Warning: Permanently added '10.128.10.3' (ED25519) to the list of known hosts. 2024/08/18 23:30:34 ignoring optional flag "sandboxArg"="0" 2024/08/18 23:30:34 parsed 1 programs [ 57.362343][ T23] kauditd_printk_skb: 19 callbacks suppressed [ 57.362355][ T23] audit: type=1400 audit(1724023834.420:95): avc: denied { unlink } for pid=420 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/08/18 23:30:34 executed programs: 0 [ 57.418882][ T420] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 57.490895][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.497866][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.505412][ T426] device bridge_slave_0 entered promiscuous mode [ 57.512285][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.519422][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.526820][ T426] device bridge_slave_1 entered promiscuous mode [ 57.580032][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.587463][ T426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.594605][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.601452][ T426] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.626856][ T375] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.635241][ T375] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.642548][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.650522][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.664986][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.673738][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.681343][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.689076][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.697510][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.704537][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.716511][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.729039][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.745551][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.764620][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.772614][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.790291][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.799985][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.825758][ T23] audit: type=1400 audit(1724023834.890:96): avc: denied { mounton } for pid=432 comm="syz-executor.0" path="/root/syzkaller-testdir756127727/syzkaller.RGtC2F/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 57.853543][ T23] audit: type=1400 audit(1724023834.890:97): avc: denied { mount } for pid=432 comm="syz-executor.0" name="/" dev="tmpfs" ino=11062 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 57.876600][ T23] audit: type=1400 audit(1724023834.890:98): avc: denied { mounton } for pid=432 comm="syz-executor.0" path="/root/syzkaller-testdir756127727/syzkaller.RGtC2F/0/file0/file0" dev="tmpfs" ino=11063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 57.904413][ T23] audit: type=1400 audit(1724023834.940:99): avc: denied { unmount } for pid=426 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 57.904451][ T426] ------------[ cut here ]------------ [ 57.924742][ T23] audit: type=1400 audit(1724023834.940:100): avc: denied { unmount } for pid=426 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 57.929973][ T426] WARNING: CPU: 0 PID: 426 at fs/inode.c:302 drop_nlink+0xbb/0x100 [ 57.958920][ T426] Modules linked in: [ 57.962651][ T426] CPU: 0 PID: 426 Comm: syz-executor.0 Not tainted 5.4.278-syzkaller-04929-g8edc449e71a9 #0 [ 57.973154][ T426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 57.983150][ T426] RIP: 0010:drop_nlink+0xbb/0x100 [ 57.988010][ T426] Code: 49 8b 1e 48 8d bb d0 04 00 00 be 08 00 00 00 e8 7b 9a f2 ff f0 48 ff 83 d0 04 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 b5 e0 c2 ff <0f> 0b eb 89 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 58.007536][ T426] RSP: 0018:ffff8881d9487c68 EFLAGS: 00010293 [ 58.013436][ T426] RAX: ffffffff81a1580b RBX: 1ffff1103de78e27 RCX: ffff8881f0d7de80 [ 58.021247][ T426] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 58.029147][ T426] RBP: 0000000000000000 R08: ffffffff81a1578f R09: 0000000000000003 [ 58.037223][ T426] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881ef3c7138 [ 58.045295][ T426] R13: dffffc0000000000 R14: ffff8881ef3c70f0 R15: dffffc0000000000 [ 58.053195][ T426] FS: 00005555572f4480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 58.062146][ T426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.068560][ T426] CR2: 000055555730d898 