Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 37.937414] audit: type=1800 audit(1568062255.569:33): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 37.961119] audit: type=1800 audit(1568062255.579:34): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 41.823802] audit: type=1400 audit(1568062259.459:35): avc: denied { map } for pid=7488 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.10.6' (ECDSA) to the list of known hosts. [ 48.340683] audit: type=1400 audit(1568062265.979:36): avc: denied { map } for pid=7500 comm="syz-executor337" path="/root/syz-executor337364509" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 48.360443] IPVS: ftp: loaded support on port[0] = 21 [ 48.429246] chnl_net:caif_netlink_parms(): no params data found [ 48.458245] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.464992] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.472286] device bridge_slave_0 entered promiscuous mode [ 48.479843] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.486242] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.493345] device bridge_slave_1 entered promiscuous mode [ 48.507787] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.516961] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.533939] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.541595] team0: Port device team_slave_0 added [ 48.546992] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.554333] team0: Port device team_slave_1 added [ 48.560766] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.568618] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.630956] device hsr_slave_0 entered promiscuous mode [ 48.678683] device hsr_slave_1 entered promiscuous mode [ 48.718890] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 48.727301] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 48.741324] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.747737] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.754695] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.761104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.792573] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 48.798708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.806400] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.815144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.833976] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.841343] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.848542] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 48.858555] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 48.864727] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.873869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.881658] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.888015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.897407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.905254] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.911766] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.930308] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 48.938253] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 48.946509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.954759] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 48.967018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.975792] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 48.982022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 48.996358] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 49.006194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.016690] FAULT_INJECTION: forcing a failure. [ 49.016690] name failslab, interval 1, probability 0, space 0, times 1 [ 49.029027] CPU: 0 PID: 7501 Comm: syz-executor337 Not tainted 4.19.71 #0 [ 49.036469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.045829] Call Trace: [ 49.048943] dump_stack+0x172/0x1f0 [ 49.052569] should_fail.cold+0xa/0x1b [ 49.056462] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 49.061567] ? lock_downgrade+0x810/0x810 [ 49.065711] __should_failslab+0x121/0x190 [ 49.069949] should_failslab+0x9/0x14 [ 49.073751] kmem_cache_alloc_node_trace+0x274/0x720 [ 49.078861] __kmalloc_node+0x3d/0x80 [ 49.082669] qdisc_alloc+0xbb/0xa60 [ 49.086283] ? __lock_is_held+0xb6/0x140 [ 49.090345] qdisc_create_dflt+0x78/0x1e0 [ 49.094481] cbs_init+0xb5/0x300 [ 49.097830] ? qdisc_reset_queue+0x240/0x240 [ 49.102245] qdisc_create+0x58e/0x1230 [ 