Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   37.768754] audit: type=1800 audit(1568656130.352:33): pid=7302 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   41.717948] kauditd_printk_skb: 1 callbacks suppressed
[   41.717961] audit: type=1400 audit(1568656134.302:35): avc:  denied  { map } for  pid=7477 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts.
[   94.747113] audit: type=1400 audit(1568656187.332:36): avc:  denied  { map } for  pid=7489 comm="syz-executor318" path="/root/syz-executor318251282" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   94.773938] IPVS: ftp: loaded support on port[0] = 21
[   94.830519] chnl_net:caif_netlink_parms(): no params data found
[   94.864102] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.871057] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.878211] device bridge_slave_0 entered promiscuous mode
[   94.885650] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.892109] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.899058] device bridge_slave_1 entered promiscuous mode
[   94.915938] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.925198] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.941980] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   94.949726] team0: Port device team_slave_0 added
[   94.955361] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   94.962668] team0: Port device team_slave_1 added
[   94.967900] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   94.975400] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   95.042888] device hsr_slave_0 entered promiscuous mode
[   95.081053] device hsr_slave_1 entered promiscuous mode
[   95.161277] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   95.168511] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   95.182643] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.189072] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.196226] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.202619] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.233191] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   95.239276] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.247784] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   95.257907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.277322] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.284734] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.292791] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   95.303035] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   95.309115] 8021q: adding VLAN 0 to HW filter on device team0
[   95.318426] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.326318] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.332738] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.343150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.350820] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.357163] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.372319] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.379939] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.392745] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.402641] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.413328] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   95.419754] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.427453] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   95.435252] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.442916] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   95.457393] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   95.467137] 8021q: adding VLAN 0 to HW filter on device batadv0
