Warning: Permanently added '10.128.0.115' (ED25519) to the list of known hosts.
2024/06/19 15:18:15 ignoring optional flag "sandboxArg"="0"
2024/06/19 15:18:15 parsed 1 programs
2024/06/19 15:18:15 executed programs: 0
[   39.827324][  T408] cgroup1: Unknown subsys name 'perf_event'
[   39.827384][   T23] kauditd_printk_skb: 12 callbacks suppressed
[   39.827393][   T23] audit: type=1400 audit(1718810295.160:88): avc:  denied  { mounton } for  pid=408 comm="syz-executor.3" path="/syzcgroup/unified" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   39.833813][  T408] cgroup1: Unknown subsys name 'net_cls'
[   39.861610][  T410] cgroup1: Unknown subsys name 'perf_event'
[   39.885823][  T411] cgroup1: Unknown subsys name 'perf_event'
[   39.887669][  T410] cgroup1: Unknown subsys name 'net_cls'
[   39.891852][  T411] cgroup1: Unknown subsys name 'net_cls'
[   39.897831][  T414] cgroup1: Unknown subsys name 'perf_event'
[   39.903839][  T413] cgroup1: Unknown subsys name 'perf_event'
[   39.910644][  T414] cgroup1: Unknown subsys name 'net_cls'
[   39.930110][  T413] cgroup1: Unknown subsys name 'net_cls'
[   39.931374][  T415] cgroup1: Unknown subsys name 'perf_event'
[   39.954890][  T415] cgroup1: Unknown subsys name 'net_cls'
[   40.063306][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.070192][  T408] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.077456][  T408] device bridge_slave_0 entered promiscuous mode
[   40.085622][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.092441][  T408] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.099764][  T408] device bridge_slave_1 entered promiscuous mode
[   40.166230][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.173125][  T413] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.180444][  T413] device bridge_slave_0 entered promiscuous mode
[   40.187423][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.194360][  T413] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.201739][  T413] device bridge_slave_1 entered promiscuous mode
[   40.248613][  T414] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.255843][  T414] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.263170][  T414] device bridge_slave_0 entered promiscuous mode
[   40.269924][  T414] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.276780][  T414] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.284168][  T414] device bridge_slave_1 entered promiscuous mode
[   40.372139][  T410] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.379224][  T410] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.386603][  T410] device bridge_slave_0 entered promiscuous mode
[   40.398605][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.405546][  T411] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.412822][  T411] device bridge_slave_0 entered promiscuous mode
[   40.429689][  T410] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.436638][  T410] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.443976][  T410] device bridge_slave_1 entered promiscuous mode
[   40.460781][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.467710][  T411] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.475287][  T411] device bridge_slave_1 entered promiscuous mode
[   40.504562][  T415] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.511572][  T415] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.518928][  T415] device bridge_slave_0 entered promiscuous mode
[   40.565376][  T415] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.572298][  T415] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.579751][  T415] device bridge_slave_1 entered promiscuous mode
[   40.668253][  T414] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.675281][  T414] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.682384][  T414] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.689169][  T414] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.704362][  T413] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.711280][  T413] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.718583][  T413] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.725347][  T413] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.762481][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.769335][  T408] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.776441][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.783215][  T408] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.792348][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.799183][  T411] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.806291][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.813068][  T411] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.827805][  T410] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.834656][  T410] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.841748][  T410] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.848544][  T410] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.905955][  T415] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.912790][  T415] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.919933][  T415] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.926685][  T415] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.963867][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.970986][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.978637][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   