Warning: Permanently added '10.128.1.253' (ED25519) to the list of known hosts.
2024/05/29 09:38:35 ignoring optional flag "sandboxArg"="0"
2024/05/29 09:38:35 parsed 1 programs
2024/05/29 09:38:35 executed programs: 0
[   41.095807][   T28] kauditd_printk_skb: 18 callbacks suppressed
[   41.095823][   T28] audit: type=1400 audit(1716975515.843:94): avc:  denied  { unlink } for  pid=345 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   41.134242][  T345] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   41.199792][  T351] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.208318][  T351] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.216129][  T351] device bridge_slave_0 entered promiscuous mode
[   41.223366][  T351] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.230338][  T351] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.237789][  T351] device bridge_slave_1 entered promiscuous mode
[   41.286267][  T351] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.293218][  T351] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.300912][  T351] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.307943][  T351] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.329268][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.336859][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.344422][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   41.352230][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.362477][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.370682][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.377542][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.386244][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.394399][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.401388][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.413936][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.423055][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.437063][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.449298][  T351] device veth0_vlan entered promiscuous mode
[   41.455744][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.463682][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   41.471313][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   41.483127][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.492678][  T351] device veth1_macvtap entered promiscuous mode
[   41.502077][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   41.516033][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   41.536676][   T28] audit: type=1400 audit(1716975516.283:95): avc:  denied  { mounton } for  pid=356 comm="syz-executor.0" path="/root/syzkaller-testdir4243609562/syzkaller.TQ91tW/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   41.542489][  T357] incfs: ino conflict with backing FS 1
[   41.564930][   T28] audit: type=1400 audit(1716975516.283:96): avc:  denied  { mount } for  pid=356 comm="syz-executor.0" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   41.592345][   T28] audit: type=1400 audit(1716975516.283:97): avc:  denied  { mounton } for  pid=356 comm="syz-executor.0" path="/root/syzkaller-testdir4243609562/syzkaller.TQ91tW/0/file0/file0" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   41.622544][  T351] ------------[ cut here ]------------
[   41.628069][  T351] WARNING: CPU: 1 PID: 351 at fs/inode.c:332 drop_nlink+0xc1/0x110
[   41.628144][   T28] audit: type=1400 audit(1716975516.363:98): avc:  denied  { unmount } for  pid=351 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   41.635972][  T351] Modules linked in:
[   41.656638][   T28] audit: type=1400 audit(1716975516.363:99): avc:  denied  { unmount } for  pid=351 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   41.660013][  T351] CPU: 1 PID: 351 Comm: syz-executor.0 Not tainted 6.1.75-syzkaller-1151074-g3f139724700e #0
