[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Starting mcstransd:
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting file context maintaining daemon: restorecond�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 37.866927] audit: type=1800 audit(1567931433.304:33): pid=7303 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 42.113361] kauditd_printk_skb: 1 callbacks suppressed
[ 42.113375] audit: type=1400 audit(1567931437.554:35): avc: denied { map } for pid=7478 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.1.47' (ECDSA) to the list of known hosts.
[ 229.476832] audit: type=1400 audit(1567931624.914:36): avc: denied { map } for pid=7490 comm="syz-executor914" path="/root/syz-executor914124229" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 229.500476] IPVS: ftp: loaded support on port[0] = 21
[ 229.555582] chnl_net:caif_netlink_parms(): no params data found
[ 229.585497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 229.592113] bridge0: port 1(bridge_slave_0) entered disabled state
[ 229.599444] device bridge_slave_0 entered promiscuous mode
[ 229.606436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 229.612885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 229.619819] device bridge_slave_1 entered promiscuous mode
[ 229.634303] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 229.643842] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 229.658702] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 229.666080] team0: Port device team_slave_0 added
[ 229.671588] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 229.679036] team0: Port device team_slave_1 added
[ 229.684161] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 229.691528] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 229.741321] device hsr_slave_0 entered promiscuous mode
[ 229.788559] device hsr_slave_1 entered promiscuous mode
[ 229.828935] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 229.835845] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 229.849021] bridge0: port 2(bridge_slave_1) entered blocking state
[ 229.855447] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 229.862338] bridge0: port 1(bridge_slave_0) entered blocking state
[ 229.868712] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 229.896201] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 229.903460] 8021q: adding VLAN 0 to HW filter on device bond0
[ 229.911326] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 229.920063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 229.938464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 229.945403] bridge0: port 2(bridge_slave_1) entered disabled state
[ 229.952699] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 229.962221] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 229.968868] 8021q: adding VLAN 0 to HW filter on device team0
[ 229.977899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 229.985537] bridge0: port 1(bridge_slave_0) entered blocking state
[ 229.991899] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 230.009774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 230.017331] bridge0: port 2(bridge_slave_1) entered blocking state
[ 230.023710] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 230.031242] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 230.039145] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 230.047508] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 230.056764] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 230.067497] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 230.079603] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 230.085615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 230.092929] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 230.105571] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 230.115226] 8021q: adding VLAN 0 to HW filter on device batadv0