40.985978][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.993297][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.000406][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.008867][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.017056][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.024650][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.031610][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.038686][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.046911][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.055430][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.062712][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.096075][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   41.103967][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.111318][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.119635][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.128148][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.135168][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.142483][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   41.150584][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.158488][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.166606][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.174600][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.181412][  T364] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.188794][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   41.196961][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.204759][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   41.212018][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.219415][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   41.226725][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.234113][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.242248][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.250402][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.257230][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.264676][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.273092][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.281031][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.287868][  T364] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.295358][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.303546][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.311461][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.318300][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.325560][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.333793][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.341724][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.348594][  T364] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.373206][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   41.381128][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.391603][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   41.399517][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.407537][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   41.415609][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.423872][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.448394][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   41.456459][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.465176][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   41.472978][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.481751][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   41.490122][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.510226][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   41.518797][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.544169][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.552096][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.560341][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   41.569058][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.576777][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   41.584497][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.592109][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   41.599388][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   41.626784][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.635218][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   41.644342][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.652541][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.660788][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   41.668801][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.676903][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   41.685131][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   41.693207][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.700143][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.729598][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   41.739228][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   41.745119][   T23] audit: type=1400 audit(1718810297.080:89): avc:  denied  { mounton } for  pid=438 comm="syz-executor.5" path="/root/syzkaller-testdir4194501058/syzkaller.M9PuOK/0/file0" dev="sda1" ino=1962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   41.747759][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   41.775812][   T23] audit: type=1400 audit(1718810297.110:90): avc:  denied  { mount } for  pid=438 comm="syz-executor.5" name="/" dev="incremental-fs" ino=1962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   41.782693][  T363] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.806511][   