[....] Starting enhanced syslogd: rsyslogd[ 16.641114] audit: type=1400 audit(1519158544.619:5): avc: denied { syslog } for pid=4011 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.680642] audit: type=1400 audit(1519158550.659:6): avc: denied { map } for pid=4152 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.15.221' (ECDSA) to the list of known hosts. executing program executing program [ 28.987112] audit: type=1400 audit(1519158556.965:7): avc: denied { map } for pid=4166 comm="syzkaller784367" path="/root/syzkaller784367192" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 29.006813] kasan: CONFIG_KASAN_INLINE enabled [ 29.017741] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 29.025121] general protection fault: 0000 [#1] SMP KASAN [ 29.030630] Dumping ftrace buffer: [ 29.034140] (ftrace buffer empty) [ 29.037822] Modules linked in: [ 29.040988] CPU: 1 PID: 4177 Comm: syzkaller784367 Not tainted 4.16.0-rc2+ #234 [ 29.048408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.057742] RIP: 0010:ipt_do_table+0x12ee/0x1950 [ 29.062466] RSP: 0018:ffff8801db506360 EFLAGS: 00010246 [ 29.067799] RAX: 0000000000000000 RBX: ffff8801af9d9048 RCX: ffffffff84b7907d [ 29.075039] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff8801af9d8e5a [ 29.082292] RBP: ffff8801db506568 R08: ffff8801db506660 R09: 0000000000000000 [ 29.089534] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 29.096777] R13: dffffc0000000000 R14: ffff8801af9d8e00 R15: ffff8801db5064e0 [ 29.104020] FS: 00000000021bc880(0000) GS:ffff8801db500000(0000) knlGS:0000000000000000 [ 29.112217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.118068] CR2: 00000000004a3c9e CR3: 00000001b1826005 CR4: 00000000001606e0 [ 29.125310] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.132550] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.139790] Call Trace: [ 29.142343] [ 29.144475] ? __free_insn_slot+0x5c0/0x5c0 [ 29.148779] ? do_add_counters+0x550/0x550 [ 29.152986] ? do_add_counters+0x550/0x550 [ 29.157196] ? check_noncircular+0x20/0x20 [ 29.161404] ? lock_acquire+0x1d5/0x580 [ 29.165355] ? ip_local_deliver+0x212/0x6e0 [ 29.169653] ? iptable_mangle_hook+0xaf/0x4a0 [ 29.174126] iptable_filter_hook+0x65/0x80 [ 29.178336] nf_hook_slow+0xba/0x1a0 [ 29.182027] ip_local_deliver+0x445/0x6e0 [ 29.186147] ? ip_call_ra_chain+0x6d0/0x6d0 [ 29.190441] ? rcu_read_lock_held+0xa9/0xc0 [ 29.194735] ? tcp_v4_early_demux+0x95/0xb80 [ 29.199120] ? ip_rcv_finish+0x2040/0x2040 [ 29.203333] ip_rcv_finish+0xa36/0x2040 [ 29.207279] ? tcp_v4_send_synack+0x430/0x430 [ 29.211749] ? inet_del_offload+0x40/0x40 [ 29.215874] ? ip_rcv+0xf22/0x1840 [ 29.219388] ? lock_downgrade+0x980/0x980 [ 29.223506] ? tcp_v4_send_synack+0x430/0x430 [ 29.227975] ? nf_nat_ipv4_in+0x1cd/0x270 [ 29.232093] ? iptable_nat_ipv4_fn+0x40/0x40 [ 29.236483] ? nf_hook_slow+0xd3/0x1a0 [ 29.240345] ip_rcv+0xc5a/0x1840 [ 29.243689] ? ip_local_deliver+0x6e0/0x6e0 [ 29.247992] ? packet_rcv_spkt+0x11c/0x660 [ 29.252206] ? inet_del_offload+0x40/0x40 [ 29.256329] ? ip_local_deliver+0x6e0/0x6e0 [ 29.260626] __netif_receive_skb_core+0x1a41/0x3460 [ 29.265621] ? nf_ingress+0x9f0/0x9f0 [ 