Warning: Permanently added '10.128.1.109' (ED25519) to the list of known hosts.
2024/06/07 04:53:03 ignoring optional flag "sandboxArg"="0"
2024/06/07 04:53:03 parsed 1 programs
[ 43.813639][ T29] audit: type=1400 audit(1717735983.662:96): avc: denied { mounton } for pid=342 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 43.838941][ T29] audit: type=1400 audit(1717735983.662:97): avc: denied { read write } for pid=342 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 43.864947][ T29] audit: type=1400 audit(1717735983.662:98): avc: denied { open } for pid=342 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
2024/06/07 04:53:03 executed programs: 0
[ 43.892474][ T29] audit: type=1400 audit(1717735983.742:99): avc: denied { unlink } for pid=342 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 43.918111][ T29] audit: type=1400 audit(1717735983.752:100): avc: denied { relabelto } for pid=343 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 43.949655][ T342] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 43.993982][ T348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.001235][ T348] bridge0: port 1(bridge_slave_0) entered disabled state
[ 44.008865][ T348] device bridge_slave_0 entered promiscuous mode
[ 44.015583][ T348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.022787][ T348] bridge0: port 2(bridge_slave_1) entered disabled state
[ 44.030334][ T348] device bridge_slave_1 entered promiscuous mode
[ 44.072436][ T348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.079519][ T348] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 44.086678][ T348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.094204][ T348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 44.110823][ T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 44.118230][ T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 44.126361][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 44.133960][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 44.142833][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 44.150780][ T302] bridge0: port 1(bridge_slave_0) entered blocking state
[ 44.158213][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 44.172581][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 44.180710][ T304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 44.188135][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 44.195478][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 44.203955][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 44.215872][ T348] device veth0_vlan entered promiscuous mode
[ 44.222499][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 44.230997][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 44.239396][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 44.246963][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 44.257295][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 44.266102][ T348] device veth1_macvtap entered promiscuous mode
[ 44.277824][ T303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 44.286019][ T303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 44.303466][ T29] audit: type=1400 audit(1717735984.152:101): avc: denied { mounton } for pid=352 comm="syz-executor.0" path="/root/syzkaller-testdir4154183088/syzkaller.EKCouU/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 44.304470][ T353] incfs: ino conflict with backing FS 1
[ 44.338219][ T29] audit: type=1400 audit(1717735984.152:102): avc: denied { mount } for pid=352 comm="syz-executor.0" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 44.361543][ T29] audit: type=1400 audit(1717735984.152:103): avc: denied { mounton } for pid=352 comm="syz-executor.0" path="/root/syzkaller-testdir4154183088/syzkaller.EKCouU/0/file0/file0" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 44.389800][ T29] audit: type=1400 audit(1717735984.212:104): avc: denied { unmount } for pid=348 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 44.389867][ T348] ==================================================================
