u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 31.589720][ T28] audit: type=1400 audit(1700877421.747:155): avc: denied { siginh } for pid=321 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.69' (ED25519) to the list of known hosts. 2023/11/25 01:57:09 ignoring optional flag "sandboxArg"="0" 2023/11/25 01:57:09 parsed 1 programs [ 39.518716][ T28] audit: type=1400 audit(1700877429.747:156): avc: denied { mounton } for pid=343 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 39.543378][ T28] audit: type=1400 audit(1700877429.747:157): avc: denied { mount } for pid=343 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2023/11/25 01:57:09 executed programs: 0 [ 39.597168][ T28] audit: type=1400 audit(1700877429.827:158): avc: denied { unlink } for pid=343 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 39.622194][ T343] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 39.861136][ T359] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.868150][ T359] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.875352][ T359] device bridge_slave_0 entered promiscuous mode [ 39.889095][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.895957][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.903341][ T353] device bridge_slave_0 entered promiscuous mode [ 39.911660][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.918578][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.925724][ T353] device bridge_slave_1 entered promiscuous mode [ 39.936203][ T359] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.943135][ T359] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.950594][ T359] device bridge_slave_1 entered promiscuous mode [ 39.973691][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.980721][ T357] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.988056][ T357] device bridge_slave_0 entered promiscuous mode [ 39.996226][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.003132][ T357] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.010397][ T357] device bridge_slave_1 entered promiscuous mode [ 40.016865][ T361] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.023700][ T361] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.031096][ T361] device bridge_slave_0 entered promiscuous mode [ 40.039469][ T361] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.046489][ T361] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.053779][ T361] device bridge_slave_1 entered promiscuous mode [ 40.116060][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.123021][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.130283][ T362] device bridge_slave_0 entered promiscuous mode [ 40.141129][ T358] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.148019][ T358] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.155201][ T358] device bridge_slave_0 entered promiscuous mode [ 40.173723][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.180637][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.188012][ T362] device bridge_slave_1 entered promiscuous mode [ 40.197757][ T358] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.204601][ T358] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.211992][ T358] device bridge_slave_1 entered promiscuous mode [ 40.341593][ T28] audit: type=1400 audit(1700877430.567:159): avc: denied { write } for pid=359 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.347299][ T359] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.362721][ T28] audit: type=1400 audit(1700877430.567:160): avc: denied { read } for pid=359 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.369110][ T359] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.396552][ T359] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.403396][ T359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.482116][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.489009][ T353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.496078][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.503011][ T353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.513603][ T357] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.520485][ T357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.527677][ T357] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.534433][ T357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.578119][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.585189][ T362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.592322][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.599174][ T362] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.616935][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.626370][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.633556][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.640617][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.648209][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.655164][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.662638][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.669747][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.677011][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.719683][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.728197][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.735036][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.742535][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.750526][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.757390][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.764683][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.772625][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.780572][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.787807][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.815173][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.823049][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.830432][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.838732][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.847575][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.854414][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.861752][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 