Warning: Permanently added '10.128.10.2' (ED25519) to the list of known hosts. 2024/04/10 19:58:38 ignoring optional flag "sandboxArg"="0" 2024/04/10 19:58:38 parsed 1 programs [ 42.296186][ T24] audit: type=1400 audit(1712779118.500:154): avc: denied { mounton } for pid=337 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 42.321263][ T24] audit: type=1400 audit(1712779118.500:155): avc: denied { mount } for pid=337 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2024/04/10 19:58:38 executed programs: 0 [ 42.345614][ T24] audit: type=1400 audit(1712779118.520:156): avc: denied { unlink } for pid=337 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 42.379851][ T337] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 42.434287][ T343] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.441797][ T343] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.449324][ T343] device bridge_slave_0 entered promiscuous mode [ 42.456538][ T343] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.463512][ T343] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.472617][ T343] device bridge_slave_1 entered promiscuous mode [ 42.507445][ T24] audit: type=1400 audit(1712779118.710:157): avc: denied { write } for pid=343 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 42.528559][ T24] audit: type=1400 audit(1712779118.730:158): avc: denied { read } for pid=343 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 42.534814][ T343] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.556730][ T343] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.563793][ T343] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.570665][ T343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.590052][ T15] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.597324][ T15] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.604775][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.613064][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.622765][ T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.630925][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.638310][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.657294][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.666149][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.673082][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.682049][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.690471][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.704020][ T343] device veth0_vlan entered promiscuous mode [ 42.711020][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.719253][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.727988][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.735327][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.748791][ T343] device veth1_macvtap entered promiscuous mode [ 42.755978][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.767121][ T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.779798][ T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.790652][ T24] audit: type=1400 audit(1712779118.990:159): avc: denied { mounton } for pid=343 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=357 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 42.819947][ T348] incfs: ino conflict with backing FS 1 [ 42.823106][ T24] audit: type=1400 audit(1712779119.020:160): avc: denied { mounton } for pid=347 comm="syz-executor.0" path="/root/syzkaller-testdir2286934464/syzkaller.UdWjmz/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 42.831701][ T348] incfs: ino conflict with backing FS 5 [ 42.854658][ T24] audit: type=1400 audit(1712779119.020:161): avc: denied { mount } for pid=347 comm="syz-executor.0" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 42.862685][ T348] incfs: ino conflict with backing FS 2 [ 42.882330][ T24] audit: type=1400 audit(1712779119.020:162): avc: denied { mounton } for pid=347 comm="syz-executor.0" path="/root/syzkaller-testdir2286934464/syzkaller.UdWjmz/0/file0" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 42.914506][ T24] audit: type=1400 audit(1712779119.030:163): avc: denied { write } for pid=347 comm="syz-executor.0" name="/" dev="incremental-fs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 