./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor648446652
<...>
forked to background, child pid 4639
no interfaces have a carrier
[ 22.571010][ T4640] 8021q: adding VLAN 0 to HW filter on device bond0
[ 22.580527][ T4640] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts.
execve("./syz-executor648446652", ["./syz-executor648446652"], 0x7fff530a2950 /* 10 vars */) = 0
brk(NULL) = 0x5555557ec000
brk(0x5555557ecc40) = 0x5555557ecc40
arch_prctl(ARCH_SET_FS, 0x5555557ec300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor648446652", 4096) = 27
brk(0x55555580dc40) = 0x55555580dc40
brk(0x55555580e000) = 0x55555580e000
mprotect(0x7f4fe606d000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5060
openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3
write(3, "10000000000", 11) = 11
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3
write(3, "20", 2) = 2
close(3) = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
write(3, "100", 3) = 3
close(3) = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3
write(3, "7 4 1 3", 7) = 7
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3
write(3, "5060", 4) = 4
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4
sendto(4, [{nlmsg_len=36, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=704, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=5060}, "\x01\x02\x00\x00\x0d\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x35\x34\x00\x00\x00\x00\x06\x00\x01\x00\x1c\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x26\x00\x00\x00\x48\x02\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x05\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x03\x00"...], 4096, 0, NULL, NULL) = 704
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=36, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
access("/proc/net", R_OK) = 0
access("/proc/net/unix", R_OK) = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5) = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x06\x00\x0a\x00\xa0\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan0", ifr_ifindex=11}) = 0
close(5) = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x0c\x00\x01\x00\x02\x00\xaa\xaa\xaa\xaa\xaa\xaa"], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
sendto(3, [{nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, [[{nla_len=11, nla_type=IFLA_IFNAME}, "lowpan0"...], [{nla_len=16, nla_type=IFLA_LINKINFO}, [{nla_len=10, nla_type=IFLA_INFO_KIND}, "lowpan"...]], [{nla_len=8, nla_type=IFLA_LINK}, 11]]], 68, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 68
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=68, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5) = 0
sendto(4, [{nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x0b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x06\x00\x0a\x00\xa1\xaa\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=36, nlmsg_type=nl802154, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5
ioctl(5, SIOCGIFINDEX, {ifr_name="wpan1", ifr_ifindex=12}) = 0
close(5) = 0
sendto(3, [{nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wpan1"), ifi_flags=IFF_UP, ifi_change=0x1}, [{nla_len=12, nla_type=IFLA_ADDRESS}, 02:01:aa:aa:aa:aa:aa]], 44, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 44
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=5060}, {error=0, msg={nlmsg_len=44, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
close(3) = 0
close(4) = 0
unshare(CLONE_NEWPID) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557ec5d0) = 5062
./strace-static-x86_64: Process 5062 attached
[pid 5062] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid 5062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5062] setsid() = 1
