T36] audit: type=1400 audit(1770572418.750:62): avc:  denied  { rlimitinh } for  pid=231 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   13.054266][   T36] audit: type=1400 audit(1770572418.750:63): avc:  denied  { siginh } for  pid=231 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.0.31' (ED25519) to the list of known hosts.
2026/02/08 17:40:27 parsed 1 programs
[   21.954758][   T36] audit: type=1400 audit(1770572427.660:64): avc:  denied  { node_bind } for  pid=290 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   22.998236][   T36] audit: type=1400 audit(1770572428.700:65): avc:  denied  { mounton } for  pid=298 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   22.999286][  T298] cgroup: Unknown subsys name 'net'
[   23.021118][   T36] audit: type=1400 audit(1770572428.700:66): avc:  denied  { mount } for  pid=298 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   23.048448][   T36] audit: type=1400 audit(1770572428.730:67): avc:  denied  { unmount } for  pid=298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   23.048616][  T298] cgroup: Unknown subsys name 'devices'
[   23.212513][  T298] cgroup: Unknown subsys name 'hugetlb'
[   23.218125][  T298] cgroup: Unknown subsys name 'rlimit'
[   23.379638][   T36] audit: type=1400 audit(1770572429.080:68): avc:  denied  { setattr } for  pid=298 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   23.402898][   T36] audit: type=1400 audit(1770572429.090:69): avc:  denied  { create } for  pid=298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   23.421824][  T300] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   23.423630][   T36] audit: type=1400 audit(1770572429.090:70): avc:  denied  { write } for  pid=298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   23.450328][  T298] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   23.452912][   T36] audit: type=1400 audit(1770572429.090:71): avc:  denied  { read } for  pid=298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   23.482438][   T36] audit: type=1400 audit(1770572429.090:72): avc:  denied  { sys_module } for  pid=298 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   23.503570][   T36] audit: type=1400 audit(1770572429.090:73): avc:  denied  { mounton } for  pid=298 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   24.448820][  T302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   25.270432][  T350] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.277491][  T350] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.284740][  T350] bridge_slave_0: entered allmulticast mode
[   25.291045][  T350] bridge_slave_0: entered promiscuous mode
[   25.298299][  T350] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.305534][  T350] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.313368][  T350] bridge_slave_1: entered allmulticast mode
[   25.319865][  T350] bridge_slave_1: entered promiscuous mode
[   25.365902][  T350] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.373170][  T350] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.380592][  T350] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.387710][  T350] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.407848][  T319] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.415450][  T319] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.426066][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.433173][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.442722][  T319] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.449892][  T319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.475863][  T350] veth0_vlan: entered promiscuous mode
[   25.486762][  T350] veth1_macvtap: entered promiscuous mode
[   25.543380][   T13] bridge_slave_1: left allmulticast mode
[   25.549064][   T13] bridge_slave_1: left promiscuous mode
[   25.554998][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.563099][   T13] bridge_slave_0: left allmulticast mode
[   25.568757][   T13] bridge_slave_0: left promiscuous mode
