./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1516437864
<...>
Warning: Permanently added '10.128.10.27' (ED25519) to the list of known hosts.
execve("./syz-executor1516437864", ["./syz-executor1516437864"], 0x7fff238be920 /* 10 vars */) = 0
brk(NULL) = 0x555557200000
brk(0x555557200e00) = 0x555557200e00
arch_prctl(ARCH_SET_FS, 0x555557200480) = 0
set_tid_address(0x555557200750) = 5039
set_robust_list(0x555557200760, 24) = 0
rseq(0x555557200da0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1516437864", 4096) = 28
getrandom("\x71\x58\xc2\xd1\x65\x69\xf7\xc7", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555557200e00
brk(0x555557221e00) = 0x555557221e00
brk(0x555557222000) = 0x555557222000
mprotect(0x7f012ceed000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f012ce26ce0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f012ce2ec60}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f012ce26ce0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f012ce2ec60}, NULL, 8) = 0
memfd_create("syzkaller", 0) = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0124a1d000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\xff\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x02\x00\x00\x00\xbb\x02\x87\x1c\xc7\xbb\xb3\x5e\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f0124a1d000, 2097152) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 73.982346][ T5039] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5039 'syz-executor151'
ioctl(4, LOOP_SET_FD, 3) = 0
close(3) = 0
mkdir("./file0", 0777) = 0
mount("/dev/loop0", "./file0", "ntfs3", MS_NOEXEC|MS_SYNCHRONOUS|MS_REC|MS_STRICTATIME, "") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0") = 0
ioctl(4, LOOP_CLR_FD) = 0
close(4) = 0
openat(AT_FDCWD, "memory.numa_stat", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[ 74.031603][ T5039] loop0: detected capacity change from 0 to 4096
[ 74.044352][ T5039] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[ 74.062772][ T5039] ntfs3: loop0: Mark volume as dirty due to NTFS errors
fallocate(4, 0, 0, 1048816) = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 5
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
write(6, "38", 2) = 2
[ 74.125268][ T5039] FAULT_INJECTION: forcing a failure.
[ 74.125268][ T5039] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 74.138826][ T5039] CPU: 0 PID: 5039 Comm: syz-executor151 Not tainted 6.5.0-rc3-next-20230727-syzkaller #0
[ 74.148765][ T5039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[ 74.158854][ T5039] Call Trace:
[ 74.162150][ T5039]
[ 74.165283][ T5039] dump_stack_lvl+0x125/0x1b0
[ 74.170031][ T5039] should_fail_ex+0x496/0x5b0
[ 74.174741][ T5039] __should_fail_alloc_page+0xe7/0x130
[ 74.180263][ T5039] prepare_alloc_pages.constprop.0+0x16f/0x550
[ 74.186553][ T5039] __alloc_pages+0x14e/0x4a0
[ 74.191437][ T5039] ? __alloc_pages_slowpath.constprop.0+0x2360/0x2360
[ 74.198352][ T5039] ? xas_descend+0x13d/0x480
[ 74.202978][ T5039] alloc_pages+0x1a9/0x270
[ 74.207419][ T5039] folio_alloc+0x1e/0x60
[ 74.211773][ T5039] filemap_alloc_folio+0x3bb/0x490
[ 74.216936][ T5039] ? folio_wake_bit+0x270/0x270
[ 74.221864][ T5039] __filemap_get_folio+0x491/0xb00
[ 74.227007][ T5039] pagecache_get_page+0x2c/0x270
[ 74.231987][ T5039] ni_readpage_cmpr+0x24e/0xc80
[ 74.236895][ T5039] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 74.242549][ T5039] ntfs_read_folio+0x107/0x1e0
[ 74.247339][ T5039] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 74.252994][ T5039] filemap_read_folio+0xe5/0x2b0
[ 74.257956][ T5039] ? __folio_lock_killable+0x20/0x20
[ 74.263270][ T5039] filemap_get_pages+0xdd7/0x1820
[ 74.268331][ T5039] ? filemap_add_folio+0x1e0/0x1e0
[ 74.273466][ T5039] ? reacquire_held_locks+0x4b0/0x4b0
[ 74.278862][ T5039] ? preempt_count_sub+0x150/0x150
[ 74.284007][ T5039] filemap_splice_read+0x3d0/0x9f0
[ 74.289145][ T5039] ? aa_file_perm+0x5a0/0x11d0
[ 74.293940][ T5039] ? splice_folio_into_pipe+0x5f0/0x5f0
[ 74.299508][ T5039] ? aa_path_link+0x300/0x300
