[syzbot] upstream boot error: BUG: unable to handle kernel paging request in free_block
19 views
Skip to first unread message
syzbot
Aug 15, 2022, 1:59:24 PM8/15/22
to ak...@linux-foundation.org, linux-...@vger.kernel.org, songm...@bytedance.com, syzkall...@googlegroups.com, vba...@suse.cz, wi...@infradead.org
Hello,
syzbot found the following issue on:
HEAD commit: 568035b01cfb Linux 6.0-rc1
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=15d65d0d080000
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+382af0...@syzkaller.appspotmail.com
platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
cfg80211: failed to load regulatory.db
BUG: unable to handle page fault for address: ffffebde00000008
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 6.0.0-rc1-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Workqueue: events cache_reap
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:858 [inline]
RIP: 0010:virt_to_slab mm/slab.h:175 [inline]
RIP: 0010:free_block+0xc4/0x2d0 mm/slab.c:3317
Code: b8 00 00 00 80 7f 77 00 00 48 81 fd 00 00 00 80 72 07 48 8b 05 9d d0 70 04 48 01 e8 48 2d 00 00 00 80 48 c1 e8 06 48 83 e0 c0 <48> 8b 4c 06 08 f6 c1 01 0f 85 47 01 00 00 48 01 f0 0f 1f 44 00 00
RSP: 0018:ffffc900002f3c80 EFLAGS: 00010006
RAX: 000001de00000000 RBX: 0000000000000001 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffea0000000000 RDI: ffff888100cf06c0
RBP: 0000000000000000 R08: ffffc900002f3cf8 R09: 0000000000000000
R10: ffff888100f70a40 R11: 0001ffffffffffff R12: ffff888100cf06c0
R13: ffffc900002f3cf8 R14: ffffc900002f3cf8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffebde00000008 CR3: 0000000104e75000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
drain_array_locked mm/slab.c:2130 [inline]
drain_array+0xb8/0x1a0 mm/slab.c:3958
cache_reap+0x238/0x330 mm/slab.c:4010
process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
worker_thread+0x618/0xa70 kernel/workqueue.c:2436
kthread+0x1a9/0x1e0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30
</TASK>
Modules linked in:
CR2: ffffebde00000008
---[ end trace 0000000000000000 ]---
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:858 [inline]
RIP: 0010:virt_to_slab mm/slab.h:175 [inline]
RIP: 0010:free_block+0xc4/0x2d0 mm/slab.c:3317
Code: b8 00 00 00 80 7f 77 00 00 48 81 fd 00 00 00 80 72 07 48 8b 05 9d d0 70 04 48 01 e8 48 2d 00 00 00 80 48 c1 e8 06 48 83 e0 c0 <48> 8b 4c 06 08 f6 c1 01 0f 85 47 01 00 00 48 01 f0 0f 1f 44 00 00
RSP: 0018:ffffc900002f3c80 EFLAGS: 00010006
RAX: 000001de00000000 RBX: 0000000000000001 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffea0000000000 RDI: ffff888100cf06c0
RBP: 0000000000000000 R08: ffffc900002f3cf8 R09: 0000000000000000
R10: ffff888100f70a40 R11: 0001ffffffffffff R12: ffff888100cf06c0
R13: ffffc900002f3cf8 R14: ffffc900002f3cf8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffebde00000008 CR3: 0000000104e75000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: b8 00 00 00 80 mov $0x80000000,%eax
5: 7f 77 jg 0x7e
7: 00 00 add %al,(%rax)
9: 48 81 fd 00 00 00 80 cmp $0xffffffff80000000,%rbp
10: 72 07 jb 0x19
12: 48 8b 05 9d d0 70 04 mov 0x470d09d(%rip),%rax # 0x470d0b6
19: 48 01 e8 add %rbp,%rax
1c: 48 2d 00 00 00 80 sub $0xffffffff80000000,%rax
22: 48 c1 e8 06 shr $0x6,%rax
26: 48 83 e0 c0 and $0xffffffffffffffc0,%rax
* 2a: 48 8b 4c 06 08 mov 0x8(%rsi,%rax,1),%rcx <-- trapping instruction
2f: f6 c1 01 test $0x1,%cl
32: 0f 85 47 01 00 00 jne 0x17f
38: 48 01 f0 add %rsi,%rax
3b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 568035b01cfb Linux 6.0-rc1
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=15d65d0d080000
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+382af0...@syzkaller.appspotmail.com
platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
cfg80211: failed to load regulatory.db
BUG: unable to handle page fault for address: ffffebde00000008
