[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.18' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 49.307329][ T8485] BTRFS: device fsid 5530427a-b60a-45b2-8f46-de9e9441bba5 devid 1 transid 7 /dev/loop5 scanned by syz-executor102 (8485) [ 49.336171][ T8485] BTRFS info (device loop5): disk space caching is enabled [ 49.345083][ T8485] BTRFS info (device loop5): has skinny extents executing program [ 49.356558][ T8488] BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor102 (8488) [ 49.369923][ T8486] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8486) [ 49.385378][ T8484] BTRFS warning (device ): duplicate device /dev/loop2 devid 1 generation 7 scanned by syz-executor102 (8484) executing program executing program [ 49.485862][ T8489] BTRFS warning (device ): duplicate device /dev/loop3 devid 1 generation 7 scanned by syz-executor102 (8489) [ 49.518919][ T8490] BTRFS warning (device ): duplicate device /dev/loop4 devid 1 generation 7 scanned by syz-executor102 (8490) executing program [ 49.617928][ T173] BTRFS error (device loop5): bad tree block start, want 5267456 have 0 [ 49.628942][ T8500] BTRFS warning (device loop5): duplicate device /dev/loop0 devid 1 generation 7 scanned by systemd-udevd (8500) [ 49.639456][ T8485] BTRFS warning (device loop5): failed to read root (objectid=7): -5 executing program executing program executing program executing program executing program [ 49.855096][ T8485] BTRFS error (device loop5): open_ctree failed [ 49.862277][ T8539] BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor102 (8539) [ 49.876493][ T8535] BTRFS warning (device ): duplicate device /dev/loop5 devid 1 generation 7 scanned by systemd-udevd (8535) [ 49.905644][ T8556] BTRFS info (device loop2): disk space caching is enabled [ 49.913631][ T8556] BTRFS info (device loop2): has skinny extents [ 49.951643][ T173] BTRFS error (device loop2): bad tree block start, want 5267456 have 0 [ 49.970244][ T8556] BTRFS warning (device loop2): failed to read root (objectid=7): -5 [ 50.008361][ T8560] BTRFS warning (device loop2): duplicate device /dev/loop3 devid 1 generation 7 scanned by syz-executor102 (8560) executing program executing program executing program executing program [ 50.218785][ T8556] BTRFS error (device loop2): open_ctree failed [ 50.227332][ T8560] BTRFS: device fsid 5530427a-b60a-45b2-8f46-de9e9441bba5 devid 0 transid 0 /dev/loop3 scanned by syz-executor102 (8560) executing program [ 50.412679][ T8592] BTRFS info (device loop4): disk space caching is enabled [ 50.426118][ T8592] BTRFS info (device loop4): has skinny extents [ 50.427254][ T8595] BTRFS warning (device ): duplicate device /dev/loop5 devid 1 generation 7 scanned by syz-executor102 (8595) [ 50.445560][ T8599] BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor102 (8599) executing program executing program executing program [ 50.543012][ T8600] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8600) [ 50.564948][ T8610] BTRFS warning (device ): duplicate device /dev/loop3 devid 1 generation 7 scanned by syz-executor102 (8610) [ 50.580189][ T8592] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here executing program executing program executing program [ 50.623006][ T8545] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by systemd-udevd (8545) [ 50.636899][ T8592] BTRFS error (device loop4): failed to read chunk tree: -22 [ 50.654749][ T8500] BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by systemd-udevd (8500) executing program executing program [ 50.760005][ T8592] BTRFS error (device loop4): open_ctree failed [ 50.760319][ T8642] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8642) [ 50.781582][ T8556] BTRFS info (device loop4): disk space caching is enabled executing program [ 50.809403][ T8556] BTRFS info (device loop4): has skinny extents