./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor840010615 <...> Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts. execve("./syz-executor840010615", ["./syz-executor840010615"], 0x7fff70b27e10 /* 10 vars */) = 0 brk(NULL) = 0x555555d18000 brk(0x555555d18c40) = 0x555555d18c40 arch_prctl(ARCH_SET_FS, 0x555555d18300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555555d185d0) = 4998 set_robust_list(0x555555d185e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7f6583fd32e0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f6583fd39b0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7f6583fd3380, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f6583fd39b0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor840010615", 4096) = 27 brk(0x555555d39c40) = 0x555555d39c40 brk(0x555555d3a000) = 0x555555d3a000 mprotect(0x7f658409a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555d185d0) = 4999 ./strace-static-x86_64: Process 4999 attached [pid 4999] set_robust_list(0x555555d185e0, 24) = 0 [pid 4999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 4999] setpgid(0, 0) = 0 [pid 4999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 4999] write(3, "1000", 4) = 4 [pid 4999] close(3) = 0 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6583fa2000 [pid 4999] mprotect(0x7f6583fa3000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 4999] clone(child_stack=0x7f6583fc23f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5000], tls=0x7f6583fc2700, child_tidptr=0x7f6583fc29d0) = 5000 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5000 attached [pid 5000] set_robust_list(0x7f6583fc29e0, 24) = 0 [pid 5000] memfd_create("syzkaller", 0) = 3 [pid 5000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f657bba2000 [ 39.915296][ T5000] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5000 'syz-executor840' [pid 5000] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5000] munmap(0x7f657bba2000, 16777216) = 0 [pid 5000] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5000] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5000] close(3) = 0 [pid 5000] mkdir("./file0", 0777) = 0 [pid 5000] mount("/dev/loop0", "./file0", "jfs", MS_NOEXEC, "errors=continue,discard=0x0000000000000002,discard,integrity,discard=0x000000000000067c,iocharset=cp"...) = 0 [pid 5000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5000] chdir("./file0") = 0 [pid 5000] ioctl(4, LOOP_CLR_FD) = 0 [pid 5000] close(4) = 0 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] openat(AT_FDCWD, "./file0", O_RDONLY) = 4 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 5000] linkat(4, "./file1", 4, "./bus", 0 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 40.018278][ T5000] loop0: detected capacity change from 0 to 32768 [ 40.053073][ T5000] find_entry called with index = 0 [ 40.059212][ T5000] read_mapping_page failed! [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] <... linkat resumed>) = -1 EIO (Input/output error) [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 5000] fspick(AT_FDCWD, ".", 0 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... fspick resumed>) = 5 [pid 4999] <... futex resumed>) = 0 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] <... futex resumed>) = 0 [pid 4999] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5000] futex(0x7f65840a07a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... futex resumed>) = 0 [pid 4999] <... futex resumed>) = 1 [pid 5000] fsconfig(5, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] <... fsconfig resumed>) = 0 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 5000] futex(0x7f65840a07a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 4999] <... futex resumed>) = 0 [pid 5000] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] <... fsconfig resumed>) = 0 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 5000] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 4999] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4999] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5000] <... futex resumed>) = 0 [pid 4999] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5000] linkat(4, "./file1", 4, "./bus", 0 [pid 4999] <... futex resumed>) = 0 [pid 5000] <... linkat resumed>) = -1 EEXIST (File exists) [pid 4999] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5000] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 4999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5000] <... futex resumed>) = 0 [pid 5000] futex(0x7f65840a07a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4999] <... mmap resumed>) = 0x7f657cb81000 [pid 4999] mprotect(0x7f657cb82000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 4999] clone(child_stack=0x7f657cba13f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5002 attached , parent_tid=[5002], tls=0x7f657cba1700, child_tidptr=0x7f657cba19d0) = 5002 [pid 4999] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5002] set_robust_list(0x7f657cba19e0, 24) = 0 [pid 5002] fsconfig(5, FSCONFIG_SET_FLAG, "ro", NULL, 0 [pid 4999] futex(0x7f65840a07bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5002] <... fsconfig resumed>) = -1 EBUSY (Device or resource busy) [pid 5002] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 4999] <... futex resumed>) = 0 [pid 5002] futex(0x7f65840a07b8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 4999] exit_group(0 [pid 5000] <... futex resumed>) = ? [pid 4999] <... exit_group resumed>) = ? [pid 5000] +++ exited with 0 +++ [pid 5002] <... futex resumed>) = ? [pid 5002] +++ exited with 0 +++ [pid 4999] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4999, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5003 attached , child_tidptr=0x555555d185d0) = 5003 [pid 5003] set_robust_list(0x555555d185e0, 24) = 0 [pid 5003] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5003] setpgid(0, 0) = 0 [pid 5003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5003] write(3, "1000", 4) = 4 [pid 5003] close(3) = 0 [pid 5003] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6583fa2000 [ 40.063833][ T5000] ERROR: (device loop0): txAbort: [ 40.063833][ T5000] [pid 5003] mprotect(0x7f6583fa3000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5003] clone(child_stack=0x7f6583fc23f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5004 attached , parent_tid=[5004], tls=0x7f6583fc2700, child_tidptr=0x7f6583fc29d0) = 5004 [pid 5004] set_robust_list(0x7f6583fc29e0, 24) = 0 [pid 5004] futex(0x7f65840a07a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5003] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5004] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5004] memfd_create("syzkaller", 0) = 3 [pid 5004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f657bba2000 [pid 5004] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 [pid 5004] munmap(0x7f657bba2000, 16777216) = 0 [pid 5004] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5004] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5004] ioctl(4, LOOP_CLR_FD) = 0 [pid 5004] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5004] close(4) = 0 [pid 5004] close(3) = 0 [pid 5004] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5004] <... futex resumed>) = 1 [pid 5003] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5004] openat(AT_FDCWD, "./file0", O_RDONLY [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5004] <... openat resumed>) = 3 [pid 5004] futex(0x7f65840a07ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5004] <... futex resumed>) = 1 [ 40.251062][ T5004] ================================================================== [ 40.259147][ T5004] BUG: KASAN: null-ptr-deref in txBegin+0x186/0xa10 [ 40.265717][ T5004] Read of size 8 at addr 0000000000000040 by task syz-executor840/5004 [ 40.274110][ T5004] [ 40.276423][ T5004] CPU: 1 PID: 5004 Comm: syz-executor840 Not tainted 6.4.0-rc5-syzkaller-00016-ga4d7d7011219 #0 [ 40.286808][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 40.296858][ T5004] Call Trace: [pid 5004] linkat(3, "./file1", 3, "./bus", 0 [pid 5003] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5003] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f657cb81000 [pid 5003] mprotect(0x7f657cb82000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5003] clone(child_stack=0x7f657cba13f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5005], tls=0x7f657cba1700, child_tidptr=0x7f657cba19d0) = 5005 [pid 5003] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5005 attached [pid 5005] set_robust_list(0x7f657cba19e0, 24) = 0 [pid 5005] fspick(AT_FDCWD, ".", 0) = -1 EINVAL (Invalid argument) [pid 5005] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5005] <... futex resumed>) = 1 [pid 5005] fsconfig(-1, FSCONFIG_SET_FLAG, "ro", NULL, 0) = -1 EINVAL (Invalid argument) [pid 5005] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5005] <... futex resumed>) = 1 [pid 5005] fsconfig(-1, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5005] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5005] <... futex resumed>) = 1 [pid 5005] fsconfig(-1, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 5005] futex(0x7f65840a07bc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5003] futex(0x7f65840a07b8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f657cb60000 [pid 5003] mprotect(0x7f657cb61000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5003] clone(child_stack=0x7f657cb803f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5006], tls=0x7f657cb80700, child_tidptr=0x7f657cb809d0) = 5006 [pid 