[   86.344473][   T27] audit: type=1400 audit(1578660669.091:37): avc:  denied  { watch } for  pid=10658 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1
[   86.372579][   T27] audit: type=1400 audit(1578660669.101:38): avc:  denied  { watch } for  pid=10658 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   86.818319][   T27] audit: type=1800 audit(1578660669.571:39): pid=10569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   86.840195][   T27] audit: type=1800 audit(1578660669.571:40): pid=10569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   89.500919][   T27] audit: type=1400 audit(1578660672.251:41): avc:  denied  { map } for  pid=10748 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.4' (ECDSA) to the list of known hosts.
executing program
[   96.260150][   T27] audit: type=1400 audit(1578660679.011:42): avc:  denied  { map } for  pid=10760 comm="syz-executor912" path="/root/syz-executor912208624" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   96.289839][T10761] IPVS: ftp: loaded support on port[0] = 21
executing program
[   96.343243][T10763] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.358472][T10763] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.380920][T10767] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
executing program
[   96.398548][T10768] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10768 comm=syz-executor912
[   96.424051][T10771] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
executing program
[   96.438364][T10772] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10772 comm=syz-executor912
[   96.463028][T10775] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.476799][T10775] bridge0: port 1(syz_tun) entered blocking state
[   96.483754][T10775] bridge0: port 1(syz_tun) entered disabled state
[   96.491312][T10775] device syz_tun entered promiscuous mode
executing program
[   96.503769][T10776] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.525490][T10779] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.537988][T10779] device syz_tun left promiscuous mode
[   96.543923][T10779] bridge0: port 1(syz_tun) entered disabled state
[   96.674995][T10779] bridge1: port 1(syz_tun) entered blocking state
[   96.681540][T10779] bridge1: port 1(syz_tun) entered disabled state
[   96.689149][T10779] device syz_tun entered promiscuous mode
[   96.700805][T10780] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.714093][T10779] device syz_tun left promiscuous mode
[   96.720013][T10779] bridge1: port 1(syz_tun) entered disabled state
executing program
executing program
[   96.886186][T10783] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.898809][T10783] bridge3: port 1(syz_tun) entered blocking state
[   96.905608][T10783] bridge3: port 1(syz_tun) entered disabled state
[   96.912736][T10783] device syz_tun entered promiscuous mode
[   96.924908][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz-executor912'.
[   96.949408][T10787] device syz_tun left promiscuous mode
[   96.955250][T10787] bridge3: port 1(syz_tun) entered disabled state
executing program
[   97.105312][T10787] bridge4: port 1(syz_tun) entered blocking state
[   97.111827][T10787] bridge4: port 1(syz_tun) entered disabled state
[   97.119496][T10787] device syz_tun entered promiscuous mode
[   97.141839][T10791] device syz_tun left promiscuous mode
[   97.147617][T10791] bridge4: port 1(syz_tun) entered disabled state
executing program
[   97.294998][T10791] bridge5: port 1(syz_tun) entered blocking state
[   97.301632][T10791] bridge5: port 1(syz_tun) entered disabled state
[   97.309210][T10791] device syz_tun entered promiscuous mode
[   97.332553][T10796] device syz_tun left promiscuous mode
[   97.339060][T10796] bridge5: port 1(syz_tun) entered disabled state
[   97.475088][T10796] bridge6: port 1(syz_tun) entered blocking state
[   97.481616][T10796] bridge6: port 1(syz_tun) entered disabled state
[   97.489159][T10796] device syz_tun entered promiscuous mode
[   97.501003][T10799] device syz_tun left promiscuous mode
[   97.506771][T10799] bridge6: port 1(syz_tun) entered disabled state
executing program
[   97.722665][T10802] bridge8: port 1(syz_tun) entered blocking state
[   97.729425][T10802] bridge8: port 1(syz_tun) entered disabled state
[   97.736628][T10802] device syz_tun entered promiscuous mode
[   97.752854][T10805] device syz_tun left promiscuous mode
[   97.759507][T10805] bridge8: port 1(syz_tun) entered disabled state
executing program
executing program
[   97.939428][T10807] bridge10: port 1(syz_tun) entered blocking state
[   97.946275][T10807] bridge10: port 1(syz_tun) entered disabled state
[   97.953540][T10807] device syz_tun entered promiscuous mode
[   97.982037][T10811] device syz_tun left promiscuous mode
[   97.987841][T10811] bridge10: port 1(syz_tun) entered disabled state
[   98.141680][T10812] ------------[ cut here ]------------
[   98.147165][T10812] DEBUG_LOCKS_WARN_ON(1)
[   98.147239][T10812] WARNING: CPU: 0 PID: 10812 at kernel/locking/lockdep.c:167 mark_lock+0x22b/0x1220
[   98.160889][T10812] Kernel panic - not syncing: panic_on_warn set ...
