Warning: Permanently added '10.128.10.14' (ED25519) to the list of known hosts.
2023/12/19 09:12:16 ignoring optional flag "sandboxArg"="0"
2023/12/19 09:12:16 parsed 1 programs
[ 40.356348][ T23] kauditd_printk_skb: 75 callbacks suppressed
[ 40.356353][ T23] audit: type=1400 audit(1702977136.350:151): avc: denied { mounton } for pid=334 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 40.387815][ T23] audit: type=1400 audit(1702977136.350:152): avc: denied { mount } for pid=334 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 40.411911][ T23] audit: type=1400 audit(1702977136.350:153): avc: denied { setattr } for pid=334 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
2023/12/19 09:12:16 executed programs: 0
[ 40.435648][ T23] audit: type=1400 audit(1702977136.350:154): avc: denied { read write } for pid=334 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 40.462658][ T334] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 40.462848][ T23] audit: type=1400 audit(1702977136.350:155): avc: denied { open } for pid=334 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 40.497849][ T23] audit: type=1400 audit(1702977136.380:156): avc: denied { unlink } for pid=334 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 40.519356][ T339] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.524173][ T23] audit: type=1400 audit(1702977136.380:157): avc: denied { relabelto } for pid=335 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 40.531137][ T339] bridge0: port 1(bridge_slave_0) entered disabled state
[ 40.556175][ T23] audit: type=1400 audit(1702977136.460:158): avc: denied { mounton } for pid=339 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 40.563319][ T339] device bridge_slave_0 entered promiscuous mode
[ 40.594039][ T339] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.601615][ T339] bridge0: port 2(bridge_slave_1) entered disabled state
[ 40.608955][ T339] device bridge_slave_1 entered promiscuous mode
[ 40.639634][ T339] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.646693][ T339] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 40.653919][ T339] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.660777][ T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 40.675635][ T292] bridge0: port 1(bridge_slave_0) entered disabled state
[ 40.682868][ T292] bridge0: port 2(bridge_slave_1) entered disabled state
[ 40.689889][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 40.698046][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 40.714897][ T339] device veth0_vlan entered promiscuous mode
[ 40.721965][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 40.730734][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 40.738826][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 40.746165][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 40.753637][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 40.761651][ T292] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.768871][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 40.776595][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 40.784592][ T292] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.791457][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 40.799073][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 40.806795][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 40.818018][ T339] device veth1_macvtap entered promiscuous mode
[ 40.827188][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 40.839760][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 40.848587][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 40.867180][ T23] audit: type=1400 audit(1702977136.860:159): avc: denied { mounton } for pid=343 comm="syz-executor.0" path="/root/syzkaller-testdir991320304/syzkaller.5Jk3iD/0/file1" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 40.899105][ T344] EXT4-fs (loop0): 1 orphan inode deleted