[   25.574559][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.702920][   T13] veth1_macvtap: left promiscuous mode
[   25.708550][   T13] veth0_vlan: left promiscuous mode
2026/02/08 17:40:31 executed programs: 0
[   25.834740][  T371] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.841853][  T371] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.848990][  T371] bridge_slave_0: entered allmulticast mode
[   25.855460][  T371] bridge_slave_0: entered promiscuous mode
[   25.862338][  T371] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.869402][  T371] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.876614][  T371] bridge_slave_1: entered allmulticast mode
[   25.882840][  T371] bridge_slave_1: entered promiscuous mode
[   25.924088][  T371] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.931257][  T371] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.938497][  T371] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.945567][  T371] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.965731][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.973404][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.983284][  T319] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.990370][  T319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.999836][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.006980][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.031018][  T371] veth0_vlan: entered promiscuous mode
[   26.041321][  T371] veth1_macvtap: entered promiscuous mode
[   26.097989][  T371] ------------[ cut here ]------------
[   26.103644][  T371] WARNING: CPU: 0 PID: 371 at fs/inode.c:340 drop_nlink+0xce/0x110
[   26.111704][  T371] Modules linked in:
[   26.115614][  T371] CPU: 0 UID: 0 PID: 371 Comm: syz-executor Not tainted syzkaller #0 e538f3f6a543b135812147031d083fd1f2699041
[   26.127357][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   26.137895][  T371] RIP: 0010:drop_nlink+0xce/0x110
[   26.143134][  T371] Code: 04 00 00 be 08 00 00 00 e8 bf 25 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 52 57 96 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c
[   26.163136][  T371] RSP: 0018:ffffc90000fbfc60 EFLAGS: 00010293
[   26.169524][  T371] RAX: ffffffff81f145be RBX: ffff8881159221e8 RCX: ffff888114aba600
[   26.177582][  T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   26.185783][  T371] RBP: ffffc90000fbfc88 R08: 0000000000000003 R09: 0000000000000004
[   26.194120][  T371] R10: dffffc0000000000 R11: fffff520001f7f7c R12: dffffc0000000000
[   26.202141][  T371] R13: 1ffff11022b24446 R14: ffff888115922230 R15: 0000000000000000
[   26.210180][  T371] FS:  0000555575acb500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   26.219138][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.225844][  T371] CR2: 0000555575aee948 CR3: 0000000112eb4000 CR4: 00000000003526b0
[   26.234047][  T371] Call Trace:
[   26.237330][  T371]  <TASK>
[   26.240289][  T371]  shmem_rmdir+0x5f/0x90
[   26.244550][  T371]  vfs_rmdir+0x3e3/0x560
[   26.248784][  T371]  incfs_kill_sb+0x109/0x230
[   26.253400][  T371]  deactivate_locked_super+0xd5/0x2a0
[   26.258781][  T371]  deactivate_super+0xb8/0xe0
[   26.263482][  T371]  cleanup_mnt+0x406/0x4a0
[   26.267913][  T371]  __cleanup_mnt+0x1d/0x40
[   26.272444][  T371]  task_work_run+0x1e5/0x260
[   26.277053][  T371]  ? __cfi_task_work_run+0x10/0x10
[   26.282230][  T371]  ? __x64_sys_umount+0x12e/0x180
[   26.287267][  T371]  ? __cfi___x64_sys_umount+0x10/0x10
[   26.292691][  T371]  ? __kasan_check_read+0x15/0x20
[   26.297817][  T371]  resume_user_mode_work+0x35/0x50
[   26.303041][  T371]  syscall_exit_to_user_mode+0x63/0xb0
[   26.308512][  T371]  do_syscall_64+0x63/0xf0
[   26.313033][  T371]  ? clear_bhb_loop+0x50/0xa0
[   26.317730][  T371]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   26.323830][  T371] RIP: 0033:0x7f3c46b9c117
