Jan  1 00:03:06 syzkaller kern.notice kernel: [  186.245958][   T23] audit: type=1400 audit(186.155:591): avc:  denied  { read } for  pid=145 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file 
Jan  1 00:03:06 syzkaller kern.notice kernel: [  186.270617][   T23] audit: type=1400 audit(186.165:592): avc:  denied [  186.429268][    T9] ==================================================================
 { execmem } for[  186.438442][    T9] BUG: KASAN: null-ptr-deref in atomic_read include/asm-generic/atomic-instrumented.h:26 [inline]
 { execmem } for[  186.438442][    T9] BUG: KASAN: null-ptr-deref in __tcf_idr_release net/sched/act_api.c:162 [inline]
 { execmem } for[  186.438442][    T9] BUG: KASAN: null-ptr-deref in tcf_idrinfo_destroy+0xb9/0x220 net/sched/act_api.c:561
  pid=2719 comm=[  186.459015][    T9] CPU: 0 PID: 9 Comm: kworker/u4:1 Not tainted 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0
"syz-executor" s[  186.471155][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
context=root:sys[  186.482907][    T9] Workqueue: netns cleanup_net
adm_r:sysadm_t t[  186.492645][    T9]  __dump_stack+0x1e/0x20 lib/dump_stack.c:77
context=root:sys[  186.498563][    T9]  dump_stack+0x15b/0x1b8 lib/dump_stack.c:118
adm_r:sysadm_t t[  186.504530][    T9]  ? thaw_kernel_threads+0x220/0x220
class=process pe[  186.511416][    T9]  ? show_regs_print_info+0x18/0x18 lib/dump_stack.c:72
rmissive=0
Jan  1 00:03:06 syzkaller kern.err kernel: [  186.429268][    T9] ==============================[  186.656483][    T9] kasan: CONFIG_KASAN_INLINE enabled
================================[  186.665580][    T9] kasan: GPF could be caused by NULL-ptr deref or user memory access
====
Jan  1 00:[  186.674893][    T9] general protection fault: 0000 [#1] PREEMPT SMP KASAN
03:06 syzkaller [  186.682519][    T9] CPU: 0 PID: 9 Comm: kworker/u4:1 Tainted: G    B             5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0
kern.err kernel:[  186.705616][    T9] Workqueue: netns cleanup_net
 [  186.438442][[  186.711907][    T9] RIP: 0010:__read_once_size include/linux/compiler.h:268 [inline]
 [  186.438442][[  186.711907][    T9] RIP: 0010:arch_atomic_read arch/x86/include/asm/atomic.h:31 [inline]
 [  186.438442][[  186.711907][    T9] RIP: 0010:atomic_read include/asm-generic/atomic-instrumented.h:27 [inline]
 [  186.438442][[  186.711907][    T9] RIP: 0010:__tcf_idr_release net/sched/act_api.c:162 [inline]
 [  186.438442][[  186.711907][    T9] RIP: 0010:tcf_idrinfo_destroy+0xc0/0x220 net/sched/act_api.c:561
    T9] BUG: KAS[  186.719615][    T9] Code: 40 e8 b4 6b af 00 48 85 c0 0f 84 1a 01 00 00 49 89 c4 4c 8d 68 20 4c 89 ef be 04 00 00 00 e8 37 05 1b fe 4c 89 e8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 ba 00 00 00 45 8b 6d 00 31 ff 44 89 ee
AN: null-ptr-der[  186.741751][    T9] RSP: 0018:ffff8881f5dcfb60 EFLAGS: 00010202
ef in tcf_idrinf[  186.749841][    T9] RAX: 0000000000000002 RBX: ffff8881ee3261a0 RCX: ffff8881f5dc0000
o[_destroy+0xb9/0  186.768797][    T9] RBP: ffff8881f5dcfc08 R08: 0000000000000004 R09: 0000000000000003
x220
Jan  1 00:  186.786840][    T9] R13: 0000000000000010 R14: ffffffff861b59f0 R15: dffffc0000000000
0[3:06 syzkaller   186.806239][    T9] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kern.err kernel:[  186.814671][    T9] CR2: 00007fbf1c541178 CR3: 00000001ed4d5000 CR4: 00000000003406b0
