program: pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r3 = memfd_secret(0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r4, r3, 0x2e, 0x4608, @void}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r5, 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000f80)={r5, 0x0, 0x0}, 0x10) write$FUSE_LK(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x6, 0x4, 0x1}}}, 0x28) write$FUSE_INTERRUPT(r2, &(0x7f00000000c0)={0x10, 0x24}, 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) [ 85.673450][ T45] Bluetooth: hci0: command tx timeout [ 85.759060][ T5365] ------------[ cut here ]------------ [ 85.761560][ T5365] WARNING: CPU: 0 PID: 5365 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.766564][ T5365] Modules linked in: [ 85.768375][ T5365] CPU: 0 UID: 0 PID: 5365 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.772082][ T5365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.777720][ T5365] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.780658][ T5365] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 38 16 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.788891][ T5365] RSP: 0018:ffffc9000d4478c0 EFLAGS: 00010246 [ 85.791478][ T5365] RAX: ffffc9000d447900 RBX: 000000000000002b RCX: 0000000000000000 [ 85.795089][ T5365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d447928 [ 85.798493][ T5365] RBP: ffffc9000d4479c0 R08: ffffc9000d447927 R09: 0000000000000000 [ 85.801749][ T5365] R10: ffffc9000d447900 R11: fffff52001a88f25 R12: 0000000000000000 [ 85.805011][ T5365] R13: 1ffff92001a88f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 85.808303][ T5365] FS: 00007f45ad5ad6c0(0000) GS:ffff88808d20c000(0000) knlGS:0000000000000000 [ 85.811991][ T5365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.815414][ T5365] CR2: 0000200000001000 CR3: 0000000043449000 CR4: 0000000000352ef0 [ 85.818772][ T5365] Call Trace: [ 85.820252][ T5365] [ 85.821492][ T5365] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 85.824094][ T5365] ? kfree+0x18e/0x440 [ 85.826051][ T5365] ? policy_nodemask+0x27c/0x720 [ 85.828117][ T5365] ? p9_client_clunk+0x1b6/0x250 [ 85.830203][ T5365] alloc_pages_mpol+0x232/0x4a0 [ 85.832236][ T5365] ___kmalloc_large_node+0x5f/0x1b0 [ 85.834518][ T5365] __kmalloc_large_node_noprof+0x18/0x90 [ 85.837031][ T5365] __kmalloc_noprof+0x36f/0x4f0 [ 85.839158][ T5365] ? v9fs_fid_get_acl+0x4f/0x100 [ 85.841243][ T5365] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 85.844090][ T5365] v9fs_fid_get_acl+0x4f/0x100 [ 85.846294][ T5365] v9fs_get_acl+0x11b/0x360 [ 85.848234][ T5365] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 85.850641][ T5365] v9fs_mount+0x6eb/0xa50 [ 85.852529][ T5365] ? __pfx_v9fs_mount+0x10/0x10 [ 85.854525][ T5365] legacy_get_tree+0xfd/0x1a0 [ 85.856643][ T5365] ? __pfx_v9fs_mount+0x10/0x10 [ 85.858552][ T5365] vfs_get_tree+0x8f/0x2b0 [ 85.860391][ T5365] do_new_mount+0x2a2/0x9e0 [ 85.862266][ T5365] ? ns_capable+0x8a/0xf0 [ 85.864090][ T5365] ? __pfx_do_new_mount+0x10/0x10 [ 85.866642][ T5365] ? path_mount+0x61c/0xfe0 [ 85.868607][ T5365] ? user_path_at+0x44/0x60 [ 85.870650][ T5365] __se_sys_mount+0x317/0x410 [ 85.872700][ T5365] ? __pfx___se_sys_mount+0x10/0x10 [ 85.875353][ T5365] ? rcu_is_watching+0x15/0xb0 [ 85.877484][ T5365] ? do_syscall_64+0xbe/0x3b0 [ 85.879452][ T5365] ? __x64_sys_mount+0x20/0xc0 [ 85.881491][ T5365] do_syscall_64+0xfa/0x3b0 [ 85.883407][ T5365] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.885857][ T5365] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.888420][ T5365] ? clear_bhb_loop+0x60/0xb0 [ 85.890403][ T5365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.892893][ T5365] RIP: 0033:0x7f45ac78eba9 [ 85.894976][ T5365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.903016][ T5365] RSP: 002b:00007f45ad5ad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 85.906612][ T5365] RAX: ffffffffffffffda RBX: 00007f45ac9d5fa0 RCX: 00007f45ac78eba9 [ 85.910003][ T5365] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 85.913277][ T5365] RBP: 00007f45ac811e19 R08: 0000200000000500 R09: 0000000000000000 [ 85.916729][ T5365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.920076][ T5365] R13: 00007f45ac9d6038 R14: 00007f45ac9d5fa0 R15: 00007ffd88c3ad38 [ 85.923562][ T5365] [ 85.925087][ T5365] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.928258][ T5365] CPU: 0 