Warning: Permanently added '10.128.0.232' (ED25519) to the list of known hosts. 2024/03/19 11:55:08 ignoring optional flag "sandboxArg"="0" 2024/03/19 11:55:08 parsed 1 programs [ 44.430090][ T23] kauditd_printk_skb: 75 callbacks suppressed [ 44.430092][ T23] audit: type=1400 audit(1710849308.450:151): avc: denied { mounton } for pid=351 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 44.464235][ T23] audit: type=1400 audit(1710849308.450:152): avc: denied { mount } for pid=351 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 44.491234][ T23] audit: type=1400 audit(1710849308.450:153): avc: denied { setattr } for pid=351 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 2024/03/19 11:55:08 executed programs: 0 [ 44.515873][ T23] audit: type=1400 audit(1710849308.450:154): avc: denied { read write } for pid=351 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.516060][ T351] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.542980][ T23] audit: type=1400 audit(1710849308.450:155): avc: denied { open } for pid=351 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.583302][ T23] audit: type=1400 audit(1710849308.490:156): avc: denied { unlink } for pid=351 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.584740][ T356] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.611550][ T23] audit: type=1400 audit(1710849308.490:157): avc: denied { relabelto } for pid=352 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.619123][ T356] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.646696][ T23] audit: type=1400 audit(1710849308.570:158): avc: denied { mounton } for pid=356 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 44.680069][ T356] device bridge_slave_0 entered promiscuous mode [ 44.686355][ T356] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.694049][ T356] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.701537][ T356] device bridge_slave_1 entered promiscuous mode [ 44.712016][ T356] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.719035][ T356] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.726465][ T356] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.733802][ T356] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.742806][ T309] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.749848][ T309] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.757634][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.765777][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.774893][ T356] device veth0_vlan entered promiscuous mode [ 44.782087][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.790675][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.798462][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.805806][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.813847][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.821895][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.828940][ T310] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.836120][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.844080][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.851117][ T310] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.858184][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.866435][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.875051][ T356] device veth1_macvtap entered promiscuous mode [ 44.881769][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.890138][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.899586][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.913522][ T23] audit: type=1400 audit(1710849308.930:159): avc: denied { mounton } for pid=362 comm="syz-executor.0" path="/root/syzkaller-testdir899950072/syzkaller.jeQQbv/0/file0" dev="sda1" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 45.015167][ T363] BUG: kernel NULL pointer dereference, address: 0000000000000038 [ 45.023082][ T363] #PF: supervisor read access in kernel mode [ 45.029269][ T363] #PF: error_code(0x0000) - not-present page [ 45.035372][ T363] PGD 10958c067 P4D 10958c067 PUD 10fcb2067 PMD 0 [ 45.042085][ T363] Oops: 0000 [#1] PREEMPT SMP [ 45.046930][ T363] CPU: 1 PID: 363 Comm: syz-executor.0 Not tainted 5.10.209-syzkaller #0 [ 45.056012][ T363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 45.066147][ T363] RIP: 0010:do_rmdir+0x10a/0x1b0 [ 45.070861][ T363] Code: 81 c7 a0 00 00 00 e8 35 de a1 00 48 8b 75 b8 48 8d 7d c0 44 89 f2 e8 15 94 ff ff 48 3d 00 f0 ff ff 49 89 c6 0f 87 81 00 00 00 <48> 83 78 30 00 74 6f 48 8b 45 b8 ba 01 00 00 00 4c 89 f6 4c 8b 78 [ 45.091716][ T363] RSP: 0018:ffffc90000597ec0 EFLAGS: 00010203 [ 45.097809][ T363] RAX: 0000000000000008 RBX: 0000000000000001 RCX: 0000000400000000 [ 45.106231][ T363] RDX: 0000000000000003 RSI: 0000000300000000 RDI: ffff888101de3780 [ 45.115632][ T363] RBP: ffffc90000597f18 R08: 0000000000000004 R09: 0000000000000064 [ 45.125311][ T363] R10: ffff8881095c6ae0 R11: 0000000000004000 R12: ffff8881071c4000 [ 45.133489][ T363] R13: 00000000ffffff9c R14: 0000000000000008 R15: 0000000000000000 [ 45.141609][ T363] FS: 00007f0d621c86c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 45.151135][ T363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.157816][ T363] CR2: 0000000000000038 CR3: 000000010fc17000 CR4: 00000000003506a0 [ 45.165799][ T363] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.173873][ T363] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.182146][ T363] Call Trace: [ 45.185279][ T363] ? show_regs.part.0+0x1e/0x20 [ 45.190256][ T363] ? __die+0x5d/0x9e [ 45.194238][ T363] ? no_context+0x1f2/0x380 [ 45.198746][ T363] ? __bad_area_nosemaphore+0x4b/0x1a0 [ 45.204040][ T363] ? bad_area_nosemaphore+0x11/0x20 [ 45.209073][ T363] ? exc_page_fault+0x2c9/0x5a0 [ 45.213763][ T363] ? asm_exc_page_fault+0x1e/0x30 [ 45.218729][ T363] ? do_rmdir+0x10a/0x1b0 [ 45.223394][ T363] __x64_sys_rmdir+0x3d/0x60 [ 45.227910][ T363] do_syscall_64+0x32/0x80 [ 45.232402][ T363] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 45.238303][ T363] RIP: 0033:0x7f0d62645ae9 [ 45.242621][ T363] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 45.262061][ T363] RSP: 002b:00007f0d621c80c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 45.270304][ T363] RAX: ffffffffffffffda RBX: 00007f0d62764f80 RCX: 00007f0d62645ae9 [ 45.278128][ T363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 45.285939][ T363] RBP: 00007f0d6269147a R08: 0000000000000000 R09: 0000000000000000 [ 45.294016][ T363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 45.301951][ T363] R13: 000000000000000b R14: 00007f0d62764f80 R15: 00007fff389d0c68 [ 45.309914][ T363] Modules linked in: [ 45.313618][ T363] CR2: 0000000000000038 [ 45.317696][ T363] ---[ end trace d1c7dd984a33fe9e ]--- [ 45.323119][ T363] RIP: 0010:do_rmdir+0x10a/0x1b0 [ 45.328029][ T363] Code: 81 c7 a0 00 00 00 e8 35 de a1 00 48 8b 75 b8 48 8d 7d c0 44 89 f2 e8 15 94 ff ff 48 3d 00 f0 ff ff 49 89 c6 0f 87 81 00 00 00 <48> 83 78 30 00 74 6f 48 8b 45 b8 ba 01 00 00 00 4c 89 f6 4c 8b 78 [ 45.349162][ T363] RSP: 0018:ffffc90000597ec0 EFLAGS: 00010203 [ 45.355046][ T363] RAX: 0000000000000008 RBX: 0000000000000001 RCX: 0000000400000000 [ 45.362952][ T363] RDX: 0000000000000003 RSI: 0000000300000000 RDI: ffff888101de3780 [ 45.371488][ T363] RBP: ffffc90000597f18 R08: 0000000000000004 R09: 0000000000000064 [ 45.379472][ T363] R10: ffff8881095c6ae0 R11: 0000000000004000 R12: ffff8881071c4000 [ 45.387508][ T363] R13: 00000000ffffff9c R14: 0000000000000008 R15: 0000000000000000 [ 45.395708][ T363] FS: 00007f0d621c86c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 45.404810][ T363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.411226][ T363] CR2: 0000000000000038 CR3: 000000010fc17000 CR4: 00000000003506a0 [ 45.419133][ T363] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.427209][ T363] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.435091][ T363] Kernel panic - not syncing: Fatal exception [ 45.441530][ T363] Kernel Offset: disabled [ 45.446069][ T363] Rebooting in 86400 seconds..