executing program
executing program
[  200.510710] rcu: INFO: rcu_preempt self-detected stall on CPU
[  200.516835] rcu: 	0-...!: (10500 ticks this GP) idle=d5a/1/0x4000000000000004 softirq=12923/12923 fqs=0 
[  200.526627] rcu: 	 (t=10500 jiffies g=4937 q=158)
[  200.531523] rcu: rcu_preempt kthread starved for 10500 jiffies! g4937 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  200.542092] rcu: RCU grace-period kthread stack dump:
[  200.547275] rcu_preempt     I29424    10      2 0x80000000
[  200.552910] Call Trace:
[  200.555505]  __schedule+0x866/0x1dc0
[  200.559214]  ? pci_mmcfg_check_reserved+0x170/0x170
[  200.564220]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  200.569314]  ? lockdep_hardirqs_on+0x415/0x5d0
[  200.573887]  ? trace_hardirqs_on+0x67/0x220
[  200.578198]  schedule+0x92/0x1c0
[  200.581566]  schedule_timeout+0x4db/0xfc0
[  200.585734]  ? usleep_range+0x170/0x170
[  200.589709]  ? trace_hardirqs_on+0x67/0x220
[  200.594042]  ? kasan_check_read+0x11/0x20
[  200.598189]  ? __next_timer_interrupt+0x1a0/0x1a0
[  200.603029]  ? prepare_to_swait_exclusive+0x120/0x120
[  200.608213]  rcu_gp_kthread+0xd5c/0x2190
[  200.612280]  ? rcu_blocking_is_gp+0x90/0x90
[  200.616601]  ? trace_hardirqs_on+0x67/0x220
[  200.620910]  ? kasan_check_read+0x11/0x20
[  200.625066]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  200.630170]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  200.635697]  ? __kthread_parkme+0xfb/0x1b0
[  200.639924]  kthread+0x354/0x420
[  200.643283]  ? rcu_blocking_is_gp+0x90/0x90
[  200.647598]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  200.653123]  ret_from_fork+0x24/0x30
[  200.656875] NMI backtrace for cpu 0
[  200.660509] CPU: 0 PID: 7507 Comm: syz-executor318 Not tainted 4.19.73 #0
[  200.667437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  200.676796] Call Trace:
[  200.679369]  <IRQ>
[  200.681525]  dump_stack+0x172/0x1f0
[  200.685151]  nmi_cpu_backtrace.cold+0x63/0xa4
[  200.690426]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  200.695363]  nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[  200.701070]  arch_trigger_cpumask_backtrace+0x14/0x20
[  200.706254]  rcu_dump_cpu_stacks+0x189/0x1d5
[  200.710661]  ? wake_up_process+0x10/0x20
[  200.714719]  rcu_check_callbacks.cold+0x5e3/0xd90
[  200.719551]  ? trace_hardirqs_off+0x62/0x220
[  200.724068]  update_process_times+0x32/0x80
[  200.728385]  tick_sched_handle+0xa2/0x190
[  200.732523]  tick_sched_timer+0x47/0x130
[  200.738164]  __hrtimer_run_queues+0x33b/0xdc0
[  200.742648]  ? tick_sched_do_timer+0x1b0/0x1b0
[  200.747219]  ? hrtimer_fixup_activate+0x30/0x30
[  200.751979]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  200.757008]  ? ktime_get_update_offsets_now+0x2d3/0x440
[  200.762374]  hrtimer_interrupt+0x314/0x770
[  200.766614]  smp_apic_timer_interrupt+0x111/0x550
[  200.771448]  apic_timer_interrupt+0xf/0x20
[  200.775679] RIP: 0010:hhf_dequeue+0x58b/0xa00
[  200.780163] Code: b5 6c 03 00 00 e8 05 a5 dc fb 49 8d bd d4 02 00 00 48 89 f8 48 c1 e8 03 42 0f b6 14 20 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 <84> d2 0f 85 32 04 00 00 45 0f af b5 d4 02 00 00 48 89 df 45 01 fe
[  200.799224] RSP: 0018:ffff8880ae806fc8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
[  200.807100] RAX: 0000000000000007 RBX: ffff888098dc2738 RCX: ffffffff858eb8e9
[  200.814360] RDX: 0000000000000000 RSI: ffffffff858ebd9b RDI: ffff888098dc2754
