[....] Starting enhanced syslogd: rsyslogd[ 13.567583] audit: type=1400 audit(1517077012.243:5): avc: denied { syslog } for pid=3531 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.597842] audit: type=1400 audit(1517077017.273:6): avc: denied { map } for pid=3672 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 23.311895] audit: type=1400 audit(1517077021.987:7): avc: denied { map } for pid=3684 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.205' (ECDSA) to the list of known hosts. executing program [ 24.908045] audit: type=1400 audit(1517077023.583:8): avc: denied { map } for pid=3689 comm="syzkaller854130" path="/root/syzkaller854130971" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 24.911226] kasan: CONFIG_KASAN_INLINE enabled [ 24.911229] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 24.911235] general protection fault: 0000 [#1] SMP KASAN [ 24.911239] Dumping ftrace buffer: [ 24.911242] (ftrace buffer empty) [ 24.911243] Modules linked in: [ 24.911249] CPU: 1 PID: 3689 Comm: syzkaller854130 Not tainted 4.15.0-rc9+ #283 [ 24.911252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.911262] RIP: 0010:ip6t_do_table+0x12de/0x19d0 [ 24.911264] RSP: 0018:ffff8801db306c58 EFLAGS: 00010246 [ 24.911268] RAX: 0000000000000000 RBX: ffff8801bbe416c0 RCX: ffffffff84d30352 [ 24.911270] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff8801bbe4181e [ 24.911272] RBP: ffff8801db306e60 R08: ffff8801db306f60 R09: 0000000000000000 [ 24.911275] R10: 00000000000000d0 R11: 0000000000000000 R12: 0000000000000001 [ 24.911277] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8801bbe41790 [ 24.911280] FS: 0000000002408880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 24.911283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.911285] CR2: 0000558ca9bd2110 CR3: 00000001bb966005 CR4: 00000000001606e0 [ 24.911291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.911293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.911294] Call Trace: [ 24.911295] [ 24.911301] ? ip6t_error+0x60/0x60 [ 24.911316] ? ip6t_error+0x60/0x60 [ 24.911323] ? lock_acquire+0x1d5/0x580 [ 24.911327] ? ip6table_mangle_net_exit+0xa0/0xa0 [ 24.911334] ? lock_release+0xa40/0xa40 [ 24.911341] ip6table_security_hook+0x65/0x80 [ 24.911348] nf_hook_slow+0xba/0x1a0 [ 24.911356] ip6_input+0x368/0x560 [ 24.911361] ? ip6_input_finish+0x17a0/0x17a0 [ 24.911367] ? find_held_lock+0x35/0x1d0 [ 24.911373] ? ip6_make_skb+0x5e0/0x5e0 [ 24.911377] ? ipv6_rcv+0x16cd/0x1fa0 [ 24.911383] ip6_rcv_finish+0x297/0x8c0 [ 24.911387] ? ip6_input+0x560/0x560 [ 24.911393] ? ip6table_nat_in+0x2c/0x40 [ 24.911398] ? nf_hook_slow+0xd3/0x1a0 [ 24.911405] ipv6_rcv+0xf37/0x1fa0 [ 24.911413] ? ip6_rcv_finish+0x8c0/0x8c0 [ 24.911420] ? save_stack_trace+0x1a/0x20 [ 24.911427] ? mark_lock+0xb2c/0x1430 [ 24.911430] ? check_usage_backwards+0x410/0x410 [ 24.911438] ? ip6_input+0x560/0x560 [ 24.911443] ? ip6_rcv_finish+0x8c0/0x8c0 [ 24.911450] __netif_receive_skb_core+0x1a41/0x3460 [ 24.911459] ? nf_ingress+0x9f0/0x9f0 [ 24.911470] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 24.911475] ? check_noncircular+0x20/0x20 [ 24.911486] ? _raw_spin_unlock_irqrestore+0xa6/0xba [ 24.911492] ? try_to_wake_up+0xf9/0x1600 [ 24.911497] ? __lock_acquire+0x664/0x3e00 [ 24.911503] ? find_held_lock+0x35/0x1d0 [ 24.911512] ? swake_up+0x25f/0x430 [ 24.911516] ? check_noncircular+0x20/0x20 [ 24.911519] ? lock_downgrade+0x980/0x980 [ 24.911525] ? lock_release+0xa40/0xa40 [ 24.911531] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 24.911535] ? do_raw_spin_trylock+0x190/0x190 [ 24.911541] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 24.911547] ? find_held_lock+0x35/0x1d0 [ 24.911555] ? lock_acquire+0x1d5/0x580 [ 24.911558] ? process_backlog+0x45f/0x740 [ 24.911561] ? lock_acquire+0x1d5/0x580 [ 24.911565] ? process_backlog+0x1ab/0x740 [ 24.911572] ? lock_release+0xa40/0xa40 [ 24.911576] ? do_raw_spin_trylock+0x190/0x190 [ 24.911581] ? do_raw_spin_trylock+0x190/0x190 [ 24.911588] __netif_receive_skb+0x2c/0x1b0 [ 24.911592] ? __netif_receive_skb+0x2c/0x1b0 [ 24.911597] process_backlog+0x203/0x740 [ 24.911600] ? check_noncircular+0x20/0x20 [ 24.911609] net_rx_action+0x792/0x1910 [ 24.911619] ? napi_complete_done+0x6c0/0x6c0 [ 24.911629] ? rcu_read_lock_sched_held+0x108/0x120 [ 24.911636] ? debug_object_activate+0x307/0x730 [ 24.911645] ? note_gp_changes+0x650/0x650 [ 24.911650] ? timerqueue_add+0x1e9/0x280 [ 24.911657] ? enqueue_hrtimer+0x171/0x4a0 [ 24.911662] ? __remove_hrtimer+0x190/0x190 [ 24.911669] ? check_noncircular+0x20/0x20 [ 24.911672] ? find_held_lock+0x35/0x1d0 [ 24.911680] ? clockevents_program_event+0x163/0x2e0 [ 24.911684] ? lock_downgrade+0x980/0x980 [ 24.911693] ? __lock_is_held+0xb6/0x140 [ 24.911703] ? __local_bh_enable+0x10b/0x130 [ 24.911708] ? __do_softirq+0x7a0/0xb85 [ 24.911714] ? lock_downgrade+0x980/0x980 [ 24.911719] ? __irqentry_text_end+0x1f8d04/0x1f8d04 [ 24.911724] ? do_timer+0x50/0x50 [ 24.911729] ? native_apic_msr_write+0x5c/0x80 [ 24.911733] ? do_raw_spin_trylock+0x190/0x190 [ 24.911738] ? rcu_pm_notify+0xc0/0xc0 [ 24.911752] __do_softirq+0x2d7/0xb85 [ 24.911756] ? task_prio+0x40/0x40 [ 24.911764] ? __irqentry_text_end+0x1f8d04/0x1f8d04 [ 24.911767] ? irq_exit+0xbb/0x200 [ 24.911771] ? smp_apic_timer_interrupt+0x16b/0x700 [ 24.911776] ? smp_call_function_single_interrupt+0x640/0x640 [ 24.911779] ? _raw_spin_lock+0x32/0x40 [ 24.911785] ? _raw_spin_unlock+0x22/0x30 [ 24.911790] ? handle_edge_irq+0x2b4/0x7c0 [ 24.911794] ? task_prio+0x40/0x40 [ 24.911805] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 24.911813] do_softirq_own_stack+0x2a/0x40 [ 24.911814] [ 24.911818] do_softirq.part.19+0x14d/0x190 [ 24.911822] ? ip6_finish_output2+0xb73/0x23a0 [ 24.911826] __local_bh_enable_ip+0x1ee/0x230 [ 24.911831] ip6_finish_output2+0xba6/0x23a0 [ 24.911839] ? ip6_sk_dst_lookup_flow+0x7f0/0x7f0 [ 24.911847] ? ip6_mtu+0x36f/0x4d0 [ 24.911852] ? lock_downgrade+0x980/0x980 [ 24.911860] ? __lock_is_held+0xb6/0x140 [ 24.911869] ? ip6_mtu+0x1cd/0x4d0 [ 24.911874] ? ip6_dst_ifdown+0x3d0/0x3d0 [ 24.911879] ? nf_nat_ipv6_out+0x5e/0x5a0 [ 24.911886] ip6_finish_output+0x302/0x930 [ 24.911889] ? ip6_finish_output+0x302/0x930 [ 24.911896] ip6_output+0x1eb/0x840 [ 24.911901] ? ip6_finish_output+0x930/0x930 [ 24.911906] ? ip6_dst_hoplimit+0x26c/0x420 [ 24.911911] ? lock_downgrade+0x980/0x980 [ 24.911916] ? ip6_fragment+0x3470/0x3470 [ 24.911922] ? __lock_is_held+0xb6/0x140 [ 24.911927] ip6_local_out+0x95/0x160 [ 24.911933] ip6_send_skb+0xa1/0x330 [ 24.911936] ? csum_ipv6_magic+0x20/0x80 [ 24.911942] udp_v6_send_skb+0x33a/0xf70 [ 24.911950] udpv6_sendmsg+0x2835/0x3400 [ 24.911956] ? ip_reply_glue_bits+0xb0/0xb0 [ 24.911966] ? udpv6_setsockopt+0x80/0x80 [ 24.911979] ? avc_has_perm+0x43e/0x680 [ 24.911985] ? avc_has_perm_noaudit+0x520/0x520 [ 24.911989] ? check_noncircular+0x20/0x20 [ 24.911994] ? find_held_lock+0x35/0x1d0 [ 24.912006] ? lock_downgrade+0x980/0x980 [ 24.912013] ? find_held_lock+0x35/0x1d0 [ 24.912028] inet_sendmsg+0x11f/0x5e0 [ 24.912032] ? inet_sendmsg+0x11f/0x5e0 [ 24.912037] ? inet_recvmsg+0x5f0/0x5f0 [ 24.912042] ? selinux_socket_sendmsg+0x36/0x40 [ 24.912046] ? security_socket_sendmsg+0x89/0xb0 [ 24.912050] ? inet_recvmsg+0x5f0/0x5f0 [ 24.912056] sock_sendmsg+0xca/0x110 [ 24.912061] ___sys_sendmsg+0x767/0x8b0 [ 24.912067] ? copy_msghdr_from_user+0x590/0x590 [ 24.912070] ? lock_downgrade+0x980/0x980 [ 24.912077] ? rt6_check+0x310/0x310 [ 24.912082] ? __local_bh_enable_ip+0x121/0x230 [ 24.912087] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 24.912091] ? release_sock+0x1d4/0x2a0 [ 24.912094] ? trace_hardirqs_on+0xd/0x10 [ 24.912098] ? __local_bh_enable_ip+0x121/0x230 [ 24.912103] ? __fget_light+0x297/0x380 [ 24.912108] ? release_sock+0x1d4/0x2a0 [ 24.912113] ? __release_sock+0x360/0x360 [ 24.912116] ? lock_sock_nested+0x91/0x110 [ 24.912120] ? trace_hardirqs_on+0xd/0x10 [ 24.912124] ? __local_bh_enable_ip+0x121/0x230 [ 24.912131] ? ip6_datagram_connect+0x3a/0x50 [ 24.912138] ? __fdget+0x18/0x20 [ 24.912144] __sys_sendmsg+0xe5/0x210 [ 24.912147] ? __sys_sendmsg+0xe5/0x210 [ 24.912152] ? SyS_shutdown+0x290/0x290 [ 24.912166] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 24.912173] SyS_sendmsg+0x2d/0x50 [ 24.912178] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 24.912181] RIP: 0033:0x4412c9 [ 24.912183] RSP: 002b:00007ffd24832ef8 EFLAGS: 00000217 ORIG_RAX: 000000000000002e [ 24.912187] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00000000004412c9 [ 24.912189] RDX: 0000000000000000 RSI: 000000002000cfc8 RDI: 0000000000000004 [ 24.912191] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000000 [ 24.912193] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000402bf0 [ 24.912195] R13: 0000000000402c80 R14: 0000000000000000 R15: 0000000000000000 [ 24.912203] Code: 41 f6 87 83 00 00 00 04 75 37 e8 1e 28 9d fc 8b 85 54 fe ff ff 48 8b b5 90 fe ff ff 4c 8d 2c c6 44 8d 60 01 4c 89 e8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 5c 03 00 00 4d 89 7d 00 44 89 a5 54 fe ff [ 24.912270] RIP: ip6t_do_table+0x12de/0x19d0 RSP: ffff8801db306c58 [ 24.912294] ---[ end trace b310cb7198f0eb48 ]--- [ 24.912297] Kernel panic - not syncing: Fatal exception in interrupt [ 24.934280] Dumping ftrace buffer: [ 24.934284] (ftrace buffer empty) [ 24.934286] Kernel Offset: disabled [ 25.768013] Rebooting in 86400 seconds..