[ 40.905098][ T344] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1,
[ 40.927023][ T344] ext4 filesystem being mounted at /root/syzkaller-testdir991320304/syzkaller.5Jk3iD/0/file1 supports timestamps until 2038 (0x7fffffff)
[ 40.927123][ T23] audit: type=1400 audit(1702977136.920:160): avc: denied { mount } for pid=343 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 40.965399][ T349] EXT4-fs error (device loop0): ext4_ext_remove_space:2857: inode #16: comm syz-executor.0: path[1].p_hdr == NULL
[ 40.965510][ T349] EXT4-fs (loop0): Remounting filesystem read-only
[ 40.984313][ T349] EXT4-fs error (device loop0): __ext4_get_inode_loc:4425: comm syz-executor.0: Invalid inode table block 0 in block_group 0
[ 40.997383][ T349] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem
[ 41.007812][ T349] EXT4-fs error (device loop0): ext4_punch_hole:4218: inode #16: comm syz-executor.0: mark_inode_dirty error
[ 41.087033][ T351] EXT4-fs (loop0): 1 orphan inode deleted
[ 41.092748][ T351] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1,
[ 41.114920][ T351] ext4 filesystem being mounted at /root/syzkaller-testdir991320304/syzkaller.5Jk3iD/1/file1 supports timestamps until 2038 (0x7fffffff)
[ 41.134730][ T355] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:475: comm syz-executor.0: Invalid block bitmap block 0 in block_group 0
[ 41.148726][ T355] EXT4-fs (loop0): Remounting filesystem read-only
[ 41.155068][ T355] EXT4-fs error (device loop0) in ext4_mb_clear_bb:5608: Corrupt filesystem
[ 41.163872][ T355] ==================================================================
[ 41.171839][ T355] BUG: KASAN: out-of-bounds in ext4_ext_remove_space+0xfae/0x3c70
[ 41.179766][ T355] Read of size 18446744073709551544 at addr ffff88812186f054 by task syz-executor.0/355
[ 41.189295][ T355]
[ 41.191462][ T355] CPU: 0 PID: 355 Comm: syz-executor.0 Not tainted 5.10.203-syzkaller #0
[ 41.199890][ T355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 41.210514][ T355] Call Trace:
[ 41.213640][ T355] dump_stack_lvl+0x81/0xac
[ 41.217979][ T355] print_address_description.constprop.0+0x24/0x160
[ 41.224590][ T355] ? ext4_ext_remove_space+0xfae/0x3c70
[ 41.230011][ T355] kasan_report.cold+0x82/0xdb
[ 41.234763][ T355] ? ext4_ext_remove_space+0xfae/0x3c70
[ 41.240330][ T355] kasan_check_range+0x148/0x190
[ 41.245259][ T355] memmove+0x24/0x60
[ 41.248990][ T355] ext4_ext_remove_space+0xfae/0x3c70
[ 41.254197][ T355] ? ext4_ext_index_trans_blocks+0x100/0x100
[ 41.260098][ T355] ? _raw_write_unlock+0x38/0x60
[ 41.265014][ T355] ? ext4_es_lookup_extent+0x9b0/0x9b0
[ 41.270591][ T355] ? ext4_zero_partial_blocks+0x21b/0x520
[ 41.276146][ T355] ? __ext4_journal_start_sb+0x33/0x2d0
[ 41.281764][ T355] ext4_punch_hole+0x783/0xf90
[ 41.286460][ T355] ? rwsem_down_write_slowpath+0x1160/0x1160
[ 41.292944][ T355] ext4_fallocate+0x6fb/0x2c90
[ 41.297626][ T355] ? avc_ss_reset+0x120/0x120
[ 41.302139][ T355] ? ext4_ext_truncate+0x1c0/0x1c0
[ 41.307173][ T355] ? security_file_permission+0x4c/0x460
[ 41.312725][ T355] vfs_fallocate+0x2b1/0xb10
[ 41.317419][ T355] ioctl_preallocate+0x149/0x1c0
[ 41.322362][ T355] ? fiemap_prep+0x200/0x200
[ 41.326890][ T355] ? __kasan_check_write+0x14/0x20
[ 41.332107][ T355] ? _raw_spin_lock_irq+0x87/0x110
[ 41.337052][ T355] do_vfs_ioctl+0xaec/0xd10
[ 41.341485][ T355] ? generic_block_fiemap+0x70/0x70
[ 41.346596][ T355] ? sigsuspend+0x250/0x250
[ 41.351679][ T355] ? __kasan_check_write+0x14/0x20
[ 41.356606][ T355] ? selinux_file_ioctl+0xee/0x240
[ 41.361974][ T355] __x64_sys_ioctl+0xce/0x1a0
[ 41.366694][ T355] do_syscall_64+0x32/0x80
[ 41.371052][ T355] entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 41.376839][ T355] RIP: 0033:0x7f6cfaa01ae9
[ 41.381184][ T355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 41.401069][ T355] RSP: 002b:00007f6cf21a30c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 41.409580][ T355] RAX: ffffffffffffffda RBX: 00007f6cfab21050 RCX: 00007f6cfaa01ae9
