syzkaller
syzkaller login: [    4.805483][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[    5.685544][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   11.085711][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   11.116769][   T23] kauditd_printk_skb: 60 callbacks suppressed
[   11.116775][   T23] audit: type=1400 audit(1648242911.589:71): avc:  denied  { transition } for  pid=290 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   11.122105][   T23] audit: type=1400 audit(1648242911.589:72): avc:  denied  { write } for  pid=290 comm="sh" path="pipe:[11473]" dev="pipefs" ino=11473 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
[   11.355522][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #88!!!
[   11.357111][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #88!!!
Warning: Permanently added '10.128.0.116' (ECDSA) to the list of known hosts.
2022/03/25 21:15:38 parsed 1 programs
[   38.075567][   T23] audit: type=1400 audit(1648242938.549:73): avc:  denied  { getattr } for  pid=365 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.079080][   T23] audit: type=1400 audit(1648242938.549:74): avc:  denied  { read } for  pid=365 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.082049][   T23] audit: type=1400 audit(1648242938.549:75): avc:  denied  { open } for  pid=365 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   38.086375][   T23] audit: type=1400 audit(1648242938.559:76): avc:  denied  { read } for  pid=365 comm="syz-execprog" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   38.089952][   T23] audit: type=1400 audit(1648242938.559:77): avc:  denied  { open } for  pid=365 comm="syz-execprog" path="/dev/raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   38.093596][   T23] audit: type=1400 audit(1648242938.559:78): avc:  denied  { mounton } for  pid=370 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   38.093991][  T370] cgroup: Unknown subsys name 'net'
[   38.102751][   T23] audit: type=1400 audit(1648242938.559:79): avc:  denied  { mount } for  pid=370 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   38.129809][   T23] audit: type=1400 audit(1648242938.579:80): avc:  denied  { unmount } for  pid=370 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   38.129981][  T370] cgroup: Unknown subsys name 'devices'
[   38.396926][  T370] cgroup: Unknown subsys name 'hugetlb'
[   38.402710][  T370] cgroup: Unknown subsys name 'rlimit'
2022/03/25 21:15:39 executed programs: 0
[   38.556435][   T23] audit: type=1400 audit(1648242939.029:81): avc:  denied  { mounton } for  pid=370 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   38.581184][   T23] audit: type=1400 audit(1648242939.029:82): avc:  denied  { mount } for  pid=370 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   38.605234][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.612378][  T373] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.619759][  T373] device bridge_slave_0 entered promiscuous mode
[   38.626597][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.633602][  T373] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.641065][  T373] device bridge_slave_1 entered promiscuous mode
[   38.665941][  T373] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.672978][  T373] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.680254][  T373] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.687280][  T373] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.702906][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.710120][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.717794][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   38.725142][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.733783][   T72] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.741929][   T72] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.749045][   T72] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.766002][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.774269][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.782198][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.790463][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.797490][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.804915][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.813416][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.828332][  T377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   38.836671][  T377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   38.844917][  T377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.858521][  T373] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[   38.878017][  T380] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   38.888256][  T380] CPU: 0 PID: 380 Comm: syz-executor.0 Not tainted 5.10.108-syzkaller-00653-gab2d1d40a128 #0
