./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2796383789 <...> Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. execve("./syz-executor2796383789", ["./syz-executor2796383789"], 0x7fff862b53e0 /* 10 vars */) = 0 brk(NULL) = 0x5555558c7000 brk(0x5555558c7e00) = 0x5555558c7e00 arch_prctl(ARCH_SET_FS, 0x5555558c7480) = 0 set_tid_address(0x5555558c7750) = 5830 set_robust_list(0x5555558c7760, 24) = 0 rseq(0x5555558c7da0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2796383789", 4096) = 28 getrandom("\xb6\x93\x81\xeb\xe0\xa0\xbb\x28", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555558c7e00 brk(0x5555558e8e00) = 0x5555558e8e00 brk(0x5555558e9000) = 0x5555558e9000 mprotect(0x7fa8cc9a2000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7fa8cc8fa970, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fa8cc902b20}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7fa8cc8fa970, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fa8cc902b20}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5832 attached , child_tidptr=0x5555558c7750) = 5832 [pid 5832] set_robust_list(0x5555558c7760, 24) = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] setpgid(0, 0) = 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5832] write(3, "1000", 4) = 4 [pid 5832] close(3) = 0 [pid 5832] write(1, "executing program\n", 18executing program ) = 18 [pid 5832] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5832] pipe2([3, 4], 0) = 0 [pid 5832] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5832] dup(4) = 5 [pid 5832] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5832] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5832] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5832] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5832] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5832] exit_group(0) = ? [pid 5832] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555558c7750) = 5833 ./strace-static-x86_64: Process 5833 attached [pid 5833] set_robust_list(0x5555558c7760, 24) = 0 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5833] setpgid(0, 0) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5833] write(3, "1000", 4) = 4 [pid 5833] close(3) = 0 executing program [pid 5833] write(1, "executing program\n", 18) = 18 [pid 5833] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5833] pipe2([3, 4], 0) = 0 [pid 5833] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5833] dup(4) = 5 [pid 5833] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5833] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5833] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5833] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5833] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5833] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5833] exit_group(0) = ? [pid 5833] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5834 attached [pid 5834] set_robust_list(0x5555558c7760, 24 [pid 5830] <... clone resumed>, child_tidptr=0x5555558c7750) = 5834 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5834] setpgid(0, 0) = 0 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5834] write(3, "1000", 4) = 4 [pid 5834] close(3) = 0 [pid 5834] write(1, "executing program\n", 18executing program ) = 18 [pid 5834] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5834] pipe2([3, 4], 0) = 0 [pid 5834] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5834] dup(4) = 5 [pid 5834] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5834] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5834] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5834] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5834] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5834] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5834] exit_group(0) = ? [pid 5834] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5835 attached , child_tidptr=0x5555558c7750) = 5835 [pid 5835] set_robust_list(0x5555558c7760, 24) = 0 [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5835] setpgid(0, 0) = 0 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1000", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] write(1, "executing program\n", 18executing program ) = 18 [pid 5835] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5835] pipe2([3, 4], 0) = 0 [pid 5835] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5835] dup(4) = 5 [pid 5835] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5835] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5835] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5835] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5835] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5835] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5835] exit_group(0) = ? [pid 5835] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5835, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached [pid 5836] set_robust_list(0x5555558c7760, 24) = 0 [pid 5830] <... clone resumed>, child_tidptr=0x5555558c7750) = 5836 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5836] setpgid(0, 0) = 0 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5836] write(3, "1000", 4) = 4 [pid 5836] close(3) = 0 executing program [pid 5836] write(1, "executing program\n", 18) = 18 [pid 5836] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5836] pipe2([3, 4], 0) = 0 [pid 5836] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5836] dup(4) = 5 [pid 5836] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5836] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5836] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5836] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5836] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5836] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5836] exit_group(0) = ? [pid 5836] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached [pid 5837] set_robust_list(0x5555558c7760, 24 [pid 5830] <... clone resumed>, child_tidptr=0x5555558c7750) = 5837 [pid 5837] <... set_robust_list resumed>) = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] setpgid(0, 0) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5837] write(3, "1000", 4) = 4 [pid 5837] close(3) = 0 executing program [pid 5837] write(1, "executing program\n", 18) = 18 [pid 5837] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5837] pipe2([3, 4], 0) = 0 [pid 5837] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5837] dup(4) = 5 [pid 5837] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5837] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5837] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5837] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5837] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [ 65.698332][ T5837] ------------[ cut here ]------------ [ 65.704034][ T5837] WARNING: CPU: 0 PID: 5837 at mm/page_alloc.c:4728 __alloc_frozen_pages_noprof+0x3c5/0x710 [ 65.714308][ T5837] Modules linked in: [ 65.718272][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor279 Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 65.728944][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 65.739121][ T5837] RIP: 0010:__alloc_frozen_pages_noprof+0x3c5/0x710 [ 65.745822][ T5837] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 87 3a 0c 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e [ 65.765518][ T5837] RSP: 0018:ffffc900038e7940 EFLAGS: 00010246 [ 65.771622][ T5837] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 65.779677][ T5837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900038e79c8 [ 65.787731][ T5837] RBP: ffffc900038e7a50 R08: ffffc900038e79c7 R09: 0000000000000000 [ 65.795830][ T5837] R10: ffffc900038e79a0 R11: fffff5200071cf39 R12: 0000000000000020 [ 65.803824][ T5837] R13: 0000000000040d40 R14: 1ffff9200071cf30 R15: 1ffff9200071cf2c [ 65.811871][ T5837] FS: 00005555558c7480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 65.820891][ T5837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 65.827598][ T5837] CR2: 0000000020001000 CR3: 00000000782a2000 CR4: 00000000003526f0 [ 65.835648][ T5837] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 65.843722][ T5837] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 65.851872][ T5837] Call Trace: [ 65.855209][ T5837] [ 65.858150][ T5837] ? __warn+0x165/0x4d0 [ 65.862332][ T5837] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 65.868393][ T5837] ? report_bug+0x2b3/0x500 [ 65.872932][ T5837] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 65.878963][ T5837] ? handle_bug+0x60/0x90 [ 65.883313][ T5837] ? exc_invalid_op+0x1a/0x50 [ 65.888124][ T5837] ? asm_exc_invalid_op+0x1a/0x20 [ 65.893202][ T5837] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 65.899307][ T5837] ? kfree+0x196/0x430 [ 65.903412][ T5837] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 65.909873][ T5837] ? v9fs_fid_xattr_get+0x327/0x450 [ 65.915159][ T5837] __alloc_pages_noprof+0xa/0x30 [ 65.920126][ T5837] ___kmalloc_large_node+0x8b/0x1d0 [ 65.925404][ T5837] __kmalloc_large_node_noprof+0x1a/0x80 [ 65.931062][ T5837] __kmalloc_noprof+0x339/0x4c0 [ 65.935959][ T5837] ? v9fs_fid_get_acl+0x4f/0x100 [ 65.940921][ T5837] v9fs_fid_get_acl+0x4f/0x100 [ 65.945774][ T5837] v9fs_get_acl+0x96/0x350 [ 65.950210][ T5837] v9fs_inode_from_fid_dotl+0x22d/0x2c0 [ 65.955812][ T5837] v9fs_mount+0x718/0xa90 [ 65.960160][ T5837] ? __pfx_v9fs_mount+0x10/0x10 [ 65.965074][ T5837] ? __kmalloc_cache_noprof+0x243/0x390 [ 65.970641][ T5837] ? rcu_is_watching+0x15/0xb0 [ 65.975450][ T5837] legacy_get_tree+0xee/0x190 [ 65.980147][ T5837] ? __pfx_v9fs_mount+0x10/0x10 [ 65.985068][ T5837] vfs_get_tree+0x90/0x2b0 [ 65.989540][ T5837] do_new_mount+0x2be/0xb40 [ 65.994075][ T5837] ? __pfx_do_new_mount+0x10/0x10 [ 