 [  186.448247][[  186.824454][    T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    T9] Read of   186.842972][    T9] Call Trace:
size 4 at addr 0[  186.847864][    T9]  ? tcf_idr_check_alloc+0x4a0/0x4a0
000000000000010 [  186.855560][    T9]  ? tc_action_net_exit include/net/act_api.h:146 [inline]
000000000000010 [  186.855560][    T9]  ? gact_exit_net+0xfd/0x150 net/sched/act_gact.c:284
by task kworker/[  186.861857][    T9]  tc_action_net_exit include/net/act_api.h:145 [inline]
by task kworker/[  186.861857][    T9]  police_exit_net+0xe3/0x150 net/sched/act_police.c:410
u4:1/9
Jan  1 0[  186.867926][    T9]  ? police_init_net+0x1f0/0x1f0
0:03:06 syzkalle[  186.874421][    T9]  ops_exit_list net/core/net_namespace.c:187 [inline]
0:03:06 syzkalle[  186.874421][    T9]  cleanup_net+0x5fd/0xb40 net/core/net_namespace.c:612
r kern.err kerne[  186.880698][    T9]  ? ops_init+0x4a0/0x4a0
l: [  186.456648[  186.887127][    T9]  ? read_word_at_a_time+0x12/0x20 include/linux/compiler.h:349
][    T9] 
Jan [  186.893955][    T9]  ? strscpy+0x9b/0x290 lib/string.c:209
 1 00:03:06 syzk[  186.899647][    T9]  process_one_work+0x73b/0xcc0 kernel/workqueue.c:2290
aller kern.warn [  186.906176][    T9]  worker_thread+0xa5c/0x13b0 kernel/workqueue.c:2436
kernel: [  186.4[  186.918168][    T9]  kthread+0x31e/0x3a0 kernel/kthread.c:288
59015][    T9] C[  186.923900][    T9]  ? worker_clr_flags+0x190/0x190
PU: 0 PID: 9 Com[  186.935317][    T9]  ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:354
m: kworker/u4:1 [  186.941654][    T9] Modules linked in:
Not tainted 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0
Jan  1 00:03:06 syzkaller kern.warn kernel: [  186.471155][    T9] Hardwar[  186.957568][    T9] ---[ end trace 3b154daa17dac741 ]---
e name: Google G[  186.964305][    T9] RIP: 0010:__read_once_size include/linux/compiler.h:268 [inline]
e name: Google G[  186.964305][    T9] RIP: 0010:arch_atomic_read arch/x86/include/asm/atomic.h:31 [inline]
e name: Google G[  186.964305][    T9] RIP: 0010:atomic_read include/asm-generic/atomic-instrumented.h:27 [inline]
e name: Google G[  186.964305][    T9] RIP: 0010:__tcf_idr_release net/sched/act_api.c:162 [inline]
e name: Google G[  186.964305][    T9] RIP: 0010:tcf_idrinfo_destroy+0xc0/0x220 net/sched/act_api.c:561
oogle Compute En[  186.972118][    T9] Code: 40 e8 b4 6b af 00 48 85 c0 0f 84 1a 01 00 00 49 89 c4 4c 8d 68 20 4c 89 ef be 04 00 00 00 e8 37 05 1b fe 4c 89 e8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 ba 00 00 00 45 8b 6d 00 31 ff 44 89 ee
gine/Google Comp[  186.993472][    T9] RSP: 0018:ffff8881f5dcfb60 EFLAGS: 00010202
ute Engine, BIOS[  187.008865][    T9] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000ffffffff
 Google 02/12/20[  187.018315][    T9] RBP: ffff8881f5dcfc08 R08: 0000000000000004 R09: 0000000000000003
25
Jan  1 00:03[  187.027678][    T9] R10: fffffbfff0ca7a5c R11: 1ffffffff0ca7a5c R12: fffffffffffffff0
:06 syzkaller ke[  187.037030][    T9] R13: 0000000000000010 R14: ffffffff861b59f0 R15: dffffc0000000000
rn.warn kernel: [  187.046427][    T9] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  186.482907][ [  187.056781][    T9] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
   T9] Workqueue[  187.064715][    T9] CR2: 00007fbf1c541178 CR3: 00000001ed4d5000 CR4: 00000000003406b0
: netns cleanup_[  187.074169][    T9] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
net
Jan  1 00:0[  187.083630][    T9] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400