Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts.
2023/03/28 04:30:56 ignoring optional flag "sandboxArg"="0"
2023/03/28 04:30:56 parsed 1 programs
2023/03/28 04:30:56 executed programs: 0
[   38.266182][   T28] kauditd_printk_skb: 64 callbacks suppressed
[   38.266195][   T28] audit: type=1400 audit(1679977856.139:136): avc:  denied  { mounton } for  pid=379 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   38.297323][   T28] audit: type=1400 audit(1679977856.139:137): avc:  denied  { mount } for  pid=379 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   38.327718][  T383] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.334659][  T383] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.341678][  T383] bridge_slave_0: entered allmulticast mode
[   38.347608][  T383] bridge_slave_0: entered promiscuous mode
[   38.353920][  T383] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.360826][  T383] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.367998][  T383] bridge_slave_1: entered allmulticast mode
[   38.374213][  T383] bridge_slave_1: entered promiscuous mode
[   38.410342][  T383] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.417470][  T383] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.424522][  T383] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.431310][  T383] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.447065][  T341] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.454275][  T341] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.461614][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   38.468880][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.477100][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.485409][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.492544][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.509016][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.517718][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.525900][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.532914][  T341] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.540127][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.548110][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.557373][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.565372][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   38.572912][   T54] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   38.589251][  T383] veth0_vlan: entered promiscuous mode
[   38.600752][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.610061][  T383] veth1_macvtap: entered promiscuous mode
[   38.619546][  T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   38.636301][   T28] audit: type=1400 audit(1679977856.509:138): avc:  denied  { mount } for  pid=383 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   38.637200][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   38.678311][   T28] audit: type=1400 audit(1679977856.549:139): avc:  denied  { mounton } for  pid=388 comm="syz-executor.0" path="/root/syzkaller-testdir3456127984/syzkaller.g22txX/0/file0" dev="sda1" ino=1148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   38.708845][   T28] audit: type=1400 audit(1679977856.589:140): avc:  denied  { unmount } for  pid=383 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   38.748368][  T399] ==================================================================
[   38.756675][  T399] BUG: KASAN: null-ptr-deref in ida_free+0x1b9/0x400
[   38.763419][  T399] Read of size 8 at addr 0000000000000000 by task syz-executor.0/399
[   38.771282][  T399] 
[   38.773623][  T399] CPU: 1 PID: 399 Comm: syz-executor.0 Not tainted 6.3.0-rc4-syzkaller-g197b6b60ae7b #0
[   38.783371][  T399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   38.793975][  T399] Call Trace:
[   38.797171][  T399]  <TASK>
[   38.800126][  T399]  dump_stack_lvl+0x155/0x1c0
[   38.804728][  T399]  ? nf_tcp_handle_invalid+0x400/0x400
[   38.810197][  T399]  ? _printk+0xd5/0x120
[   38.814186][  T399]  print_report+0xe6/0x540
[   38.818476][  T399]  ? __virt_addr_valid+0x5d/0x300
[   38.823495][  T399]  ? kasan_addr_to_slab+0x11/0x80
[   38.828791][  T399]  kasan_report+0x16d/0x1a0
[   38.833224][  T399]  ? _raw_spin_lock_irqsave+0x1a4/0x220
[   38.838691][  T399]  ? ida_free+0x1b9/0x400
[   38.842961][  T399]  kasan_check_range+0x298/0x2a0
[   38.847748][  T399]  __kasan_check_read+0x15/0x20
[   38.852425][  T399]  ida_free+0x1b9/0x400
[   38.856520][  T399]  ? ida_alloc_range+0xa60/0xa60
[   38.861543][  T399]  ? invent_group_ids+0x230/0x440
[   38.866682][  T399]  __se_sys_mount_setattr+0xc00/0x1aa0
[   38.872044][  T399]  ? restore_fpregs_from_fpstate+0x100/0x250
[   38.878029][  T399]  ? __x64_sys_mount_setattr+0xe0/0xe0
[   38.883612][  T399]  ? __x64_sys_futex+0x100/0x100
[   38.888386][  T399]  ? fpregs_restore_userregs+0x130/0x290
[   38.893855][  T399]  __x64_sys_mount_setattr+0xc3/0xe0
[   38.899055][  T399]  do_syscall_64+0x41/0x90
[   38.903504][  T399]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   38.909317][  T399] RIP: 0033:0x7f220428c0f9
