[ 26.587994][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.598465][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 26.609863][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 26.676285][ T297] syz-executor.0 (297) used greatest stack depth: 22584 bytes left
[ 27.135308][ T10] device bridge_slave_1 left promiscuous mode
[ 27.141235][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.148755][ T10] device bridge_slave_0 left promiscuous mode
[ 27.154871][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.162529][ T10] device veth1_macvtap left promiscuous mode
[ 27.168490][ T10] device veth0_vlan left promiscuous mode
Warning: Permanently added '10.128.1.175' (ED25519) to the list of known hosts.
2023/11/19 05:18:48 ignoring optional flag "sandboxArg"="0"
2023/11/19 05:18:48 parsed 1 programs
[ 44.402899][ T29] kauditd_printk_skb: 78 callbacks suppressed
[ 44.402906][ T29] audit: type=1400 audit(1700371128.966:154): avc: denied { mounton } for pid=341 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 44.433822][ T29] audit: type=1400 audit(1700371128.966:155): avc: denied { mount } for pid=341 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 44.458377][ T29] audit: type=1400 audit(1700371128.966:156): avc: denied { setattr } for pid=341 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 44.481945][ T29] audit: type=1400 audit(1700371128.966:157): avc: denied { read write } for pid=341 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 44.509271][ T29] audit: type=1400 audit(1700371128.966:158): avc: denied { open } for pid=341 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 44.531145][ T341] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
2023/11/19 05:18:49 executed programs: 0
[ 44.535902][ T29] audit: type=1400 audit(1700371129.086:159): avc: denied { unlink } for pid=341 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 44.570013][ T29] audit: type=1400 audit(1700371129.086:160): avc: denied { relabelto } for pid=343 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 44.629187][ T348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.636654][ T348] bridge0: port 1(bridge_slave_0) entered disabled state
[ 44.643968][ T348] device bridge_slave_0 entered promiscuous mode
[ 44.650545][ T348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.657609][ T348] bridge0: port 2(bridge_slave_1) entered disabled state
[ 44.665149][ T348] device bridge_slave_1 entered promiscuous mode
[ 44.704515][ T348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.711564][ T348] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 44.718807][ T348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.725790][ T348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 44.741752][ T54] bridge0: port 1(bridge_slave_0) entered disabled state
[ 44.748979][ T54] bridge0: port 2(bridge_slave_1) entered disabled state
[ 44.756663][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 44.763898][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 44.773018][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 44.781049][ T37] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.787910][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 44.805539][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 44.813932][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 44.821707][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 44.828967][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 44.836164][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 44.844041][ T37] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.850822][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 44.857974][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 44.866501][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 44.874475][ T348] device veth0_vlan entered promiscuous mode
[ 44.883553][ T348] device veth1_macvtap entered promiscuous mode