[pid 5062] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid 5062] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid 5062] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid 5062] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid 5062] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid 5062] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid 5062] unshare(CLONE_NEWNS) = 0
[pid 5062] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid 5062] unshare(CLONE_NEWIPC) = 0
[pid 5062] unshare(CLONE_NEWCGROUP) = 0
[pid 5062] unshare(CLONE_NEWUTS) = 0
[pid 5062] unshare(CLONE_SYSVSEM) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "16777216", 8) = 8
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "536870912", 9) = 9
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "1024", 4) = 4
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "8192", 4) = 4
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "1024", 4) = 4
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "1024", 4) = 4
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "1024 1048576 500 1024", 21) = 21
[pid 5062] close(3) = 0
[pid 5062] getpid() = 1
[pid 5062] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5062] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid 5062] unshare(CLONE_NEWNET) = 0
[pid 5062] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid 5062] write(3, "0 65535", 7) = 7
[pid 5062] close(3) = 0
[pid 5062] openat(AT_FDCWD, "/dev/rfkill", O_RDWR) = 3
[pid 5062] write(3, "\x00\x00\x00\x00\x00\x03\x00\x00", 8) = 8
[pid 5062] close(3) = 0
[pid 5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3
[pid 5062] sendto(3, [{nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00"], 40, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 40
[pid 5062] recvfrom(3, [{nlmsg_len=224, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x13\x00\x02\x00\x4d\x41\x43\x38\x30\x32\x31\x31\x5f\x48\x57\x53\x49\x4d\x00\x00\x06\x00\x01\x00\x28\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x19\x00\x00\x00\x7c\x00\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0a\x00\x00\x00"...], 4096, 0, NULL, NULL) = 224
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=40, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] sendto(3, [{nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5062] recvfrom(3, [{nlmsg_len=2476, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x22\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x41\x01\x00\x00\xd8\x08\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x1a\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00"...], 4096, 0, NULL, NULL) = 2476
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=32, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] sendto(3, [{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5062] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=2, msg=[{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x00\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid 5062] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5062] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid 5062] close(4) = 0
[pid 5062] sendto(3, [{nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 5062] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5062] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan0", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5062] close(4) = 0
[pid 5062] sendto(3, [{nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0b\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] sendto(3, [{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5062] recvfrom(3, [{nlmsg_len=56, nlmsg_type=NLMSG_ERROR, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, {error=3, msg=[{nlmsg_len=36, nlmsg_type=0x28 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x04\x00\x00\x00\x04\x00\x0e\x00\x0a\x00\x16\x00\x08\x02\x11\x00\x00\x01\x00\x00"]}], 4096, 0, NULL, NULL) = 56
