[ 26.868070][ T26] audit: type=1800 audit(1579385981.170:36): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 31.182582][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 31.182589][ T26] audit: type=1400 audit(1579385985.550:41): avc: denied { map } for pid=7172 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.81' (ECDSA) to the list of known hosts. [ 114.365166][ T26] audit: type=1400 audit(1579386068.740:42): avc: denied { map } for pid=7187 comm="syz-executor644" path="/root/syz-executor644687136" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 121.306647][ T7188] IPVS: ftp: loaded support on port[0] = 21 [ 121.318731][ T26] audit: type=1400 audit(1579386075.690:43): avc: denied { create } for pid=7188 comm="syz-executor644" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 121.341306][ T7188] chnl_net:caif_netlink_parms(): no params data found [ 121.343478][ T26] audit: type=1400 audit(1579386075.690:44): avc: denied { write } for pid=7188 comm="syz-executor644" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 121.358702][ T7188] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.375154][ T26] audit: type=1400 audit(1579386075.690:45): avc: denied { read } for pid=7188 comm="syz-executor644" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 121.382301][ T7188] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.414092][ T7188] device bridge_slave_0 entered promiscuous mode [ 121.420953][ T7188] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.428353][ T7188] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.435850][ T7188] device bridge_slave_1 entered promiscuous mode [ 121.444870][ T7188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.454485][ T7188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 121.466415][ T7188] team0: Port device team_slave_0 added [ 121.472617][ T7188] team0: Port device team_slave_1 added [ 121.535249][ T7188] device hsr_slave_0 entered promiscuous mode [ 121.594733][ T7188] device hsr_slave_1 entered promiscuous mode [ 121.646809][ T7188] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 121.725469][ T7188] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 121.775497][ T7188] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 121.815376][ T7188] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 121.877513][ T7188] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.884590][ T7188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.891978][ T7188] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.898995][ T7188] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.915157][ T7188] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.923700][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 121.941643][ T25] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.959060][ T25] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.966380][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 121.975245][ T7188] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.984923][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 121.993047][ T3556] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.000092][ T3556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.007501][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 122.015716][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.022722][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.032220][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 122.040317][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 122.048878][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 122.058125][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 122.067680][ T7188] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 122.078386][ T7188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 122.085972][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 122.097563][ T7188] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.104879][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 122.112175][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready executing program [ 122.122729][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 122.134302][ T7188] device veth0_vlan entered promiscuous mode [ 122.140616][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 