[   98.167527][T10812] CPU: 0 PID: 10812 Comm: syz-executor912 Not tainted 5.5.0-rc5-syzkaller #0
[   98.176265][T10812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   98.186304][T10812] Call Trace:
[   98.189582][T10812]  dump_stack+0x197/0x210
[   98.193932][T10812]  ? mark_lock+0x160/0x1220
[   98.198442][T10812]  panic+0x2e3/0x75c
[   98.202336][T10812]  ? add_taint.cold+0x16/0x16
[   98.207013][T10812]  ? __kasan_check_write+0x14/0x20
[   98.212111][T10812]  ? __warn.cold+0x14/0x3e
[   98.216510][T10812]  ? __warn+0xd9/0x1cf
[   98.220561][T10812]  ? mark_lock+0x22b/0x1220
[   98.225052][T10812]  __warn.cold+0x2f/0x3e
[   98.229297][T10812]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   98.235017][T10812]  ? mark_lock+0x22b/0x1220
[   98.239624][T10812]  report_bug+0x289/0x300
[   98.243954][T10812]  do_error_trap+0x11b/0x200
[   98.248549][T10812]  do_invalid_op+0x37/0x50
[   98.252963][T10812]  ? mark_lock+0x22b/0x1220
[   98.257461][T10812]  invalid_op+0x23/0x30
[   98.261665][T10812] RIP: 0010:mark_lock+0x22b/0x1220
[   98.266768][T10812] Code: d0 7c 08 84 d2 0f 85 a8 0e 00 00 44 8b 1d fd 22 21 09 45 85 db 75 b6 48 c7 c6 20 95 2b 88 48 c7 c7 60 95 2b 88 e8 94 3e eb ff <0f> 0b 31 db e9 aa fe ff ff 48 c7 c7 20 35 66 8b e8 70 4e 58 00 e9
[   98.286372][T10812] RSP: 0018:ffffc90001e771c8 EFLAGS: 00010082
[   98.292437][T10812] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   98.300390][T10812] RDX: 0000000000000000 RSI: ffffffff815e8506 RDI: fffff520003cee2b
[   98.308346][T10812] RBP: ffffc90001e77218 R08: ffff888097e98440 R09: fffffbfff1333511
[   98.316309][T10812] R10: fffffbfff1333510 R11: ffffffff8999a883 R12: 0000000000000002
[   98.324274][T10812] R13: ffff888097e98d28 R14: 0000000000000000 R15: 00000000000405d8
[   98.332245][T10812]  ? vprintk_func+0x86/0x189
[   98.336824][T10812]  ? mark_lock+0x22b/0x1220
[   98.341313][T10812]  __lock_acquire+0x1370/0x4a00
[   98.346261][T10812]  ? pointer+0x740/0x740
[   98.350491][T10812]  ? __kasan_check_read+0x11/0x20
[   98.355502][T10812]  ? __lock_acquire+0x8a0/0x4a00
[   98.360460][T10812]  ? __kasan_check_read+0x11/0x20
[   98.365532][T10812]  ? mark_held_locks+0xf0/0xf0
[   98.370284][T10812]  ? mark_held_locks+0xa4/0xf0
[   98.375030][T10812]  lock_acquire+0x190/0x410
[   98.379520][T10812]  ? dev_mc_seq_show+0x3e/0x240
[   98.384357][T10812]  _raw_spin_lock_bh+0x33/0x50
[   98.389105][T10812]  ? dev_mc_seq_show+0x3e/0x240
[   98.393940][T10812]  dev_mc_seq_show+0x3e/0x240
[   98.398599][T10812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.404843][T10812]  ? dev_seq_next+0x1c1/0x220
[   98.409524][T10812]  seq_read+0xad7/0x1170
[   98.413812][T10812]  ? seq_open_private+0x50/0x50
[   98.418673][T10812]  proc_reg_read+0x1fc/0x2c0
[   98.423268][T10812]  ? proc_reg_compat_ioctl+0x2a0/0x2a0
[   98.428713][T10812]  ? rw_verify_area+0x126/0x360
[   98.433545][T10812]  do_iter_read+0x4a4/0x660
[   98.438032][T10812]  ? dup_iter+0x260/0x260
[   98.442348][T10812]  vfs_readv+0xf0/0x160
[   98.446490][T10812]  ? compat_rw_copy_check_uvector+0x4c0/0x4c0
[   98.452540][T10812]  ? push_pipe+0x3e2/0x6a0
