Warning: Permanently added '10.128.10.7' (ED25519) to the list of known hosts. 2024/01/08 18:04:48 ignoring optional flag "sandboxArg"="0" 2024/01/08 18:04:48 parsed 1 programs 2024/01/08 18:04:48 executed programs: 0 [ 43.289043][ T24] audit: type=1400 audit(1704737088.530:150): avc: denied { mounton } for pid=337 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 43.315312][ T24] audit: type=1400 audit(1704737088.530:151): avc: denied { mount } for pid=337 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 43.350362][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.357513][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.364962][ T341] device bridge_slave_0 entered promiscuous mode [ 43.372084][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.379440][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.387174][ T341] device bridge_slave_1 entered promiscuous mode [ 43.418995][ T24] audit: type=1400 audit(1704737088.660:152): avc: denied { write } for pid=341 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.424202][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.440664][ T24] audit: type=1400 audit(1704737088.660:153): avc: denied { read } for pid=341 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.447565][ T341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.477433][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.484958][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.503128][ T300] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.512343][ T300] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.520862][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.528772][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.537886][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.546158][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.553627][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.571230][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.579696][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.586684][ T300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.593839][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.601813][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.611988][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.623549][ T341] device veth0_vlan entered promiscuous mode [ 43.630323][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.639078][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.647116][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.659024][ T341] device veth1_macvtap entered promiscuous mode [ 43.666823][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.677434][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.689591][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.702659][ T24] audit: type=1400 audit(1704737088.950:154): avc: denied { mounton } for pid=341 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=357 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 43.739693][ T24] audit: type=1400 audit(1704737088.980:155): avc: denied { mounton } for pid=346 comm="syz-executor.0" path="/root/syzkaller-testdir4234761729/syzkaller.QEDhAR/0/bus" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 43.751444][ T347] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 43.784033][ T24] audit: type=1400 audit(1704737089.030:156): avc: denied { mount } for pid=346 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 43.784044][ T347] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/0/bus supports timestamps until 2038 (0x7fffffff) [ 43.825278][ T24] audit: type=1400 audit(1704737089.040:157): avc: denied { write } for pid=346 comm="syz-executor.0" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 43.825304][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 43.848793][ T24] audit: type=1400 audit(1704737089.040:158): avc: denied { add_name } for pid=346 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 43.865281][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 43.886748][ T24] audit: type=1400 audit(1704737089.040:159): avc: denied { create } for pid=346 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 43.900995][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 43.934534][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 43.934534][ T9] [ 