Warning: Permanently added '10.128.1.163' (ED25519) to the list of known hosts. 2024/10/28 11:04:04 ignoring optional flag "sandboxArg"="0" 2024/10/28 11:04:04 ignoring optional flag "type"="gce" 2024/10/28 11:04:04 parsed 1 programs [ 46.498831][ T23] kauditd_printk_skb: 19 callbacks suppressed [ 46.498844][ T23] audit: type=1400 audit(1730113444.530:95): avc: denied { unlink } for pid=408 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/10/28 11:04:04 executed programs: 0 [ 46.568144][ T408] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.640159][ T414] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.647442][ T414] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.655029][ T414] device bridge_slave_0 entered promiscuous mode [ 46.662149][ T414] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.669416][ T414] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.677025][ T414] device bridge_slave_1 entered promiscuous mode [ 46.730694][ T414] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.737753][ T414] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.745056][ T414] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.752042][ T414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.777307][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.784928][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.792436][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.799784][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.810785][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.819102][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.826685][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.836408][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.845032][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.852035][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.866952][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.877142][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.896453][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.908934][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.924011][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.938042][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.949222][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.978118][ T23] audit: type=1400 audit(1730113445.010:96): avc: denied { mounton } for pid=420 comm="syz-executor.0" path="/root/syzkaller-testdir403531478/syzkaller.YC5Uro/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 47.005539][ T23] audit: type=1400 audit(1730113445.010:97): avc: denied { mount } for pid=420 comm="syz-executor.0" name="/" dev="tmpfs" ino=10108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 47.005647][ T414] ------------[ cut here ]------------ [ 47.029060][ T23] audit: type=1400 audit(1730113445.010:98): avc: denied { mounton } for pid=420 comm="syz-executor.0" path="/root/syzkaller-testdir403531478/syzkaller.YC5Uro/0/file0/file0" dev="tmpfs" ino=10109 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 47.033422][ T414] WARNING: CPU: 1 PID: 414 at fs/inode.c:302 drop_nlink+0xbb/0x100 [ 47.033435][ T414] Modules linked in: [ 47.061645][ T23] audit: type=1400 audit(1730113445.010:99): avc: denied { unmount } for pid=414 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 47.069295][ T414] CPU: 1 PID: 414 Comm: syz-executor.0 Not tainted 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 47.073054][ T23] audit: type=1400 audit(1730113445.010:100): avc: denied { unmount } for pid=414 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 47.092805][ T414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 47.092822][ T414] RIP: 0010:drop_nlink+0xbb/0x100 [ 47.092833][ T414] Code: 49 8b 1e 48 8d bb d0 04 00 00 be 08 00 00 00 e8 cb 99 f2 ff f0 48 ff 83 d0 04 00 00 5b 41 5c 41 5e 41 5f 5d c3 e8 55 dd c2 ff <0f> 0b eb 89 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 47.092838][ T414] RSP: 0018:ffff8881ef55fc68 EFLAGS: 00010293 [ 47.092849][ T414] RAX: ffffffff81a1594b RBX: 1ffff1103b7c6e27 RCX: ffff8881f31e1f80 [ 47.092854][ T414] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.092860][ T414] RBP: 0000000000000000 R08: ffffffff81a158cf R09: 0000000000000003 [ 47.092868][ T414] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881dbe37138 [ 47.092876][ T414] R13: dffffc0000000000 R14: ffff8881dbe370f0 R15: dffffc0000000000 [ 47.092886][ T414] FS: 000055558dea8480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 47.092892][ T414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.092900][ T414] CR2: 000055da41a9f474 CR3: 00000001db7c5000 CR4: 00000000003406a0 [ 47.092908][ T414] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.092914][ T414] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.092916][ T414] Call Trace: [ 47.092929][ T414] ? __warn+0x162/0x250 [ 47.092941][ T414] ? report_bug+0x3a1/0x4e0 [ 47.092956][ T414] ? drop_nlink+0xbb/0x100 [ 47.263284][ T414] ? drop_nlink+0xbb/0x100 [ 47.267634][ T414] ? do_invalid_op+0x6e/0x110 [ 47.272153][ T414] ? invalid_op+0x1e/0x30 [ 47.276570][ T414] ? drop_nlink+0x3f/0x100 [ 47.281013][ T414] ? drop_nlink+0xbb/0x100 [ 47.285387][ T414] ? drop_nlink+0xbb/0x100 [ 47.289728][ T414] ? drop_nlink+0xbb/0x100 [ 47.293973][ T414] shmem_rmdir+0x54/0x80 [ 47.298050][ T414] vfs_rmdir+0x285/0x3c0 [ 47.302140][ T414] incfs_kill_sb+0x105/0x200 [ 47.306850][ T414] deactivate_locked_super+0xa8/0x110 [ 47.312229][ T414] deactivate_super+0x1e2/0x2a0 [ 47.317158][ T414] ? vfs_submount+0xb0/0xb0 [ 47.321639][ T414] ? deactivate_locked_super+0x110/0x110 [ 47.327280][ T414] ? fast_dput+0x7a/0x280 [ 47.331568][ T414] cleanup_mnt+0x44e/0x500 [ 47.336250][ T414] task_work_run+0x140/0x170 [ 47.340696][ T414] exit_to_usermode_loop+0x190/0x1a0 [ 47.345884][ T414] prepare_exit_to_usermode+0x199/0x200 [ 47.351361][ T414] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.357259][ T414] RIP: 0033:0x7f8f91414197 [ 47.361720][ T414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.382138][ T414] RSP: 002b:00007ffed235fea8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.390486][ T414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f8f91414197 [ 47.398560][ T414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed235ff60 [ 47.406451][ T414] RBP: 00007ffed235ff60 R08: 0000000000000000 R09: 0000000000000000 [ 47.414414][ T414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed2361050 [ 47.422159][ T414] R13: 00007f8f9145e3b9 R14: 000000000000b769 R15: 0000000000000006 [ 47.429976][ T414] ---[ end trace cf99aca1049dc817 ]--- [ 47.436758][ T414] ================================================================== [ 47.444811][ T414] BUG: KASAN: null-ptr-deref in ihold+0x1b/0x50 [ 47.451063][ T414] Write of size 4 at addr 0000000000000160 by task syz-executor.0/414 [ 47.459127][ T414] [ 47.461305][ T414] CPU: 0 PID: 414 Comm: syz-executor.0 Tainted: G W 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 47.472850][ T414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 47.482735][ T414] Call Trace: [ 47.485960][ T414] dump_stack+0x1d8/0x241 [ 47.490128][ T414] ? panic+0x89d/0x89d [ 47.494039][ T414] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 47.499760][ T414] ? _raw_spin_trylock_bh+0x190/0x190 [ 47.505042][ T414] ? _raw_spin_unlock+0x49/0x60 [ 47.509736][ T414] ? ihold+0x1b/0x50 [ 47.513559][ T414] __kasan_report+0xe9/0x120 [ 47.517977][ T414] ? ihold+0x1b/0x50 [ 47.521800][ T414] kasan_report+0x30/0x60 [ 47.526151][ T414] check_memory_region+0x272/0x280 [ 47.531184][ T414] ihold+0x1b/0x50 [ 47.534744][ T414] vfs_rmdir+0x1e0/0x3c0 [ 47.538991][ T414] incfs_kill_sb+0x105/0x200 [ 47.543529][ T414] deactivate_locked_super+0xa8/0x110 [ 47.548721][ T414] deactivate_super+0x1e2/0x2a0 [ 47.553488][ T414] ? vfs_submount+0xb0/0xb0 [ 47.557925][ T414] ? deactivate_locked_super+0x110/0x110 [ 47.563486][ T414] ? fast_dput+0x7a/0x280 [ 47.567744][ T414] cleanup_mnt+0x44e/0x500 [ 47.571983][ T414] task_work_run+0x140/0x170 [ 47.576498][ T414] exit_to_usermode_loop+0x190/0x1a0 [ 47.581612][ T414] prepare_exit_to_usermode+0x199/0x200 [ 47.586990][ T414] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.592740][ T414] RIP: 0033:0x7f8f91414197 [ 47.597253][ T414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.617051][ T414] RSP: 002b:00007ffed235fea8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.625610][ T414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f8f91414197 [ 47.633711][ T414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed235ff60 [ 47.641518][ T414] RBP: 00007ffed235ff60 R08: 0000000000000000 R09: 0000000000000000 [ 47.649407][ T414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed2361050 [ 47.657303][ T414] R13: 00007f8f9145e3b9 R14: 000000000000b769 R15: 0000000000000006 [ 47.665726][ T414] ================================================================== [ 47.673798][ T414] Disabling lock debugging due to kernel taint [ 47.681934][ T414] BUG: kernel NULL pointer dereference, address: 0000000000000160 [ 47.689638][ T414] #PF: supervisor write access