[ 44.411153][ T29] audit: type=1400 audit(1717735984.212:105): avc: denied { unmount } for pid=348 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 44.418953][ T348] BUG: KASAN: null-ptr-deref in ihold+0x19/0x30
[ 44.418982][ T348] Write of size 4 at addr 0000000000000170 by task syz-executor.0/348
[ 44.418988][ T348]
[ 44.418995][ T348] CPU: 1 PID: 348 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller #0
[ 44.464075][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 44.474190][ T348] Call Trace:
[ 44.477368][ T348]
[ 44.480220][ T348] dump_stack_lvl+0x38/0x49
[ 44.484573][ T348] kasan_report.cold+0x64/0xdb
[ 44.489623][ T348] ? lockref_get_or_lock+0xd1/0xf0
[ 44.494531][ T348] ? ihold+0x19/0x30
[ 44.498696][ T348] kasan_check_range+0x148/0x190
[ 44.503853][ T348] __kasan_check_write+0x14/0x20
[ 44.508919][ T348] ihold+0x19/0x30
[ 44.512718][ T348] vfs_rmdir.part.0+0x2a2/0x460
[ 44.517464][ T348] vfs_rmdir+0x6b/0x90
[ 44.521452][ T348] incfs_kill_sb+0x198/0x220
[ 44.526299][ T348] deactivate_locked_super+0x8b/0x130
[ 44.531670][ T348] deactivate_super+0x71/0x80
[ 44.536409][ T348] cleanup_mnt+0x2cf/0x400
[ 44.541452][ T348] ? putname+0xb8/0xf0
[ 44.545821][ T348] __cleanup_mnt+0xd/0x10
[ 44.550054][ T348] task_work_run+0xc2/0x150
[ 44.554565][ T348] exit_to_user_mode_prepare+0x140/0x150
[ 44.560299][ T348] syscall_exit_to_user_mode+0x21/0x40
[ 44.565672][ T348] do_syscall_64+0x42/0xb0
[ 44.569931][ T348] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 44.575655][ T348] RIP: 0033:0x7f561f9cb1d7
[ 44.580194][ T348] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 44.599920][ T348] RSP: 002b:00007fff6037c528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 44.608886][ T348] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f561f9cb1d7
[ 44.616924][ T348] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff6037c5e0
[ 44.625038][ T348] RBP: 00007fff6037c5e0 R08: 0000000000000000 R09: 0000000000000000
[ 44.634980][ T348] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff6037d6d0
[ 44.644545][ T348] R13: 00007f561fa153b9 R14: 000000000000acf7 R15: 0000000000000006
[ 44.653329][ T348]
[ 44.656354][ T348] ==================================================================
[ 44.664808][ T348] Disabling lock debugging due to kernel taint
[ 44.672476][ T348] BUG: kernel NULL pointer dereference, address: 0000000000000170
[ 44.680801][ T348] #PF: supervisor write access in kernel mode
[ 44.687006][ T348] #PF: error_code(0x0002) - not-present page
[ 44.693084][ T348] PGD 120b06067 P4D 120b06067 PUD 0
[ 44.698462][ T348] Oops: 0002 [#1] PREEMPT SMP KASAN
[ 44.703573][ T348] CPU: 1 PID: 348 Comm: syz-executor.0 Tainted: G B 5.15.149-syzkaller #0
[ 44.714236][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 44.724663][ T348] RIP: 0010:ihold+0x1e/0x30
[ 44.729010][ T348] Code: eb 90 66 2e 0f 1f 84 00 00 00 00 00 55 be 04 00 00 00 48 89 e5 53 48 89 fb 48 8d bf 70 01 00 00 e8 87 bb f2 ff b8 01 00 00 00 0f c1 83 70 01 00 00 48 8b 5d f8 c9 c3 0f 1f 40 00 48 b8 00 00
[ 44.750091][ T348] RSP: 0018:ffffc900006f7d50 EFLAGS: 00010246
[ 44.756242][ T348] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8134d361
[ 44.764059][ T348] RDX: fffffbfff0b1b940 RSI: 0000000000000004 RDI: ffffffff858dca00
[ 44.772673][ T348] RBP: ffffc900006f7d58 R08: 0000000000000001 R09: 0000000000000003
[ 44.782014][ T348] R10: fffffbfff0b1b940 R11: 0000000000000001 R12: ffff8881172d3770
[ 44.790264][ T348] R13: ffff8881129be6d8 R14: 0000000000000000 R15: 0000000000000000
[ 44.798519][ T348] FS: 0000555556d86480(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000
[ 44.808818][ T348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 44.815530][ T348] CR2: 0000000000000170 CR3: 0000000120cbd000 CR4: 00000000003506a0
[ 44.823980][ T348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 44.832868][ T348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 44.840986][ T348] Call Trace:
[ 44.844121][ T348]