[   38.898394][  T380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.908434][  T380] Call Trace:
[   38.911720][  T380]  dump_stack_lvl+0x1e2/0x24b
[   38.916386][  T380]  ? show_regs_print_info+0x18/0x18
[   38.921554][  T380]  ? ___ratelimit+0x3e2/0x580
[   38.926305][  T380]  ? _raw_spin_lock+0xa3/0x1b0
[   38.931044][  T380]  dump_stack+0x15/0x1d
[   38.935171][  T380]  dump_header+0xd8/0x770
[   38.939474][  T380]  oom_kill_process+0xee/0x2c0
[   38.944210][  T380]  out_of_memory+0x895/0xe80
[   38.948774][  T380]  ? unregister_oom_notifier+0x20/0x20
[   38.954208][  T380]  ? mutex_lock_killable+0xa6/0x120
[   38.959375][  T380]  ? __mutex_lock_interruptible_slowpath+0x10/0x10
[   38.965845][  T380]  ? _raw_spin_unlock_irqrestore+0x74/0x80
[   38.971621][  T380]  memory_max_write+0x5dd/0x7b0
[   38.976444][  T380]  ? memory_max_show+0xa0/0xa0
[   38.981275][  T380]  ? memory_max_show+0xa0/0xa0
[   38.986027][  T380]  cgroup_file_write+0x29e/0x5a0
[   38.990947][  T380]  ? cgroup_seqfile_stop+0xc0/0xc0
[   38.996029][  T380]  ? mutex_lock+0xa6/0x110
[   39.000413][  T380]  ? mutex_trylock+0xb0/0xb0
[   39.004986][  T380]  ? __kasan_check_write+0x14/0x20
[   39.010083][  T380]  kernfs_fop_write_iter+0x2d0/0x410
[   39.015344][  T380]  ? cgroup_seqfile_stop+0xc0/0xc0
[   39.020431][  T380]  vfs_write+0xc02/0xf20
[   39.024645][  T380]  ? slab_free_freelist_hook+0xcc/0x1a0
[   39.030178][  T380]  ? kernel_write+0x3c0/0x3c0
[   39.034830][  T380]  ? mutex_trylock+0xb0/0xb0
[   39.039391][  T380]  ? __fdget_pos+0x269/0x300
[   39.043951][  T380]  ? ksys_write+0x77/0x2b0
[   39.048337][  T380]  ksys_write+0x186/0x2b0
[   39.052662][  T380]  ? __ia32_sys_read+0x90/0x90
[   39.057396][  T380]  __x64_sys_write+0x7b/0x90
[   39.061958][  T380]  do_syscall_64+0x31/0x70
[   39.066357][  T380]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   39.072219][  T380] RIP: 0033:0x7f8357c43049
[   39.076606][  T380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   39.096274][  T380] RSP: 002b:00007f8357bb9168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   39.104767][  T380] RAX: ffffffffffffffda RBX: 00007f8357d55f60 RCX: 00007f8357c43049
[   39.112711][  T380] RDX: 0000000000000012 RSI: 0000000020000080 RDI: 0000000000000008
[   39.120656][  T380] RBP: 00007f8357c9d08d R08: 0000000000000000 R09: 0000000000000000
[   39.128598][  T380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   39.136541][  T380] R13: 00007ffea76860bf R14: 00007f8357bb9300 R15: 0000000000022000
[   39.144992][  T380] memory: usage 92kB, limit 0kB, failcnt 0
[   39.150902][  T380] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[   39.157809][  T380] Memory cgroup stats for /syz0:
[   39.157915][  T380] anon 0
[   39.157915][  T380] file 0
[   39.157915][  T380] kernel_stack 0
[   39.157915][  T380] percpu 0
[   39.157915][  T380] sock 0
[   39.157915][  T380] shmem 0
[   39.157915][  T380] file_mapped 0
[   39.157915][  T380] file_dirty 0
[   39.157915][  T380] file_writeback 0
[   39.157915][  T380] anon_thp 0
[   39.157915][  T380] inactive_anon 0
[   39.157915][  T380] active_anon 0
[   39.157915][  T380] inactive_file 0
[   39.157915][  T380] active_file 0
[   39.157915][  T380] unevictable 0
[   39.157915][  T380] slab_reclaimable 0
[   39.157915][  T380] slab_unreclaimable 0
[   39.157915][  T380] slab 0
[   39.157915][  T380] workingset_refault_anon 0
[   39.157915][  T380] workingset_refault_file 0
[   39.157915][  T380] workingset_activate_anon 0
[   39.157915][  T380] workingset_activate_file 0
[   39.157915][  T380] workingset_restore_anon 0
[   39.157915][  T380] workingset_restore_file 0
[   39.157915][  T380] workingset_nodereclaim 0
[   39.157915][  T380] pgfault 33
[   39.253966][  T380] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=379,uid=0
[   39.269500][  T380] Memory cgroup out of memory: Killed process 379 (syz-executor.0) total-vm:34404kB, anon-rss:356kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[   39.286889][   T26] oom_reaper: reaped process 379 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:4kB
[   39.300453][  T373] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[   39.310463][  T373] CPU: 1 PID: 373 Comm: syz-executor.0 Not tainted 5.10.108-syzkaller-00653-gab2d1d40a128 #0
[   39.320582][  T373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.330611][  T373] Call Trace:
[   39.333875][  T373]  dump_stack_lvl+0x1e2/0x24b
[   39.338538][  T373]  ? show_regs_print_info+0x18/0x18
[   39.343704][  T373]  ? ___ratelimit+0x3e2/0x580
