Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   37.937414] audit: type=1800 audit(1568062255.569:33): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   37.961119] audit: type=1800 audit(1568062255.579:34): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   41.823802] audit: type=1400 audit(1568062259.459:35): avc:  denied  { map } for  pid=7488 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.10.6' (ECDSA) to the list of known hosts.
[   48.340683] audit: type=1400 audit(1568062265.979:36): avc:  denied  { map } for  pid=7500 comm="syz-executor337" path="/root/syz-executor337364509" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   48.360443] IPVS: ftp: loaded support on port[0] = 21
[   48.429246] chnl_net:caif_netlink_parms(): no params data found
[   48.458245] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.464992] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.472286] device bridge_slave_0 entered promiscuous mode
[   48.479843] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.486242] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.493345] device bridge_slave_1 entered promiscuous mode
[   48.507787] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   48.516961] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   48.533939] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   48.541595] team0: Port device team_slave_0 added
[   48.546992] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   48.554333] team0: Port device team_slave_1 added
[   48.560766] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   48.568618] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   48.630956] device hsr_slave_0 entered promiscuous mode
[   48.678683] device hsr_slave_1 entered promiscuous mode
[   48.718890] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   48.727301] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   48.741324] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.747737] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.754695] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.761104] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.792573] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   48.798708] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.806400] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   48.815144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.833976] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.841343] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.848542] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   48.858555] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   48.864727] 8021q: adding VLAN 0 to HW filter on device team0
[   48.873869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.881658] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.888015] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.897407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.905254] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.911766] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.930308] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   48.938253] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   48.946509] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.954759] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   48.967018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.975792] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   48.982022] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[   48.996358] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   49.006194] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.016690] FAULT_INJECTION: forcing a failure.
[   49.016690] name failslab, interval 1, probability 0, space 0, times 1
[   49.029027] CPU: 0 PID: 7501 Comm: syz-executor337 Not tainted 4.19.71 #0
[   49.036469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   49.045829] Call Trace:
[   49.048943]  dump_stack+0x172/0x1f0
[   49.052569]  should_fail.cold+0xa/0x1b
[   49.056462]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[   49.061567]  ? lock_downgrade+0x810/0x810
[   49.065711]  __should_failslab+0x121/0x190
[   49.069949]  should_failslab+0x9/0x14
[   49.073751]  kmem_cache_alloc_node_trace+0x274/0x720
[   49.078861]  __kmalloc_node+0x3d/0x80
[   49.082669]  qdisc_alloc+0xbb/0xa60
[   49.086283]  ? __lock_is_held+0xb6/0x140
[   49.090345]  qdisc_create_dflt+0x78/0x1e0
[   49.094481]  cbs_init+0xb5/0x300
[   49.097830]  ? qdisc_reset_queue+0x240/0x240
[   49.102245]  qdisc_create+0x58e/0x1230
[   49.106138]  ? security_capable+0x92/0xc0
