syzkaller
syzkaller login: [ 46.586808][ T26] kauditd_printk_skb: 42 callbacks suppressed
[ 46.586831][ T26] audit: type=1400 audit(1687986430.718:77): avc: denied { transition } for pid=4846 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 46.615280][ T26] audit: type=1400 audit(1687986430.738:78): avc: denied { noatsecure } for pid=4846 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 46.635061][ T26] audit: type=1400 audit(1687986430.758:79): avc: denied { write } for pid=4846 comm="sh" path="pipe:[29418]" dev="pipefs" ino=29418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 46.658043][ T26] audit: type=1400 audit(1687986430.758:80): avc: denied { rlimitinh } for pid=4846 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 46.677511][ T26] audit: type=1400 audit(1687986430.758:81): avc: denied { siginh } for pid=4846 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 46.986473][ T26] audit: type=1400 audit(1687986431.118:82): avc: denied { read } for pid=4433 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Warning: Permanently added '10.128.0.172' (ECDSA) to the list of known hosts.
2023/06/28 21:07:23 fuzzer started
[ 58.887241][ T26] audit: type=1400 audit(1687986443.018:83): avc: denied { write } for pid=4987 comm="syz-fuzzer" path="pipe:[30059]" dev="pipefs" ino=30059 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 58.920485][ T26] audit: type=1400 audit(1687986443.058:84): avc: denied { append } for pid=4433 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 58.942997][ T26] audit: type=1400 audit(1687986443.058:85): avc: denied { open } for pid=4433 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 58.966033][ T26] audit: type=1400 audit(1687986443.058:86): avc: denied { getattr } for pid=4433 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
2023/06/28 21:07:23 connecting to host at 10.128.0.169:36883
2023/06/28 21:07:23 checking machine...
2023/06/28 21:07:23 checking revisions...
2023/06/28 21:07:23 testing simple program...
[ 59.232953][ T26] audit: type=1400 audit(1687986443.368:87): avc: denied { getattr } for pid=4987 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 59.257124][ T26] audit: type=1400 audit(1687986443.368:88): avc: denied { read } for pid=4987 comm="syz-fuzzer" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 59.279444][ T26] audit: type=1400 audit(1687986443.368:89): avc: denied { open } for pid=4987 comm="syz-fuzzer" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 59.293917][ T4996] cgroup: Unknown subsys name 'net'
[ 59.303239][ T26] audit: type=1400 audit(1687986443.368:90): avc: denied { read } for pid=4987 comm="syz-fuzzer" name="raw-gadget" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 59.331129][ T26] audit: type=1400 audit(1687986443.398:91): avc: denied { open } for pid=4987 comm="syz-fuzzer" path="/dev/raw-gadget" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 59.354480][ T26] audit: type=1400 audit(1687986443.398:92): avc: denied { read } for pid=4987 comm="syz-fuzzer" name="vhci" dev="devtmpfs" ino=1075 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 59.457307][ T4996] cgroup: Unknown subsys name 'rlimit'
[ 59.629849][ T4997] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 60.790232][ T4996] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 60.802896][ T4987] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4987 'syz-fuzzer'
[ 60.906634][ T4998] ================================================================================
[ 60.916174][ T4998] UBSAN: array-index-out-of-bounds in kernel/pid.c:244:15
[ 60.923349][ T4998] index 1 is out of range for type 'upid [1]'
[ 60.929804][ T4998] CPU: 1 PID: 4998 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-02218-g1b2c92a1cb24 #0
[ 60.939808][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 60.949939][ T4998] Call Trace:
[ 60.953203][ T4998]
[ 60.956124][ T4998] dump_stack_lvl+0x136/0x150
