[ 44.172945][ T31] audit: type=1400 audit(44.110:68): avc: denied { read write } for pid=2989 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 44.174357][ T31] audit: type=1400 audit(44.110:69): avc: denied { open } for pid=2989 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 Warning: Permanently added '[localhost]:49107' (ED25519) to the list of known hosts. [ 88.889733][ T31] audit: type=1400 audit(88.810:70): avc: denied { execute } for pid=3004 comm="sh" name="syz-executor1968882195" dev="vda" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 88.890698][ T31] audit: type=1400 audit(88.830:71): avc: denied { execute_no_trans } for pid=3004 comm="sh" path="/syz-executor1968882195" dev="vda" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 89.208785][ T31] audit: type=1400 audit(89.140:72): avc: denied { execmem } for pid=3004 comm="syz-executor196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 executing program [ 89.384684][ T3005] 8<--- cut here --- [ 89.385149][ T3005] Unable to handle kernel NULL pointer dereference at virtual address 00000018 when write [ 89.385653][ T3005] [00000018] *pgd=84374003, *pmd=fe515003 [ 89.386698][ T3005] Internal error: Oops: a05 [#1] PREEMPT SMP ARM [ 89.387158][ T3005] Modules linked in: [ 89.388142][ T3005] CPU: 1 PID: 3005 Comm: syz-executor196 Not tainted 6.10.0-rc4-syzkaller #0 [ 89.388611][ T3005] Hardware name: ARM-Versatile Express [ 89.389218][ T3005] PC is at do_pagemap_scan+0x2ac/0x6f8 [ 89.390699][ T3005] LR is at do_pagemap_scan+0x278/0x6f8 [ 89.391258][ T3005] pc : [<805a74c4>] lr : [<805a7490>] psr: 20000013 [ 89.392153][ T3005] sp : df961e18 ip : df961e18 fp : df961f04 [ 89.392575][ T3005] r10: 00000000 r9 : 00000000 r8 : 00000000 [ 89.392861][ T3005] r7 : df961e50 r6 : 83708c00 r5 : 20165000 r4 : 83eb3c00 [ 89.393176][ T3005] r3 : 20ffb000 r2 : 00000000 r1 : 00000000 r0 : 00000010 [ 89.393563][ T3005] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none [ 89.393968][ T3005] Control: 30c5387d Table: 8437a280 DAC: 00000000 [ 89.394316][ T3005] Register r0 information: zero-size pointer [ 89.395037][ T3005] Register r1 information: NULL pointer [ 89.395306][ T3005] Register r2 information: NULL pointer [ 89.395558][ T3005] Register r3 information: non-paged memory [ 89.395944][ T3005] Register r4 information: slab mm_struct start 83eb3c00 pointer offset 0 size 712 [ 89.396941][ T3005] Register r5 information: non-paged memory [ 89.397221][ T3005] Register r6 information: slab task_struct start 83708c00 pointer offset 0 size 3072 [ 89.397663][ T3005] Register r7 information: 2-page vmalloc region starting at 0xdf960000 allocated at kernel_clone+0xac/0x3e4 [ 89.398268][ T3005] Register r8 information: NULL pointer [ 89.398545][ T3005] Register r9 information: NULL pointer [ 89.398813][ T3005] Register r10 information: NULL pointer [ 89.399073][ T3005] Register r11 information: 2-page vmalloc region starting at 0xdf960000 allocated at kernel_clone+0xac/0x3e4 [ 89.399494][ T3005] Register r12 information: 2-page vmalloc region starting at 0xdf960000 allocated at kernel_clone+0xac/0x3e4 [ 89.399995][ T3005] Process syz-executor196 (pid: 3005, stack limit = 0xdf960000) [ 89.400569][ T3005] Stack: (0xdf961e18 to 0xdf962000) [ 89.400961][ T3005] 1e00: 00000000 00000000 [ 89.401355][ T3005] 1e20: 00000000 00000000 200004c0 00000001 20165000 00000000 00000000 00000000 [ 89.401705][ T3005] 1e40: 00000000 00000000 00000000 00000000 00000060 00000000 00000000 00000000 [ 89.402142][ T3005] 1e60: 20165000 00000000 20ffb000 00000000 00000000 00000000 20000000 00000000 [ 89.402721][ T3005] 1e80: 00000000 10000000 ffffffff 00000000 00000000 00000000 00000000 00000000 [ 89.403229][ T3005] 1ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000010 00000000 [ 89.403723][ T3005] 1ec0: 00000000 00000000 20000000 00000000 c0606610 9aa5d9ce df961ef4 c0606610 [ 89.404339][ T3005] 1ee0: 00000000 83fe76c0 200004c0 83fe76c0 00000003 83708c00 df961f14 df961f08 [ 89.404699][ T3005] 1f00: 805a7938 805a7224 df961fa4 df961f18 8051a27c 805a791c 804fe064 8050f77c [ 89.405034][ T3005] 1f20: 00000002 00000000 00000006 00000100 00000001 9aa5d9ce ffffff9c 7e981c18 [ 89.405368][ T3005] 1f40: 00000000 00000142 df961fa4 df961f58 804fe480 804fdfc8 00000002 00000000 [ 89.405714][ T3005] 1f60: 00000000 00000000 00000000 00000000 00000002 9aa5d9ce 00000000 ffffffff [ 89.406039][ T3005] 1f80: 00000000 00000000 00000036 8020029c 83708c00 00000036 00000000 df961fa8 [ 89.406359][ T3005] 1fa0: 80200060 8051a154 ffffffff 00000000 00000003 c0606610 200004c0 00000000 [ 89.406711][ T3005] 1fc0: ffffffff 00000000 00000000 00000036 7e981e0c 00000000 000f4240 00000000 [ 89.407067][ T3005] 1fe0: 7e981bf8 7e981be8 000106b8 0002e820 00000010 00000003 00000000 00000000 [ 89.407471][ T3005] Call trace: [ 89.407897][ T3005] [<805a7218>] (do_pagemap_scan) from [<805a7938>] (do_pagemap_cmd+0x28/0x34) [ 89.408527][ T3005] r10:83708c00 r9:00000003 r8:83fe76c0 r7:200004c0 r6:83fe76c0 r5:00000000 [ 89.409120][ T3005] r4:c0606610 [ 89.409378][ T3005] [<805a7910>] (do_pagemap_cmd) from [<8051a27c>] (sys_ioctl+0x134/0xda4) [ 89.409788][ T3005] [<8051a148>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c) [ 89.410637][ T3005] Exception stack(0xdf961fa8 to 0xdf961ff0) [ 89.411100][ T3005] 1fa0: ffffffff 00000000 00000003 c0606610 200004c0 00000000 [ 89.411574][ T3005] 1fc0: ffffffff 00000000 00000000 00000036 7e981e0c 00000000 000f4240 00000000 [ 89.412070][ T3005] 1fe0: 7e981bf8 7e981be8 000106b8 0002e820 [ 89.412374][ T3005] r10:00000036 r9:83708c00 r8:8020029c r7:00000036 r6:00000000 r5:00000000 [ 89.412745][ T3005] r4:ffffffff [ 89.413368][ T3005] Code: e51b309c e51b108c e50b103c e3a01000 (e1c080f8) [ 89.460416][ T3005] ---[ end trace 0000000000000000 ]--- [ 89.462751][ T3005] Kernel panic - not syncing: Fatal exception [ 89.467206][ T3005] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:50:00 Registers: info registers vcpu 0 CPU#0 R00=00000000 R01=81fe14c8 R02=0002c731 R03=8021b4c0 R04=8261ad80 R05=8260c5d0 R06=00000000 R07=8260c5f8 R08=00000000 R09=00000000 R10=00000000 R11=82601f34 R12=82601f38 R13=82601f28 R14=80208978 R15=8021b4c8 PSR=60000093 -ZC- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=004b27e9 s17=00000000 d08=00000000004b27e9 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=b14a3823 s33=47bd7149 d16=47bd7149b14a3823 s34=531f687e s35=25df3ab6 d17=25df3ab6531f687e s36=78a7d5ea s37=77011179 d18=7701117978a7d5ea s38=7496ad33 s39=a0fc3af9 d19=a0fc3af97496ad33 s40=591d5963 s41=2604ca20 d20=2604ca20591d5963 s42=42cd7ee5 s43=f9a14c30 d21=f9a14c3042cd7ee5 s44=e6033eb9 s45=5fcba086 d22=5fcba086e6033eb9 s46=59775f06 s47=b8368b1b d23=b8368b1b59775f06 s48=00000001 s49=00000000 d24=0000000000000001 s50=00000000 s51=00000000 d25=0000000000000000 s52=5e43d1bb s53=b716fd61 d26=b716fd615e43d1bb s54=0b9270b8 s55=99f61d1f d27=99f61d1f0b9270b8 s56=0a0d51e3 s57=c8e64fe2 d28=c8e64fe20a0d51e3 s58=0ef66732 s59=0c98f770 d29=0c98f7700ef66732 s60=ac7d73fe s61=479d34fd d30=479d34fdac7d73fe s62=00000069 s63=00000068 d31=0000006800000069 FPSCR: 00000000 info registers vcpu 1 CPU#1 R00=00000001 R01=00000000 R02=00000000 R03=83708c00 R04=8262a024 R05=000002f9 R06=dddd9595 R07=00000000 R08=00000000 R09=00000bbd R10=821c6ff4 R11=df961b4c R12=df961b50 R13=df961b50 R14=802bf518 R15=802bec0c PSR=a0000193 N-C- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000