./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3781571053
<...>
DUID 00:04:f2:7f:36:b6:03:80:f9:c3:71:03:f9:5e:f9:cf:ad:4a
forked to background, child pid 3181
[ 26.439573][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0
[ 26.452265][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.129' (ECDSA) to the list of known hosts.
execve("./syz-executor3781571053", ["./syz-executor3781571053"], 0x7fff527a3f50 /* 10 vars */) = 0
brk(NULL) = 0x555556fc6000
brk(0x555556fc6c40) = 0x555556fc6c40
arch_prctl(ARCH_SET_FS, 0x555556fc6300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3781571053", 4096) = 28
brk(0x555556fe7c40) = 0x555556fe7c40
brk(0x555556fe8000) = 0x555556fe8000
mprotect(0x7f6d26868000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3603 attached
, child_tidptr=0x555556fc65d0) = 3603
[pid 3603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3603] setpgid(0, 0) = 0
[pid 3603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3603] write(3, "1000", 4) = 4
[pid 3603] close(3) = 0
[pid 3603] socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3
[pid 3603] setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0
[pid 3603] connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 3603] setsockopt(3, SOL_TCP, TCP_ULP, [7564404], 4) = 0
[pid 3603] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 3603] write(4, "13", 2) = 2
[pid 3603] setsockopt(3, SOL_TLS, TLS_RX, "\x03\x03\x35\x00\x00\x08\x00\x00\x00\x00\x00\x00\x0c\x24\xcf\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x1b\xcd\x07\x77\xd0\x77\x13\x8b\x33\x73\x62", 40) = 0
[pid 3603] exit_group(0) = ?
[pid 3603] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3603, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3617 attached
, child_tidptr=0x555556fc65d0) = 3617
[pid 3617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3617] setpgid(0, 0) = 0
[pid 3617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3617] write(3, "1000", 4) = 4
[pid 3617] close(3) = 0
[pid 3617] socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3
[pid 3617] setsockopt(3, SOL_TCP, TCP_REPAIR, [1], 4) = 0
[pid 3617] connect(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "::1", &sin6_addr), sin6_scope_id=0}, 28) = 0
[pid 3617] setsockopt(3, SOL_TCP, TCP_ULP, [7564404], 4) = 0
[pid 3617] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 3617] write(4, "13", 2) = 2
[pid 3617] setsockopt(3, SOL_TLS, TLS_RX, "\x03\x03\x35\x00\x00\x08\x00\x00\x00\x00\x00\x00\x0c\x24\xcf\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x64\x1b\xcd\x07\x77\xd0\x77\x13\x8b\x33\x73\x62", 40) = 0
[pid 3617] exit_group(0) = ?
syzkaller login: [ 44.717837][ T3617] ------------[ cut here ]------------
[ 44.723612][ T3617] WARNING: CPU: 0 PID: 3617 at kernel/workqueue.c:3066 __flush_work+0x926/0xb10
[ 44.732988][ T3617] Modules linked in:
[ 44.736901][ T3617] CPU: 0 PID: 3617 Comm: syz-executor378 Not tainted 5.19.0-syzkaller-05342-g4c46bb49460e #0
[ 44.748197][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 44.758431][ T3617] RIP: 0010:__flush_work+0x926/0xb10
[ 44.763815][ T3617] Code: ff 41 89 c4 89 8d 88 fe ff ff e8 95 ee 79 00 48 0f ba 2b 03 e9 6a fa ff ff e8 76 8a 2c 00 0f 0b e9 5a fc ff ff e8 6a 8a 2c 00 <0f> 0b 45 31 f6 e9 4b fc ff ff e8 ab eb 79 00 e9 3a fb ff ff e8 51