[  200.821722] RBP: ffff8880ae807018 R08: ffff888083c3a200 R09: 0000000000000007
[  200.829096] R10: ffff888083c3ab98 R11: 0000000060d4fbdf R12: dffffc0000000000
[  200.836375] R13: ffff888098dc2480 R14: 0000000000000000 R15: 0000000000000000
[  200.843654]  ? apic_timer_interrupt+0xa/0x20
[  200.848187]  ? hhf_dequeue+0xb9/0xa00
[  200.851987]  ? hhf_dequeue+0x56b/0xa00
[  200.855874]  ? hhf_dequeue+0x56b/0xa00
[  200.859769]  __qdisc_run+0x1e7/0x1960
[  200.863605]  __dev_queue_xmit+0x165c/0x2fe0
[  200.867944]  ? netdev_pick_tx+0x300/0x300
[  200.872097]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  200.877629]  ? br_nf_post_routing+0x780/0x12f0
[  200.882203]  ? br_forward_finish+0x235/0x400
[  200.886888]  ? find_held_lock+0x35/0x130
[  200.891035]  ? br_forward_finish+0x235/0x400
[  200.895619]  dev_queue_xmit+0x18/0x20
[  200.899411]  ? dev_queue_xmit+0x18/0x20
[  200.904237]  br_dev_queue_push_xmit+0x405/0x5d0
[  200.909076]  ? kasan_check_read+0x11/0x20
[  200.913218]  br_forward_finish+0xfa/0x400
[  200.917360]  ? br_dev_queue_push_xmit+0x5d0/0x5d0
[  200.922292]  ? br_fdb_add.cold+0x8a/0x8a
[  200.926346]  ? kasan_check_read+0x11/0x20
[  200.930672]  __br_forward+0x647/0xb30
[  200.934863]  ? br_forward_finish+0x400/0x400
[  200.939281]  ? br_dev_queue_push_xmit+0x5d0/0x5d0
[  200.944392]  deliver_clone+0x61/0xc0
[  200.948111]  br_flood+0x4da/0x710
[  200.951574]  br_dev_xmit+0xeeb/0x1490
[  200.955367]  ? br_poll_controller+0x10/0x10
[  200.959689]  ? __lock_is_held+0xb6/0x140
[  200.963764]  dev_hard_start_xmit+0x1a5/0x980
[  200.968161]  ? check_preemption_disabled+0x48/0x290
[  200.973429]  __dev_queue_xmit+0x2704/0x2fe0
[  200.977738]  ? mark_held_locks+0x100/0x100
[  200.981964]  ? netdev_pick_tx+0x300/0x300
[  200.986101]  ? ip6_finish_output+0x574/0xbe0
[  200.990499]  ? find_held_lock+0x35/0x130
[  200.994556]  ? ip6_finish_output+0x574/0xbe0
[  200.998955]  ? mark_held_locks+0xb1/0x100
[  201.003126]  ? ip6_finish_output2+0x1784/0x2550
[  201.007791]  ? ip6_finish_output+0x574/0xbe0
[  201.013037]  ? ip6_finish_output2+0x1784/0x2550
[  201.019313]  dev_queue_xmit+0x18/0x20
[  201.023534]  ? dev_queue_xmit+0x18/0x20
[  201.028269]  ip6_finish_output2+0x12fd/0x2550
[  201.033566]  ? ip6_mtu+0x2e6/0x460
[  201.037565]  ? ip6_forward_finish+0x4d0/0x4d0
[  201.043509]  ? lock_downgrade+0x810/0x810
[  201.048814]  ? kasan_check_read+0x11/0x20
[  201.053574]  ip6_finish_output+0x574/0xbe0
[  201.058203]  ? ip6_finish_output+0x574/0xbe0
[  201.063838]  ip6_output+0x235/0x7c0
[  201.068015]  ? ip6_finish_output+0xbe0/0xbe0
[  201.073363]  ? ip6_fragment+0x3770/0x3770
[  201.079426]  ? icmp6_dst_alloc+0x432/0x660
[  201.084983]  mld_sendpack+0x9d3/0xeb0
[  201.088880]  ? nf_hook.constprop.0+0x560/0x560
[  201.093606]  ? mld_ifc_timer_expire+0x437/0x8a0
[  201.098420]  ? __local_bh_enable_ip+0x15a/0x270
[  201.103800]  mld_ifc_timer_expire+0x449/0x8a0
[  201.108973]  call_timer_fn+0x18d/0x720
[  201.112987]  ? mld_dad_timer_expire+0x1c0/0x1c0
[  201.118196]  ? process_timeout+0x40/0x40
[  201.122535]  ? run_timer_softirq+0x647/0x1700
[  201.127032]  ? trace_hardirqs_on+0x67/0x220
[  201.131779]  ? kasan_check_read+0x11/0x20
[  201.136009]  ? mld_dad_timer_expire+0x1c0/0x1c0
[  201.140738]  run_timer_softirq+0x652/0x1700
[  201.145149]  ? add_timer+0xbe0/0xbe0
[  201.148957]  ? kvm_clock_read+0x18/0x30
[  201.153011]  ? check_preemption_disabled+0x48/0x290
[  201.158106]  ? sched_clock+0x2e/0x50
[  201.161830]  __do_softirq+0x25c/0x921