65.999573][ T5837] __se_sys_mount+0x2d6/0x3c0 [ 66.004287][ T5837] ? __pfx___se_sys_mount+0x10/0x10 [ 66.009585][ T5837] ? exc_page_fault+0x590/0x8b0 [ 66.014549][ T5837] ? __x64_sys_mount+0x20/0xc0 [ 66.019345][ T5837] do_syscall_64+0xf3/0x230 [ 66.023874][ T5837] ? clear_bhb_loop+0x35/0x90 [ 66.028762][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.034715][ T5837] RIP: 0033:0x7fa8cc92fde9 [ 66.039177][ T5837] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 66.058922][ T5837] RSP: 002b:00007ffc224a4f78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 66.067486][ T5837] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8cc92fde9 [ 66.075533][ T5837] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 66.083524][ T5837] RBP: 000000000000ff09 R08: 0000000020000580 R09: 00007ffc224a4fb0 [ 66.091549][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc224a4fb0 [ 66.099602][ T5837] R13: 00007ffc224a4f9c R14: 431bde82d7b634db R15: 00007fa8cc978087 [ 66.107637][ T5837] [ 66.110683][ T5837] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 66.117980][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor279 Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 66.128565][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 66.138618][ T5837] Call Trace: [ 66.141910][ T5837] [ 66.144842][ T5837] dump_stack_lvl+0x241/0x360 [ 66.149531][ T5837] ? __pfx_dump_stack_lvl+0x10/0x10 [ 66.154734][ T5837] ? __pfx__printk+0x10/0x10 [ 66.159320][ T5837] ? _printk+0xd5/0x120 [ 66.163478][ T5837] ? __init_begin+0x41000/0x41000 [ 66.168508][ T5837] ? vscnprintf+0x5d/0x90 [ 66.172851][ T5837] panic+0x349/0x880 [ 66.176750][ T5837] ? __warn+0x174/0x4d0 [ 66.180906][ T5837] ? __pfx_panic+0x10/0x10 [ 66.185342][ T5837] __warn+0x344/0x4d0 [ 66.189320][ T5837] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 66.195297][ T5837] report_bug+0x2b3/0x500 [ 66.199630][ T5837] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 66.205616][ T5837] handle_bug+0x60/0x90 [ 66.209774][ T5837] exc_invalid_op+0x1a/0x50 [ 66.214277][ T5837] asm_exc_invalid_op+0x1a/0x20 [ 66.219128][ T5837] RIP: 0010:__alloc_frozen_pages_noprof+0x3c5/0x710 [ 66.225721][ T5837] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 87 3a 0c 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e [ 66.245335][ T5837] RSP: 0018:ffffc900038e7940 EFLAGS: 00010246 [ 66.251406][ T5837] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 66.259377][ T5837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900038e79c8 [ 66.267348][ T5837] RBP: ffffc900038e7a50 R08: ffffc900038e79c7 R09: 0000000000000000 [ 66.275317][ T5837] R10: ffffc900038e79a0 R11: fffff5200071cf39 R12: 0000000000000020 [ 66.283289][ T5837] R13: 0000000000040d40 R14: 1ffff9200071cf30 R15: 1ffff9200071cf2c [ 66.291273][ T5837] ? kfree+0x196/0x430 [ 66.295344][ T5837] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 66.301686][ T5837] ? v9fs_fid_xattr_get+0x327/0x450 [ 66.306892][ T5837] __alloc_pages_noprof+0xa/0x30 [ 66.311832][ T5837] ___kmalloc_large_node+0x8b/0x1d0 [ 66.317032][ T5837] __kmalloc_large_node_noprof+0x1a/0x80 [ 66.322666][ T5837] __kmalloc_noprof+0x339/0x4c0 [ 66.327517][ T5837] ? v9fs_fid_get_acl+0x4f/0x100 [ 66.332457][ T5837] v9fs_fid_get_acl+0x4f/0x100 [ 66.337224][ T5837] v9fs_get_acl+0x96/0x350 [ 66.341646][ T5837] v9fs_inode_from_fid_dotl+0x22d/0x2c0 [ 66.347196][ T5837] v9fs_mount+0x718/0xa90 [ 66.351525][ T5837] ? __pfx_v9fs_mount+0x10/0x10 [ 66.356379][ T5837] ? __kmalloc_cache_noprof+0x243/0x390 [ 66.361930][ T5837] ? rcu_is_watching+0x15/0xb0 [ 66.366705][ T5837] legacy_get_tree+0xee/0x190 [ 66.371384][ T5837] ? __pfx_v9fs_mount+0x10/0x10 [ 66.376238][ T5837] vfs_get_tree+0x90/0x2b0 [ 66.380652][ T5837] do_new_mount+0x2be/0xb40 [ 66.385163][ T5837] ? __pfx_do_new_mount+0x10/0x10 [ 66.390192][ T5837] __se_sys_mount+0x2d6/0x3c0 [ 66.394871][ T5837] ? __pfx___se_sys_mount+0x10/0x10 [ 66.400072][ T5837] ? exc_page_fault+0x590/0x8b0 [ 66.404929][ T5837] ? __x64_sys_mount+0x20/0xc0 [ 66.409698][ T5837] do_syscall_64+0xf3/0x230 [ 66.414199][ T5837] ? clear_bhb_loop+0x35/0x90 [ 66.418881][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.424775][ T5837] RIP: 0033:0x7fa8cc92fde9 [ 66.429190][ T5837] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 66.448808][ T5837] RSP: 002b:00007ffc224a4f78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 66.457312][ T5837] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8cc92fde9 [ 66.465279][ T5837] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 66.473246][ T5837] RBP: 000000000000ff09 R08: 0000000020000580 R09: 00007ffc224a4fb0 [ 66.481213][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc224a4fb0 [ 66.489183][ T5837] R13: 00007ffc224a4f9c R14: 431bde82d7b634db R15: 00007fa8cc978087 [ 66.497162][ T5837] [ 66.500444][ T5837] Kernel Offset: disabled [ 66.504828][ T5837] Rebooting in 86400 seconds..