forked to background, child pid 4654 no interfaces have a carrier [ 53.108726][ T4655] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.119186][ T4655] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.72' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 76.882299][ T27] audit: type=1804 audit(1676004071.158:2): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 [ 76.909914][ T27] audit: type=1800 audit(1676004071.158:3): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor458" name="bus" dev="sda1" ino=1137 res=0 errno=0 [ 76.931165][ T27] audit: type=1804 audit(1676004071.178:4): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 [ 76.951966][ T27] audit: type=1804 audit(1676004071.178:5): pid=5083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 executing program [ 76.972872][ T27] audit: type=1804 audit(1676004071.178:6): pid=5083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 [ 76.996669][ T27] audit: type=1800 audit(1676004071.178:7): pid=5083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor458" name="bus" dev="sda1" ino=1137 res=0 errno=0 executing program [ 77.018020][ T27] audit: type=1804 audit(1676004071.178:8): pid=5084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 [ 77.043529][ T27] audit: type=1804 audit(1676004071.188:9): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 [ 77.065246][ T27] audit: type=1800 audit(1676004071.188:10): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor458" name="bus" dev="sda1" ino=1137 res=0 errno=0 [ 77.087532][ T27] audit: type=1804 audit(1676004071.198:11): pid=5084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor458" name="/root/bus" dev="sda1" ino=1137 res=1 errno=0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 77.733028][ T5122] page:ffffea0001cbbd40 refcount:14 mapcount:11 mapping:ffff88807f635518 index:0x17 pfn:0x72ef5 [ 77.744342][ T5122] memcg:ffff888140090000 [ 77.748723][ T5122] aops:ext4_da_aops ino:470 dentry name:"syz-executor458041064" [ 77.756533][ T5122] flags: 0xfff0000000203e(referenced|uptodate|dirty|lru|active|private|node=0|zone=1|lastcpupid=0x7ff) [ 77.767690][ T5122] raw: 00fff0000000203e ffffea0001cbbd08 ffffea0001cbbd88 ffff88807f635518 [ 77.776381][ T5122] raw: 0000000000000017 ffff88807495f3a0 0000000f0000000b ffff888140090000 [ 77.785056][ T5122] page dumped because: VM_BUG_ON_PAGE(batch->nr > batch->max) [ 77.792585][ T5122] page_owner tracks the page as allocated [ 77.798573][ T5122] page last allocated via order 0, migratetype Movable, gfp_mask 0x141cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_WRITE), pid 5034, tgid 5034 (scp), ts 71273169852, free_ts 70560847735 [ 77.816775][ T5122] get_page_from_freelist+0x11bb/0x2d50 [ 77.822445][ T5122] __alloc_pages+0x1cb/0x5c0 [ 77.827102][ T5122] alloc_pages+0x1aa/0x270 [ 77.831660][ T5122] folio_alloc+0x20/0x70 [ 77.835965][ T5122] filemap_alloc_folio+0x3ad/0x450 [ 77.841201][ T5122] __filemap_get_folio+0x32b/0xdc0 [ 77.846381][ T5122] pagecache_get_page+0x2e/0x280 [ 77.851454][ T5122] ext4_da_write_begin+0x421/0xb70 [ 77.856641][ T5122] generic_perform_write+0x256/0x570 [ 77.862071][ T5122] ext4_buffered_write_iter+0x15b/0x460 [ 77.867690][ T5122] ext4_file_write_iter+0x8bf/0x1710 [ 77.873116][ T5122] vfs_write+0x9ed/0xe10 [ 77.877451][ T5122] ksys_write+0x12b/0x250 [ 77.881911][ T5122] do_syscall_64+0x39/0xb0 [ 77.886396][ T5122] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 77.892395][ T5122] page last free stack trace: [ 77.897097][ T5122] free_pcp_prepare+0x4d0/0x910 [ 77.902075][ T5122] free_unref_page_list+0x176/0xcd0 [ 77.907343][ T5122] release_pages+0xcb1/0x1330 [ 77.912151][ T5122] tlb_batch_pages_flush+0xa8/0x1a0 [ 77.917424][ T5122] tlb_finish_mmu+0x14b/0x7e0 [ 77.922217][ T5122] unmap_region+0x23d/0x2d0 [ 77.926779][ T5122] do_vmi_align_munmap+0x9ca/0xf60 [ 77.932001][ T5122] do_vmi_munmap+0x26e/0x2c0 [ 77.936663][ T5122] __vm_munmap+0x136/0x280 [ 77.941228][ T5122] __x64_sys_munmap+0x59/0x80 [ 77.946000][ T5122] do_syscall_64+0x39/0xb0 [ 77.950538][ T5122] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 77.956836][ T5122] ------------[ cut here ]------------ [ 77.962420][ T5122] kernel BUG at mm/mmu_gather.c:139! [ 77.967773][ T5122] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 77.973880][ T5122] CPU: 1 PID: 5122 Comm: syz-executor458 Not