Warning: Permanently added '10.128.1.150' (ED25519) to the list of known hosts. 2023/11/19 03:41:13 ignoring optional flag "sandboxArg"="0" 2023/11/19 03:41:13 parsed 1 programs [ 42.992967][ T23] kauditd_printk_skb: 75 callbacks suppressed [ 42.992973][ T23] audit: type=1400 audit(1700365273.199:151): avc: denied { mounton } for pid=338 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 43.023741][ T23] audit: type=1400 audit(1700365273.199:152): avc: denied { mount } for pid=338 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 43.047230][ T23] audit: type=1400 audit(1700365273.199:153): avc: denied { setattr } for pid=338 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 2023/11/19 03:41:13 executed programs: 0 [ 43.071373][ T23] audit: type=1400 audit(1700365273.199:154): avc: denied { read write } for pid=338 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.098648][ T23] audit: type=1400 audit(1700365273.199:155): avc: denied { open } for pid=338 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.098885][ T338] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 43.125100][ T23] audit: type=1400 audit(1700365273.239:156): avc: denied { unlink } for pid=338 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.160301][ T23] audit: type=1400 audit(1700365273.239:157): avc: denied { relabelto } for pid=339 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.175449][ T343] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.185695][ T23] audit: type=1400 audit(1700365273.349:158): avc: denied { mounton } for pid=343 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 43.216496][ T343] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.223580][ T343] device bridge_slave_0 entered promiscuous mode [ 43.230203][ T343] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.237168][ T343] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.244187][ T343] device bridge_slave_1 entered promiscuous mode [ 43.269191][ T343] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.276111][ T343] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.283172][ T343] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.290103][ T343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.303000][ T298] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.310116][ T298] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.317120][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.324206][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.339037][ T343] device veth0_vlan entered promiscuous mode [ 43.345952][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.354123][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.362301][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.369535][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.376712][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.384656][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.391456][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.398571][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.406485][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.413200][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.420369][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.427925][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.438406][ T343] device veth1_macvtap entered promiscuous mode [ 43.445656][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.454345][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.464283][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.484039][ T23] audit: type=1400 audit(1700365273.689:159): avc: denied { mounton } for pid=349 comm="syz-executor.0" path="/root/syzkaller-testdir3668217208/syzkaller.I56ePq/0/file1" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 43.489125][ T350] EXT4-fs (loop0): 1 orphan inode deleted [ 43.516489][ T350] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1, [ 43.537931][ T350] ext4 filesystem being mounted at /root/syzkaller-testdir3668217208/syzkaller.I56ePq/0/file1 supports timestamps until 2038 (0x7fffffff) [ 43.538191][ T23] audit: type=1400 audit(1700365273.749:160): avc: denied { mount } for pid=349 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 43.563383][ T354] EXT4-fs error (device loop0): ext4_ext_remove_space:2857: inode #16: comm syz-executor.0: path[1].p_hdr == NULL [ 43.585498][ T354] EXT4-fs (loop0): Remounting filesystem read-only [ 43.591994][ T354] EXT4-fs error (device loop0): __ext4_get_inode_loc:4425: comm syz-executor.0: Invalid inode table block 0 in block_group 0 [ 43.604884][ T354] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem [ 43.614189][ T354] EXT4-fs error (device loop0): ext4_punch_hole:4218: inode #16: comm syz-executor.0: mark_inode_dirty error [ 43.706235][ T356] EXT4-fs (loop0): 1 orphan inode deleted [ 43.711905][ T356] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1, [ 43.740117][ T356] ext4 filesystem being mounted at /root/syzkaller-testdir3668217208/syzkaller.I56ePq/1/file1 supports timestamps until 2038 (0x7fffffff) [ 43.758795][ T360] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:475: comm syz-executor.0: Invalid block bitmap block 0 in block_group 0 [ 43.772524][ T360] EXT4-fs (loop0): Remounting filesystem read-only [ 43.779093][ T360] EXT4-fs error (device loop0) in ext4_mb_clear_bb:5615: Corrupt filesystem [ 43.787771][ T360] ================================================================== [ 43.795727][ T360] BUG: KASAN: out-of-bounds in ext4_ext_remove_space+0xfae/0x3c70 [ 43.803356][ T360] Read of size 18446744073709551544 at addr ffff88812085e054 by task syz-executor.0/360 [ 43.813049][ T360] [ 43.815224][ T360] CPU: 1 PID: 360 Comm: syz-executor.0 Not tainted 5.10.199-syzkaller #0 [ 43.823720][ T360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 43.833705][ T360] Call Trace: [ 43.836938][ T360] dump_stack_lvl+0x81/0xac [ 43.841255][ T360] print_address_description.constprop.0+0x24/0x160 [ 43.847684][ T360] ? ext4_ext_remove_space+0xfae/0x3c70 [ 43.853058][ T360] kasan_report.cold+0x82/0xdb [ 43.857677][ T360] ? ext4_ext_remove_space+0xfae/0x3c70 [ 43.863472][ T360] kasan_check_range+0x148/0x190 [ 43.868245][ T360] memmove+0x24/0x60 [ 43.872244][ T360] ext4_ext_remove_space+0xfae/0x3c70 [ 43.877455][ T360] ? ext4_ext_index_trans_blocks+0x100/0x100 [ 43.883289][ T360] ? ext4_es_remove_extent+0x16f/0x250 [ 43.888563][ T360] ? ext4_es_lookup_extent+0x9b0/0x9b0 [ 43.893873][ T360] ? ext4_zero_partial_blocks+0x21b/0x520 [ 43.899672][ T360] ? __ext4_journal_start_sb+0x33/0x2d0 [ 43.905141][ T360] ext4_punch_hole+0x783/0xf90 [ 43.909738][ T360] ? rwsem_down_write_slowpath+0x1160/0x1160 [ 43.915555][ T360] ext4_fallocate+0x6fb/0x2c90 [ 43.920153][ T360] ? avc_ss_reset+0x120/0x120 [ 43.924667][ T360] ? ext4_ext_truncate+0x1c0/0x1c0 [ 43.929614][ T360] ? security_file_permission+0x4c/0x460 [ 43.935083][ T360] vfs_fallocate+0x2b1/0xb10 [ 43.939512][ T360] ioctl_preallocate+0x149/0x1c0 [ 43.944282][ T360] ? fiemap_prep+0x200/0x200 [ 43.948710][ T360] ? __kasan_check_write+0x14/0x20 [ 43.953664][ T360] ? _raw_spin_lock_irq+0x87/0x110 [ 43.958605][ T360] do_vfs_ioctl+0xaec/0xd10 [ 43.962944][ T360] ? generic_block_fiemap+0x70/0x70 [ 43.968029][ T360] ? sigsuspend+0x250/0x250 [ 43.972315][ T360] ? __kasan_check_write+0x14/0x20 [ 43.978494][ T360] ? selinux_file_ioctl+0xee/0x240 [ 43.983793][ T360] __x64_sys_ioctl+0xce/0x1a0 [ 43.988639][ T360] do_syscall_64+0x32/0x80 [ 43.993247][ T360] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 43.999157][ T360] RIP: 0033:0x7ff4e6bb7ae9 [ 44.003486][ T360] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.023014][ T360] RSP: 002b:00007ff4de3590c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 44.031352][ T360] RAX: ffffffffffffffda RBX: 00007ff4e6cd7050 RCX: 00007ff4e6bb7ae9 [ 44.039343][ T360] RDX: 0000000020000080 RSI: 000000004030582b RDI: 0000000000000004 [ 44.047472][ T360] RBP: 00007ff4e6c0347a R08: 0000000000000000 R09: 0000000000000000 [ 44.055273][ T360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.063092][ T360] R13: 000000000000000b R14: 00007ff4e6cd7050 R15: 00007ffe5af88468 [ 44.070903][ T360] [ 44.073065][ T360] The buggy address belongs to the page: [ 44.078533][ T360] page:ffffea0004821780 refcount:2 mapcount:0 mapping:ffff888108eabe10 index:0x3a pfn:0x12085e [ 44.088690][ T360] aops:def_blk_aops ino:0 [ 44.092867][ T360] flags: 0x4000000000002036(referenced|uptodate|lru|active|private) [ 44.100671][ T360] raw: 4000000000002036 ffffea0004821d08 ffff88811cdcf030 ffff888108eabe10 [ 44.109085][ T360] raw: 000000000000003a ffff888119ba21f8 00000002ffffffff ffff88811cdd2000 [ 44.117501][ T360] page dumped because: kasan: bad access detected [ 44.123749][ T360] page->mem_cgroup:ffff88811cdd2000 [ 44.128784][ T360] page_owner tracks the page as allocated [ 44.134428][ T360] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 356, ts 43757027337, free_ts 43676773871 [ 44.152016][ T360] get_page_from_freelist+0x1fee/0x2ad0 [ 44.157342][ T360] __alloc_pages_nodemask+0x2ae/0x2360 [ 44.162646][ T360] pagecache_get_page+0x169/0x6f0 [ 44.167510][ T360] __getblk_slow+0x1ad/0x580 [ 44.171925][ T360] __getblk_gfp+0x3d/0x50 [ 44.176203][ T360] ext4_ext_insert_extent+0xe97/0x3ff0 [ 44.181600][ T360] ext4_ext_map_blocks+0xf09/0x5100 [ 44.186622][ T360] ext4_map_blocks+0x593/0x1450 [ 44.191322][ T360] _ext4_get_block+0x206/0x5b0 [ 44.195900][ T360] ext4_get_block+0x11/0x20 [ 44.200237][ T360] ext4_block_write_begin+0x3b9/0xdc0 [ 44.205446][ T360] ext4_write_begin+0x484/0xf00 [ 44.210220][ T360] ext4_da_write_begin+0x52b/0xc30 [ 44.215177][ T360] generic_perform_write+0x202/0x4a0 [ 44.220381][ T360] ext4_buffered_write_iter+0x1e5/0x420 [ 44.225811][ T360] ext4_file_write_iter+0x358/0x18e0 [ 44.230892][ T360] page last free stack trace: [ 44.235408][ T360] free_pcp_prepare+0x1a7/0x230 [ 44.240093][ T360] free_unref_page_list+0x18a/0xae0 [ 44.245206][ T360] release_pages+0x374/0xb00 [ 44.249631][ T360] __pagevec_release+0x5e/0xe0 [ 44.254231][ T360] shmem_undo_range+0x56a/0xe50 [ 44.259002][ T360] shmem_evict_inode+0x30d/0xa00 [ 44.263784][ T360] evict+0x2ab/0x6a0 [ 44.267507][ T360] iput.part.0+0x33b/0x640 [ 44.271758][ T360] iput+0x3f/0x50 [ 44.275230][ T360] dentry_unlink_inode+0x284/0x390 [ 44.280189][ T360] __dentry_kill+0x326/0x620 [ 44.284604][ T360] dput+0x3c6/0x8a0 [ 44.288249][ T360] __fput+0x306/0x760 [ 44.292153][ T360] ____fput+0x9/0x10 [ 44.295888][ T360] task_work_run+0xc2/0x140 [ 44.300237][ T360] exit_to_user_mode_prepare+0x112/0x120 [ 44.305699][ T360] [ 44.307861][ T360] Memory state around the buggy address: [ 44.313334][ T360] ffff88812085df00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 44.321324][ T360] ffff88812085df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 44.329306][ T360] >ffff88812085e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.337208][ T360] ^ [ 44.343715][ T360] ffff88812085e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.351616][ T360] ffff88812085e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 44.359514][ T360] ================================================================== [ 44.367419][ T360] Disabling lock debugging due to kernel taint [ 44.374627][ T360] EXT4-fs error (device loop0): __ext4_get_inode_loc:4425: comm syz-executor.0: Invalid inode table block 0 in block_group 0 [ 44.387734][ T360] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5886: Corrupt filesystem [ 44.397068][ T360] EXT4-fs error (device loop0): ext4_punch_hole:4218: inode #16: comm syz-executor.0: mark_inode_dirty error [ 44.446337][ T364] EXT4-fs (loop0): 1 orphan inode deleted [ 44.451871][ T364] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,norecovery,dioread_lock,errors=remount-ro,noauto_da_alloc,resgid=0x0000000000000000,barrier,auto_da_alloc,max_dir_size_kb=0x00000000000004e1, [ 44.473301][ T364] ext4 filesystem being mounted at /root/syzkaller-testdir3668217208/syzkaller.I56ePq/2/file1 supports timestamps until 2038 (0x7fffffff) [ 44.492316][ T368] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:475: comm syz-executor.0: Invalid block bitmap block 0 in block_group 0 [ 44.506282][ T368] EXT4-fs (loop0): Remounting filesystem read-only [ 44.512775][ T368] EXT4-fs error (device loop0) in ext4_mb_clear_bb:5615: Corrupt filesystem [ 44.525255][ C1] general protection fault, probably for non-canonical address 0xdffffc00000000f4: 0000 [#1] PREEMPT SMP KASAN [ 44.536854][ C1] KASAN: null-ptr-deref in range [0x00000000000007a0-0x00000000000007a7] [ 44.545112][ C1] CPU: 1 PID: 18 Comm: ksoftirqd/1 Tainted: G B 5.10.199-syzkaller #0 [ 44.554381][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 44.564284][ C1] RIP: 0010:rt6_uncached_list_del+0x1d1/0x2b0 [ 44.570177][ C1] Code: 00 49 8d bf a0 07 00 00 48 b8 22 01 00 00 00 00 ad de 48 89 fa 48 89 83 d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 5e 49 8b 9f a0 07 00 00 be 04 00 00 00 48 8d 7b 18 [ 44.589618][ C1] RSP: 0018:ffffc90000137bc8 EFLAGS: 00010202 [ 44.595518][ C1] RAX: dffffc0000000000 RBX: ffff888121651640 RCX: dffffc0000000000 [ 44.603350][ C1] RDX: 00000000000000f4 RSI: 1ffff1103eeaaf61 RDI: 00000000000007a0 [ 44.611227][ C1] RBP: ffffc90000137c00 R08: 0000000000000001 R09: 0000000000000003 [ 44.619051][ C1] R10: fffff52000026f6c R11: ffffffff84f73048 R12: ffff888121651708 [ 44.626850][ C1] R13: ffff888121651710 R14: ffff8881f7557b00 R15: 0000000000000000 [ 44.634667][ C1] FS: 0000000000000000(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000 [ 44.643430][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.649852][ C1] CR2: 00000000fffffffe CR3: 0000000120441000 CR4: 00000000003506a0 [ 44.657671][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.665558][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.673372][ C1] Call Trace: [ 44.676506][ C1] ? show_regs.part.0+0x1e/0x20 [ 44.681183][ C1] ? die_addr.cold+0x8/0xd [ 44.685440][ C1] ? exc_general_protection+0x19b/0x2e0 [ 44.690998][ C1] ? asm_exc_general_protection+0x1e/0x30 [ 44.696554][ C1] ? rt6_uncached_list_del+0x1d1/0x2b0 [ 44.701848][ C1] ? rt6_uncached_list_del+0xcd/0x2b0 [ 44.707106][ C1] ip6_dst_destroy+0x73/0x1a0 [ 44.711584][ C1] dst_destroy+0xe0/0x2d0 [ 44.715746][ C1] dst_destroy_rcu+0xd/0x10 [ 44.720082][ C1] rcu_do_batch+0x34e/0xb90 [ 44.724505][ C1] ? rcu_nocb_gp_kthread+0x1030/0x1030 [ 44.729812][ C1] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 44.735455][ C1] ? rcu_accelerate_cbs+0x60/0x510 [ 44.740420][ C1] ? rcu_report_qs_rnp+0x22e/0x360 [ 44.745335][ C1] rcu_core+0x3fa/0xa40 [ 44.749326][ C1] rcu_core_si+0x9/0x10 [ 44.753322][ C1] __do_softirq+0x1bc/0x5f3 [ 44.757660][ C1] ? trace_event_raw_event_irq_handler_exit+0x1f0/0x1f0 [ 44.764427][ C1] run_ksoftirqd+0x26/0x30 [ 44.768702][ C1] smpboot_thread_fn+0x527/0x810 [ 44.773567][ C1] ? smpboot_register_percpu_thread+0x340/0x340 [ 44.779758][ C1] ? __kasan_check_read+0x11/0x20 [ 44.784739][ C1] ? __kthread_parkme+0x78/0x140 [ 44.789532][ C1] ? schedule+0xf2/0x270 [ 44.793677][ C1] ? smpboot_register_percpu_thread+0x340/0x340 [ 44.799752][ C1] kthread+0x345/0x420 [ 44.803657][ C1] ? schedule_tail+0xe9/0x1e0 [ 44.808170][ C1] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 44.814002][ C1] ret_from_fork+0x1f/0x30 [ 44.818240][ C1] Modules linked in: [ 44.822197][ C0] general protection fault, probably for non-canonical address 0xb08000a1b1e000a8: 0000 [#2] PREEMPT SMP KASAN [ 44.822232][ C1] ---[ end trace a31a2eba2a9b3b72 ]--- [ 44.833701][ C0] CPU: 0 PID: 368 Comm: syz-executor.0 Tainted: G B D 5.10.199-syzkaller #0 [ 44.833704][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 44.833715][ C0] RIP: 0010:rcu_do_batch+0x34c/0xb90 [ 44.833721][ C0] Code: 0f 84 01 01 00 00 49 8d 78 08 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 3a 06 00 00 49 8b 40 08 4c 89 c7 49 c7 40 08 00 00 00 00 d0 65 8b 05 1b dc b8 7e f6 c4 01 75 9d 48 c7 c7 aa 91 49 81 be [ 44.833723][ C0] RSP: 0018:ffffc90000007e18 EFLAGS: 00010246 [ 44.839050][ C1] RIP: 0010:rt6_uncached_list_del+0x1d1/0x2b0 [ 44.849972][ C0] RAX: b08000a1b1e000a8 RBX: dffffc0000000000 RCX: 1ffff110242cb473 [ 44.849975][ C0] RDX: 0000015cffffffff RSI: ffffffff813a522c RDI: ffff88812165a398 [ 44.849977][ C0] RBP: ffffc90000007f18 R08: ffff88812165a398 R09: 000000007d256100 [ 44.849979][ C0] R10: ffffc900000079b8 R11: 0000000000000001 R12: ffff888109be0000 [ 44.849981][ C0] R13: ffffc90000007e90 R14: ffffc90000007ef0 R15: 0000000000000000 [ 44.849985][ C0] FS: 00007ff4de3596c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000 [ 44.849995][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.859972][ C1] Code: 00 49 8d bf a0 07 00 00 48 b8 22 01 00 00 00 00 ad de 48 89 fa 48 89 83 d0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 5e 49 8b 9f a0 07 00 00 be 04 00 00 00 48 8d 7b 18 [ 44.865075][ C0] CR2: 00000000fffffffe CR3: 0000000120441000 CR4: 00000000003506b0 [ 44.865077][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.865079][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.865081][ C0] Call Trace: [ 44.865085][ C0] [ 44.865099][ C0] ? show_regs.part.0+0x1e/0x20 [ 44.865104][ C0] ? die_addr.cold+0x8/0xd [ 44.865117][ C0] ? exc_general_protection+0x19b/0x2e0 [ 44.884603][ C1] RSP: 0018:ffffc90000137bc8 EFLAGS: 00010202 [ 44.890430][ C0] ? asm_exc_general_protection+0x1e/0x30 [ 44.890440][ C0] ? put_cred_rcu+0x1bc/0x2c0 [ 44.890450][ C0] ? rcu_do_batch+0x34c/0xb90 [ 44.896416][ C1] [ 44.904224][ C0] ? rcu_do_batch+0x34e/0xb90 [ 44.912051][ C1] RAX: dffffc0000000000 RBX: ffff888121651640 RCX: dffffc0000000000 [ 44.919846][ C0] ? rcu_nocb_gp_kthread+0x1030/0x1030 [ 44.919851][ C0] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 44.919857][ C0] rcu_core+0x3fa/0xa40 [ 44.927670][ C1] RDX: 00000000000000f4 RSI: 1ffff1103eeaaf61 RDI: 00000000000007a0 [ 44.935469][ C0] rcu_core_si+0x9/0x10 [ 44.935474][ C0] __do_softirq+0x1bc/0x5f3 [ 44.935480][ C0] asm_call_irq_on_stack+0xf/0x20 [ 44.944238][ C1] RBP: ffffc90000137c00 R08: 0000000000000001 R09: 0000000000000003 [ 44.950658][ C0] [ 44.950664][ C0] do_softirq_own_stack+0x61/0x80 [ 44.950672][ C0] irq_exit_rcu+0x95/0x170 [ 44.970110][ C1] R10: fffff52000026f6c R11: ffffffff84f73048 R12: ffff888121651708 [ 44.977913][ C0] sysvec_apic_timer_interrupt+0x3f/0xe0 [ 44.977919][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 44.985727][ C1] R13: ffff888121651710 R14: ffff8881f7557b00 R15: 0000000000000000 [ 44.993552][ C0] RIP: 0010:__memmove+0x19c/0x1a0 [ 44.996667][ C1] FS: 0000000000000000(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000 [ 44.999535][ C0] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 cc eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 45.004214][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.008549][ C0] RSP: 0018:ffffc90000997898 EFLAGS: 00010282 [ 45.008556][ C0] RAX: ffff888120856048 RBX: ffff888119895448 RCX: fffffffffef6f8dc [ 45.008558][ C0] RDX: ffffffffffffffb8 RSI: ffff8881218e6730 RDI: ffff8881218e6724 [ 45.008560][ C0] RBP: ffffc900009978b8 R08: 0000000000000001 R09: ffff888120856000 [ 45.008562][ C0] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffffffffffffb8 [ 45.008567][ C0] R13: ffff888120856054 R14: ffff888120856048 R15: ffff88812085604c [ 45.013935][ C1] CR2: 00000000fffffffe CR3: 0000000120441000 CR4: 00000000003506a0 [ 45.019836][ C0] ? memmove+0x4e/0x60 [ 45.019844][ C0] ext4_ext_remove_space+0xfae/0x3c70 [ 45.025395][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.029912][ C0] ? ext4_ext_index_trans_blocks+0x100/0x100 [ 45.034588][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.036757][ C0] ? ext4_es_remove_extent+0x16f/0x250 [ 45.036761][ C0] ? ext4_es_lookup_extent+0x9b0/0x9b0 [ 45.036766][ C0] ? ext4_zero_partial_blocks+0x21b/0x520 [ 45.041269][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 45.049085][ C0] ? __ext4_journal_start_sb+0x33/0x2d0 [ 45.283794][ C0] ext4_punch_hole+0x783/0xf90 [ 45.288381][ C0] ? rwsem_down_write_slowpath+0x1160/0x1160 [ 45.294191][ C0] ext4_fallocate+0x6fb/0x2c90 [ 45.298792][ C0] ? avc_ss_reset+0x120/0x120 [ 45.303305][ C0] ? ext4_ext_truncate+0x1c0/0x1c0 [ 45.308254][ C0] ? security_file_permission+0x4c/0x460 [ 45.313720][ C0] vfs_fallocate+0x2b1/0xb10 [ 45.318148][ C0] ioctl_preallocate+0x149/0x1c0 [ 45.322926][ C0] ? fiemap_prep+0x200/0x200 [ 45.327347][ C0] ? __kasan_check_write+0x14/0x20 [ 45.332295][ C0] ? _raw_spin_lock_irq+0x87/0x110 [ 45.337240][ C0] do_vfs_ioctl+0xaec/0xd10 [ 45.341581][ C0] ? generic_block_fiemap+0x70/0x70 [ 45.346619][ C0] ? sigsuspend+0x250/0x250 [ 45.350962][ C0] ? __kasan_check_write+0x14/0x20 [ 45.355909][ C0] ? selinux_file_ioctl+0xee/0x240 [ 45.360850][ C0] __x64_sys_ioctl+0xce/0x1a0 [ 45.365374][ C0] do_syscall_64+0x32/0x80 [ 45.369615][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 45.375432][ C0] RIP: 0033:0x7ff4e6bb7ae9 [ 45.379729][ C0] syz-executor.0: Corrupted page table at address 7ff4e6bb7abf [ 45.387144][ C0] PGD 12043b067 P4D 12043b067 PUD 12043a067 PMD 12178c067 PTE 1632902500000001 [ 45.395915][ C0] Bad pagetable: 0009 [#3] PREEMPT SMP KASAN [ 45.401822][ C0] CPU: 0 PID: 368 Comm: syz-executor.0 Tainted: G B D 5.10.199-syzkaller #0 [ 45.411622][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 45.421610][ C0] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40 [ 45.428056][ C0] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 0f 1f 80 00 00 00 00 0f 01 cb 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 01 ca c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 83 f8 [ 45.447474][ C0] RSP: 0018:ffffc90000007a38 EFLAGS: 00050046 [ 45.453378][ C0] RAX: ffff888003e044d1 RBX: 0000000000000040 RCX: 0000000000000040 [ 45.461193][ C0] RDX: 0000000000000040 RSI: 00007ff4e6bb7abf RDI: ffffc90000007a78 [ 45.469000][ C0] RBP: ffffc90000007a68 R08: 0000000000000000 R09: ffffc90000007ab7 [ 45.476806][ C0] R10: fffff52000000f56 R11: 0000000000000001 R12: 00007ff4e6bb7abf [ 45.484614][ C0] R13: ffffc90000007a78 R14: ffff888109be0000 R15: ffffc90000997f58 [ 45.492430][ C0] FS: 00007ff4de3596c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000 [ 45.501199][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.507625][ C0] CR2: 00007ff4e6bb7abf CR3: 0000000120441000 CR4: 00000000003506b0 [ 45.515689][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.523503][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.531398][ C0] Call Trace: [ 45.534523][ C0] [ 45.537233][ C0] ? show_regs.part.0+0x1e/0x20 [ 45.541906][ C0] ? __die+0x5d/0x9e [ 45.545642][ C0] ? pgtable_bad+0x56/0x80 [ 45.549899][ C0] ? do_user_addr_fault+0x50d/0xa30 [ 45.554926][ C0] ? __kasan_check_write+0x14/0x20 [ 45.559874][ C0] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 45.565165][ C0] ? mm_fault_error+0x240/0x240 [ 45.569849][ C0] ? exc_page_fault+0x65/0xc0 [ 45.574371][ C0] ? asm_exc_page_fault+0x1e/0x30 [ 45.579225][ C0] ? copy_user_enhanced_fast_string+0xe/0x40 [ 45.585041][ C0] ? copy_from_user_nmi+0x128/0x1a0 [ 45.590162][ C0] show_opcodes+0x6d/0xd0 [ 45.594354][ C0] ? vprintk_default+0x18/0x20 [ 45.598924][ C0] ? vprintk_func+0x5a/0x150 [ 45.603356][ C0] show_ip+0x32/0x38 [ 45.607083][ C0] show_iret_regs+0x12/0x3b [ 45.611424][ C0] __show_regs+0x21/0x60 [ 45.615509][ C0] ? is_bpf_text_address+0x1f/0x30 [ 45.620456][ C0] show_regs_if_on_stack.constprop.0+0x39/0x3c [ 45.626440][ C0] show_trace_log_lvl+0x284/0x2b3 [ 45.631307][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 45.637203][ C0] show_regs.part.0+0x1e/0x20 [ 45.641715][ C0] die_addr.cold+0x8/0xd [ 45.645797][ C0] exc_general_protection+0x19b/0x2e0 [ 45.651177][ C0] asm_exc_general_protection+0x1e/0x30 [ 45.656560][ C0] RIP: 0010:rcu_do_batch+0x34c/0xb90 [ 45.661690][ C0] Code: 0f 84 01 01 00 00 49 8d 78 08 48 89 f8 48 c1 e8 03 80 3c 18 00 0f 85 3a 06 00 00 49 8b 40 08 4c 89 c7 49 c7 40 08 00 00 00 00 d0 65 8b 05 1b dc b8 7e f6 c4 01 75 9d 48 c7 c7 aa 91 49 81 be [ 45.681133][ C0] RSP: 0018:ffffc90000007e18 EFLAGS: 00010246 [ 45.687049][ C0] RAX: b08000a1b1e000a8 RBX: dffffc0000000000 RCX: 1ffff110242cb473 [ 45.694845][ C0] RDX: 0000015cffffffff RSI: ffffffff813a522c RDI: ffff88812165a398 [ 45.702679][ C0] RBP: ffffc90000007f18 R08: ffff88812165a398 R09: 000000007d256100 [ 45.710551][ C0] R10: ffffc900000079b8 R11: 0000000000000001 R12: ffff888109be0000 [ 45.718359][ C0] R13: ffffc90000007e90 R14: ffffc90000007ef0 R15: 0000000000000000 [ 45.726273][ C0] ? put_cred_rcu+0x1bc/0x2c0 [ 45.730782][ C0] ? rcu_do_batch+0x34e/0xb90 [ 45.735279][ C0] ? rcu_nocb_gp_kthread+0x1030/0x1030 [ 45.740586][ C0] ? _raw_spin_unlock_irqrestore+0x47/0x80 [ 45.746224][ C0] rcu_core+0x3fa/0xa40 [ 45.750210][ C0] rcu_core_si+0x9/0x10 [ 45.754288][ C0] __do_softirq+0x1bc/0x5f3 [ 45.758630][ C0] asm_call_irq_on_stack+0xf/0x20 [ 45.763488][ C0] [ 45.766269][ C0] do_softirq_own_stack+0x61/0x80 [ 45.771135][ C0] irq_exit_rcu+0x95/0x170 [ 45.775400][ C0] sysvec_apic_timer_interrupt+0x3f/0xe0 [ 45.780849][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 45.786664][ C0] RIP: 0010:__memmove+0x19c/0x1a0 [ 45.791540][ C0] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 cc eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 45.811080][ C0] RSP: 0018:ffffc90000997898 EFLAGS: 00010282 [ 45.816972][ C0] RAX: ffff888120856048 RBX: ffff888119895448 RCX: fffffffffef6f8dc [ 