[ 17.654000][ T418] device veth1_macvtap entered promiscuous mode [ 17.659407][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 17.661016][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 17.737367][ T418] syz-executor.0 (418) used greatest stack depth: 21736 bytes left [ 18.197311][ T43] device bridge_slave_1 left promiscuous mode [ 18.197372][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 18.197880][ T43] device bridge_slave_0 left promiscuous mode [ 18.197928][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 18.198758][ T43] device veth1_macvtap left promiscuous mode [ 18.198788][ T43] device veth0_vlan left promiscuous mode Warning: Permanently added '10.128.1.154' (ECDSA) to the list of known hosts. 2023/03/23 15:17:27 ignoring optional flag "sandboxArg"="0" 2023/03/23 15:17:27 parsed 1 programs 2023/03/23 15:17:27 executed programs: 0 [ 35.545112][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 35.545127][ T29] audit: type=1400 audit(1679584647.819:136): avc: denied { mounton } for pid=460 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 35.545277][ T29] audit: type=1400 audit(1679584647.819:137): avc: denied { mount } for pid=460 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 35.604303][ T463] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.604315][ T463] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.604501][ T463] device bridge_slave_0 entered promiscuous mode [ 35.604820][ T463] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.604828][ T463] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.604999][ T463] device bridge_slave_1 entered promiscuous mode [ 35.648676][ T463] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.648691][ T463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.648731][ T463] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.648738][ T463] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.657202][ T419] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.657400][ T419] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.657702][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.658006][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.659930][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.660051][ T419] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.660063][ T419] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.661271][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.661402][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.661414][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.666328][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.667706][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 35.674159][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 35.678813][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 35.679113][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 35.679255][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 35.680204][ T463] device veth0_vlan entered promiscuous mode [ 35.684087][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.685523][ T463] device veth1_macvtap entered promiscuous mode [ 35.689219][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.690710][ T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.699324][ T29] audit: type=1400 audit(1679584647.979:138): avc: denied { mount } for pid=463 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 35.880037][ T470] loop0: detected capacity change from 0 to 63271 [ 35.880451][ T29] audit: type=1400 audit(1679584648.159:139): avc: denied { mounton } for pid=469 comm="syz-executor.0" path="/root/syzkaller-testdir1509119751/syzkaller.gl0j86/0/bus" dev="sda1" ino=1148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 35.881075][ T470] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 35.881087][ T470] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 35.881667][ T470] F2FS-fs (loop0): invalid crc value [ 35.883189][ T470] F2FS-fs (loop0): Found nat_bits in checkpoint [ 35.906952][ T470] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 35.906974][ T470] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 35.907206][ T29] audit: type=1400 audit(1679584648.189:140): avc: denied { mount } for pid=469 comm="syz-executor.0" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 35.907655][ T29] audit: type=1400 audit(1679584648.189:141): avc: denied { write } for pid=469 comm="syz-executor.0" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 35.907740][ T29] audit: type=1400 audit(1679584648.189:142): avc: denied { add_name } for pid=469 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 35.907901][ T29] audit: type=1400 audit(1679584648.189:143): avc: denied { create } for pid=469 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 35.911718][ T29] audit: type=1400 audit(1679584648.189:144): avc: denied { read write open } for pid=469 comm="syz-executor.0" path="/root/syzkaller-testdir1509119751/syzkaller.gl0j86/0/bus/bus" dev="loop0" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 35.971449][ T29] audit: type=1400 audit(1679584648.249:145): avc: denied { map } for pid=469 comm="syz-executor.0" path="/root/syzkaller-testdir1509119751/syzkaller.gl0j86/0/bus/bus" dev="loop0" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 36.037577][ T470] syz-executor.0: attempt to access beyond end of device [ 36.037577][ T470] loop0: rw=2049, sector=77824, nr_sectors = 128 limit=63271 [ 36.037790][ T475] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 [ 36.305138][ T478] loop0: detected capacity change from 0 to 63271 [ 36.305728][ T478] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 36.305742][ T478] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 36.306504][ T478] F2FS-fs (loop0): invalid crc value [ 36.318041][ T478] F2FS-fs (loop0): Found nat_bits in checkpoint [ 36.354426][ T478] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 36.354448][ T478] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 36.428971][ T483] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 36.429413][ T478] syz-executor.0: attempt to access beyond end of device [ 36.429413][ T478] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 36.645018][ T485] loop0: detected capacity change from 0 to 63271 [ 36.645531][ T485] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 36.645545][ T485] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 36.646050][ T485] F2FS-fs (loop0): invalid crc value [ 36.647443][ T485] F2FS-fs (loop0): Found nat_bits in checkpoint [ 36.673739][ T485] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 36.673761][ T485] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 36.756839][ T490] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 36.757235][ T490] syz-executor.0: attempt to access beyond end of device [ 36.757235][ T490] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 37.001781][ T492] loop0: detected capacity change from 0 to 63271 [ 37.002290][ T492] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 37.002303][ T492] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 