[   49.110286]  ? tc_get_qdisc+0xbb0/0xbb0
[   49.114260]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.119786]  ? nla_parse+0x1fc/0x2f0
[   49.123485]  tc_modify_qdisc+0x51b/0x1bdc
[   49.127620]  ? qdisc_create+0x1230/0x1230
[   49.131752]  ? find_held_lock+0x35/0x130
[   49.135809]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   49.141340]  ? qdisc_create+0x1230/0x1230
[   49.145471]  rtnetlink_rcv_msg+0x463/0xb00
[   49.149692]  ? rtnetlink_put_metrics+0x560/0x560
[   49.154537]  ? netdev_pick_tx+0x300/0x300
[   49.158696]  ? netlink_deliver_tap+0x22d/0xc20
[   49.163302]  ? find_held_lock+0x35/0x130
[   49.167456]  netlink_rcv_skb+0x17d/0x460
[   49.171506]  ? rtnetlink_put_metrics+0x560/0x560
[   49.176253]  ? netlink_ack+0xb30/0xb30
[   49.180131]  ? kasan_check_read+0x11/0x20
[   49.184270]  ? netlink_deliver_tap+0x254/0xc20
[   49.188858]  rtnetlink_rcv+0x1d/0x30
[   49.192571]  netlink_unicast+0x537/0x720
[   49.196630]  ? netlink_attachskb+0x770/0x770
[   49.201085]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.206612]  netlink_sendmsg+0x8ae/0xd70
[   49.210662]  ? netlink_unicast+0x720/0x720
[   49.214886]  ? selinux_socket_sendmsg+0x36/0x40
[   49.219539]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.225114]  ? security_socket_sendmsg+0x8d/0xc0
[   49.229855]  ? netlink_unicast+0x720/0x720
[   49.234074]  sock_sendmsg+0xd7/0x130
[   49.237770]  ___sys_sendmsg+0x803/0x920
[   49.241732]  ? copy_msghdr_from_user+0x430/0x430
[   49.246574]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   49.252099]  ? proc_cwd_link+0x1d0/0x1d0
[   49.256153]  ? __vfs_write+0x11c/0x810
[   49.260026]  ? vfs_write+0x2f0/0x560
[   49.263738]  ? find_held_lock+0x35/0x130
[   49.267783]  ? vfs_write+0x2f0/0x560
[   49.271505]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.277043]  ? __fget_light+0x1a9/0x230
[   49.281092]  ? __fdget+0x1b/0x20
[   49.284440]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   49.289966]  __sys_sendmsg+0x105/0x1d0
[   49.293840]  ? __ia32_sys_shutdown+0x80/0x80
[   49.298237]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   49.302980]  ? do_syscall_64+0x26/0x620
[   49.306948]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.312297]  ? do_syscall_64+0x26/0x620
[   49.316259]  __x64_sys_sendmsg+0x78/0xb0
[   49.320309]  do_syscall_64+0xfd/0x620
[   49.324105]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.329306] RIP: 0033:0x4429a9
[   49.332504] Code: 43 02 00 85 c0 b8 00 00 00 00 48 0f 44 c3 5b c3 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   49.351392] RSP: 002b:00007fff66caa188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.359099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004429a9
[   49.366357] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   49.373645] RBP: 00007fff66caa1f0 R08: 0000000000000001 R09: 0000000000000035
[   49.380915] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   49.388168] R13: 0000000000000006 R14: 0000000000000000 R15: 0000000000000000
[   49.397691] kasan: CONFIG_KASAN_INLINE enabled
[   49.402646] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   49.410045] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   49.416278] CPU: 0 PID: 7501 Comm: syz-executor337 Not tainted 4.19.71 #0
[   49.423199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   49.432548] RIP: 0010:hrtimer_active+0x11e/0x230
[   49.437285] Code: 48 39 c3 0f 84 d3 00 00 00 e8 0e 21 0f 00 48 8b 45 c8 80 38 00 0f 85 06 01 00 00 49 8b 5d 30 4c 8d 63 10 4c 89 e0 48 c1 e8 03 <42> 0f b6 14 38 4c 89 e0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
[   49.456258] RSP: 0018:ffff88809b76f350 EFLAGS: 00010202
[   49.461639] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff88809ee1d078
[   49.468890] RDX: 0000000000000000 RSI: ffffffff815c4582 RDI: ffff88809ee1d040
[   49.476141] RBP: ffff88809b76f3a8 R08: ffff88808e480580 R09: ffffed1015d04733
[   49.483403] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000010
[   49.490752] R13: ffff88809ee1d040 R14: ffff88807faf0800 R15: dffffc0000000000
[   49.498009] FS:  0000000001d8a940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[   49.506394] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   49.512268] CR2: 0000000000000000 CR3: 0000000083fea000 CR4: 00000000001406f0
[   49.519537] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   49.526788] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   49.534047] Call Trace:
[   49.536627]  ? kasan_kmalloc+0xa0/0xf0
[   49.540520]  hrtimer_try_to_cancel+0x74/0x5b0
[   49.545009]  ? hrtimer_run_softirq+0x270/0x270
[   49.549577]  ? __lock_is_held+0xb6/0x140
