[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started getty on tty2-tty6 if dbus and logind are not available.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.75' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [  533.747689][ T6867] BTRFS: device fsid b07af5b6-36df-491d-894c-080d92d619ce devid 1 transid 5 /dev/loop0 scanned by syz-executor040 (6867)
[  533.774969][ T6872] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop2
[  533.790937][ T6867] BTRFS info (device loop0): setting nodatacow, compression disabled
[  533.802724][ T6867] BTRFS info (device loop0): force clearing of disk cache
[  533.810765][ T6867] BTRFS info (device loop0): turning off barriers
[  533.817974][ T6867] BTRFS info (device loop0): disk space caching is enabled
[  533.828507][ T6867] BTRFS info (device loop0): has skinny extents
[  533.834880][ T6867] BTRFS info (device loop0): flagging fs with big metadata feature
[  533.862656][ T6873] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop5
[  533.891855][ T6880] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop1
[  534.012098][ T6874] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop4
[  534.026816][ T6875] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop3
[  534.068556][  T425] BTRFS error (device loop0): bad tree block start, want 30474240 have 0
[  534.077862][  T425] BTRFS error (device loop0): bad tree block start, want 30474240 have 0
[  534.086628][ T6867] BTRFS warning (device loop0): failed to read root (objectid=7): -5
executing program
executing program
executing program
executing program
executing program
[  534.207760][ T6867] BTRFS error (device loop0): open_ctree failed
[  534.216093][ T6875] BTRFS: device fsid b07af5b6-36df-491d-894c-080d92d619ce devid 0 transid 0 /dev/loop3 scanned by syz-executor040 (6875)
[  534.242577][ T6934] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop2
[  534.262543][ T6875] BTRFS info (device loop0): setting nodatacow, compression disabled
[  534.273099][ T6875] BTRFS info (device loop0): disk space caching is enabled
executing program
[  534.300636][ T6942] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop5
[  534.316162][ T6875] BTRFS info (device loop0): has skinny extents
[  534.322582][ T6875] BTRFS info (device loop0): flagging fs with big metadata feature
executing program
executing program
[  534.357295][ T6938] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop4
executing program
executing program
executing program
[  534.421170][ T6884] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop2
[  534.445701][ T6939] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop1
executing program
executing program
executing program
executing program
executing program
[  534.503631][ T6875] BTRFS error (device loop0): super_num_devices 1 mismatch with num_devices 1 found here
[  534.516592][ T6875] BTRFS error (device loop0): failed to read chunk tree: -22
[  534.525350][ T6942] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:0 old:/dev/loop3 new:/dev/loop5
executing program
[  534.570461][ T6944] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop4
executing program
executing program
executing program
executing program
[  534.607214][ T6943] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop1
executing program
executing program
[  534.707777][ T6976] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop0 new:/dev/loop2
executing program
[  534.799514][ T6875] BTRFS error (device loop0): open_ctree failed
executing program
executing program
executing program
[  534.915055][ T7000] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop1
[  534.925928][ T6989] BTRFS info (device loop5): setting nodatacow, compression disabled
[  534.938892][ T6989] BTRFS info (device loop5): force clearing of disk cache
[  534.946434][ T6989] BTRFS info (device loop5): turning off barriers
[  534.953813][ T6989] BTRFS info (device loop5): disk space caching is enabled
[  534.962012][ T6989] BTRFS info (device loop5): has skinny extents
[  534.969412][ T6989] BTRFS info (device loop5): flagging fs with big metadata feature
[  534.982027][ T7010] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop0
[  534.999088][ T7011] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop3
[  535.088449][ T7012] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop4
