[....] Starting enhanced syslogd: rsyslogd[ 13.379642] audit: type=1400 audit(1516416876.143:5): avc: denied { syslog } for pid=3508 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.326317] audit: type=1400 audit(1516416881.090:6): avc: denied { map } for pid=3647 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts. 2018/01/20 02:54:47 fuzzer started [ 24.552835] audit: type=1400 audit(1516416887.316:7): avc: denied { map } for pid=3658 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/01/20 02:54:47 dialing manager at 10.128.0.26:38913 [ 28.139290] can: request_module (can-proto-0) failed. [ 28.148352] can: request_module (can-proto-0) failed. 2018/01/20 02:54:51 kcov=true, comps=true [ 28.695567] audit: type=1400 audit(1516416891.459:8): avc: denied { map } for pid=3658 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=8902 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2018/01/20 02:54:53 executing program 0: 2018/01/20 02:54:53 executing program 4: 2018/01/20 02:54:53 executing program 5: 2018/01/20 02:54:53 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f00002a0000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0xc0481273, &(0x7f0000beb000-0x98)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "000000000100000001001bf3ff000000006500ff00010000007db0e6f10efbf9a219d8f6aa6bd58d1c43473100e85026e7ff40f9b55bd1b3335d5bffff0001f3", "cfa40005000000f7ffffff000800000f000000ffb833220182ab867dfff000", [0x0, 0x0], 0x0}) 2018/01/20 02:54:53 executing program 6: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x0, @multicast1=0xe0000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x0, @empty=0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f000026f000-0x4)='tls\x00', 0xfffffffffffffe56) 2018/01/20 02:54:53 executing program 7: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000005000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40007) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000)=0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r0, r1, &(0x7f0000768000-0x8)=0x0, 0xfffffffd) 2018/01/20 02:54:53 executing program 2: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffff9c, 0x0}) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000001000-0x4)=0x4, 0x4) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000002000-0x8)=0x6) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000002000-0x4)=0x6, &(0x7f0000000000)=0x4) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000002000-0x20)={0x100000, 0x4, 0x401, 0xcae6, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) setsockopt$packet_int(r0, 0x107, 0x1f, &(0x7f0000000000)=0x0, 0x4) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000001000)=""/203) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x0}, &(0x7f0000003000-0x4)=0x5) r1 = getpgid(0x0) mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000004000-0x4)=r1) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000004000)={0x80000001, 0x7, 0x2}) mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_DEBUGREGS(r0, 0x4080aea2, &(0x7f0000005000)={[0x10000, 0x100004, 0x1, 0x13001], 0x6, 0x4, 0x8c76, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa], 0x0, 0xbb}, @common='ip6_vti0\x00'}}, 0x1e) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000003000)={0x2, [0x0, 0x0]}, &(0x7f0000001000-0x4)=0xc) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000002000)={r2, 0x2, 0x97}, 0x8) mmap(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) sendto$inet6(r0, &(0x7f0000006000)="98f96a11cf481022e955bce809362892", 0x10, 0x8001, 0x0, 0x0) mmap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000007000)={r2, 