./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3762373740 <...> Warning: Permanently added '10.128.0.157' (ED25519) to the list of known hosts. execve("./syz-executor3762373740", ["./syz-executor3762373740"], 0x7ffe32f90490 /* 10 vars */) = 0 brk(NULL) = 0x555555b17000 brk(0x555555b17d40) = 0x555555b17d40 arch_prctl(ARCH_SET_FS, 0x555555b173c0) = 0 set_tid_address(0x555555b17690) = 292 set_robust_list(0x555555b176a0, 24) = 0 rseq(0x555555b17ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3762373740", 4096) = 28 getrandom("\x7d\xd2\x4c\x43\xc4\xe8\x31\x5a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555b17d40 brk(0x555555b38d40) = 0x555555b38d40 brk(0x555555b39000) = 0x555555b39000 mprotect(0x7efff5b34000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b17690) = 293 ./strace-static-x86_64: Process 293 attached [pid 293] set_robust_list(0x555555b176a0, 24) = 0 [pid 293] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 293] setsid() = 1 [pid 293] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 293] unshare(CLONE_NEWNS) = 0 [pid 293] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 293] unshare(CLONE_NEWCGROUP) = 0 [pid 293] unshare(CLONE_NEWUTS) = 0 [pid 293] unshare(CLONE_SYSVSEM) = 0 [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] getpid() = 1 [pid 293] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< {parent_tid=[3]}, 88) = 3 [pid 294] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 294] futex(0x7efff5b3a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 294] futex(0x7efff5b3a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 295 attached [pid 295] set_robust_list(0x7efff5a719a0, 24) = 0 [pid 295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 295] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 295] write(3, "58", 2) = 2 [ 20.206244][ T30] audit: type=1400 audit(1697506356.780:66): avc: denied { execmem } for pid=292 comm="syz-executor376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 20.209080][ T30] audit: type=1400 audit(1697506356.790:67): avc: denied { integrity } for pid=292 comm="syz-executor376" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 20.212858][ T30] audit: type=1400 audit(1697506356.790:68): avc: denied { mounton } for pid=293 comm="syz-executor376" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 20.216583][ T30] audit: type=1400 audit(1697506356.790:69): avc: denied { mount } for pid=293 comm="syz-executor376" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 20.220249][ T30] audit: type=1400 audit(1697506356.790:70): avc: denied { mounton } for pid=293 comm="syz-executor376" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 20.229108][ T30] audit: type=1400 audit(1697506356.810:71): avc: denied { mounton } for pid=293 comm="syz-executor376" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 20.252059][ T30] audit: type=1400 audit(1697506356.810:72): avc: denied { mount } for pid=293 comm="syz-executor376" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 20.253374][ T295] FAULT_INJECTION: forcing a failure. [ 20.253374][ T295] name failslab, interval 1, probability 0, space 0, times 1 [ 20.286846][ T295] CPU: 1 PID: 295 Comm: syz-executor376 Not tainted 5.15.132-syzkaller-01173-g754f8cc9b7de #0 [ 20.296826][ T295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.306723][ T295] Call Trace: [ 20.309846][ T295] [ 20.312668][ T295] dump_stack_lvl+0x151/0x1b7 [ 20.317154][ T295] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.322606][ T295] dump_stack+0x15/0x17 [ 20.326594][ T295] should_fail+0x3c6/0x510 [ 20.330846][ T295] __should_failslab+0xa4/0xe0 [ 20.335451][ T295] ? anon_vma_clone+0x9a/0x500 [ 20.340049][ T295] should_failslab+0x9/0x20 [ 20.344397][ T295] slab_pre_alloc_hook+0x37/0xd0 [ 20.349168][ T295] ? anon_vma_clone+0x9a/0x500 [ 20.353764][ T295] kmem_cache_alloc+0x44/0x200 [ 20.358359][ T295] anon_vma_clone+0x9a/0x500 [ 20.362792][ T295] anon_vma_fork+0x91/0x4e0 [ 20.367136][ T295] ? anon_vma_name+0x43/0x70 [ 20.371556][ T295] ? vm_area_dup+0x17a/0x230 [ 20.375981][ T295] copy_mm+0xa3a/0x13e0 [ 20.379976][ T295] ? copy_signal+0x610/0x610 [ 20.384397][ T295] ? __init_rwsem+0xd6/0x1c0 [ 20.388826][ T295] ? copy_signal+0x4e3/0x610 [ 20.393259][ T295] copy_process+0x12bc/0x3260 [ 20.397770][ T295] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 20.402797][ T295] ? __kasan_check_write+0x14/0x20 [ 20.407749][ T295] kernel_clone+0x21e/0x9e0 [ 20.412086][ T295] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.417118][ T295] ? create_io_thread+0x1e0/0x1e0 [ 20.421980][ T295] __x64_sys_clone+0x23f/0x290 [ 20.427015][ T295] ? __do_sys_vfork+0x130/0x130 [ 20.431699][ T295] ? __kasan_check_read+0x11/0x20 [ 20.436557][ T295] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 20.442376][ T295] do_syscall_64+0x3d/0xb0 [ 20.446637][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.452354][ T295] RIP: 0033:0x7efff5ab08b9 [ 20.456612][ T295] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 20.476149][ T295] RSP: 002b:00007efff5a71208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 20.484382][ T295] RAX: ffffffffffffffda RBX: 00007efff5b3a3c8 RCX: 00007efff5ab08b9 [ 20.492297][ T295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400 [pid 295] clone(child_stack=NULL, flags=CLONE_FILES|CLONE_PARENT|CLONE_SYSVSEM|CLONE_UNTRACED|CLONE_CHILD_SETTID|CLONE_NEWUTS|CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWNET [pid 294] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 295] <... clone resumed>, child_tidptr=NULL) = 4 [pid 295] futex(0x7efff5b3a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 295] futex(0x7efff5b3a3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 294] close(3) = 0 [pid 294] close(4) = -1 EBADF (Bad file descriptor) [pid 294] close(5) = -1 EBADF (Bad file descriptor) [pid 294] close(6) = -1 EBADF (Bad file descriptor) [pid 294] close(7) = -1 EBADF (Bad file descriptor) [pid 294] close(8) = -1 EBADF (Bad file descriptor) [pid 294] close(9) = -1 EBADF (Bad file descriptor) [pid 294] close(10) = -1 EBADF (Bad file descriptor) [pid 294] close(11) = -1 EBADF (Bad file descriptor) [pid 294] close(12) = -1 EBADF (Bad file descriptor) [pid 294] close(13) = -1 EBADF (Bad file descriptor) [pid 294] close(14) = -1 EBADF (Bad file descriptor) [pid 294] close(15) = -1 EBADF (Bad file descriptor) [pid 294] close(16) = -1 EBADF (Bad file descriptor) [pid 294] close(17) = -1 EBADF (Bad file descriptor) [pid 294] close(18) = -1 EBADF (Bad file descriptor) [pid 294] close(19) = -1 EBADF (Bad file descriptor) [pid 294] close(20) = -1 EBADF (Bad file descriptor) [pid 294] close(21) = -1 EBADF (Bad file descriptor) [pid 294] close(22) = -1 EBADF (Bad file descriptor) [pid 294] close(23) = -1 EBADF (Bad file descriptor) [pid 294] close(24) = -1 EBADF (Bad file descriptor) [pid 294] close(25) = -1 EBADF (Bad file descriptor) [pid 294] close(26) = -1 EBADF (Bad file descriptor) [pid 294] close(27) = -1 EBADF (Bad file descriptor) [pid 294] close(28) = -1 EBADF (Bad file descriptor) [pid 294] close(29) = -1 EBADF (Bad file descriptor) [pid 294] exit_group(0 [pid 295] <... futex resumed>) = ? [pid 294] <... exit_group resumed>) = ? [pid 295] +++ exited with 0 +++ [pid 294] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=0, si_stime=4} --- [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b17690) = 