[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   27.683844][   T25] kauditd_printk_skb: 46 callbacks suppressed
[   27.683850][   T25] audit: type=1400 audit(1569301996.364:67): avc:  denied  { map } for  pid=6844 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.46' (ECDSA) to the list of known hosts.
[   60.521901][   T25] audit: type=1400 audit(1569302029.194:68): avc:  denied  { map } for  pid=6860 comm="syz-executor616" path="/root/syz-executor616789109" dev="sda1" ino=16498 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   67.414657][ T6861] IPVS: ftp: loaded support on port[0] = 21
[   67.433727][ T6861] chnl_net:caif_netlink_parms(): no params data found
[   67.445049][ T6861] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.452223][ T6861] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.459789][ T6861] device bridge_slave_0 entered promiscuous mode
[   67.466973][ T6861] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.474037][ T6861] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.481358][ T6861] device bridge_slave_1 entered promiscuous mode
[   67.490478][ T6861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.500198][ T6861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.511520][ T6861] team0: Port device team_slave_0 added
[   67.517632][ T6861] team0: Port device team_slave_1 added
[   67.563730][ T6861] device hsr_slave_0 entered promiscuous mode
[   67.613210][ T6861] device hsr_slave_1 entered promiscuous mode
[   67.674904][ T6861] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.681940][ T6861] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.689172][ T6861] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.696212][ T6861] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.709358][ T6861] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.717161][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.724836][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.732086][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.739714][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   67.748582][ T6861] 8021q: adding VLAN 0 to HW filter on device team0
[   67.756334][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.764578][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.771584][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.783425][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   67.791667][ T6863] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.798691][ T6863] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.806280][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   67.814872][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   67.822795][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   67.832634][ T6861] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.843588][ T6861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.856013][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   67.864032][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
[   67.871906][ T6863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.881464][ T6861] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.753418][ T2599] device bridge_slave_1 left promiscuous mode
[   72.759522][ T2599] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.813409][ T2599] device bridge_slave_0 left promiscuous mode
[   72.819553][ T2599] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.993633][ T2599] device hsr_slave_0 left promiscuous mode
[   73.053230][ T2599] device hsr_slave_1 left promiscuous mode
[   73.104368][ T2599] team0 (unregistering): Port device team_slave_1 removed
[   73.112247][ T2599] team0 (unregistering): Port device team_slave_0 removed
[   73.120579][ T2599] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   73.163751][ T2599] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   73.206764][ T2599] bond0 (unregistering): Released all slaves
[   77.145521][ T6860] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff88810cfb7f00 (size 224):
  comm "syz-executor616", pid 6861, jiffies 4294944064 (age 11.190s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 d0 98 2a 81 88 ff ff 00 00 00 00 00 00 00 00  ...*............
  backtrace:
    [<00000000aa3985bc>] kmem_cache_alloc_node+0x163/0x2f0
    [<0000000038b7bca2>] __alloc_skb+0x6e/0x210
    [<00000000210724ce>] llc_alloc_frame+0x66/0x110
    [<00000000959a9096>] llc_conn_ac_send_sabme_cmd_p_set_x+0x2f/0x140
    [<000000004802c028>] llc_conn_state_process+0x1ac/0x640
    [<000000002a5a00c4>] llc_establish_connection+0x110/0x170
    [<000000001a52edd2>] llc_ui_connect+0x10e/0x370
    [<000000008c1099e5>] __sys_connect+0x11d/0x170
    [<00000000cd7971cf>] __x64_sys_connect+0x1e/0x30
    [<00000000fb01026d>] do_syscall_64+0x73/0x1f0
    [<00000000f476f186>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881214e6400 (size 224):
  comm "softirq", pid 0, jiffies 4294944273 (age 9.100s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 d0 98 2a 81 88 ff ff 00 00 00 00 00 00 00 00  ...*............
  backtrace:
    [<00000000aa3985bc>] kmem_cache_alloc_node+0x163/0x2f0
    [<0000000038b7bca2>] __alloc_skb+0x6e/0x210
    [<00000000210724ce>] llc_alloc_frame+0x66/0x110
    [<00000000959a9096>] llc_conn_ac_send_sabme_cmd_p_set_x+0x2f/0x140
    [<000000004802c028>] llc_conn_state_process+0x1ac/0x640
    [<00000000f171c06c>] llc_conn_tmr_common_cb+0xe0/0x1b0
    [<000000009f8c3d68>] llc_conn_ack_tmr_cb+0x1e/0x30
    [<000000001c6b39f3>] call_timer_fn+0x45/0x1e0
    [<00000000f259735b>] run_timer_softirq+0x25f/0x750
    [<0000000059f0089d>] __do_softirq+0x115/0x33f
    [<000000001fe505c7>] irq_exit+0xbb/0xe0
    [<00000000d24002dc>] smp_apic_timer_interrupt+0x96/0x190
    [<00000000210ac0ab>] apic_timer_interrupt+0xf/0x20
    [<0000000034c8f4db>] _raw_spin_unlock_irqrestore+0x24/0x50
    [<00000000e11dcb06>] scan_gray_list+0xbf/0x160
    [<00000000ffd20a99>] kmemleak_scan+0x264/0x4b0