49.106138] ? security_capable+0x92/0xc0 [ 49.110286] ? tc_get_qdisc+0xbb0/0xbb0 [ 49.114260] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.119786] ? nla_parse+0x1fc/0x2f0 [ 49.123485] tc_modify_qdisc+0x51b/0x1bdc [ 49.127620] ? qdisc_create+0x1230/0x1230 [ 49.131752] ? find_held_lock+0x35/0x130 [ 49.135809] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.141340] ? qdisc_create+0x1230/0x1230 [ 49.145471] rtnetlink_rcv_msg+0x463/0xb00 [ 49.149692] ? rtnetlink_put_metrics+0x560/0x560 [ 49.154537] ? netdev_pick_tx+0x300/0x300 [ 49.158696] ? netlink_deliver_tap+0x22d/0xc20 [ 49.163302] ? find_held_lock+0x35/0x130 [ 49.167456] netlink_rcv_skb+0x17d/0x460 [ 49.171506] ? rtnetlink_put_metrics+0x560/0x560 [ 49.176253] ? netlink_ack+0xb30/0xb30 [ 49.180131] ? kasan_check_read+0x11/0x20 [ 49.184270] ? netlink_deliver_tap+0x254/0xc20 [ 49.188858] rtnetlink_rcv+0x1d/0x30 [ 49.192571] netlink_unicast+0x537/0x720 [ 49.196630] ? netlink_attachskb+0x770/0x770 [ 49.201085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.206612] netlink_sendmsg+0x8ae/0xd70 [ 49.210662] ? netlink_unicast+0x720/0x720 [ 49.214886] ? selinux_socket_sendmsg+0x36/0x40 [ 49.219539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.225114] ? security_socket_sendmsg+0x8d/0xc0 [ 49.229855] ? netlink_unicast+0x720/0x720 [ 49.234074] sock_sendmsg+0xd7/0x130 [ 49.237770] ___sys_sendmsg+0x803/0x920 [ 49.241732] ? copy_msghdr_from_user+0x430/0x430 [ 49.246574] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 49.252099] ? proc_cwd_link+0x1d0/0x1d0 [ 49.256153] ? __vfs_write+0x11c/0x810 [ 49.260026] ? vfs_write+0x2f0/0x560 [ 49.263738] ? find_held_lock+0x35/0x130 [ 49.267783] ? vfs_write+0x2f0/0x560 [ 49.271505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.277043] ? __fget_light+0x1a9/0x230 [ 49.281092] ? __fdget+0x1b/0x20 [ 49.284440] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.289966] __sys_sendmsg+0x105/0x1d0 [ 49.293840] ? __ia32_sys_shutdown+0x80/0x80 [ 49.298237] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 49.302980] ? do_syscall_64+0x26/0x620 [ 49.306948] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.312297] ? do_syscall_64+0x26/0x620 [ 49.316259] __x64_sys_sendmsg+0x78/0xb0 [ 49.320309] do_syscall_64+0xfd/0x620 [ 49.324105] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.329306] RIP: 0033:0x4429a9 [ 49.332504] Code: 43 02 00 85 c0 b8 00 00 00 00 48 0f 44 c3 5b c3 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 49.351392] RSP: 002b:00007fff66caa188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 49.359099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004429a9 [ 49.366357] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 49.373645] RBP: 00007fff66caa1f0 R08: 0000000000000001 R09: 0000000000000035 [ 49.380915] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 49.388168] R13: 0000000000000006 R14: 0000000000000000 R15: 0000000000000000 [ 49.397691] kasan: CONFIG_KASAN_INLINE enabled [ 49.402646] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 49.410045] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 49.416278] CPU: 0 PID: 7501 Comm: syz-executor337 Not tainted 4.19.71 #0 [ 49.423199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.432548] RIP: 0010:hrtimer_active+0x11e/0x230 [ 49.437285] Code: 48 39 c3 0f 84 d3 00 00 00 e8 0e 21 0f 00 48 8b 45 c8 80 38 00 0f 85 06 01 00 00 49 8b 5d 30 4c 8d 63 10 4c 89 e0 48 c1 e8 03 <42> 0f b6 14 38 4c 89 e0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 [ 49.456258] RSP: 0018:ffff88809b76f350 EFLAGS: 00010202 [ 49.461639] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff88809ee1d078 [ 49.468890] RDX: 0000000000000000 RSI: ffffffff815c4582 RDI: ffff88809ee1d040 [ 49.476141] RBP: ffff88809b76f3a8 R08: ffff88808e480580 R09: ffffed1015d04733 [ 49.483403] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000010 [ 49.490752] R13: ffff88809ee1d040 R14: ffff88807faf0800 R15: dffffc0000000000 [ 49.498009] FS: 0000000001d8a940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 49.506394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.512268] CR2: 0000000000000000 CR3: 0000000083fea000 CR4: 00000000001406f0 [ 49.519537] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.526788] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.534047] Call Trace: [ 49.536627] ? kasan_kmalloc+0xa0/0xf0 [ 49.540520] hrtimer_try_to_cancel+0x74/0x5b0 [ 49.545009] ? hrtimer_run_softirq+0x270/0x270 [ 