29.269403] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.274569] ? virtnet_set_rx_mode+0x9f0/0x9f0 [ 29.279123] ? update_load_avg+0xe53/0x2d80 [ 29.283420] ? check_noncircular+0x20/0x20 [ 29.287629] ? check_noncircular+0x20/0x20 [ 29.291841] ? check_noncircular+0x20/0x20 [ 29.296052] ? find_held_lock+0x35/0x1d0 [ 29.300097] ? lock_downgrade+0x980/0x980 [ 29.304224] ? pvclock_read_flags+0x160/0x160 [ 29.308693] ? lock_acquire+0x1d5/0x580 [ 29.312638] ? lock_acquire+0x1d5/0x580 [ 29.316585] ? netif_receive_skb_internal+0xa2/0x670 [ 29.321662] ? ktime_get_with_offset+0x2c1/0x420 [ 29.326393] ? lock_release+0xa40/0xa40 [ 29.330339] ? do_gettimeofday+0x190/0x190 [ 29.334550] __netif_receive_skb+0x2c/0x1b0 [ 29.338841] ? __netif_receive_skb+0x2c/0x1b0 [ 29.343309] netif_receive_skb_internal+0x10b/0x670 [ 29.348296] ? dev_cpu_dead+0xb00/0xb00 [ 29.352247] ? net_rx_action+0x1910/0x1910 [ 29.356456] ? rcu_pm_notify+0xc0/0xc0 [ 29.360320] ? skb_gro_reset_offset+0x17b/0x300 [ 29.364962] napi_gro_receive+0x3d0/0x500 [ 29.369084] ? dev_gro_receive+0x2110/0x2110 [ 29.373469] ? eth_type_trans+0x2b2/0x710 [ 29.377590] ? eth_gro_receive+0x820/0x820 [ 29.381797] ? __lock_acquire+0x664/0x3e00 [ 29.386007] ? __rb_erase_color+0x27b0/0x27b0 [ 29.390481] receive_buf+0xb6e/0x2530 [ 29.394254] ? print_irqtrace_events+0x270/0x270 [ 29.398980] ? print_irqtrace_events+0x270/0x270 [ 29.403710] ? __lock_acquire+0x664/0x3e00 [ 29.407926] ? receive_mergeable+0x2a30/0x2a30 [ 29.412483] ? print_irqtrace_events+0x270/0x270 [ 29.417210] ? cpuacct_charge+0x2e6/0x5c0 [ 29.421331] ? __lock_acquire+0x664/0x3e00 [ 29.425538] ? __lock_acquire+0x664/0x3e00 [ 29.429756] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.434919] ? print_irqtrace_events+0x270/0x270 [ 29.439688] ? rcu_read_lock_sched_held+0x108/0x120 [ 29.444677] ? update_cfs_rq_load_avg.part.68+0x23d/0x2d0 [ 29.450184] ? attach_entity_load_avg+0x7a0/0x7a0 [ 29.454996] ? __update_load_avg_se.isra.27+0x56a/0x7c0 [ 29.460332] ? __update_load_avg_se.isra.27+0x56a/0x7c0 [ 29.465674] ? __lock_acquire+0x664/0x3e00 [ 29.469887] ? fastpath_timer_check+0x7fe/0xad0 [ 29.474527] ? update_cfs_rq_load_avg.part.68+0x2d0/0x2d0 [ 29.480036] ? vring_use_dma_api+0x7f/0xa0 [ 29.484241] ? vring_unmap_one+0x49/0x3d0 [ 29.488363] ? detach_buf+0x463/0x6a0 [ 29.492136] ? print_irqtrace_events+0x270/0x270 [ 29.496872] ? virtqueue_get_buf_ctx+0x3b1/0x8b0 [ 29.501599] ? find_held_lock+0x35/0x1d0 [ 29.505632] ? detach_buf+0x6a0/0x6a0 [ 29.509408] ? rb_first_postorder+0xa0/0xa0 [ 29.513698] ? __lock_acquire+0x664/0x3e00 [ 29.517904] ? lock_downgrade+0x980/0x980 [ 29.522027] virtnet_poll+0x320/0xb70 [ 29.525805] ? receive_buf+0x2530/0x2530 [ 29.529841] ? __bfs+0x6c0/0x750 [ 29.533182] ? trigger_load_balance+0x3c8/0x11e0 [ 29.537916] ? net_rx_action+0x49b/0x1910 [ 29.542040] net_rx_action+0x792/0x1910 [ 29.545994] ? napi_complete_done+0x6c0/0x6c0 [ 29.550466] ? scheduler_tick+0x1d1/0x410 [ 29.554586] ? print_irqtrace_events+0x270/0x270 [ 29.559315] ? print_irqtrace_events+0x270/0x270 [ 29.564054] ? trace_hardirqs_off+0xd/0x10 [ 29.568268] ? _raw_spin_unlock_irqrestore+0xa6/0xba [ 29.573346] ? debug_object_activate+0x307/0x730 [ 29.578088] ? __lock_acquire+0x664/0x3e00 [ 29.582296] ? rcu_pm_notify+0xc0/0xc0 [ 29.586162] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 29.591328] ? __raise_softirq_irqoff+0x21c/0x2c0 [ 29.596141] ? raise_softirq+0x490/0x490 [ 29.600174] ? find_held_lock+0x35/0x1d0 [ 29.604210] ? check_noncircular+0x20/0x20 [ 29.608418] ? trace_hardirqs_off+0xd/0x10 [ 29.612628] ? __napi_schedule+0x25e/0x370 [ 29.616842] ? rcu_pm_notify+0xc0/0xc0 [ 29.620706] ? rcu_read_lock_sched_held+0x108/0x120 [ 29.625693] ? check_noncircular+0x20/0x20 [ 29.629902] ? rcu_pm_notify+0xc0/0xc0 [ 29.633770] __do_softirq+0x2d7/0xb85 [ 29.637544] ? handle_edge_irq+0x2b4/0x7c0 [ 29.641755] ? __irqentry_text_end+0x1f8ad4/0x1f8ad4 [ 29.646831] ? handle_irq_event_percpu+0x141/0x1b0 [ 29.651729] ? do_raw_spin_trylock+0x190/0x190 [ 29.656284] ? __handle_irq_event_percpu+0x9d0/0x9d0 [ 29.661357] ? do_raw_spin_trylock+0x190/0x190 [ 29.665915] ? _raw_spin_lock+0x32/0x40 [ 29.669862] ? _raw_spin_unlock+0x22/0x30 [ 29.673981] ? handle_edge_irq+0x2b4/0x7c0 [ 29.678194] irq_exit+0x1cc/0x200 [ 29.681622] do_IRQ+0xeb/0x190 [ 29.684789] common_interrupt+0x8e/0x8e [ 29.688731] [ 29.690940] RIP: 0010:update_stack_state+0x1dc/0x700 [ 29.696013] RSP: 0018:ffff8801cdb57358 EFLAGS: 00000287 ORIG_RAX: ffffffffffffffd5 [ 29.703692] RAX: 0000000000000001 RBX: ffff8801cdb579f0 RCX: ffff8801cdb58000 [ 29.710931] RDX: ffff8801cdb50000 RSI: ffff8801cdb57a00 RDI: ffff8801cdb575a0 [ 29.718171] RBP: ffff8801cdb57460 R08: ffff8801cdb575c8 R09: ffff8801b6532500 [ 29.725410] R10: 000000000000000b R11: ffffed0039b6aebc R12: 1ffff10039b6ae73 [ 29.732650] R13: ffffed0039b6aeb3 R14: dffffc0000000000 R15: ffff8801cdb57590 [ 29.739913] ? __read_once_size_nocheck.constprop.8+0x10/0x10 [ 29.745771] ? security_inode_alloc+0x90/0xd0 [ 29.750240] ? is_bpf_text_address+0x7b/0x120 [ 29.754716] ? unwind_next_frame.part.6+0x1a6/0xb40 [ 29.759706] unwind_next_frame.part.6+0x1a6/0xb40 [ 29.764521] ? unwind_dump+0x4d0/0x4d0 [ 29.768381] ? check_noncircular+0x20/0x20 [ 29.772762] ? unwind_dump+0x4d0/0x4d0 [ 29.776624] ? rcutorture_record_progress+0x10/0x10 [ 29.781618] ? __unwind_start+0x169/0x330 [ 29.785740] unwind_next_frame+0x3e/0x50 [ 29.789775] __save_stack_trace+0x6e/0xd0 [ 29.793900] ? security_inode_alloc+0x90/0xd0 [ 29.798368] save_stack_trace+0x1a/0x20 [ 29.802317] save_stack+0x43/0xd0 [ 29.805743] ? save_stack+0x43/0xd0 [ 29.809341] ? kasan_kmalloc+0xad/0xe0 [ 29.813199] ? kasan_slab_alloc+0x12/0x20 [ 29.817319] ? kmem_cache_alloc+0x12e/0x760 [ 29.821619] ? selinux_inode_alloc_security+0xf9/0x390 [ 29.826865] ? security_inode_alloc+0x90/0xd0 [ 29.831332] ? inode_init_always+0x653/0xca0 [ 29.835709] ? alloc_inode+0x82/0x180 [ 29.839488] ? new_inode_pseudo+0x69/0x190 [ 29.843697] ? sock_alloc+0x41/0x270 [ 29.847381] ? __sock_create+0x148/0x850 [ 29.851414] ? SyS_socket+0xeb/0x1d0 [ 29.855100] ? do_syscall_64+0x280/0x940 [ 29.859134] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.864469] ? is_bpf_text_address+0xa4/0x120 [ 29.868937] ? kernel_text_address+0x102/0x140 [ 29.873501] ? __kernel_text_address+0xd/0x40 [ 29.877975] ? unwind_get_return_address+0x61/0xa0 [ 29.882879] ? __save_stack_trace+0x7e/0xd0 [ 29.887182] ? trace_event_raw_event_sched_switch+0x810/0x810 [ 29.893035] ? save_stack+0x43/0xd0 [ 29.896641] ? kasan_kmalloc+0xad/0xe0 [ 29.900500] ? kmem_cache_alloc_trace+0x136/0x740 [ 29.905316] ? rcu_note_context_switch+0x710/0x710 [ 29.910217] ? kasan_unpoison_shadow+0x35/0x50 [ 29.914771] kasan_kmalloc+0xad/0xe0 [ 29.918460] kasan_slab_alloc+0x12/0x20 [ 29.922405] kmem_cache_alloc+0x12e/0x760 [ 29.926530] selinux_inode_alloc_security+0xf9/0x390 [ 29.931607] ? selinux_inode_follow_link+0x310/0x310 [ 29.936679] ? __put_user_ns+0x60/0x60 [ 29.940539] ? __raw_spin_lock_init+0x1c/0x100 [ 29.945094] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.950086] security_inode_alloc+0x90/0xd0 [ 29.954384] inode_init_always+0x653/0xca0 [ 29.958592] ? get_nr_inodes+0x110/0x110 [ 29.962627] ? __init_waitqueue_head+0x97/0x140 [ 29.967269] ? init_wait_entry+0x1b0/0x1b0 [ 29.971483] ? sock_alloc_inode+0x248/0x300 [ 29.975778] ? sock_destroy_inode+0x70/0x70 [ 29.980075] ? security_transition_sid+0x75/0x90 [ 29.984805] alloc_inode+0x82/0x180 [ 29.988405] new_inode_pseudo+0x69/0x190 [ 29.992439] ? prune_icache_sb+0x1a0/0x1a0 [ 29.996648] ? kernel_read+0x120/0x120 [ 30.000505] ? bpf_fd_pass+0x280/0x280 [ 30.004370] sock_alloc+0x41/0x270 [ 30.007884] __sock_create+0x148/0x850 [ 30.011754] ? __schedule+0x2070/0x2070 [ 30.015702] ? ___sys_recvmsg+0x640/0x640 [ 30.019822] ? rw_verify_area+0xe5/0x2b0 [ 30.023857] ? exit_to_usermode_loop+0x8c/0x2f0 [ 30.028501] SyS_socket+0xeb/0x1d0 [ 30.032017] ? move_addr_to_kernel+0x60/0x60 [ 30.036401] ? do_syscall_64+0xb6/0x940 [ 30.040350] ? move_addr_to_kernel+0x60/0x60 [ 30.044729] do_syscall_64+0x280/0x940 [ 30.048590] ? __do_page_fault+0xc90/0xc90 [ 30.052798] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 30.057529] ? syscall_return_slowpath+0x550/0x550 [ 30.062430] ? syscall_return_slowpath+0x2ac/0x550 [ 30.067333] ? prepare_exit_to_usermode+0x350/0x350 [ 30.072323] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 30.077662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.082481] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.087642] RIP: 0033:0x442339 [ 30.090804] RSP: 002b:00007ffdc9a5c988 EFLAGS: 00000207 ORIG_RAX: 0000000000000029 [ 30.098485] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 0000000000442339 [ 30.105734] RDX: 0000000000000000 RSI: 0000000000000801 RDI: 000000000000000a [ 30.112984] RBP: 0000000000000003 R08: 000000a800000001 R09: 000000a800000001 [ 30.120228] R10: 00000000021bc880 R11: 0000000000000207 R12: 0000000000000000 [ 30.127477] R13: 00000000006ce428 R14: 0000000000000000 R15: 0000000000000000 [ 30.134733] Code: 46 52 02 75 41 e8 53 7b b9 fc 8b 85 80 fe ff ff 8d 70 01 89 b5 00 ff ff ff 48 8b b5 88 fe ff ff 4c 8d 24 c6 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 0f 85 e8 01 00 00 8b 85 00 ff ff ff 4d 89 34 24 [ 30.153824] RIP: ipt_do_table+0x12ee/0x1950 RSP: ffff8801db506360 [ 30.160051] ---[ end trace 4536231aa52d0f9c ]--- [ 30.164788] Kernel panic - not syncing: Fatal exception in interrupt [ 30.171670] Dumping ftrace buffer: [ 30.175183] (ftrace buffer empty) [ 30.178861] Kernel Offset: disabled [ 30.182459] Rebooting in 86400 seconds..