[   40.554027] audit: type=1800 audit(1555995285.214:30): pid=7596 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   45.016272] kauditd_printk_skb: 4 callbacks suppressed
[   45.016288] audit: type=1400 audit(1555995289.714:35): avc:  denied  { map } for  pid=7769 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.127' (ECDSA) to the list of known hosts.
executing program
[   54.667109] audit: type=1400 audit(1555995299.364:36): avc:  denied  { map } for  pid=7781 comm="syz-executor906" path="/root/syz-executor906908855" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   54.699846] FAULT_INJECTION: forcing a failure.
[   54.699846] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   54.711875] CPU: 0 PID: 7782 Comm: syz-executor906 Not tainted 4.19.36 #4
[   54.718811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.728155] Call Trace:
[   54.730750]  dump_stack+0x172/0x1f0
[   54.734379]  should_fail.cold+0xa/0x1b
[   54.738268]  ? mark_held_locks+0x100/0x100
[   54.743118]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[   54.748316]  ? mark_held_locks+0x100/0x100
[   54.752569]  __alloc_pages_nodemask+0x1ee/0x760
[   54.757228]  ? find_held_lock+0x35/0x130
[   54.761292]  ? __alloc_pages_slowpath+0x2870/0x2870
[   54.766326]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   54.771863]  ? lock_downgrade+0x810/0x810
[   54.776029]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[   54.781576]  alloc_pages_current+0x107/0x210
[   54.785982]  __get_free_pages+0xc/0x40
[   54.789953]  __tlb_remove_page_size+0x2ee/0x510
[   54.794787]  unmap_page_range+0xeee/0x1e70
[   54.799035]  ? vm_normal_page_pmd+0x2f0/0x2f0
[   54.803547]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   54.808927]  ? mark_held_locks+0x100/0x100
[   54.813176]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   54.818727]  ? uprobe_munmap+0xad/0x2b0
[   54.822695]  unmap_single_vma+0x19d/0x300
[   54.826838]  unmap_vmas+0xae/0x180
[   54.830379]  exit_mmap+0x2c2/0x530
[   54.834124]  ? __ia32_sys_munmap+0x80/0x80
[   54.838370]  ? __khugepaged_exit+0x2da/0x400
[   54.842885]  ? rcu_read_lock_sched_held+0x110/0x130
[   54.847912]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   54.853448]  ? __khugepaged_exit+0xcf/0x400
[   54.857771]  mmput+0x15f/0x4c0
[   54.861057]  do_exit+0x838/0x2fa0
[   54.864509]  ? mm_update_next_owner+0x660/0x660
[   54.869174]  ? up_read+0x1a/0x110
[   54.872619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   54.878155]  ? __do_page_fault+0x484/0xe90
[   54.882420]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   54.887174]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   54.891935]  do_group_exit+0x135/0x370
[   54.895853]  __x64_sys_exit_group+0x44/0x50
[   54.900188]  do_syscall_64+0x103/0x610
[   54.904084]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   54.909259] RIP: 0033:0x43fde8
[   54.912447] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00
[   54.931355] RSP: 002b:00007ffc309e1668 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   54.939091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043fde8
[   54.946445] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   54.953714] RBP: 00000000004bfa90 R08: 00000000000000e7 R09: ffffffffffffffd0
[   54.960999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.968619] R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000
[   56.743365] Bluetooth: hci0: command 0x1003 tx timeout
[   56.749088] Bluetooth: hci0: sending frame failed (-49)
[   58.822940] Bluetooth: hci0: command 0x1001 tx timeout
[   58.829692] Bluetooth: hci0: sending frame failed (-49)
[   60.902999] Bluetooth: hci0: command 0x1009 tx timeout
executing program
[   65.234421] FAULT_INJECTION: forcing a failure.
[   65.234421] name failslab, interval 1, probability 0, space 0, times 1
[   65.245894] CPU: 0 PID: 7785 Comm: syz-executor906 Not tainted 4.19.36 #4
[   65.253008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.262376] Call Trace:
[   65.265153]  dump_stack+0x172/0x1f0
[   65.268786]  should_fail.cold+0xa/0x1b
[   65.272674]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[   65.277792]  ? __lock_acquire+0x6eb/0x48f0
[   65.282035]  ? __lock_acquire+0x6eb/0x48f0
[   65.286291]  ? avc_has_extended_perms+0x10f0/0x10f0
[   65.291356]  ? is_bpf_text_address+0xac/0x170
[   65.295858]  __should_failslab+0x121/0x190
[   65.300101]  should_failslab+0x9/0x14
[   65.303962]  kmem_cache_alloc_node+0x56/0x710
[   65.308467]  ? mark_held_locks+0x100/0x100
[   65.312724]  __alloc_skb+0xd5/0x5f0
[   65.316428]  ? skb_scrub_packet+0x490/0x490
[   65.320871]  ? __lock_is_held+0xb6/0x140
[   65.324994]  ? ldsem_wake+0x40/0x40
[   65.328647]  bcsp_recv+0x8cc/0x13b0
[   65.332406]  hci_uart_tty_receive+0x22b/0x530
[   65.337074]  ? hci_uart_write_work+0x710/0x710
[   65.341769]  tty_ioctl+0xeb1/0x1530
[   65.345392]  ? tty_vhangup+0x30/0x30