[pid 5062] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5062] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid 5062] close(4) = 0
[pid 5062] sendto(3, [{nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x06\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x08\x00\x05\x00\x01\x00\x00\x00"], 36, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 36
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=36, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
[pid 5062] ioctl(4, SIOCGIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5062] ioctl(4, SIOCSIFFLAGS, {ifr_name="wlan1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_MULTICAST}) = 0
[pid 5062] close(4) = 0
[pid 5062] sendto(3, [{nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x2b\x00\x00\x00\x08\x00\x03\x00\x0c\x00\x00\x00\x0a\x00\x34\x00\x10\x10\x10\x10\x10\x10\x00\x00\x08\x00\x26\x00\x6c\x09\x00\x00\x0a\x00\x06\x00\x50\x50\x50\x50\x50\x50\x00\x00\x04\x00\x3c\x00"], 64, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 64
[pid 5062] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=1}, {error=0, msg={nlmsg_len=64, nlmsg_type=0x22 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36
[pid 5062] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5062] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan0", ifr_ifindex=11}) = 0
[pid 5062] close(4) = 0
[pid 5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5062] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5062] recvfrom(4, [{nlmsg_len=1420, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0b\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x30\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1420
[pid 5062] close(4) = 0
[pid 5062] socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
[pid 5062] ioctl(4, SIOCGIFINDEX, {ifr_name="wlan1", ifr_ifindex=12}) = 0
[pid 5062] close(4) = 0
[pid 5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5062] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5062] recvfrom(4, [{nlmsg_len=1420, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x00\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x00\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1420
[pid 5062] close(4) = 0
[pid 5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5062] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5062] recvfrom(4, [{nlmsg_len=1420, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x00\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x00\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1420
syzkaller login: [ 41.408945][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 41.417356][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 41.425765][ T893] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 41.441812][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 41.450429][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[pid 5062] close(4) = 0
[pid 5062] socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 4
[pid 5062] sendto(4, [{nlmsg_len=32, nlmsg_type=0x12 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x00\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"], 32, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 32
[pid 5062] recvfrom(4, [{nlmsg_len=1420, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=1}, "\x00\x00\x01\x00\x0c\x00\x00\x00\x43\x10\x01\x00\x00\x00\x00\x00\x0a\x00\x03\x00\x77\x6c\x61\x6e\x31\x00\x00\x00\x08\x00\x0d\x00\xe8\x03\x00\x00\x05\x00\x10\x00\x06\x00\x00\x00\x05\x00\x11\x00\x00\x00\x00\x00\x08\x00\x04\x00\xdc\x05\x00\x00\x08\x00\x32\x00\x00\x01\x00\x00\x08\x00\x33\x00\x00\x09\x00\x00\x08\x00\x1b\x00\x00\x00\x00\x00\x08\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x3d\x00\x00\x00\x00\x00"...], 4096, 0, NULL, NULL) = 1420
