][ T5068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.051242][ T5068] CR2: 00007ffc56411000 CR3: 0000000025d9a000 CR4: 0000000000350ef0 [ 52.059256][ T5068] Call Trace: [ 52.062715][ T5068] [ 52.065698][ T5068] iomap_readpage_iter+0x422/0xc40 [ 52.070838][ T5068] ? iomap_adjust_read_range+0x710/0x710 [ 52.076548][ T5068] ? rcu_read_lock_sched_held+0x3e/0x70 [ 52.082120][ T5068] ? iomap_iter+0x683/0x14e0 [ 52.086775][ T5068] iomap_read_folio+0x2a9/0x6a0 [ 52.091640][ T5068] ? iomap_readpage_iter+0xc40/0xc40 [ 52.096996][ T5068] ? folio_add_lru+0x345/0x680 [ 52.101787][ T5068] gfs2_read_folio+0x14f/0x720 [ 52.106630][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.112893][ T5068] ? folio_add_lru+0x37b/0x680 [ 52.117722][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.124068][ T5068] filemap_read_folio+0xdb/0x2c0 [ 52.129020][ T5068] ? __folio_lock_killable+0x20/0x20 [ 52.134506][ T5068] do_read_cache_folio+0x1df/0x510 [ 52.139652][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.146671][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.152930][ T5068] read_cache_page+0x5d/0x160 [ 52.157651][ T5068] gfs2_internal_read+0xd6/0x550 [ 52.162627][ T5068] read_rindex_entry+0x1b1/0x12b0 [ 52.167709][ T5068] ? inode_go_sync+0x560/0x560 [ 52.172505][ T5068] ? wake_up_var+0x120/0x120 [ 52.177143][ T5068] ? __rs_deltree+0x1e0/0x1e0 [ 52.181837][ T5068] ? inode_go_held+0x152/0x210 [ 52.186675][ T5068] ? inode_go_dump+0x260/0x260 [ 52.191459][ T5068] ? gfs2_instantiate+0x1ec/0x250 [ 52.196517][ T5068] ? gfs2_glock_wait+0x17e/0x2e0 [ 52.201498][ T5068] ? gfs2_glock_nq+0x5e1/0x1810 [ 52.206417][ T5068] gfs2_ri_update+0x73/0x570 [ 52.211061][ T5068] gfs2_rindex_update+0x420/0x4b0 [ 52.216162][ T5068] ? gfs2_ri_total+0x210/0x210 [ 52.220952][ T5068] ? init_inodes+0x1fa7/0x2830 [ 52.225940][ T5068] ? gfs2_lookup_simple+0xb3/0xe0 [ 52.230984][ T5068] ? gfs2_rename2+0xa0/0xa0 [ 52.235530][ T5068] ? lockdep_init_map_type+0x21e/0x800 [ 52.241029][ T5068] init_inodes+0x1fa7/0x2830 [ 52.245707][ T5068] ? end_bio_io_page+0xa0/0xa0 [ 52.250627][ T5068] ? pointer+0xc50/0xc50 [ 52.254962][ T5068] ? snprintf+0xbf/0x100 [ 52.259221][ T5068] ? vsnprintf+0x1690/0x16b0 [ 52.263891][ T5068] ? gfs2_read_super+0x18c0/0x18c0 [ 52.269020][ T5068] ? __debugfs_create_file+0x392/0x540 [ 52.274522][ T5068] gfs2_fill_super+0x1a08/0x27a0 [ 52.279509][ T5068] ? gfs2_reconfigure+0x1060/0x1060 [ 52.284761][ T5068] ? gfs2_fill_super+0x1710/0x27a0 [ 52.289887][ T5068] ? snprintf+0xbf/0x100 [ 52.294170][ T5068] ? vsprintf+0x30/0x30 [ 52.298367][ T5068] ? wait_for_completion_io_timeout+0x20/0x20 [ 52.304513][ T5068] ? set_blocksize+0x2c9/0x370 [ 52.309302][ T5068] get_tree_bdev+0x444/0x760 [ 52.313935][ T5068] ? gfs2_reconfigure+0x1060/0x1060 [ 52.319152][ T5068] gfs2_get_tree+0x4e/0x270 [ 52.323743][ T5068] vfs_get_tree+0x8d/0x2f0 [ 52.328180][ T5068] path_mount+0x132a/0x1e20 [ 52.333022][ T5068] ? kmem_cache_free+0xee/0x5c0 [ 52.337908][ T5068] ? finish_automount+0x960/0x960 [ 52.345016][ T5068] ? putname+0x102/0x140 [ 52.349258][ T5068] __x64_sys_mount+0x283/0x300 [ 52.354067][ T5068] ? copy_mnt_ns+0xb30/0xb30 [ 52.358674][ T5068] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.363955][ T5068] ? _raw_spin_unlock_irq+0x2e/0x50 [ 52.369202][ T5068] ? ptrace_notify+0xfe/0x140 [ 52.373948][ T5068] do_syscall_64+0x39/0xb0 [ 52.378407][ T5068] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.384402][ T5068] RIP: 0033:0x7fcd1dc72dca [ 52.388832][ T5068] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.408613][ T5068] RSP: 002b:00007ffc56410378 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 52.417169][ T5068] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcd1dc72dca [ 52.425192][ T5068] RDX: 00000000200124c0 RSI: 0000000020012500 RDI: 00007ffc56410380 [ 52.433211][ T5068] RBP: 00007ffc56410380 R08: 00007ffc564103c0 R09: 0000000000012511 [ 52.441212][ T5068] R10: 0000000000000819 R11: 0000000000000282 R12: 0000000000000004 [ 52.449223][ T5068] R13: 00005555570e82c0 R14: 00007ffc564103c0 R15: 0000000000000000 [ 52.457269][ T5068] [ 52.460293][ T5068] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 52.467562][ T5068] CPU: 0 PID: 5068 Comm: syz-executor159 Not tainted 6.1.0-syzkaller-13031-g77856d911a8c #0 [ 52.477642][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.487684][ T5068] Call Trace: [ 52.490950][ T5068] [ 52.493878][ T5068] dump_stack_lvl+0xd1/0x138 [ 52.498478][ T5068] panic+0x2cc/0x626 [ 52.502463][ T5068] ? panic_print_sys_info.part.0+0x110/0x110 [ 52.508446][ T5068] ? iomap_read_inline_data+0x48c/0x570 [ 52.513988][ T5068] check_panic_on_warn.cold+0x19/0x35 [ 52.519358][ T5068] __warn+0xf2/0x1a0 [ 52.523248][ T5068] ? iomap_read_inline_data+0x48c/0x570 [ 52.528815][ T5068] report_bug+0x1c0/0x210 [ 52.533148][ T5068] handle_bug+0x3c/0x70 [ 52.537304][ T5068] exc_invalid_op+0x18/0x50 [ 52.541811][ T5068] asm_exc_invalid_op+0x1a/0x20 [ 52.546655][ T5068] RIP: 0010:iomap_read_inline_data+0x48c/0x570 [ 52.552895][ T5068] Code: 80 3c 02 00 0f 85 ca 00 00 00 48 8b 5d 28 e9 d4 fe ff ff e8 c6 6e 84 ff 0f 0b 41 bc fb ff ff ff e9 73 fd ff ff e8 b4 6e 84 ff <0f> 0b 41 bc fb ff ff ff e9 61 fd ff ff e8 a2 6e 84 ff 0f 0b 41 bc [ 52.573198][ T5068] RSP: 0018:ffffc90003c2f0d0 EFLAGS: 00010293 [ 52.579282][ T5068] RAX: 0000000000000000 RBX: ffffc90003c2f2a0 RCX: 0000000000000000 [ 52.587246][ T5068] RDX: ffff8880208c57c0 RSI: ffffffff81fce24c RDI: 0000000000000006 [ 52.595212][ T5068] RBP: ffffea0001cb2ac0 R08: 0000000000000006 R09: 0000000000001000 [ 52.603176][ T5068] R10: 00000040000000c0 R11: 0000000000000000 R12: 0000000000000000 [ 52.611165][ T5068] R13: ffffc90003c2f2c8 R14: 00000040000000c0 R15: 0000000000001000 [ 52.619222][ T5068] ? iomap_read_inline_data+0x48c/0x570 [ 52.624778][ T5068] iomap_readpage_iter+0x422/0xc40 [ 52.629912][ T5068] ? iomap_adjust_read_range+0x710/0x710 [ 52.635545][ T5068] ? rcu_read_lock_sched_held+0x3e/0x70 [ 52.641182][ T5068] ? iomap_iter+0x683/0x14e0 [ 52.645772][ T5068] iomap_read_folio+0x2a9/0x6a0 [ 52.650620][ T5068] ? iomap_readpage_iter+0xc40/0xc40 [ 52.656010][ T5068] ? folio_add_lru+0x345/0x680 [ 52.660777][ T5068] gfs2_read_folio+0x14f/0x720 [ 52.665542][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.671806][ T5068] ? folio_add_lru+0x37b/0x680 [ 52.676829][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.683066][ T5068] filemap_read_folio+0xdb/0x2c0 [ 52.688001][ T5068] ? __folio_lock_killable+0x20/0x20 [ 52.693313][ T5068] do_read_cache_folio+0x1df/0x510 [ 52.698426][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.704672][ T5068] ? zero_user_segments.constprop.0+0x6d0/0x6d0 [ 52.710906][ T5068] read_cache_page+0x5d/0x160 [ 52.715617][ T5068] gfs2_internal_read+0xd6/0x550 [ 52.720755][ T5068] read_rindex_entry+0x1b1/0x12b0 [ 52.725782][ T5068] ? inode_go_sync+0x560/0x560 [ 52.730547][ T5068] ? wake_up_var+0x120/0x120 [ 52.735136][ T5068] ? __rs_deltree+0x1e0/0x1e0 [ 52.739897][ T5068] ? inode_go_held+0x152/0x210 [ 52.744685][ T5068] ? inode_go_dump+0x260/0x260 [ 52.749453][ T5068] ? gfs2_instantiate+0x1ec/0x250 [ 52.754762][ T5068] ? gfs2_glock_wait+0x17e/0x2e0 [ 52.759702][ T5068] ? gfs2_glock_nq+0x5e1/0x1810 [ 52.764554][ T5068] gfs2_ri_update+0x73/0x570 [ 52.769146][ T5068] gfs2_rindex_update+0x420/0x4b0 [ 52.774203][ T5068] ? gfs2_ri_total+0x210/0x210 [ 52.778966][ T5068] ? init_inodes+0x1fa7/0x2830 [ 52.783722][ T5068] ? gfs2_lookup_simple+0xb3/0xe0 [ 52.788767][ T5068] ? gfs2_rename2+0xa0/0xa0 [ 52.793263][ T5068] ? lockdep_init_map_type+0x21e/0x800 [ 52.798743][ T5068] init_inodes+0x1fa7/0x2830 [ 52.803347][ T5068] ? end_bio_io_page+0xa0/0xa0 [ 52.808118][ T5068] ? pointer+0xc50/0xc50 [ 52.812367][ T5068] ? snprintf+0xbf/0x100 [ 52.816667][ T5068] ? vsnprintf+0x1690/0x16b0 [ 52.821251][ T5068] ? gfs2_read_super+0x18c0/0x18c0 [ 52.826379][ T5068] ? __debugfs_create_file+0x392/0x540 [ 52.831836][ T5068] gfs2_fill_super+0x1a08/0x27a0 [ 52.836783][ T5068] ? gfs2_reconfigure+0x1060/0x1060 [ 52.842063][ T5068] ? gfs2_fill_super+0x1710/0x27a0 [ 52.847172][ T5068] ? snprintf+0xbf/0x100 [ 52.851500][ T5068] ? vsprintf+0x30/0x30 [ 52.855734][ T5068] ? wait_for_completion_io_timeout+0x20/0x20 [ 52.861797][ T5068] ? set_blocksize+0x2c9/0x370 [ 52.866575][ T5068] get_tree_bdev+0x444/0x760 [ 52.871164][ T5068] ? gfs2_reconfigure+0x1060/0x1060 [ 52.876361][ T5068] gfs2_get_tree+0x4e/0x270 [ 52.880966][ T5068] vfs_get_tree+0x8d/0x2f0 [ 52.885559][ T5068] path_mount+0x132a/0x1e20 [ 52.890061][ T5068] ? kmem_cache_free+0xee/0x5c0 [ 52.894902][ T5068] ? finish_automount+0x960/0x960 [ 52.899934][ T5068] ? putname+0x102/0x140 [ 52.904181][ T5068] __x64_sys_mount+0x283/0x300 [ 52.908943][ T5068] ? copy_mnt_ns+0xb30/0xb30 [ 52.913529][ T5068] ? lockdep_hardirqs_on+0x7d/0x100 [ 52.918722][ T5068] ? _raw_spin_unlock_irq+0x2e/0x50 [ 52.923915][ T5068] ? ptrace_notify+0xfe/0x140 [ 52.928590][ T5068] do_syscall_64+0x39/0xb0 [ 52.933004][ T5068] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.938888][ T5068] RIP: 0033:0x7fcd1dc72dca [ 52.943295][ T5068] Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 52.962903][ T5068] RSP: 002b:00007ffc56410378 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 52.971408][ T5068] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcd1dc72dca [ 52.979551][ T5068] RDX: 00000000200124c0 RSI: 0000000020012500 RDI: 00007ffc56410380 [ 52.987539][ T5068] RBP: 00007ffc56410380 R08: 00007ffc564103c0 R09: 0000000000012511 [ 52.995503][ T5068] R10: 0000000000000819 R11: 0000000000000282 R12: 0000000000000004 [ 53.003465][ T5068] R13: 00005555570e82c0 R14: 00007ffc564103c0 R15: 0000000000000000 [ 53.011443][ T5068] [ 53.015534][ T5068] Kernel Offset: disabled [ 53.020037][ T5068] Rebooting in 86400 seconds..