[ 74.304226][ T5039] ? fsnotify_perm.part.0+0x268/0x630
[ 74.309626][ T5039] ? apparmor_file_permission+0x21f/0x4f0
[ 74.315375][ T5039] ntfs_file_splice_read+0x10d/0x190
[ 74.320682][ T5039] ? ntfs_fiemap+0x110/0x110
[ 74.325288][ T5039] vfs_splice_read+0x2c8/0x3b0
[ 74.330073][ T5039] splice_direct_to_actor+0x2a5/0xa30
[ 74.335468][ T5039] ? folio_flags.constprop.0+0x150/0x150
[ 74.341138][ T5039] ? vfs_splice_read+0x3b0/0x3b0
[ 74.346096][ T5039] ? bpf_lsm_file_permission+0x9/0x10
[ 74.351491][ T5039] ? security_file_permission+0x94/0x100
[ 74.357149][ T5039] do_splice_direct+0x1af/0x280
[ 74.362023][ T5039] ? splice_direct_to_actor+0xa30/0xa30
[ 74.367616][ T5039] ? propagate_umount+0x1af0/0x1af0
[ 74.372833][ T5039] ? bpf_lsm_file_permission+0x9/0x10
[ 74.378333][ T5039] ? security_file_permission+0x94/0x100
[ 74.384011][ T5039] do_sendfile+0xb88/0x1390
[ 74.388549][ T5039] ? vfs_iocb_iter_write+0x4c0/0x4c0
[ 74.393850][ T5039] ? ptrace_notify+0xf4/0x130
[ 74.398549][ T5039] ? reacquire_held_locks+0x4b0/0x4b0
[ 74.403959][ T5039] __x64_sys_sendfile64+0x1d6/0x220
[ 74.409193][ T5039] ? __ia32_sys_sendfile+0x220/0x220
[ 74.414496][ T5039] ? lockdep_hardirqs_on+0x7d/0x100
[ 74.419730][ T5039] ? _raw_spin_unlock_irq+0x2e/0x50
[ 74.424974][ T5039] ? ptrace_notify+0xf4/0x130
[ 74.429699][ T5039] do_syscall_64+0x38/0xb0
[ 74.434156][ T5039] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 74.440072][ T5039] RIP: 0033:0x7f012ce5aef9
[ 74.444501][ T5039] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 74.464177][ T5039] RSP: 002b:00007fffa8752058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 74.472633][ T5039] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f012ce5aef9
[ 74.480620][ T5039] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[ 74.488604][ T5039] RBP: 00007fffa8752060 R08: 00007fffa8751df6 R09: 00007f012c003833
[ 74.496591][ T5039] R10: 000000000000c049 R11: 0000000000000246 R12: 0000000000000000
[ 74.504596][ T5039] R13: 00007fffa87522c8 R14: 0000000000000001 R15: 0000000000000001
[ 74.512597][ T5039]
[ 74.516011][ T5039] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[ 74.527754][ T5039] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 74.536177][ T5039] CPU: 0 PID: 5039 Comm: syz-executor151 Not tainted 6.5.0-rc3-next-20230727-syzkaller #0
[ 74.546101][ T5039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
[ 74.556170][ T5039] RIP: 0010:unlock_page+0x25/0x130
[ 74.561395][ T5039] Code: 00 eb b9 66 90 f3 0f 1e fa 41 54 55 53 48 89 fb e8 60 45 cf ff 48 8d 7b 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e4 00 00 00 4c 8b 63 08 31 ff 4c 89 e5 83 e5 01
[ 74.581026][ T5039] RSP: 0018:ffffc900038bf670 EFLAGS: 00010202
[ 74.587116][ T5039] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 74.595103][ T5039] RDX: 0000000000000001 RSI: ffffffff81b7be90 RDI: 0000000000000008
[ 74.603092][ T5039] RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000000
[ 74.611080][ T5039] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[ 74.620027][ T5039] R13: ffff8880233e5488 R14: ffffea0001cef840 R15: 0000000000000000
[ 74.628020][ T5039] FS: 0000555557200480(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 74.636976][ T5039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 74.643585][ T5039] CR2: 000055a371354fd0 CR3: 0000000072288000 CR4: 00000000003506f0
[ 74.651580][ T5039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 74.659584][ T5039] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 74.667575][ T5039] Call Trace:
[ 74.670868][ T5039]
[ 74.673810][ T5039] ? die_addr+0x3b/0xa0
[ 74.678009][ T5039] ? exc_general_protection+0x154/0x230
[ 74.683588][ T5039] ? asm_exc_general_protection+0x26/0x30
[ 74.689338][ T5039] ? unlock_page+0x10/0x130
[ 74.693882][ T5039] ? unlock_page+0x25/0x130
[ 74.698406][ T5039] ni_readpage_cmpr+0x334/0xc80
[ 74.703287][ T5039] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 74.709121][ T5039] ntfs_read_folio+0x107/0x1e0
