[   40.133051] audit: type=1800 audit(1554927808.469:32): pid=7562 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   62.360682] kauditd_printk_skb: 2 callbacks suppressed
[   62.360697] audit: type=1400 audit(1554927830.799:35): avc:  denied  { map } for  pid=7737 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.166' (ECDSA) to the list of known hosts.
[   68.966602] audit: type=1400 audit(1554927837.409:36): avc:  denied  { map } for  pid=7749 comm="syz-executor577" path="/root/syz-executor577925985" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   68.987537] IPVS: ftp: loaded support on port[0] = 21
[   69.048558] chnl_net:caif_netlink_parms(): no params data found
[   69.081789] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.089197] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.097695] device bridge_slave_0 entered promiscuous mode
[   69.105262] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.111745] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.119302] device bridge_slave_1 entered promiscuous mode
[   69.134435] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   69.144525] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   69.161363] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   69.169812] team0: Port device team_slave_0 added
[   69.175337] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   69.182538] team0: Port device team_slave_1 added
[   69.188524] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   69.195897] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   69.245276] device hsr_slave_0 entered promiscuous mode
[   69.303576] device hsr_slave_1 entered promiscuous mode
[   69.343809] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   69.350728] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   69.365089] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.371528] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.378525] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.384923] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.418782] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   69.425240] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.433026] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   69.441759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   69.461023] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.468832] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.476806] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   69.487306] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   69.493597] 8021q: adding VLAN 0 to HW filter on device team0
[   69.502583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   69.510481] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.516867] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.527243] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   69.535114] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.541445] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.562735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   69.572955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   69.584458] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   69.591781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   69.599807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   69.607546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
[   69.615608] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   69.623189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   69.630328] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   69.644093] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   69.654608] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.667650] ------------[ cut here ]------------
[   69.672549] net/hsr/hsr_forward.c:366: Malformed frame (port_src hsr0)
[   69.679877] WARNING: CPU: 0 PID: 7750 at net/hsr/hsr_forward.c:365 hsr_forward_skb+0x122f/0x1c10
[   69.688793] Kernel panic - not syncing: panic_on_warn set ...
[   69.688793] 
[   69.696172] CPU: 0 PID: 7750 Comm: syz-executor577 Not tainted 4.19.34 #2
[   69.703093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.712435] Call Trace:
[   69.715214]  dump_stack+0x172/0x1f0
[   69.718836]  panic+0x263/0x51d
[   69.722342]  ? __warn_printk+0xf3/0xf3
[   69.726226]  ? hsr_forward_skb+0x122f/0x1c10
[   69.730631]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   69.736162]  ? __warn.cold+0x5/0x54
[   69.739984]  ? __warn+0xe8/0x1d0
[   69.743468]  ? hsr_forward_skb+0x122f/0x1c10
[   69.747864]  __warn.cold+0x20/0x54
[   69.751397]  ? hsr_forward_skb+0x122f/0x1c10
[   69.755957]  report_bug+0x263/0x2b0
[   69.759592]  do_error_trap+0x204/0x360
[   69.763487]  ? math_error+0x340/0x340
[   69.767275]  ? wake_up_klogd+0x99/0xd0
[   69.771843]  ? vprintk_emit+0x1ab/0x690
[   69.775904]  ? error_entry+0x76/0xd0
[   69.779762]  ? trace_hardirqs_off_caller+0x65/0x220
[   69.784925]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   69.789787]  do_invalid_op+0x1b/0x20
[   69.793508]  invalid_op+0x14/0x20
[   69.797070] RIP: 0010:hsr_forward_skb+0x122f/0x1c10
[   69.802087] Code: fb ff ff e8 43 13 85 fa 4c 89 e9 ba 6e 01 00 00 48 c7 c6 60 6e fa 87 48 c7 c7 a0 6e fa 87 c6 05 22 c5 4f 02 01 e8 3f ee 58 fa <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 80 3c 02
[   69.821411] RSP: 0018:ffff88808529f8e8 EFLAGS: 00010282
[   69.826763] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   69.834125] RDX: 0000000000000000 RSI: ffffffff8155d206 RDI: ffffed1010a53f0f
[   69.841490] RBP: ffff88808529f988 R08: ffff888096b1c040 R09: 0000000000000000
[   69.848749] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88808284d780
[   69.856026] R13: ffff88809adf6a00 R14: ffff88809e924d00 R15: ffff88809e924d10
[   69.863314]  ? vprintk_func+0x86/0x189
[   69.867206]  ? hsr_forward_skb+0x122f/0x1c10
[   69.871600]  ? validate_xmit_skb+0x746/0xd50
[   69.876012]  ? kasan_check_write+0x14/0x20
[   69.880240]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   69.885255]  hsr_dev_xmit+0x72/0xa0
[   69.888904]  dev_direct_xmit+0x352/0x650
[   69.892964]  ? validate_xmit_skb_list+0x130/0x130
[   69.898086]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   69.903615]  ? skb_copy_datagram_from_iter+0x441/0x670
[   69.908915]  packet_direct_xmit+0xfb/0x170
[   69.913140]  packet_sendmsg+0x3a95/0x6330
[   69.917382]  ? __lock_acquire+0x6eb/0x48f0
[   69.921622]  ? sock_has_perm+0x209/0x2a0
[   69.925684]  ? packet_notifier+0x840/0x840
[   69.929911]  ? release_sock+0x158/0x1c0
[   69.933982]  ? selinux_socket_sendmsg+0x36/0x40
[   69.938638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   69.944166]  ? security_socket_sendmsg+0x93/0xc0
[   69.948992]  ? packet_notifier+0x840/0x840
[   69.953212]  sock_sendmsg+0xdd/0x130
[   69.956933]  __sys_sendto+0x262/0x380
[   69.960720]  ? __ia32_sys_getpeername+0xb0/0xb0
[   69.965383]  ? __ia32_sys_socketpair+0xf0/0xf0
[   69.969987]  ? kernel_accept+0x310/0x310
[   69.974044]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   69.978797]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   69.983554]  ? do_syscall_64+0x26/0x610
[   69.987557]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   69.992919]  __x64_sys_sendto+0xe1/0x1a0
[   69.996990]  do_syscall_64+0x103/0x610
[   70.000865]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.006042] RIP: 0033:0x4419e9
[   70.009237] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   70.028239] RSP: 002b:00007ffe73c658d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   70.035975] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004419e9
[   70.043515] RDX: 000000000000000e RSI: 00000000200000c0 RDI: 0000000000000003
[   70.051129] RBP: 00000000004a9090 R08: 0000000000000000 R09: 0000000000000000
[   70.058521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402f30
[   70.065864] R13: 0000000000402fc0 R14: 0000000000000000 R15: 0000000000000000
[   70.073625] Kernel Offset: disabled
[   70.077305] Rebooting in 86400 seconds..