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [#1] PREEMPT SMP
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 6.0.0-rc1-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Workqueue: events cache_reap
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:858 [inline]
RIP: 0010:virt_to_slab mm/slab.h:175 [inline]
RIP: 0010:free_block+0xc4/0x2d0 mm/slab.c:3317
Code: b8 00 00 00 80 7f 77 00 00 48 81 fd 00 00 00 80 72 07 48 8b 05 9d d0 70 04 48 01 e8 48 2d 00 00 00 80 48 c1 e8 06 48 83 e0 c0 <48> 8b 4c 06 08 f6 c1 01 0f 85 47 01 00 00 48 01 f0 0f 1f 44 00 00
RSP: 0018:ffffc900002f3c80 EFLAGS: 00010006
RAX: 000001de00000000 RBX: 0000000000000001 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffea0000000000 RDI: ffff888100cf06c0
RBP: 0000000000000000 R08: ffffc900002f3cf8 R09: 0000000000000000
R10: ffff888100f70a40 R11: 0001ffffffffffff R12: ffff888100cf06c0
R13: ffffc900002f3cf8 R14: ffffc900002f3cf8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffebde00000008 CR3: 0000000104e75000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
drain_array_locked mm/slab.c:2130 [inline]
drain_array+0xb8/0x1a0 mm/slab.c:3958
cache_reap+0x238/0x330 mm/slab.c:4010
process_one_work+0x3d3/0x720 kernel/workqueue.c:2289
worker_thread+0x618/0xa70 kernel/workqueue.c:2436
kthread+0x1a9/0x1e0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30
</TASK>
Modules linked in:
CR2: ffffebde00000008
---[ end trace 0000000000000000 ]---
RIP: 0010:_compound_head include/linux/page-flags.h:253 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:858 [inline]
RIP: 0010:virt_to_slab mm/slab.h:175 [inline]
RIP: 0010:free_block+0xc4/0x2d0 mm/slab.c:3317
Code: b8 00 00 00 80 7f 77 00 00 48 81 fd 00 00 00 80 72 07 48 8b 05 9d d0 70 04 48 01 e8 48 2d 00 00 00 80 48 c1 e8 06 48 83 e0 c0 <48> 8b 4c 06 08 f6 c1 01 0f 85 47 01 00 00 48 01 f0 0f 1f 44 00 00
RSP: 0018:ffffc900002f3c80 EFLAGS: 00010006
RAX: 000001de00000000 RBX: 0000000000000001 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffffea0000000000 RDI: ffff888100cf06c0
RBP: 0000000000000000 R08: ffffc900002f3cf8 R09: 0000000000000000
R10: ffff888100f70a40 R11: 0001ffffffffffff R12: ffff888100cf06c0
R13: ffffc900002f3cf8 R14: ffffc900002f3cf8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffebde00000008 CR3: 0000000104e75000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: b8 00 00 00 80 mov $0x80000000,%eax
5: 7f 77 jg 0x7e
7: 00 00 add %al,(%rax)
9: 48 81 fd 00 00 00 80 cmp $0xffffffff80000000,%rbp
10: 72 07 jb 0x19
12: 48 8b 05 9d d0 70 04 mov 0x470d09d(%rip),%rax # 0x470d0b6
19: 48 01 e8 add %rbp,%rax
1c: 48 2d 00 00 00 80 sub $0xffffffff80000000,%rax
22: 48 c1 e8 06 shr $0x6,%rax
26: 48 83 e0 c0 and $0xffffffffffffffc0,%rax
* 2a: 48 8b 4c 06 08 mov 0x8(%rsi,%rax,1),%rcx <-- trapping instruction
2f: f6 c1 01 test $0x1,%cl
32: 0f 85 47 01 00 00 jne 0x17f
38: 48 01 f0 add %rsi,%rax
3b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Guenter Roeck
Aug 15, 2022, 2:00:49 PM8/15/22
to syzkaller-bugs
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git fc4d146e8d7d25ef88d409bea1f2e9aff7f30635
syzbot
Aug 15, 2022, 2:00:53 PM8/15/22
to 'Guenter Roeck' via syzkaller-bugs, syzkall...@googlegroups.com
> #syz test https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git
I see the command but can't find the corresponding bug.
Please resend the email to syzbo...@syzkaller.appspotmail.com address
that is the sender of the bug report (also present in the Reported-by tag).
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bug...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/38c49e72-ed03-4894-b4bc-3397956022c9n%40googlegroups.com.
I see the command but can't find the corresponding bug.
Please resend the email to syzbo...@syzkaller.appspotmail.com address
that is the sender of the bug report (also present in the Reported-by tag).
