[ 44.276750] audit: type=1800 audit(1579147595.647:29): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 44.297619] audit: type=1800 audit(1579147595.647:30): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.204' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 53.054684] kauditd_printk_skb: 5 callbacks suppressed [ 53.054700] audit: type=1400 audit(1579147604.427:36): avc: denied { map } for pid=8269 comm="syz-executor513" path="/root/syz-executor513714234" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 53.059516] list_del corruption, ffff8880a6042400->prev is LIST_POISON2 (dead000000000200) [ 53.060038] audit: type=1400 audit(1579147604.427:37): avc: denied { create } for pid=8269 comm="syz-executor513" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 53.087914] ------------[ cut here ]------------ [ 53.096041] audit: type=1400 audit(1579147604.427:38): avc: denied { write } for pid=8269 comm="syz-executor513" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 53.119682] kernel BUG at lib/list_debug.c:48! [ 53.119968] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 53.158637] CPU: 1 PID: 8269 Comm: syz-executor513 Not tainted 4.19.96-syzkaller #0 [ 53.166423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.175778] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 53.181475] Code: eb fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 2b eb 87 e8 e0 58 eb fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 2c eb 87 e8 cc 58 eb fd <0f> 0b 4c 89 f6 48 c7 c7 c0 2c eb 87 e8 bb 58 eb fd 0f 0b 90 90 90 [ 53.200365] RSP: 0018:ffff88809435f4a0 EFLAGS: 00010282 [ 53.205710] RAX: 000000000000004e RBX: ffff8880a6042400 RCX: 0000000000000000 [ 53.212967] RDX: 0000000000000000 RSI: ffffffff81558bc6 RDI: ffffed101286be86 [ 53.220221] RBP: ffff88809435f4b8 R08: 000000000000004e R09: ffff8880772ecd60 [ 53.227482] R10: 0000000000000000 R11: 0000000000000000 R12: dead000000000200 [ 53.234734] R13: ffff88808cb1d8f0 R14: ffff8880a6042400 R15: 0000000000000000 [ 53.242001] FS: 00000000011ca880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 53.250214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.256096] CR2: 0000000020000280 CR3: 00000000a507c000 CR4: 00000000001406e0 [ 53.263368] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.270659] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.277920] Call Trace: [ 53.280502] nf_tables_commit+0x1fc0/0x41a0 [ 53.284869] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 53.289738] ? nf_tables_setelem_notify.constprop.0+0x1f0/0x1f0 [ 53.295839] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.301373] ? nla_parse+0x1fc/0x2f0 [ 53.305080] nfnetlink_rcv_batch+0xcf6/0x1750 [ 53.309599] ? nf_tables_delset+0x3c1/0x830 [ 53.313913] ? nfnl_err_del+0x170/0x170 [ 53.317929] ? cred_has_capability+0x193/0x320 [ 53.322511] ? __netlink_lookup+0x3ab/0x760 [ 53.326839] ? selinux_capable+0x36/0x40 [ 53.330904] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.336433] ? security_capable+0x92/0xc0 [ 53.340578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.346105] ? ns_capable_common+0x141/0x170 [ 53.350511] ? memset+0x32/0x40 [ 53.353780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.359311] ? nla_parse+0x1fc/0x2f0 [ 53.363009] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 53.368010] nfnetlink_rcv+0x3ed/0x460 [ 53.371879] ? nfnetlink_rcv_batch+0x1750/0x1750 [ 53.376632] ? netlink_deliver_tap+0x254/0xc20 [ 53.381201] ? kasan_check_write+0x14/0x20 [ 53.385435] netlink_unicast+0x53a/0x730 [ 53.389483] ? netlink_attachskb+0x770/0x770 [ 53.393883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.399445] netlink_sendmsg+0x8ae/0xd70 [ 53.403520] ? netlink_unicast+0x730/0x730 [ 53.407750] ? selinux_socket_sendmsg+0x36/0x40 [ 53.412403] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.417931] ? security_socket_sendmsg+0x8d/0xc0 [ 53.422681] ? netlink_unicast+0x730/0x730 [ 53.426914] sock_sendmsg+0xd7/0x130 [ 53.430611] ___sys_sendmsg+0x803/0x920 [ 53.434572] ? copy_msghdr_from_user+0x430/0x430 [ 53.439322] ? rcu_read_lock_sched_held+0x110/0x130 [ 53.444328] ? mark_held_locks+0x100/0x100 [ 53.448568] ? __this_cpu_preempt_check+0x1d/0x30 [ 53.453408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.458944] ? percpu_counter_add_batch+0x13c/0x190 [ 53.463956] ? __fd_install+0x1bc/0x640 [ 53.467924] ? find_held_lock+0x35/0x130 [ 53.471970] ? __fd_install+0x1bc/0x640 [ 53.475953] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 53.481489] ? __fget_light+0x1a9/0x230 [ 53.485456] ? __fdget+0x1b/0x20 [ 53.488804] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 53.494352] __sys_sendmsg+0x105/0x1d0 [ 53.498223] ? __ia32_sys_shutdown+0x80/0x80 [ 53.502658] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 53.507406] ? do_syscall_64+0x26/0x620 [ 53.511381] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.516730] ? do_syscall_64+0x26/0x620 [ 53.520697] __x64_sys_sendmsg+0x78/0xb0 [ 53.524748] do_syscall_64+0xfd/0x620 [ 53.528535] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 53.533710] RIP: 0033:0x4406a9 [ 53.537063] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 53.555958] RSP: 002b:00007fff3a745388 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.563654] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004406a9 [ 53.570912] RDX: 0000000000042000 RSI: 0000000020000140 RDI: 0000000000000004 [ 53.578173] RBP: 00000000006ca018 R08: 0000000000000001 R09: 00000000004002c8 [ 53.585427] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000401f30 [ 53.592744] R13: 0000000000401fc0 R14: 0000000000000000 R15: 0000000000000000 [ 53.600058] Modules linked in: [ 53.603710] ---[ end trace 967503997fa2eb4e ]--- [ 53.608475] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 53.614513] Code: eb fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 2b eb 87 e8 e0 58 eb fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 2c eb 87 e8 cc 58 eb fd <0f> 0b 4c 89 f6 48 c7 c7 c0 2c eb 87 e8 bb 58 eb fd 0f 0b 90 90 90 [ 53.633474] RSP: 0018:ffff88809435f4a0 EFLAGS: 00010282 [ 53.638833] RAX: 000000000000004e RBX: ffff8880a6042400 RCX: 0000000000000000 [ 53.646235] RDX: 0000000000000000 RSI: ffffffff81558bc6 RDI: ffffed101286be86 [ 53.653554] RBP: ffff88809435f4b8 R08: 000000000000004e R09: ffff8880772ecd60 [ 53.660823] R10: 0000000000000000 R11: 0000000000000000 R12: dead000000000200 [ 53.668204] R13: ffff88808cb1d8f0 R14: ffff8880a6042400 R15: 0000000000000000 [ 53.675513] FS: 00000000011ca880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 53.683769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.689642] CR2: 0000000020000280 CR3: 00000000a507c000 CR4: 00000000001406e0 [ 53.696945] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.704249] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.711521] Kernel panic - not syncing: Fatal exception [ 53.718277] Kernel Offset: disabled [ 53.722007] Rebooting in 86400 seconds..