./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3520874148 <...> forked to background, child pid 3210 [ 29.660303][ T3211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.673322][ T3211] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 30.088142][ T3298] sshd (3298) used greatest stack depth: 16656 bytes left OK syzkaller Warning: Permanently added '10.128.0.133' (ECDSA) to the list of known hosts. execve("./syz-executor3520874148", ["./syz-executor3520874148"], 0x7ffff3ddd550 /* 10 vars */) = 0 brk(NULL) = 0x555555ab5000 brk(0x555555ab5c40) = 0x555555ab5c40 arch_prctl(ARCH_SET_FS, 0x555555ab5300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555ab55d0) = 3632 set_robust_list(0x555555ab55e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f1275183540, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f1275183c10}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f12751835e0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1275183c10}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3520874148", 4096) = 28 brk(0x555555ad6c40) = 0x555555ad6c40 brk(0x555555ad7000) = 0x555555ad7000 mprotect(0x7f127524b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 3632 mkdir("./syzkaller.qAArqP", 0700) = 0 chmod("./syzkaller.qAArqP", 0777) = 0 chdir("./syzkaller.qAArqP") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ab55d0) = 3633 ./strace-static-x86_64: Process 3633 attached [pid 3633] set_robust_list(0x555555ab55e0, 24) = 0 [pid 3633] chdir("./0") = 0 [pid 3633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3633] setpgid(0, 0) = 0 [pid 3633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3633] write(3, "1000", 4) = 4 [pid 3633] close(3) = 0 [pid 3633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 3633] futex(0x7f12752517ec, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1275152000 [pid 3633] mprotect(0x7f1275153000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3633] clone(child_stack=0x7f12751723f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3635], tls=0x7f1275172700, child_tidptr=0x7f12751729d0) = 3635 [pid 3633] futex(0x7f12752517e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 3635 attached [pid 3635] set_robust_list(0x7f12751729e0, 24) = 0 [pid 3635] memfd_create("syzkaller", 0) = 3 [pid 3635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f126cc00000 [pid 3635] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 3635] munmap(0x7f126cc00000, 16777216) = 0 [pid 3635] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 3635] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 3635] close(3) = 0 [pid 3635] mkdir("./file0", 0777) = 0 [pid 3635] mount("/dev/loop0", "./file0", "jfs", MS_REC, "") = 0 [pid 3635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 3635] chdir("./file0") = 0 [pid 3635] ioctl(4, LOOP_CLR_FD) = 0 [pid 3635] close(4) = 0 [pid 3635] futex(0x7f12752517ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... futex resumed>) = 0 [pid 3633] futex(0x7f12752517e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 [pid 3635] open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 3635] futex(0x7f12752517ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... futex resumed>) = 0 [pid 