[  201.165632]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  201.171168]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  201.176707]  irq_exit+0x180/0x1d0
[  201.180278]  smp_apic_timer_interrupt+0x13b/0x550
[  201.185455]  apic_timer_interrupt+0xf/0x20
[  201.189675]  </IRQ>
[  201.191979] RIP: 0010:depot_save_stack+0x23c/0x44f
[  201.197004] Code: 41 5e 41 5f 5d c3 48 89 d0 49 8b 54 c4 18 48 39 14 c1 0f 85 e6 fe ff ff 48 8d 50 01 49 39 c0 75 e5 48 8b 7d c8 48 85 ff 75 ab <eb> b3 83 f8 02 44 89 cb 0f 85 a9 fe ff ff 44 89 c8 48 89 ca 44 89
[  201.216346] RSP: 0018:ffff88809868fa10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  201.224460] RAX: 000000000000000c RBX: 000000001ea60e60 RCX: ffff88809868fa70
[  201.231994] RDX: 000000000000000d RSI: 00000000006000c0 RDI: 0000000000000000
[  201.239250] RBP: ffff88809868fa48 R08: 000000000000000c R09: 000000001f0d0bed
[  201.246595] R10: 00000000b035777b R11: 0000000053b381f5 R12: ffff88809a1eef90
[  201.254199] R13: ffff88809868fa58 R14: 0000000000060e60 R15: ffff88812c3f0640
[  201.261483]  save_stack+0xa9/0xd0
[  201.264924]  ? save_stack+0x45/0xd0
[  201.268538]  ? kasan_kmalloc+0xce/0xf0
[  201.272410]  ? kasan_slab_alloc+0xf/0x20
[  201.276474]  ? kmem_cache_alloc_trace+0x13b/0x760
[  201.281314]  ? sock_alloc_inode+0x63/0x260
[  201.285549]  ? alloc_inode+0x64/0x190
[  201.289333]  ? new_inode_pseudo+0x19/0xf0
[  201.293466]  ? sock_alloc+0x41/0x270
[  201.297162]  ? __sock_create+0xc2/0x730
[  201.301146]  ? __sys_socket+0x103/0x220
[  201.305209]  ? __x64_sys_socket+0x73/0xb0
[  201.309363]  ? do_syscall_64+0xfd/0x620
[  201.313326]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  201.318678]  ? mark_held_locks+0x100/0x100
[  201.322900]  ? lock_downgrade+0x810/0x810
[  201.327036]  ? kasan_check_read+0x11/0x20
[  201.331260]  ? fs_reclaim_acquire+0x20/0x20
[  201.335591]  ? find_held_lock+0x35/0x130
[  201.339648]  ? fs_reclaim_acquire+0x20/0x20
[  201.343959]  ? lock_downgrade+0x810/0x810
[  201.348096]  ? kasan_unpoison_shadow+0x35/0x50
[  201.352688]  kasan_kmalloc+0xce/0xf0
[  201.356416]  kasan_slab_alloc+0xf/0x20
[  201.360393]  kmem_cache_alloc_trace+0x13b/0x760
[  201.365184]  ? kmem_cache_alloc+0x32a/0x700
[  201.369599]  ? selinux_socket_create+0x2ab/0x610
[  201.374356]  ? sock_destroy_inode+0x60/0x60
[  201.378755]  sock_alloc_inode+0x63/0x260
[  201.382806]  alloc_inode+0x64/0x190
[  201.386424]  new_inode_pseudo+0x19/0xf0
[  201.390386]  sock_alloc+0x41/0x270
[  201.393948]  __sock_create+0xc2/0x730
[  201.397759]  __sys_socket+0x103/0x220
[  201.402022]  ? move_addr_to_kernel+0x80/0x80
[  201.406430]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  201.411200]  ? do_syscall_64+0x26/0x620
[  201.415180]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  201.420535]  ? do_syscall_64+0x26/0x620
[  201.424561]  __x64_sys_socket+0x73/0xb0
[  201.428621]  do_syscall_64+0xfd/0x620
[  201.432526]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  201.437813] RIP: 0033:0x442399
[  201.441027] Code: e8 9c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  201.460182] RSP: 002b:00007ffe78b34788 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  201.467883] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442399
[  201.475235] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002
[  201.482866] RBP: 000000000001750d R08: 0000000000000000 R09: 0000000000000000
[  201.490123] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  201.497645] R13: 00000000004032f0 R14: 0000000000000000 R15: 0000000000000000