program: pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) write$FUSE_LK(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x6, 0x4, 0x1}}}, 0x28) write$FUSE_INTERRUPT(r2, &(0x7f00000000c0)={0x10, 0x24}, 0x10) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv(r4, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x9000000, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000600)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x8840}, 0x4044881) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) [ 75.457410][ T5334] Bluetooth: hci0: command tx timeout [ 75.594881][ T5355] ------------[ cut here ]------------ [ 75.597321][ T5355] WARNING: CPU: 0 PID: 5355 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.601689][ T5355] Modules linked in: [ 75.603539][ T5355] CPU: 0 UID: 0 PID: 5355 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.607478][ T5355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.611840][ T5355] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.614445][ T5355] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 30 0e 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 75.622953][ T5355] RSP: 0018:ffffc9000d4a78c0 EFLAGS: 00010246 [ 75.625561][ T5355] RAX: ffffc9000d4a7900 RBX: 0000000000000014 RCX: 0000000000000000 [ 75.629101][ T5355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d4a7928 [ 75.632470][ T5355] RBP: ffffc9000d4a79c0 R08: ffffc9000d4a7927 R09: 0000000000000000 [ 75.636129][ T5355] R10: ffffc9000d4a7900 R11: fffff52001a94f25 R12: 0000000000000000 [ 75.639768][ T5355] R13: 1ffff92001a94f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 75.643169][ T5355] FS: 00007f498b4496c0(0000) GS:ffff88808d20d000(0000) knlGS:0000000000000000 [ 75.647335][ T5355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.650069][ T5355] CR2: 0000200000001000 CR3: 0000000034605000 CR4: 0000000000352ef0 [ 75.654149][ T5355] Call Trace: [ 75.655619][ T5355] [ 75.657278][ T5355] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 75.659907][ T5355] ? kfree+0x18e/0x440 [ 75.661650][ T5355] ? policy_nodemask+0x27c/0x720 [ 75.663888][ T5355] ? p9_client_clunk+0x1b6/0x250 [ 75.666450][ T5355] alloc_pages_mpol+0x232/0x4a0 [ 75.668998][ T5355] ___kmalloc_large_node+0x5f/0x1b0 [ 75.671430][ T5355] __kmalloc_large_node_noprof+0x18/0x90 [ 75.674091][ T5355] __kmalloc_noprof+0x36f/0x4f0 [ 75.676398][ T5355] ? v9fs_fid_get_acl+0x4f/0x100 [ 75.678711][ T5355] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 75.681961][ T5355] v9fs_fid_get_acl+0x4f/0x100 [ 75.684348][ T5355] v9fs_get_acl+0x11b/0x360 [ 75.686240][ T5355] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 75.688618][ T5355] v9fs_mount+0x6eb/0xa50 [ 75.690345][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 75.692608][ T5355] legacy_get_tree+0xfd/0x1a0 [ 75.695106][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 75.697570][ T5355] vfs_get_tree+0x8f/0x2b0 [ 75.699707][ T5355] do_new_mount+0x2a2/0x9e0 [ 75.701810][ T5355] ? ns_capable+0x8a/0xf0 [ 75.703728][ T5355] ? __pfx_do_new_mount+0x10/0x10 [ 75.706217][ T5355] ? path_mount+0x61c/0xfe0 [ 75.709155][ T5355] ? user_path_at+0x44/0x60 [ 75.712027][ T5355] __se_sys_mount+0x317/0x410 [ 75.714763][ T5355] ? __pfx___se_sys_mount+0x10/0x10 [ 75.717828][ T5355] ? rcu_is_watching+0x15/0xb0 [ 75.720426][ T5355] ? do_syscall_64+0xbe/0x3b0 [ 75.723069][ T5355] ? __x64_sys_mount+0x20/0xc0 [ 75.725990][ T5355] do_syscall_64+0xfa/0x3b0 [ 75.728311][ T5355] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.730659][ T5355] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.733192][ T5355] ? clear_bhb_loop+0x60/0xb0 [ 75.735585][ T5355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.738345][ T5355] RIP: 0033:0x7f498a58ebe9 [ 75.740639][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.749121][ T5355] RSP: 002b:00007f498b449038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 75.752700][ T5355] RAX: ffffffffffffffda RBX: 00007f498a7c6090 RCX: 00007f498a58ebe9 [ 75.757049][ T5355] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 75.760625][ T5355] RBP: 00007f498a611e19 R08: 0000200000000500 R09: 0000000000000000 [ 75.765303][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.769032][ T5355] R13: 00007f498a7c6128 R14: 00007f498a7c6090 R15: 00007ffd6d9ef048 [ 75.773023][ T5355] [ 75.774524][ T5355] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.777696][ T5355] CPU: 0 