3633] futex(0x7f12752517e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 [pid 3635] openat(-1, "/proc/self/exe", O_RDONLY) = 5 [pid 3635] futex(0x7f12752517ec, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... futex resumed>) = 0 [pid 3633] futex(0x7f12752517e8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517ec, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 syzkaller login: [ 55.865083][ T3635] loop0: detected capacity change from 0 to 32768 [pid 3635] sendfile(4, 5, NULL, 140737974943952 [pid 3633] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3633] futex(0x7f12752517fc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1275131000 [pid 3633] mprotect(0x7f1275132000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3633] clone(child_stack=0x7f12751513f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3636], tls=0x7f1275151700, child_tidptr=0x7f12751519d0) = 3636 [pid 3633] futex(0x7f12752517f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3636 attached [pid 3636] set_robust_list(0x7f12751519e0, 24) = 0 [pid 3636] open("./file1", O_RDWR|O_CREAT|O_TRUNC|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 6 [pid 3636] futex(0x7f12752517fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... futex resumed>) = 0 [pid 3633] futex(0x7f12752517f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3636] <... futex resumed>) = 1 [pid 3636] openat(-1, "/proc/self/exe", O_RDONLY) = 7 [pid 3636] futex(0x7f12752517fc, FUTEX_WAKE_PRIVATE, 1000000 [pid 3633] <... futex resumed>) = 0 [pid 3633] futex(0x7f12752517f8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3633] futex(0x7f12752517fc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3636] <... futex resumed>) = 1 [pid 3636] sendfile(6, 7, NULL, 140737974943952 [pid 3633] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 55.990299][ T3636] ================================================================================ [ 55.990459][ T3635] ================================================================================ [ 56.000176][ T3636] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_txnmgr.c:1738:5 [ 56.009696][ T3635] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:622:9 [ 56.009714][ T3635] index 19 is out of range for type 'xad_t [18]' [ 56.009726][ T3635] CPU: 0 PID: 3635 Comm: syz-executor352 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 [ 56.009745][ T3635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 56.018078][ T3636] index 18 is out of range for type 'xad_t [18]' [ 56.024958][ T3635] Call Trace: [ 56.024968][ T3635] [ 56.024976][ T3635] dump_stack_lvl+0x1b1/0x28e [ 56.069042][ T3635] ? nf_tcp_handle_invalid+0x62e/0x62e [ 56.074544][ T3635] ? vsnprintf+0x1af/0x1ce0 [ 56.079079][ T3635] ? panic+0x710/0x710 [ 56.083249][ T3635] ? xtSearch+0x188c/0x1cb0 [ 56.087787][ T3635] __ubsan_handle_out_of_bounds+0xdb/0x130 [ 56.093614][ T3635] xtInsert+0xf2f/0xff0 [ 56.097799][ T3635] ? xtSearch+0x1cb0/0x1cb0 [ 56.102307][ T3635] ? do_raw_spin_unlock+0x134/0x8a0 [ 56.107791][ T3635] ? _raw_spin_unlock+0x24/0x40 [ 56.112656][ T3635] ? __dquot_alloc_space+0x2c9/0x1030 [ 56.118047][ T3635] ? rcu_read_lock_sched_held+0x87/0x110 [ 56.123687][ T3635] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 56.129679][ T3635] ? dquot_drop+0x2a0/0x2a0 [ 56.134182][ T3635] ? lockdep_hardirqs_on_prepare+0x428/0x790 [pid 3633] exit_group(0) = ? [ 56.140171][ T3635] ? jfs_evict_inode+0x440/0x440 [ 56.145127][ T3635] extAlloc+0xa5d/0xff0 [ 56.149326][ T3635] ? jfs_ioc_trim+0x660/0x660 [ 56.154034][ T3635] ? down_read_non_owner+0xa0/0xa0 [ 56.159183][ T3635] jfs_get_block+0x342/0xce0 [ 56.163810][ T3635] ? jfs_dirty_inode+0x240/0x240 [ 56.168776][ T3635] ? create_page_buffers+0x244/0x4b0 [ 56.174091][ T3635] __block_write_begin_int+0x54c/0x1a80 [ 56.179679][ T3635] ? __mark_inode_dirty+0x24a/0x600 [ 56.184891][ T3635] ? jfs_dirty_inode+0x240/0x240 [ 56.189832][ T3635] ? page_zero_new_buffers+0x940/0x940 [ 56.195314][ T3635] ? PageHeadHuge+0x8a/0x1d0 [ 56.199922][ T3635] ? jfs_dirty_inode+0x240/0x240 [ 56.204866][ T3635] block_write_begin+0x93/0x1e0 [ 56.209735][ T3635] ? jfs_write_begin+0x16/0x60 [ 56.214565][ T3635] jfs_write_begin+0x2d/0x60 [ 56.219167][ T3635] generic_perform_write+0x2e4/0x5e0 [ 56.224476][ T3635] ? jfs_write_begin+0x60/0x60 [ 56.229250][ T3635] ? generic_file_direct_write+0x610/0x610 [ 56.235060][ T3635] ? __file_remove_privs+0x6c0/0x6c0 [ 56.240349][ T3635] ? generic_write_checks+0x15c/0x1c0 [ 56.245738][ T3635] __generic_file_write_iter+0x176/0x400 [ 56.251409][ T3635] generic_file_write_iter+0xab/0x310 [ 56.256805][ T3635] do_iter_write+0x6c2/0xc20 [ 56.261426][ T3635] ? rcu_read_lock_sched_held+0x87/0x110 [ 56.267104][ T3635] ? vfs_iter_write+0xa0/0xa0 [ 56.271826][ T3635] ? PageUptodate+0xe7/0x2b0 [ 56.276438][ T3635] ? vfs_iter_write+0x69/0xa0 [ 56.281126][ T3635] iter_file_splice_write+0x7fc/0xfc0 [ 56.286538][ T3635] ? splice_from_pipe+0x200/0x200 [ 56.291587][ T3635] ? __fsnotify_parent+0x4fa/0x710 [ 56.296706][ T3635] ? splice_shrink_spd+0xb0/0xb0 [ 56.301662][ T3635] ? __fsnotify_update_child_dentry_flags+0x2d0/0x2d0 [ 56.308448][ T3635] ? splice_from_pipe+0x200/0x200 [ 56.313489][ T3635] direct_splice_actor+0xe6/0x1c0 [ 56.318536][ T3635] splice_direct_to_actor+0x4e4/0xc00 [ 56.323939][ T3635] ? do_splice_direct+0x3d0/0x3d0 [ 56.328985][ T3635] ? pipe_to_sendpage+0x340/0x340 [ 56.334019][ T3635] ? bpf_lsm_file_permission+0x5/0x10 [ 56.339408][ T3635] ? security_file_permission+0xe0/0x5c0 [ 56.345064][ T3635] do_splice_direct+0x279/0x3d0 [ 56.349945][ T3635] ? splice_direct_to_actor+0xc00/0xc00 [ 56.355506][ T3635] ? rcu_read_lock_any_held+0xb1/0x130 [ 56.360977][ T3635] ? apparmor_file_permission+0x270/0x310 [ 56.366711][ T3635] do_sendfile+0x5fb/0xf80 [ 56.371143][ T3635] ? ptrace_stop+0x74d/0x970 [ 56.375741][ T3635] ? do_pwritev+0x350/0x350 [ 56.380255][ T3635] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.385468][ T3635] ? ptrace_notify+0x245/0x340 [ 56.390252][ T3635] __se_sys_sendfile64+0x14f/0x1b0 [ 56.395391][ T3635] ? __x64_sys_sendfile64+0xa0/0xa0 [ 56.400604][ T3635] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 56.406601][ T3635] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 56.412592][ T3635] do_syscall_64+0x3d/0xb0 [ 56.417020][ T3635] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.422927][ T3635] RIP: 0033:0x7f12751c65e9 [ 56.427356][ T3635] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.446963][ T3635] RSP: 002b:00007f12751722f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 