Warning: Permanently added '10.128.0.233' (ED25519) to the list of known hosts.
2023/11/17 11:07:47 ignoring optional flag "sandboxArg"="0"
2023/11/17 11:07:47 parsed 1 programs
2023/11/17 11:07:47 executed programs: 0
[   43.507267][   T23] kauditd_printk_skb: 67 callbacks suppressed
[   43.507279][   T23] audit: type=1400 audit(1700219267.470:143): avc:  denied  { mounton } for  pid=406 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   43.540215][   T23] audit: type=1400 audit(1700219267.470:144): avc:  denied  { mount } for  pid=406 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   43.573254][  T411] cgroup1: Unknown subsys name 'perf_event'
[   43.584944][  T413] cgroup1: Unknown subsys name 'perf_event'
[   43.594769][   T23] audit: type=1400 audit(1700219267.530:145): avc:  denied  { mounton } for  pid=411 comm="syz-executor.0" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   43.609606][  T418] cgroup1: Unknown subsys name 'perf_event'
[   43.619707][  T416] cgroup1: Unknown subsys name 'perf_event'
[   43.626912][  T419] cgroup1: Unknown subsys name 'perf_event'
[   43.630261][  T413] cgroup1: Unknown subsys name 'net_cls'
[   43.638515][  T420] cgroup1: Unknown subsys name 'perf_event'
[   43.647677][  T418] cgroup1: Unknown subsys name 'net_cls'
[   43.647784][  T416] cgroup1: Unknown subsys name 'net_cls'
[   43.653675][  T411] cgroup1: Unknown subsys name 'net_cls'
[   43.664623][  T420] cgroup1: Unknown subsys name 'net_cls'
[   43.670722][  T419] cgroup1: Unknown subsys name 'net_cls'
[   43.672241][   T23] audit: type=1400 audit(1700219267.530:146): avc:  denied  { mounton } for  pid=411 comm="syz-executor.0" path="/syzcgroup/cpu" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   43.902416][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.909439][  T413] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.917118][  T413] device bridge_slave_0 entered promiscuous mode
[   43.942559][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.950179][  T413] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.957814][  T413] device bridge_slave_1 entered promiscuous mode
[   44.002460][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.009522][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.017034][  T420] device bridge_slave_0 entered promiscuous mode
[   44.024051][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.031080][  T419] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.038352][  T419] device bridge_slave_0 entered promiscuous mode
[   44.047552][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.054455][  T419] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.062062][  T419] device bridge_slave_1 entered promiscuous mode
[   44.068651][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.075562][  T411] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.083091][  T411] device bridge_slave_0 entered promiscuous mode
[   44.093460][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.100366][  T411] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.107667][  T411] device bridge_slave_1 entered promiscuous mode
[   44.114488][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.121354][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.128786][  T420] device bridge_slave_1 entered promiscuous mode
[   44.181786][  T418] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.188780][  T418] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.196520][  T418] device bridge_slave_0 entered promiscuous mode
[   44.210135][  T418] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.217941][  T418] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.226177][  T418] device bridge_slave_1 entered promiscuous mode
[   44.339697][  T416] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.346942][  T416] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.354606][  T416] device bridge_slave_0 entered promiscuous mode
[   44.366349][  T416] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.373250][  T416] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.381373][  T416] device bridge_slave_1 entered promiscuous mode
[   44.454745][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.461716][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.468825][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.475694][  T413] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.516187][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.523263][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.530957][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.537979][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.563496][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.570499][  T411] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.577771][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.584709][  T411] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.599976][  T419] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.607725][  T419] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.615211][  T419] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.622981][  T419] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.656747][  T418] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.664060][  T418] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.671364][  T418] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.678297][  T418] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.732543][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.741187][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.749399][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.757062][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.764268][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.771599][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.778629][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.785792][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.792985][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.799937][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.808043][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.815754][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.831116][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.839165][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.846210][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.853511][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.861625][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.868534][  T364] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.894162][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   44.902883][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.913265][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.921154][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.943268][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   44.951482][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.959596][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.967876][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.992400][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.001496][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.009798][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.017125][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.024730][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.033099][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.041694][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.048831][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.056521][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   