[ 21.720642][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.734490][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.742782][ T73] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.758026][ T385] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 22.282907][ T7] device bridge_slave_1 left promiscuous mode [ 22.289080][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.297000][ T7] device bridge_slave_0 left promiscuous mode [ 22.303255][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.675252][ T22] kauditd_printk_skb: 65 callbacks suppressed [ 32.675259][ T22] audit: type=1400 audit(1670875543.989:148): avc: denied { read } for pid=141 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Warning: Permanently added '10.128.0.236' (ECDSA) to the list of known hosts. 2022/12/12 20:05:50 ignoring optional flag "sandboxArg"="0" 2022/12/12 20:05:51 parsed 1 programs 2022/12/12 20:05:51 executed programs: 0 [ 39.739509][ T22] audit: type=1400 audit(1670875551.049:149): avc: denied { mounton } for pid=412 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 39.764392][ T22] audit: type=1400 audit(1670875551.049:150): avc: denied { mount } for pid=412 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 39.787922][ T22] audit: type=1400 audit(1670875551.049:151): avc: denied { mounton } for pid=415 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 39.791242][ T415] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.812084][ T22] audit: type=1400 audit(1670875551.049:152): avc: denied { module_request } for pid=415 comm="syz-executor.0" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 39.819298][ T415] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.848336][ T415] device bridge_slave_0 entered promiscuous mode [ 39.855136][ T415] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.862239][ T415] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.869571][ T415] device bridge_slave_1 entered promiscuous mode [ 39.897252][ T415] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.904293][ T415] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.911767][ T415] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.918877][ T415] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.934618][ T18] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.941776][ T18] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.949185][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.956816][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.966007][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.974174][ T106] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.981182][ T106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.990255][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.998428][ T106] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.005457][ T106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.023190][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.031529][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.039925][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.047848][ T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.057832][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.068581][ T106] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.078617][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.091580][ T22] audit: type=1400 audit(1670875551.399:153): avc: denied { mount } for pid=415 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 40.119616][ T22] audit: type=1400 audit(1670875551.429:154): avc: denied { mounton } for pid=421 comm="syz-executor.0" path="/root/syzkaller-testdir3900548278/syzkaller.7nZoex/0/file0" dev="sda1" ino=1148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 40.120286][ T422] erofs: (device loop0): mounted with root inode @ nid 36. [ 40.154841][ T422] attempt to access beyond end of device [ 40.154841][ T422] loop0: rw=0, want=2201354232, limit=264192 [ 40.166502][ T422] BUG: unable to handle page fault for address: fffff521001a2ebd [ 40.174200][ T422] #PF: supervisor read access in kernel mode [ 40.180148][ T422] #PF: error_code(0x0000) - not-present page [ 40.186108][ T422] PGD 23ffef067 P4D 23ffef067 PUD 0 [ 