Warning: Permanently added '10.128.0.21' (ED25519) to the list of known hosts. 2025/01/30 11:17:27 ignoring optional flag "sandboxArg"="0" 2025/01/30 11:17:28 parsed 1 programs [ 56.451326][ T24] kauditd_printk_skb: 31 callbacks suppressed [ 56.451339][ T24] audit: type=1400 audit(1738235849.130:107): avc: denied { unlink } for pid=444 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 56.515408][ T444] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.971214][ T459] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.978085][ T459] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.986512][ T459] device bridge_slave_0 entered promiscuous mode [ 56.994165][ T459] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.001254][ T459] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.008537][ T459] device bridge_slave_1 entered promiscuous mode [ 57.043827][ T459] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.050677][ T459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.057741][ T459] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.064580][ T459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.081402][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.088674][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.095762][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.103086][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.112245][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.120387][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.127213][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.135690][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.143648][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.150497][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.162466][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.172068][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.185190][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.196007][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.204021][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.211390][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.220831][ T459] device veth0_vlan entered promiscuous mode [ 57.230769][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.239933][ T459] device veth1_macvtap entered promiscuous mode [ 57.248958][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.258756][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.347368][ T24] audit: type=1400 audit(1738235850.020:108): avc: denied { create } for pid=476 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 57.474351][ T24] audit: type=1401 audit(1738235850.150:109): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" 2025/01/30 11:17:30 executed programs: 0 [ 57.979693][ T9] device bridge_slave_1 left promiscuous mode [ 57.985687][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.994809][ T9] device bridge_slave_0 left promiscuous mode [ 58.001020][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.008908][ T9] device veth1_macvtap left promiscuous mode [ 58.014717][ T9] device veth0_vlan left promiscuous mode [ 58.078095][ T510] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.085302][ T510] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.092732][ T510] device bridge_slave_0 entered promiscuous mode [ 58.099397][ T510] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.106228][ T510] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.113545][ T510] device bridge_slave_1 entered promiscuous mode [ 58.150199][ T510] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.157038][ T510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.164183][ T510] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.171029][ T510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.188578][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.195991][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.203039][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.211659][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.219772][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.226691][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.235197][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.243447][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.250296][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.267025][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.274863][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.290420][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.300153][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.307975][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.315354][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.323815][ T510] device veth0_vlan entered promiscuous mode [ 58.334408][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.343309][ T510] device veth1_macvtap entered promiscuous mode [ 58.353499][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.363276][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.421383][ T515] erofs: (device loop2): mounted with root inode @ nid 36. [ 58.428720][ T24] audit: type=1400 audit(1738235851.110:110): avc: denied { mount } for pid=514 comm="syz.2.16" name="/" dev="loop2" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 58.429385][ T515] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 58.459547][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934616 @ nid 36 [ 58.469295][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934615 @ nid 36 [ 58.479013][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934614 @ nid 36 [ 58.488569][ T515] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 58.497648][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934613 @ nid 36 [ 58.507517][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934612 @ nid 36 [ 58.517071][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934611 @ nid 36 [ 58.526600][ T515] erofs: (device loop2): z_erofs_readahead: readahead error at page 8589934610 @ nid 36 [ 58.536417][ T41] ------------[ cut here ]------------ [ 58.541815][ T41] WARNING: CPU: 0 PID: 41 at mm/page_alloc.c:3801 get_page_from_freelist+0x48f/0x2f30 [ 58.551212][ T41] Modules linked in: [ 58.554899][ T41] CPU: 0 PID: 41 Comm: erofs_worker/0 Not tainted 5.10.233-syzkaller-1006618-gfbe98d68b6b3 #0 [ 58.564991][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 58.574917][ T41] RIP: 0010:get_page_from_freelist+0x48f/0x2f30 [ 58.580957][ T41] Code: 00 4c 89 f0 48 c1 e8 03 0f b6 04 08 84 c0 0f 85 33 27 00 00 41 8b 06 48 89 44 24 20 80 bc 24 d8 00 00 00 00 0f 84 56 05 00 00 <0f> 0b e9 4f 05 00 00 41 f6 c5 18 0f 85 fa 25 00 00 48 8b 44 24 08 [ 58.600418][ T41] RSP: 0018:ffffc900006af2a0 EFLAGS: 00010202 [ 58.606277][ T41] RAX: 0000000000000000 RBX: ffffffff86e00140 RCX: dffffc0000000000 [ 58.614147][ T41] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffc900006af5f0 [ 58.621903][ T41] RBP: ffffc900006af510 R08: dffffc0000000000 R09: fffffbfff0dbff5c [ 58.629723][ T41] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001 [ 58.637517][ T41] R13: 0000000000000901 R14: ffffc900006af5f8 R15: 00000000000ce859 [ 58.645365][ T41] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 58.654104][ T41] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.660537][ T41] CR2: 0000563a0c75e1d0 CR3: 000000000660f000 CR4: 00000000003506b0 [ 58.668362][ T41] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.676140][ T41] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.683973][ T41] Call Trace: [ 58.687086][ T41] ? show_regs+0x58/0x60 [ 58.691210][ T41] ? __warn+0x160/0x2f0 [ 58.695149][ T41] ? get_page_from_freelist+0x48f/0x2f30 [ 58.700858][ T41] ? report_bug+0x3d9/0x5b0 [ 58.705161][ T41] ? get_page_from_freelist+0x48f/0x2f30 [ 58.710660][ T41] ? handle_bug+0x41/0x70 [ 58.714787][ T41] ? exc_invalid_op+0x1b/0x50 [ 58.719328][ T41] ? asm_exc_invalid_op+0x12/0x20 [ 58.724162][ T41] ? get_page_from_freelist+0x48f/0x2f30 [ 58.729688][ T41] ? sched_group_set_shares+0x490/0x490 [ 58.735190][ T41] ? __kasan_check_write+0x14/0x20 [ 58.740187][ T41] ? __alloc_pages_nodemask+0xaf0/0xaf0 [ 58.745511][ T41] ? lruvec_init+0x150/0x150 [ 58.750133][ T41] __alloc_pages_nodemask+0x435/0xaf0 [ 58.755303][ T41] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 58.760853][ T41] kmalloc_order+0x4c/0x170 [ 58.765163][ T41] kmalloc_order_trace+0x18/0x90 [ 58.770035][ T41] __kmalloc+0x1f1/0x330 [ 58.774018][ T41] ? mutex_trylock+0xa0/0xa0 [ 58.778483][ T41] kvmalloc_node+0x82/0x130 [ 58.782781][ T41] z_erofs_decompress_queue+0x338/0x1d20 [ 58.788291][ T41] ? __kasan_check_write+0x14/0x20 [ 58.793197][ T41] ? z_erofs_onlinepage_endio+0x170/0x170 [ 58.798817][ T41] ? _raw_spin_unlock_irq+0x4e/0x70 [ 58.803786][ T41] ? finish_task_switch+0x130/0x5a0 [ 58.808856][ T41] ? __switch_to_asm+0x34/0x60 [ 58.813418][ T41] ? __schedule+0xbee/0x1330 [ 58.817846][ T41] z_erofs_decompressqueue_kthread_work+0x95/0xe0 [ 58.824133][ T41] ? z_erofs_decompress_kickoff+0x3d0/0x3d0 [ 58.829852][ T41] ? finish_task_switch+0x130/0x5a0 [ 58.834855][ T41] ? __kasan_check_read+0x11/0x20 [ 58.839753][ T41] kthread_worker_fn+0x48b/0x920 [ 58.844511][ T41] ? z_erofs_decompress_kickoff+0x3d0/0x3d0 [ 58.850370][ T41] ? __kthread_init_worker+0xb0/0xb0 [ 58.855461][ T41] ? __kasan_check_read+0x11/0x20 [ 58.860367][ T41] ? __kthread_parkme+0xb9/0x1c0 [ 58.865095][ T41] kthread+0x34b/0x3d0 [ 58.869028][ T41] ? __kthread_init_worker+0xb0/0xb0 [ 58.874121][ T41] ? kthread_blkcg+0xd0/0xd0 [ 58.878616][ T41] ret_from_fork+0x1f/0x30 [ 58.882958][ T41] ---[ end trace c59485926a67a7a3 ]--- [ 58.888718][ T41] BUG: unable to handle page fault for address: ffffed1124eaffff [ 58.896263][ T41] #PF: supervisor read access in kernel mode [ 58.902057][ T41] #PF: error_code(0x0000) - not-present page [ 58.907866][ T41] PGD 23fff2067 P4D 23fff2067 PUD 0 [ 58.912988][ T41] Oops: 0000 [#1] PREEMPT SMP KASAN [ 58.918027][ T41] CPU: 0 PID: 41 Comm: erofs_worker/0 Tainted: G W 5.10.233-syzkaller-1006618-gfbe98d68b6b3 #0 [ 58.929476][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 58.939383][ T41] RIP: 0010:z_erofs_decompress_queue+0x863/0x1d20 [ 58.945626][ T41] Code: c0 0f 85 db 01 00 00 41 8b 04 24 c1 f8 02 89 c0 48 8b 4c 24 70 4c 8d 3c c1 4d 89 fc 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ff e8 4e f4 7e ff 4d 8b 37 4d 85 f6 0f [ 58.965068][ T41] RSP: 0018:ffffc900006af7c0 EFLAGS: 00010a06 [ 58.970979][ T41] RAX: dffffc0000000000 RBX: ffffea0004886c40 RCX: ffff888127580000 [ 58.978775][ T41] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004886c68 [ 58.986673][ T41] RBP: ffffc900006afd30 R08: dffffc0000000000 R09: fffff94000910d8e [ 58.994484][ T41] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11124eaffff [ 59.002301][ T41] R13: 0000000000000000 R14: ffffea0004886c40 R15: ffff88892757fff8 [ 59.010120][ T41] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 59.018882][ T41] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.025312][ T41] CR2: ffffed1124eaffff CR3: 000000000660f000 CR4: 00000000003506b0 [ 59.033111][ T41] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.040919][ T41] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.048727][ T41] Call Trace: [ 59.051863][ T41] ? __die_body+0x62/0xb0 [ 59.056031][ T41] ? __die+0x7e/0x90 [ 59.059764][ T41] ? no_context+0x9f9/0xd20 [ 59.064208][ T41] ? is_prefetch+0x5c0/0x5c0 [ 59.068711][ T41] ? __alloc_pages_nodemask+0x435/0xaf0 [ 59.074089][ T41] ? __bad_area_nosemaphore+0xc4/0x430 [ 59.079381][ T41] ? bad_area_nosemaphore+0x2d/0x40 [ 59.084418][ T41] ? do_kern_addr_fault+0x69/0x80 [ 59.089270][ T41] ? exc_page_fault+0x38e/0x5b0 [ 59.093955][ T41] ? asm_exc_page_fault+0x1e/0x30 [ 59.098818][ T41] ? z_erofs_decompress_queue+0x863/0x1d20 [ 59.104462][ T41] ? z_erofs_onlinepage_endio+0x170/0x170 [ 59.110122][ T41] ? _raw_spin_unlock_irq+0x4e/0x70 [ 59.115313][ T41] ? finish_task_switch+0x130/0x5a0 [ 59.120610][ T41] ? __switch_to_asm+0x34/0x60 [ 59.125382][ T41] ? __schedule+0xbee/0x1330 [ 59.129814][ T41] z_erofs_decompressqueue_kthread_work+0x95/0xe0 [ 59.136444][ T41] ? z_erofs_decompress_kickoff+0x3d0/0x3d0 [ 59.142263][ T41] ? finish_task_switch+0x130/0x5a0 [ 59.147290][ T41] ? __kasan_check_read+0x11/0x20 [ 59.152152][ T41] kthread_worker_fn+0x48b/0x920 [ 59.156930][ T41] ? z_erofs_decompress_kickoff+0x3d0/0x3d0 [ 59.162655][ T41] ? __kthread_init_worker+0xb0/0xb0 [ 59.167779][ T41] ? __kasan_check_read+0x11/0x20 [ 59.172651][ T41] ? __kthread_parkme+0xb9/0x1c0 [ 59.177413][ T41] kthread+0x34b/0x3d0 [ 59.181401][ T41] ? __kthread_init_worker+0xb0/0xb0 [ 59.186519][ T41] ? kthread_blkcg+0xd0/0xd0 [ 59.190958][ T41] ret_from_fork+0x1f/0x30 [ 59.195464][ T41] Modules linked in: [ 59.199208][ T41] CR2: ffffed1124eaffff [ 59.203200][ T41] ---[ end trace c59485926a67a7a4 ]--- [ 59.208496][ T41] RIP: 0010:z_erofs_decompress_queue+0x863/0x1d20 [ 59.214725][ T41] Code: c0 0f 85 db 01 00 00 41 8b 04 24 c1 f8 02 89 c0 48 8b 4c 24 70 4c 8d 3c c1 4d 89 fc 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ff e8 4e f4 7e ff 4d 8b 37 4d 85 f6 0f [ 59.234269][ T41] RSP: 0018:ffffc900006af7c0 EFLAGS: 00010a06 [ 59.240173][ T41] RAX: dffffc0000000000 RBX: ffffea0004886c40 RCX: ffff888127580000 [ 59.247979][ T41] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea0004886c68 [ 59.255878][ T41] RBP: ffffc900006afd30 R08: dffffc0000000000 R09: fffff94000910d8e [ 59.263692][ T41] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11124eaffff [ 59.271504][ T41] R13: 0000000000000000 R14: ffffea0004886c40 R15: ffff88892757fff8 [ 59.279313][ T41] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 59.288174][ T41] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.294586][ T41] CR2: ffffed1124eaffff CR3: 000000000660f000 CR4: 00000000003506b0 [ 59.302401][ T41] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.310221][ T41] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.318112][ T41] Kernel panic - not syncing: Fatal exception [ 59.324316][ T41] Kernel Offset: disabled [ 59.328442][ T41] Rebooting in 86400 seconds..