syzkaller syzkaller login: [ 4.821631][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 11.294619][ T23] kauditd_printk_skb: 60 callbacks suppressed [ 11.294626][ T23] audit: type=1400 audit(1638877646.639:71): avc: denied { transition } for pid=289 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.300976][ T23] audit: type=1400 audit(1638877646.639:72): avc: denied { write } for pid=289 comm="sh" path="pipe:[333]" dev="pipefs" ino=333 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 11.822030][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #88!!! [ 12.441490][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #280!!! Warning: Permanently added '10.128.0.228' (ECDSA) to the list of known hosts. [ 21.743946][ T23] audit: type=1400 audit(1638877657.089:73): avc: denied { execmem } for pid=364 comm="syz-executor859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.763368][ T23] audit: type=1400 audit(1638877657.089:74): avc: denied { setattr } for pid=364 comm="syz-executor859" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.777418][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.787021][ T23] audit: type=1400 audit(1638877657.089:75): avc: denied { mounton } for pid=365 comm="syz-executor859" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 21.794027][ T365] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.818502][ T23] audit: type=1400 audit(1638877657.089:76): avc: denied { mount } for pid=365 comm="syz-executor859" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 21.818517][ T23] audit: type=1400 audit(1638877657.089:77): avc: denied { read } for pid=365 comm="syz-executor859" dev="nsfs" ino=4026531999 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 21.818531][ T23] audit: type=1400 audit(1638877657.089:78): avc: denied { open } for pid=365 comm="syz-executor859" path="net:[4026531999]" dev="nsfs" ino=4026531999 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 21.818544][ T23] audit: type=1400 audit(1638877657.089:79): avc: denied { mounton } for pid=365 comm="syz-executor859" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 21.818556][ T23] audit: type=1400 audit(1638877657.089:80): avc: denied { module_request } for pid=365 comm="syz-executor859" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 21.936297][ T365] device bridge_slave_0 entered promiscuous mode [ 21.943087][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.950103][ T365] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.957437][ T365] device bridge_slave_1 entered promiscuous mode [ 21.979654][ T23] audit: type=1400 audit(1638877657.319:81): avc: denied { create } for pid=365 comm="syz-executor859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 21.984770][ T365] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.000279][ T23] audit: type=1400 audit(1638877657.319:82): avc: denied { write } for pid=365 comm="syz-executor859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 22.007257][ T365] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.007325][ T365] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.042149][ T365] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.057144][ T366] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.064738][ T366] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.072366][ T366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.079693][ T366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.088608][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.096913][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.104021][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.122129][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.130356][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.138211][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.146651][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.153679][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.161159][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.169138][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.184386][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program [ 22.193082][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.201312][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.213342][ T365] FAULT_INJECTION: forcing a failure. [ 22.213342][ T365] name failslab, interval 1, probability 0, space 0, times 1 [ 22.226008][ T365] CPU: 0 PID: 365 Comm: syz-executor859 Not tainted 5.10.83-syzkaller-00311-g6e6898e23cab #0 [ 22.236124][ T365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.246152][ T365] Call Trace: [ 22.249430][ T365] dump_stack_lvl+0x1e2/0x24b [ 22.254094][ T365] ? show_regs_print_info+0x18/0x18 [ 22.259264][ T365] ? __kasan_check_write+0x14/0x20 [ 22.264351][ T365] ? _raw_spin_lock+0xa3/0x1b0 [ 22.269087][ T365] ? _raw_spin_trylock_bh+0x1a0/0x1a0 [ 22.274429][ T365] dump_stack+0x15/0x1d [ 22.278566][ T365] should_fail+0x3c0/0x510 [ 22.282954][ T365] ? nfc_genl_dump_devices+0xbb/0x690 [ 22.288295][ T365] __should_failslab+0x9f/0xe0 [ 22.293031][ T365] should_failslab+0x9/0x20 [ 22.297594][ T365] kmem_cache_alloc_trace+0x42/0x3a0 [ 22.302869][ T365] nfc_genl_dump_devices+0xbb/0x690 [ 22.308056][ T365] ? mutex_trylock+0xb0/0xb0 [ 22.312619][ T365] ? __alloc_skb+0x3b0/0x580 [ 22.317182][ T365] genl_lock_dumpit+0x6b/0x90 [ 22.321832][ T365] netlink_dump+0x5b5/0xc30 [ 22.326306][ T365] ? netlink_lookup+0xd0/0xd0 [ 22.330953][ T365] ? genl_start+0x2e2/0x470 [ 22.335433][ T365] __netlink_dump_start+0x5ba/0x7d0 [ 22.340603][ T365] genl_rcv_msg+0xbe1/0x1480 [ 22.345166][ T365] ? genl_rcv+0x40/0x40 [ 22.349363][ T365] ? genl_rcv_msg+0x1480/0x1480 [ 22.354222][ T365] ? genl_start+0x470/0x470 [ 22.358705][ T365] ? genl_lock_dumpit+0x90/0x90 [ 22.363532][ T365] ? rhashtable_jhash2+0x1f1/0x330 [ 22.368623][ T365] ? jhash+0x750/0x750 [ 22.372665][ T365] ? rht_key_hashfn+0x112/0x1e0 [ 22.377528][ T365] ? rht_lock+0x110/0x110 [ 22.381873][ T365] ? rht_key_hashfn+0x1e0/0x1e0 [ 22.386693][ T365] ? nfc_genl_exit+0x30/0x30 [ 22.391253][ T365] ? nfc_genl_get_device+0x3e0/0x3e0 [ 22.396517][ T365] ? nfc_genl_dump_devices+0x690/0x690 [ 22.401954][ T365] netlink_rcv_skb+0x200/0x470 [ 22.406689][ T365] ? genl_rcv+0x40/0x40 [ 22.410813][ T365] ? netlink_ack+0xb90/0xb90 [ 22.415375][ T365] ? down_read+0xf1/0x210 [ 22.419677][ T365] ? __down_common+0x5a0/0x5a0 [ 22.424424][ T365] genl_rcv+0x28/0x40 [ 22.428380][ T365] netlink_unicast+0x814/0x9f0 [ 22.433115][ T365] ? netlink_detachskb+0xa0/0xa0 [ 22.438034][ T365] ? security_netlink_send+0x9d/0xb0 [ 22.443293][ T365] netlink_sendmsg+0xa20/0xe00 [ 22.448042][ T365] ? selinux_socket_accept+0x5b0/0x5b0 [ 22.453471][ T365] ? netlink_getsockopt+0x960/0x960 [ 22.458639][ T365] ? security_socket_sendmsg+0xb0/0xd0 [ 22.464070][ T365] ? netlink_getsockopt+0x960/0x960 [ 22.469240][ T365] ____sys_sendmsg+0x5b9/0x910 [ 22.474077][ T365] ? __sys_sendmsg_sock+0xc0/0xc0 [ 22.479071][ T365] ? import_iovec+0xe5/0x120 [ 22.483633][ T365] __sys_sendmsg+0x384/0x470 [ 22.488195][ T365] ? rw_verify_area+0x1d1/0x370 [ 