45.064011][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.071787][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.080731][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.088924][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.095954][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.103122][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.111723][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.121166][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.128202][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.135480][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.143900][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.152404][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.159430][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.176830][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.185948][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.194789][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.201881][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.220497][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   45.229641][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.238422][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   45.246725][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.278637][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.286624][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   45.294186][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.304024][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.311994][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.320175][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.328650][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.335952][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.343922][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   45.351903][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.359834][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   45.368204][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.376441][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   45.385382][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.393975][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.402259][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.410226][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.417374][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.430377][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   45.438133][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.467417][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   45.475639][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.483819][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   45.492577][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.509927][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   45.520867][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.546469][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.555551][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.564417][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   45.573741][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.607954][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.616550][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   45.624951][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.633459][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   45.642780][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.651586][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   45.659841][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.669654][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   45.677817][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   45.696844][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.705259][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   45.713619][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.722044][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   45.730715][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.738847][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.746356][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.754184][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   45.776164][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   45.785255][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.793816][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.800786][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.808497][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.816937][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.834890][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.884710][   T23] audit: type=1400 audit(1700219269.850:147): avc:  denied  { mounton } for  pid=442 comm="syz-executor.1" path="/root/syzkaller-testdir3653519028/syzkaller.OxnpJO/0/file0" dev="sda1" ino=1962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   45.891507][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   45.916443][   T23] audit: type=1400 audit(1700219269.880:148): avc:  denied  { mount } for  pid=442 comm="syz-executor.1" name="/" dev="incremental-fs" ino=1962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   45.923732][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.946289][   T23] audit: type=1400 audit(1700219269.880:149): avc:  denied  { unmount } for  pid=442 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   45.953748][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.981942][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   45.990226][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.998670][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.007298][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.016042][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   46.024863][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.033844][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   46.042619][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.051539][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.087345][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.097292][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.106046][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   46.115669][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.124906][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   46.133979][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.159194][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.168346][  T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.203463][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   46.232105][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.253913][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   46.264471][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.289875][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   46.299796][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.343193][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   46.352568][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.361318][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.369506][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.410846][   T23] audit: type=1400 audit(1700219270.370:150): avc:  denied  { read } for  pid=483 comm="syz-executor.5" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.438169][   T23] audit: type=1400 audit(1700219270.370:151): avc:  denied  { open } for  pid=483 comm="syz-executor.5" path="/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
