From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-il1-f197.google.com (mail-il1-f197.google.com [209.85.166.197])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6DC108BFF
	for <linux-kernel@vger.kernel.org>; Sun, 12 Jan 2025 02:06:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.197
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1736647566; cv=none; b=XdGeRB1zdYWJtdpTDPynSre84yThgsxqJ5d01IWvDoq4ohdTgeHnWgEwLxdET0W7i2ENJATxihtYBZvG7i6bjKSZDhdllyD+syflQVnjBjusLFKzdMOGZJtYV6hrT9rFMVlG6m9osRejAiqv1inb5sxedDhjpxTKUY8bdV/PMlE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1736647566; c=relaxed/simple;
	bh=xDyIW9jspY9Yg8ZZZ+YmYYij7AQ+PWOZN1OXxBPZ9VU=;
	h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To:
	 Content-Type; b=fZ3cF8YfcFrEJVfIJGeuhp+DTN7rGVktcNso/d5VMpaVXy1+mryVkpSW9adxXJ/FaVzTENKlaNNFC+yO3y0vrzwCgLTuGwIfVJBIisoDDDYJxxQ3ETtQXH+my5pd58sVVlq0VE+l1+ZBJiby1DrcIdheeSXdd98zixkAWQ6k7NY=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.166.197
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-il1-f197.google.com with SMTP id e9e14a558f8ab-3cdd61a97easo25433285ab.2
        for <linux-kernel@vger.kernel.org>; Sat, 11 Jan 2025 18:06:04 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1736647563; x=1737252363;
        h=content-transfer-encoding:to:from:subject:message-id:in-reply-to
         :date:mime-version:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=SyNJijcvg4c6A2NwuaKR/zlWAJynTXGePl657+hh41E=;
        b=xSpusQ9oA3ROHb8ClbPA94pKn9E9Gej375WeKhhc2dPs+JBp+C57J75MtYyoNyL6y2
         lHPzRWtxBHn8dhrcqiq6bOXd5VHxriAGJ8GGbqrtM283TUr5bpeIRlD85+8WE5XyL6XG
         Muq3ulNNMg5TURal1cowl8eJMmZ61OvINEDnmoRiEM4t8V+If7pn33uSMMeDd4EG6W67
         bQVuvuWMikSDBFmPbQu2bn4Bx1lslcQyFaX4AKRq+KDZvfIlKcdPheR75kdiMqvdfQeU
         SbaC7Mp08Y/NzMshTq5WzhmIeWoLbj5pf4WUK1Q+O+PPCbkEtq1pmJ0LQqD1g5QAOxY8
         Xt4w==
X-Forwarded-Encrypted: i=1; AJvYcCVJnW7pdq2QbTEU4JaWtxERfCaQt3p4lf7fe5Ky4lY0+Kq32XXWGA+wzJxd/TONJahgP3KCIKy5kpQ54ro=@vger.kernel.org
X-Gm-Message-State: AOJu0YzZBLRjTWsFts7jlNEbyRP5bzSQi1iPz1RWyAGOMC3G2aU7wAvt
	sjmEJaJ9zTXwc+AAHDeNtKE6vxX7fHaIICUoY/+Z4xDQ1qY70OZxg0+KB/UJlGBBS5J9DoLkSw6
	bHw6JYiFFBuaob7ubRRQvZKJtHxmu9pSb4VZKPEc2q6AP3GiAGvpeTkI=
X-Google-Smtp-Source: AGHT+IEcMTgn0d5ZqCPvtUzC1Fabei9FfwMZZWqvI0j997I9RgwJw5Dz9wN4sHxIAIuzXIaUcmS64meDjf7BXMRyLv1eAlpXpK52
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a92:1909:0:b0:3a7:d672:652d with SMTP id
 e9e14a558f8ab-3ce3aa5467fmr90198955ab.16.1736647563578; Sat, 11 Jan 2025
 18:06:03 -0800 (PST)
Date: Sat, 11 Jan 2025 18:06:03 -0800
In-Reply-To: <20250112014856.1791-1-hdanton@sina.com>
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <6783238b.050a0220.d0267.004c.GAE@google.com>
Subject: Re: [syzbot] [kernel?] possible deadlock in binder_alloc_free_page
From: syzbot <syzbot+799a2d4576c454ac2693@syzkaller.appspotmail.com>
To: hdanton@sina.com, linux-kernel@vger.kernel.org, 
	syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hello,

syzbot tried to test the proposed patch but the build/boot failed:

t/kcm/kcmsock.c:1894
 do_one_initcall+0x248/0x870 init/main.c:1257
 do_initcall_level+0x157/0x210 init/main.c:1319
 do_initcalls+0x3f/0x80 init/main.c:1335
 kernel_init_freeable+0x435/0x5d0 init/main.c:1568
page_owner free stack trace missing

Memory state around the buggy address:
 ffff88814d417300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff88814d417380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff88814d417400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                      ^
 ffff88814d417480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88814d417500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D


Warning: Permanently added '10.128.1.39' (ED25519) to the list of known hos=
ts.
