./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1155273868
<...>
DUID 00:04:a3:03:08:15:93:78:e3:1f:4c:1c:fb:56:e6:f5:4b:05
forked to background, child pid 4869
[ 32.347426][ T4870] 8021q: adding VLAN 0 to HW filter on device bond0
[ 32.359069][ T4870] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.75' (ECDSA) to the list of known hosts.
execve("./syz-executor1155273868", ["./syz-executor1155273868"], 0x7fffcae42940 /* 10 vars */) = 0
brk(NULL) = 0x5555570f7000
brk(0x5555570f7c40) = 0x5555570f7c40
arch_prctl(ARCH_SET_FS, 0x5555570f7300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1155273868", 4096) = 28
brk(0x555557118c40) = 0x555557118c40
brk(0x555557119000) = 0x555557119000
mprotect(0x7fe6e75b3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5291 attached
, child_tidptr=0x5555570f75d0) = 5291
[pid 5291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5291] setpgid(0, 0) = 0
[pid 5291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5291] write(3, "1000", 4) = 4
[pid 5291] close(3) = 0
[pid 5291] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5291] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5291] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5291] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5291] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5291] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5291] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5291] exit_group(0) = ?
[pid 5291] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5291, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5293 attached
, child_tidptr=0x5555570f75d0) = 5293
[pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5293] setpgid(0, 0) = 0
[pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5293] write(3, "1000", 4) = 4
[pid 5293] close(3) = 0
[pid 5293] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5293] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5293] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5293] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5293] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5293] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5293] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5293] exit_group(0) = ?
[pid 5293] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5295
./strace-static-x86_64: Process 5295 attached
[pid 5295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5295] setpgid(0, 0) = 0
[pid 5295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5295] write(3, "1000", 4) = 4
[pid 5295] close(3) = 0
[pid 5295] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5295] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5295] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5295] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5295] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5295] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5295] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5295] exit_group(0) = ?
[pid 5295] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5295, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5297
./strace-static-x86_64: Process 5297 attached
[pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5297] setpgid(0, 0) = 0
[pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5297] write(3, "1000", 4) = 4
[pid 5297] close(3) = 0
[pid 5297] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5297] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5297] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
syzkaller login: [ 58.708051][ T151] ------------[ cut here ]------------
[ 58.713591][ T151] WARNING: CPU: 0 PID: 151 at io_uring/io_uring.c:872 io_req_complete_failed+0x223/0x280
[ 58.724667][ T151] Modules linked in:
[ 58.731877][ T151] CPU: 0 PID: 151 Comm: kworker/0:2 Not tainted 6.1.0-rc6-next-20221124-syzkaller #0
[ 58.743085][ T151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[pid 5297] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5297] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5297] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5297] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5297] exit_group(0) = ?
[pid 5297] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5299
./strace-static-x86_64: Process 5299 attached
[pid 5299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5299] setpgid(0, 0) = 0
[pid 5299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5299] write(3, "1000", 4) = 4
[pid 5299] close(3) = 0
[pid 5299] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5299] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5299] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5299] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5299] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5299] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5299] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5299] exit_group(0) = ?
[pid 5299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5299, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5301
./strace-static-x86_64: Process 5301 attached
[pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5301] setpgid(0, 0) = 0
[pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5301] write(3, "1000", 4) = 4
[pid 5301] close(3) = 0
[pid 5301] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[ 58.754076][ T151] Workqueue: events io_fallback_req_func
[ 58.760240][ T151] RIP: 0010:io_req_complete_failed+0x223/0x280
[ 58.767017][ T151] Code: 58 be ff ff ff ff 48 8d b8 a8 00 00 00 e8 a5 24 03 06 31 ff 89 c3 89 c6 e8 3a 43 7d fd 85 db 0f 85 66 fe ff ff e8 7d 46 7d fd <0f> 0b e9 5a fe ff ff e8 91 66 cb fd e9 06 fe ff ff e8 67 67 cb fd
[ 58.789196][ T151] RSP: 0018:ffffc90002e9fc28 EFLAGS: 00010293
[ 58.796425][ T151] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[pid 5301] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5301] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5301] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5301] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5301] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5301] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5301] exit_group(0) = ?
[pid 5301] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5303
./strace-static-x86_64: Process 5303 attached
[pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5303] setpgid(0, 0) = 0
[pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5303] write(3, "1000", 4) = 4
[pid 5303] close(3) = 0
[pid 5303] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5303] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5303] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5303] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5303] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5303] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5303] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5303] exit_group(0) = ?