[   49.553626]  hrtimer_cancel+0x20/0x40
[   49.557413]  qdisc_watchdog_cancel+0x16/0x20
[   49.561806]  cbs_destroy+0x5e/0xd0
[   49.565333]  ? cbs_dequeue_soft+0x400/0x400
[   49.570014]  qdisc_create+0xaa6/0x1230
[   49.573902]  ? security_capable+0x92/0xc0
[   49.578031]  ? tc_get_qdisc+0xbb0/0xbb0
[   49.582000]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.587530]  ? nla_parse+0x1fc/0x2f0
[   49.591228]  tc_modify_qdisc+0x51b/0x1bdc
[   49.595534]  ? qdisc_create+0x1230/0x1230
[   49.599743]  ? find_held_lock+0x35/0x130
[   49.603809]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   49.609341]  ? qdisc_create+0x1230/0x1230
[   49.613477]  rtnetlink_rcv_msg+0x463/0xb00
[   49.617693]  ? rtnetlink_put_metrics+0x560/0x560
[   49.622562]  ? netdev_pick_tx+0x300/0x300
[   49.626745]  ? netlink_deliver_tap+0x22d/0xc20
[   49.631319]  ? find_held_lock+0x35/0x130
[   49.635365]  netlink_rcv_skb+0x17d/0x460
[   49.639415]  ? rtnetlink_put_metrics+0x560/0x560
[   49.644201]  ? netlink_ack+0xb30/0xb30
[   49.648078]  ? kasan_check_read+0x11/0x20
[   49.652214]  ? netlink_deliver_tap+0x254/0xc20
[   49.657143]  rtnetlink_rcv+0x1d/0x30
[   49.660842]  netlink_unicast+0x537/0x720
[   49.664888]  ? netlink_attachskb+0x770/0x770
[   49.669279]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.674796]  netlink_sendmsg+0x8ae/0xd70
[   49.678857]  ? netlink_unicast+0x720/0x720
[   49.683079]  ? selinux_socket_sendmsg+0x36/0x40
[   49.687729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.693877]  ? security_socket_sendmsg+0x8d/0xc0
[   49.698628]  ? netlink_unicast+0x720/0x720
[   49.702851]  sock_sendmsg+0xd7/0x130
[   49.706547]  ___sys_sendmsg+0x803/0x920
[   49.710510]  ? copy_msghdr_from_user+0x430/0x430
[   49.715251]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   49.720774]  ? proc_cwd_link+0x1d0/0x1d0
[   49.724821]  ? __vfs_write+0x11c/0x810
[   49.728699]  ? vfs_write+0x2f0/0x560
[   49.732406]  ? find_held_lock+0x35/0x130
[   49.736447]  ? vfs_write+0x2f0/0x560
[   49.740146]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.745666]  ? __fget_light+0x1a9/0x230
[   49.749623]  ? __fdget+0x1b/0x20
[   49.752980]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   49.758516]  __sys_sendmsg+0x105/0x1d0
[   49.762389]  ? __ia32_sys_shutdown+0x80/0x80
[   49.766810]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   49.771572]  ? do_syscall_64+0x26/0x620
[   49.775545]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.780902]  ? do_syscall_64+0x26/0x620
[   49.784868]  __x64_sys_sendmsg+0x78/0xb0
[   49.788916]  do_syscall_64+0xfd/0x620
[   49.792701]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.797875] RIP: 0033:0x4429a9
[   49.801055] Code: 43 02 00 85 c0 b8 00 00 00 00 48 0f 44 c3 5b c3 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   49.819939] RSP: 002b:00007fff66caa188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.827633] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004429a9
[   49.834884] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   49.842149] RBP: 00007fff66caa1f0 R08: 0000000000000001 R09: 0000000000000035
[   49.849408] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   49.856659] R13: 0000000000000006 R14: 0000000000000000 R15: 0000000000000000
[   49.863921] Modules linked in:
[   49.867980] ---[ end trace 1657ab6f142951e8 ]---
[   49.872855] RIP: 0010:hrtimer_active+0x11e/0x230
[   49.877594] Code: 48 39 c3 0f 84 d3 00 00 00 e8 0e 21 0f 00 48 8b 45 c8 80 38 00 0f 85 06 01 00 00 49 8b 5d 30 4c 8d 63 10 4c 89 e0 48 c1 e8 03 <42> 0f b6 14 38 4c 89 e0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
[   49.896519] RSP: 0018:ffff88809b76f350 EFLAGS: 00010202
[   49.901963] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff88809ee1d078
[   49.909269] RDX: 0000000000000000 RSI: ffffffff815c4582 RDI: ffff88809ee1d040
[   49.916541] RBP: ffff88809b76f3a8 R08: ffff88808e480580 R09: ffffed1015d04733
[   49.923830] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000010
[   49.931285] R13: ffff88809ee1d040 R14: ffff88807faf0800 R15: dffffc0000000000
[   49.939034] FS:  0000000001d8a940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[   49.947366] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   49.953293] CR2: 0000000000000000 CR3: 0000000083fea000 CR4: 00000000001406f0
[   49.960586] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   49.967853] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   49.975295] Kernel panic - not syncing: Fatal exception
[   49.982084] Kernel Offset: disabled
[   49.985708] Rebooting in 86400 seconds..