[   39.348365][  T373]  ? _raw_spin_lock+0xa3/0x1b0
[   39.353115][  T373]  dump_stack+0x15/0x1d
[   39.357242][  T373]  dump_header+0xd8/0x770
[   39.361543][  T373]  oom_kill_process+0xee/0x2c0
[   39.366279][  T373]  out_of_memory+0x895/0xe80
[   39.370896][  T373]  ? unregister_oom_notifier+0x20/0x20
[   39.376337][  T373]  ? mutex_lock_killable+0xa6/0x120
[   39.381503][  T373]  ? __mutex_lock_interruptible_slowpath+0x10/0x10
[   39.387976][  T373]  ? mem_cgroup_iter+0x52d/0x7d0
[   39.392896][  T373]  mem_cgroup_oom+0x72a/0x900
[   39.397555][  T373]  ? drain_all_stock+0x7e0/0x7e0
[   39.402462][  T373]  ? _raw_spin_unlock_irq+0x4e/0x70
[   39.407628][  T373]  try_charge+0xd01/0x1050
[   39.412014][  T373]  ? __kasan_check_write+0x14/0x20
[   39.417098][  T373]  ? __memcg_kmem_charge+0x180/0x180
[   39.422352][  T373]  ? __alloc_pages_nodemask+0x3c8/0x820
[   39.427867][  T373]  ? gfp_pfmemalloc_allowed+0x120/0x120
[   39.433398][  T373]  ? get_mem_cgroup_from_mm+0x186/0x1a0
[   39.438925][  T373]  __mem_cgroup_charge+0x134/0x6a0
[   39.444032][  T373]  do_anonymous_page+0x33b/0x10a0
[   39.449038][  T373]  ? handle_pte_fault+0xdf0/0xdf0
[   39.454032][  T373]  handle_pte_fault+0x4aa/0xdf0
[   39.458864][  T373]  handle_mm_fault+0x11c9/0x1a40
[   39.463774][  T373]  ? can_reuse_spf_vma+0xe0/0xe0
[   39.468694][  T373]  ? down_read_trylock+0x17a/0x1d0
[   39.473773][  T373]  ? __init_rwsem+0x1c0/0x1c0
[   39.478420][  T373]  do_user_addr_fault+0x6a2/0xd70
[   39.483413][  T373]  ? trace_raw_output_x86_exceptions+0x100/0x100
[   39.489707][  T373]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   39.495748][  T373]  ? exit_to_user_mode_prepare+0x3b/0xe0
[   39.501351][  T373]  exc_page_fault+0x98/0x2d0
[   39.505910][  T373]  ? asm_exc_page_fault+0x8/0x30
[   39.510814][  T373]  asm_exc_page_fault+0x1e/0x30
[   39.515635][  T373] RIP: 0033:0x7f8357c12015
[   39.520021][  T373] Code: e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 49 89 57 08 <48> 89 41 08 49 83 c7 10 eb b3 48 8d 3d 8a dc 09 00 e8 75 c9 ff ff
[   39.539596][  T373] RSP: 002b:00007ffea7685060 EFLAGS: 00010206
[   39.545633][  T373] RAX: 00000000000184d1 RBX: 00007f8357d295e0 RCX: 0000555556158b30
[   39.553575][  T373] RDX: 0000000000008041 RSI: 0000000000000000 RDI: 0000000000000004
[   39.561518][  T373] RBP: 0000000000008030 R08: 0000000000000003 R09: 00007f8357d29640
[   39.569458][  T373] R10: 0000000000000231 R11: 0000000000000000 R12: 0000000000000802
[   39.577401][  T373] R13: 0000000000008040 R14: 0000000000000804 R15: 0000555556150af0
[   39.586325][  T373] memory: usage 32kB, limit 0kB, failcnt 19
[   39.592216][  T373] swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[   39.599097][  T373] Memory cgroup stats for /syz0:
[   39.599188][  T373] anon 0
[   39.599188][  T373] file 0
[   39.599188][  T373] kernel_stack 0
[   39.599188][  T373] percpu 0
[   39.599188][  T373] sock 0
[   39.599188][  T373] shmem 0
[   39.599188][  T373] file_mapped 0
[   39.599188][  T373] file_dirty 0
[   39.599188][  T373] file_writeback 0
[   39.599188][  T373] anon_thp 0
[   39.599188][  T373] inactive_anon 0
[   39.599188][  T373] active_anon 0
[   39.599188][  T373] inactive_file 0
[   39.599188][  T373] active_file 0
[   39.599188][  T373] unevictable 0
[   39.599188][  T373] slab_reclaimable 0
[   39.599188][  T373] slab_unreclaimable 0
[   39.599188][  T373] slab 0
[   39.599188][  T373] workingset_refault_anon 0
[   39.599188][  T373] workingset_refault_file 0
[   39.599188][  T373] workingset_activate_anon 0
[   39.599188][  T373] workingset_activate_file 0
[   39.599188][  T373] workingset_restore_anon 0
[   39.599188][  T373] workingset_restore_file 0
[   39.599188][  T373] workingset_nodereclaim 0
[   39.599188][  T373] pgfault 33
[   39.696350][  T373] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=373,uid=0
[   39.711658][  T373] Memory cgroup out of memory: Killed process 373 (syz-executor.0) total-vm:34140kB, anon-rss:352kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:52kB oom_score_adj:0
[   39.729011][   T26] oom_reaper: reaped process 373 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB
[   40.605612][    T9] device bridge_slave_1 left promiscuous mode
[   40.611755][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.619417][    T9] device bridge_slave_0 left promiscuous mode
[   40.625592][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
2022/03/25 21:15:51 executor failed 11 times: executor 0: exit status 67
SYZFAIL: tun: can't open /dev/net/tun
 (errno 2: No such file or directory)
loop exited with status 67

SYZFAIL: tun: can't open /dev/net/tun
 (errno 2: No such file or directory)
loop exited with status 67