Warning: Permanently added '10.128.0.204' (ED25519) to the list of known hosts. 2024/10/28 11:33:12 ignoring optional flag "sandboxArg"="0" 2024/10/28 11:33:12 ignoring optional flag "type"="gce" 2024/10/28 11:33:12 parsed 1 programs [ 48.275509][ T23] kauditd_printk_skb: 19 callbacks suppressed [ 48.275524][ T23] audit: type=1400 audit(1730115192.390:95): avc: denied { unlink } for pid=412 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/10/28 11:33:12 executed programs: 0 [ 48.385902][ T412] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 48.463840][ T418] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.471004][ T418] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.478689][ T418] device bridge_slave_0 entered promiscuous mode [ 48.485655][ T418] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.496984][ T418] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.504573][ T418] device bridge_slave_1 entered promiscuous mode [ 48.562880][ T418] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.569862][ T418] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.577563][ T418] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.584441][ T418] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.611281][ T103] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.618454][ T103] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.625956][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.633363][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.644142][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.652234][ T103] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.659173][ T103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.669234][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.677594][ T103] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.684455][ T103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.700216][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.710565][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.729552][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.742038][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.757783][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.772013][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.782867][ T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.814590][ T23] audit: type=1400 audit(1730115192.930:96): avc: denied { mounton } for pid=424 comm="syz-executor.0" path="/root/syzkaller-testdir1444065458/syzkaller.tYjKh9/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 48.842228][ T23] audit: type=1400 audit(1730115192.930:97): avc: denied { mount } for pid=424 comm="syz-executor.0" name="/" dev="tmpfs" ino=11372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 48.865017][ T23] audit: type=1400 audit(1730115192.930:98): avc: denied { mounton } for pid=424 comm="syz-executor.0" path="/root/syzkaller-testdir1444065458/syzkaller.tYjKh9/0/file0/file0" dev="tmpfs" ino=11373 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 48.893748][ T23] audit: type=1400 audit(1730115192.980:99): avc: denied { unmount } for pid=418 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 48.894463][ T418] ------------[ cut here ]------------ [ 48.913948][ T23] audit: type=1400 audit(1730115192.980:100): avc: denied { unmount } for pid=418 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 48.918924][ T418] WARNING: CPU: 1 PID: 418 at fs/inode.c:302 drop_nlink+0xbb/0x100 [ 48.918928][ T418] Modules linked in: [ 48.918947][ T418] CPU: 1 PID: 418 Comm: syz-executor.0 Not tainted 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 48.918952][ T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 48.918972][ T418] RIP: 0010:drop_nlink+0xbb/0x100 [ 48.976664][ T418] Code: 49 8b 1e 48 8d bb d0 04 00 00 be 08 00 00 00 e8 cb 99 f2 ff f0 48 ff 83 d0 04 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 55 dd c2 ff <0f> 0b eb 89 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 48.996106][ T418] RSP: 0018:ffff8881d9bcfc68 EFLAGS: 00010293 [ 49.002428][ T418] RAX: ffffffff81a1594b RBX: 1ffff1103b214884 RCX: ffff8881f0d7ee40 [ 49.010482][ T418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 49.018818][ T418] RBP: 0000000000000000 R08: ffffffff81a158cf R09: 0000000000000003 [ 49.026932][ T418] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881d90a4420 [ 49.035082][ T418] R13: dffffc0000000000 R14: ffff8881d90a43d8 R15: dffffc0000000000 [ 49.042907][ T418] FS: 000055556b299480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 49.051652][ T418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.058446][ T418] CR2: 000055556b2b2898 CR3: 00000001dd1c8000 CR4: 00000000003406a0 [ 49.066273][ T418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.074082][ T418] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.081884][ T418] Call Trace: [ 49.085121][ T418] ? __warn+0x162/0x250 [ 49.089308][ T418] ? report_bug+0x3a1/0x4e0 [ 49.093631][ T418] ? drop_nlink+0xbb/0x100 [ 49.097932][ T418] ? drop_nlink+0xbb/0x100 [ 49.102645][ T418] ? do_invalid_op+0x6e/0x110 [ 49.107243][ T418] ? invalid_op+0x1e/0x30 [ 49.111417][ T418] ? drop_nlink+0x3f/0x100 [ 49.115884][ T418] ? drop_nlink+0xbb/0x100 [ 49.120170][ T418] ? drop_nlink+0xbb/0x100 [ 49.124375][ T418] ? drop_nlink+0xbb/0x100 [ 49.129005][ T418] shmem_rmdir+0x54/0x80 [ 49.133156][ T418] vfs_rmdir+0x285/0x3c0 [ 49.137691][ T418] incfs_kill_sb+0x105/0x200 [ 49.142130][ T418] deactivate_locked_super+0xa8/0x110 [ 49.147305][ T418] deactivate_super+0x1e2/0x2a0 [ 49.151997][ T418] ? vfs_submount+0xb0/0xb0 [ 49.156347][ T418] ? deactivate_locked_super+0x110/0x110 [ 49.161917][ T418] ? fast_dput+0x7a/0x280 [ 49.166063][ T418] cleanup_mnt+0x44e/0x500 [ 49.170307][ T418] task_work_run+0x140/0x170 [ 49.175704][ T418] exit_to_usermode_loop+0x190/0x1a0 [ 49.180939][ T418] prepare_exit_to_usermode+0x199/0x200 [ 49.186311][ T418] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 49.192073][ T418] RIP: 0033:0x7fb0200fd197 [ 49.196385][ T418] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 49.216010][ T418] RSP: 002b:00007ffef902b068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 49.224264][ T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb0200fd197 [ 49.232251][ T418] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffef902b120 [ 49.240500][ T418] RBP: 00007ffef902b120 R08: 0000000000000000 R09: 0000000000000000 [ 49.248515][ T418] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffef902c210 [ 49.256364][ T418] R13: 00007fb0201473b9 R14: 000000000000be90 R15: 0000000000000006 [ 49.264277][ T418] ---[ end trace 9956ebbffb0844f9 ]--- [ 49.271635][ T418] ================================================================== [ 49.279530][ T418] BUG: KASAN: null-ptr-deref in ihold+0x1b/0x50 [ 49.285589][ T418] Write of size 4 at addr 0000000000000160 by task syz-executor.0/418 [ 49.293578][ T418] [ 49.295772][ T418] CPU: 1 PID: 418 Comm: syz-executor.0 Tainted: G W 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 49.307222][ T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 49.317370][ T418] Call Trace: [ 49.320596][ T418] dump_stack+0x1d8/0x241 [ 49.324746][ T418] ? panic+0x89d/0x89d [ 49.329087][ T418] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 49.334727][ T418] ? _raw_spin_trylock_bh+0x190/0x190 [ 49.340212][ T418] ? _raw_spin_unlock+0x49/0x60 [ 49.344882][ T418] ? ihold+0x1b/0x50 [ 49.348706][ T418] __kasan_report+0xe9/0x120 [ 49.353310][ T418] ? ihold+0x1b/0x50 [ 49.357260][ T418] kasan_report+0x30/0x60 [ 49.362167][ T418] check_memory_region+0x272/0x280 [ 49.367098][ T418] ihold+0x1b/0x50 [ 49.370652][ T418] vfs_rmdir+0x1e0/0x3c0 [ 49.374747][ T418] incfs_kill_sb+0x105/0x200 [ 49.379158][ T418] deactivate_locked_super+0xa8/0x110 [ 49.384422][ T418] deactivate_super+0x1e2/0x2a0 [ 49.389057][ T418] ? vfs_submount+0xb0/0xb0 [ 49.393388][ T418] ? deactivate_locked_super+0x110/0x110 [ 49.398896][ T418] ? fast_dput+0x7a/0x280 [ 49.403143][ T418] cleanup_mnt+0x44e/0x500 [ 49.407501][ T418] task_work_run+0x140/0x170 [ 49.412050][ T418] exit_to_usermode_loop+0x190/0x1a0 [ 49.417167][ T418] prepare_exit_to_usermode+0x199/0x200 [ 49.422606][ T418] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 49.428339][ T418] RIP: 0033:0x7fb0200fd197 [ 49.432669][ T418] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 49.452190][ T418] RSP: 002b:00007ffef902b068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 49.460440][ T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb0200fd197 [ 49.468361][ T418] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffef902b120 [ 49.476254][ T418] RBP: 00007ffef902b120 R08: 0000000000000000 R09: 0000000000000000 [ 49.484265][ T418] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffef902c210 [ 49.492080][ T418] R13: 00007fb0201473b9 R14: 000000000000be90 R15: 0000000000000006 [ 49.499895][ T418] ================================================================== [ 49.507874][ T418] Disabling lock debugging due to kernel taint [ 49.515240][ T418] BUG: kernel NULL pointer dereference, address: 0000000000000160 [ 