executing program executing program executing program [ 50.923135][ T8556] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here [ 50.957718][ T8556] BTRFS error (device loop4): failed to read chunk tree: -22 [ 50.958314][ T8678] BTRFS warning (device ): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor102 (8678) executing program executing program [ 51.022613][ T8556] BTRFS error (device loop4): open_ctree failed [ 51.048663][ T8595] BTRFS info (device loop4): disk space caching is enabled [ 51.058726][ T8595] BTRFS info (device loop4): has skinny extents executing program executing program executing program executing program executing program executing program executing program [ 51.141410][ T8595] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here [ 51.165429][ T8595] BTRFS error (device loop4): failed to read chunk tree: -22 [ 51.166440][ T8701] BTRFS warning (device ): duplicate device /dev/loop2 devid 1 generation 7 scanned by syz-executor102 (8701) executing program executing program [ 51.242576][ T8595] BTRFS error (device loop4): open_ctree failed [ 51.253558][ T8610] BTRFS info (device loop4): disk space caching is enabled [ 51.260791][ T8610] BTRFS info (device loop4): has skinny extents executing program executing program [ 51.283174][ T8610] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here [ 51.296534][ T8610] BTRFS error (device loop4): failed to read chunk tree: -22 executing program executing program executing program executing program executing program executing program [ 51.408029][ T8610] BTRFS error (device loop4): open_ctree failed executing program executing program [ 51.456950][ T8642] BTRFS info (device loop4): disk space caching is enabled [ 51.470937][ T8642] BTRFS info (device loop4): has skinny extents executing program executing program [ 51.514320][ T8642] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here [ 51.541590][ T8642] BTRFS error (device loop4): failed to read chunk tree: -22 [ 51.542482][ T8778] BTRFS warning (device ): duplicate device /dev/loop3 devid 1 generation 7 scanned by syz-executor102 (8778) executing program [ 51.591551][ T8642] BTRFS error (device loop4): open_ctree failed [ 51.600668][ T8678] BTRFS info (device loop4): disk space caching is enabled [ 51.609594][ T8678] BTRFS info (device loop4): has skinny extents executing program executing program executing program executing program [ 51.685234][ T8796] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8796) executing program executing program executing program executing program executing program executing program [ 51.782697][ T8518] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by systemd-udevd (8518) executing program executing program executing program [ 51.862437][ T8678] BTRFS error (device loop4): super_num_devices 1 mismatch with num_devices 1 found here [ 51.920869][ T8678] BTRFS error (device loop4): failed to read chunk tree: -22 executing program executing program [ 51.994274][ T8819] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8819) [ 52.020141][ T8678] BTRFS error (device loop4): open_ctree failed executing program executing program executing program [ 52.043492][ T8518] BTRFS warning (device ): duplicate device /dev/loop1 devid 1 generation 7 scanned by systemd-udevd (8518) [ 52.061247][ T8701] BTRFS info (device loop4): disk space caching is enabled [ 52.079090][ T8701] BTRFS info (device loop4): has skinny extents executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 52.282821][ T173] BTRFS error (device loop4): bad tree block start, want 5267456 have 0 [ 52.291578][ T8701] BTRFS warning (device loop4): failed to read root (objectid=7): -5 [ 52.317370][ T8848] BTRFS warning (device loop4): duplicate device /dev/loop0 devid 1 generation 7 scanned by syz-executor102 (8848) executing program