2025/01/12 02:04:36 ignoring optional flag "sandboxArg"=3D"0"
2025/01/12 02:04:37 parsed 1 programs
[   65.713765][ T5830] cgroup: Unknown subsys name 'net'
[   65.818359][ T5830] cgroup: Unknown subsys name 'cpuset'
[   65.826115][ T5830] cgroup: Unknown subsys name 'rlimit'
[   67.112683][ T5830] Adding 124996k swap on ./swap-file.  Priority:0 exte=
nts:1 across:124996k=20
[   69.916938][ T1795] wlan0: Created IBSS using preconfigured BSSID 50:50:=
50:50:50:50
[   69.932640][ T1795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:=
50:50
[   69.950227][ T5843] soft_limit_in_bytes is deprecated and will be remove=
d. Please report your usecase to linux-mm@kvack.org if you depend on this f=
unctionality.
[   69.994445][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:=
50:50:50:50
[   70.006076][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:=
50:50
[   70.118741][ T5852] =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[   70.126850][ T5852] BUG: KASAN: slab-use-after-free in binder_add_device=
+0x5f/0xa0
[   70.134622][ T5852] Write of size 8 at addr ffff88814d417408 by task syz=
-executor/5852
[   70.142706][ T5852]=20
[   70.145069][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not taint=
ed 6.13.0-rc6-next-20250110-syzkaller-g2b88851f583d-dirty #0
[   70.145097][ T5852] Hardware name: Google Google Compute Engine/Google C=
ompute Engine, BIOS Google 09/13/2024
[   70.145111][ T5852] Call Trace:
[   70.145117][ T5852]  <TASK>
[   70.145124][ T5852]  dump_stack_lvl+0x241/0x360
[   70.145147][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.145161][ T5852]  ? __pfx__printk+0x10/0x10
[   70.145183][ T5852]  ? _printk+0xd5/0x120
[   70.145203][ T5852]  ? __virt_addr_valid+0x183/0x530
[   70.145224][ T5852]  ? __virt_addr_valid+0x183/0x530
[   70.145245][ T5852]  print_report+0x169/0x550
[   70.145265][ T5852]  ? __virt_addr_valid+0x183/0x530
[   70.145282][ T5852]  ? __virt_addr_valid+0x183/0x530
[   70.145299][ T5852]  ? __virt_addr_valid+0x45f/0x530
[   70.145316][ T5852]  ? __phys_addr+0xba/0x170
[   70.145335][ T5852]  ? binder_add_device+0x5f/0xa0
[   70.145353][ T5852]  kasan_report+0x143/0x180
[   70.145373][ T5852]  ? binder_add_device+0x5f/0xa0
[   70.145393][ T5852]  binder_add_device+0x5f/0xa0
[   70.145411][ T5852]  binderfs_binder_device_create+0x7bf/0x9c0
[   70.145432][ T5852]  binderfs_fill_super+0x944/0xd90
[   70.145452][ T5852]  ? __pfx_binderfs_fill_super+0x10/0x10
[   70.145479][ T5852]  ? shrinker_register+0x160/0x230
[   70.145496][ T5852]  ? sget_fc+0x909/0x9c0
[   70.145513][ T5852]  ? __pfx_set_anon_super_fc+0x10/0x10
[   70.145531][ T5852]  ? __pfx_binderfs_fill_super+0x10/0x10
[   70.145550][ T5852]  get_tree_nodev+0xb7/0x140
[   70.145570][ T5852]  vfs_get_tree+0x90/0x2b0
[   70.145590][ T5852]  do_new_mount+0x2be/0xb40
[   70.145607][ T5852]  ? __pfx_do_new_mount+0x10/0x10
[   70.145625][ T5852]  __se_sys_mount+0x2d6/0x3c0
[   70.145640][ T5852]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   70.145660][ T5852]  ? __pfx___se_sys_mount+0x10/0x10
[   70.145674][ T5852]  ? do_syscall_64+0x100/0x230
[   70.145691][ T5852]  ? __x64_sys_mount+0x20/0xc0
