Warning: Permanently added '10.128.1.29' (ED25519) to the list of known hosts. 2024/05/25 10:56:28 ignoring optional flag "sandboxArg"="0" 2024/05/25 10:56:28 parsed 1 programs [ 41.751563][ T27] audit: type=1400 audit(1716634588.807:156): avc: denied { mounton } for pid=342 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 41.776654][ T27] audit: type=1400 audit(1716634588.807:157): avc: denied { mount } for pid=342 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2024/05/25 10:56:28 executed programs: 0 [ 41.822269][ T27] audit: type=1400 audit(1716634588.887:158): avc: denied { unlink } for pid=342 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 41.833908][ T342] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 41.869484][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.876525][ T348] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.883710][ T348] device bridge_slave_0 entered promiscuous mode [ 41.890617][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.897518][ T348] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.904568][ T348] device bridge_slave_1 entered promiscuous mode [ 41.917604][ T27] audit: type=1400 audit(1716634588.977:159): avc: denied { write } for pid=348 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.919269][ T348] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.937990][ T27] audit: type=1400 audit(1716634588.977:160): avc: denied { read } for pid=348 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 41.944749][ T348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.944773][ T348] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.979729][ T348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.989607][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.996549][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.003647][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.010752][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.020369][ T348] device veth0_vlan entered promiscuous mode [ 42.026817][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.035005][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.042774][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.049898][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.057342][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.065551][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.072324][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.079493][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.087428][ T23] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.094221][ T23] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.101283][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.108888][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.117860][ T348] device veth1_macvtap entered promiscuous mode [ 42.124103][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.133545][ T27] audit: type=1400 audit(1716634589.197:161): avc: denied { mounton } for pid=348 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 42.158221][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.166274][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.176580][ T27] audit: type=1400 audit(1716634589.237:162): avc: denied { mounton } for pid=353 comm="syz-executor.0" path="/root/syzkaller-testdir2760717620/syzkaller.lJ71Qp/0/file0" dev="sda1" ino=1939 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 42.227325][ T357] BUG: kernel NULL pointer dereference, address: 0000000000000049 [ 42.235198][ T357] #PF: supervisor read access in kernel mode [ 42.241246][ T357] #PF: error_code(0x0000) - not-present page [ 42.247093][ T357] PGD 112230067 P4D 112230067 PUD 11220f067 PMD 0 [ 42.253437][ T357] Oops: 0000 [#1] PREEMPT SMP [ 42.257911][ T357] CPU: 1 PID: 357 Comm: syz-executor.0 Not tainted 6.1.75-syzkaller #0 [ 42.266072][ T357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 42.276058][ T357] RIP: 0010:do_unlinkat+0x1a1/0x2d0 [ 42.281083][ T357] Code: a9 00 00 70 00 74 53 25 00 00 60 00 31 c9 3d 00 00 20 00 0f 94 c1 41 be ec ff ff ff 41 29 ce 45 31 ed eb 47 41 bf a0 00 00 00 <4c> 8b 6b 30 f6 43 02 70 4c 8b 75 90 74 2d 4c 89 ef e8 a9 f7 00 00 [ 42.300943][ T357] RSP: 0018:ffffc900007d7e90 EFLAGS: 00010246 [ 42.307200][ T357] RAX: ffff8881009cc028 RBX: 0000000000000019 RCX: 0000000000000005 [ 42.315206][ T357] RDX: 00000000ffffff9c RSI: 0000000300000000 RDI: ffff888108a53900 [ 42.323014][ T357] RBP: ffffc900007d7f10 R08: ffff888112378480 R09: ffffffff8154613c [ 42.330825][ T357] R10: ffff888112378480 R11: ffff888100041400 R12: ffff88810b597b60 [ 42.338635][ T357] R13: ffffc900007d7ec0 R14: 00000000000000a0 R15: 00000000000000a0 [ 42.346533][ T357] FS: 00007f13115cf6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 42.355397][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.361919][ T357] CR2: 0000000000000049 CR3: 000000011223f000 CR4: 00000000003506a0 [ 42.370112][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.378218][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.386035][ T357] Call Trace: [ 42.389238][ T357] [ 42.392120][ T357] ? __die_body+0x62/0xb0 [ 42.396284][ T357] ? __die+0x7e/0x90 [ 42.400015][ T357] ? page_fault_oops+0x369/0x3d0 [ 42.404877][ T357] ? exc_page_fault+0x4dc/0x670 [ 42.409567][ T357] ? asm_exc_page_fault+0x27/0x30 [ 42.414426][ T357] ? fuse_lookup_name+0x37c/0x3e0 [ 42.419285][ T357] ? do_unlinkat+0x1a1/0x2d0 [ 42.423998][ T357] __x64_sys_unlink+0x1e/0x30 [ 42.428516][ T357] do_syscall_64+0x3d/0xb0 [ 42.432760][ T357] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 42.438649][ T357] RIP: 0033:0x7f131087dda9 [ 42.442963][ T357] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.462965][ T357] RSP: 002b:00007f13115cf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 42.471188][ T357] RAX: ffffffffffffffda RBX: 00007f13109ac050 RCX: 00007f131087dda9 [ 42.479412][ T357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 42.487399][ T357] RBP: 00007f13108ca47a R08: 0000000000000000 R09: 0000000000000000 [ 42.495335][ T357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 42.503232][ T357] R13: 000000000000006e R14: 00007f13109ac050 R15: 00007fffcda7e208 [ 42.511141][ T357] [ 42.514022][ T357] Modules linked in: [ 42.517956][ T357] CR2: 0000000000000049 [ 42.522089][ T357] ---[ end trace 0000000000000000 ]--- [ 42.527612][ T357] RIP: 0010:do_unlinkat+0x1a1/0x2d0 [ 42.532683][ T357] Code: a9 00 00 70 00 74 53 25 00 00 60 00 31 c9 3d 00 00 20 00 0f 94 c1 41 be ec ff ff ff 41 29 ce 45 31 ed eb 47 41 bf a0 00 00 00 <4c> 8b 6b 30 f6 43 02 70 4c 8b 75 90 74 2d 4c 89 ef e8 a9 f7 00 00 [ 42.552466][ T357] RSP: 0018:ffffc900007d7e90 EFLAGS: 00010246 [ 42.558759][ T357] RAX: ffff8881009cc028 RBX: 0000000000000019 RCX: 0000000000000005 [ 42.566919][ T357] RDX: 00000000ffffff9c RSI: 0000000300000000 RDI: ffff888108a53900 [ 42.575115][ T357] RBP: ffffc900007d7f10 R08: ffff888112378480 R09: ffffffff8154613c [ 42.583131][ T357] R10: ffff888112378480 R11: ffff888100041400 R12: ffff88810b597b60 [ 42.590919][ T357] R13: ffffc900007d7ec0 R14: 00000000000000a0 R15: 00000000000000a0 [ 42.598724][ T357] FS: 00007f13115cf6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 [ 42.607869][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.614344][ T357] CR2: 0000000000000049 CR3: 000000011223f000 CR4: 00000000003506a0 [ 42.623114][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.631100][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.638913][ T357] Kernel panic - not syncing: Fatal exception [ 42.645372][ T357] Kernel Offset: disabled [ 42.649648][ T357] Rebooting in 86400 seconds..