22.493016][ T365] ? ____sys_sendmsg+0x910/0x910 [ 22.497925][ T365] ? vfs_write+0x89c/0xf20 [ 22.502313][ T365] ? do_sys_openat2+0x397/0x470 [ 22.507153][ T365] ? ksys_write+0x246/0x2b0 [ 22.511635][ T365] ? debug_smp_processor_id+0x1c/0x20 [ 22.516991][ T365] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 22.523031][ T365] __x64_sys_sendmsg+0x7f/0x90 [ 22.527779][ T365] do_syscall_64+0x31/0x70 [ 22.532169][ T365] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.538029][ T365] RIP: 0033:0x7f7e2f9e0fc9 [ 22.542419][ T365] Code: 28 c3 e8 7a 15 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48 [ 22.561997][ T365] RSP: 002b:00007ffecbd015d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 22.570384][ T365] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f7e2f9e0fc9 [ 22.578345][ T365] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 22.586289][ T365] RBP: 00007ffecbd015f0 R08: 0000000000000001 R09: 00007f7e2fa2b11e [ 22.594253][ T365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 22.602195][ T365] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000000 [ 22.612604][ T365] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 22.624406][ T365] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 22.632803][ T365] CPU: 0 PID: 365 Comm: syz-executor859 Not tainted 5.10.83-syzkaller-00311-g6e6898e23cab #0 [ 22.642915][ T365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.652952][ T365] RIP: 0010:klist_iter_exit+0x2b/0x100 [ 22.658465][ T365] Code: 48 89 e5 41 57 41 56 41 55 41 54 53 50 49 89 ff 49 bc 00 00 00 00 00 fc ff df e8 d0 7b fa fe 49 83 c7 08 4d 89 fd 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 ff e8 45 50 34 ff 4d 8b 37 4d 85 f6 [ 22.678053][ T365] RSP: 0018:ffffc90000bf71f8 EFLAGS: 00010202 [ 22.684098][ T365] RAX: ffffffff82726000 RBX: 0000000000000000 RCX: ffff8881073a4f00 [ 22.692043][ T365] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 22.699985][ T365] RBP: ffffc90000bf7228 R08: dffffc0000000000 R09: fffff5200017ee3d [ 22.707929][ T365] R10: fffff5200017ee3d R11: 0000000000000000 R12: dffffc0000000000 [ 22.715872][ T365] R13: 0000000000000001 R14: ffff888101b89398 R15: 0000000000000008 [ 22.723814][ T365] FS: 00005555572e63c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 22.732712][ T365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.739265][ T365] CR2: 0000000020000100 CR3: 000000011ccb8000 CR4: 00000000003506b0 [ 22.748537][ T365] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.756491][ T365] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.764455][ T365] Call Trace: [ 22.767730][ T365] ? class_dev_iter_exit+0xd/0x20 [ 22.772738][ T365] class_dev_iter_exit+0x15/0x20 [ 22.777830][ T365] nfc_genl_dump_devices_done+0x3b/0x50 [ 22.783406][ T365] genl_lock_done+0x84/0xd0 [ 22.787891][ T365] ? genl_lock_dumpit+0x90/0x90 [ 22.792813][ T365] netlink_dump+0x90a/0xc30 [ 22.797297][ T365] ? netlink_lookup+0xd0/0xd0 [ 22.801953][ T365] ? genl_start+0x2e2/0x470 [ 22.806441][ T365] __netlink_dump_start+0x5ba/0x7d0 [ 22.811630][ T365] genl_rcv_msg+0xbe1/0x1480 [ 22.816210][ T365] ? genl_rcv+0x40/0x40 [ 22.820340][ T365] ? genl_rcv_msg+0x1480/0x1480 [ 22.825162][ T365] ? genl_start+0x470/0x470 [ 22.829645][ T365] ? genl_lock_dumpit+0x90/0x90 [ 22.834469][ T365] ? rhashtable_jhash2+0x1f1/0x330 [ 22.839553][ T365] ? jhash+0x750/0x750 [ 22.843592][ T365] ? rht_key_hashfn+0x112/0x1e0 [ 22.848417][ T365] ? rht_lock+0x110/0x110 [ 22.852717][ T365] ? rht_key_hashfn+0x1e0/0x1e0 [ 22.857539][ T365] ? nfc_genl_exit+0x30/0x30 [ 22.862208][ T365] ? nfc_genl_get_device+0x3e0/0x3e0 [ 22.867461][ T365] ? nfc_genl_dump_devices+0x690/0x690 [ 22.872903][ T365] netlink_rcv_skb+0x200/0x470 [ 22.877691][ T365] ? genl_rcv+0x40/0x40 [ 22.881817][ T365] ? netlink_ack+0xb90/0xb90 [ 22.886379][ T365] ? down_read+0xf1/0x210 [ 22.890692][ T365] ? __down_common+0x5a0/0x5a0 [ 22.895428][ T365] genl_rcv+0x28/0x40 [ 22.899393][ T365] netlink_unicast+0x814/0x9f0 [ 22.904138][ T365] ? netlink_detachskb+0xa0/0xa0 [ 22.909132][ T365] ? security_netlink_send+0x9d/0xb0 [ 22.914385][ T365] netlink_sendmsg+0xa20/0xe00 [ 22.919120][ T365] ? selinux_socket_accept+0x5b0/0x5b0 [ 22.924548][ T365] ? netlink_getsockopt+0x960/0x960 [ 22.929728][ T365] ? security_socket_sendmsg+0xb0/0xd0 [ 22.935155][ T365] ? netlink_getsockopt+0x960/0x960 [ 22.940321][ T365] ____sys_sendmsg+0x5b9/0x910 [ 22.945056][ T365] ? __sys_sendmsg_sock+0xc0/0xc0 [ 22.950049][ T365] ? import_iovec+0xe5/0x120 [ 22.954608][ T365] __sys_sendmsg+0x384/0x470 [ 22.959218][ T365] ? rw_verify_area+0x1d1/0x370 [ 22.964039][ T365] ? ____sys_sendmsg+0x910/0x910 [ 22.969568][ T365] ? vfs_write+0x89c/0xf20 [ 22.973962][ T365] ? do_sys_openat2+0x397/0x470 [ 22.978806][ T365] ? ksys_write+0x246/0x2b0 [ 22.983290][ T365] ? debug_smp_processor_id+0x1c/0x20 [ 22.988650][ T365] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 22.994697][ T365] __x64_sys_sendmsg+0x7f/0x90 [ 22.999439][ T365] do_syscall_64+0x31/0x70 [ 23.003833][ T365] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 23.009701][ T365] RIP: 0033:0x7f7e2f9e0fc9 [ 23.014092][ T365] Code: 28 c3 e8 7a 15 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48 [ 23.033682][ T365] RSP: 002b:00007ffecbd015d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 23.042092][ T365] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f7e2f9e0fc9 [ 23.050040][ T365] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 23.057988][ T365] RBP: 00007ffecbd015f0 R08: 0000000000000001 R09: 00007f7e2fa2b11e [ 23.065937][ T365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 23.073992][ T365] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000000 [ 23.081975][ T365] Modules linked in: [ 23.086963][ T365] ---[ end trace 776c3cf45fec02bc ]--- [ 23.092780][ T365] RIP: 0010:klist_iter_exit+0x2b/0x100 [ 23.098229][ T365] Code: 48 89 e5 41 57 41 56 41 55 41 54 53 50 49 89 ff 49 bc 00 00 00 00 00 fc ff df e8 d0 7b fa fe 49 83 c7 08 4d 89 fd 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 ff e8 45 50 34 ff 4d 8b 37 4d 85 f6 [ 23.118036][ T365] RSP: 0018:ffffc90000bf71f8 EFLAGS: 00010202 [ 23.124163][ T365] RAX: ffffffff82726000 RBX: 0000000000000000 RCX: ffff8881073a4f00 [ 23.132227][ T365] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 23.140186][ T365] RBP: ffffc90000bf7228 R08: dffffc0000000000 R09: fffff5200017ee3d [ 23.148261][ T365] R10: fffff5200017ee3d R11: 0000000000000000 R12: dffffc0000000000 [ 23.156332][ T365] R13: 0000000000000001 R14: ffff888101b89398 R15: 0000000000000008 [ 23.164810][ T365] FS: 00005555572e63c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 23.173803][ T365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.180383][ T365] CR2: 0000000020000100 CR3: 000000011ccb8000 CR4: 00000000003506b0 [ 23.188600][ T365] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.196598][ T365] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.204570][ T365] Kernel panic - not syncing: Fatal exception [ 23.210916][ T365] Kernel Offset: disabled [ 23.215229][ T365] Rebooting in 86400 seconds..