T23] audit: type=1400 audit(1718810297.110:91): avc:  denied  { unmount } for  pid=438 comm="syz-executor.5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   41.812349][  T363] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.813393][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   41.847499][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   41.856077][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   41.864307][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   41.872496][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.910600][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.919488][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.928262][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   41.936533][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   41.944686][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   41.952327][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   41.960248][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   41.968324][  T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   41.993943][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.002243][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.004249][   T23] audit: type=1400 audit(1718810297.340:92): avc:  denied  { read } for  pid=442 comm="syz-executor.5" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   42.011008][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.040542][   T23] audit: type=1400 audit(1718810297.340:93): avc:  denied  { open } for  pid=442 comm="syz-executor.5" path="/root/syzkaller-testdir4194501058/syzkaller.M9PuOK/1/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   42.047333][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.078839][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.087183][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.095350][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.103558][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.111602][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.119977][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.145802][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.155090][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.163568][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.171821][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.213592][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.221758][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.238159][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.247199][  T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.267927][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.276219][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.294109][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.302599][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.311585][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.320051][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2024/06/19 15:18:20 executed programs: 189
2024/06/19 15:18:25 executed programs: 562
2024/06/19 15:18:30 executed programs: 910
2024/06/19 15:18:35 executed programs: 1291
2024/06/19 15:18:40 executed programs: 1665
[   66.573313][   T74] cfg80211: failed to load regulatory.db
2024/06/19 15:18:45 executed programs: 2036
2024/06/19 15:18:50 executed programs: 2405
2024/06/19 15:18:55 executed programs: 2772
2024/06/19 15:19:00 executed programs: 3140
2024/06/19 15:19:05 executed programs: 3504
2024/06/19 15:19:10 executed programs: 3884
2024/06/19 15:19:15 executed programs: 4268
2024/06/19 15:19:20 executed programs: 4649
2024/06/19 15:19:25 executed programs: 5020
2024/06/19 15:19:30 executed programs: 5398
2024/06/19 15:19:35 executed programs: 5773
2024/06/19 15:19:40 executed programs: 6136
2024/06/19 15:19:45 executed programs: 6514
2024/06/19 15:19:50 executed programs: 6889
2024/06/19 15:19:55 executed programs: 7261
[  144.880288][   T23] audit: type=1400 audit(1718810400.210:94): avc:  denied  { mounton } for  pid=26733 comm="syz-executor.0" path="/root/syzkaller-testdir2173037183/syzkaller.SB9wiO/1268/file0" dev="incremental-fs" ino=1986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
2024/06/19 15:20:00 executed programs: 7634
2024/06/19 15:20:05 executed programs: 8018
2024/06/19 15:20:10 executed programs: 8395
2024/06/19 15:20:15 executed programs: 8772
2024/06/19 15:20:20 executed programs: 9159
[  166.895780][T32550] ==================================================================
[  166.903800][T32550] BUG: KASAN: use-after-free in path_openat+0x1ccd/0x34b0
[  166.910746][T32550] Read of size 4 at addr ffff8881dae8701c by task syz-executor.2/32550
[  166.918793][T32550] 
[  166.920982][T32550] CPU: 0 PID: 32550 Comm: syz-executor.2 Not tainted 5.4.274-syzkaller-04911-g6f97bd951d82 #0
[  166.931398][T32550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  166.941288][T32550] Call Trace:
[  166.944534][T32550]  dump_stack+0x1d8/0x241
[  166.948802][T32550]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  166.954424][T32550]  ? printk+0xd1/0x111
[  166.958947][T32550]  ? path_openat+0x1ccd/0x34b0
[  166.963614][T32550]  print_address_description+0x8c/0x600
[  166.968997][T32550]  ? path_openat+0x1ccd/0x34b0
[  166.973602][T32550]  __kasan_report+0xf3/0x120
[  166.978023][T32550]  ? path_openat+0x1ccd/0x34b0
[  166.982636][T32550]  kasan_report+0x30/0x60
[  166.986791][T32550]  ? path_openat+0x39f/0x34b0
[  166.991305][T32550]  path_openat+0x1ccd/0x34b0
[  166.995819][T32550]  ? stack_trace_save+0x118/0x1c0
[  167.000674][T32550]  ? do_filp_open+0x450/0x450
