[....] Starting enhanced syslogd: rsyslogd[ 15.981711] audit: type=1400 audit(1519721688.636:5): avc: denied { syslog } for pid=4033 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.701748] audit: type=1400 audit(1519721691.356:6): avc: denied { map } for pid=4172 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. 2018/02/27 08:54:57 fuzzer started [ 25.040972] audit: type=1400 audit(1519721697.695:7): avc: denied { map } for pid=4183 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/02/27 08:54:58 dialing manager at 10.128.0.26:35219 [ 27.574280] can: request_module (can-proto-0) failed. [ 27.584423] can: request_module (can-proto-0) failed. 2018/02/27 08:55:00 kcov=true, comps=true [ 28.099271] audit: type=1400 audit(1519721700.754:8): avc: denied { map } for pid=4183 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=1163 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2018/02/27 08:55:00 executing program 7: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000551000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5435, &(0x7f00002b2ff8)) 2018/02/27 08:55:00 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getnetconf={0x14, 0x52, 0x401, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, []}, 0x14}, 0x1}, 0x0) 2018/02/27 08:55:00 executing program 1: clock_adjtime(0x2, &(0x7f0000d91f98)) 2018/02/27 08:55:00 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0x1, 0x4) sendto$inet(r0, &(0x7f0000a92000), 0xfffffffffffffc85, 0x800000020000000, &(0x7f0000303000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000aebffc), 0x4) writev(r0, &(0x7f0000793fa0)=[{&(0x7f0000dfa000)="06", 0x1}], 0x1) 2018/02/27 08:55:00 executing program 4: io_setup(0x1, &(0x7f0000479000)=0x0) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000738000)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f000079a000)}]) 2018/02/27 08:55:00 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000007d000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r0, r1) rt_sigprocmask(0x0, &(0x7f00001b6ff8)={0xfffffffffffffffe}, 0x0, 0x8) r2 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r2, 0x40003) sendfile(r0, r2, &(0x7f000000a000), 0x2) 2018/02/27 08:55:00 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 28.223899] audit: type=1400 audit(1519721700.878:9): avc: denied { map } for pid=4183 comm="syz-fuzzer" path="/root/syzkaller-shm297253234" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 28.286855] audit: type=1400 audit(1519721700.941:10): avc: denied { sys_admin } for pid=4225 comm="syz-executor7" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 28.336668] IPVS: ftp: loaded support on port[0] = 21 [ 28.377247] audit: type=1400 audit(1519721701.031:11): avc: denied { net_admin } for pid=4233 comm="syz-executor7" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 28.379288] IPVS: ftp: loaded support on port[0] = 21 [ 28.442141] IPVS: ftp: loaded support on port[0] = 21 [ 28.481827] IPVS: ftp: loaded support on port[0] = 21 [ 28.551820] IPVS: ftp: loaded support on port[0] = 21 [ 28.633936] IPVS: ftp: loaded support on port[0] = 21 [ 28.716484] IPVS: ftp: loaded support on port[0] = 21 [ 28.813177] IPVS: ftp: loaded support on port[0] = 21 [ 30.061823] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.165472] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.368964] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.444266] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.481856] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.643347] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.729745] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 30.874677] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 33.181994] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.188173] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.302622] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.308798] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.362047] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.368181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.456591] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.462891] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.475923] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.490276] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.496687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.592195] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.605165] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.611332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.714666] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.722977] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.732595] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 33.738876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.763428] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.778804] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.785182] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.798546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.834872] audit: type=1400 audit(1519721706.489:12): avc: denied { sys_chroot } for pid=4233 comm="syz-executor7" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 33.904745] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 33.910993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.921706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.943448] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 