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bug...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/38c49e72-ed03-4894-b4bc-3397956022c9n%40googlegroups.com.
syzbot
Aug 15, 2022, 3:33:09 PM8/15/22
to li...@roeck-us.net, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+382af0...@syzkaller.appspotmail.com
Tested on:
commit: fc4d146e virtio_net: Revert "virtio_net: set the defau..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git
Note: testing is done by a robot and is best-effort only.
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+382af0...@syzkaller.appspotmail.com
Tested on:
commit: fc4d146e virtio_net: Revert "virtio_net: set the defau..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
Note: no patches were applied.
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
Note: testing is done by a robot and is best-effort only.
syzbot
Aug 15, 2022, 4:03:11 PM8/15/22
to li...@roeck-us.net, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+382af0...@syzkaller.appspotmail.com
Tested on:
commit: 568035b0 Linux 6.0-rc1
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+382af0...@syzkaller.appspotmail.com
Tested on:
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v6.0-rc1
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
patch: https://syzkaller.appspot.com/x/patch.diff?x=135f650d080000
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Aug 15, 2022, 4:21:20 PM8/15/22
to li...@roeck-us.net, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
heduler registered.
[ 4.739385][ T1] IPVS: [lblc] scheduler registered.
[ 4.740364][ T1] IPVS: [lblcr] scheduler registered.
[ 4.741277][ T1] IPVS: [dh] scheduler registered.
[ 4.742280][ T1] IPVS: [sh] scheduler registered.
[ 4.743593][ T1] IPVS: [mh] scheduler registered.
[ 4.744813][ T1] IPVS: [sed] scheduler registered.
[ 4.746225][ T1] IPVS: [nq] scheduler registered.
[ 4.748216][ T1] IPVS: [twos] scheduler registered.
[ 4.750158][ T1] IPVS: [sip] pe registered.
[ 4.751259][ T1] ipip: IPv4 and MPLS over IPv4 tunneling driver
[ 4.753615][ T1] gre: GRE over IPv4 demultiplexor driver
[ 4.755284][ T1] ip_gre: GRE over IPv4 tunneling driver
[ 4.758780][ T1] IPv4 over IPsec tunneling driver
[ 4.761116][ T1] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[ 4.763045][ T1] Initializing XFRM netlink socket
[ 4.764308][ T1] IPsec XFRM device driver
[ 4.765955][ T1] NET: Registered PF_INET6 protocol family
[ 4.771095][ T1] Segment Routing with IPv6
[ 4.772193][ T1] RPL Segment Routing with IPv6
[ 4.773596][ T1] In-situ OAM (IOAM) with IPv6
[ 4.774694][ T1] mip6: Mobile IPv6
[ 4.776653][ T1] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
[ 4.780584][ T1] ip6_gre: GRE over IPv6 tunneling driver
[ 4.782484][ T1] NET: Registered PF_PACKET protocol family
[ 4.783748][ T1] NET: Registered PF_KEY protocol family
[ 4.786206][ T1] Bridge firewalling registered
[ 4.787488][ T1] NET: Registered PF_X25 protocol family
[ 4.788891][ T1] X25: Linux Version 0.2
[ 4.789651][ T1] can: controller area network core
[ 4.790511][ T1] NET: Registered PF_CAN protocol family
[ 4.792076][ T1] can: raw protocol
[ 4.793075][ T1] can: broadcast manager protocol
[ 4.794597][ T1] can: netlink gateway - max_hops=1
[ 4.796383][ T1] can: SAE J1939
[ 4.797345][ T1] can: isotp protocol
[ 4.799665][ T1] NET: Registered PF_RXRPC protocol family
[ 4.801486][ T1] Key type rxrpc registered
[ 4.802474][ T1] Key type rxrpc_s registered
[ 4.804059][ T1] NET: Registered PF_KCM protocol family
[ 4.805672][ T1] lec:lane_module_init: lec.c: initialized
[ 4.807142][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 4.808900][ T1] l2tp_core: L2TP core driver, V2.0
[ 4.810150][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 4.811395][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 4.812764][ T1] l2tp_netlink: L2TP netlink interface
[ 4.814286][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 4.815891][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 4.817662][ T1] NET: Registered PF_PHONET protocol family
