Warning: Permanently added '10.128.1.161' (ED25519) to the list of known hosts. 2024/01/05 04:26:52 ignoring optional flag "sandboxArg"="0" 2024/01/05 04:26:52 parsed 1 programs [ 40.518843][ T23] kauditd_printk_skb: 75 callbacks suppressed [ 40.518846][ T23] audit: type=1400 audit(1704428812.500:151): avc: denied { mounton } for pid=334 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 40.549553][ T23] audit: type=1400 audit(1704428812.500:152): avc: denied { mount } for pid=334 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 40.572572][ T23] audit: type=1400 audit(1704428812.500:153): avc: denied { setattr } for pid=334 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 2024/01/05 04:26:52 executed programs: 0 [ 40.595468][ T23] audit: type=1400 audit(1704428812.500:154): avc: denied { read write } for pid=334 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 40.595535][ T334] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 40.621408][ T23] audit: type=1400 audit(1704428812.500:155): avc: denied { open } for pid=334 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 40.644524][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.656268][ T23] audit: type=1400 audit(1704428812.530:156): avc: denied { unlink } for pid=334 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 40.663302][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.689108][ T23] audit: type=1400 audit(1704428812.530:157): avc: denied { relabelto } for pid=336 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 40.721500][ T23] audit: type=1400 audit(1704428812.610:158): avc: denied { mounton } for pid=341 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 40.721634][ T341] device bridge_slave_0 entered promiscuous mode [ 40.752359][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.759205][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.766395][ T341] device bridge_slave_1 entered promiscuous mode [ 40.777744][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.785551][ T341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.792927][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.799906][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.808709][ T301] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.815961][ T301] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.822895][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.830040][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.839363][ T341] device veth0_vlan entered promiscuous mode [ 40.845697][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.854083][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.861795][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.869032][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.876122][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.884066][ T287] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.891044][ T287] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.898365][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.906276][ T287] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.913348][ T287] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.920824][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.928426][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.936830][ T341] device veth1_macvtap entered promiscuous mode [ 40.944599][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.952917][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.961069][ T287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.972965][ T23] audit: type=1400 audit(1704428812.950:159): avc: denied { mounton } for pid=345 comm="syz-executor.0" path="/root/syzkaller-testdir1715026984/syzkaller.f3bAvX/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 41.023452][ T346] BUG: kernel NULL pointer dereference, address: 0000000000000010 [ 41.031151][ T346] #PF: supervisor read access in kernel mode [ 41.036981][ T346] #PF: error_code(0x0000) - not-present page [ 41.043018][ T346] PGD 10d272067 P4D 10d272067 PUD 10c24e067 PMD 0 [ 41.049310][ T346] Oops: 0000 [#1] PREEMPT SMP [ 41.053901][ T346] CPU: 1 PID: 346 Comm: syz-executor.0 Not tainted 5.10.204-syzkaller #0 [ 41.062142][ T346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 41.072038][ T346] RIP: 0010:do_renameat2+0x27f/0x4f0 [ 41.077148][ T346] Code: a8 e8 95 7b ff ff 48 8b 75 98 48 8d 7d b0 89 da 49 89 c4 e8 d3 8a ff ff 48 3d 00 f0 ff ff 49 89 c6 41 89 c5 0f 87 da 00 00 00 00 00 00 70 00 41 bd fe ff ff ff 0f 84 c0 00 00 00 8b 95 60 ff [ 41.096684][ T346] RSP: 0018:ffffc9000057fe60 EFLAGS: 00010203 [ 41.102586][ T346] RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000500000000 [ 41.110391][ T346] RDX: 0000000000000004 RSI: 0000000400000000 RDI: ffff88810a8ea500 [ 41.118216][ T346] RBP: ffffc9000057ff10 R08: 0000000000000005 R09: 0000000000000064 [ 41.126471][ T346] R10: ffff888109655560 R11: 0000000000000000 R12: 0000000000000000 [ 41.134287][ T346] R13: 0000000000000010 R14: 0000000000000010 R15: ffff888107f8d000 [ 41.142299][ T346] FS: 00007faa24a3f6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 41.151458][ T346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.158002][ T346] CR2: 0000000000000010 CR3: 000000010941d000 CR4: 00000000003506a0 [ 41.165977][ T346] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.173787][ T346] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.181594][ T346] Call Trace: [ 41.184727][ T346] ? show_regs.part.0+0x1e/0x20 [ 41.189500][ T346] ? __die+0x5d/0x9e [ 41.193239][ T346] ? no_context+0x1f2/0x380 [ 41.197664][ T346] ? __bad_area_nosemaphore+0x4b/0x1a0 [ 41.202956][ T346] ? bad_area_nosemaphore+0x11/0x20 [ 41.207994][ T346] ? exc_page_fault+0x2c9/0x5a0 [ 41.212956][ T346] ? asm_exc_page_fault+0x1e/0x30 [ 41.217784][ T346] ? do_renameat2+0x27f/0x4f0 [ 41.222413][ T346] __x64_sys_rename+0x40/0x50 [ 41.226894][ T346] do_syscall_64+0x32/0x80 [ 41.231144][ T346] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 41.237341][ T346] RIP: 0033:0x7faa24ebcae9 [ 41.241684][ T346] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 41.261856][ T346] RSP: 002b:00007faa24a3f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 41.270194][ T346] RAX: ffffffffffffffda RBX: 00007faa24fdbf80 RCX: 00007faa24ebcae9 [ 41.278070][ T346] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100 [ 41.285886][ T346] RBP: 00007faa24f0847a R08: 0000000000000000 R09: 0000000000000000 [ 41.293812][ T346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 41.301701][ T346] R13: 000000000000000b R14: 00007faa24fdbf80 R15: 00007ffe1d8088f8 [ 41.309665][ T346] Modules linked in: [ 41.313382][ T346] CR2: 0000000000000010 [ 41.317818][ T346] ---[ end trace bf11de0f774836d8 ]--- [ 41.323119][ T346] RIP: 0010:do_renameat2+0x27f/0x4f0 [ 41.328239][ T346] Code: a8 e8 95 7b ff ff 48 8b 75 98 48 8d 7d b0 89 da 49 89 c4 e8 d3 8a ff ff 48 3d 00 f0 ff ff 49 89 c6 41 89 c5 0f 87 da 00 00 00 00 00 00 70 00 41 bd fe ff ff ff 0f 84 c0 00 00 00 8b 95 60 ff [ 41.347677][ T346] RSP: 0018:ffffc9000057fe60 EFLAGS: 00010203 [ 41.353751][ T346] RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000500000000 [ 41.362083][ T346] RDX: 0000000000000004 RSI: 0000000400000000 RDI: ffff88810a8ea500 [ 41.369920][ T346] RBP: ffffc9000057ff10 R08: 0000000000000005 R09: 0000000000000064 [ 41.377703][ T346] R10: ffff888109655560 R11: 0000000000000000 R12: 0000000000000000 [ 41.385602][ T346] R13: 0000000000000010 R14: 0000000000000010 R15: ffff888107f8d000 [ 41.393413][ T346] FS: 00007faa24a3f6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 41.402276][ T346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.408696][ T346] CR2: 0000000000000010 CR3: 000000010941d000 CR4: 00000000003506a0 [ 41.416632][ T346] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.424486][ T346] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.432595][ T346] Kernel panic - not syncing: Fatal exception [ 41.438902][ T346] Kernel Offset: disabled [ 41.443021][ T346] Rebooting in 86400 seconds..