program: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x0, &(0x7f0000000280)}) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="a8"], 0xa8) write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x21, 0xffffffff, 0xfffffffff12bd390, 0x2, 0x6, 0x0, 0x6, 0x0, 0x0, 0x1, 0x6}}, 0x50) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) [ 68.797572][ T4702] Bluetooth: hci0: command tx timeout [ 68.870409][ T5355] ------------[ cut here ]------------ [ 68.872791][ T5355] WARNING: CPU: 0 PID: 5355 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370 [ 68.878571][ T5355] Modules linked in: [ 68.881315][ T5355] CPU: 0 UID: 0 PID: 5355 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 68.886778][ T5355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.893457][ T5355] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 68.897061][ T5355] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 89 0a 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 68.906810][ T5355] RSP: 0018:ffffc9000f4cf8c0 EFLAGS: 00010246 [ 68.909736][ T5355] RAX: ffffc9000f4cf900 RBX: 000000000000002a RCX: 0000000000000000 [ 68.912942][ T5355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000f4cf928 [ 68.915982][ T5355] RBP: ffffc9000f4cf9c0 R08: ffffc9000f4cf927 R09: 0000000000000000 [ 68.919570][ T5355] R10: ffffc9000f4cf900 R11: fffff52001e99f25 R12: 0000000000000000 [ 68.923121][ T5355] R13: 1ffff92001e99f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 68.926504][ T5355] FS: 00007fa5f4df56c0(0000) GS:ffff88808d00a000(0000) knlGS:0000000000000000 [ 68.930531][ T5355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 68.933330][ T5355] CR2: 0000200000001000 CR3: 00000000437bd000 CR4: 0000000000352ef0 [ 68.936513][ T5355] Call Trace: [ 68.938017][ T5355] [ 68.939285][ T5355] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 68.942096][ T5355] ? kfree+0x18e/0x440 [ 68.943911][ T5355] ? policy_nodemask+0x27c/0x720 [ 68.946145][ T5355] ? p9_client_clunk+0x1b6/0x250 [ 68.948560][ T5355] alloc_pages_mpol+0x232/0x4a0 [ 68.950849][ T5355] ___kmalloc_large_node+0x5f/0x1b0 [ 68.952900][ T5355] __kmalloc_large_node_noprof+0x18/0x90 [ 68.955241][ T5355] __kmalloc_noprof+0x36f/0x4f0 [ 68.957432][ T5355] ? v9fs_fid_get_acl+0x4f/0x100 [ 68.959656][ T5355] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 68.962242][ T5355] v9fs_fid_get_acl+0x4f/0x100 [ 68.964234][ T5355] v9fs_get_acl+0x9a/0x360 [ 68.966147][ T5355] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 68.968798][ T5355] v9fs_mount+0x6eb/0xa50 [ 68.970791][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 68.972582][ T5355] legacy_get_tree+0xfd/0x1a0 [ 68.974675][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 68.976806][ T5355] vfs_get_tree+0x8f/0x2b0 [ 68.978915][ T5355] do_new_mount+0x2a2/0x9e0 [ 68.980895][ T5355] ? ns_capable+0x8a/0xf0 [ 68.982679][ T5355] ? __pfx_do_new_mount+0x10/0x10 [ 68.984812][ T5355] ? path_mount+0x61c/0xfe0 [ 68.986683][ T5355] ? user_path_at+0x44/0x60 [ 68.988932][ T5355] __se_sys_mount+0x317/0x410 [ 68.990954][ T5355] ? __pfx___se_sys_mount+0x10/0x10 [ 68.993075][ T5355] ? rcu_is_watching+0x15/0xb0 [ 68.994988][ T5355] ? do_syscall_64+0xbe/0x3b0 [ 68.996787][ T5355] ? __x64_sys_mount+0x20/0xc0 [ 68.999090][ T5355] do_syscall_64+0xfa/0x3b0 [ 69.000776][ T5355] ? lockdep_hardirqs_on+0x9c/0x150 [ 69.002929][ T5355] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.005485][ T5355] ? clear_bhb_loop+0x60/0xb0 [ 69.007547][ T5355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.010087][ T5355] RIP: 0033:0x7fa5f898eba9 [ 69.012020][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.019817][ T5355] RSP: 002b:00007fa5f4df5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.023289][ T5355] RAX: ffffffffffffffda RBX: 00007fa5f8bd5fa0 RCX: 00007fa5f898eba9 [ 69.026874][ T5355] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 69.030500][ T5355] RBP: 00007fa5f8a11e19 R08: 0000200000000500 R09: 0000000000000000 [ 69.033943][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 69.037467][ T5355] R13: 00007fa5f8bd6038 R14: 00007fa5f8bd5fa0 R15: 00007fff98366818 [ 69.040839][ T5355] [ 69.042250][ T5355] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 69.045587][ T5355] CPU: 0 UID: 0 PID: 5355 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 