43.945019][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.031170][ T354] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.040451][ T354] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/1/bus supports timestamps until 2038 (0x7fffffff) [ 44.082224][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.096401][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 44.111041][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 44.124175][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 44.124175][ T9] [ 44.134687][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.230956][ T361] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.241581][ T361] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/2/bus supports timestamps until 2038 (0x7fffffff) [ 44.281477][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.294703][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 44.309048][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 44.321683][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 44.321683][ T9] [ 44.331368][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.391046][ T367] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.400452][ T367] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/3/bus supports timestamps until 2038 (0x7fffffff) [ 44.500942][ T373] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.510197][ T373] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/4/bus supports timestamps until 2038 (0x7fffffff) [ 44.547204][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.561184][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 44.576394][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 44.589012][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 44.589012][ T9] [ 44.599694][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 44.681423][ T381] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.690687][ T381] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/5/bus supports timestamps until 2038 (0x7fffffff) [ 44.731640][ T110] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:2: Invalid inode table block 0 in block_group 0 [ 44.745936][ T110] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:2: Invalid inode table block 0 in block_group 0 [ 44.758882][ T110] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem [ 44.768814][ T110] EXT4-fs error (device loop0): __ext4_ext_dirty:182: inode #19: comm kworker/u4:2: mark_inode_dirty error [ 44.784239][ T110] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 2 with error 117 [ 44.796439][ T110] EXT4-fs (loop0): This should not happen!! Data will be lost [ 44.796439][ T110] [ 44.806655][ T110] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:2: Invalid inode table block 0 in block_group 0 [ 44.940895][ T387] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 44.949686][ T387] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/6/bus supports timestamps until 2038 (0x7fffffff) [ 44.992329][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 45.006214][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 45.020691][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 45.034807][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 45.034807][ T9] [ 45.045276][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 45.140836][ T393] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 45.150255][ T393] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/7/bus supports timestamps until 2038 (0x7fffffff) [ 45.230947][ T399] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 45.240607][ T399] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/8/bus supports timestamps until 2038 (0x7fffffff) [ 45.275723][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 45.291638][ T9] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:1: bad extent address lblock: 0, depth: 1 pblock 0 [ 45.306080][ T9] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 45.318930][ T9] EXT4-fs (loop0): This should not happen!! Data will be lost [ 45.318930][ T9] [ 45.328905][ T9] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 45.411323][ T405] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 45.420362][ T405] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/9/bus supports timestamps until 2038 (0x7fffffff) [ 