./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1717045629 <...> Warning: Permanently added '10.128.1.75' (ED25519) to the list of known hosts. execve("./syz-executor1717045629", ["./syz-executor1717045629"], 0x7ffdb7857e90 /* 10 vars */) = 0 brk(NULL) = 0x55556beb8000 brk(0x55556beb8d00) = 0x55556beb8d00 arch_prctl(ARCH_SET_FS, 0x55556beb8380) = 0 set_tid_address(0x55556beb8650) = 5829 set_robust_list(0x55556beb8660, 24) = 0 rseq(0x55556beb8ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1717045629", 4096) = 28 getrandom("\xfe\x3e\xe7\x29\x47\x53\xbd\x09", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556beb8d00 brk(0x55556bed9d00) = 0x55556bed9d00 brk(0x55556beda000) = 0x55556beda000 mprotect(0x7f9c34958000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached , child_tidptr=0x55556beb8650) = 5830 [pid 5830] set_robust_list(0x55556beb8660, 24) = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5830] setpgid(0, 0) = 0 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5830] write(3, "1000", 4) = 4 [pid 5830] close(3) = 0 executing program [pid 5830] write(1, "executing program\n", 18) = 18 [pid 5830] memfd_create("syzkaller", 0) = 3 [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9c2c400000 [pid 5830] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216 [pid 5830] munmap(0x7f9c2c400000, 138412032) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5830] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5830] close(3) = 0 [pid 5830] close(4) = 0 [pid 5830] mkdir("./file1", 0777) = 0 [ 81.431070][ T5830] loop0: detected capacity change from 0 to 32768 [ 81.483275][ T5830] ======================================================= [ 81.483275][ T5830] WARNING: The mand mount option has been deprecated and [ 81.483275][ T5830] and is ignored by this kernel. Remove the mand [ 81.483275][ T5830] option from the mount to silence this warning. [ 81.483275][ T5830] ======================================================= [ 81.522988][ T5830] (syz-executor171,5830,1):ocfs2_read_locked_inode:550 ERROR: bug expression: !!(fe->i_flags & cpu_to_le32(OCFS2_SYSTEM_FL)) != !!(args->fi_flags & OCFS2_FI_FLAG_SYSFILE) [ 81.540759][ T5830] (syz-executor171,5830,1):ocfs2_read_locked_inode:550 ERROR: Inode 66: system file state is ambiguous [ 81.552595][ T5830] ------------[ cut here ]------------ [ 81.558085][ T5830] kernel BUG at fs/ocfs2/inode.c:550! [ 81.563682][ T5830] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 81.570656][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor171 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0 [ 81.581757][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 81.591813][ T5830] RIP: 0010:ocfs2_iget+0x207c/0x2170 [ 81.597209][ T5830] Code: 00 e8 08 fb 6a fe 4c 8b 84 24 c0 01 00 00 4c 89 ff 48 c7 c6 d7 08 34 8e ba 26 02 00 00 48 c7 c1 60 79 69 8c e8 45 25 18 00 90 <0f> 0b e8 5d 42 06 fe 90 0f 0b e8 55 42 06 fe 31 db 65 ff 0d e4 37 [ 81.616811][ T5830] RSP: 0018:ffffc90003e7edc0 EFLAGS: 00010246 [ 81.622889][ T5830] RAX: 9e5202339a76b900 RBX: ffffc90003e7ef20 RCX: 9e5202339a76b900 [ 81.630857][ T5830] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 81.638820][ T5830] RBP: ffffc90003e7f050 R08: ffffffff81a135ec R09: 1ffff920007cfd28 [ 81.646785][ T5830] R10: dffffc0000000000 R11: fffff520007cfd29 R12: dffffc0000000000 [ 81.654750][ T5830] R13: ffff88807cbb96b8 R14: 1000000000000000 R15: ffffc90003e7ef40 [ 81.662730][ T5830] FS: 000055556beb8380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 81.671668][ T5830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.678251][ T5830] CR2: 00007f9cb3195ed8 CR3: 000000007b822000 CR4: 00000000003526f0 [ 81.686241][ T5830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.694207][ T5830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.702174][ T5830] Call Trace: [ 81.705448][ T5830] [ 81.708393][ T5830] ? __die_body+0x5f/0xb0 [ 81.712728][ T5830] ? die+0x9e/0xc0 [ 81.716451][ T5830] ? do_trap+0x15a/0x3a0 [ 81.720693][ T5830] ? ocfs2_iget+0x207c/0x2170 [ 81.725367][ T5830] ? do_error_trap+0x1dc/0x2c0 [ 81.730127][ T5830] ? ocfs2_iget+0x207c/0x2170 [ 81.734809][ T5830] ? __pfx_do_error_trap+0x10/0x10 [ 81.739924][ T5830] ? report_bug+0x3e8/0x500 [ 81.744464][ T5830] ? handle_invalid_op+0x34/0x40 [ 81.749396][ T5830] ? ocfs2_iget+0x207c/0x2170 [ 81.754066][ T5830] ? exc_invalid_op+0x38/0x50 [ 81.758734][ T5830] ? asm_exc_invalid_op+0x1a/0x20 [ 81.763763][ T5830] ? __wake_up_klogd+0xcc/0x110 [ 81.768638][ T5830] ? ocfs2_iget+0x207c/0x2170 [ 81.773312][ T5830] ? stack_depot_save_flags+0x7b4/0x940 [ 81.778870][ T5830] ? __pfx_ocfs2_iget+0x10/0x10 [ 81.783732][ T5830] ? kasan_save_track+0x51/0x80 [ 81.788601][ T5830] ? kasan_save_track+0x3f/0x80 [ 81.793462][ T5830] ? __kasan_kmalloc+0x98/0xb0 [ 81.798242][ T5830] ? __kmalloc_cache_noprof+0x243/0x390 [ 81.803788][ T5830] ? ocfs2_new_dlm_debug+0x97/0x200 [ 81.808984][ T5830] ? ocfs2_fill_super+0x4dd2/0x74d0 [ 81.814219][ T5830] ? get_tree_bdev_flags+0x48c/0x5c0 [ 81.819503][ T5830] ? do_new_mount+0x2be/0xb40 [ 81.824171][ T5830] ? __se_sys_mount+0x2d6/0x3c0 [ 81.829020][ T5830] ? do_syscall_64+0xf3/0x230 [ 81.833700][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.839790][ T5830] ocfs2_init_global_system_inodes+0x172/0x730 [ 81.845950][ T5830] ? __pfx_ocfs2_init_global_system_inodes+0x10/0x10 [ 81.852632][ T5830] ? __kmalloc_cache_noprof+0x243/0x390 [ 81.858258][ T5830] ? ocfs2_new_dlm_debug+0x97/0x200 [ 81.863457][ T5830] ? ocfs2_new_dlm_debug+0xb5/0x200 [ 81.868654][ T5830] ? __pfx_ocfs2_new_dlm_debug+0x10/0x10 [ 81.874284][ T5830] ? rcu_is_watching+0x15/0xb0 [ 81.879066][ T5830] ? trace_ocfs2_initialize_super+0x9e/0x230 [ 81.885049][ T5830] ocfs2_fill_super+0x4e53/0x74d0 [ 81.890074][ T5830] ? __pfx___bfs+0x10/0x10 [ 81.894500][ T5830] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 81.899874][ T5830] ? __pfx_check_noncircular+0x10/0x10 [ 81.905355][ T5830] ? lockdep_unlock+0x16a/0x300 [ 81.910212][ T5830] ? __pfx_lockdep_unlock+0x10/0x10 [ 81.915412][ T5830] ? validate_chain+0x15c0/0x5920 [ 81.920926][ T5830] ? __pfx_validate_chain+0x10/0x10 [ 81.926129][ T5830] ? __pfx_validate_chain+0x10/0x10 [ 81.931343][ T5830] ? validate_chain+0x11e/0x5920 [ 81.936310][ T5830] ? mark_lock+0x9a/0x360 [ 81.940739][ T5830] ? __pfx_validate_chain+0x10/0x10 [ 81.945967][ T5830] ? string+0x270/0x2b0 [ 81.950132][ T5830] ? widen_string+0x3a/0x280 [ 81.954723][ T5830] ? string+0x270/0x2b0 [ 81.958969][ T5830] ? bdev_name+0x2d5/0x420 [ 81.963561][ T5830] ? pointer+0x764/0x1210 [ 81.967939][ T5830] ? bdev_open+0x882/0xc50 [ 81.972348][ T5830] ? __pfx_lock_release+0x10/0x10 [ 81.977373][ T5830] ? __pfx_pointer+0x10/0x10 [ 81.981960][ T5830] ? mark_lock+0x9a/0x360 [ 