ntfs: volume version 3.1. ====================================================== WARNING: possible circular locking dependency detected 4.19.211-syzkaller #0 Not tainted ------------------------------------------------------ kworker/u4:0/6998 is trying to acquire lock: 000000001c9ce32d (&rl->lock){++++}, at: ntfs_read_block fs/ntfs/aops.c:265 [inline] 000000001c9ce32d (&rl->lock){++++}, at: ntfs_readpage+0x1909/0x21b0 fs/ntfs/aops.c:452 but task is already holding lock: 000000004e7b73e8 (&ni->mrec_lock){+.+.}, at: map_mft_record+0x3c/0xc70 fs/ntfs/mft.c:168 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ni->mrec_lock){+.+.}: map_mft_record+0x3c/0xc70 fs/ntfs/mft.c:168 ntfs_map_runlist_nolock+0xbe5/0x17f0 fs/ntfs/attrib.c:105 ntfs_map_runlist+0x77/0xa0 fs/ntfs/attrib.c:306 ntfs_read_block fs/ntfs/aops.c:300 [inline] ntfs_readpage+0x195b/0x21b0 fs/ntfs/aops.c:452 read_pages.isra.0+0x329/0x5d0 mm/readahead.c:133 __do_page_cache_readahead+0x5c6/0x6c0 mm/readahead.c:211 ra_submit mm/internal.h:66 [inline] ondemand_readahead.isra.0+0x575/0xd40 mm/readahead.c:493 page_cache_sync_readahead mm/readahead.c:528 [inline] page_cache_sync_readahead+0x275/0x520 mm/readahead.c:510 generic_file_buffered_read mm/filemap.c:2115 [inline] generic_file_read_iter+0x1497/0x2b60 mm/filemap.c:2385 call_read_iter include/linux/fs.h:1815 [inline] new_sync_read fs/read_write.c:406 [inline] __vfs_read+0x518/0x750 fs/read_write.c:418 integrity_kernel_read+0x147/0x1f0 security/integrity/iint.c:200 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:364 [inline] ima_calc_file_shash security/integrity/ima/ima_crypto.c:393 [inline] ima_calc_file_hash+0x4b2/0x8a0 security/integrity/ima/ima_crypto.c:450 ima_collect_measurement+0x4c4/0x570 security/integrity/ima/ima_api.c:231 process_measurement+0xddd/0x1440 security/integrity/ima/ima_main.c:284 ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391 do_last fs/namei.c:3425 [inline] path_openat+0x7e4/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&rl->lock){++++}: down_read+0x36/0x80 kernel/locking/rwsem.c:24 ntfs_read_block fs/ntfs/aops.c:265 [inline] ntfs_readpage+0x1909/0x21b0 fs/ntfs/aops.c:452 do_read_cache_page+0x533/0x1170 mm/filemap.c:2828 read_mapping_page include/linux/pagemap.h:402 [inline] ntfs_map_page fs/ntfs/aops.h:89 [inline] ntfs_sync_mft_mirror+0x24f/0x1d00 fs/ntfs/mft.c:494 write_mft_record_nolock+0x13d2/0x16c0 fs/ntfs/mft.c:801 write_mft_record fs/ntfs/mft.h:109 [inline] __ntfs_write_inode+0x609/0xe10 fs/ntfs/inode.c:3064 write_inode fs/fs-writeback.c:1244 [inline] __writeback_single_inode+0x733/0x11d0 fs/fs-writeback.c:1442 writeback_sb_inodes+0x537/0xef0 fs/fs-writeback.c:1647 __writeback_inodes_wb+0xc6/0x280 fs/fs-writeback.c:1716 wb_writeback+0x841/0xcc0 fs/fs-writeback.c:1822 wb_check_start_all fs/fs-writeback.c:1946 [inline] wb_do_writeback fs/fs-writeback.c:1972 [inline] wb_workfn+0xbf4/0x1250 fs/fs-writeback.c:2006 process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ni->mrec_lock); lock(&rl->lock); lock(&ni->mrec_lock); lock(&rl->lock); *** DEADLOCK *** 4 locks held by kworker/u4:0/6998: #0: 000000004c3f466c ((wq_completion)"writeback"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 0000000018095870 ((work_completion)(&(&wb->dwork)->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 0000000022564ebd (&type->s_umount_key#59){++++}, at: trylock_super+0x1d/0x100 fs/super.c:412 #3: 000000004e7b73e8 (&ni->mrec_lock){+.+.