[   70.145706][ T5852]  do_syscall_64+0xf3/0x230
[   70.145720][ T5852]  ? clear_bhb_loop+0x35/0x90
[   70.145741][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.145766][ T5852] RIP: 0033:0x7fbe9df874ca
[   70.145784][ T5852] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1=
a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0=
f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.145797][ T5852] RSP: 002b:00007ffe8c95a878 EFLAGS: 00000246 ORIG_RAX=
: 00000000000000a5
[   70.145815][ T5852] RAX: ffffffffffffffda RBX: 00007fbe9e001ecb RCX: 000=
07fbe9df874ca
[   70.145826][ T5852] RDX: 00007fbe9e00ec27 RSI: 00007fbe9e001ecb RDI: 000=
07fbe9e00ec27
[   70.145837][ T5852] RBP: 00007fbe9e0020c3 R08: 0000000000000000 R09: 000=
00000000001ff
[   70.145845][ T5852] R10: 0000000000000000 R11: 0000000000000246 R12: 000=
07fbe9dfe41c8
[   70.145854][ T5852] R13: 00007fbe9dfe41a8 R14: 0000000000000009 R15: 000=
0000000000000
[   70.145870][ T5852]  </TASK>
[   70.145875][ T5852]=20
[   70.420660][ T5852] Allocated by task 5842:
[   70.424987][ T5852]  kasan_save_track+0x3f/0x80
[   70.429661][ T5852]  __kasan_kmalloc+0x98/0xb0
[   70.434242][ T5852]  __kmalloc_cache_noprof+0x243/0x390
[   70.439600][ T5852]  binderfs_binder_device_create+0x16c/0x9c0
[   70.445569][ T5852]  binderfs_fill_super+0x944/0xd90
[   70.450669][ T5852]  get_tree_nodev+0xb7/0x140
[   70.455255][ T5852]  vfs_get_tree+0x90/0x2b0
[   70.459671][ T5852]  do_new_mount+0x2be/0xb40
[   70.464247][ T5852]  __se_sys_mount+0x2d6/0x3c0
[   70.469098][ T5852]  do_syscall_64+0xf3/0x230
[   70.473614][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.479525][ T5852]=20
[   70.482036][ T5852] Freed by task 5842:
[   70.486218][ T5852]  kasan_save_track+0x3f/0x80
[   70.490899][ T5852]  kasan_save_free_info+0x40/0x50
[   70.495916][ T5852]  __kasan_slab_free+0x59/0x70
[   70.500672][ T5852]  kfree+0x196/0x430
[   70.504553][ T5852]  evict+0x4e8/0x9a0
[   70.508436][ T5852]  __dentry_kill+0x20d/0x630
[   70.513013][ T5852]  shrink_kill+0xa9/0x2c0
[   70.517329][ T5852]  shrink_dentry_list+0x2c0/0x5b0
[   70.522355][ T5852]  shrink_dcache_parent+0xcb/0x3b0
[   70.527479][ T5852]  do_one_tree+0x23/0xe0
[   70.531729][ T5852]  shrink_dcache_for_umount+0xb4/0x180
[   70.537181][ T5852]  generic_shutdown_super+0x6a/0x2d0
[   70.542629][ T5852]  kill_litter_super+0x76/0xb0
[   70.547378][ T5852]  binderfs_kill_super+0x44/0x90
[   70.552304][ T5852]  deactivate_locked_super+0xc4/0x130
[   70.557664][ T5852]  cleanup_mnt+0x41f/0x4b0
[   70.562066][ T5852]  task_work_run+0x24f/0x310
[   70.566647][ T5852]  do_exit+0xa2a/0x28e0
[   70.570801][ T5852]  do_group_exit+0x207/0x2c0
[   70.575387][ T5852]  __x64_sys_exit_group+0x3f/0x40
[   70.580410][ T5852]  x64_sys_call+0x26a8/0x26b0
[   70.585092][ T5852]  do_syscall_64+0xf3/0x230
[   70.589590][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.595612][ T5852]=20
[   70.597920][ T5852] The buggy address belongs to the object at ffff88814=
d417400
[   70.597920][ T5852]  which belongs to the cache kmalloc-512 of size 512
[   70.612220][ T5852] The buggy address is located 8 bytes inside of
