syzkaller
syzkaller login: [ 43.644965][ T26] kauditd_printk_skb: 42 callbacks suppressed
[ 43.644980][ T26] audit: type=1400 audit(1687986428.621:77): avc: denied { transition } for pid=4844 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 43.673651][ T26] audit: type=1400 audit(1687986428.621:78): avc: denied { noatsecure } for pid=4844 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 43.700467][ T26] audit: type=1400 audit(1687986428.631:79): avc: denied { write } for pid=4844 comm="sh" path="pipe:[29301]" dev="pipefs" ino=29301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 43.723425][ T26] audit: type=1400 audit(1687986428.631:80): avc: denied { rlimitinh } for pid=4844 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 43.742513][ T26] audit: type=1400 audit(1687986428.631:81): avc: denied { siginh } for pid=4844 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 44.517713][ T26] audit: type=1400 audit(1687986429.491:82): avc: denied { read } for pid=4432 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Warning: Permanently added '10.128.0.249' (ECDSA) to the list of known hosts.
2023/06/28 21:07:20 fuzzer started
[ 55.989197][ T26] audit: type=1400 audit(1687986440.961:83): avc: denied { write } for pid=4985 comm="syz-fuzzer" path="pipe:[30170]" dev="pipefs" ino=30170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 56.023347][ T26] audit: type=1400 audit(1687986441.001:84): avc: denied { append } for pid=4432 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 56.045712][ T26] audit: type=1400 audit(1687986441.001:85): avc: denied { open } for pid=4432 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 56.068625][ T26] audit: type=1400 audit(1687986441.001:86): avc: denied { getattr } for pid=4432 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
2023/06/28 21:07:21 connecting to host at 10.128.0.169:40807
2023/06/28 21:07:21 checking machine...
2023/06/28 21:07:21 checking revisions...
2023/06/28 21:07:21 testing simple program...
[ 56.359124][ T26] audit: type=1400 audit(1687986441.331:87): avc: denied { getattr } for pid=4985 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 56.382615][ T26] audit: type=1400 audit(1687986441.331:88): avc: denied { read } for pid=4985 comm="syz-fuzzer" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 56.403960][ T26] audit: type=1400 audit(1687986441.331:89): avc: denied { open } for pid=4985 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 56.427625][ T26] audit: type=1400 audit(1687986441.351:90): avc: denied { read } for pid=4985 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 56.433946][ T4994] cgroup: Unknown subsys name 'net'
[ 56.450997][ T26] audit: type=1400 audit(1687986441.351:91): avc: denied { open } for pid=4985 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 56.479200][ T26] audit: type=1400 audit(1687986441.351:92): avc: denied { read } for pid=4985 comm="syz-fuzzer" name="vhci" dev="devtmpfs" ino=1075 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 56.648117][ T4994] cgroup: Unknown subsys name 'rlimit'
[ 56.890300][ T4996] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 58.038261][ T4994] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 58.050653][ T4992] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4992 'syz-fuzzer'
[ 58.156597][ T4997] ================================================================================
[ 58.165965][ T4997] UBSAN: array-index-out-of-bounds in kernel/pid.c:244:15
[ 58.173138][ T4997] index 1 is out of range for type 'upid [1]'
[ 58.179302][ T4997] CPU: 0 PID: 4997 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-02218-g1b2c92a1cb24 #0
[ 58.189264][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 58.199311][ T4997] Call Trace:
[ 58.202596][ T4997]
[ 58.205515][ T4997] dump_stack_lvl+0x136/0x150
[ 58.210200][ T4997] __ubsan_handle_out_of_bounds+0xd5/0x140
