./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1542806913 <...> Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts. execve("./syz-executor1542806913", ["./syz-executor1542806913"], 0x7ffd6cdd1dc0 /* 10 vars */) = 0 brk(NULL) = 0x555575518000 brk(0x555575518d00) = 0x555575518d00 arch_prctl(ARCH_SET_FS, 0x555575518380) = 0 set_tid_address(0x555575518650) = 5782 set_robust_list(0x555575518660, 24) = 0 rseq(0x555575518ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1542806913", 4096) = 28 getrandom("\xbb\x47\x73\xaf\xe4\xdb\x09\x08", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555575518d00 brk(0x555575539d00) = 0x555575539d00 brk(0x55557553a000) = 0x55557553a000 mprotect(0x7f56a066d000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555575518650) = 5783 ./strace-static-x86_64: Process 5783 attached [pid 5783] set_robust_list(0x555575518660, 24) = 0 [pid 5783] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5783] setpgid(0, 0) = 0 [pid 5783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5783] write(3, "1000", 4) = 4 [pid 5783] close(3) = 0 executing program [pid 5783] write(1, "executing program\n", 18) = 18 [pid 5783] memfd_create("syzkaller", 0) = 3 [pid 5783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f5698000000 [pid 5783] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x8f\x24\x2d\x5f\x49\x6d\x50\x0b\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5783] munmap(0x7f5698000000, 138412032) = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5783] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5783] close(3) = 0 [pid 5783] close(4) = 0 [pid 5783] mkdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 0777) = 0 [ 210.924683][ T5783] loop0: detected capacity change from 0 to 4096 [pid 5783] mount("/dev/loop0", "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", "ntfs3", 0, "sparse,fmask=00000000000000000000011,acl,iocharset=iso8859-6,showmeta,prealloc,sparse,dmask=00000000"...) = 0 [pid 5783] openat(AT_FDCWD, "\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", O_RDONLY|O_DIRECTORY) = 3 [pid 5783] chdir("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f") = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5783] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", S_ISUID|000) = 0 [pid 5783] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5783] link("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file1") = 0 [pid 5783] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 4 [pid 5783] fallocate(4, 0, 0, 117440512) = -1 ENOSPC (No space left on device) [pid 5783] creat("./bus", 000) = 5 [pid 5783] mount("/dev/loop0", "./bus", NULL, MS_BIND|MS_REC, NULL) = 0 [pid 5783] openat(AT_FDCWD, "./file7", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOFOLLOW|FASYNC, 0777) = 6 [pid 5783] open("./bus", O_RDONLY) = 7 [ 211.120000][ T29] audit: type=1800 audit(1738831074.983:2): pid=5783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor154" name="file7" dev="loop0" ino=36 res=0 errno=0 [pid 5783] ioctl(7, LOOP_SET_STATUS64, {lo_offset=0, lo_number=0, lo_flags=0, lo_file_name="\xef\x35\x9f\x41\x3b\xb9\x38\x52\xf7\xd6\xa4\xae\x6d\xdd\xfb\xd1\xce\x5d\x29\xc2\xee\x5e\x5c\xa9", ...