81.986293][ T5830] ? format_decode+0x56c/0xca0 [ 81.991059][ T5830] ? vsnprintf+0x1152/0x1220 [ 81.995656][ T5830] ? snprintf+0xda/0x120 [ 81.999900][ T5830] ? __pfx_lock_release+0x10/0x10 [ 82.004948][ T5830] ? do_raw_spin_lock+0x14f/0x370 [ 82.009979][ T5830] ? __pfx_snprintf+0x10/0x10 [ 82.014664][ T5830] ? set_blocksize+0x1fc/0x360 [ 82.019437][ T5830] ? sb_set_blocksize+0x98/0xf0 [ 82.024300][ T5830] ? setup_bdev_super+0x4e6/0x5d0 [ 82.029339][ T5830] get_tree_bdev_flags+0x48c/0x5c0 [ 82.034468][ T5830] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 82.040105][ T5830] ? __pfx_ocfs2_fill_super+0x10/0x10 [ 82.045488][ T5830] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 82.051126][ T5830] ? cap_capable+0x139/0x450 [ 82.055723][ T5830] ? safesetid_security_capable+0xb2/0x1d0 [ 82.061545][ T5830] vfs_get_tree+0x90/0x2b0 [ 82.065971][ T5830] do_new_mount+0x2be/0xb40 [ 82.070504][ T5830] ? __pfx_do_new_mount+0x10/0x10 [ 82.075530][ T5830] __se_sys_mount+0x2d6/0x3c0 [ 82.080294][ T5830] ? __pfx___se_sys_mount+0x10/0x10 [ 82.085494][ T5830] ? do_syscall_64+0x100/0x230 [ 82.090270][ T5830] ? __x64_sys_mount+0x20/0xc0 [ 82.095032][ T5830] do_syscall_64+0xf3/0x230 [ 82.099547][ T5830] ? clear_bhb_loop+0x35/0x90 [ 82.104234][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.110141][ T5830] RIP: 0033:0x7f9c348e1e2a [ 82.114566][ T5830] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 82.134180][ T5830] RSP: 002b:00007ffc05c95b38 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 82.142599][ T5830] RAX: ffffffffffffffda RBX: 00007ffc05c95b50 RCX: 00007f9c348e1e2a [ 82.150568][ T5830] RDX: 0000200000004440 RSI: 0000200000000040 RDI: 00007ffc05c95b50 [ 82.158540][ T5830] RBP: 0000200000000040 R08: 00007ffc05c95b90 R09: 000000000000442d [ 82.166536][ T5830] R10: 00000000000008c0 R11: 0000000000000282 R12: 0000200000004440 [ 82.174508][ T5830] R13: 00007ffc05c95b90 R14: 0000000000000003 R15: 00000000000008c0 [ 82.182487][ T5830] [ 82.185519][ T5830] Modules linked in: [ 82.189701][ T5830] ---[ end trace 0000000000000000 ]--- [ 82.198401][ T5830] RIP: 0010:ocfs2_iget+0x207c/0x2170 [ 82.203782][ T5830] Code: 00 e8 08 fb 6a fe 4c 8b 84 24 c0 01 00 00 4c 89 ff 48 c7 c6 d7 08 34 8e ba 26 02 00 00 48 c7 c1 60 79 69 8c e8 45 25 18 00 90 <0f> 0b e8 5d 42 06 fe 90 0f 0b e8 55 42 06 fe 31 db 65 ff 0d e4 37 [ 82.223469][ T5830] RSP: 0018:ffffc90003e7edc0 EFLAGS: 00010246 [ 82.229595][ T5830] RAX: 9e5202339a76b900 RBX: ffffc90003e7ef20 RCX: 9e5202339a76b900 [ 82.237574][ T5830] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 82.245600][ T5830] RBP: ffffc90003e7f050 R08: ffffffff81a135ec R09: 1ffff920007cfd28 [ 82.253784][ T5830] R10: dffffc0000000000 R11: fffff520007cfd29 R12: dffffc0000000000 [ 82.261818][ T5830] R13: ffff88807cbb96b8 R14: 1000000000000000 R15: ffffc90003e7ef40 [ 82.270009][ T5830] FS: 000055556beb8380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 82.278998][ T5830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.285603][ T5830] CR2: 000055e894829e08 CR3: 000000007b822000 CR4: 00000000003526f0 [ 82.293626][ T5830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.301674][ T5830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.309751][ T5830] Kernel panic - not syncing: Fatal exception [ 82.316198][ T5830] Kernel Offset: disabled [ 82.320526][ T5830] Rebooting in 86400 seconds..