2023/11/17 11:07:52 executed programs: 142
2023/11/17 11:07:57 executed programs: 469
[   53.899765][ T2181] ==================================================================
[   53.907778][ T2181] BUG: KASAN: use-after-free in path_openat+0x1c9e/0x3480
[   53.914714][ T2181] Read of size 4 at addr ffff8881eba7301c by task syz-executor.0/2181
[   53.922866][ T2181] 
[   53.925038][ T2181] CPU: 1 PID: 2181 Comm: syz-executor.0 Not tainted 5.4.254-syzkaller-04743-g2ac128c04e33 #0
[   53.935247][ T2181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   53.945121][ T2181] Call Trace:
[   53.948253][ T2181]  dump_stack+0x1d8/0x241
[   53.952437][ T2181]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   53.958070][ T2181]  ? printk+0xd1/0x111
[   53.961966][ T2181]  ? path_openat+0x1c9e/0x3480
[   53.966567][ T2181]  print_address_description+0x8c/0x600
[   53.971955][ T2181]  ? path_openat+0x1c9e/0x3480
[   53.976546][ T2181]  __kasan_report+0xf3/0x120
[   53.980970][ T2181]  ? path_openat+0x1c9e/0x3480
[   53.985579][ T2181]  kasan_report+0x30/0x60
[   53.989738][ T2181]  path_openat+0x1c9e/0x3480
[   53.994170][ T2181]  ? do_filp_open+0x450/0x450
[   53.998875][ T2181]  ? do_sys_open+0x357/0x810
[   54.003291][ T2181]  ? do_syscall_64+0xca/0x1c0
[   54.007803][ T2181]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   54.013801][ T2181]  do_filp_open+0x20b/0x450
[   54.018224][ T2181]  ? vfs_tmpfile+0x280/0x280
[   54.022855][ T2181]  ? _raw_spin_unlock+0x49/0x60
[   54.027525][ T2181]  ? __alloc_fd+0x4c1/0x560
[   54.031862][ T2181]  do_sys_open+0x39c/0x810
[   54.036204][ T2181]  ? file_open_root+0x490/0x490
[   54.040888][ T2181]  ? switch_fpu_return+0x1d4/0x410
[   54.045833][ T2181]  ? ksys_mount+0xe0/0xf0
[   54.050002][ T2181]  do_syscall_64+0xca/0x1c0
[   54.054343][ T2181]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   54.060064][ T2181] 
[   54.062234][ T2181] Allocated by task 2181:
[   54.066524][ T2181]  __kasan_kmalloc+0x171/0x210
[   54.071192][ T2181]  alloc_inode+0x43/0x70
[   54.075288][ T2181]  iget5_locked+0x9c/0x260
[   54.079582][ T2181]  fetch_regular_inode+0x256/0x320
[   54.084496][ T2181]  incfs_mount_fs+0x5c3/0xa00
[   54.089074][ T2181]  legacy_get_tree+0xdf/0x170
[   54.093716][ T2181]  vfs_get_tree+0x85/0x260
[   54.098139][ T2181]  do_new_mount+0x292/0x570
[   54.102489][ T2181]  do_mount+0x688/0xe10
[   54.106473][ T2181]  ksys_mount+0xc2/0xf0
[   54.110464][ T2181]  __x64_sys_mount+0xb1/0xc0
[   54.114897][ T2181]  do_syscall_64+0xca/0x1c0
[   54.119237][ T2181]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   54.124956][ T2181] 
[   54.127211][ T2181] Freed by task 2165:
[   54.131041][ T2181]  __kasan_slab_free+0x1b5/0x270
[   54.135817][ T2181]  kfree+0x123/0x370
[   54.139550][ T2181]  evict+0x59d/0x6a0
[   54.143365][ T2181]  evict_inodes+0x5e1/0x660
[   54.147986][ T2181]  generic_shutdown_super+0x94/0x2a0
[   54.153106][ T2181]  kill_anon_super+0x37/0x60
[   54.157523][ T2181]  incfs_kill_sb+0x4c/0x200
[   54.161860][ T2181]  deactivate_locked_super+0xa8/0x110
[   54.167249][ T2181]  deactivate_super+0x1e2/0x2a0
[   54.171932][ T2181]  cleanup_mnt+0x44e/0x500
[   54.176185][ T2181]  task_work_run+0x140/0x170
[   54.180655][ T2181]  exit_to_usermode_loop+0x190/0x1a0
[   54.185735][ T2181]  prepare_exit_to_usermode+0x199/0x200
[   54.191127][ T2181]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   54.197795][ T2181] 
[   54.199976][ T2181] The buggy address belongs to the object at ffff8881eba73000
[   54.199976][ T2181]  which belongs to the cache kmalloc-1k of size 1024
[   54.214125][ T2181] The buggy address is located 28 bytes inside of
[   54.214125][ T2181]  1024-byte region [ffff8881eba73000, ffff8881eba73400)
[   54.227561][ T2181] The buggy address belongs to the page:
[   54.233050][ T2181] page:ffffea0007ae9c00 refcount:1 mapcount:0 mapping:ffff8881f5c02280 index:0x0 compound_mapcount: 0
[   54.243895][ T2181] flags: 0x8000000000010200(slab|head)
[   54.249188][ T2181] raw: 8000000000010200 ffffea000779c800 0000000300000003 ffff8881f5c02280
[   54.257687][ T2181] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   54.266188][ T2181] page dumped because: kasan: bad access detected
[   54.272435][ T2181] page_owner tracks the page as allocated
[   54.277999][ T2181] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
[   54.292934][ T2181]  prep_new_page+0x18f/0x370
[   54.297378][ T2181]  get_page_from_freelist+0x2d13/0x2d90
[   54.302728][ T2181]  __alloc_pages_nodemask+0x393/0x840
[   54.307937][ T2181]  alloc_slab_page+0x39/0x3c0
[   54.312711][ T2181]  new_slab+0x97/0x440
[   54.316708][ T2181]  ___slab_alloc+0x2fe/0x490
[   54.321127][ T2181]  __slab_alloc+0x62/0xa0
[   54.325379][ T2181]  __kmalloc+0x19b/0x2e0
[   54.329461][ T2181]  ipt_alloc_initial_table+0x68/0x570
[   54.334787][ T2181]  iptable_security_table_init+0x4e/0xa0
[   54.340266][ T2181]  xt_find_table_lock+0x24f/0x3f0
[   54.345111][ T2181]  xt_request_find_table_lock+0x20/0x110
[   54.350571][ T2181]  get_info+0x1c2/0x560
[   54.354675][ T2181]  do_ipt_get_ctl+0x168/0xb60
[   54.359343][ T2181]  nf_getsockopt+0x28c/0x2b0
[   54.363767][ T2181]  ip_getsockopt+0x15d/0x220
[   54.368273][ T2181] page last free stack trace:
[   54.372793][ T2181]  __free_pages_ok+0x847/0x950
[   54.377391][ T2181]  __free_pages+0x91/0x140
[   54.381650][ T2181]  __free_slab+0x221/0x2e0
[   54.386079][ T2181]  unfreeze_partials+0x14e/0x180
[   54.390949][ T2181]  put_cpu_partial+0x44/0x180
[   54.395583][ T2181]  __slab_free+0x297/0x360
[   54.400348][ T2181]  qlist_free_all+0x43/0xb0
[   54.405072][ T2181]  quarantine_reduce+0x1d9/0x210
[   54.409844][ T2181]  __kasan_kmalloc+0x41/0x210
[   54.414348][ T2181]  kmem_cache_alloc+0xd9/0x250
[   54.419220][ T2181]  getname_flags+0xb8/0x4e0
[   54.423713][ T2181]  do_sys_open+0x357/0x810
[   54.427901][ T2181]  do_syscall_64+0xca/0x1c0
[   54.432257][ T2181]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   54.438203][ T2181] 
[   54.440549][ T2181] Memory state around the buggy address:
[   54.446271][ T2181]  ffff8881eba72f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   54.454254][ T2181]  ffff8881eba72f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   54.462159][ T2181] >ffff8881eba73000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.470037][ T2181]                             ^
[   54.474847][ T2181]  ffff8881eba73080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.482864][ T2181]  ffff8881eba73100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.490727][ T2181] ==================================================================
[   54.498714][ T2181] Disabling lock debugging due to kernel taint
2023/11/17 11:08:02 executed programs: 756
2023/11/17 11:08:07 executed programs: 1091