./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1780365188 <...> Warning: Permanently added '10.128.1.15' (ED25519) to the list of known hosts. execve("./syz-executor1780365188", ["./syz-executor1780365188"], 0x7ffddeeecb00 /* 10 vars */) = 0 brk(NULL) = 0x555556197000 brk(0x555556197d00) = 0x555556197d00 arch_prctl(ARCH_SET_FS, 0x555556197380) = 0 set_tid_address(0x555556197650) = 5036 set_robust_list(0x555556197660, 24) = 0 rseq(0x555556197ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1780365188", 4096) = 28 getrandom("\x0a\x50\x55\x70\xa2\xf8\x25\xb4", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556197d00 brk(0x5555561b8d00) = 0x5555561b8d00 brk(0x5555561b9000) = 0x5555561b9000 mprotect(0x7f87f914b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 madvise(0x20a93000, 16384, MADV_HUGEPAGE) = 0 mremap(0x20a96000, 4096, 8388608, MREMAP_MAYMOVE|MREMAP_FIXED, 0x20130000) = 0x20130000 gettid() = 5036 process_vm_writev(5036, [{iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=247}], 1, [{iov_base=0x20217f28, iov_len=4294967118}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, {iov_base=NULL, iov_len=0}, ...], 570, 0) = 247 mremap(0x20251000, 8192, 4194304, MREMAP_MAYMOVE|MREMAP_FIXED, 0x2082a000) = 0x2082a000 [ 70.516630][ T5036] vma ffff88806ea68600 start 0000000020c2a000 end 0000000021000000 mm ffff888025458000 [ 70.516630][ T5036] prot 25 anon_vma 0000000000000000 vm_ops 0000000000000000 [ 70.516630][ T5036] pgoff 20c2a file 0000000000000000 private_data 0000000000000000 [ 70.516630][ T5036] flags: 0x8100077(read|write|exec|mayread|maywrite|mayexec|account|softdirty) [ 70.550536][ T5036] ------------[ cut here ]------------ [ 70.555982][ T5036] kernel BUG at include/linux/mm.h:733! [ 70.561927][ T5036] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 70.567982][ T5036] CPU: 0 PID: 5036 Comm: syz-executor178 Not tainted 6.5.0-syzkaller-11812-g7733171926cc #0 [ 70.578028][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 70.588067][ T5036] RIP: 0010:vma_replace_policy+0x406/0x4e0 [ 70.593871][ T5036] Code: ff 48 89 ef e8 db 78 ff ff e9 83 fe ff ff e8 f1 7c ad ff 4c 89 e7 e8 d9 87 eb ff 0f 0b e8 e2 7c ad ff 48 89 df e8 2a 85 eb ff <0f> 0b e8 d3 7c ad ff 41 89 ec e9 58 fe ff ff 48 c7 c7 50 2d ce 8e [ 70.613548][ T5036] RSP: 0018:ffffc90003a6fc58 EFLAGS: 00010282 [ 70.619593][ T5036] RAX: 000000000000011b RBX: ffff88806ea68600 RCX: 0000000000000000 [ 70.627554][ T5036] RDX: 0000000000000000 RSI: ffffffff816b5c72 RDI: 0000000000000005 [ 70.635526][ T5036] RBP: ffff88806ea71000 R08: 0000000000000005 R09: 0000000000000000 [ 70.643497][ T5036] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000015 [ 70.651468][ T5036] R13: 0000000000000016 R14: 0000000000000001 R15: 0000000021000000 [ 70.659439][ T5036] FS: 0000555556197380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 70.668383][ T5036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.674969][ T5036] CR2: 000055982602f6f8 CR3: 000000006ead6000 CR4: 00000000003506f0 [ 70.682940][ T5036] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.690909][ T5036] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.698880][ T5036] Call Trace: [ 70.702162][ T5036] [ 70.705088][ T5036] ? show_regs+0x8f/0xa0 [ 70.709338][ T5036] ? die+0x36/0xa0 [ 70.713064][ T5036] ? do_trap+0x22b/0x420 [ 