}, at: map_mft_record+0x3c/0xc70 fs/ntfs/mft.c:168 stack backtrace: CPU: 1 PID: 6998 Comm: kworker/u4:0 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Workqueue: writeback wb_workfn (flush-7:4) Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1222 check_prev_add kernel/locking/lockdep.c:1866 [inline] check_prevs_add kernel/locking/lockdep.c:1979 [inline] validate_chain kernel/locking/lockdep.c:2420 [inline] __lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3416 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908 down_read+0x36/0x80 kernel/locking/rwsem.c:24 ntfs_read_block fs/ntfs/aops.c:265 [inline] ntfs_readpage+0x1909/0x21b0 fs/ntfs/aops.c:452 do_read_cache_page+0x533/0x1170 mm/filemap.c:2828 read_mapping_page include/linux/pagemap.h:402 [inline] ntfs_map_page fs/ntfs/aops.h:89 [inline] ntfs_sync_mft_mirror+0x24f/0x1d00 fs/ntfs/mft.c:494 write_mft_record_nolock+0x13d2/0x16c0 fs/ntfs/mft.c:801 write_mft_record fs/ntfs/mft.h:109 [inline] __ntfs_write_inode+0x609/0xe10 fs/ntfs/inode.c:3064 write_inode fs/fs-writeback.c:1244 [inline] __writeback_single_inode+0x733/0x11d0 fs/fs-writeback.c:1442 writeback_sb_inodes+0x537/0xef0 fs/fs-writeback.c:1647 __writeback_inodes_wb+0xc6/0x280 fs/fs-writeback.c:1716 wb_writeback+0x841/0xcc0 fs/fs-writeback.c:1822 wb_check_start_all fs/fs-writeback.c:1946 [inline] wb_do_writeback fs/fs-writeback.c:1972 [inline] wb_workfn+0xbf4/0x1250 fs/fs-writeback.c:2006 process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. ntfs: volume version 3.1. XFS (loop5): Superblock has unknown read-only compatible features (0x8) enabled. XFS (loop5): Attempted to mount read-only compatible filesystem read-write. XFS (loop5): Filesystem can only be safely mounted read only. XFS (loop5): SB validate failed with error -22. audit: type=1804 audit(1676719167.730:18402): pid=29039 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1263205577/syzkaller.7l3FUO/3794/bus" dev="sda1" ino=14483 res=1 XFS (loop5): Superblock has unknown read-only compatible features (0x8) enabled. XFS (loop5): Attempted to mount read-only compatible filesystem read-write. XFS (loop5): Filesystem can only be safely mounted read only. XFS (loop5): SB validate failed with error -22. audit: type=1804 audit(1676719168.280:18403): pid=29153 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2351451889/syzkaller.pHfMiX/4559/bus" dev="sda1" ino=14558 res=1 audit: type=1804 audit(1676719168.280:18404): pid=29195 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1263205577/syzkaller.7l3FUO/3795/bus" dev="sda1" ino=14671 res=1 syz-executor.3: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.1: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.0: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.3 cpuset=/ mems_allowed=0-1 syz-executor.0 cpuset=/ mems_allowed=0-1 CPU: 1 PID: 29211 Comm: syz-executor.0 Not tainted 4.19.211-syzkaller #0 syz-executor.1 cpuset=/ mems_allowed=0-1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6af81430f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f6af6673168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 00007f6af8263120 RCX: 00007f6af81430f9 RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007f6af819eae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffedfa42c9f R14: 00007f6af6673300 R15: 0000000000022000 CPU: 0 PID: 29207 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 warn_alloc_show_mem: 4 callbacks suppressed Mem-Info: active_anon:481573 inactive_anon:14969 isolated_anon:661 active_file:2493 inactive_file:14215 isolated_file:0 unevictable:0 dirty:84 writeback:0 unstable:0 slab_reclaimable:20022 slab_unreclaimable:138309 mapped:33296 shmem:24068 pagetables:12658 bounce:0 free:961774 free_pcp:1180 free_cma:0 __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 Node 0 active_anon:1872092kB inactive_anon:25456kB active_file:8kB inactive_file:116kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:97372kB dirty:4kB writeback:0kB shmem:51216kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1611776kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f51866b80f9 