[   26.328347][  T371] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   26.348088][  T371] RSP: 002b:00007ffdac6bda18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   26.356911][  T371] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f3c46b9c117
[   26.365193][  T371] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdac6bdad0
[   26.373349][  T371] RBP: 00007ffdac6bdad0 R08: 00007ffdac6bead0 R09: 00000000ffffffff
[   26.381458][  T371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdac6beb60
[   26.389526][  T371] R13: 00007f3c46c0471f R14: 00000000000065d3 R15: 00007ffdac6beba0
[   26.397880][  T371]  </TASK>
[   26.401054][  T371] ---[ end trace 0000000000000000 ]---
[   26.406717][  T371] ==================================================================
[   26.415051][  T371] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70
[   26.421379][  T371] Write of size 4 at addr 0000000000000168 by task syz-executor/371
[   26.429521][  T371] 
[   26.432444][  T371] CPU: 1 UID: 0 PID: 371 Comm: syz-executor Tainted: G        W          syzkaller #0 e538f3f6a543b135812147031d083fd1f2699041
[   26.432464][  T371] Tainted: [W]=WARN
[   26.432469][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   26.432476][  T371] Call Trace:
[   26.432480][  T371]  <TASK>
[   26.432485][  T371]  __dump_stack+0x21/0x30
[   26.432503][  T371]  dump_stack_lvl+0x140/0x1c0
[   26.432516][  T371]  ? __cfi_dump_stack_lvl+0x10/0x10
[   26.432530][  T371]  print_report+0x3d/0x70
[   26.432543][  T371]  kasan_report+0x162/0x1a0
[   26.432559][  T371]  ? ihold+0x24/0x70
[   26.432574][  T371]  ? _raw_spin_unlock+0x45/0x60
[   26.432589][  T371]  ? ihold+0x24/0x70
[   26.432603][  T371]  kasan_check_range+0x25a/0x2b0
[   26.432619][  T371]  __kasan_check_write+0x18/0x20
[   26.432631][  T371]  ihold+0x24/0x70
[   26.432645][  T371]  vfs_rmdir+0x26a/0x560
[   26.432656][  T371]  incfs_kill_sb+0x109/0x230
[   26.432669][  T371]  deactivate_locked_super+0xd5/0x2a0
[   26.432681][  T371]  deactivate_super+0xb8/0xe0
[   26.432691][  T371]  cleanup_mnt+0x406/0x4a0
[   26.432706][  T371]  __cleanup_mnt+0x1d/0x40
[   26.432720][  T371]  task_work_run+0x1e5/0x260
[   26.432733][  T371]  ? __cfi_task_work_run+0x10/0x10
[   26.432745][  T371]  ? __x64_sys_umount+0x12e/0x180
[   26.432756][  T371]  ? __cfi___x64_sys_umount+0x10/0x10
[   26.432768][  T371]  ? __kasan_check_read+0x15/0x20
[   26.432781][  T371]  resume_user_mode_work+0x35/0x50
[   26.432795][  T371]  syscall_exit_to_user_mode+0x63/0xb0
[   26.432809][  T371]  do_syscall_64+0x63/0xf0
[   26.432824][  T371]  ? clear_bhb_loop+0x50/0xa0
[   26.432838][  T371]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   26.432853][  T371] RIP: 0033:0x7f3c46b9c117
[   26.432864][  T371] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   26.432874][  T371] RSP: 002b:00007ffdac6bda18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   26.432888][  T371] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f3c46b9c117
[   26.432896][  T371] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdac6bdad0
[   26.432903][  T371] RBP: 00007ffdac6bdad0 R08: 00007ffdac6bead0 R09: 00000000ffffffff
[   26.432912][  T371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdac6beb60
[   26.432919][  T371] R13: 00007f3c46c0471f R14: 00000000000065d3 R15: 00007ffdac6beba0
[   26.432929][  T371]  </TASK>
[   26.432933][  T371] ==================================================================
[   26.681470][  T371] Disabling lock debugging due to kernel taint
[   26.687824][  T371] BUG: kernel NULL pointer dereference, address: 0000000000000168
[   26.695615][  T371] #PF: supervisor write access in kernel mode
[   26.701770][  T371] #PF: error_code(0x0002) - not-present page
[   26.707831][  T371] PGD 8000000124da9067 P4D 8000000124da9067 PUD 0 
[   26.714413][  T371] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[   26.720558][  T371] CPU: 1 UID: 0 PID: 371 Comm: syz-executor Tainted: G    B   W          syzkaller #0 e538f3f6a543b135812147031d083fd1f2699041
