[....] Starting enhanced syslogd: rsyslogd[ 11.977412] audit: type=1400 audit(1517107082.295:5): avc: denied { syslog } for pid=3519 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 16.790730] audit: type=1400 audit(1517107087.108:6): avc: denied { map } for pid=3658 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.10' (ECDSA) to the list of known hosts. executing program [ 36.250677] audit: type=1400 audit(1517107106.568:7): avc: denied { map } for pid=3676 comm="syzkaller433333" path="/root/syzkaller433333786" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 36.254123] kasan: CONFIG_KASAN_INLINE enabled [ 36.254126] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 36.254132] general protection fault: 0000 [#1] SMP KASAN [ 36.254136] Dumping ftrace buffer: [ 36.254138] (ftrace buffer empty) [ 36.254140] Modules linked in: [ 36.254146] CPU: 1 PID: 3676 Comm: syzkaller433333 Not tainted 4.15.0-rc9+ #212 [ 36.254148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.254158] RIP: 0010:ip6t_do_table+0x12de/0x19d0 [ 36.254160] RSP: 0018:ffff8801db306c60 EFLAGS: 00010246 [ 36.254164] RAX: 0000000000000000 RBX: ffff8801bcb34080 RCX: ffffffff84d5f422 [ 36.254166] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff8801bcb341de [ 36.254168] RBP: ffff8801db306e68 R08: ffff8801db306f60 R09: 0000000000000000 [ 36.254171] R10: 00000000000000d0 R11: 0000000000000000 R12: 0000000000000001 [ 36.254173] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8801bcb34150 [ 36.254176] FS: 0000000001668880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 36.254179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 36.254181] CR2: 0000000020001b60 CR3: 00000001bcaf9002 CR4: 00000000001606e0 [ 36.254186] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 36.254189] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 36.254190] Call Trace: [ 36.254191] [ 36.254197] ? ip6t_error+0x60/0x60 [ 36.254206] ? ip6t_do_table+0xba0/0x19d0 [ 36.254217] ? ip6t_error+0x60/0x60 [ 36.254223] ? lock_acquire+0x1d5/0x580 [ 36.254227] ? ip6table_mangle_net_exit+0xa0/0xa0 [ 36.254232] ? ip6_input+0x11f/0x560 [ 36.254239] ? lock_release+0xa40/0xa40 [ 36.254246] ip6table_security_hook+0x65/0x80 [ 36.254252] nf_hook_slow+0xba/0x1a0 [ 36.254259] ip6_input+0x35c/0x560 [ 36.254264] ? ip6_input_finish+0x17a0/0x17a0 [ 36.254270] ? find_held_lock+0x35/0x1d0 [ 36.254276] ? ip6_make_skb+0x5e0/0x5e0 [ 36.254281] ? ipv6_rcv+0x16cd/0x1fa0 [ 36.254287] ip6_rcv_finish+0x297/0x8c0 [ 36.254291] ? ip6_input+0x560/0x560 [ 36.254296] ? ip6table_nat_in+0x2c/0x40 [ 36.254301] ? nf_hook_slow+0xd3/0x1a0 [ 36.254308] ipv6_rcv+0xf37/0x1fa0 [ 36.254317] ? ip6_rcv_finish+0x8c0/0x8c0 [ 36.254324] ? save_stack_trace+0x1a/0x20 [ 36.254331] ? mark_lock+0xb2c/0x1430 [ 36.254335] ? check_usage_backwards+0x410/0x410 [ 36.254343] ? ip6_input+0x560/0x560 [ 36.254349] ? ip6_rcv_finish+0x8c0/0x8c0 [ 36.254357] __netif_receive_skb_core+0x1a41/0x3460 [ 36.254365] ? nf_ingress+0x9f0/0x9f0 [ 36.254377] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 36.254381] ? rcu_read_lock_sched_held+0x108/0x120 [ 36.254386] ? update_cfs_rq_load_avg.part.69+0x23d/0x2d0 [ 