last executing test programs: 97.627766ms ago: executing program 2 (id=3): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000280)="a6", 0x1, 0x24000041, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000), 0x4) 86.390746ms ago: executing program 0 (id=1): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x20200) ioctl$RTC_UIE_ON(r3, 0x7003) 43.494629ms ago: executing program 3 (id=4): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x800) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r4, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT(r6, 0x0, 0x0) 26.752309ms ago: executing program 0 (id=5): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write(r3, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$incfs(&(0x7f0000000140)='./cgroup\x00', &(0x7f0000000200)='./cgroup\x00', &(0x7f00000001c0), 0x1014000, 0x0) 23.965319ms ago: executing program 2 (id=6): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) 23.482089ms ago: executing program 1 (id=2): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = syz_open_dev$rtc(&(0x7f0000000000), 0x0, 0x20200) ioctl$RTC_UIE_ON(r2, 0x7003) 0s ago: executing program 2 (id=7): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, 0x0, 0x0, 0x8014) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r6, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400000000000000", @ANYRES32=r7], 0x18}, 0x8810) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.95' (ED25519) to the list of known hosts. [ 23.572875][ T36] audit: type=1400 audit(1763539575.630:64): avc: denied { mounton } for pid=282 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.574304][ T282] cgroup: Unknown subsys name 'net' [ 23.595542][ T36] audit: type=1400 audit(1763539575.630:65): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.622938][ T36] audit: type=1400 audit(1763539575.660:66): avc: denied { unmount } for pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.623146][ T282] cgroup: Unknown subsys name 'devices' [ 23.802277][ T282] cgroup: Unknown subsys name 'hugetlb' [ 23.807961][ T282] cgroup: Unknown subsys name 'rlimit' [ 23.962865][ T36] audit: type=1400 audit(1763539576.020:67): avc: denied { setattr } for pid=282 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 23.986328][ T36] audit: type=1400 audit(1763539576.020:68): avc: denied { mounton } for pid=282 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 24.011134][ T36] audit: type=1400 audit(1763539576.020:69): avc: denied { mount } for pid=282 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 24.022400][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 24.043022][ T36] audit: type=1400 audit(1763539576.100:70): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.068683][ T36] audit: type=1400 audit(1763539576.100:71): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.098671][ T36] audit: type=1400 audit(1763539576.150:72): avc: denied { read } for pid=282 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.124362][ T36] audit: type=1400 audit(1763539576.150:73): avc: denied { open } for pid=282 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.124822][ T282] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 26.466784][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.473933][ T291] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.481216][ T291] bridge_slave_0: entered allmulticast mode [ 26.487546][ T291] bridge_slave_0: entered promiscuous mode [ 26.495316][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.502407][ T291] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.509498][ T291] bridge_slave_1: entered allmulticast mode [ 26.515892][ T291] bridge_slave_1: entered promiscuous mode [ 26.532387][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.539475][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.546592][ T289] bridge_slave_0: entered allmulticast mode [ 26.552942][ T289] bridge_slave_0: entered promiscuous mode [ 26.563768][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.570927][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.578023][ T289] bridge_slave_1: entered allmulticast mode [ 26.584390][ T289] bridge_slave_1: entered promiscuous mode [ 26.650145][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.657193][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.664568][ T290] bridge_slave_0: entered allmulticast mode [ 26.670948][ T290] bridge_slave_0: entered promiscuous mode [ 26.682668][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.690264][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.697435][ T290] bridge_slave_1: entered allmulticast mode [ 26.703917][ T290] bridge_slave_1: entered promiscuous mode [ 26.733092][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.740464][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.747536][ T292] bridge_slave_0: entered allmulticast mode [ 26.754426][ T292] bridge_slave_0: entered promiscuous mode [ 26.764574][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.771651][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.778924][ T292] bridge_slave_1: entered allmulticast mode [ 26.785415][ T292] bridge_slave_1: entered promiscuous mode [ 26.878319][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.885419][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.892757][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.899803][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.965938][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.973017][ T291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.980316][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.987360][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.002829][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.009912][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.017183][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.024242][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.051477][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.058791][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.067158][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.075262][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.105165][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.112375][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.141627][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.148703][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.166783][ T289] veth0_vlan: entered promiscuous mode [ 27.185179][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.192350][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.200282][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.207368][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.227788][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.234885][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.242716][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.250033][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.263779][ T292] veth0_vlan: entered promiscuous mode [ 27.281596][ T289] veth1_macvtap: entered promiscuous mode [ 27.304492][ T292] veth1_macvtap: entered promiscuous mode [ 27.324063][ T290] veth0_vlan: entered promiscuous mode [ 27.355991][ T291] veth0_vlan: entered promiscuous mode [ 27.374105][ T290] veth1_macvtap: entered promiscuous mode [ 27.382238][ T289] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 27.389152][ T291] veth1_macvtap: entered promiscuous mode [ 27.510901][ T289] ------------[ cut here ]------------ [ 27.516540][ T289] WARNING: CPU: 0 PID: 289 at fs/inode.c:340 drop_nlink+0xce/0x110 [ 27.524593][ T289] Modules linked in: [ 27.528547][ T289] CPU: 0 UID: 0 PID: 289 Comm: syz-executor Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 27.535547][ T345] incfs: Can't find or create .index dir in ./cgroup [ 27.540249][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 27.540278][ T289] RIP: 0010:drop_nlink+0xce/0x110 [ 27.540310][ T289] Code: 04 00 00 be 08 00 00 00 e8 cf 54 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 e4 97 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c [ 27.540327][ T289] RSP: 0018:ffffc9000b67fc60 EFLAGS: 00010293 [ 27.540347][ T289] RAX: ffffffff81ee1a7e RBX: ffff88810fb33838 RCX: ffff88812a6fb900 [ 27.540364][ T289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 27.540377][ T289] RBP: ffffc9000b67fc88 R08: 0000000000000003 R09: 0000000000000004 [ 27.540391][ T289] R10: dffffc0000000000 R11: fffff520016cff7c R12: dffffc0000000000 [ 27.540406][ T289] R13: 1ffff11021f66710 R14: ffff88810fb33880 