[pid 5303] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5305
./strace-static-x86_64: Process 5305 attached
[pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5305] setpgid(0, 0) = 0
[pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5305] write(3, "1000", 4) = 4
[pid 5305] close(3) = 0
[ 58.805504][ T151] RDX: ffff88801a690000 RSI: ffffffff84038513 RDI: 0000000000000005
[ 58.814018][ T151] RBP: ffff88807e9aa3c0 R08: 0000000000000005 R09: 0000000000000000
[ 58.822886][ T151] R10: 0000000000000000 R11: 1ffffffff21621e8 R12: 0000000000000016
[ 58.831837][ T151] R13: 00000000ffffff83 R14: dffffc0000000000 R15: ffffffffffffff78
[ 58.842237][ T151] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 58.852073][ T151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[pid 5305] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5305] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5305] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5305] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5305] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5305] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5305] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5305] exit_group(0) = ?
[pid 5305] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5307
./strace-static-x86_64: Process 5307 attached
[pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5307] setpgid(0, 0) = 0
[pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5307] write(3, "1000", 4) = 4
[pid 5307] close(3) = 0
[pid 5307] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5307] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5307] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5307] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5307] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5307] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5307] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5307] exit_group(0) = ?
[pid 5307] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5309
./strace-static-x86_64: Process 5309 attached
[pid 5309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5309] setpgid(0, 0) = 0
[ 58.859269][ T151] CR2: 00007fe6e758a01d CR3: 000000000c48e000 CR4: 00000000003506f0
[ 58.868079][ T151] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 58.876801][ T151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 58.885537][ T151] Call Trace:
[ 58.889635][ T151]
[ 58.892716][ T151] io_apoll_task_func+0x14d/0x170
[ 58.898588][ T151] io_fallback_req_func+0xfd/0x1b2
[ 58.903882][ T151] ? io_ring_exit_work+0xc32/0xc32
[pid 5309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5309] write(3, "1000", 4) = 4
[pid 5309] close(3) = 0
[pid 5309] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5309] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5309] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5309] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5309] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5309] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5309] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5309] exit_group(0) = ?
[pid 5309] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5309, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5311
./strace-static-x86_64: Process 5311 attached
[pid 5311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5311] setpgid(0, 0) = 0
[pid 5311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5311] write(3, "1000", 4) = 4
[pid 5311] close(3) = 0
[pid 5311] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5311] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5311] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5311] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5311] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5311] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[ 58.910034][ T151] process_one_work+0x9bf/0x1710
[ 58.915575][ T151] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 58.921604][ T151] ? rwlock_bug.part.0+0x90/0x90
[ 58.926570][ T151] ? _raw_spin_lock_irq+0x45/0x50
[ 58.931833][ T151] worker_thread+0x669/0x1090
[ 58.937760][ T151] ? __kthread_parkme+0x163/0x220
[ 58.942831][ T151] ? process_one_work+0x1710/0x1710
[ 58.949100][ T151] kthread+0x2e8/0x3a0
[ 58.953586][ T151] ? kthread_complete_and_exit+0x40/0x40
[pid 5311] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5311] exit_group(0) = ?
[pid 5311] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5311, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5313
./strace-static-x86_64: Process 5313 attached
[pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5313] setpgid(0, 0) = 0
[pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5313] write(3, "1000", 4) = 4
[pid 5313] close(3) = 0
[pid 5313] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5313] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[pid 5313] mmap(0x20ffd000, 1048576, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0x10000000) = 0x20ffd000
[pid 5313] socket(AF_TIPC, SOCK_RDM, 0) = 4
[pid 5313] socket(AF_TIPC, SOCK_RDM, 0) = 5
[pid 5313] sendmmsg(-1, NULL, 0, 0) = -1 EBADF (Bad file descriptor)
[pid 5313] io_uring_enter(3, 767, 0, 0, NULL, 0) = 1
[pid 5313] exit_group(0) = ?
[pid 5313] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570f75d0) = 5315
./strace-static-x86_64: Process 5315 attached
[pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[ 58.960172][ T151] ret_from_fork+0x1f/0x30
[ 58.965147][ T151]
[ 58.968757][ T151] Kernel panic - not syncing: panic_on_warn set ...