[ 44.783614][ T3617] RSP: 0018:ffffc9000395f948 EFLAGS: 00010293
[ 44.789711][ T3617] RAX: 0000000000000000 RBX: ffff88807c3fc0f0 RCX: 0000000000000000
[ 44.797750][ T3617] RDX: ffff888020351d80 RSI: ffffffff814e6126 RDI: 0000000000000001
[ 44.805798][ T3617] RBP: ffffc9000395fae0 R08: 0000000000000001 R09: 0000000000000000
[ 44.813816][ T3617] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[ 44.821843][ T3617] R13: 1ffff9200072bf5f R14: 0000000000000001 R15: ffff88807c3fc108
[ 44.829842][ T3617] FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[ 44.838840][ T3617] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.845503][ T3617] CR2: 00007f6d2686f290 CR3: 0000000016b38000 CR4: 00000000003506f0
[ 44.853541][ T3617] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.861616][ T3617] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.869601][ T3617] Call Trace:
[ 44.872922][ T3617]
[ 44.875872][ T3617] ? lock_chain_count+0x20/0x20
[ 44.880810][ T3617] ? queue_delayed_work_on+0x120/0x120
[ 44.886302][ T3617] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 44.892338][ T3617] ? mark_lock.part.0+0xee/0x1910
[ 44.897400][ T3617] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 44.903463][ T3617] ? mark_held_locks+0x9f/0xe0
[ 44.908330][ T3617] ? __cancel_work_timer+0x408/0x570
[ 44.913681][ T3617] __cancel_work_timer+0x3f9/0x570
[ 44.918820][ T3617] ? try_to_grab_pending+0xd0/0xd0
[ 44.924018][ T3617] ? tls_sk_proto_close+0x29b/0xaf0
[ 44.929255][ T3617] ? mark_held_locks+0x9f/0xe0
[ 44.934296][ T3617] ? __local_bh_enable_ip+0xa0/0x120
[ 44.939608][ T3617] tls_strp_done+0x66/0x230
[ 44.944186][ T3617] tls_sk_proto_close+0x40d/0xaf0
[ 44.949243][ T3617] ? wait_on_pending_writer+0x430/0x430
[ 44.954854][ T3617] ? ip_mc_drop_socket+0x16/0x260
[ 44.959903][ T3617] inet_release+0x12e/0x280
[ 44.964503][ T3617] inet6_release+0x4c/0x70
[ 44.968960][ T3617] __sock_release+0xcd/0x280
[ 44.973617][ T3617] sock_close+0x18/0x20
[ 44.977807][ T3617] __fput+0x277/0x9d0
[ 44.981862][ T3617] ? __sock_release+0x280/0x280
[ 44.986751][ T3617] task_work_run+0xdd/0x1a0
[ 44.991330][ T3617] do_exit+0xade/0x29d0
[ 44.995513][ T3617] ? mm_update_next_owner+0x7a0/0x7a0
[ 45.000973][ T3617] ? _raw_spin_unlock_irq+0x1f/0x40
[ 45.006207][ T3617] ? _raw_spin_unlock_irq+0x1f/0x40
[ 45.011499][ T3617] do_group_exit+0xd2/0x2f0
[ 45.016028][ T3617] __x64_sys_exit_group+0x3a/0x50
[ 45.021152][ T3617] do_syscall_64+0x35/0xb0
[ 45.025611][ T3617] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.031553][ T3617] RIP: 0033:0x7f6d267f9de9
[ 45.035979][ T3617] Code: Unable to access opcode bytes at RIP 0x7f6d267f9dbf.
[ 45.043425][ T3617] RSP: 002b:00007ffe0e0111f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 45.051879][ T3617] RAX: ffffffffffffffda RBX: 00007f6d2686e3f0 RCX: 00007f6d267f9de9
[ 45.059864][ T3617] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 45.068005][ T3617] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001
[ 45.076016][ T3617] R10: 0000000020000080 R11: 0000000000000246 R12: 00007f6d2686e3f0
[ 45.084076][ T3617] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 45.092142][ T3617]
[ 45.095193][ T3617] Kernel panic - not syncing: panic_on_warn set ...