[   38.913718][  T399] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   38.934156][  T399] RSP: 002b:00007f22050a0168 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[   38.942740][  T399] RAX: ffffffffffffffda RBX: 00007f22043abf80 RCX: 00007f220428c0f9
[   38.950897][  T399] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   38.958711][  T399] RBP: 00007f22042e7b39 R08: 0000000000000020 R09: 0000000000000000
[   38.966730][  T399] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000
[   38.974707][  T399] R13: 00007ffd860e457f R14: 00007f22050a0300 R15: 0000000000022000
[   38.982921][  T399]  </TASK>
[   38.985780][  T399] ==================================================================
[   38.994562][  T399] Disabling lock debugging due to kernel taint
[   39.000642][  T399] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   39.008552][  T399] #PF: supervisor read access in kernel mode
[   39.014468][  T399] #PF: error_code(0x0000) - not-present page
[   39.020369][  T399] PGD 1114b3067 P4D 1114b3067 PUD 10f7b2067 PMD 0 
[   39.026695][  T399] Oops: 0000 [#1] PREEMPT SMP KASAN
[   39.032084][  T399] CPU: 1 PID: 399 Comm: syz-executor.0 Tainted: G    B              6.3.0-rc4-syzkaller-g197b6b60ae7b #0
[   39.043619][  T399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   39.054034][  T399] RIP: 0010:ida_free+0x1bb/0x400
[   39.059409][  T399] Code: 98 fc 4c 89 e8 48 83 e0 01 0f 85 c1 00 00 00 41 89 df 4c 89 f8 48 c1 e8 06 49 8d 7c c5 00 be 08 00 00 00 e8 d7 ec e0 fc 31 db <4d> 0f a3 7d 00 41 0f 92 c6 0f 92 c3 bf 02 00 00 00 89 de e8 4d 9d
[   39.079071][  T399] RSP: 0018:ffffc90002f5fc80 EFLAGS: 00010046
[   39.085071][  T399] RAX: ffff8881136ad000 RBX: 0000000000000000 RCX: ffff8881136ad000
[   39.093043][  T399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   39.101120][  T399] RBP: ffffc90002f5fd70 R08: ffffffff81463617 R09: fffffbfff0d988f9
[   39.109064][  T399] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff8647ac20
[   39.116827][  T399] R13: 0000000000000000 R14: ffffc90002f5fce0 R15: 0000000000000001
[   39.125250][  T399] FS:  00007f22050a0700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000
[   39.134360][  T399] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.141043][  T399] CR2: 0000000000000000 CR3: 0000000110734000 CR4: 00000000003506a0
[   39.150333][  T399] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.158404][  T399] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   39.166322][  T399] Call Trace:
[   39.169989][  T399]  <TASK>
[   39.172742][  T399]  ? ida_alloc_range+0xa60/0xa60
[   39.177769][  T399]  ? invent_group_ids+0x230/0x440
[   39.182632][  T399]  __se_sys_mount_setattr+0xc00/0x1aa0
[   39.188016][  T399]  ? restore_fpregs_from_fpstate+0x100/0x250
[   39.193827][  T399]  ? __x64_sys_mount_setattr+0xe0/0xe0
[   39.199216][  T399]  ? __x64_sys_futex+0x100/0x100
[   39.203982][  T399]  ? fpregs_restore_userregs+0x130/0x290
[   39.209450][  T399]  __x64_sys_mount_setattr+0xc3/0xe0
[   39.214572][  T399]  do_syscall_64+0x41/0x90
[   39.218895][  T399]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   39.224924][  T399] RIP: 0033:0x7f220428c0f9
[   39.229153][  T399] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   39.248618][  T399] RSP: 002b:00007f22050a0168 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[   39.256834][  T399] RAX: ffffffffffffffda RBX: 00007f22043abf80 RCX: 00007f220428c0f9
[   39.264889][  T399] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   39.272674][  T399] RBP: 00007f22042e7b39 R08: 0000000000000020 R09: 0000000000000000
[   39.280492][  T399] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000000
[   39.288468][  T399] R13: 00007ffd860e457f R14: 00007f22050a0300 R15: 0000000000022000
[   39.296285][  T399]  </TASK>
[   39.299142][  T399] Modules linked in:
[   39.302966][  T399] CR2: 0000000000000000
[   39.306960][  T399] ---[ end trace 0000000000000000 ]---
[   39.312251][  T399] RIP: 0010:ida_free+0x1bb/0x400
[   39.317505][  T399] Code: 98 fc 4c 89 e8 48 83 e0 01 0f 85 c1 00 00 00 41 89 df 4c 89 f8 48 c1 e8 06 49 8d 7c c5 00 be 08 00 00 00 e8 d7 ec e0 fc 31 db <4d> 0f a3 7d 00 41 0f 92 c6 0f 92 c3 bf 02 00 00 00 89 de e8 4d 9d
[   39.337685][  T399] RSP: 0018:ffffc90002f5fc80 EFLAGS: 00010046
[   39.344540][  T399] RAX: ffff8881136ad000 RBX: 0000000000000000 RCX: ffff8881136ad000
[   39.352352][  T399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   39.360160][  T399] RBP: ffffc90002f5fd70 R08: ffffffff81463617 R09: fffffbfff0d988f9
[   39.367971][  T399] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff8647ac20
[   39.375872][  T399] R13: 0000000000000000 R14: ffffc90002f5fce0 R15: 0000000000000001
[   39.383706][  T399] FS:  00007f22050a0700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000
[   39.392713][  T399] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.399564][  T399] CR2: 0000000000000000 CR3: 0000000110734000 CR4: 00000000003506a0
[   39.407566][  T399] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.415463][  T399] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   39.423275][  T399] Kernel panic - not syncing: Fatal exception
[   39.429683][  T399] Kernel Offset: disabled
[   39.434004][  T399] Rebooting in 86400 seconds..