70.717317][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.722531][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.727742][ T5036] ? do_error_trap+0xf4/0x230 [ 70.732430][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.737649][ T5036] ? handle_invalid_op+0x34/0x40 [ 70.742596][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.747808][ T5036] ? exc_invalid_op+0x2d/0x40 [ 70.752498][ T5036] ? asm_exc_invalid_op+0x1a/0x20 [ 70.757539][ T5036] ? vprintk+0x82/0x90 [ 70.761623][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.766835][ T5036] ? vma_replace_policy+0x406/0x4e0 [ 70.772044][ T5036] ? mbind_range+0x29e/0x530 [ 70.776657][ T5036] mbind_range+0x37c/0x530 [ 70.781086][ T5036] ? mas_find+0xec/0x320 [ 70.785338][ T5036] do_mbind+0x583/0xa00 [ 70.789512][ T5036] ? __ia32_sys_set_mempolicy_home_node+0xf0/0xf0 [ 70.795946][ T5036] ? get_bitmap+0x190/0x190 [ 70.800459][ T5036] ? ptrace_notify+0xf4/0x130 [ 70.805141][ T5036] ? reacquire_held_locks+0x4b0/0x4b0 [ 70.810525][ T5036] kernel_mbind+0x1d4/0x1f0 [ 70.815042][ T5036] ? do_mbind+0xa00/0xa00 [ 70.819382][ T5036] ? _raw_spin_unlock_irq+0x2e/0x50 [ 70.824591][ T5036] ? ptrace_notify+0xf4/0x130 [ 70.829273][ T5036] do_syscall_64+0x38/0xb0 [ 70.833704][ T5036] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 70.839612][ T5036] RIP: 0033:0x7f87f90d8369 [ 70.844027][ T5036] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 70.863632][ T5036] RSP: 002b:00007ffd6da77898 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 70.872043][ T5036] RAX: ffffffffffffffda RBX: 00007ffd6da77a78 RCX: 00007f87f90d8369 [ 70.880026][ T5036] RDX: 0000000000000004 RSI: 0000000000c00000 RDI: 0000000020400000 [ 70.887994][ T5036] RBP: 00007f87f914b610 R08: 0000000000000000 R09: 0000000000000003 [ 70.895962][ T5036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.903935][ T5036] R13: 00007ffd6da77a68 R14: 0000000000000001 R15: 0000000000000001 [ 70.911911][ T5036] [ 70.914942][ T5036] Modules linked in: [ 70.919248][ T5036] ---[ end trace 0000000000000000 ]--- [ 70.924751][ T5036] RIP: 0010:vma_replace_policy+0x406/0x4e0 [ 70.930632][ T5036] Code: ff 48 89 ef e8 db 78 ff ff e9 83 fe ff ff e8 f1 7c ad ff 4c 89 e7 e8 d9 87 eb ff 0f 0b e8 e2 7c ad ff 48 89 df e8 2a 85 eb ff <0f> 0b e8 d3 7c ad ff 41 89 ec e9 58 fe ff ff 48 c7 c7 50 2d ce 8e [ 70.950283][ T5036] RSP: 0018:ffffc90003a6fc58 EFLAGS: 00010282 [ 70.956393][ T5036] RAX: 000000000000011b RBX: ffff88806ea68600 RCX: 0000000000000000 [ 70.964383][ T5036] RDX: 0000000000000000 RSI: ffffffff816b5c72 RDI: 0000000000000005 [ 70.972383][ T5036] RBP: ffff88806ea71000 R08: 0000000000000005 R09: 0000000000000000 [ 70.980385][ T5036] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000015 [ 70.988360][ T5036] R13: 0000000000000016 R14: 0000000000000001 R15: 0000000021000000 [ 70.996363][ T5036] FS: 0000555556197380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 71.005327][ T5036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.011942][ T5036] CR2: 000055982602f6f8 CR3: 000000006ead6000 CR4: 00000000003506f0 [ 71.019923][ T5036] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.027921][ T5036] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.035920][ T5036] Kernel panic - not syncing: Fatal exception [ 71.042155][ T5036] Kernel Offset: disabled [ 71.046464][ T5036] Rebooting in 86400 seconds..