forked to background, child pid 192 Starting sshd: OK syzkaller syzkaller login: [ 14.527781][ T22] kauditd_printk_skb: 60 callbacks suppressed [ 14.527790][ T22] audit: type=1400 audit(1635132479.929:71): avc: denied { transition } for pid=265 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.533314][ T22] audit: type=1400 audit(1635132479.939:72): avc: denied { write } for pid=265 comm="sh" path="pipe:[9834]" dev="pipefs" ino=9834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 15.604442][ T266] sshd (266) used greatest stack depth: 26904 bytes left Warning: Permanently added '10.128.1.200' (ECDSA) to the list of known hosts. executing program [ 22.355320][ T22] audit: type=1400 audit(1635132487.759:73): avc: denied { execmem } for pid=298 comm="syz-executor704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 22.374736][ T22] audit: type=1400 audit(1635132487.769:74): avc: denied { mounton } for pid=299 comm="syz-executor704" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 22.383435][ T299] incfs: Can't find or create .index dir in ./file0 [ 22.399059][ T22] audit: type=1400 audit(1635132487.769:75): avc: denied { mount } for pid=299 comm="syz-executor704" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 22.427722][ T22] audit: type=1400 audit(1635132487.769:76): avc: denied { mounton } for pid=299 comm="syz-executor704" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 22.427836][ T299] BUG: Dentry ffff8881e6ac4660{i=0,n=.index} still in use (1) [unmount of sysfs sysfs] [ 22.449182][ T22] audit: type=1400 audit(1635132487.789:77): avc: denied { mounton } for pid=299 comm="syz-executor704" path="/root/file0" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 22.458919][ T299] ------------[ cut here ]------------ [ 22.481564][ T22] audit: type=1400 audit(1635132487.789:78): avc: denied { mount } for pid=299 comm="syz-executor704" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 22.486944][ T299] WARNING: CPU: 1 PID: 299 at fs/dcache.c:1597 umount_check+0x179/0x1c0 [ 22.508979][ T22] audit: type=1400 audit(1635132487.789:79): avc: denied { mounton } for pid=299 comm="syz-executor704" path="/root/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 22.517561][ T299] Modules linked in: [ 22.517573][ T299] CPU: 1 PID: 299 Comm: syz-executor704 Not tainted 5.4.147-syzkaller-00036-geb4a5a5dbd5b #0 [ 22.517576][ T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.517591][ T299] RIP: 0010:umount_check+0x179/0x1c0 [ 22.569301][ T299] Code: ff 4c 8b 0b 48 81 c5 20 04 00 00 48 c7 c7 e0 14 c9 84 4c 89 fe 4c 89 f2 4c 89 f9 45 89 e8 31 c0 55 e8 b7 0e b3 ff 48 83 c4 08 <0f> 0b e9 fd fe ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c d4 fe ff [ 22.588872][ T299] RSP: 0018:ffff8881de57fb38 EFLAGS: 00010282 [ 22.594908][ T299] RAX: 0000000000000055 RBX: ffffffff85d94600 RCX: 3479571c9795b300 [ 22.602869][ T299] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 22.610806][ T299] RBP: ffff8881de752420 R08: ffffffff814b2a4c R09: ffffed103bcaff1f [ 22.618744][ T299] R10: ffffed103bcaff1f R11: 0000000000000000 R12: dffffc0000000000 [ 22.626715][ T299] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8881e6ac4660 [ 22.634662][ T299] FS: 0000555556edf300(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 22.643555][ T299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.650103][ T299] CR2: 00007f2224b601d0 CR3: 00000001edc8f000 CR4: 00000000003406e0 [ 22.658044][ T299] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.666000][ T299] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.673944][ T299] Call Trace: [ 22.677205][ T299] d_walk+0x2d9/0x540 [ 22.681151][ T299] ? __d_free+0x20/0x20 [ 22.685270][ T299] shrink_dcache_for_umount+0x8a/0x1a0 [ 22.690697][ T299] generic_shutdown_super+0x63/0x2a0 [ 22.695945][ T299] kill_anon_super+0x36/0x60 [ 22.700501][ T299] kernfs_kill_sb+0x127/0x140 [ 22.705142][ T299] sysfs_kill_sb+0x1e/0x30 [ 22.709523][ T299] deactivate_locked_super+0xaf/0x100 [ 22.714859][ T299] deactivate_super+0x168/0x210 [ 22.719674][ T299] cleanup_mnt+0x432/0x4e0 [ 22.724055][ T299] task_work_run+0x186/0x1b0 [ 22.728614][ T299] do_exit+0xc0a/0x2aa0 [ 22.732737][ T299] do_group_exit+0x15c/0x2c0 [ 22.737305][ T299] ? do_user_addr_fault+0x6b0/0xb40 [ 22.742474][ T299] __do_sys_exit_group+0x13/0x20 [ 22.747384][ T299] __se_sys_exit_group+0x10/0x10 [ 22.752288][ T299] __x64_sys_exit_group+0x37/0x40 [ 22.757289][ T299] do_syscall_64+0xcb/0x1e0 [ 22.761771][ T299] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 22.767642][ T299] RIP: 0033:0x7f2224aeb529 [ 22.772024][ T299] Code: Bad RIP value. [ 22.776057][ T299] RSP: 002b:00007fff709ed568 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 22.784435][ T299] RAX: ffffffffffffffda RBX: 00007f2224b5f330 RCX: 00007f2224aeb529 [ 22.792375][ T299] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 22.800313][ T299] RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 0000