syzbot


kernel panic: audit: rate limit exceeded

Status: upstream: reported C repro on 2020/02/23 17:28
Reported-by: syzbot+613a14effd8e9b521b1e@syzkaller.appspotmail.com
First crash: 1019d, last: 442d

Fix bisection: failed (bisect log)
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel panic: audit: rate limit exceeded C done 5 1018d 1018d 0/24 closed as dup on 2020/02/27 15:41
android-54 kernel panic: audit: rate limit exceeded C 1 1020d 1020d 0/2 closed as invalid on 2020/02/27 15:45

Sample crash report:
kauditd_printk_skb: 5 callbacks suppressed
audit: type=1400 audit(1582478702.248:36): avc:  denied  { map } for  pid=8394 comm="syz-executor628" path="/root/syz-executor628868630" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
audit: audit_lost=1 audit_rate_limit=2 audit_backlog_limit=0
Kernel panic - not syncing: audit: rate limit exceeded

audit: type=1305 audit(1582478702.268:37): audit_failure=2 old=1 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
CPU: 0 PID: 8396 Comm: syz-executor628 Not tainted 4.19.105-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x197/0x210 lib/dump_stack.c:118
 panic+0x26a/0x50e kernel/panic.c:186
audit: type=1305 audit(1582478702.268:38): audit_pid=0 old=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
 audit_panic.cold+0x32/0x32 kernel/audit.c:320
 audit_log_lost kernel/audit.c:390 [inline]
 audit_log_lost+0x8b/0x180 kernel/audit.c:362
 audit_log_end+0x242/0x2b0 kernel/audit.c:2355
audit: type=1305 audit(1582478702.268:39): audit_rate_limit=2 old=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
 audit_log_config_change+0x9a/0xc0 kernel/audit.c:409
 audit_receive_msg+0x2029/0x2590 kernel/audit.c:1282
audit: type=1305 audit(1582478702.268:40): audit_backlog_limit=0 old=64 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
 audit_receive+0x11a/0x240 kernel/audit.c:1512
 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
 netlink_unicast+0x53a/0x730 net/netlink/af_netlink.c:1343
audit: type=1305 audit(1582478702.288:41): audit_enabled=1 old=1 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
 netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1908
audit: type=1305 audit(1582478702.288:42): audit_failure=2 old=2 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 res=1
 sock_sendmsg_nosec net/socket.c:622 [inline]
 sock_sendmsg+0xd7/0x130 net/socket.c:632
 ___sys_sendmsg+0x803/0x920 net/socket.c:2115
 __sys_sendmsg+0x105/0x1d0 net/socket.c:2153
 __do_sys_sendmsg net/socket.c:2162 [inline]
 __se_sys_sendmsg net/socket.c:2160 [inline]
 __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2160
 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441239
Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffe06e59a28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441239
RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003
RBP: 000000000000d552 R08: 00000000004002c8 R09: 00000000004002c8
R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000402060
R13: 00000000004020f0 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-linux-4-19 2020/02/23 17:27 linux-4.19.y 4fccc2503536 2c36e7a7 .config log report syz C
* Struck through repros no longer work on HEAD.