[ 67.909326][ T26] audit: type=1800 audit(1568513871.700:32): pid=10030 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 68.706027][ T26] audit: type=1800 audit(1568513872.590:33): pid=10030 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.169' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 77.485972][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 77.485985][ T26] audit: type=1400 audit(1568513881.370:36): avc: denied { map } for pid=10222 comm="syz-executor199" path="/root/syz-executor199538581" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 77.520899][T10223] IPVS: ftp: loaded support on port[0] = 21 [ 77.543357][T10223] kasan: CONFIG_KASAN_INLINE enabled [ 77.548653][T10223] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 77.556736][T10223] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 77.563662][T10223] CPU: 0 PID: 10223 Comm: syz-executor199 Not tainted 5.3.0-rc8+ #0 [ 77.571609][T10223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.581679][T10223] RIP: 0010:__list_del_entry_valid+0x85/0xf5 [ 77.588068][T10223] Code: 0f 84 e1 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 e2 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 53 49 8b 14 24 4c 39 f2 0f 85 99 00 00 00 49 8d 7d [ 77.607644][T10223] RSP: 0018:ffff8880a533f450 EFLAGS: 00010246 [ 77.613685][T10223] RAX: dffffc0000000000 RBX: ffff88809f914940 RCX: ffffffff8159c28a [ 77.621631][T10223] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88809f914ca8 [ 77.629576][T10223] RBP: ffff8880a533f468 R08: 0000000000000004 R09: ffffed1014a67e7d [ 77.637520][T10223] R10: ffffed1014a67e7c R11: 0000000000000003 R12: 0000000000000000 [ 77.645469][T10223] R13: 0000000000000000 R14: ffff88809f914ca0 R15: ffff88809f914c00 [ 77.653417][T10223] FS: 0000555556960880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 77.662314][T10223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.668870][T10223] CR2: 00000000200001c0 CR3: 00000000a1372000 CR4: 00000000001406f0 [ 77.676817][T10223] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.684760][T10223] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.692702][T10223] Call Trace: [ 77.695972][T10223] cbs_destroy+0x7d/0x2a0 [ 77.700287][T10223] ? cbs_init+0x25d/0x450 [ 77.704590][T10223] ? cbs_dequeue_soft+0x410/0x410 [ 77.709587][T10223] qdisc_create+0xbc6/0x1210 [ 77.714160][T10223] ? tc_get_qdisc+0xc10/0xc10 [ 77.718813][T10223] ? __nla_parse+0x43/0x60 [ 77.723474][T10223] tc_modify_qdisc+0x524/0x1c50 [ 77.728299][T10223] ? qdisc_create+0x1210/0x1210 [ 77.733126][T10223] ? rtnetlink_rcv_msg+0x1ea/0xb00 [ 77.738218][T10223] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.744433][T10223] ? qdisc_create+0x1210/0x1210 [ 77.751252][T10223] rtnetlink_rcv_msg+0x463/0xb00 [ 77.756182][T10223] ? rtnetlink_put_metrics+0x580/0x580 [ 77.761616][T10223] ? lock_downgrade+0x920/0x920 [ 77.766440][T10223] ? netlink_remove_tap+0x4d0/0x4d0 [ 77.771608][T10223] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 77.777303][T10223] netlink_rcv_skb+0x177/0x450 [ 77.782051][T10223] ? rtnetlink_put_metrics+0x580/0x580 [ 77.787548][T10223] ? netlink_ack+0xb30/0xb30 [ 77.792120][T10223] ? lock_downgrade+0x920/0x920 [ 77.796954][T10223] ? netlink_deliver_tap+0x254/0xbf0 [ 77.802228][T10223] rtnetlink_rcv+0x1d/0x30 [ 77.806665][T10223] netlink_unicast+0x531/0x710 [ 77.811404][T10223] ? netlink_attachskb+0x7c0/0x7c0 [ 77.816492][T10223] ? _copy_from_iter_full+0x25d/0x8a0 [ 