Warning: Permanently added '10.128.1.205' (ED25519) to the list of known hosts.
2024/05/29 09:53:11 ignoring optional flag "sandboxArg"="0"
2024/05/29 09:53:11 parsed 1 programs
[ 43.387069][ T28] kauditd_printk_skb: 18 callbacks suppressed
[ 43.387085][ T28] audit: type=1400 audit(1716976391.606:94): avc: denied { unlink } for pid=346 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
2024/05/29 09:53:11 executed programs: 0
[ 43.428630][ T346] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 43.491223][ T352] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.499058][ T352] bridge0: port 1(bridge_slave_0) entered disabled state
[ 43.506350][ T352] device bridge_slave_0 entered promiscuous mode
[ 43.513441][ T352] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.521011][ T352] bridge0: port 2(bridge_slave_1) entered disabled state
[ 43.528707][ T352] device bridge_slave_1 entered promiscuous mode
[ 43.580451][ T352] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.588631][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 43.595891][ T352] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.603054][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 43.624384][ T39] bridge0: port 1(bridge_slave_0) entered disabled state
[ 43.632878][ T39] bridge0: port 2(bridge_slave_1) entered disabled state
[ 43.641870][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 43.649893][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 43.659113][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 43.667775][ T19] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.675044][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 43.686974][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 43.695874][ T19] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.703347][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 43.713347][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 43.723221][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 43.737951][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 43.751480][ T352] device veth0_vlan entered promiscuous mode
[ 43.758534][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 43.766758][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 43.774017][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 43.786134][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 43.795151][ T352] device veth1_macvtap entered promiscuous mode
[ 43.805136][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 43.816800][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 43.842150][ T28] audit: type=1400 audit(1716976392.056:95): avc: denied { mounton } for pid=357 comm="syz-executor.0" path="/root/syzkaller-testdir3532492121/syzkaller.Mxa3C5/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 43.852211][ T358] incfs: ino conflict with backing FS 1
[ 43.872503][ T28] audit: type=1400 audit(1716976392.066:96): avc: denied { mount } for pid=357 comm="syz-executor.0" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 43.901493][ T352] ------------[ cut here ]------------
[ 43.901894][ T28] audit: type=1400 audit(1716976392.066:97): avc: denied { mounton } for pid=357 comm="syz-executor.0" path="/root/syzkaller-testdir3532492121/syzkaller.Mxa3C5/0/file0/file0" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 43.907947][ T352] WARNING: CPU: 0 PID: 352 at fs/inode.c:332 drop_nlink+0xc1/0x110
[ 43.937841][ T28] audit: type=1400 audit(1716976392.096:98): avc: denied { unmount } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 43.945367][ T352] Modules linked in:
[ 43.967585][ T28] audit: type=1400 audit(1716976392.096:99): avc: denied { unmount } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 43.971944][ T352] CPU: 0 PID: 352 Comm: syz-executor.0 Not tainted 6.1.75-syzkaller-1151074-g3f139724700e #0
[ 44.003085][ T352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 44.013410][ T352] RIP: 0010:drop_nlink+0xc1/0x110
[ 44.018728][ T352] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 f7 f5 ef ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bf 0d a9 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[ 44.038854][ T352] RSP: 0018:ffffc90001397bf0 EFLAGS: 00010293
[ 44.045115][ T352] RAX: ffffffff81cc6071 RBX: 0000000000000000 RCX: ffff88810f183cc0
[ 44.053829][ T352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 44.061850][ T352] RBP: ffffc90001397c18 R08: ffffffff81cc5ff4 R09: 0000000000000003
[ 44.069865][ T352] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[ 44.077919][ T352] R13: 1ffff11023909019 R14: ffff88811c848080 R15: ffff88811c8480c8
[ 44.085885][ T352] FS: 00005555559b9480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 44.094963][ T352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.101429][ T352] CR2: 000055ba884cf078 CR3: 000000010d3e2000 CR4: 00000000003506b0
[ 44.109714][ T352] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.118686][ T352] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.127461][ T352] Call Trace:
[ 44.130619][ T352]
[ 44.133753][ T352] ? show_regs+0x58/0x60
[ 44.138253][ T352] ? __warn+0x160/0x3d0
[ 44.142400][ T352] ? drop_nlink+0xc1/0x110
[ 44.146878][ T352] ? report_bug+0x4d5/0x7d0
[ 44.151222][ T352] ? drop_nlink+0xc1/0x110
[ 44.155901][ T352] ? handle_bug+0x41/0x70
[ 44.160449][ T352] ? exc_invalid_op+0x1b/0x50
[ 44.165127][ T352] ? asm_exc_invalid_op+0x1b/0x20
[ 44.170310][ T352] ? drop_nlink+0x44/0x110
[ 44.174533][ T352] ? drop_nlink+0xc1/0x110
[ 44.178898][ T352] ? drop_nlink+0xc1/0x110
[ 44.183343][ T352] shmem_rmdir+0x59/0x90
[ 44.187453][ T352] vfs_rmdir+0x398/0x500
[ 44.191551][ T352] incfs_kill_sb+0x113/0x230
[ 44.196096][ T352] deactivate_locked_super+0xad/0x110
[ 44.201609][ T352] deactivate_super+0xbe/0xf0
[ 44.206503][ T352] cleanup_mnt+0x485/0x510
[ 44.210859][ T352] ? user_path_at_empty+0x14e/0x1a0
[ 44.215869][ T352] __cleanup_mnt+0x19/0x20
[ 44.220641][ T352] task_work_run+0x24d/0x2e0
[ 44.225325][ T352] ? task_work_cancel+0x2b0/0x2b0
[ 44.230272][ T352] ? __x64_sys_umount+0x122/0x170
[ 44.235601][ T352] exit_to_user_mode_loop+0x94/0xa0
[ 44.241208][ T352] exit_to_user_mode_prepare+0x5a/0xa0
[ 44.246732][ T352] syscall_exit_to_user_mode+0x26/0x140
[ 44.252153][ T352] do_syscall_64+0x49/0xb0
[ 44.256796][ T352] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.262475][ T352] RIP: 0033:0x7f01e067f197
[ 44.266878][ T352] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 44.287006][ T352] RSP: 002b:00007ffeccdf2a78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 44.295280][ T352] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01e067f197
[ 44.303623][ T352] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeccdf2b30
[ 44.311472][ T352] RBP: 00007ffeccdf2b30 R08: 0000000000000000 R09: 0000000000000000
[ 44.319859][ T352] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeccdf3c20
[ 44.327873][ T352] R13: 00007f01e06c93b9 R14: 000000000000ab2f R15: 0000000000000006
[ 44.335785][ T352]
[ 44.338877][ T352] ---[ end trace 0000000000000000 ]---
[ 44.344473][ T352] ==================================================================
[ 44.352387][ T352] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[ 44.358967][ T352] Write of size 4 at addr 0000000000000170 by task syz-executor.0/352
[ 44.367172][ T352]
[ 44.369797][ T352] CPU: 1 PID: 352 Comm: syz-executor.0 Tainted: G W 6.1.75-syzkaller-1151074-g3f139724700e #0