[ 44.846975][ T348] ? show_regs.part.0+0x1e/0x20
[ 44.851849][ T348] ? __die+0x5d/0x9e
[ 44.855579][ T348] ? page_fault_oops+0x233/0x540
[ 44.860446][ T348] ? dump_pagetable+0xb0/0xb0
[ 44.865047][ T348] ? kvm_sched_clock_read+0x18/0x40
[ 44.870076][ T348] ? sched_clock+0x9/0x10
[ 44.874425][ T348] ? sched_clock_cpu+0x18/0x1b0
[ 44.879112][ T348] ? set_next_entity+0x266/0x610
[ 44.883878][ T348] ? put_prev_entity+0xbf/0x240
[ 44.888731][ T348] ? psi_task_switch+0x195/0x4f0
[ 44.893506][ T348] ? do_user_addr_fault+0x8f2/0x1160
[ 44.898803][ T348] ? __kasan_check_write+0x14/0x20
[ 44.903762][ T348] ? finish_task_switch.isra.0+0x1ad/0x720
[ 44.909475][ T348] ? trace_page_fault_user+0xb0/0xb0
[ 44.914612][ T348] ? __schedule+0x75f/0x18b0
[ 44.919066][ T348] ? io_schedule_timeout+0x150/0x150
[ 44.924153][ T348] ? irqentry_exit+0x20/0x40
[ 44.928929][ T348] ? __kasan_check_read+0x11/0x20
[ 44.933864][ T348] ? preempt_schedule_common+0x5e/0xe0
[ 44.939246][ T348] ? ihold+0x19/0x30
[ 44.943719][ T348] ? preempt_schedule+0x1f/0x30
[ 44.948479][ T348] ? preempt_schedule_thunk+0x16/0x18
[ 44.953672][ T348] ? exc_page_fault+0x5c/0xc0
[ 44.958354][ T348] ? asm_exc_page_fault+0x27/0x30
[ 44.963238][ T348] ? check_panic_on_warn+0x31/0x60
[ 44.968156][ T348] ? ihold+0x1e/0x30
[ 44.971976][ T348] vfs_rmdir.part.0+0x2a2/0x460
[ 44.976689][ T348] vfs_rmdir+0x6b/0x90
[ 44.980579][ T348] incfs_kill_sb+0x198/0x220
[ 44.984994][ T348] deactivate_locked_super+0x8b/0x130
[ 44.990203][ T348] deactivate_super+0x71/0x80
[ 44.994799][ T348] cleanup_mnt+0x2cf/0x400
[ 44.999138][ T348] ? putname+0xb8/0xf0
[ 45.003153][ T348] __cleanup_mnt+0xd/0x10
[ 45.007297][ T348] task_work_run+0xc2/0x150
[ 45.011814][ T348] exit_to_user_mode_prepare+0x140/0x150
[ 45.017282][ T348] syscall_exit_to_user_mode+0x21/0x40
[ 45.022581][ T348] do_syscall_64+0x42/0xb0
[ 45.026931][ T348] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 45.032840][ T348] RIP: 0033:0x7f561f9cb1d7
[ 45.037095][ T348] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[ 45.057307][ T348] RSP: 002b:00007fff6037c528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 45.065787][ T348] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f561f9cb1d7
[ 45.073860][ T348] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff6037c5e0
[ 45.081762][ T348] RBP: 00007fff6037c5e0 R08: 0000000000000000 R09: 0000000000000000
[ 45.089692][ T348] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff6037d6d0
[ 45.097470][ T348] R13: 00007f561fa153b9 R14: 000000000000acf7 R15: 0000000000000006
[ 45.105374][ T348]
[ 45.108246][ T348] Modules linked in:
[ 45.111970][ T348] CR2: 0000000000000170
[ 45.115958][ T348] ---[ end trace 54ec333369adee6d ]---
[ 45.121337][ T348] RIP: 0010:ihold+0x1e/0x30
[ 45.125688][ T348] Code: eb 90 66 2e 0f 1f 84 00 00 00 00 00 55 be 04 00 00 00 48 89 e5 53 48 89 fb 48 8d bf 70 01 00 00 e8 87 bb f2 ff b8 01 00 00 00 0f c1 83 70 01 00 00 48 8b 5d f8 c9 c3 0f 1f 40 00 48 b8 00 00
[ 45.145227][ T348] RSP: 0018:ffffc900006f7d50 EFLAGS: 00010246
[ 45.151274][ T348] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8134d361
[ 45.159319][ T348] RDX: fffffbfff0b1b940 RSI: 0000000000000004 RDI: ffffffff858dca00
[ 45.167292][ T348] RBP: ffffc900006f7d58 R08: 0000000000000001 R09: 0000000000000003
[ 45.175269][ T348] R10: fffffbfff0b1b940 R11: 0000000000000001 R12: ffff8881172d3770
[ 45.183707][ T348] R13: ffff8881129be6d8 R14: 0000000000000000 R15: 0000000000000000
[ 45.191740][ T348] FS: 0000555556d86480(0000) GS:ffff8881f7500000(0000) knlGS:0000000000000000
[ 45.200710][ T348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 45.207666][ T348] CR2: 0000000000000170 CR3: 0000000120cbd000 CR4: 00000000003506a0
[ 45.215467][ T348] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 45.223528][ T348] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 45.231449][ T348] Kernel panic - not syncing: Fatal exception
[ 45.237644][ T348] Kernel Offset: disabled
[ 45.241765][ T348] Rebooting in 86400 seconds..