5 ./strace-static-x86_64: Process 297 attached [pid 297] set_robust_list(0x555555b176a0, 24) = 0 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 297] setpgid(0, 0) = 0 [pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "1000", 4) = 4 [pid 297] close(3) = 0 [pid 297] futex(0x7efff5b3a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] rt_sigaction(SIGRT_1, {sa_handler=0x7efff5ad6850, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7efff5ac7ed0}, NULL, 8) = 0 [pid 297] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 297] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efff5a51000 [pid 297] mprotect(0x7efff5a52000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 297] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 297] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7efff5a71990, parent_tid=0x7efff5a71990, exit_signal=0, stack=0x7efff5a51000, stack_size=0x20300, tls=0x7efff5a716c0}./strace-static-x86_64: Process 298 attached [pid 298] set_robust_list(0x7efff5a719a0, 24 [pid 297] <... clone3 resumed> => {parent_tid=[6]}, 88) = 6 [pid 297] rt_sigprocmask(SIG_SETMASK, [], [pid 298] <... set_robust_list resumed>) = 0 [pid 297] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] rt_sigprocmask(SIG_SETMASK, [], [pid 297] futex(0x7efff5b3a3c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 297] <... futex resumed>) = 0 [pid 297] futex(0x7efff5b3a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 298] write(3, "58", 2) = 2 [ 20.500108][ T295] RBP: 00007efff5b3a3c0 R08: 0000000000000000 R09: 0000000000003835 [ 20.507918][ T295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efff5b3a3cc [ 20.515727][ T295] R13: 00007efff5a71210 R14: 0000000000000002 R15: 00007efff5b0701d [ 20.523537][ T295] [ 20.528717][ T30] audit: type=1400 audit(1697506357.110:73): avc: denied { sys_admin } for pid=294 comm="syz-executor376" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 20.557063][ T298] FAULT_INJECTION: forcing a failure. [ 20.557063][ T298] name failslab, interval 1, probability 0, space 0, times 0 [ 20.569655][ T298] CPU: 0 PID: 298 Comm: syz-executor376 Not tainted 5.15.132-syzkaller-01173-g754f8cc9b7de #0 [ 20.579688][ T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.589580][ T298] Call Trace: [ 20.592703][ T298] [ 20.595483][ T298] dump_stack_lvl+0x151/0x1b7 [ 20.600002][ T298] ? io_uring_drop_tctx_refs+0x190/0x190 [ 20.605464][ T298] dump_stack+0x15/0x17 [ 20.609452][ T298] should_fail+0x3c6/0x510 [ 20.613709][ T298] __should_failslab+0xa4/0xe0 [ 20.618308][ T298] ? anon_vma_fork+0xf7/0x4e0 [ 20.622824][ T298] should_failslab+0x9/0x20 [ 20.627158][ T298] slab_pre_alloc_hook+0x37/0xd0 [ 20.631945][ T298] ? anon_vma_fork+0xf7/0x4e0 [ 20.636445][ T298] kmem_cache_alloc+0x44/0x200 [ 20.641046][ T298] anon_vma_fork+0xf7/0x4e0 [ 20.645385][ T298] ? anon_vma_name+0x43/0x70 [ 20.649843][ T298] ? vm_area_dup+0x17a/0x230 [ 20.654237][ T298] copy_mm+0xa3a/0x13e0 [pid 298] clone(child_stack=NULL, flags=CLONE_FILES|CLONE_PARENT|CLONE_SYSVSEM|CLONE_UNTRACED|CLONE_CHILD_SETTID|CLONE_NEWUTS|CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWNET [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 20.658242][ T298] ? copy_signal+0x610/0x610 [ 20.662656][ T298] ? __init_rwsem+0xd6/0x1c0 [ 20.667084][ T298] ? copy_signal+0x4e3/0x610 [ 20.671511][ T298] copy_process+0x12bc/0x3260 [ 20.676029][ T298] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 20.680973][ T298] ? __kasan_check_write+0x14/0x20 [ 20.685918][ T298] kernel_clone+0x21e/0x9e0 [ 20.690291][ T298] ? _raw_spin_unlock_irq+0x4e/0x70 [ 20.695293][ T298] ? create_io_thread+0x1e0/0x1e0 [ 