[ 31.573160][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 31.573884][ T7] device bridge_slave_0 left promiscuous mode [ 31.573907][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 31.574288][ T7] device veth1_macvtap left promiscuous mode [ 31.574309][ T7] device veth0_vlan left promiscuous mode [ 41.552280][ T29] kauditd_printk_skb: 69 callbacks suppressed [ 41.552289][ T29] audit: type=1400 audit(1686815624.789:145): avc: denied { transition } for pid=423 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 41.552323][ T29] audit: type=1400 audit(1686815624.789:146): avc: denied { noatsecure } for pid=423 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 41.553491][ T29] audit: type=1400 audit(1686815624.799:147): avc: denied { rlimitinh } for pid=423 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 41.553544][ T29] audit: type=1400 audit(1686815624.799:148): avc: denied { siginh } for pid=423 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.16' (ECDSA) to the list of known hosts. 2023/06/15 07:53:51 ignoring optional flag "sandboxArg"="0" 2023/06/15 07:53:51 parsed 1 programs 2023/06/15 07:53:51 executed programs: 0 [ 48.323122][ T29] audit: type=1400 audit(1686815631.569:149): avc: denied { mounton } for pid=444 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 48.323215][ T29] audit: type=1400 audit(1686815631.569:150): avc: denied { mount } for pid=444 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 48.357687][ T449] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.357697][ T449] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.357979][ T449] device bridge_slave_0 entered promiscuous mode [ 48.358396][ T449] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.358402][ T449] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.358653][ T449] device bridge_slave_1 entered promiscuous mode [ 48.395011][ T29] audit: type=1400 audit(1686815631.639:151): avc: denied { write } for pid=449 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 48.395102][ T29] audit: type=1400 audit(1686815631.639:152): avc: denied { read } for pid=449 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tconte[ 48.395102][ T29] audit: type=1400 audit(1686815631.639:152): avc: denied { read } for pid=449 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 48.398806][ T449] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.398817][ T449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.398870][ T449] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.398875][ T449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.412158][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.412288][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.412519][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 48.412941][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.414487][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.414596][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.414602][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.415906][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.416013][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.416018][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.420562][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.421646][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.428192][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.430606][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.430776][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.430893][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.432030][ T449] device veth0_vlan entered promiscuous mode [ 48.436336][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.437308][ T449] device veth1_macvtap entered promiscuous mode [ 48.440278][ T59] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.441650][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.448390][ T29] audit: type=1400 audit(1686815631.689:153): avc: denied { mounton } for pid=449 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 48.457952][ T455] loop0: detected capacity change from 0 to 128 [ 48.458396][ T29] audit: type=1400 audit(1686815631.699:154): avc: denied { mounton } for pid=453 