syzkaller syzkaller login: [ 13.364536][ T23] kauditd_printk_skb: 60 callbacks suppressed [ 13.364542][ T23] audit: type=1400 audit(1635051347.750:71): avc: denied { transition } for pid=290 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 13.375376][ T23] audit: type=1400 audit(1635051347.750:72): avc: denied { write } for pid=290 comm="sh" path="pipe:[1275]" dev="pipefs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 13.617482][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 13.697267][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 14.816713][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! Warning: Permanently added '10.128.0.4' (ECDSA) to the list of known hosts. executing program [ 20.444336][ T23] audit: type=1400 audit(1635051354.820:73): avc: denied { execmem } for pid=365 comm="syz-executor154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 20.464129][ T23] audit: type=1400 audit(1635051354.850:74): avc: denied { mounton } for pid=366 comm="syz-executor154" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 20.480823][ T367] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 20.491130][ T23] audit: type=1400 audit(1635051354.850:75): avc: denied { mount } for pid=366 comm="syz-executor154" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 20.499151][ T367] incfs: Can't find or create .incomplete dir in ./file0 [ 20.520403][ T23] audit: type=1400 audit(1635051354.850:76): avc: denied { mounton } for pid=366 comm="syz-executor154" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 20.548913][ T23] audit: type=1400 audit(1635051354.850:77): avc: denied { read write } for pid=366 comm="syz-executor154" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.549102][ T367] BUG: Dentry ffff88811a176880{i=0,n=.incomplete} still in use (1) [unmount of vfat loop0] [ 20.573600][ T23] audit: type=1400 audit(1635051354.850:78): avc: denied { open } for pid=366 comm="syz-executor154" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.583391][ T367] ------------[ cut here ]------------ [ 20.609576][ T23] audit: type=1400 audit(1635051354.850:79): avc: denied { ioctl } for pid=366 comm="syz-executor154" path="/dev/loop0" dev="devtmpfs" ino=115 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.612869][ T367] WARNING: CPU: 0 PID: 367 at fs/dcache.c:1616 umount_check+0x18d/0x1d0 [ 20.639145][ T23] audit: type=1400 audit(1635051354.850:80): avc: denied { mounton } for pid=366 comm="syz-executor154" path="/root/file0" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 20.646758][ T367] Modules linked in: [ 20.669617][ T23] audit: type=1400 audit(1635051354.880:81): avc: denied { mount } for pid=366 comm="syz-executor154" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 20.673300][ T367] CPU: 0 PID: 367 Comm: syz-executor154 Not tainted 5.10.75-syzkaller-01082-g234d53d2bb60 #0 [ 20.695621][ T23] audit: type=1400 audit(1635051354.880:82): avc: denied { mounton } for pid=366 comm="syz-executor154" path="/root/file0" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 20.705562][ T367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.738126][ T367] RIP: 0010:umount_check+0x18d/0x1d0 [ 20.743380][ T367] Code: 8b 0b 49 81 c6 f8 03 00 00 48 c7 c7 40 43 2e 85 4c 89 e6 48 8b 55 d0 4c 89 e1 45 89 f8 31 c0 41 56 e8 ae d9 9e ff 48 83 c4 08 <0f> 0b e9 f1 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c c9 fe ff [ 20.763588][ T367] RSP: 0018:ffffc9000024f778 EFLAGS: 00010286 [ 20.769650][ T367] RAX: 0000000000000059 RBX: ffffffff866b3380 RCX: b1a65d822d612d00 [ 20.777627][ T367] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 20.785592][ T367] RBP: ffffc9000024f7a8 R08: ffffffff81545368 R09: 0000000000000003 [ 20.793569][ T367] R10: fffff52000049e41 R11: 0000000000000004 R12: ffff88811a176880 [ 20.801540][ T367] R13: dffffc0000000000 R14: ffff88811d9663f8 R15: 0000000000000001 [ 20.809522][ T367] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 20.818499][ T367] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.825069][ T367] CR2: 00007fa88c3240a8 CR3: 000000000640f000 CR4: 00000000003506b0 [ 20.833072][ T367] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.841220][ T367] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.849334][ T367] Call Trace: [ 20.852615][ T367] d_walk+0x309/0x540 [ 20.856615][ T367] ? __d_free+0x30/0x30 [ 20.860778][ T367] shrink_dcache_for_umount+0x8e/0x1b0 [ 20.866217][ T367] generic_shutdown_super+0x66/0x2c0 [ 20.871514][ T367] kill_block_super+0x80/0xe0 [ 20.876171][ T367] deactivate_locked_super+0xb0/0x100 [ 20.881541][ T367] deactivate_super+0xa5/0xd0 [ 20.886196][ T367] cleanup_mnt+0x45f/0x510 [ 20.890609][ T367] __cleanup_mnt+0x19/0x20 [ 20.895006][ T367] task_work_run+0x147/0x1b0 [ 20.899652][ T367] do_exit+0x70e/0x23a0 [ 20.903795][ T367] ? mm_update_next_owner+0x6e0/0x6e0 [ 20.909257][ T367] ? kfree+0xca/0x310 [ 20.913245][ T367] ? kasan_set_track+0x63/0x80 [ 20.918010][ T367] ? kasan_set_track+0x4c/0x80 [ 20.922751][ T367] ? __kasan_check_write+0x14/0x20 [ 20.927866][ T367] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 20.932965][ T367] do_group_exit+0x16a/0x2d0 [ 20.937553][ T367] get_signal+0x133e/0x1f80 [ 20.942122][ T367] ? kfree+0xca/0x310 [ 20.946072][ T367] ? kfree+0xca/0x310 [ 20.950049][ T367] ? ptrace_notify+0x340/0x340 [ 20.954790][ T367] ? ____kasan_slab_free+0x13e/0x170 [ 20.960070][ T367] ? __kasan_slab_free+0x11/0x20 [ 20.964996][ T367] ? slab_free_freelist_hook+0xb2/0x180 [ 20.970557][ T367] arch_do_signal+0x8d/0x620 [ 20.975138][ T367] ? __do_sys_rt_sigreturn+0x1e0/0x1e0 [ 20.980632][ T367] ? debug_smp_processor_id+0x1c/0x20 [ 20.986110][ T367] exit_to_user_mode_prepare+0xaa/0xe0 [ 20.991612][ T367] syscall_exit_to_user_mode+0x24/0x40 [ 20.997167][ T367] do_syscall_64+0x3d/0x70 [ 21.001558][ T367] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.007452][ T367] RIP: 0033:0x7fa88c2d3089 [ 21.011846][ T367] Code: Unable to access opcode bytes at RIP 0x7fa88c2d305f. [ 21.019210][ T367] RSP: 002b:00007fa88c280308 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 21.027624][ T367] RAX: fffffffffffffe00 RBX: 00007fa88c3583e8 RCX: 00007fa88c2d3089 [ 21.035585][ T367] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa88c3583e8 [ 21.043563][ T367] RBP: 00007fa88c3583e0 R08: 0000000000000000 R09: 0000000000000000 [ 21.051537][ T367] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa88c3583ec [ 21.059505][ T367] R13: 0030656c69662f2e R14: 6e656d6572636e69 R15: 0000000000022000 [ 21.067476][ T367] ---[ end trace 7e4d9c7fe766815f ]--- [ 21.072954][ T367] BUG: Dentry ffff88811a176880{i=0,n=.incomplete} still in use (1) [unmount of vfat loop0] [ 21.083074][ T367] ------------[ cut here ]------------ [ 21.088552][ T367] WARNING: CPU: 0 PID: 367 at fs/dcache.c:1616 umount_check+0x18d/0x1d0 [ 21.096881][ T367] Modules linked in: [ 21.100765][ T367] CPU: 0 PID: 367 Comm: syz-executor154 Tainted: G W 5.10.75-syzkaller-01082-g234d53d2bb60 #0 [ 21.112495][ T367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.122642][ T367] RIP: 0010:umount_check+0x18d/0x1d0 [ 21.127924][ T367] Code: 8b 0b 49 81 c6 f8 03 00 00 48 c7 c7 40 43 2e 85 4c 89 e6 48 8b 55 d0 4c 89 e1 45 89 f8 31 c0 41 56 e8 ae d9 9e ff 48 83 c4 08 <0f> 0b e9 f1 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c c9 fe ff [ 21.147569][ T367] RSP: 0018:ffffc9000024f778 EFLAGS: 00010286 [ 21.153613][ T367] RAX: 0000000000000059 RBX: ffffffff866b3380 RCX: b1a65d822d612d00 [ 21.161680][ T367] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 21.169664][ T367] RBP: ffffc9000024f7a8 R08: ffffffff81545368 R09: fffff52000049e19 [ 21.177638][ T367] R10: fffff52000049e19 R11: 0000000000000000 R12: ffff88811a176880 [ 21.185610][ T367] R13: dffffc0000000000 R14: ffff88811d9663f8 R15: 0000000000000001 [ 21.193732][ T367] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 21.202670][ T367] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.209264][ T367] CR2: 00007fa88c3240a8 CR3: 000000000640f000 CR4: 00000000003506b0 [ 21.217241][ T367] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.225283][ T367] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.233370][ T367] Call Trace: [ 21.236682][ T367] d_walk+0x309/0x540 [ 21.240642][ T367] ? __d_free+0x30/0x30 [ 21.244784][ T367] shrink_dcache_for_umount+0x8e/0x1b0 [ 21.250262][ T367] generic_shutdown_super+0x66/0x2c0 [ 21.255599][ T367] kill_block_super+0x80/0xe0 [ 21.260411][ T367] deactivate_locked_super+0xb0/0x100 [ 21.266145][ T367] deactivate_super+0xa5/0xd0 [ 21.270839][ T367] cleanup_mnt+0x45f/0x510 [ 21.275246][ T367] __cleanup_mnt+0x19/0x20 [ 21.279666][ T367] task_work_run+0x147/0x1b0 [ 21.284241][ T367] do_exit+0x70e/0x23a0 [ 21.288405][ T367] ? mm_update_next_owner+0x6e0/0x6e0 [ 21.293761][ T367] ? kfree+0xca/0x310 [ 21.297752][ T367] ? kasan_set_track+0x63/0x80 [ 21.302493][ T367] ? kasan_set_track+0x4c/0x80 [ 21.307347][ T367] ? __kasan_check_write+0x14/0x20 [ 21.312453][ T367] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 21.317761][ T367] do_group_exit+0x16a/0x2d0 [ 21.322336][ T367] get_signal+0x133e/0x1f80 [ 21.326846][ T367] ? kfree+0xca/0x310 [ 21.330818][ T367] ? kfree+0xca/0x310 [ 21.334770][ T367] ? ptrace_notify+0x340/0x340 [ 21.339548][ T367] ? ____kasan_slab_free+0x13e/0x170 [ 21.344816][ T367] ? __kasan_slab_free+0x11/0x20 [ 21.349767][ T367] ? slab_free_freelist_hook+0xb2/0x180 [ 21.355391][ T367] arch_do_signal+0x8d/0x620 [ 21.359984][ T367] ? __do_sys_rt_sigreturn+0x1e0/0x1e0 [ 21.365434][ T367] ? debug_smp_processor_id+0x1c/0x20 [ 21.370806][ T367] exit_to_user_mode_prepare+0xaa/0xe0 [ 21.376244][ T367] syscall_exit_to_user_mode+0x24/0x40 [ 21.381738][ T367] do_syscall_64+0x3d/0x70 [ 21.386150][ T367] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 21.392143][ T367] RIP: 0033:0x7fa88c2d3089 [ 21.396541][ T367] Code: Unable to access opcode bytes at RIP 0x7fa88c2d305f. [ 21.403915][ T367] RSP: 002b:00007fa88c280308 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 21.412349][ T367] RAX: fffffffffffffe00 RBX: 00007fa88c3583e8 RCX: 00007fa88c2d3089 [ 21.420329][ T367] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa88c3583e8 [ 21.428300][ T367] RBP: 00007fa88c3583e0 R08: 0000000000000000 R09: 0000000000000000 [ 21.436250][ T367] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa88c3583ec [ 21.444219][ T367] R13: 0030656c69662f2e R14: 6e656d6572636e69 R15: 0000000000022000 [ 21.452288][ T367] ---[ end trace 7e4d9c7fe7668160 ]--- [ 21.457820][ T104] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 21.467590][ T367] VFS: Busy inodes after unmount of loop0. Self-destruct in 5 seconds. Have a nice day...