Warning: Permanently added '10.128.1.71' (ED25519) to the list of known hosts. 2024/08/05 16:13:29 ignoring optional flag "sandboxArg"="0" 2024/08/05 16:13:29 parsed 1 programs [ 101.070045][ T29] audit: type=1400 audit(1722874409.368:128): avc: denied { getattr } for pid=5518 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 2024/08/05 16:13:29 executed programs: 0 [ 101.182766][ T56] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.191150][ T56] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.199509][ T56] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.209576][ T56] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.218478][ T56] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 101.226773][ T56] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.239624][ T29] audit: type=1400 audit(1722874409.538:129): avc: denied { mounton } for pid=5530 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 101.392511][ T5530] chnl_net:caif_netlink_parms(): no params data found [ 101.465776][ T5530] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.473169][ T5530] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.480933][ T5530] bridge_slave_0: entered allmulticast mode [ 101.488154][ T5530] bridge_slave_0: entered promiscuous mode [ 101.497393][ T5530] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.504646][ T5530] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.511956][ T5530] bridge_slave_1: entered allmulticast mode [ 101.519208][ T5530] bridge_slave_1: entered promiscuous mode [ 101.551248][ T5530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.565776][ T5530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.599707][ T5530] team0: Port device team_slave_0 added [ 101.608204][ T5530] team0: Port device team_slave_1 added [ 101.635338][ T5530] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.642552][ T5530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.670374][ T5530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.683609][ T5530] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.691424][ T5530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.718176][ T5530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.759705][ T5530] hsr_slave_0: entered promiscuous mode [ 101.766358][ T5530] hsr_slave_1: entered promiscuous mode [ 102.533874][ T5530] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 102.559434][ T5530] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 102.573669][ T5530] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 102.589083][ T5530] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 102.740250][ T5530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.774708][ T5530] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.791581][ T940] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.798832][ T940] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.824375][ T940] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.831742][ T940] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.112442][ T5530] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.186136][ T5530] veth0_vlan: entered promiscuous mode [ 103.210680][ T5530] veth1_vlan: entered promiscuous mode [ 103.260875][ T5530] veth0_macvtap: entered promiscuous mode [ 103.272907][ T5530] veth1_macvtap: entered promiscuous mode [ 103.281256][ T56] Bluetooth: hci0: command tx timeout [ 103.313273][ T5530] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.335991][ T5530] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.354795][ T5530] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.366494][ T5530] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.375509][ T5530] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.386735][ T5530] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.502433][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.528216][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.580517][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.589770][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.605609][ T29] audit: type=1400 audit(1722874411.898:130): avc: denied { mounton } for pid=5530 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 103.750987][ T29] audit: type=1400 audit(1722874412.048:131): avc: denied { create } for pid=5598 