77.821841][T10223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.828055][T10223] netlink_sendmsg+0x8a5/0xd60 [ 77.832792][T10223] ? netlink_unicast+0x710/0x710 [ 77.837704][T10223] ? tomoyo_socket_sendmsg+0x26/0x30 [ 77.842998][T10223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.849233][T10223] ? security_socket_sendmsg+0x8d/0xc0 [ 77.854669][T10223] ? netlink_unicast+0x710/0x710 [ 77.859594][T10223] sock_sendmsg+0xd7/0x130 [ 77.863995][T10223] ___sys_sendmsg+0x803/0x920 [ 77.868643][T10223] ? copy_msghdr_from_user+0x440/0x440 [ 77.874105][T10223] ? lock_downgrade+0x920/0x920 [ 77.878955][T10223] ? rwlock_bug.part.0+0x90/0x90 [ 77.883874][T10223] ? __kasan_check_read+0x11/0x20 [ 77.888882][T10223] ? lock_downgrade+0x920/0x920 [ 77.893710][T10223] ? __might_fault+0xfb/0x1e0 [ 77.898365][T10223] ? __kasan_check_read+0x11/0x20 [ 77.903382][T10223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.909605][T10223] ? __fget_light+0x1a9/0x230 [ 77.914263][T10223] ? __fdget+0x1b/0x20 [ 77.918316][T10223] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.924539][T10223] __sys_sendmsg+0x105/0x1d0 [ 77.929105][T10223] ? __sys_sendmsg_sock+0xd0/0xd0 [ 77.934124][T10223] ? down_read_non_owner+0x450/0x450 [ 77.939387][T10223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.945618][T10223] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 77.951661][T10223] __x64_sys_sendmsg+0x78/0xb0 [ 77.956401][T10223] do_syscall_64+0xfd/0x6a0 [ 77.960877][T10223] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.966748][T10223] RIP: 0033:0x440c69 [ 77.970625][T10223] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.990204][T10223] RSP: 002b:00007ffd0d3f8d28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.998601][T10223] RAX: ffffffffffffffda RBX: 00000000004a23f0 RCX: 0000000000440c69 [ 78.006559][T10223] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 78.014518][T10223] RBP: 00000000006cb018 R08: 0000000120080522 R09: 0000000120080522 [ 78.022463][T10223] R10: 0000000120080522 R11: 0000000000000246 R12: 0000000000402170 [ 78.030419][T10223] R13: 0000000000402200 R14: 0000000000000000 R15: 0000000000000000 [ 78.038375][T10223] Modules linked in: [ 78.042405][T10223] ---[ end trace 83498506b0f3233f ]--- [ 78.047890][T10223] RIP: 0010:__list_del_entry_valid+0x85/0xf5 [ 78.053879][T10223] Code: 0f 84 e1 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 e2 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 53 49 8b 14 24 4c 39 f2 0f 85 99 00 00 00 49 8d 7d [ 78.073494][T10223] RSP: 0018:ffff8880a533f450 EFLAGS: 00010246 [ 78.079537][T10223] RAX: dffffc0000000000 RBX: ffff88809f914940 RCX: ffffffff8159c28a [ 78.087511][T10223] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88809f914ca8 [ 78.095490][T10223] RBP: ffff8880a533f468 R08: 0000000000000004 R09: ffffed1014a67e7d [ 78.103478][T10223] R10: ffffed1014a67e7c R11: 0000000000000003 R12: 0000000000000000 [ 78.111457][T10223] R13: 0000000000000000 R14: ffff88809f914ca0 R15: ffff88809f914c00 [ 78.119447][T10223] FS: 0000555556960880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 78.128384][T10223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.134977][T10223] CR2: 00000000200001c0 CR3: 00000000a1372000 CR4: 00000000001406f0 [ 78.142938][T10223] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.150918][T10223] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.158893][T10223] Kernel panic - not syncing: Fatal exception [ 78.166381][T10223] Kernel Offset: disabled [ 78.170713][T10223] Rebooting in 86400 seconds..