49.549577] ? __lock_is_held+0xb6/0x140 [ 49.553626] hrtimer_cancel+0x20/0x40 [ 49.557413] qdisc_watchdog_cancel+0x16/0x20 [ 49.561806] cbs_destroy+0x5e/0xd0 [ 49.565333] ? cbs_dequeue_soft+0x400/0x400 [ 49.570014] qdisc_create+0xaa6/0x1230 [ 49.573902] ? security_capable+0x92/0xc0 [ 49.578031] ? tc_get_qdisc+0xbb0/0xbb0 [ 49.582000] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.587530] ? nla_parse+0x1fc/0x2f0 [ 49.591228] tc_modify_qdisc+0x51b/0x1bdc [ 49.595534] ? qdisc_create+0x1230/0x1230 [ 49.599743] ? find_held_lock+0x35/0x130 [ 49.603809] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.609341] ? qdisc_create+0x1230/0x1230 [ 49.613477] rtnetlink_rcv_msg+0x463/0xb00 [ 49.617693] ? rtnetlink_put_metrics+0x560/0x560 [ 49.622562] ? netdev_pick_tx+0x300/0x300 [ 49.626745] ? netlink_deliver_tap+0x22d/0xc20 [ 49.631319] ? find_held_lock+0x35/0x130 [ 49.635365] netlink_rcv_skb+0x17d/0x460 [ 49.639415] ? rtnetlink_put_metrics+0x560/0x560 [ 49.644201] ? netlink_ack+0xb30/0xb30 [ 49.648078] ? kasan_check_read+0x11/0x20 [ 49.652214] ? netlink_deliver_tap+0x254/0xc20 [ 49.657143] rtnetlink_rcv+0x1d/0x30 [ 49.660842] netlink_unicast+0x537/0x720 [ 49.664888] ? netlink_attachskb+0x770/0x770 [ 49.669279] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.674796] netlink_sendmsg+0x8ae/0xd70 [ 49.678857] ? netlink_unicast+0x720/0x720 [ 49.683079] ? selinux_socket_sendmsg+0x36/0x40 [ 49.687729] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.693877] ? security_socket_sendmsg+0x8d/0xc0 [ 49.698628] ? netlink_unicast+0x720/0x720 [ 49.702851] sock_sendmsg+0xd7/0x130 [ 49.706547] ___sys_sendmsg+0x803/0x920 [ 49.710510] ? copy_msghdr_from_user+0x430/0x430 [ 49.715251] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 49.720774] ? proc_cwd_link+0x1d0/0x1d0 [ 49.724821] ? __vfs_write+0x11c/0x810 [ 49.728699] ? vfs_write+0x2f0/0x560 [ 49.732406] ? find_held_lock+0x35/0x130 [ 49.736447] ? vfs_write+0x2f0/0x560 [ 49.740146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.745666] ? __fget_light+0x1a9/0x230 [ 49.749623] ? __fdget+0x1b/0x20 [ 49.752980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.758516] __sys_sendmsg+0x105/0x1d0 [ 49.762389] ? __ia32_sys_shutdown+0x80/0x80 [ 49.766810] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 49.771572] ? do_syscall_64+0x26/0x620 [ 49.775545] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.780902] ? do_syscall_64+0x26/0x620 [ 49.784868] __x64_sys_sendmsg+0x78/0xb0 [ 49.788916] do_syscall_64+0xfd/0x620 [ 49.792701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.797875] RIP: 0033:0x4429a9 [ 49.801055] Code: 43 02 00 85 c0 b8 00 00 00 00 48 0f 44 c3 5b c3 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 49.819939] RSP: 002b:00007fff66caa188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 49.827633] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004429a9 [ 49.834884] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 49.842149] RBP: 00007fff66caa1f0 R08: 0000000000000001 R09: 0000000000000035 [ 49.849408] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 49.856659] R13: 0000000000000006 R14: 0000000000000000 R15: 0000000000000000 [ 49.863921] Modules linked in: [ 49.867980] ---[ end trace 1657ab6f142951e8 ]--- [ 49.872855] RIP: 0010:hrtimer_active+0x11e/0x230 [ 49.877594] Code: 48 39 c3 0f 84 d3 00 00 00 e8 0e 21 0f 00 48 8b 45 c8 80 38 00 0f 85 06 01 00 00 49 8b 5d 30 4c 8d 63 10 4c 89 e0 48 c1 e8 03 <42> 0f b6 14 38 4c 89 e0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 [ 49.896519] RSP: 0018:ffff88809b76f350 EFLAGS: 00010202 [ 49.901963] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff88809ee1d078 [ 49.909269] RDX: 0000000000000000 RSI: ffffffff815c4582 RDI: ffff88809ee1d040 [ 49.916541] RBP: ffff88809b76f3a8 R08: ffff88808e480580 R09: ffffed1015d04733 [ 49.923830] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000010 [ 49.931285] R13: ffff88809ee1d040 R14: ffff88807faf0800 R15: dffffc0000000000 [ 49.939034] FS: 0000000001d8a940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 49.947366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.953293] CR2: 0000000000000000 CR3: 0000000083fea000 CR4: 00000000001406f0 [ 49.960586] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 49.967853] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 49.975295] Kernel panic - not syncing: Fatal exception [ 49.982084] Kernel Offset: disabled [ 49.985708] Rebooting in 86400 seconds..