./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4190106792
<...>
Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts.
execve("./syz-executor4190106792", ["./syz-executor4190106792"], 0x7ffd423a4b10 /* 10 vars */) = 0
brk(NULL) = 0x555556e1c000
brk(0x555556e1cc40) = 0x555556e1cc40
arch_prctl(ARCH_SET_FS, 0x555556e1c300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor4190106792", 4096) = 28
brk(0x555556e3dc40) = 0x555556e3dc40
brk(0x555556e3e000) = 0x555556e3e000
mprotect(0x7f4f8dbac000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
getpid() = 4997
mkdir("./syzkaller.ygJ5M2", 0700) = 0
chmod("./syzkaller.ygJ5M2", 0777) = 0
chdir("./syzkaller.ygJ5M2") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e1c5d0) = 4998
./strace-static-x86_64: Process 4998 attached
[pid 4998] chdir("./0") = 0
[pid 4998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 4998] setpgid(0, 0) = 0
[pid 4998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 4998] write(3, "1000", 4) = 4
[pid 4998] close(3) = 0
[pid 4998] symlink("/dev/binderfs", "./binderfs") = 0
[pid 4998] memfd_create("syzkaller", 0) = 3
[pid 4998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4f856d1000
[pid 4998] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\xff\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\xbb\x02\x87\x1c\xc7\xbb\xb3\x5e\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 4998] munmap(0x7f4f856d1000, 2097152) = 0
[pid 4998] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 4998] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 4998] close(3) = 0
[pid 4998] mkdir("./file0", 0777) = 0
[ 41.027358][ T4998] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4998 'syz-executor419'
[ 41.056773][ T4998] loop0: detected capacity change from 0 to 4096
[ 41.066651][ T4998] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[pid 4998] mount("/dev/loop0", "./file0", "ntfs3", MS_NOEXEC|MS_SYNCHRONOUS|MS_REC|MS_STRICTATIME, "") = 0
[pid 4998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 4998] chdir("./file0") = 0
[pid 4998] ioctl(4, LOOP_CLR_FD) = 0
[pid 4998] close(4) = 0
[pid 4998] open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4
[pid 4998] open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 5
[pid 4998] ftruncate(5, 33587195) = 0
[pid 4998] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 4998] write(6, "38", 2) = 2
[ 41.081274][ T4998] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[ 41.117845][ T4998] FAULT_INJECTION: forcing a failure.
[ 41.117845][ T4998] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 41.131343][ T4998] CPU: 0 PID: 4998 Comm: syz-executor419 Not tainted 6.4.0-rc5-syzkaller-00245-g64569520920a #0
[ 41.141749][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 41.151784][ T4998] Call Trace:
[ 41.155047][ T4998]
[ 41.157968][ T4998] dump_stack_lvl+0x136/0x150
[ 41.162679][ T4998] should_fail_ex+0x4a3/0x5b0
[ 41.167344][ T4998] prepare_alloc_pages+0x178/0x570
[ 41.172446][ T4998] __alloc_pages+0x149/0x4a0
[ 41.177031][ T4998] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 41.183796][ T4998] ? filemap_get_entry+0x203/0x430
[ 41.188893][ T4998] ? lock_downgrade+0x690/0x690
[ 41.193736][ T4998] alloc_pages+0x1aa/0x270
[ 41.198143][ T4998] folio_alloc+0x20/0x70
[ 41.202368][ T4998] filemap_alloc_folio+0x3c1/0x470
[ 41.207466][ T4998] ? folio_wake_bit+0x270/0x270
[ 41.212313][ T4998] __filemap_get_folio+0x2a6/0x990
[ 41.217441][ T4998] pagecache_get_page+0x2e/0x270
[ 41.222382][ T4998] ni_readpage_cmpr+0x236/0xcd0
[ 41.227222][ T4998] ntfs_read_folio+0x101/0x1e0
[ 41.231979][ T4998] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 41.237600][ T4998] filemap_read_folio+0xdb/0x2c0
[ 41.242533][ T4998] ? __folio_lock_killable+0x20/0x20
[ 41.247830][ T4998] filemap_get_pages+0x42a/0x1620
[ 41.252850][ T4998] ? __lock_acquire+0xc17/0x5f30
[ 41.257778][ T4998] ? filemap_add_folio+0x1e0/0x1e0
[ 41.262888][ T4998] filemap_read+0x35e/0xc70
[ 41.267394][ T4998] ? filemap_get_pages+0x1620/0x1620