R15: 0000000000000000 [ 27.540421][ T289] FS: 000055555e5f3500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 27.540441][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.547834][ T345] incfs: mount failed -22 [ 27.557251][ T289] CR2: 00007ffe0a165cc8 CR3: 000000012a69c000 CR4: 00000000003526b0 [ 27.656972][ T289] Call Trace: [ 27.660336][ T289] [ 27.663288][ T289] shmem_rmdir+0x5f/0x90 [ 27.667548][ T289] vfs_rmdir+0x3dd/0x560 [ 27.672040][ T289] incfs_kill_sb+0x109/0x230 [ 27.676667][ T289] deactivate_locked_super+0xd5/0x2a0 [ 27.682118][ T289] deactivate_super+0xb8/0xe0 [ 27.686825][ T289] cleanup_mnt+0x3f1/0x480 [ 27.691327][ T289] __cleanup_mnt+0x1d/0x40 [ 27.695772][ T289] task_work_run+0x1e0/0x250 [ 27.700433][ T289] ? __cfi_task_work_run+0x10/0x10 [ 27.705585][ T289] ? __x64_sys_umount+0x126/0x170 [ 27.710708][ T289] ? __cfi___x64_sys_umount+0x10/0x10 [ 27.716118][ T289] ? __kasan_check_read+0x15/0x20 [ 27.721216][ T289] resume_user_mode_work+0x36/0x50 [ 27.726358][ T289] syscall_exit_to_user_mode+0x64/0xb0 [ 27.731896][ T289] do_syscall_64+0x64/0xf0 [ 27.736345][ T289] ? clear_bhb_loop+0x50/0xa0 [ 27.741121][ T289] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 27.747052][ T289] RIP: 0033:0x7f77337909f7 [ 27.751575][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 27.771320][ T289] RSP: 002b:00007ffdcefbea88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 27.779836][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f77337909f7 [ 27.787933][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcefbeb40 [ 27.796056][ T289] RBP: 00007ffdcefbeb40 R08: 0000000000000000 R09: 0000000000000000 [ 27.804229][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcefbfbd0 [ 27.812371][ T289] R13: 00007f7733811d7d R14: 0000000000006b5e R15: 00007ffdcefbfc10 [ 27.820461][ T289] [ 27.823504][ T289] ---[ end trace 0000000000000000 ]--- [ 27.829437][ T289] ================================================================== [ 27.837544][ T289] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70 [ 27.843797][ T289] Write of size 4 at addr 0000000000000168 by task syz-executor/289 [ 27.851862][ T289] [ 27.854188][ T289] CPU: 1 UID: 0 PID: 289 Comm: syz-executor Tainted: G W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 27.854212][ T289] Tainted: [W]=WARN [ 27.854217][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 27.854227][ T289] Call Trace: [ 27.854232][ T289] [ 27.854239][ T289] __dump_stack+0x21/0x30 [ 27.854264][ T289] dump_stack_lvl+0x10c/0x190 [ 27.854285][ T289] ? __cfi_dump_stack_lvl+0x10/0x10 [ 27.854308][ T289] print_report+0x3d/0x70 [ 27.854325][ T289] kasan_report+0x163/0x1a0 [ 27.854345][ T289] ? ihold+0x24/0x70 [ 27.854362][ T289] ? _raw_spin_unlock+0x45/0x60 [ 27.854383][ T289] ? ihold+0x24/0x70 [ 27.854399][ T289] kasan_check_range+0x299/0x2a0 [ 27.854418][ T289] __kasan_check_write+0x18/0x20 [ 27.854442][ T289] ihold+0x24/0x70 [ 27.854458][ T289] vfs_rmdir+0x26a/0x560 [ 27.854479][ T289] incfs_kill_sb+0x109/0x230 [ 27.854508][ T289] deactivate_locked_super+0xd5/0x2a0 [ 27.854530][ T289] deactivate_super+0xb8/0xe0 [ 27.854550][ T289] cleanup_mnt+0x3f1/0x480 [ 27.854569][ T289] __cleanup_mnt+0x1d/0x40 [ 27.854585][ T289] task_work_run+0x1e0/0x250 [ 27.854605][ T289] ? __cfi_task_work_run+0x10/0x10 [ 27.854623][ T289] ? __x64_sys_umount+0x126/0x170 [ 27.854646][ T289] ? __cfi___x64_sys_umount+0x10/0x10 [ 27.854668][ T289] ? __kasan_check_read+0x15/0x20 [ 27.854692][ T289] resume_user_mode_work+0x36/0x50 [ 27.854712][ T289] syscall_exit_to_user_mode+0x64/0xb0 [ 27.854729][ T289] do_syscall_64+0x64/0xf0 [ 27.854749][ T289] ? clear_bhb_loop+0x50/0xa0 [ 27.854767][ T289] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 27.854784][ T289] RIP: 0033:0x7f77337909f7 [ 27.854797][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 27.854811][ T289] RSP: 002b:00007ffdcefbea88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 27.854827][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f77337909f7 [ 27.854837][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcefbeb40 [ 27.854847][ T289] RBP: 00007ffdcefbeb40 R08: 0000000000000000 R09: 0000000000000000 [ 27.854857][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcefbfbd0 [ 27.854868][ T289] R13: 