[ 60.960811][ T4998] __ubsan_handle_out_of_bounds+0xd5/0x140
[ 60.966905][ T4998] ? rwsem_down_write_slowpath+0xdb1/0x1220
[ 60.972818][ T4998] alloc_pid+0xbe5/0xdd0
[ 60.977065][ T4998] ? copy_namespaces+0x1e3/0x500
[ 60.981999][ T4998] copy_process+0x4589/0x7620
[ 60.986672][ T4998] ? pidfd_prepare+0x80/0x80
[ 60.991253][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 60.997227][ T4998] kernel_clone+0xeb/0x890
[ 61.001633][ T4998] ? create_io_thread+0xe0/0xe0
[ 61.006561][ T4998] ? ksys_unshare+0x676/0x920
[ 61.011262][ T4998] ? lock_downgrade+0x690/0x690
[ 61.016104][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 61.021206][ T4998] ? spin_bug+0x1c0/0x1c0
[ 61.025527][ T4998] __do_sys_clone+0xba/0x100
[ 61.030120][ T4998] ? kernel_clone+0x890/0x890
[ 61.034804][ T4998] ? syscall_enter_from_user_mode+0x26/0x80
[ 61.040693][ T4998] do_syscall_64+0x39/0xb0
[ 61.045114][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.051001][ T4998] RIP: 0033:0x7f1fc6289fab
[ 61.055589][ T4998] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 61.075182][ T4998] RSP: 002b:00007ffe728f2250 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 61.083613][ T4998] RAX: ffffffffffffffda RBX: 00007ffe728f28a8 RCX: 00007f1fc6289fab
[ 61.091772][ T4998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 61.099836][ T4998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000555555782400
[ 61.107796][ T4998] R10: 00005555557826d0 R11: 0000000000000246 R12: 0000000000000000
[ 61.115756][ T4998] R13: 00007ffe728f2340 R14: 00007f1fc63ac9d8 R15: 000000000000000c
[ 61.123724][ T4998]
[ 61.128524][ T4998] ================================================================================
[ 61.138223][ T4998] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 61.145412][ T4998] CPU: 0 PID: 4998 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-02218-g1b2c92a1cb24 #0
[ 61.155391][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 61.165533][ T4998] Call Trace:
[ 61.168811][ T4998]
[ 61.171733][ T4998] dump_stack_lvl+0xd9/0x150
[ 61.176341][ T4998] panic+0x686/0x730
[ 61.180230][ T4998] ? panic_smp_self_stop+0xa0/0xa0
[ 61.185330][ T4998] ? syslog_print_all+0x3a0/0x3a0
[ 61.190343][ T4998] check_panic_on_warn+0xb1/0xc0
[ 61.195269][ T4998] __ubsan_handle_out_of_bounds+0xfd/0x140
[ 61.201068][ T4998] ? rwsem_down_write_slowpath+0xdb1/0x1220
[ 61.206961][ T4998] alloc_pid+0xbe5/0xdd0
[ 61.211206][ T4998] ? copy_namespaces+0x1e3/0x500
[ 61.216133][ T4998] copy_process+0x4589/0x7620
[ 61.220804][ T4998] ? pidfd_prepare+0x80/0x80
[ 61.225383][ T4998] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 61.231460][ T4998] kernel_clone+0xeb/0x890
[ 61.235864][ T4998] ? create_io_thread+0xe0/0xe0
[ 61.240710][ T4998] ? ksys_unshare+0x676/0x920
[ 61.245556][ T4998] ? lock_downgrade+0x690/0x690
[ 61.250399][ T4998] ? do_raw_spin_lock+0x124/0x2b0
[ 61.255420][ T4998] ? spin_bug+0x1c0/0x1c0
[ 61.259740][ T4998] __do_sys_clone+0xba/0x100
[ 61.264340][ T4998] ? kernel_clone+0x890/0x890
[ 61.269023][ T4998] ? syscall_enter_from_user_mode+0x26/0x80
[ 61.274993][ T4998] do_syscall_64+0x39/0xb0
[ 61.279408][ T4998] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 61.285315][ T4998] RIP: 0033:0x7f1fc6289fab
[ 61.289985][ T4998] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 61.309602][ T4998] RSP: 002b:00007ffe728f2250 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 61.318012][ T4998] RAX: ffffffffffffffda RBX: 00007ffe728f28a8 RCX: 00007f1fc6289fab
[ 61.325997][ T4998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 61.334058][ T4998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000555555782400
[ 61.342030][ T4998] R10: 00005555557826d0 R11: 0000000000000246 R12: 0000000000000000
[ 61.350099][ T4998] R13: 00007ffe728f2340 R14: 00007f1fc63ac9d8 R15: 000000000000000c
[ 61.358156][ T4998]
[ 61.361369][ T4998] Kernel Offset: disabled
[ 61.365778][ T4998] Rebooting in 86400 seconds..