[  535.106099][ T6989] BTRFS error (device loop5): super_num_devices 1 mismatch with num_devices 1 found here
[  535.118037][ T6989] BTRFS error (device loop5): failed to read chunk tree: -22
executing program
executing program
executing program
[  535.167114][ T6989] BTRFS error (device loop5): open_ctree failed
[  535.176179][ T6976] BTRFS info (device loop5): setting nodatacow, compression disabled
[  535.186265][ T6976] BTRFS info (device loop5): disk space caching is enabled
[  535.195278][ T6976] BTRFS info (device loop5): has skinny extents
[  535.202652][ T6976] BTRFS info (device loop5): flagging fs with big metadata feature
executing program
executing program
executing program
[  535.252260][ T6976] BTRFS error (device loop5): super_num_devices 1 mismatch with num_devices 1 found here
[  535.264140][ T6976] BTRFS error (device loop5): failed to read chunk tree: -22
executing program
executing program
executing program
[  535.309195][ T6976] BTRFS error (device loop5): open_ctree failed
[  535.319997][ T7000] BTRFS info (device loop5): setting nodatacow, compression disabled
[  535.333284][ T7000] BTRFS info (device loop5): disk space caching is enabled
[  535.341285][ T7000] BTRFS info (device loop5): has skinny extents
[  535.348896][ T7000] BTRFS info (device loop5): flagging fs with big metadata feature
[  535.379428][ T7079] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop2
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  535.533148][ T6895] BTRFS warning (device <unknown>): duplicate device fsid:devid for b07af5b6-36df-491d-894c-080d92d619ce:1 old:/dev/loop5 new:/dev/loop2
executing program
executing program
executing program
executing program
executing program
[  535.584890][ T6951] BTRFS error (device loop5): bad tree block start, want 30474240 have 0
[  535.607873][ T6951] BTRFS error (device loop5): bad tree block start, want 30474240 have 0
[  535.616563][ T7000] BTRFS warning (device loop5): failed to read root (objectid=7): -5
executing program
executing program
executing program
executing program
executing program
executing program
[  535.735063][ T7000] BTRFS error (device loop5): open_ctree failed
[  535.750844][ T7010] BTRFS info (device loop5): setting nodatacow, compression disabled
[  535.774150][ T7010] BTRFS info (device loop5): disk space caching is enabled
[  535.783295][ T7010] BTRFS info (device loop5): has skinny extents
[  535.791679][ T7010] BTRFS info (device loop5): flagging fs with big metadata feature
[  535.812977][ T7133] ==================================================================
[  535.821261][ T7133] BUG: KASAN: use-after-free in btrfs_printk+0x3eb/0x435
executing program
[  535.828302][ T7133] Read of size 8 at addr ffff8880917c86a8 by task syz-executor040/7133
[  535.836532][ T7133] 
[  535.838857][ T7133] CPU: 1 PID: 7133 Comm: syz-executor040 Not tainted 5.9.0-rc7-syzkaller #0
[  535.847513][ T7133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  535.857674][ T7133] Call Trace:
[  535.861086][ T7133]  dump_stack+0x1d6/0x29e
[  535.865463][ T7133]  print_address_description+0x66/0x620
[  535.871104][ T7133]  ? printk+0x62/0x83
executing program
executing program
executing program
[  535.883169][ T7133]  ? _raw_spin_lock_irqsave+0x84/0xd0
[  535.888551][ T7133]  ? vprintk_emit+0x2f0/0x370
[  535.893233][ T7133]  kasan_report+0x132/0x1d0
[  535.897738][ T7133]  ? btrfs_printk+0x3eb/0x435
[  535.902424][ T7133]  btrfs_printk+0x3eb/0x435
[  535.907081][ T7133]  ? rcu_lock_acquire+0x5/0x30
[  535.912010][ T7133]  ? lock_is_held_type+0xb3/0xe0
[  535.916948][ T7133]  device_list_add+0x1a88/0x1d60
[  535.921874][ T7133]  btrfs_scan_one_device+0x196/0x490
[  535.927183][ T7133]  btrfs_mount_root+0x48f/0xb60
executing program
executing program
executing program
[  535.932119][ T7133]  ? rcu_read_lock_sched_held+0x2f/0xa0
[  535.937668][ T7133]  ? trace_kfree+0xb2/0x100
[  535.942245][ T7133]  ? vfs_parse_fs_string+0x150/0x1e0
[  535.947568][ T7133]  legacy_get_tree+0xea/0x180
[  535.952243][ T7133]  ? btrfs_control_open+0x40/0x40
[  535.957313][ T7133]  vfs_get_tree+0x88/0x270
[  535.961778][ T7133]  vfs_kern_mount+0xc9/0x160
[  535.966402][ T7133]  btrfs_mount+0x33c/0xae0
[  535.970853][ T7133]  ? rcu_read_lock_sched_held+0x2f/0xa0
[  535.976515][ T7133]  ? cap_capable+0x23f/0x280
[  535.981123][ T7133]  legacy_get_tree+0xea/0x180
[  535.985802][ T7133]  ? btrfs_resize_thread_pool+0x250/0x250