in kernel mode [ 47.695728][ T414] #PF: error_code(0x0002) - not-present page [ 47.701761][ T414] PGD 1d9400067 P4D 1d9400067 PUD 0 [ 47.706914][ T414] Oops: 0002 [#1] PREEMPT SMP KASAN [ 47.712029][ T414] CPU: 0 PID: 414 Comm: syz-executor.0 Tainted: G B W 5.4.283-syzkaller-04984-ge6ac8beecb16 #0 [ 47.723823][ T414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 47.733807][ T414] RIP: 0010:ihold+0x20/0x50 [ 47.738149][ T414] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 b6 d5 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 05 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 7a d8 c2 ff [ 47.757788][ T414] RSP: 0018:ffff8881ef55fca0 EFLAGS: 00010246 [ 47.763746][ T414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f31e1f80 [ 47.771645][ T414] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 47.779576][ T414] RBP: 0000000000000001 R08: ffffffff813ae3b5 R09: 0000000000000003 [ 47.787696][ T414] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 47.795850][ T414] R13: dffffc0000000000 R14: ffff8881dbe36a00 R15: 0000000000000000 [ 47.804493][ T414] FS: 000055558dea8480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 47.813469][ T414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.820232][ T414] CR2: 0000000000000160 CR3: 00000001db7c5000 CR4: 00000000003406b0 [ 47.828391][ T414] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.836479][ T414] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.844634][ T414] Call Trace: [ 47.847934][ T414] ? __die+0xb4/0x100 [ 47.851734][ T414] ? no_context+0xac7/0xd20 [ 47.856692][ T414] ? is_prefetch+0x4b0/0x4b0 [ 47.861227][ T414] ? ihold+0x1b/0x50 [ 47.864962][ T414] ? __do_page_fault+0xa72/0xbb0 [ 47.869843][ T414] ? __bad_area_nosemaphore+0xc0/0x470 [ 47.875123][ T414] ? page_fault+0x2f/0x40 [ 47.879282][ T414] ? check_panic_on_warn+0x55/0xa0 [ 47.884231][ T414] ? ihold+0x20/0x50 [ 47.887958][ T414] vfs_rmdir+0x1e0/0x3c0 [ 47.892141][ T414] incfs_kill_sb+0x105/0x200 [ 47.896553][ T414] deactivate_locked_super+0xa8/0x110 [ 47.901942][ T414] deactivate_super+0x1e2/0x2a0 [ 47.906716][ T414] ? vfs_submount+0xb0/0xb0 [ 47.911286][ T414] ? deactivate_locked_super+0x110/0x110 [ 47.916944][ T414] ? fast_dput+0x7a/0x280 [ 47.921678][ T414] cleanup_mnt+0x44e/0x500 [ 47.926338][ T414] task_work_run+0x140/0x170 [ 47.931003][ T414] exit_to_usermode_loop+0x190/0x1a0 [ 47.936212][ T414] prepare_exit_to_usermode+0x199/0x200 [ 47.941763][ T414] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.947490][ T414] RIP: 0033:0x7f8f91414197 [ 47.951740][ T414] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.971541][ T414] RSP: 002b:00007ffed235fea8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.979961][ T414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f8f91414197 [ 47.988037][ T414] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed235ff60 [ 47.996178][ T414] RBP: 00007ffed235ff60 R08: 0000000000000000 R09: 0000000000000000 [ 48.004265][ T414] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed2361050 [ 48.012155][ T414] R13: 00007f8f9145e3b9 R14: 000000000000b769 R15: 0000000000000006 [ 48.019975][ T414] Modules linked in: [ 48.023708][ T414] CR2: 0000000000000160 [ 48.027959][ T414] ---[ end trace cf99aca1049dc818 ]--- [ 48.033337][ T414] RIP: 0010:ihold+0x20/0x50 [ 48.037758][ T414] Code: 0f 1f 84 00 00 00 00 00 66 90 55 53 48 89 fb e8 b6 d5 c2 ff 48 8d bb 60 01 00 00 be 04 00 00 00 e8 05 92 f2 ff bd 01 00 00 00 0f c1 ab 60 01 00 00 ff c5 bf 02 00 00 00 89 ee e8 7a d8 c2 ff [ 48.057214][ T414] RSP: 0018:ffff8881ef55fca0 EFLAGS: 00010246 [ 48.063107][ T414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff8881f31e1f80 [ 48.070909][ T414] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 48.078901][ T414] RBP: 0000000000000001 R08: ffffffff813ae3b5 R09: 0000000000000003 [ 48.086866][ T414] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000000 [ 48.094745][ T414] R13: dffffc0000000000 R14: ffff8881dbe36a00 R15: 0000000000000000 [ 48.102625][ T414] FS: 000055558dea8480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 48.111476][ T414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 48.118071][ T414] CR2: 0000000000000160 CR3: 00000001db7c5000 CR4: 00000000003406b0 [ 48.125906][ T414] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.134077][ T414] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.142066][ T414] Kernel panic - not syncing: Fatal exception [ 48.148307][ T414] Kernel Offset: disabled [ 48.152722][ T414] Rebooting in 86400 seconds..