./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3281610894

<...>
[  102.552684][    T8] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.161' (ED25519) to the list of known hosts.
execve("./syz-executor3281610894", ["./syz-executor3281610894"], 0x7ffee101c4d0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555bbd000
brk(0x555555bbdd00)                     = 0x555555bbdd00
arch_prctl(ARCH_SET_FS, 0x555555bbd380) = 0
set_tid_address(0x555555bbd650)         = 5044
set_robust_list(0x555555bbd660, 24)     = 0
rseq(0x555555bbdca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3281610894", 4096) = 28
getrandom("\x17\xbe\x82\xa0\xb8\x2f\x21\x74", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555555bbdd00
brk(0x555555bded00)                     = 0x555555bded00
brk(0x555555bdf000)                     = 0x555555bdf000
mprotect(0x7f3fcf9ae000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
madvise(0x20a93000, 16384, MADV_HUGEPAGE) = 0
mremap(0x20a96000, 4096, 8388608, MREMAP_MAYMOVE|MREMAP_FIXED, 0x20130000) = 0x20130000
gettid()                                = 5044
process_vm_writev(5044, [{iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=247}], 1, [{iov_base=0x20217f28, iov_len=4294967118}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, ...], 570, 0) = 247
[  106.034888][ T5044] page:ffffea0001c90000 refcount:512 mapcount:2 mapping:0000000000000000 index:0x20400 pfn:0x72400
[  106.046241][ T5044] head:ffffea0001c90000 order:9 entire_mapcount:1 nr_pages_mapped:1 pincount:0
[  106.055537][ T5044] memcg:ffff888016262000
[  106.059872][ T5044] anon flags: 0xfff800000a0078(uptodate|dirty|lru|head|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  106.072237][ T5044] page_type: 0x0()
[  106.076217][ T5044] raw: 00fff800000a0078 ffffea0001ca8008 ffffea0001c98008 ffff8880274c1551
[  106.085002][ T5044] raw: 0000000000020400 0000000000000000 0000020000000000 ffff888016262000
[  106.093789][ T5044] page dumped because: VM_WARN_ON_FOLIO(page_mapcount(page) > 1 && PageAnonExclusive(page))
[  106.104192][ T5044] page_owner tracks the page as allocated
[  106.110617][ T5044] page last allocated via order 9, migratetype Movable, gfp_mask 0x3d24ca(GFP_TRANSHUGE|__GFP_NORETRY|__GFP_THISNODE), pid 5044, tgid 5044 (syz-executor328), ts 106030853648, free_ts 37828228656
[  106.129998][ T5044]  post_alloc_hook+0x2cf/0x340
[  106.134945][ T5044]  get_page_from_freelist+0xdcd/0x2d10
[  106.140544][ T5044]  __alloc_pages+0x1d0/0x4a0
[  106.145192][ T5044]  __folio_alloc+0x16/0x40
[  106.149724][ T5044]  vma_alloc_folio+0x63f/0x890
[  106.154608][ T5044]  do_huge_pmd_anonymous_page+0x243/0x2160
[  106.160707][ T5044]  __handle_mm_fault+0x2363/0x3da0
[  106.165969][ T5044]  handle_mm_fault+0x478/0xa00
[  106.170852][ T5044]  __get_user_pages+0x4b2/0x1480
[  106.175872][ T5044]  __gup_longterm_locked+0x755/0x2570
[  106.181404][ T5044]  pin_user_pages_remote+0xee/0x140
[  106.186727][ T5044]  process_vm_rw_core.constprop.0+0x43d/0xa10
[  106.193141][ T5044]  process_vm_rw+0x2ff/0x360
