./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2091115299

<...>

syzkaller login: [    4.676086][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[    6.046162][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   10.006051][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   14.132762][   T23] kauditd_printk_skb: 60 callbacks suppressed
[   14.132772][   T23] audit: type=1400 audit(1667359332.670:71): avc:  denied  { transition } for  pid=290 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   14.139863][   T23] audit: type=1400 audit(1667359332.680:72): avc:  denied  { write } for  pid=290 comm="sh" path="pipe:[10710]" dev="pipefs" ino=10710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
[   14.215976][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[   14.376659][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   14.585945][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
Warning: Permanently added '10.128.1.38' (ECDSA) to the list of known hosts.
execve("./syz-executor2091115299", ["./syz-executor2091115299"], 0x7ffda4311810 /* 10 vars */) = 0
brk(NULL)                               = 0x555555cc0000
brk(0x555555cc0c40)                     = 0x555555cc0c40
arch_prctl(ARCH_SET_FS, 0x555555cc0300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor2091115299", 4096) = 28
brk(0x555555ce1c40)                     = 0x555555ce1c40
brk(0x555555ce2000)                     = 0x555555ce2000
mprotect(0x7fa7ffeda000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
ftruncate(3, 135266304)                 = 0
pwrite64(3, "\xe2\xe1\xf5\xe0\x95\x21\xe9\x3c\x02\x00\x00\x00\x0c\x00\x24", 15, 1024) = 15
pwrite64(3, "\x03\x00\x45\x31\x95\x44\x1e\x5a\x35\x5a", 10, 1152) = 10
pwrite64(3, "\xce\x37\x0d\x67\x73\x43\x27\x2d\x1c\x00\xb9\xf2\xf3\x04\x91\xb1\x6d\x13\xf8\x79\x7c\x5c\xc0\xc2\xff\xb5\x42\x87\xa7\x56\xd5\xcd\x99\x94\x2e\x8b\x32\x23\x6d", 39, 4096) = 39
pwrite64(3, "\xa8\x30\x3f\xe7\x90\x1a\xd2\x04\x51\xc7\xd5\x51\xec\x7a\x37\x3f\xcb\x1b\x06\x7a\x57\x27\x45\x62\x3d\x82\x00\xd6\x02\x92\x89\x0b\xd9\x69\xa6\xf0\x29\x57\x83\x51\x4e\x5e\xfc\x8d\xaa\x95\xbd\x91\x23\x0f\xdf\xaa\xd4\x02\x48\x10\x64\x62\x5f\x1f\xf8\x10\x8a\x09\x35\xaa\x40\x34\x12\x5d\xaa\xd0\xf9\x85\x72\xd5\x98\xe2\x24\x04\x63\xad\x34\x02\xe3\x57\x7b\xdd\xa3\xb1\xc3\x67\x5c\x0d\x5f\x29\xbe\x00\x66\xa2"..., 287, 51549) = 287
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
mkdir("./file0", 0777)                  = 0
[   22.806624][   T23] audit: type=1400 audit(1667359341.350:73): avc:  denied  { execmem } for  pid=371 comm="syz-executor209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   22.827344][   T23] audit: type=1400 audit(1667359341.370:74): avc:  denied  { read write } for  pid=371 comm="syz-executor209" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
mount("/dev/loop0", "./file0", "erofs", 0, "") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
close(3)                                = 0
[   22.829822][  T371] erofs: (device loop0): mounted with root inode @ nid 36.