CR3: 00000001dc776000 CR4: 00000000003406b0 [ 58.077010][ T426] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.085072][ T426] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.093359][ T426] Call Trace: [ 58.096515][ T426] ? __warn+0x162/0x250 [ 58.100839][ T426] ? report_bug+0x3a1/0x4e0 [ 58.105596][ T426] ? drop_nlink+0xbb/0x100 [ 58.110128][ T426] ? drop_nlink+0xbb/0x100 [ 58.114369][ T426] ? do_invalid_op+0x6e/0x110 [ 58.118986][ T426] ? invalid_op+0x1e/0x30 [ 58.123138][ T426] ? drop_nlink+0x3f/0x100 [ 58.127397][ T426] ? drop_nlink+0xbb/0x100 [ 58.131638][ T426] ? drop_nlink+0xbb/0x100 [ 58.136129][ T426] ? drop_nlink+0xbb/0x100 [ 58.140372][ T426] shmem_rmdir+0x54/0x80 [ 58.145184][ T426] vfs_rmdir+0x285/0x3c0 [ 58.149428][ T426] incfs_kill_sb+0x105/0x200 [ 58.154231][ T426] deactivate_locked_super+0xa8/0x110 [ 58.159597][ T426] deactivate_super+0x1e2/0x2a0 [ 58.164819][ T426] ? vfs_submount+0xb0/0xb0 [ 58.169267][ T426] ? deactivate_locked_super+0x110/0x110 [ 58.174814][ T426] ? fast_dput+0x7a/0x280 [ 58.179275][ T426] cleanup_mnt+0x44e/0x500 [ 58.183932][ T426] task_work_run+0x140/0x170 [ 58.188485][ T426] exit_to_usermode_loop+0x190/0x1a0 [ 58.193824][ T426] prepare_exit_to_usermode+0x199/0x200 [ 58.199210][ T426] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 58.204944][ T426] RIP: 0033:0x7f831147a197 [ 58.209274][ T426] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 58.228872][ T426] RSP: 002b:00007fff5fe04338 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 58.237108][ T426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f831147a197 [ 58.245071][ T426] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff5fe043f0 [ 58.252883][ T426] RBP: 00007fff5fe043f0 R08: 0000000000000000 R09: 0000000000000000 [ 58.261045][ T426] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff5fe054e0 [ 58.268927][ T426] R13: 00007f83114c43b9 R14: 000000000000e1c4 R15: 0000000000000006 [ 58.276747][ T426] ---[ end trace 2d10b1c089a81ce8 ]--- [ 58.283436][ T426] ================================================================== [ 58.291410][ T426] BUG: KASAN: null-ptr-deref in ihold+0x1b/0x50 [ 58.297772][ T426] Write of size 4 at addr 0000000000000160 by task syz-executor.0/426 [ 58.306142][ T426] [ 58.308284][ T426] CPU: 0 PID: 426 Comm: syz-executor.0 Tainted: G W 5.4.278-syzkaller-04929-g8edc449e71a9 #0 [ 58.319734][ T426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 58.329803][ T426] Call Trace: [ 58.333014][ T426] dump_stack+0x1d8/0x241 [ 58.337183][ T426] ? panic+0x89d/0x89d [ 58.341098][ T426] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 58.346900][ T426] ? _raw_spin_trylock_bh+0x190/0x190 [ 58.352334][ T426] ? shmem_destroy_inode+0x5/0x10 [ 58.357141][ T426] ? ihold+0x1b/0x50 [ 58.360997][ T426] __kasan_report+0xe9/0x120 [ 58.365392][ T426] ? ihold+0x1b/0x50 [ 58.369131][ T426] kasan_report+0x30/0x60 [ 58.373393][ T426] check_memory_region+0x272/0x280 [ 58.378520][ T426] ihold+0x1b/0x50 [ 58.382066][ T426] vfs_rmdir+0x1e0/0x3c0 [ 58.386146][ T426] incfs_kill_sb+0x105/0x200 [ 58.390573][ T426] deactivate_locked_super+0xa8/0x110 [ 58.396213][ T426] deactivate_super+0x1e2/0x2a0 [ 58.401077][ T426] ? vfs_submount+0xb0/0xb0 [ 58.405587][ T426] ? deactivate_locked_super+0x110/0x110 [ 58.411143][ T426] ? fast_dput+0x7a/0x280 [ 58.415398][ T426] cleanup_mnt+0x44e/0x500 [ 58.419666][ T426] task_work_run+0x140/0x170 [ 58.424186][ T426] exit_to_usermode_loop+0x190/0x1a0 [ 58.429391][ T426] prepare_exit_to_usermode+0x199/0x200 [ 58.434868][ T426] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 58.440796][ T426] RIP: 0033:0x7f831147a197 [ 58.445039][ T426] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 58.464660][ T426] RSP: 002b:00007fff5fe04338 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 58.472906][ T426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f831147a197 [ 58.480714][ T426] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff5fe043f0 [ 58.488615][ T426] RBP: 00007fff5fe043f0 R08: 0000000000000000 R09: 0000000000000000 [ 58.496511][ T426] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff5fe054e0 [ 58.504325][ T426] R13: 00007f83114c43b9 R14: 000000000000e1c4 R15: 0000000000000006 [ 58.512259][ T426] ================================================================== [ 58.520417][ T426] Disabling lock debugging due to kernel taint [ 58.527617][ T426] BUG: kernel NULL pointer dereference, address: 0000000000000160 [ 58.536392][ T426] #PF: supervisor write access