[  106.197770][ T5044]  __x64_sys_process_vm_writev+0xe2/0x1b0
[  106.203609][ T5044]  do_syscall_64+0x38/0xb0
[  106.208101][ T5044]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  106.214132][ T5044] page last free stack trace:
[  106.218931][ T5044]  free_unref_page+0x554/0xd70
[  106.223816][ T5044]  free_contig_range+0xb6/0x190
[  106.228712][ T5044]  destroy_args+0x768/0x990
[  106.233336][ T5044]  debug_vm_pgtable+0x1d79/0x3df0
[  106.238424][ T5044]  do_one_initcall+0x117/0x630
[  106.243358][ T5044]  kernel_init_freeable+0x5c2/0x8f0
[  106.248809][ T5044]  kernel_init+0x1c/0x2a0
[  106.253377][ T5044]  ret_from_fork+0x45/0x80
[  106.257941][ T5044]  ret_from_fork_asm+0x11/0x20
[  106.263037][ T5044] ------------[ cut here ]------------
[  106.268531][ T5044] WARNING: CPU: 0 PID: 5044 at mm/rmap.c:1252 page_add_anon_rmap+0xc33/0x1a70
[  106.277603][ T5044] Modules linked in:
[  106.281588][ T5044] CPU: 0 PID: 5044 Comm: syz-executor328 Not tainted 6.6.0-rc1-next-20230915-syzkaller #0
[  106.291695][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  106.301848][ T5044] RIP: 0010:page_add_anon_rmap+0xc33/0x1a70
[  106.308014][ T5044] Code: 48 c1 eb 11 83 e3 01 89 de e8 b9 d7 b8 ff 84 db 0f 84 36 fb ff ff e8 7c dc b8 ff 48 c7 c6 00 83 99 8a 4c 89 e7 e8 dd 02 f7 ff <0f> 0b e9 1b fb ff ff e8 61 dc b8 ff 49 89 dd 31 ff 41 81 e5 ff 0f
[  106.328042][ T5044] RSP: 0018:ffffc90003b2f6d8 EFLAGS: 00010293
[  106.334213][ T5044] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  106.342379][ T5044] RDX: ffff88807daf8000 RSI: ffffffff81cf09f3 RDI: ffffffff8ae93c60
[  106.350417][ T5044] RBP: ffff88801e872200 R08: 0000000000000000 R09: fffffbfff1d9cd5a
[  106.358526][ T5044] R10: ffffffff8ece6ad7 R11: 0000000000000001 R12: ffffea0001c90000
[  106.366697][ T5044] R13: 00fff800000a0078 R14: 0000000000000000 R15: ffffea0001ca8008
[  106.375178][ T5044] FS:  0000555555bbd380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  106.384590][ T5044] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.391259][ T5044] CR2: 0000000020123008 CR3: 0000000075b7b000 CR4: 00000000003506f0
[  106.399330][ T5044] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  106.407365][ T5044] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  106.415598][ T5044] Call Trace:
[  106.419103][ T5044]  <TASK>
[  106.422108][ T5044]  ? show_regs+0x8f/0xa0
[  106.426510][ T5044]  ? __warn+0xe6/0x380
[  106.430809][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.436627][ T5044]  ? report_bug+0x3bc/0x580
[  106.441286][ T5044]  ? handle_bug+0x3c/0x70
[  106.445830][ T5044]  ? exc_invalid_op+0x17/0x40
[  106.450804][ T5044]  ? asm_exc_invalid_op+0x1a/0x20
[  106.456004][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.461505][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.467058][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.472529][ T5044]  __split_huge_pmd+0x17d5/0x31e0
[  106.477648][ T5044]  ? __split_huge_pud+0x4d0/0x4d0
[  106.483043][ T5044]  ? anon_vma_interval_tree_remove+0xbdc/0xfd0