[   70.612220][ T5852]  freed 512-byte region [ffff88814d417400, ffff88814d=
417600)
[   70.625931][ T5852]=20
[   70.628249][ T5852] The buggy address belongs to the physical page:
[   70.635009][ T5852] page: refcount:0 mapcount:0 mapping:0000000000000000=
 index:0x0 pfn:0x14d414
[   70.644053][ T5852] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_=
mapped:0 pincount:0
[   70.652545][ T5852] flags: 0x57ff00000000040(head|node=3D1|zone=3D2|last=
cpupid=3D0x7ff)
[   70.660344][ T5852] page_type: f5(slab)
[   70.664420][ T5852] raw: 057ff00000000040 ffff88801ac41c80 ffffea00051ac=
a00 dead000000000002
[   70.672994][ T5852] raw: 0000000000000000 0000000000100010 00000000f5000=
000 0000000000000000
[   70.681567][ T5852] head: 057ff00000000040 ffff88801ac41c80 ffffea00051a=
ca00 dead000000000002
[   70.690233][ T5852] head: 0000000000000000 0000000000100010 00000000f500=
0000 0000000000000000
[   70.698889][ T5852] head: 057ff00000000002 ffffea0005350501 ffffffffffff=
ffff 0000000000000000
[   70.707542][ T5852] head: 0000000000000004 0000000000000000 00000000ffff=
ffff 0000000000000000
[   70.716195][ T5852] page dumped because: kasan: bad access detected
[   70.722603][ T5852] page_owner tracks the page as allocated
[   70.728390][ T5852] page last allocated via order 2, migratetype Unmovab=
le, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COM=
P|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 14278460266, free_ts 0
[   70.748169][ T5852]  post_alloc_hook+0x1f4/0x240
[   70.752929][ T5852]  get_page_from_freelist+0x365c/0x37a0
[   70.758467][ T5852]  __alloc_frozen_pages_noprof+0x292/0x710
[   70.764261][ T5852]  alloc_pages_mpol+0x311/0x660
[   70.769206][ T5852]  allocate_slab+0x8f/0x3a0
[   70.773709][ T5852]  ___slab_alloc+0xc27/0x14a0
[   70.778383][ T5852]  __slab_alloc+0x58/0xa0
[   70.782700][ T5852]  __kmalloc_noprof+0x2e6/0x4c0
[   70.787538][ T5852]  ops_init+0x75/0x590
[   70.791598][ T5852]  register_pernet_operations+0x30d/0x630
[   70.797331][ T5852]  register_pernet_device+0x33/0x80
[   70.802543][ T5852]  kcm_init+0x21a/0x2f0
[   70.806693][ T5852]  do_one_initcall+0x248/0x870
[   70.811446][ T5852]  do_initcall_level+0x157/0x210
[   70.816382][ T5852]  do_initcalls+0x3f/0x80
[   70.820874][ T5852]  kernel_init_freeable+0x435/0x5d0
[   70.826066][ T5852] page_owner free stack trace missing
[   70.831432][ T5852]=20
[   70.833754][ T5852] Memory state around the buggy address:
[   70.839372][ T5852]  ffff88814d417300: fc fc fc fc fc fc fc fc fc fc fc =
fc fc fc fc fc
[   70.847420][ T5852]  ffff88814d417380: fc fc fc fc fc fc fc fc fc fc fc =
fc fc fc fc fc
[   70.855468][ T5852] >ffff88814d417400: fa fb fb fb fb fb fb fb fb fb fb =
fb fb fb fb fb
[   70.863512][ T5852]                       ^
[   70.867824][ T5852]  ffff88814d417480: fb fb fb fb fb fb fb fb fb fb fb =
fb fb fb fb fb
[   70.875908][ T5852]  ffff88814d417500: fb fb fb fb fb fb fb fb fb fb fb =
fb fb fb fb fb
[   70.884657][ T5852] =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[   70.921510][ T5852] Kernel panic - not syncing: KASAN: panic_on_warn set=
 ...