[ 41.272669][ T4998] ? aa_file_perm+0x567/0x1250
[ 41.277428][ T4998] ? lock_downgrade+0x690/0x690
[ 41.282270][ T4998] ? alloc_pipe_info+0x1e9/0x590
[ 41.287203][ T4998] ? kasan_save_stack+0x32/0x40
[ 41.292063][ T4998] ? kasan_set_track+0x25/0x30
[ 41.296826][ T4998] generic_file_read_iter+0x3ad/0x5b0
[ 41.302194][ T4998] ntfs_file_read_iter+0x1b8/0x270
[ 41.307295][ T4998] generic_file_splice_read+0x182/0x4b0
[ 41.312839][ T4998] ? do_splice_direct+0x280/0x280
[ 41.317866][ T4998] ? security_file_permission+0xaf/0xd0
[ 41.323402][ T4998] ? do_splice_direct+0x280/0x280
[ 41.328422][ T4998] do_splice_to+0x1b9/0x240
[ 41.332925][ T4998] splice_direct_to_actor+0x2ab/0x8a0
[ 41.338316][ T4998] ? folio_flags.constprop.0+0x150/0x150
[ 41.343961][ T4998] ? direct_splice_actor+0x180/0x180
[ 41.349243][ T4998] ? bpf_lsm_file_permission+0x9/0x10
[ 41.354694][ T4998] ? security_file_permission+0xaf/0xd0
[ 41.360232][ T4998] do_splice_direct+0x1ab/0x280
[ 41.365077][ T4998] ? splice_direct_to_actor+0x8a0/0x8a0
[ 41.370639][ T4998] do_sendfile+0xb19/0x12c0
[ 41.375146][ T4998] ? vfs_iocb_iter_write+0x480/0x480
[ 41.380428][ T4998] ? ptrace_notify+0xfe/0x140
[ 41.385095][ T4998] ? lock_downgrade+0x690/0x690
[ 41.389948][ T4998] __x64_sys_sendfile64+0x1d0/0x210
[ 41.395136][ T4998] ? _raw_spin_unlock_irq+0x23/0x50
[ 41.400330][ T4998] ? __ia32_sys_sendfile+0x220/0x220
[ 41.405604][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.410792][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.415982][ T4998] ? ptrace_notify+0xfe/0x140
[ 41.420652][ T4998] do_syscall_64+0x39/0xb0
[ 41.425065][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.430951][ T4998] RIP: 0033:0x7f4f8db1ea39
[ 41.435372][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.454965][ T4998] RSP: 002b:00007fff90b18668 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 41.463365][ T4998] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f4f8db1ea39
[ 41.471325][ T4998] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 41.479279][ T4998] RBP: 00007fff90b18690 R08: 0000000000000002 R09: 00007fff90b186a0
[ 41.487413][ T4998] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000006
[ 41.495371][ T4998] R13: 00007fff90b186d0 R14: 00007fff90b186b0 R15: 0000000000000000
[ 41.503338][ T4998]
[ 41.508725][ T4998] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[ 41.520458][ T4998] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 41.528844][ T4998] CPU: 1 PID: 4998 Comm: syz-executor419 Not tainted 6.4.0-rc5-syzkaller-00245-g64569520920a #0
[ 41.539230][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
[ 41.549350][ T4998] RIP: 0010:unlock_page+0x25/0x130
[ 41.554444][ T4998] Code: 00 eb b9 66 90 f3 0f 1e fa 41 54 55 48 89 fd 53 e8 80 bc d0 ff 48 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e4 00 00 00 4c 8b 65 08 31 ff 4c 89 e3 83 e3 01
[ 41.574035][ T4998] RSP: 0018:ffffc90003a9f520 EFLAGS: 00010212
[ 41.580095][ T4998] RAX: dffffc0000000000 RBX: 0000000000000008 RCX: 0000000000000000
[ 41.588045][ T4998] RDX: 0000000000000001 RSI: ffffffff81b38a60 RDI: 0000000000000008
[ 41.596005][ T4998] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000001
[ 41.603953][ T4998] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 41.611921][ T4998] R13: ffff888028606c88 R14: 0000000000000000 R15: 0000000000000000
[ 41.619872][ T4998] FS: 0000555556e1c300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 41.628782][ T4998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 41.635344][ T4998] CR2: 000055abb6242568 CR3: 00000000271a0000 CR4: 0000000000350ee0
[ 41.643382][ T4998] Call Trace:
[ 41.646645][ T4998]
[ 41.649555][ T4998] ? die_addr+0x3c/0xa0
[ 41.653696][ T4998] ? exc_general_protection+0x129/0x230
[ 41.659224][ T4998] ? asm_exc_general_protection+0x26/0x30
[ 41.664931][ T4998] ? unlock_page+0x10/0x130
[ 41.669417][ T4998] ? unlock_page+0x25/0x130
[ 41.673897][ T4998] ni_readpage_cmpr+0x44a/0xcd0
[ 41.678730][ T4998] ntfs_read_folio+0x101/0x1e0