[  535.991552][ T7133]  vfs_get_tree+0x88/0x270
[  535.995976][ T7133]  path_mount+0x179d/0x29e0
[  536.000512][ T7133]  __se_sys_mount+0x126/0x180
[  536.005228][ T7133]  do_syscall_64+0x31/0x70
[  536.009648][ T7133]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  536.015563][ T7133] RIP: 0033:0x448dca
[  536.019471][ T7133] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  536.039088][ T7133] RSP: 002b:00007ffe5e36c648 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5
[  536.047526][ T7133] RAX: ffffffffffffffda RBX: 00007ffe5e36c6a0 RCX: 0000000000448dca
[  536.055505][ T7133] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe5e36c660
[  536.063493][ T7133] RBP: 00007ffe5e36c660 R08: 00007ffe5e36c6a0 R09: 0000000000000000
[  536.071502][ T7133] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000004c
[  536.079512][ T7133] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003
[  536.087511][ T7133] 
[  536.089844][ T7133] Allocated by task 7000:
[  536.094202][ T7133]  __kasan_kmalloc+0x100/0x130
[  536.099061][ T7133]  kvmalloc_node+0x81/0x110
[  536.103571][ T7133]  btrfs_mount_root+0xd0/0xb60
[  536.108342][ T7133]  legacy_get_tree+0xea/0x180
[  536.113045][ T7133]  vfs_get_tree+0x88/0x270
[  536.117502][ T7133]  vfs_kern_mount+0xc9/0x160
[  536.122118][ T7133]  btrfs_mount+0x33c/0xae0
[  536.126534][ T7133]  legacy_get_tree+0xea/0x180
[  536.131213][ T7133]  vfs_get_tree+0x88/0x270
executing program
[  536.135634][ T7133]  path_mount+0x179d/0x29e0
[  536.140188][ T7133]  __se_sys_mount+0x126/0x180
[  536.144901][ T7133]  do_syscall_64+0x31/0x70
[  536.149346][ T7133]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  536.155235][ T7133] 
[  536.157562][ T7133] Freed by task 7000:
[  536.161570][ T7133]  kasan_set_track+0x3d/0x70
[  536.166272][ T7133]  kasan_set_free_info+0x17/0x30
[  536.171213][ T7133]  __kasan_slab_free+0xdd/0x110
[  536.176063][ T7133]  kfree+0x113/0x200
[  536.179959][ T7133]  deactivate_locked_super+0xa7/0xf0
executing program
[  536.185245][ T7133]  btrfs_mount_root+0x72b/0xb60
[  536.190096][ T7133]  legacy_get_tree+0xea/0x180
[  536.194770][ T7133]  vfs_get_tree+0x88/0x270
[  536.199186][ T7133]  vfs_kern_mount+0xc9/0x160
[  536.203783][ T7133]  btrfs_mount+0x33c/0xae0
[  536.208199][ T7133]  legacy_get_tree+0xea/0x180
[  536.212909][ T7133]  vfs_get_tree+0x88/0x270
[  536.217330][ T7133]  path_mount+0x179d/0x29e0
[  536.221838][ T7133]  __se_sys_mount+0x126/0x180
[  536.226520][ T7133]  do_syscall_64+0x31/0x70
[  536.230939][ T7133]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  536.236850][ T7133] 
[  536.239176][ T7133] The buggy address belongs to the object at ffff8880917c8000
[  536.239176][ T7133]  which belongs to the cache kmalloc-16k of size 16384
[  536.253412][ T7133] The buggy address is located 1704 bytes inside of
[  536.253412][ T7133]  16384-byte region [ffff8880917c8000, ffff8880917cc000)
[  536.266938][ T7133] The buggy address belongs to the page:
[  536.272686][ T7133] page:00000000b363edf7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x917c8
[  536.282865][ T7133] head:00000000b363edf7 order:3 compound_mapcount:0 compound_pincount:0
[  536.291223][ T7133] flags: 0xfffe0000010200(slab|head)
[  536.296510][ T7133] raw: 00fffe0000010200 ffffea0002841e08 ffffea0002853a08 ffff8880aa440b00
[  536.305094][ T7133] raw: 0000000000000000 ffff8880917c8000 0000000100000001 0000000000000000
[  536.313695][ T7133] page dumped because: kasan: bad access detected
[  536.320131][ T7133] 
[  536.322455][ T7133] Memory state around the buggy address:
[  536.328143][ T7133]  ffff8880917c8580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  536.336209][ T7133]  ffff8880917c8600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  536.344277][ T7133] >ffff8880917c8680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  536.352342][ T7133]                                   ^
[  536.357718][ T7133]  ffff8880917c8700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  536.365794][ T7133]  ffff8880917c8780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  536.373897][ T7133] ==================================================================
executing program
executing program
[  536.381966][ T7133] Disabling lock debugging due to kernel taint
[  536.405236][ T7133] Kernel panic - not syncing: panic_on_warn set ...