[ 4.818893][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 4.834628][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 4.836287][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 4.838387][ T1] sctp: Hash tables configured (bind 256/256)
[ 4.840496][ T1] NET: Registered PF_RDS protocol family
[ 4.841898][ T1] Registered RDS/infiniband transport
[ 4.843353][ T1] Registered RDS/tcp transport
[ 4.844617][ T1] lib80211: common routines for IEEE802.11 drivers
[ 4.846800][ T1] tipc: Activated (version 2.0.0)
[ 4.848180][ T1] NET: Registered PF_TIPC protocol family
[ 4.849657][ T1] tipc: Started in single node mode
[ 4.851080][ T1] NET: Registered PF_SMC protocol family
[ 4.852802][ T1] 9pnet: Installing 9P2000 support
[ 4.853826][ T1] NET: Registered PF_CAIF protocol family
[ 4.856685][ T1] NET: Registered PF_IEEE802154 protocol family
[ 4.858166][ T1] Key type dns_resolver registered
[ 4.859562][ T1] Key type ceph registered
[ 4.861160][ T1] libceph: loaded (mon/osd proto 15/24)
[ 4.862576][ T1] batman_adv: B.A.T.M.A.N. advanced 2022.2 (compatibility version 15) loaded
[ 4.864998][ T1] openvswitch: Open vSwitch switching datapath
[ 4.866876][ T1] NET: Registered PF_VSOCK protocol family
[ 4.868498][ T1] mpls_gso: MPLS GSO support
[ 4.872847][ T1] IPI shorthand broadcast: enabled
[ 4.874158][ T1] sched_clock: Marking stable (4850860933, 18741451)->(4866146588, 3455796)
[ 4.876675][ T1] registered taskstats version 1
[ 4.877786][ T1] Loading compiled-in X.509 certificates
[ 4.880776][ T78] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input4
[ 4.887375][ T1] PM: Magic number: 2:430:245
[ 4.889112][ T1] printk: console [netcon0] enabled
[ 4.890382][ T1] netconsole: network logging started
[ 4.891817][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 4.894507][ T1] rdma_rxe: loaded
[ 4.895369][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 4.899832][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 4.902023][ T78] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 4.904283][ T78] cfg80211: failed to load regulatory.db
[ 4.906199][ T1] ALSA device list:
[ 4.907336][ T1] No soundcards found.
[ 4.909149][ T1] md: Waiting for all devices to be available before autodetect
[ 4.910734][ T1] md: If you don't use raid, use raid=noautodetect
[ 4.912083][ T1] md: Autodetecting RAID arrays.
[ 4.912830][ T1] md: autorun ...
[ 4.913344][ T1] md: ... autorun DONE.
[ 4.945088][ T1] EXT4-fs (sda1): mounted filesystem with ordered data mode. Quota mode: none.
[ 4.946509][ T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[ 4.948368][ T1] devtmpfs: mounted
[ 4.950567][ T1] Freeing unused kernel image (initmem) memory: 1728K
[ 4.979547][ T1] Write protecting the kernel read-only data: 77824k
[ 4.982377][ T1] Freeing unused kernel image (text/rodata gap) memory: 2032K
[ 4.984342][ T1] Freeing unused kernel image (rodata/data gap) memory: 1048K
[ 4.985542][ T1] Failed to set sysctl parameter 'kernel.hung_task_all_cpu_backtrace=1': parameter not found
[ 4.989512][ T1] Failed to set sysctl parameter 'max_rcu_stall_to_panic=1': parameter not found
[ 4.991053][ T1] Run /sbin/init as init process
[ 5.094446][ T1] SELinux: Class mctp_socket not defined in policy.
[ 5.095727][ T1] SELinux: Class anon_inode not defined in policy.
[ 5.096743][ T1] SELinux: Class io_uring not defined in policy.
[ 5.097664][ T1] SELinux: the above unknown classes and permissions will be denied
[ 5.106222][ T1] SELinux: policy capability network_peer_controls=1
[ 5.108031][ T1] SELinux: policy capability open_perms=1
[ 5.108926][ T1] SELinux: policy capability extended_socket_class=1
[ 5.109988][ T1] SELinux: policy capability always_check_network=0
[ 5.111149][ T1] SELinux: policy capability cgroup_seclabel=1
[ 5.112243][ T1] SELinux: policy capability nnp_nosuid_transition=1
[ 5.113195][ T1] SELinux: policy capability genfs_seclabel_symlinks=0
[ 5.114363][ T1] SELinux: policy capability ioctl_skip_cloexec=0
[ 5.166540][ T24] audit: type=1403 audit(1660594478.647:2): auid=4294967295 ses=4294967295 lsm=selinux res=1
[ 5.180509][ T1403] mount (1403) used greatest stack depth: 12264 bytes left
[ 5.202734][ T1404] EXT4-fs (sda1): re-mounted. Quota mode: none.