[   65.349114]  ? proc_fail_nth_write+0x9d/0x1e0
[   65.353818]  ? proc_cwd_link+0x1d0/0x1d0
[   65.358617]  ? ___might_sleep+0x163/0x280
[   65.362902]  ? __might_sleep+0x95/0x190
[   65.366874]  ? tty_vhangup+0x30/0x30
[   65.370712]  do_vfs_ioctl+0xd6e/0x1390
[   65.374603]  ? selinux_file_ioctl+0x46f/0x5e0
[   65.379421]  ? selinux_file_ioctl+0x125/0x5e0
[   65.383936]  ? ioctl_preallocate+0x210/0x210
[   65.388392]  ? selinux_file_mprotect+0x620/0x620
[   65.393199]  ? super_setup_bdi_name+0x24b/0x260
[   65.397877]  ? vfs_write+0x160/0x560
[   65.401599]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.407138]  ? security_file_ioctl+0x93/0xc0
[   65.411572]  ksys_ioctl+0xab/0xd0
[   65.415149]  __x64_sys_ioctl+0x73/0xb0
[   65.419049]  do_syscall_64+0x103/0x610
[   65.423200]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   65.428460] RIP: 0033:0x441179
[   65.431657] Code: e8 5c ae 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   65.450608] RSP: 002b:00007ffc309e16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   65.458556] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441179
[   65.465966] RDX: 0000000020000100 RSI: 0000000000005412 RDI: 0000000000000003
[   65.473269] RBP: 00007ffc309e16c0 R08: 0000000000000001 R09: 0000000000000000
[   65.480848] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   65.488563] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[   65.496907] kasan: CONFIG_KASAN_INLINE enabled
[   65.497597] Bluetooth: Can't allocate mem for new packet
[   65.501748] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   65.515438] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   65.521863] CPU: 1 PID: 47 Comm: kworker/u4:2 Not tainted 4.19.36 #4
[   65.528434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   65.538534] Workqueue: events_unbound flush_to_ldisc
[   65.543649] RIP: 0010:skb_put+0x35/0x1e0
[   65.547905] Code: 89 f5 41 54 49 89 fc 53 4d 8d b4 24 c8 00 00 00 48 83 ec 08 e8 5c 7e 0a fc 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 58
[   65.566931] RSP: 0018:ffff8880a9877b28 EFLAGS: 00010202
[   65.572511] RAX: dffffc0000000000 RBX: ffff8880a189d340 RCX: ffffffff84e27a89
[   65.580087] RDX: 0000000000000019 RSI: ffffffff8560c6b4 RDI: 0000000000000000
[   65.587372] RBP: ffff8880a9877b58 R08: ffff8880a98b84c0 R09: ffffed1015d24733
[   65.594702] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000
[   65.601976] R13: 0000000000000001 R14: 00000000000000c8 R15: 0000000000000000
[   65.609250] FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   65.617478] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.623455] CR2: 00007fe66fd8d000 CR3: 00000000a0492000 CR4: 00000000001406e0
[   65.630834] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.638229] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   65.645515] Call Trace:
[   65.648107]  bcsp_recv+0x9b3/0x13b0
[   65.652782]  hci_uart_tty_receive+0x22b/0x530
[   65.657278]  ? hci_uart_write_work+0x710/0x710
[   65.661970]  tty_ldisc_receive_buf+0x164/0x1c0
[   65.666756]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   65.672445]  tty_port_default_receive_buf+0x7d/0xb0
[   65.677468]  flush_to_ldisc+0x228/0x390
[   65.681445]  process_one_work+0x98e/0x1760
[   65.685673]  ? pwq_dec_nr_in_flight+0x320/0x320
[   65.690450]  ? lock_acquire+0x16f/0x3f0
[   65.694432]  ? kasan_check_write+0x14/0x20
[   65.698666]  ? do_raw_spin_lock+0xc8/0x240
[   65.702909]  worker_thread+0x98/0xe40
[   65.706711]  ? trace_hardirqs_on+0x67/0x230
[   65.711144]  kthread+0x357/0x430
[   65.714508]  ? process_one_work+0x1760/0x1760
[   65.719174]  ? kthread_delayed_work_timer_fn+0x290/0x290
[   65.724787]  ret_from_fork+0x3a/0x50
[   65.728498] Modules linked in:
[   65.731956] ---[ end trace a41480f45287912a ]---
[   65.736766] RIP: 0010:skb_put+0x35/0x1e0
[   65.741020] Code: 89 f5 41 54 49 89 fc 53 4d 8d b4 24 c8 00 00 00 48 83 ec 08 e8 5c 7e 0a fc 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 58
[   65.760443] RSP: 0018:ffff8880a9877b28 EFLAGS: 00010202
[   65.765864] RAX: dffffc0000000000 RBX: ffff8880a189d340 RCX: ffffffff84e27a89
[   65.773198] RDX: 0000000000000019 RSI: ffffffff8560c6b4 RDI: 0000000000000000
[   65.780477] RBP: ffff8880a9877b58 R08: ffff8880a98b84c0 R09: ffffed1015d24733
[   65.787804] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000
[   65.795117] R13: 0000000000000001 R14: 00000000000000c8 R15: 0000000000000000
[   65.802400] FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   65.810819] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.816753] CR2: 00007fe66fd8d000 CR3: 00000000a0492000 CR4: 00000000001406e0
[   65.824077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.831422] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   65.838753] Kernel panic - not syncing: Fatal exception
[   65.845097] Kernel Offset: disabled
[   65.849219] Rebooting in 86400 seconds..