./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2619136650
<...>
Warning: Permanently added '10.128.0.125' (ECDSA) to the list of known hosts.
execve("./syz-executor2619136650", ["./syz-executor2619136650"], 0x7ffeab4c6550 /* 10 vars */) = 0
brk(NULL) = 0x555556ade000
brk(0x555556adec40) = 0x555556adec40
arch_prctl(ARCH_SET_FS, 0x555556ade300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2619136650", 4096) = 28
brk(0x555556affc40) = 0x555556affc40
brk(0x555556b00000) = 0x555556b00000
mprotect(0x7f82b3a03000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0) = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f82ab545000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
munmap(0x7f82ab545000, 16777216) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_SET_FD, 3) = 0
close(3) = 0
mkdir("./file0", 0777) = 0
[ 55.575228][ T5063] loop0: detected capacity change from 0 to 32768
[ 55.587044][ T5063] BTRFS: device fsid 5ac8a51e-da3a-4998-8e66-e1df06b87bc8 devid 1 transid 8 /dev/loop0 scanned by syz-executor261 (5063)
[ 55.604361][ T5063] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 55.613833][ T5063] BTRFS info (device loop0): using free space tree
mount("/dev/loop0", "./file0", "btrfs", 0, "noflushoncommit,rescan_uuid_tree,noacl,noautodefrag,datacow,") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
ioctl(4, LOOP_CLR_FD) = 0
close(4) = 0
ioctl(3, BTRFS_IOC_SUBVOL_SETFLAGS, BTRFS_SUBVOL_RDONLY) = 0
openat(-1, "/proc/self/exe", O_RDONLY) = 4
socketpair(AF_UNIX, SOCK_DGRAM, 0, [5, 6]) = 0
[ 55.633465][ T5063] BTRFS info (device loop0): enabling ssd optimizations
[ 55.640518][ T5063] BTRFS info (device loop0): auto enabling async discard
[ 55.649454][ T5063] BTRFS info (device loop0): checking UUID tree
[ 55.681774][ T5063] ------------[ cut here ]------------
[ 55.687308][ T5063] WARNING: CPU: 0 PID: 5063 at mm/util.c:596 kvmalloc_node+0x194/0x1a0
[ 55.695967][ T5063] Modules linked in:
[ 55.700173][ T5063] CPU: 0 PID: 5063 Comm: syz-executor261 Not tainted 6.1.0-syzkaller-13139-gf9ff5644bcc0 #0
[ 55.710476][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 55.720742][ T5063] RIP: 0010:kvmalloc_node+0x194/0x1a0
[ 55.726152][ T5063] Code: 72 dd 1a 00 eb aa e8 5b da cc ff 41 81 e5 00 20 00 00 31 ff 44 89 ee e8 fa d6 cc ff 45 85 ed 0f 85 1b ff ff ff e8 3c da cc ff <0f> 0b e9 e3 fe ff ff 0f 1f 44 00 00 f3 0f 1e fa 55 48 89 fd 53 e8
[ 55.746233][ T5063] RSP: 0018:ffffc90003bef898 EFLAGS: 00010293
[ 55.752652][ T5063] RAX: 0000000000000000 RBX: 0000000000000400 RCX: 0000000000000000
[ 55.760851][ T5063] RDX: ffff888018e70000 RSI: ffffffff81b476c4 RDI: 0000000000000005
[ 55.769050][ T5063] RBP: 000fdacfcf680108 R08: 0000000000000005 R09: 0000000000000000
[ 55.777051][ T5063] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 55.785295][ T5063] R13: 0000000000000000 R14: 00000000ffffffff R15: ffff88802aad4998
[ 55.793482][ T5063] FS: 0000555556ade300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[ 55.802729][ T5063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.809378][ T5063] CR2: 000055b253c7d9f0 CR3: 00000000209ee000 CR4: 0000000000350ef0
[ 55.817341][ T5063] Call Trace:
[ 55.820663][ T5063]
[ 55.823610][ T5063] btrfs_ioctl_send+0xb35/0x65c0
[ 55.828626][ T5063] ? changed_cb+0x3610/0x3610
[ 55.833331][ T5063] ? __might_fault+0xd9/0x180
[ 55.838050][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 55.842942][ T5063] ? _copy_from_user+0xfd/0x170
[ 55.848274][ T5063] _btrfs_ioctl_send+0x231/0x2e0
[ 55.853321][ T5063] ? exclop_start_or_cancel_reloc+0x230/0x230
[ 55.859449][ T5063] ? tomoyo_path_number_perm+0x242/0x570
[ 55.865104][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 55.870004][ T5063] ? __kmem_cache_free+0xaf/0x3b0
[ 55.875051][ T5063] btrfs_ioctl+0x4026/0x5830
[ 55.879781][ T5063] ? tomoyo_path_number_perm+0x166/0x570
[ 55.885448][ T5063] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 55.891334][ T5063] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 55.898046][ T5063] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 55.903944][ T5063] ? do_vfs_ioctl+0x132/0x15b0
[ 55.908752][ T5063] ? vfs_fileattr_set+0xbe0/0xbe0
[ 55.913792][ T5063] ? find_held_lock+0x2d/0x110
[ 55.918694][ T5063] ? name_to_dev_t+0x12/0x990
[ 55.923393][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 55.928290][ T5063] ? bpf_lsm_file_ioctl+0x9/0x10
[ 55.933253][ T5063] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 55.939743][ T5063] __x64_sys_ioctl+0x197/0x210
[ 55.944523][ T5063] do_syscall_64+0x39/0xb0
