./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4054097952 <...> Warning: Permanently added '10.128.1.37' (ED25519) to the list of known hosts. execve("./syz-executor4054097952", ["./syz-executor4054097952"], 0x7ffc8b238040 /* 10 vars */) = 0 brk(NULL) = 0x555587715000 brk(0x555587715e00) = 0x555587715e00 arch_prctl(ARCH_SET_FS, 0x555587715480) = 0 set_tid_address(0x555587715750) = 5827 set_robust_list(0x555587715760, 24) = 0 rseq(0x555587715da0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4054097952", 4096) = 28 getrandom("\xfa\xc5\x10\x02\x6e\x0e\xd8\x6a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555587715e00 brk(0x555587736e00) = 0x555587736e00 brk(0x555587737000) = 0x555587737000 mprotect(0x7f05fcd8a000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f05fcce2970, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f05fcceab20}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f05fcce2970, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f05fcceab20}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached [pid 5828] set_robust_list(0x555587715760, 24 [pid 5827] <... clone resumed>, child_tidptr=0x555587715750) = 5828 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5828] write(3, "1000", 4) = 4 [pid 5828] close(3) = 0 [pid 5828] write(1, "executing program\n", 18) = 18 executing program [pid 5828] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5828] pipe2([3, 4], 0) = 0 [pid 5828] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5828] dup(4) = 5 [pid 5828] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5828] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5828] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5828] mkdir("./file0", 0777) = 0 [pid 5828] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [pid 5828] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,posixacl") = -1 EIO (Input/output error) [pid 5828] exit_group(0) = ? [pid 5828] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5828, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached [pid 5830] set_robust_list(0x555587715760, 24) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x555587715750) = 5830 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5830] setpgid(0, 0) = 0 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5830] write(3, "1000", 4) = 4 [pid 5830] close(3) = 0 [pid 5830] write(1, "executing program\n", 18executing program ) = 18 [pid 5830] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=0, insns=NULL, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 E2BIG (Argument list too long) [pid 5830] pipe2([3, 4], 0) = 0 [pid 5830] write(4, "\x15\x00\x00\x00\x65\xff\xff\x09\x7b\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 [pid 5830] dup(4) = 5 [pid 5830] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = 24 [pid 5830] write(5, "\xb0\x00\x00\x00\x00\x00\x00\x00\x16\x59\xec\x08\x89\x41\x94\x29\xaa\x5d\xb9\x72\x88\xb0\xf8\xa8\x7e\xa8\xe6\x6d\x9a\x8b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 176) = 176 [pid 5830] write(5, "\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x00\x00", 16) = 16 [pid 5830] mkdir("./file0", 0777) = -1 EEXIST (File exists) [pid 5830] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} --- [ 60.880086][ T5830] ------------[ cut here ]------------ [ 60.885827][ T5830] WARNING: CPU: 0 PID: 5830 at mm/page_alloc.c:4728 __alloc_frozen_pages_noprof+0x3c5/0x710 [ 60.896011][ T5830] Modules linked in: [ 60.899938][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor405 Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 60.910593][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 60.920724][ T5830] RIP: 0010:__alloc_frozen_pages_noprof+0x3c5/0x710 [ 60.927394][ T5830] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 87 3a 0c 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e [ 60.947123][ T5830] RSP: 0018:ffffc90003e8f940 EFLAGS: 00010246 [ 60.953230][ T5830] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 60.961263][ T5830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003e8f9c8 [ 60.969284][ T5830] RBP: ffffc90003e8fa50 R08: ffffc90003e8f9c7 R09: 0000000000000000 [ 60.977298][ T5830] R10: ffffc90003e8f9a0 R11: fffff520007d1f39 R12: 0000000000000020 [ 60.985322][ T5830] R13: 0000000000040d40 R14: 1ffff920007d1f30 R15: 1ffff920007d1f2c [ 60.993289][ T5830] FS: 0000555587715480(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 61.002261][ T5830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.009019][ T5830] CR2: 0000000020001000 CR3: 000000003352e000 CR4: 00000000003526f0 [ 61.017077][ T5830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.025105][ T5830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.033117][ T5830] Call Trace: [ 61.036440][ T5830] [ 61.039379][ T5830] ? __warn+0x165/0x4d0 [ 61.043542][ T5830] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.049580][ T5830] ? report_bug+0x2b3/0x500 [ 61.054104][ T5830] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.060146][ T5830] ? handle_bug+0x60/0x90 [ 61.064534][ T5830] ? exc_invalid_op+0x1a/0x50 [ 61.069322][ T5830] ? asm_exc_invalid_op+0x1a/0x20 [ 61.074418][ T5830] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.080417][ T5830] ? kfree+0x196/0x430 [ 61.084557][ T5830] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 61.090903][ T5830] ? v9fs_fid_xattr_get+0x327/0x450 [ 61.096205][ T5830] __alloc_pages_noprof+0xa/0x30 [ 61.101416][ T5830] ___kmalloc_large_node+0x8b/0x1d0 [ 61.106668][ T5830] __kmalloc_large_node_noprof+0x1a/0x80 [ 61.112316][ T5830] __kmalloc_noprof+0x339/0x4c0 [ 61.117205][ T5830] ? v9fs_fid_get_acl+0x4f/0x100 [ 61.122163][ T5830] v9fs_fid_get_acl+0x4f/0x100 [ 61.126987][ T5830] v9fs_get_acl+0x96/0x350 [ 61.131476][ T5830] v9fs_inode_from_fid_dotl+0x22d/0x2c0 [ 61.137060][ T5830] v9fs_mount+0x718/0xa90 [ 61.141401][ T5830] ? __pfx_v9fs_mount+0x10/0x10 [ 61.146322][ T5830] ? __kmalloc_cache_noprof+0x243/0x390 [ 61.151879][ T5830] ? rcu_is_watching+0x15/0xb0 [ 61.156693][ T5830] legacy_get_tree+0xee/0x190 [ 61.161379][ T5830] ? __pfx_v9fs_mount+0x10/0x10 [ 61.166287][ T5830] vfs_get_tree+0x90/0x2b0 [ 61.170719][ T5830] do_new_mount+0x2be/0xb40 [ 61.175271][ T5830] ? __pfx_do_new_mount+0x10/0x10 [ 61.180310][ T5830] __se_sys_mount+0x2d6/0x3c0 [ 61.185041][ T5830] ? __pfx___se_sys_mount+0x10/0x10 [ 61.190252][ T5830] ? exc_page_fault+0x590/0x8b0 [ 61.195157][ T5830] ? __x64_sys_mount+0x20/0xc0 [ 61.199952][ T5830] do_syscall_64+0xf3/0x230 [ 61.204535][ T5830] ? clear_bhb_loop+0x35/0x90 [ 61.209314][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.215249][ T5830] RIP: 0033:0x7f05fcd17de9 [ 61.219683][ T5830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.239354][ T5830] RSP: 002b:00007ffc85e9b418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 61.247813][ T5830] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05fcd17de9 [ 61.255862][ T5830] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 61.263925][ T5830] RBP: 000000000000ec55 R08: 0000000020000580 R09: 00007ffc85e9b450 [ 61.271936][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc85e9b450 [ 61.279966][ T5830] R13: 00007ffc85e9b43c R14: 431bde82d7b634db R15: 00007f05fcd60087 [ 61.287987][ T5830] [ 61.291026][ T5830] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 61.298299][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor405 Not tainted 6.13.0-rc1-next-20241205-syzkaller #0 [ 61.308868][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 61.318918][ T5830] Call Trace: [ 61.322194][ T5830] [ 61.325120][ T5830] dump_stack_lvl+0x241/0x360 [ 61.329805][ T5830] ? __pfx_dump_stack_lvl+0x10/0x10 [ 61.334998][ T5830] ? __pfx__printk+0x10/0x10 [ 61.339585][ T5830] ? _printk+0xd5/0x120 [ 61.343737][ T5830] ? __init_begin+0x41000/0x41000 [ 61.348931][ T5830] ? vscnprintf+0x5d/0x90 [ 61.353252][ T5830] panic+0x349/0x880 [ 61.357143][ T5830] ? __warn+0x174/0x4d0 [ 61.361292][ T5830] ? __pfx_panic+0x10/0x10 [ 61.365722][ T5830] __warn+0x344/0x4d0 [ 61.369697][ T5830] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.375671][ T5830] report_bug+0x2b3/0x500 [ 61.379999][ T5830] ? __alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.385971][ T5830] handle_bug+0x60/0x90 [ 61.390131][ T5830] exc_invalid_op+0x1a/0x50 [ 61.394627][ T5830] asm_exc_invalid_op+0x1a/0x20 [ 61.399471][ T5830] RIP: 0010:__alloc_frozen_pages_noprof+0x3c5/0x710 [ 61.406062][ T5830] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 87 3a 0c 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e [ 61.425659][ T5830] RSP: 0018:ffffc90003e8f940 EFLAGS: 00010246 [ 61.431720][ T5830] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 61.439682][ T5830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003e8f9c8 [ 61.447646][ T5830] RBP: ffffc90003e8fa50 R08: ffffc90003e8f9c7 R09: 0000000000000000 [ 61.455607][ T5830] R10: ffffc90003e8f9a0 R11: fffff520007d1f39 R12: 0000000000000020 [ 61.463574][ T5830] R13: 0000000000040d40 R14: 1ffff920007d1f30 R15: 1ffff920007d1f2c [ 61.471551][ T5830] ? kfree+0x196/0x430 [ 61.475617][ T5830] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 61.481945][ T5830] ? v9fs_fid_xattr_get+0x327/0x450 [ 61.487145][ T5830] __alloc_pages_noprof+0xa/0x30 [ 61.492072][ T5830] ___kmalloc_large_node+0x8b/0x1d0 [ 61.497269][ T5830] __kmalloc_large_node_noprof+0x1a/0x80 [ 61.502900][ T5830] __kmalloc_noprof+0x339/0x4c0 [ 61.507744][ T5830] ? v9fs_fid_get_acl+0x4f/0x100 [ 61.512772][ T5830] v9fs_fid_get_acl+0x4f/0x100 [ 61.517542][ T5830] v9fs_get_acl+0x96/0x350 [ 61.521964][ T5830] v9fs_inode_from_fid_dotl+0x22d/0x2c0 [ 61.527510][ T5830] v9fs_mount+0x718/0xa90 [ 61.531837][ T5830] ? __pfx_v9fs_mount+0x10/0x10 [ 61.536683][ T5830] ? __kmalloc_cache_noprof+0x243/0x390 [ 61.542223][ T5830] ? rcu_is_watching+0x15/0xb0 [ 61.546987][ T5830] legacy_get_tree+0xee/0x190 [ 61.551665][ T5830] ? __pfx_v9fs_mount+0x10/0x10 [ 61.556515][ T5830] vfs_get_tree+0x90/0x2b0 [ 61.561013][ T5830] do_new_mount+0x2be/0xb40 [ 61.565515][ T5830] ? __pfx_do_new_mount+0x10/0x10 [ 61.570539][ T5830] __se_sys_mount+0x2d6/0x3c0 [ 61.575217][ T5830] ? __pfx___se_sys_mount+0x10/0x10 [ 61.580407][ T5830] ? exc_page_fault+0x590/0x8b0 [ 61.585252][ T5830] ? __x64_sys_mount+0x20/0xc0 [ 61.590012][ T5830] do_syscall_64+0xf3/0x230 [ 61.594512][ T5830] ? clear_bhb_loop+0x35/0x90 [ 61.599190][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.605079][ T5830] RIP: 0033:0x7f05fcd17de9 [ 61.609506][ T5830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 61.629122][ T5830] RSP: 002b:00007ffc85e9b418 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 61.637540][ T5830] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05fcd17de9 [ 61.645504][ T5830] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 61.653465][ T5830] RBP: 000000000000ec55 R08: 0000000020000580 R09: 00007ffc85e9b450 [ 61.661427][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc85e9b450 [ 61.669390][ T5830] R13: 00007ffc85e9b43c R14: 431bde82d7b634db R15: 00007f05fcd60087 [ 61.677368][ T5830] [ 61.680526][ T5830] Kernel Offset: disabled [ 61.684877][ T5830] Rebooting in 86400 seconds..