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 335.178271] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 335.184390] rcu: 0-...!: (1 GPs behind) idle=f56/0/0x3 softirq=10913/10921 fqs=23
[ 335.192364] rcu: (t=10500 jiffies g=5145 q=164)
[ 335.197220] rcu: rcu_preempt kthread starved for 10454 jiffies! g5145 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 335.207770] rcu: RCU grace-period kthread stack dump:
[ 335.212944] rcu_preempt I29624 10 2 0x80000000
[ 335.218607] Call Trace:
[ 335.221257] __schedule+0x866/0x1dc0
[ 335.224966] ? pci_mmcfg_check_reserved+0x170/0x170
[ 335.229971] ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[ 335.235104] ? lockdep_hardirqs_on+0x415/0x5d0
[ 335.239716] ? trace_hardirqs_on+0x67/0x220
[ 335.244045] schedule+0x92/0x1c0
[ 335.247398] schedule_timeout+0x4db/0xfc0
[ 335.251531] ? usleep_range+0x170/0x170
[ 335.255501] ? trace_hardirqs_on+0x67/0x220
[ 335.259853] ? kasan_check_read+0x11/0x20
[ 335.264030] ? __next_timer_interrupt+0x1a0/0x1a0
[ 335.268900] ? prepare_to_swait_exclusive+0x120/0x120
[ 335.274102] rcu_gp_kthread+0xd5c/0x2190
[ 335.278166] ? rcu_blocking_is_gp+0x90/0x90
[ 335.282475] ? trace_hardirqs_on+0x67/0x220
[ 335.286783] ? kasan_check_read+0x11/0x20
[ 335.290922] ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 335.296034] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 335.301591] ? __kthread_parkme+0xfb/0x1b0
[ 335.305819] kthread+0x354/0x420
[ 335.309174] ? rcu_blocking_is_gp+0x90/0x90
[ 335.313482] ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 335.319005] ret_from_fork+0x24/0x30
[ 335.322752] NMI backtrace for cpu 0
[ 335.326366] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.19.71 #0
[ 335.332514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 335.341852] Call Trace:
[ 335.344421]
[ 335.346575] dump_stack+0x172/0x1f0
[ 335.350196] nmi_cpu_backtrace.cold+0x63/0xa4
[ 335.354703] ? lapic_can_unplug_cpu.cold+0x45/0x45
[ 335.359622] nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[ 335.364887] arch_trigger_cpumask_backtrace+0x14/0x20
[ 335.370062] rcu_dump_cpu_stacks+0x189/0x1d5
[ 335.374475] ? wake_up_process+0x10/0x20
[ 335.378539] rcu_check_callbacks.cold+0x5e3/0xd90
[ 335.383367] ? trace_hardirqs_off+0x62/0x220
[ 335.387787] update_process_times+0x32/0x80
[ 335.392114] tick_sched_handle+0xa2/0x190
[ 335.396249] tick_sched_timer+0x47/0x130
[ 335.400300] __hrtimer_run_queues+0x33b/0xdc0
[ 335.404781] ? tick_sched_do_timer+0x1b0/0x1b0
[ 335.409353] ? hrtimer_fixup_activate+0x30/0x30
[ 335.414011] ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 335.419013] ? ktime_get_update_offsets_now+0x2d3/0x440
[ 335.424368] hrtimer_interrupt+0x314/0x770
[ 335.428598] smp_apic_timer_interrupt+0x111/0x550
[ 335.433426] apic_timer_interrupt+0xf/0x20
[ 335.437706] RIP: 0010:hhf_dequeue+0x58/0xa00
[ 335.442116] Code: 48 c1 e8 03 4c 01 e0 48 89 45 c0 49 8d 85 50 03 00 00 48 89 45 c8 48 c1 e8 03 48 89 45 b8 e8 6f e2 dc fb 48 8b 45 c0 80 38 00 <0f> 85 8d 07 00 00 48 8b 75 d0 49 8b 85 40 03 00 00 49 89 f6 48 39
[ 335.461002] RSP: 0018:ffff8880ae807618 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[ 335.468702] RAX: ffffed10128f6fc8 RBX: ffff8880947b7db8 RCX: ffffffff858e8a2e
[ 335.475956] RDX: 0000000000000100 RSI: ffffffff858e8421 RDI: ffff8880947b7dc0
[ 335.483213] RBP: ffff8880ae807668 R08: ffffffff88679ec0 R09: 0000000000000005
[ 335.490468] R10: ffffffff8867a808 R11: 00000000c10007ca R12: dffffc0000000000
[ 335.497722] R13: ffff8880947b7b00 R14: ffff8880947b7e58 R15: ffff8880947b7e50
[ 335.504985] ? apic_timer_interrupt+0xa/0x20