[ 58.215996][ T4997] ? rwsem_down_write_slowpath+0xdb1/0x1220
[ 58.221878][ T4997] alloc_pid+0xbe5/0xdd0
[ 58.226123][ T4997] ? copy_namespaces+0x1e3/0x500
[ 58.231050][ T4997] copy_process+0x4589/0x7620
[ 58.235721][ T4997] ? pidfd_prepare+0x80/0x80
[ 58.240305][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.246280][ T4997] kernel_clone+0xeb/0x890
[ 58.250685][ T4997] ? create_io_thread+0xe0/0xe0
[ 58.255525][ T4997] ? ksys_unshare+0x676/0x920
[ 58.260190][ T4997] ? lock_downgrade+0x690/0x690
[ 58.265031][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 58.270043][ T4997] ? spin_bug+0x1c0/0x1c0
[ 58.274364][ T4997] __do_sys_clone+0xba/0x100
[ 58.278946][ T4997] ? kernel_clone+0x890/0x890
[ 58.283615][ T4997] ? syscall_enter_from_user_mode+0x26/0x80
[ 58.289496][ T4997] do_syscall_64+0x39/0xb0
[ 58.293922][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.299855][ T4997] RIP: 0033:0x7f57f6689fab
[ 58.304289][ T4997] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 58.323903][ T4997] RSP: 002b:00007ffcf5fa2d70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 58.332303][ T4997] RAX: ffffffffffffffda RBX: 00007ffcf5fa33c8 RCX: 00007f57f6689fab
[ 58.340259][ T4997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 58.348217][ T4997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000555556a1c400
[ 58.356183][ T4997] R10: 0000555556a1c6d0 R11: 0000000000000246 R12: 0000000000000000
[ 58.364141][ T4997] R13: 00007ffcf5fa2e60 R14: 00007f57f67ac9d8 R15: 000000000000000c
[ 58.372103][ T4997]
[ 58.375394][ T4997] ================================================================================
[ 58.384760][ T4997] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 58.391968][ T4997] CPU: 0 PID: 4997 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-02218-g1b2c92a1cb24 #0
[ 58.401956][ T4997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 58.412008][ T4997] Call Trace:
[ 58.415284][ T4997]
[ 58.418211][ T4997] dump_stack_lvl+0xd9/0x150
[ 58.422813][ T4997] panic+0x686/0x730
[ 58.426716][ T4997] ? panic_smp_self_stop+0xa0/0xa0
[ 58.431839][ T4997] ? syslog_print_all+0x3a0/0x3a0
[ 58.436872][ T4997] check_panic_on_warn+0xb1/0xc0
[ 58.441817][ T4997] __ubsan_handle_out_of_bounds+0xfd/0x140
[ 58.447630][ T4997] ? rwsem_down_write_slowpath+0xdb1/0x1220
[ 58.453528][ T4997] alloc_pid+0xbe5/0xdd0
[ 58.457782][ T4997] ? copy_namespaces+0x1e3/0x500
[ 58.462725][ T4997] copy_process+0x4589/0x7620
[ 58.467409][ T4997] ? pidfd_prepare+0x80/0x80
[ 58.472012][ T4997] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 58.478095][ T4997] kernel_clone+0xeb/0x890
[ 58.482516][ T4997] ? create_io_thread+0xe0/0xe0
[ 58.487381][ T4997] ? ksys_unshare+0x676/0x920
[ 58.492067][ T4997] ? lock_downgrade+0x690/0x690
[ 58.496931][ T4997] ? do_raw_spin_lock+0x124/0x2b0
[ 58.501965][ T4997] ? spin_bug+0x1c0/0x1c0
[ 58.506300][ T4997] __do_sys_clone+0xba/0x100
[ 58.510896][ T4997] ? kernel_clone+0x890/0x890
[ 58.515670][ T4997] ? syscall_enter_from_user_mode+0x26/0x80
[ 58.521565][ T4997] do_syscall_64+0x39/0xb0
[ 58.525988][ T4997] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.531891][ T4997] RIP: 0033:0x7f57f6689fab
[ 58.536309][ T4997] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 58.556005][ T4997] RSP: 002b:00007ffcf5fa2d70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 58.564421][ T4997] RAX: ffffffffffffffda RBX: 00007ffcf5fa33c8 RCX: 00007f57f6689fab
[ 58.572405][ T4997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 58.580554][ T4997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000555556a1c400
[ 58.588526][ T4997] R10: 0000555556a1c6d0 R11: 0000000000000246 R12: 0000000000000000
[ 58.596498][ T4997] R13: 00007ffcf5fa2e60 R14: 00007f57f67ac9d8 R15: 000000000000000c
[ 58.604483][ T4997]
[ 58.607723][ T4997] Kernel Offset: disabled
[ 58.612119][ T4997] Rebooting in 86400 seconds..