Warning: Permanently added '10.128.0.223' (ED25519) to the list of known hosts. 2025/01/24 15:12:44 ignoring optional flag "sandboxArg"="0" 2025/01/24 15:12:44 ignoring optional flag "type"="gce" 2025/01/24 15:12:45 parsed 1 programs [ 47.685094][ T24] kauditd_printk_skb: 18 callbacks suppressed [ 47.685108][ T24] audit: type=1400 audit(1737731565.030:94): avc: denied { mount } for pid=345 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 47.714575][ T24] audit: type=1400 audit(1737731565.070:95): avc: denied { unlink } for pid=345 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2025/01/24 15:12:45 executed programs: 0 [ 47.768007][ T345] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.820236][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.827354][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.834502][ T351] device bridge_slave_0 entered promiscuous mode [ 47.841825][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.848900][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.856079][ T351] device bridge_slave_1 entered promiscuous mode [ 47.891291][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.898386][ T351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.905400][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.912348][ T351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.929607][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.936816][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.944075][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 47.951437][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 47.960384][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.968467][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.975639][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.984542][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.992780][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.999953][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.010995][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.019982][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.033359][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.044454][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.052813][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.060613][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.068725][ T351] device veth0_vlan entered promiscuous mode [ 48.078528][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.087551][ T351] device veth1_macvtap entered promiscuous mode [ 48.096277][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.106905][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.120815][ T24] audit: type=1400 audit(1737731565.470:96): avc: denied { mounton } for pid=351 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 48.152584][ T24] audit: type=1400 audit(1737731565.490:97): avc: denied { map_create } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 48.172232][ T24] audit: type=1400 audit(1737731565.490:98): avc: denied { bpf } for pid=355 comm="syz-executor.0" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 48.193108][ T24] audit: type=1400 audit(1737731565.490:99): avc: denied { map_read map_write } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 48.213594][ T24] audit: type=1400 audit(1737731565.490:100): avc: denied { prog_load } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 48.232951][ T24] audit: type=1400 audit(1737731565.490:101): avc: denied { perfmon } for pid=355 comm="syz-executor.0" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 