5003] futex(0x7f65840a07c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5003] futex(0x7f65840a07cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5005] <... futex resumed>) = 1 [pid 5005] linkat(3, "./file1", 3, "./bus", 0./strace-static-x86_64: Process 5006 attached [pid 5006] set_robust_list(0x7f657cb809e0, 24) = 0 [pid 5006] fsconfig(-1, FSCONFIG_SET_FLAG, "ro", NULL, 0) = -1 EINVAL (Invalid argument) [pid 5006] futex(0x7f65840a07cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5003] <... futex resumed>) = 0 [pid 5006] <... futex resumed>) = 1 [ 40.300122][ T5004] [ 40.303050][ T5004] dump_stack_lvl+0xd9/0x150 [ 40.307673][ T5004] ? txBegin+0x186/0xa10 [ 40.311914][ T5004] kasan_report+0xec/0x130 [ 40.316314][ T5004] ? txBegin+0x186/0xa10 [ 40.320547][ T5004] kasan_check_range+0x141/0x190 [ 40.325489][ T5004] txBegin+0x186/0xa10 [ 40.329562][ T5004] ? txExit+0x40/0x40 [ 40.333540][ T5004] jfs_link+0x201/0x520 [ 40.337710][ T5004] ? jfs_symlink+0x1190/0x1190 [ 40.342467][ T5004] ? lock_sync+0x190/0x190 [ 40.346866][ T5004] ? down_write+0x14f/0x200 [ 40.351368][ T5004] ? rwsem_down_write_slowpath+0x1220/0x1220 [ 40.357327][ T5004] ? bpf_lsm_inode_link+0x9/0x10 [ 40.362252][ T5004] vfs_link+0x5c7/0xa90 [ 40.366394][ T5004] ? security_path_link+0xf3/0x130 [ 40.371508][ T5004] do_linkat+0x448/0x5e0 [ 40.375754][ T5004] ? __ia32_sys_symlink+0x90/0x90 [ 40.380778][ T5004] ? getname_flags.part.0+0x1dd/0x4f0 [ 40.386133][ T5004] __x64_sys_linkat+0xf4/0x130 [ 40.391402][ T5004] do_syscall_64+0x39/0xb0 [ 40.395809][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd [pid 5006] futex(0x7f65840a07c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5003] exit_group(0 [pid 5006] <... futex resumed>) = ? [pid 5003] <... exit_group resumed>) = ? [pid 5006] +++ exited with 0 +++ [ 40.401712][ T5004] RIP: 0033:0x7f6584016259 [ 40.406130][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 40.425738][ T5004] RSP: 002b:00007f6583fc22f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 40.434222][ T5004] RAX: ffffffffffffffda RBX: 00007f65840a07a0 RCX: 00007f6584016259 [ 40.442186][ T5004] RDX: 0000000000000003 RSI: 0000000020000040 RDI: 0000000000000003 [ 40.450136][ T5004] RBP: 00007f658406d024 R08: 0000000000000000 R09: 0000000000000000 [ 40.458090][ T5004] R10: 0000000020000080 R11: 0000000000000246 R12: 0030656c69662f2e [ 40.466041][ T5004] R13: 0031656c69662f2e R14: 2c33363870633d74 R15: 00007f65840a07a8 [ 40.473994][ T5004] [ 40.476994][ T5004] ================================================================== [ 40.485346][ T5004] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 40.492531][ T5004] CPU: 1 PID: 5004 Comm: syz-executor840 Not tainted 6.4.0-rc5-syzkaller-00016-ga4d7d7011219 #0 [ 40.502923][ T5004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 40.512961][ T5004] Call Trace: [ 40.516223][ T5004] [ 40.519143][ T5004] dump_stack_lvl+0xd9/0x150 [ 40.523728][ T5004] panic+0x686/0x730 [ 40.527622][ T5004] ? panic_smp_self_stop+0xa0/0xa0 [ 40.532724][ T5004] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 40.538875][ T5004] check_panic_on_warn+0xb1/0xc0 [ 40.543802][ T5004] end_report+0xe9/0x120 [ 40.548032][ T5004] ? txBegin+0x186/0xa10 [ 40.552257][ T5004] kasan_report+0xf9/0x130 [ 40.556661][ T5004] ? txBegin+0x186/0xa10 [ 40.560896][ T5004] kasan_check_range+0x141/0x190 [ 40.565816][ T5004] txBegin+0x186/0xa10 [ 40.569872][ T5004] ? txExit+0x40/0x40 [ 40.573846][ T5004] jfs_link+0x201/0x520 [ 40.578013][ T5004] ? jfs_symlink+0x1190/0x1190 [ 40.582796][ T5004] ? lock_sync+0x190/0x190 [ 40.587217][ T5004] ? down_write+0x14f/0x200 [ 40.591720][ T5004] ? rwsem_down_write_slowpath+0x1220/0x1220 [ 40.597713][ T5004] ? bpf_lsm_inode_link+0x9/0x10 [ 40.602644][ T5004] vfs_link+0x5c7/0xa90 [ 40.606787][ T5004] ? security_path_link+0xf3/0x130 [ 40.611890][ T5004] do_linkat+0x448/0x5e0 [ 40.616171][ T5004] ? __ia32_sys_symlink+0x90/0x90 [ 40.621236][ T5004] ? getname_flags.part.0+0x1dd/0x4f0 [ 40.626604][ T5004] __x64_sys_linkat+0xf4/0x130 [ 40.631368][ T5004] do_syscall_64+0x39/0xb0 [ 40.635788][ T5004] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 40.641773][ T5004] RIP: 0033:0x7f6584016259 [ 40.646199][ T5004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 40.665806][ T5004] RSP: 002b:00007f6583fc22f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 40.674213][ T5004] RAX: ffffffffffffffda RBX: 00007f65840a07a0 RCX: 00007f6584016259 [ 40.682174][ T5004] RDX: 0000000000000003 RSI: 0000000020000040 RDI: 0000000000000003 [ 40.690139][ T5004] RBP: 00007f658406d024 R08: 0000000000000000 R09: 0000000000000000 [ 40.698100][ T5004] R10: 0000000020000080 R11: 0000000000000246 R12: 0030656c69662f2e [ 40.706098][ T5004] R13: 0031656c69662f2e R14: 2c33363870633d74 R15: 00007f65840a07a8 [ 40.714172][ T5004] [ 40.717942][ T5004] Kernel Offset: disabled [ 40.722262][ T5004] Rebooting in 86400 seconds..