./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2594630686 <...> forked to background, child pid 3185[ 24.682631][ T3186] 8021q: adding VLAN 0 to HW filter on device bond0 no interfaces have a carrier [ 24.694906][ T3186] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.71' (ECDSA) to the list of known hosts. execve("./syz-executor2594630686", ["./syz-executor2594630686"], 0x7ffd8247d160 /* 10 vars */) = 0 brk(NULL) = 0x555555908000 brk(0x555555908d00) = 0x555555908d00 arch_prctl(ARCH_SET_FS, 0x5555559083c0) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2594630686", 4096) = 28 brk(0x555555929d00) = 0x555555929d00 brk(0x55555592a000) = 0x55555592a000 mprotect(0x7f63014d8000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f630142f1c0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f630142f230}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f630142f1c0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f630142f230}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/autofs", O_RDONLY) = 3 openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 4 mmap(0x20000000, 8192, PROT_READ|PROT_SEM, MAP_PRIVATE|MAP_FIXED, 4, 0x42000) = 0x20000000 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000000} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000004} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000008} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000000c} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000010} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000018} --- syzkaller login: [ 41.192309][ T3606] ------------[ cut here ]------------ [ 41.198466][ T3606] kernel BUG at mm/memory.c:2218! [ 41.203500][ T3606] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 41.209555][ T3606] CPU: 0 PID: 3606 Comm: syz-executor259 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0 [ 41.219620][ T3606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 41.229682][ T3606] RIP: 0010:vmf_insert_pfn_prot+0x40b/0x420 [ 41.235650][ T3606] Code: 92 c6 31 ff e8 c6 fe c1 ff 84 db 74 2b e8 dd fb c1 ff e9 87 fd ff ff e8 d3 fb c1 ff 0f 0b e8 cc fb c1 ff 0f 0b e8 c5 fb c1 ff <0f> 0b e8 de 49 63 08 e8 b9 fb c1 ff 0f 0b e8 b2 fb c1 ff 0f 0b 55 [ 41.255256][ T3606] RSP: 0018:ffffc90003d5f840 EFLAGS: 00010293 [ 41.261314][ T3606] RAX: ffffffff81c4d10b RBX: 0000000000000420 RCX: ffff88802649d880 [ 41.269275][ T3606] RDX: 0000000000000000 RSI: 0000000000000420 RDI: 0000000000000420 [ 41.277234][ T3606] RBP: ffffc90003d5f900 R08: ffffffff81c4cdff R09: ffffffff81c4cdd3 [ 41.285197][ T3606] R10: 0000000000000002 R11: ffff88802649d880 R12: 000000000c040471 [ 41.293175][ T3606] R13: ffff888020314318 R14: ffffc90003d5f880 R15: 000000000001e18c [ 41.301142][ T3606] FS: 00005555559083c0(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 41.310063][ T3606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.316633][ T3606] CR2: 0000000020000000 CR3: 000000006fced000 CR4: 00000000003506f0 [ 41.324595][ T3606] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.332552][ T3606] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.340511][ T3606] Call Trace: [ 41.343775][ T3606] [ 41.346694][ T3606] ? vm_map_pages_zero+0x140/0x140 [ 41.351979][ T3606] drm_gem_shmem_fault+0x1db/0x240 [ 41.357088][ T3606] __do_fault+0x139/0x4f0 [ 41.361407][ T3606] handle_mm_fault+0x2804/0x3590 [ 41.366345][ T3606] ? numa_migrate_prep+0x250/0x250 [ 41.371446][ T3606] ? mark_lock+0x9a/0x350 [ 41.375770][ T3606] ? vmacache_find+0x23c/0x590 [ 41.380526][ T3606] do_user_addr_fault+0x69b/0xcb0 [ 41.385549][ T3606] exc_page_fault+0x7a/0x110 [ 41.390144][ T3606] ? __might_fault+0xb6/0x110 [ 41.394807][ T3606] asm_exc_page_fault+0x22/0x30 [ 41.399649][ T3606] RIP: 0010:copy_user_short_string+0xa/0x40 [ 41.405529][ T3606] Code: 83 f8 12 74 0a 89 d1 f3 a4 89 c8 0f 01 ca c3 89 d0 0f 01 ca c3 01 ca eb e7 0f 1f 80 00 00 00 00 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 41.425123][ T3606] RSP: 0018:ffffc90003d5fdb0 EFLAGS: 00050206 [ 41.431177][ T3606] RAX: ffffffff84312501 RBX: 00007fffffffefe8 RCX: 0000000000000003 [ 41.439137][ T3606] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffc90003d5fe60 [ 41.447095][ T3606] RBP: ffffc90003d5fee8 R08: dffffc0000000000 R09: fffff520007abfcf [ 41.455053][ T3606] R10: fffff520007abfcf R11: 1ffff920007abfcc R12: 0000000000000018 [ 41.463014][ T3606] R13: ffffc90003d5fe60 R14: ffffc90003d5fe60 R15: 0000000020000000 [ 41.470996][ T3606] ? _copy_from_user+0x51/0x160 [ 41.475876][ T3606] _copy_from_user+0xf0/0x160 [ 41.480558][ T3606] autofs_dev_ioctl+0x132/0xb20 [ 41.485419][ T3606] ? autofs_dev_ioctl_exit+0x20/0x20 [ 41.490718][ T3606] ? bpf_lsm_file_ioctl+0x5/0x10 [ 41.495665][ T3606] ? security_file_ioctl+0x9d/0xb0 [ 41.500805][ T3606] ? autofs_dev_ioctl_exit+0x20/0x20 [ 41.506091][ T3606] __se_sys_ioctl+0xfb/0x170 [ 41.510689][ T3606] do_syscall_64+0x3d/0xb0 [ 41.515101][ T3606] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 41.520993][ T3606] RIP: 0033:0x7f630146c2f9 [ 41.525401][ T3606] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 41.545189][ T3606] RSP: 002b:00007fff3af30278 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 41.553605][ T3606] RAX: ffffffffffffffda RBX: 00007fff3af30288 RCX: 00007f630146c2f9 [ 41.561565][ T3606] RDX: 0000000020000000 RSI: 00000000c0189378 RDI: 0000000000000003 [ 41.569522][ T3606] RBP: 00007fff3af30280 R08: 00007fff3af30280 R09: 00007f630142f1c0 [ 41.577478][ T3606] R10: 00007fff3af30280 R11: 0000000000000246 R12: 0000000000000000 [ 41.585440][ T3606] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 41.593403][ T3606] [ 41.596409][ T3606] Modules linked in: [ 41.600621][ T3606] ---[ end trace 0000000000000000 ]--- [ 41.606325][ T3606] RIP: 0010:vmf_insert_pfn_prot+0x40b/0x420 [ 41.612228][ T3606] Code: 92 c6 31 ff e8 c6 fe c1 ff 84 db 74 2b e8 dd fb c1 ff e9 87 fd ff ff e8 d3 fb c1 ff 0f 0b e8 cc fb c1 ff 0f 0b e8 c5 fb c1 ff <0f> 0b e8 de 49 63 08 e8 b9 fb c1 ff 0f 0b e8 b2 fb c1 ff 0f 0b 55 [ 41.631955][ T3606] RSP: 0018:ffffc90003d5f840 EFLAGS: 00010293 [ 41.638037][ T3606] RAX: ffffffff81c4d10b RBX: 0000000000000420 RCX: ffff88802649d880 [ 41.646019][ T3606] RDX: 0000000000000000 RSI: 0000000000000420 RDI: 0000000000000420 [ 41.653981][ T3606] RBP: ffffc90003d5f900 R08: ffffffff81c4cdff R09: ffffffff81c4cdd3 [ 41.662121][ T3606] R10: 0000000000000002 R11: ffff88802649d880 R12: 000000000c040471 [ 41.670189][ T3606] R13: ffff888020314318 R14: ffffc90003d5f880 R15: 000000000001e18c [ 41.678224][ T3606] FS: 00005555559083c0(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 41.687171][ T3606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.693748][ T3606] CR2: 00007fff3af2f270 CR3: 000000006fced000 CR4: 00000000003506e0 [ 41.701730][ T3606] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.709855][ T3606] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.717846][ T3606] Kernel panic - not syncing: Fatal exception [ 41.724080][ T3606] Kernel Offset: disabled [ 41.728395][ T3606] Rebooting in 86400 seconds..