Node 1 active_anon:54200kB inactive_anon:34420kB active_file:9964kB inactive_file:56744kB unevictable:0kB isolated(anon):2644kB isolated(file):0kB mapped:35812kB dirty:332kB writeback:0kB shmem:45056kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f5184c2a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 00007f51867d7f80 RCX: 00007f51866b80f9 Node 0 DMA free:11056kB min:204kB low:252kB high:300kB active_anon:2980kB inactive_anon:20kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:532kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007f5186713ae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffee7c4e1cf R14: 00007f5184c2a300 R15: 0000000000022000 CPU: 0 PID: 29205 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 lowmem_reserve[]: 0 2693 2695 2695 2695 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 Node 0 DMA32 free:38448kB min:35996kB low:44992kB high:53988kB active_anon:1869172kB inactive_anon:25452kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:22752kB pagetables:35296kB bounce:0kB free_pcp:3096kB local_pcp:1496kB free_cma:0kB __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 Node 1 Normal free:3796908kB min:53876kB low:67344kB high:80812kB active_anon:54172kB inactive_anon:34500kB active_file:9964kB inactive_file:56660kB unevictable:0kB writepending:292kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:10144kB pagetables:14824kB bounce:0kB free_pcp:1712kB local_pcp:1408kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 Node 0 DMA: 18*4kB (UH) 36*8kB (UMH) 16*16kB (UMEH) 13*32kB (UMH) 6*64kB (UMH) 1*128kB (E) 3*256kB (MEH) 5*512kB (MEH) 2*1024kB (ME) 2*2048kB (UE) 0*4096kB = 11016kB Node 0 DMA32: 1266*4kB (UMEH) 776*8kB (UEH) 139*16kB (UEH) 784*32kB (UEH) 9*64kB (H) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 39160kB __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB RIP: 0033:0x7ff7b58180f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff7b3d8a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 Node 1 Normal: 247*4kB (UM) 815*8kB (M) 2136*16kB (ME) 1418*32kB (UME) 1136*64kB (UME) 924*128kB (UM) 767*256kB (UME) 644*512kB (UME) 502*1024kB (UM) 2*2048kB (U) 604*4096kB (UM) = 3796244kB RAX: ffffffffffffffda RBX: 00007ff7b5937f80 RCX: 00007ff7b58180f9 RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007ff7b5873ae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd66bd28af R14: 00007ff7b3d8a300 R15: 0000000000022000 audit: type=1804 audit(1676719169.440:18405): pid=29209 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2351451889/syzkaller.pHfMiX/4560/bus" dev="sda1" ino=14671 res=1 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 42459 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB XFS (loop5): Superblock has unknown read-only compatible features (0x8) enabled. Total swap = 0kB XFS (loop5): Attempted to mount read-only compatible filesystem read-write. 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved XFS (loop5): Filesystem can only be safely mounted read only. 0 pages cma reserved XFS (loop5): SB validate failed with error -22. audit: type=1804 audit(1676719169.760:18406): pid=29204 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1263205577/syzkaller.7l3FUO/3796/bus" dev="sda1" ino=14671 res=1 netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. Unknown ioctl -1065068969 XFS (loop5): Superblock has unknown read-only compatible features (0x8) enabled. XFS (loop5): Attempted to mount read-only compatible filesystem read-write. XFS (loop5): Filesystem can only be safely mounted read only. XFS (loop5): SB validate failed with error -22. audit: type=1804 audit(1676719170.270:18407): pid=29307 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2351451889/syzkaller.pHfMiX/4561/bus" dev="sda1" ino=14754 