Warning: Permanently added '10.128.0.23' (ED25519) to the list of known hosts. 2024/03/10 16:48:32 ignoring optional flag "sandboxArg"="0" 2024/03/10 16:48:33 parsed 1 programs [ 41.499868][ T27] audit: type=1400 audit(1710089313.013:156): avc: denied { mounton } for pid=340 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 41.524818][ T27] audit: type=1400 audit(1710089313.013:157): avc: denied { mount } for pid=340 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2024/03/10 16:48:33 executed programs: 0 [ 41.549170][ T27] audit: type=1400 audit(1710089313.063:158): avc: denied { unlink } for pid=340 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 41.582000][ T340] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 41.607735][ T346] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.614672][ T346] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.621711][ T346] device bridge_slave_0 entered promiscuous mode [ 41.628136][ T346] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.635018][ T346] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.641986][ T346] device bridge_slave_1 entered promiscuous mode [ 41.654487][ T27] audit: type=1400 audit(1710089313.163:159): avc: denied { write } for pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.660504][ T346] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.674888][ T27] audit: type=1400 audit(1710089313.163:160): avc: denied { read } for pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.681997][ T346] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.682013][ T346] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.716506][ T346] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.726034][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.732972][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.739950][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.747076][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.756555][ T346] device veth0_vlan entered promiscuous mode [ 41.762857][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.771023][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.778482][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.785630][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.792969][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.801082][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.807985][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.815109][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.822897][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.830055][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.837111][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.844828][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.853535][ T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.861543][ T346] device veth1_macvtap entered promiscuous mode [ 41.869285][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.877477][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.887847][ T27] audit: type=1400 audit(1710089313.393:161): avc: denied { mounton } for pid=346 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 41.913441][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 41.920835][ T353] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 41.929354][ T27] audit: type=1400 audit(1710089313.443:162): avc: denied { bpf } for pid=352 comm="syz-executor.0" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 41.929397][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.951396][ T27] audit: type=1400 audit(1710089313.463:163): avc: denied { prog_load } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 41.959022][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 41.978245][ T27] audit: type=1400 audit(1710089313.463:164): avc: denied { perfmon } for pid=352 comm="syz-executor.0" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 41.985986][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.007658][ T27] audit: type=1400 audit(1710089313.463:165): avc: denied { prog_run } for pid=352 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 42.015849][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.043063][ T353] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.053196][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.060158][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.068408][ T353] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 42.085132][ T355] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.100784][ T357] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 42.108464][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.115299][ T357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.122873][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.129706][ T357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.137820][ T357] device veth0_vlan left promiscuous mode [ 42.143468][ T357] device veth0_vlan entered promiscuous mode [ 42.149454][ T357] device veth1_macvtap left promiscuous mode [ 42.155515][ T357] device veth1_macvtap entered promiscuous mode [ 42.161981][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.169254][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.176316][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.184495][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.192546][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.200568][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.208425][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.217167][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.225060][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.233571][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.242003][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.249936][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.257937][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.266493][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.274351][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.282361][ T358] netlink: 'syz-executor.0': attribute type 27 has an invalid length. [ 42.292444][ T358] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.299370][ T358] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.306666][ T358] BUG: kernel NULL pointer dereference, address: 0000000000000010 [ 42.314435][ T358] #PF: supervisor read access in kernel mode [ 42.320244][ T358] #PF: error_code(0x0000) - not-present page [ 42.326144][ T358] PGD 10fb88067 P4D 10fb88067 PUD 10cf66067 PMD 0 [ 42.332482][ T358] Oops: 0000 [#1] PREEMPT SMP [ 42.337083][ T358] CPU: 0 PID: 358 Comm: syz-executor.0 Not tainted 6.1.68-syzkaller #0 [ 42.345152][ T358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 42.355135][ T358] RIP: 0010:hrtimer_try_to_cancel+0x12/0xb0 [ 42.360948][ T358] Code: 00 e8 52 30 01 00 5b 41 5e 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 57 41 56 41 54 53 48 89 fb 48 8b 43 30 <8b> 48 10 f6 c1 01 74 04 f3 90 eb f4 80 7b 38 00 75 25 48 39 58 18 [ 42.381060][ T358] RSP: 0018:ffffc900007972f8 EFLAGS: 00010246 [ 42.386905][ T358] RAX: 0000000000000000 RBX: ffff888111a80918 RCX: 0000000000000004 [ 42.394976][ T358] RDX: 000000000000000d RSI: 000061100fc019e9 RDI: ffff888111a80918 [ 42.403071][ T358] RBP: ffffc90000797318 R08: 0000000000000000 R09: ffffc900003a5000 [ 42.410874][ T358] R10: 0000000000000001 R11: ffffc900007975c0 R12: ffff888111a80800 [ 42.418679][ T358] R13: 000061100fc019e9 R14: ffff888111a6b000 R15: 0000000000000340 [ 42.426660][ T358] FS: 00007f75075b56c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 42.435396][ T358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.441790][ T358] CR2: 0000000000000010 CR3: 0000000112eb6000 CR4: 00000000003506b0 [ 42.449603][ T358] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.457654][ T358] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.465424][ T358] Call Trace: [ 42.468550][ T358] [ 42.471338][ T358] ? __die_body+0x62/0xb0 [ 42.475495][ T358] ? __die+0x7e/0x90 [ 42.479223][ T358] ? page_fault_oops+0x369/0x3d0 [ 42.484012][ T358] ? finish_task_switch+0x9c/0x250 [ 42.488951][ T358] ? exc_page_fault+0x4dc/0x670 [ 42.493815][ T358] ? asm_exc_page_fault+0x27/0x30 [ 42.498848][ T358] ? hrtimer_try_to_cancel+0x12/0xb0 [ 42.503964][ T358] hrtimer_cancel+0xd/0x20 [ 42.508220][ T358] napi_disable+0x54/0x60 [ 42.512991][ T358] veth_set_features+0x79/0xe0 [ 42.517621][ T358] __netdev_update_features+0x2a3/0x700 [ 42.523064][ T358] ? __this_cpu_preempt_check+0x13/0x20 [ 42.528602][ T358] ? __local_bh_enable_ip+0x4a/0x70 [ 42.533688][ T358] ? fib6_run_gc+0x1af/0x200 [ 42.538294][ T358] netdev_update_features+0x20/0x90 [ 42.543472][ T358] veth_xdp+0x1ab/0x1e0 [ 42.547532][ T358] ? veth_set_rx_headroom+0x50/0x50 [ 42.552565][ T358] dev_xdp_install+0x65/0xf0 [ 42.556991][ T358] dev_xdp_attach+0x3c6/0x500 [ 42.561592][ T358] dev_change_xdp_fd+0xd3/0x110 [ 42.566467][ T358] do_setlink+0x1102/0x1170 [ 42.570887][ T358] rtnl_newlink+0x8df/0xdd0 [ 42.575227][ T358] ? _raw_spin_unlock+0x1e/0x40 [ 42.580209][ T358] ? __mutex_lock+0x26e/0xa10 [ 42.584698][ T358] rtnetlink_rcv_msg+0x2a6/0x460 [ 42.589542][ T358] ? __stack_depot_save+0x21/0x480 [ 42.594602][ T358] ? stack_depot_save+0x13/0x20 [ 42.599436][ T358] ? save_stack+0xfb/0x140 [ 42.603801][ T358] ? free_unref_page_prepare+0x2ec/0x300 [ 42.609251][ T358] ? free_unref_page+0x47/0x2a0 [ 42.613935][ T358] ? __free_pages+0x25/0x80 [ 42.618272][ T358] ? slab_post_alloc_hook+0x71/0x300 [ 42.623407][ T358] ? flush_tlb_mm_range+0x146/0x170 [ 42.628516][ T358] ? avc_has_perm_noaudit+0x11f/0x1a0 [ 42.633733][ T358] ? avc_has_perm+0x55/0xe0 [ 42.638473][ T358] ? rtnetlink_bind+0x30/0x30 [ 42.642983][ T358] netlink_rcv_skb+0xf4/0x120 [ 42.647736][ T358] rtnetlink_rcv+0x10/0x20 [ 42.652090][ T358] netlink_unicast+0x291/0x380 [ 42.656942][ T358] netlink_sendmsg+0x38b/0x420 [ 42.661553][ T358] ____sys_sendmsg+0x181/0x220 [ 42.666173][ T358] ___sys_sendmsg+0x28f/0x2d0 [ 42.670773][ T358] __se_sys_sendmsg+0xf5/0x130 [ 42.676015][ T358] __x64_sys_sendmsg+0x18/0x20 [ 42.680942][ T358] do_syscall_64+0x3d/0xb0 [ 42.685598][ T358] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.691462][ T358] RIP: 0033:0x7f750687cae9 [ 42.695807][ T358] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.715597][ T358] RSP: 002b:00007f75075b50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.724102][ T358] RAX: ffffffffffffffda RBX: 00007f750699c050 RCX: 00007f750687cae9 [ 42.732059][ T358] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 42.739868][ T358] RBP: 00007f75068c847a R08: 0000000000000000 R09: 0000000000000000 [ 42.747776][ T358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 42.755712][ T358] R13: 000000000000006e R14: 00007f750699c050 R15: 00007fffe581daa8 [ 42.763669][ T358] [ 42.766542][ T358] Modules linked in: [ 42.770354][ T358] CR2: 0000000000000010 [ 42.774539][ T358] ---[ end trace 0000000000000000 ]--- [ 42.779817][ T358] RIP: 0010:hrtimer_try_to_cancel+0x12/0xb0 [ 42.785582][ T358] Code: 00 e8 52 30 01 00 5b 41 5e 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 41 57 41 56 41 54 53 48 89 fb 48 8b 43 30 <8b> 48 10 f6 c1 01 74 04 f3 90 eb f4 80 7b 38 00 75 25 48 39 58 18 [ 42.805076][ T358] RSP: 0018:ffffc900007972f8 EFLAGS: 00010246 [ 42.811085][ T358] RAX: 0000000000000000 RBX: ffff888111a80918 RCX: 0000000000000004 [ 42.818966][ T358] RDX: 000000000000000d RSI: 000061100fc019e9 RDI: ffff888111a80918 [ 42.826778][ T358] RBP: ffffc90000797318 R08: 0000000000000000 R09: ffffc900003a5000 [ 42.834637][ T358] R10: 0000000000000001 R11: ffffc900007975c0 R12: ffff888111a80800 [ 42.842411][ T358] R13: 000061100fc019e9 R14: ffff888111a6b000 R15: 0000000000000340 [ 42.850412][ T358] FS: 00007f75075b56c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 [ 42.859329][ T358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.865839][ T358] CR2: 0000000000000010 CR3: 0000000112eb6000 CR4: 00000000003506b0 [ 42.873762][ T358] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.881817][ T358] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.889910][ T358] Kernel panic - not syncing: Fatal exception [ 42.896029][ T358] Kernel Offset: disabled [ 42.900139][ T358] Rebooting in 86400 seconds..