45.824772][ C0] RDX: ffffffffffffffb8 RSI: ffff8881218e6730 RDI: ffff8881218e6724 [ 45.832574][ C0] RBP: ffffc900009978b8 R08: 0000000000000001 R09: ffff888120856000 [ 45.840387][ C0] R10: dffffc0000000000 R11: 0000000000000000 R12: ffffffffffffffb8 [ 45.848198][ C0] R13: ffff888120856054 R14: ffff888120856048 R15: ffff88812085604c [ 45.856201][ C0] ? memmove+0x4e/0x60 [ 45.860097][ C0] ext4_ext_remove_space+0xfae/0x3c70 [ 45.865302][ C0] ? ext4_ext_index_trans_blocks+0x100/0x100 [ 45.871560][ C0] ? ext4_es_remove_extent+0x16f/0x250 [ 45.876849][ C0] ? ext4_es_lookup_extent+0x9b0/0x9b0 [ 45.882149][ C0] ? ext4_zero_partial_blocks+0x21b/0x520 [ 45.888221][ C0] ? __ext4_journal_start_sb+0x33/0x2d0 [ 45.893688][ C0] ext4_punch_hole+0x783/0xf90 [ 45.898828][ C0] ? rwsem_down_write_slowpath+0x1160/0x1160 [ 45.904722][ C0] ext4_fallocate+0x6fb/0x2c90 [ 45.909422][ C0] ? avc_ss_reset+0x120/0x120 [ 45.913912][ C0] ? ext4_ext_truncate+0x1c0/0x1c0 [ 45.918862][ C0] ? security_file_permission+0x4c/0x460 [ 45.924328][ C0] vfs_fallocate+0x2b1/0xb10 [ 45.928771][ C0] ioctl_preallocate+0x149/0x1c0 [ 45.933625][ C0] ? fiemap_prep+0x200/0x200 [ 45.938048][ C0] ? __kasan_check_write+0x14/0x20 [ 45.942989][ C0] ? _raw_spin_lock_irq+0x87/0x110 [ 45.947935][ C0] do_vfs_ioctl+0xaec/0xd10 [ 45.952282][ C0] ? generic_block_fiemap+0x70/0x70 [ 45.957310][ C0] ? sigsuspend+0x250/0x250 [ 45.961649][ C0] ? __kasan_check_write+0x14/0x20 [ 45.966616][ C0] ? selinux_file_ioctl+0xee/0x240 [ 45.971605][ C0] __x64_sys_ioctl+0xce/0x1a0 [ 45.976068][ C0] do_syscall_64+0x32/0x80 [ 45.980312][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 45.986037][ C0] RIP: 0033:0x7ff4e6bb7ae9 [ 45.990304][ C0] syz-executor.0: Corrupted page table at address 7ff4e6bb7abf [ 45.997753][ C0] PGD 12043b067 P4D 12043b067 PUD 12043a067 PMD 12178c067 PTE 1632902500000001 [ 46.006616][ C0] Bad pagetable: 0009 [#4] PREEMPT SMP KASAN [ 46.012424][ C0] CPU: 0 PID: 368 Comm: syz-executor.0 Tainted: G B D 5.10.199-syzkaller #0 [ 46.022143][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 46.032387][ C0] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40 [ 46.038814][ C0] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 0f 1f 80 00 00 00 00 0f 01 cb 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 01 ca c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 83 f8 [ 46.059202][ C0] RSP: 0018:ffffc900000075d8 EFLAGS: 00050046 [ 46.065105][ C0] RAX: ffff888003e044d1 RBX: 0000000000000040 RCX: 0000000000000040 [ 46.072928][ C0] RDX: 0000000000000040 RSI: 00007ff4e6bb7abf RDI: ffffc90000007618 [ 46.080730][ C0] RBP: ffffc90000007608 R08: 0000000000000000 R09: ffffc90000007657 [ 46.088544][ C0] R10: fffff52000000eca R11: 0000000000000001 R12: 00007ff4e6bb7abf [ 46.096351][ C0] R13: ffffc90000007618 R14: ffff888109be0000 R15: ffffc90000997f58 [ 46.104251][ C0] FS: 00007ff4de3596c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000 [ 46.113021][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.119442][ C0] CR2: 00007ff4e6bb7abf CR3: 0000000120441000 CR4: 00000000003506b0 [ 46.127254][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.135149][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.142961][ C0] Call Trace: [ 46.146087][ C0] [ 46.148787][ C0] ? show_regs.part.0+0x1e/0x20 [ 46.153464][ C0] ? __die+0x5d/0x9e [ 46.157198][ C0] ? pgtable_bad+0x56/0x80 [ 46.161455][ C0] ? do_user_addr_fault+0x50d/0xa30 [ 46.166492][ C0] ? __kasan_check_write+0x14/0x20 [ 46.171520][ C0] ? _raw_spin_lock_irqsave+0x8c/0x120 [ 46.176813][ C0] ? mm_fault_error+0x240/0x240 [ 46.181565][ C1] Shutting down cpus with NMI