[   26.733829][  T371] Tainted: [B]=BAD_PAGE, [W]=WARN
[   26.738838][  T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   26.748977][  T371] RIP: 0010:ihold+0x2a/0x70
[   26.753770][  T371] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 3d 4e 96 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 7c 1c ee ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 4d
[   26.774254][  T371] RSP: 0018:ffffc90000fbfca0 EFLAGS: 00010246
[   26.780671][  T371] RAX: ffff888114aba600 RBX: 0000000000000000 RCX: ffff888114aba600
[   26.788638][  T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   26.796627][  T371] RBP: ffffc90000fbfcb0 R08: ffffffff88b8c947 R09: 1ffffffff1171928
[   26.804604][  T371] R10: dffffc0000000000 R11: fffffbfff1171929 R12: ffff8881159221f4
[   26.812866][  T371] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[   26.820946][  T371] FS:  0000555575acb500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   26.830190][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.836768][  T371] CR2: 0000000000000168 CR3: 0000000112eb4000 CR4: 00000000003526b0
[   26.844835][  T371] Call Trace:
[   26.848229][  T371]  <TASK>
[   26.851178][  T371]  vfs_rmdir+0x26a/0x560
[   26.855426][  T371]  incfs_kill_sb+0x109/0x230
[   26.860108][  T371]  deactivate_locked_super+0xd5/0x2a0
[   26.865531][  T371]  deactivate_super+0xb8/0xe0
[   26.870211][  T371]  cleanup_mnt+0x406/0x4a0
[   26.874849][  T371]  __cleanup_mnt+0x1d/0x40
[   26.879438][  T371]  task_work_run+0x1e5/0x260
[   26.884122][  T371]  ? __cfi_task_work_run+0x10/0x10
[   26.889227][  T371]  ? __x64_sys_umount+0x12e/0x180
[   26.894407][  T371]  ? __cfi___x64_sys_umount+0x10/0x10
[   26.899794][  T371]  ? __kasan_check_read+0x15/0x20
[   26.904826][  T371]  resume_user_mode_work+0x35/0x50
[   26.909928][  T371]  syscall_exit_to_user_mode+0x63/0xb0
[   26.915389][  T371]  do_syscall_64+0x63/0xf0
[   26.919814][  T371]  ? clear_bhb_loop+0x50/0xa0
[   26.924482][  T371]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   26.930554][  T371] RIP: 0033:0x7f3c46b9c117
[   26.934983][  T371] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[   26.954588][  T371] RSP: 002b:00007ffdac6bda18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   26.963016][  T371] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f3c46b9c117
[   26.971006][  T371] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdac6bdad0
[   26.979022][  T371] RBP: 00007ffdac6bdad0 R08: 00007ffdac6bead0 R09: 00000000ffffffff
[   26.987094][  T371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdac6beb60
[   26.995062][  T371] R13: 00007f3c46c0471f R14: 00000000000065d3 R15: 00007ffdac6beba0
[   27.003032][  T371]  </TASK>
[   27.006043][  T371] Modules linked in:
[   27.010048][  T371] CR2: 0000000000000168
[   27.014473][  T371] ---[ end trace 0000000000000000 ]---
[   27.019953][  T371] RIP: 0010:ihold+0x2a/0x70
[   27.024492][  T371] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 3d 4e 96 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 7c 1c ee ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 4d
[   27.044274][  T371] RSP: 0018:ffffc90000fbfca0 EFLAGS: 00010246
[   27.050352][  T371] RAX: ffff888114aba600 RBX: 0000000000000000 RCX: ffff888114aba600
[   27.058489][  T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   27.066661][  T371] RBP: ffffc90000fbfcb0 R08: ffffffff88b8c947 R09: 1ffffffff1171928
[   27.074769][  T371] R10: dffffc0000000000 R11: fffffbfff1171929 R12: ffff8881159221f4
[   27.082842][  T371] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[   27.090988][  T371] FS:  0000555575acb500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   27.099937][  T371] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   27.106715][  T371] CR2: 0000000000000168 CR3: 0000000112eb4000 CR4: 00000000003526b0
[   27.114707][  T371] Kernel panic - not syncing: Fatal exception
[   27.121399][  T371] Kernel Offset: disabled
[   27.125736][  T371] Rebooting in 86400 seconds..