./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1352460271 <...> forked to background, child pid 3182 no interfa[ 18.241168][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0 ces have a carrier [ 18.250858][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.10.38' (ECDSA) to the list of known hosts. execve("./syz-executor1352460271", ["./syz-executor1352460271"], 0x7ffda3a0bb50 /* 10 vars */) = 0 brk(NULL) = 0x555555aa4000 brk(0x555555aa4d00) = 0x555555aa4d00 arch_prctl(ARCH_SET_FS, 0x555555aa43c0) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1352460271", 4096) = 28 brk(0x555555ac5d00) = 0x555555ac5d00 brk(0x555555ac6000) = 0x555555ac6000 mprotect(0x7f1b7d613000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f1b7d56a1c0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f1b7d56a230}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f1b7d56a1c0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f1b7d56a230}, NULL, 8) = 0 openat(AT_FDCWD, "/dev/autofs", O_RDONLY) = 3 openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 4 mmap(0x20000000, 8192, PROT_READ|PROT_SEM, MAP_PRIVATE|MAP_FIXED, 4, 0x42000) = 0x20000000 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000000} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000004} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000008} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2000000c} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000010} --- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x20000018} --- syzkaller login: [ 37.678534][ T3604] ------------[ cut here ]------------ [ 37.684052][ T3604] kernel BUG at mm/memory.c:2218! [ 37.689196][ T3604] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 37.695262][ T3604] CPU: 1 PID: 3604 Comm: syz-executor135 Not tainted 6.0.0-syzkaller-09413-g4899a36f91a9 #0 [ 37.705408][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 37.715528][ T3604] RIP: 0010:vmf_insert_pfn_prot+0x248/0x460 [ 37.721406][ T3604] Code: 0f 0b e8 db 27 c6 ff 4d 89 f7 bf 20 00 00 00 41 83 e7 28 4c 89 fe e8 a7 24 c6 ff 49 83 ff 20 0f 85 a5 fe ff ff e8 b8 27 c6 ff <0f> 0b 49 be ff ff ff ff ff ff 0f 00 e8 a7 27 c6 ff 4d 21 ee 4c 89 [ 37.741207][ T3604] RSP: 0018:ffffc90003c0f9d8 EFLAGS: 00010293 [ 37.747534][ T3604] RAX: 0000000000000000 RBX: 1ffff92000781f3d RCX: 0000000000000000 [ 37.755656][ T3604] RDX: ffff888026ed0000 RSI: ffffffff81b51f78 RDI: 0000000000000007 [ 37.763613][ T3604] RBP: ffff8880758ef738 R08: 0000000000000007 R09: 0000000000000020 [ 37.771832][ T3604] R10: 0000000000000020 R11: 0000000000000000 R12: 0000000020000000 [ 37.779789][ T3604] R13: 000000000001d55e R14: 000000000c040471 R15: 0000000000000020 [ 37.787834][ T3604] FS: 0000555555aa43c0(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 37.796745][ T3604] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 37.803414][ T3604] CR2: 0000000020000000 CR3: 0000000074b79000 CR4: 0000000000350ee0 [ 37.811716][ T3604] Call Trace: [ 37.815081][ T3604] [ 37.817992][ T3604] ? insert_pfn+0x680/0x680 [ 37.822478][ T3604] ? lock_acquire+0x480/0x570 [ 37.827153][ T3604] ? rcu_read_lock_sched_held+0xd/0x70 [ 37.832602][ T3604] drm_gem_shmem_fault+0x1e3/0x290 [ 37.837700][ T3604] __do_fault+0x10d/0x610 [ 37.842007][ T3604] __handle_mm_fault+0x2130/0x39b0 [ 37.847192][ T3604] ? vm_iomap_memory+0x190/0x190 [ 37.852110][ T3604] ? lock_release+0x780/0x780 [ 37.856768][ T3604] handle_mm_fault+0x1c8/0x780 [ 37.861513][ T3604] do_user_addr_fault+0x475/0x1210 [ 37.866702][ T3604] ? rcu_read_lock_sched_held+0xd/0x70 [ 37.872146][ T3604] exc_page_fault+0x94/0x170 [ 37.876727][ T3604] asm_exc_page_fault+0x22/0x30 [ 37.881576][ T3604] RIP: 0010:copy_user_generic_string+0x2c/0x40 [ 37.887718][ T3604] Code: cb 83 fa 08 72 27 89 f9 83 e1 07 74 15 83 e9 08 f7 d9 29 ca 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 [ 37.907308][ T3604] RSP: 0018:ffffc90003c0fdf0 EFLAGS: 00050246 [ 37.913352][ T3604] RAX: 0000000000000001 RBX: 0000000000000018 RCX: 0000000000000003 [ 37.921301][ T3604] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffc90003c0fe58 [ 37.929252][ T3604] RBP: ffffc90003c0fe58 R08: 0000000000000001 R09: ffffc90003c0fe6f [ 37.937383][ T3604] R10: fffff52000781fcd R11: 000000000008c07c R12: 00007fffffffefe8 [ 37.945439][ T3604] R13: 0000000020000000 R14: 0000000000000007 R15: 0000000020000000 [ 37.953394][ T3604] _copy_from_user+0x137/0x170 [ 37.958145][ T3604] _autofs_dev_ioctl+0x104/0x7f0 [ 37.963072][ T3604] ? autofs_dev_ioctl_openmount+0x2d0/0x2d0 [ 37.969212][ T3604] ? _autofs_dev_ioctl+0x7f0/0x7f0 [ 37.974321][ T3604] autofs_dev_ioctl+0x17/0x20 [ 37.978987][ T3604] __x64_sys_ioctl+0x193/0x200 [ 37.984168][ T3604] do_syscall_64+0x35/0xb0 [ 37.988570][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 37.994443][ T3604] RIP: 0033:0x7f1b7d5a72f9 [ 37.998835][ T3604] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 38.018611][ T3604] RSP: 002b:00007ffc0ba1a8d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 38.027001][ T3604] RAX: ffffffffffffffda RBX: 00007ffc0ba1a8e8 RCX: 00007f1b7d5a72f9 [ 38.035138][ T3604] RDX: 0000000020000000 RSI: 00000000c0189378 RDI: 0000000000000003 [ 38.043103][ T3604] RBP: 00007ffc0ba1a8e0 R08: 00007ffc0ba1a8e0 R09: 00007f1b7d56a1c0 [ 38.051053][ T3604] R10: 00007ffc0ba1a8e0 R11: 0000000000000246 R12: 0000000000000000 [ 38.059015][ T3604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 38.066969][ T3604] [ 38.069966][ T3604] Modules linked in: [ 38.079243][ T3604] ---[ end trace 0000000000000000 ]--- [ 38.084738][ T3604] RIP: 0010:vmf_insert_pfn_prot+0x248/0x460 [ 38.090787][ T3604] Code: 0f 0b e8 db 27 c6 ff 4d 89 f7 bf 20 00 00 00 41 83 e7 28 4c 89 fe e8 a7 24 c6 ff 49 83 ff 20 0f 85 a5 fe ff ff e8 b8 27 c6 ff <0f> 0b 49 be ff ff ff ff ff ff 0f 00 e8 a7 27 c6 ff 4d 21 ee 4c 89 [ 38.110724][ T3604] RSP: 0018:ffffc90003c0f9d8 EFLAGS: 00010293 [ 38.116910][ T3604] RAX: 0000000000000000 RBX: 1ffff92000781f3d RCX: 0000000000000000 [ 38.124983][ T3604] RDX: ffff888026ed0000 RSI: ffffffff81b51f78 RDI: 0000000000000007 [ 38.133023][ T3604] RBP: ffff8880758ef738 R08: 0000000000000007 R09: 0000000000000020 [ 38.141045][ T3604] R10: 0000000000000020 R11: 0000000000000000 R12: 0000000020000000 [ 38.149182][ T3604] R13: 000000000001d55e R14: 000000000c040471 R15: 0000000000000020 [ 38.157209][ T3604] FS: 0000555555aa43c0(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 38.166156][ T3604] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.172991][ T3604] CR2: 00007f16c917aa70 CR3: 0000000074b79000 CR4: 0000000000350ef0 [ 38.181039][ T3604] Kernel panic - not syncing: Fatal exception [ 38.187785][ T3604] Kernel Offset: disabled [ 38.192095][ T3604] Rebooting in 86400 seconds..