[ 41.417777][ T355] RDX: 0000000020000080 RSI: 000000004030582b RDI: 0000000000000004
[ 41.426026][ T355] RBP: 00007f6cfaa4d47a R08: 0000000000000000 R09: 0000000000000000
[ 41.433919][ T355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 41.441874][ T355] R13: 000000000000000b R14: 00007f6cfab21050 R15: 00007fff8ca5bab8
[ 41.449677][ T355]
[ 41.451804][ T355] The buggy address belongs to the page:
[ 41.458152][ T355] page:ffffea0004861bc0 refcount:2 mapcount:0 mapping:ffff888108ead390 index:0x3a pfn:0x12186f
[ 41.468944][ T355] aops:def_blk_aops ino:0
[ 41.473552][ T355] flags: 0x4000000000002036(referenced|uptodate|lru|active|private)
[ 41.482048][ T355] raw: 4000000000002036 ffffea000482f588 ffff88811ce0c030 ffff888108ead390
[ 41.490550][ T355] raw: 000000000000003a ffff8881197a8498 00000002ffffffff ffff88811cdf8000
[ 41.499256][ T355] page dumped because: kasan: bad access detected
[ 41.505687][ T355] page->mem_cgroup:ffff88811cdf8000
[ 41.510737][ T355] page_owner tracks the page as allocated
[ 41.516371][ T355] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 351, ts 41131932128, free_ts 0
[ 41.532522][ T355] get_page_from_freelist+0x1fee/0x2ad0
[ 41.537891][ T355] __alloc_pages_nodemask+0x2ae/0x2360
[ 41.543292][ T355] pagecache_get_page+0x169/0x6f0
[ 41.548661][ T355] __getblk_slow+0x1ad/0x580
[ 41.553335][ T355] __getblk_gfp+0x3d/0x50
[ 41.557515][ T355] ext4_ext_insert_extent+0xe64/0x3ec0
[ 41.562805][ T355] ext4_ext_map_blocks+0xf09/0x5100
[ 41.567921][ T355] ext4_map_blocks+0x593/0x1450
[ 41.573041][ T355] _ext4_get_block+0x206/0x5b0
[ 41.577650][ T355] ext4_get_block+0x11/0x20
[ 41.582154][ T355] ext4_block_write_begin+0x3b9/0xdc0
[ 41.587716][ T355] ext4_write_begin+0x484/0xf00
[ 41.592758][ T355] ext4_da_write_begin+0x52b/0xc30
[ 41.599290][ T355] generic_perform_write+0x202/0x4a0
[ 41.605204][ T355] ext4_buffered_write_iter+0x1e5/0x420
[ 41.610948][ T355] ext4_file_write_iter+0x358/0x18e0
[ 41.616013][ T355] page_owner free stack trace missing
[ 41.621222][ T355]
[ 41.623437][ T355] Memory state around the buggy address:
[ 41.629433][ T355] ffff88812186ef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.637317][ T355] ffff88812186ef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 41.645469][ T355] >ffff88812186f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.653451][ T355] ^
[ 41.659961][ T355] ffff88812186f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.668175][ T355] ffff88812186f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.676255][ T355] ==================================================================
[ 41.684305][ T355] Disabling lock debugging due to kernel taint
[ 41.692082][ T355] EXT4-fs error (device loop0): __ext4_get_inode_loc:4425: comm syz-executor.0: Invalid inode table block 0 in block_group 0
[ 41.705402][ T355] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem
[ 41.715483][ T355] EXT4-fs error (device loop0): ext4_punch_hole:4218: inode #16: comm syz-executor.0: mark_inode_dirty error
[ 41.777067][ T358] EXT4-fs (loop0): 1 orphan inode deleted
[ 41.782705][ T358] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1,
[ 41.804441][ T358] ext4 filesystem being mounted at /root/syzkaller-testdir991320304/syzkaller.5Jk3iD/2/file1 supports timestamps until 2038 (0x7fffffff)
[ 41.825362][ T362] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:475: comm syz-executor.0: Invalid block bitmap block 0 in block_group 0
[ 41.848885][ T362] EXT4-fs (loop0): Remounting filesystem read-only
[ 41.855233][ T362] EXT4-fs error (device loop0) in ext4_mb_clear_bb:5608: Corrupt filesystem
[ 41.868498][ T339] general protection fault, probably for non-canonical address 0xe439b0e01ffff0fd: 0000 [#1] PREEMPT SMP KASAN
[ 41.880518][ T339] KASAN: maybe wild-memory-access in range [0x21cda700ffff87e8-0x21cda700ffff87ef]