[   22.856383][   T23] audit: type=1400 audit(1667359341.370:75): avc:  denied  { open } for  pid=371 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   22.860804][  T371] attempt to access beyond end of device
[   22.860804][  T371] loop0: rw=0, want=2201354232, limit=264192
[   22.883514][   T23] audit: type=1400 audit(1667359341.370:76): avc:  denied  { ioctl } for  pid=371 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=115 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   22.894409][  T371] BUG: unable to handle page fault for address: fffff52100164e27
[   22.920236][   T23] audit: type=1400 audit(1667359341.370:77): avc:  denied  { mounton } for  pid=371 comm="syz-executor209" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   22.927534][  T371] #PF: supervisor read access in kernel mode
[   22.927539][  T371] #PF: error_code(0x0000) - not-present page
[   22.927544][  T371] PGD 23ffef067 P4D 23ffef067 PUD 0 
[   22.927562][  T371] Oops: 0000 [#1] PREEMPT SMP KASAN
[   22.927571][  T371] CPU: 0 PID: 371 Comm: syz-executor209 Not tainted 5.10.149-syzkaller-01350-g0118fb827bc7 #0
[   22.927584][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
[   22.950602][   T23] audit: type=1400 audit(1667359341.400:78): avc:  denied  { mount } for  pid=371 comm="syz-executor209" name="/" dev="loop0" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   22.956149][  T371] RIP: 0010:z_erofs_decompress_pcluster+0x7a0/0x1d70
[   22.956158][  T371] Code: 00 e8 b4 1b 85 ff 41 8a 04 1e 84 c0 0f 85 13 02 00 00 41 8b 07 c1 f8 02 89 c0 48 8b 4c 24 58 4c 8d 34 c1 4d 89 f7 49 c1 ef 03 <41> 80 3c 1f 00 74 08 4c 89 f7 e8 91 19 85 ff 4d 8b 26 4d 85 e4 0f
[   22.956171][  T371] RSP: 0018:ffffc90000b27060 EFLAGS: 00010a06
[   23.047521][  T371] RAX: 00000000ffffffff RBX: dffffc0000000000 RCX: ffffc90000b27140
[   23.055465][  T371] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea000477cd68
[   23.063406][  T371] RBP: ffffc90000b27570 R08: dffffc0000000000 R09: fffff940008ef9ae
[   23.071346][  T371] R10: fffff940008ef9ae R11: 1ffffd40008ef9ad R12: ffffea000477cd40
[   23.079285][  T371] R13: 0000000000000000 R14: ffffc90800b27138 R15: 1ffff92100164e27
[   23.087227][  T371] FS:  0000555555cc0300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   23.096133][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   23.102696][  T371] CR2: fffff52100164e27 CR3: 000000011c15d000 CR4: 00000000003506b0
[   23.110648][  T371] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   23.118593][  T371] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   23.126532][  T371] Call Trace:
[   23.129793][  T371]  ? z_erofs_decompressqueue_endio+0x4d6/0x520
[   23.135926][  T371]  ? z_erofs_decompressqueue_work+0x190/0x190
[   23.141959][  T371]  ? submit_bio_checks+0x25c/0xe80
[   23.147054][  T371]  ? _raw_spin_unlock_irq+0x4e/0x70
[   23.152219][  T371]  ? wait_for_common_io+0x240/0x300
[   23.157383][  T371]  ? z_erofs_decompress_kickoff+0x109/0x390
[   23.163242][  T371]  ? wait_for_completion_io+0x20/0x20
[   23.168583][  T371]  ? z_erofs_decompressqueue_endio+0x520/0x520
[   23.174721][  T371]  z_erofs_runqueue+0xbbb/0xcd0
[   23.179543][  T371]  ? z_erofs_do_read_page+0x21c0/0x21c0
[   23.185056][  T371]  ? __kasan_check_write+0x14/0x20
[   23.190132][  T371]  z_erofs_readpage+0x2fc/0x5f0
[   23.194949][  T371]  ? put_page+0xc0/0xc0