[pid 5062] close(4) = 0
[pid 5062] close(3) = 0
[pid 5062] mkdir("/dev/binderfs", 0777) = 0
[pid 5062] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid 5062] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5062] memfd_create("syzkaller", 0) = 3
[pid 5062] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4fddba9000
[ 41.459924][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[pid 5062] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 5062] munmap(0x7f4fddba9000, 16777216) = 0
[pid 5062] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5062] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5062] close(3) = 0
[pid 5062] mkdir("./file0", 0777) = 0
[pid 5062] mount("/dev/loop0", "./file0", "jfs", MS_RDONLY|MS_NODEV|MS_MANDLOCK|MS_DIRSYNC|MS_SILENT, "nodiscard,grpquota,quota,quota,iocharset=iso8859-6,errors=remount-ro,uid=0x000000000000ee00,") = 0
[pid 5062] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5062] chdir("./file0") = 0
[pid 5062] ioctl(4, LOOP_CLR_FD) = 0
[pid 5062] close(4) = 0
[ 41.558850][ T5062] loop0: detected capacity change from 0 to 32768
[ 41.567703][ T5062] =======================================================
[ 41.567703][ T5062] WARNING: The mand mount option has been deprecated and
[ 41.567703][ T5062] and is ignored by this kernel. Remove the mand
[ 41.567703][ T5062] option from the mount to silence this warning.
[ 41.567703][ T5062] =======================================================
[pid 5062] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
[pid 5062] write(4, "16", 2) = 2
[pid 5062] mkdir(".", 0777) = -1 EEXIST (File exists)
[ 41.610222][ T5062] FAULT_INJECTION: forcing a failure.
[ 41.610222][ T5062] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 41.623788][ T5062] CPU: 0 PID: 5062 Comm: syz-executor648 Not tainted 6.2.0-rc5-syzkaller #0
[ 41.632497][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 41.642565][ T5062] Call Trace:
[ 41.645838][ T5062] <TASK>
[ 41.648753][ T5062] dump_stack_lvl+0xd1/0x138
[ 41.653351][ T5062] should_fail_ex.cold+0x5/0xa
[ 41.658119][ T5062] prepare_alloc_pages+0x178/0x570
[ 41.663226][ T5062] __alloc_pages+0x149/0x5b0
[ 41.667808][ T5062] ? __alloc_pages_slowpath.constprop.0+0x23d0/0x23d0
[ 41.674562][ T5062] ? find_held_lock+0x2d/0x110
[ 41.679321][ T5062] ? free_unref_page+0x284/0x490
[ 41.684246][ T5062] ? lock_downgrade+0x6e0/0x6e0
[ 41.689182][ T5062] ? free_unref_page_commit+0x38f/0x6e0
[ 41.694718][ T5062] __kmalloc_large_node+0x85/0x160
[ 41.699849][ T5062] kmalloc_large+0x1c/0x70
[ 41.704258][ T5062] diMount+0x29/0x830
[ 41.708237][ T5062] jfs_mount_rw+0x239/0x690
[ 41.712730][ T5062] ? updateSuper+0x7a0/0x7a0
[ 41.717309][ T5062] ? list_lru_walk_node+0x15a/0x2f0
[ 41.722494][ T5062] ? list_lru_walk_one+0xe0/0xe0
[ 41.727417][ T5062] ? shrink_dentry_list+0x1a/0x800
[ 41.732531][ T5062] jfs_remount+0x520/0x650
[ 41.737044][ T5062] ? parse_options+0xec0/0xec0
[ 41.741790][ T5062] ? shrink_dcache_sb+0x1bf/0x360
[ 41.746806][ T5062] ? shrink_dentry_list+0x800/0x800
[ 41.751996][ T5062] ? parse_options+0xec0/0xec0
[ 41.756767][ T5062] legacy_reconfigure+0x119/0x180
[ 41.761783][ T5062] reconfigure_super+0x40c/0xa30
[ 41.766709][ T5062] ? fs_umode_to_dtype+0xd0/0xd0
[ 41.771639][ T5062] path_mount+0x1830/0x1e20
[ 41.776136][ T5062] ? kmem_cache_free+0xee/0x5c0
[ 41.780988][ T5062] ? finish_automount+0x960/0x960
[ 41.786007][ T5062] ? putname+0x102/0x140
[ 41.790255][ T5062] __x64_sys_mount+0x283/0x300
[ 41.795020][ T5062] ? copy_mnt_ns+0xb30/0xb30
[ 41.799621][ T5062] ? lockdep_hardirqs_on+0x7d/0x100
[ 41.804825][ T5062] ? _raw_spin_unlock_irq+0x2e/0x50
[ 41.810013][ T5062] ? ptrace_notify+0xfe/0x140
[ 41.814676][ T5062] do_syscall_64+0x39/0xb0