[ 41.889843][ T339] CPU: 1 PID: 339 Comm: syz-executor.0 Tainted: G B 5.10.203-syzkaller #0
[ 41.899651][ T339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 41.909825][ T339] RIP: 0010:wait_consider_task+0x95/0x4080
[ 41.915623][ T339] Code: c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 00 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 4c 89 c0 48 c1 e8 03 <0f> b6 14 10 4c 89 c0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 c9
[ 41.935236][ T339] RSP: 0018:ffffc90000777ae0 EFLAGS: 00010203
[ 41.941224][ T339] RAX: 0439b4e01ffff0fd RBX: ffffc90000777cf0 RCX: 0000000000000000
[ 41.949229][ T339] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000777cf0
[ 41.957215][ T339] RBP: ffffc90000777c08 R08: 21cda700ffff87ed R09: 0000000000000000
[ 41.965371][ T339] R10: fffffbfff09c1410 R11: 0000000000000000 R12: ffffc90000777cf0
[ 41.973269][ T339] R13: ffff88811f9a6728 R14: 21cda700ffff82c9 R15: ffffc90000777be0
[ 41.981516][ T339] FS: 000055555682c480(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000
[ 41.990643][ T339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 41.997153][ T339] CR2: 000000c000583030 CR3: 000000011f8f3000 CR4: 00000000003506a0
[ 42.005217][ T339] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 42.013022][ T339] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 42.020842][ T339] Call Trace:
[ 42.024007][ T339] ? show_regs.part.0+0x1e/0x20
[ 42.028819][ T339] ? die_addr.cold+0x8/0xd
[ 42.033344][ T339] ? exc_general_protection+0x19b/0x2e0
[ 42.038909][ T339] ? asm_exc_general_protection+0x1e/0x30
[ 42.045435][ T339] ? wait_consider_task+0x95/0x4080
[ 42.050824][ T339] ? __kasan_check_write+0x14/0x20
[ 42.055758][ T339] ? finish_task_switch+0x166/0x630
[ 42.060808][ T339] ? __kasan_check_write+0x14/0x20
[ 42.065814][ T339] ? _raw_spin_lock_irqsave+0x8c/0x120
[ 42.071446][ T339] ? release_task+0x1160/0x1160
[ 42.076114][ T339] ? _raw_spin_unlock_irqrestore+0x47/0x80
[ 42.081830][ T339] do_wait+0x2a8/0x6e0
[ 42.085828][ T339] ? wait_consider_task+0x4080/0x4080
[ 42.091132][ T339] kernel_wait4+0x100/0x1d0
[ 42.095700][ T339] ? __ia32_sys_waitid+0x140/0x140
[ 42.101353][ T339] ? thread_group_exited+0xc0/0xc0
[ 42.106498][ T339] ? hrtimer_nanosleep+0x191/0x3b0
[ 42.111430][ T339] ? nanosleep_copyout+0xd0/0xd0
[ 42.116210][ T339] __do_sys_wait4+0xf6/0x100
[ 42.120768][ T339] ? kernel_wait4+0x1d0/0x1d0
[ 42.125277][ T339] ? get_timespec64+0x72/0x220
[ 42.130092][ T339] ? put_timespec64+0x100/0x100
[ 42.134775][ T339] ? common_nsleep+0x78/0xb0
[ 42.139223][ T339] ? __x64_sys_clock_nanosleep+0x2a4/0x440
[ 42.144938][ T339] ? __kasan_check_write+0x14/0x20
[ 42.150004][ T339] ? switch_fpu_return+0xbf/0x1b0
[ 42.154849][ T339] __x64_sys_wait4+0x92/0xf0
[ 42.159285][ T339] ? syscall_exit_to_user_mode+0x38/0x160
[ 42.164928][ T339] do_syscall_64+0x32/0x80
[ 42.169273][ T339] entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 42.175422][ T339] RIP: 0033:0x7f6cfa9fe4d3
[ 42.179680][ T339] Code: 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 80 3d 31 2a 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 89 54 24 14 48
[ 42.199304][ T339] RSP: 002b:00007fff8ca5bdc8 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
[ 42.208419][ T339] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f6cfa9fe4d3
[ 42.216341][ T339] RDX: 0000000040000001 RSI: 00007fff8ca5be2c RDI: 00000000ffffffff
[ 42.224373][ T339] RBP: 00007fff8ca5be2c R08: 0000000000000029 R09: 00007fff8cb2c080
[ 42.232249][ T339] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[ 42.240093][ T339] R13: 000000000000a347 R14: 000000000000a310 R15: 0000000000000005
[ 42.247950][ T339] Modules linked in:
[ 42.251732][ C0] general protection fault, probably for non-canonical address 0xdffffc001ffff13c: 0000 [#2] PREEMPT SMP KASAN
[ 42.251737][ C1] list_add corruption. next->prev should be prev (ffff8881f7456d10), but was 91b25fc500000000. (next=ffff888121cde228).
