[ 27.112686][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.122055][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.130269][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 27.139428][ T295] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 27.934110][ T106] device bridge_slave_1 left promiscuous mode [ 27.940124][ T106] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.947435][ T106] device bridge_slave_0 left promiscuous mode [ 27.953501][ T106] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.960825][ T106] device veth1_macvtap left promiscuous mode [ 27.966601][ T106] device veth0_vlan left promiscuous mode Warning: Permanently added '10.128.0.37' (ED25519) to the list of known hosts. 2024/08/20 23:20:34 ignoring optional flag "sandboxArg"="0" 2024/08/20 23:20:34 parsed 1 programs [ 44.097291][ T23] kauditd_printk_skb: 18 callbacks suppressed [ 44.097295][ T23] audit: type=1400 audit(1724196034.270:94): avc: denied { mounton } for pid=339 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 44.128682][ T23] audit: type=1400 audit(1724196034.270:95): avc: denied { read write } for pid=339 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.156214][ T23] audit: type=1400 audit(1724196034.270:96): avc: denied { open } for pid=339 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.183387][ T23] audit: type=1400 audit(1724196034.310:97): avc: denied { unlink } for pid=339 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.209489][ T23] audit: type=1400 audit(1724196034.310:98): avc: denied { relabelto } for pid=340 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/08/20 23:20:34 executed programs: 0 [ 44.274760][ T339] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.294486][ T344] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.301777][ T344] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.308919][ T344] device bridge_slave_0 entered promiscuous mode [ 44.315198][ T344] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.322487][ T344] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.329686][ T344] device bridge_slave_1 entered promiscuous mode [ 44.341481][ T344] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.348336][ T344] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.355582][ T344] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.362654][ T344] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.371587][ T19] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.378800][ T19] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.385944][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.393399][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.401433][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.409482][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.416607][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.425428][ T344] device veth0_vlan entered promiscuous mode [ 44.431586][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.439677][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.447406][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.454558][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.461585][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.469883][ T19] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.476955][ T19] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.484492][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.492005][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.500405][ T344] device veth1_macvtap entered promiscuous mode [ 44.507536][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.515763][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.524010][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.536480][ T23] audit: type=1400 audit(1724196034.710:99): avc: denied { mounton } for pid=348 comm="syz-executor.0" path="/root/syzkaller-testdir4074662334/syzkaller.O8oZil/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 44.538363][ T349] BUG: kernel NULL pointer dereference, address: 0000000000000030 [ 44.564096][ T23] audit: type=1400 audit(1724196034.710:100): avc: denied { unlink } for pid=348 comm="syz-executor.0" name="#1" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 44.571569][ T349] #PF: supervisor read access in kernel mode [ 44.571570][ T349] #PF: error_code(0x0000) - not-present page [ 44.571572][ T349] PGD 10d3f2067 P4D 10d3f2067 PUD 10d3f6067 PMD 0 [ 44.571592][ T349] Oops: 0000 [#1] PREEMPT SMP [ 44.571595][ T349] CPU: 0 PID: 349 Comm: syz-executor.0 Not tainted 5.10.223-syzkaller #0 [ 44.571597][ T349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 44.571603][ T349] RIP: 0010:security_inode_getattr+0x4/0x40 [ 44.571607][ T349] Code: 85 c0 75 0a 48 8b 1b 48 85 db 75 eb 31 c0 5b 41 5c 41 5d 5d c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 47 08 <48> 8b 40 30 f6 40 0d 02 75 2f 55 48 89 e5 41 54 49 89 fc 53 48 8b [ 44.594149][ T23] audit: type=1400 audit(1724196034.710:101): avc: denied { mount } for pid=348 