[   70.928745][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not taint=
ed 6.13.0-rc6-next-20250110-syzkaller-g2b88851f583d-dirty #0
[   70.940823][ T5852] Hardware name: Google Google Compute Engine/Google C=
ompute Engine, BIOS Google 09/13/2024
[   70.951001][ T5852] Call Trace:
[   70.954299][ T5852]  <TASK>
[   70.957251][ T5852]  dump_stack_lvl+0x241/0x360
[   70.961951][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.967257][ T5852]  ? __pfx__printk+0x10/0x10
[   70.971876][ T5852]  ? preempt_schedule+0xe1/0xf0
[   70.976763][ T5852]  ? vscnprintf+0x5d/0x90
[   70.981200][ T5852]  panic+0x349/0x880
[   70.985119][ T5852]  ? check_panic_on_warn+0x21/0xb0
[   70.990292][ T5852]  ? __pfx_panic+0x10/0x10
[   70.994725][ T5852]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   71.000729][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   71.007429][ T5852]  ? print_report+0x502/0x550
[   71.012146][ T5852]  check_panic_on_warn+0x86/0xb0
[   71.017293][ T5852]  ? binder_add_device+0x5f/0xa0
[   71.022263][ T5852]  end_report+0x77/0x160
[   71.026795][ T5852]  kasan_report+0x154/0x180
[   71.031347][ T5852]  ? binder_add_device+0x5f/0xa0
[   71.036321][ T5852]  binder_add_device+0x5f/0xa0
[   71.041110][ T5852]  binderfs_binder_device_create+0x7bf/0x9c0
[   71.047216][ T5852]  binderfs_fill_super+0x944/0xd90
[   71.052455][ T5852]  ? __pfx_binderfs_fill_super+0x10/0x10
[   71.058125][ T5852]  ? shrinker_register+0x160/0x230
[   71.063266][ T5852]  ? sget_fc+0x909/0x9c0
[   71.067538][ T5852]  ? __pfx_set_anon_super_fc+0x10/0x10
[   71.073031][ T5852]  ? __pfx_binderfs_fill_super+0x10/0x10
[   71.078700][ T5852]  get_tree_nodev+0xb7/0x140
[   71.083320][ T5852]  vfs_get_tree+0x90/0x2b0
[   71.087766][ T5852]  do_new_mount+0x2be/0xb40
[   71.092295][ T5852]  ? __pfx_do_new_mount+0x10/0x10
[   71.097414][ T5852]  __se_sys_mount+0x2d6/0x3c0
[   71.102157][ T5852]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   71.108164][ T5852]  ? __pfx___se_sys_mount+0x10/0x10
[   71.113509][ T5852]  ? do_syscall_64+0x100/0x230
[   71.118306][ T5852]  ? __x64_sys_mount+0x20/0xc0
[   71.123096][ T5852]  do_syscall_64+0xf3/0x230
[   71.127627][ T5852]  ? clear_bhb_loop+0x35/0x90
[   71.132332][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.138342][ T5852] RIP: 0033:0x7fbe9df874ca
[   71.142750][ T5852] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1=
a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0=
f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.162427][ T5852] RSP: 002b:00007ffe8c95a878 EFLAGS: 00000246 ORIG_RAX=
: 00000000000000a5
[   71.170832][ T5852] RAX: ffffffffffffffda RBX: 00007fbe9e001ecb RCX: 000=
07fbe9df874ca
[   71.178810][ T5852] RDX: 00007fbe9e00ec27 RSI: 00007fbe9e001ecb RDI: 000=
07fbe9e00ec27
[   71.186778][ T5852] RBP: 00007fbe9e0020c3 R08: 0000000000000000 R09: 000=
00000000001ff
[   71.194730][ T5852] R10: 0000000000000000 R11: 0000000000000246 R12: 000=
07fbe9dfe41c8
[   71.202697][ T5852] R13: 00007fbe9dfe41a8 R14: 0000000000000009 R15: 000=
0000000000000
[   71.210939][ T5852]  </TASK>
[   71.214271][ T5852] Kernel Offset: disabled
[   71.218610][ T5852] Rebooting in 86400 seconds..