49.522982][ T418] #PF: supervisor write access in kernel mode [ 49.528968][ T418] #PF: error_code(0x0002) - not-present page [ 49.534774][ T418] PGD 1ef4a1067 P4D 1ef4a1067 PUD 0 [ 49.539941][ T418] Oops: 0002 [#1] PREEMPT SMP KASAN [ 49.545036][ T418] CPU: 1 PID: 418 Comm: syz-executor.0 Tainted: G B W 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 49.556387][ T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 49.566844][ T418] RIP: 0010:ihold+0x20/0x50 [ 49.571161][ T418] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 b6 d5 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 05 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 7a d8 c2 ff [ 49.590781][ T418] RSP: 0018:ffff8881d9bcfca0 EFLAGS: 00010246 [ 49.596757][ T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f0d7ee40 [ 49.604665][ T418] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 49.612476][ T418] RBP: 0000000000000001 R08: ffffffff813ae3b5 R09: 0000000000000003 [ 49.620287][ T418] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 49.628209][ T418] R13: dffffc0000000000 R14: ffff8881d90a6d78 R15: 0000000000000000 [ 49.636107][ T418] FS: 000055556b299480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 49.645094][ T418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.651505][ T418] CR2: 0000000000000160 CR3: 00000001dd1c8000 CR4: 00000000003406a0 [ 49.659934][ T418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.668211][ T418] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.676367][ T418] Call Trace: [ 49.679780][ T418] ? __die+0xb4/0x100 [ 49.683787][ T418] ? no_context+0xac7/0xd20 [ 49.688362][ T418] ? is_prefetch+0x4b0/0x4b0 [ 49.693047][ T418] ? ihold+0x1b/0x50 [ 49.696778][ T418] ? __do_page_fault+0xa72/0xbb0 [ 49.701655][ T418] ? __bad_area_nosemaphore+0xc0/0x470 [ 49.707210][ T418] ? page_fault+0x2f/0x40 [ 49.711911][ T418] ? check_panic_on_warn+0x55/0xa0 [ 49.716940][ T418] ? ihold+0x20/0x50 [ 49.720717][ T418] vfs_rmdir+0x1e0/0x3c0 [ 49.724756][ T418] incfs_kill_sb+0x105/0x200 [ 49.729178][ T418] deactivate_locked_super+0xa8/0x110 [ 49.734405][ T418] deactivate_super+0x1e2/0x2a0 [ 49.739071][ T418] ? vfs_submount+0xb0/0xb0 [ 49.743411][ T418] ? deactivate_locked_super+0x110/0x110 [ 49.749237][ T418] ? fast_dput+0x7a/0x280 [ 49.753564][ T418] cleanup_mnt+0x44e/0x500 [ 49.757817][ T418] task_work_run+0x140/0x170 [ 49.762242][ T418] exit_to_usermode_loop+0x190/0x1a0 [ 49.767371][ T418] prepare_exit_to_usermode+0x199/0x200 [ 49.773206][ T418] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 49.779006][ T418] RIP: 0033:0x7fb0200fd197 [ 49.783251][ T418] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 49.802688][ T418] RSP: 002b:00007ffef902b068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 49.810935][ T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb0200fd197 [ 49.818741][ T418] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffef902b120 [ 49.826646][ T418] RBP: 00007ffef902b120 R08: 0000000000000000 R09: 0000000000000000 [ 49.834449][ T418] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffef902c210 [ 49.842453][ T418] R13: 00007fb0201473b9 R14: 000000000000be90 R15: 0000000000000006 [ 49.850605][ T418] Modules linked in: [ 49.854350][ T418] CR2: 0000000000000160 [ 49.858344][ T418] ---[ end trace 9956ebbffb0844fa ]--- [ 49.863633][ T418] RIP: 0010:ihold+0x20/0x50 [ 49.868198][ T418] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 b6 d5 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 05 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 7a d8 c2 ff [ 49.887906][ T418] RSP: 0018:ffff8881d9bcfca0 EFLAGS: 00010246 [ 49.893844][ T418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f0d7ee40 [ 49.901618][ T418] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 49.909430][ T418] RBP: 0000000000000001 R08: ffffffff813ae3b5 R09: 0000000000000003 [ 49.917321][ T418] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 49.925217][ T418] R13: dffffc0000000000 R14: ffff8881d90a6d78 R15: 0000000000000000 [ 49.933118][ T418] FS: 000055556b299480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 49.942062][ T418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.948489][ T418] CR2: 0000000000000160 CR3: 00000001dd1c8000 CR4: 00000000003406a0 [ 49.956387][ T418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.964320][ T418] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.972123][ T418] Kernel panic - not syncing: Fatal exception [ 49.978228][ T418] Kernel Offset: disabled [ 49.982352][ T418] Rebooting in 86400 seconds..