comm="syz-executor.0" name="/" dev="overlay" ino=1941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 44.599687][ T349] RSP: 0018:ffffc900005778a0 EFLAGS: 00010246 [ 44.599691][ T349] RAX: 0000000000000000 RBX: ffff888108d24750 RCX: 0000000000000000 [ 44.599692][ T349] RDX: 00000000000007ff RSI: ffffc900005779a0 RDI: ffffc90000577990 [ 44.599693][ T349] RBP: ffffc900005778c8 R08: 0000000000000064 R09: ffff888109f89c88 [ 44.599695][ T349] R10: 0000000000010000 R11: 0000000000000000 R12: ffffc900005779a0 [ 44.599696][ T349] R13: 00000000000007ff R14: 0000000000000000 R15: ffffc90000577990 [ 44.599698][ T349] FS: 00007f80033a66c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 44.599699][ T349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.599704][ T349] CR2: 0000000000000030 CR3: 00000001092fb000 CR4: 00000000003506b0 [ 44.599705][ T349] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.599706][ T349] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.599709][ T349] Call Trace: [ 44.605683][ T23] audit: type=1400 audit(1724196034.710:102): avc: denied { write } for pid=348 comm="syz-executor.0" name="/" dev="incremental-fs" ino=1941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 44.612245][ T349] ? show_regs.part.0+0x1e/0x20 [ 44.612247][ T349] ? __die+0x5d/0x9e [ 44.612251][ T349] ? no_context.constprop.0+0x129/0x320 [ 44.612256][ T349] ? __find_get_block+0xf0/0x370 [ 44.612259][ T349] ? __bad_area_nosemaphore+0x40/0x190 [ 44.612264][ T349] ? crypto_shash_update+0x13/0x20 [ 44.616743][ T23] audit: type=1400 audit(1724196034.710:103): avc: denied { add_name } for pid=348 comm="syz-executor.0" name="file1" dev="incremental-fs" ino=1940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 44.625155][ T349] ? bad_area_nosemaphore+0x11/0x20 [ 44.625158][ T349] ? exc_page_fault+0x2c9/0x590 [ 44.625162][ T349] ? asm_exc_page_fault+0x1e/0x30 [ 44.625167][ T349] ? security_inode_getattr+0x4/0x40 [ 44.625170][ T349] ? vfs_getattr+0x1d/0x40 [ 44.625174][ T349] ovl_copy_up_one+0xaa/0xd60 [ 44.625178][ T349] ? vsnprintf+0x399/0x4d0 [ 44.625187][ T349] ovl_copy_up_flags+0xb6/0x100 [ 44.884981][ T349] ovl_maybe_copy_up+0x8d/0xb0 [ 44.889665][ T349] ovl_open+0x27/0x80 [ 44.893652][ T349] ? ovl_mmap+0xc0/0xc0 [ 44.897794][ T349] do_dentry_open+0x157/0x3d0 [ 44.902410][ T349] dentry_open+0x48/0x70 [ 44.906639][ T349] file_open+0xca/0x230 [ 44.910806][ T349] ? read_single_page+0x3a0/0x3a0 [ 44.915669][ T349] do_dentry_open+0x157/0x3d0 [ 44.920173][ T349] vfs_open+0x28/0x30 [ 44.923990][ T349] path_openat+0xbbd/0x10d0 [ 44.928515][ T349] ? wake_up_q+0x6f/0xc0 [ 44.932683][ T349] ? futex_wake+0x158/0x190 [ 44.937117][ T349] do_filp_open+0x9d/0x140 [ 44.941975][ T349] ? do_futex+0x101/0xb70 [ 44.946548][ T349] ? _raw_spin_unlock+0x1f/0x40 [ 44.951509][ T349] do_sys_openat2+0x9c/0x210 [ 44.956108][ T349] __x64_sys_openat+0x51/0x90 [ 44.960611][ T349] do_syscall_64+0x32/0x80 [ 44.964868][ T349] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 44.970805][ T349] RIP: 0033:0x7f8003824da9 [ 44.975237][ T349] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 44.994844][ T349] RSP: 002b:00007f80033a60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 45.003282][ T349] RAX: ffffffffffffffda RBX: 00007f8003952f80 RCX: 00007f8003824da9 [ 45.011267][ T349] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000004 [ 45.019063][ T349] RBP: 00007f800387147a R08: 0000000000000000 R09: 0000000000000000 [ 45.027229][ T349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 45.035245][ T349] R13: 000000000000000b R14: 00007f8003952f80 R15: 00007fff2425c1a8 [ 45.043153][ T349] Modules linked in: [ 45.046873][ T349] CR2: 0000000000000030 [ 45.050875][ T349] ---[ end trace 34784997a865a027 ]--- [ 45.056168][ T349] RIP: 0010:security_inode_getattr+0x4/0x40 [ 45.061992][ T349] Code: 85 c0 75 0a 48 8b 1b 48 85 db 75 eb 31 c0 5b 41 5c 41 5d 5d c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 47 08 <48> 8b 40 30 f6 40 0d 02 75 2f 55 48 89 e5 41 54 49 89 fc 53 48 8b [ 45.081927][ T349] RSP: 0018:ffffc900005778a0 EFLAGS: 00010246 [ 45.087875][ T349] RAX: 0000000000000000 RBX: ffff888108d24750 RCX: 0000000000000000 [ 45.095771][ T349] RDX: 00000000000007ff RSI: ffffc900005779a0 RDI: ffffc90000577990 [ 45.103588][ T349] RBP: ffffc900005778c8 R08: 0000000000000064 R09: ffff888109f89c88 [ 45.111439][ T349] R10: 0000000000010000 R11: 0000000000000000 R12: ffffc900005779a0 [ 45.119381][ T349] R13: 00000000000007ff R14: 0000000000000000 R15: ffffc90000577990 [ 45.127276][ T349] FS: 00007f80033a66c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 45.136356][ T349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.143140][ T349] CR2: 0000000000000030 CR3: 00000001092fb000 CR4: 00000000003506b0 [ 45.150940][ T349] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.158750][ T349] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.166902][ T349] Kernel panic - not syncing: Fatal exception [ 45.173145][ T349] Kernel Offset: disabled [ 45.177353][ T349] Rebooting in 86400 seconds..