Warning: Permanently added '10.128.0.195' (ED25519) to the list of known hosts. 2024/01/04 22:55:28 ignoring optional flag "sandboxArg"="0" 2024/01/04 22:55:28 parsed 1 programs [ 41.653276][ T28] audit: type=1400 audit(1704408928.273:156): avc: denied { mounton } for pid=341 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 41.678785][ T28] audit: type=1400 audit(1704408928.283:157): avc: denied { mount } for pid=341 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 41.730286][ T28] audit: type=1400 audit(1704408928.353:158): avc: denied { unlink } for pid=341 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/01/04 22:55:28 executed programs: 0 [ 41.774239][ T341] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 41.832716][ T347] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.840268][ T347] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.847450][ T347] device bridge_slave_0 entered promiscuous mode [ 41.854748][ T347] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.862160][ T347] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.869676][ T347] device bridge_slave_1 entered promiscuous mode [ 41.913489][ T28] audit: type=1400 audit(1704408928.533:159): avc: denied { write } for pid=347 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.919405][ T347] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.934531][ T28] audit: type=1400 audit(1704408928.533:160): avc: denied { read } for pid=347 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.941288][ T347] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.941390][ T347] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.975932][ T347] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.996719][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.004038][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.011694][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.018977][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.027976][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.036166][ T19] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.043024][ T19] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.060947][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.069566][ T301] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.076448][ T301] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.083824][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.092079][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.106158][ T347] device veth0_vlan entered promiscuous mode [ 42.112555][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.121173][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.128936][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.136621][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.149539][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.159243][ T347] device veth1_macvtap entered promiscuous mode [ 42.169128][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.181046][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.196410][ T28] audit: type=1400 audit(1704408928.813:161): avc: denied { mounton } for pid=347 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 42.230234][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 42.237668][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 42.252940][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.260729][ T28] audit: type=1400 audit(1704408928.883:162): avc: denied { bpf } for pid=352 comm="syz-executor.0" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 42.261731][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.283656][ T28] audit: type=1400 audit(1704408928.913:163): avc: denied { prog_load } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 42.291246][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.309584][ T28] audit: type=1400 audit(1704408928.913:164): avc: denied { perfmon } for pid=352 comm="syz-executor.0" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 42.318019][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.339114][ T28] audit: type=1400 audit(1704408928.913:165): avc: denied { prog_run } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 42.366502][ T353] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.384474][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.391853][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.405664][ T353] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 42.422269][ T355] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.459802][ T358] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 42.472105][ T358] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.479237][ T358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.487393][ T358] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.494375][ T358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.508010][ T358] device veth0_vlan left promiscuous mode [ 42.514010][ T358] device veth0_vlan entered promiscuous mode [ 42.521265][ T358] device veth1_macvtap left promiscuous mode [ 42.527773][ T358] device veth1_macvtap entered promiscuous mode [ 42.535269][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.542948][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.551483][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.560252][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.568582][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.577076][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.585929][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.594061][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.602210][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.610429][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.618654][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.626986][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.635532][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.643980][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.652440][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.660866][ T359] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.677318][ T359] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.684448][ T359] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.693507][ T359] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN [ 42.705424][ T359] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 42.714157][ T359] CPU: 0 PID: 359 Comm: syz-executor.0 Not tainted 6.1.57-syzkaller-1150592-ged9b660cd1ad #0 [ 42.725068][ T359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 42.735254][ T359] RIP: 0010:hrtimer_try_to_cancel+0x7d/0x320 [ 42.741180][ T359] Code: 00 48 8b 5d c8 48 8b 45 d0 42 80 3c 38 00 74 08 48 89 df e8 25 0c 55 00 48 8b 03 48 89 45 b0 4c 8d 60 10 4d 89 e5 49 c1 ed 03 <43> 0f b6 44 3d 00 84 c0 0f 85 00 01 00 00 41 8b 1c 24 89 de 83 e6 [ 42.761367][ T359] RSP: 0018:ffffc90002e866d0 EFLAGS: 00010202 [ 42.767354][ T359] RAX: 0000000000000000 RBX: ffff88810feee148 RCX: 1ffff11021fddc2a [ 42.775709][ T359] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88810feee118 [ 42.783854][ T359] RBP: ffffc90002e86728 R08: ffffffff8407453f R09: ffffed1021fddc03 [ 42.792192][ T359] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000010 [ 42.800099][ T359] R13: 0000000000000002 R14: ffff88810feee118 R15: dffffc0000000000 [ 42.808543][ T359] FS: 00007f10ee5606c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 42.817387][ T359] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.824596][ T359] CR2: 00007f10ee560d58 CR3: 000000012717d000 CR4: 00000000003506b0 [ 42.832687][ T359] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.840702][ T359] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.848485][ T359] Call Trace: [ 42.851618][ T359] [ 42.854393][ T359] ? __die_body+0x62/0xb0 [ 42.858829][ T359] ? die_addr+0x9f/0xd0 [ 42.863237][ T359] ? exc_general_protection+0x317/0x4c0 [ 42.869092][ T359] ? asm_exc_general_protection+0x27/0x30 [ 42.874969][ T359] ? napi_disable+0xbf/0x110 [ 42.879712][ T359] ? hrtimer_try_to_cancel+0x7d/0x320 [ 42.884906][ T359] hrtimer_cancel+0x17/0x50 [ 42.889243][ T359] napi_disable+0xe8/0x110 [ 42.893495][ T359] veth_set_features+0x1c8/0x300 [ 42.898355][ T359] __netdev_update_features+0x865/0x1c40 [ 42.903825][ T359] ? __kasan_check_write+0x14/0x20 [ 42.908768][ T359] ? _raw_write_lock_bh+0xa4/0x170 [ 42.913804][ T359] ? dev_xdp_attach+0xdc0/0xdc0 [ 42.918488][ T359] ? del_timer+0x107/0x140 [ 42.922914][ T359] ? lock_timer_base+0x270/0x270 [ 42.927693][ T359] ? __local_bh_enable_ip+0x58/0x80 [ 42.932848][ T359] ? _raw_spin_unlock_bh+0x50/0x60 [ 42.937934][ T359] ? fib6_run_gc+0x44a/0x590 [ 42.942380][ T359] ? fib6_clean_all_skip_notify+0x2f0/0x2f0 [ 42.948188][ T359] netdev_update_features+0x6d/0x1c0 [ 42.953413][ T359] ? dev_disable_lro+0x1d0/0x1d0 [ 42.958190][ T359] veth_xdp+0x4fa/0x6b0 [ 42.962176][ T359] dev_xdp_install+0x151/0x380 [ 42.966889][ T359] ? veth_set_rx_headroom+0x160/0x160 [ 42.972082][ T359] ? bpf_xdp_link_fill_link_info+0xc0/0xc0 [ 42.977966][ T359] ? veth_set_rx_headroom+0x160/0x160 [ 42.983102][ T359] dev_xdp_attach+0xb52/0xdc0 [ 42.987628][ T359] dev_change_xdp_fd+0x1db/0x260 [ 42.992566][ T359] do_setlink+0x3877/0x3e90 [ 42.996934][ T359] ? vprintk_default+0x26/0x30 [ 43.001502][ T359] ? _printk+0xd1/0x111 [ 43.005620][ T359] ? __nla_validate_parse+0x4e0/0x2c30 [ 43.010873][ T359] ? nlmsg_parse_deprecated_strict+0x110/0x110 [ 