48.384828][ T24] audit: type=1400 audit(1737731565.730:102): avc: denied { prog_run } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 49.153660][ T24] audit: type=1400 audit(1737731566.500:103): avc: denied { read } for pid=77 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 198.967756][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz-executor.0:592] [ 198.976107][ C1] Modules linked in: [ 198.979831][ C1] CPU: 1 PID: 592 Comm: syz-executor.0 Not tainted 5.10.233-syzkaller-1006618-gfbe98d68b6b3 #0 [ 198.989996][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 199.000031][ C1] RIP: 0010:smp_call_function_single+0x278/0x510 [ 199.006149][ C1] Code: 0f 85 18 02 00 00 44 8b 6c 24 48 44 89 ee 83 e6 01 31 ff e8 ea ec 0a 00 41 83 e5 01 75 0a e8 2f e9 0a 00 e9 eb 00 00 00 f3 90 <42> 0f b6 04 23 84 c0 75 15 f7 44 24 48 01 00 00 00 0f 84 cd 00 00 [ 199.026080][ C1] RSP: 0018:ffffc90000b77800 EFLAGS: 00000293 [ 199.031979][ C1] RAX: ffffffff815fd594 RBX: 1ffff9200016ef09 RCX: ffff8881160913c0 [ 199.039806][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 199.047616][ C1] RBP: ffffc90000b778f0 R08: ffffffff815fd566 R09: ffffed103ee0aec9 [ 199.055411][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 199.063225][ C1] R13: 0000000000000001 R14: ffffc90000b77848 R15: 0000000000000000 [ 199.071040][ C1] FS: 00005555730c7480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 199.079809][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.086491][ C1] CR2: 00007fa907975540 CR3: 0000000115817000 CR4: 00000000003506a0 [ 199.094466][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.102262][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.110070][ C1] Call Trace: [ 199.113195][ C1] <IRQ> [ 199.115935][ C1] ? show_regs+0x58/0x60 [ 199.119975][ C1] ? watchdog_timer_fn+0x471/0x590 [ 199.124928][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 199.130043][ C1] ? __hrtimer_run_queues+0x3d7/0xa50 [ 199.135425][ C1] ? hrtimer_interrupt+0x8b0/0x8b0 [ 199.140559][ C1] ? clockevents_program_event+0x214/0x2c0 [ 199.146386][ C1] ? ktime_get_update_offsets_now+0x266/0x280 [ 199.152270][ C1] ? hrtimer_interrupt+0x39a/0x8b0 [ 199.157220][ C1] ? __sysvec_apic_timer_interrupt+0xfb/0x3f0 [ 199.163554][ C1] ? asm_call_irq_on_stack+0xf/0x20 [ 199.168589][ C1] </IRQ> [ 199.171368][ C1] ? sysvec_apic_timer_interrupt+0x85/0xe0 [ 199.177005][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 199.183093][ C1] ? smp_call_function_single+0x266/0x510 [ 199.188719][ C1] ? smp_call_function_single+0x294/0x510 [ 199.194274][ C1] ? smp_call_function_single+0x278/0x510 [ 199.200046][ C1] ? text_poke_sync+0x20/0x20 [ 199.204652][ C1] ? flush_smp_call_function_from_idle+0x1b0/0x1b0 [ 199.211105][ C1] ? cpumask_any_but+0x18/0xb0 [ 199.215756][ C1] ? text_poke_sync+0x20/0x20 [ 199.220269][ C1] ? cpumask_any_but+0xa3/0xb0 [ 199.224958][ C1] smp_call_function_many_cond+0x94e/0xa30 [ 199.230691][ C1] ? __alloc_pages_nodemask+0x490/0xaf0 [ 199.236172][ C1] ? text_poke_sync+0x20/0x20 [ 199.240759][ C1] ? smp_call_function_many+0x40/0x40 [ 199.246170][ C1] ? text_poke+0x20/0x20 [ 199.250237][ C1] ? insn_decode+0x308/0x490 [ 199.254865][ C1] ? text_poke_sync+0x20/0x20 [ 199.259484][ C1] on_each_cpu+0xa8/0x1a0 [ 199.263631][ C1] ? text_poke_loc_init+0x2e1/0x580 [ 199.268656][ C1] ? smp_call_function+0x90/0x90 [ 199.273558][ C1] ? text_poke_finish+0x30/0x30 [ 199.278203][ C1] text_poke_bp_batch+0x1d4/0x600 [ 199.283163][ C1] ? __kasan_check_write+0x14/0x20 [ 199.288194][ C1] ? text_poke_loc_init+0x580/0x580 [ 199.293331][ C1] ? mutex_lock+0xa5/0x110 [ 199.297901][ C1] ? mutex_trylock+0xa0/0xa0 [ 199.302303][ C1] ? __kasan_check_write+0x14/0x20 [ 199.307246][ C1] text_poke_finish+0x1a/0x30 [ 199.311766][ C1] arch_jump_label_transform_apply+0x15/0x30 [ 199.317597][ C1] __jump_label_update+0x36a/0x380 [ 199.322702][ C1] jump_label_update+0x379/0x400 [ 199.327570][ C1] static_key_disable_cpuslocked+0xcd/0x1b0 [ 199.333295][ C1] static_key_disable+0x1a/0x30 [ 199.337975][ C1] tracepoint_probe_unregister+0x6e0/0x9e0 [ 199.343644][ C1] ? __bpf_trace_mm_page_free_batched+0x60/0x60 [ 199.349716][ C1] bpf_probe_unregister+0x61/0x70 [ 199.354557][ C1] bpf_raw_tp_link_release+0x63/0x90 [ 199.359698][ C1] bpf_link_put+0x1fd/0x280 [ 199.364139][ C1] ? __bpf_prog_put_rcu+0x170/0x170 [ 199.369160][ C1] bpf_link_release+0x3b/0x40 [ 199.373668][ C1] __fput+0x33d/0x7b0 [ 199.378202][ C1] ____fput+0x15/0x20 [ 199.381996][ C1] task_work_run+0x129/0x190 [ 199.386423][ C1] exit_to_user_mode_loop+0xbf/0xd0 [ 199.391457][ C1] syscall_exit_to_user_mode+0xa2/0x1a0 [ 199.396837][ C1] do_syscall_64+0x40/0x70 [ 199.401091][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.406921][ C1] RIP: 0033:0x7fa9078efc9a [ 199.411206][ C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 199.430616][ C1] RSP: 002b:00007ffd99fb39f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 199.438856][ C1] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007fa9078efc9a [ 199.446777][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 199.454568][ C1] RBP: 00007fa907a20980 R08: 0000001b31a60000 R09: 00007ffd99fc60b0 [ 199.462383][ C1] R10: 0000000000001028 R11: 0000000000000293 R12: 000000000000c9cb [ 199.470306][ C1] R13: ffffffffffffffff R14: 00007fa907473000 R15: 000000000000c68a [ 199.478368][ C1] Sending NMI from CPU 1 to CPUs 0: [ 199.484734][ C1] NMI backtrace for cpu 0 [ 199.484747][ C1] CPU: 0 PID: 593 Comm: syz-executor.0 Not tainted 5.10.233-syzkaller-1006618-gfbe98d68b6b3 #0 [ 199.484753][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 199.484756][ C1] RIP: 0010:kvm_wait+0xec/0x150 [ 199.484766][ C1] Code: 03 42 0f b6 04 20 84 c0 75 6a 41 0f b6 45 00 44 38 f0 75 26 41 f7 c7 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d a5 53 d5 03 f4 <eb> 0e 0f 1f 44 00 00 0f 00 2d 96 53 d5 03 fb f4 4c 89 7c 24 18 ff [ 199.484770][ C1] RSP: 0018:ffffc90000b56fa0 EFLAGS: 00000046 [ 199.484778][ C1] RAX: 0000000000000003 RBX: 1ffff9200016adf8 RCX: ffffffff8150ca44 [ 199.484782][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc90000b56fe0 [ 199.484786][ C1] RBP: ffffc90000b57050 R08: dffffc0000000000 R09: ffffed1022bd6ba5 [ 199.484791][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 199.484795][ C1] R13: ffff888115eb5d20 R14: 0000000000000003 R15: 0000000000000046 [ 199.484800][ C1] FS: 00007fa9074726c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 199.484803][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.484808][ C1] CR2: 00007fa907a1b0c0 CR3: 0000000115817000 CR4: 00000000003506b0 [ 199.484812][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.484816][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.484818][ C1] Call Trace: [ 199.484820][ C1] <NMI> [ 199.484823][ C1] ? show_regs+0x58/0x60 [ 199.484826][ C1] ? nmi_cpu_backtrace+0x133/0x160 [ 199.484829][ C1] ? kvm_wait+0xec/0x150 [ 199.484832][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 199.484835][ C1] ? nmi_handle+0xa8/0x280 [ 199.484837][ C1] ? kvm_wait+0xec/0x150 [ 199.484840][ C1] ? default_do_nmi+0x69/0x160 [ 199.484843][ C1] ? exc_nmi+0xad/0x100 [ 199.484846][ C1] ? end_repeat_nmi+0x16/0x31 [ 199.484850][ C1] ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70 [ 199.484852][ C1] ? kvm_wait+0xec/0x150 [ 199.484855][ C1] ? kvm_wait+0xec/0x150 [ 199.484858][ C1] ? kvm_wait+0xec/0x150 [ 199.484860][ C1] </NMI> [ 199.484863][ C1] ? __set_page_owner+0x3b/0x2d0 [ 199.484866][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 199.484869][ C1] ? save_stack+0x1c3/0x240 [ 199.484872][ C1] __pv_queued_spin_lock_slowpath+0x72f/0xc70 [ 199.484876][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 199.484879][ C1] ? __set_page_owner+0x2b7/0x2d0 [ 199.484882][ C1] _raw_spin_lock_irqsave+0x1a0/0x210 [ 199.484885][ C1] ? prep_new_page+0x166/0x180 [ 199.484888][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 199.484891][ C1] ? get_page_from_freelist+0x2d8c/0x2f30 [ 199.484894][ C1] ? smp_call_function_single+0x400/0x510 [ 199.484897][ C1] trie_delete_elem+0x94/0x760 [ 199.484900][ C1] bpf_prog_fdee3c9a1e8a2a6e+0x3d/0xc8 [ 199.484903][ C1] bpf_trace_run4+0x13e/0x2e0 [ 199.484906][ C1] ? bpf_trace_run3+0x2c0/0x2c0 [ 199.484909][ C1] ? __alloc_pages_nodemask+0xaf0/0xaf0 [ 199.484912][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 199.484915][ C1] __alloc_pages_nodemask+0xa8e/0xaf0 [ 199.484919][ C1] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 199.484922][ C1] ? stack_trace_save+0x113/0x1c0 [ 199.484925][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 199.484927][ C1] new_slab+0x80/0x400 [ 199.484930][ C1] ? __se_sys_bpf+0x75e6/0x11cb0 [ 199.484933][ C1] ___slab_alloc+0x302/0x4b0 [ 199.484936][ C1] ? do_syscall_64+0x34/0x70 [ 199.484939][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.484942][ C1] ? trie_update_elem+0x1be/0xd30 [ 199.484945][ C1] __slab_alloc+0x63/0xa0 [ 199.484948][ C1] ? trie_update_elem+0x1be/0xd30 [ 199.484951][ C1] ? trie_update_elem+0x1be/0xd30 [ 199.484953][ C1] __kmalloc+0x204/0x330 [ 199.484957][ C1] ? trie_update_elem+0x1be/0xd30 [ 199.484959][ C1] trie_update_elem+0x1be/0xd30 [ 199.484990][ C1] bpf_map_update_value+0x230/0x420 [ 199.484993][ C1] __se_sys_bpf+0x7687/0x11cb0 [ 199.484996][ C1] ? futex_wait+0x6a0/0x7c0 [ 199.484999][ C1] ? __x64_sys_bpf+0x90/0x90 [ 199.485002][ C1] ? do_futex+0x17b0/0x17b0 [ 199.485005][ C1] ? do_futex+0x139a/0x17b0 [ 199.485008][ C1] ? futex_exit_release+0x1e0/0x1e0 [ 199.485011][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 199.485014][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 199.485017][ C1] ? __kasan_check_write+0x14/0x20 [ 199.485020][ C1] ? set_current_blocked+0x40/0x40 [ 199.485023][ C1] ? __se_sys_futex+0x355/0x470 [ 199.485026][ C1] ? fpu__clear_all+0x20/0x20 [ 199.485029][ C1] ? __kasan_check_read+0x11/0x20 [ 199.485032][ C1] __x64_sys_bpf+0x7b/0x90 [ 199.485035][ C1] do_syscall_64+0x34/0x70 [ 199.485038][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.485041][ C1] RIP: 0033:0x7fa9078f0da9 [ 199.485051][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 199.485054][ C1] RSP: 002b:00007fa9074720c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 199.485062][ C1] RAX: ffffffffffffffda RBX: 00007fa907a1ef80 RCX: 00007fa9078f0da9 [ 199.485066][ C1] RDX: 0000000000000020 RSI: 0000000020000300 RDI: 0000000000000002 [ 199.485071][ C1] RBP: 00007fa90793d47a R08: 0000000000000000 R09: 0000000000000000 [ 199.485075][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.485079][ C1] R13: 000000000000000b R14: 00007fa907a1ef80 R15: 00007ffd99fb3928