res=1 audit: type=1804 audit(1676719170.350:18408): pid=29324 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir1263205577/syzkaller.7l3FUO/3797/bus" dev="sda1" ino=14845 res=1 Unknown ioctl -1065068969 syz-executor.3: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.3 cpuset=/ mems_allowed=0-1 CPU: 1 PID: 29397 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f51866b80f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f5184c2a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 00007f51867d7f80 RCX: 00007f51866b80f9 RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007f5186713ae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffee7c4e1cf R14: 00007f5184c2a300 R15: 0000000000022000 warn_alloc_show_mem: 2 callbacks suppressed Mem-Info: active_anon:480785 inactive_anon:12544 isolated_anon:802 active_file:2519 inactive_file:14202 isolated_file:0 unevictable:0 dirty:47 writeback:0 unstable:0 slab_reclaimable:20174 slab_unreclaimable:140695 mapped:33269 shmem:21593 pagetables:12638 bounce:0 free:963323 free_pcp:505 free_cma:0 Node 0 active_anon:1869040kB inactive_anon:25456kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:97372kB dirty:0kB writeback:0kB shmem:51116kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1611776kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:51900kB inactive_anon:24720kB active_file:10068kB inactive_file:56800kB unevictable:0kB isolated(anon):1508kB isolated(file):0kB mapped:35704kB dirty:188kB writeback:0kB shmem:35256kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 4096kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:11144kB min:204kB low:252kB high:300kB active_anon:2804kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:40576kB min:35996kB low:44992kB high:53988kB active_anon:1866208kB inactive_anon:25452kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:22752kB pagetables:35296kB bounce:0kB free_pcp:1412kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:3806832kB min:53876kB low:67344kB high:80812kB active_anon:51704kB inactive_anon:24720kB active_file:10012kB inactive_file:56712kB unevictable:0kB writepending:208kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:9920kB pagetables:14740kB bounce:0kB free_pcp:1824kB local_pcp:416kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 10*4kB (UMH) 46*8kB (UMH) 18*16kB (UMH) 13*32kB (UMEH) 7*64kB (UMEH) 3*128kB (ME) 2*256kB (MH) 5*512kB (MEH) 2*1024kB (ME) 2*2048kB (UE) 0*4096kB = 11160kB Node 0 DMA32: 1718*4kB (UMEH) 597*8kB (UMEH) 179*16kB (UMEH) 784*32kB (UMEH) 12*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 40368kB Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB Node 1 Normal: 478*4kB (UM) 1940*8kB (UM) 2315*16kB (UME) 1423*32kB (UME) 1073*64kB (UME) 929*128kB (UM) 773*256kB (UME) 645*512kB (UME) 507*1024kB (UM) 3*2048kB (UM) 602*4096kB (UM) = 3806824kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 38249 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unknown ioctl -1065068969 syz-executor.3: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.1: page allocation failure: order:0, mode:0x6600ca(GFP_HIGHUSER_MOVABLE|__GFP_THISNODE), nodemask=(null) syz-executor.3 cpuset=/ mems_allowed=0-1 CPU: 0 PID: 29512 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 syz-executor.1 cpuset=/ mems_allowed=0-1 __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f51866b80f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f5184c2a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 00007f51867d7f80 RCX: 00007f51866b80f9 RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007f5186713ae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffee7c4e1cf R14: 00007f5184c2a300 R15: 0000000000022000 