56.455382][ T3635] RAX: ffffffffffffffda RBX: 00007f12752517e0 RCX: 00007f12751c65e9 [ 56.463368][ T3635] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 56.471350][ T3635] RBP: 00007f127521e0e4 R08: 0000000000000000 R09: 0000000000000000 [ 56.479324][ T3635] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 65732f636f72702f [ 56.487305][ T3635] R13: 0030656c69662f2e R14: 0031656c69662f2e R15: 00007f12752517e8 [ 56.495300][ T3635] [ 56.498328][ T3636] CPU: 1 PID: 3636 Comm: syz-executor352 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 [ 56.508756][ T3636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 56.518807][ T3636] Call Trace: [ 56.522089][ T3636] [ 56.525021][ T3636] dump_stack_lvl+0x1b1/0x28e [ 56.529704][ T3636] ? nf_tcp_handle_invalid+0x62e/0x62e [ 56.535157][ T3636] ? vsnprintf+0x1af/0x1ce0 [ 56.539664][ T3636] ? panic+0x710/0x710 [ 56.543746][ T3636] __ubsan_handle_out_of_bounds+0xdb/0x130 [ 56.549570][ T3636] txCommit+0x3fb5/0x6d40 [ 56.553942][ T3636] ? txLinelock+0x180/0x180 [ 56.558457][ T3636] ? txBegin+0x511/0x690 [ 56.562715][ T3636] jfs_commit_inode+0x342/0x5a0 [ 56.567571][ T3636] ? jfs_iget+0x3b0/0x3b0 [ 56.571898][ T3636] ? jfs_evict_inode+0x440/0x440 [ 56.576853][ T3636] extAlloc+0xc93/0xff0 [ 56.581026][ T3636] ? jfs_ioc_trim+0x660/0x660 [ 56.585712][ T3636] ? down_read_non_owner+0xa0/0xa0 [ 56.590838][ T3636] jfs_get_block+0x342/0xce0 [ 56.595437][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.600381][ T3636] ? create_page_buffers+0x244/0x4b0 [ 56.605681][ T3636] __block_write_begin_int+0x54c/0x1a80 [ 56.611249][ T3636] ? __mark_inode_dirty+0x24a/0x600 [ 56.616483][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.621433][ T3636] ? page_zero_new_buffers+0x940/0x940 [ 56.626899][ T3636] ? PageHeadHuge+0x8a/0x1d0 [ 56.631499][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.636432][ T3636] block_write_begin+0x93/0x1e0 [ 56.641284][ T3636] ? jfs_write_begin+0x16/0x60 [ 56.646052][ T3636] jfs_write_begin+0x2d/0x60 [ 56.650653][ T3636] generic_perform_write+0x2e4/0x5e0 [ 56.655957][ T3636] ? jfs_write_begin+0x60/0x60 [ 56.660722][ T3636] ? generic_file_direct_write+0x610/0x610 [ 56.666533][ T3636] ? __file_remove_privs+0x6c0/0x6c0 [ 56.671826][ T3636] ? generic_write_checks+0x15c/0x1c0 [ 56.677209][ T3636] __generic_file_write_iter+0x176/0x400 [ 56.682859][ T3636] generic_file_write_iter+0xab/0x310 [ 56.688231][ T3636] do_iter_write+0x6c2/0xc20 [ 56.692847][ T3636] ? rcu_read_lock_sched_held+0x87/0x110 [ 56.698478][ T3636] ? vfs_iter_write+0xa0/0xa0 [ 56.703164][ T3636] ? PageUptodate+0xe7/0x2b0 [ 56.707763][ T3636] ? vfs_iter_write+0x69/0xa0 [ 56.712447][ T3636] iter_file_splice_write+0x7fc/0xfc0 [ 56.717852][ T3636] ? splice_from_pipe+0x200/0x200 [ 56.722886][ T3636] ? __fsnotify_parent+0x4fa/0x710 [ 56.727997][ T3636] ? splice_shrink_spd+0xb0/0xb0 [ 56.732942][ T3636] ? __fsnotify_update_child_dentry_flags+0x2d0/0x2d0 [ 56.739711][ T3636] ? splice_from_pipe+0x200/0x200 [ 56.744746][ T3636] direct_splice_actor+0xe6/0x1c0 [ 56.749779][ T3636] splice_direct_to_actor+0x4e4/0xc00 [ 56.755180][ T3636] ? do_splice_direct+0x3d0/0x3d0 [ 56.760223][ T3636] ? pipe_to_sendpage+0x340/0x340 [ 56.765346][ T3636] ? bpf_lsm_file_permission+0x5/0x10 [ 56.770722][ T3636] ? security_file_permission+0xe0/0x5c0 [ 56.776365][ T3636] do_splice_direct+0x279/0x3d0 [ 56.781252][ T3636] ? splice_direct_to_actor+0xc00/0xc00 [ 56.786827][ T3636] ? rcu_read_lock_any_held+0xb1/0x130 [ 56.792298][ T3636] ? apparmor_file_permission+0x270/0x310 [ 56.798032][ T3636] do_sendfile+0x5fb/0xf80 [ 56.802456][ T3636] ? ptrace_stop+0x74d/0x970 [ 56.807053][ T3636] ? do_pwritev+0x350/0x350 [ 56.811574][ T3636] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.816782][ T3636] ? ptrace_notify+0x245/0x340 [ 56.821551][ T3636] __se_sys_sendfile64+0x14f/0x1b0 [ 56.826671][ T3636] ? __x64_sys_sendfile64+0xa0/0xa0 [ 56.831877][ T3636] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 56.837869][ T3636] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 56.843864][ T3636] do_syscall_64+0x3d/0xb0 [ 56.848284][ T3636] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.854182][ T3636] RIP: 0033:0x7f12751c65e9 [ 56.858596][ T3636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.878201][ T3636] RSP: 002b:00007f12751512f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 56.886612][ T3636] RAX: ffffffffffffffda RBX: 00007f12752517f0 RCX: 00007f12751c65e9 [ 56.894579][ T3636] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 56.902550][ T3636] RBP: 00007f127521e0e4 R08: 0000000000000000 R09: 0000000000000000 [ 56.910513][ T3636] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 65732f636f72702f [ 56.918478][ T3636] R13: 0030656c69662f2e R14: 0031656c69662f2e R15: 00007f12752517f8 [ 56.926460][ T3636] [ 56.936561][ T3636] ================================================================================ [ 56.937035][ T3635] ================================================================================ [ 56.946364][ T3636] Kernel panic - not syncing: panic_on_warn set ... [ 56.946376][ T3636] CPU: 0 PID: 3636 Comm: syz-executor352 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 [ 56.946395][ T3636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 56.946404][ T3636] Call Trace: [ 56.946411][ T3636] [ 56.946418][ T3636] dump_stack_lvl+0x1b1/0x28e [ 56.946444][ T3636] ? nf_tcp_handle_invalid+0x62e/0x62e [ 56.946462][ T3636] ? panic+0x710/0x710 [ 56.946478][ T3636] ? __irq_work_queue_local+0x121/0x180 [ 56.946505][ T3636] ? vscnprintf+0x59/0x80 [ 56.946528][ T3636] panic+0x2d6/0x710 [ 56.946548][ T3636] ? __ubsan_handle_out_of_bounds+0x100/0x130 [ 56.946572][ T3636] ? memcpy_page_flushcache+0xfc/0xfc [ 56.946592][ T3636] ? panic+0x710/0x710 [ 56.946625][ T3636] __ubsan_handle_out_of_bounds+0x121/0x130 [ 56.946655][ T3636] txCommit+0x3fb5/0x6d40 [ 56.946733][ T3636] ? txLinelock+0x180/0x180 [ 56.946762][ T3636] ? txBegin+0x511/0x690 [ 56.946794][ T3636] jfs_commit_inode+0x342/0x5a0 [ 56.946816][ T3636] ? jfs_iget+0x3b0/0x3b0 [ 56.946829][ T3636] ? jfs_evict_inode+0x440/0x440 [ 56.946858][ T3636] extAlloc+0xc93/0xff0 [ 56.946895][ T3636] ? jfs_ioc_trim+0x660/0x660 [ 56.946916][ T3636] ? down_read_non_owner+0xa0/0xa0 [ 56.946944][ T3636] jfs_get_block+0x342/0xce0 [ 56.946972][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.946999][ T3636] ? create_page_buffers+0x244/0x4b0 [ 56.947027][ T3636] __block_write_begin_int+0x54c/0x1a80 [ 56.947074][ T3636] ? __mark_inode_dirty+0x24a/0x600 [ 56.947093][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.947109][ T3636] ? page_zero_new_buffers+0x940/0x940 [ 56.947131][ T3636] ? PageHeadHuge+0x8a/0x1d0 [ 56.947158][ T3636] ? jfs_dirty_inode+0x240/0x240 [ 56.947173][ T3636] block_write_begin+0x93/0x1e0 [ 56.947194][ T3636] ? jfs_write_begin+0x16/0x60 [ 56.947213][ T3636] jfs_write_begin+0x2d/0x60 [ 56.947231][ T3636] generic_perform_write+0x2e4/0x5e0 [ 56.947265][ T3636] ? jfs_write_begin+0x60/0x60 [ 56.947283][ T3636] ? generic_file_direct_write+0x610/0x610 [ 56.947306][ T3636] ? __file_remove_privs+0x6c0/0x6c0 [ 56.947329][ T3636] ? generic_write_checks+0x15c/0x1c0 [ 56.947362][ T3636] __generic_file_write_iter+0x176/0x400 [ 56.947391][ T3636] generic_file_write_iter+0xab/0x310 [ 56.947416][ T3636] do_iter_write+0x6c2/0xc20 [ 56.947450][ T3636] ? rcu_read_lock_sched_held+0x87/0x110 [ 56.947471][ T3636] ? vfs_iter_write+0xa0/0xa0 [ 56.947506][ T3636] ? PageUptodate+0xe7/0x2b0 [ 56.947529][ T3636] ? vfs_iter_write+0x69/0xa0 [ 56.947555][ T3636] iter_file_splice_write+0x7fc/0xfc0 [ 56.947606][ T3636] ? splice_from_pipe+0x200/0x200 [ 56.947635][ T3636] ? __fsnotify_parent+0x4fa/0x710 [ 56.947653][ T3636] ? splice_shrink_spd+0xb0/0xb0 [ 56.947685][ T3636] ? __fsnotify_update_child_dentry_flags+0x2d0/0x2d0 [ 56.947713][ T3636] ? splice_from_pipe+0x200/0x200 [ 56.947739][ T3636] direct_splice_actor+0xe6/0x1c0 [ 56.947767][ T3636] splice_direct_to_actor+0x4e4/0xc00 [ 56.947809][ T3636] ? do_splice_direct+0x3d0/0x3d0 [ 56.947833][ T3636] ? pipe_to_sendpage+0x340/0x340 [ 56.947861][ T3636] ? bpf_lsm_file_permission+0x5/0x10 [ 56.947880][ T3636] ? security_file_permission+0xe0/0x5c0 [ 56.947908][ T3636] do_splice_direct+0x279/0x3d0 [ 56.947939][ T3636] ? splice_direct_to_actor+0xc00/0xc00 [ 56.947961][ T3636] ? rcu_read_lock_any_held+0xb1/0x130 [ 56.947983][ T3636] ? apparmor_file_permission+0x270/0x310 [ 56.948015][ T3636] do_sendfile+0x5fb/0xf80 [ 56.948044][ T3636] ? ptrace_stop+0x74d/0x970 [ 56.948073][ T3636] ? do_pwritev+0x350/0x350 [ 56.948100][ T3636] ? _raw_spin_unlock_irq+0x2a/0x40 [ 56.948123][ T3636] ? ptrace_notify+0x245/0x340 [ 56.948148][ T3636] __se_sys_sendfile64+0x14f/0x1b0 [ 56.948175][ T3636] ? __x64_sys_sendfile64+0xa0/0xa0 [ 56.948200][ T3636] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 56.948226][ T3636] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 56.948250][ T3636] do_syscall_64+0x3d/0xb0 [ 56.948268][ T3636] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 56.948286][ T3636] RIP: 0033:0x7f12751c65e9 [ 56.948304][ T3636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.948319][ T3636] RSP: 002b:00007f12751512f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 56.948339][ T3636] RAX: ffffffffffffffda RBX: 00007f12752517f0 RCX: 00007f12751c65e9 [ 56.948353][ T3636] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 56.948364][ T3636] RBP: 00007f127521e0e4 R08: 0000000000000000 R09: 0000000000000000 [ 56.948376][ T3636] R10: 000080001d00c0d0 R11: 0000000000000246 R12: 65732f636f72702f [ 56.948389][ T3636] R13: 0030656c69662f2e R14: 0031656c69662f2e R15: 00007f12752517f8 [ 56.948422][ T3636] [ 56.955408][ T3636] Kernel Offset: disabled [ 57.419540][ T3636] Rebooting in 86400 seconds..