}) = 0 [pid 5783] open("./file1", O_RDWR|O_CREAT|O_SYNC|O_LARGEFILE, 000) = 8 [ 211.180210][ T5783] loop0: detected capacity change from 4096 to 64 [ 211.201245][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.208562][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.216171][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.223669][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.231109][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.238595][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.246104][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.253462][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.260793][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.268086][ T5783] ntfs3(loop0): failed to read volume at offset 0x46c00 [ 211.285522][ T5783] syz-executor154: attempt to access beyond end of device [ 211.285522][ T5783] loop0: rw=0, sector=106, nr_sectors = 2 limit=64 [ 211.300670][ T5783] ===================================================== [ 211.307889][ T5783] BUG: KMSAN: uninit-value in ntfs_read_bh+0x1eb/0xde0 [ 211.315510][ T5783] ntfs_read_bh+0x1eb/0xde0 [ 211.320291][ T5783] mi_read+0x2d4/0xd50 [ 211.324545][ T5783] mi_get+0x199/0x560 [ 211.328705][ T5783] ni_load_mi_ex+0x21a/0x6b0 [ 211.333684][ T5783] ni_enum_attr_ex+0x30b/0x590 [ 211.338672][ T5783] attr_insert_range+0x22a9/0x2790 [ 211.344190][ T5783] ntfs_fallocate+0x13df/0x22c0 [ 211.349317][ T5783] vfs_fallocate+0x79e/0x860 [ 211.354309][ T5783] __x64_sys_fallocate+0x148/0x280 [ 211.359623][ T5783] x64_sys_call+0x4c9/0x3c30 [ 211.364656][ T5783] do_syscall_64+0xcd/0x1e0 [ 211.369360][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.375682][ T5783] [ 211.378140][ T5783] Uninit was stored to memory at: [ 211.383707][ T5783] ntfs_read_run_nb+0x786/0x1070 [ 211.388878][ T5783] ntfs_read_bh+0x64/0xde0 [ 211.393694][ T5783] mi_read+0x2d4/0xd50 [ 211.397991][ T5783] mi_get+0x199/0x560 [ 211.402407][ T5783] ni_load_mi_ex+0x21a/0x6b0 [ 211.407296][ T5783] ni_enum_attr_ex+0x30b/0x590 [ 211.412404][ T5783] attr_insert_range+0x22a9/0x2790 [ 211.417811][ T5783] ntfs_fallocate+0x13df/0x22c0 [ 211.423054][ T5783] vfs_fallocate+0x79e/0x860 [ 211.427876][ T5783] __x64_sys_fallocate+0x148/0x280 [ 211.433307][ T5783] x64_sys_call+0x4c9/0x3c30 [ 211.438110][ T5783] do_syscall_64+0xcd/0x1e0 [ 211.442942][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.449080][ T5783] [ 211.451668][ T5783] Uninit was created at: [ 211.456163][ T5783] __alloc_frozen_pages_noprof+0x9a7/0xe00 [ 211.462313][ T5783] alloc_pages_mpol+0x4cd/0x890 [ 211.467382][ T5783] folio_alloc_noprof+0x1dc/0x350 [ 211.472785][ T5783] filemap_alloc_folio_noprof+0xa6/0x440 [ 211.478631][ T5783] __filemap_get_folio+0xb9a/0x1840 [ 211.484222][ T5783] bdev_getblk+0x2c9/0xab0 [ 211.488819][ T5783] __bread_gfp+0x93/0x730 [ 211.493450][ T5783] ntfs_read_run_nb+0x6b2/0x1070 [ 211.498623][ T5783] ntfs_read_bh+0x64/0xde0 [ 211.503509][ T5783] mi_read+0x2d4/0xd50 [ 211.507799][ T5783] mi_format_new+0x218/0x790 [ 211.512716][ T5783] ntfs_new_inode+0xc2/0x2b0 [ 211.517575][ T5783] ntfs_create_inode+0x988/0x4e40 [ 211.522875][ T5783] ntfs_create+0x56/0x70 [ 211.527407][ T5783] path_openat+0x2ed8/0x6250 [ 211.532331][ T5783] do_filp_open+0x268/0x600 [ 211.537033][ T5783] do_sys_openat2+0x1bf/0x2f0 [ 211.542079][ T5783] __x64_sys_openat+0x2a1/0x310 [ 211.547294][ T5783] x64_sys_call+0x36f5/0x3c30 [ 211.552294][ T5783] do_syscall_64+0xcd/0x1e0 [ 211.556983][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.563322][ T5783] [ 211.565809][ T5783] CPU: 0 UID: 0 PID: 5783 Comm: syz-executor154 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 211.577346][ T5783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 211.587673][ T5783] ===================================================== [ 211.594935][ T5783] Disabling lock debugging due to kernel taint [ 211.601356][ T5783] Kernel panic - not syncing: kmsan.panic set ... [ 211.607884][ T5783] CPU: 0 UID: 0 PID: 5783 Comm: syz-executor154 Tainted: G B 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 [ 211.620630][ T5783] Tainted: [B]=BAD_PAGE [ 211.624857][ T5783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 211.635128][ T5783] Call Trace: [ 211.638511][ T5783] [ 211.641715][ T5783] dump_stack_lvl+0x216/0x2d0 [ 211.646518][ T5783] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 211.652484][ T5783] dump_stack+0x1e/0x24 [ 211.656774][ T5783] panic+0x4e2/0xcf0 [ 211.660922][ T5783] ? kmsan_get_metadata+0x81/0x1c0 [ 211.666296][ T5783] kmsan_report+0x2c7/0x2d0 [ 211.670958][ T5783] ? bdev_getblk+0xd9/0xab0 [ 211.675609][ T5783] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 211.681569][ T5783] ? __msan_warning+0x95/0x120 [ 211.686548][ T5783] ? ntfs_read_bh+0x1eb/0xde0 [ 211.691451][ T5783] ? mi_read+0x2d4/0xd50 [ 211.695899][ T5783] ? mi_get+0x199/0x560 [ 211.700343][ T5783] ? ni_load_mi_ex+0x21a/0x6b0 [ 211.705272][ T5783] ? ni_enum_attr_ex+0x30b/0x590 [ 211.710391][ T5783] ? attr_insert_range+0x22a9/0x2790 [ 211.716058][ T5783] ? ntfs_fallocate+0x13df/0x22c0 [ 211.721407][ T5783] ? vfs_fallocate+0x79e/0x860 [ 211.726369][ T5783] ? __x64_sys_fallocate+0x148/0x280 [ 211.731890][ T5783] ? x64_sys_call+0x4c9/0x3c30 [ 211.736818][ T5783] ? do_syscall_64+0xcd/0x1e0 [ 211.741623][ T5783] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.747858][ T5783] ? kmsan_get_metadata+0x13e/0x1c0 [ 211.753248][ T5783] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 211.759341][ T5783] ? ntfs_read_run_nb+0xe88/0x1070 [ 211.764667][ T5783] ? kmsan_get_metadata+0x13e/0x1c0 [ 211.770031][ T5783] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 211.776008][ T5783] __msan_warning+0x95/0x120 [ 211.780758][ T5783] ntfs_read_bh+0x1eb/0xde0 [ 211.785473][ T5783] ? down_read+0x6bb/0xb20 [ 211.790038][ T5783] ? kmsan_get_metadata+0x13e/0x1c0 [ 211.795439][ T5783] mi_read+0x2d4/0xd50 [ 211.799687][ T5783] mi_get+0x199/0x560 [ 211.803856][ T5783] ni_load_mi_ex+0x21a/0x6b0 [ 211.808673][ T5783] ? al_enumerate+0x375/0x3f0 [ 211.813572][ T5783] ? kmsan_get_metadata+0x13e/0x1c0 [ 211.818939][ T5783] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 211.824926][ T5783] ni_enum_attr_ex+0x30b/0x590 [ 211.829920][ T5783] attr_insert_range+0x22a9/0x2790 [ 211.835311][ T5783] ntfs_fallocate+0x13df/0x22c0 [ 211.840546][ T5783] ? __pfx_ntfs_fallocate+0x10/0x10 [ 211.845902][ T5783] ? __pfx_ntfs_fallocate+0x10/0x10 [ 211.851276][ T5783] vfs_fallocate+0x79e/0x860 [ 211.856043][ T5783] __x64_sys_fallocate+0x148/0x280 [ 211.861352][ T5783] x64_sys_call+0x4c9/0x3c30 [ 211.866141][ T5783] do_syscall_64+0xcd/0x1e0 [ 211.870868][ T5783] ? clear_bhb_loop+0x25/0x80 [ 211.875706][ T5783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.881809][ T5783] RIP: 0033:0x7f56a05da019 [ 211.886343][ T5783] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 211.906124][ T5783] RSP: 002b:00007ffd8c05cbc8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 211.914724][ T5783] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f56a05da019 [ 211.922863][ T5783] RDX: 0000000000002000 RSI: 0000000000000020 RDI: 0000000000000008 [ 211.931128][ T5783] RBP: 00007f56a066d5f0 R08: 00005555755194c0 R09: 00005555755194c0 [ 211.939419][ T5783] R10: 0000000000002000 R11: 0000000000000246 R12: 00007ffd8c05cbf0 [ 211.947969][ T5783] R13: 00007ffd8c05ce18 R14: 431bde82d7b634db R15: 00007f56a062303b [ 211.956747][ T5783] [ 211.960439][ T5783] Kernel Offset: disabled [ 211.964870][ T5783] Rebooting in 86400 seconds..