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 103.773159][ T5603] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 103.834146][ T29] audit: type=1400 audit(1722874412.128:132): avc: denied { bind } for pid=5598 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 103.861366][ T29] audit: type=1400 audit(1722874412.128:133): avc: denied { write } for pid=5598 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 104.648075][ T5643] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 105.367635][ T56] Bluetooth: hci0: command tx timeout [ 105.520226][ T5686] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 2024/08/05 16:13:34 executed programs: 3 [ 106.389714][ T5728] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 107.257917][ T5771] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 107.437678][ T56] Bluetooth: hci0: command tx timeout [ 108.127243][ T5813] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 108.998795][ T5855] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 109.516530][ T56] Bluetooth: hci0: command tx timeout [ 109.863736][ T5898] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 110.714498][ T5916] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 2024/08/05 16:13:39 executed programs: 9 [ 111.574466][ T5919] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 112.427405][ T5924] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 113.281715][ T5930] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 114.136573][ T5935] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 114.991388][ T5941] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 115.845373][ T5946] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 2024/08/05 16:13:44 executed programs: 15 [ 116.744368][ T5951] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 117.598875][ T5954] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 118.451266][ T5957] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 119.304211][ T5961] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 120.156410][ T5966] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 120.182676][ T5966] bond1: entered promiscuous mode [ 120.188195][ T5966] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.207362][ T5966] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.214500][ T5966] bond1: (slave gre1): The slave device specified does not support setting the MAC address [ 120.225168][ T5966] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 120.237486][ T5966] bond1: (slave gre1): making interface the new active one [ 120.244714][ T5966] gre1: entered promiscuous mode [ 120.251673][ T5966] bond1: (slave gre1): Enslaving as an active interface with an up link [ 120.251970][ T5968] skbuff: skb_under_panic: text:ffffffff8998fc9d len:-1805105748 put:-1805105748 head:ffff88807b8f4000 data:ffff887fe726fb14 tail:0xc0 end:0x140 dev: [ 120.277595][ T5968] ------------[ cut here ]------------ [ 120.283213][ T5968] kernel BUG at net/core/skbuff.c:205! [ 120.289429][ T5968] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 120.296570][ T5968] CPU: 0 UID: 0 PID: 5968 Comm: syz-executor.0 Not tainted 6.11.0-rc2-syzkaller-gde9c2c66ad8e #0 [ 120.307332][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 120.317490][ T5968] RIP: 0010:skb_panic+0x157/0x1d0 [ 120.322581][ T5968] Code: b6 04 01 84 c0 74 04 3c 03 7e 21 8b 4b 70 41 56 45 89 e8 48 c7 c7 c0 88 79 8c 41 57 56 48 89 ee 52 4c 89 e2 e8 3a c6 87 f8 90 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 34 79 04 f9 4c [ 120.342197][ T5968] RSP: 0018:ffffc9000326f810 EFLAGS: 00010286 [ 120.348266][ T5968] RAX: 0000000000000099 RBX: ffff888022012280 RCX: ffffffff816b02e9 [ 120.356237][ T5968] RDX: 0000000000000000 RSI: ffffffff816b96c6 RDI: 0000000000000005 [ 120.364210][ T5968] RBP: ffffffff8c799be0 R08: 0000000000000005 R09: 0000000000000000 [ 120.372383][ T5968] R10: 0000000080000000 R11: 0000000000000001 R12: ffffffff8998fc9d [ 120.380570][ T5968] R13: 00000000946845ac R14: ffffffff8c798880 R15: 0000000000000140 [ 120.388624][ T5968] FS: 00007f19e0bde6c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 120.397557][ T5968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.404403][ T5968] CR2: 00007f19e0bded58 CR3: 0000000023f12000 CR4: 00000000003506f0 [ 120.412375][ T5968] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.420691][ T5968] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 120.428677][ T5968] Call Trace: [ 120.431960][ T5968] [ 120.434886][ T5968] ? show_regs+0x8c/0xa0 [ 120.439152][ T5968] ? die+0x36/0xa0 [ 120.442883][ T5968] ? do_trap+0x232/0x430 [ 120.447246][ T5968] ? skb_panic+0x157/0x1d0 [ 120.451780][ T5968] ? skb_panic+0x157/0x1d0 [ 120.456231][ T5968] ? do_error_trap+0xf4/0x230 [ 120.461354][ T5968] ? skb_panic+0x157/0x1d0 [ 120.465947][ T5968] ? handle_invalid_op+0x34/0x40 [ 120.470890][ T5968] ? skb_panic+0x157/0x1d0 [ 120.475307][ T5968] ? exc_invalid_op+0x2e/0x50 [ 120.480038][ T5968] ? asm_exc_invalid_op+0x1a/0x20 [ 120.485071][ T5968] ? ipgre_header+0x6d/0x540 [ 120.489667][ T5968] ? __wake_up_klogd.part.0+0x99/0xf0 [ 120.495051][ T5968] ? vprintk+0x86/0xa0 [ 120.499212][ T5968] ? skb_panic+0x157/0x1d0 [ 120.503630][ T5968] ? ipgre_header+0x6d/0x540 [ 120.508482][ T5968] skb_push+0xca/0xf0 [ 120.512462][ T5968] ipgre_header+0x6d/0x540 [ 120.516969][ T5968] ? __pfx_ipgre_header+0x10/0x10 [ 120.521996][ T5968] packet_sendmsg+0x3fa1/0x53a0 [ 120.526887][ T5968] ? check_irq_usage+0x870/0x1490 [ 120.532082][ T5968] ? sock_has_perm+0x25a/0x2f0 [ 120.537204][ T5968] ? __pfx_sock_has_perm+0x10/0x10 [ 120.542492][ T5968] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 120.549367][ T5968] ? __might_fault+0x13b/0x190 [ 120.554140][ T5968] ? __pfx_packet_sendmsg+0x10/0x10 [ 120.559365][ T5968] ? __import_iovec+0x1fd/0x6e0 [ 120.564235][ T5968] ? mas_empty_area_rev+0x1480/0x2540 [ 120.569802][ T5968] ____sys_sendmsg+0xab5/0xc90 [ 120.574587][ T5968] ? copy_msghdr_from_user+0x10b/0x160 [ 120.580141][ T5968] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.585438][ T5968] ? __pfx___lock_acquire+0x10/0x10 [ 120.590837][ T5968] ? __lock_acquire+0x1620/0x3cb0 [ 120.596137][ T5968] ___sys_sendmsg+0x135/0x1e0 [ 120.600941][ T5968] ? __pfx____sys_sendmsg+0x10/0x10 [ 120.606256][ T5968] ? find_held_lock+0x2d/0x110 [ 120.611117][ T5968] ? __fget_light+0x173/0x210 [ 120.615889][ T5968] __sys_sendmsg+0x117/0x1f0 [ 120.620477][ T5968] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.625678][ T5968] do_syscall_64+0xcd/0x250 [ 120.630218][ T5968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.636226][ T5968] RIP: 0033:0x7f19e107bdb9 [ 120.640826][ T5968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 120.660459][ T5968] RSP: 002b:00007f19e0bde0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.668961][ T5968] RAX: ffffffffffffffda RBX: 00007f19e119c120 RCX: 00007f19e107bdb9 [ 120.677015][ T5968] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000004 [ 120.685253][ T5968] RBP: 00007f19e10d8ad0 R08: 0000000000000000 R09: 0000000000000000 [ 120.693317][ T5968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.701460][ T5968] R13: 000000000000006e R14: 00007f19e119c120 R15: 00007ffee04ed988 [ 120.709678][ T5968] [ 120.712714][ T5968] Modules linked in: [ 120.718444][ T5968] ---[ end trace 0000000000000000 ]--- [ 120.724049][ T5968] RIP: 0010:skb_panic+0x157/0x1d0 [ 120.729471][ T5968] Code: b6 04 01 84 c0 74 04 3c 03 7e 21 8b 4b 70 41 56 45 89 e8 48 c7 c7 c0 88 79 8c 41 57 56 48 89 ee 52 4c 89 e2 e8 3a c6 87 f8 90 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 34 79 04 f9 4c [ 120.749947][ T5968] RSP: 0018:ffffc9000326f810 EFLAGS: 00010286 [ 120.756257][ T5968] RAX: 0000000000000099 RBX: ffff888022012280 RCX: ffffffff816b02e9 [ 120.764431][ T5968] RDX: 0000000000000000 RSI: ffffffff816b96c6 RDI: 0000000000000005 [ 120.772925][ T5968] RBP: ffffffff8c799be0 R08: 0000000000000005 R09: 0000000000000000 [ 120.781020][ T5968] R10: 0000000080000000 R11: 0000000000000001 R12: ffffffff8998fc9d [ 120.789065][ T5968] R13: 00000000946845ac R14: ffffffff8c798880 R15: 0000000000000140 [ 120.797110][ T5968] FS: 00007f19e0bde6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 120.806055][ T5968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.812998][ T5968] CR2: 00005559ec749018 CR3: 0000000023f12000 CR4: 00000000003506f0 [ 120.821071][ T5968] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.829715][ T5968] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 120.837903][ T5968] Kernel panic - not syncing: Fatal exception [ 120.844425][ T5968] Kernel Offset: disabled [ 120.848756][ T5968] Rebooting in 86400 seconds..