[ 26.965284][ T24] audit: type=1800 audit(1562304781.602:32): pid=6930 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 27.478442][ T24] audit: type=1800 audit(1562304782.182:33): pid=6930 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.71' (ECDSA) to the list of known hosts. syzkaller login: [ 490.638143][ T24] kauditd_printk_skb: 2 callbacks suppressed [ 490.638149][ T24] audit: type=1400 audit(1562305245.342:36): avc: denied { map } for pid=7123 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/07/05 05:40:46 parsed 1 programs [ 491.585975][ T24] audit: type=1400 audit(1562305246.292:37): avc: denied { map } for pid=7123 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=31 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 491.587766][ T3775] kmemleak: Automatic memory scanning thread ended 2019/07/05 05:40:54 executed programs: 0 [ 500.170008][ T7138] IPVS: ftp: loaded support on port[0] = 21 [ 500.190080][ T7138] chnl_net:caif_netlink_parms(): no params data found [ 500.201917][ T7138] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.209029][ T7138] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.216334][ T7138] device bridge_slave_0 entered promiscuous mode [ 500.223017][ T7138] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.230077][ T7138] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.237378][ T7138] device bridge_slave_1 entered promiscuous mode [ 500.246536][ T7138] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 500.255258][ T7138] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 500.266016][ T7138] team0: Port device team_slave_0 added [ 500.271894][ T7138] team0: Port device team_slave_1 added [ 500.325110][ T7138] device hsr_slave_0 entered promiscuous mode [ 500.374443][ T7138] device hsr_slave_1 entered promiscuous mode [ 500.431305][ T7138] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.438345][ T7138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.445586][ T7138] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.452629][ T7138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.467319][ T7138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 500.475590][ T7141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 500.493203][ T7141] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.500918][ T7141] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.509052][ T7141] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 500.526189][ T7138] 8021q: adding VLAN 0 to HW filter on device team0 [ 500.534958][ T7140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 500.543482][ T7140] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.550657][ T7140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.558098][ T7140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 500.566701][ T7140] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.573812][ T7140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.583930][ T7141] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 500.592274][ T7141] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 500.600709][ T7140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 500.609977][ T7141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 500.619140][ T7140] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 500.627652][ T7138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 500.637787][ T7138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.653265][ T24] audit: type=1400 audit(1562305255.352:38): avc: denied { associate } for pid=7138 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2019/07/05 05:41:01 executed programs: 1 [ 507.719150][ T7156] kmemleak: 3 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 514.753090][ T7156] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888121946a40 (size 632): comm "syz-executor.0", pid 7150, jiffies 4294987335 (age 14.140s) hex dump (first 32 bytes): 03 00 00 00 01 00 ff ff 00 00 00 00 00 00 00 00 ................ c0 41 22 13 81 88 ff ff 00 00 00 00 00 00 00 00 .A"............. backtrace: [<00000000013a5ca9>] kmem_cache_alloc+0x134/0x270 [<0000000042f93c7e>] sock_alloc_inode+0x1d/0xe0 [<0000000043aea4f5>] alloc_inode+0x2c/0xe0 [<0000000010046887>] new_inode_pseudo+0x18/0x70 [<000000009cf42a3b>] sock_alloc+0x1c/0x90 [<00000000b43546fe>] __sock_create+0x8f/0x250 [<00000000879199e6>] sock_create_kern+0x3b/0x50 [<00000000318529dc>] smc_create+0xae/0x160 [<00000000817ba860>] __sock_create+0x164/0x250 [<00000000d245c566>] __sys_socket+0x69/0x110 [<00000000fa2ca702>] __x64_sys_socket+0x1e/0x30 [<00000000cbf17bfa>] do_syscall_64+0x76/0x1a0 [<000000007e5cbe2f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881132241c0 (size 64): comm "syz-executor.0", pid 7150, jiffies 4294987335 (age 14.140s) hex dump (first 32 bytes): 00 00 00 00 81 88 ff ff c8 41 22 13 81 88 ff ff .........A"..... c8 41 22 13 81 88 ff ff 00 00 00 00 00 00 00 00 .A"............. backtrace: [<000000005b9e007f>] kmem_cache_alloc_trace+0x13d/0x280 [<000000003af7f033>] sock_alloc_inode+0x44/0xe0 [<0000000043aea4f5>] alloc_inode+0x2c/0xe0 [<0000000010046887>] new_inode_pseudo+0x18/0x70 [<000000009cf42a3b>] sock_alloc+0x1c/0x90 [<00000000b43546fe>] __sock_create+0x8f/0x250 [<00000000879199e6>] sock_create_kern+0x3b/0x50 [<00000000318529dc>] smc_create+0xae/0x160 [<00000000817ba860>] __sock_create+0x164/0x250 [<00000000d245c566>] __sys_socket+0x69/0x110 [<00000000fa2ca702>] __x64_sys_socket+0x1e/0x30 [<00000000cbf17bfa>] do_syscall_64+0x76/0x1a0 [<000000007e5cbe2f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881131ab4d0 (size 56): comm "syz-executor.0", pid 7150, jiffies 4294987335 (age 14.140s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 70 6a 94 21 81 88 ff ff e8 b4 1a 13 81 88 ff ff pj.!............ backtrace: [<00000000013a5ca9>] kmem_cache_alloc+0x134/0x270 [<000000002466be7c>] security_inode_alloc+0x33/0xb0 [<000000009f575d68>] inode_init_always+0x108/0x200 [<0000000098ac54fb>] alloc_inode+0x49/0xe0 [<0000000010046887>] new_inode_pseudo+0x18/0x70 [<000000009cf42a3b>] sock_alloc+0x1c/0x90 [<00000000b43546fe>] __sock_create+0x8f/0x250 [<00000000879199e6>] sock_create_kern+0x3b/0x50 [<00000000318529dc>] smc_create+0xae/0x160 [<00000000817ba860>] __sock_create+0x164/0x250 [<00000000d245c566>] __sys_socket+0x69/0x110 [<00000000fa2ca702>] __x64_sys_socket+0x1e/0x30 [<00000000cbf17bfa>] do_syscall_64+0x76/0x1a0 [<000000007e5cbe2f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881219462c0 (size 632): comm "syz-executor.0", pid 7153, jiffies 4294987942 (age 8.070s) hex dump (first 32 bytes): 03 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ 80 6d a9 0e 81 88 ff ff 00 00 00 00 00 00 00 00 .m.............. backtrace: [<00000000013a5ca9>] kmem_cache_alloc+0x134/0x270 [<0000000042f93c7e>] sock_alloc_inode+0x1d/0xe0 [<0000000043aea4f5>] alloc_inode+0x2c/0xe0 [<0000000010046887>] new_inode_pseudo+0x18/0x70 [<000000009cf42a3b>] sock_alloc+0x1c/0x90 [<00000000b43546fe>] __sock_create+0x8f/0x250 [<00000000879199e6>] sock_create_kern+0x3b/0x50 [<00000000318529dc>] smc_create+0xae/0x160 [<00000000817ba860>] __sock_create+0x164/0x250 [<00000000d245c566>] __sys_socket+0x69/0x110 [<00000000fa2ca702>] __x64_sys_socket+0x1e/0x30 [<00000000cbf17bfa>] do_syscall_64+0x76/0x1a0 [<000000007e5cbe2f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9