./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor42514052 <...> Warning: Permanently added '10.128.1.43' (ED25519) to the list of known hosts. execve("./syz-executor42514052", ["./syz-executor42514052"], 0x7fffdc652390 /* 10 vars */) = 0 brk(NULL) = 0x555556531000 brk(0x555556531d00) = 0x555556531d00 arch_prctl(ARCH_SET_FS, 0x555556531380) = 0 set_tid_address(0x555556531650) = 5010 set_robust_list(0x555556531660, 24) = 0 rseq(0x555556531ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor42514052", 4096) = 26 getrandom("\x29\x54\xb7\x52\xbf\x81\xaa\x0f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556531d00 brk(0x555556552d00) = 0x555556552d00 brk(0x555556553000) = 0x555556553000 mprotect(0x7f4f829e2000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5011 attached , child_tidptr=0x555556531650) = 5011 [pid 5011] set_robust_list(0x555556531660, 24) = 0 [pid 5011] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5011] setpgid(0, 0) = 0 [pid 5011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5011] write(3, "1000", 4) = 4 [pid 5011] close(3) = 0 [pid 5011] memfd_create("syzkaller", 0) = 3 [pid 5011] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4f7a400000 [pid 5011] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 8192) = 8192 [pid 5011] munmap(0x7f4f7a400000, 138412032) = 0 [pid 5011] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5011] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5011] close(3) = 0 [pid 5011] close(4) = 0 [pid 5011] mkdir("./file2", 0777) = 0 [pid 5011] mount("/dev/loop0", "./file2", "erofs", 0, "user_xattr,noacl,noacl,acl,noacl,noacl,nouser_xattr,noacl,") = 0 [pid 5011] openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY) = 3 [pid 5011] chdir("./file2") = 0 [pid 5011] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5011] ioctl(4, LOOP_CLR_FD) = 0 [pid 5011] close(4) = 0 [ 146.006814][ T5011] loop0: detected capacity change from 0 to 16 [ 146.033290][ T5011] erofs: (device loop0): mounted with root inode @ nid 36. [ 146.060542][ T4393] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 0] out[9000] [ 146.148855][ T4393] ===================================================== [ 146.156198][ T4393] BUG: KMSAN: uninit-value in hex_dump_to_buffer+0xae9/0x10f0 [ 146.164009][ T4393] hex_dump_to_buffer+0xae9/0x10f0 [ 146.169355][ T4393] print_hex_dump+0x13d/0x3e0 [ 146.174328][ T4393] z_erofs_lz4_decompress+0x257e/0x2a70 [ 146.180100][ T4393] z_erofs_decompress_queue+0x338c/0x6460 [ 146.186147][ T4393] z_erofs_decompressqueue_work+0x57/0x70 [ 146.192190][ T4393] process_scheduled_works+0x104e/0x1e70 [ 146.198039][ T4393] worker_thread+0xf45/0x1490 [ 146.203022][ T4393] kthread+0x3ed/0x540 [ 146.207635][ T4393] ret_from_fork+0x66/0x80 [ 146.212331][ T4393] ret_from_fork_asm+0x11/0x20 [ 146.217377][ T4393] [ 146.219791][ T4393] Uninit was created at: [ 146.224424][ T4393] __alloc_pages+0x9a4/0xe00 [ 146.229210][ T4393] alloc_pages_mpol+0x62b/0x9d0 [ 146.234338][ T4393] folio_alloc+0x1da/0x380 [ 146.238952][ T4393] filemap_alloc_folio+0xa5/0x430 [ 146.244293][ T4393] page_cache_ra_unbounded+0x2cc/0x960 [ 146.249971][ T4393] page_cache_ra_order+0xfeb/0x10a0 [ 146.255459][ T4393] ondemand_readahead+0x132b/0x1710 [ 146.260855][ T4393] page_cache_sync_ra+0x724/0x760 [ 146.266248][ T4393] filemap_get_pages+0x4c7/0x2c90 [ 146.271478][ T4393] filemap_read+0x59e/0x14d0 [ 146.276382][ T4393] generic_file_read_iter+0x136/0xad0 [ 146.282089][ T4393] __kernel_read+0x3bb/0x9e0 [ 146.286848][ T4393] integrity_kernel_read+0x77/0x90 [ 146.292227][ T4393] ima_calc_file_hash+0x1743/0x3cc0 [ 146.297626][ T4393] ima_collect_measurement+0x44d/0xdd0 [ 146.303467][ T4393] process_measurement+0x2936/0x3ef0 [ 146.308951][ T4393] ima_file_check+0xb3/0x100 [ 146.313816][ T4393] path_openat+0x4d05/0x5ac0 [ 146.318595][ T4393] do_filp_open+0x20d/0x590 [ 146.324305][ T4393] do_sys_openat2+0x1bf/0x2f0 [ 146.329221][ T4393] __x64_sys_open+0x275/0x2d0 [ 146.334183][ T4393] do_syscall_64+0x6d/0x140 [ 146.338912][ T4393] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 146.345120][ T4393] [ 146.347544][ T4393] CPU: 0 PID: 4393 Comm: kworker/u5:1 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0 [ 146.358884][ T4393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 146.369365][ T4393] Workqueue: erofs_worker z_erofs_decompressqueue_work [ 146.376997][ T4393] ===================================================== [ 146.384203][ T4393] Disabling lock debugging due to kernel taint [ 146.390479][ T4393] Kernel panic - not syncing: kmsan.panic set ... [ 146.397130][ T4393] CPU: 0 PID: 4393 Comm: kworker/u5:1 Tainted: G B 6.7.0-syzkaller-00562-g9f8413c4a66f #0 [ 146.408879][ T4393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 146.419190][ T4393] Workqueue: erofs_worker z_erofs_decompressqueue_work [ 146.426290][ T4393] Call Trace: [ 146.429689][ T4393] [ 146.432819][ T4393] dump_stack_lvl+0x1bf/0x240 [ 146.439598][ T4393] dump_stack+0x1e/0x20 [ 146.444067][ T4393] panic+0x4de/0xc90 [ 146.448182][ T4393] ? add_taint+0x108/0x1a0 [ 146.452814][ T4393] kmsan_report+0x2d0/0x2d0 [ 146.457577][ T4393] ? __msan_warning+0x96/0x110 [ 146.462558][ T4393] ? hex_dump_to_buffer+0xae9/0x10f0 [ 146.468101][ T4393] ? print_hex_dump+0x13d/0x3e0 [ 146.473164][ T4393] ? z_erofs_lz4_decompress+0x257e/0x2a70 [ 146.479098][ T4393] ? z_erofs_decompress_queue+0x338c/0x6460 [ 146.485202][ T4393] ? z_erofs_decompressqueue_work+0x57/0x70 [ 146.491313][ T4393] ? process_scheduled_works+0x104e/0x1e70 [ 146.497489][ T4393] ? worker_thread+0xf45/0x1490 [ 146.502513][ T4393] ? kthread+0x3ed/0x540 [ 146.506942][ T4393] ? ret_from_fork+0x66/0x80 [ 146.511758][ T4393] ? ret_from_fork_asm+0x11/0x20 [ 146.516885][ T4393] ? prb_read_valid+0x6a/0x80 [ 146.521769][ T4393] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 146.527818][ T4393] ? vprintk_emit+0x9ef/0xbd0 [ 146.532716][ T4393] ? vprintk_default+0x3e/0x50 [ 146.537677][ T4393] ? vprintk+0xea/0xf0 [ 146.541940][ T4393] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 146.547983][ T4393] __msan_warning+0x96/0x110 [ 146.553143][ T4393] hex_dump_to_buffer+0xae9/0x10f0 [ 146.558511][ T4393] print_hex_dump+0x13d/0x3e0 [ 146.563451][ T4393] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 146.569494][ T4393] z_erofs_lz4_decompress+0x257e/0x2a70 [ 146.575487][ T4393] z_erofs_decompress_queue+0x338c/0x6460 [ 146.581523][ T4393] z_erofs_decompressqueue_work+0x57/0x70 [ 146.587466][ T4393] ? z_erofs_decompress_kickoff+0x400/0x400 [ 146.593602][ T4393] process_scheduled_works+0x104e/0x1e70 [ 146.599496][ T4393] worker_thread+0xf45/0x1490 [ 146.604390][ T4393] kthread+0x3ed/0x540 [ 146.608678][ T4393] ? pr_cont_work+0xce0/0xce0 [ 146.613553][ T4393] ? kthread_blkcg+0x120/0x120 [ 146.618531][ T4393] ret_from_fork+0x66/0x80 [ 146.623330][ T4393] ? kthread_blkcg+0x120/0x120 [ 146.628307][ T4393] ret_from_fork_asm+0x11/0x20 [ 146.633370][ T4393] [ 146.636740][ T4393] Kernel Offset: disabled [ 146.641121][ T4393] Rebooting in 86400 seconds..