CPU: 1 PID: 29514 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 warn_alloc.cold+0x7b/0x18f mm/page_alloc.c:3457 Dead loop on virtual device gre1, fix it urgently! __alloc_pages_slowpath mm/page_alloc.c:4317 [inline] __alloc_pages_nodemask+0x232f/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_new_node_page+0x2b6/0x400 mm/mempolicy.c:1003 unmap_and_move mm/migrate.c:1168 [inline] migrate_pages+0x528/0x2fe0 mm/migrate.c:1419 do_move_pages_to_node mm/migrate.c:1501 [inline] do_move_pages_to_node mm/migrate.c:1493 [inline] do_pages_move mm/migrate.c:1686 [inline] kernel_move_pages+0x506/0x1820 mm/migrate.c:1827 __do_sys_move_pages mm/migrate.c:1845 [inline] __se_sys_move_pages mm/migrate.c:1840 [inline] __x64_sys_move_pages+0xdd/0x1b0 mm/migrate.c:1840 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7ff7b58180f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ff7b3d8a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 00007ff7b5937f80 RCX: 00007ff7b58180f9 RDX: 0000000020000200 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 00007ff7b5873ae9 R08: 0000000020000140 R09: 0000000000000000 R10: 000000002026bfec R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd66bd28af R14: 00007ff7b3d8a300 R15: 0000000000022000 warn_alloc_show_mem: 1 callbacks suppressed Mem-Info: active_anon:480529 inactive_anon:12544 isolated_anon:123 active_file:2536 inactive_file:14213 isolated_file:0 unevictable:0 dirty:57 writeback:0 unstable:0 slab_reclaimable:19553 slab_unreclaimable:146465 mapped:33312 shmem:21593 pagetables:12669 bounce:0 free:958100 free_pcp:1387 free_cma:0 Node 0 active_anon:1870092kB inactive_anon:25456kB active_file:108kB inactive_file:108kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:97372kB dirty:0kB writeback:0kB shmem:51116kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1611776kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes syz-executor.4 (29568) used greatest stack depth: 14352 bytes left Node 1 active_anon:51824kB inactive_anon:24720kB active_file:10036kB inactive_file:56744kB unevictable:0kB isolated(anon):492kB isolated(file):0kB mapped:35876kB dirty:228kB writeback:0kB shmem:35256kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:11388kB min:204kB low:252kB high:300kB active_anon:2864kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:360kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:85664kB min:35996kB low:44992kB high:53988kB active_anon:1867328kB inactive_anon:25452kB active_file:108kB inactive_file:108kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:22752kB pagetables:35348kB bounce:0kB free_pcp:2564kB local_pcp:1264kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:3736220kB min:53876kB low:67344kB high:80812kB active_anon:51724kB inactive_anon:24720kB active_file:10036kB inactive_file:56744kB unevictable:0kB writepending:228kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:10016kB pagetables:14672kB bounce:0kB free_pcp:2940kB local_pcp:1480kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 41*4kB (UMEH) 55*8kB (UMH) 25*16kB (UMH) 13*32kB (UMEH) 6*64kB (UEH) 3*128kB (ME) 2*256kB (MH) 5*512kB (MEH) 2*1024kB (ME) 2*2048kB (UE) 0*4096kB = 11404kB Node 0 DMA32: 1852*4kB (UMEH) 4673*8kB (UMEH) 874*16kB (UMEH) 794*32kB (UMEH) 20*64kB (UMH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 85464kB Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB Node 1 Normal: 562*4kB (UM) 1952*8kB (UM) 2344*16kB (UME) 1431*32kB (UME) 1041*64kB (UME) 909*128kB (UM) 737*256kB (ME) 609*512kB (ME) 493*1024kB (UM) 5*2048kB (M) 595*4096kB (M) = 3736808kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 38300 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Dead loop on virtual device gre3, fix it urgently! Dead loop on virtual device gre5, fix it urgently! Dead loop on virtual device gre1, fix it urgently! list_del corruption, ffff88804ee37a90->next is LIST_POISON1 (dead000000000100) ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:45! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 29666 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 RIP: 0010:__list_del_entry_valid.cold+0x23/0x4a lib/list_debug.c:45 Code: e8 11 43 f7 ff 0f 0b 48 89 ee 48 c7 c7 40 e4 b3 88 e8 00 43 f7 ff 0f 0b 4c 89 ea 48 89 ee 48 c7 c7 80 e3 b3 88 e8 ec 42 f7 ff <0f> 0b 4c 89 e2 48 89 ee 48 c7 c7 e0 e3 b3 88 e8 d8 42 f7 ff 0f 0b RSP: 0018:ffff88804ee37970 EFLAGS: 00010086 RAX: 000000000000004e RBX: ffff88804ee37a78 RCX: 0000000000000000 RDX: 0000000000040000 RSI: ffffffff814dff01 RDI: ffffed1009dc6f20 RBP: ffff88804ee37a90 R08: 000000000000004e R09: 0000000000000000 R10: 0000000000000005 R11: ffffffff8c66505b R12: dead000000000200 R13: dead000000000100 R14: ffff88804ee37a98 R15: 0000000000000007 FS: 00007fa302b8a700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f0f6e199100 CR3: 000000004dd12000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Dead loop on virtual device gre3, fix it urgently! DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __list_del_entry include/linux/list.h:117 [inline] list_del include/linux/list.h:125 [inline] __remove_wait_queue include/linux/wait.h:184 [inline] remove_wait_queue+0x2c/0x180 kernel/sched/wait.c:44 __tipc_sendstream+0x373/0x9d0 net/tipc/socket.c:1449 tipc_sendstream+0x4c/0x70 net/tipc/socket.c:1414 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0xc3/0x120 net/socket.c:661 sock_write_iter+0x287/0x3c0 net/socket.c:966 call_write_iter include/linux/fs.h:1821 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x51b/0x770 fs/read_write.c:487 vfs_write+0x1f3/0x540 fs/read_write.c:549 ksys_write+0x12b/0x2a0 fs/read_write.c:599 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fa3046180f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fa302b8a168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fa304737f80 RCX: 00007fa3046180f9 RDX: 000000002000011a RSI: 0000000020000080 RDI: 0000000000000004 RBP: 00007fa304673ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffad2fdcbf R14: 00007fa302b8a300 R15: 0000000000022000 Modules linked in: ---[ end trace bdb9a8e48ac11bed ]--- RIP: 0010:__list_del_entry_valid.cold+0x23/0x4a lib/list_debug.c:45 Code: e8 11 43 f7 ff 0f 0b 48 89 ee 48 c7 c7 40 e4 b3 88 e8 00 43 f7 ff 0f 0b 4c 89 ea 48 89 ee 48 c7 c7 80 e3 b3 88 e8 ec 42 f7 ff <0f> 0b 4c 89 e2 48 89 ee 48 c7 c7 e0 e3 b3 88 e8 d8 42 f7 ff 0f 0b RSP: 0018:ffff88804ee37970 EFLAGS: 00010086 RAX: 000000000000004e RBX: ffff88804ee37a78 RCX: 0000000000000000 RDX: 0000000000040000 RSI: ffffffff814dff01 RDI: ffffed1009dc6f20 RBP: ffff88804ee37a90 R08: 000000000000004e R09: 0000000000000000 R10: 0000000000000005 R11: ffffffff8c66505b R12: dead000000000200 R13: dead000000000100 R14: ffff88804ee37a98 R15: 0000000000000007 FS: 00007fa302b8a700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f0f6e199100 CR3: 000000004dd12000 CR4: 00000000003406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 28 00 sub %al,(%rax) 2: 00 00 add %al,(%rax) 4: 75 05 jne 0xb 6: 48 83 c4 28 add $0x28,%rsp a: c3 retq b: e8 f1 19 00 00 callq 0x1a01 10: 90 nop 11: 48 89 f8 mov %rdi,%rax 14: 48 89 f7 mov %rsi,%rdi 17: 48 89 d6 mov %rdx,%rsi 1a: 48 89 ca mov %rcx,%rdx 1d: 4d 89 c2 mov %r8,%r10 20: 4d 89 c8 mov %r9,%r8 23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9 28: 0f 05 syscall * 2a: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction 30: 73 01 jae 0x33 32: c3 retq 33: 48 c7 c1 b8 ff ff ff mov $0xffffffffffffffb8,%rcx 3a: f7 d8 neg %eax 3c: 64 89 01 mov %eax,%fs:(%rcx) 3f: 48 rex.W