./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4217164748 <...> Warning: Permanently added '10.128.0.135' (ED25519) to the list of known hosts. execve("./syz-executor4217164748", ["./syz-executor4217164748"], 0x7ffd9eef1eb0 /* 10 vars */) = 0 brk(NULL) = 0x55555d3d9000 brk(0x55555d3d9d00) = 0x55555d3d9d00 arch_prctl(ARCH_SET_FS, 0x55555d3d9380) = 0 set_tid_address(0x55555d3d9650) = 5235 set_robust_list(0x55555d3d9660, 24) = 0 rseq(0x55555d3d9ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4217164748", 4096) = 28 getrandom("\x85\xf7\x93\x8b\x94\x68\xa0\x9a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555d3d9d00 brk(0x55555d3fad00) = 0x55555d3fad00 brk(0x55555d3fb000) = 0x55555d3fb000 mprotect(0x7f0af314e000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5236 attached , child_tidptr=0x55555d3d9650) = 5236 [pid 5235] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5236] set_robust_list(0x55555d3d9660, 24) = 0 [pid 5236] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached [pid 5235] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5237 [pid 5237] set_robust_list(0x55555d3d9660, 24 [pid 5235] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5237] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5238 attached [pid 5237] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5238] set_robust_list(0x55555d3d9660, 24 [pid 5236] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5238 [pid 5238] <... set_robust_list resumed>) = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5239 attached ) = 0 ./strace-static-x86_64: Process 5240 attached [pid 5239] set_robust_list(0x55555d3d9660, 24) = 0 [pid 5235] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5239 [pid 5238] setpgid(0, 0 [pid 5237] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5240 [pid 5235] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5240] set_robust_list(0x55555d3d9660, 24 [pid 5239] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5238] <... setpgid resumed>) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5242 attached ./strace-static-x86_64: Process 5241 attached [pid 5240] <... set_robust_list resumed>) = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5239] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5242 [pid 5235] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5241 [pid 5238] write(3, "1000", 4 [pid 5235] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5242] set_robust_list(0x55555d3d9660, 24 [pid 5241] set_robust_list(0x55555d3d9660, 24 [pid 5238] <... write resumed>) = 4 [pid 5242] <... set_robust_list resumed>) = 0 [pid 5241] <... set_robust_list resumed>) = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5240] <... prctl resumed>) = 0 [pid 5238] close(3 [pid 5241] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5240] setpgid(0, 0 [pid 5238] <... close resumed>) = 0 [pid 5240] <... setpgid resumed>) = 0 executing program [pid 5238] write(1, "executing program\n", 18 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5238] <... write resumed>) = 18 [pid 5238] creat("./file0", 000./strace-static-x86_64: Process 5244 attached ./strace-static-x86_64: Process 5243 attached [pid 5235] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5243 [pid 5242] <... prctl resumed>) = 0 [pid 5240] <... openat resumed>) = 3 [pid 5242] setpgid(0, 0 [pid 5241] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5244 [pid 5242] <... setpgid resumed>) = 0 [pid 5243] set_robust_list(0x55555d3d9660, 24 [pid 5244] set_robust_list(0x55555d3d9660, 24 [pid 5243] <... set_robust_list