./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1290702427 <...> Warning: Permanently added '10.128.0.69' (ED25519) to the list of known hosts. execve("./syz-executor1290702427", ["./syz-executor1290702427"], 0x7ffcb9487900 /* 10 vars */) = 0 brk(NULL) = 0x55555669c000 brk(0x55555669cd00) = 0x55555669cd00 arch_prctl(ARCH_SET_FS, 0x55555669c380) = 0 set_tid_address(0x55555669c650) = 5032 set_robust_list(0x55555669c660, 24) = 0 rseq(0x55555669cca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1290702427", 4096) = 28 getrandom("\x4c\x17\xed\xd3\xcb\x52\x85\x33", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555669cd00 brk(0x5555566bdd00) = 0x5555566bdd00 brk(0x5555566be000) = 0x5555566be000 mprotect(0x7f19eecc0000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555669c650) = 5033 ./strace-static-x86_64: Process 5033 attached [pid 5033] set_robust_list(0x55555669c660, 24) = 0 [pid 5033] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5033] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5033] setsid() = 1 [pid 5033] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5033] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5033] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5033] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5033] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5033] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5033] unshare(CLONE_NEWNS) = 0 [pid 5033] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5033] unshare(CLONE_NEWIPC) = 0 [pid 5033] unshare(CLONE_NEWCGROUP) = 0 [pid 5033] unshare(CLONE_NEWUTS) = 0 [pid 5033] unshare(CLONE_SYSVSEM) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "16777216", 8) = 8 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "536870912", 9) = 9 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "1024", 4) = 4 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "8192", 4) = 4 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "1024", 4) = 4 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "1024", 4) = 4 [pid 5033] close(3) = 0 [pid 5033] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5033] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5033] close(3) = 0 [pid 5033] getpid() = 1 [pid 5033] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [ 53.463450][ T5033] dump_stack_lvl+0xd9/0x1b0 [ 53.468128][ T5033] print_report+0xc4/0x620 [ 53.472550][ T5033] ? __virt_addr_valid+0x5e/0x2d0 [ 53.477571][ T5033] ? __phys_addr+0xc6/0x140 [ 53.482069][ T5033] kasan_report+0xda/0x110 [ 53.486485][ T5033] ? udf_close_lvid+0x508/0x5c0 [ 53.491425][ T5033] ? udf_close_lvid+0x508/0x5c0 [ 53.496277][ T5033] udf_close_lvid+0x508/0x5c0 [ 53.500951][ T5033] udf_put_super+0x19c/0x200 [ 53.505537][ T5033] ? udf_close_lvid+0x5c0/0x5c0 [ 53.510384][ T5033] generic_shutdown_super+0x158/0x480 [ 53.515765][ T5033] kill_block_super+0x3b/0xc0 [ 53.520437][ T5033] deactivate_locked_super+0x9a/0x170 [ 53.525807][ T5033] deactivate_super+0xde/0x100 [ 53.530569][ T5033] cleanup_mnt+0x222/0x3d0 [ 53.534980][ T5033] task_work_run+0x14d/0x240 [ 53.539573][ T5033] ? task_work_cancel+0x30/0x30 [ 53.544445][ T5033] ? __put_net+0x61/0x70 [ 53.548687][ T5033] do_exit+0xa99/0x2a20 [ 53.553118][ T5033] ? do_group_exit+0x1c5/0x2a0 [ 53.557884][ T5033] ? reacquire_held_locks+0x4b0/0x4b0 [ 53.563258][ T5033] ? do_raw_spin_lock+0x12e/0x2b0 [ 53.568284][ T5033] ? mm_update_next_owner+0x850/0x850 [ 53.573669][ T5033] ? spin_bug+0x1d0/0x1d0 [ 53.577997][ T5033] ? rcu_is_watching+0x12/0xb0 [ 53.582755][ T5033] do_group_exit+0xd4/0x2a0 [ 53.587277][ T5033] __x64_sys_exit_group+0x3e/0x50 [ 53.592829][ T5033] do_syscall_64+0x38/0xb0 [ 53.597349][ T5033] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.603258][ T5033] RIP: 0033:0x7f19eec2b989 [ 53.607664][ T5033] Code: Unable to access opcode bytes at 0x7f19eec2b95f. [ 53.614668][ T5033] RSP: 002b:00007ffdddc55be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 53.623276][ T5033] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f19eec2b989 [ 53.631244][ T5033] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 53.639208][ T5033] RBP: 