0x7}, &(0x7f0000007000)=0x8) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000007000)=0xfffffffffffffff7, 0x4) 2018/01/20 02:54:53 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f00006b8000-0x12)='/dev/snd/pcmC#D#c\x00', 0xffffffffffff0000, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000ef2000)='/dev/rtc\x00', 0x8000, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) getsockname$inet(r0, &(0x7f0000256000+0x274)={0x0, 0xffffffffffffffff, @remote={0x0, 0x0, 0xffffffffffffffff, 0x0}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000000)=0x10) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000002000-0x20)={r0, 0x400, 0x1, r1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000002000)={{0xa, 0x1, 0x3, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0xff, 0xff], @broadcast=0xffffffff}, 0x3e}, {0xa, 0x1, 0x4, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc}, 0x64}, 0x1, [0x7fff, 0x22c3d83a, 0x3, 0xeff2, 0x8001, 0x7, 0x0, 0x7a35]}, 0x5c) mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) chmod(&(0x7f0000003000)='./file0\x00', 0xc1) getsockname(r1, &(0x7f0000003000)=@ethernet={0x0, @empty=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000002000-0x4)=0x10) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000004000)={0x9, 0x0, 0x5000}) mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000005000)={&(0x7f0000006000-0x4)=[0x2], 0x1, 0x6, 0xef, 0x3f, 0x800000000000000, 0x2, {0x80, 0xa6d3, 0x5, 0x2, 0x7fffffff, 0x0, 0xfff, 0x3, 0x1000, 0x401, 0x8, 0x7, 0x3, 0x5af0, "93b9971e81daeb1afc8fabbe52a3640954a712146322cb99f4e0d453c3ef7680"}}) mmap(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000006000)={0x8, 0x7fffffff, 0x2, 'queue0\x00', 0x3f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KDSETMODE(r0, 0x4b3a, 0x7) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000002000-0x4)=0x0) mmap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000007000)={{0x5, 0x3, 0x8db, 0x80000001, "4c5053466e14a070690b118b25664cc31532a46d7d889eb3213f99338ec882cb700983f755a366b1701f0011", 0x9}, 0x0, 0x0, 0x1, r2, 0x8, 0x727b, "9bb09b04f1974010fba3a05ec5f76f213a932c5d8dd9ea97deafd7ff3912cbb1ebe1ed5220f498ff256d57b5fbef5c7183fe7a61fa44564326b1f86b7b52986f", &(0x7f0000007000)='\x00', 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x6, 0xfffffffffffffffb, 0x401, 0x0], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000008000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000009000-0x5c)={0x8c00000000000000, 0x2, {0xffffffffffffffff, 0x1, 0x0, 0x3, 0x2}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000009000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000002000-0xa0)={0x0, @in6={{0xa, 0x1, 0x4f9, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x9}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0xff, 0x8000, 0x5, 0x49, 0x0}, &(0x7f000000a000-0x4)=0xa0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000007000)={r3, @in={{0x2, 0x3, @rand_addr=0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x8c) mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000003000)={{0x0, 0x0, 0x0, 0x4, "f2a476c08906bc20fdbcf884ba1a017839add03db19db5e46b8de400a8d10952fa4a868ee127abda0fcefb9b", 0xffffffffffff8bd5}, 0x0, 0x0, 0x9, r2, 0xff, 0x4, "e0f74b6ca5325598625cadacca3ddc92d595986b875f3774060307360033c96530b37c2703f8c3ea7b570b7b45fdc18d86ba76586c01bed1c4adf4051bf09863", &(0x7f000000b000-0x1)='\x00', 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0x7, 0x2, 0x863, 0x468e], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 30.493013] audit: type=1400 audit(1516416893.256:9): avc: denied { map } for pid=3658 comm="syz-fuzzer" path="/root/syzkaller-shm773701036" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 31.299733] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 31.827699] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 31.994602] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 32.471338] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 32.498351] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 32.707785] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 32.814230] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 32.888282] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 33.920092] audit: type=1400 audit(1516416896.683:10): avc: denied { sys_admin } for pid=3703 comm="syz-executor5" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 2018/01/20 02:54:56 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000002f000-0x78)={0x2, 0x78, 0x48b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000bf7000)=0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) [ 34.002244] audit: type=1400 audit(1516416896.749:11): avc: denied { sys_chroot } for pid=4489 comm="syz-executor5" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 2018/01/20 02:54:56 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000)=0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f000050c000-0x67)={0x0, @in6={{0xa, 0xffffffffffffffff, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0, 0x0}, &(0x7f0000654000-0x4)=0x98) mount(&(0x7f00007d5000-0x8)='./file0\x00', &(0x7f00009bb000)='./file0\x00', &(0x7f0000884000-0x6)='ramfs\x00', 0x2840000, 0x0) r0 = open(&(0x7f0000ca1000)='./file0\x00', 0x400000, 0xb3) sendmsg(r0, &(0x7f0000fef000)={&(0x7f00008c1000)=@in={0x2, 0x1, @remote={0xac, 0x14, 0x0, 0xbb}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10, &(0x7f0000691000)=[{&(0x7f00003f9000)="e23866ece86cf4f8957abacdcf681705b7e2f852e8b2588fe49de3212ba4e0955e02807230b72804ffc432c0c1b281d93b495cefec591f6b28830b9b4d57652f967ead46434f26ea0c9560f4d85a0010f5591d0b92aa5beabc2ec8398550e4c506055a75ef05796acd431565b9d2f989028502bdf959cce38503c71fe45a4b1c79a1a7b76edfa1adf6718b68aa9481b72abadae378b85fc2793bb77077c80465cdcbf6849fed4afd389f0e1ecd8523f1dcdf319fdcf5a0d48275fb32a833946112fbbbcb289dba40106066a9ada4358b554f4f1c4f16e3ab1f340e3a961f0f8389b9", 0xe2}], 0x1, &(0x7f000030b000)=[{0x20, 0x1ff, 0x5, "7cd48f4acbf8381961b8dcd4"}, {0xa8, 0x1, 0xfffffffffffffff9, "6019b14ae93d9be021a926c36e715282c39c2ab683c3ccd65969d3fd4ffbdae9a966057d953d1eb2ea6ea25314af0a6383db9ce443bc97ae02b1267ae7281ef35607ba08cc0545ea5625bcf11638296e62987544d0929a4ba1184a9b3389f0ba63948267fd1d7be44d46d5f679005c1ac0c0a04cae6a39f1982b0833f07c3b7f5bc49556b9935ef11f2a256e8f07d73a50"}, {0xc8, 0x118, 0xfffffffffffffffa, "96e32621d26d0954a65850a578871dd51cdda4d6f6077e0df31864b522b7222dd18309ecd32be5468d57e6f33ab38bfa4a5d380918d8e65427b5ff8a13a2ee7abc54133bfb7da2273bfc52832acd254bfe6352d834d7e94e1a8d97e35d7a9c6000de8511d500b21c23b40f34a8dbb30756a10ec667f44dfb424f4a06960f8b0f696b9547106900b43b2d591004f23523f8cf2ad5e039f54143d943b37a7740bf48349a6e26622d20a756e7c65c03c69f935cca61"}, {0xfffffffffffffe4b, 0x88, 