[ 42.275946][ C0] KASAN: probably user-memory-access in range [0x00000000ffff89e0-0x00000000ffff89e7]
[ 42.285614][ C0] CPU: 0 PID: -1229422910 Comm: .0 Tainted: G B D 5.10.203-syzkaller #0
[ 42.295248][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 42.305147][ C0] RIP: 0010:account_system_index_time+0x8a/0x210
[ 42.311503][ C0] Code: 01 00 00 49 8b 9c 24 c8 07 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d bb 60 01 00 00 4c 8d bb 00 01 00 00 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 28 01 00 00 8b 83 60 01 00 00
[ 42.333136][ C0] RSP: 0018:ffffc90000007cc8 EFLAGS: 00010006
[ 42.339123][ C0] RAX: dffffc0000000000 RBX: 00000000ffff8881 RCX: 1ffffffff097f8e4
[ 42.347152][ C0] RDX: 000000001ffff13c RSI: 000000000097beab RDI: 00000000ffff89e1
[ 42.355217][ C0] RBP: ffffc90000007cf0 R08: 1ffffffff097f8e4 R09: 0000000000000003
[ 42.363483][ C0] R10: fffff52000000fd5 R11: 0000000000000001 R12: ffff888121cde180
[ 42.371585][ C0] R13: 000000000097beab R14: 0000000000000002 R15: 00000000ffff8981
[ 42.379435][ C0] FS: 00007f6cf21a36c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000
[ 42.388315][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 42.395558][ C0] CR2: 000055e17e023088 CR3: 00000001211e9000 CR4: 00000000003506b0
[ 42.403837][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 42.411728][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 42.419948][ C0] Call Trace:
[ 42.423056][ C0]
[ 42.425783][ C0] ? show_regs.part.0+0x1e/0x20
[ 42.430607][ C0] ? die_addr.cold+0x8/0xd
[ 42.434893][ C0] ? exc_general_protection+0x19b/0x2e0
[ 42.440417][ C0] ? asm_exc_general_protection+0x1e/0x30
[ 42.446262][ C0] ? account_system_index_time+0x8a/0x210
[ 42.452503][ C0] irqtime_account_process_tick+0x437/0x5a0
[ 42.458543][ C0] account_process_tick+0x367/0x470
[ 42.463612][ C0] update_process_times+0x6c/0xb0
[ 42.468497][ C0] tick_sched_handle+0xfa/0x170
[ 42.473158][ C0] tick_sched_timer+0xb6/0xd0
[ 42.477939][ C0] ? tick_sched_do_timer+0x340/0x340
[ 42.483287][ C0] __hrtimer_run_queues+0x39a/0x790
[ 42.488533][ C0] ? enqueue_hrtimer+0x1c0/0x1c0
[ 42.493319][ C0] ? _raw_write_lock_irqsave+0xe0/0xe0
[ 42.498811][ C0] ? ktime_get_update_offsets_now+0x6e/0x200
[ 42.504793][ C0] ? clockevents_program_event+0x1cb/0x260
[ 42.510550][ C0] hrtimer_interrupt+0x2f3/0x8d0
[ 42.515749][ C0] __sysvec_apic_timer_interrupt+0x10a/0x360
[ 42.521721][ C0] asm_call_irq_on_stack+0xf/0x20
[ 42.526592][ C0]
[ 42.529499][ C0] Modules linked in:
[ 42.533243][ C0] ---[ end trace e64b2a68338efad4 ]---
[ 42.533279][ C1] invalid opcode: 0000 [#3] PREEMPT SMP KASAN
[ 42.538629][ C0] RIP: 0010:wait_consider_task+0x95/0x4080
[ 42.544995][ C1] CPU: 1 PID: 339 Comm: syz-executor.0 Tainted: G B D 5.10.203-syzkaller #0
[ 42.550700][ C0] Code: c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 00 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 4c 89 c0 48 c1 e8 03 <0f> b6 14 10 4c 89 c0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 c9
[ 42.560560][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[ 42.580723][ C0] RSP: 0018:ffffc90000777ae0 EFLAGS: 00010203