[ 41.819104][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 41.824988][ T5062] RIP: 0033:0x7f4fe5ffffca
[ 41.829401][ T5062] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 f8 03 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 41.848995][ T5062] RSP: 002b:00007ffcb6afbf08 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
[pid 5062] mount(NULL, ".", 0x20000040, MS_REMOUNT|MS_DIRSYNC|MS_NOATIME|MS_SILENT|MS_I_VERSION|MS_STRICTATIME, "") = -1 ENOMEM (Cannot allocate memory)
[pid 5062] exit_group(1) = ?
[ 41.857397][ T5062] RAX: ffffffffffffffda RBX: 00005555557ec2c0 RCX: 00007f4fe5ffffca
[ 41.865365][ T5062] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000
[ 41.873331][ T5062] RBP: 0000000000000000 R08: 00007ffcb6afbf90 R09: 0000000000000002
[ 41.881286][ T5062] R10: 00000000018084a0 R11: 0000000000000286 R12: 00000000ffffffff
[ 41.889239][ T5062] R13: 00007ffcb6afbf90 R14: 0000000000000000 R15: 0000000020000080
[ 41.897204][ T5062] </TASK>
[ 41.901532][ T5062] jfs_mount_rw: diMount failed!
[ 41.914239][ T5062] ------------[ cut here ]------------
[ 41.920340][ T5062] WARNING: CPU: 1 PID: 5062 at mm/slab_common.c:936 free_large_kmalloc+0xad/0xe0
[ 41.929679][ T5062] Modules linked in:
[ 41.933771][ T5062] CPU: 1 PID: 5062 Comm: syz-executor648 Not tainted 6.2.0-rc5-syzkaller #0
[ 41.942649][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 41.953339][ T5062] RIP: 0010:free_large_kmalloc+0xad/0xe0
[ 41.959067][ T5062] Code: ee 48 89 ef 5d 41 5c 41 5d e9 cf c6 0d 00 e8 fa 30 d1 ff 44 89 e2 be 06 00 00 00 48 89 ef e8 4a fd 1f 00 e8 55 32 d1 ff eb c6 <0f> 0b 80 3d 17 20 a7 0c 00 0f 84 28 d5 0a 08 48 8b 74 24 20 4c 89
[ 41.978808][ T5062] RSP: 0018:ffffc90003cefbc8 EFLAGS: 00010246
[ 41.985260][ T5062] RAX: 00fff00000000000 RBX: ffff88807503a930 RCX: 0000000000000000
[ 41.993273][ T5062] RDX: 0000000000000000 RSI: ffff88802ac90000 RDI: ffffea0000ab2400
[ 42.001382][ T5062] RBP: ffffea0000ab2400 R08: 0000000000000007 R09: 0000000000000000
[ 42.009524][ T5062] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88802ac90000
[ 42.017576][ T5062] R13: ffff88802a658600 R14: ffff888075038d70 R15: ffff88807503a930
[ 42.025600][ T5062] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 42.034605][ T5062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 42.041312][ T5062] CR2: 00007f4fe6071160 CR3: 00000000288d1000 CR4: 0000000000350ef0
[ 42.049314][ T5062] Call Trace:
[ 42.052579][ T5062] <TASK>
[ 42.055535][ T5062] diUnmount+0xf1/0x130
[ 42.059711][ T5062] jfs_umount+0x189/0x410
[ 42.064040][ T5062] jfs_put_super+0x85/0x1a0
[ 42.068615][ T5062] ? jfs_quota_off+0x170/0x170
[ 42.073392][ T5062] generic_shutdown_super+0x158/0x410
[ 42.078806][ T5062] kill_block_super+0x9b/0xf0
[ 42.083510][ T5062] deactivate_locked_super+0x98/0x160
[ 42.088937][ T5062] deactivate_super+0xb1/0xd0
[ 42.093651][ T5062] cleanup_mnt+0x2ae/0x3d0
[ 42.098156][ T5062] task_work_run+0x16f/0x270
[ 42.102788][ T5062] ? task_work_cancel+0x30/0x30
[ 42.107848][ T5062] do_exit+0xaa8/0x2950
[ 42.112023][ T5062] ? lock_downgrade+0x6e0/0x6e0
[ 42.116909][ T5062] ? do_raw_spin_lock+0x124/0x2b0
[ 42.121955][ T5062] ? mm_update_next_owner+0x7b0/0x7b0
[ 42.127361][ T5062] ? rwlock_bug.part.0+0x90/0x90
[ 42.132318][ T5062] ? _raw_spin_unlock_irq+0x23/0x50
[ 42.137551][ T5062] do_group_exit+0xd4/0x2a0
[ 42.142092][ T5062] __x64_sys_exit_group+0x3e/0x50
[ 42.147186][ T5062] do_syscall_64+0x39/0xb0
[ 42.151632][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.157593][ T5062] RIP: 0033:0x7f4fe5ffd6f9
[ 42.162020][ T5062] Code: Unable to access opcode bytes at 0x7f4fe5ffd6cf.
[ 42.169083][ T5062] RSP: 002b:00007ffcb6afc078 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 42.177534][ T5062] RAX: ffffffffffffffda RBX: 00007f4fe60733f0 RCX: 00007f4fe5ffd6f9