33.994701] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.001048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.008719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.027272] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.036301] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.043657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.059780] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.075657] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 34.081862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.143133] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.149481] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.161409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.190442] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.196670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.204074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.237803] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.244140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.251781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.261567] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.325576] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 34.331760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.338844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 2018/02/27 08:55:07 executing program 7: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:07 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000007d000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r0, r1) rt_sigprocmask(0x0, &(0x7f00001b6ff8)={0xfffffffffffffffe}, 0x0, 0x8) r2 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r2, 0x40003) sendfile(r0, r2, &(0x7f000000a000), 0x2) 2018/02/27 08:55:07 executing program 1: clock_adjtime(0x2, &(0x7f0000d91f98)) 2018/02/27 08:55:07 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/02/27 08:55:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000551000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5435, &(0x7f00002b2ff8)) 2018/02/27 08:55:07 executing program 4: io_setup(0x1, &(0x7f0000479000)=0x0) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000738000)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f000079a000)}]) 2018/02/27 08:55:07 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getnetconf={0x14, 0x52, 0x401, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, []}, 0x14}, 0x1}, 0x0) 2018/02/27 08:55:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0x1, 0x4) sendto$inet(r0, &(0x7f0000a92000), 0xfffffffffffffc85, 0x800000020000000, &(0x7f0000303000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000aebffc), 0x4) writev(r0, &(0x7f0000793fa0)=[{&(0x7f0000dfa000)="06", 0x1}], 0x1) 2018/02/27 08:55:07 executing program 7: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000551000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5435, &(0x7f00002b2ff8)) 2018/02/27 08:55:07 executing program 1: clock_adjtime(0x2, &(0x7f0000d91f98)) 2018/02/27 08:55:07 executing program 4: io_setup(0x1, &(0x7f0000479000)=0x0) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000738000)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f000079a000)}]) 2018/02/27 08:55:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0x1, 0x4) sendto$inet(r0, &(0x7f0000a92000), 0xfffffffffffffc85, 0x800000020000000, &(0x7f0000303000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000aebffc), 0x4) writev(r0, &(0x7f0000793fa0)=[{&(0x7f0000dfa000)="06", 0x1}], 0x1) 2018/02/27 08:55:07 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000007d000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r0, r1) rt_sigprocmask(0x0, &(0x7f00001b6ff8)={0xfffffffffffffffe}, 0x0, 0x8) r2 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r2, 0x40003) sendfile(r0, r2, &(0x7f000000a000), 0x2) 2018/02/27 08:55:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000551000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5435, &(0x7f00002b2ff8)) 2018/02/27 08:55:07 executing program 7: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:07 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000007d000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r0, r1) rt_sigprocmask(0x0, &(0x7f00001b6ff8)={0xfffffffffffffffe}, 0x0, 0x8) r2 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r2, 0x40003) sendfile(r0, r2, &(0x7f000000a000), 0x2) 2018/02/27 08:55:07 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getnetconf={0x14, 0x52, 0x401, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, []}, 0x14}, 0x1}, 0x0) 2018/02/27 08:55:07 executing program 4: io_setup(0x1, &(0x7f0000479000)=0x0) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000738000)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f000079a000)}]) 2018/02/27 08:55:07 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/02/27 08:55:07 executing program 1: clock_adjtime(0x2, &(0x7f0000d91f98)) 2018/02/27 08:55:07 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0x1, 0x4) sendto$inet(r0, &(0x7f0000a92000), 0xfffffffffffffc85, 0x800000020000000, &(0x7f0000303000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000aebffc), 0x4) writev(r0, &(0x7f0000793fa0)=[{&(0x7f0000dfa000)="06", 0x1}], 0x1) 2018/02/27 08:55:07 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000366000), 0x2) 2018/02/27 08:55:07 