[ 44.890379][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 44.900687][ T54] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 44.911316][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 44.932264][ T29] audit: type=1400 audit(1700371129.496:161): avc: denied { mounton } for pid=353 comm="syz-executor.0" path="/root/syzkaller-testdir3121336022/syzkaller.80iVs9/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 45.034592][ T355] ==================================================================
[ 45.042641][ T355] BUG: KASAN: null-ptr-deref in ihold+0x19/0x30
[ 45.048725][ T355] Write of size 4 at addr 0000000000000170 by task syz-executor.0/355
[ 45.056793][ T355]
[ 45.058971][ T355] CPU: 1 PID: 355 Comm: syz-executor.0 Not tainted 5.15.137-syzkaller #0
[ 45.067292][ T355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 45.077189][ T355] Call Trace:
[ 45.080308][ T355]
[ 45.083086][ T355] dump_stack_lvl+0x38/0x49
[ 45.087433][ T355] kasan_report.cold+0x64/0xdb
[ 45.092292][ T355] ? ihold+0x19/0x30
[ 45.096017][ T355] kasan_check_range+0x148/0x190
[ 45.100790][ T355] __kasan_check_write+0x14/0x20
[ 45.105567][ T355] ihold+0x19/0x30
[ 45.109122][ T355] fuse_dentry_revalidate+0x6bb/0xf80
[ 45.114330][ T355] ? fuse_invalid_attr+0xc0/0xc0
[ 45.119103][ T355] ? lockref_put_or_lock+0x1a0/0x1a0
[ 45.124239][ T355] lookup_dcache+0x90/0xd0
[ 45.128480][ T355] __lookup_hash+0x1e/0x150
[ 45.132829][ T355] do_renameat2+0x3c2/0xa50
[ 45.137158][ T355] ? __ia32_sys_link+0xa0/0xa0
[ 45.141760][ T355] ? kmem_cache_alloc+0x1b9/0x480
[ 45.146647][ T355] ? getname_flags.part.0+0x8c/0x480
[ 45.151746][ T355] __x64_sys_rename+0x7d/0xa0
[ 45.156516][ T355] do_syscall_64+0x35/0xb0
[ 45.160941][ T355] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 45.166762][ T355] RIP: 0033:0x7f174681bae9
[ 45.171008][ T355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 45.190972][ T355] RSP: 002b:00007f174637d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 45.199587][ T355] RAX: ffffffffffffffda RBX: 00007f174693b050 RCX: 00007f174681bae9
[ 45.207394][ T355] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100
[ 45.215205][ T355] RBP: 00007f174686747a R08: 0000000000000000 R09: 0000000000000000
[ 45.223022][ T355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 45.230828][ T355] R13: 000000000000006e R14: 00007f174693b050 R15: 00007ffe3a35c5e8
[ 45.238642][ T355]
[ 45.241512][ T355] ==================================================================
[ 45.249402][ T355] Disabling lock debugging due to kernel taint
[ 45.256861][ T355] BUG: kernel NULL pointer dereference, address: 0000000000000170
[ 45.264467][ T355] #PF: supervisor write access in kernel mode
[ 45.270368][ T355] #PF: error_code(0x0002) - not-present page
[ 45.276359][ T355] PGD 122767067 P4D 122767067 PUD 12276b067 PMD 0
[ 45.282695][ T355] Oops: 0002 [#1] PREEMPT SMP KASAN
[ 45.287732][ T355] CPU: 0 PID: 355 Comm: syz-executor.0 Tainted: G B 5.15.137-syzkaller #0
[ 45.297364][ T355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 45.307257][ T355] RIP: 0010:ihold+0x1e/0x30
[ 45.311619][ T355] Code: eb 90 66 2e 0f 1f 84 00 00 00 00 00 55 be 04 00 00 00 48 89 e5 53 48 89 fb 48 8d bf 70 01 00 00 e8 b7 c8 f2 ff b8 01 00 00 00 0f c1 83 70 01 00 00 48 8b 5d f8 c9 c3 0f 1f 40 00 48 b8 00 00
[ 45.331220][ T355] RSP: 0018:ffffc900007379a8 EFLAGS: 00010246
[ 45.337122][ T355] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8134cf51
[ 45.345019][ T355] RDX: fffffbfff0b1ab40 RSI: 0000000000000004 RDI: ffffffff858d5a00
[ 45.352915][ T355] RBP: ffffc900007379b0 R08: 0000000000000001 R09: 0000000000000003
[ 45.360817][ T355] R10: fffffbfff0b1ab40 R11: 0000000000000001 R12: ffff88811fd8b4b8
[ 45.368711][ T355] R13: 0000000000000020 R14: ffff88811fd64000 R15: ffff88811fd8b440
[ 45.376697][ T355] FS: 00007f174637d6c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000
[ 45.385667][ T355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 45.392148][ T355] CR2: 0000000000000170 CR3: 0000000122756000 CR4: 00000000003506b0