[ 41.683561][ T4998] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 41.689181][ T4998] filemap_read_folio+0xdb/0x2c0
[ 41.694122][ T4998] ? __folio_lock_killable+0x20/0x20
[ 41.699392][ T4998] filemap_get_pages+0x42a/0x1620
[ 41.704398][ T4998] ? __lock_acquire+0xc17/0x5f30
[ 41.709325][ T4998] ? filemap_add_folio+0x1e0/0x1e0
[ 41.714440][ T4998] filemap_read+0x35e/0xc70
[ 41.718928][ T4998] ? filemap_get_pages+0x1620/0x1620
[ 41.724193][ T4998] ? aa_file_perm+0x567/0x1250
[ 41.728938][ T4998] ? lock_downgrade+0x690/0x690
[ 41.733767][ T4998] ? alloc_pipe_info+0x1e9/0x590
[ 41.738688][ T4998] ? kasan_save_stack+0x32/0x40
[ 41.743539][ T4998] ? kasan_set_track+0x25/0x30
[ 41.748298][ T4998] generic_file_read_iter+0x3ad/0x5b0
[ 41.753651][ T4998] ntfs_file_read_iter+0x1b8/0x270
[ 41.758743][ T4998] generic_file_splice_read+0x182/0x4b0
[ 41.764277][ T4998] ? do_splice_direct+0x280/0x280
[ 41.769285][ T4998] ? security_file_permission+0xaf/0xd0
[ 41.774811][ T4998] ? do_splice_direct+0x280/0x280
[ 41.779821][ T4998] do_splice_to+0x1b9/0x240
[ 41.784323][ T4998] splice_direct_to_actor+0x2ab/0x8a0
[ 41.789678][ T4998] ? folio_flags.constprop.0+0x150/0x150
[ 41.795294][ T4998] ? direct_splice_actor+0x180/0x180
[ 41.800559][ T4998] ? bpf_lsm_file_permission+0x9/0x10
[ 41.805912][ T4998] ? security_file_permission+0xaf/0xd0
[ 41.811441][ T4998] do_splice_direct+0x1ab/0x280
[ 41.816301][ T4998] ? splice_direct_to_actor+0x8a0/0x8a0
[ 41.821832][ T4998] do_sendfile+0xb19/0x12c0
[ 41.826322][ T4998] ? vfs_iocb_iter_write+0x480/0x480
[ 41.831589][ T4998] ? ptrace_notify+0xfe/0x140
[ 41.836253][ T4998] ? lock_downgrade+0x690/0x690
[ 41.841100][ T4998] __x64_sys_sendfile64+0x1d0/0x210
[ 41.846281][ T4998] ? _raw_spin_unlock_irq+0x23/0x50
[ 41.851465][ T4998] ? __ia32_sys_sendfile+0x220/0x220
[ 41.856748][ T4998] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.861928][ T4998] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.867107][ T4998] ? ptrace_notify+0xfe/0x140
[ 41.871763][ T4998] do_syscall_64+0x39/0xb0
[ 41.876168][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.882076][ T4998] RIP: 0033:0x7f4f8db1ea39
[ 41.886481][ T4998] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.906063][ T4998] RSP: 002b:00007fff90b18668 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 41.914451][ T4998] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f4f8db1ea39
[ 41.922399][ T4998] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 41.930356][ T4998] RBP: 00007fff90b18690 R08: 0000000000000002 R09: 00007fff90b186a0
[ 41.938319][ T4998] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000006
[ 41.946266][ T4998] R13: 00007fff90b186d0 R14: 00007fff90b186b0 R15: 0000000000000000
[ 41.954222][ T4998]
[ 41.957219][ T4998] Modules linked in:
[ 41.961659][ T4998] ---[ end trace 0000000000000000 ]---
[ 41.967174][ T4998] RIP: 0010:unlock_page+0x25/0x130
[ 41.972275][ T4998] Code: 00 eb b9 66 90 f3 0f 1e fa 41 54 55 48 89 fd 53 e8 80 bc d0 ff 48 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e4 00 00 00 4c 8b 65 08 31 ff 4c 89 e3 83 e3 01
[ 41.991896][ T4998] RSP: 0018:ffffc90003a9f520 EFLAGS: 00010212
[ 41.997983][ T4998] RAX: dffffc0000000000 RBX: 0000000000000008 RCX: 0000000000000000
[ 42.005945][ T4998] RDX: 0000000000000001 RSI: ffffffff81b38a60 RDI: 0000000000000008
[ 42.013921][ T4998] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000001
[ 42.021898][ T4998] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 42.029915][ T4998] R13: ffff888028606c88 R14: 0000000000000000 R15: 0000000000000000
[ 42.037899][ T4998] FS: 0000555556e1c300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 42.046847][ T4998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 42.053440][ T4998] CR2: 000055abb6242568 CR3: 00000000271a0000 CR4: 0000000000350ee0
[ 42.061434][ T4998] Kernel panic - not syncing: Fatal exception
[ 42.068404][ T4998] Kernel Offset: disabled
[ 42.072708][ T4998] Rebooting in 86400 seconds..