u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 31.761177][ T27] audit: type=1400 audit(1701722303.184:155): avc: denied { siginh } for pid=315 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.10' (ED25519) to the list of known hosts. 2023/12/04 20:38:29 ignoring optional flag "sandboxArg"="0" 2023/12/04 20:38:29 parsed 1 programs [ 38.427003][ T27] audit: type=1400 audit(1701722309.914:156): avc: denied { mounton } for pid=335 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 38.453258][ T27] audit: type=1400 audit(1701722309.914:157): avc: denied { mount } for pid=335 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2023/12/04 20:38:30 executed programs: 0 [ 38.478956][ T27] audit: type=1400 audit(1701722309.974:158): avc: denied { unlink } for pid=335 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 38.520149][ T335] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 38.539882][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.546790][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.553923][ T341] device bridge_slave_0 entered promiscuous mode [ 38.560790][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.567598][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.574675][ T341] device bridge_slave_1 entered promiscuous mode [ 38.586664][ T27] audit: type=1400 audit(1701722310.074:159): avc: denied { write } for pid=341 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 38.590375][ T341] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.607607][ T27] audit: type=1400 audit(1701722310.084:160): avc: denied { read } for pid=341 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 38.614410][ T341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.614429][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.648996][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.658388][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.665345][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.672240][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.679381][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.688795][ T341] device veth0_vlan entered promiscuous mode [ 38.695274][ T341] device veth1_macvtap entered promiscuous mode [ 38.702904][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.710877][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.718280][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.725317][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.732344][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.740099][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.747850][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.754688][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.761758][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.769697][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.776583][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.783775][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.791434][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.800851][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.808898][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.818166][ T27] audit: type=1400 audit(1701722310.304:161): avc: denied { mounton } for pid=341 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 38.844038][ T27] audit: type=1400 audit(1701722310.334:162): avc: denied { mounton } for pid=346 comm="syz-executor.0" path="/root/syzkaller-testdir2477278563/syzkaller.d4c7Eh/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 38.946281][ T347] BUG: kernel NULL pointer dereference, address: 0000000000000038 [ 38.954247][ T347] #PF: supervisor read access in kernel mode [ 38.960064][ T347] #PF: error_code(0x0000) - not-present page [ 38.966192][ T347] PGD 11552f067 P4D 11552f067 PUD 115533067 PMD 0 [ 38.972485][ T347] Oops: 0000 [#1] PREEMPT SMP [ 38.977441][ T347] CPU: 1 PID: 347 Comm: syz-executor.0 Not tainted 6.1.1-syzkaller #0 [ 38.985510][ T347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 38.995443][ T347] RIP: 0010:do_rmdir+0xfa/0x1c0 [ 39.000184][ T347] Code: 8b 7e 30 b8 a0 00 00 00 48 01 c7 e8 80 2f b5 00 48 8d 7d b0 4c 89 f6 44 89 e2 e8 61 03 00 00 48 89 c3 48 3d 00 f0 ff ff 77 2d <48> 83 7b 30 00 74 15 49 8b 7f 18 49 8b 76 30 48 89 da e8 ef fa ff [ 39.019972][ T347] RSP: 0018:ffffc90000707eb0 EFLAGS: 00010203 [ 39.025868][ T347] RAX: 0000000000000008 RBX: 0000000000000008 RCX: 0000000000000003 [ 39.034546][ T347] RDX: 0000000300000000 RSI: 0000000000000000 RDI: ffff88810b276a80 [ 39.042448][ T347] RBP: ffffc90000707f10 R08: 00000000ffffff9c R09: 000000008080007f [ 39.050374][ T347] R10: ffff8881137bac00 R11: ffff888100041400 R12: 0000000000000000 [ 39.058275][ T347] R13: 0000000000000001 R14: ffff88810ba91780 R15: ffff888113726ca0 [ 39.066085][ T347] FS: 00007f48d5ba46c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 39.074850][ T347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.081360][ T347] CR2: 0000000000000038 CR3: 0000000115521000 CR4: 00000000003506a0 [ 39.089264][ T347] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.097069][ T347] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.104889][ T347] Call Trace: [ 39.108037][ T347] [ 39.110786][ T347] __x64_sys_rmdir+0x1e/0x30 [ 39.115212][ T347] do_syscall_64+0x3d/0xb0 [ 39.119467][ T347] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 39.125625][ T347] RIP: 0033:0x7f48d4e7cae9 [ 39.129879][ T347] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 39.149429][ T347] RSP: 002b:00007f48d5ba40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 39.157855][ T347] RAX: ffffffffffffffda RBX: 00007f48d4f9bf80 RCX: 00007f48d4e7cae9 [ 39.165731][ T347] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 39.173900][ T347] RBP: 00007f48d4ec847a R08: 0000000000000000 R09: 0000000000000000 [ 39.181889][ T347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 39.189783][ T347] R13: 000000000000000b R14: 00007f48d4f9bf80 R15: 00007ffc81ecc498 [ 39.198061][ T347] [ 39.200998][ T347] Modules linked in: [ 39.204897][ T347] CR2: 0000000000000038 [ 39.208890][ T347] ---[ end trace 0000000000000000 ]--- [ 39.214194][ T347] RIP: 0010:do_rmdir+0xfa/0x1c0 [ 39.218874][ T347] Code: 8b 7e 30 b8 a0 00 00 00 48 01 c7 e8 80 2f b5 00 48 8d 7d b0 4c 89 f6 44 89 e2 e8 61 03 00 00 48 89 c3 48 3d 00 f0 ff ff 77 2d <48> 83 7b 30 00 74 15 49 8b 7f 18 49 8b 76 30 48 89 da e8 ef fa ff [ 39.238663][ T347] RSP: 0018:ffffc90000707eb0 EFLAGS: 00010203 [ 39.244558][ T347] RAX: 0000000000000008 RBX: 0000000000000008 RCX: 0000000000000003 [ 39.252544][ T347] RDX: 0000000300000000 RSI: 0000000000000000 RDI: ffff88810b276a80 [ 39.260358][ T347] RBP: ffffc90000707f10 R08: 00000000ffffff9c R09: 000000008080007f [ 39.268171][ T347] R10: ffff8881137bac00 R11: ffff888100041400 R12: 0000000000000000 [ 39.276079][ T347] R13: 0000000000000001 R14: ffff88810ba91780 R15: ffff888113726ca0 [ 39.284030][ T347] FS: 00007f48d5ba46c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 39.292932][ T347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.299417][ T347] CR2: 0000000000000038 CR3: 0000000115521000 CR4: 00000000003506a0 [ 39.307461][ T347] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.315354][ T347] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.323163][ T347] Kernel panic - not syncing: Fatal exception [ 39.329315][ T347] Kernel Offset: disabled [ 39.333432][ T347] Rebooting in 86400 seconds..