[   23.199075][  T371]  ? z_erofs_rcu_callback+0x160/0x160
[   23.204412][  T371]  ? add_to_page_cache_locked+0x40/0x40
[   23.210042][  T371]  ? pagecache_get_page+0x75c/0x850
[   23.215220][  T371]  do_read_cache_page+0x717/0x8f0
[   23.220217][  T371]  read_cache_page+0x4d/0x70
[   23.224779][  T371]  find_target_block_classic+0x133/0xa30
[   23.230381][  T371]  erofs_namei+0x1c0/0x9e0
[   23.234768][  T371]  ? asan.module_dtor+0x20/0x20
[   23.239589][  T371]  erofs_lookup+0x141/0x3b0
[   23.244060][  T371]  ? find_target_block_classic+0xa30/0xa30
[   23.249834][  T371]  ? _raw_spin_unlock+0x4d/0x70
[   23.254649][  T371]  ? d_alloc+0x198/0x1d0
[   23.258862][  T371]  __lookup_hash+0x141/0x290
[   23.263418][  T371]  filename_create+0x207/0x770
[   23.268166][  T371]  ? __check_object_size+0x305/0x3e0
[   23.273418][  T371]  ? kern_path_create+0x40/0x40
[   23.278233][  T371]  do_mknodat+0x15f/0x430
[   23.282534][  T371]  ? __fpregs_load_activate+0x1e7/0x370
[   23.288049][  T371]  ? may_open+0x3f0/0x3f0
[   23.292365][  T371]  __x64_sys_mknodat+0x9b/0xb0
[   23.297096][  T371]  do_syscall_64+0x34/0x70
[   23.301482][  T371]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   23.307341][  T371] RIP: 0033:0x7fa7ffe6de19
[   23.311732][  T371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   23.331321][  T371] RSP: 002b:00007fff54649de8 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   23.339701][  T371] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa7ffe6de19
[   23.347639][  T371] RDX: 0000000000000004 RSI: 0000000020000080 RDI: 0000000000000005
[   23.355576][  T371] RBP: 00007fa7ffe2d610 R08: 0000555555cc02c0 R09: 0000000000000000
[   23.363515][  T371] R10: 0000000000000700 R11: 0000000000000246 R12: 00007fa7ffe2d6a0
[   23.371452][  T371] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   23.379392][  T371] Modules linked in:
[   23.383258][  T371] CR2: fffff52100164e27
[   23.387382][  T371] ---[ end trace d4694d95192b3555 ]---
[   23.392811][  T371] RIP: 0010:z_erofs_decompress_pcluster+0x7a0/0x1d70
[   23.399451][  T371] Code: 00 e8 b4 1b 85 ff 41 8a 04 1e 84 c0 0f 85 13 02 00 00 41 8b 07 c1 f8 02 89 c0 48 8b 4c 24 58 4c 8d 34 c1 4d 89 f7 49 c1 ef 03 <41> 80 3c 1f 00 74 08 4c 89 f7 e8 91 19 85 ff 4d 8b 26 4d 85 e4 0f
[   23.419021][  T371] RSP: 0018:ffffc90000b27060 EFLAGS: 00010a06
[   23.425055][  T371] RAX: 00000000ffffffff RBX: dffffc0000000000 RCX: ffffc90000b27140
[   23.433004][  T371] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea000477cd68
[   23.440948][  T371] RBP: ffffc90000b27570 R08: dffffc0000000000 R09: fffff940008ef9ae
[   23.448887][  T371] R10: fffff940008ef9ae R11: 1ffffd40008ef9ad R12: ffffea000477cd40
[   23.456826][  T371] R13: 0000000000000000 R14: ffffc90800b27138 R15: 1ffff92100164e27
[   23.464765][  T371] FS:  0000555555cc0300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   23.473661][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   23.480214][  T371] CR2: fffff52100164e27 CR3: 000000011c15d000 CR4: 00000000003506b0
[   23.488178][  T371] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   23.496118][  T371] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   23.504063][  T371] Kernel panic - not syncing: Fatal exception
[   23.510250][  T371] Kernel Offset: disabled
[   23.514551][  T371] Rebooting in 86400 seconds..