36.254390] ? attach_entity_load_avg+0x7a0/0x7a0 [ 36.254395] ? __update_load_avg_se.isra.27+0x56a/0x7c0 [ 36.254398] ? __update_load_avg_se.isra.27+0x56a/0x7c0 [ 36.254406] ? __lock_acquire+0x664/0x3e00 [ 36.254414] ? fastpath_timer_check+0x7d5/0xa70 [ 36.254417] ? update_cfs_rq_load_avg.part.69+0x2d0/0x2d0 [ 36.254425] ? check_noncircular+0x20/0x20 [ 36.254430] ? print_irqtrace_events+0x270/0x270 [ 36.254437] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 36.254443] ? find_held_lock+0x35/0x1d0 [ 36.254450] ? find_held_lock+0x35/0x1d0 [ 36.254457] ? lock_acquire+0x1d5/0x580 [ 36.254460] ? process_backlog+0x45f/0x740 [ 36.254464] ? lock_acquire+0x1d5/0x580 [ 36.254467] ? process_backlog+0x1ab/0x740 [ 36.254475] ? lock_release+0xa40/0xa40 [ 36.254480] ? do_raw_spin_trylock+0x190/0x190 [ 36.254488] __netif_receive_skb+0x2c/0x1b0 [ 36.254492] ? __netif_receive_skb+0x2c/0x1b0 [ 36.254497] process_backlog+0x203/0x740 [ 36.254501] ? find_held_lock+0x35/0x1d0 [ 36.254509] net_rx_action+0x792/0x1910 [ 36.254514] ? perf_event_task_tick+0x849/0xfb0 [ 36.254519] ? lock_release+0xa40/0xa40 [ 36.254525] ? napi_complete_done+0x6c0/0x6c0 [ 36.254530] ? cpu_load_update_active+0x210/0x2a0 [ 36.254536] ? trace_hardirqs_off+0xd/0x10 [ 36.254542] ? _raw_spin_unlock_irqrestore+0xa6/0xba [ 36.254548] ? debug_object_activate+0x307/0x730 [ 36.254555] ? check_noncircular+0x20/0x20 [ 36.254562] ? timerqueue_add+0x1e9/0x280 [ 36.254569] ? enqueue_hrtimer+0x171/0x4a0 [ 36.254573] ? __remove_hrtimer+0x190/0x190 [ 36.254580] ? find_held_lock+0x35/0x1d0 [ 36.254589] ? clockevents_program_event+0x163/0x2e0 [ 36.254593] ? lock_downgrade+0x980/0x980 [ 36.254603] ? pvclock_read_flags+0x160/0x160 [ 36.254613] ? kvm_clock_get_cycles+0x25/0x30 [ 36.254617] ? ktime_get+0x26f/0x3a0 [ 36.254623] ? ktime_get_resolution_ns+0x300/0x300 [ 36.254626] ? lock_downgrade+0x980/0x980 [ 36.254632] ? check_noncircular+0x20/0x20 [ 36.254636] ? do_timer+0x50/0x50 [ 36.254640] ? native_apic_msr_write+0x5c/0x80 [ 36.254644] ? do_raw_spin_trylock+0x190/0x190 [ 36.254649] ? rcu_pm_notify+0xc0/0xc0 [ 36.254660] __do_softirq+0x2d7/0xb85 [ 36.254664] ? task_prio+0x40/0x40 [ 36.254672] ? __irqentry_text_end+0x1f8d04/0x1f8d04 [ 36.254677] ? irq_exit+0xbb/0x200 [ 36.254681] ? smp_apic_timer_interrupt+0x16b/0x700 [ 36.254687] ? smp_call_function_single_interrupt+0x640/0x640 [ 36.254690] ? _raw_spin_lock+0x32/0x40 [ 36.254695] ? _raw_spin_unlock+0x22/0x30 [ 36.254701] ? handle_edge_irq+0x2b4/0x7c0 [ 36.254705] ? task_prio+0x40/0x40 [ 36.254716] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.254723] do_softirq_own_stack+0x2a/0x40 [ 36.254725] [ 36.254729] do_softirq.part.19+0x14d/0x190 [ 36.254733] ? ip6_finish_output2+0xb6d/0x23a0 [ 36.254737] __local_bh_enable_ip+0x1ee/0x230 [ 36.254742] ip6_finish_output2+0xba0/0x23a0 [ 36.254751] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0 [ 36.254757] ? ip6_mtu+0x369/0x4d0 [ 36.254762] ? lock_downgrade+0x980/0x980 [ 36.254770] ? __lock_is_held+0xb6/0x140 [ 36.254779] ? ip6_mtu+0x1c7/0x4d0 [ 36.254783] ? ip6_dst_ifdown+0x3d0/0x3d0 [ 36.254787] ? nf_nat_ipv6_out+0x262/0x570 [ 36.254795] ip6_finish_output+0x698/0xaf0 [ 36.254799] ? ip6_finish_output+0x698/0xaf0 [ 36.254806] ip6_output+0x1eb/0x840 [ 36.254812] ? ip6_finish_output+0xaf0/0xaf0 [ 36.254816] ? ip6_dst_hoplimit+0x26c/0x420 [ 36.254821] ? lock_downgrade+0x980/0x980 [ 36.254827] ? ip6_fragment+0x3470/0x3470 [ 36.254832] ? __lock_is_held+0xb6/0x140 [ 36.254837] ip6_local_out+0x95/0x160 [ 36.254843] ip6_send_skb+0xa1/0x330 [ 36.254847] ? csum_ipv6_magic+0x20/0x80 [ 36.254853] udp_v6_send_skb+0x33a/0xf70 [ 36.254861] udpv6_sendmsg+0x2835/0x3400 [ 36.254865] ? ip_reply_glue_bits+0xb0/0xb0 [ 36.254875] ? udpv6_setsockopt+0x80/0x80 [ 36.254887] ? avc_has_perm+0x43e/0x680 [ 36.254893] ? avc_has_perm_noaudit+0x520/0x520 [ 36.254897] ? check_noncircular+0x20/0x20 [ 36.254902] ? find_held_lock+0x35/0x1d0 [ 36.254911] ? lock_downgrade+0x980/0x980 [ 36.254918] ? find_held_lock+0x35/0x1d0 [ 36.254932] inet_sendmsg+0x11f/0x5e0 [ 36.254936] ? inet_sendmsg+0x11f/0x5e0 [ 36.254940] ? inet_create+0xf50/0xf50 [ 36.254945] ? selinux_socket_sendmsg+0x36/0x40 [ 36.254949] ? security_socket_sendmsg+0x89/0xb0 [ 36.254953] ? inet_create+0xf50/0xf50 [ 36.254958] sock_sendmsg+0xca/0x110 [ 36.254963] ___sys_sendmsg+0x767/0x8b0 [ 36.254970] ? copy_msghdr_from_user+0x590/0x590 [ 36.254973] ? lock_downgrade+0x980/0x980 [ 36.254980] ? rt6_check+0x310/0x310 [ 36.254984] ? __local_bh_enable_ip+0x121/0x230 [ 36.254989] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.254993] ? release_sock+0x1d4/0x2a0 [ 36.254996] ? trace_hardirqs_on+0xd/0x10 [ 36.255000] ? __local_bh_enable_ip+0x121/0x230 [ 36.255009] ? __fget_light+0x297/0x380 [ 36.255013] ? release_sock+0x1d4/0x2a0 [ 36.255018] ? __release_sock+0x360/0x360 [ 36.255021] ? lock_sock_nested+0x91/0x110 [ 36.255024] ? trace_hardirqs_on+0xd/0x10 [ 36.255028] ? __local_bh_enable_ip+0x121/0x230 [ 36.255036] ? ip6_datagram_connect+0x3a/0x50 [ 36.255043] ? __fdget+0x18/0x20 [ 36.255049] __sys_sendmsg+0xe5/0x210 [ 36.255057] ? __sys_sendmsg+0xe5/0x210 [ 36.255062] ? SyS_shutdown+0x290/0x290 [ 36.255076] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.255083] SyS_sendmsg+0x2d/0x50 [ 36.255089] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 36.255092] RIP: 0033:0x4412c9 [ 36.255094] RSP: 002b:00007ffe6aa80bc8 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 36.255097] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00000000004412c9 [ 36.255099] RDX: 0000000000000000 RSI: 000000002000cfc8 RDI: 0000000000000004 [ 36.255101] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000000 [ 36.255103] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000402bf0 [ 36.255105] R13: 0000000000402c80 R14: 0000000000000000 R15: 0000000000000000 [ 36.255114] Code: 41 f6 87 83 00 00 00 04 75 37 e8 be 3f 9a fc 8b 85 54 fe ff ff 48 8b b5 90 fe ff ff 4c 8d 2c c6 44 8d 60 01 4c 89 e8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 5c 03 00 00 4d 89 7d 00 44 89 a5 54 fe ff [ 36.255181] RIP: ip6t_do_table+0x12de/0x19d0 RSP: ffff8801db306c60 [ 36.255204] ---[ end trace 37cb556db9bb2d4a ]--- [ 36.255207] Kernel panic - not syncing: Fatal exception in interrupt [ 36.276961] Dumping ftrace buffer: [ 36.276964] (ftrace buffer empty) [ 36.276966] Kernel Offset: disabled [ 37.138433] Rebooting in 86400 seconds..