mount: mounting smackfs on /sys/fs/smackfs failed: No such file or directory
mount: mounting fusectl on /sys/fs/fuse/connections failed: No such file or directory
mount: mounting pstore on /sys/fs/pstore failed: No such file or directory
mount: mounting mqueue on /dev/mqueue failed: No such file or directory
mount: mounting hugetlbfs on /dev/hugepages failed: No such file or directory
mount: mounting fuse.lxcfs on /var/lib/lxcfs failed: No such file or directory
[ 5.240298][ T1409] ln (1409) used greatest stack depth: 12232 bytes left
Starting syslogd: [ 5.274173][ T24] audit: type=1400 audit(1660594478.757:3): avc: denied { read write } for pid=1418 comm="syslogd" path="/dev/null" dev="devtmpfs" ino=4 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
OK
[ 5.281958][ T24] audit: type=1400 audit(1660594478.767:4): avc: denied { read } for pid=1418 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Starting acpid: [ 5.287661][ T24] audit: type=1400 audit(1660594478.767:5): avc: denied { search } for pid=1418 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.291063][ T24] audit: type=1400 audit(1660594478.767:6): avc: denied { write } for pid=1418 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.294470][ T24] audit: type=1400 audit(1660594478.767:7): avc: denied { add_name } for pid=1418 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.297255][ T24] audit: type=1400 audit(1660594478.767:8): avc: denied { create } for pid=1418 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 5.300017][ T24] audit: type=1400 audit(1660594478.767:9): avc: denied { append open } for pid=1418 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 5.303092][ T1420] acpid (1420) used greatest stack depth: 11984 bytes left
[ 5.303427][ T24] audit: type=1400 audit(1660594478.767:10): avc: denied { getattr } for pid=1418 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
OK
Starting klogd: OK
Running sysctl: OK
Populating /dev using udev: [ 5.435464][ T1435] udevd[1435]: starting version 3.2.10
[ 5.459757][ T1436] udevd[1436]: starting eudev-3.2.10
[ 5.460333][ T1435] udevd (1435) used greatest stack depth: 11936 bytes left
done
Starting system message bus: [ 6.131424][ T24] kauditd_printk_skb: 13 callbacks suppressed
[ 6.131432][ T24] audit: type=1400 audit(1660594479.617:24): avc: denied { use } for pid=1458 comm="dbus-daemon" path="/dev/console" dev="rootfs" ino=2400 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:kernel_t tclass=fd permissive=1
[ 6.135771][ T24] audit: type=1400 audit(1660594479.617:25): avc: denied { read write } for pid=1458 comm="dbus-daemon" path="/dev/console" dev="rootfs" ino=2400 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1
[ 6.151763][ T24] audit: type=1400 audit(1660594479.637:26): avc: denied { search } for pid=1458 comm="dbus-daemon" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.158933][ T24] audit: type=1400 audit(1660594479.637:27): avc: denied { write } for pid=1458 comm="dbus-daemon" name="dbus" dev="tmpfs" ino=327 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.162686][ T24] audit: type=1400 audit(1660594479.647:28): avc: denied { add_name } for pid=1458 comm="dbus-daemon" name="system_bus_socket" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.166012][ T24] audit: type=1400 audit(1660594479.647:29): avc: denied { create } for pid=1458 comm="dbus-daemon" name="system_bus_socket" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1
done
[ 6.169790][ T24] audit: type=1400 audit(1660594479.647:30): avc: denied { setattr } for pid=1458 comm="dbus-daemon" name="system_bus_socket" dev="tmpfs" ino=328 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1
[ 6.173396][ T24] audit: type=1400 audit(1660594479.647:31): avc: denied { create } for pid=1458 comm="dbus-daemon" name="messagebus.pid" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 6.176503][ T24] audit: type=1400 audit(1660594479.647:32): avc: denied { write open } for pid=1458 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=329 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 6.180345][ T24] audit: type=1400 audit(1660594479.647:33): avc: denied { getattr } for pid=1458 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=329 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Starting network: OK
Starting dhcpcd...
dhcpcd-9.4.0 starting
dev: loaded udev
DUID 00:04:0f:56:fa:4f:71:e7:ec:26:d0:03:e6:19:f6:5a:95:e9
[ 6.313225][ T1482] chmod (1482) used greatest stack depth: 11504 bytes left
forked to background, child pid 1472
[ 6.520500][ T1473] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6.523488][ T1473] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
syzkaller login:
syzkaller build log:
go env (err=<nil>)
GO111MODULE="auto"
GOARCH="amd64"
GOBIN=""
GOCACHE="/syzkaller/.cache/go-build"
GOENV="/syzkaller/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/syzkaller/jobs/linux/gopath/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/syzkaller/jobs/linux/gopath"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.17"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build1059758029=/tmp/go-build -gno-record-gcc-switches"
git status (err=<nil>)
HEAD detached at 8dfcaa3d2
nothing to commit, working tree clean
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-stress github.com/google/syzkaller/tools/syz-stress
mkdir -p ./bin/linux_amd64
gcc -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -static-pie -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"8dfcaa3d2828a113ae780da01f5f73ad64710e31\"
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=1660f485080000
Tested on:
commit: 568035b0 Linux 6.0-rc1
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v6.0-rc1
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot tried to test the proposed patch but the build/boot failed:
heduler registered.
