./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2427842928

<...>
Warning: Permanently added '10.128.10.39' (ED25519) to the list of known hosts.
execve("./syz-executor2427842928", ["./syz-executor2427842928"], 0x7fff1a4395d0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555c9e000
brk(0x555555c9ed00)                     = 0x555555c9ed00
arch_prctl(ARCH_SET_FS, 0x555555c9e380) = 0
set_tid_address(0x555555c9e650)         = 5018
set_robust_list(0x555555c9e660, 24)     = 0
rseq(0x555555c9eca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2427842928", 4096) = 28
getrandom("\x56\x1a\xa0\x6d\x71\x22\xd5\xf6", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555555c9ed00
brk(0x555555cbfd00)                     = 0x555555cbfd00
brk(0x555555cc0000)                     = 0x555555cc0000
mprotect(0x7faff7374000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
socket(AF_ALG, SOCK_SEQPACKET, 0)       = 3
bind(3, {sa_family=AF_ALG, salg_type="hash", salg_feat=0, salg_mask=0, salg_name="rmd160-generic"}, 88) = 0
accept4(3, NULL, NULL, 0)               = 4
[   41.212465][ T5018] BUG: Bad page state in process syz-executor242  pfn:10390
[   41.219878][ T5018] page:ffffea000040e400 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10390
[   41.230345][ T5018] flags: 0xfff18000001042(referenced|workingset|reserved|node=0|zone=1|lastcpupid=0x7ff)
[   41.240277][ T5018] page_type: 0xffffffff()
[   41.244592][ T5018] raw: 00fff18000001042 ffffea000040e408 ffffea000040e408 0000000000000000
[   41.253212][ T5018] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   41.261805][ T5018] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[   41.269106][ T5018] page_owner info is not present (never set?)
[   41.275232][ T5018] Modules linked in:
[   41.279619][ T5018] CPU: 0 PID: 5018 Comm: syz-executor242 Not tainted 6.5.0-rc1-syzkaller-00259-g831fe284d827 #0
[   41.290015][ T5018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
[   41.300047][ T5018] Call Trace:
[   41.303310][ T5018]  <TASK>
[   41.306223][ T5018]  dump_stack_lvl+0x125/0x1b0
[   41.310903][ T5018]  bad_page+0xb4/0x200
[   41.314977][ T5018]  ? zone_batchsize+0xa0/0xa0
[   41.319636][ T5018]  ? page_bad_reason+0x9d/0x190
[   41.324486][ T5018]  free_unref_page_prepare+0x598/0xb90
[   41.329943][ T5018]  ? mem_cgroup_swapin_charge_folio+0x300/0x300
[   41.336168][ T5018]  free_unref_page+0x33/0x3b0
[   41.340839][ T5018]  __folio_put+0xc5/0x140
[   41.345163][ T5018]  extract_iter_to_sg+0x1604/0x19e0
[   41.350385][ T5018]  ? sg_init_one+0x140/0x140
[   41.354975][ T5018]  ? gup_put_folio+0x71/0x2a0
[   41.359646][ T5018]  ? sanity_check_pinned_pages+0xf60/0xf60
[   41.365449][ T5018]  ? af_alg_free_sg+0xa1/0x260
[   41.370214][ T5018]  hash_sendmsg+0x459/0x1030
[   41.374811][ T5018]  ? hash_recvmsg_nokey+0x80/0x80
[   41.379829][ T5018]  sock_sendmsg+0xd9/0x180
[   41.384236][ T5018]  ____sys_sendmsg+0x6ac/0x940
[   41.388991][ T5018]  ? copy_msghdr_from_user+0x10b/0x160
[   41.394440][ T5018]  ? kernel_sendmsg+0x50/0x50
[   41.399112][ T5018]  ___sys_sendmsg+0x135/0x1d0
[   41.403780][ T5018]  ? do_recvmmsg+0x740/0x740
[   41.408369][ T5018]  ? lock_sync+0x190/0x190
[   41.412779][ T5018]  ? ptrace_stop.part.0+0x4b4/0x8f0
[   41.417974][ T5018]  ? __fget_light+0x1fc/0x260
[   41.422659][ T5018]  __sys_sendmsg+0x117/0x1e0
[   41.427240][ T5018]  ? __sys_sendmsg_sock+0x30/0x30
[   41.432254][ T5018]  ? ptrace_notify+0xf4/0x130
[   41.436926][ T5018]  ? lockdep_hardirqs_on+0x7d/0x100