42.937341][ T350] ------------[ cut here ]------------ [ 42.942747][ T350] WARNING: CPU: 1 PID: 350 at fs/inode.c:304 drop_nlink+0xc1/0x110 [ 42.951031][ T350] Modules linked in: [ 42.954777][ T350] CPU: 1 PID: 350 Comm: syz-executor.0 Not tainted 5.10.209-syzkaller-999859-g4e1bc8d8e8ae #0 [ 42.966142][ T350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 42.977299][ T350] RIP: 0010:drop_nlink+0xc1/0x110 [ 42.982724][ T350] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 17 dc f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 1f 60 b3 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 43.004650][ T350] RSP: 0018:ffffc90000f278b8 EFLAGS: 00010293 [ 43.012173][ T350] RAX: ffffffff81b747d1 RBX: 0000000000000000 RCX: ffff88810a6f62c0 [ 43.021082][ T350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 43.029686][ T350] RBP: ffffc90000f278e0 R08: ffffffff81b74754 R09: 000000006616ef6f [ 43.039979][ T350] R10: 0000000008583ddd R11: 000000006616ef6f R12: dffffc0000000000 [ 43.048453][ T350] R13: 1ffff11022c29c9d R14: ffff88811614e4a0 R15: ffff88811614e4e8 [ 43.058830][ T350] FS: 00007fe969de36c0(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 43.069786][ T350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.077628][ T350] CR2: 0000563212a5d788 CR3: 000000010d25c000 CR4: 00000000003506a0 [ 43.086746][ T350] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.094889][ T350] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.103320][ T350] Call Trace: [ 43.106886][ T350] ? show_regs+0x58/0x60 [ 43.111387][ T350] ? __warn+0x160/0x2f0 [ 43.115792][ T350] ? drop_nlink+0xc1/0x110 [ 43.120205][ T350] ? report_bug+0x3d9/0x5b0 [ 43.124859][ T350] ? drop_nlink+0xc1/0x110 [ 43.130106][ T350] ? handle_bug+0x41/0x70 [ 43.135472][ T350] ? exc_invalid_op+0x1b/0x50 [ 43.141166][ T350] ? asm_exc_invalid_op+0x12/0x20 [ 43.146413][ T350] ? drop_nlink+0x44/0x110 [ 43.150853][ T350] ? drop_nlink+0xc1/0x110 [ 43.155043][ T350] ? drop_nlink+0xc1/0x110 [ 43.159376][ T350] ? drop_nlink+0xc1/0x110 [ 43.163823][ T350] shmem_unlink+0x22b/0x280 [ 43.168495][ T350] shmem_rename2+0x12c/0x5b0 [ 43.172958][ T350] vfs_rename+0x90e/0xda0 [ 43.177283][ T350] ? __ia32_sys_link+0x70/0x70 [ 43.182000][ T350] ? lockref_get_not_zero+0xce/0x1a0 [ 43.187554][ T350] ? lock_rename+0xe8/0x1a0 [ 43.192564][ T350] dir_rename_wrap+0x345/0x570 [ 43.197550][ T350] vfs_rename+0x90e/0xda0 [ 43.202503][ T350] ? mntput+0x5d/0xc0 [ 43.206736][ T350] ? __ia32_sys_link+0x70/0x70 [ 43.211392][ T350] ? __lookup_hash+0x1cf/0x290 [ 43.216042][ T350] ? lock_rename+0xe8/0x1a0 [ 43.220408][ T350] do_renameat2+0x88d/0x1130 [ 43.224949][ T350] ? fsnotify_move+0x290/0x290 [ 43.229606][ T350] __x64_sys_renameat2+0xdd/0xf0 [ 43.234620][ T350] do_syscall_64+0x34/0x70 [ 43.239370][ T350] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 43.245034][ T350] RIP: 0033:0x7fe96a282da9 [ 43.249782][ T350] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.270062][ T350] RSP: 002b:00007fe969de30c8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 43.279410][ T350] RAX: ffffffffffffffda RBX: 00007fe96a3b1050 RCX: 00007fe96a282da9 [ 43.287253][ T350] RDX: ffffffffffffff9c RSI: 0000000020004b00 RDI: 0000000000000003 [ 43.294942][ T350] RBP: 00007fe96a2cf47a R08: 0000000000000000 R09: 0000000000000000 [ 43.303768][ T350] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000 [ 43.311900][ T350] R13: 000000000000006e R14: 00007fe96a3b1050 R15: 00007ffeaa6c49e8 [ 43.319750][ T350] ---[ end trace 23f79688138827dc ]--- [ 43.325356][ T350] list_del corruption. prev->next should be ffff88811c76fa20, but was ffff88811c76fb30 [ 43.335398][ T350] ------------[ cut here ]------------ [ 43.341015][ T350] kernel BUG at lib/list_debug.c:61! [ 43.346181][ T350] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 43.352020][ T350] CPU: 1 PID: 350 Comm: syz-executor.0 Tainted: G W 5.10.209-syzkaller-999859-g4e1bc8d8e8ae #0 [ 43.364995][ T350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 43.376300][ T350] RIP: 0010:__list_del_entry_valid+0x10c/0x120 [ 43.382483][ T350] Code: 4c 89 f6 e8 f5 cc 54 02 0f 0b 48 c7 c7 c0 0e 60 85 4c 89 f6 e8 e4 