40.869974][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.878159][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.885000][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.892299][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.900157][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.939719][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.948417][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.956342][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.963218][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.970461][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 40.979312][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.987952][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.994781][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.002120][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.010232][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.018409][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.026044][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.034451][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.041885][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.067797][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.075959][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 41.084080][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.092559][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 41.100572][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.108378][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.115641][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.123173][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 41.131324][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.139470][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.146393][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.153654][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.161879][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.170200][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.177082][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.184321][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.191772][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.202310][ T357] device veth0_vlan entered promiscuous mode [ 41.209122][ T359] device veth0_vlan entered promiscuous mode [ 41.228545][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.236359][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.243933][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.251524][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 41.260086][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.268352][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.275196][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.282495][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.290678][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.298901][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.307139][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.315072][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.321946][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.329215][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.337265][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.345866][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.358677][ T357] device veth1_macvtap entered promiscuous mode [ 41.373388][ T353] device veth0_vlan entered promiscuous mode [ 41.388029][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.396323][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.404674][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 41.412305][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.419706][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.427053][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.442247][ T359] device veth1_macvtap entered promiscuous mode [ 41.457206][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.465271][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.473527][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.482355][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.490569][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.498792][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.506004][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.524798][ T353] device veth1_macvtap entered promiscuous mode [ 41.534401][ T362] device veth0_vlan entered promiscuous mode [ 41.547743][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.555890][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.564532][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.572364][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.579811][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 41.588179][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.596143][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.603471][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.610679][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.618900][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.626987][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.633823][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.641236][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.649055][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.656897][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.664962][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.673191][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.681287][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.694415][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 41.704642][ T28] audit: type=1400 audit(1700877431.927:161): avc: denied { mounton } for pid=357 comm="syz-executor.5" path="/dev/binderfs" dev="devtmpfs" ino=370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 