37.002811][ T492] F2FS-fs (loop0): invalid crc value [ 37.004109][ T492] F2FS-fs (loop0): Found nat_bits in checkpoint [ 37.027759][ T492] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 37.027782][ T492] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 37.107823][ T497] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=3 [ 37.520472][ T501] loop0: detected capacity change from 0 to 63271 [ 37.520965][ T501] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 37.520979][ T501] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 37.521492][ T501] F2FS-fs (loop0): invalid crc value [ 37.522546][ T501] F2FS-fs (loop0): Found nat_bits in checkpoint [ 37.544761][ T501] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 37.544784][ T501] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 37.612440][ T506] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 [ 37.747808][ T501] BUG: scheduling while atomic: syz-executor.0/501/0x00000002 [ 37.747831][ T501] Modules linked in: [ 37.747840][ T501] Preemption disabled at: [ 37.747844][ T501] [] unmap_page_range+0xa64/0x2670 [ 37.747877][ T501] CPU: 1 PID: 501 Comm: syz-executor.0 Not tainted 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 37.747895][ T501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 37.747904][ T501] Call Trace: [ 37.747909][ T501] [ 37.747915][ T501] dump_stack_lvl+0x151/0x1b7 [ 37.747931][ T501] ? unmap_page_range+0xa64/0x2670 [ 37.747948][ T501] ? unmap_page_range+0xa64/0x2670 [ 37.747965][ T501] ? bfq_pos_tree_add_move+0x43b/0x43b [ 37.747981][ T501] ? unmap_page_range+0xa64/0x2670 [ 37.747998][ T501] dump_stack+0x15/0x17 [ 37.748012][ T501] __schedule_bug+0x1a0/0x240 [ 37.748029][ T501] ? select_fallback_rq+0x220/0x220 [ 37.748045][ T501] ? irqentry_exit+0x30/0x40 [ 37.748062][ T501] __schedule+0xd04/0x1560 [ 37.748080][ T501] ? mutex_spin_on_owner+0x140/0x2b0 [ 37.748100][ T501] ? kasan_check_range+0x18/0x2a0 [ 37.748125][ T501] ? __sched_text_start+0x8/0x8 [ 37.748142][ T501] ? mutex_spin_on_owner+0x140/0x2b0 [ 37.748161][ T501] schedule+0xeb/0x1a0 [ 37.748177][ T501] schedule_preempt_disabled+0x13/0x20 [ 37.748194][ T501] __mutex_lock+0x4fa/0x1500 [ 37.748211][ T501] ? __kasan_slab_alloc+0xb1/0xe0 [ 37.748228][ T501] ? slab_post_alloc_hook+0x53/0x2c0 [ 37.748243][ T501] ? kmem_cache_alloc+0x106/0x210 [ 37.748259][ T501] ? folio_mark_dirty+0xd3/0xf0 [ 37.748276][ T501] ? unmap_vmas+0x3ac/0x580 [ 37.748292][ T501] ? __mmput+0x95/0x300 [ 37.748308][ T501] ? do_exit+0xa5b/0x27d0 [ 37.748324][ T501] ? do_group_exit+0x255/0x320 [ 37.748341][ T501] ? get_signal+0x170e/0x1870 [ 37.748358][ T501] ? arch_do_signal_or_restart+0xb0/0x12a0 [ 37.748378][ T501] ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20 [ 37.748396][ T501] ? do_syscall_64+0x49/0x80 [ 37.748411][ T501] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 37.748434][ T501] __mutex_lock_slowpath+0xe/0x10 [ 37.748451][ T501] mutex_lock+0xeb/0x120 [ 37.748474][ T501] ? slab_post_alloc_hook+0x72/0x2c0 [ 37.748491][ T501] ? bit_wait_io_timeout+0x120/0x120 [ 37.748509][ T501] ? kmem_cache_alloc+0x106/0x210 [ 37.748524][ T501] ? f2fs_register_inmem_page+0x13f/0x4b0 [ 37.748541][ T501] f2fs_register_inmem_page+0x22c/0x4b0 [ 37.748558][ T501] f2fs_dirty_data_folio+0x31d/0x440 [ 37.748576][ T501] folio_mark_dirty+0xd3/0xf0 [ 37.748594][ T501] set_page_dirty+0x5c/0x70 [ 37.748611][ T501] unmap_page_range+0x1379/0x2670 [ 37.748633][ T501] ? copy_page_range+0x2f40/0x2f40 [ 37.748652][ T501] ? pagevec_lru_move_fn+0x506/0x5a0 [ 37.748668][ T501] ? uprobe_munmap+0x18d/0x450 [ 37.748686][ T501] ? memcpy+0x56/0x70 [ 37.748701][ T501] unmap_vmas+0x3ac/0x580 [ 37.748719][ T501] ? unmap_page_range+0x2670/0x2670 [ 37.748736][ T501] ? lru_add_drain_cpu+0x3fb/0x5d0 [ 37.748751][ T501] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 37.748769][ T501] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 37.748787][ T501] exit_mmap+0x1cc/0x4c0 [ 37.748803][ T501] ? vm_brk+0x30/0x30 [ 37.748820][ T501] ? uprobe_clear_state+0x2cd/0x320 [ 37.748838][ T501] __mmput+0x95/0x300 [ 37.748852][ T501] mmput+0x59/0x70 [ 37.748866][ T501] do_exit+0xa5b/0x27d0 [ 37.748884][ T501] ? put_task_struct+0x80/0x80 [ 37.748902][ T501] ? __kasan_check_write+0x14/0x20 [ 37.748917][ T501] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 37.748933][ T501] do_group_exit+0x255/0x320 [ 37.748949][ T501] ? __kasan_check_write+0x14/0x20 [ 37.748965][ T501] get_signal+0x170e/0x1870 [ 37.748984][ T501] ? __kasan_check_read+0x11/0x20 [ 37.748999][ T501] ? ptrace_notify+0x350/0x350 [ 37.749017][ T501] arch_do_signal_or_restart+0xb0/0x12a0 [ 37.749034][ T501] ? __kasan_check_write+0x14/0x20 [ 37.749049][ T501] ? fput_many+0x160/0x1b0 [ 37.749068][ T501] ? do_futex+0x3b5/0x490 [ 37.749088][ T501] ? __ia32_sys_get_robust_list+0x90/0x90 [ 37.749105][ T501] ? get_sigframe_size+0x10/0x10 [ 37.749126][ T501] ? __se_sys_futex+0x35e/0x3c0 [ 37.749146][ T501] exit_to_user_mode_loop+0x6b/0xa0 [ 37.749163][ T501] exit_to_user_mode_prepare+0x5a/0xa0 [ 37.749179][ T501] syscall_exit_to_user_mode+0x26/0x130 [ 37.749196][ T501] do_syscall_64+0x49/0x80 [ 37.749211][ T501] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 37.749227][ T501] RIP: 0033:0x7f169328c0f9 [ 37.749240][ T501] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 37.749248][ T501] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 37.749265][ T501] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 37.749277][ T501] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 37.749288][ T501] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 37.749298][ T501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 37.749309][ T501] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 37.749324][ T501] [ 37.752710][ T501] ------------[ cut here ]------------ [ 37.752716][ T501] DEBUG_LOCKS_WARN_ON(val > preempt_count()) [ 37.752743][ T501] WARNING: CPU: 1 PID: 501 at kernel/sched/core.c:5604 preempt_count_sub+0xa8/0x160 [ 38.249857][ T501] Modules linked in: [ 38.253699][ T501] CPU: 0 PID: 501 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 38.265215][ T501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 38.275317][ T501] RIP: 0010:preempt_count_sub+0xa8/0x160 [ 38.280827][ T501] Code: 03 42 0f b6 04 30 84 c0 0f 85 86 00 00 00 83 3d 65 b8 35 05 00 75 d1 48 c7 c7 e0 e9 08 85 48 c7 c6 80 ea 08 85 e8 e8 b1 f5 ff <0f> 0b eb ba e8 ef 2d 0b 01 85 c0 74 b1 48 c7 c0 48 56 83 86 48 c1 [ 38.300657][ T501] RSP: 0018:ffffc90002c0f408 EFLAGS: 00010246 [ 38.306554][ T501] RAX: fbbb40b4b3dd4f00 RBX: 0000000000000001 RCX: ffff88810d4f4300 [ 38.314791][ T501] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 38.322731][ T501] RBP: ffffc90002c0f418 R08: ffffffff81571875 R09: ffffed103ee64e83 [ 38.330821][ T501] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000581f08 [ 38.339010][ T501] R13: 00000000201ff000 R14: dffffc0000000000 R15: 0000000020200000 [ 38.346954][ T501] FS: 0000000000000000(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 [ 38.355862][ T501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.362408][ T501] CR2: 0000000020003700 CR3: 0000000121d14000 CR4: 00000000003506b0 [ 38.370211][ T501] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 38.378026][ T501] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 38.385814][ T501] Call Trace: [ 38.389061][ T501] [ 38.391794][ T501] _raw_spin_unlock+0x4c/0x70 [ 38.396305][ T501] unmap_page_range+0x2379/0x2670 [ 38.401205][ T501] ? copy_page_range+0x2f40/0x2f40 [ 38.406124][ T501] ? pagevec_lru_move_fn+0x506/0x5a0 [ 38.411273][ T501] ? uprobe_munmap+0x18d/0x450 [ 38.415979][ T501] ? memcpy+0x56/0x70 [ 38.419798][ T501] unmap_vmas+0x3ac/0x580 [ 38.423909][ T501] ? unmap_page_range+0x2670/0x2670 [ 38.429104][ T501] ? lru_add_drain_cpu+0x3fb/0x5d0 [ 38.434001][ T501] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 38.440597][ T501] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 38.446169][ T501] exit_mmap+0x1cc/0x4c0 [ 38.450289][ T501] ? vm_brk+0x30/0x30 [ 38.454077][ T501] ? uprobe_clear_state+0x2cd/0x320 [ 38.459135][ T501] __mmput+0x95/0x300 [ 38.462916][ T501] mmput+0x59/0x70 [ 38.466560][ T501] do_exit+0xa5b/0x27d0 [ 38.470600][ T501] ? put_task_struct+0x80/0x80 [ 38.475244][ T501] ? __kasan_check_write+0x14/0x20 [ 38.480228][ T501] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 38.485228][ T501] do_group_exit+0x255/0x320 [ 38.489689][ T501] ? __kasan_check_write+0x14/0x20 [ 38.494600][ T501] get_signal+0x170e/0x1870 [ 38.498987][ T501] ? __kasan_check_read+0x11/0x20 [ 38.504018][ T501] ? ptrace_notify+0x350/0x350 [ 38.508642][ T501] arch_do_signal_or_restart+0xb0/0x12a0 [ 38.514075][ T501] ? __kasan_check_write+0x14/0x20 [ 38.519071][ T501] ? fput_many+0x160/0x1b0 [ 38.523266][ T501] ? do_futex+0x3b5/0x490 [ 38.527493][ T501] ? __ia32_sys_get_robust_list+0x90/0x90 [ 38.532987][ T501] ? get_sigframe_size+0x10/0x10 [ 38.537817][ T501] ? __se_sys_futex+0x35e/0x3c0 [ 38.542450][ T501] exit_to_user_mode_loop+0x6b/0xa0 [ 38.547539][ T501] exit_to_user_mode_prepare+0x5a/0xa0 [ 38.552783][ T501] syscall_exit_to_user_mode+0x26/0x130 [ 38.558190][ T501] do_syscall_64+0x49/0x80 [ 38.562408][ T501] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 38.568172][ T501] RIP: 0033:0x7f169328c0f9 [ 38.572387][ T501] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 38.579652][ T501] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 38.587867][ T501] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 38.595736][ T501] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 38.603586][ T501] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 38.611427][ T501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 38.619602][ T501] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 38.627367][ T501] [ 38.630194][ T501] ---[ end trace 0000000000000000 ]--- [ 38.636574][ T501] syz-executor.0 (501) used greatest stack depth: 21416 bytes left [ 38.899076][ T509] loop0: detected capacity change from 0 to 63271 [ 38.899630][ T509] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 38.899646][ T509] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.900434][ T509] F2FS-fs (loop0): invalid crc value [ 38.901429][ T509] F2FS-fs (loop0): Found nat_bits in checkpoint [ 38.922649][ T509] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 38.922673][ T509] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 39.037663][ T509] syz-executor.0: attempt to access beyond end of device [ 39.037663][ T509] loop0: rw=2049, sector=63208, nr_sectors = 128 limit=63271 [ 39.038065][ T509] syz-executor.0 (509) used greatest stack depth: 20560 bytes left [ 39.290866][ T518] loop0: detected capacity change from 0 to 63271 [ 39.291457][ T518] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 39.291474][ T518] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 39.292227][ T518] F2FS-fs (loop0): invalid crc value [ 39.293426][ T518] F2FS-fs (loop0): Found nat_bits in checkpoint [ 39.319492][ T518] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 39.319514][ T518] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 39.396252][ T523] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=7 [ 39.811003][ T525] loop0: detected capacity change from 0 to 63271 [ 39.811495][ T525] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 39.811509][ T525] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 39.812024][ T525] F2FS-fs (loop0): invalid crc value [ 39.813283][ T525] F2FS-fs (loop0): Found nat_bits in checkpoint [ 39.836048][ T525] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 39.836070][ T525] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 39.919167][ T530] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 39.919549][ T530] syz-executor.0: attempt to access beyond end of device [ 39.919549][ T530] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 40.173631][ T532] loop0: detected capacity change from 0 to 63271 [ 40.174170][ T532] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 40.174186][ T532] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 40.174964][ T532] F2FS-fs (loop0): invalid crc value [ 40.176166][ T532] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.205164][ T532] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 40.205184][ T532] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 40.277666][ T538] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 40.278124][ T538] syz-executor.0: attempt to access beyond end of device [ 40.278124][ T538] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 40.534753][ T540] loop0: detected capacity change from 0 to 63271 [ 40.535288][ T540] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 40.535302][ T540] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 40.535795][ T540] F2FS-fs (loop0): invalid crc value [ 40.537494][ T540] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.562766][ T540] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 40.562788][ T540] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 40.638620][ T545] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 2023/03/23 15:17:33 executed programs: 10 [ 41.051289][ T547] loop0: detected capacity change from 0 to 63271 [ 41.051849][ T547] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 41.051867][ T547] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 41.052635][ T547] F2FS-fs (loop0): invalid crc value [ 41.053815][ T547] F2FS-fs (loop0): Found nat_bits in checkpoint [ 41.086937][ T547] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 41.086958][ T547] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 41.171271][ T553] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 [ 41.570111][ T555] loop0: detected capacity change from 0 to 63271 [ 41.570694][ T555] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 41.570708][ T555] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 41.571460][ T555] F2FS-fs (loop0): invalid crc value [ 41.572458][ T555] F2FS-fs (loop0): Found nat_bits in checkpoint [ 41.596922][ T555] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 41.596944][ T555] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 41.658390][ T555] syz-executor.0: attempt to access beyond end of device [ 41.658390][ T555] loop0: rw=2049, sector=77824, nr_sectors = 128 limit=63271 [ 41.903050][ T562] loop0: detected capacity change from 0 to 63271 [ 41.903619][ T562] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 41.903637][ T562] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 41.904545][ T562] F2FS-fs (loop0): invalid crc value [ 41.905579][ T562] F2FS-fs (loop0): Found nat_bits in checkpoint [ 41.936982][ T562] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 41.937006][ T562] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 42.023041][ T567] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 42.023498][ T567] syz-executor.0: attempt to access beyond end of device [ 42.023498][ T567] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 42.281230][ T570] loop0: detected capacity change from 0 to 63271 [ 42.281787][ T570] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 42.281805][ T570] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 42.282583][ T570] F2FS-fs (loop0): invalid crc value [ 42.283762][ T570] F2FS-fs (loop0): Found nat_bits in checkpoint [ 42.306909][ T570] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 42.306931][ T570] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 42.382426][ T575] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 42.382826][ T570] syz-executor.0: attempt to access beyond end of device [ 42.382826][ T570] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 42.633188][ T577] loop0: detected capacity change from 0 to 63271 [ 42.633770][ T577] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 42.633787][ T577] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 42.634711][ T577] F2FS-fs (loop0): invalid crc value [ 42.635975][ T577] F2FS-fs (loop0): Found nat_bits in checkpoint [ 42.666949][ T577] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 42.666977][ T577] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 42.747360][ T582] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 [ 43.151626][ T584] loop0: detected capacity change from 0 to 63271 [ 43.152138][ T584] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 43.152152][ T584] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.152648][ T584] F2FS-fs (loop0): invalid crc value [ 43.153667][ T584] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.176886][ T584] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 43.176908][ T584] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 43.257030][ T590] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 43.257436][ T584] syz-executor.0: attempt to access beyond end of device [ 43.257436][ T584] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 43.513589][ T592] loop0: detected capacity change from 0 to 63271 [ 43.514132][ T592] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 43.514147][ T592] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.514698][ T592] F2FS-fs (loop0): invalid crc value [ 43.515954][ T592] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.549577][ T592] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 43.549600][ T592] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 43.636072][ T597] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=17 [ 43.636488][ T592] syz-executor.0: attempt to access beyond end of device [ 43.636488][ T592] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=63271 [ 43.892386][ T599] loop0: detected capacity change from 0 to 63271 [ 43.892977][ T599] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 43.892996][ T599] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.893811][ T599] F2FS-fs (loop0): invalid crc value [ 43.894746][ T599] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.919091][ T599] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 43.919111][ T599] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 43.994640][ T604] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=5 [ 44.410576][ T607] loop0: detected capacity change from 0 to 63271 [ 44.411130][ T607] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 44.411145][ T607] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 44.411937][ T607] F2FS-fs (loop0): invalid crc value [ 44.412884][ T607] F2FS-fs (loop0): Found nat_bits in checkpoint [ 44.436941][ T607] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 44.436963][ T607] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 44.516420][ T612] F2FS-fs (loop0): Unexpected flush for atomic writes: ino=4, npages=1 [ 44.663171][ T607] BUG: scheduling while atomic: syz-executor.0/607/0x00000002 [ 44.663193][ T607] Modules linked in: [ 44.663203][ T607] Preemption disabled at: [ 44.663207][ T607] [] unmap_page_range+0xa64/0x2670 [ 44.663237][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.663261][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.663270][ T607] Call Trace: [ 44.663275][ T607] [ 44.663281][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.663297][ T607] ? unmap_page_range+0xa64/0x2670 [ 44.663313][ T607] ? unmap_page_range+0xa64/0x2670 [ 44.663330][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.663347][ T607] ? unmap_page_range+0xa64/0x2670 [ 44.663363][ T607] dump_stack+0x15/0x17 [ 44.663376][ T607] __schedule_bug+0x1a0/0x240 [ 44.663392][ T607] ? select_fallback_rq+0x220/0x220 [ 44.663407][ T607] ? irqentry_exit+0x30/0x40 [ 44.663425][ T607] __schedule+0xd04/0x1560 [ 44.663444][ T607] ? mutex_spin_on_owner+0x140/0x2b0 [ 44.663463][ T607] ? kasan_check_range+0x82/0x2a0 [ 44.663481][ T607] ? __sched_text_start+0x8/0x8 [ 44.663498][ T607] ? mutex_spin_on_owner+0x140/0x2b0 [ 44.663517][ T607] schedule+0xeb/0x1a0 [ 44.663534][ T607] schedule_preempt_disabled+0x13/0x20 [ 44.663551][ T607] __mutex_lock+0x4fa/0x1500 [ 44.663568][ T607] ? __kasan_slab_alloc+0xb1/0xe0 [ 44.663585][ T607] ? slab_post_alloc_hook+0x53/0x2c0 [ 44.663600][ T607] ? kmem_cache_alloc+0x106/0x210 [ 44.663616][ T607] ? folio_mark_dirty+0xd3/0xf0 [ 44.663634][ T607] ? unmap_vmas+0x3ac/0x580 [ 44.663651][ T607] ? __mmput+0x95/0x300 [ 44.663665][ T607] ? do_exit+0xa5b/0x27d0 [ 44.663681][ T607] ? do_group_exit+0x255/0x320 [ 44.663697][ T607] ? get_signal+0x170e/0x1870 [ 44.663714][ T607] ? arch_do_signal_or_restart+0xb0/0x12a0 [ 44.663731][ T607] ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20 [ 44.663750][ T607] ? do_syscall_64+0x49/0x80 [ 44.663764][ T607] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.663787][ T607] __mutex_lock_slowpath+0xe/0x10 [ 44.663804][ T607] mutex_lock+0xeb/0x120 [ 44.663820][ T607] ? slab_post_alloc_hook+0x72/0x2c0 [ 44.663836][ T607] ? bit_wait_io_timeout+0x120/0x120 [ 44.663854][ T607] ? kmem_cache_alloc+0x106/0x210 [ 44.663869][ T607] ? f2fs_register_inmem_page+0x13f/0x4b0 [ 44.663886][ T607] f2fs_register_inmem_page+0x22c/0x4b0 [ 44.663902][ T607] f2fs_dirty_data_folio+0x31d/0x440 [ 44.663921][ T607] folio_mark_dirty+0xd3/0xf0 [ 44.663938][ T607] set_page_dirty+0x5c/0x70 [ 44.663955][ T607] unmap_page_range+0x1379/0x2670 [ 44.663975][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.663994][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.664014][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.664031][ T607] ? memcpy+0x56/0x70 [ 44.664045][ T607] unmap_vmas+0x3ac/0x580 [ 44.664063][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.664080][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.664095][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.664113][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.664131][ T607] exit_mmap+0x1cc/0x4c0 [ 44.664146][ T607] ? vm_brk+0x30/0x30 [ 44.664163][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.664181][ T607] __mmput+0x95/0x300 [ 44.664195][ T607] mmput+0x59/0x70 [ 44.664209][ T607] do_exit+0xa5b/0x27d0 [ 44.664227][ T607] ? put_task_struct+0x80/0x80 [ 44.664246][ T607] ? __kasan_check_write+0x14/0x20 [ 44.664266][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.664282][ T607] do_group_exit+0x255/0x320 [ 44.664298][ T607] ? __kasan_check_write+0x14/0x20 [ 44.664314][ T607] get_signal+0x170e/0x1870 [ 44.664333][ T607] ? __kasan_check_read+0x11/0x20 [ 44.664348][ T607] ? ptrace_notify+0x350/0x350 [ 44.664367][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.664384][ T607] ? __kasan_check_write+0x14/0x20 [ 44.664398][ T607] ? fput_many+0x160/0x1b0 [ 44.664417][ T607] ? do_futex+0x3b5/0x490 [ 44.664434][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.664451][ T607] ? get_sigframe_size+0x10/0x10 [ 44.664468][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.664488][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.664505][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.664522][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.664538][ T607] do_syscall_64+0x49/0x80 [ 44.664553][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.664569][ T607] RIP: 0033:0x7f169328c0f9 [ 44.664583][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.664591][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.664608][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.664620][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.664631][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.664641][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.664652][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.664667][ T607] [ 44.677670][ T607] check_preemption_disabled: 3582 callbacks suppressed [ 44.677684][ T607] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/607 [ 44.677697][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.677720][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.677734][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.677742][ T607] Call Trace: [ 44.677749][ T607] [ 44.677755][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.677772][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.677784][ T607] ? mutex_unlock+0xa1/0x110 [ 44.677799][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.677812][ T607] dump_stack+0x15/0x17 [ 44.677820][ T607] check_preemption_disabled+0x109/0x110 [ 44.677829][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.677838][ T607] __mod_node_page_state+0x6d/0xf0 [ 44.677850][ T607] __mod_lruvec_page_state+0x154/0x200 [ 44.677859][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.677871][ T607] page_remove_rmap+0x73d/0xa20 [ 44.677880][ T607] ? mark_page_accessed+0x51/0x70 [ 44.677892][ T607] unmap_page_range+0x1186/0x2670 [ 44.677903][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.677915][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.677925][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.677935][ T607] ? memcpy+0x56/0x70 [ 44.677943][ T607] unmap_vmas+0x3ac/0x580 [ 44.677953][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.677962][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.677971][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.677981][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.677990][ T607] exit_mmap+0x1cc/0x4c0 [ 44.677999][ T607] ? vm_brk+0x30/0x30 [ 44.678009][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.678019][ T607] __mmput+0x95/0x300 [ 44.678028][ T607] mmput+0x59/0x70 [ 44.678035][ T607] do_exit+0xa5b/0x27d0 [ 44.678045][ T607] ? put_task_struct+0x80/0x80 [ 44.678055][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678064][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.678073][ T607] do_group_exit+0x255/0x320 [ 44.678081][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678090][ T607] get_signal+0x170e/0x1870 [ 44.678101][ T607] ? __kasan_check_read+0x11/0x20 [ 44.678109][ T607] ? ptrace_notify+0x350/0x350 [ 44.678119][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.678129][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678137][ T607] ? fput_many+0x160/0x1b0 [ 44.678147][ T607] ? do_futex+0x3b5/0x490 [ 44.678156][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.678166][ T607] ? get_sigframe_size+0x10/0x10 [ 44.678175][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.678185][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.678194][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.678203][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.678213][ T607] do_syscall_64+0x49/0x80 [ 44.678221][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.678231][ T607] RIP: 0033:0x7f169328c0f9 [ 44.678238][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.678242][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.678259][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.678266][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.678272][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.678278][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.678284][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.678292][ T607] [ 44.678308][ T607] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/607 [ 44.678316][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.678326][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.678336][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.678341][ T607] Call Trace: [ 44.678343][ T607] [ 44.678346][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.678354][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.678363][ T607] ? mutex_unlock+0xa1/0x110 [ 44.678372][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.678382][ T607] dump_stack+0x15/0x17 [ 44.678389][ T607] check_preemption_disabled+0x109/0x110 [ 44.678399][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.678408][ T607] __mod_node_page_state+0x89/0xf0 [ 44.678417][ T607] __mod_lruvec_page_state+0x154/0x200 [ 44.678425][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.678435][ T607] page_remove_rmap+0x73d/0xa20 [ 44.678444][ T607] ? mark_page_accessed+0x51/0x70 [ 44.678454][ T607] unmap_page_range+0x1186/0x2670 [ 44.678466][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.678478][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.678488][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.678497][ T607] ? memcpy+0x56/0x70 [ 