[ 23.231559][ T3174] 8021q: adding VLAN 0 to HW filter on device bond0 [ 23.245679][ T3174] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 32.110464][ T27] kauditd_printk_skb: 37 callbacks suppressed [ 32.110480][ T27] audit: type=1400 audit(1648811242.004:73): avc: denied { transition } for pid=3382 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 32.139152][ T27] audit: type=1400 audit(1648811242.014:74): avc: denied { write } for pid=3382 comm="sh" path="pipe:[26579]" dev="pipefs" ino=26579 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts. [ 39.763963][ T27] audit: type=1400 audit(1648811249.664:75): avc: denied { execmem } for pid=3589 comm="syz-executor135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.784137][ T27] audit: type=1400 audit(1648811249.684:76): avc: denied { mounton } for pid=3590 comm="syz-executor135" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 39.808440][ T27] audit: type=1400 audit(1648811249.694:77): avc: denied { mount } for pid=3590 comm="syz-executor135" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 39.831622][ T27] audit: type=1400 audit(1648811249.694:78): avc: denied { mounton } for pid=3590 comm="syz-executor135" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 39.864163][ T3590] chnl_net:caif_netlink_parms(): no params data found [ 39.895137][ T3590] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.902195][ T3590] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.909815][ T3590] device bridge_slave_0 entered promiscuous mode [ 39.917361][ T3590] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.924467][ T3590] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.931919][ T3590] device bridge_slave_1 entered promiscuous mode [ 39.948382][ T3590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.958824][ T3590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.977756][ T3590] team0: Port device team_slave_0 added [ 39.984694][ T3590] team0: Port device team_slave_1 added [ 39.998997][ T3590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.006029][ T3590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.032164][ T3590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.044992][ T3590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.051920][ T3590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.077956][ T3590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.099716][ T3590] device hsr_slave_0 entered promiscuous mode [ 40.106311][ T3590] device hsr_slave_1 entered promiscuous mode [ 40.166159][ T27] audit: type=1400 audit(1648811250.064:79): avc: denied { create } for pid=3590 comm="syz-executor135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.167102][ T3590] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.187319][ T27] audit: type=1400 audit(1648811250.064:80): avc: denied { write } for pid=3590 comm="syz-executor135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.214705][ T27] audit: type=1400 audit(1648811250.064:81): avc: denied { read } for pid=3590 comm="syz-executor135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.216245][ T3590] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.243626][ T3590] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.251743][ T3590] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.267725][ T3590] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.274793][ T3590] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.282055][ T3590] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.289119][ T3590] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.319309][ T3590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.330432][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.338640][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.346623][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.354204][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.365217][ T3590] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.374944][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.383155][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.390227][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.399567][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.407913][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.414959][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.429415][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.437752][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.448488][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.461238][ T3590] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 40.471685][ T3590] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.482956][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.491149][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.499889][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 