[ 4.739385][ T1] IPVS: [lblc] scheduler registered.
[ 4.740364][ T1] IPVS: [lblcr] scheduler registered.
[ 4.741277][ T1] IPVS: [dh] scheduler registered.
[ 4.742280][ T1] IPVS: [sh] scheduler registered.
[ 4.743593][ T1] IPVS: [mh] scheduler registered.
[ 4.744813][ T1] IPVS: [sed] scheduler registered.
[ 4.746225][ T1] IPVS: [nq] scheduler registered.
[ 4.748216][ T1] IPVS: [twos] scheduler registered.
[ 4.750158][ T1] IPVS: [sip] pe registered.
[ 4.751259][ T1] ipip: IPv4 and MPLS over IPv4 tunneling driver
[ 4.753615][ T1] gre: GRE over IPv4 demultiplexor driver
[ 4.755284][ T1] ip_gre: GRE over IPv4 tunneling driver
[ 4.758780][ T1] IPv4 over IPsec tunneling driver
[ 4.761116][ T1] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[ 4.763045][ T1] Initializing XFRM netlink socket
[ 4.764308][ T1] IPsec XFRM device driver
[ 4.765955][ T1] NET: Registered PF_INET6 protocol family
[ 4.771095][ T1] Segment Routing with IPv6
[ 4.772193][ T1] RPL Segment Routing with IPv6
[ 4.773596][ T1] In-situ OAM (IOAM) with IPv6
[ 4.774694][ T1] mip6: Mobile IPv6
[ 4.776653][ T1] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver
[ 4.780584][ T1] ip6_gre: GRE over IPv6 tunneling driver
[ 4.782484][ T1] NET: Registered PF_PACKET protocol family
[ 4.783748][ T1] NET: Registered PF_KEY protocol family
[ 4.786206][ T1] Bridge firewalling registered
[ 4.787488][ T1] NET: Registered PF_X25 protocol family
[ 4.788891][ T1] X25: Linux Version 0.2
[ 4.789651][ T1] can: controller area network core
[ 4.790511][ T1] NET: Registered PF_CAN protocol family
[ 4.792076][ T1] can: raw protocol
[ 4.793075][ T1] can: broadcast manager protocol
[ 4.794597][ T1] can: netlink gateway - max_hops=1
[ 4.796383][ T1] can: SAE J1939
[ 4.797345][ T1] can: isotp protocol
[ 4.799665][ T1] NET: Registered PF_RXRPC protocol family
[ 4.801486][ T1] Key type rxrpc registered
[ 4.802474][ T1] Key type rxrpc_s registered
[ 4.804059][ T1] NET: Registered PF_KCM protocol family
[ 4.805672][ T1] lec:lane_module_init: lec.c: initialized
[ 4.807142][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 4.808900][ T1] l2tp_core: L2TP core driver, V2.0
[ 4.810150][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 4.811395][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 4.812764][ T1] l2tp_netlink: L2TP netlink interface
[ 4.814286][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 4.815891][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 4.817662][ T1] NET: Registered PF_PHONET protocol family
[ 4.818893][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 4.834628][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 4.836287][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 4.838387][ T1] sctp: Hash tables configured (bind 256/256)
[ 4.840496][ T1] NET: Registered PF_RDS protocol family
[ 4.841898][ T1] Registered RDS/infiniband transport
[ 4.843353][ T1] Registered RDS/tcp transport
[ 4.844617][ T1] lib80211: common routines for IEEE802.11 drivers
[ 4.846800][ T1] tipc: Activated (version 2.0.0)
[ 4.848180][ T1] NET: Registered PF_TIPC protocol family
[ 4.849657][ T1] tipc: Started in single node mode
[ 4.851080][ T1] NET: Registered PF_SMC protocol family
[ 4.852802][ T1] 9pnet: Installing 9P2000 support
[ 4.853826][ T1] NET: Registered PF_CAIF protocol family
[ 4.856685][ T1] NET: Registered PF_IEEE802154 protocol family
[ 4.858166][ T1] Key type dns_resolver registered
[ 4.859562][ T1] Key type ceph registered
[ 4.861160][ T1] libceph: loaded (mon/osd proto 15/24)
[ 4.862576][ T1] batman_adv: B.A.T.M.A.N. advanced 2022.2 (compatibility version 15) loaded
[ 4.864998][ T1] openvswitch: Open vSwitch switching datapath
[ 4.866876][ T1] NET: Registered PF_VSOCK protocol family
[ 4.868498][ T1] mpls_gso: MPLS GSO support
[ 4.872847][ T1] IPI shorthand broadcast: enabled
[ 4.874158][ T1] sched_clock: Marking stable (4850860933, 18741451)->(4866146588, 3455796)
[ 4.876675][ T1] registered taskstats version 1
[ 4.877786][ T1] Loading compiled-in X.509 certificates
[ 4.880776][ T78] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input4
[ 4.887375][ T1] PM: Magic number: 2:430:245
[ 4.889112][ T1] printk: console [netcon0] enabled
[ 4.890382][ T1] netconsole: network logging started
[ 4.891817][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 4.894507][ T1] rdma_rxe: loaded
[ 4.895369][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 4.899832][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 4.902023][ T78] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 4.904283][ T78] cfg80211: failed to load regulatory.db
[ 4.906199][ T1] ALSA device list:
[ 4.907336][ T1] No soundcards found.