[ 45.101777][ T3617] CPU: 0 PID: 3617 Comm: syz-executor378 Not tainted 5.19.0-syzkaller-05342-g4c46bb49460e #0
[ 45.111951][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 45.122113][ T3617] Call Trace:
[ 45.125399][ T3617]
[ 45.128333][ T3617] dump_stack_lvl+0xcd/0x134
[ 45.132931][ T3617] panic+0x2d7/0x636
[ 45.136824][ T3617] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 45.142812][ T3617] ? __warn.cold+0x1d1/0x2c5
[ 45.147403][ T3617] ? __flush_work+0x926/0xb10
[ 45.152084][ T3617] __warn.cold+0x1e2/0x2c5
[ 45.156518][ T3617] ? __flush_work+0x926/0xb10
[ 45.161233][ T3617] report_bug+0x1bc/0x210
[ 45.165586][ T3617] handle_bug+0x3c/0x60
[ 45.169750][ T3617] exc_invalid_op+0x14/0x40
[ 45.174269][ T3617] asm_exc_invalid_op+0x16/0x20
[ 45.179155][ T3617] RIP: 0010:__flush_work+0x926/0xb10
[ 45.184464][ T3617] Code: ff 41 89 c4 89 8d 88 fe ff ff e8 95 ee 79 00 48 0f ba 2b 03 e9 6a fa ff ff e8 76 8a 2c 00 0f 0b e9 5a fc ff ff e8 6a 8a 2c 00 <0f> 0b 45 31 f6 e9 4b fc ff ff e8 ab eb 79 00 e9 3a fb ff ff e8 51
[ 45.204213][ T3617] RSP: 0018:ffffc9000395f948 EFLAGS: 00010293
[ 45.210297][ T3617] RAX: 0000000000000000 RBX: ffff88807c3fc0f0 RCX: 0000000000000000
[ 45.218273][ T3617] RDX: ffff888020351d80 RSI: ffffffff814e6126 RDI: 0000000000000001
[ 45.226252][ T3617] RBP: ffffc9000395fae0 R08: 0000000000000001 R09: 0000000000000000
[ 45.234225][ T3617] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[ 45.242218][ T3617] R13: 1ffff9200072bf5f R14: 0000000000000001 R15: ffff88807c3fc108
[ 45.250207][ T3617] ? __flush_work+0x926/0xb10
[ 45.254923][ T3617] ? __flush_work+0x926/0xb10
[ 45.259634][ T3617] ? lock_chain_count+0x20/0x20
[ 45.264499][ T3617] ? queue_delayed_work_on+0x120/0x120
[ 45.269978][ T3617] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 45.276007][ T3617] ? mark_lock.part.0+0xee/0x1910
[ 45.281050][ T3617] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 45.287065][ T3617] ? mark_held_locks+0x9f/0xe0
[ 45.291858][ T3617] ? __cancel_work_timer+0x408/0x570
[ 45.297177][ T3617] __cancel_work_timer+0x3f9/0x570
[ 45.302310][ T3617] ? try_to_grab_pending+0xd0/0xd0
[ 45.307471][ T3617] ? tls_sk_proto_close+0x29b/0xaf0
[ 45.312685][ T3617] ? mark_held_locks+0x9f/0xe0
[ 45.317459][ T3617] ? __local_bh_enable_ip+0xa0/0x120
[ 45.322759][ T3617] tls_strp_done+0x66/0x230
[ 45.327276][ T3617] tls_sk_proto_close+0x40d/0xaf0
[ 45.332315][ T3617] ? wait_on_pending_writer+0x430/0x430
[ 45.337897][ T3617] ? ip_mc_drop_socket+0x16/0x260
[ 45.342963][ T3617] inet_release+0x12e/0x280
[ 45.347486][ T3617] inet6_release+0x4c/0x70
[ 45.351923][ T3617] __sock_release+0xcd/0x280
[ 45.356544][ T3617] sock_close+0x18/0x20
[ 45.360721][ T3617] __fput+0x277/0x9d0
[ 45.364719][ T3617] ? __sock_release+0x280/0x280
[ 45.369611][ T3617] task_work_run+0xdd/0x1a0
[ 45.374139][ T3617] do_exit+0xade/0x29d0
[ 45.378315][ T3617] ? mm_update_next_owner+0x7a0/0x7a0
[ 45.383704][ T3617] ? _raw_spin_unlock_irq+0x1f/0x40
[ 45.388911][ T3617] ? _raw_spin_unlock_irq+0x1f/0x40
[ 45.394126][ T3617] do_group_exit+0xd2/0x2f0
[ 45.398643][ T3617] __x64_sys_exit_group+0x3a/0x50
[ 45.403685][ T3617] do_syscall_64+0x35/0xb0
[ 45.408116][ T3617] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 45.414112][ T3617] RIP: 0033:0x7f6d267f9de9
[ 45.418546][ T3617] Code: Unable to access opcode bytes at RIP 0x7f6d267f9dbf.
[ 45.425907][ T3617] RSP: 002b:00007ffe0e0111f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 45.434340][ T3617] RAX: ffffffffffffffda RBX: 00007f6d2686e3f0 RCX: 00007f6d267f9de9
[ 45.442315][ T3617] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 45.450373][ T3617] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001
[ 45.458434][ T3617] R10: 0000000020000080 R11: 0000000000000246 R12: 00007f6d2686e3f0
[ 45.466425][ T3617] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 45.474416][ T3617]
[ 45.477703][ T3617] Kernel Offset: disabled
[ 45.482097][ T3617] Rebooting in 86400 seconds..