[ 47.925964] audit: type=1800 audit(1580148396.065:30): pid=8107 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 53.340607] kauditd_printk_skb: 4 callbacks suppressed [ 53.340623] audit: type=1400 audit(1580148401.505:35): avc: denied { map } for pid=8283 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.185' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program [ 60.208113] audit: type=1400 audit(1580148408.365:36): avc: denied { map } for pid=8295 comm="syz-executor303" path="/root/syz-executor303102497" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program executing program executing program executing program executing program executing program [ 60.686497] kasan: CONFIG_KASAN_INLINE enabled [ 60.686516] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 60.686535] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 60.686550] CPU: 1 PID: 319 Comm: kworker/u4:3 Not tainted 4.19.99-syzkaller #0 [ 60.686558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.686576] Workqueue: events_unbound flush_to_ldisc [ 60.686595] RIP: 0010:do_con_write.part.0+0xa03/0x1eb0 [ 60.686606] Code: 76 fe ff ff 41 01 dd e8 bb 66 b4 fd 48 8b 85 a8 fe ff ff 80 38 00 0f 85 fe 12 00 00 49 8b 9e a0 03 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 14 20 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 [ 60.686612] RSP: 0018:ffff8880a921f7c0 EFLAGS: 00010203 [ 60.686620] RAX: 0000000020000001 RBX: 000000010000000e RCX: ffffffff83b6afa8 [ 60.686627] RDX: 0000000000000000 RSI: ffffffff83b6aff5 RDI: 0000000000000003 [ 60.686633] RBP: ffff8880a921f958 R08: ffff8880a920e080 R09: 0000000000000007 [ 60.686640] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: dffffc0000000000 [ 60.686646] R13: 000000000000075e R14: ffff888086ca0b40 R15: ffff888086ca0ecc [ 60.686655] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 60.686662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.686668] CR2: 00000000004c1af3 CR3: 000000008d08d000 CR4: 00000000001406e0 [ 60.686679] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.686686] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.686689] Call Trace: [ 60.686711] ? do_con_trol+0x6070/0x6070 [ 60.686728] ? n_tty_receive_buf_common+0xaec/0x2ab0 [ 60.686745] ? do_con_write.part.0+0x1eb0/0x1eb0 [ 60.686758] con_put_char+0xfa/0x110 [ 60.686772] ? do_con_write.part.0+0x1eb0/0x1eb0 [ 60.686785] ? n_tty_receive_buf_common+0xaec/0x2ab0 [ 60.686800] ? mutex_trylock+0x1e0/0x1e0 [ 60.686815] tty_put_char+0xc5/0x160 [ 60.686827] ? dev_match_devt+0x90/0x90 [ 60.686841] ? wait_for_completion+0x440/0x440 [ 60.686854] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 60.686866] ? con_write_room+0x5d/0x70 [ 60.686881] __process_echoes+0x5c8/0xa40 [ 60.686897] n_tty_receive_buf_common+0xb29/0x2ab0 [ 60.686920] n_tty_receive_buf2+0x34/0x40 [ 60.686932] tty_ldisc_receive_buf+0xad/0x1c0 [ 60.686944] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 60.686957] ? n_tty_receive_buf_common+0x2ab0/0x2ab0 [ 60.686970] tty_port_default_receive_buf+0x7d/0xb0 [ 60.686982] flush_to_ldisc+0x222/0x390 [ 60.687002] process_one_work+0x989/0x1750 [ 60.687018] ? pwq_dec_nr_in_flight+0x320/0x320 [ 60.687032] ? lock_acquire+0x16f/0x3f0 [ 60.687047] ? kasan_check_write+0x14/0x20 [ 60.687059] ? do_raw_spin_lock+0xd7/0x250 [ 60.687075] worker_thread+0x98/0xe40 [ 60.687088] ? trace_hardirqs_on+0x67/0x220 [ 60.687107] kthread+0x354/0x420 [ 60.687121] ? process_one_work+0x1750/0x1750 [ 60.687136] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 60.687149] ret_from_fork+0x24/0x30 [ 60.687159] Modules linked in: [ 60.687173] ---[ end trace 172f326c0196423a ]--- [ 60.687189] RIP: 0010:do_con_write.part.0+0xa03/0x1eb0 [ 60.687201] Code: 76 fe ff ff 41 01 dd e8 bb 66 b4 fd 48 8b 85 a8 fe ff ff 80 38 00 0f 85 fe 12 00 00 49 8b 9e a0 03 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 14 20 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 [ 60.687207] RSP: 0018:ffff8880a921f7c0 EFLAGS: 00010203 [ 60.687216] RAX: 0000000020000001 RBX: 000000010000000e RCX: ffffffff83b6afa8 [ 60.687223] RDX: 0000000000000000 RSI: ffffffff83b6aff5 RDI: 0000000000000003 [ 60.687231] RBP: ffff8880a921f958 R08: ffff8880a920e080 R09: 0000000000000007 [ 60.687239] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: dffffc0000000000 [ 60.687248] R13: 000000000000075e R14: ffff888086ca0b40 R15: ffff888086ca0ecc [ 60.687258] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 60.687266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.687273] CR2: 00000000004c1af3 CR3: 000000008d08d000 CR4: 00000000001406e0 [ 60.687280] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.687287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.687293] Kernel panic - not syncing: Fatal exception [ 60.688917] Kernel Offset: disabled