[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 11.755959] audit: type=1400 audit(1513834469.186:6): avc: denied { map } for pid=3128 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-upstream-mmots-kasan-gce-9,10.128.0.16' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 17.890840] audit: type=1400 audit(1513834475.321:7): avc: denied { map } for pid=3142 comm="syzkaller419689" path="/root/syzkaller419689482" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 17.896331] FAULT_INJECTION: forcing a failure. [ 17.896331] name failslab, interval 1, probability 0, space 0, times 1 [ 17.896344] CPU: 0 PID: 3142 Comm: syzkaller419689 Not tainted 4.15.0-rc4-mm1+ #47 [ 17.896348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 17.896350] Call Trace: [ 17.896362] dump_stack+0x194/0x257 [ 17.896376] ? arch_local_irq_restore+0x53/0x53 [ 17.896384] ? trace_hardirqs_on+0xd/0x10 [ 17.896409] should_fail+0x8c0/0xa40 [ 17.896423] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 17.896434] ? check_noncircular+0x20/0x20 [ 17.896454] ? alloc_vmap_area+0x59e/0x8c0 [ 17.896468] ? find_held_lock+0x35/0x1d0 [ 17.896485] ? __lock_is_held+0xb6/0x140 [ 17.896514] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.896528] ? rcu_note_context_switch+0x710/0x710 [ 17.896534] ? lock_release+0xa40/0xa40 [ 17.896555] should_failslab+0xec/0x120 [ 17.896565] kmem_cache_alloc_node_trace+0x5a/0x750 [ 17.896570] ? vmap_page+0x1c5/0x2a0 [ 17.896595] __kmalloc_node+0x33/0x70 [ 17.896607] __vmalloc_node_range+0x1a1/0x650 [ 17.896631] vmalloc+0x45/0x50 [ 17.896641] ? bpf_prog_calc_tag+0xbf/0x6f0 [ 17.896650] bpf_prog_calc_tag+0xbf/0x6f0 [ 17.896666] ? __bpf_prog_free+0x50/0x50 [ 17.896678] ? __vmalloc_node_range+0x37a/0x650 [ 17.896709] bpf_check+0x64a/0x49f0 [ 17.896717] ? ktime_get_with_offset+0x2c1/0x420 [ 17.896741] ? do_check+0xae20/0xae20 [ 17.896748] ? memset+0x31/0x40 [ 17.896759] ? bpf_obj_name_cpy+0x199/0x1f0 [ 17.896764] ? kasan_check_write+0x14/0x20 [ 17.896779] bpf_prog_load+0xa2a/0x1b00 [ 17.896794] ? bpf_prog_new_fd+0x50/0x50 [ 17.896805] ? avc_has_perm+0x4fb/0x680 [ 17.896813] ? avc_has_perm+0x43e/0x680 [ 17.896827] ? avc_has_perm_noaudit+0x520/0x520 [ 17.896842] ? __might_fault+0x110/0x1d0 [ 17.896851] ? lock_downgrade+0x980/0x980 [ 17.896867] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.896876] ? __check_object_size+0x25d/0x4f0 [ 17.896894] ? __might_sleep+0x95/0x190 [ 17.896908] ? selinux_bpf+0xc3/0x110 [ 17.896917] ? security_bpf+0x89/0xb0 [ 17.896931] SyS_bpf+0x1044/0x4420 [ 17.896948] ? bpf_prog_get+0x20/0x20 [ 17.896959] ? __lock_acquire+0x664/0x3e00 [ 17.896977] ? check_noncircular+0x20/0x20 [ 17.896995] ? check_noncircular+0x20/0x20 [ 17.897012] ? _kstrtoull+0x145/0x1f0 [ 17.897023] ? _parse_integer+0x140/0x140 [ 17.897029] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.897044] ? find_held_lock+0x35/0x1d0 [ 17.897064] ? get_pid_task+0x93/0x140 [ 17.897073] ? lock_downgrade+0x980/0x980 [ 17.897091] ? rcu_read_lock_held+0xa9/0xc0 [ 17.897098] ? pid_task+0xf7/0x1a0 [ 17.897111] ? check_noncircular+0x20/0x20 [ 17.897120] ? save_stack+0x43/0xd0 [ 17.897126] ? kasan_slab_free+0x71/0xc0 [ 17.897140] ? get_pid_task+0xbc/0x140 [ 17.897150] ? proc_fail_nth_write+0x9b/0x1d0 [ 17.897159] ? map_files_get_link+0x3a0/0x3a0 [ 17.897178] ? find_held_lock+0x35/0x1d0 [ 17.897198] ? vfs_write+0x374/0x510 [ 17.897207] ? lock_downgrade+0x980/0x980 [ 17.897224] ? __lock_is_held+0xb6/0x140 [ 17.897256] ? __sb_end_write+0xa0/0xd0 [ 17.897266] ? vfs_write+0x224/0x510 [ 17.897285] ? SyS_write+0x184/0x220 [ 17.897305] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.897325] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 17.897330] RIP: 0033:0x440429 [ 17.897334] RSP: 002b:00007ffecd3b22e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 17.897342] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000440429 [ 17.897346] RDX: 0000000000000030 RSI: 0000000020b4cfd0 RDI: 0000000000000005 [ 17.897350] RBP: 0000000000000003 R08: 0000000000000002 R09: 0000000000003032 [ 17.897354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401d50 [ 17.897358] R13: 0000000000401de0 R14: 0000000000000000 R15: 0000000000000000 [ 17.900590] FAULT_INJECTION: forcing a failure. [ 17.900590] name failslab, interval 1, probability 0, space 0, times 0 [ 17.900597] CPU: 0 PID: 3142 Comm: syzkaller419689 Not tainted 4.15.0-rc4-mm1+ #47 [ 17.900601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 17.900603] Call Trace: [ 17.900611] dump_stack+0x194/0x257 [ 17.900623] ? arch_local_irq_restore+0x53/0x53 [ 17.900648] should_fail+0x8c0/0xa40 [ 17.900662] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 17.900671] ? depot_save_stack+0x2ca/0x460 [ 17.900686] ? save_stack+0xa3/0xd0 [ 17.900694] ? save_stack+0x43/0xd0 [ 17.900700] ? kasan_kmalloc+0xad/0xe0 [ 17.900706] ? kmem_cache_alloc_trace+0x136/0x750 [ 17.900720] ? find_held_lock+0x35/0x1d0 [ 17.900737] ? __lock_is_held+0xb6/0x140 [ 17.900766] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.900778] ? rcu_note_context_switch+0x710/0x710 [ 17.900799] should_failslab+0xec/0x120 [ 17.900808] kmem_cache_alloc_trace+0x4b/0x750 [ 17.900822] ? do_check+0x5af/0xae20 [ 17.900838] copy_verifier_state+0x3f0/0x590 [ 17.900858] do_check+0x5cf/0xae20 [ 17.900868] ? depot_save_stack+0x2ca/0x460 [ 17.900889] ? kfree+0xd6/0x260 [ 17.900895] ? bpf_prog_load+0xa2a/0x1b00 [ 17.900901] ? SyS_bpf+0x1044/0x4420 [ 17.900919] ? check_mem_access+0x28c0/0x28c0 [ 17.900929] ? check_noncircular+0x20/0x20 [ 17.900939] ? print_irqtrace_events+0x270/0x270 [ 17.900952] ? free_obj_work+0x690/0x690 [ 17.900968] ? __lock_is_held+0xb6/0x140 [ 17.900992] ? mark_held_locks+0xaf/0x100 [ 17.901005] ? kfree+0xf0/0x260 [ 17.901012] ? bpf_check+0x2b0e/0x49f0 [ 17.901020] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.901039] bpf_check+0x2b1b/0x49f0 [ 17.901047] ? ktime_get_with_offset+0x2c1/0x420 [ 17.901071] ? do_check+0xae20/0xae20 [ 17.901078] ? memset+0x31/0x40 [ 17.901088] ? bpf_obj_name_cpy+0x199/0x1f0 [ 17.901094] ? kasan_check_write+0x14/0x20 [ 17.901110] bpf_prog_load+0xa2a/0x1b00 [ 17.901125] ? bpf_prog_new_fd+0x50/0x50 [ 17.901139] ? avc_has_perm+0x43e/0x680 [ 17.901153] ? avc_has_perm_noaudit+0x520/0x520 [ 17.901168] ? __might_fault+0x110/0x1d0 [ 17.901177] ? lock_downgrade+0x980/0x980 [ 17.901194] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.901201] ? __check_object_size+0x25d/0x4f0 [ 17.901220] ? __might_sleep+0x95/0x190 [ 17.901235] ? selinux_bpf+0xc3/0x110 [ 17.901244] ? security_bpf+0x89/0xb0 [ 17.901258] SyS_bpf+0x1044/0x4420 [ 17.901279] ? bpf_prog_get+0x20/0x20 [ 17.901290] ? __lock_acquire+0x664/0x3e00 [ 17.901308] ? check_noncircular+0x20/0x20 [ 17.901326] ? check_noncircular+0x20/0x20 [ 17.901340] ? _kstrtoull+0x145/0x1f0 [ 17.901350] ? _parse_integer+0x140/0x140 [ 17.901357] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.901371] ? find_held_lock+0x35/0x1d0 [ 17.901391] ? get_pid_task+0x93/0x140 [ 17.901400] ? lock_downgrade+0x980/0x980 [ 17.901418] ? rcu_read_lock_held+0xa9/0xc0 [ 17.901425] ? pid_task+0xf7/0x1a0 [ 17.901439] ? check_noncircular+0x20/0x20 [ 17.901447] ? save_stack+0x43/0xd0 [ 17.901453] ? kasan_slab_free+0x71/0xc0 [ 17.901468] ? get_pid_task+0xbc/0x140 [ 17.901477] ? proc_fail_nth_write+0x9b/0x1d0 [ 17.901486] ? map_files_get_link+0x3a0/0x3a0 [ 17.901506] ? find_held_lock+0x35/0x1d0 [ 17.901525] ? vfs_write+0x374/0x510 [ 17.901535] ? lock_downgrade+0x980/0x980 [ 17.901552] ? __lock_is_held+0xb6/0x140 [ 17.901584] ? __sb_end_write+0xa0/0xd0 [ 17.901593] ? vfs_write+0x224/0x510 [ 17.901609] ? SyS_write+0x184/0x220 [ 17.901629] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.901648] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 17.901653] RIP: 0033:0x440429 [ 17.901657] RSP: 002b:00007ffecd3b22e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 17.901664] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000440429 [ 17.901668] RDX: 0000000000000030 RSI: 0000000020b4cfd0 RDI: 0000000000000005 [ 17.901672] RBP: 0000000000000004 R08: 0000000000000002 R09: 0000000000003032 [ 17.901676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 17.901680] R13: ffffffffffffffff R14: 0000000000000000 R15: 0000000000000000 [ 17.901733] kasan: CONFIG_KASAN_INLINE enabled [ 17.901737] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 17.901743] general protection fault: 0000 [#1] SMP KASAN [ 17.901748] Dumping ftrace buffer: [ 17.901752] (ftrace buffer empty) [ 17.901754] Modules linked in: [ 17.901761] CPU: 0 PID: 3142 Comm: syzkaller419689 Not tainted 4.15.0-rc4-mm1+ #47 [ 17.901764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 17.901770] RIP: 0010:free_verifier_state+0x6d/0x130 [ 17.901773] RSP: 0018:ffff8801c91471e0 EFLAGS: 00010206 [ 17.901778] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffff1003940afc0 [ 17.901782] RDX: 0000000000000000 RSI: 0000000000000071 RDI: 0000000000000388 [ 17.901785] RBP: ffff8801c9147228 R08: 1ffff10039228d8e R09: 0000000000000000 [ 17.901788] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801ca057e00 [ 17.901792] R13: dffffc0000000000 R14: ffff8801ca057e00 R15: ffff8801ca057e00 [ 17.901797] FS: 000000000156a880(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 17.901801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 17.901805] CR2: 0000000020e4f000 CR3: 00000001cadf3006 CR4: 00000000001606f0 [ 17.901811] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 17.901814] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 17.901816] Call Trace: [ 17.901827] do_check+0x2b60/0xae20 [ 17.901835] ? depot_save_stack+0x2ca/0x460 [ 17.901848] ? kfree+0xd6/0x260 [ 17.901854] ? bpf_prog_load+0xa2a/0x1b00 [ 17.901858] ? SyS_bpf+0x1044/0x4420 [ 17.901870] ? check_mem_access+0x28c0/0x28c0 [ 17.901877] ? check_noncircular+0x20/0x20 [ 17.901885] ? print_irqtrace_events+0x270/0x270 [ 17.901894] ? free_obj_work+0x690/0x690 [ 17.901904] ? __lock_is_held+0xb6/0x140 [ 17.901918] ? mark_held_locks+0xaf/0x100 [ 17.901925] ? kfree+0xf0/0x260 [ 17.901930] ? bpf_check+0x2b0e/0x49f0 [ 17.901937] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.901949] bpf_check+0x2b1b/0x49f0 [ 17.901956] ? ktime_get_with_offset+0x2c1/0x420 [ 17.901970] ? do_check+0xae20/0xae20 [ 17.901975] ? memset+0x31/0x40 [ 17.901982] ? bpf_obj_name_cpy+0x199/0x1f0 [ 17.901988] ? kasan_check_write+0x14/0x20 [ 17.901997] bpf_prog_load+0xa2a/0x1b00 [ 17.902010] ? bpf_prog_new_fd+0x50/0x50 [ 17.902019] ? avc_has_perm+0x43e/0x680 [ 17.902029] ? avc_has_perm_noaudit+0x520/0x520 [ 17.902038] ? __might_fault+0x110/0x1d0 [ 17.902045] ? lock_downgrade+0x980/0x980 [ 17.902056] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.902062] ? __check_object_size+0x25d/0x4f0 [ 17.902074] ? __might_sleep+0x95/0x190 [ 17.902083] ? selinux_bpf+0xc3/0x110 [ 17.902090] ? security_bpf+0x89/0xb0 [ 17.902099] SyS_bpf+0x1044/0x4420 [ 17.902110] ? bpf_prog_get+0x20/0x20 [ 17.902118] ? __lock_acquire+0x664/0x3e00 [ 17.902130] ? check_noncircular+0x20/0x20 [ 17.902141] ? check_noncircular+0x20/0x20 [ 17.902150] ? _kstrtoull+0x145/0x1f0 [ 17.902158] ? _parse_integer+0x140/0x140 [ 17.902163] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 17.902173] ? find_held_lock+0x35/0x1d0 [ 17.902185] ? get_pid_task+0x93/0x140 [ 17.902192] ? lock_downgrade+0x980/0x980 [ 17.902204] ? rcu_read_lock_held+0xa9/0xc0 [ 17.902210] ? pid_task+0xf7/0x1a0 [ 17.902219] ? check_noncircular+0x20/0x20 [ 17.902225] ? save_stack+0x43/0xd0 [ 17.902230] ? kasan_slab_free+0x71/0xc0 [ 17.902241] ? get_pid_task+0xbc/0x140 [ 17.902247] ? proc_fail_nth_write+0x9b/0x1d0 [ 17.902254] ? map_files_get_link+0x3a0/0x3a0 [ 17.902266] ? find_held_lock+0x35/0x1d0 [ 17.902282] ? vfs_write+0x374/0x510 [ 17.902290] ? lock_downgrade+0x980/0x980 [ 17.902300] ? __lock_is_held+0xb6/0x140 [ 17.902319] ? __sb_end_write+0xa0/0xd0 [ 17.902326] ? vfs_write+0x224/0x510 [ 17.902336] ? SyS_write+0x184/0x220 [ 17.902348] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.902360] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 17.902363] RIP: 0033:0x440429 [ 17.902367] RSP: 002b:00007ffecd3b22e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 17.902372] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000440429 [ 17.902376] RDX: 0000000000000030 RSI: 0000000020b4cfd0 RDI: 0000000000000005 [ 17.902379] RBP: 0000000000000004 R08: 0000000000000002 R09: 0000000000003032 [ 17.902383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 17.902386] R13: ffffffffffffffff R14: 0000000000000000 R15: 0000000000000000 [ 17.902400] Code: 8a 75 f1 ff 4c 89 f1 48 c1 e9 03 42 80 3c 29 00 0f 85 c1 00 00 00 4f 8d 3c fc 49 8b 07 48 8d b8 88 03 00 00 48 89 fe 48 c1 ee 03 <42> 80 3c 2e 00 0f 85 8f 00 00 00 48 8b b8 88 03 00 00 48 89 45 [ 17.902515] RIP: free_verifier_state+0x6d/0x130 RSP: ffff8801c91471e0 [ 17.902537] ---[ end trace f15f6b8a4da52c60 ]--- [ 17.902541] Kernel panic - not syncing: Fatal exception [ 17.917173] Dumping ftrace buffer: [ 17.917176] (ftrace buffer empty) [ 17.917178] Kernel Offset: disabled [ 19.132005] Rebooting in 86400 seconds..