Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.123' (ECDSA) to the list of known hosts. 2021/04/30 19:31:27 parsed 1 programs 2021/04/30 19:31:27 executed programs: 0 syzkaller login: [ 39.522780] IPVS: ftp: loaded support on port[0] = 21 [ 39.626402] chnl_net:caif_netlink_parms(): no params data found [ 39.717732] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.724885] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.733195] device bridge_slave_0 entered promiscuous mode [ 39.741082] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.747489] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.755004] device bridge_slave_1 entered promiscuous mode [ 39.774184] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 39.783551] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 39.803436] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 39.811449] team0: Port device team_slave_0 added [ 39.816914] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 39.825081] team0: Port device team_slave_1 added [ 39.841573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.848407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.875163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.887034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.893687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.919659] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.930800] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 39.938427] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 39.959177] device hsr_slave_0 entered promiscuous mode [ 39.965057] device hsr_slave_1 entered promiscuous mode [ 39.971972] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 39.979207] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 40.054063] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.060934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.067819] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.074286] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.106571] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 40.115502] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.124824] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 40.133945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.143512] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.151973] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.159177] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.171008] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 40.177094] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.186834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.195503] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.202061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.213701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.222072] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.228410] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.251078] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.259920] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.268115] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.276163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.284345] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.294090] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 40.301324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 40.314649] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 40.322322] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 40.329002] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 40.342404] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.356254] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 40.366464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.399014] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 40.406836] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 40.414628] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 40.425460] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.433913] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.441487] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.451781] device veth0_vlan entered promiscuous mode [ 40.462667] device veth1_vlan entered promiscuous mode [ 40.468660] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 40.479131] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 40.493405] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 40.502970] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.511007] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.518353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.529001] device veth0_macvtap entered promiscuous mode [ 40.536126] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 40.544401] device veth1_macvtap entered promiscuous mode [ 40.554239] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 40.563995] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 40.573887] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.581207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.590699] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.601026] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.612013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.728516] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 40.736357] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.751688] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.761121] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 40.776584] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 