[   41.442114][ T5018]  ? _raw_spin_unlock_irq+0x2e/0x50
[   41.447307][ T5018]  ? ptrace_notify+0xf4/0x130
[   41.451975][ T5018]  do_syscall_64+0x38/0xb0
[   41.456377][ T5018]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   41.462266][ T5018] RIP: 0033:0x7faff73013a9
[   41.466758][ T5018] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   41.486351][ T5018] RSP: 002b:00007ffe54a81dd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.494755][ T5018] RAX: ffffffffffffffda RBX: 00007ffe54a81fa8 RCX: 00007faff73013a9
[   41.502724][ T5018] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[   41.510682][ T5018] RBP: 00007faff7374610 R08: 00007ffe54a81fa8 R09: 00007ffe54a81fa8
[   41.518639][ T5018] R10: 00007ffe54a81fa8 R11: 0000000000000246 R12: 0000000000000001
[   41.526599][ T5018] R13: 00007ffe54a81f98 R14: 0000000000000001 R15: 0000000000000001
[   41.534571][ T5018]  </TASK>
[   41.537769][ T5018] Disabling lock debugging due to kernel taint
[   41.543918][ T5018] page:ffffea000040e400 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10390
[   41.554114][ T5018] flags: 0xfff18000001042(referenced|workingset|reserved|node=0|zone=1|lastcpupid=0x7ff)
[   41.563952][ T5018] page_type: 0xffffffff()
[   41.568304][ T5018] raw: 00fff18000001042 ffffea000040e408 ffffea000040e408 0000000000000000
[   41.576890][ T5018] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   41.585440][ T5018] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[   41.593149][ T5018] page_owner info is not present (never set?)
[   41.599489][ T5018] ------------[ cut here ]------------
[   41.604918][ T5018] kernel BUG at include/linux/mm.h:1010!
[   41.610555][ T5018] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   41.616634][ T5018] CPU: 1 PID: 5018 Comm: syz-executor242 Tainted: G    B              6.5.0-rc1-syzkaller-00259-g831fe284d827 #0
[   41.628497][ T5018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023
[   41.638546][ T5018] RIP: 0010:extract_iter_to_sg+0x1768/0x19e0
[   41.644508][ T5018] Code: a0 69 fd 49 8d 5e ff e9 28 fe ff ff 4c 8b 6c 24 28 e9 12 f4 ff ff e8 17 a0 69 fd 48 c7 c6 e0 a7 c7 8a 48 89 df e8 08 49 a6 fd <0f> 0b e8 a1 8d bd fd e9 ca f8 ff ff 4c 89 ef e8 b4 8d bd fd e9 2c
[   41.664089][ T5018] RSP: 0018:ffffc90003a9f898 EFLAGS: 00010293
[   41.670135][ T5018] RAX: 0000000000000000 RBX: ffffea000040e400 RCX: 0000000000000000
[   41.678083][ T5018] RDX: ffff8880296a1dc0 RSI: ffffffff841cced8 RDI: 0000000000000000
[   41.686027][ T5018] RBP: dffffc0000000000 R08: 0000000000000000 R09: fffffbfff1d56fca
[   41.693974][ T5018] R10: ffffffff8eab7e57 R11: 0000000000000001 R12: ffffea000040e434
[   41.701919][ T5018] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88802bff5800
[   41.709864][ T5018] FS:  0000555555c9e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   41.718770][ T5018] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.725328][ T5018] CR2: 00007fea845f2304 CR3: 000000007352e000 CR4: 0000000000350ee0
[   41.733277][ T5018] Call Trace:
[   41.736531][ T5018]  <TASK>
[   41.739438][ T5018]  ? die+0x31/0x80
[   41.743142][ T5018]  ? do_trap+0x1ab/0x3b0
[   41.747364][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.752714][ T5018]  ? do_error_trap+0x9e/0x160
[   41.757372][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.762731][ T5018]  ? handle_invalid_op+0x2c/0x30
[   41.767650][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.773001][ T5018]  ? exc_invalid_op+0x2d/0x40