[ 42.591078][ C1] RIP: 0010:__list_add_valid.cold+0xf/0x58
[ 42.591088][ C1] Code: 48 c7 c6 20 4e 5f 84 4c 89 ef e8 83 d9 01 00 49 c7 c7 f0 ff ff ff e9 c1 f2 78 fe 4c 89 e1 48 c7 c7 40 51 5f 84 e8 8b e5 fd ff <0f> 0b 48 c7 c7 e0 50 5f 84 e8 7d e5 fd ff 0f 0b 48 c7 c7 80 50 5f
[ 42.597335][ C0] RAX: 0439b4e01ffff0fd RBX: ffffc90000777cf0 RCX: 0000000000000000
[ 42.597342][ C0] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000777cf0
[ 42.603258][ C1] RSP: 0018:ffffc900001608b8 EFLAGS: 00010086
[ 42.623579][ C0] RBP: ffffc90000777c08 R08: 21cda700ffff87ed R09: 0000000000000000
[ 42.631533][ C1]
[ 42.639350][ C0] R10: fffffbfff09c1410 R11: 0000000000000000 R12: ffffc90000777cf0
[ 42.645342][ C1] RAX: 0000000000000075 RBX: dffffc0000000000 RCX: 0000000000000000
[ 42.653341][ C0] R13: ffff88811f9a6728 R14: 21cda700ffff82c9 R15: ffffc90000777be0
[ 42.655529][ C1] RDX: 0000000000000004 RSI: ffffffff845f4f80 RDI: fffff5200002c10a
[ 42.663606][ C0] FS: 00007f6cf21a36c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000
[ 42.671409][ C1] RBP: ffffc900001608d0 R08: 0000000000000075 R09: ffff8881f75530a7
[ 42.679414][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 42.687256][ C1] R10: ffffed103eeaa614 R11: 0000000000000001 R12: ffff888121cde228
[ 42.696464][ C0] CR2: 000055e17e023088 CR3: 00000001211e9000 CR4: 00000000003506b0
[ 42.704554][ C1] R13: ffff88810bef1428 R14: ffff88810bef1558 R15: ffff88810bef1400
[ 42.710941][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 42.719077][ C1] FS: 000055555682c480(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000
[ 42.727237][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 42.735669][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 42.743686][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 42.752601][ C1] CR2: 000000c000583030 CR3: 000000011f8f3000 CR4: 00000000003506a0
[ 42.782383][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 42.790738][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 42.798616][ C1] Call Trace:
[ 42.801739][ C1]
[ 42.804537][ C1] ? show_regs.part.0+0x1e/0x20
[ 42.809199][ C1] ? __die+0x5d/0x9e
[ 42.813021][ C1] ? die+0x2b/0x50
[ 42.816578][ C1] ? do_trap+0x1d5/0x260
[ 42.820654][ C1] ? do_error_trap+0x8a/0xe0
[ 42.825346][ C1] ? __list_add_valid.cold+0xf/0x58
[ 42.830374][ C1] ? handle_invalid_op+0x31/0x40
[ 42.835325][ C1] ? __list_add_valid.cold+0xf/0x58
[ 42.840704][ C1] ? exc_invalid_op+0x30/0x50
[ 42.845302][ C1] ? asm_exc_invalid_op+0x12/0x20
[ 42.850180][ C1] ? __list_add_valid.cold+0xf/0x58
[ 42.855297][ C1] ? __list_add_valid.cold+0xf/0x58
[ 42.860342][ C1] enqueue_task_fair+0xa3f/0x27b0
[ 42.865378][ C1] ? select_task_rq_fair+0x36d0/0x36d0
[ 42.870597][ C1] ? psi_task_change+0x154/0x280
[ 42.875554][ C1] enqueue_task+0xe9/0x560
[ 42.879970][ C1] ? kvm_sched_clock_read+0x18/0x40
[ 42.885185][ C1] ttwu_do_activate.isra.0+0xde/0x360
[ 42.890893][ C1] try_to_wake_up+0x5fa/0x17d0
[ 42.895470][ C1] ? select_fallback_rq+0x660/0x660
[ 42.900527][ C1] default_wake_function+0x30/0x50
[ 42.905556][ C1] autoremove_wake_function+0x19/0x160
[ 42.910844][ C1] __wake_up_common+0x10b/0x5a0