40.784038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.791888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.798795] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 40.830427] erofs: read_super, device -> /dev/loop0 [ 40.836346] erofs: options -> [ 40.842433] erofs: root inode @ nid 36 [ 40.847935] erofs: mounted on /dev/loop0 with opts: . [ 40.856517] ------------[ cut here ]------------ [ 40.862218] kernel BUG at drivers/staging/erofs/unzip_vle.c:1562! [ 40.868808] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 40.874193] CPU: 0 PID: 8383 Comm: syz-executor.0 Not tainted 4.19.189-syzkaller #0 [ 40.881989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.891354] RIP: 0010:z_erofs_map_blocks_iter+0x122e/0x1aa0 [ 40.897064] Code: 0f 95 c0 84 c1 0f 85 82 08 00 00 48 8b 04 24 8b 5b 04 44 8b 60 20 e9 77 fc ff ff 66 45 85 e4 0f 84 8c 01 00 00 e8 42 99 27 fb <0f> 0b e8 3b 99 27 fb 48 89 ef e8 63 ae 46 fb 48 8b 54 24 20 48 b8 [ 40.916100] RSP: 0018:ffff888094aff208 EFLAGS: 00010293 [ 40.921450] RAX: ffff888094ad2000 RBX: ffff8880af534778 RCX: ffffffff863abffb [ 40.928708] RDX: 0000000000000000 RSI: ffffffff863ac52e RDI: 0000000000000003 [ 40.936325] RBP: ffff8880aa1230c0 R08: 0000000000000000 R09: 0000000000000002 [ 40.943743] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000003 [ 40.951720] R13: dffffc0000000000 R14: ffffea0002bd4d00 R15: 0000000000000480 [ 40.959090] FS: 000000000197f400(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 40.967334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.973233] CR2: 0000000020001c3f CR3: 00000000a5f86000 CR4: 00000000001406f0 [ 40.980621] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.987998] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.995369] Call Trace: [ 40.997963] erofs_map_blocks_iter+0x6d/0x3b0 [ 41.002456] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 41.007472] z_erofs_do_read_page+0x670/0x2820 [ 41.012077] ? z_erofs_vle_work_add_page+0x8b0/0x8b0 [ 41.017170] ? check_preemption_disabled+0x41/0x280 [ 41.022193] z_erofs_vle_normalaccess_readpage+0x136/0x460 [ 41.027807] ? z_erofs_submit_and_unzip.isra.0+0x1930/0x1930 [ 41.033597] ? add_to_page_cache_locked+0x40/0x40 [ 41.038636] do_read_cache_page+0x533/0x1170 [ 41.043671] ? check_preemption_disabled+0x41/0x280 [ 41.049138] ? z_erofs_submit_and_unzip.isra.0+0x1930/0x1930 [ 41.055101] erofs_namei+0x1ab/0x1740 [ 41.058897] ? check_preemption_disabled+0x41/0x280 [ 41.064023] erofs_lookup+0x143/0x500 [ 41.067821] ? erofs_namei+0x1740/0x1740 [ 41.072132] ? __lockdep_init_map+0x100/0x5a0 [ 41.076618] ? __lockdep_init_map+0x100/0x5a0 [ 41.081123] __lookup_slow+0x246/0x4a0 [ 41.085019] ? follow_dotdot_rcu+0x1040/0x1040 [ 41.089603] ? lookup_fast+0x4e9/0x1080 [ 41.093580] ? walk_component+0x798/0xda0 [ 41.097724] walk_component+0x7ac/0xda0 [ 41.101878] ? lookup_fast+0x1080/0x1080 [ 41.105932] ? walk_component+0xda0/0xda0 [ 41.110182] path_lookupat+0x1ff/0x8d0 [ 41.114078] ? path_mountpoint+0xac0/0xac0 [ 41.118306] ? futex_wake+0x159/0x480 [ 41.122117] filename_lookup+0x1ac/0x5a0 [ 41.126446] ? filename_parentat+0x590/0x590 [ 41.130857] ? __phys_addr_symbol+0x2c/0x70 [ 41.135183] ? __check_object_size+0x17b/0x3e0 [ 41.139928] ? getname_flags+0x25b/0x590 [ 41.143981] do_mount+0x147/0x2f10 [ 41.147522] ? kfree+0x110/0x210 [ 41.150898] ? task_work_run+0x11c/0x1c0 [ 41.154946] ? copy_mount_string+0x40/0x40 [ 41.159164] ? __close_fd+0x128/0x200 [ 41.162959] ? __se_sys_futex+0x28f/0x3b0 [ 41.167090] ? __se_sys_futex+0x298/0x3b0 [ 41.171220] ? copy_mount_options+0x26f/0x380 [ 41.175704] ksys_mount+0xcf/0x130 [ 41.179235] __x64_sys_mount+0xba/0x150 [ 41.183629] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 41.188416] do_syscall_64+0xf9/0x620 [ 41.192216] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.197412] RIP: 0033:0x4665f9 [ 41.200793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 41.219808] RSP: 002b:00007fff90af6ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 41.227502] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665f9 [ 41.234773] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000000 [ 41.242361] RBP: 00000000004bfce1 R08: 0000000000000000 R09: 0000000000000000 [ 41.249870] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 [ 41.257145] R13: 00007fff90af7190 R14: 000000000056bf60 R15: 0000000000009f72 [ 41.264820] Modules linked in: [ 41.270428] ---[ end trace fa42ddfdca1afec0 ]--- [ 41.275239] RIP: 0010:z_erofs_map_blocks_iter+0x122e/0x1aa0 [ 41.282383] Code: 0f 95 c0 84 c1 0f 85 82 08 00 00 48 8b 04 24 8b 5b 04 44 8b 60 20 e9 77 fc ff ff 66 45 85 e4 0f 84 8c 01 00 00 e8 42 99 27 fb <0f> 0b e8 3b 99 27 fb 48 89 ef e8 63 ae 46 fb 48 8b 54 24 20 48 b8 [ 41.302125] RSP: 0018:ffff888094aff208 EFLAGS: 00010293 [ 41.307710] RAX: ffff888094ad2000 RBX: ffff8880af534778 RCX: ffffffff863abffb [ 41.315774] RDX: 0000000000000000 RSI: ffffffff863ac52e RDI: 0000000000000003 [ 41.323340] RBP: ffff8880aa1230c0 R08: 0000000000000000 R09: 0000000000000002 [ 41.330666] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000003 [ 41.338049] R13: dffffc0000000000 R14: ffffea0002bd4d00 R15: 0000000000000480 [ 41.345380] FS: 000000000197f400(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 41.354880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.360815] CR2: 0000000020001c3f CR3: 00000000a5f86000 CR4: 00000000001406f0 [ 41.368182] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.376050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.383568] Kernel panic - not syncing: Fatal exception [ 41.389468] Kernel Offset: disabled [ 41.393110] Rebooting in 86400 seconds..