Warning: Permanently added '10.128.0.192' (ED25519) to the list of known hosts. 2024/05/02 14:47:07 ignoring optional flag "sandboxArg"="0" 2024/05/02 14:47:07 parsed 1 programs [ 43.198549][ T27] audit: type=1400 audit(1714661227.785:156): avc: denied { mounton } for pid=344 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 43.223202][ T27] audit: type=1400 audit(1714661227.785:157): avc: denied { mount } for pid=344 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2024/05/02 14:47:07 executed programs: 0 [ 43.255269][ T27] audit: type=1400 audit(1714661227.845:158): avc: denied { unlink } for pid=344 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.263976][ T344] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 43.299449][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.306295][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.313178][ T351] device bridge_slave_0 entered promiscuous mode [ 43.319482][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.326336][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.333211][ T351] device bridge_slave_1 entered promiscuous mode [ 43.344043][ T27] audit: type=1400 audit(1714661227.925:159): avc: denied { write } for pid=351 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.345401][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.364352][ T27] audit: type=1400 audit(1714661227.925:160): avc: denied { read } for pid=351 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.371169][ T351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.371184][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.405281][ T351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.414047][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.420968][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.427847][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.434774][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.443534][ T351] device veth0_vlan entered promiscuous mode [ 43.449716][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.457713][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.465061][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.472121][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.479237][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.487038][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.493842][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.501029][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.508846][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.515740][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.522802][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.530382][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.539055][ T351] device veth1_macvtap entered promiscuous mode [ 43.545307][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.554153][ T27] audit: type=1400 audit(1714661228.135:161): avc: denied { mounton } for pid=351 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 43.576818][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.584761][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.594408][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 43.601548][ T356] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 43.609431][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.610159][ T27] audit: type=1400 audit(1714661228.195:162): avc: denied { bpf } for pid=355 comm="syz-executor.0" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 43.617316][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.637678][ T27] audit: type=1400 audit(1714661228.195:163): avc: denied { prog_load } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 43.645480][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.664593][ T27] audit: type=1400 audit(1714661228.195:164): avc: denied { perfmon } for pid=355 comm="syz-executor.0" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 43.672384][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.700712][ T27] audit: type=1400 audit(1714661228.195:165): avc: denied { prog_run } for pid=355 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 43.701353][ T356] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 43.728756][ T356] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.735597][ T356] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.743420][ T356] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 43.759562][ T358] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 43.773044][ T360] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 43.781018][ T360] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.787841][ T360] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.795042][ T360] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.801866][ T360] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.809499][ T360] device veth0_vlan left promiscuous mode [ 43.815041][ T360] device veth0_vlan entered promiscuous mode [ 43.821120][ T360] device veth1_macvtap left promiscuous mode [ 43.827067][ T360] device veth1_macvtap entered promiscuous mode [ 43.833299][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.840544][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.847555][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.855434][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.863321][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.871067][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.878790][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.886511][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.894378][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.902232][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 43.910105][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.917896][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.925569][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 43.933545][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 43.941070][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 43.948829][ T361] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 