UID: 0 PID: 5365 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.932186][ T5365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.936909][ T5365] Call Trace: [ 85.938394][ T5365] [ 85.939753][ T5365] dump_stack_lvl+0x99/0x250 [ 85.941844][ T5365] ? __asan_memcpy+0x40/0x70 [ 85.943848][ T5365] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.946124][ T5365] ? __pfx__printk+0x10/0x10 [ 85.948160][ T5365] vpanic+0x281/0x750 [ 85.949893][ T5365] ? __pfx__printk+0x10/0x10 [ 85.951879][ T5365] ? __pfx_vpanic+0x10/0x10 [ 85.953889][ T5365] ? is_bpf_text_address+0x26/0x2b0 [ 85.956113][ T5365] panic+0xb9/0xc0 [ 85.957725][ T5365] ? __pfx_panic+0x10/0x10 [ 85.959851][ T5365] __warn+0x31b/0x4b0 [ 85.961544][ T5365] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.964090][ T5365] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.966619][ T5365] report_bug+0x2be/0x4f0 [ 85.968443][ T5365] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.971024][ T5365] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.973817][ T5365] ? __alloc_frozen_pages_noprof+0x2ca/0x370 [ 85.976914][ T5365] handle_bug+0x84/0x160 [ 85.978736][ T5365] exc_invalid_op+0x1a/0x50 [ 85.980751][ T5365] asm_exc_invalid_op+0x1a/0x20 [ 85.982877][ T5365] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.985494][ T5365] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 38 16 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.993268][ T5365] RSP: 0018:ffffc9000d4478c0 EFLAGS: 00010246 [ 85.995647][ T5365] RAX: ffffc9000d447900 RBX: 000000000000002b RCX: 0000000000000000 [ 85.998916][ T5365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d447928 [ 86.002314][ T5365] RBP: ffffc9000d4479c0 R08: ffffc9000d447927 R09: 0000000000000000 [ 86.005770][ T5365] R10: ffffc9000d447900 R11: fffff52001a88f25 R12: 0000000000000000 [ 86.009016][ T5365] R13: 1ffff92001a88f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 86.012147][ T5365] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 86.014862][ T5365] ? kfree+0x18e/0x440 [ 86.016565][ T5365] ? policy_nodemask+0x27c/0x720 [ 86.018698][ T5365] ? p9_client_clunk+0x1b6/0x250 [ 86.020802][ T5365] alloc_pages_mpol+0x232/0x4a0 [ 86.022837][ T5365] ___kmalloc_large_node+0x5f/0x1b0 [ 86.025007][ T5365] __kmalloc_large_node_noprof+0x18/0x90 [ 86.027439][ T5365] __kmalloc_noprof+0x36f/0x4f0 [ 86.029531][ T5365] ? v9fs_fid_get_acl+0x4f/0x100 [ 86.031602][ T5365] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 86.034432][ T5365] v9fs_fid_get_acl+0x4f/0x100 [ 86.036498][ T5365] v9fs_get_acl+0x11b/0x360 [ 86.038534][ T5365] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 86.040859][ T5365] v9fs_mount+0x6eb/0xa50 [ 86.042761][ T5365] ? __pfx_v9fs_mount+0x10/0x10 [ 86.044966][ T5365] legacy_get_tree+0xfd/0x1a0 [ 86.047191][ T5365] ? __pfx_v9fs_mount+0x10/0x10 [ 86.049287][ T5365] vfs_get_tree+0x8f/0x2b0 [ 86.051215][ T5365] do_new_mount+0x2a2/0x9e0 [ 86.053129][ T5365] ? ns_capable+0x8a/0xf0 [ 86.054948][ T5365] ? __pfx_do_new_mount+0x10/0x10 [ 86.057250][ T5365] ? path_mount+0x61c/0xfe0 [ 86.059183][ T5365] ? user_path_at+0x44/0x60 [ 86.061087][ T5365] __se_sys_mount+0x317/0x410 [ 86.063064][ T5365] ? __pfx___se_sys_mount+0x10/0x10 [ 86.065245][ T5365] ? rcu_is_watching+0x15/0xb0 [ 86.067326][ T5365] ? do_syscall_64+0xbe/0x3b0 [ 86.069252][ T5365] ? __x64_sys_mount+0x20/0xc0 [ 86.071388][ T5365] do_syscall_64+0xfa/0x3b0 [ 86.073285][ T5365] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.075850][ T5365] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.078746][ T5365] ? clear_bhb_loop+0x60/0xb0 [ 86.081059][ T5365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.083669][ T5365] RIP: 0033:0x7f45ac78eba9 [ 86.085678][ T5365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.093790][ T5365] RSP: 002b:00007f45ad5ad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 86.097223][ T5365] RAX: ffffffffffffffda RBX: 00007f45ac9d5fa0 RCX: 00007f45ac78eba9 [ 86.100578][ T5365] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 86.103843][ T5365] RBP: 00007f45ac811e19 R08: 0000200000000500 R09: 0000000000000000 [ 86.107033][ T5365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.110487][ T5365] R13: 00007f45ac9d6038 R14: 00007f45ac9d5fa0 R15: 00007ffd88c3ad38 [ 86.113707][ T5365] [ 86.115291][ T5365] Kernel Offset: disabled [ 86.117044][ T5365] Rebooting in 86400 seconds..