syzkaller build log:
go env (err=3D<nil>)
GO111MODULE=3D'auto'
GOARCH=3D'amd64'
GOBIN=3D''
GOCACHE=3D'/syzkaller/.cache/go-build'
GOENV=3D'/syzkaller/.config/go/env'
GOEXE=3D''
GOEXPERIMENT=3D''
GOFLAGS=3D''
GOHOSTARCH=3D'amd64'
GOHOSTOS=3D'linux'
GOINSECURE=3D''
GOMODCACHE=3D'/syzkaller/jobs-2/linux/gopath/pkg/mod'
GONOPROXY=3D''
GONOSUMDB=3D''
GOOS=3D'linux'
GOPATH=3D'/syzkaller/jobs-2/linux/gopath'
GOPRIVATE=3D''
GOPROXY=3D'https://proxy.golang.org,direct'
GOROOT=3D'/usr/local/go'
GOSUMDB=3D'sum.golang.org'
GOTMPDIR=3D''
GOTOOLCHAIN=3D'auto'
GOTOOLDIR=3D'/usr/local/go/pkg/tool/linux_amd64'
GOVCS=3D''
GOVERSION=3D'go1.22.7'
GCCGO=3D'gccgo'
GOAMD64=3D'v1'
AR=3D'ar'
CC=3D'gcc'
CXX=3D'g++'
CGO_ENABLED=3D'1'
GOMOD=3D'/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.=
mod'
GOWORK=3D''
CGO_CFLAGS=3D'-O2 -g'
CGO_CPPFLAGS=3D''
CGO_CXXFLAGS=3D'-O2 -g'
CGO_FFLAGS=3D'-O2 -g'
CGO_LDFLAGS=3D'-O2 -g'
PKG_CONFIG=3D'pkg-config'
GOGCCFLAGS=3D'-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=3D0=
 -ffile-prefix-map=3D/tmp/go-build4079523737=3D/tmp/go-build -gno-record-gc=
c-switches'

git status (err=3D<nil>)
HEAD detached at 6dbc6a9bc
nothing to commit, working tree clean


tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contribut=
ing.md#using-syz-env
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sy=
s/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contribut=
ing.md#using-syz-env
bin/syz-sysgen
go fmt ./sys/... >/dev/null
touch .descriptions
GOOS=3Dlinux GOARCH=3Damd64 go build "-ldflags=3D-s -w -X github.com/google=
/syzkaller/prog.GitRevision=3D6dbc6a9bc76e06852841ed5c5bdbb78409b17f53 -X '=
github.com/google/syzkaller/prog.gitRevisionDate=3D20250110-142744'" "-tags=
=3Dsyz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execpr=
og github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
	-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wfr=
ame-larger-than=3D16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-forma=
t-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -=
static-pie -std=3Dc++17 -I. -Iexecutor/_include -fpermissive -w -DGOOS_linu=
x=3D1 -DGOARCH_amd64=3D1 \
	-DHOSTGOOS_linux=3D1 -DGIT_REVISION=3D\"6dbc6a9bc76e06852841ed5c5bdbb78409=
b17f53\"
/usr/bin/ld: /tmp/cc9IC3Dw.o: in function `Connection::Connect(char const*,=
 char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEP=
KcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applicat=
ions requires at runtime the shared libraries from the glibc version used f=
or linking


Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=3D1420def8580000


Tested on:

commit:         2b88851f Add linux-next specific files for 20250110
git tree:       linux-next
kernel config:  https://syzkaller.appspot.com/x/.config?x=3D2c9d32675cb8d2a=
5
dashboard link: https://syzkaller.appspot.com/bug?extid=3D799a2d4576c454ac2=
693
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debia=
n) 2.40
patch:          https://syzkaller.appspot.com/x/patch.diff?x=3D157f5ef85800=
00