./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2489613955 <...> forked to background, child pid 3184 no interfaces have a carrier [ 25.235953][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 25.248038][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts. execve("./syz-executor2489613955", ["./syz-executor2489613955"], 0x7ffd31e5f5d0 /* 10 vars */) = 0 brk(NULL) = 0x555556c43000 brk(0x555556c43d00) = 0x555556c43d00 arch_prctl(ARCH_SET_FS, 0x555556c433c0) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2489613955", 4096) = 28 brk(0x555556c64d00) = 0x555556c64d00 brk(0x555556c65000) = 0x555556c65000 mprotect(0x7f476b78d000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f476b6e4020, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f476b6e4090}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f476b6e4020, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f476b6e4090}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/fb0", O_RDONLY|O_TRUNC|O_NONBLOCK) = 3 mmap(0x20000000, 8388608, PROT_EXEC|PROT_SEM|0x800000, MAP_PRIVATE|MAP_FIXED, 3, 0) = 0x20000000 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000240} --- syzkaller login: [ 47.334693][ T3605] ------------[ cut here ]------------ [ 47.340408][ T3605] kernel BUG at mm/memory.c:2218! [ 47.345433][ T3605] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 47.351571][ T3605] CPU: 1 PID: 3605 Comm: syz-executor248 Not tainted 6.0.0-rc4-syzkaller-00302-gb96fbd602d35 #0 [ 47.361974][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 47.372102][ T3605] RIP: 0010:vmf_insert_pfn_prot+0x40b/0x420 [ 47.378036][ T3605] Code: 92 c6 31 ff e8 06 c9 c1 ff 84 db 74 2b e8 1d c6 c1 ff e9 87 fd ff ff e8 13 c6 c1 ff 0f 0b e8 0c c6 c1 ff 0f 0b e8 05 c6 c1 ff <0f> 0b e8 3e 38 71 08 e8 f9 c5 c1 ff 0f 0b e8 f2 c5 c1 ff 0f 0b 55 [ 47.397632][ T3605] RSP: 0018:ffffc900038ff760 EFLAGS: 00010293 [ 47.403767][ T3605] RAX: ffffffff81c7d1fb RBX: 0000000000000420 RCX: ffff88807f35d880 [ 47.411736][ T3605] RDX: 0000000000000000 RSI: 0000000000000420 RDI: 0000000000000420 [ 47.419709][ T3605] RBP: ffffc900038ff820 R08: ffffffff81c7ceef R09: ffffffff81c7cec3 [ 47.427675][ T3605] R10: 0000000000000002 R11: ffff88807f35d880 R12: 000000000c040474 [ 47.435724][ T3605] R13: ffff888074406210 R14: ffffc900038ff7a0 R15: 000000000001e206 [ 47.443685][ T3605] FS: 0000555556c433c0(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 47.452599][ T3605] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.459256][ T3605] CR2: 0000000020000240 CR3: 000000001cf5e000 CR4: 00000000003506e0 [ 47.467413][ T3605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.475369][ T3605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.483328][ T3605] Call Trace: [ 47.486597][ T3605] [ 47.489608][ T3605] ? vm_map_pages_zero+0x140/0x140 [ 47.494706][ T3605] ? pte_alloc_one+0x2d2/0x360 [ 47.499458][ T3605] ? pfn_modify_allowed+0x2e0/0x2e0 [ 47.504640][ T3605] ? count_memcg_event_mm+0x342/0x390 [ 47.509996][ T3605] drm_gem_shmem_fault+0x1db/0x240 [ 47.515105][ T3605] __do_fault+0x139/0x4f0 [ 47.519423][ T3605] handle_mm_fault+0x2835/0x35c0 [ 47.524354][ T3605] ? numa_migrate_prep+0x250/0x250 [ 47.529477][ T3605] ? vmacache_find+0x23c/0x590 [ 47.534228][ T3605] do_user_addr_fault+0x69b/0xcb0 [ 47.539331][ T3605] exc_page_fault+0x7a/0x120 [ 47.543926][ T3605] asm_exc_page_fault+0x22/0x30 [ 47.548766][ T3605] RIP: 0010:strncpy_from_user+0x150/0x330 [ 47.554488][ T3605] Code: 89 34 24 0f 01 cb 0f ae e8 bf 07 00 00 00 4c 89 ee e8 