20.700158][ T298] __x64_sys_clone+0x23f/0x290 [ 20.704754][ T298] ? __do_sys_vfork+0x130/0x130 [ 20.709440][ T298] ? __kasan_check_read+0x11/0x20 [ 20.714301][ T298] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 20.720115][ T298] do_syscall_64+0x3d/0xb0 [ 20.724372][ T298] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 20.730189][ T298] RIP: 0033:0x7efff5ab08b9 [ 20.734552][ T298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [pid 297] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 20.753981][ T298] RSP: 002b:00007efff5a71208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 20.762420][ T298] RAX: ffffffffffffffda RBX: 00007efff5b3a3c8 RCX: 00007efff5ab08b9 [ 20.770227][ T298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400 [ 20.778037][ T298] RBP: 00007efff5b3a3c0 R08: 0000000000000000 R09: 0000000000003835 [ 20.785848][ T298] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efff5b3a3cc [ 20.793662][ T298] R13: 00007efff5a71210 R14: 0000000000000002 R15: 00007efff5b0701d [ 20.801476][ T298] [ 20.805212][ T298] ------------[ cut here ]------------ [ 20.810849][ T298] refcount_t: underflow; use-after-free. [ 20.816469][ T298] WARNING: CPU: 1 PID: 298 at lib/refcount.c:28 refcount_warn_saturate+0x158/0x1a0 [ 20.825768][ T298] Modules linked in: [ 20.829641][ T298] CPU: 1 PID: 298 Comm: syz-executor376 Not tainted 5.15.132-syzkaller-01173-g754f8cc9b7de #0 [ 20.839875][ T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 20.850020][ T298] RIP: 0010:refcount_warn_saturate+0x158/0x1a0 [ 20.856088][ T298] Code: 04 01 48 c7 c7 e0 b0 82 85 e8 74 8f dd fe 0f 0b eb 8b e8 eb 11 0c ff c6 05 2f 68 9f 04 01 48 c7 c7 40 b1 82 85 e8 58 8f dd fe <0f> 0b e9 6c ff ff ff e8 cc 11 0c ff c6 05 11 68 9f 04 01 48 c7 c7 [ 20.875786][ T298] RSP: 0018:ffffc900009a7968 EFLAGS: 00010246 [ 20.881928][ T298] RAX: 5e30149376779e00 RBX: 0000000000000003 RCX: ffff88811e26bb40 [ 20.889813][ T298] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 20.897643][ T298] RBP: ffffc900009a7978 R08: ffffffff81573de5 R09: ffffed103ee24e93 [ 20.905530][ T298] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11023c012f2 [ 20.913465][ T298] R13: ffff88811e009790 R14: 0000000000000003 R15: ffff88811e0fe749 [ 20.921436][ T298] FS: 00007efff5a716c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 20.930346][ T298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.936830][ T298] CR2: 00007efff5aae7c3 CR3: 000000011d56d000 CR4: 00000000003506a0 [ 20.944838][ T298] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.952665][ T298] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.960466][ T298] Call Trace: [ 20.963548][ T298] [ 20.966324][ T298] ? show_regs+0x58/0x60 [ 20.970540][ T298] ? __warn+0x160/0x2f0 [ 20.974527][ T298] ? refcount_warn_saturate+0x158/0x1a0 [ 20.980036][ T298] ? report_bug+0x3d9/0x5b0 [ 20.984365][ T298] ? refcount_warn_saturate+0x158/0x1a0 [ 20.989784][ T298] ? handle_bug+0x41/0x70 [ 20.993899][ T298] ? exc_invalid_op+0x1b/0x50 [ 20.998436][ T298] ? asm_exc_invalid_op+0x1b/0x20 [ 21.003272][ T298] ? __wake_up_klogd+0xd5/0x110 [ 21.008009][ T298] ? refcount_warn_saturate+0x158/0x1a0 [ 21.013341][ T298] ? refcount_warn_saturate+0x158/0x1a0 [ 21.018760][ T298] vm_area_free_no_check+0x123/0x130 [ 21.023855][ T298] copy_mm+0xefb/0x13e0 [ 21.027845][ T298] ? copy_signal+0x610/0x610 [ 21.032296][ T298] ? __init_rwsem+0xd6/0x1c0 [ 21.036705][ T298] ? copy_signal+0x4e3/0x610 [ 21.041163][ T298] copy_process+0x12bc/0x3260 [ 21.045633][ T298] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.050600][ T298] ? __kasan_check_write+0x14/0x20 [ 21.055528][ T298] kernel_clone+0x21e/0x9e0 [ 21.060014][ T298] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.065022][ T298] ? create_io_thread+0x1e0/0x1e0 [ 21.069926][ T298] __x64_sys_clone+0x23f/0x290 [ 21.074514][ T298] ? __do_sys_vfork+0x130/0x130 [ 21.079217][ T298] ? __kasan_check_read+0x11/0x20 [ 21.084041][ T298] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.089871][ T298] do_syscall_64+0x3d/0xb0 [ 21.094099][ T298] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.099873][ T298] RIP: 0033:0x7efff5ab08b9 [ 21.104079][ T298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 21.123634][ T298] RSP: 002b:00007efff5a71208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 21.131795][ T298] RAX: ffffffffffffffda RBX: 00007efff5b3a3c8 RCX: 00007efff5ab08b9 [ 21.139604][ T298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400 [ 21.147407][ T298] RBP: 00007efff5b3a3c0 R08: 0000000000000000 R09: 0000000000003835 [pid 298] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 298] futex(0x7efff5b3a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 298] futex(0x7efff5b3a3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] close(3) = 0 [pid 297] close(4) = -1 EBADF (Bad file descriptor) [pid 297] close(5) = -1 EBADF (Bad file descriptor) [pid 297] close(6) = -1 EBADF (Bad file descriptor) [pid 297] close(7) = -1 EBADF (Bad file descriptor) [pid 297] close(8) = -1 EBADF (Bad file descriptor) [pid 297] close(9) = -1 EBADF (Bad file descriptor) [pid 297] close(10) = -1 EBADF (Bad file descriptor) [pid 297] close(11) = -1 EBADF (Bad file descriptor) [pid 297] close(12) = -1 EBADF (Bad file descriptor) [pid 297] close(13) = -1 EBADF (Bad file descriptor) [pid 297] close(14) = -1 EBADF (Bad file descriptor) [pid 297] close(15) = -1 EBADF (Bad file descriptor) [pid 297] close(16) = -1 EBADF (Bad file descriptor) [pid 297] close(17) = -1 EBADF (Bad file descriptor) [pid 297] close(18) = -1 EBADF (Bad file descriptor) [pid 297] close(19) = -1 EBADF (Bad file descriptor) [pid 297] close(20) = -1 EBADF (Bad file descriptor) [pid 297] close(21) = -1 EBADF (Bad file descriptor) [pid 297] close(22) = -1 EBADF (Bad file descriptor) [pid 297] close(23) = -1 EBADF (Bad file descriptor) [pid 297] close(24) = -1 EBADF (Bad file descriptor) [pid 297] close(25) = -1 EBADF (Bad file descriptor) [pid 297] close(26) = -1 EBADF (Bad file descriptor) [pid 297] close(27) = -1 EBADF (Bad file descriptor) [pid 297] close(28) = -1 EBADF (Bad file descriptor) [pid 297] close(29) = -1 EBADF (Bad file descriptor) [pid 297] exit_group(0 [pid 298] <... futex resumed>) = ? [pid 297] <... exit_group resumed>) = ? [pid 298] +++ exited with 0 +++ [pid 297] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5, si_uid=0, si_status=0, si_utime=0, si_stime=37} --- [pid 293] restart_syscall(<... resuming interrupted restart_syscall ...>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b17690) = 7 ./strace-static-x86_64: Process 300 attached [pid 300] set_robust_list(0x555555b176a0, 24) = 0 [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 300] setpgid(0, 0) = 0 [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 300] write(3, "1000", 4) = 4 [pid 300] close(3) = 0 [pid 300] futex(0x7efff5b3a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 300] rt_sigaction(SIGRT_1, {sa_handler=0x7efff5ad6850, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7efff5ac7ed0}, NULL, 8) = 0 [pid 300] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 300] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7efff5a51000 [pid 300] mprotect(0x7efff5a52000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 300] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 300] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7efff5a71990, parent_tid=0x7efff5a71990, exit_signal=0, stack=0x7efff5a51000, stack_size=0x20300, tls=0x7efff5a716c0} => {parent_tid=[8]}, 88) = 8 [pid 300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 300] futex(0x7efff5b3a3c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 300] futex(0x7efff5b3a3cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 301 attached [pid 301] set_robust_list(0x7efff5a719a0, 24) = 0 [pid 301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 301] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 3 [pid 301] write(3, "58", 2) = 2 [ 21.155329][ T298] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efff5b3a3cc [ 21.163129][ T298] R13: 00007efff5a71210 R14: 0000000000000002 R15: 00007efff5b0701d [ 21.170960][ T298] [ 21.173774][ T298] ---[ end trace 37f9df79c6e333bc ]--- [ 21.188995][ T301] FAULT_INJECTION: forcing a failure. [ 21.188995][ T301] name failslab, interval 1, probability 0, space 0, times 0 [ 21.201566][ T301] CPU: 1 PID: 301 Comm: syz-executor376 Tainted: G W 5.15.132-syzkaller-01173-g754f8cc9b7de #0 [ 21.212989][ T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 21.222883][ T301] Call Trace: [ 21.226008][ T301] [ 21.228784][ T301] dump_stack_lvl+0x151/0x1b7 [ 21.233296][ T301] ? io_uring_drop_tctx_refs+0x190/0x190 [ 21.238766][ T301] dump_stack+0x15/0x17 [ 21.242757][ T301] should_fail+0x3c6/0x510 [ 21.247008][ T301] __should_failslab+0xa4/0xe0 [ 21.251609][ T301] ? anon_vma_fork+0x1df/0x4e0 [ 21.256220][ T301] should_failslab+0x9/0x20 [ 21.260551][ T301] slab_pre_alloc_hook+0x37/0xd0 [ 21.265322][ T301] ? anon_vma_fork+0x1df/0x4e0 [ 21.269921][ T301] kmem_cache_alloc+0x44/0x200 [ 21.274523][ T301] anon_vma_fork+0x1df/0x4e0 [ 21.279036][ T301] copy_mm+0xa3a/0x13e0 [ 21.283027][ T301] ? copy_signal+0x610/0x610 [ 21.287454][ T301] ? __init_rwsem+0xd6/0x1c0 [ 21.291880][ T301] ? copy_signal+0x4e3/0x610 [ 21.296309][ T301] copy_process+0x12bc/0x3260 [ 21.300840][ T301] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.305777][ T301] ? __kasan_check_write+0x14/0x20 [ 21.310715][ T301] kernel_clone+0x21e/0x9e0 [ 21.315140][ T301] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.320176][ T301] ? create_io_thread+0x1e0/0x1e0 [ 21.325045][ T301] __x64_sys_clone+0x23f/0x290 [ 21.329641][ T301] ? __do_sys_vfork+0x130/0x130 [ 21.334323][ T301] ? __kasan_check_read+0x11/0x20 [ 21.339182][ T301] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.344997][ T301] do_syscall_64+0x3d/0xb0 [ 21.349251][ T301] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.354979][ T301] RIP: 0033:0x7efff5ab08b9 [ 21.359233][ T301] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 21.378674][ T301] RSP: 002b:00007efff5a71208 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 21.386921][ T301] RAX: ffffffffffffffda RBX: 00007efff5b3a3c8 RCX: 00007efff5ab08b9 [ 21.394730][ T301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400 [ 21.402543][ T301] RBP: 00007efff5b3a3c0 R08: 0000000000000000 R09: 0000000000003835 [pid 301] clone(child_stack=NULL, flags=CLONE_FILES|CLONE_PARENT|CLONE_SYSVSEM|CLONE_UNTRACED|CLONE_CHILD_SETTID|CLONE_NEWUTS|CLONE_NEWUSER|CLONE_NEWPID|CLONE_NEWNET [pid 300] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 301] <... clone resumed>, child_tidptr=NULL) = -1 ENOMEM (Cannot allocate memory) [pid 301] futex(0x7efff5b3a3cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7efff5b3a3c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 300] close(3) = 0 [pid 300] close(4) = -1 EBADF (Bad file descriptor) [pid 300] close(5) = -1 EBADF (Bad file descriptor) [pid 300] close(6) = -1 EBADF (Bad file descriptor) [pid 