43.958584][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.965428][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.972737][ T361] BUG: kernel NULL pointer dereference, address: 0000000000000010 [ 43.980322][ T361] #PF: supervisor read access in kernel mode [ 43.986136][ T361] #PF: error_code(0x0000) - not-present page [ 43.991952][ T361] PGD 117cd5067 P4D 117cd5067 PUD 117cdd067 PMD 0 [ 43.998294][ T361] Oops: 0000 [#1] PREEMPT SMP [ 44.002800][ T361] CPU: 0 PID: 361 Comm: syz-executor.0 Not tainted 6.1.75-syzkaller #0 [ 44.010959][ T361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 44.020855][ T361] RIP: 0010:hrtimer_try_to_cancel+0x12/0xb0 [ 44.026582][ T361] Code: 00 e8 52 30 01 00 5b 41 5e 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 57 41 56 41 54 53 48 89 fb 48 8b 43 30 <8b> 48 10 f6 c1 01 74 04 f3 90 eb f4 80 7b 38 00 75 25 48 39 58 18 [ 44.046026][ T361] RSP: 0018:ffffc900007d72f8 EFLAGS: 00010246 [ 44.051926][ T361] RAX: 0000000000000000 RBX: ffff88810032a918 RCX: 0000000000000004 [ 44.059737][ T361] RDX: 000000000000000d RSI: 000061100fc019e9 RDI: ffff88810032a918 [ 44.067550][ T361] RBP: ffffc900007d7318 R08: 0000000000000000 R09: ffffc90000405000 [ 44.075362][ T361] R10: 0000000000000001 R11: ffffc900007d75c0 R12: ffff88810032a800 [ 44.083178][ T361] R13: 000061100fc019e9 R14: ffff888112ef4000 R15: 0000000000000340 [ 44.090984][ T361] FS: 00007fc469bff6c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 44.099753][ T361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.106173][ T361] CR2: 0000000000000010 CR3: 0000000117c8e000 CR4: 00000000003506b0 [ 44.113987][ T361] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.121795][ T361] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.129607][ T361] Call Trace: [ 44.132735][ T361] [ 44.135520][ T361] ? __die_body+0x62/0xb0 [ 44.139676][ T361] ? __die+0x7e/0x90 [ 44.143410][ T361] ? page_fault_oops+0x369/0x3d0 [ 44.148358][ T361] ? _raw_spin_lock+0x1a/0x50 [ 44.152872][ T361] ? exc_page_fault+0x4dc/0x670 [ 44.157556][ T361] ? asm_exc_page_fault+0x27/0x30 [ 44.162416][ T361] ? hrtimer_try_to_cancel+0x12/0xb0 [ 44.167539][ T361] hrtimer_cancel+0xd/0x20 [ 44.171790][ T361] napi_disable+0x54/0x60 [ 44.175962][ T361] veth_set_features+0x79/0xe0 [ 44.180645][ T361] __netdev_update_features+0x2a3/0x700 [ 44.186024][ T361] ? __this_cpu_preempt_check+0x13/0x20 [ 44.191408][ T361] ? __local_bh_enable_ip+0x4a/0x70 [ 44.196440][ T361] ? fib6_run_gc+0x1af/0x200 [ 44.200874][ T361] netdev_update_features+0x20/0x90 [ 44.206245][ T361] veth_xdp+0x1ab/0x1e0 [ 44.210156][ T361] ? veth_set_rx_headroom+0x50/0x50 [ 44.215276][ T361] dev_xdp_install+0x65/0xf0 [ 44.219702][ T361] dev_xdp_attach+0x3c6/0x500 [ 44.224216][ T361] dev_change_xdp_fd+0xd3/0x110 [ 44.228901][ T361] do_setlink+0x114e/0x11b0 [ 44.233245][ T361] rtnl_newlink+0x8df/0xdd0 [ 44.237581][ T361] ? _raw_spin_unlock+0x1e/0x40 [ 44.242360][ T361] ? __mutex_lock+0x26e/0xa10 [ 44.246870][ T361] rtnetlink_rcv_msg+0x2a6/0x460 [ 44.251642][ T361] ? __stack_depot_save+0x21/0x480 [ 44.256591][ T361] ? stack_depot_save+0x13/0x20 [ 44.261279][ T361] ? save_stack+0xfb/0x140 [ 44.265531][ T361] ? free_unref_page_prepare+0x2ec/0x300 [ 44.270997][ T361] ? slab_post_alloc_hook+0x71/0x300 [ 44.276121][ T361] ? flush_tlb_mm_range+0x146/0x170 [ 44.281155][ T361] ? _raw_spin_unlock+0x1e/0x40 [ 44.285842][ T361] ? avc_has_perm_noaudit+0x11f/0x1a0 [ 44.291047][ T361] ? avc_has_perm+0x55/0xe0 [ 44.295390][ T361] ? rtnetlink_bind+0x30/0x30 [ 44.299900][ T361] netlink_rcv_skb+0xf4/0x120 [ 44.304414][ T361] rtnetlink_rcv+0x10/0x20 [ 44.308667][ T361] netlink_unicast+0x291/0x380 [ 44.313267][ T361] netlink_sendmsg+0x38b/0x420 [ 44.317867][ T361] ____sys_sendmsg+0x188/0x230 [ 44.322469][ T361] ___sys_sendmsg+0x28f/0x2d0 [ 44.326983][ T361] __se_sys_sendmsg+0xf5/0x130 [ 44.331580][ T361] __x64_sys_sendmsg+0x18/0x20 [ 44.336188][ T361] do_syscall_64+0x3d/0xb0 [ 44.340432][ T361] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.346227][ T361] RIP: 0033:0x7fc46a07cae9 [ 44.350416][ T361] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.369867][ T361] RSP: 002b:00007fc469bff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 44.378102][ T361] RAX: ffffffffffffffda RBX: 00007fc46a19c050 RCX: 00007fc46a07cae9 [ 44.385914][ T361] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 44.393725][ T361] RBP: 00007fc46a0c847a R08: 0000000000000000 R09: 0000000000000000 [ 44.401536][ T361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.409348][ T361] R13: 000000000000006e R14: 00007fc46a19c050 R15: 00007ffc150069a8 [ 44.417162][ T361] [ 44.420024][ T361] Modules linked in: [ 44.423770][ T361] CR2: 0000000000000010 [ 44.427750][ T361] ---[ end trace 0000000000000000 ]--- [ 44.433046][ T361] RIP: 0010:hrtimer_try_to_cancel+0x12/0xb0 [ 44.438775][ T361] Code: 00 e8 52 30 01 00 5b 41 5e 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 57 41 56 41 54 53 48 89 fb 48 8b 43 30 <8b> 48 10 f6 c1 01 74 04 f3 90 eb f4 80 7b 38 00 75 25 48 39 58 18 [ 44.458214][ T361] RSP: 0018:ffffc900007d72f8 EFLAGS: 00010246 [ 44.464123][ T361] RAX: 0000000000000000 RBX: ffff88810032a918 RCX: 0000000000000004 [ 44.471928][ T361] RDX: 000000000000000d RSI: 000061100fc019e9 RDI: ffff88810032a918 [ 44.479737][ T361] RBP: ffffc900007d7318 R08: 0000000000000000 R09: ffffc90000405000 [ 44.487551][ T361] R10: 0000000000000001 R11: ffffc900007d75c0 R12: ffff88810032a800 [ 44.495361][ T361] R13: 000061100fc019e9 R14: ffff888112ef4000 R15: 0000000000000340 [ 44.503176][ T361] FS: 00007fc469bff6c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 44.511941][ T361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.518363][ T361] CR2: 0000000000000010 CR3: 0000000117c8e000 CR4: 00000000003506b0 [ 44.526177][ T361] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.533985][ T361] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.541800][ T361] Kernel panic - not syncing: Fatal exception [ 44.547929][ T361] Kernel Offset: disabled [ 44.552036][ T361] Rebooting in 86400 seconds..