[ 23.260442][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.267913][ T10] device bridge_slave_0 left promiscuous mode [ 23.274070][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.281188][ T10] device veth1_macvtap left promiscuous mode [ 23.287307][ T10] device veth0_vlan left promiscuous mode [ 33.137182][ T27] kauditd_printk_skb: 76 callbacks suppressed [ 33.137186][ T27] audit: type=1400 audit(1705916682.171:152): avc: denied { transition } for pid=320 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 33.165327][ T27] audit: type=1400 audit(1705916682.171:153): avc: denied { noatsecure } for pid=320 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 33.185009][ T27] audit: type=1400 audit(1705916682.171:154): avc: denied { rlimitinh } for pid=320 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 33.204049][ T27] audit: type=1400 audit(1705916682.171:155): avc: denied { siginh } for pid=320 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.123' (ED25519) to the list of known hosts. 2024/01/22 09:44:48 ignoring optional flag "sandboxArg"="0" 2024/01/22 09:44:48 parsed 1 programs [ 39.870365][ T27] audit: type=1400 audit(1705916688.901:156): avc: denied { mounton } for pid=340 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 39.895492][ T27] audit: type=1400 audit(1705916688.901:157): avc: denied { mount } for pid=340 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 39.944172][ T27] audit: type=1400 audit(1705916688.981:158): avc: denied { unlink } for pid=340 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/01/22 09:44:49 executed programs: 0 [ 40.017182][ T340] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 40.036716][ T347] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.043746][ T347] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.050912][ T347] device bridge_slave_0 entered promiscuous mode [ 40.057420][ T347] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.064403][ T347] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.071514][ T347] device bridge_slave_1 entered promiscuous mode [ 40.084240][ T27] audit: type=1400 audit(1705916689.121:159): avc: denied { write } for pid=347 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.095909][ T347] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.105137][ T27] audit: type=1400 audit(1705916689.131:160): avc: denied { read } for pid=347 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 40.112050][ T347] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.139608][ T347] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.146447][ T347] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.156302][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.163236][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.170185][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.177862][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.187158][ T347] device veth0_vlan entered promiscuous mode [ 40.194141][ T347] device veth1_macvtap entered promiscuous mode [ 40.200783][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.209216][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.217336][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.225179][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.232657][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.240889][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.249175][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.256166][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.263320][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.271329][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.278277][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.285438][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.293414][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.302719][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.310992][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.319801][ T27] audit: type=1400 audit(1705916689.361:161): avc: denied { mounton } for pid=347 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 40.345873][ T27] audit: type=1400 audit(1705916689.381:162): avc: denied { mounton } for pid=351 comm="syz-executor.0" path="/root/syzkaller-testdir871180598/syzkaller.zRBHLI/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 40.447341][ T353] BUG: kernel NULL pointer dereference, address: 0000000000000040 [ 40.455258][ T353] #PF: supervisor read access in kernel mode [ 40.461089][ T353] #PF: error_code(0x0000) - not-present page [ 40.467352][ T353] PGD 115c3a067 P4D 115c3a067 PUD 115c3e067 PMD 0 [ 40.474424][ T353] Oops: 0000 [#1] PREEMPT SMP [ 40.479124][ T353] CPU: 1 PID: 353 Comm: syz-executor.0 Not tainted 6.1.57-syzkaller #0 [ 40.487373][ T353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 40.497613][ T353] RIP: 0010:vfs_rename+0x45/0x570 [ 40.502472][ T353] Code: 00 00 48 89 45 d0 4c 8b 47 08 4c 8b 7f 10 48 8b 4f 20 48 8b 77 28 4c 8b 4f 30 41 bd 00 00 60 00 45 23 2f 8b 57 38 49 8b 5f 30 <48> 8b 7e 30 48 8b 41 28 8b 80 28 04 00 00 48 c7 45 c8 00 00 00 00 [ 40.522032][ T353] RSP: 0018:ffffc900006efd38 EFLAGS: 00010206 [ 40.528056][ T353] RAX: 5630d185c8d96a00 RBX: ffff88810abd7840 RCX: ffff88810abd61c0 [ 40.537326][ T353] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffffc900006efe90 [ 40.545249][ T353] RBP: ffffc900006efdd8 R08: ffff88810abd61c0 R09: ffffc900006efe40 [ 40.553165][ T353] R10: ffff888115c25980 R11: ffff888100041400 R12: ffffc900006efe90 [ 40.561084][ T353] R13: 0000000000400000 R14: 0000000020000101 R15: ffff88810d10f410 [ 40.569414][ T353] FS: 00007f20a4b946c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 40.578173][ T353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.584856][ T353] CR2: 0000000000000040 CR3: 0000000115c2b000 CR4: 00000000003506a0 [ 40.592855][ T353] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.600754][ T353] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.608639][ T353] Call Trace: [ 40.611852][ T353] [ 40.614627][ T353] ? __die_body+0x62/0xb0 [ 40.618901][ T353] ? __die+0x7e/0x90 [ 40.622979][ T353] ? page_fault_oops+0x369/0x3d0 [ 40.627771][ T353] ? kfree+0x7a/0xf0 [ 40.631484][ T353] ? exc_page_fault+0x4dc/0x670 [ 40.636345][ T353] ? asm_exc_page_fault+0x27/0x30 [ 40.641381][ T353] ? vfs_rename+0x45/0x570 [ 40.646122][ T353] ? dentry_kill+0x63/0x110 [ 40.650898][ T353] ? dput+0xb2/0xd0 [ 40.654543][ T353] do_renameat2+0x404/0x600 [ 40.658981][ T353] __x64_sys_rename+0x3f/0x50 [ 40.663572][ T353] do_syscall_64+0x3d/0xb0 [ 40.667922][ T353] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 40.674099][ T353] RIP: 0033:0x7f20a3e7cae9 [ 40.678452][ T353] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 40.697894][ T353] RSP: 002b:00007f20a4b940c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 40.706257][ T353] RAX: ffffffffffffffda RBX: 00007f20a3f9bf80 RCX: 00007f20a3e7cae9 [ 40.714428][ T353] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100 [ 40.722318][ T353] RBP: 00007f20a3ec847a R08: 0000000000000000 R09: 0000000000000000 [ 40.730343][ T353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 40.738422][ T353] R13: 000000000000000b R14: 00007f20a3f9bf80 R15: 00007ffc523a3068 [ 40.746302][ T353] [ 40.749248][ T353] Modules linked in: [ 40.753087][ T353] CR2: 0000000000000040 [ 40.757264][ T353] ---[ end trace 0000000000000000 ]--- [ 40.762873][ T353] RIP: 0010:vfs_rename+0x45/0x570 [ 40.767885][ T353] Code: 00 00 48 89 45 d0 4c 8b 47 08 4c 8b 7f 10 48 8b 4f 20 48 8b 77 28 4c 8b 4f 30 41 bd 00 00 60 00 45 23 2f 8b 57 38 49 8b 5f 30 <48> 8b 7e 30 48 8b 41 28 8b 80 28 04 00 00 48 c7 45 c8 00 00 00 00 [ 40.787484][ T353] RSP: 0018:ffffc900006efd38 EFLAGS: 00010206 [ 40.793387][ T353] RAX: 5630d185c8d96a00 RBX: ffff88810abd7840 RCX: ffff88810abd61c0 [ 40.801195][ T353] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffffc900006efe90 [ 40.809117][ T353] RBP: ffffc900006efdd8 R08: ffff88810abd61c0 R09: ffffc900006efe40 [ 40.818061][ T353] R10: ffff888115c25980 R11: ffff888100041400 R12: ffffc900006efe90 [ 40.826185][ T353] R13: 0000000000400000 R14: 0000000020000101 R15: ffff88810d10f410 [ 40.834041][ T353] FS: 00007f20a4b946c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 40.842880][ T353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.849416][ T353] CR2: 0000000000000040 CR3: 0000000115c2b000 CR4: 00000000003506a0 [ 40.857431][ T353] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.865336][ T353] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.873331][ T353] Kernel panic - not syncing: Fatal exception [ 40.879562][ T353] Kernel Offset: disabled [ 40.883741][ T353] Rebooting in 86400 seconds..