cc 54 02 0f 0b 48 c7 c7 20 0f 60 85 4c 89 f6 e8 d3 cc 54 02 <0f> 0b 48 c7 c7 80 0f 60 85 4c 89 f6 e8 c2 cc 54 02 0f 0b cc 55 48 [ 43.402357][ T350] RSP: 0018:ffffc90000f27aa0 EFLAGS: 00010246 [ 43.408509][ T350] RAX: 0000000000000054 RBX: ffff88811c76fb30 RCX: 08f521e30dc13300 [ 43.416553][ T350] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 43.424529][ T350] RBP: ffffc90000f27ac0 R08: ffffffff81521d98 R09: fffff520001e4e6d [ 43.432417][ T350] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 43.440286][ T350] R13: ffff88811c76f9e8 R14: ffff88811c76fa20 R15: ffff88811c76e1a0 [ 43.448432][ T350] FS: 00007fe969de36c0(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 43.457194][ T350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.463615][ T350] CR2: 0000563212a5d788 CR3: 000000010d25c000 CR4: 00000000003506a0 [ 43.471653][ T350] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.479612][ T350] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.488714][ T350] Call Trace: [ 43.491848][ T350] ? __die_body+0x62/0xb0 [ 43.496092][ T350] ? die+0x88/0xb0 [ 43.499650][ T350] ? do_trap+0x1a4/0x310 [ 43.503761][ T350] ? __list_del_entry_valid+0x10c/0x120 [ 43.509136][ T350] ? handle_invalid_op+0x95/0xc0 [ 43.514626][ T350] ? __list_del_entry_valid+0x10c/0x120 [ 43.521752][ T350] ? exc_invalid_op+0x32/0x50 [ 43.527043][ T350] ? asm_exc_invalid_op+0x12/0x20 [ 43.532544][ T350] ? wake_up_klogd+0xb8/0xf0 [ 43.537228][ T350] ? __list_del_entry_valid+0x10c/0x120 [ 43.542627][ T350] __dentry_kill+0x250/0x650 [ 43.547470][ T350] dentry_kill+0xc0/0x2a0 [ 43.551632][ T350] dput+0x160/0x310 [ 43.555802][ T350] path_put+0x39/0x60 [ 43.560315][ T350] ? dentry_revalidate+0x350/0x350 [ 43.565367][ T350] dentry_release+0x52/0xb0 [ 43.569701][ T350] ? dentry_revalidate+0x350/0x350 [ 43.574829][ T350] __dentry_kill+0x4ad/0x650 [ 43.579429][ T350] dentry_kill+0xc0/0x2a0 [ 43.583615][ T350] dput+0x160/0x310 [ 43.587281][ T350] do_renameat2+0x9ae/0x1130 [ 43.591770][ T350] ? fsnotify_move+0x290/0x290 [ 43.596377][ T350] __x64_sys_renameat2+0xdd/0xf0 [ 43.601150][ T350] do_syscall_64+0x34/0x70 [ 43.605476][ T350] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 43.611291][ T350] RIP: 0033:0x7fe96a282da9 [ 43.615544][ T350] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.637381][ T350] RSP: 002b:00007fe969de30c8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 43.645621][ T350] RAX: ffffffffffffffda RBX: 00007fe96a3b1050 RCX: 00007fe96a282da9 [ 43.653607][ T350] RDX: ffffffffffffff9c RSI: 0000000020004b00 RDI: 0000000000000003 [ 43.661386][ T350] RBP: 00007fe96a2cf47a R08: 0000000000000000 R09: 0000000000000000 [ 43.669461][ T350] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000000 [ 43.677304][ T350] R13: 000000000000006e R14: 00007fe96a3b1050 R15: 00007ffeaa6c49e8 [ 43.686498][ T350] Modules linked in: [ 43.690591][ T350] ---[ end trace 23f79688138827dd ]--- [ 43.696185][ T350] RIP: 0010:__list_del_entry_valid+0x10c/0x120 [ 43.702274][ T350] Code: 4c 89 f6 e8 f5 cc 54 02 0f 0b 48 c7 c7 c0 0e 60 85 4c 89 f6 e8 e4 cc 54 02 0f 0b 48 c7 c7 20 0f 60 85 4c 89 f6 e8 d3 cc 54 02 <0f> 0b 48 c7 c7 80 0f 60 85 4c 89 f6 e8 c2 cc 54 02 0f 0b cc 55 48 [ 43.722410][ T350] RSP: 0018:ffffc90000f27aa0 EFLAGS: 00010246 [ 43.728400][ T350] RAX: 0000000000000054 RBX: ffff88811c76fb30 RCX: 08f521e30dc13300 [ 43.736209][ T350] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 43.744000][ T350] RBP: ffffc90000f27ac0 R08: ffffffff81521d98 R09: fffff520001e4e6d [ 43.752300][ T350] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 43.760157][ T350] R13: ffff88811c76f9e8 R14: ffff88811c76fa20 R15: ffff88811c76e1a0 [ 43.768014][ T350] FS: 00007fe969de36c0(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 43.777211][ T350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.784032][ T350] CR2: 0000563212a5d788 CR3: 000000010d25c000 CR4: 00000000003506a0 [ 43.793040][ T350] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.801583][ T350] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.810336][ T350] Kernel panic - not syncing: Fatal exception [ 43.817182][ T350] Kernel Offset: disabled [ 43.821625][ T350] Rebooting in 86400 seconds..