[   98.456946][T10812]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   98.463168][T10812]  ? iov_iter_get_pages_alloc+0x3a5/0x15b0
[   98.468962][T10812]  ? iov_iter_for_each_range+0x7d0/0x7d0
[   98.474594][T10812]  ? _raw_spin_unlock_irq+0x23/0x80
[   98.479784][T10812]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   98.485488][T10812]  default_file_splice_read+0x4fb/0xa20
[   98.491018][T10812]  ? kasan_kmalloc+0x9/0x10
[   98.495502][T10812]  ? __kmalloc+0x163/0x770
[   98.499895][T10812]  ? alloc_pipe_info+0x1ee/0x4f0
[   98.504828][T10812]  ? splice_direct_to_actor+0x80e/0xa30
[   98.510450][T10812]  ? iter_file_splice_write+0xc10/0xc10
[   98.515994][T10812]  ? __lock_acquire+0x16f2/0x4a00
[   98.520999][T10812]  ? __lock_acquire+0x16f2/0x4a00
[   98.526014][T10812]  ? cache_grow_end+0xa4/0x190
[   98.530771][T10812]  ? find_held_lock+0x35/0x130
[   98.535535][T10812]  ? cache_grow_end+0xa4/0x190
[   98.540296][T10812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.546538][T10812]  ? fsnotify+0x7fd/0xbb0
[   98.550861][T10812]  ? security_file_permission+0x8f/0x380
[   98.556479][T10812]  ? rw_verify_area+0x126/0x360
[   98.561327][T10812]  ? iter_file_splice_write+0xc10/0xc10
[   98.566855][T10812]  do_splice_to+0x127/0x180
[   98.571341][T10812]  splice_direct_to_actor+0x320/0xa30
[   98.576714][T10812]  ? generic_pipe_buf_nosteal+0x10/0x10
[   98.582254][T10812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.588493][T10812]  ? do_splice_to+0x180/0x180
[   98.593175][T10812]  ? rw_verify_area+0x126/0x360
[   98.598019][T10812]  do_splice_direct+0x1da/0x2a0
[   98.602864][T10812]  ? splice_direct_to_actor+0xa30/0xa30
[   98.608405][T10812]  ? rw_verify_area+0x126/0x360
[   98.613242][T10812]  do_sendfile+0x597/0xd00
[   98.617657][T10812]  ? do_compat_pwritev64+0x1c0/0x1c0
[   98.622929][T10812]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   98.628893][T10812]  ? __x64_sys_futex+0x404/0x590
[   98.633816][T10812]  __x64_sys_sendfile64+0x1dd/0x220
[   98.639011][T10812]  ? __ia32_sys_sendfile+0x230/0x230
[   98.644414][T10812]  ? do_syscall_64+0x26/0x790
[   98.649087][T10812]  ? lockdep_hardirqs_on+0x421/0x5e0
[   98.654360][T10812]  ? trace_hardirqs_on+0x67/0x240
[   98.659380][T10812]  do_syscall_64+0xfa/0x790
[   98.663869][T10812]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   98.669740][T10812] RIP: 0033:0x447709
[   98.673658][T10812] Code: e8 ec 0e 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   98.693259][T10812] RSP: 002b:00007f98d03bccf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   98.701656][T10812] RAX: ffffffffffffffda RBX: 00000000006dcc98 RCX: 0000000000447709
[   98.709610][T10812] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[   98.717573][T10812] RBP: 00000000006dcc90 R08: 0000000000000000 R09: 0000000000000000
[   98.725540][T10812] R10: 000000006f0a77bd R11: 0000000000000246 R12: 00000000006dcc9c
[   98.733513][T10812] R13: 00007f98d03bcd10 R14: 00007f98d03bcd10 R15: a7ffffffffffffde
[   98.742708][T10812] Kernel Offset: disabled
[   98.747034][T10812] Rebooting in 86400 seconds..