[ 33.252483][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.259753][ T7] device bridge_slave_0 left promiscuous mode [ 33.265782][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.273060][ T7] device veth1_macvtap left promiscuous mode [ 33.279028][ T7] device veth0_vlan left promiscuous mode [ 43.101840][ T24] kauditd_printk_skb: 70 callbacks suppressed [ 43.101843][ T24] audit: type=1400 audit(1684138986.350:146): avc: denied { transition } for pid=402 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 43.129818][ T24] audit: type=1400 audit(1684138986.360:147): avc: denied { noatsecure } for pid=402 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 43.149205][ T24] audit: type=1400 audit(1684138986.360:148): avc: denied { rlimitinh } for pid=402 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 43.168063][ T24] audit: type=1400 audit(1684138986.360:149): avc: denied { siginh } for pid=402 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.136' (ECDSA) to the list of known hosts. 2023/05/15 08:23:13 ignoring optional flag "sandboxArg"="0" 2023/05/15 08:23:13 parsed 1 programs 2023/05/15 08:23:13 executed programs: 0 [ 50.135624][ T24] audit: type=1400 audit(1684138993.380:150): avc: denied { mounton } for pid=423 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 50.160619][ T24] audit: type=1400 audit(1684138993.390:151): avc: denied { mount } for pid=423 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 50.193663][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.200515][ T426] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.207777][ T426] device bridge_slave_0 entered promiscuous mode [ 50.214378][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.221387][ T426] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.228603][ T426] device bridge_slave_1 entered promiscuous mode [ 50.250241][ T24] audit: type=1400 audit(1684138993.500:152): avc: denied { write } for pid=426 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.270747][ T24] audit: type=1400 audit(1684138993.520:153): avc: denied { read } for pid=426 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.274218][ T426] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.297966][ T426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.305277][ T426] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.312216][ T426] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.325089][ T115] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.332138][ T115] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.339459][ T115] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.347260][ T115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.355485][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.363628][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.370496][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.384820][ T426] device veth0_vlan entered promiscuous mode [ 50.391466][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 50.399626][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 50.407416][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 50.414622][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 50.422046][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.430236][ T375] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.437080][ T375] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.444386][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.452508][ T375] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.462984][ T426] device veth1_macvtap entered promiscuous mode [ 50.469933][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 50.480788][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 50.489301][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.500305][ T24] audit: type=1400 audit(1684138993.750:154): avc: denied { mounton } for pid=426 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=357 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 50.526841][ T24] audit: type=1400 audit(1684138993.780:155): avc: denied { mounton } for pid=432 comm="syz-executor.0" path="/root/syzkaller-testdir692553695/syzkaller.zRuFDl/0/file0" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 50.576615][ T433] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN [ 50.588651][ T433] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 50.597063][ T433] CPU: 0 PID: 433 Comm: syz-executor.0 Not tainted 5.10.85-syzkaller #0 [ 50.605400][ T433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 [ 50.615391][ T433] RIP: 0010:step_into+0x19d/0xbe0 [ 50.620233][ T433] Code: 0f 85 0a 08 00 00 44 8b 27 43 80 7c 35 00 00 74 0a 48 8b 7c 24 60 e8 02 16 f6 ff 48 8b 9c 24 b8 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 f8 07 00 00 8b 33 f7 c6 00 00 07 00 0f [ 50.639767][ T433] RSP: 0018:ffffc90000877840 EFLAGS: 00010202 [ 50.645665][ T433] RAX: 0000000000000002 RBX: 0000000000000010 RCX: 0000000000877800 [ 50.653653][ T433] RDX: 1ffff9200010ef97 RSI: 0000000000000002 RDI: ffffc90000877cb8 [ 50.661476][ T433] RBP: ffffc90000877970 R08: 0000000000000000 R09: ffffed102397b645 [ 50.670188][ T433] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011 [ 50.678009][ T433] R13: 1ffff9200010ef1f R14: dffffc0000000000 R15: ffffc90000877c80 [ 50.686430][ T433] FS: 00007f86dc892700(0000) GS:ffff8881f7200000(0000) knlGS:0000000000000000 [ 50.695353][ T433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.701947][ T433] CR2: 00007f33c24b3ae0 CR3: 0000000109f97000 CR4: 00000000003506b0 [ 50.710384][ T433] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.718379][ T433] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.726358][ T433] Call Trace: [ 50.729485][ T433] ? set_root+0x350/0x350 [ 50.733770][ T433] ? __kasan_check_write+0x14/0x20 [ 50.738718][ T433] ? up_read+0x14/0x90 [ 50.742925][ T433] walk_component+0x2f6/0x540 [ 50.747434][ T433] ? nd_alloc_stack+0xd0/0xd0 [ 50.751964][ T433] ? inode_permission+0x85/0x380 [ 50.756819][ T433] link_path_walk+0x50f/0xb70 [ 50.761409][ T433] ? handle_lookup_down+0x100/0x100 [ 50.767398][ T433] path_lookupat+0xaf/0x350 [ 50.771748][ T433] filename_lookup+0x24d/0x6a0 [ 50.776478][ T433] ? hashlen_string+0xc0/0xc0 [ 50.781153][ T433] ? getname_flags+0xe7/0x440 [ 50.785677][ T433] user_path_at_empty+0x31/0x40 [ 50.790349][ T433] __se_sys_mount+0x21f/0x2d0 [ 50.794871][ T433] ? __kasan_check_write+0x14/0x20 [ 50.799817][ T433] ? __x64_sys_mount+0xd0/0xd0 [ 50.804411][ T433] ? fpu__clear_all+0x10/0x10 [ 50.808920][ T433] __x64_sys_mount+0xba/0xd0 [ 50.813347][ T433] do_syscall_64+0x34/0x70 [ 50.817600][ T433] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.823511][ T433] RIP: 0033:0x7f86dcd1f169 [ 50.827759][ T433] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 50.847632][ T433] RSP: 002b:00007f86dc892168 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 50.856137][ T433] RAX: ffffffffffffffda RBX: 00007f86dce3ef80 RCX: 00007f86dcd1f169 [ 50.864373][ T433] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 50.872141][ T433] RBP: 00007f86dcd7aca1 R08: 0000000000000000 R09: 0000000000000000 [ 50.880209][ T433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 50.888106][ T433] R13: 00007ffe4836bbef R14: 00007f86dc892300 R15: 0000000000022000 [ 50.895916][ T433] Modules linked in: [ 50.900100][ T433] ---[ end trace cde57eeeaea2bb76 ]--- [ 50.905425][ T433] RIP: 0010:step_into+0x19d/0xbe0 [ 50.910930][ T433] Code: 0f 85 0a 08 00 00 44 8b 27 43 80 7c 35 00 00 74 0a 48 8b 7c 24 60 e8 02 16 f6 ff 48 8b 9c 24 b8 00 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 04 30 84 c0 0f 85 f8 07 00 00 8b 33 f7 c6 00 00 07 00 0f [ 50.931235][ T433] RSP: 0018:ffffc90000877840 EFLAGS: 00010202 [ 50.937279][ T433] RAX: 0000000000000002 RBX: 0000000000000010 RCX: 0000000000877800 [ 50.945035][ T433] RDX: 1ffff9200010ef97 RSI: 0000000000000002 RDI: ffffc90000877cb8 [ 50.953581][ T433] RBP: ffffc90000877970 R08: 0000000000000000 R09: ffffed102397b645 [ 50.961512][ T433] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011 [ 50.969863][ T433] R13: 1ffff9200010ef1f R14: dffffc0000000000 R15: ffffc90000877c80 [ 50.977908][ T433] FS: 00007f86dc892700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 50.987170][ T433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.993586][ T433] CR2: 00007f86dc871718 CR3: 0000000109f97000 CR4: 00000000003506a0 [ 51.001724][ T433] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.009882][ T433] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.017932][ T433] Kernel panic - not syncing: Fatal exception [ 51.024046][ T433] Kernel Offset: disabled [ 51.028184][ T433] Rebooting in 86400 seconds..