[ 42.185689][ T5062] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 42.193681][ T5062] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000002
[ 42.202301][ T5062] R10: 00000000018084a0 R11: 0000000000000246 R12: 00007f4fe60733f0
[ 42.210530][ T5062] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 42.218608][ T5062] </TASK>
[ 42.221735][ T5062] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 42.229012][ T5062] CPU: 1 PID: 5062 Comm: syz-executor648 Not tainted 6.2.0-rc5-syzkaller #0
[ 42.237690][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 42.247735][ T5062] Call Trace:
[ 42.251005][ T5062] <TASK>
[ 42.253927][ T5062] dump_stack_lvl+0xd1/0x138
[ 42.258519][ T5062] panic+0x2cc/0x626
[ 42.262436][ T5062] ? panic_print_sys_info.part.0+0x110/0x110
[ 42.268424][ T5062] ? free_large_kmalloc+0xad/0xe0
[ 42.273459][ T5062] check_panic_on_warn.cold+0x19/0x35
[ 42.278832][ T5062] __warn+0xf2/0x1a0
[ 42.282722][ T5062] ? free_large_kmalloc+0xad/0xe0
[ 42.287744][ T5062] report_bug+0x1c0/0x210
[ 42.292080][ T5062] handle_bug+0x3c/0x70
[ 42.296233][ T5062] exc_invalid_op+0x18/0x50
[ 42.300734][ T5062] asm_exc_invalid_op+0x1a/0x20
[ 42.305588][ T5062] RIP: 0010:free_large_kmalloc+0xad/0xe0
[ 42.311227][ T5062] Code: ee 48 89 ef 5d 41 5c 41 5d e9 cf c6 0d 00 e8 fa 30 d1 ff 44 89 e2 be 06 00 00 00 48 89 ef e8 4a fd 1f 00 e8 55 32 d1 ff eb c6 <0f> 0b 80 3d 17 20 a7 0c 00 0f 84 28 d5 0a 08 48 8b 74 24 20 4c 89
[ 42.330849][ T5062] RSP: 0018:ffffc90003cefbc8 EFLAGS: 00010246
[ 42.336915][ T5062] RAX: 00fff00000000000 RBX: ffff88807503a930 RCX: 0000000000000000
[ 42.344885][ T5062] RDX: 0000000000000000 RSI: ffff88802ac90000 RDI: ffffea0000ab2400
[ 42.352848][ T5062] RBP: ffffea0000ab2400 R08: 0000000000000007 R09: 0000000000000000
[ 42.360813][ T5062] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88802ac90000
[ 42.368778][ T5062] R13: ffff88802a658600 R14: ffff888075038d70 R15: ffff88807503a930
[ 42.376754][ T5062] ? free_large_kmalloc+0x15/0xe0
[ 42.381781][ T5062] diUnmount+0xf1/0x130
[ 42.385935][ T5062] jfs_umount+0x189/0x410
[ 42.390286][ T5062] jfs_put_super+0x85/0x1a0
[ 42.394784][ T5062] ? jfs_quota_off+0x170/0x170
[ 42.399541][ T5062] generic_shutdown_super+0x158/0x410
[ 42.404914][ T5062] kill_block_super+0x9b/0xf0
[ 42.409588][ T5062] deactivate_locked_super+0x98/0x160
[ 42.414956][ T5062] deactivate_super+0xb1/0xd0
[ 42.419634][ T5062] cleanup_mnt+0x2ae/0x3d0
[ 42.424055][ T5062] task_work_run+0x16f/0x270
[ 42.428651][ T5062] ? task_work_cancel+0x30/0x30
[ 42.433505][ T5062] do_exit+0xaa8/0x2950
[ 42.437665][ T5062] ? lock_downgrade+0x6e0/0x6e0
[ 42.442517][ T5062] ? do_raw_spin_lock+0x124/0x2b0
[ 42.447531][ T5062] ? mm_update_next_owner+0x7b0/0x7b0
[ 42.452901][ T5062] ? rwlock_bug.part.0+0x90/0x90
[ 42.457831][ T5062] ? _raw_spin_unlock_irq+0x23/0x50
[ 42.463026][ T5062] do_group_exit+0xd4/0x2a0
[ 42.467534][ T5062] __x64_sys_exit_group+0x3e/0x50
[ 42.472566][ T5062] do_syscall_64+0x39/0xb0
[ 42.476984][ T5062] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 42.482869][ T5062] RIP: 0033:0x7f4fe5ffd6f9
[ 42.487274][ T5062] Code: Unable to access opcode bytes at 0x7f4fe5ffd6cf.
[ 42.494277][ T5062] RSP: 002b:00007ffcb6afc078 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 42.502680][ T5062] RAX: ffffffffffffffda RBX: 00007f4fe60733f0 RCX: 00007f4fe5ffd6f9
[ 42.510659][ T5062] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001
[ 42.518641][ T5062] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000002
[ 42.526638][ T5062] R10: 00000000018084a0 R11: 0000000000000246 R12: 00007f4fe60733f0
[ 42.534604][ T5062] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 42.542599][ T5062] </TASK>
[ 42.546496][ T5062] Kernel Offset: disabled
[ 42.550884][ T5062] Rebooting in 86400 seconds..