./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3793582327 <...> Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts. execve("./syz-executor3793582327", ["./syz-executor3793582327"], 0x7ffefed38160 /* 10 vars */) = 0 brk(NULL) = 0x5555697ee000 brk(0x5555697eed00) = 0x5555697eed00 arch_prctl(ARCH_SET_FS, 0x5555697ee380) = 0 set_tid_address(0x5555697ee650) = 5225 set_robust_list(0x5555697ee660, 24) = 0 rseq(0x5555697eeca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3793582327", 4096) = 28 getrandom("\x3c\x3a\x89\xab\xd5\xb4\x85\xc8", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555697eed00 brk(0x55556980fd00) = 0x55556980fd00 brk(0x555569810000) = 0x555569810000 mprotect(0x7f7692d85000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5226 attached , child_tidptr=0x5555697ee650) = 5226 [pid 5226] set_robust_list(0x5555697ee660, 24) = 0 [pid 5226] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5226] setsid() = 1 [pid 5226] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5226] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5226] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5226] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5226] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5226] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5226] unshare(CLONE_NEWNS) = 0 [pid 5226] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5226] unshare(CLONE_NEWIPC) = 0 [pid 5226] unshare(CLONE_NEWCGROUP) = 0 [pid 5226] unshare(CLONE_NEWUTS) = 0 [pid 5226] unshare(CLONE_SYSVSEM) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "16777216", 8) = 8 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "536870912", 9) = 9 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1024", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "8192", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1024", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1024", 4) = 4 [pid 5226] close(3) = 0 [pid 5226] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5226] close(3) = 0 [pid 5226] getpid() = 1 [pid 5226] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5229] set_robust_list(0x5555697ee660, 24 [pid 5226] <... clone resumed>, child_tidptr=0x5555697ee650) = 2 [pid 5229] <... set_robust_list resumed>) = 0 [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] setpgid(0, 0) = 0 [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5229] write(3, "1000", 4) = 4 [pid 5229] close(3) = 0 [pid 5229] read(200, "\x33\x33\x00\x00\x00\x16\xaa\xaa\xaa\xaa\xaa\xaa\x86\xdd\x60\x00\x00\x00\x00\x38\x00\x01\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x16\x3a\x00\x05\x02\x00\x00\x01\x00\x8f\x00\xc2\x46\x00\x00\x00\x02\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xaa\xaa\xaa\x04\x00\x00\x00\xff\x02\x00\x00\x00\x00"..., 1000) = 110 [pid 5229] read(200, 0x7ffc4073be10, 1000) = -1 EAGAIN (Resource temporarily unavailable) [pid 5229] write(1, "executing program\n", 18executing program ) = 18 [pid 5229] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_XDP, insn_cnt=3, insns=0x20000140, license="syzkaller", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=BPF_F_STRICT_ALIGNMENT|BPF_F_TEST_RND_HI32|BPF_F_TEST_STATE_FREQ|0x20, prog_name="", prog_ifindex=0, expected_attach_type=BPF_XDP, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 144) = 3 [pid 5229] socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL)) = 4 [pid 5229] ioctl(4, SIOCGIFINDEX, {ifr_name="syz_tun", ifr_ifindex=11}) = 0 [pid 5229] bpf(BPF_LINK_CREATE, {link_create={prog_fd=3, target_fd=11, attach_type=BPF_XDP, flags=0}}, 