[ 58.975366][ T151] CPU: 0 PID: 151 Comm: kworker/0:2 Not tainted 6.1.0-rc6-next-20221124-syzkaller #0
[ 58.984849][ T151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 58.994924][ T151] Workqueue: events io_fallback_req_func
[ 59.000576][ T151] Call Trace:
[ 59.003873][ T151]
[pid 5315] setpgid(0, 0) = 0
[pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5315] write(3, "1000", 4) = 4
[pid 5315] close(3) = 0
[pid 5315] io_uring_setup(16094, {flags=0, sq_thread_cpu=0, sq_thread_idle=0, sq_entries=16384, cq_entries=32768, features=IORING_FEAT_SINGLE_MMAP|IORING_FEAT_NODROP|IORING_FEAT_SUBMIT_STABLE|IORING_FEAT_RW_CUR_POS|IORING_FEAT_CUR_PERSONALITY|IORING_FEAT_FAST_POLL|IORING_FEAT_POLL_32BITS|IORING_FEAT_SQPOLL_NONFIXED|IORING_FEAT_EXT_ARG|IORING_FEAT_NATIVE_WORKERS|IORING_FEAT_RSRC_TAGS|IORING_FEAT_CQE_SKIP|0x1000, sq_off={head=0, tail=64, ring_mask=256, ring_entries=264, flags=276, dropped=272, array=524608}, cq_off={head=128, tail=192, ring_mask=260, ring_entries=268, overflow=284, cqes=320, flags=280}}) = 3
[pid 5315] mmap(0x20002000, 590144, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_FIXED|MAP_POPULATE, 3, 0) = 0x20002000
[ 59.006828][ T151] dump_stack_lvl+0xd1/0x138
[ 59.011440][ T151] panic+0x2cc/0x626
[ 59.015334][ T151] ? panic_print_sys_info.part.0+0x110/0x110
[ 59.021331][ T151] ? __warn.cold+0x24b/0x350
[ 59.025954][ T151] ? io_req_complete_failed+0x223/0x280
[ 59.031541][ T151] __warn.cold+0x25c/0x350
[ 59.035985][ T151] ? io_req_complete_failed+0x223/0x280
[ 59.041569][ T151] report_bug+0x1c0/0x210
[ 59.045944][ T151] handle_bug+0x3c/0x70
[ 59.050132][ T151] exc_invalid_op+0x18/0x50
[ 59.054673][ T151] asm_exc_invalid_op+0x1a/0x20
[ 59.059561][ T151] RIP: 0010:io_req_complete_failed+0x223/0x280
[ 59.065753][ T151] Code: 58 be ff ff ff ff 48 8d b8 a8 00 00 00 e8 a5 24 03 06 31 ff 89 c3 89 c6 e8 3a 43 7d fd 85 db 0f 85 66 fe ff ff e8 7d 46 7d fd <0f> 0b e9 5a fe ff ff e8 91 66 cb fd e9 06 fe ff ff e8 67 67 cb fd
[ 59.085384][ T151] RSP: 0018:ffffc90002e9fc28 EFLAGS: 00010293
[ 59.091459][ T151] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 59.099432][ T151] RDX: ffff88801a690000 RSI: ffffffff84038513 RDI: 0000000000000005
[ 59.107407][ T151] RBP: ffff88807e9aa3c0 R08: 0000000000000005 R09: 0000000000000000
[ 59.115388][ T151] R10: 0000000000000000 R11: 1ffffffff21621e8 R12: 0000000000000016
[ 59.123364][ T151] R13: 00000000ffffff83 R14: dffffc0000000000 R15: ffffffffffffff78
[ 59.131363][ T151] ? io_req_complete_failed+0x223/0x280
[ 59.136945][ T151] ? io_req_complete_failed+0x223/0x280
[ 59.142509][ T151] io_apoll_task_func+0x14d/0x170
[ 59.147549][ T151] io_fallback_req_func+0xfd/0x1b2
[ 59.152680][ T151] ? io_ring_exit_work+0xc32/0xc32
[ 59.157815][ T151] process_one_work+0x9bf/0x1710
[ 59.162777][ T151] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 59.168249][ T151] ? rwlock_bug.part.0+0x90/0x90
[ 59.173191][ T151] ? _raw_spin_lock_irq+0x45/0x50
[ 59.178248][ T151] worker_thread+0x669/0x1090
[ 59.182946][ T151] ? __kthread_parkme+0x163/0x220
[ 59.187988][ T151] ? process_one_work+0x1710/0x1710
[ 59.193193][ T151] kthread+0x2e8/0x3a0
[ 59.197265][ T151] ? kthread_complete_and_exit+0x40/0x40
[ 59.202902][ T151] ret_from_fork+0x1f/0x30
[ 59.207347][ T151]
[ 59.210515][ T151] Kernel Offset: disabled
[ 59.214897][ T151] Rebooting in 86400 seconds..