in kernel mode [ 58.542490][ T426] #PF: error_code(0x0002) - not-present page [ 58.549255][ T426] PGD 1d94f9067 P4D 1d94f9067 PUD 0 [ 58.554838][ T426] Oops: 0002 [#1] PREEMPT SMP KASAN [ 58.560511][ T426] CPU: 0 PID: 426 Comm: syz-executor.0 Tainted: G B W 5.4.278-syzkaller-04929-g8edc449e71a9 #0 [ 58.572380][ T426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 58.582687][ T426] RIP: 0010:ihold+0x20/0x50 [ 58.587081][ T426] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 16 d9 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 b5 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 da db c2 ff [ 58.607557][ T426] RSP: 0018:ffff8881d9487ca0 EFLAGS: 00010246 [ 58.614400][ T426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f0d7de80 [ 58.622461][ T426] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 58.630578][ T426] RBP: 0000000000000001 R08: ffffffff813ae2f5 R09: 0000000000000003 [ 58.638508][ T426] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 58.647203][ T426] R13: dffffc0000000000 R14: ffff8881e42fb468 R15: 0000000000000000 [ 58.655226][ T426] FS: 00005555572f4480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 58.664598][ T426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.671225][ T426] CR2: 0000000000000160 CR3: 00000001dc776000 CR4: 00000000003406b0 [ 58.679893][ T426] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.687676][ T426] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.695775][ T426] Call Trace: [ 58.698983][ T426] ? __die+0xb4/0x100 [ 58.703061][ T426] ? no_context+0xac7/0xd20 [ 58.707494][ T426] ? is_prefetch+0x4b0/0x4b0 [ 58.711994][ T426] ? ihold+0x1b/0x50 [ 58.715979][ T426] ? __do_page_fault+0xa72/0xbb0 [ 58.720749][ T426] ? __bad_area_nosemaphore+0xc0/0x470 [ 58.726052][ T426] ? page_fault+0x2f/0x40 [ 58.730221][ T426] ? check_panic_on_warn+0x55/0xa0 [ 58.735156][ T426] ? ihold+0x20/0x50 [ 58.739099][ T426] vfs_rmdir+0x1e0/0x3c0 [ 58.743167][ T426] incfs_kill_sb+0x105/0x200 [ 58.747896][ T426] deactivate_locked_super+0xa8/0x110 [ 58.753262][ T426] deactivate_super+0x1e2/0x2a0 [ 58.758137][ T426] ? vfs_submount+0xb0/0xb0 [ 58.762583][ T426] ? deactivate_locked_super+0x110/0x110 [ 58.768361][ T426] ? fast_dput+0x7a/0x280 [ 58.772622][ T426] cleanup_mnt+0x44e/0x500 [ 58.776867][ T426] task_work_run+0x140/0x170 [ 58.781484][ T426] exit_to_usermode_loop+0x190/0x1a0 [ 58.786702][ T426] prepare_exit_to_usermode+0x199/0x200 [ 58.792069][ T426] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 58.797892][ T426] RIP: 0033:0x7f831147a197 [ 58.802122][ T426] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 58.822047][ T426] RSP: 002b:00007fff5fe04338 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 58.830294][ T426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f831147a197 [ 58.838300][ T426] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff5fe043f0 [ 58.846514][ T426] RBP: 00007fff5fe043f0 R08: 0000000000000000 R09: 0000000000000000 [ 58.854460][ T426] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff5fe054e0 [ 58.862445][ T426] R13: 00007f83114c43b9 R14: 000000000000e1c4 R15: 0000000000000006 [ 58.870339][ T426] Modules linked in: [ 58.874080][ T426] CR2: 0000000000000160 [ 58.878092][ T426] ---[ end trace 2d10b1c089a81ce9 ]--- [ 58.883556][ T426] RIP: 0010:ihold+0x20/0x50 [ 58.887881][ T426] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 16 d9 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 b5 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 da db c2 ff [ 58.907685][ T426] RSP: 0018:ffff8881d9487ca0 EFLAGS: 00010246 [ 58.913881][ T426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f0d7de80 [ 58.922033][ T426] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 58.930259][ T426] RBP: 0000000000000001 R08: ffffffff813ae2f5 R09: 0000000000000003 [ 58.938201][ T426] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 58.946899][ T426] R13: dffffc0000000000 R14: ffff8881e42fb468 R15: 0000000000000000 [ 58.955140][ T426] FS: 00005555572f4480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 58.964218][ T426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.970796][ T426] CR2: 0000000000000160 CR3: 00000001dc776000 CR4: 00000000003406b0 [ 58.978810][ T426] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.986629][ T426] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.994818][ T426] Kernel panic - not syncing: Fatal exception [ 59.000999][ T426] Kernel Offset: disabled [ 59.005320][ T426] Rebooting in 86400 seconds..