resumed>) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5240] write(3, "1000", 4 [pid 5238] <... creat resumed>) = 3 [pid 5244] <... set_robust_list resumed>) = 0 [pid 5238] pipe2( [pid 5243] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5238] <... pipe2 resumed>[4, 5], 0) = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5242] <... openat resumed>) = 3 [pid 5240] <... write resumed>) = 4 [pid 5238] dup(5./strace-static-x86_64: Process 5245 attached [pid 5242] write(3, "1000", 4 [pid 5238] <... dup resumed>) = 6 [pid 5244] <... prctl resumed>) = 0 executing program [pid 5243] <... clone resumed>, child_tidptr=0x55555d3d9650) = 5245 [pid 5242] <... write resumed>) = 4 [pid 5240] close(3 [pid 5242] close(3 [pid 5240] <... close resumed>) = 0 [pid 5244] setpgid(0, 0 [pid 5242] <... close resumed>) = 0 [pid 5240] write(1, "executing program\n", 18 [pid 5245] set_robust_list(0x55555d3d9660, 24 [pid 5240] <... write resumed>) = 18 [pid 5238] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k" [pid 5245] <... set_robust_list resumed>) = 0 [pid 5244] <... setpgid resumed>) = 0 executing program [pid 5242] write(1, "executing program\n", 18 [pid 5240] creat("./file0", 000 [pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5242] <... write resumed>) = 18 [pid 5240] <... creat resumed>) = 3 [pid 5245] <... prctl resumed>) = 0 [pid 5244] <... openat resumed>) = 3 [pid 5242] creat("./file0", 000 [pid 5245] setpgid(0, 0) = 0 [pid 5242] <... creat resumed>) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5240] pipe2( [pid 5244] close(3 [pid 5242] pipe2( [pid 5240] <... pipe2 resumed>[4, 5], 0) = 0 [pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5244] <... close resumed>) = 0 executing program [pid 5245] <... openat resumed>) = 3 [pid 5244] write(1, "executing program\n", 18 [pid 5242] <... pipe2 resumed>[4, 5], 0) = 0 [pid 5240] dup(5 [pid 5245] write(3, "1000", 4 [pid 5244] <... write resumed>) = 18 [pid 5245] <... write resumed>) = 4 [pid 5244] creat("./file0", 000 [pid 5242] dup(5 [pid 5240] <... dup resumed>) = 6 [pid 5244] <... creat resumed>) = 3 [pid 5242] <... dup resumed>) = 6 [pid 5240] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k" [pid 5242] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k"executing program [pid 5245] close(3 [pid 5244] pipe2( [pid 5245] <... close resumed>) = 0 [pid 5245] write(1, "executing program\n", 18) = 18 [pid 5245] creat("./file0", 000) = 3 [pid 5245] pipe2([4, 5], 0) = 0 [pid 5245] dup(5) = 6 [pid 5245] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k" [pid 5244] <... pipe2 resumed>[4, 5], 0) = 0 [pid 5244] dup(5) = 6 [ 54.509832][ T5240] ------------[ cut here ]------------ [ 54.515727][ T5240] kmem_cache of name '9p-fcall-cache-(null)' already exists [ 54.525129][ T5240] WARNING: CPU: 1 PID: 5240 at mm/slab_common.c:108 __kmem_cache_create_args+0xa7/0x320 [ 54.535122][ T5240] Modules linked in: [ 54.539078][ T5240] CPU: 1 UID: 0 PID: 5240 Comm: syz-executor421 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 54.549822][ T5240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 54.560344][ T5240] RIP: 0010:__kmem_cache_create_args+0xa7/0x320 [ 54.566664][ T5240] Code: 8e 48 8b 1b 48 39 eb 74 25 48 8b 7b f8 4c 89 fe e8 ce 95 e7 09 85 c0 75 e8 90 48 c7 c7 e7 08 0c 8e 4c 89 fe e8 ea 59 78 ff 90 <0f> 0b 90 90 4c 89 ff be 20 00 00 00 e8 28 97 e7 09 48 85 c0 0f 85 [ 54.586385][ T5240] RSP: 0018:ffffc90003c37788 EFLAGS: 00010246 [ 54.592506][ T5240] RAX: e556688e8a29a100 RBX: ffff88814b3eeba8 RCX: ffff88807a823c00 [ 54.600770][ T5240] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 