43.016862][ T359] ? rtnl_newlink+0xe6/0x2030 [ 43.021375][ T359] ? __nla_validate_parse+0x219d/0x2c30 [ 43.026752][ T359] ? ____sys_sendmsg+0x5dc/0x9d0 [ 43.031640][ T359] ? __sys_sendmsg+0x2a9/0x390 [ 43.036497][ T359] ? __x64_sys_sendmsg+0x7f/0x90 [ 43.041279][ T359] ? __nla_validate+0x50/0x50 [ 43.045794][ T359] rtnl_newlink+0x10cc/0x2030 [ 43.050301][ T359] ? rtnl_newlink+0xb51/0x2030 [ 43.054905][ T359] ? rtnl_setlink+0x560/0x560 [ 43.059413][ T359] ? selinux_capable+0x2f1/0x430 [ 43.064188][ T359] ? selinux_capset+0xf0/0xf0 [ 43.068706][ T359] ? __mutex_lock_slowpath+0xe/0x10 [ 43.074028][ T359] ? bit_wait_io_timeout+0x120/0x120 [ 43.079141][ T359] ? ns_capable+0x89/0xe0 [ 43.083310][ T359] ? try_module_get+0x12a/0x290 [ 43.087992][ T359] ? rtnl_setlink+0x560/0x560 [ 43.092504][ T359] rtnetlink_rcv_msg+0x9a5/0xca0 [ 43.097281][ T359] ? 0xffffffffa0000954 [ 43.101274][ T359] ? rtnetlink_bind+0x80/0x80 [ 43.105790][ T359] ? kernel_text_address+0xa9/0xe0 [ 43.110736][ T359] ? __kernel_text_address+0xd/0x40 [ 43.115768][ T359] ? unwind_get_return_address+0x4d/0x90 [ 43.121766][ T359] ? arch_stack_walk+0xf3/0x140 [ 43.126525][ T359] ? avc_has_perm_noaudit+0x348/0x430 [ 43.131824][ T359] ? memcpy+0x56/0x70 [ 43.135807][ T359] ? avc_has_perm_noaudit+0x2dd/0x430 [ 43.141021][ T359] ? avc_denied+0x1b0/0x1b0 [ 43.145454][ T359] ? avc_has_perm+0x16f/0x260 [ 43.149964][ T359] ? __alloc_skb+0x125/0x2d0 [ 43.154385][ T359] ? netlink_sendmsg+0x7a6/0xd30 [ 43.159288][ T359] ? avc_has_perm_noaudit+0x430/0x430 [ 43.164701][ T359] netlink_rcv_skb+0x1cd/0x410 [ 43.169525][ T359] ? rtnetlink_bind+0x80/0x80 [ 43.174036][ T359] ? netlink_ack+0x12a0/0x12a0 [ 43.178629][ T359] ? __netlink_lookup+0x37b/0x3a0 [ 43.183592][ T359] rtnetlink_rcv+0x1c/0x20 [ 43.187833][ T359] netlink_unicast+0x906/0xab0 [ 43.192517][ T359] ? netlink_detachskb+0x90/0x90 [ 43.197298][ T359] ? security_netlink_send+0x7b/0xa0 [ 43.202411][ T359] netlink_sendmsg+0xa15/0xd30 [ 43.207022][ T359] ? netlink_getsockopt+0x540/0x540 [ 43.212131][ T359] ? security_socket_sendmsg+0x82/0xb0 [ 43.217448][ T359] ? netlink_getsockopt+0x540/0x540 [ 43.222471][ T359] ____sys_sendmsg+0x5dc/0x9d0 [ 43.227063][ T359] ? __sys_sendmsg_sock+0x40/0x40 [ 43.231966][ T359] __sys_sendmsg+0x2a9/0x390 [ 43.236358][ T359] ? ____sys_sendmsg+0x9d0/0x9d0 [ 43.241119][ T359] ? alloc_file+0x48f/0x5e0 [ 43.245469][ T359] ? restore_fpregs_from_fpstate+0xfc/0x230 [ 43.251289][ T359] ? __kasan_check_write+0x14/0x20 [ 43.256226][ T359] ? fpregs_restore_userregs+0x130/0x290 [ 43.261698][ T359] __x64_sys_sendmsg+0x7f/0x90 [ 43.266468][ T359] do_syscall_64+0x3d/0xb0 [ 43.270810][ T359] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.276547][ T359] RIP: 0033:0x7f10ed87cae9 [ 43.280791][ T359] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 43.300326][ T359] RSP: 002b:00007f10ee5600c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 43.308735][ T359] RAX: ffffffffffffffda RBX: 00007f10ed99c050 RCX: 00007f10ed87cae9 [ 43.316722][ T359] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 43.324531][ T359] RBP: 00007f10ed8c847a R08: 0000000000000000 R09: 0000000000000000 [ 43.332431][ T359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 43.340334][ T359] R13: 000000000000006e R14: 00007f10ed99c050 R15: 00007ffdc8685ff8 [ 43.348323][ T359] [ 43.351176][ T359] Modules linked in: [ 43.355536][ T359] ---[ end trace 0000000000000000 ]--- [ 43.361275][ T359] RIP: 0010:hrtimer_try_to_cancel+0x7d/0x320 [ 43.367418][ T359] Code: 00 48 8b 5d c8 48 8b 45 d0 42 80 3c 38 00 74 08 48 89 df e8 25 0c 55 00 48 8b 03 48 89 45 b0 4c 8d 60 10 4d 89 e5 49 c1 ed 03 <43> 0f b6 44 3d 00 84 c0 0f 85 00 01 00 00 41 8b 1c 24 89 de 83 e6 [ 43.388506][ T359] RSP: 0018:ffffc90002e866d0 EFLAGS: 00010202 [ 43.394905][ T359] RAX: 0000000000000000 RBX: ffff88810feee148 RCX: 1ffff11021fddc2a [ 43.403203][ T359] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88810feee118 [ 43.411177][ T359] RBP: ffffc90002e86728 R08: ffffffff8407453f R09: ffffed1021fddc03 [ 43.418956][ T359] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000010 [ 43.426934][ T359] R13: 0000000000000002 R14: ffff88810feee118 R15: dffffc0000000000 [ 43.434782][ T359] FS: 00007f10ee5606c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 43.443917][ T359] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.450386][ T359] CR2: 0000000020003900 CR3: 000000012717d000 CR4: 00000000003506a0 [ 43.458136][ T359] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.466013][ T359] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.473894][ T359] Kernel panic - not syncing: Fatal exception [ 43.480306][ T359] Kernel Offset: disabled [ 43.484438][ T359] Rebooting in 86400 seconds..