[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   90.326727][   T27] audit: type=1400 audit(1579573658.694:37): avc:  denied  { watch } for  pid=11112 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1
[   90.355634][   T27] audit: type=1400 audit(1579573658.694:38): avc:  denied  { watch } for  pid=11112 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   95.019014][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   95.019030][   T27] audit: type=1400 audit(1579573663.394:41): avc:  denied  { map } for  pid=11200 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.81' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[  101.850659][   T27] audit: type=1400 audit(1579573670.224:42): avc:  denied  { map } for  pid=11212 comm="syz-executor972" path="/root/syz-executor972578506" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
[  101.899019][   T27] audit: type=1400 audit(1579573670.224:43): avc:  denied  { create } for  pid=11220 comm="syz-executor972" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  101.946593][   T27] audit: type=1400 audit(1579573670.254:44): avc:  denied  { write } for  pid=11221 comm="syz-executor972" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
executing program
[  102.039520][T11223] list_del corruption, ffff88809aaec800->prev is LIST_POISON2 (dead000000000122)
[  102.051085][T11223] ------------[ cut here ]------------
[  102.056593][T11223] kernel BUG at lib/list_debug.c:48!
[  102.065582][T11223] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  102.071687][T11223] CPU: 0 PID: 11223 Comm: syz-executor972 Not tainted 5.5.0-rc7-syzkaller #0
[  102.080443][T11223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  102.090587][T11223] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f
[  102.096991][T11223] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 69 71 88 e8 e0 de be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 c0 69 71 88 e8 cc de be fd <0f> 0b 4c 89 f6 48 c7 c7 80 6a 71 88 e8 bb de be fd 0f 0b cc cc cc
[  102.116593][T11223] RSP: 0018:ffffc90001fc7478 EFLAGS: 00010282
[  102.122670][T11223] RAX: 000000000000004e RBX: ffff88809aaec800 RCX: 0000000000000000
[  102.130638][T11223] RDX: 0000000000000000 RSI: ffffffff815e5326 RDI: fffff520003f8e81
[  102.139206][T11223] RBP: ffffc90001fc7490 R08: 000000000000004e R09: ffffed1015d06621
[  102.147169][T11223] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122
[  102.155152][T11223] R13: ffffffff8a4c74b0 R14: ffff88809aaec800 R15: ffff888090b9b380
[  102.163196][T11223] FS:  00007fc2c4ff5700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[  102.172121][T11223] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.178688][T11223] CR2: 00007ffef8b4b990 CR3: 00000000a2c4b000 CR4: 00000000001406f0
[  102.187108][T11223] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  102.195107][T11223] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  102.203060][T11223] Call Trace:
[  102.206351][T11223]  __nf_tables_abort+0x1e53/0x2a50
[  102.211458][T11223]  ? nfnl_err_del+0x115/0x170
[  102.216139][T11223]  nf_tables_abort+0x17/0x30
[  102.220714][T11223]  nfnetlink_rcv_batch+0xa5d/0x17a0
[  102.225903][T11223]  ? nf_tables_delobj+0x8f0/0x8f0
[  102.230911][T11223]  ? nfnetlink_subsys_register+0x2b0/0x2b0
[  102.236721][T11223]  ? selinux_sb_eat_lsm_opts+0x700/0x700
[  102.242700][T11223]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  102.248921][T11223]  ? __nla_validate_parse+0x2d0/0x1ee0
[  102.254368][T11223]  ? selinux_capable+0x36/0x40
[  102.259110][T11223]  ? nla_memcpy+0xb0/0xb0
[  102.263418][T11223]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  102.269640][T11223]  ? ns_capable_common+0x93/0x100
[  102.274662][T11223]  ? __nla_parse+0x43/0x60
[  102.279067][T11223]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  102.284780][T11223]  nfnetlink_rcv+0x3e7/0x460
[  102.289351][T11223]  ? nfnetlink_rcv_batch+0x17a0/0x17a0
[  102.294901][T11223]  ? netlink_deliver_tap+0x24a/0xbe0