[ 45.400233][ T355] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 45.408041][ T355] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 45.415851][ T355] Call Trace:
[ 45.419146][ T355]
[ 45.422264][ T355] ? show_regs.part.0+0x1e/0x20
[ 45.427130][ T355] ? __die+0x5d/0x9e
[ 45.430960][ T355] ? page_fault_oops+0x233/0x540
[ 45.435720][ T355] ? dump_pagetable+0xb0/0xb0
[ 45.440231][ T355] ? kvm_sched_clock_read+0x18/0x40
[ 45.445364][ T355] ? sched_clock+0x9/0x10
[ 45.449610][ T355] ? sched_clock_cpu+0x18/0x1b0
[ 45.454292][ T355] ? psi_task_switch+0x195/0x4f0
[ 45.459168][ T355] ? do_user_addr_fault+0x8f2/0x1160
[ 45.464275][ T355] ? _raw_spin_unlock+0x41/0x70
[ 45.468969][ T355] ? trace_page_fault_user+0xb0/0xb0
[ 45.474091][ T355] ? __schedule+0x75f/0x18a0
[ 45.478596][ T355] ? io_schedule_timeout+0x150/0x150
[ 45.484340][ T355] ? irqentry_exit+0x20/0x40
[ 45.488848][ T355] ? __kasan_check_read+0x11/0x20
[ 45.493951][ T355] ? preempt_schedule_common+0x5e/0xe0
[ 45.500393][ T355] ? ihold+0x19/0x30
[ 45.504100][ T355] ? preempt_schedule+0x1f/0x30
[ 45.508772][ T355] ? preempt_schedule_thunk+0x16/0x18
[ 45.514067][ T355] ? exc_page_fault+0x5c/0xc0
[ 45.518580][ T355] ? asm_exc_page_fault+0x27/0x30
[ 45.523550][ T355] ? check_panic_on_warn+0x31/0x60
[ 45.528495][ T355] ? ihold+0x1e/0x30
[ 45.532228][ T355] ? ihold+0x19/0x30
[ 45.535961][ T355] fuse_dentry_revalidate+0x6bb/0xf80
[ 45.541262][ T355] ? fuse_invalid_attr+0xc0/0xc0
[ 45.546036][ T355] ? lockref_put_or_lock+0x1a0/0x1a0
[ 45.551249][ T355] lookup_dcache+0x90/0xd0
[ 45.555581][ T355] __lookup_hash+0x1e/0x150
[ 45.560103][ T355] do_renameat2+0x3c2/0xa50
[ 45.564450][ T355] ? __ia32_sys_link+0xa0/0xa0
[ 45.569266][ T355] ? kmem_cache_alloc+0x1b9/0x480
[ 45.574442][ T355] ? getname_flags.part.0+0x8c/0x480
[ 45.579549][ T355] __x64_sys_rename+0x7d/0xa0
[ 45.584273][ T355] do_syscall_64+0x35/0xb0
[ 45.588527][ T355] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 45.594247][ T355] RIP: 0033:0x7f174681bae9
[ 45.598524][ T355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 45.618505][ T355] RSP: 002b:00007f174637d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 45.626824][ T355] RAX: ffffffffffffffda RBX: 00007f174693b050 RCX: 00007f174681bae9
[ 45.634633][ T355] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100
[ 45.642464][ T355] RBP: 00007f174686747a R08: 0000000000000000 R09: 0000000000000000
[ 45.650451][ T355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 45.658719][ T355] R13: 000000000000006e R14: 00007f174693b050 R15: 00007ffe3a35c5e8
[ 45.666598][ T355]
[ 45.669451][ T355] Modules linked in:
[ 45.673189][ T355] CR2: 0000000000000170
[ 45.677177][ T355] ---[ end trace d58ed1c7543b1de6 ]---
[ 45.682479][ T355] RIP: 0010:ihold+0x1e/0x30
[ 45.686813][ T355] Code: eb 90 66 2e 0f 1f 84 00 00 00 00 00 55 be 04 00 00 00 48 89 e5 53 48 89 fb 48 8d bf 70 01 00 00 e8 b7 c8 f2 ff b8 01 00 00 00 0f c1 83 70 01 00 00 48 8b 5d f8 c9 c3 0f 1f 40 00 48 b8 00 00
[ 45.706533][ T355] RSP: 0018:ffffc900007379a8 EFLAGS: 00010246
[ 45.712427][ T355] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8134cf51
[ 45.720328][ T355] RDX: fffffbfff0b1ab40 RSI: 0000000000000004 RDI: ffffffff858d5a00
[ 45.728230][ T355] RBP: ffffc900007379b0 R08: 0000000000000001 R09: 0000000000000003
[ 45.736123][ T355] R10: fffffbfff0b1ab40 R11: 0000000000000001 R12: ffff88811fd8b4b8
[ 45.744026][ T355] R13: 0000000000000020 R14: ffff88811fd64000 R15: ffff88811fd8b440
[ 45.751839][ T355] FS: 00007f174637d6c0(0000) GS:ffff8881f7400000(0000) knlGS:0000000000000000
[ 45.760757][ T355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 45.767180][ T355] CR2: 0000000000000170 CR3: 0000000122756000 CR4: 00000000003506b0
[ 45.775182][ T355] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 45.782982][ T355] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 45.790793][ T355] Kernel panic - not syncing: Fatal exception
[ 45.796904][ T355] Kernel Offset: disabled
[ 45.801029][ T355] Rebooting in 86400 seconds..