[  106.489871][ T5044]  ? down_write+0x14f/0x200
[  106.494588][ T5044]  vma_adjust_trans_huge+0x2da/0x560
[  106.500341][ T5044]  __split_vma+0xba3/0x1070
[  106.506013][ T5044]  ? generic_get_unmapped_area_topdown+0x690/0x690
[  106.512802][ T5044]  ? print_usage_bug.part.0+0x670/0x670
[  106.518458][ T5044]  do_vmi_align_munmap+0x2c3/0x15f0
[  106.523896][ T5044]  ? __split_vma+0x1070/0x1070
[  106.528822][ T5044]  ? mtree_range_walk+0x5e1/0x9b0
[  106.534122][ T5044]  do_vmi_munmap+0x20e/0x450
[  106.538819][ T5044]  do_munmap+0xb1/0xf0
[  106.542980][ T5044]  ? vm_munmap+0x20/0x20
[  106.547265][ T5044]  ? do_raw_spin_lock+0x12e/0x2b0
[  106.552447][ T5044]  __do_sys_mremap+0x13ff/0x1730
[  106.557621][ T5044]  ? ptrace_stop.part.0+0x61a/0x900
[  106.562943][ T5044]  ? find_held_lock+0x2d/0x110
[  106.568125][ T5044]  ? move_vma+0x1d50/0x1d50
[  106.572982][ T5044]  ? ptrace_notify+0xf4/0x130
[  106.578144][ T5044]  ? reacquire_held_locks+0x4b0/0x4b0
[  106.583649][ T5044]  ? _raw_spin_unlock_irq+0x23/0x50
[  106.588993][ T5044]  ? lockdep_hardirqs_on+0x7d/0x100
[  106.594435][ T5044]  ? _raw_spin_unlock_irq+0x2e/0x50
[  106.599815][ T5044]  ? ptrace_notify+0xf4/0x130
[  106.604632][ T5044]  do_syscall_64+0x38/0xb0
[  106.609101][ T5044]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  106.615322][ T5044] RIP: 0033:0x7f3fcf93b329
[  106.619923][ T5044] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  106.640118][ T5044] RSP: 002b:00007fff59b1f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  106.649128][ T5044] RAX: ffffffffffffffda RBX: 00007fff59b1f2a8 RCX: 00007f3fcf93b329
[  106.657450][ T5044] RDX: 0000000000004000 RSI: 0000000000001000 RDI: 0000000020f18000
[  106.666808][ T5044] RBP: 00007f3fcf9ae610 R08: 000000002052f000 R09: 0000000000000000
[  106.676035][ T5044] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  106.684402][ T5044] R13: 00007fff59b1f298 R14: 0000000000000001 R15: 0000000000000001
[  106.692794][ T5044]  </TASK>
[  106.695891][ T5044] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  106.703432][ T5044] CPU: 0 PID: 5044 Comm: syz-executor328 Not tainted 6.6.0-rc1-next-20230915-syzkaller #0
[  106.713365][ T5044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[  106.723534][ T5044] Call Trace:
[  106.726854][ T5044]  <TASK>
[  106.729889][ T5044]  dump_stack_lvl+0xd9/0x1b0
[  106.734525][ T5044]  panic+0x6dc/0x790
[  106.738598][ T5044]  ? panic_smp_self_stop+0xa0/0xa0
[  106.743788][ T5044]  ? show_trace_log_lvl+0x363/0x4f0
[  106.749130][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.754768][ T5044]  check_panic_on_warn+0xab/0xb0
[  106.759750][ T5044]  __warn+0xf2/0x380
[  106.763782][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.769467][ T5044]  report_bug+0x3bc/0x580
[  106.773953][ T5044]  handle_bug+0x3c/0x70
[  106.778433][ T5044]  exc_invalid_op+0x17/0x40
[  106.783263][ T5044]  asm_exc_invalid_op+0x1a/0x20
[  106.788278][ T5044] RIP: 0010:page_add_anon_rmap+0xc33/0x1a70