00007f19eecc62d0 R08: ffffffffffffffb8 R09: 0000000000000000 [ 53.647262][ T5033] R10: 0000000000000022 R11: 0000000000000246 R12: 00007f19eecc62d0 [ 53.655227][ T5033] R13: 0000000000000000 R14: 00007f19eecc7040 R15: 00007f19eebf9eb0 [ 53.663283][ T5033] [ 53.666403][ T5033] [ 53.668805][ T5033] The buggy address belongs to the physical page: [ 53.675203][ T5033] page:ffffea0002a60c00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa9830 [ 53.685349][ T5033] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 53.692450][ T5033] page_type: 0xffffffff() [ 53.696771][ T5033] raw: 00fff00000000000 ffffea0002a60c08 ffffea0002a60c08 0000000000000000 [ 53.705357][ T5033] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 53.714102][ T5033] page dumped because: kasan: bad access detected [ 53.720513][ T5033] page_owner info is not present (never set?) [ 53.726571][ T5033] [ 53.728879][ T5033] Memory state around the buggy address: [ 53.734755][ T5033] ffff8880a9830880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 53.742804][ T5033] ffff8880a9830900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 53.750855][ T5033] >ffff8880a9830980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 53.759441][ T5033] ^ [ 53.763517][ T5033] ffff8880a9830a00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 53.771594][ T5033] ffff8880a9830a80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 53.779739][ T5033] ================================================================== [ 53.788645][ T5033] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 53.795863][ T5033] CPU: 1 PID: 5033 Comm: syz-executor129 Not tainted 6.5.0-rc3-next-20230728-syzkaller #0 [ 53.805740][ T5033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 53.815804][ T5033] Call Trace: [ 53.819068][ T5033] [ 53.821989][ T5033] dump_stack_lvl+0xd9/0x1b0 [ 53.826572][ T5033] panic+0x6a4/0x750 [ 53.830451][ T5033] ? panic_smp_self_stop+0xa0/0xa0 [ 53.835548][ T5033] ? preempt_schedule_thunk+0x1a/0x30 [ 53.840923][ T5033] ? preempt_schedule_common+0x45/0xc0 [ 53.846391][ T5033] check_panic_on_warn+0xab/0xb0 [ 53.851313][ T5033] end_report+0x108/0x150 [ 53.855641][ T5033] kasan_report+0xea/0x110 [ 53.860133][ T5033] ? udf_close_lvid+0x508/0x5c0 [ 53.864969][ T5033] ? udf_close_lvid+0x508/0x5c0 [ 53.869819][ T5033] udf_close_lvid+0x508/0x5c0 [ 53.874484][ T5033] udf_put_super+0x19c/0x200 [ 53.879240][ T5033] ? udf_close_lvid+0x5c0/0x5c0 [ 53.884088][ T5033] generic_shutdown_super+0x158/0x480 [ 53.889466][ T5033] kill_block_super+0x3b/0xc0 [ 53.894219][ T5033] deactivate_locked_super+0x9a/0x170 [ 53.899587][ T5033] deactivate_super+0xde/0x100 [ 53.904364][ T5033] cleanup_mnt+0x222/0x3d0 [ 53.908784][ T5033] task_work_run+0x14d/0x240 [ 53.913364][ T5033] ? task_work_cancel+0x30/0x30 [ 53.918287][ T5033] ? __put_net+0x61/0x70 [ 53.922521][ T5033] do_exit+0xa99/0x2a20 [ 53.926675][ T5033] ? do_group_exit+0x1c5/0x2a0 [ 53.931613][ T5033] ? reacquire_held_locks+0x4b0/0x4b0 [ 53.936991][ T5033] ? do_raw_spin_lock+0x12e/0x2b0 [ 53.942006][ T5033] ? mm_update_next_owner+0x850/0x850 [ 53.947375][ T5033] ? spin_bug+0x1d0/0x1d0 [ 53.951762][ T5033] ? rcu_is_watching+0x12/0xb0 [ 53.956513][ T5033] do_group_exit+0xd4/0x2a0 [ 53.961021][ T5033] __x64_sys_exit_group+0x3e/0x50 [ 53.966125][ T5033] do_syscall_64+0x38/0xb0 [ 53.970565][ T5033] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.976453][ T5033] RIP: 0033:0x7f19eec2b989 [ 53.981388][ T5033] Code: Unable to access opcode bytes at 0x7f19eec2b95f. [ 53.988394][ T5033] RSP: 002b:00007ffdddc55be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 53.997068][ T5033] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f19eec2b989 [ 54.005116][ T5033] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 54.013084][ T5033] RBP: 00007f19eecc62d0 R08: ffffffffffffffb8 R09: 0000000000000000 [ 54.021237][ T5033] R10: 0000000000000022 R11: 0000000000000246 R12: 00007f19eecc62d0 [ 54.029232][ T5033] R13: 0000000000000000 R14: 00007f19eecc7040 R15: 00007f19eebf9eb0 [ 54.037207][ T5033] [ 54.040406][ T5033] Kernel Offset: disabled [ 54.044736][ T5033] Rebooting in 86400 seconds..