UID: 0 PID: 5355 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.781563][ T5355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.787003][ T5355] Call Trace: [ 75.788770][ T5355] [ 75.790053][ T5355] dump_stack_lvl+0x99/0x250 [ 75.792019][ T5355] ? __asan_memcpy+0x40/0x70 [ 75.793788][ T5355] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.796045][ T5355] ? __pfx__printk+0x10/0x10 [ 75.798044][ T5355] vpanic+0x281/0x750 [ 75.800053][ T5355] ? __pfx__printk+0x10/0x10 [ 75.802098][ T5355] ? __pfx_vpanic+0x10/0x10 [ 75.804097][ T5355] ? is_bpf_text_address+0x26/0x2b0 [ 75.806366][ T5355] panic+0xb9/0xc0 [ 75.808011][ T5355] ? __pfx_panic+0x10/0x10 [ 75.809964][ T5355] __warn+0x31b/0x4b0 [ 75.812244][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.815486][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.818552][ T5355] report_bug+0x2be/0x4f0 [ 75.820581][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.823158][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.825747][ T5355] ? __alloc_frozen_pages_noprof+0x2ca/0x370 [ 75.828110][ T5355] handle_bug+0x84/0x160 [ 75.829777][ T5355] exc_invalid_op+0x1a/0x50 [ 75.831482][ T5355] asm_exc_invalid_op+0x1a/0x20 [ 75.833399][ T5355] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 75.836067][ T5355] Code: 74 10 4c 89 e7 89 54 24 0c e8 24 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 30 0e 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 75.844076][ T5355] RSP: 0018:ffffc9000d4a78c0 EFLAGS: 00010246 [ 75.846973][ T5355] RAX: ffffc9000d4a7900 RBX: 0000000000000014 RCX: 0000000000000000 [ 75.850726][ T5355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d4a7928 [ 75.854300][ T5355] RBP: ffffc9000d4a79c0 R08: ffffc9000d4a7927 R09: 0000000000000000 [ 75.857537][ T5355] R10: ffffc9000d4a7900 R11: fffff52001a94f25 R12: 0000000000000000 [ 75.861187][ T5355] R13: 1ffff92001a94f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 75.864348][ T5355] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 75.867118][ T5355] ? kfree+0x18e/0x440 [ 75.868949][ T5355] ? policy_nodemask+0x27c/0x720 [ 75.870808][ T5355] ? p9_client_clunk+0x1b6/0x250 [ 75.872751][ T5355] alloc_pages_mpol+0x232/0x4a0 [ 75.874841][ T5355] ___kmalloc_large_node+0x5f/0x1b0 [ 75.876844][ T5355] __kmalloc_large_node_noprof+0x18/0x90 [ 75.879061][ T5355] __kmalloc_noprof+0x36f/0x4f0 [ 75.881008][ T5355] ? v9fs_fid_get_acl+0x4f/0x100 [ 75.882990][ T5355] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 75.885363][ T5355] v9fs_fid_get_acl+0x4f/0x100 [ 75.887110][ T5355] v9fs_get_acl+0x11b/0x360 [ 75.888722][ T5355] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 75.890979][ T5355] v9fs_mount+0x6eb/0xa50 [ 75.893125][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 75.895370][ T5355] legacy_get_tree+0xfd/0x1a0 [ 75.897607][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 75.899847][ T5355] vfs_get_tree+0x8f/0x2b0 [ 75.901952][ T5355] do_new_mount+0x2a2/0x9e0 [ 75.904014][ T5355] ? ns_capable+0x8a/0xf0 [ 75.905931][ T5355] ? __pfx_do_new_mount+0x10/0x10 [ 75.908131][ T5355] ? path_mount+0x61c/0xfe0 [ 75.910288][ T5355] ? user_path_at+0x44/0x60 [ 75.912432][ T5355] __se_sys_mount+0x317/0x410 [ 75.914530][ T5355] ? __pfx___se_sys_mount+0x10/0x10 [ 75.916961][ T5355] ? rcu_is_watching+0x15/0xb0 [ 75.919218][ T5355] ? do_syscall_64+0xbe/0x3b0 [ 75.921194][ T5355] ? __x64_sys_mount+0x20/0xc0 [ 75.924113][ T5355] do_syscall_64+0xfa/0x3b0 [ 75.926291][ T5355] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.928636][ T5355] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.931228][ T5355] ? clear_bhb_loop+0x60/0xb0 [ 75.933161][ T5355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.935832][ T5355] RIP: 0033:0x7f498a58ebe9 [ 75.937938][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.946229][ T5355] RSP: 002b:00007f498b449038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 75.949909][ T5355] RAX: ffffffffffffffda RBX: 00007f498a7c6090 RCX: 00007f498a58ebe9 [ 75.953349][ T5355] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 75.957125][ T5355] RBP: 00007f498a611e19 R08: 0000200000000500 R09: 0000000000000000 [ 75.960748][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.964045][ T5355] R13: 00007f498a7c6128 R14: 00007f498a7c6090 R15: 00007ffd6d9ef048 [ 75.967395][ T5355] [ 75.968957][ T5355] Kernel Offset: disabled [ 75.970888][ T5355] Rebooting in 86400 seconds..