[  106.794236][ T5044] Code: 48 c1 eb 11 83 e3 01 89 de e8 b9 d7 b8 ff 84 db 0f 84 36 fb ff ff e8 7c dc b8 ff 48 c7 c6 00 83 99 8a 4c 89 e7 e8 dd 02 f7 ff <0f> 0b e9 1b fb ff ff e8 61 dc b8 ff 49 89 dd 31 ff 41 81 e5 ff 0f
[  106.814235][ T5044] RSP: 0018:ffffc90003b2f6d8 EFLAGS: 00010293
[  106.820340][ T5044] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
[  106.828621][ T5044] RDX: ffff88807daf8000 RSI: ffffffff81cf09f3 RDI: ffffffff8ae93c60
[  106.837139][ T5044] RBP: ffff88801e872200 R08: 0000000000000000 R09: fffffbfff1d9cd5a
[  106.845326][ T5044] R10: ffffffff8ece6ad7 R11: 0000000000000001 R12: ffffea0001c90000
[  106.853847][ T5044] R13: 00fff800000a0078 R14: 0000000000000000 R15: ffffea0001ca8008
[  106.862672][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.868200][ T5044]  ? page_add_anon_rmap+0xc33/0x1a70
[  106.873569][ T5044]  __split_huge_pmd+0x17d5/0x31e0
[  106.878734][ T5044]  ? __split_huge_pud+0x4d0/0x4d0
[  106.883983][ T5044]  ? anon_vma_interval_tree_remove+0xbdc/0xfd0
[  106.890282][ T5044]  ? down_write+0x14f/0x200
[  106.894863][ T5044]  vma_adjust_trans_huge+0x2da/0x560
[  106.900253][ T5044]  __split_vma+0xba3/0x1070
[  106.905011][ T5044]  ? generic_get_unmapped_area_topdown+0x690/0x690
[  106.911671][ T5044]  ? print_usage_bug.part.0+0x670/0x670
[  106.917468][ T5044]  do_vmi_align_munmap+0x2c3/0x15f0
[  106.922850][ T5044]  ? __split_vma+0x1070/0x1070
[  106.927668][ T5044]  ? mtree_range_walk+0x5e1/0x9b0
[  106.932757][ T5044]  do_vmi_munmap+0x20e/0x450
[  106.937400][ T5044]  do_munmap+0xb1/0xf0
[  106.941515][ T5044]  ? vm_munmap+0x20/0x20
[  106.945980][ T5044]  ? do_raw_spin_lock+0x12e/0x2b0
[  106.951172][ T5044]  __do_sys_mremap+0x13ff/0x1730
[  106.956257][ T5044]  ? ptrace_stop.part.0+0x61a/0x900
[  106.961603][ T5044]  ? find_held_lock+0x2d/0x110
[  106.966439][ T5044]  ? move_vma+0x1d50/0x1d50
[  106.970986][ T5044]  ? ptrace_notify+0xf4/0x130
[  106.975781][ T5044]  ? reacquire_held_locks+0x4b0/0x4b0
[  106.981295][ T5044]  ? _raw_spin_unlock_irq+0x23/0x50
[  106.986528][ T5044]  ? lockdep_hardirqs_on+0x7d/0x100
[  106.991756][ T5044]  ? _raw_spin_unlock_irq+0x2e/0x50
[  106.997076][ T5044]  ? ptrace_notify+0xf4/0x130
[  107.001802][ T5044]  do_syscall_64+0x38/0xb0
[  107.006260][ T5044]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  107.012383][ T5044] RIP: 0033:0x7f3fcf93b329
[  107.016925][ T5044] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  107.037027][ T5044] RSP: 002b:00007fff59b1f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  107.045575][ T5044] RAX: ffffffffffffffda RBX: 00007fff59b1f2a8 RCX: 00007f3fcf93b329
[  107.053663][ T5044] RDX: 0000000000004000 RSI: 0000000000001000 RDI: 0000000020f18000
[  107.062183][ T5044] RBP: 00007f3fcf9ae610 R08: 000000002052f000 R09: 0000000000000000
[  107.070276][ T5044] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  107.078455][ T5044] R13: 00007fff59b1f298 R14: 0000000000000001 R15: 0000000000000001
[  107.086669][ T5044]  </TASK>
[  107.090012][ T5044] Kernel Offset: disabled
[  107.094357][ T5044] Rebooting in 86400 seconds..