tainted 6.2.0-rc7-next-20230208-syzkaller #0 [ 77.983789][ T5122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 77.993876][ T5122] RIP: 0010:__tlb_remove_page_size+0x24c/0x480 [ 78.000070][ T5122] Code: 01 00 00 8b 6d 0c e9 e1 fe ff ff e8 ae 4e c1 ff 0f 0b e8 a7 4e c1 ff 4c 89 f7 48 c7 c6 00 7b 58 8a 48 83 e7 fc e8 04 f6 f9 ff <0f> 0b e8 8d 4e c1 ff 4c 8d 6b 24 48 b8 00 00 00 00 00 fc ff df 4c [ 78.019698][ T5122] RSP: 0018:ffffc90003c7f8d8 EFLAGS: 00010293 [ 78.025776][ T5122] RAX: 0000000000000000 RBX: ffffc90003c7fcd8 RCX: 0000000000000000 [ 78.033770][ T5122] RDX: ffff88801dda3a80 RSI: ffffffff81c31f4c RDI: 0000000000000000 [ 78.041794][ T5122] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff8e75bd17 [ 78.049778][ T5122] R10: fffffbfff1ceb7a2 R11: 0000000000000000 R12: 0000000000000000 [ 78.057772][ T5122] R13: 0000000000000001 R14: ffffea0001cbbd40 R15: ffffc90003c7fd00 [ 78.065763][ T5122] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 78.074722][ T5122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.081328][ T5122] CR2: 00007f8701e621d0 CR3: 0000000072aa7000 CR4: 00000000003506e0 [ 78.089323][ T5122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.097313][ T5122] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.105306][ T5122] Call Trace: [ 78.108686][ T5122] [ 78.111643][ T5122] unmap_page_range+0x1226/0x3ce0 [ 78.116706][ T5122] ? vm_normal_page_pmd+0x5a0/0x5a0 [ 78.121945][ T5122] ? uprobe_munmap+0x20/0x550 [ 78.126653][ T5122] unmap_single_vma+0x194/0x2a0 [ 78.131528][ T5122] unmap_vmas+0x234/0x380 [ 78.135893][ T5122] ? unmap_single_vma+0x2a0/0x2a0 [ 78.140968][ T5122] ? find_held_lock+0x2d/0x110 [ 78.145754][ T5122] ? lock_downgrade+0x690/0x690 [ 78.150662][ T5122] ? trace_lock_acquire+0x1f1/0x2b0 [ 78.155915][ T5122] exit_mmap+0x190/0x7d0 [ 78.160229][ T5122] ? do_vma_munmap+0xa0/0xa0 [ 78.164920][ T5122] __mmput+0x128/0x4c0 [ 78.169034][ T5122] mmput+0x60/0x70 [ 78.172798][ T5122] do_exit+0x9d7/0x2b60 [ 78.176974][ T5122] ? mm_update_next_owner+0x7b0/0x7b0 [ 78.182365][ T5122] ? _raw_spin_unlock_irq+0x23/0x50 [ 78.187589][ T5122] do_group_exit+0xd4/0x2a0 [ 78.192112][ T5122] __x64_sys_exit_group+0x3e/0x50 [ 78.197164][ T5122] do_syscall_64+0x39/0xb0 [ 78.201629][ T5122] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 78.207552][ T5122] RIP: 0033:0x7f8701decc09 [ 78.211982][ T5122] Code: Unable to access opcode bytes at 0x7f8701decbdf. [ 78.219034][ T5122] RSP: 002b:00007ffdfa7ac068 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.227470][ T5122] RAX: ffffffffffffffda RBX: 00007f8701e61330 RCX: 00007f8701decc09 [ 78.235464][ T5122] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 78.243461][ T5122] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000 [ 78.251473][ T5122] R10: 000000000001dd00 R11: 0000000000000246 R12: 00007f8701e61330 [ 78.259481][ T5122] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 78.267479][ T5122] [ 78.270514][ T5122] Modules linked in: [ 78.274496][ T5122] ---[ end trace 0000000000000000 ]--- [ 78.280000][ T5122] RIP: 0010:__tlb_remove_page_size+0x24c/0x480 [ 78.286196][ T5122] Code: 01 00 00 8b 6d 0c e9 e1 fe ff ff e8 ae 4e c1 ff 0f 0b e8 a7 4e c1 ff 4c 89 f7 48 c7 c6 00 7b 58 8a 48 83 e7 fc e8 04 f6 f9 ff <0f> 0b e8 8d 4e c1 ff 4c 8d 6b 24 48 b8 00 00 00 00 00 fc ff df 4c [ 78.305865][ T5122] RSP: 0018:ffffc90003c7f8d8 EFLAGS: 00010293 [ 78.312009][ T5122] RAX: 0000000000000000 RBX: ffffc90003c7fcd8 RCX: 0000000000000000 [ 78.320033][ T5122] RDX: ffff88801dda3a80 RSI: ffffffff81c31f4c RDI: 0000000000000000 [ 78.328054][ T5122] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffff8e75bd17 [ 78.336089][ T5122] R10: fffffbfff1ceb7a2 R11: 0000000000000000 R12: 0000000000000000 [ 78.344124][ T5122] R13: 0000000000000001 R14: ffffea0001cbbd40 R15: ffffc90003c7fd00 [ 78.352158][ T5122] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 78.361152][ T5122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.367771][ T5122] CR2: 00007f8701e621d0 CR3: 0000000072aa7000 CR4: 00000000003506e0 [ 78.375800][ T5122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.383829][ T5122] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.391870][ T5122] Kernel panic - not syncing: Fatal exception [ 78.398176][ T5122] Kernel Offset: disabled [ 78.402533][ T5122] Rebooting in 86400 seconds..