[   41.777653][ T5018]  ? asm_exc_invalid_op+0x1a/0x20
[   41.782698][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.788074][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.793434][ T5018]  ? extract_iter_to_sg+0x1768/0x19e0
[   41.798792][ T5018]  ? sg_init_one+0x140/0x140
[   41.803361][ T5018]  ? gup_put_folio+0x71/0x2a0
[   41.808059][ T5018]  ? sanity_check_pinned_pages+0xf60/0xf60
[   41.813844][ T5018]  ? af_alg_free_sg+0xa1/0x260
[   41.818595][ T5018]  hash_sendmsg+0x459/0x1030
[   41.823161][ T5018]  ? hash_recvmsg_nokey+0x80/0x80
[   41.828162][ T5018]  sock_sendmsg+0xd9/0x180
[   41.832556][ T5018]  ____sys_sendmsg+0x6ac/0x940
[   41.837299][ T5018]  ? copy_msghdr_from_user+0x10b/0x160
[   41.842737][ T5018]  ? kernel_sendmsg+0x50/0x50
[   41.847409][ T5018]  ___sys_sendmsg+0x135/0x1d0
[   41.852071][ T5018]  ? do_recvmmsg+0x740/0x740
[   41.856816][ T5018]  ? lock_sync+0x190/0x190
[   41.861212][ T5018]  ? ptrace_stop.part.0+0x4b4/0x8f0
[   41.866387][ T5018]  ? __fget_light+0x1fc/0x260
[   41.871042][ T5018]  __sys_sendmsg+0x117/0x1e0
[   41.875607][ T5018]  ? __sys_sendmsg_sock+0x30/0x30
[   41.880610][ T5018]  ? ptrace_notify+0xf4/0x130
[   41.885278][ T5018]  ? lockdep_hardirqs_on+0x7d/0x100
[   41.890469][ T5018]  ? _raw_spin_unlock_irq+0x2e/0x50
[   41.895671][ T5018]  ? ptrace_notify+0xf4/0x130
[   41.900344][ T5018]  do_syscall_64+0x38/0xb0
[   41.904763][ T5018]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   41.910636][ T5018] RIP: 0033:0x7faff73013a9
[   41.915023][ T5018] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   41.934602][ T5018] RSP: 002b:00007ffe54a81dd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.943089][ T5018] RAX: ffffffffffffffda RBX: 00007ffe54a81fa8 RCX: 00007faff73013a9
[   41.951048][ T5018] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[   41.958994][ T5018] RBP: 00007faff7374610 R08: 00007ffe54a81fa8 R09: 00007ffe54a81fa8
[   41.966958][ T5018] R10: 00007ffe54a81fa8 R11: 0000000000000246 R12: 0000000000000001
[   41.974946][ T5018] R13: 00007ffe54a81f98 R14: 0000000000000001 R15: 0000000000000001
[   41.982902][ T5018]  </TASK>
[   41.985988][ T5018] Modules linked in:
[   41.990037][ T5018] ---[ end trace 0000000000000000 ]---
[   41.995497][ T5018] RIP: 0010:extract_iter_to_sg+0x1768/0x19e0
[   42.001510][ T5018] Code: a0 69 fd 49 8d 5e ff e9 28 fe ff ff 4c 8b 6c 24 28 e9 12 f4 ff ff e8 17 a0 69 fd 48 c7 c6 e0 a7 c7 8a 48 89 df e8 08 49 a6 fd <0f> 0b e8 a1 8d bd fd e9 ca f8 ff ff 4c 89 ef e8 b4 8d bd fd e9 2c
[   42.021135][ T5018] RSP: 0018:ffffc90003a9f898 EFLAGS: 00010293
[   42.027206][ T5018] RAX: 0000000000000000 RBX: ffffea000040e400 RCX: 0000000000000000
[   42.035171][ T5018] RDX: ffff8880296a1dc0 RSI: ffffffff841cced8 RDI: 0000000000000000
[   42.043159][ T5018] RBP: dffffc0000000000 R08: 0000000000000000 R09: fffffbfff1d56fca
[   42.051140][ T5018] R10: ffffffff8eab7e57 R11: 0000000000000001 R12: ffffea000040e434
[   42.059117][ T5018] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88802bff5800
[   42.067099][ T5018] FS:  0000555555c9e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   42.076025][ T5018] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   42.082702][ T5018] CR2: 00007fea845f2304 CR3: 000000007352e000 CR4: 0000000000350ee0
[   42.090706][ T5018] Kernel panic - not syncing: Fatal exception
[   42.097577][ T5018] Kernel Offset: disabled
[   42.101920][ T5018] Rebooting in 86400 seconds..