122.148673][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 122.156037][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 122.165062][ T7188] device veth1_vlan entered promiscuous mode [ 122.176128][ T7193] netlink: 'syz-executor644': attribute type 5 has an invalid length. [ 122.184381][ T7193] FAULT_INJECTION: forcing a failure. [ 122.184381][ T7193] name failslab, interval 1, probability 0, space 0, times 1 [ 122.197474][ T7193] CPU: 0 PID: 7193 Comm: syz-executor644 Not tainted 5.5.0-rc6-syzkaller #0 [ 122.206127][ T7193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.216164][ T7193] Call Trace: [ 122.219451][ T7193] dump_stack+0xbc/0xe6 [ 122.223605][ T7193] should_fail.cold+0x3c/0x49 [ 122.228253][ T7193] __should_failslab+0x65/0xa0 [ 122.232983][ T7193] should_failslab+0x9/0x14 [ 122.237454][ T7193] kmem_cache_alloc_trace+0x2d/0x2c0 [ 122.242717][ T7193] ? kfree_const+0x40/0x50 [ 122.247154][ T7193] device_add+0x6bc/0xa60 [ 122.251456][ T7193] netdev_register_kobject+0xa6/0x1b0 [ 122.256827][ T7193] register_netdevice+0x1ce/0x650 [ 122.261824][ T7193] macsec_newlink+0xe5/0x530 [ 122.266385][ T7193] ? macsec_dellink+0x70/0x70 [ 122.271040][ T7193] __rtnl_newlink+0x89a/0xb80 [ 122.275687][ T7193] ? is_bpf_text_address+0x24/0x30 [ 122.280776][ T7193] ? __this_cpu_preempt_check+0x29/0xb0 [ 122.286290][ T7193] ? get_page_from_freelist+0x936/0x1650 [ 122.291890][ T7193] ? tomoyo_same_path_acl+0x60/0x60 [ 122.297071][ T7193] ? bpf_prog_kallsyms_find+0xee/0x120 [ 122.302501][ T7193] ? __rtnl_newlink+0xb80/0xb80 [ 122.307319][ T7193] rtnl_newlink+0x4e/0x80 [ 122.311620][ T7193] rtnetlink_rcv_msg+0x178/0x4b0 [ 122.316533][ T7193] ? rtnl_calcit.isra.0+0x170/0x170 [ 122.321709][ T7193] netlink_rcv_skb+0x61/0x170 [ 122.326353][ T7193] rtnetlink_rcv+0x1d/0x30 [ 122.330746][ T7193] netlink_unicast+0x223/0x310 [ 122.335502][ T7193] netlink_sendmsg+0x2c0/0x570 [ 122.340243][ T7193] sock_sendmsg+0x54/0x70 [ 122.344556][ T7193] ____sys_sendmsg+0x2d0/0x300 [ 122.349307][ T7193] ___sys_sendmsg+0x8a/0xd0 [ 122.353908][ T7193] ? kstrtouint+0x76/0xa0 [ 122.358207][ T7193] ? kstrtouint_from_user+0x7f/0xb0 [ 122.363381][ T7193] ? __fget_light+0x70/0xb0 [ 122.367859][ T7193] ? __fdget+0x1b/0x20 [ 122.371925][ T7193] ? sockfd_lookup_light+0x6c/0xb0 [ 122.377007][ T7193] __sys_sendmsg+0x80/0xf0 [ 122.381393][ T7193] __x64_sys_sendmsg+0x23/0x30 [ 122.386129][ T7193] do_syscall_64+0x73/0x220 [ 122.390603][ T7193] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 122.396495][ T7193] RIP: 0033:0x444239 [ 122.400383][ T7193] Code: e8 4c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 122.419953][ T7193] RSP: 002b:00007ffe0a9970d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 122.428331][ T7193] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000444239 [ 122.436445][ T7193] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 122.444387][ T7193] RBP: ffffffffffffffff R08: 0000000000000002 R09: 00000000015ad6b0 [ 122.452330][ T7193] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe0a997170 [ 122.460269][ T7193] R13: 0000000000000004 R14: 00000000006d6dc8 R15: 00000000006d7440 [ 122.469416][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 122.477407][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 128.465338][ T7188] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff888120dff120 (size 32): comm "syz-executor644", pid 7193, jiffies 4294949489 (age 8.430s) hex dump (first 32 bytes): 6d 61 63 73 65 63 30 00 6b 2f 37 31 39 33 00 00 macsec0.k/7193.. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000004f55c191>] __kmalloc_track_caller+0x165/0x300 [<00000000c53c270f>] kstrdup+0x3a/0x70 [<000000001b2f7eac>] kstrdup_const+0x48/0x60 [<00000000965b9687>] kvasprintf_const+0x7e/0xe0 [<00000000196d1162>] kobject_set_name_vargs+0x40/0xe0 [<000000004ba7af00>] dev_set_name+0x63/0x90 [<000000001c9cfc3f>] netdev_register_kobject+0x5a/0x1b0 [<00000000ce6af7c0>] register_netdevice+0x1ce/0x650 [<000000003683bc29>] macsec_newlink+0xe5/0x530 [<0000000075db2705>] __rtnl_newlink+0x89a/0xb80 [<0000000068def6b0>] rtnl_newlink+0x4e/0x80 [<00000000797a9ff0>] rtnetlink_rcv_msg+0x178/0x4b0 [<00000000d1558b65>] netlink_rcv_skb+0x61/0x170 [<0000000035fc534f>] rtnetlink_rcv+0x1d/0x30 [<00000000f8df68d5>] netlink_unicast+0x223/0x310 [<00000000c85a7ac5>] netlink_sendmsg+0x2c0/0x570