00007f7733811d7d R14: 0000000000006b5e R15: 00007ffdcefbfc10 [ 27.854881][ T289] [ 27.854887][ T289] ================================================================== [ 28.101150][ T289] Disabling lock debugging due to kernel taint [ 28.107404][ T289] BUG: kernel NULL pointer dereference, address: 0000000000000168 [ 28.115240][ T289] #PF: supervisor write access in kernel mode [ 28.121305][ T289] #PF: error_code(0x0002) - not-present page [ 28.127291][ T289] PGD 800000013338f067 P4D 800000013338f067 PUD 0 [ 28.133911][ T289] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI [ 28.139982][ T289] CPU: 1 UID: 0 PID: 289 Comm: syz-executor Tainted: G B W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 28.153094][ T289] Tainted: [B]=BAD_PAGE, [W]=WARN [ 28.158110][ T289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 28.168170][ T289] RIP: 0010:ihold+0x2a/0x70 [ 28.172692][ T289] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 28.192739][ T289] RSP: 0018:ffffc9000b67fca0 EFLAGS: 00010246 [ 28.198809][ T289] RAX: ffff88812a6fb900 RBX: 0000000000000000 RCX: ffff88812a6fb900 [ 28.206787][ T289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 28.214770][ T289] RBP: ffffc9000b67fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 28.222931][ T289] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff88810fb33844 [ 28.231000][ T289] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 28.238986][ T289] FS: 000055555e5f3500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 28.247924][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.254531][ T289] CR2: 0000000000000168 CR3: 000000012a69c000 CR4: 00000000003526b0 [ 28.262522][ T289] Call Trace: [ 28.265800][ T289] [ 28.268735][ T289] vfs_rmdir+0x26a/0x560 [ 28.272996][ T289] incfs_kill_sb+0x109/0x230 [ 28.277606][ T289] deactivate_locked_super+0xd5/0x2a0 [ 28.283009][ T289] deactivate_super+0xb8/0xe0 [ 28.287778][ T289] cleanup_mnt+0x3f1/0x480 [ 28.292197][ T289] __cleanup_mnt+0x1d/0x40 [ 28.296619][ T289] task_work_run+0x1e0/0x250 [ 28.301223][ T289] ? __cfi_task_work_run+0x10/0x10 [ 28.306338][ T289] ? __x64_sys_umount+0x126/0x170 [ 28.311377][ T289] ? __cfi___x64_sys_umount+0x10/0x10 [ 28.316783][ T289] ? __kasan_check_read+0x15/0x20 [ 28.321820][ T289] resume_user_mode_work+0x36/0x50 [ 28.326948][ T289] syscall_exit_to_user_mode+0x64/0xb0 [ 28.332422][ T289] do_syscall_64+0x64/0xf0 [ 28.336849][ T289] ? clear_bhb_loop+0x50/0xa0 [ 28.341529][ T289] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 28.347429][ T289] RIP: 0033:0x7f77337909f7 [ 28.351852][ T289] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 28.373313][ T289] RSP: 002b:00007ffdcefbea88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 28.381922][ T289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f77337909f7 [ 28.389910][ T289] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcefbeb40 [ 28.397886][ T289] RBP: 00007ffdcefbeb40 R08: 0000000000000000 R09: 0000000000000000 [ 28.405863][ T289] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcefbfbd0 [ 28.413838][ T289] R13: 00007f7733811d7d R14: 0000000000006b5e R15: 00007ffdcefbfc10 [ 28.421905][ T289] [ 28.424929][ T289] Modules linked in: [ 28.428844][ T289] CR2: 0000000000000168 [ 28.432993][ T289] ---[ end trace 0000000000000000 ]--- [ 28.438455][ T289] RIP: 0010:ihold+0x2a/0x70 [ 28.442971][ T289] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 28.462580][ T289] RSP: 0018:ffffc9000b67fca0 EFLAGS: 00010246 [ 28.468656][ T289] RAX: ffff88812a6fb900 RBX: 0000000000000000 RCX: ffff88812a6fb900 [ 28.476633][ T289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 28.484692][ T289] RBP: ffffc9000b67fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 28.492668][ T289] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff88810fb33844 [ 28.500675][ T289] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 28.508672][ T289] FS: 000055555e5f3500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 28.517700][ T289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.524286][ T289] CR2: 0000000000000168 CR3: 000000012a69c000 CR4: 00000000003526b0 [ 28.532270][ T289] Kernel panic - not syncing: Fatal exception [ 28.538586][ T289] Kernel Offset: disabled [ 28.542920][ T289] Rebooting in 86400 seconds..