[   41.691771][  T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   41.702528][  T351] RIP: 0010:drop_nlink+0xc1/0x110
[   41.707466][  T351] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 f7 f5 ef ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bf 0d a9 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[   41.727715][  T351] RSP: 0018:ffffc900013b7bf0 EFLAGS: 00010293
[   41.734068][  T351] RAX: ffffffff81cc6071 RBX: 0000000000000000 RCX: ffff88810e2e5100
[   41.742415][  T351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   41.750685][  T351] RBP: ffffc900013b7c18 R08: ffffffff81cc5ff4 R09: 0000000000000003
[   41.759802][  T351] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[   41.768390][  T351] R13: 1ffff110233a4368 R14: ffff888119d21af8 R15: ffff888119d21b40
[   41.776283][  T351] FS:  0000555555aea480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   41.785193][  T351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.791952][  T351] CR2: 0000555555b03898 CR3: 0000000124779000 CR4: 00000000003506a0
[   41.799852][  T351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   41.807764][  T351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   41.815592][  T351] Call Trace:
[   41.819134][  T351]  <TASK>
[   41.821912][  T351]  ? show_regs+0x58/0x60
[   41.826035][  T351]  ? __warn+0x160/0x3d0
[   41.830464][  T351]  ? drop_nlink+0xc1/0x110
[   41.834812][  T351]  ? report_bug+0x4d5/0x7d0
[   41.839615][  T351]  ? drop_nlink+0xc1/0x110
[   41.844507][  T351]  ? handle_bug+0x41/0x70
[   41.848981][  T351]  ? exc_invalid_op+0x1b/0x50
[   41.853675][  T351]  ? asm_exc_invalid_op+0x1b/0x20
[   41.858939][  T351]  ? drop_nlink+0x44/0x110
[   41.863269][  T351]  ? drop_nlink+0xc1/0x110
[   41.867796][  T351]  ? drop_nlink+0xc1/0x110
[   41.872109][  T351]  shmem_rmdir+0x59/0x90
[   41.876881][  T351]  vfs_rmdir+0x398/0x500
[   41.881420][  T351]  incfs_kill_sb+0x113/0x230
[   41.885872][  T351]  deactivate_locked_super+0xad/0x110
[   41.891339][  T351]  deactivate_super+0xbe/0xf0
[   41.895942][  T351]  cleanup_mnt+0x485/0x510
[   41.900601][  T351]  ? user_path_at_empty+0x14e/0x1a0
[   41.906197][  T351]  __cleanup_mnt+0x19/0x20
[   41.910512][  T351]  task_work_run+0x24d/0x2e0
[   41.915106][  T351]  ? task_work_cancel+0x2b0/0x2b0
[   41.920291][  T351]  ? __x64_sys_umount+0x122/0x170
[   41.925356][  T351]  exit_to_user_mode_loop+0x94/0xa0
[   41.930494][  T351]  exit_to_user_mode_prepare+0x5a/0xa0
[   41.936179][  T351]  syscall_exit_to_user_mode+0x26/0x140
[   41.941700][  T351]  do_syscall_64+0x49/0xb0
[   41.946653][  T351]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   41.952417][  T351] RIP: 0033:0x7f93fc47f197
[   41.957262][  T351] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   41.976984][  T351] RSP: 002b:00007ffe801aa838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   41.985333][  T351] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f93fc47f197
[   41.993331][  T351] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe801aa8f0
[   42.001583][  T351] RBP: 00007ffe801aa8f0 R08: 0000000000000000 R09: 0000000000000000
[   42.009572][  T351] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe801ab9e0
[   42.017347][  T351] R13: 00007f93fc4c93b9 R14: 000000000000a224 R15: 0000000000000006
[   42.025284][  T351]  </TASK>
[   42.028112][  T351] ---[ end trace 0000000000000000 ]---
[   42.033515][  T351] ==================================================================
[   42.041669][  T351] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[   42.047727][  T351] Write of size 4 at addr 0000000000000170 by task syz-executor.0/351
[   42.055852][  T351] 
[   42.058111][  T351] CPU: 0 PID: 351 Comm: syz-executor.0 Tainted: G        W          6.1.75-syzkaller-1151074-g3f139724700e #0
[   42.070040][  T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   42.080054][  T351] Call Trace:
[   42.083180][  T351]  <TASK>
[   42.085997][  T351]  dump_stack_lvl+0x151/0x1b7
[   42.090613][  T351]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   42.096049][  T351]  ? _printk+0xd1/0x111
[   42.100008][  T351]  print_report+0xe1/0x4e0
[   42.104357][  T351]  ? _raw_spin_lock+0xa4/0x1b0
[   42.108933][  T351]  ? __virt_addr_valid+0x59/0x2f0
[   42.113880][  T351]  ? kasan_addr_to_slab+0xd/0x80
[   42.118816][  T351]  ? ihold+0x20/0x60
[   42.122545][  T351]  kasan_report+0x13c/0x170
[   42.126889][  T351]  ? ihold+0x20/0x60
[   42.130710][  T351]  kasan_check_range+0x294/0x2a0
[   42.135491][  T351]  __kasan_check_write+0x14/0x20
[   42.140253][  T351]  ihold+0x20/0x60
[   42.143819][  T351]  vfs_rmdir+0x268/0x500
[   42.147909][  T351]  incfs_kill_sb+0x113/0x230
[   42.152318][  T351]  deactivate_locked_super+0xad/0x110
[   42.157650][  T351]  deactivate_super+0xbe/0xf0
[   42.162304][  T351]  cleanup_mnt+0x485/0x510
[   42.166806][  T351]  ? user_path_at_empty+0x14e/0x1a0
[   42.171929][  T351]  __cleanup_mnt+0x19/0x20
[   42.176260][  T351]  task_work_run+0x24d/0x2e0
[   42.180918][  T351]  ? task_work_cancel+0x2b0/0x2b0
[   42.185762][  T351]  ? __x64_sys_umount+0x122/0x170
[   42.190623][  T351]  exit_to_user_mode_loop+0x94/0xa0
[   42.195658][  T351]  exit_to_user_mode_prepare+0x5a/0xa0
[   42.201130][  T351]  syscall_exit_to_user_mode+0x26/0x140
[   42.206516][  T351]  do_syscall_64+0x49/0xb0
[   42.210931][  T351]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   42.216833][  T351] RIP: 0033:0x7f93fc47f197
[   42.221259][  T351] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   42.240989][  T351] RSP: 002b:00007ffe801aa838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   42.249308][  T351] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f93fc47f197
[   42.257408][  T351] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe801aa8f0
[   42.265222][  T351] RBP: 00007ffe801aa8f0 R08: 0000000000000000 R09: 0000000000000000
[   42.273221][  T351] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe801ab9e0
[   42.281190][  T351] R13: 00007f93fc4c93b9 R14: 000000000000a224 R15: 0000000000000006
[   42.289281][  T351]  </TASK>
[   42.292145][  T351] ==================================================================
[   42.301227][   T28] audit: type=1400 audit(1716975517.043:100): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   42.323434][  T351] Disabling lock debugging due to kernel taint
[   42.329802][  T351] BUG: kernel NULL pointer dereference, address: 0000000000000170
[   42.337906][  T351] #PF: supervisor write access in kernel mode
[   42.343874][  T351] #PF: error_code(0x0002) - not-present page
[   42.349687][  T351] PGD 1259d6067 P4D 1259d6067 PUD 0 
[   42.354808][  T351] Oops: 0002 [#1] PREEMPT SMP KASAN
[   42.359927][  T351] CPU: 0 PID: 351 Comm: syz-executor.0 Tainted: G    B   W          6.1.75-syzkaller-1151074-g3f139724700e #0
[   42.371524][  T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   42.381566][  T351] RIP: 0010:ihold+0x25/0x60
[   42.385988][  T351] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 91 05 a9 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 a0 ed ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 14 09 a9
[   42.405521][  T351] RSP: 0018:ffffc900013b7c30 EFLAGS: 00010246
[   42.411737][  T351] RAX: ffff88810e2e5100 RBX: 0000000000000001 RCX: ffff88810e2e5100
[   42.419836][  T351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   42.427764][  T351] RBP: ffffc900013b7c40 R08: ffffffff814470c3 R09: fffffbfff0de60fd
[   42.435716][  T351] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110233a417f
[   42.443709][  T351] R13: ffff88811f4e6330 R14: 0000000000000000 R15: 1ffff11023e9cc6c
[   42.451660][  T351] FS:  0000555555aea480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   42.460570][  T351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   42.467367][  T351] CR2: 0000000000000170 CR3: 0000000124779000 CR4: 00000000003506b0