[ 335.509387] ? hhf_dequeue+0x65e/0xa00
[ 335.513261] ? hhf_dequeue+0x51/0xa00
[ 335.517051] ? hhf_dequeue+0x51/0xa00
[ 335.520896] __qdisc_run+0x1e7/0x1960
[ 335.524734] __dev_queue_xmit+0x165c/0x2fe0
[ 335.529044] ? mark_held_locks+0x100/0x100
[ 335.533268] ? netdev_pick_tx+0x300/0x300
[ 335.537451] ? ip6_finish_output+0x574/0xbe0
[ 335.541851] ? find_held_lock+0x35/0x130
[ 335.545898] ? ip6_finish_output+0x574/0xbe0
[ 335.550295] ? mark_held_locks+0xb1/0x100
[ 335.554456] ? ip6_finish_output2+0x1784/0x2550
[ 335.559110] ? ip6_finish_output+0x574/0xbe0
[ 335.563518] ? ip6_finish_output2+0x1784/0x2550
[ 335.568182] dev_queue_xmit+0x18/0x20
[ 335.571969] ? dev_queue_xmit+0x18/0x20
[ 335.575932] ip6_finish_output2+0x12fd/0x2550
[ 335.580462] ? ip6_mtu+0x2e6/0x460
[ 335.583992] ? ip6_forward_finish+0x4d0/0x4d0
[ 335.588485] ? lock_downgrade+0x810/0x810
[ 335.592626] ? kasan_check_read+0x11/0x20
[ 335.596789] ip6_finish_output+0x574/0xbe0
[ 335.601032] ? ip6_finish_output+0x574/0xbe0
[ 335.605433] ip6_output+0x235/0x7c0
[ 335.609048] ? ip6_finish_output+0xbe0/0xbe0
[ 335.613446] ? ip6_fragment+0x3770/0x3770
[ 335.617587] ? icmp6_dst_alloc+0x432/0x660
[ 335.621864] mld_sendpack+0x9d3/0xeb0
[ 335.625663] ? nf_hook.constprop.0+0x560/0x560
[ 335.630238] ? mld_ifc_timer_expire+0x437/0x8a0
[ 335.634946] ? __local_bh_enable_ip+0x15a/0x270
[ 335.639606] mld_ifc_timer_expire+0x449/0x8a0
[ 335.644098] call_timer_fn+0x18d/0x720
[ 335.647973] ? mld_dad_timer_expire+0x1c0/0x1c0
[ 335.652643] ? process_timeout+0x40/0x40
[ 335.656690] ? run_timer_softirq+0x647/0x1700
[ 335.661174] ? trace_hardirqs_on+0x67/0x220
[ 335.665483] ? kasan_check_read+0x11/0x20
[ 335.669624] ? mld_dad_timer_expire+0x1c0/0x1c0
[ 335.674291] run_timer_softirq+0x652/0x1700
[ 335.678612] ? add_timer+0xbe0/0xbe0
[ 335.682344] ? kvm_clock_read+0x18/0x30
[ 335.686348] ? check_preemption_disabled+0x48/0x290
[ 335.691376] ? sched_clock+0x2e/0x50
[ 335.695087] __do_softirq+0x25c/0x921
[ 335.698878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 335.704399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 335.709928] irq_exit+0x180/0x1d0
[ 335.713367] smp_apic_timer_interrupt+0x13b/0x550
[ 335.718213] apic_timer_interrupt+0xf/0x20
[ 335.722435]
[ 335.724660] RIP: 0010:native_safe_halt+0xe/0x10
[ 335.729318] Code: ff ff 48 89 df e8 82 1b ae fa eb 82 e9 07 00 00 00 0f 00 2d a4 fc 53 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 94 fc 53 00 fb f4 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 ce fd 65 fa e8 39
[ 335.748201] RSP: 0018:ffffffff88607ca8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 335.755896] RAX: 1ffffffff10e48c4 RBX: ffffffff88679ec0 RCX: 0000000000000000
[ 335.763150] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff8867a73c
[ 335.770410] RBP: ffffffff88607cd8 R08: ffffffff88679ec0 R09: 0000000000000000
[ 335.777664] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 335.784923] R13: ffffffff88724610 R14: 0000000000000000 R15: 0000000000000000
[ 335.792189] ? default_idle+0x4e/0x320
[ 335.796081] arch_cpu_idle+0xa/0x10
[ 335.799703] default_idle_call+0x36/0x90
[ 335.803777] do_idle+0x377/0x560
[ 335.807128] ? retint_kernel+0x2d/0x2d
[ 335.811025] ? arch_cpu_idle_exit+0x80/0x80
[ 335.815341] cpu_startup_entry+0xc8/0xe0
[ 335.819387] ? cpu_in_idle+0x20/0x20
[ 335.823094] rest_init+0x219/0x222
[ 335.826684] start_kernel+0x88c/0x8c5
[ 335.830488] ? mem_encrypt_init+0xb/0xb
[ 335.834458] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 335.839981] ? x86_family+0x41/0x50
[ 335.843600] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 335.849131] x86_64_start_reservations+0x29/0x2b
[ 335.853876] x86_64_start_kernel+0x77/0x7b
[ 335.858111] secondary_startup_64+0xa4/0xb0