[ 23.713371][ T3174] 8021q: adding VLAN 0 to HW filter on device bond0 [ 23.731302][ T3174] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 30.785646][ T27] kauditd_printk_skb: 37 callbacks suppressed [ 30.785661][ T27] audit: type=1400 audit(1648806957.767:73): avc: denied { transition } for pid=3385 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 30.816102][ T27] audit: type=1400 audit(1648806957.777:74): avc: denied { write } for pid=3385 comm="sh" path="pipe:[27871]" dev="pipefs" ino=27871 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '10.128.0.76' (ECDSA) to the list of known hosts. [ 49.275161][ T27] audit: type=1400 audit(1648806976.257:75): avc: denied { execmem } for pid=3595 comm="syz-executor106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 49.299225][ T27] audit: type=1400 audit(1648806976.267:76): avc: denied { mounton } for pid=3596 comm="syz-executor106" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 49.323401][ T27] audit: type=1400 audit(1648806976.267:77): avc: denied { mount } for pid=3596 comm="syz-executor106" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 49.346040][ T27] audit: type=1400 audit(1648806976.267:78): avc: denied { mounton } for pid=3596 comm="syz-executor106" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 49.357677][ T3596] chnl_net:caif_netlink_parms(): no params data found [ 49.398217][ T3596] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.405292][ T3596] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.412940][ T3596] device bridge_slave_0 entered promiscuous mode [ 49.420811][ T3596] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.427953][ T3596] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.435531][ T3596] device bridge_slave_1 entered promiscuous mode [ 49.452387][ T3596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.462862][ T3596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.481151][ T3596] team0: Port device team_slave_0 added [ 49.488105][ T3596] team0: Port device team_slave_1 added [ 49.503039][ T3596] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.510147][ T3596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.536080][ T3596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.547606][ T3596] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.554532][ T3596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.580675][ T3596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.602876][ T3596] device hsr_slave_0 entered promiscuous mode [ 49.609548][ T3596] device hsr_slave_1 entered promiscuous mode [ 49.669305][ T27] audit: type=1400 audit(1648806976.657:79): avc: denied { create } for pid=3596 comm="syz-executor106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 49.671818][ T3596] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 49.690436][ T27] audit: type=1400 audit(1648806976.657:80): avc: denied { write } for pid=3596 comm="syz-executor106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 49.718135][ T27] audit: type=1400 audit(1648806976.657:81): avc: denied { read } for pid=3596 comm="syz-executor106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 49.719758][ T3596] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 49.747745][ T3596] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 49.756727][ T3596] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 49.772731][ T3596] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.779810][ T3596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.787206][ T3596] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.794255][ T3596] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.826716][ T3596] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.837209][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.845435][ T140] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.853815][ T140] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.861480][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 49.871888][ T3596] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.881425][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.889784][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.896867][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.907030][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.915258][ T140] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.922309][ T140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.942626][ T3596] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 49.953299][ T3596] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 49.967730][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.976247][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.984473][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.992762][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.000990][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.008573][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.024856][ T3596] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.032761][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 50.040193][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 50.049839][ T27] audit: type=1400 audit(1648806977.037:82): avc: denied { module_request } for pid=3596 comm="syz-executor106" kmod="netdev-xfrm0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 50.073030][ T27] audit: type=1400 audit(1648806977.047:83): avc: denied { sys_module } for pid=3596 comm="syz-executor106" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 50.126570][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 50.135108][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 50.143605][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 50.151982][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 50.161439][ T3596] device veth0_vlan entered promiscuous mode [ 50.170460][ T3596] device veth1_vlan entered promiscuous mode [ 50.185002][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 50.193339][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 50.201373][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 50.211070][ T3596] device veth0_macvtap entered promiscuous mode [ 50.220207][ T3596] device veth1_macvtap entered promiscuous mode [ 50.232989][ T3596] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.240468][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 50.249611][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 50.259950][ T3596] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.267504][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.277937][ T3596] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.286747][ T3596] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.295441][ T3596] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.304392][ T3596] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 50.326699][ T27] audit: type=1400 audit(1648806977.317:84): avc: denied { mounton } for pid=3596 comm="syz-executor106" path="/dev/binderfs" dev="devtmpfs" ino=2313 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 50.394254][ T1017] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 50.465996][ C0] BUG: sleeping function called from invalid context at block/blk-sysfs.c:766 [ 50.474870][ C0] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 0, name: swapper/0 [ 50.483568][ C0] preempt_count: 101, expected: 0 [ 50.488601][ C0] RCU nest depth: 0, expected: 0 [ 50.493513][ C0] INFO: lockdep is turned off. [ 50.498275][ C0] Preemption disabled at: [ 50.498284][ C0] [] schedule_preempt_disabled+0x19/0x20 [ 50.509801][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.17.0-syzkaller-13532-gb4a5ea09b293 #0 [ 50.520536][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.530583][ C0] Call Trace: [ 50.533841][ C0] [ 50.536667][ C0] dump_stack_lvl+0xcd/0x134 [ 50.541263][ C0] __might_resched.cold+0x222/0x26b [ 50.546462][ C0] blk_release_queue+0x1f/0x320 [ 50.551310][ C0] kobject_put+0x1c8/0x540 [ 50.555722][ C0] blkg_free.part.0+0x112/0x1f0 [ 50.560567][ C0] __blkg_release+0x105/0x160 [ 50.565237][ C0] rcu_core+0x7b1/0x1880 [ 50.569474][ C0] ? call_rcu+0x790/0x790 [ 50.573797][ C0] __do_softirq+0x29b/0x9c2 [ 50.578292][ C0] __irq_exit_rcu+0x123/0x180 [ 50.582965][ C0] irq_exit_rcu+0x5/0x20 [ 50.587203][ C0] sysvec_apic_timer_interrupt+0x93/0xc0 [ 50.592829][ C0] [ 50.595753][ C0] [ 50.598668][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 50.604656][ C0] RIP: 0010:acpi_idle_do_entry+0x1c6/0x250 [ 50.610460][ C0] Code: 89 de e8 bd 64 17 f8 84 db 75 ac e8 d4 60 17 f8 e8 5f a8 1d f8 eb 0c e8 c8 60 17 f8 0f 00 2d 31 29 d1 00 e8 bc 60 17 f8 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 37 63 17 f8 48 85 db [ 50.630056][ C0] RSP: 0018:ffffffff8ba07d60 EFLAGS: 00000293 [ 50.636115][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 50.644073][ C0] RDX: ffffffff8babc700 RSI: ffffffff89606c34 RDI: ffffffff89606c21 [ 50.652031][ C0] RBP: ffff888016b9a064 R08: 0000000000000000 R09: 0000000000000000 [ 50.659989][ C0] R10: ffffffff817e14b8 R11: 0000000000000000 R12: 0000000000000001 [ 50.667948][ C0] R13: ffff888016b9a000 R14: ffff888016b9a064 R15: ffff888019d95804 [ 50.675912][ C0] ? trace_hardirqs_on+0x38/0x1c0 [ 50.680935][ C0] ? acpi_idle_do_entry+0x1c4/0x250 [ 50.686129][ C0] ? acpi_idle_do_entry+0x1b1/0x250 [ 50.691334][ C0] acpi_idle_enter+0x361/0x500 [ 50.696092][ C0] cpuidle_enter_state+0x1b1/0xc80 [ 50.701199][ C0] cpuidle_enter+0x4a/0xa0 [ 50.705611][ C0] do_idle+0x3e8/0x590 [ 50.709674][ C0] ? arch_cpu_idle_exit+0x30/0x30 [ 50.714720][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe [ 50.720959][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe [ 50.727208][ C0] cpu_startup_entry+0x14/0x20 [ 50.731966][ C0] start_kernel+0x47f/0x4a0 [ 50.736460][ C0] secondary_startup_64_no_verify+0xc3/0xcb [ 50.742350][ C0]