[   42.475432][  T351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   42.483270][  T351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   42.491109][  T351] Call Trace:
[   42.494217][  T351]  <TASK>
[   42.497002][  T351]  ? __die_body+0x62/0xb0
[   42.501255][  T351]  ? __die+0x7e/0x90
[   42.505162][  T351]  ? page_fault_oops+0x7f9/0xa90
[   42.510258][  T351]  ? vprintk_default+0x26/0x30
[   42.514857][  T351]  ? kernelmode_fixup_or_oops+0x270/0x270
[   42.520439][  T351]  ? add_taint+0x44/0xe0
[   42.524481][  T351]  ? panic+0x660/0x660
[   42.528388][  T351]  ? preempt_schedule_thunk+0x16/0x18
[   42.533715][  T351]  ? exc_page_fault+0x537/0x700
[   42.538669][  T351]  ? asm_exc_page_fault+0x27/0x30
[   42.543782][  T351]  ? add_taint+0x93/0xe0
[   42.548027][  T351]  ? ihold+0x25/0x60
[   42.551764][  T351]  vfs_rmdir+0x268/0x500
[   42.555926][  T351]  incfs_kill_sb+0x113/0x230
[   42.560267][  T351]  deactivate_locked_super+0xad/0x110
[   42.565468][  T351]  deactivate_super+0xbe/0xf0
[   42.570081][  T351]  cleanup_mnt+0x485/0x510
[   42.574349][  T351]  ? user_path_at_empty+0x14e/0x1a0
[   42.579375][  T351]  __cleanup_mnt+0x19/0x20
[   42.583614][  T351]  task_work_run+0x24d/0x2e0
[   42.588053][  T351]  ? task_work_cancel+0x2b0/0x2b0
[   42.592989][  T351]  ? __x64_sys_umount+0x122/0x170
[   42.597868][  T351]  exit_to_user_mode_loop+0x94/0xa0
[   42.602874][  T351]  exit_to_user_mode_prepare+0x5a/0xa0
[   42.608256][  T351]  syscall_exit_to_user_mode+0x26/0x140
[   42.613734][  T351]  do_syscall_64+0x49/0xb0
[   42.618030][  T351]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   42.623798][  T351] RIP: 0033:0x7f93fc47f197
[   42.628059][  T351] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   42.648057][  T351] RSP: 002b:00007ffe801aa838 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   42.656292][  T351] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f93fc47f197
[   42.664103][  T351] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe801aa8f0
[   42.672392][  T351] RBP: 00007ffe801aa8f0 R08: 0000000000000000 R09: 0000000000000000
[   42.680283][  T351] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe801ab9e0
[   42.688179][  T351] R13: 00007f93fc4c93b9 R14: 000000000000a224 R15: 0000000000000006
[   42.696355][  T351]  </TASK>
[   42.699582][  T351] Modules linked in:
[   42.703406][  T351] CR2: 0000000000000170
[   42.707476][  T351] ---[ end trace 0000000000000000 ]---
[   42.713213][  T351] RIP: 0010:ihold+0x25/0x60
[   42.717539][  T351] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 91 05 a9 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 a0 ed ef ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 14 09 a9
[   42.737586][  T351] RSP: 0018:ffffc900013b7c30 EFLAGS: 00010246
[   42.743603][  T351] RAX: ffff88810e2e5100 RBX: 0000000000000001 RCX: ffff88810e2e5100
[   42.751754][  T351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   42.761215][  T351] RBP: ffffc900013b7c40 R08: ffffffff814470c3 R09: fffffbfff0de60fd
[   42.769415][  T351] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110233a417f
[   42.777697][  T351] R13: ffff88811f4e6330 R14: 0000000000000000 R15: 1ffff11023e9cc6c
[   42.786237][  T351] FS:  0000555555aea480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   42.796332][  T351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   42.802889][  T351] CR2: 0000000000000170 CR3: 0000000124779000 CR4: 00000000003506b0
[   42.811368][  T351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   42.819443][  T351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   42.827312][  T351] Kernel panic - not syncing: Fatal exception
[   42.833592][  T351] Kernel Offset: disabled
[   42.837730][  T351] Rebooting in 86400 seconds..