Warning: Permanently added '10.128.10.31' (ED25519) to the list of known hosts. 2024/07/03 07:01:52 ignoring optional flag "sandboxArg"="0" 2024/07/03 07:01:52 parsed 1 programs [ 56.480778][ T27] audit: type=1400 audit(1719990113.020:95): avc: denied { unlink } for pid=426 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 56.492479][ T426] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.584633][ T458] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.591477][ T458] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.598496][ T458] device bridge_slave_0 entered promiscuous mode [ 56.605297][ T458] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.612242][ T458] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.619185][ T458] device bridge_slave_1 entered promiscuous mode [ 56.632425][ T458] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.639342][ T458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.646561][ T458] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.653343][ T458] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.662716][ T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.670173][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.677160][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.686520][ T458] device veth0_vlan entered promiscuous mode [ 56.692732][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.700861][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.708368][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.715922][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.724882][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.733171][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.740121][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.747261][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.755254][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.762163][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.769298][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.777934][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 2024/07/03 07:01:53 executed programs: 0 [ 56.786979][ T458] device veth1_macvtap entered promiscuous mode [ 56.793615][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.805251][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.813725][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.828019][ T468] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.835847][ T468] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.843004][ T468] device bridge_slave_0 entered promiscuous mode [ 56.849553][ T468] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.857582][ T468] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.864594][ T468] device bridge_slave_1 entered promiscuous mode [ 56.877878][ T468] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.884897][ T468] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.892573][ T468] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.899469][ T468] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.909676][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.917030][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.924069][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.931523][ T352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.939558][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.946369][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.953877][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.962368][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.969353][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.978883][ T468] device veth0_vlan entered promiscuous mode [ 56.985032][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.993376][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.000888][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.007971][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.015353][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.022970][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.031704][ T468] device veth1_macvtap entered promiscuous mode [ 57.038731][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.046901][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.054903][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.065723][ T27] audit: type=1400 audit(1719990113.600:96): avc: denied { mounton } for pid=472 comm="syz-executor" path="/root/syzkaller-testdir2331327903/syzkaller.E3vQxI/0/file0" dev="sda1" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 57.066212][ T473] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 57.093472][ T27] audit: type=1400 audit(1719990113.600:97): avc: denied { mounton } for pid=472 comm="syz-executor" path="/root/syzkaller-testdir2331327903/syzkaller.E3vQxI/0/file0" dev="incremental-fs" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.099811][ T473] #PF: supervisor read access in kernel mode [ 57.099814][ T473] #PF: error_code(0x0000) - not-present page [ 57.099817][ T473] PGD 115f4f067 P4D 115f4f067 PUD 115f53067 PMD 0 [ 57.127735][ T27] audit: type=1400 audit(1719990113.600:98): avc: denied { write } for pid=472 comm="syz-executor" name="/" dev="incremental-fs" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.133316][ T473] Oops: 0000 [#1] PREEMPT SMP [ 57.133322][ T473] CPU: 1 PID: 473 Comm: syz-executor Not tainted 6.1.84-syzkaller #0 [ 57.133326][ T473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 57.133328][ T473] RIP: 0010:dir_rename_wrap+0xef/0x2e0 [ 57.133337][ T473] Code: 84 bc 01 00 00 48 3b 59 18 0f 84 b2 01 00 00 48 3b 59 28 0f 84 a8 01 00 00 48 8b 45 80 48 85 c0 74 06 48 8b 40 78 eb 02 31 c0 <4c> 8b 60 08 48 8d 7b 58 e8 d4 47 15 00 4d 85 e4 74 0a 49 8d 7c 24 [ 57.133340][ T473] RSP: 0018:ffffc90000977c68 EFLAGS: 00010286 [ 57.139313][ T27] audit: type=1400 audit(1719990113.600:99): avc: denied { add_name } for pid=472 comm="syz-executor" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.145466][ T473] [ 57.145467][ T473] RAX: 0000000000000000 RBX: ffff88810d12f1a0 RCX: ffff888114e82800 [ 57.145470][ T473] RDX: 00000000ffffa0ff RSI: ffff888114cc2600 RDI: ffff888114e82860 [ 57.145472][ T473] RBP: ffffc90000977d08 R08: ffff88810d12fa90 R09: 0000000000000002 [ 57.145474][ T473] R10: ffff888108aca800 R11: ffff88810bdc20f0 R12: ffff888114e82860 [ 57.145475][ T473] R13: ffff88810d12f9c0 R14: 00000000fffffff0 R15: ffff888114e82860 [ 57.145478][ T473] FS: 00007fd0c63206c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 57.145481][ T473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.145483][ T473] CR2: 0000000000000008 CR3: 000000011584b000 CR4: 00000000003506a0 [ 57.145489][ T473] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.145491][ T473] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.169198][ T27] audit: type=1400 audit(1719990113.600:100): avc: denied { create } for pid=472 comm="syz-executor" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 57.172913][ T473] Call Trace: [ 57.172916][ T473] [ 57.172917][ T473] ? __die_body+0x62/0xb0 [ 57.172926][ T473] ? __die+0x7e/0x90 [ 57.172931][ T473] ? page_fault_oops+0x369/0x3d0 [ 57.181602][ T27] audit: type=1400 audit(1719990113.600:101): avc: denied { associate } for pid=472 comm="syz-executor" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 57.191412][ T473] ? common_lsm_audit+0x494/0x780 [ 57.191423][ T473] ? exc_page_fault+0x4dc/0x670 [ 57.191428][ T473] ? asm_exc_page_fault+0x27/0x30 [ 57.191434][ T473] ? dir_rename_wrap+0xef/0x2e0 [ 57.191440][ T473] ? dir_rename_wrap+0x8d/0x2e0 [ 57.191445][ T473] vfs_rename+0x4ba/0x670 [ 57.197057][ T27] audit: type=1400 audit(1719990113.600:102): avc: denied { remove_name } for pid=472 comm="syz-executor" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.216470][ T473] do_renameat2+0x486/0x670 [ 57.216483][ T473] __x64_sys_renameat2+0x50/0x60 [ 57.216487][ T473] do_syscall_64+0x3d/0xb0 [ 57.216493][ T473] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 57.216498][ T473] RIP: 0033:0x7fd0c567cee9 [ 57.216503][ T473] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 57.222940][ T27] audit: type=1400 audit(1719990113.600:103): avc: denied { rename } for pid=472 comm="syz-executor" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 57.243034][ T473] RSP: 002b:00007fd0c63200c8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 57.243040][ T473] RAX: ffffffffffffffda RBX: 00007fd0c57abf80 RCX: 00007fd0c567cee9 [ 57.243042][ T473] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000004 [ 57.243044][ T473] RBP: 00007fd0c56c949e R08: 0000000000000002 R09: 0000000000000000 [ 57.243046][ T473] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000 [ 57.243049][ T473] R13: 000000000000000b R14: 00007fd0c57abf80 R15: 00007fff815ca5c8 [ 57.243054][ T473] [ 57.243056][ T473] Modules linked in: [ 57.243076][ T473] CR2: 0000000000000008 [ 57.245485][ T27] audit: type=1400 audit(1719990113.600:104): avc: denied { rmdir } for pid=472 comm="syz-executor" name="file1" dev="incremental-fs" ino=1941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 57.253189][ T473] ---[ end trace 0000000000000000 ]--- [ 57.253192][ T473] RIP: 0010:dir_rename_wrap+0xef/0x2e0 [ 57.253201][ T473] Code: 84 bc 01 00 00 48 3b 59 18 0f 84 b2 01 00 00 48 3b 59 28 0f 84 a8 01 00 00 48 8b 45 80 48 85 c0 74 06 48 8b 40 78 eb 02 31 c0 <4c> 8b 60 08 48 8d 7b 58 e8 d4 47 15 00 4d 85 e4 74 0a 49 8d 7c 24 [ 57.253204][ T473] RSP: 0018:ffffc90000977c68 EFLAGS: 00010286 [ 57.253207][ T473] RAX: 0000000000000000 RBX: ffff88810d12f1a0 RCX: ffff888114e82800 [ 57.253210][ T473] RDX: 00000000ffffa0ff RSI: ffff888114cc2600 RDI: ffff888114e82860 [ 57.253212][ T473] RBP: ffffc90000977d08 R08: ffff88810d12fa90 R09: 0000000000000002 [ 57.253214][ T473] R10: ffff888108aca800 R11: ffff88810bdc20f0 R12: ffff888114e82860 [ 57.659228][ T473] R13: ffff88810d12f9c0 R14: 00000000fffffff0 R15: ffff888114e82860 [ 57.667298][ T473] FS: 00007fd0c63206c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 57.676247][ T473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.682790][ T473] CR2: 0000000000000008 CR3: 000000011584b000 CR4: 00000000003506a0 [ 57.690940][ T473] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.698842][ T473] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.706649][ T473] Kernel panic - not syncing: Fatal exception [ 57.712769][ T473] Kernel Offset: disabled [ 57.716886][ T473] Rebooting in 86400 seconds..