45.461962][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 45.475807][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 45.490475][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 45.503178][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 45.503178][ T378] [ 45.513159][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 45.601570][ T411] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 45.611364][ T411] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/10/bus supports timestamps until 2038 (0x7fffffff) [ 45.649514][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 45.662632][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 45.676888][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 45.689822][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 45.689822][ T378] [ 45.700143][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 45.780825][ T418] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 45.789658][ T418] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/11/bus supports timestamps until 2038 (0x7fffffff) [ 45.826103][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 45.839632][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 45.854164][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 45.868425][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 45.868425][ T378] [ 45.879471][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.050901][ T424] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 46.060096][ T424] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/12/bus supports timestamps until 2038 (0x7fffffff) [ 46.080683][ T424] EXT4-fs error (device loop0): ext4_map_blocks:716: inode #19: block 249: comm syz-executor.0: lblock 41 mapped to illegal pblock 249 (length 1) [ 46.096129][ T424] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm syz-executor.0: Invalid inode table block 0 in block_group 0 [ 46.110032][ T424] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem [ 46.119557][ T424] EXT4-fs error (device loop0): ext4_ext_truncate:4396: inode #19: comm syz-executor.0: mark_inode_dirty error [ 46.132620][ T424] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm syz-executor.0: Invalid inode table block 0 in block_group 0 [ 46.147556][ T424] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem [ 46.158394][ T424] EXT4-fs error (device loop0): ext4_truncate:4378: inode #19: comm syz-executor.0: mark_inode_dirty error [ 46.178314][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.191737][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 46.207374][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 46.221168][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 46.221168][ T378] [ 46.231335][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.341012][ T430] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 46.351027][ T430] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/13/bus supports timestamps until 2038 (0x7fffffff) [ 46.387357][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.401486][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 46.416536][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 46.428971][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 46.428971][ T378] [ 46.438892][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.540886][ T436] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 46.551057][ T436] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/14/bus supports timestamps until 2038 (0x7fffffff) [ 46.584889][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.598293][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 46.612397][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 46.625156][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 46.625156][ T378] [ 46.635670][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.751112][ T443] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 46.760605][ T443] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/15/bus supports timestamps until 2038 (0x7fffffff) [ 46.797687][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.812152][ T378] EXT4-fs error (device loop0): ext4_ext_map_blocks:4115: inode #19: comm kworker/u4:3: bad extent address lblock: 0, depth: 1 pblock 0 [ 46.827098][ T378] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 16 with