54.608855][ T5240] RBP: ffffffff8ea20cf8 R08: ffffffff8155d7b2 R09: 1ffff110170e519a [ 54.616934][ T5240] R10: dffffc0000000000 R11: ffffed10170e519b R12: 0000000000020018 [ 54.625138][ T5240] R13: 0000000000000000 R14: ffffc90003c37860 R15: ffff88802ffcf240 [ 54.633118][ T5240] FS: 000055555d3d9380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 54.642105][ T5240] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.648750][ T5240] CR2: 0000000020001900 CR3: 00000000123a6000 CR4: 00000000003526f0 [ 54.656775][ T5240] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 54.664813][ T5240] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 54.672791][ T5240] Call Trace: [ 54.676113][ T5240] [ 54.679053][ T5240] ? __warn+0x168/0x4e0 [ 54.683206][ T5240] ? __kmem_cache_create_args+0xa7/0x320 [ 54.688923][ T5240] ? report_bug+0x2b3/0x500 [ 54.693546][ T5240] ? __kmem_cache_create_args+0xa7/0x320 [ 54.699276][ T5240] ? handle_bug+0x60/0x90 [ 54.703637][ T5240] ? exc_invalid_op+0x1a/0x50 [ 54.708428][ T5240] ? asm_exc_invalid_op+0x1a/0x20 [ 54.713488][ T5240] ? __warn_printk+0x292/0x360 [ 54.718422][ T5240] ? __kmem_cache_create_args+0xa7/0x320 [ 54.724159][ T5240] ? __kmem_cache_create_args+0xa6/0x320 [ 54.729833][ T5240] p9_client_create+0xbc0/0x1150 [ 54.735292][ T5240] ? __pfx_p9_client_create+0x10/0x10 [ 54.740695][ T5240] ? __asan_memset+0x23/0x50 [ 54.745408][ T5240] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 54.751255][ T5240] ? __raw_spin_lock_init+0x45/0x100 [ 54.756603][ T5240] v9fs_session_init+0x1e4/0x1b80 [ 54.761860][ T5240] ? __pfx_v9fs_session_init+0x10/0x10 [ 54.767434][ T5240] ? __kasan_kmalloc+0x98/0xb0 [ 54.772220][ T5240] ? __kmalloc_cache_noprof+0x243/0x390 [ 54.777841][ T5240] ? v9fs_mount+0xb2/0xaa0 [ 54.782284][ T5240] v9fs_mount+0xcf/0xaa0 [ 54.786611][ T5240] ? __pfx_aa_get_newest_label+0x10/0x10 [ 54.792273][ T5240] ? __pfx_v9fs_mount+0x10/0x10 [ 54.797194][ T5240] ? __kmalloc_cache_noprof+0x243/0x390 [ 54.802768][ T5240] legacy_get_tree+0xee/0x190 [ 54.807526][ T5240] ? __pfx_v9fs_mount+0x10/0x10 [ 54.812393][ T5240] vfs_get_tree+0x90/0x2b0 [ 54.816858][ T5240] do_new_mount+0x2be/0xb40 [ 54.821383][ T5240] ? __pfx_do_new_mount+0x10/0x10 [ 54.826479][ T5240] __se_sys_mount+0x2d6/0x3c0 [ 54.831170][ T5240] ? __pfx___se_sys_mount+0x10/0x10 [ 54.836411][ T5240] ? exc_page_fault+0x590/0x8c0 [ 54.841281][ T5240] ? __x64_sys_mount+0x20/0xc0 [ 54.846118][ T5240] do_syscall_64+0xf3/0x230 [ 54.850631][ T5240] ? clear_bhb_loop+0x35/0x90 [ 54.855369][ T5240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.861285][ T5240] RIP: 0033:0x7f0af30dae69 [ 54.865824][ T5240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.885500][ T5240] RSP: 002b:00007fff1bb8a048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 54.893972][ T5240] RAX: ffffffffffffffda RBX: 00007f0af312404e RCX: 00007f0af30dae69 [ 54.901966][ T5240] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 54.910036][ T5240] RBP: 00000000000f4240 R08: 0000000020000180 R09: 00000000000000a0 [ 54.918070][ T5240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.926122][ T5240] R13: 00007fff1bb8a268 R14: 00007fff1bb8a070 R15: 00007fff1bb8a060 [ 54.934145][ T5240] [ 54.937181][ T5240] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 54.944455][ T5240] CPU: 1 UID: 0 PID: 5240 Comm: syz-executor421 Not tainted 6.12.0-rc3-next-20241016-syzkaller #0 [ 54.955028][ T5240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 54.965084][ T5240] Call Trace: [ 54.968367][ T5240] [ 54.971284][ T5240] dump_stack_lvl+0x241/0x360 [ 54.975959][ T5240] ? __pfx_dump_stack_lvl+0x10/0x10 [ 54.981156][ T5240] ? __pfx__printk+0x10/0x10 [ 54.985755][ T5240] ? vscnprintf+0x5d/0x90 [ 54.990082][ T5240] panic+0x349/0x880 [ 54.993974][ T5240] ? __warn+0x177/0x4e0 [ 54.998127][ T5240] ? __pfx_panic+0x10/0x10 [ 55.002551][ T5240] __warn+0x34b/0x4e0 [ 55.006524][ T5240] ? __kmem_cache_create_args+0xa7/0x320 [ 55.012154][ T5240] report_bug+0x2b3/0x500 [ 55.016481][ T5240] ? __kmem_cache_create_args+0xa7/0x320 [ 55.022114][ T5240] handle_bug+0x60/0x90 [ 55.026266][ T5240] exc_invalid_op+0x1a/0x50 [ 55.030801][ T5240] asm_exc_invalid_op+0x1a/0x20 [ 55.035664][ T5240] RIP: 0010:__kmem_cache_create_args+0xa7/0x320 [ 55.041931][ T5240] Code: 8e 48 8b 1b 48 39 eb 74 25 48 8b 7b f8 4c 89 fe e8 ce 95 e7 09 85 c0 75 e8 90 48 c7 c7 e7 08 0c 8e 4c 89 fe e8 ea 59 78 ff 90 <0f> 0b 90 90 4c 89 ff be 20 00 00 00 e8 28 97 e7 09 48 85 c0 0f 85 [ 55.061628][ T5240] RSP: 0018:ffffc90003c37788 EFLAGS: 00010246 [ 55.067700][ T5240] RAX: e556688e8a29a100 RBX: ffff88814b3eeba8 RCX: ffff88807a823c00 [ 55.075687][ T5240] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 55.083657][ T5240] RBP: ffffffff8ea20cf8 R08: ffffffff8155d7b2 R09: 1ffff110170e519a [ 55.091629][ T5240] R10: dffffc0000000000 R11: ffffed10170e519b R12: 0000000000020018 [ 55.099594][ T5240] R13: 0000000000000000 R14: ffffc90003c37860 R15: ffff88802ffcf240 [ 55.107571][ T5240] ? __warn_printk+0x292/0x360 [ 55.112342][ T5240] ? __kmem_cache_create_args+0xa6/0x320 [ 55.117975][ T5240] p9_client_create+0xbc0/0x1150 [ 55.122921][ T5240] ? __pfx_p9_client_create+0x10/0x10 [ 55.128289][ T5240] ? __asan_memset+0x23/0x50 [ 55.132875][ T5240] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 55.138690][ T5240] ? __raw_spin_lock_init+0x45/0x100 [ 55.143981][ T5240] v9fs_session_init+0x1e4/0x1b80 [ 55.149018][ T5240] ? __pfx_v9fs_session_init+0x10/0x10 [ 55.154480][ T5240] ? __kasan_kmalloc+0x98/0xb0 [ 55.159241][ T5240] ? __kmalloc_cache_noprof+0x243/0x390 [ 55.164795][ T5240] ? v9fs_mount+0xb2/0xaa0 [ 55.169207][ T5240] v9fs_mount+0xcf/0xaa0 [ 55.173444][ T5240] ? __pfx_aa_get_newest_label+0x10/0x10 [ 55.179070][ T5240] ? __pfx_v9fs_mount+0x10/0x10 [ 55.183913][ T5240] ? __kmalloc_cache_noprof+0x243/0x390 [ 55.189493][ T5240] legacy_get_tree+0xee/0x190 [ 55.194171][ T5240] ? __pfx_v9fs_mount+0x10/0x10 [ 55.199021][ T5240] vfs_get_tree+0x90/0x2b0 [ 55.203438][ T5240] do_new_mount+0x2be/0xb40 [ 55.207945][ T5240] ? __pfx_do_new_mount+0x10/0x10 [ 55.212974][ T5240] __se_sys_mount+0x2d6/0x3c0 [ 55.217656][ T5240] ? __pfx___se_sys_mount+0x10/0x10 [ 55.222892][ T5240] ? exc_page_fault+0x590/0x8c0 [ 55.227832][ T5240] ? __x64_sys_mount+0x20/0xc0 [ 55.232776][ T5240] do_syscall_64+0xf3/0x230 [ 55.237273][ T5240] ? clear_bhb_loop+0x35/0x90 [ 55.241944][ T5240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.247831][ T5240] RIP: 0033:0x7f0af30dae69 [ 55.252243][ T5240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 55.271844][ T5240] RSP: 002b:00007fff1bb8a048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.280265][ T5240] RAX: ffffffffffffffda RBX: 00007f0af312404e RCX: 00007f0af30dae69 [ 55.288231][ T5240] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 55.296193][ T5240] RBP: 00000000000f4240 R08: 0000000020000180 R09: 00000000000000a0 [ 55.304154][ T5240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.312224][ T5240] R13: 00007fff1bb8a268 R14: 00007fff1bb8a070 R15: 00007fff1bb8a060 [ 55.320294][ T5240] [ 55.323438][ T5240] Kernel Offset: disabled [ 55.327789][ T5240] Rebooting in 86400 seconds..