64) = 5 [pid 5229] write(200, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 65007) = 65007 [pid 5229] close(3) = 0 [pid 5229] close(4) = 0 [pid 5229] close(5) = 0 [pid 5229] close(6) = -1 EBADF (Bad file descriptor) [pid 5229] close(7) = -1 EBADF (Bad file descriptor) [pid 5229] close(8) = -1 EBADF (Bad file descriptor) [pid 5229] close(9) = -1 EBADF (Bad file descriptor) [pid 5229] close(10) = -1 EBADF (Bad file descriptor) [pid 5229] close(11) = -1 EBADF (Bad file descriptor) [pid 5229] close(12) = -1 EBADF (Bad file descriptor) [pid 5229] close(13) = -1 EBADF (Bad file descriptor) [pid 5229] close(14) = -1 EBADF (Bad file descriptor) [pid 5229] close(15) = -1 EBADF (Bad file descriptor) [pid 5229] close(16) = -1 EBADF (Bad file descriptor) [pid 5229] close(17) = -1 EBADF (Bad file descriptor) [pid 5229] close(18) = -1 EBADF (Bad file descriptor) [pid 5229] close(19) = -1 EBADF (Bad file descriptor) [ 67.158280][ C0] Oops: general protection fault, probably for non-canonical address 0xe3fffa2202e4cfad: 0000 [#1] PREEMPT SMP KASAN PTI [ 67.158308][ C0] KASAN: maybe wild-memory-access in range [0x1ffff11017267d68-0x1ffff11017267d6f] [ 67.158334][ C0] CPU: 0 UID: 0 PID: 5229 Comm: syz-executor379 Not tainted 6.10.0-next-20240726-syzkaller #0 [ 67.158356][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 67.158370][ C0] RIP: 0010:__cpu_map_flush+0x42/0xd0 [ 67.158418][ C0] Code: e8 13 8c d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d 10 3e 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f 10 3e 00 4c 8b 23 48 8d 7b c0 [ 67.158436][ C0] RSP: 0018:ffffc90000007b10 EFLAGS: 00010202 [ 67.158454][ C0] RAX: 03fffe2202e4cfad RBX: 1ffff11017267d6b RCX: ffff888026d15a00 [ 67.158469][ C0] RDX: 0000000080000102 RSI: 0000000000000000 RDI: ffffc900035a7800 [ 67.158482][ C0] RBP: dffffc0000000000 R08: ffffffff8992342a R09: 1ffffffff202fc75 [ 67.158497][ C0] R10: dffffc0000000000 R11: fffffbfff202fc76 R12: ffffc900035a7800 [ 67.158511][ C0] R13: ffffc900035a77c0 R14: ffffc900035a7800 R15: dffffc0000000000 [ 67.158526][ C0] FS: 00005555697ee380(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 67.158543][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.158556][ C0] CR2: 000000002000f000 CR3: 0000000076e4c000 CR4: 00000000003506f0 [ 67.158572][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.158583][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.158595][ C0] Call Trace: [ 67.158602][ C0] [ 67.158610][ C0] ? __die_body+0x88/0xe0 [ 67.158638][ C0] ? die_addr+0x108/0x140 [ 67.158663][ C0] ? exc_general_protection+0x3dd/0x5d0 [ 67.158702][ C0] ? asm_exc_general_protection+0x26/0x30 [ 67.158725][ C0] ? xdp_do_check_flushed+0x10a/0x240 [ 67.158754][ C0] ? __cpu_map_flush+0x42/0xd0 [ 67.158780][ C0] xdp_do_check_flushed+0x136/0x240 [ 67.158809][ C0] __napi_poll+0xe4/0x490 [ 67.158835][ C0] net_rx_action+0x89b/0x1240 [ 67.158872][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 67.158912][ C0] ? sched_clock+0x4a/0x70 [ 67.158942][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.158974][ C0] handle_softirqs+0x2c4/0x970 [ 67.159001][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 67.159027][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 67.159053][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 67.159081][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 67.159104][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 67.159132][ C0] irq_exit_rcu+0x9/0x30 [ 67.159154][ C0] common_interrupt+0xaa/0xd0 [ 67.159174][ C0] [ 67.159180][ C0] [ 67.159188][ C0] asm_common_interrupt+0x26/0x40 [ 67.159207][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 67.159234][ C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 8e be 37 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 83 4f 9f f5 65 8b 05 04 46 40 74 85 c0 74 43 48 c7 04 24 0e 36 [ 67.159249][ C0] RSP: 0018:ffffc900035a7b60 EFLAGS: 00000206 [ 67.159264][ C0] RAX: c97183fe8872c200 RBX: 1ffff920006b4f70 RCX: ffffffff817022aa [ 67.159279][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0ad540 RDI: 0000000000000001 [ 67.159292][ C0] RBP: ffffc900035a7bf0 R08: ffffffff93737817 R09: 1ffffffff26e6f02 [ 67.159306][ C0] R10: dffffc0000000000 R11: fffffbfff26e6f03 R12: dffffc0000000000 [ 67.159320][ C0] R13: 1ffff920006b4f6c R14: ffffc900035a7b80 R15: 0000000000000246 [ 67.159338][ C0] ? mark_lock+0x9a/0x360 [ 67.159367][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 67.159394][ C0] ? __wake_up_common_lock+0x18c/0x1e0 [ 67.159423][ C0] do_notify_parent_cldstop+0x9ab/0xb50 [ 67.159449][ C0] ? __pfx_do_notify_parent_cldstop+0x10/0x10 [ 67.159483][ C0] ptrace_stop+0x465/0x940 [ 67.159510][ C0] ptrace_notify+0x255/0x380 [ 67.159532][ C0] ? __pfx_ptrace_notify+0x10/0x10 [ 67.159557][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.159583][ C0] ? do_syscall_64+0x100/0x230 [ 67.159612][ C0] syscall_trace_enter+0x5d/0x150 [ 67.159634][ C0] do_syscall_64+0xcc/0x230 [ 67.159660][ C0] ? clear_bhb_loop+0x35/0x90 [ 67.159682][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.159702][ C0] RIP: 0033:0x7f7692d0be60 [ 67.159721][ C0] Code: ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 80 3d 41 e2 07 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c [ 67.159735][ C0] RSP: 002b:00007ffc4073c208 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 67.159753][ C0] RAX: ffffffffffffffda RBX: 0000000000000015 RCX: 00007f7692d0be60 [ 67.159766][ C0] RDX: ffffffffffffffb8 RSI: 0000000020000200 RDI: 0000000000000014 [ 67.159779][ C0] RBP: 0000000000000000 R08: 00007ffc4073c338 R09: 00007ffc4073c338 [ 67.159792][ C0] R10: 00007ffc4073c338 R11: 0000000000000202 R12: 0000000000000000 [ 67.159804][ C0] R13: 0000000000000000 R14: 00007ffc4073c240 R15: 00007ffc4073c230 [ 67.159825][ C0] [ 67.159831][ C0] Modules linked in: [ 67.159843][ C0] ---[ end trace 0000000000000000 ]--- [ 67.657342][ C0] RIP: 0010:__cpu_map_flush+0x42/0xd0 [ 67.662733][ C0] Code: e8 13 8c d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d 10 3e 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f 10 3e 00 4c 8b 23 48 8d 7b c0 [ 67.682364][ C0] RSP: 0018:ffffc90000007b10 EFLAGS: 00010202 [ 67.688453][ C0] RAX: 03fffe2202e4cfad RBX: 1ffff11017267d6b RCX: ffff888026d15a00 [ 67.696441][ C0] RDX: 0000000080000102 RSI: 0000000000000000 RDI: ffffc900035a7800 [ 67.704434][ C0] RBP: dffffc0000000000 R08: ffffffff8992342a R09: 1ffffffff202fc75 [ 67.712422][ C0] R10: dffffc0000000000 R11: fffffbfff202fc76 R12: ffffc900035a7800 [ 67.720428][ C0] R13: ffffc900035a77c0 R14: ffffc900035a7800 R15: dffffc0000000000 [ 67.728423][ C0] FS: 00005555697ee380(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 67.737373][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.743958][ C0] CR2: 000000002000f000 CR3: 0000000076e4c000 CR4: 00000000003506f0 [ 67.751954][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.759946][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.767954][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 67.775355][ C0] Kernel Offset: disabled [ 67.779665][ C0] Rebooting in 86400 seconds..