executing program [ 52.394812][ T8701] BTRFS error (device loop4): open_ctree failed [ 52.401820][ T8856] BTRFS warning (device loop4): duplicate device /dev/loop1 devid 1 generation 7 scanned by syz-executor102 (8856) [ 52.428297][ T8745] BTRFS info (device loop4): disk space caching is enabled executing program executing program [ 52.445655][ T8745] BTRFS info (device loop4): has skinny extents [ 52.492093][ T8518] ================================================================== [ 52.500361][ T8518] BUG: KASAN: slab-out-of-bounds in btrfs_printk+0x421/0x46b [ 52.507737][ T8518] Read of size 8 at addr ffff8880146246a0 by task systemd-udevd/8518 [ 52.515793][ T8518] [ 52.518128][ T8518] CPU: 0 PID: 8518 Comm: systemd-udevd Not tainted 5.10.0-rc2-syzkaller #0 [ 52.526707][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.536765][ T8518] Call Trace: executing program [ 52.540063][ T8518] dump_stack+0x137/0x1be [ 52.544408][ T8518] print_address_description+0x6c/0x660 [ 52.550228][ T8518] ? printk+0x62/0x83 [ 52.554217][ T8518] ? wake_up_klogd+0xb2/0xf0 [ 52.558815][ T8518] kasan_report+0x136/0x1e0 [ 52.563325][ T8518] ? btrfs_printk+0x421/0x46b [ 52.568007][ T8518] btrfs_printk+0x421/0x46b [ 52.572541][ T8518] device_list_add+0x1a94/0x1d60 [ 52.577503][ T8518] btrfs_scan_one_device+0x2e1/0x460 [ 52.582804][ T8518] btrfs_control_ioctl+0xd1/0x210 executing program [ 52.587838][ T8518] ? trace_raw_output_btrfs__space_info_update+0x130/0x130 [ 52.595036][ T8518] __se_sys_ioctl+0xfb/0x170 [ 52.599633][ T8518] do_syscall_64+0x2d/0x70 [ 52.604055][ T8518] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 52.609951][ T8518] RIP: 0033:0x7f7f94bc0017 [ 52.614370][ T8518] Code: 00 00 00 48 8b 05 81 7e 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 51 7e 2b 00 f7 d8 64 89 01 48 [ 52.633980][ T8518] RSP: 002b:00007ffc3c7245f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 executing program executing program executing program executing program executing program executing program [ 52.642410][ T8518] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7f94bc0017 [ 52.650391][ T8518] RDX: 00007ffc3c724610 RSI: 0000000090009427 RDI: 000000000000000f [ 52.658406][ T8518] RBP: 00007ffc3c724610 R08: 0000000000000000 R09: 0000000000000018 [ 52.666388][ T8518] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000f [ 52.674364][ T8518] R13: 0000000000000000 R14: 0000564c3b1752c0 R15: 0000564c3b162060 [ 52.682357][ T8518] [ 52.684952][ T8518] Allocated by task 8745: executing program executing program executing program executing program executing program executing program executing program [ 52.689294][ T8518] __kasan_kmalloc+0x111/0x140 [ 52.694064][ T8518] slab_post_alloc_hook+0x3e/0x2b0 [ 52.699179][ T8518] kmem_cache_alloc_node+0x144/0x280 [ 52.704468][ T8518] alloc_unbound_pwq+0x591/0x1060 [ 52.709496][ T8518] apply_wqattrs_prepare+0x3d2/0xcb0 [ 52.714784][ T8518] apply_workqueue_attrs_locked+0xcd/0x7b0 [ 52.720590][ T8518] alloc_workqueue+0xe7e/0x1480 [ 52.725446][ T8518] __btrfs_alloc_workqueue+0x181/0x2d0 [ 52.730913][ T8518] btrfs_alloc_workqueue+0x8c/0x1b0 [ 52.736112][ T8518] open_ctree+0x1243/0x3b3b executing program executing program executing program executing program executing program executing program [ 52.740617][ T8518] btrfs_mount_root+0x9b8/0xb60 [ 52.745469][ T8518] legacy_get_tree+0xea/0x180 [ 52.750146][ T8518] vfs_get_tree+0x88/0x270 [ 52.754566][ T8518] vfs_kern_mount+0xc9/0x160 [ 52.759162][ T8518] btrfs_mount+0x345/0xa80 [ 52.763581][ T8518] legacy_get_tree+0xea/0x180 [ 52.768259][ T8518] vfs_get_tree+0x88/0x270 [ 52.772677][ T8518] path_mount+0x17b4/0x2a20 [ 52.777185][ T8518] __se_sys_mount+0x28c/0x320 [ 52.781866][ T8518] do_syscall_64+0x2d/0x70 [ 52.786298][ T8518] entry_SYSCALL_64_after_hwframe+0x44/0xa9 executing program executing program