[ 44.382304][ T352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 44.392828][ T352] Call Trace:
[ 44.396026][ T352]
[ 44.398940][ T352] dump_stack_lvl+0x151/0x1b7
[ 44.403592][ T352] ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 44.409558][ T352] ? _printk+0xd1/0x111
[ 44.414191][ T352] print_report+0xe1/0x4e0
[ 44.418641][ T352] ? _raw_spin_lock+0xa4/0x1b0
[ 44.423398][ T352] ? __virt_addr_valid+0x59/0x2f0
[ 44.428812][ T352] ? kasan_addr_to_slab+0xd/0x80
[ 44.433754][ T352] ? ihold+0x20/0x60
[ 44.437649][ T352] kasan_report+0x13c/0x170
[ 44.442435][ T352] ? ihold+0x20/0x60
[ 44.446597][ T352] kasan_check_range+0x294/0x2a0
[ 44.451461][ T352] __kasan_check_write+0x14/0x20
[ 44.456409][ T352] ihold+0x20/0x60
[ 44.460131][ T352] vfs_rmdir+0x268/0x500
[ 44.464333][ T352] incfs_kill_sb+0x113/0x230
[ 44.469045][ T352] deactivate_locked_super+0xad/0x110
[ 44.474539][ T352] deactivate_super+0xbe/0xf0
[ 44.479267][ T352] cleanup_mnt+0x485/0x510
[ 44.483749][ T352] ? user_path_at_empty+0x14e/0x1a0
[ 44.489003][ T352] __cleanup_mnt+0x19/0x20
[ 44.493206][ T352] task_work_run+0x24d/0x2e0
[ 44.498105][ T352] ? task_work_cancel+0x2b0/0x2b0
[ 44.503115][ T352] ? __x64_sys_umount+0x122/0x170
[ 44.508088][ T352] exit_to_user_mode_loop+0x94/0xa0
[ 44.513200][ T352] exit_to_user_mode_prepare+0x5a/0xa0
[ 44.518684][ T352] syscall_exit_to_user_mode+0x26/0x140
[ 44.524132][ T352] do_syscall_64+0x49/0xb0
[ 44.528802][ T352] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.534565][ T352] RIP: 0033:0x7f01e067f197
[ 44.538851][ T352] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 44.559948][ T352] RSP: 002b:00007ffeccdf2a78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 44.568791][ T352] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01e067f197
[ 44.576728][ T352] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeccdf2b30
[ 44.585022][ T352] RBP: 00007ffeccdf2b30 R08: 0000000000000000 R09: 0000000000000000
[ 44.593378][ T352] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeccdf3c20
[ 44.601432][ T352] R13: 00007f01e06c93b9 R14: 000000000000ab2f R15: 0000000000000006
[ 44.609504][ T352]
[ 44.612649][ T352] ==================================================================
[ 44.623411][ T352] Disabling lock debugging due to kernel taint
[ 44.630150][ T352] BUG: kernel NULL pointer dereference, address: 0000000000000170
[ 44.638218][ T352] #PF: supervisor write access in kernel mode
[ 44.644254][ T352] #PF: error_code(0x0002) - not-present page
[ 44.650605][ T352] PGD 109f42067 P4D 109f42067 PUD 0
[ 44.656109][ T352] Oops: 0002 [#1] PREEMPT SMP KASAN
[ 44.661865][ T352] CPU: 1 PID: 352 Comm: syz-executor.0 Tainted: G B W 6.1.75-syzkaller-1151074-g3f139724700e #0
[ 44.674088][ T352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 44.684942][ T352] RIP: 0010:ihold+0x25/0x60
[ 44.689421][ T352] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 91 05 a9 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 a0 ed ef ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 14 09 a9
[ 44.709183][ T352] RSP: 0018:ffffc90001397c30 EFLAGS: 00010246
[ 44.715079][ T352] RAX: ffff88810f183c00 RBX: 0000000000000001 RCX: ffff88810f183cc0
[ 44.723262][ T352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 44.731682][ T352] RBP: ffffc90001397c40 R08: ffffffff814470c3 R09: fffffbfff0de60fd
[ 44.739763][ T352] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11023909547
[ 44.748042][ T352] R13: ffff888120915660 R14: 0000000000000000 R15: 1ffff11024122ad2