[ 55.948978][ T5063] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 55.954894][ T5063] RIP: 0033:0x7f82b3991b49
[ 55.959541][ T5063] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 55.979209][ T5063] RSP: 002b:00007ffca2642708 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 55.987816][ T5063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82b3991b49
[ 55.995806][ T5063] RDX: 0000000020000040 RSI: 0000000040489426 RDI: 0000000000000003
[ 56.003863][ T5063] RBP: 00007f82b3951410 R08: 0000000000000000 R09: 0000000000000000
[ 56.011979][ T5063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82b39514a0
[ 56.020010][ T5063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 56.028030][ T5063]
[ 56.031035][ T5063] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 56.038292][ T5063] CPU: 0 PID: 5063 Comm: syz-executor261 Not tainted 6.1.0-syzkaller-13139-gf9ff5644bcc0 #0
[ 56.048338][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 56.058394][ T5063] Call Trace:
[ 56.061677][ T5063]
[ 56.064679][ T5063] dump_stack_lvl+0xd1/0x138
[ 56.069262][ T5063] panic+0x2cc/0x626
[ 56.073140][ T5063] ? panic_print_sys_info.part.0+0x110/0x110
[ 56.079111][ T5063] ? kvmalloc_node+0x194/0x1a0
[ 56.083860][ T5063] check_panic_on_warn.cold+0x19/0x35
[ 56.089220][ T5063] __warn+0xf2/0x1a0
[ 56.093108][ T5063] ? kvmalloc_node+0x194/0x1a0
[ 56.097864][ T5063] report_bug+0x1c0/0x210
[ 56.102189][ T5063] handle_bug+0x3c/0x70
[ 56.106333][ T5063] exc_invalid_op+0x18/0x50
[ 56.110831][ T5063] asm_exc_invalid_op+0x1a/0x20
[ 56.115673][ T5063] RIP: 0010:kvmalloc_node+0x194/0x1a0
[ 56.121038][ T5063] Code: 72 dd 1a 00 eb aa e8 5b da cc ff 41 81 e5 00 20 00 00 31 ff 44 89 ee e8 fa d6 cc ff 45 85 ed 0f 85 1b ff ff ff e8 3c da cc ff <0f> 0b e9 e3 fe ff ff 0f 1f 44 00 00 f3 0f 1e fa 55 48 89 fd 53 e8
[ 56.140902][ T5063] RSP: 0018:ffffc90003bef898 EFLAGS: 00010293
[ 56.146963][ T5063] RAX: 0000000000000000 RBX: 0000000000000400 RCX: 0000000000000000
[ 56.154926][ T5063] RDX: ffff888018e70000 RSI: ffffffff81b476c4 RDI: 0000000000000005
[ 56.162911][ T5063] RBP: 000fdacfcf680108 R08: 0000000000000005 R09: 0000000000000000
[ 56.170882][ T5063] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 56.178848][ T5063] R13: 0000000000000000 R14: 00000000ffffffff R15: ffff88802aad4998
[ 56.186825][ T5063] ? kvmalloc_node+0x194/0x1a0
[ 56.191596][ T5063] ? kvmalloc_node+0x194/0x1a0
[ 56.196358][ T5063] btrfs_ioctl_send+0xb35/0x65c0
[ 56.201321][ T5063] ? changed_cb+0x3610/0x3610
[ 56.206004][ T5063] ? __might_fault+0xd9/0x180
[ 56.210699][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 56.215556][ T5063] ? _copy_from_user+0xfd/0x170
[ 56.220418][ T5063] _btrfs_ioctl_send+0x231/0x2e0
[ 56.225357][ T5063] ? exclop_start_or_cancel_reloc+0x230/0x230
[ 56.231427][ T5063] ? tomoyo_path_number_perm+0x242/0x570
[ 56.237088][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 56.242026][ T5063] ? __kmem_cache_free+0xaf/0x3b0
[ 56.247050][ T5063] btrfs_ioctl+0x4026/0x5830
[ 56.252083][ T5063] ? tomoyo_path_number_perm+0x166/0x570
[ 56.257718][ T5063] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 56.263526][ T5063] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 56.269948][ T5063] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 56.275849][ T5063] ? do_vfs_ioctl+0x132/0x15b0
[ 56.280695][ T5063] ? vfs_fileattr_set+0xbe0/0xbe0
[ 56.285725][ T5063] ? find_held_lock+0x2d/0x110
[ 56.290500][ T5063] ? name_to_dev_t+0x12/0x990
[ 56.295183][ T5063] ? lock_downgrade+0x6e0/0x6e0
[ 56.300037][ T5063] ? bpf_lsm_file_ioctl+0x9/0x10
[ 56.304975][ T5063] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 56.311403][ T5063] __x64_sys_ioctl+0x197/0x210
[ 56.316170][ T5063] do_syscall_64+0x39/0xb0
[ 56.320595][ T5063] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 56.326485][ T5063] RIP: 0033:0x7f82b3991b49
[ 56.330896][ T5063] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 56.350514][ T5063] RSP: 002b:00007ffca2642708 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 56.358955][ T5063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82b3991b49
[ 56.366923][ T5063] RDX: 0000000020000040 RSI: 0000000040489426 RDI: 0000000000000003
[ 56.374894][ T5063] RBP: 00007f82b3951410 R08: 0000000000000000 R09: 0000000000000000
[ 56.382862][ T5063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82b39514a0
[ 56.390832][ T5063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 56.398902][ T5063]
[ 56.402550][ T5063] Kernel Offset: disabled
[ 56.406922][ T5063] Rebooting in 86400 seconds..