44.678505][ T607] unmap_vmas+0x3ac/0x580 [ 44.678515][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.678524][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.678532][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.678542][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.678552][ T607] exit_mmap+0x1cc/0x4c0 [ 44.678560][ T607] ? vm_brk+0x30/0x30 [ 44.678570][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.678580][ T607] __mmput+0x95/0x300 [ 44.678588][ T607] mmput+0x59/0x70 [ 44.678595][ T607] do_exit+0xa5b/0x27d0 [ 44.678605][ T607] ? put_task_struct+0x80/0x80 [ 44.678614][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678622][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.678631][ T607] do_group_exit+0x255/0x320 [ 44.678640][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678649][ T607] get_signal+0x170e/0x1870 [ 44.678659][ T607] ? __kasan_check_read+0x11/0x20 [ 44.678667][ T607] ? ptrace_notify+0x350/0x350 [ 44.678678][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.678687][ T607] ? __kasan_check_write+0x14/0x20 [ 44.678695][ T607] ? fput_many+0x160/0x1b0 [ 44.678704][ T607] ? do_futex+0x3b5/0x490 [ 44.678713][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.678723][ T607] ? get_sigframe_size+0x10/0x10 [ 44.678731][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.678742][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.678751][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.678760][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.678770][ T607] do_syscall_64+0x49/0x80 [ 44.678778][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.678787][ T607] RIP: 0033:0x7f169328c0f9 [ 44.678793][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.678797][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.678806][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.678813][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.678818][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.678824][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.678830][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.678838][ T607] [ 44.678841][ T607] BUG: using __this_cpu_write() in preemptible [00000000] code: syz-executor.0/607 2023/03/23 15:17:38 executed programs: 21 [ 44.678848][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.678857][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.678867][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.678871][ T607] Call Trace: [ 44.678873][ T607] [ 44.678876][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.678884][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.678893][ T607] ? mutex_unlock+0xa1/0x110 [ 44.678901][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.678911][ T607] dump_stack+0x15/0x17 [ 44.678919][ T607] check_preemption_disabled+0x109/0x110 [ 44.678928][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.678937][ T607] __mod_node_page_state+0xac/0xf0 [ 44.678946][ T607] __mod_lruvec_page_state+0x154/0x200 [ 44.678954][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.678964][ T607] page_remove_rmap+0x73d/0xa20 [ 44.678973][ T607] ? mark_page_accessed+0x51/0x70 [ 44.678983][ T607] unmap_page_range+0x1186/0x2670 [ 44.678994][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.679004][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.679015][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.679024][ T607] ? memcpy+0x56/0x70 [ 44.679032][ T607] unmap_vmas+0x3ac/0x580 [ 44.679041][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.679050][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.679059][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.679069][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.679078][ T607] exit_mmap+0x1cc/0x4c0 [ 44.679087][ T607] ? vm_brk+0x30/0x30 [ 44.679096][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.679106][ T607] __mmput+0x95/0x300 [ 44.679114][ T607] mmput+0x59/0x70 [ 44.679121][ T607] do_exit+0xa5b/0x27d0 [ 44.679131][ T607] ? put_task_struct+0x80/0x80 [ 44.679141][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679149][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.679158][ T607] do_group_exit+0x255/0x320 [ 44.679167][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679175][ T607] get_signal+0x170e/0x1870 [ 44.679185][ T607] ? __kasan_check_read+0x11/0x20 [ 44.679194][ T607] ? ptrace_notify+0x350/0x350 [ 44.679204][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.679213][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679221][ T607] ? fput_many+0x160/0x1b0 [ 44.679231][ T607] ? do_futex+0x3b5/0x490 [ 44.679239][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.679253][ T607] ? get_sigframe_size+0x10/0x10 [ 44.679262][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.679273][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.679282][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.679291][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.679300][ T607] do_syscall_64+0x49/0x80 [ 44.679309][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.679317][ T607] RIP: 0033:0x7f169328c0f9 [ 44.679324][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.679328][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.679336][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.679343][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.679348][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.679354][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.679359][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.679367][ T607] [ 44.679370][ T607] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.0/607 [ 44.679377][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.679387][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.679396][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.679400][ T607] Call Trace: [ 44.679402][ T607] [ 44.679405][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.679413][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.679422][ T607] ? mutex_unlock+0xa1/0x110 [ 44.679431][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.679441][ T607] dump_stack+0x15/0x17 [ 44.679448][ T607] check_preemption_disabled+0x109/0x110 [ 44.679458][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.679467][ T607] __mod_memcg_lruvec_state+0x4f/0x1b0 [ 44.679475][ T607] ? __mod_node_page_state+0xac/0xf0 [ 44.679484][ T607] __mod_lruvec_page_state+0x164/0x200 [ 44.679492][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.679502][ T607] page_remove_rmap+0x73d/0xa20 [ 44.679511][ T607] ? mark_page_accessed+0x51/0x70 [ 44.679521][ T607] unmap_page_range+0x1186/0x2670 [ 44.679532][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.679542][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.679553][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.679562][ T607] ? memcpy+0x56/0x70 [ 44.679570][ T607] unmap_vmas+0x3ac/0x580 [ 44.679579][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.679588][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.679597][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.679607][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.679616][ T607] exit_mmap+0x1cc/0x4c0 [ 44.679625][ T607] ? vm_brk+0x30/0x30 [ 44.679634][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.679644][ T607] __mmput+0x95/0x300 [ 44.679653][ T607] mmput+0x59/0x70 [ 44.679660][ T607] do_exit+0xa5b/0x27d0 [ 44.679670][ T607] ? put_task_struct+0x80/0x80 [ 44.679679][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679688][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.679696][ T607] do_group_exit+0x255/0x320 [ 44.679705][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679714][ T607] get_signal+0x170e/0x1870 [ 44.679724][ T607] ? __kasan_check_read+0x11/0x20 [ 44.679732][ T607] ? ptrace_notify+0x350/0x350 [ 44.679742][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.679751][ T607] ? __kasan_check_write+0x14/0x20 [ 44.679759][ T607] ? fput_many+0x160/0x1b0 [ 44.679769][ T607] ? do_futex+0x3b5/0x490 [ 44.679778][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.679787][ T607] ? get_sigframe_size+0x10/0x10 [ 44.679796][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.679806][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.679815][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.679824][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.679834][ T607] do_syscall_64+0x49/0x80 [ 44.679842][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.679850][ T607] RIP: 0033:0x7f169328c0f9 [ 44.679857][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.679860][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.679869][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.679875][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.679881][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.679887][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.679892][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.679900][ T607] [ 44.679903][ T607] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.0/607 [ 44.679910][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.679919][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.679928][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.679933][ T607] Call Trace: [ 44.679935][ T607] [ 44.679937][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.679946][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.679954][ T607] ? mutex_unlock+0xa1/0x110 [ 44.679963][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.679973][ T607] dump_stack+0x15/0x17 [ 44.679980][ T607] check_preemption_disabled+0x109/0x110 [ 44.679990][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.679999][ T607] __mod_memcg_lruvec_state+0xa2/0x1b0 [ 44.680008][ T607] __mod_lruvec_page_state+0x164/0x200 [ 44.680016][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.680026][ T607] page_remove_rmap+0x73d/0xa20 [ 44.680035][ T607] ? mark_page_accessed+0x51/0x70 [ 44.680046][ T607] unmap_page_range+0x1186/0x2670 [ 44.680056][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.680067][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.680077][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.680086][ T607] ? memcpy+0x56/0x70 [ 44.680094][ T607] unmap_vmas+0x3ac/0x580 [ 44.680103][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.680112][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.680121][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.680131][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.680140][ T607] exit_mmap+0x1cc/0x4c0 [ 44.680149][ T607] ? vm_brk+0x30/0x30 [ 44.680158][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.680168][ T607] __mmput+0x95/0x300 [ 44.680176][ T607] mmput+0x59/0x70 [ 44.680184][ T607] do_exit+0xa5b/0x27d0 [ 44.680193][ T607] ? put_task_struct+0x80/0x80 [ 44.680203][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680211][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.680220][ T607] do_group_exit+0x255/0x320 [ 44.680229][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680237][ T607] get_signal+0x170e/0x1870 [ 44.680252][ T607] ? __kasan_check_read+0x11/0x20 [ 44.680260][ T607] ? ptrace_notify+0x350/0x350 [ 44.680270][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.680279][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680289][ T607] ? fput_many+0x160/0x1b0 [ 44.680300][ T607] ? do_futex+0x3b5/0x490 [ 44.680308][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.680319][ T607] ? get_sigframe_size+0x10/0x10 [ 44.680328][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.680339][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.680348][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.680357][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.680366][ T607] do_syscall_64+0x49/0x80 [ 44.680374][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.680383][ T607] RIP: 0033:0x7f169328c0f9 [ 44.680390][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.680394][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.680402][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.680409][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.680414][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.680420][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.680426][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.680433][ T607] [ 44.680437][ T607] BUG: using smp_processor_id() in preemptible [00000000] code: syz-executor.0/607 [ 44.680444][ T607] caller is debug_smp_processor_id+0x17/0x20 [ 44.680453][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.680462][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.680467][ T607] Call Trace: [ 44.680469][ T607] [ 44.680471][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.680479][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.680488][ T607] ? mutex_unlock+0xa1/0x110 [ 44.680497][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.680506][ T607] dump_stack+0x15/0x17 [ 44.680514][ T607] check_preemption_disabled+0x109/0x110 [ 44.680523][ T607] debug_smp_processor_id+0x17/0x20 [ 44.680532][ T607] __mod_memcg_lruvec_state+0x106/0x1b0 [ 44.680541][ T607] __mod_lruvec_page_state+0x164/0x200 [ 44.680549][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.680559][ T607] page_remove_rmap+0x73d/0xa20 [ 44.680568][ T607] ? mark_page_accessed+0x51/0x70 [ 44.680578][ T607] unmap_page_range+0x1186/0x2670 [ 44.680589][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.680599][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.680610][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.680619][ T607] ? memcpy+0x56/0x70 [ 44.680626][ T607] unmap_vmas+0x3ac/0x580 [ 44.680636][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.680645][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.680653][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.680663][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.680673][ T607] exit_mmap+0x1cc/0x4c0 [ 44.680681][ T607] ? vm_brk+0x30/0x30 [ 44.680691][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.680701][ T607] __mmput+0x95/0x300 [ 44.680708][ T607] mmput+0x59/0x70 [ 44.680716][ T607] do_exit+0xa5b/0x27d0 [ 44.680726][ T607] ? put_task_struct+0x80/0x80 [ 44.680735][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680743][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.680752][ T607] do_group_exit+0x255/0x320 [ 44.680761][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680770][ T607] get_signal+0x170e/0x1870 [ 44.680780][ T607] ? __kasan_check_read+0x11/0x20 [ 44.680788][ T607] ? ptrace_notify+0x350/0x350 [ 44.680799][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.680808][ T607] ? __kasan_check_write+0x14/0x20 [ 44.680816][ T607] ? fput_many+0x160/0x1b0 [ 44.680826][ T607] ? do_futex+0x3b5/0x490 [ 44.680835][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.680844][ T607] ? get_sigframe_size+0x10/0x10 [ 44.680853][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.680863][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.680872][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.680881][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.680890][ T607] do_syscall_64+0x49/0x80 [ 44.680899][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.680907][ T607] RIP: 0033:0x7f169328c0f9 [ 44.680914][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.680918][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.680926][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.680933][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.680938][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.680944][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.680950][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.680957][ T607] [ 44.680961][ T607] BUG: using __this_cpu_add_return() in preemptible [00000000] code: syz-executor.0/607 [ 44.680968][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.680977][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.680987][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.680991][ T607] Call Trace: [ 44.680993][ T607] [ 44.680996][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.681004][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.681012][ T607] ? mutex_unlock+0xa1/0x110 [ 44.681021][ T607] ? __mutex_lock_slowpath+0x10/0x10 [ 44.681031][ T607] dump_stack+0x15/0x17 [ 44.681039][ T607] check_preemption_disabled+0x109/0x110 [ 44.681048][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.681057][ T607] __mod_memcg_lruvec_state+0x11c/0x1b0 [ 44.681066][ T607] __mod_lruvec_page_state+0x164/0x200 [ 44.681074][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.681084][ T607] page_remove_rmap+0x73d/0xa20 [ 44.681093][ T607] ? mark_page_accessed+0x51/0x70 [ 44.681103][ T607] unmap_page_range+0x1186/0x2670 [ 44.681114][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.681125][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.681135][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.681144][ T607] ? memcpy+0x56/0x70 [ 44.681152][ T607] unmap_vmas+0x3ac/0x580 [ 44.681162][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.681171][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.681179][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.681189][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.681199][ T607] exit_mmap+0x1cc/0x4c0 [ 44.681207][ T607] ? vm_brk+0x30/0x30 [ 44.681217][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.681227][ T607] __mmput+0x95/0x300 [ 44.681235][ T607] mmput+0x59/0x70 [ 44.681242][ T607] do_exit+0xa5b/0x27d0 [ 44.681259][ T607] ? put_task_struct+0x80/0x80 [ 44.681269][ T607] ? __kasan_check_write+0x14/0x20 [ 44.681278][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 44.681286][ T607] do_group_exit+0x255/0x320 [ 44.681296][ T607] ? __kasan_check_write+0x14/0x20 [ 44.681304][ T607] get_signal+0x170e/0x1870 [ 44.681315][ T607] ? __kasan_check_read+0x11/0x20 [ 44.681323][ T607] ? ptrace_notify+0x350/0x350 [ 44.681333][ T607] arch_do_signal_or_restart+0xb0/0x12a0 [ 44.681342][ T607] ? __kasan_check_write+0x14/0x20 [ 44.681350][ T607] ? fput_many+0x160/0x1b0 [ 44.681360][ T607] ? do_futex+0x3b5/0x490 [ 44.681369][ T607] ? __ia32_sys_get_robust_list+0x90/0x90 [ 44.681378][ T607] ? get_sigframe_size+0x10/0x10 [ 44.681387][ T607] ? __se_sys_futex+0x35e/0x3c0 [ 44.681397][ T607] exit_to_user_mode_loop+0x6b/0xa0 [ 44.681406][ T607] exit_to_user_mode_prepare+0x5a/0xa0 [ 44.681415][ T607] syscall_exit_to_user_mode+0x26/0x130 [ 44.681425][ T607] do_syscall_64+0x49/0x80 [ 44.681433][ T607] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 44.681442][ T607] RIP: 0033:0x7f169328c0f9 [ 44.681448][ T607] Code: Unable to access opcode bytes at RIP 0x7f169328c0cf. [ 44.681452][ T607] RSP: 002b:00007f1693fe1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 44.681461][ T607] RAX: fffffffffffffe00 RBX: 00007f16933abf88 RCX: 00007f169328c0f9 [ 44.681468][ T607] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f16933abf88 [ 44.681473][ T607] RBP: 00007f16933abf80 R08: 0000000000000000 R09: 0000000000000000 [ 44.681479][ T607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f16933abf8c [ 44.681484][ T607] R13: 00007ffc1a13908f R14: 00007f1693fe1300 R15: 0000000000022000 [ 44.681492][ T607] [ 44.681519][ T607] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.0/607 [ 44.681527][ T607] caller is __this_cpu_preempt_check+0x13/0x20 [ 44.681536][ T607] CPU: 0 PID: 607 Comm: syz-executor.0 Tainted: G W 5.18.0-syzkaller-11630-gf8a52af9d00d #0 [ 44.681546][ T607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 44.681550][ T607] Call Trace: [ 44.681552][ T607] [ 44.681555][ T607] dump_stack_lvl+0x151/0x1b7 [ 44.681563][ T607] ? bfq_pos_tree_add_move+0x43b/0x43b [ 44.681572][ T607] ? preempt_schedule+0xd9/0xe0 [ 44.681582][ T607] dump_stack+0x15/0x17 [ 44.681589][ T607] check_preemption_disabled+0x109/0x110 [ 44.681599][ T607] __this_cpu_preempt_check+0x13/0x20 [ 44.681608][ T607] __mod_node_page_state+0x6d/0xf0 [ 44.681617][ T607] __mod_lruvec_page_state+0x154/0x200 [ 44.681625][ T607] ? page_remove_rmap+0x20f/0xa20 [ 44.681635][ T607] page_remove_rmap+0x73d/0xa20 [ 44.681644][ T607] ? mark_page_accessed+0x51/0x70 [ 44.681654][ T607] unmap_page_range+0x1186/0x2670 [ 44.681665][ T607] ? iter_file_splice_write+0xd11/0xf90 [ 44.681675][ T607] ? copy_page_range+0x2f40/0x2f40 [ 44.681686][ T607] ? uprobe_munmap+0x18d/0x450 [ 44.681695][ T607] ? memcpy+0x56/0x70 [ 44.681703][ T607] unmap_vmas+0x3ac/0x580 [ 44.681712][ T607] ? unmap_page_range+0x2670/0x2670 [ 44.681721][ T607] ? lru_add_drain_cpu+0x47a/0x5d0 [ 44.681730][ T607] ? lru_cache_add_inactive_or_unevictable+0x80/0x80 [ 44.681742][ T607] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 44.681752][ T607] exit_mmap+0x1cc/0x4c0 [ 44.681761][ T607] ? vm_brk+0x30/0x30 [ 44.681771][ T607] ? uprobe_clear_state+0x2cd/0x320 [ 44.681781][ T607] __mmput+0x95/0x300 [ 44.681789][ T607] mmput+0x59/0x70 [ 44.681796][ T607] do_exit+0xa5b/0x27d0 [ 44.681806][ T607] ? put_task_struct+0x80/0x80 [ 44.681816][ T607] ? __kasan_check_write+0x14/0x20 [ 44.681824][ T607] ? _raw_spin_lock_irq+0xa5/0x1b0