54 38 23 fd 49 83 fd 07 0f 86 81 00 00 00 45 31 ff 0f 1f 80 00 00 00 00 <4f> 8b 34 3c 48 b8 ff fe fe fe fe fe fe fe 49 8d 1c 06 4c 89 f5 48 [ 47.574091][ T3605] RSP: 0018:ffffc900038ffcc0 EFLAGS: 00050246 [ 47.580245][ T3605] RAX: ffffffff84666439 RBX: 0000000000000fe0 RCX: 0000000000000000 [ 47.588212][ T3605] RDX: ffff88807f35d880 RSI: 0000000000000fe0 RDI: 0000000000000007 [ 47.596177][ T3605] RBP: 0000000000000000 R08: ffffffff8466646c R09: fffff94000116881 [ 47.604146][ T3605] R10: fffff94000116881 R11: 1ffffd4000116880 R12: 0000000020000240 [ 47.612297][ T3605] R13: 0000000000000fe0 R14: ffff888022d13320 R15: 0000000000000000 [ 47.620271][ T3605] ? strncpy_from_user+0x13c/0x330 [ 47.625382][ T3605] ? strncpy_from_user+0x109/0x330 [ 47.630521][ T3605] getname_flags+0xf5/0x4e0 [ 47.635021][ T3605] do_sys_openat2+0xd2/0x500 [ 47.639605][ T3605] ? do_raw_spin_unlock+0x134/0x8a0 [ 47.644795][ T3605] ? do_sys_open+0x220/0x220 [ 47.649376][ T3605] ? _raw_spin_unlock_irq+0x2a/0x40 [ 47.654564][ T3605] ? ptrace_notify+0x245/0x340 [ 47.659325][ T3605] __x64_sys_openat+0x243/0x290 [ 47.664179][ T3605] ? __ia32_sys_open+0x270/0x270 [ 47.669104][ T3605] ? __ct_user_exit+0x81/0xe0 [ 47.673770][ T3605] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 47.679767][ T3605] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 47.685734][ T3605] do_syscall_64+0x2b/0x70 [ 47.690175][ T3605] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 47.696057][ T3605] RIP: 0033:0x7f476b721159 [ 47.700465][ T3605] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 47.720054][ T3605] RSP: 002b:00007fffbba9ccc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 47.728455][ T3605] RAX: ffffffffffffffda RBX: 00007fffbba9ccd8 RCX: 00007f476b721159 [ 47.736413][ T3605] RDX: 000000000000275a RSI: 0000000020000240 RDI: 00000000ffffff9c [ 47.744367][ T3605] RBP: 00007fffbba9ccd0 R08: 00007fffbba9ccd0 R09: 00007f476b6e4020 [ 47.752323][ T3605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 47.760280][ T3605] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 47.768242][ T3605] [ 47.771245][ T3605] Modules linked in: [ 47.775450][ T3605] ---[ end trace 0000000000000000 ]--- [ 47.780998][ T3605] RIP: 0010:vmf_insert_pfn_prot+0x40b/0x420 [ 47.786914][ T3605] Code: 92 c6 31 ff e8 06 c9 c1 ff 84 db 74 2b e8 1d c6 c1 ff e9 87 fd ff ff e8 13 c6 c1 ff 0f 0b e8 0c c6 c1 ff 0f 0b e8 05 c6 c1 ff <0f> 0b e8 3e 38 71 08 e8 f9 c5 c1 ff 0f 0b e8 f2 c5 c1 ff 0f 0b 55 [ 47.806677][ T3605] RSP: 0018:ffffc900038ff760 EFLAGS: 00010293 [ 47.812769][ T3605] RAX: ffffffff81c7d1fb RBX: 0000000000000420 RCX: ffff88807f35d880 [ 47.820769][ T3605] RDX: 0000000000000000 RSI: 0000000000000420 RDI: 0000000000000420 [ 47.828769][ T3605] RBP: ffffc900038ff820 R08: ffffffff81c7ceef R09: ffffffff81c7cec3 [ 47.836729][ T3605] R10: 0000000000000002 R11: ffff88807f35d880 R12: 000000000c040474 [ 47.844752][ T3605] R13: ffff888074406210 R14: ffffc900038ff7a0 R15: 000000000001e206 [ 47.852752][ T3605] FS: 0000555556c433c0(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 47.861735][ T3605] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.868315][ T3605] CR2: 0000000020000240 CR3: 000000001cf5e000 CR4: 00000000003506e0 [ 47.876312][ T3605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.884323][ T3605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.892321][ T3605] Kernel panic - not syncing: Fatal exception [ 47.898438][ T3605] Kernel Offset: disabled [ 47.902807][ T3605] Rebooting in 86400 seconds..