[  167.005191][T32550]  ? do_sys_open+0x357/0x810
[  167.009614][T32550]  ? do_syscall_64+0xca/0x1c0
[  167.014159][T32550]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  167.020037][T32550]  do_filp_open+0x20b/0x450
[  167.024371][T32550]  ? vfs_tmpfile+0x2c0/0x2c0
[  167.028820][T32550]  ? _raw_spin_unlock+0x49/0x60
[  167.033482][T32550]  ? __alloc_fd+0x4c1/0x560
[  167.037824][T32550]  do_sys_open+0x39c/0x810
[  167.042074][T32550]  ? file_open_root+0x490/0x490
[  167.046887][T32550]  ? switch_fpu_return+0x1d4/0x410
[  167.051824][T32550]  ? ksys_mount+0xe0/0xf0
[  167.055990][T32550]  do_syscall_64+0xca/0x1c0
[  167.060386][T32550]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  167.066066][T32550] RIP: 0033:0x456e69
[  167.069824][T32550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b4 ff ff ff f7 d8 64 89 01 48
[  167.089227][T32550] RSP: 002b:00007f2de46150d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  167.097590][T32550] RAX: ffffffffffffffda RBX: 000000000055c038 RCX: 0000000000456e69
[  167.105401][T32550] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  167.113214][T32550] RBP: 00000000004b0cab R08: 0000000000000000 R09: 0000000000000000
[  167.121023][T32550] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004b02b7
[  167.128833][T32550] R13: 000000000000006e R14: 000000000055c038 R15: 00007ffe73261928
[  167.136647][T32550] 
[  167.138813][T32550] Allocated by task 32550:
[  167.143074][T32550]  __kasan_kmalloc+0x171/0x210
[  167.147666][T32550]  alloc_inode+0x43/0x70
[  167.151745][T32550]  iget5_locked+0x9c/0x260
[  167.156000][T32550]  fetch_regular_inode+0x256/0x320
[  167.160943][T32550]  incfs_mount_fs+0x5c3/0xa00
[  167.165456][T32550]  legacy_get_tree+0xdf/0x170
[  167.169981][T32550]  vfs_get_tree+0x85/0x260
[  167.174225][T32550]  do_new_mount+0x292/0x570
[  167.178565][T32550]  do_mount+0x688/0xe10
[  167.182658][T32550]  ksys_mount+0xc2/0xf0
[  167.186896][T32550]  __x64_sys_mount+0xb1/0xc0
[  167.191327][T32550]  do_syscall_64+0xca/0x1c0
[  167.195754][T32550]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  167.201471][T32550] 
[  167.203644][T32550] Freed by task 32534:
[  167.207552][T32550]  __kasan_slab_free+0x1b5/0x270
[  167.212324][T32550]  kfree+0x123/0x370
[  167.216055][T32550]  evict+0x59d/0x6a0
[  167.219789][T32550]  evict_inodes+0x5e1/0x660
[  167.224128][T32550]  generic_shutdown_super+0x94/0x2a0
[  167.229251][T32550]  kill_anon_super+0x37/0x60
[  167.233676][T32550]  incfs_kill_sb+0x4c/0x200
[  167.238049][T32550]  deactivate_locked_super+0xa8/0x110
[  167.243220][T32550]  deactivate_super+0x1e2/0x2a0
[  167.248101][T32550]  cleanup_mnt+0x44e/0x500
[  167.252339][T32550]  task_work_run+0x140/0x170
[  167.256851][T32550]  exit_to_usermode_loop+0x190/0x1a0
[  167.261997][T32550]  prepare_exit_to_usermode+0x199/0x200
[  167.267368][T32550]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  167.273084][T32550] 
[  167.275257][T32550] The buggy address belongs to the object at ffff8881dae87000
[  167.275257][T32550]  which belongs to the cache kmalloc-1k of size 1024
[  167.289148][T32550] The buggy address is located 28 bytes inside of
[  167.289148][T32550]  1024-byte region [ffff8881dae87000, ffff8881dae87400)
[  167.302246][T32550] The buggy address belongs to the page:
[  167.307744][T32550] page:ffffea00076ba000 refcount:1 mapcount:0 mapping:ffff8881f5c02280 index:0x0 compound_mapcount: 0
[  167.318573][T32550] flags: 0x8000000000010200(slab|head)
[  167.323868][T32550] raw: 8000000000010200 ffffea0007a7e800 0000000700000002 ffff8881f5c02280
[  167.332281][T32550] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  167.340781][T32550] page dumped because: kasan: bad access detected
[  167.347038][T32550] page_owner tracks the page as allocated
[  167.352591][T32550] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
[  167.367451][T32550]  prep_new_page+0x18f/0x370
[  167.371859][T32550]  get_page_from_freelist+0x2d13/0x2d90
[  167.377339][T32550]  __alloc_pages_nodemask+0x393/0x840
[  167.382635][T32550]  alloc_slab_page+0x39/0x3c0
[  167.387145][T32550]  new_slab+0x97/0x440
[  167.391047][T32550]  ___slab_alloc+0x2fe/0x490
[  167.395476][T32550]  __slab_alloc+0x62/0xa0
[  167.399639][T32550]  __kmalloc+0x19b/0x2e0
[  167.403721][T32550]  veth_dev_init+0x1a9/0x340
[  167.408234][T32550]  register_netdevice+0x1c0/0x12a0
[  167.413180][T32550]  veth_newlink+0x667/0xb50
[  167.417524][T32550]  rtnl_newlink+0x1567/0x2060
[  167.422033][T32550]  rtnetlink_rcv_msg+0x983/0xc70
[  167.426808][T32550]  netlink_rcv_skb+0x1d5/0x420
[  167.431411][T32550]  netlink_unicast+0x936/0xb20
[  167.436008][T32550]  netlink_sendmsg+0xa18/0xcf0
[  167.440604][T32550] page_owner free stack trace missing
[  167.445810][T32550] 
[  167.447978][T32550] Memory state around the buggy address:
[  167.453452][T32550]  ffff8881dae86f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  167.461349][T32550]  ffff8881dae86f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  167.469248][T32550] >ffff8881dae87000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  167.477144][T32550]                             ^
[  167.481831][T32550]  ffff8881dae87080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  167.489746][T32550]  ffff8881dae87100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  167.497637][T32550] ==================================================================
[  167.505613][T32550] Disabling lock debugging due to kernel taint
2024/06/19 15:20:25 executed programs: 9487
2024/06/19 15:20:30 executed programs: 9866