[  102.300179][T11223]  ? __kasan_check_write+0x14/0x20
[  102.306844][T11223]  netlink_unicast+0x58c/0x7d0
[  102.311590][T11223]  ? netlink_attachskb+0x870/0x870
[  102.316706][T11223]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  102.323007][T11223]  netlink_sendmsg+0x91c/0xea0
[  102.327761][T11223]  ? netlink_unicast+0x7d0/0x7d0
[  102.332855][T11223]  ? tomoyo_socket_sendmsg+0x26/0x30
[  102.338240][T11223]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  102.344482][T11223]  ? security_socket_sendmsg+0x8d/0xc0
[  102.349941][T11223]  ? netlink_unicast+0x7d0/0x7d0
[  102.355136][T11223]  sock_sendmsg+0xd7/0x130
[  102.359535][T11223]  ____sys_sendmsg+0x753/0x880
[  102.364311][T11223]  ? kernel_sendmsg+0x50/0x50
[  102.368981][T11223]  ? __fget+0x35d/0x550
[  102.373122][T11223]  ? find_held_lock+0x35/0x130
[  102.377878][T11223]  ___sys_sendmsg+0x100/0x170
[  102.382550][T11223]  ? sendmsg_copy_msghdr+0x70/0x70
[  102.387661][T11223]  ? __kasan_check_read+0x11/0x20
[  102.392674][T11223]  ? __fget+0x37f/0x550
[  102.396825][T11223]  ? ksys_dup3+0x3e0/0x3e0
[  102.401238][T11223]  ? __do_page_fault+0x56a/0xd80
[  102.406177][T11223]  ? __fget_light+0x1a9/0x230
[  102.410936][T11223]  ? __fdget+0x1b/0x20
[  102.414992][T11223]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  102.421261][T11223]  __sys_sendmsg+0x105/0x1d0
[  102.425851][T11223]  ? __sys_sendmsg_sock+0xc0/0xc0
[  102.430923][T11223]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  102.436462][T11223]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  102.442296][T11223]  ? do_syscall_64+0x26/0x790
[  102.446967][T11223]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  102.453028][T11223]  ? do_syscall_64+0x26/0x790
[  102.457695][T11223]  __x64_sys_sendmsg+0x78/0xb0
[  102.462466][T11223]  do_syscall_64+0xfa/0x790
[  102.466969][T11223]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  102.472842][T11223] RIP: 0033:0x446e99
[  102.476717][T11223] Code: e8 dc e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  102.496310][T11223] RSP: 002b:00007fc2c4ff4d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.504710][T11223] RAX: ffffffffffffffda RBX: 00000000006dcc28 RCX: 0000000000446e99
[  102.512669][T11223] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  102.520635][T11223] RBP: 00000000006dcc20 R08: 0000000000000000 R09: 0000000000000000
[  102.528614][T11223] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc2c
[  102.536577][T11223] R13: 00000000004af4a8 R14: 000000000000000a R15: 0000000000000000
[  102.544559][T11223] Modules linked in:
[  102.550313][T11223] ---[ end trace a07ab4afc541ef2b ]---
[  102.555787][T11223] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f
[  102.562354][T11223] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 69 71 88 e8 e0 de be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 c0 69 71 88 e8 cc de be fd <0f> 0b 4c 89 f6 48 c7 c7 80 6a 71 88 e8 bb de be fd 0f 0b cc cc cc
[  102.582051][T11223] RSP: 0018:ffffc90001fc7478 EFLAGS: 00010282
[  102.588134][T11223] RAX: 000000000000004e RBX: ffff88809aaec800 RCX: 0000000000000000
[  102.596298][T11223] RDX: 0000000000000000 RSI: ffffffff815e5326 RDI: fffff520003f8e81
[  102.604354][T11223] RBP: ffffc90001fc7490 R08: 000000000000004e R09: ffffed1015d06621
[  102.612566][T11223] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122
[  102.620645][T11223] R13: ffffffff8a4c74b0 R14: ffff88809aaec800 R15: ffff888090b9b380
[  102.628662][T11223] FS:  00007fc2c4ff5700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[  102.637668][T11223] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.644321][T11223] CR2: 00007ffef8b4b990 CR3: 00000000a2c4b000 CR4: 00000000001406f0
[  102.652352][T11223] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  102.660379][T11223] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  102.669789][T11223] Kernel panic - not syncing: Fatal exception
[  102.677210][T11223] Kernel Offset: disabled
[  102.681574][T11223] Rebooting in 86400 seconds..