[ 4.909149][ T1] md: Waiting for all devices to be available before autodetect
[ 4.910734][ T1] md: If you don't use raid, use raid=noautodetect
[ 4.912083][ T1] md: Autodetecting RAID arrays.
[ 4.912830][ T1] md: autorun ...
[ 4.913344][ T1] md: ... autorun DONE.
[ 4.945088][ T1] EXT4-fs (sda1): mounted filesystem with ordered data mode. Quota mode: none.
[ 4.946509][ T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[ 4.948368][ T1] devtmpfs: mounted
[ 4.950567][ T1] Freeing unused kernel image (initmem) memory: 1728K
[ 4.979547][ T1] Write protecting the kernel read-only data: 77824k
[ 4.982377][ T1] Freeing unused kernel image (text/rodata gap) memory: 2032K
[ 4.984342][ T1] Freeing unused kernel image (rodata/data gap) memory: 1048K
[ 4.985542][ T1] Failed to set sysctl parameter 'kernel.hung_task_all_cpu_backtrace=1': parameter not found
[ 4.989512][ T1] Failed to set sysctl parameter 'max_rcu_stall_to_panic=1': parameter not found
[ 4.991053][ T1] Run /sbin/init as init process
[ 5.094446][ T1] SELinux: Class mctp_socket not defined in policy.
[ 5.095727][ T1] SELinux: Class anon_inode not defined in policy.
[ 5.096743][ T1] SELinux: Class io_uring not defined in policy.
[ 5.097664][ T1] SELinux: the above unknown classes and permissions will be denied
[ 5.106222][ T1] SELinux: policy capability network_peer_controls=1
[ 5.108031][ T1] SELinux: policy capability open_perms=1
[ 5.108926][ T1] SELinux: policy capability extended_socket_class=1
[ 5.109988][ T1] SELinux: policy capability always_check_network=0
[ 5.111149][ T1] SELinux: policy capability cgroup_seclabel=1
[ 5.112243][ T1] SELinux: policy capability nnp_nosuid_transition=1
[ 5.113195][ T1] SELinux: policy capability genfs_seclabel_symlinks=0
[ 5.114363][ T1] SELinux: policy capability ioctl_skip_cloexec=0
[ 5.166540][ T24] audit: type=1403 audit(1660594478.647:2): auid=4294967295 ses=4294967295 lsm=selinux res=1
[ 5.180509][ T1403] mount (1403) used greatest stack depth: 12264 bytes left
[ 5.202734][ T1404] EXT4-fs (sda1): re-mounted. Quota mode: none.
