[ 26.866474][ T22] audit: type=1804 audit(1570163732.024:51): pid=6905 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="init" name="/run/utmp" dev="sda1" ino=1421 res=1 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.685734][ T22] kauditd_printk_skb: 11 callbacks suppressed [ 34.685739][ T22] audit: type=1400 audit(1570163739.874:63): avc: denied { map } for pid=6916 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.7' (ECDSA) to the list of known hosts. [ 41.366099][ T22] audit: type=1400 audit(1570163746.554:64): avc: denied { map } for pid=6930 comm="syz-executor869" path="/root/syz-executor869207604" dev="sda1" ino=16502 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program [ 58.854982][ T6930] kmemleak: 312 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811269f200 (size 224): comm "syz-executor869", pid 6931, jiffies 4294942085 (age 12.720s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 90 f9 2a 81 88 ff ff 00 48 f6 14 81 88 ff ff ...*.....H...... backtrace: [<00000000a27a363f>] kmem_cache_alloc_node+0x163/0x2f0 [<0000000083a17a67>] __alloc_skb+0x6e/0x210 [<000000004caaa4d8>] alloc_skb_with_frags+0x5f/0x250 [<000000008c89a71c>] sock_alloc_send_pskb+0x269/0x2a0 [<00000000deb542cb>] sock_alloc_send_skb+0x32/0x40 [<00000000ba84589b>] llc_ui_sendmsg+0x10a/0x540 [<00000000d0a7cc81>] sock_sendmsg+0x54/0x70 [<000000008c74ec08>] ___sys_sendmsg+0x194/0x3c0 [<000000002d8d327d>] __sys_sendmmsg+0xf4/0x270 [<000000006d789840>] __x64_sys_sendmmsg+0x28/0x30 [<000000009556ac4f>] do_syscall_64+0x73/0x1f0 [<0000000057a5130b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811fbcae00 (size 512): comm "syz-executor869", pid 6931, jiffies 4294942085 (age 12.720s) hex dump (first 32 bytes): 73 0f 00 00 00 00 00 00 69 63 65 73 2f 76 69 72 s.......ices/vir 74 75 61 6c 05 05 f3 6f 63 6b 2f 6e 62 64 31 34 tual...ock/nbd14 backtrace: [<0000000022552a6c>] kmem_cache_alloc_node_trace+0x161/0x2f0 [<000000002cddbe2c>] __kmalloc_node_track_caller+0x38/0x50 [<00000000cdb4d7bf>] __kmalloc_reserve.isra.0+0x40/0xb0 [<00000000f4490150>] __alloc_skb+0xa0/0x210 [<000000004caaa4d8>] alloc_skb_with_frags+0x5f/0x250 [<000000008c89a71c>] sock_alloc_send_pskb+0x269/0x2a0 [<00000000deb542cb>] sock_alloc_send_skb+0x32/0x40 [<00000000ba84589b>] llc_ui_sendmsg+0x10a/0x540 [<00000000d0a7cc81>] sock_sendmsg+0x54/0x70 [<000000008c74ec08>] ___sys_sendmsg+0x194/0x3c0 [<000000002d8d327d>] __sys_sendmmsg+0xf4/0x270 [<000000006d789840>] __x64_sys_sendmmsg+0x28/0x30 [<000000009556ac4f>] do_syscall_64+0x73/0x1f0 [<0000000057a5130b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88810f104f00 (size 224): comm "syz-executor869", pid 6931, jiffies 4294942085 (age 12.720s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 90 f9 2a 81 88 ff ff 00 48 f6 14 81 88 ff ff ...*.....H...... backtrace: [<00000000a27a363f>] kmem_cache_alloc_node+0x163/0x2f0 [<0000000083a17a67>] __alloc_skb+0x6e/0x210 [<000000004caaa4d8>] alloc_skb_with_frags+0x5f/0x250 [<000000008c89a71c>] sock_alloc_send_pskb+0x269/0x2a0 [<00000000deb542cb>] sock_alloc_send_skb+0x32/0x40 [<00000000ba84589b>] llc_ui_sendmsg+0x10a/0x540 [<00000000d0a7cc81>] sock_sendmsg+0x54/0x70 [<000000008c74ec08>] ___sys_sendmsg+0x194/0x3c0 [<000000002d8d327d>] __sys_sendmmsg+0xf4/0x270 [<000000006d789840>] __x64_sys_sendmmsg+0x28/0x30 [<000000009556ac4f>] do_syscall_64+0x73/0x1f0 [<0000000057a5130b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811fbca200 (size 512): comm "syz-executor869", pid 6931, jiffies 4294942085 (age 12.720s) hex dump (first 32 bytes): 72 0f 00 00 00 00 00 00 40 00 00 00 00 00 00 00 r.......@....... 40 00 40 00 05 05 f3 00 40 00 40 00 00 00 00 00 @.@.....@.@..... backtrace: [<0000000022552a6c>] kmem_cache_alloc_node_trace+0x161/0x2f0 [<000000002cddbe2c>] __kmalloc_node_track_caller+0x38/0x50 [<00000000cdb4d7bf>] __kmalloc_reserve.isra.0+0x40/0xb0 [<00000000f4490150>] __alloc_skb+0xa0/0x210 [<000000004caaa4d8>] alloc_skb_with_frags+0x5f/0x250 [<000000008c89a71c>] sock_alloc_send_pskb+0x269/0x2a0 [<00000000deb542cb>] sock_alloc_send_skb+0x32/0x40 [<00000000ba84589b>] llc_ui_sendmsg+0x10a/0x540 [<00000000d0a7cc81>] sock_sendmsg+0x54/0x70 [<000000008c74ec08>] ___sys_sendmsg+0x194/0x3c0 [<000000002d8d327d>] __sys_sendmmsg+0xf4/0x270 [<000000006d789840>] __x64_sys_sendmmsg+0x28/0x30 [<000000009556ac4f>] do_syscall_64+0x73/0x1f0 [<0000000057a5130b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9