[ 42.915519][ C1] __wake_up_common_lock+0xea/0x150
[ 42.920654][ C1] ? __wake_up_common+0x5a0/0x5a0
[ 42.925682][ C1] ? rcu_sched_clock_irq+0xc27/0x1f40
[ 42.930992][ C1] ? acct_account_cputime+0x186/0x300
[ 42.936281][ C1] ? rcutree_dead_cpu+0xa0/0xa0
[ 42.941231][ C1] __wake_up+0xe/0x10
[ 42.945229][ C1] wake_up_klogd_work_func+0x5e/0x70
[ 42.950594][ C1] irq_work_single+0x7f/0xb0
[ 42.955114][ C1] irq_work_run_list+0x70/0xa0
[ 42.960027][ C1] irq_work_tick+0xcd/0x120
[ 42.964578][ C1] update_process_times+0x9d/0xb0
[ 42.969513][ C1] tick_sched_handle+0xfa/0x170
[ 42.974188][ C1] tick_sched_timer+0xb6/0xd0
[ 42.978874][ C1] ? tick_sched_do_timer+0x340/0x340
[ 42.983990][ C1] __hrtimer_run_queues+0x39a/0x790
[ 42.989025][ C1] ? enqueue_hrtimer+0x1c0/0x1c0
[ 42.993986][ C1] ? _raw_write_lock_irqsave+0xe0/0xe0
[ 42.999712][ C1] ? ktime_get_update_offsets_now+0x6e/0x200
[ 43.005797][ C1] ? clockevents_program_event+0x1cb/0x260
[ 43.011641][ C1] hrtimer_interrupt+0x2f3/0x8d0
[ 43.016400][ C1] __sysvec_apic_timer_interrupt+0x10a/0x360
[ 43.022219][ C1] asm_call_irq_on_stack+0xf/0x20
[ 43.027622][ C1]
[ 43.030635][ C1] sysvec_apic_timer_interrupt+0xa3/0xe0
[ 43.036120][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 43.042085][ C1] RIP: 0010:oops_end+0x38/0xb0
[ 43.046687][ C1] Code: ff e8 9c 75 fc 00 be 01 00 00 00 bf 07 00 00 00 c7 05 28 ca c7 03 ff ff ff ff e8 73 aa 10 00 83 2d 44 3b 48 04 01 74 29 53 9d 23 ad 10 00 48 c7 c2 32 cf b5 84 be 02 00 00 00 48 c7 c7 00 12
[ 43.066559][ C1] RSP: 0018:ffffc90000777938 EFLAGS: 00000246
[ 43.072896][ C1] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81328135
[ 43.081063][ C1] RDX: fffffbfff0ad6985 RSI: 0000000000000008 RDI: ffffffff856a11ec
[ 43.089047][ C1] RBP: ffffc90000777948 R08: 0000000000000001 R09: ffffffff856b4c27
[ 43.097140][ C1] R10: fffffbfff0ad6984 R11: 0000000000000001 R12: 000000000000000b
[ 43.105088][ C1] R13: ffffc9000077799c R14: 0000000000000000 R15: e439b0e01ffff0fd
[ 43.113193][ C1] ? add_taint+0x25/0x70
[ 43.117286][ C1] die_addr+0xbf/0xe0
[ 43.121192][ C1] exc_general_protection+0x19b/0x2e0
[ 43.126611][ C1] asm_exc_general_protection+0x1e/0x30
[ 43.131991][ C1] RIP: 0010:wait_consider_task+0x95/0x4080
[ 43.137709][ C1] Code: c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 00 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 4c 89 c0 48 c1 e8 03 <0f> b6 14 10 4c 89 c0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 c9
[ 43.157327][ C1] RSP: 0018:ffffc90000777ae0 EFLAGS: 00010203
[ 43.163397][ C1] RAX: 0439b4e01ffff0fd RBX: ffffc90000777cf0 RCX: 0000000000000000
[ 43.171296][ C1] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000777cf0
[ 43.179205][ C1] RBP: ffffc90000777c08 R08: 21cda700ffff87ed R09: 0000000000000000
[ 43.187353][ C1] R10: fffffbfff09c1410 R11: 0000000000000000 R12: ffffc90000777cf0
[ 43.195513][ C1] R13: ffff88811f9a6728 R14: 21cda700ffff82c9 R15: ffffc90000777be0
[ 43.203421][ C1] ? __kasan_check_write+0x14/0x20
[ 43.209001][ C1] ? finish_task_switch+0x166/0x630
[ 43.214382][ C1] ? __kasan_check_write+0x14/0x20
[ 43.219331][ C1] ? _raw_spin_lock_irqsave+0x8c/0x120