300] close(7) = -1 EBADF (Bad file descriptor) [pid 300] close(8) = -1 EBADF (Bad file descriptor) [pid 300] close(9) = -1 EBADF (Bad file descriptor) [pid 300] close(10) = -1 EBADF (Bad file descriptor) [pid 300] close(11) = -1 EBADF (Bad file descriptor) [pid 300] close(12) = -1 EBADF (Bad file descriptor) [pid 300] close(13) = -1 EBADF (Bad file descriptor) [pid 300] close(14) = -1 EBADF (Bad file descriptor) [pid 300] close(15) = -1 EBADF (Bad file descriptor) [pid 300] close(16) = -1 EBADF (Bad file descriptor) [pid 300] close(17) = -1 EBADF (Bad file descriptor) [pid 300] close(18) = -1 EBADF (Bad file descriptor) [pid 300] close(19) = -1 EBADF (Bad file descriptor) [pid 300] close(20) = -1 EBADF (Bad file descriptor) [pid 300] close(21) = -1 EBADF (Bad file descriptor) [pid 300] close(22) = -1 EBADF (Bad file descriptor) [pid 300] close(23) = -1 EBADF (Bad file descriptor) [pid 300] close(24) = -1 EBADF (Bad file descriptor) [pid 300] close(25) = -1 EBADF (Bad file descriptor) [pid 300] close(26) = -1 EBADF (Bad file descriptor) [pid 300] close(27) = -1 EBADF (Bad file descriptor) [pid 300] close(28) = -1 EBADF (Bad file descriptor) [pid 300] close(29) = -1 EBADF (Bad file descriptor) [pid 300] exit_group(0) = ? [pid 301] <... futex resumed>) = ? [pid 301] +++ exited with 0 +++ [pid 300] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 21.410357][ T301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efff5b3a3cc [ 21.418164][ T301] R13: 00007efff5a71210 R14: 0000000000000002 R15: 00007efff5b0701d [ 21.425977][ T301] [ 21.435135][ T293] BUG: unable to handle page fault for address: ffffed180000000d [ 21.442663][ T293] #PF: supervisor read access in kernel mode [ 21.448471][ T293] #PF: error_code(0x0000) - not-present page [ 21.454295][ T293] PGD 23fff2067 P4D 23fff2067 PUD 0 [ 21.459408][ T293] Oops: 0000 [#1] PREEMPT SMP KASAN [ 21.464443][ T293] CPU: 0 PID: 293 Comm: syz-executor376 Tainted: G W 5.15.132-syzkaller-01173-g754f8cc9b7de #0 [ 21.475900][ T293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 21.485796][ T293] RIP: 0010:__rb_insert_augmented+0x36b/0x610 [ 21.491697][ T293] Code: 49 89 5d 00 48 83 e3 fc 43 80 3c 26 00 74 08 4c 89 ff e8 08 ae 2b ff 4d 89 2f 48 85 db 74 2a 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 46 ad 2b ff 48 8d 43 08 4c 39 7b [ 21.511140][ T293] RSP: 0018:ffffc9000078f8f8 EFLAGS: 00010a02 [ 21.517038][ T293] RAX: 1ffff1180000000d RBX: ffff88c000000058 RCX: ffff88811e2462c0 [ 21.524850][ T293] RDX: 0000000000000000 RSI: ffff88811e011058 RDI: ffff88811e31c8b0 [ 21.532661][ T293] RBP: ffffc9000078f960 R08: dffffc0000000000 R09: ffff88811e011060 [ 21.540474][ T293] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 21.548285][ T293] R13: ffff88811e011058 R14: ffff88c000000068 R15: ffff88811e0fe748 [ 21.556095][ T293] FS: 0000555555b173c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 21.564860][ T293] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.571286][ T293] CR2: ffffed180000000d CR3: 000000011e318000 CR4: 00000000003506b0 [ 21.579097][ T293] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.586906][ T293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.594719][ T293] Call Trace: [ 21.597846][ T293] [ 21.600620][ T293] ? __die_body+0x62/0xb0 [ 21.604786][ T293] ? __die+0x7e/0x90 [ 21.608520][ T293] ? page_fault_oops+0x7f9/0xa90 [ 21.613290][ T293] ? __rb_insert_augmented+0x36b/0x610 [ 21.618586][ T293] ? kernelmode_fixup_or_oops+0x270/0x270 [ 21.624140][ T293] ? is_prefetch+0x47a/0x6d0 [ 21.628569][ T293] ? search_bpf_extables+0x26d/0x2c0 [ 21.633686][ T293] ? __rb_insert_augmented+0x36b/0x610 [ 21.638981][ T293] ? __rb_insert_augmented+0x36b/0x610 [ 21.644276][ T293] ? __rb_insert_augmented+0x36b/0x610 [ 21.649570][ T293] ? fixup_exception+0xbb/0x13c0 [ 21.654344][ T293] ? stack_trace_save+0x113/0x1c0 [ 21.659205][ T293] ? kernelmode_fixup_or_oops+0x21b/0x270 [ 21.664763][ T293] ? __bad_area_nosemaphore+0xcf/0x490 [ 21.670056][ T293] ? __kasan_slab_alloc+0xc3/0xe0 [ 21.674913][ T293] ? bad_area_nosemaphore+0x2d/0x40 [ 21.679948][ T293] ? do_kern_addr_fault+0x69/0x80 [ 21.684807][ T293] ? exc_page_fault+0x4eb/0x830 [ 21.689500][ T293] ? asm_exc_page_fault+0x27/0x30 [ 21.694357][ T293] ? __rb_insert_augmented+0x36b/0x610 [ 21.699650][ T293] ? __rb_insert_augmented+0x28f/0x610 [ 21.704944][ T293] ? anon_vma_interval_tree_iter_next+0x390/0x390 [ 21.711194][ T293] vma_interval_tree_insert_after+0x2be/0x2d0 [ 21.717096][ T293] copy_mm+0xba2/0x13e0 [ 21.721090][ T293] ? copy_signal+0x610/0x610 [ 21.725515][ T293] ? __init_rwsem+0xd6/0x1c0 [ 21.729940][ T293] ? copy_signal+0x4e3/0x610 [ 21.734369][ T293] copy_process+0x12bc/0x3260 [ 21.738883][ T293] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 21.743829][ T293] ? __kasan_check_write+0x14/0x20 [ 21.748776][ T293] kernel_clone+0x21e/0x9e0 [ 21.753115][ T293] ? _raw_spin_unlock_irq+0x4e/0x70 [ 21.758148][ T293] ? create_io_thread+0x1e0/0x1e0 [ 21.763010][ T293] __x64_sys_clone+0x23f/0x290 [ 21.767612][ T293] ? __do_sys_vfork+0x130/0x130 [ 21.772324][ T293] ? __kasan_check_read+0x11/0x20 [ 21.777157][ T293] ? syscall_enter_from_user_mode+0x70/0x1b0 [ 21.782971][ T293] do_syscall_64+0x3d/0xb0 [ 21.787223][ T293] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.792952][ T293] RIP: 0033:0x7efff5aae7c3 [ 21.797206][ T293] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 21.816648][ T293] RSP: 002b:00007fff16515d38 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 21.824903][ T293] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efff5aae7c3 [ 21.832702][ T293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 21.840513][ T293] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fff165e70b0 [ 21.848326][ T293] R10: 0000555555b17690 R11: 0000000000000246 R12: 0000000000000001 [ 21.856137][ T293] R13: 00000000000052b0 R14: 00007fff16515e5c R15: 00007fff16515ea0 [ 21.863951][ T293] [ 21.866811][ T293] Modules linked in: [ 21.870546][ T293] CR2: ffffed180000000d [ 21.874544][ T293] ---[ end trace 37f9df79c6e333bd ]--- [ 21.879831][ T293] RIP: 0010:__rb_insert_augmented+0x36b/0x610 [ 21.885748][ T293] Code: 49 89 5d 00 48 83 e3 fc 43 80 3c 26 00 74 08 4c 89 ff e8 08 ae 2b ff 4d 89 2f 48 85 db 74 2a 4c 8d 73 10 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 46 ad 2b ff 48 8d 43 08 4c 39 7b [ 21.905270][ T293] RSP: 0018:ffffc9000078f8f8 EFLAGS: 00010a02 [ 21.911173][ T293] RAX: 1ffff1180000000d RBX: ffff88c000000058 RCX: ffff88811e2462c0 [ 21.918984][ T293] RDX: 0000000000000000 RSI: ffff88811e011058 RDI: ffff88811e31c8b0 [ 21.927495][ T293] RBP: ffffc9000078f960 R08: dffffc0000000000 R09: ffff88811e011060 [ 21.935300][ T293] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 21.943114][ T293] R13: ffff88811e011058 R14: ffff88c000000068 R15: ffff88811e0fe748 [ 21.950921][ T293] FS: 0000555555b173c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 21.959690][ T293] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.966113][ T293] CR2: ffffed180000000d CR3: 000000011e318000 CR4: 00000000003506b0 [ 21.973926][ T293] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.981733][ T293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.989548][ T293] Kernel panic - not syncing: Fatal exception [ 21.995716][ T293] Kernel Offset: disabled [ 21.999838][ T293] Rebooting in 86400 seconds..