[ 74.713913][ T5039] ? ntfs_resident_writepage+0x1e0/0x1e0
[ 74.719576][ T5039] filemap_read_folio+0xe5/0x2b0
[ 74.724542][ T5039] ? __folio_lock_killable+0x20/0x20
[ 74.729857][ T5039] filemap_get_pages+0xdd7/0x1820
[ 74.734921][ T5039] ? filemap_add_folio+0x1e0/0x1e0
[ 74.740075][ T5039] ? reacquire_held_locks+0x4b0/0x4b0
[ 74.745484][ T5039] ? preempt_count_sub+0x150/0x150
[ 74.750660][ T5039] filemap_splice_read+0x3d0/0x9f0
[ 74.755806][ T5039] ? aa_file_perm+0x5a0/0x11d0
[ 74.760784][ T5039] ? splice_folio_into_pipe+0x5f0/0x5f0
[ 74.766357][ T5039] ? aa_path_link+0x300/0x300
[ 74.771108][ T5039] ? fsnotify_perm.part.0+0x268/0x630
[ 74.776539][ T5039] ? apparmor_file_permission+0x21f/0x4f0
[ 74.782299][ T5039] ntfs_file_splice_read+0x10d/0x190
[ 74.787616][ T5039] ? ntfs_fiemap+0x110/0x110
[ 74.792231][ T5039] vfs_splice_read+0x2c8/0x3b0
[ 74.797045][ T5039] splice_direct_to_actor+0x2a5/0xa30
[ 74.802461][ T5039] ? folio_flags.constprop.0+0x150/0x150
[ 74.808154][ T5039] ? vfs_splice_read+0x3b0/0x3b0
[ 74.813118][ T5039] ? bpf_lsm_file_permission+0x9/0x10
[ 74.818524][ T5039] ? security_file_permission+0x94/0x100
[ 74.824186][ T5039] do_splice_direct+0x1af/0x280
[ 74.829064][ T5039] ? splice_direct_to_actor+0xa30/0xa30
[ 74.834639][ T5039] ? propagate_umount+0x1af0/0x1af0
[ 74.839866][ T5039] ? bpf_lsm_file_permission+0x9/0x10
[ 74.845268][ T5039] ? security_file_permission+0x94/0x100
[ 74.850929][ T5039] do_sendfile+0xb88/0x1390
[ 74.855460][ T5039] ? vfs_iocb_iter_write+0x4c0/0x4c0
[ 74.860768][ T5039] ? ptrace_notify+0xf4/0x130
[ 74.865469][ T5039] ? reacquire_held_locks+0x4b0/0x4b0
[ 74.870880][ T5039] __x64_sys_sendfile64+0x1d6/0x220
[ 74.876106][ T5039] ? __ia32_sys_sendfile+0x220/0x220
[ 74.881419][ T5039] ? lockdep_hardirqs_on+0x7d/0x100
[ 74.886651][ T5039] ? _raw_spin_unlock_irq+0x2e/0x50
[ 74.891927][ T5039] ? ptrace_notify+0xf4/0x130
[ 74.896746][ T5039] do_syscall_64+0x38/0xb0
[ 74.901475][ T5039] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 74.908115][ T5039] RIP: 0033:0x7f012ce5aef9
[ 74.912575][ T5039] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 74.932482][ T5039] RSP: 002b:00007fffa8752058 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 74.940934][ T5039] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f012ce5aef9
[ 74.948946][ T5039] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[ 74.957032][ T5039] RBP: 00007fffa8752060 R08: 00007fffa8751df6 R09: 00007f012c003833
[ 74.965041][ T5039] R10: 000000000000c049 R11: 0000000000000246 R12: 0000000000000000
[ 74.973489][ T5039] R13: 00007fffa87522c8 R14: 0000000000000001 R15: 0000000000000001
[ 74.981494][ T5039]
[ 74.984530][ T5039] Modules linked in:
[ 74.988628][ T5039] ---[ end trace 0000000000000000 ]---
[ 74.994123][ T5039] RIP: 0010:unlock_page+0x25/0x130
[ 74.999549][ T5039] Code: 00 eb b9 66 90 f3 0f 1e fa 41 54 55 53 48 89 fb e8 60 45 cf ff 48 8d 7b 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e4 00 00 00 4c 8b 63 08 31 ff 4c 89 e5 83 e5 01
[ 75.019306][ T5039] RSP: 0018:ffffc900038bf670 EFLAGS: 00010202
[ 75.025494][ T5039] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 75.033509][ T5039] RDX: 0000000000000001 RSI: ffffffff81b7be90 RDI: 0000000000000008
[ 75.041631][ T5039] RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000000
[ 75.049750][ T5039] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[ 75.057793][ T5039] R13: ffff8880233e5488 R14: ffffea0001cef840 R15: 0000000000000000
[ 75.065826][ T5039] FS: 0000555557200480(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 75.074831][ T5039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 75.081448][ T5039] CR2: 000055a371354fd0 CR3: 0000000072288000 CR4: 00000000003506f0
[ 75.089522][ T5039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 75.097572][ T5039] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 75.105871][ T5039] Kernel panic - not syncing: Fatal exception
[ 75.112305][ T5039] Kernel Offset: disabled
[ 75.116903][ T5039] Rebooting in 86400 seconds..