./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2265407275 <...> Warning: Permanently added '10.128.1.23' (ED25519) to the list of known hosts. execve("./syz-executor2265407275", ["./syz-executor2265407275"], 0x7fff080c3350 /* 10 vars */) = 0 brk(NULL) = 0x555556fdc000 brk(0x555556fdcd00) = 0x555556fdcd00 arch_prctl(ARCH_SET_FS, 0x555556fdc380) = 0 set_tid_address(0x555556fdc650) = 5061 set_robust_list(0x555556fdc660, 24) = 0 rseq(0x555556fdcca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2265407275", 4096) = 28 getrandom("\xee\x63\x8b\x82\xa6\x50\x64\xbd", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556fdcd00 brk(0x555556ffdd00) = 0x555556ffdd00 brk(0x555556ffe000) = 0x555556ffe000 mprotect(0x7f08ef3d2000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/sg0", O_RDWR|O_LARGEFILE) = 3 [ 88.213639][ T5061] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 88.225412][ T5061] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 88.233903][ T5061] CPU: 1 PID: 5061 Comm: syz-executor226 Not tainted 6.7.0-rc8-next-20240102-syzkaller #0 [ 88.243805][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 88.253858][ T5061] RIP: 0010:bio_first_folio+0xcb/0x5c0 [ 88.259355][ T5061] Code: 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 76 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 6d 00 49 8d 7d 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 49 04 00 00 4d 8b 7d 08 31 ff 4d 89 fc 41 83 e4 [ 88.278971][ T5061] RSP: 0018:ffffc900039b7430 EFLAGS: 00010202 [ 88.285061][ T5061] RAX: dffffc0000000000 RBX: ffffc900039b74d0 RCX: ffffffff8448396d [ 88.293034][ T5061] RDX: 0000000000000001 RSI: ffffffff8448397b RDI: 0000000000000008 [ 88.301005][ T5061] RBP: ffff88807cfd8088 R08: 0000000000000003 R09: 0000000000000000 [ 88.308975][ T5061] R10: 0000000000000000 R11: ffffffff8a8ed780 R12: ffff88807cfd8000 [ 88.316951][ T5061] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807cfd8000 [ 88.325099][ T5061] FS: 0000555556fdc380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 88.334030][ T5061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.340624][ T5061] CR2: 00000000005fdeb8 CR3: 000000007849f000 CR4: 00000000003506f0 [ 88.348591][ T5061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.356572][ T5061] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.364561][ T5061] Call Trace: [ 88.367835][ T5061] [ 88.370762][ T5061] ? show_regs+0x8e/0xa0 [ 88.375014][ T5061] ? die_addr+0x4f/0xd0 [ 88.379177][ T5061] ? exc_general_protection+0x155/0x230 [ 88.384740][ T5061] ? asm_exc_general_protection+0x26/0x30 [ 88.390490][ T5061] ? do_syscall_64+0xd0/0x250 [ 88.395183][ T5061] ? bio_first_folio+0x5d/0x5c0 [ 88.400040][ T5061] ? bio_first_folio+0x6b/0x5c0 [ 88.404894][ T5061] ? bio_first_folio+0xcb/0x5c0 [ 88.409757][ T5061] __bio_release_pages+0x9d/0x4b0 [ 88.414794][ T5061] ? bio_first_folio+0x5c0/0x5c0 [ 88.419738][ T5061] ? __kmalloc+0x218/0x440 [ 88.424166][ T5061] ? bio_init+0x377/0x560 [ 88.428506][ T5061] bio_map_user_iov+0x8df/0xa50 [ 88.433382][ T5061] ? blk_rq_unmap_user+0x900/0x900 [ 88.438511][ T5061] ? blk_mq_get_tag+0x7fb/0xad0 [ 88.443370][ T5061] ? rcu_is_watching+0x12/0xb0 [ 88.448166][ T5061] ? lock_release+0x4c8/0x6a0 [ 88.452843][ T5061] ? blk_try_enter_queue+0x1bc/0x4e0 [ 88.458144][ T5061] ? prepare_to_swait_exclusive+0x240/0x240 [ 88.464059][ T5061] ? iov_iter_alignment+0xdd/0x5e0 [ 88.469195][ T5061] blk_rq_map_user_iov+0x6a5/0x1840 [ 88.474416][ T5061] ? rcu_is_watching+0x12/0xb0 [ 88.479191][ T5061] ? bio_map_user_iov+0xa50/0xa50 [ 88.484228][ T5061] ? aa_get_newest_label+0x376/0x680 [ 88.489559][ T5061] blk_rq_map_user_io+0x202/0x230 [ 88.494597][ T5061] ? blk_rq_map_user_io.part.0+0x2c0/0x2c0 [ 88.500409][ T5061] ? bpf_lsm_capable+0x9/0x10 [ 88.505083][ T5061] ? security_capable+0x92/0xc0 [ 88.509940][ T5061] sg_io+0x537/0xd70 [ 88.513841][ T5061] scsi_cdrom_send_packet+0x276/0x640 [ 88.519223][ T5061] ? get_sg_io_hdr+0x8e0/0x8e0 [ 88.524008][ T5061] ? rcu_is_watching+0x12/0xb0 [ 88.528787][ T5061] ? lock_release+0x4c8/0x6a0 [ 88.533465][ T5061] scsi_ioctl+0x146/0x1840 [ 88.537904][ T5061] ? preempt_count_sub+0x160/0x160 [ 88.543027][ T5061] ? tomoyo_path_number_perm+0x463/0x580 [ 88.548762][ T5061] ? scsi_cdrom_send_packet+0x640/0x640 [ 88.554319][ T5061] ? scsi_block_when_processing_errors+0x2c1/0x380 [ 88.560857][ T5061] ? scsi_report_device_reset+0x1b0/0x1b0 [ 88.566585][ T5061] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 88.573025][ T5061] ? rcu_is_watching+0x12/0xb0 [ 88.577803][ T5061] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 88.583736][ T5061] sg_ioctl+0xb7b/0x2760 [ 88.587998][ T5061] ? sg_new_write.isra.0+0xaa0/0xaa0 [ 88.593296][ T5061] ? rcu_is_watching+0x12/0xb0 [ 88.598073][ T5061] ? lock_release+0x4c8/0x6a0 [ 88.602756][ T5061] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 88.608675][ T5061] ? bpf_lsm_file_ioctl+0x9/0x10 [ 88.613621][ T5061] ? sg_new_write.isra.0+0xaa0/0xaa0 [ 88.619024][ T5061] __x64_sys_ioctl+0x18f/0x210 [ 88.623809][ T5061] do_syscall_64+0xd0/0x250 [ 88.628585][ T5061] entry_SYSCALL_64_after_hwframe+0x62/0x6a [ 88.634487][ T5061] RIP: 0033:0x7f08ef35f129 [ 88.638916][ T5061] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 88.658532][ T5061] RSP: 002b:00007ffe21de0d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.666947][ T5061] RAX: ffffffffffffffda RBX: 00007ffe21de0f28 RCX: 00007f08ef35f129 [ 88.674919][ T5061] RDX: 0000000020000000 RSI: 0000000000005393 RDI: 0000000000000003 [ 88.682891][ T5061] RBP: 00007f08ef3d2610 R08: 002367732f766564 R09: 00007ffe21de0f28 [ 88.690880][ T5061] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000001 [ 88.698862][ T5061] R13: 00007ffe21de0f18 R14: 0000000000000001 R15: 0000000000000001 [ 88.706848][ T5061] [ 88.709859][ T5061] Modules linked in: [ 88.714004][ T5061] ---[ end trace 0000000000000000 ]--- [ 88.719603][ T5061] RIP: 0010:bio_first_folio+0xcb/0x5c0 [ 88.725111][ T5061] Code: 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 76 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 6d 00 49 8d 7d 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 49 04 00 00 4d 8b 7d 08 31 ff 4d 89 fc 41 83 e4 [ 88.744817][ T5061] RSP: 0018:ffffc900039b7430 EFLAGS: 00010202 [ 88.750941][ T5061] RAX: dffffc0000000000 RBX: ffffc900039b74d0 RCX: ffffffff8448396d [ 88.758980][ T5061] RDX: 0000000000000001 RSI: ffffffff8448397b RDI: 0000000000000008 [ 88.767000][ T5061] RBP: ffff88807cfd8088 R08: 0000000000000003 R09: 0000000000000000 [ 88.774986][ T5061] R10: 0000000000000000 R11: ffffffff8a8ed780 R12: ffff88807cfd8000 [ 88.783009][ T5061] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807cfd8000 [ 88.791041][ T5061] FS: 0000555556fdc380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 88.800026][ T5061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.806647][ T5061] CR2: 00000000005fdeb8 CR3: 000000007849f000 CR4: 00000000003506f0 [ 88.814628][ T5061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.822655][ T5061] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.830679][ T5061] Kernel panic - not syncing: Fatal exception [ 88.837051][ T5061] Kernel Offset: disabled [ 88.841396][ T5061] Rebooting in 86400 seconds..