40.191376][ T422] Oops: 0000 [#1] PREEMPT SMP KASAN [ 40.196638][ T422] CPU: 1 PID: 422 Comm: syz-executor.0 Not tainted 5.10.158-syzkaller #0 [ 40.205145][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 40.215185][ T422] RIP: 0010:z_erofs_decompress_queue+0x70f/0x1ca0 [ 40.221572][ T422] Code: 04 03 00 00 8b 03 c1 f8 02 4c 8b 74 24 08 89 c0 48 8b 4c 24 58 4c 8d 2c c1 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 d2 c8 8d ff 4d 8b 7d 00 4d 85 ff [ 40.241153][ T422] RSP: 0018:ffffc90000d174e0 EFLAGS: 00010a06 [ 40.247197][ T422] RAX: dffffc0000000000 RBX: ffffea000478fca8 RCX: ffffc90000d175f0 [ 40.255142][ T422] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea000478fca8 [ 40.263182][ T422] RBP: ffffc90000d17930 R08: dffffc0000000000 R09: fffff940008f1f96 [ 40.271132][ T422] R10: fffff940008f1f96 R11: 1ffffd40008f1f95 R12: 1ffff921001a2ebd [ 40.279076][ T422] R13: ffffc90800d175e8 R14: 1ffff110239446ed R15: dffffc0000000000 [ 40.287030][ T422] FS: 00007f16c4b97700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 40.296219][ T422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.302784][ T422] CR2: fffff521001a2ebd CR3: 000000011ac12000 CR4: 00000000003506a0 [ 40.310732][ T422] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.318675][ T422] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.326621][ T422] Call Trace: [ 40.329893][ T422] ? slab_free_freelist_hook+0x7f/0x150 [ 40.335425][ T422] ? mempool_free+0xd5/0x300 [ 40.339993][ T422] z_erofs_runqueue+0x14c8/0x1570 [ 40.344999][ T422] z_erofs_readpage+0x288/0x450 [ 40.349823][ T422] do_read_cache_page+0x65c/0xbe0 [ 40.354817][ T422] read_cache_page+0x4d/0x70 [ 40.359376][ T422] erofs_namei+0x15e/0x11a0 [ 40.363860][ T422] ? kmem_cache_alloc+0x134/0x2a0 [ 40.368855][ T422] erofs_lookup+0xdf/0x360 [ 40.373420][ T422] __lookup_hash+0x141/0x290 [ 40.377984][ T422] filename_create+0x187/0x6d0 [ 40.382723][ T422] do_mknodat+0x10d/0x3c0 [ 40.387026][ T422] ? __kasan_check_write+0x14/0x20 [ 40.392113][ T422] __x64_sys_mknodat+0x9b/0xb0 [ 40.396856][ T422] do_syscall_64+0x34/0x70 [ 40.401257][ T422] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 40.407128][ T422] RIP: 0033:0x7f16c50235a9 [ 40.411521][ T422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 40.431108][ T422] RSP: 002b:00007f16c4b97168 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 40.439581][ T422] RAX: ffffffffffffffda RBX: 00007f16c5143f80 RCX: 00007f16c50235a9 [ 40.447529][ T422] RDX: 0000000000000004 RSI: 0000000020000080 RDI: 0000000000000005 [ 40.455474][ T422] RBP: 00007f16c507e7b0 R08: 0000000000000000 R09: 0000000000000000 [ 40.463418][ T422] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 40.471387][ T422] R13: 00007fff7e49918f R14: 00007f16c4b97300 R15: 0000000000022000 [ 40.479331][ T422] Modules linked in: [ 40.483203][ T422] CR2: fffff521001a2ebd [ 40.487327][ T422] ---[ end trace 7257e228e043df77 ]--- [ 40.493368][ T422] RIP: 0010:z_erofs_decompress_queue+0x70f/0x1ca0 [ 40.499752][ T422] Code: 04 03 00 00 8b 03 c1 f8 02 4c 8b 74 24 08 89 c0 48 8b 4c 24 58 4c 8d 2c c1 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 d2 c8 8d ff 4d 8b 7d 00 4d 85 ff [ 40.519326][ T422] RSP: 0018:ffffc90000d174e0 EFLAGS: 00010a06 [ 40.525364][ T422] RAX: dffffc0000000000 RBX: ffffea000478fca8 RCX: ffffc90000d175f0 [ 40.533426][ T422] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffea000478fca8 [ 40.541369][ T422] RBP: ffffc90000d17930 R08: dffffc0000000000 R09: fffff940008f1f96 [ 40.549401][ T422] R10: fffff940008f1f96 R11: 1ffffd40008f1f95 R12: 1ffff921001a2ebd [ 40.557342][ T422] R13: ffffc90800d175e8 R14: 1ffff110239446ed R15: dffffc0000000000 [ 40.565374][ T422] FS: 00007f16c4b97700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 40.574279][ T422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.580834][ T422] CR2: fffff521001a2ebd CR3: 000000011ac12000 CR4: 00000000003506a0 [ 40.588778][ T422] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.596726][ T422] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.604673][ T422] Kernel panic - not syncing: Fatal exception [ 40.610943][ T422] Kernel Offset: disabled [ 40.615247][ T422] Rebooting in 86400 seconds..