error 117 [ 46.842256][ T378] EXT4-fs (loop0): This should not happen!! Data will be lost [ 46.842256][ T378] [ 46.854224][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 46.981411][ T449] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 46.990444][ T449] ext4 filesystem being mounted at /root/syzkaller-testdir4234761729/syzkaller.QEDhAR/16/bus supports timestamps until 2038 (0x7fffffff) [ 47.024187][ T378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4426: comm kworker/u4:3: Invalid inode table block 0 in block_group 0 [ 47.037709][ T378] ================================================================== [ 47.045959][ T378] BUG: KASAN: use-after-free in ext4_find_extent+0xbab/0xdb0 [ 47.053789][ T378] Read of size 4 at addr ffff88812291603c by task kworker/u4:3/378 [ 47.062209][ T378] [ 47.064568][ T378] CPU: 0 PID: 378 Comm: kworker/u4:3 Not tainted 5.10.205-syzkaller-999740-g3d758d85a169 #0 [ 47.074552][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 47.084561][ T378] Workqueue: writeback wb_workfn (flush-7:0) [ 47.090535][ T378] Call Trace: [ 47.093755][ T378] dump_stack_lvl+0x1e2/0x24b [ 47.098438][ T378] ? bfq_pos_tree_add_move+0x43b/0x43b [ 47.104274][ T378] ? panic+0x80b/0x80b [ 47.108157][ T378] ? __getblk_gfp+0x3d/0x7e0 [ 47.112581][ T378] print_address_description+0x81/0x3b0 [ 47.117968][ T378] kasan_report+0x179/0x1c0 [ 47.122403][ T378] ? ext4_find_extent+0xbab/0xdb0 [ 47.127348][ T378] ? ext4_find_extent+0xbab/0xdb0 [ 47.132305][ T378] __asan_report_load4_noabort+0x14/0x20 [ 47.137761][ T378] ext4_find_extent+0xbab/0xdb0 [ 47.142540][ T378] ext4_ext_map_blocks+0x26d/0x6be0 [ 47.147659][ T378] ? stack_trace_save+0x113/0x1c0 [ 47.152608][ T378] ? free_unref_page_commit+0x2e0/0x2e0 [ 47.158433][ T378] ? ext4_ext_release+0x10/0x10 [ 47.163121][ T378] ? slab_post_alloc_hook+0x61/0x2f0 [ 47.168233][ T378] ? kmem_cache_alloc+0x168/0x2e0 [ 47.173091][ T378] ? ext4_alloc_io_end_vec+0x2a/0x170 [ 47.178383][ T378] ? ext4_writepages+0x122f/0x3c00 [ 47.183433][ T378] ? do_writepages+0x12e/0x270 [ 47.188028][ T378] ? __writeback_single_inode+0xd7/0xac0 [ 47.193493][ T378] ? writeback_sb_inodes+0x99c/0x16b0 [ 47.198795][ T378] ? wb_writeback+0x404/0xc60 [ 47.203423][ T378] ? wb_workfn+0x3d9/0x1110 [ 47.207753][ T378] ? process_one_work+0x6dc/0xbd0 [ 47.212613][ T378] ? worker_thread+0xaea/0x1510 [ 47.217387][ T378] ? kthread+0x34b/0x3d0 [ 47.221470][ T378] ? ret_from_fork+0x1f/0x30 [ 47.225898][ T378] ? _raw_read_unlock+0x25/0x40 [ 47.230718][ T378] ? ext4_es_lookup_extent+0x33b/0x940 [ 47.236065][ T378] ext4_map_blocks+0xaa7/0x1ec0 [ 47.240845][ T378] ? ext4_issue_zeroout+0x1b0/0x1b0 [ 47.245891][ T378] ? ext4_inode_journal_mode+0x1a5/0x470 [ 47.251536][ T378] ext4_writepages+0x148b/0x3c00 [ 47.256542][ T378] ? __ext4_error+0x203/0x420 [ 47.261135][ T378] ? ext4_readpage+0x230/0x230 [ 47.265916][ T378] ? psi_task_change+0x1e6/0x360 [ 47.270850][ T378] ? ext4_get_group_desc+0x260/0x2b0 [ 47.276062][ T378] ? __ext4_get_inode_loc+0x59c/0xbf0 [ 47.281380][ T378] ? ext4_readpage+0x230/0x230 [ 47.286159][ T378] do_writepages+0x12e/0x270 [ 47.290576][ T378] ? __writepage+0x130/0x130 [ 47.295435][ T378] ? __kasan_check_write+0x14/0x20 [ 47.300380][ T378] ? __kasan_check_write+0x14/0x20 [ 47.305336][ T378] ? _raw_spin_lock+0xa4/0x1b0 [ 47.309932][ T378] __writeback_single_inode+0xd7/0xac0 [ 47.315318][ T378] ? inode_add_lru+0x130/0x190 [ 47.320101][ T378] writeback_sb_inodes+0x99c/0x16b0 [ 47.325129][ T378] ? queue_io+0x520/0x520 [ 47.329378][ T378] ? writeback_sb_inodes+0x16b0/0x16b0 [ 47.334690][ T378] ? queue_io+0x3d3/0x520 [ 47.338856][ T378] wb_writeback+0x404/0xc60 [ 47.343197][ T378] ? wb_io_lists_depopulated+0x180/0x180 [ 47.348737][ T378] ? set_worker_desc+0x158/0x1c0 [ 47.353745][ T378] ? update_load_avg+0x541/0x1690 [ 47.358564][ T378] ? __kasan_check_write+0x14/0x20 [ 47.363520][ T378] wb_workfn+0x3d9/0x1110 [ 47.367682][ T378] ? inode_wait_for_writeback+0x280/0x280 [ 47.374570][ T378] ? _raw_spin_unlock_irq+0x4e/0x70 [ 47.379591][ T378] ? finish_task_switch+0x130/0x5a0 [ 47.384625][ T378] ? switch_mm_irqs_off+0x33c/0x9a0 [ 47.389658][ T378] ? __switch_to_asm+0x34/0x60 [ 47.394261][ T378] ? __kasan_check_read+0x11/0x20 [ 47.399120][ T378] ? read_word_at_a_time+0x12/0x20 [ 47.404253][ T378] ? strscpy+0x9c/0x260 [ 47.408501][ T378] process_one_work+0x6dc/0xbd0 [ 47.413179][ T378] worker_thread+0xaea/0x1510 [ 47.417689][ T378] ? _raw_spin_lock+0x1b0/0x1b0 [ 47.422504][ T378] ? __kasan_check_read+0x11/0x20 [ 47.427347][ T378] kthread+0x34b/0x3d0 [ 47.431751][ T378] ? worker_clr_flags+0x180/0x180 [ 47.436789][ T378] ? kthread_blkcg+0xd0/0xd0 [ 47.441216][ T378] ret_from_fork+0x1f/0x30 [ 47.445988][ T378] [ 47.448164][ T378] The buggy address belongs to the page: [ 47.453888][ T378] page:ffffea00048a4580 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 pfn:0x122916 [ 47.465853][ T378] flags: 0x4000000000000000() [ 47.470663][ T378] raw: 4000000000000000 ffffea00048a1088 ffffea00048a4a08 0000000000000000 [ 47.479388][ T378] raw: 0000000000000001 0000000000000001 00000000ffffff7f 0000000000000000 [ 47.489595][ T378] page dumped because: kasan: bad access detected [ 47.495843][ T378] page_owner tracks the page as freed [ 47.501233][ T378] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 436, ts 46532942154, free_ts 46723727245 [ 47.516330][ T378] prep_new_page+0x166/0x180 [ 47.520931][ T378] get_page_from_freelist+0x2d8c/0x2f30 [ 47.526468][ T378] __alloc_pages_nodemask+0x435/0xaf0 [ 47.531665][ T378] shmem_alloc_page+0x257/0x420 [ 47.536445][ T378] shmem_alloc_and_acct_page+0x395/0x8e0 [ 47.541926][ T378] shmem_getpage_gfp+0x891/0x2480 [ 47.546762][ T378] shmem_write_begin+0xca/0x1b0 [ 47.551630][ T378] generic_perform_write+0x2cd/0x570 [ 47.556860][ T378] __generic_file_write_iter+0x23c/0x560 [ 47.562473][ T378] generic_file_write_iter+0xaf/0x1c0 [ 47.568029][ T378] vfs_write+0xb55/0xe70 [ 47.572204][ T378] ksys_write+0x199/0x2c0 [ 47.576381][ T378] __x64_sys_write+0x7b/0x90 [ 47.581262][ T378] do_syscall_64+0x34/0x70 [ 47.585768][ T378] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 47.592002][ T378] page last free stack trace: [ 47.596744][ T378] free_unref_page_prepare+0x2ae/0x2d0 [ 47.602122][ T378] free_unref_page_list+0x122/0xb20 [ 47.607344][ T378] release_pages+0xea0/0xef0 [ 47.611857][ T378] __pagevec_release+0x84/0x100 [ 47.616538][ T378] shmem_undo_range+0x7d1/0x1a60 [ 47.621311][ T378] shmem_evict_inode+0x215/0x9d0 [ 47.626216][ T378] evict+0x2a3/0x6c0 [ 47.630599][ T378] iput+0x632/0x7e0 [ 47.634331][ T378] dentry_unlink_inode+0x2e5/0x3d0 [ 47.639297][ T378] __dentry_kill+0x447/0x650 [ 47.643727][ T378] dentry_kill+0xc0/0x2a0 [ 47.648136][ T378] dput+0x160/0x310 [ 47.651775][ T378] __fput+0x4f4/0x760 [ 47.655682][ T378] ____fput+0x15/0x20 [ 47.659937][ T378] task_work_run+0x129/0x190 [ 47.664623][ T378] exit_to_user_mode_loop+0xbf/0xd0 [ 47.670273][ T378] [ 47.672603][ T378] Memory state around the buggy address: [ 47.678162][ T378] ffff888122915f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.686770][ T378] ffff888122915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.695630][ T378] >ffff888122916000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.704760][ T378] ^ [ 47.711825][ T378] ffff888122916080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.720510][ T378] ffff888122916100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.728601][ T378] ================================================================== [ 47.737872][ T378] Disabling lock debugging due to kernel taint [ 47.745391][ T378] ------------[ cut here ]------------ [ 47.751676][ T378] kernel BUG at fs/ext4/inode.c:2452! [ 47.757543][ T378] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 47.764465][ T378] CPU: 0 PID: 378 Comm: kworker/u4:3 Tainted: G B 5.10.205-syzkaller-999740-g3d758d85a169 #0 [ 47.776955][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 47.787468][ T378] Workqueue: writeback wb_workfn (flush-7:0) [ 47.793343][ T378] RIP: 0010:ext4_writepages+0x3b44/0x3c00 [ 47.798986][ T378] Code: 00 74 08 48 89 df e8 bb fb c9 ff 48 8b 3b 48 8b 74 24 28 48 8b 54 24 50 44 89 e1 45 89 f8 e8 13 d2 07 00 eb 5d e8 bc 8e 8c ff <0f> 0b e8 b5 8e 8c ff eb 3b e8 ae 8e 8c ff eb 77 e8 a7 8e 8c ff 31 [ 47.819309][ T378] RSP: 0018:ffffc90000ff70a0 EFLAGS: 00010293 [ 47.825399][ T378] RAX: ffffffff81de1764 RBX: dffffc0000000000 RCX: ffff88810e7462c0 [ 47.833803][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.841643][ T378] RBP: ffffc90000ff7490 R08: ffffffff81ddf369 R09: ffffed10245a119e [ 47.850549][ T378] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000ff73b0 [ 47.858561][ T378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 47.866925][ T378] FS: 0000000000000000(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 [ 47.876570][ T378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.883776][ T378] CR2: 0000555556921818 CR3: 0000000106fd7000 CR4: 00000000003506b0 [ 47.891989][ T378] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.900962][ T378] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.908997][ T378] Call Trace: [ 47.912056][ T378] ? __die_body+0x62/0xb0 [ 47.916303][ T378] ? die+0x88/0xb0 [ 47.919944][ T378] ? do_trap+0x1a4/0x310 [ 47.924029][ T378] ? ext4_writepages+0x3b44/0x3c00 [ 47.928976][ T378] ? handle_invalid_op+0x95/0xc0 [ 47.933832][ T378] ? ext4_writepages+0x3b44/0x3c00 [ 47.939130][ T378] ? exc_invalid_op+0x32/0x50 [ 47.943655][ T378] ? asm_exc_invalid_op+0x12/0x20 [ 47.948502][ T378] ? ext4_writepages+0x1749/0x3c00 [ 47.954030][ T378] ? ext4_writepages+0x3b44/0x3c00 [ 47.959276][ T378] ? ext4_writepages+0x3b44/0x3c00 [ 47.964342][ T378] ? __ext4_error+0x203/0x420 [ 47.969012][ T378] ? ext4_readpage+0x230/0x230 [ 47.973598][ T378] ? psi_task_change+0x1e6/0x360 [ 47.978368][ T378] ? ext4_get_group_desc+0x260/0x2b0 [ 47.983575][ T378] ? __ext4_get_inode_loc+0x59c/0xbf0 [ 47.988877][ T378] ? ext4_readpage+0x230/0x230 [ 47.993489][ T378] do_writepages+0x12e/0x270 [ 47.997898][ T378] ? __writepage+0x130/0x130 [ 48.002325][ T378] ? __kasan_check_write+0x14/0x20 [ 48.007271][ T378] ? __kasan_check_write+0x14/0x20 [ 48.012241][ T378] ? _raw_spin_lock+0xa4/0x1b0 [ 48.016866][ T378] __writeback_single_inode+0xd7/0xac0 [ 48.022339][ T378] ? inode_add_lru+0x130/0x190 [ 48.026902][ T378] writeback_sb_inodes+0x99c/0x16b0 [ 48.032014][ T378] ? queue_io+0x520/0x520 [ 48.036263][ T378] ? writeback_sb_inodes+0x16b0/0x16b0 [ 48.041556][ T378] ? queue_io+0x3d3/0x520 [ 48.045754][ T378] wb_writeback+0x404/0xc60 [ 48.050167][ T378] ? wb_io_lists_depopulated+0x180/0x180 [ 48.055630][ T378] ? set_worker_desc+0x158/0x1c0 [ 48.060584][ T378] ? update_load_avg+0x541/0x1690 [ 48.065705][ T378] ? __kasan_check_write+0x14/0x20 [ 48.070817][ T378] wb_workfn+0x3d9/0x1110 [ 48.074987][ T378] ? inode_wait_for_writeback+0x280/0x280 [ 48.080885][ T378] ? _raw_spin_unlock_irq+0x4e/0x70 [ 48.086624][ T378] ? finish_task_switch+0x130/0x5a0 [ 48.091819][ T378] ? switch_mm_irqs_off+0x33c/0x9a0 [ 48.096856][ T378] ? __switch_to_asm+0x34/0x60 [ 48.101453][ T378] ? __kasan_check_read+0x11/0x20 [ 48.106472][ T378] ? read_word_at_a_time+0x12/0x20 [ 48.111414][ T378] ? strscpy+0x9c/0x260 [ 48.115498][ T378] process_one_work+0x6dc/0xbd0 [ 48.120173][ T378] worker_thread+0xaea/0x1510 [ 48.124860][ T378] ? _raw_spin_lock+0x1b0/0x1b0 [ 48.129543][ T378] ? __kasan_check_read+0x11/0x20 [ 48.134461][ T378] kthread+0x34b/0x3d0 [ 48.138488][ T378] ? worker_clr_flags+0x180/0x180 [ 48.143703][ T378] ? kthread_blkcg+0xd0/0xd0 [ 48.148198][ T378] ret_from_fork+0x1f/0x30 [ 48.152621][ T378] Modules linked in: [ 48.156725][ T378] ---[ end trace 76100a5b6f83f7e2 ]--- [ 48.162309][ T378] RIP: 0010:ext4_writepages+0x3b44/0x3c00 [ 48.168999][ T378] Code: 00 74 08 48 89 df e8 bb fb c9 ff 48 8b 3b 48 8b 74 24 28 48 8b 54 24 50 44 89 e1 45 89 f8 e8 13 d2 07 00 eb 5d e8 bc 8e 8c ff <0f> 0b e8 b5 8e 8c ff eb 3b e8 ae 8e 8c ff eb 77 e8 a7 8e 8c ff 31 [ 48.188945][ T378] RSP: 0018:ffffc90000ff70a0 EFLAGS: 00010293 [ 48.194713][ T378] RAX: ffffffff81de1764 RBX: dffffc0000000000 RCX: ffff88810e7462c0 [ 48.202771][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 48.210529][ T378] RBP: ffffc90000ff7490 R08: ffffffff81ddf369 R09: ffffed10245a119e [ 48.218864][ T378] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000ff73b0 [ 48.226864][ T378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 48.235199][ T378] FS: 0000000000000000(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 48.245601][ T378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 48.252159][ T378] CR2: 000000c000edb000 CR3: 000000000600f000 CR4: 00000000003506a0 [ 48.259987][ T378] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.267748][ T378] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.276035][ T378] Kernel panic - not syncing: Fatal exception [ 48.282238][ T378] Kernel Offset: disabled [ 48.286484][ T378] Rebooting in 86400 seconds..