mount: mounting smackfs on /sys/fs/smackfs failed: No such file or directory
mount: mounting fusectl on /sys/fs/fuse/connections failed: No such file or directory
mount: mounting pstore on /sys/fs/pstore failed: No such file or directory
mount: mounting mqueue on /dev/mqueue failed: No such file or directory
mount: mounting hugetlbfs on /dev/hugepages failed: No such file or directory
mount: mounting fuse.lxcfs on /var/lib/lxcfs failed: No such file or directory
[ 5.240298][ T1409] ln (1409) used greatest stack depth: 12232 bytes left
Starting syslogd: [ 5.274173][ T24] audit: type=1400 audit(1660594478.757:3): avc: denied { read write } for pid=1418 comm="syslogd" path="/dev/null" dev="devtmpfs" ino=4 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
OK
[ 5.281958][ T24] audit: type=1400 audit(1660594478.767:4): avc: denied { read } for pid=1418 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Starting acpid: [ 5.287661][ T24] audit: type=1400 audit(1660594478.767:5): avc: denied { search } for pid=1418 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.291063][ T24] audit: type=1400 audit(1660594478.767:6): avc: denied { write } for pid=1418 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.294470][ T24] audit: type=1400 audit(1660594478.767:7): avc: denied { add_name } for pid=1418 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 5.297255][ T24] audit: type=1400 audit(1660594478.767:8): avc: denied { create } for pid=1418 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 5.300017][ T24] audit: type=1400 audit(1660594478.767:9): avc: denied { append open } for pid=1418 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 5.303092][ T1420] acpid (1420) used greatest stack depth: 11984 bytes left
[ 5.303427][ T24] audit: type=1400 audit(1660594478.767:10): avc: denied { getattr } for pid=1418 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
OK
Starting klogd: OK
Running sysctl: OK
Populating /dev using udev: [ 5.435464][ T1435] udevd[1435]: starting version 3.2.10
[ 5.459757][ T1436] udevd[1436]: starting eudev-3.2.10
[ 5.460333][ T1435] udevd (1435) used greatest stack depth: 11936 bytes left
done
Starting system message bus: [ 6.131424][ T24] kauditd_printk_skb: 13 callbacks suppressed
[ 6.131432][ T24] audit: type=1400 audit(1660594479.617:24): avc: denied { use } for pid=1458 comm="dbus-daemon" path="/dev/console" dev="rootfs" ino=2400 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:kernel_t tclass=fd permissive=1
[ 6.135771][ T24] audit: type=1400 audit(1660594479.617:25): avc: denied { read write } for pid=1458 comm="dbus-daemon" path="/dev/console" dev="rootfs" ino=2400 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1
[ 6.151763][ T24] audit: type=1400 audit(1660594479.637:26): avc: denied { search } for pid=1458 comm="dbus-daemon" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.158933][ T24] audit: type=1400 audit(1660594479.637:27): avc: denied { write } for pid=1458 comm="dbus-daemon" name="dbus" dev="tmpfs" ino=327 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.162686][ T24] audit: type=1400 audit(1660594479.647:28): avc: denied { add_name } for pid=1458 comm="dbus-daemon" name="system_bus_socket" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 6.166012][ T24] audit: type=1400 audit(1660594479.647:29): avc: denied { create } for pid=1458 comm="dbus-daemon" name="system_bus_socket" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1
done
[ 6.169790][ T24] audit: type=1400 audit(1660594479.647:30): avc: denied { setattr } for pid=1458 comm="dbus-daemon" name="system_bus_socket" dev="tmpfs" ino=328 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1
[ 6.173396][ T24] audit: type=1400 audit(1660594479.647:31): avc: denied { create } for pid=1458 comm="dbus-daemon" name="messagebus.pid" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 6.176503][ T24] audit: type=1400 audit(1660594479.647:32): avc: denied { write open } for pid=1458 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=329 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 6.180345][ T24] audit: type=1400 audit(1660594479.647:33): avc: denied { getattr } for pid=1458 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=329 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Starting network: OK
Starting dhcpcd...
dhcpcd-9.4.0 starting
dev: loaded udev
DUID 00:04:0f:56:fa:4f:71:e7:ec:26:d0:03:e6:19:f6:5a:95:e9
[ 6.313225][ T1482] chmod (1482) used greatest stack depth: 11504 bytes left
forked to background, child pid 1472
[ 6.520500][ T1473] 8021q: adding VLAN 0 to HW filter on device bond0
[ 6.523488][ T1473] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
syzkaller login:
syzkaller build log:
go env (err=<nil>)
GO111MODULE="auto"
GOARCH="amd64"
GOBIN=""
GOCACHE="/syzkaller/.cache/go-build"
GOENV="/syzkaller/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/syzkaller/jobs/linux/gopath/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/syzkaller/jobs/linux/gopath"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.17"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build1059758029=/tmp/go-build -gno-record-gcc-switches"
git status (err=<nil>)
HEAD detached at 8dfcaa3d2
nothing to commit, working tree clean
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=8dfcaa3d2828a113ae780da01f5f73ad64710e31 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20220812-115356'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-stress github.com/google/syzkaller/tools/syz-stress
mkdir -p ./bin/linux_amd64
gcc -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -static-pie -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"8dfcaa3d2828a113ae780da01f5f73ad64710e31\"
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=1660f485080000
Tested on:
commit: 568035b0 Linux 6.0-rc1
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v6.0-rc1
kernel config: https://syzkaller.appspot.com/x/.config?x=e656d8727a25e83b
dashboard link: https://syzkaller.appspot.com/bug?extid=382af021ce115a936b1f
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Dec 13, 2022, 7:15:32 PM12/13/22
to syzkall...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages