[   44.677954] audit: type=1800 audit(1551670491.589:31): pid=7927 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   48.726504] kauditd_printk_skb: 3 callbacks suppressed
[   48.726520] audit: type=1400 audit(1551670495.689:35): avc:  denied  { map } for  pid=8100 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.209' (ECDSA) to the list of known hosts.
[  361.595763] audit: type=1400 audit(1551670808.559:36): avc:  denied  { map } for  pid=8112 comm="syz-executor126" path="/root/syz-executor126971628" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  361.631929] IPVS: ftp: loaded support on port[0] = 21
[  361.676696] chnl_net:caif_netlink_parms(): no params data found
[  361.701747] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.708380] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.715387] device bridge_slave_0 entered promiscuous mode
[  361.722820] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.729234] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.735997] device bridge_slave_1 entered promiscuous mode
[  361.749690] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  361.758334] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  361.775526] team0: Port device team_slave_0 added
[  361.781414] team0: Port device team_slave_1 added
[  361.860707] device hsr_slave_0 entered promiscuous mode
[  361.909416] device hsr_slave_1 entered promiscuous mode
[  361.966013] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.972582] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.979435] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.986027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.015803] 8021q: adding VLAN 0 to HW filter on device bond0
[  362.028706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  362.049553] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.056873] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.065505] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  362.076238] 8021q: adding VLAN 0 to HW filter on device team0
[  362.085860] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  362.093691] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.100039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.119742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  362.127492] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.133958] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.141209] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  362.148866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  362.156691] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
[  362.164915] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  362.174296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  362.183659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  362.201614] 8021q: adding VLAN 0 to HW filter on device batadv0
[  362.215194] device rose0 entered promiscuous mode
executing program
executing program
[  362.221032] IPv6: ADDRCONF(NETDEV_CHANGE): rose0: link becomes ready
[  362.349115] kasan: CONFIG_KASAN_INLINE enabled
[  362.354076] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  362.361501] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  362.367742] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.0.0 #4
[  362.373704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.383194] RIP: 0010:rose_send_frame+0x1a8/0x280
[  362.388031] Code: c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 63 20 49 8d bc 24 58 03 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 7e 49 8b 94 24 58 03 00 00 e9 b8 fe ff ff e8 c0 04
[  362.406922] RSP: 0018:ffff8880ae807ae8 EFLAGS: 00010202
[  362.412271] RAX: dffffc0000000000 RBX: ffff88809aff8500 RCX: ffffffff8635d8db
[  362.419521] RDX: 000000000000006b RSI: ffffffff8635da0c RDI: 0000000000000358
[  362.426780] RBP: ffff8880ae807b18 R08: ffffffff8887dec0 R09: ffffed1012642f15
[  362.434030] R10: ffffed1012642f14 R11: ffff8880932178a3 R12: 0000000000000000
[  362.441280] R13: 0000000000000078 R14: 0000000000000005 R15: ffff888090879b40
[  362.448604] FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[  362.456820] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  362.462707] CR2: 00007f7c9a1ffe78 CR3: 000000007353d000 CR4: 00000000001406f0
[  362.469966] Call Trace:
[  362.472525]  <IRQ>
[  362.474678]  rose_transmit_clear_request+0x1de/0x2a0
[  362.479770]  ? __local_bh_enable_ip+0x15a/0x270
[  362.484422]  rose_rx_call_request+0x4ea/0x1990
[  362.488993]  ? rose_dev_get+0x21e/0x320
[  362.493015]  ? rose_release+0x410/0x410
[  362.497038]  rose_loopback_timer+0x26a/0x3f0
[  362.501565]  call_timer_fn+0x190/0x720
[  362.505528]  ? rose_link_rx_restart.cold+0xa9/0xa9
[  362.510442]  ? process_timeout+0x40/0x40
[  362.514491]  ? run_timer_softirq+0x647/0x1700
[  362.519026]  ? trace_hardirqs_on+0x67/0x230
[  362.523343]  ? kasan_check_read+0x11/0x20
[  362.527489]  ? rose_link_rx_restart.cold+0xa9/0xa9
[  362.532416]  run_timer_softirq+0x652/0x1700
[  362.536731]  ? add_timer+0xbe0/0xbe0
[  362.540507]  ? kvm_clock_read+0x18/0x30
[  362.544469]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.549992]  ? check_preemption_disabled+0x48/0x290
[  362.554991]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  362.560424]  __do_softirq+0x266/0x95a
[  362.564208]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.569726]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.575259]  irq_exit+0x180/0x1d0
[  362.578711]  smp_apic_timer_interrupt+0x14a/0x570
[  362.583538]  apic_timer_interrupt+0xf/0x20
[  362.587747]  </IRQ>
[  362.589967] RIP: 0010:native_safe_halt+0x2/0x10
[  362.594620] Code: ff ff ff 48 89 c7 48 89 45 d8 e8 79 96 a3 fa 48 8b 45 d8 e9 ce fe ff ff 48 89 df e8 68 96 a3 fa eb 82 90 90 90 90 90 90 fb f4 <c3> 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f4 c3 90 90 90 90 90 90
[  362.614164] RSP: 0018:ffffffff88807d08 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[  362.621855] RAX: 1ffffffff1125061 RBX: ffffffff8887dec0 RCX: 0000000000000000
[  362.629204] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff8887e73c
[  362.636554] RBP: ffffffff88807d38 R08: ffffffff8887dec0 R09: 0000000000000000
[  362.643808] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  362.651166] R13: ffffffff889282f8 R14: 0000000000000000 R15: 0000000000000000
[  362.658432]  ? default_idle+0x4e/0x330
[  362.662417]  arch_cpu_idle+0x10/0x20
[  362.666216]  default_idle_call+0x36/0x90
[  362.670278]  do_idle+0x386/0x570
[  362.673627]  ? arch_cpu_idle_exit+0x80/0x80
[  362.677926]  ? check_preemption_disabled+0x48/0x290
[  362.682916]  ? trace_hardirqs_on+0x67/0x230
[  362.687218]  cpu_startup_entry+0x1b/0x20
[  362.691263]  rest_init+0x245/0x37b
[  362.694796]  arch_call_rest_init+0xe/0x1b
[  362.698994]  start_kernel+0x803/0x83c
[  362.702900]  ? mem_encrypt_init+0xb/0xb
[  362.706961]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.712474]  ? x86_family+0x41/0x50
[  362.716077]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  362.721599]  x86_64_start_reservations+0x29/0x2b
[  362.726337]  x86_64_start_kernel+0x77/0x7b
[  362.730592]  secondary_startup_64+0xa4/0xb0
[  362.734901] Modules linked in:
[  362.738302] ---[ end trace 4f0b8dfe6fed5732 ]---
[  362.743060] RIP: 0010:rose_send_frame+0x1a8/0x280
[  362.747889] Code: c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 63 20 49 8d bc 24 58 03 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 7e 49 8b 94 24 58 03 00 00 e9 b8 fe ff ff e8 c0 04
[  362.766833] RSP: 0018:ffff8880ae807ae8 EFLAGS: 00010202
[  362.772202] RAX: dffffc0000000000 RBX: ffff88809aff8500 RCX: ffffffff8635d8db
[  362.779606] RDX: 000000000000006b RSI: ffffffff8635da0c RDI: 0000000000000358
[  362.786989] RBP: ffff8880ae807b18 R08: ffffffff8887dec0 R09: ffffed1012642f15
[  362.794287] R10: ffffed1012642f14 R11: ffff8880932178a3 R12: 0000000000000000
[  362.801562] R13: 0000000000000078 R14: 0000000000000005 R15: ffff888090879b40
[  362.808978] FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[  362.817193] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  362.823102] CR2: 00007f7c9a1ffe78 CR3: 000000007353d000 CR4: 00000000001406f0
[  362.830526] Kernel panic - not syncing: Fatal exception in interrupt
[  362.838008] Kernel Offset: disabled
[  362.841632] Rebooting in 86400 seconds..