comm="syz-executor.0" path="/root/syzkaller-testdir1709310359/syzkaller.Ml4ew3/0/mnt" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 48.458452][ T455] EXT4-fs: Ignoring removed bh option [ 48.459195][ T455] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 48.459855][ T455] EXT4-fs (loop0): Test dummy encryption mode enabled [ 48.461002][ T455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 48.461190][ T455] ext4 filesystem being mounted at /root/syzkaller-testdir1709310359/syzkaller.Ml4ew3/0/mnt supports timestamps until 2038 (0x7fffffff) [ 48.462104][ T29] audit: type=1400 audit(1686815631.699:155): avc: denied { mount } for pid=453 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 48.462116][ T29] audit: type=1400 audit(1686815631.699:156): avc: denied { write } for pid=453 comm="syz-executor.0" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 48.462124][ T29] audit: type=1400 audit(1686815631.699:157): avc: denied { add_name } for pid=453 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 48.462132][ T29] audit: type=1400 audit(1686815631.699:158): avc: denied { create } for pid=453 comm="syz-executor.0" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 48.462439][ T455] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 48.467326][ T455] ------------[ cut here ]------------ [ 48.467332][ T455] kernel BUG at fs/buffer.c:3006! [ 48.467342][ T455] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 48.467351][ T455] CPU: 1 PID: 455 Comm: syz-executor.0 Not tainted 5.19.0-rc2-syzkaller #0 [ 48.467358][ T455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 48.467362][ T455] RIP: 0010:submit_bh_wbc+0x45e/0x470 [ 48.467375][ T455] Code: 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c c4 fe ff ff 4c 89 f7 e8 2f 74 eb ff e9 b7 fe ff ff 0f 0b 0f 0b 0f 0b 0f 0b <0f> 0b 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 [ 48.467380][ T455] RSP: 0018:ffffc90000a96de0 EFLAGS: 00010206 [ 48.467388][ T455] RAX: dffffc0000000000 RBX: ffff88811f1588c0 RCX: ffffffff81b0691a [ 48.467393][ T455] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88811f158888 [ 48.467398][ T455] RBP: ffffc90000a96e30 R08: dffffc0000000000 R09: ffffed1023e2b112 [ 48.467402][ T455] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 48.467406][ T455] R13: ffff88811f158888 R14: 1ffff11023e2b111 R15: 0000000000000000 [ 48.467411][ T455] FS: 00007f693dc69700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 48.467416][ T455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 48.467421][ T455] CR2: 000000002000a000 CR3: 0000000123e5a000 CR4: 00000000003506a0 [ 48.467429][ T455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.467432][ T455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.467436][ T455] Call Trace: [ 48.467438][ T455] [ 48.467442][ T455] ? truncate_inode_pages_range+0x776/0xb80 [ 48.467450][ T455] ? __wait_on_buffer+0x60/0x60 [ 48.467457][ T455] submit_bh+0xb/0x10 [ 48.467463][ T455] ext4_read_bh+0x135/0x1b0 [ 48.467470][ T455] ext4_read_bh_lock+0xab/0xd0 [ 48.467475][ T455] ext4_block_zero_page_range+0x3fb/0x760 [ 48.467485][ T455] ext4_truncate+0x6b1/0xc20 [ 48.467491][ T455] ? down_write+0xd7/0x140 [ 48.467498][ T455] ? __ext4_mark_inode_dirty+0x630/0x630 [ 48.467505][ T455] ? __kasan_check_write+0x14/0x20 [ 48.467512][ T455] ext4_write_begin+0x617/0xb40 [ 48.467520][ T455] ? ext4_readahead+0xe0/0xe0 [ 48.467527][ T455] ? blk_finish_plug+0x4c/0x70 [ 48.467535][ T455] ext4_da_write_begin+0x393/0x6f0 [ 48.467543][ T455] ? ext4_dirty_folio+0xb0/0xb0 [ 48.467550][ T455] ? current_time+0x81/0x280 [ 48.467557][ T455] generic_perform_write+0x2ee/0x520 [ 48.467565][ T455] ? generic_file_direct_write+0x570/0x570 [ 48.467571][ T455] ? down_write+0xd7/0x140 [ 48.467577][ T455] ? down_read_killable+0x20/0x20 [ 48.467583][ T455] ? kernel_text_address+0xa9/0xe0 [ 48.467591][ T455] ext4_buffered_write_iter+0x2d8/0x440 [ 48.467597][ T455] ext4_file_write_iter+0x44d/0x1900 [ 48.467602][ T455] ? stack_trace_save+0x113/0x1c0 [ 48.467610][ T455] ? stack_trace_snprint+0xf0/0xf0 [ 48.467615][ T455] ? filemap_read+0x1871/0x1c00 [ 48.467621][ T455] ? __stack_depot_save+0x34/0x470 [ 48.467626][ T455] ? __kasan_slab_alloc+0x63/0xe0 [ 48.467632][ T455] ? iter_file_splice_write+0x28d/0xf80 [ 48.467639][ T455] ? iter_file_splice_write+0x28d/0xf80 [ 48.467645][ T455] ? ext4_file_read_iter+0x380/0x380 [ 48.467657][ T455] ? ____kasan_kmalloc+0xed/0x110 [ 48.467662][ T455] ? ____kasan_kmalloc+0xdb/0x110 [ 48.467666][ T455] ? __kasan_kmalloc+0x9/0x10 [ 48.467671][ T455] ? __kmalloc+0x1ba/0x320 [ 48.467678][ T455] ? iter_file_splice_write+0x28d/0xf80 [ 48.467684][ T455] ? direct_splice_actor+0xf5/0x120 [ 48.467690][ T455] ? splice_direct_to_actor+0x437/0xa20 [ 48.467697][ T455] ? do_splice_direct+0x264/0x3a0 [ 48.467703][ T455] ? do_sendfile+0x4ad/0xbb0 [ 48.467710][ T455] do_iter_readv_writev+0x3a8/0x530 [ 48.467716][ T455] ? generic_file_rw_checks+0x210/0x210 [ 48.467723][ T455] ? security_file_permission+0x79/0x90 [ 48.467733][ T455] do_iter_write+0x199/0x630 [ 48.467738][ T455] ? splice_from_pipe_next+0x6b/0x570 [ 48.467746][ T455] vfs_iter_write+0x72/0x90 [ 48.467752][ T455] iter_file_splice_write+0x7c3/0xf80 [ 48.467758][ T455] ? generic_file_read_iter+0x90/0x3d0 [ 48.467767][ T455] ? splice_from_pipe+0x220/0x220 [ 48.467774][ T455] ? splice_shrink_spd+0x90/0x90 [ 48.467781][ T455] ? __kasan_check_read+0x11/0x20 [ 48.467786][ T455] ? fsnotify_perm+0x29c/0x4a0 [ 48.467793][ T455] ? splice_from_pipe+0x220/0x220 [ 48.467800][ T455] direct_splice_actor+0xf5/0x120 [ 48.467807][ T455] splice_direct_to_actor+0x437/0xa20 [ 48.467815][ T455] ? do_splice_direct+0x3a0/0x3a0 [ 48.467822][ T455] ? pipe_to_sendpage+0x300/0x300 [ 48.467829][ T455] ? rw_verify_area+0x6a/0x110 [ 48.467837][ T455] do_splice_direct+0x264/0x3a0 [ 48.467844][ T455] ? splice_direct_to_actor+0xa20/0xa20 [ 48.467851][ T455] ? security_file_permission+0x79/0x90 [ 48.467858][ T455] ? preempt_count_add+0x92/0x1a0 [ 48.467866][ T455] do_sendfile+0x4ad/0xbb0 [ 48.467873][ T455] ? do_preadv+0x2e0/0x2e0 [ 48.467879][ T455] ? restore_fpregs_from_fpstate+0xe2/0x1c0 [ 48.467887][ T455] ? save_fpregs_to_fpstate+0x1c0/0x1c0 [ 48.467894][ T455] __x64_sys_sendfile64+0x19b/0x1f0 [ 48.467899][ T455] ? __ia32_sys_sendfile+0x1d0/0x1d0 [ 48.467905][ T455] ? switch_fpu_return+0x9/0x10 [ 48.467912][ T455] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 48.467920][ T455] do_syscall_64+0x3d/0xb0 [ 48.467927][ T455] entry_SYSCALL_64_after_hwframe+0x46/0xb0 [ 48.467932][ T455] RIP: 0033:0x7f693ce8c149 [ 48.467938][ T455] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 48.467943][ T455] RSP: 002b:00007f693dc69168 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 48.467951][ T455] RAX: ffffffffffffffda RBX: 00007f693cfabf80 RCX: 00007f693ce8c149 [ 48.467955][ T455] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 48.467959][ T455] RBP: 00007f693cee7cad R08: 0000000000000000 R09: 0000000000000000 [ 48.467963][ T455] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000000 [ 48.467967][ T455] R13: 00007fff1adfad0f R14: 00007f693dc69300 R15: 0000000000022000 [ 48.467973][ T455] [ 48.467975][ T455] Modules linked in: [ 48.467982][ T455] ---[ end trace 0000000000000000 ]--- [ 48.467985][ T455] RIP: 0010:submit_bh_wbc+0x45e/0x470 [ 48.467991][ T455] Code: 41 5f 5d c3 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c c4 fe ff ff 4c 89 f7 e8 2f 74 eb ff e9 b7 fe ff ff 0f 0b 0f 0b 0f 0b 0f 0b <0f> 0b 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 [ 48.467995][ T455] RSP: 0018:ffffc90000a96de0 EFLAGS: 00010206 [ 48.468000][ T455] RAX: dffffc0000000000 RBX: ffff88811f1588c0 RCX: ffffffff81b0691a [ 48.468004][ T455] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88811f158888 [ 48.468007][ T455] RBP: ffffc90000a96e30 R08: dffffc0000000000 R09: ffffed1023e2b112 [ 48.468011][ T455] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 48.468014][ T455] R13: ffff88811f158888 R14: 1ffff11023e2b111 R15: 0000000000000000 [ 48.468018][ T455] FS: 00007f693dc69700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000 [ 48.468023][ T455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 48.468027][ T455] CR2: 000000002000a000 CR3: 0000000123e5a000 CR4: 00000000003506a0 [ 48.468033][ T455] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.468036][ T455] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.468040][ T455] Kernel panic - not syncing: Fatal exception [ 48.468331][ T455] Kernel Offset: disabled