executing program executing program executing program executing program executing program [ 52.792179][ T8518] [ 52.794516][ T8518] The buggy address belongs to the object at ffff888014624400 [ 52.794516][ T8518] which belongs to the cache pool_workqueue of size 512 [ 52.808840][ T8518] The buggy address is located 160 bytes to the right of [ 52.808840][ T8518] 512-byte region [ffff888014624400, ffff888014624600) [ 52.822630][ T8518] The buggy address belongs to the page: [ 52.828277][ T8518] page:000000006b59311c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14624 executing program executing program executing program executing program executing program executing program [ 52.838440][ T8518] head:000000006b59311c order:2 compound_mapcount:0 compound_pincount:0 [ 52.846768][ T8518] flags: 0xfff00000010200(slab|head) [ 52.852074][ T8518] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff88801044dc80 [ 52.860669][ T8518] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 52.869279][ T8518] page dumped because: kasan: bad access detected [ 52.875690][ T8518] [ 52.878022][ T8518] Memory state around the buggy address: [ 52.883658][ T8518] ffff888014624580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 52.891724][ T8518] ffff888014624600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.899795][ T8518] >ffff888014624680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.907858][ T8518] ^ [ 52.912977][ T8518] ffff888014624700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.921047][ T8518] ffff888014624780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.929106][ T8518] ================================================================== [ 52.937251][ T8518] Disabling lock debugging due to kernel taint executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 52.952368][ T8518] Kernel panic - not syncing: panic_on_warn set ... [ 52.958982][ T8518] CPU: 0 PID: 8518 Comm: systemd-udevd Tainted: G B 5.10.0-rc2-syzkaller #0 [ 52.968968][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.979042][ T8518] Call Trace: [ 52.982328][ T8518] dump_stack+0x137/0x1be [ 52.986658][ T8518] ? panic+0x1f3/0x800 [ 52.990723][ T8518] panic+0x291/0x800 [ 52.994615][ T8518] ? preempt_schedule_thunk+0x16/0x18 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 52.999979][ T8518] ? trace_hardirqs_on+0x30/0x80 [ 53.004915][ T8518] kasan_report+0x1da/0x1e0 [ 53.009411][ T8518] ? btrfs_printk+0x421/0x46b [ 53.014082][ T8518] btrfs_printk+0x421/0x46b [ 53.018584][ T8518] device_list_add+0x1a94/0x1d60 [ 53.023524][ T8518] btrfs_scan_one_device+0x2e1/0x460 [ 53.028808][ T8518] btrfs_control_ioctl+0xd1/0x210 [ 53.033828][ T8518] ? trace_raw_output_btrfs__space_info_update+0x130/0x130 [ 53.041014][ T8518] __se_sys_ioctl+0xfb/0x170 [ 53.045599][ T8518] do_syscall_64+0x2d/0x70 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 53.050010][ T8518] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 53.055892][ T8518] RIP: 0033:0x7f7f94bc0017 [ 53.060302][ T8518] Code: 00 00 00 48 8b 05 81 7e 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 51 7e 2b 00 f7 d8 64 89 01 48 [ 53.079898][ T8518] RSP: 002b:00007ffc3c7245f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.088316][ T8518] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7f94bc0017 executing program executing program executing program executing program executing program [ 53.096289][ T8518] RDX: 00007ffc3c724610 RSI: 0000000090009427 RDI: 000000000000000f [ 53.104262][ T8518] RBP: 00007ffc3c724610 R08: 0000000000000000 R09: 0000000000000018 [ 53.112318][ T8518] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000f [ 53.120288][ T8518] R13: 0000000000000000 R14: 0000564c3b1752c0 R15: 0000564c3b162060 [ 53.128964][ T8518] Kernel Offset: disabled [ 53.133384][ T8518] Rebooting in 86400 seconds..