69.050099][ T5355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.054697][ T5355] Call Trace: [ 69.056180][ T5355] [ 69.057521][ T5355] dump_stack_lvl+0x99/0x250 [ 69.059554][ T5355] ? __asan_memcpy+0x40/0x70 [ 69.061670][ T5355] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.063895][ T5355] ? __pfx__printk+0x10/0x10 [ 69.065954][ T5355] vpanic+0x281/0x750 [ 69.067696][ T5355] ? __pfx__printk+0x10/0x10 [ 69.069786][ T5355] ? __pfx_vpanic+0x10/0x10 [ 69.071812][ T5355] ? is_bpf_text_address+0x26/0x2b0 [ 69.074093][ T5355] panic+0xb9/0xc0 [ 69.075754][ T5355] ? __pfx_panic+0x10/0x10 [ 69.077777][ T5355] __warn+0x31b/0x4b0 [ 69.079578][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 69.082087][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 69.084624][ T5355] report_bug+0x2be/0x4f0 [ 69.086469][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 69.088952][ T5355] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 69.091365][ T5355] ? __alloc_frozen_pages_noprof+0x2ca/0x370 [ 69.093391][ T5355] handle_bug+0x84/0x160 [ 69.094928][ T5355] exc_invalid_op+0x1a/0x50 [ 69.096563][ T5355] asm_exc_invalid_op+0x1a/0x20 [ 69.098481][ T5355] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 69.101426][ T5355] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 89 0a 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 69.109366][ T5355] RSP: 0018:ffffc9000f4cf8c0 EFLAGS: 00010246 [ 69.111934][ T5355] RAX: ffffc9000f4cf900 RBX: 000000000000002a RCX: 0000000000000000 [ 69.115354][ T5355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000f4cf928 [ 69.119547][ T5355] RBP: ffffc9000f4cf9c0 R08: ffffc9000f4cf927 R09: 0000000000000000 [ 69.122955][ T5355] R10: ffffc9000f4cf900 R11: fffff52001e99f25 R12: 0000000000000000 [ 69.126212][ T5355] R13: 1ffff92001e99f1c R14: 0000000000040d40 R15: dffffc0000000000 [ 69.129359][ T5355] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 69.132079][ T5355] ? kfree+0x18e/0x440 [ 69.133795][ T5355] ? policy_nodemask+0x27c/0x720 [ 69.135953][ T5355] ? p9_client_clunk+0x1b6/0x250 [ 69.138103][ T5355] alloc_pages_mpol+0x232/0x4a0 [ 69.140302][ T5355] ___kmalloc_large_node+0x5f/0x1b0 [ 69.142500][ T5355] __kmalloc_large_node_noprof+0x18/0x90 [ 69.144849][ T5355] __kmalloc_noprof+0x36f/0x4f0 [ 69.146981][ T5355] ? v9fs_fid_get_acl+0x4f/0x100 [ 69.149091][ T5355] ? __pfx_v9fs_cache_inode_get_cookie+0x10/0x10 [ 69.151694][ T5355] v9fs_fid_get_acl+0x4f/0x100 [ 69.153695][ T5355] v9fs_get_acl+0x9a/0x360 [ 69.155628][ T5355] v9fs_inode_from_fid_dotl+0x221/0x2b0 [ 69.157952][ T5355] v9fs_mount+0x6eb/0xa50 [ 69.159881][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 69.161866][ T5355] legacy_get_tree+0xfd/0x1a0 [ 69.163828][ T5355] ? __pfx_v9fs_mount+0x10/0x10 [ 69.165890][ T5355] vfs_get_tree+0x8f/0x2b0 [ 69.167834][ T5355] do_new_mount+0x2a2/0x9e0 [ 69.169763][ T5355] ? ns_capable+0x8a/0xf0 [ 69.171559][ T5355] ? __pfx_do_new_mount+0x10/0x10 [ 69.173737][ T5355] ? path_mount+0x61c/0xfe0 [ 69.175721][ T5355] ? user_path_at+0x44/0x60 [ 69.177764][ T5355] __se_sys_mount+0x317/0x410 [ 69.179747][ T5355] ? __pfx___se_sys_mount+0x10/0x10 [ 69.181882][ T5355] ? rcu_is_watching+0x15/0xb0 [ 69.183804][ T5355] ? do_syscall_64+0xbe/0x3b0 [ 69.185626][ T5355] ? __x64_sys_mount+0x20/0xc0 [ 69.187850][ T5355] do_syscall_64+0xfa/0x3b0 [ 69.189934][ T5355] ? lockdep_hardirqs_on+0x9c/0x150 [ 69.191991][ T5355] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.194831][ T5355] ? clear_bhb_loop+0x60/0xb0 [ 69.196842][ T5355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.199396][ T5355] RIP: 0033:0x7fa5f898eba9 [ 69.201337][ T5355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.209349][ T5355] RSP: 002b:00007fa5f4df5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.212882][ T5355] RAX: ffffffffffffffda RBX: 00007fa5f8bd5fa0 RCX: 00007fa5f898eba9 [ 69.216294][ T5355] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 69.219455][ T5355] RBP: 00007fa5f8a11e19 R08: 0000200000000500 R09: 0000000000000000 [ 69.222720][ T5355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 69.226076][ T5355] R13: 00007fa5f8bd6038 R14: 00007fa5f8bd5fa0 R15: 00007fff98366818 [ 69.229318][ T5355] [ 69.231015][ T5355] Kernel Offset: disabled [ 69.232806][ T5355] Rebooting in 86400 seconds..