40.514814][ T3590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.523674][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 40.530965][ T27] audit: type=1400 audit(1648811250.424:82): avc: denied { module_request } for pid=3590 comm="syz-executor135" kmod="netdev-xfrm0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 40.553213][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 40.553750][ T27] audit: type=1400 audit(1648811250.434:83): avc: denied { sys_module } for pid=3590 comm="syz-executor135" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 40.614123][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.625399][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.634706][ T3590] device veth0_vlan entered promiscuous mode [ 40.640905][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.648873][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.658871][ T3590] device veth1_vlan entered promiscuous mode [ 40.673095][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.680907][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.689132][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.699209][ T3590] device veth0_macvtap entered promiscuous mode [ 40.707566][ T3590] device veth1_macvtap entered promiscuous mode [ 40.720229][ T3590] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.728110][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.737135][ T3596] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.746806][ T3590] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.754575][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 40.764620][ T3590] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.773739][ T3590] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.782478][ T3590] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.791685][ T3590] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.814396][ T27] audit: type=1400 audit(1648811250.714:84): avc: denied { mounton } for pid=3590 comm="syz-executor135" path="/dev/binderfs" dev="devtmpfs" ino=2313 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 40.891438][ T50] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.953606][ C0] BUG: sleeping function called from invalid context at block/blk-sysfs.c:766 [ 40.962475][ C0] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 0, name: swapper/0 [ 40.971210][ C0] preempt_count: 101, expected: 0 [ 40.976234][ C0] RCU nest depth: 0, expected: 0 [ 40.981146][ C0] INFO: lockdep is turned off. [ 40.985946][ C0] Preemption disabled at: [ 40.985955][ C0] [] schedule_preempt_disabled+0x19/0x20 [ 40.997500][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.17.0-syzkaller-13532-gb4a5ea09b293 #0 [ 41.008253][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.018305][ C0] Call Trace: [ 41.021581][ C0] [ 41.024406][ C0] dump_stack_lvl+0xcd/0x134 [ 41.028987][ C0] __might_resched.cold+0x222/0x26b [ 41.034174][ C0] blk_release_queue+0x1f/0x320 [ 41.039004][ C0] kobject_put+0x1c8/0x540 [ 41.043402][ C0] blkg_free.part.0+0x112/0x1f0 [ 41.048235][ C0] __blkg_release+0x105/0x160 [ 41.052894][ C0] rcu_core+0x7b1/0x1880 [ 41.057121][ C0] ? call_rcu+0x790/0x790 [ 41.061433][ C0] __do_softirq+0x29b/0x9c2 [ 41.065919][ C0] __irq_exit_rcu+0x123/0x180 [ 41.070576][ C0] irq_exit_rcu+0x5/0x20 [ 41.074798][ C0] sysvec_apic_timer_interrupt+0x93/0xc0 [ 41.080413][ C0] [ 41.083326][ C0] [ 41.086238][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 41.092205][ C0] RIP: 0010:acpi_idle_do_entry+0x1c6/0x250 [ 41.098041][ C0] Code: 89 de e8 bd 64 17 f8 84 db 75 ac e8 d4 60 17 f8 e8 5f a8 1d f8 eb 0c e8 c8 60 17 f8 0f 00 2d 31 29 d1 00 e8 bc 60 17 f8 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 37 63 17 f8 48 85 db [ 41.117636][ C0] RSP: 0018:ffffffff8ba07d60 EFLAGS: 00000293 [ 41.123685][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 41.131634][ C0] RDX: ffffffff8babc700 RSI: ffffffff89606c34 RDI: ffffffff89606c21 [ 41.139580][ C0] RBP: ffff8881459e5064 R08: 0000000000000000 R09: 0000000000000000 [ 41.147525][ C0] R10: ffffffff817e14b8 R11: 0000000000000000 R12: 0000000000000001 [ 41.155472][ C0] R13: ffff8881459e5000 R14: ffff8881459e5064 R15: ffff88814828b804 [ 41.163424][ C0] ? trace_hardirqs_on+0x38/0x1c0 [ 41.168436][ C0] ? acpi_idle_do_entry+0x1c4/0x250 [ 41.173615][ C0] ? acpi_idle_do_entry+0x1b1/0x250 [ 41.178794][ C0] acpi_idle_enter+0x361/0x500 [ 41.183541][ C0] cpuidle_enter_state+0x1b1/0xc80 [ 41.188637][ C0] cpuidle_enter+0x4a/0xa0 [ 41.193033][ C0] do_idle+0x3e8/0x590 [ 41.197081][ C0] ? arch_cpu_idle_exit+0x30/0x30 [ 41.202084][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe [ 41.208309][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe [ 41.214533][ C0] cpu_startup_entry+0x14/0x20 [ 41.219282][ C0] start_kernel+0x47f/0x4a0 [ 41.223764][ C0] secondary_startup_64_no_verify+0xc3/0xcb [ 41.229639][ C0]