41.738151][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.745953][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.753928][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.762633][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.771037][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.779218][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.800988][ T362] device veth1_macvtap entered promiscuous mode [ 41.824108][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.832181][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.840672][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.848892][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.857336][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.865660][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.873906][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.882248][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.890472][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.906574][ T358] device veth0_vlan entered promiscuous mode [ 41.916733][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.927355][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.935567][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.943958][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.952040][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.959973][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.968795][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.976108][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.983772][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.991279][ T301] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.001510][ T361] device veth0_vlan entered promiscuous mode [ 42.020647][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.028823][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.041533][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.049650][ T388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.058707][ T358] device veth1_macvtap entered promiscuous mode [ 42.065569][ T361] device veth1_macvtap entered promiscuous mode [ 42.088623][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.096380][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.104461][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.112867][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.124421][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.133551][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.160337][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.168800][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.186750][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.194842][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2023/11/25 01:57:14 executed programs: 42 2023/11/25 01:57:20 executed programs: 127 2023/11/25 01:57:25 executed programs: 219 2023/11/25 01:57:30 executed programs: 309 2023/11/25 01:57:36 executed programs: 388 2023/11/25 01:57:41 executed programs: 496 2023/11/25 01:57:46 executed programs: 583 2023/11/25 01:57:52 executed programs: 664 2023/11/25 01:57:57 executed programs: 749 2023/11/25 01:58:02 executed programs: 827 2023/11/25 01:58:07 executed programs: 915 2023/11/25 01:58:13 executed programs: 991 2023/11/25 01:58:18 executed programs: 1083 2023/11/25 01:58:23 executed programs: 1181 2023/11/25 01:58:28 executed programs: 1268 2023/11/25 01:58:34 executed programs: 1339 2023/11/25 01:58:39 executed programs: 1425 2023/11/25 01:58:44 executed programs: 1508 2023/11/25 01:58:49 executed programs: 1585 2023/11/25 01:58:54 executed programs: 1674 2023/11/25 01:59:00 executed programs: 1765 2023/11/25 01:59:05 executed programs: 1846 2023/11/25 01:59:10 executed programs: 1934 [ 163.687545][ T8490] ================================================================== [ 163.695473][ T8490] BUG: KASAN: use-after-free in __skb_datagram_iter+0x703/0x780 [ 163.702918][ T8490] Read of size 4 at addr ffff88812236a570 by task syz-executor.2/8490 [ 163.710903][ T8490] [ 163.713072][ T8490] CPU: 1 PID: 8490 Comm: syz-executor.2 Not tainted 6.1.43-syzkaller-1150379-gd2c0f4c4502a #0 [ 163.723139][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 163.733036][ T8490] Call Trace: [ 163.736162][ T8490] [ 163.738943][ T8490] dump_stack_lvl+0x151/0x1b7 [ 163.743475][ T8490] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 163.748752][ T8490] ? _printk+0xd1/0x111 [ 163.752916][ T8490] ? __virt_addr_valid+0x242/0x2f0 [ 163.757888][ T8490] print_report+0x158/0x4e0 [ 163.762209][ T8490] ? __virt_addr_valid+0x242/0x2f0 [ 163.767147][ T8490] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 163.773221][ T8490] ? __skb_datagram_iter+0x703/0x780 [ 163.778342][ T8490] kasan_report+0x13c/0x170 [ 163.782687][ T8490] ? __skb_datagram_iter+0x703/0x780 [ 163.787812][ T8490] ? irqentry_exit+0x30/0x40 [ 163.792246][ T8490] __asan_report_load4_noabort+0x14/0x20 [ 163.797703][ T8490] __skb_datagram_iter+0x703/0x780 [ 163.802644][ T8490] ? skb_copy_datagram_iter+0x180/0x180 [ 163.808023][ T8490] ? __skb_datagram_iter+0x1/0x780 [ 163.812972][ T8490] skb_copy_datagram_iter+0x43/0x180 [ 163.818096][ T8490] unix_stream_read_actor+0x70/0xb0 [ 163.823127][ T8490] unix_stream_recv_urg+0x1b4/0x300 [ 163.828160][ T8490] unix_stream_read_generic+0x2140/0x2220 [ 163.833802][ T8490] ? avc_denied+0x1b0/0x1b0 [ 163.838404][ T8490] ? avc_has_perm+0x16f/0x260 [ 163.842926][ T8490] ? avc_has_perm_noaudit+0x430/0x430 [ 163.848123][ T8490] ? unix_stream_read_actor+0xb0/0xb0 [ 163.853335][ T8490] ? selinux_socket_recvmsg+0x243/0x340 [ 163.858717][ T8490] ? selinux_socket_sendmsg+0x340/0x340 [ 163.864092][ T8490] unix_stream_recvmsg+0x222/0x2b0 [ 163.869040][ T8490] ? unix_stream_sendmsg+0x1070/0x1070 [ 163.874337][ T8490] ? __unix_stream_recvmsg+0x210/0x210 [ 163.879629][ T8490] ? __import_iovec+0x24f/0x430 [ 163.884317][ T8490] ? security_socket_recvmsg+0x87/0xb0 [ 163.889703][ T8490] ? unix_stream_sendmsg+0x1070/0x1070 [ 163.894990][ T8490] ____sys_recvmsg+0x285/0x530 [ 163.899592][ T8490] ? __sys_recvmsg_sock+0x50/0x50 [ 163.904455][ T8490] __sys_recvmsg+0x2e9/0x3d0 [ 163.908890][ T8490] ? __kasan_check_write+0x14/0x20 [ 163.913822][ T8490] ? ____sys_recvmsg+0x530/0x530 [ 163.918595][ T8490] ? __set_current_blocked+0x2a5/0x2f0 [ 163.923896][ T8490] ? __kasan_check_write+0x14/0x20 [ 163.928839][ T8490] ? __se_sys_rt_sigprocmask+0x30a/0x380 [ 163.934311][ T8490] ? debug_smp_processor_id+0x17/0x20 [ 163.939529][ T8490] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 163.945423][ T8490] __x64_sys_recvmsg+0x7f/0x90 [ 163.950019][ T8490] do_syscall_64+0x3d/0xb0 [ 163.954268][ T8490] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 163.960013][ T8490] RIP: 0033:0x7ff25d07cae9 [ 163.964249][ T8490] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 163.983776][ T8490] RSP: 002b:00007ff25ddc30c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 163.992022][ T8490] RAX: ffffffffffffffda RBX: 00007ff25d19c120 RCX: 00007ff25d07cae9 [ 163.999834][ T8490] RDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004 [ 164.007644][ T8490] RBP: 00007ff25d0c847a R08: 0000000000000000 R09: 0000000000000000 [ 164.015458][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.023270][ T8490] R13: 000000000000006e R14: 00007ff25d19c120 R15: 00007ffce44ec9b8 [ 164.031085][ T8490] [ 164.033946][ T8490] [ 164.036113][ T8490] Allocated by task 8489: [ 164.040281][ T8490] kasan_set_track+0x4b/0x70 [ 164.044704][ T8490] kasan_save_alloc_info+0x1f/0x30 [ 164.049652][ T8490] __kasan_slab_alloc+0x6c/0x80 [ 164.054339][ T8490] slab_post_alloc_hook+0x53/0x2c0 [ 164.059286][ T8490] kmem_cache_alloc_node+0x18a/0x2d0 [ 164.064406][ T8490] __alloc_skb+0xcc/0x2e0 [ 164.068571][ T8490] alloc_skb_with_frags+0xa6/0x680 [ 164.073522][ T8490] sock_alloc_send_pskb+0x915/0xa50 [ 164.078553][ T8490] queue_oob+0x102/0x8e0 [ 164.082633][ T8490] unix_stream_sendmsg+0xe10/0x1070 [ 164.087667][ T8490] ____sys_sendmsg+0x5dc/0x9d0 [ 164.092284][ T8490] __sys_sendmsg+0x2a9/0x390 [ 164.096695][ T8490] __x64_sys_sendmsg+0x7f/0x90 [ 164.101294][ T8490] do_syscall_64+0x3d/0xb0 [ 164.105569][ T8490] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 164.111275][ T8490] [ 164.113444][ T8490] Freed by task 8489: [ 164.117264][ T8490] kasan_set_track+0x4b/0x70 [ 164.121779][ T8490] kasan_save_free_info+0x2b/0x40 [ 164.126640][ T8490] ____kasan_slab_free+0x131/0x180 [ 164.131585][ T8490] __kasan_slab_free+0x11/0x20 [ 164.136184][ T8490] kmem_cache_free+0x291/0x510 [ 164.140784][ T8490] kfree_skbmem+0x104/0x170 [ 164.145126][ T8490] consume_skb+0xb4/0x250 [ 164.149291][ T8490] queue_oob+0x52c/0x8e0 [ 164.153369][ T8490] unix_stream_sendmsg+0xe10/0x1070 [ 164.158404][ T8490] ____sys_sendmsg+0x5dc/0x9d0 [ 164.163009][ T8490] __sys_sendmsg+0x2a9/0x390 [ 164.168213][ T8490] __x64_sys_sendmsg+0x7f/0x90 [ 164.172810][ T8490] do_syscall_64+0x3d/0xb0 [ 164.177062][ T8490] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 164.182792][ T8490] [ 164.184966][ T8490] The buggy address belongs to the object at ffff88812236a500 [ 164.184966][ T8490] which belongs to the cache skbuff_head_cache of size 256 [ 164.199375][ T8490] The buggy address is located 112 bytes inside of [ 164.199375][ T8490] 256-byte region [ffff88812236a500, ffff88812236a600) [ 164.212476][ T8490] [ 164.214644][ T8490] The buggy address belongs to the physical page: [ 164.220899][ T8490] page:ffffea000488da80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12236a [ 164.230962][ T8490] flags: 0x4000000000000200(slab|zone=1) [ 164.236437][ T8490] raw: 4000000000000200 ffffea000443dac0 dead000000000004 ffff888100b91c80 [ 164.244855][ T8490] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000 [ 164.254746][ T8490] page dumped because: kasan: bad access detected [ 164.261005][ T8490] page_owner tracks the page as allocated [ 164.266546][ T8490] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 2326, tgid 2322 (syz-executor.0), ts 69999728291, free_ts 69977119863 [ 164.284788][ T8490] post_alloc_hook+0x213/0x220 [ 164.289375][ T8490] prep_new_page+0x1b/0x110 [ 164.293721][ T8490] get_page_from_freelist+0x2878/0x2910 [ 164.299097][ T8490] __alloc_pages+0x3a1/0x780 [ 164.303519][ T8490] alloc_slab_page+0x6c/0xf0 [ 164.307947][ T8490] new_slab+0x90/0x3e0 [ 164.311853][ T8490] ___slab_alloc+0x6f9/0xb80 [ 164.316279][ T8490] __slab_alloc+0x5d/0xa0 [ 164.320443][ T8490] kmem_cache_alloc_node+0x1c9/0x2d0 [ 164.325662][ T8490] __alloc_skb+0xcc/0x2e0 [ 164.329826][ T8490] alloc_skb_with_frags+0xa6/0x680 [ 164.334766][ T8490] sock_alloc_send_pskb+0x915/0xa50 [ 164.339801][ T8490] queue_oob+0x102/0x8e0 [ 164.343883][ T8490] unix_stream_sendmsg+0xe10/0x1070 [ 164.348913][ T8490] ____sys_sendmsg+0x5dc/0x9d0 [ 164.353600][ T8490] __sys_sendmsg+0x2a9/0x390 [ 164.358035][ T8490] page last free stack trace: [ 164.362541][ T8490] free_unref_page_prepare+0x83d/0x850 [ 164.367942][ T8490] free_unref_page+0xbc/0x650 [ 164.372435][ T8490] __free_pages+0x61/0xf0 [ 164.376600][ T8490] __vunmap+0x9f3/0xb60 [ 164.380595][ T8490] free_work+0x5b/0x80 [ 164.384501][ T8490] process_one_work+0x73d/0xcb0 [ 164.389196][ T8490] worker_thread+0xa60/0x1260 [ 164.393712][ T8490] kthread+0x26d/0x300 [ 164.397605][ T8490] ret_from_fork+0x1f/0x30 [ 164.401860][ T8490] [ 164.404027][ T8490] Memory state around the buggy address: [ 164.409592][ T8490] ffff88812236a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 164.417485][ T8490] ffff88812236a480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 164.425380][ T8490] >ffff88812236a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 164.433277][ T8490] ^ [ 164.440830][ T8490] ffff88812236a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 164.448727][ T8490] ffff88812236a600: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 164.456634][ T8490] ================================================================== [ 164.480069][ T8490] Disabling lock debugging due to kernel taint 2023/11/25 01:59:15 executed programs: 2018 2023/11/25 01:59:20 executed programs: 2097