syzkaller login: [ 33.987276][ T24] audit: type=1400 audit(1561705160.756:35): avc: denied { map } for pid=7038 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts. [ 40.033419][ T24] audit: type=1400 audit(1561705166.806:36): avc: denied { map } for pid=7052 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/06/28 06:59:27 parsed 1 programs [ 41.142933][ T24] audit: type=1400 audit(1561705167.916:37): avc: denied { map } for pid=7052 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=63 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 41.145538][ T3773] kmemleak: Automatic memory scanning thread ended 2019/06/28 06:59:36 executed programs: 0 [ 49.769952][ T7068] IPVS: ftp: loaded support on port[0] = 21 [ 49.792858][ T7068] chnl_net:caif_netlink_parms(): no params data found [ 49.806461][ T7068] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.814024][ T7068] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.822003][ T7068] device bridge_slave_0 entered promiscuous mode [ 49.828970][ T7068] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.836197][ T7068] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.844122][ T7068] device bridge_slave_1 entered promiscuous mode [ 49.854148][ T7068] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.863194][ T7068] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.875147][ T7068] team0: Port device team_slave_0 added [ 49.881271][ T7068] team0: Port device team_slave_1 added [ 49.931562][ T7068] device hsr_slave_0 entered promiscuous mode [ 49.980925][ T7068] device hsr_slave_1 entered promiscuous mode [ 50.053157][ T7068] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.061065][ T7068] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.068429][ T7068] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.075773][ T7068] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.091994][ T7068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.100718][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.119182][ T3040] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.127561][ T3040] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.135818][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 50.145043][ T7068] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.164047][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.172426][ T47] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.180035][ T47] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.193441][ T7068] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 50.204302][ T7068] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 50.216314][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.225214][ T3040] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.232826][ T3040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.240911][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.249329][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.259159][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.268121][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.276419][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.284120][ T3040] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.295303][ T7068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.313905][ T24] audit: type=1400 audit(1561705177.086:38): avc: denied { associate } for pid=7068 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2019/06/28 06:59:42 executed programs: 1 2019/06/28 06:59:47 executed programs: 3 2019/06/28 06:59:53 executed programs: 5 2019/06/28 06:59:58 executed programs: 7 [ 72.370550][ T7096] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811cfbe800 (size 2048): comm "syz-executor.0", pid 7078, jiffies 4294942295 (age 28.230s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 20 00 00 00 22 01 00 00 00 00 00 00 08 00 00 00 ..."........... backtrace: [<000000004c8c1f67>] __kmalloc+0x161/0x2c0 [<00000000e34382eb>] bio_alloc_bioset+0x1b8/0x2c0 [<00000000236ea18a>] bio_copy_user_iov+0x113/0x4a0 [<000000005ddfeba1>] blk_rq_map_user_iov+0xc6/0x2b0 [<00000000298a6817>] blk_rq_map_user+0x71/0xb0 [<000000000c067365>] sg_common_write.isra.0+0x619/0xa10 [<00000000cd0bbae0>] sg_write.part.0+0x325/0x570 [<00000000e46354f5>] sg_write+0x44/0x64 [<000000008c646456>] __vfs_write+0x43/0xa0 [<00000000f895ba70>] vfs_write+0xee/0x210 [<00000000d52424c2>] ksys_write+0x7c/0x130 [<000000008cf96b2f>] __x64_sys_write+0x1e/0x30 [<00000000737a4257>] do_syscall_64+0x76/0x1a0 [<0000000024e56c72>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811a870800 (size 2048): comm "syz-executor.0", pid 7082, jiffies 4294942842 (age 22.760s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 20 00 00 00 22 01 00 00 00 00 00 00 08 00 00 00 ..."........... backtrace: [<000000004c8c1f67>] __kmalloc+0x161/0x2c0 [<00000000e34382eb>] bio_alloc_bioset+0x1b8/0x2c0 [<00000000236ea18a>] bio_copy_user_iov+0x113/0x4a0 [<000000005ddfeba1>] blk_rq_map_user_iov+0xc6/0x2b0 [<00000000298a6817>] blk_rq_map_user+0x71/0xb0 [<000000000c067365>] sg_common_write.isra.0+0x619/0xa10 [<00000000cd0bbae0>] sg_write.part.0+0x325/0x570 [<00000000e46354f5>] sg_write+0x44/0x64 [<000000008c646456>] __vfs_write+0x43/0xa0 [<00000000f895ba70>] vfs_write+0xee/0x210 [<00000000d52424c2>] ksys_write+0x7c/0x130 [<000000008cf96b2f>] __x64_sys_write+0x1e/0x30 [<00000000737a4257>] do_syscall_64+0x76/0x1a0 [<0000000024e56c72>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881174dc800 (size 2048): comm "syz-executor.0", pid 7089, jiffies 4294943884 (age 12.340s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 20 00 00 00 22 01 00 00 00 00 00 00 08 00 00 00 ..."........... backtrace: [<000000004c8c1f67>] __kmalloc+0x161/0x2c0 [<00000000e34382eb>] bio_alloc_bioset+0x1b8/0x2c0 [<00000000236ea18a>] bio_copy_user_iov+0x113/0x4a0 [<000000005ddfeba1>] blk_rq_map_user_iov+0xc6/0x2b0 [<00000000298a6817>] blk_rq_map_user+0x71/0xb0 [<000000000c067365>] sg_common_write.isra.0+0x619/0xa10 [<00000000cd0bbae0>] sg_write.part.0+0x325/0x570 [<00000000e46354f5>] sg_write+0x44/0x64 [<000000008c646456>] __vfs_write+0x43/0xa0 [<00000000f895ba70>] vfs_write+0xee/0x210 [<00000000d52424c2>] ksys_write+0x7c/0x130 [<000000008cf96b2f>] __x64_sys_write+0x1e/0x30 [<00000000737a4257>] do_syscall_64+0x76/0x1a0 [<0000000024e56c72>] entry_SYSCALL_64_after_hwframe+0x44/0xa9