./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3313567825 <...> DUID 00:04:a3:03:08:15:93:78:e3:1f:4c:1c:fb:56:e6:f5:4b:05 forked to background, child pid 3180 [ 22.959885][ T3181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 22.970814][ T3181] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.221' (ECDSA) to the list of known hosts. execve("./syz-executor3313567825", ["./syz-executor3313567825"], 0x7ffee7b0b400 /* 10 vars */) = 0 brk(NULL) = 0x55555745e000 brk(0x55555745ec40) = 0x55555745ec40 arch_prctl(ARCH_SET_FS, 0x55555745e300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3313567825", 4096) = 28 brk(0x55555747fc40) = 0x55555747fc40 brk(0x555557480000) = 0x555557480000 mprotect(0x7fcea69fe000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555745e5d0) = 3603 ./strace-static-x86_64: Process 3603 attached [pid 3603] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 3603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3603] setsid() = 1 [pid 3603] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 3603] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 3603] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 3603] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 3603] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 3603] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 3603] unshare(CLONE_NEWNS) = 0 [pid 3603] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 3603] unshare(CLONE_NEWIPC) = 0 [pid 3603] unshare(CLONE_NEWCGROUP) = 0 [pid 3603] unshare(CLONE_NEWUTS) = 0 [pid 3603] unshare(CLONE_SYSVSEM) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "16777216", 8) = 8 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "536870912", 9) = 9 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "1024", 4) = 4 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "8192", 4) = 4 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "1024", 4) = 4 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "1024", 4) = 4 [pid 3603] close(3) = 0 [pid 3603] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 3603] write(3, "1024 1048576 500 1024", 21) = 21 [pid 3603] close(3) = 0 [pid 3603] getpid() = 1 [pid 3603] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [ 41.604612][ T3603] dump_stack_lvl+0xcd/0x134 [ 41.609199][ T3603] ubsan_epilogue+0xb/0x50 [ 41.613602][ T3603] __ubsan_handle_divrem_overflow.cold-0xa/0xf1 [ 41.619830][ T3603] ? is_bpf_text_address+0x77/0x170 [ 41.625021][ T3603] diFree+0x20ea/0x2660 [ 41.629172][ T3603] ? truncate_inode_pages_range+0x0/0xed0 [ 41.634879][ T3603] ? is_bpf_text_address+0x99/0x170 [ 41.640067][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 41.645526][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 41.650977][ T3603] ? lock_acquire+0x4fc/0x630 [ 41.655727][ T3603] ? diFree+0x0/0x2660 [ 41.659783][ T3603] ? __dquot_initialize+0x295/0xbe0 [ 41.664972][ T3603] ? lock_acquire+0x0/0x630 [ 41.669461][ T3603] ? lock_acquire+0x4fc/0x630 [ 41.674122][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 41.679575][ T3603] ? lock_acquire+0x4fc/0x630 [ 41.684332][ T3603] ? jfs_free_zero_link+0x214/0x4a0 [ 41.689522][ T3603] ? jfs_free_zero_link+0x0/0x4a0 [ 41.694534][ T3603] ? lock_release+0x0/0x810 [ 41.699021][ T3603] ? wake_bit_function+0x0/0x270 [ 41.703944][ T3603] ? do_raw_spin_lock+0x0/0x2a0 [ 41.708780][ T3603] jfs_evict_inode+0x3c1/0x4a0 [ 41.713533][ T3603] ? jfs_evict_inode+0x0/0x4a0 [ 41.718286][ T3603] evict+0x2ed/0x6b0 [ 41.722171][ T3603] iput.part.0+0x59b/0x880 [ 41.726597][ T3603] iput+0x58/0x70 [ 41.730219][ T3603] dentry_unlink_inode+0x2b1/0x460 [ 41.735343][ T3603] __dentry_kill+0x3c0/0x640 [ 41.739950][ T3603] shrink_dentry_list+0x23c/0x800 [ 41.744967][ T3603] shrink_dcache_parent+0x1fe/0x3c0 [ 41.750153][ T3603] ? shrink_dcache_parent+0x0/0x3c0 [ 41.755336][ T3603] ? radix_tree_delete_item+0xec/0x220 [ 41.761218][ T3603] ? radix_tree_delete_item+0x0/0x220 [ 41.766598][ T3603] shrink_dcache_for_umount+0x71/0x330 [ 41.772042][ T3603] ? up_write+0x1ac/0x520 [ 41.776375][ T3603] generic_shutdown_super+0x68/0x410 [ 41.781654][ T3603] kill_block_super+0x97/0xf0 [ 41.786317][ T3603] deactivate_locked_super+0x94/0x160 [ 41.791677][ T3603] deactivate_super+0xad/0xd0 [ 41.796341][ T3603] cleanup_mnt+0x2ae/0x3d0 [ 41.800763][ T3603] task_work_run+0x16b/0x270 [ 41.805344][ T3603] ? task_work_run+0x0/0x270 [ 41.809932][ T3603] do_exit+0xb35/0x29a0 [ 41.814072][ T3603] ? lock_release+0x0/0x810 [ 41.818562][ T3603] ? do_raw_spin_lock+0x120/0x2a0 [ 41.823571][ T3603] ? do_exit+0x0/0x29a0 [ 41.827788][ T3603] ? do_raw_spin_lock+0x0/0x2a0 [ 41.832627][ T3603] do_group_exit+0xd0/0x2a0 [ 41.837122][ T3603] __x64_sys_exit_group+0x3a/0x50 [ 41.842132][ T3603] do_syscall_64+0x35/0xb0 [ 41.846542][ T3603] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 41.852428][ T3603] RIP: 0033:0x7fcea69814f9 [ 41.856829][ T3603] Code: Unable to access opcode bytes at 0x7fcea69814cf. [ 41.863827][ T3603] RSP: 002b:00007fff9e56a308 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 41.872222][ T3603] RAX: ffffffffffffffda RBX: 00007fcea6a04330 RCX: 00007fcea69814f9 [ 41.880177][ T3603] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 41.888130][ T3603] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000000 [ 41.896088][ T3603] R10: 000055555745e2c0 R11: 0000000000000246 R12: 00007fcea6a04330 [ 41.904042][ T3603] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 41.912003][ T3603] [ 41.916320][ T3603] ================================================================================ [ 41.925708][ T3603] Kernel panic - not syncing: panic_on_warn set ... [ 41.932298][ T3603] CPU: 1 PID: 3603 Comm: syz-executor331 Not tainted 6.1.0-rc1-next-20221021-syzkaller #0 [ 41.942169][ T3603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 [ 41.952210][ T3603] Call Trace: [ 41.955473][ T3603] [ 41.958397][ T3603] dump_stack_lvl+0xcd/0x134 [ 41.962983][ T3603] panic+0x2c8/0x622 [ 41.966869][ T3603] ? panic+0x0/0x622 [ 41.970757][ T3603] ? ubsan_epilogue+0x3e/0x50 [ 41.975421][ T3603] __ubsan_handle_builtin_unreachable-0x6/0x35 [ 41.981564][ T3603] __ubsan_handle_divrem_overflow.cold-0xa/0xf1 [ 41.987792][ T3603] ? is_bpf_text_address+0x77/0x170 [ 41.992986][ T3603] diFree+0x20ea/0x2660 [ 41.997137][ T3603] ? truncate_inode_pages_range+0x0/0xed0 [ 42.002844][ T3603] ? is_bpf_text_address+0x99/0x170 [ 42.008034][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.013493][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.018944][ T3603] ? lock_acquire+0x4fc/0x630 [ 42.023625][ T3603] ? diFree+0x0/0x2660 [ 42.027684][ T3603] ? __dquot_initialize+0x295/0xbe0 [ 42.032877][ T3603] ? lock_acquire+0x0/0x630 [ 42.037367][ T3603] ? lock_acquire+0x4fc/0x630 [ 42.042032][ T3603] ? rcu_read_lock_sched_held+0xd/0x70 [ 42.047489][ T3603] ? lock_acquire+0x4fc/0x630 [ 42.052155][ T3603] ? jfs_free_zero_link+0x214/0x4a0 [ 42.057343][ T3603] ? jfs_free_zero_link+0x0/0x4a0 [ 42.062356][ T3603] ? lock_release+0x0/0x810 [ 42.066844][ T3603] ? wake_bit_function+0x0/0x270 [ 42.071791][ T3603] ? do_raw_spin_lock+0x0/0x2a0 [ 42.076628][ T3603] jfs_evict_inode+0x3c1/0x4a0 [ 42.081382][ T3603] ? jfs_evict_inode+0x0/0x4a0 [ 42.086307][ T3603] evict+0x2ed/0x6b0 [ 42.090189][ T3603] iput.part.0+0x59b/0x880 [ 42.094595][ T3603] iput+0x58/0x70 [ 42.098216][ T3603] dentry_unlink_inode+0x2b1/0x460 [ 42.103320][ T3603] __dentry_kill+0x3c0/0x640 [ 42.107905][ T3603] shrink_dentry_list+0x23c/0x800 [ 42.113070][ T3603] shrink_dcache_parent+0x1fe/0x3c0 [ 42.118262][ T3603] ? shrink_dcache_parent+0x0/0x3c0 [ 42.123447][ T3603] ? radix_tree_delete_item+0xec/0x220 [ 42.128897][ T3603] ? radix_tree_delete_item+0x0/0x220 [ 42.134257][ T3603] shrink_dcache_for_umount+0x71/0x330 [ 42.139719][ T3603] ? up_write+0x1ac/0x520 [ 42.144041][ T3603] generic_shutdown_super+0x68/0x410 [ 42.149314][ T3603] kill_block_super+0x97/0xf0 [ 42.153977][ T3603] deactivate_locked_super+0x94/0x160 [ 42.159360][ T3603] deactivate_super+0xad/0xd0 [ 42.164024][ T3603] cleanup_mnt+0x2ae/0x3d0 [ 42.168436][ T3603] task_work_run+0x16b/0x270 [ 42.173021][ T3603] ? task_work_run+0x0/0x270 [ 42.177602][ T3603] do_exit+0xb35/0x29a0 [ 42.181745][ T3603] ? lock_release+0x0/0x810 [ 42.186231][ T3603] ? do_raw_spin_lock+0x120/0x2a0 [ 42.191262][ T3603] ? do_exit+0x0/0x29a0 [ 42.195492][ T3603] ? do_raw_spin_lock+0x0/0x2a0 [ 42.200345][ T3603] do_group_exit+0xd0/0x2a0 [ 42.204832][ T3603] __x64_sys_exit_group+0x3a/0x50 [ 42.209841][ T3603] do_syscall_64+0x35/0xb0 [ 42.214247][ T3603] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.220132][ T3603] RIP: 0033:0x7fcea69814f9 [ 42.224530][ T3603] Code: Unable to access opcode bytes at 0x7fcea69814cf. [ 42.231531][ T3603] RSP: 002b:00007fff9e56a308 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 42.239926][ T3603] RAX: ffffffffffffffda RBX: 00007fcea6a04330 RCX: 00007fcea69814f9 [ 42.247902][ T3603] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 42.255857][ T3603] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000000000000000 [ 42.264248][ T3603] R10: 000055555745e2c0 R11: 0000000000000246 R12: 00007fcea6a04330 [ 42.272234][ T3603] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 42.280195][ T3603] [ 42.283391][ T3603] Kernel Offset: disabled [ 42.287721][ T3603] Rebooting in 86400 seconds..