[  536.411876][ T7133] CPU: 1 PID: 7133 Comm: syz-executor040 Tainted: G    B             5.9.0-rc7-syzkaller #0
[  536.421924][ T7133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  536.431970][ T7133] Call Trace:
[  536.435260][ T7133]  dump_stack+0x1d6/0x29e
[  536.439710][ T7133]  panic+0x2c0/0x800
[  536.443669][ T7133]  ? trace_hardirqs_on+0x30/0x80
[  536.448608][ T7133]  kasan_report+0x1c9/0x1d0
[  536.453120][ T7133]  ? btrfs_printk+0x3eb/0x435
[  536.457827][ T7133]  btrfs_printk+0x3eb/0x435
[  536.462324][ T7133]  ? rcu_lock_acquire+0x5/0x30
[  536.467087][ T7133]  ? lock_is_held_type+0xb3/0xe0
[  536.472045][ T7133]  device_list_add+0x1a88/0x1d60
[  536.476979][ T7133]  btrfs_scan_one_device+0x196/0x490
[  536.482286][ T7133]  btrfs_mount_root+0x48f/0xb60
[  536.487161][ T7133]  ? rcu_read_lock_sched_held+0x2f/0xa0
[  536.492702][ T7133]  ? trace_kfree+0xb2/0x100
[  536.497223][ T7133]  ? vfs_parse_fs_string+0x150/0x1e0
[  536.502506][ T7133]  legacy_get_tree+0xea/0x180
[  536.507185][ T7133]  ? btrfs_control_open+0x40/0x40
[  536.512235][ T7133]  vfs_get_tree+0x88/0x270
[  536.516643][ T7133]  vfs_kern_mount+0xc9/0x160
[  536.521223][ T7133]  btrfs_mount+0x33c/0xae0
[  536.525616][ T7133]  ? rcu_read_lock_sched_held+0x2f/0xa0
[  536.531135][ T7133]  ? cap_capable+0x23f/0x280
[  536.535725][ T7133]  legacy_get_tree+0xea/0x180
[  536.540389][ T7133]  ? btrfs_resize_thread_pool+0x250/0x250
[  536.546095][ T7133]  vfs_get_tree+0x88/0x270
[  536.550506][ T7133]  path_mount+0x179d/0x29e0
[  536.555007][ T7133]  __se_sys_mount+0x126/0x180
[  536.559673][ T7133]  do_syscall_64+0x31/0x70
[  536.564103][ T7133]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  536.569969][ T7133] RIP: 0033:0x448dca
[  536.573861][ T7133] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd a2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 aa a2 fb ff c3 66 0f 1f 84 00 00 00 00 00
[  536.593446][ T7133] RSP: 002b:00007ffe5e36c648 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5
[  536.601843][ T7133] RAX: ffffffffffffffda RBX: 00007ffe5e36c6a0 RCX: 0000000000448dca
[  536.609806][ T7133] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe5e36c660
[  536.617777][ T7133] RBP: 00007ffe5e36c660 R08: 00007ffe5e36c6a0 R09: 0000000000000000
[  536.625722][ T7133] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000004c
[  536.633672][ T7133] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003
[  536.642765][ T7133] Kernel Offset: disabled
[  536.647080][ T7133] Rebooting in 86400 seconds..