[ 43.224716][ C1] ? release_task+0x1160/0x1160
[ 43.229402][ C1] ? _raw_spin_unlock_irqrestore+0x47/0x80
[ 43.235218][ C1] do_wait+0x2a8/0x6e0
[ 43.239121][ C1] ? wait_consider_task+0x4080/0x4080
[ 43.244597][ C1] kernel_wait4+0x100/0x1d0
[ 43.249158][ C1] ? __ia32_sys_waitid+0x140/0x140
[ 43.254047][ C1] ? thread_group_exited+0xc0/0xc0
[ 43.258994][ C1] ? hrtimer_nanosleep+0x191/0x3b0
[ 43.264313][ C1] ? nanosleep_copyout+0xd0/0xd0
[ 43.269280][ C1] __do_sys_wait4+0xf6/0x100
[ 43.274241][ C1] ? kernel_wait4+0x1d0/0x1d0
[ 43.279163][ C1] ? get_timespec64+0x72/0x220
[ 43.284304][ C1] ? put_timespec64+0x100/0x100
[ 43.289201][ C1] ? common_nsleep+0x78/0xb0
[ 43.293939][ C1] ? __x64_sys_clock_nanosleep+0x2a4/0x440
[ 43.299679][ C1] ? __kasan_check_write+0x14/0x20
[ 43.304723][ C1] ? switch_fpu_return+0xbf/0x1b0
[ 43.309665][ C1] __x64_sys_wait4+0x92/0xf0
[ 43.314347][ C1] ? syscall_exit_to_user_mode+0x38/0x160
[ 43.319906][ C1] do_syscall_64+0x32/0x80
[ 43.324346][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 43.330176][ C1] RIP: 0033:0x7f6cfa9fe4d3
[ 43.334427][ C1] Code: 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 80 3d 31 2a 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 89 54 24 14 48
[ 43.355117][ C1] RSP: 002b:00007fff8ca5bdc8 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
[ 43.363441][ C1] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f6cfa9fe4d3
[ 43.371334][ C1] RDX: 0000000040000001 RSI: 00007fff8ca5be2c RDI: 00000000ffffffff
[ 43.379232][ C1] RBP: 00007fff8ca5be2c R08: 0000000000000029 R09: 00007fff8cb2c080
[ 43.387334][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[ 43.395435][ C1] R13: 000000000000a347 R14: 000000000000a310 R15: 0000000000000005
[ 43.403508][ C1] Modules linked in:
[ 43.407212][ C1] ---[ end trace e64b2a68338efad5 ]---
[ 43.412916][ C1] RIP: 0010:wait_consider_task+0x95/0x4080
[ 43.418961][ C1] Code: c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 00 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 4c 89 c0 48 c1 e8 03 <0f> b6 14 10 4c 89 c0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 c9
[ 43.439171][ C1] RSP: 0018:ffffc90000777ae0 EFLAGS: 00010203
[ 43.445123][ C1] RAX: 0439b4e01ffff0fd RBX: ffffc90000777cf0 RCX: 0000000000000000
[ 43.453191][ C1] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000777cf0
[ 43.461094][ C1] RBP: ffffc90000777c08 R08: 21cda700ffff87ed R09: 0000000000000000
[ 43.469000][ C1] R10: fffffbfff09c1410 R11: 0000000000000000 R12: ffffc90000777cf0
[ 43.477147][ C1] R13: ffff88811f9a6728 R14: 21cda700ffff82c9 R15: ffffc90000777be0
[ 43.485069][ C1] FS: 000055555682c480(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000
[ 43.494262][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 43.500960][ C1] CR2: 000000c000583030 CR3: 000000011f8f3000 CR4: 00000000003506a0
[ 43.509641][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 43.517787][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 43.958758][ C0] Shutting down cpus with NMI
[ 43.963613][ C0] Kernel Offset: disabled
[ 43.967733][ C0] Rebooting in 86400 seconds..