[ 44.756134][ T352] FS: 00005555559b9480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 44.765153][ T352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.771743][ T352] CR2: 0000000000000170 CR3: 000000010d3e2000 CR4: 00000000003506a0
[ 44.779734][ T352] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.787629][ T352] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.795606][ T352] Call Trace:
[ 44.798905][ T352]
[ 44.801770][ T352] ? __die_body+0x62/0xb0
[ 44.806129][ T352] ? __die+0x7e/0x90
[ 44.810189][ T352] ? page_fault_oops+0x7f9/0xa90
[ 44.815542][ T352] ? vprintk_default+0x26/0x30
[ 44.820508][ T352] ? kernelmode_fixup_or_oops+0x270/0x270
[ 44.826210][ T352] ? add_taint+0x44/0xe0
[ 44.830836][ T352] ? panic+0x660/0x660
[ 44.835034][ T352] ? preempt_schedule_thunk+0x16/0x18
[ 44.841082][ T352] ? exc_page_fault+0x537/0x700
[ 44.846617][ T352] ? asm_exc_page_fault+0x27/0x30
[ 44.851859][ T352] ? add_taint+0x93/0xe0
[ 44.857045][ T352] ? ihold+0x25/0x60
[ 44.862385][ T352] vfs_rmdir+0x268/0x500
[ 44.866774][ T352] incfs_kill_sb+0x113/0x230
[ 44.871712][ T352] deactivate_locked_super+0xad/0x110
[ 44.877655][ T352] deactivate_super+0xbe/0xf0
[ 44.882350][ T352] cleanup_mnt+0x485/0x510
[ 44.886739][ T352] ? user_path_at_empty+0x14e/0x1a0
[ 44.891907][ T352] __cleanup_mnt+0x19/0x20
[ 44.896532][ T352] task_work_run+0x24d/0x2e0
[ 44.901229][ T352] ? task_work_cancel+0x2b0/0x2b0
[ 44.906691][ T352] ? __x64_sys_umount+0x122/0x170
[ 44.912104][ T352] exit_to_user_mode_loop+0x94/0xa0
[ 44.917368][ T352] exit_to_user_mode_prepare+0x5a/0xa0
[ 44.924229][ T352] syscall_exit_to_user_mode+0x26/0x140
[ 44.930600][ T352] do_syscall_64+0x49/0xb0
[ 44.935104][ T352] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 44.941131][ T352] RIP: 0033:0x7f01e067f197
[ 44.945465][ T352] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 44.965945][ T352] RSP: 002b:00007ffeccdf2a78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 44.974715][ T352] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f01e067f197
[ 44.983169][ T352] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeccdf2b30
[ 44.991061][ T352] RBP: 00007ffeccdf2b30 R08: 0000000000000000 R09: 0000000000000000
[ 44.999017][ T352] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeccdf3c20
[ 45.007202][ T352] R13: 00007f01e06c93b9 R14: 000000000000ab2f R15: 0000000000000006
[ 45.015661][ T352]
[ 45.018923][ T352] Modules linked in:
[ 45.022635][ T352] CR2: 0000000000000170
[ 45.027571][ T352] ---[ end trace 0000000000000000 ]---
[ 45.033034][ T352] RIP: 0010:ihold+0x25/0x60
[ 45.037788][ T352] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 91 05 a9 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 a0 ed ef ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 14 09 a9
[ 45.058471][ T352] RSP: 0018:ffffc90001397c30 EFLAGS: 00010246
[ 45.064933][ T352] RAX: ffff88810f183c00 RBX: 0000000000000001 RCX: ffff88810f183cc0
[ 45.073224][ T352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 45.081267][ T352] RBP: ffffc90001397c40 R08: ffffffff814470c3 R09: fffffbfff0de60fd
[ 45.089123][ T352] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11023909547
[ 45.097126][ T352] R13: ffff888120915660 R14: 0000000000000000 R15: 1ffff11024122ad2
[ 45.105146][ T352] FS: 00005555559b9480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 45.114745][ T352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 45.121589][ T352] CR2: 0000000000000170 CR3: 000000010d3e2000 CR4: 00000000003506a0
[ 45.129608][ T352] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 45.138859][ T352] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 45.147425][ T352] Kernel panic - not syncing: Fatal exception
[ 45.153848][ T352] Kernel Offset: disabled
[ 45.158160][ T352] Rebooting in 86400 seconds..