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/02/27 08:55:07 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getnetconf={0x14, 0x52, 0x401, 0xffffffffffffffff, 0xffffffffffffffff, {0x2}, []}, 0x14}, 0x1}, 0x0) 2018/02/27 08:55:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 34.592376] kasan: CONFIG_KASAN_INLINE enabled [ 34.597174] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 34.604594] general protection fault: 0000 [#1] SMP KASAN [ 34.610127] Dumping ftrace buffer: [ 34.613658] (ftrace buffer empty) [ 34.617363] Modules linked in: [ 34.620552] CPU: 0 PID: 5566 Comm: syz-executor6 Not tainted 4.16.0-rc3+ #331 [ 34.627812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.637176] RIP: 0010:hrtimer_active+0x1da/0x3c0 2018/02/27 08:55:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000197fe0)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000867000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x10002) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x100002) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 34.641920] RSP: 0018:ffff8801b181f3c0 EFLAGS: 00010202 [ 34.647281] RAX: 0000000000000008 RBX: 1ffff10036303ea5 RCX: ffffffff81610225 [ 34.654548] RDX: 0000000000010000 RSI: ffffc90004566000 RDI: 0000000000000010 [ 34.661810] RBP: ffff8801b181f500 R08: 0000000000002c02 R09: 0000000000000000 [ 34.669075] R10: 0000000000000011 R11: ffffed003711b090 R12: 0000000000000010 [ 34.676341] R13: 0000000000000000 R14: ffffed0036303e83 R15: dffffc0000000000 [ 34.683601] FS: 00007f31a5635700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 34.691823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.697692] CR2: 00007f31a55f3000 CR3: 00000001cc324002 CR4: 00000000001626f0 [ 34.704943] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.712187] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.719435] Call Trace: [ 34.722011] ? hrtimer_forward+0x2d0/0x2d0 [ 34.726228] ? vmx_update_msr_bitmap+0x13a/0x430 [ 34.730959] ? setup_msrs+0x926/0x1d80 [ 34.734832] ? vmx_set_cr4+0x353/0x610 [ 34.738699] hrtimer_try_to_cancel+0x91/0x5b0 [ 34.743170] ? update_exception_bitmap+0x19a/0x200 [ 34.748073] ? __hrtimer_get_remaining+0x1c0/0x1c0 [ 34.752982] ? vmx_vcpu_reset+0x55f/0xc70 [ 34.757114] ? load_vmcs12_host_state+0x1fa0/0x1fa0 [ 34.762114] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 34.766935] ? kvm_arch_vcpu_load+0x1c1/0x8d0 [ 34.771407] ? futex_wake+0x680/0x680 [ 34.775193] hrtimer_cancel+0x22/0x40 [ 34.778977] kvm_lapic_reset+0x93/0xf40 [ 34.782942] ? kvm_lapic_set_base+0x750/0x750 [ 34.787418] ? kvm_arch_vcpu_free+0x80/0x80 [ 34.791721] kvm_arch_vcpu_setup+0x31/0x50 [ 34.795934] kvm_vm_ioctl+0x52d/0x1cf0 [ 34.799797] ? wake_up_q+0x8a/0xe0 [ 34.803315] ? kvm_set_memory_region+0x50/0x50 [ 34.807873] ? get_futex_key+0x1d50/0x1d50 [ 34.812092] ? perf_trace_lock+0xd6/0x900 [ 34.816220] ? trace_event_raw_event_lock+0x340/0x340 [ 34.821386] ? lock_release+0xa40/0xa40 [ 34.825335] ? trace_hardirqs_off+0x10/0x10 [ 34.829639] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 34.834631] ? trace_hardirqs_on+0xd/0x10 [ 34.838763] ? find_held_lock+0x35/0x1d0 [ 34.842803] ? __fget+0x342/0x5b0 [ 34.846228] ? lock_downgrade+0x980/0x980 [ 34.850365] ? lock_release+0xa40/0xa40 [ 34.854325] ? __lock_is_held+0xb6/0x140 [ 34.858368] ? __fget+0x36b/0x5b0 [ 34.861800] ? iterate_fd+0x3f0/0x3f0 [ 34.865572] ? check_same_owner+0x320/0x320 [ 34.869868] ? get_unused_fd_flags+0x190/0x190 [ 34.874432] ? kvm_set_memory_region+0x50/0x50 [ 34.878987] do_vfs_ioctl+0x1b1/0x1520 [ 34.882855] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 34.887760] ? ioctl_preallocate+0x2b0/0x2b0 [ 34.892147] ? selinux_capable+0x40/0x40 [ 34.896185] ? SyS_futex+0x1fb/0x390 [ 34.899880] ? security_file_ioctl+0x7d/0xb0 [ 34.904271] ? security_file_ioctl+0x89/0xb0 [ 34.908665] SyS_ioctl+0x8f/0xc0 [ 34.912007] ? do_vfs_ioctl+0x1520/0x1520 [ 34.916164] do_syscall_64+0x281/0x940 [ 34.920034] ? __do_page_fault+0xc90/0xc90 [ 34.924247] ? _raw_spin_unlock_irq+0x27/0x70 [ 34.928720] ? finish_task_switch+0x1c1/0x7e0 [ 34.933194] ? syscall_return_slowpath+0x550/0x550 [ 34.938112] ? syscall_return_slowpath+0x2ac/0x550 [ 34.943024] ? prepare_exit_to_usermode+0x350/0x350 [ 34.948030] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 34.953374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.958196] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.963357] RIP: 0033:0x453d69 [ 34.966521] RSP: 002b:00007f31a5634c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 34.974201] RAX: ffffffffffffffda RBX: 00007f31a56356d4 RCX: 0000000000453d69 [ 34.981447] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000014 [ 34.988692] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 34.995936] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 35.003178] R13: 000000000000020e R14: 00000000006f31f0 R15: 0000000000000000 [ 35.010428] Code: ff ff 48 8d 85 18 ff ff ff 48 c1 e8 03 4e 8d 34 38 e8 1b f2 0f 00 48 8b 85 f0 fe ff ff c6 00 00 48 8b 85 d8 fe ff ff 48 c1 e8 03 <42> 80 3c 38 00 0f 85 c2 01 00 00 48 8b 85 e8 fe ff ff 48 8b 58 [ 35.029524] RIP: hrtimer_active+0x1da/0x3c0 RSP: ffff8801b181f3c0 [ 35.036416] ---[ end trace 60a5f2c8cf2e1515 ]--- [ 35.041197] Kernel panic - not syncing: Fatal exception [ 35.047012] Dumping ftrace buffer: [ 35.050533] (ftrace buffer empty) [ 35.054214] Kernel Offset: disabled [ 35.057811] Rebooting in 86400 seconds..