0x7, "b8258ed4f6ce1b21c14a4aced3b5307d6cccbc2a30928b702d944caa6cfce2aea50ff956d0b44ab909ad1ac0b8d7ee458ce5826d6386fbe8c69f13bb40c629bfe6f885267f8461f446e27ea4cc211611f1bc60985be92b7c475c0fce112594bbde41f0cfa6df2ad9b300d7dad79e687c429b7c78edfdab948b9ac5e83b4d577ea35e1f7c0188f3e4fc519eb4e92f3a41831ab77f2122de317f1c90713934f192489bab6fef3f3209d3b4deefee100cdf8f23d0f461f081cda0284fd764c4709a5188583de1f65d16844363dfed6f7e15d0a5aa1fecf54e880e156ace57429911e00a4c50d4df31c4c63f0afe8efe281587f3144f930092a63fc4e6fd7bdfc31d4ce4ec85bfc45cc29e91895dec9c43a1a8dee9fc454851debdec01ce929f8b8ae640ca0c250b7c35d73212e1e88baecd1d47630d06db17cd95a6915d7c5086f0f6b35f6a96827a51f081a8e0c185b07fe4a3e99c5fa8f2c38dbc264e37666cb7293c5794214ba38f10cac40cec8c0ae201b33869d003faea99544d8644108f00a74acf6df5287d065921f07e7c9a3f77a9c8ccae83d8c343b84633039b32e8715237b09aa543f44c3ad4c3e9c2dead79af1eb78813c6353988e1a7f753a332c401bdf453fe4ec4adb3e7b6a7bd57ff24254cd2b575eb0f36fcd86b19de788221034b61ff3227f0cc2b35516720db6c67372c08b0a3ad1308ad145a9796715ba2b2e7f4f3d5a5d593595ce79a0daf889ed1543b8e93862b500f9ad4d9a8f332522db74755928c59badf71272e27a3a47ebf0a399936fbecb52b1876eb259b05260ddc9097a775027afbb64de84543ac89b79647bc34f7065a906430a943418569a57377e06a7ac9b40ed78bfa0468e4d984e6668726adbcd0235c743009ce3baff1fa0a091d1abd0497b415065e32561ce62ab832f4f01144a66ddd3045a559266f2eee4b32e5cd092637ebff24b243da2db3d00b83d1bf3ca849a2d40e579a8cba9fed5e683e9fe93a60bc7e95bc2075607e36e151a9e3504778cff2f514d6a28244c9d33e68d00b889b8c544919b9053bbacb8322115970e9bca78a9c126db502e29bf8efd5b7e7bd8c0448a8a250eac682dc56e4567275bca8334b5f7d4ada2629911c84f19daf937379c249270803f7d7d6344ae01567cf49407f70c1b484880c5b0d7867c0b3f5351704ea4db18c19222c23973a1c413ee1b3c9c80860f96ea31c078090baa5ec1ac21c4686e32d478e6fbd28bb5886a00fa61d9990f2cb194ff28c93a2e39303353e5cbbb89b58f7540710e435e852ab29129156e4234dd046944eb46e4202c54e4d9eb6f6253ec959ca4df325a85ac54c862266916a6d168547f2572660cf066d568e6119399b3ff308bd616228393e87e7008f24bcc7bf2feb2b0aceb03c7138f74b8d358c806b4ef34cac01ac8951bb9f2886318b0c3deb5470c6175d9344aca56a694a8b1cd3ba6bafbe240e3fc9648358ecdb6652a7bad6dba4a804255c7350f1a25ea16f27f9df070893289a88fe8d583acb480b4f59d7095c3bad409d20b0615add29ecb190bcfebb8b706dc84fccad7646f063740d1502c86ccd759e267cc07850a6314daa32b08eace0ca3fc0f36b0f78d810e58fe4014a817538f8c83ecdc03d0eb2d552e828887f580eac792164f8c1dea93587ecae86e6b0e308f81257d5026edae31702c846bbc9d266f5f791e03b5fcab1413a35c8bdd9b73250468a8b4a6bee547c0d6ea014f7842c7b9e605c9dc82b9649fc26d81e67c0ee538d4633e541a3f17762e01c1b1256a94f693cf1e75bfcae5a9a25317a0bd2c03cbbc4daca0bb9bf0ef7d741865405dde681b4c103d646bcc118d3ed5e0e48a085e319140c50c6d0de9c278588f94c9e2b654606790123b4f0cd1e6fd89fb0351553d671f4d183c61addfa1ab5ab96fc45ab4d73c7922bcf4c88abd372732df9cc98754fc631b6e55063f9593be1891ed271db3dc32bcd5bdfc7b6a12b5c743db9833d92187cd0e8bcc32fe25fe945813847af8f75c296be3060609048324e43c37e0cb1a94df8cc62ab83e8a328efc5bbc1da5f35fcdd7eff1f83590061b6ec29113d17c369a65921ff62f021437ac6d86ee01a7d15843d4709a01183a8fbba6bd75a18f8f5c0809d5ae05bc17112ea00e5e42a563311e986c5174e5e1ed8a5f7ed1f321625245579a88e4adad5d01f465f21554438213e06014ffea2565b733374e3cdfb9e1539c57f7a3515984cd08885733dd1d40ff6bc09a6f635c46b849577f37b92f96d72a73d791f1c61f06cd43eda08fc000f6f1a8ba4117749ef42a2b01497fee466e63afb47d0e1b23c927d248450b619d971bc2b08a25d613efd6fc3143adf3252c63be6cf4acac5e473cb11bd08da23cc29bfc6206a8fa08766329aa18cb86273267b2e1bec01b5fb9d1070f452a20dc105e16474f0b618c615417c3a2a06674a87b0b0ad3039caa176e09421b6f0d34f363d2349e466593c4204a62f1e2830ebd72670912069925475dccfcf1bf7a22a476c4ce0c70ca4790afc57bae799301629ec4e0cd2183185cd9d88ce5b91e0d7658fae704c2492082165d0ea6cc0338d9e4b75a164f62782d61194d1809626345e35eb58999cd6869f5eceb9597f74c686589d25c2098c6ebaedd268dad68ea7c70dcd6ff42bee212d279918a514b6bf1e67f2cc2a657d26d6c45672186d44a128ff0de8a5df2a53c175963991a07de9b70de3b0909ca9ff6a63b5ca8d3c02e742935956a8ea7bfbfac6a282b2da5ee9e707b9e0d616259ccc117f0d691fe431c0af27028e602eafc73585c0bb8459f31269dbbdafd1403799861db9fd55d3c3294e6752d88cad085afa1d263933c1bb0cfa6c06a9ceabda758ab335a5e1bfef1b378700d953b7d517f3e8817969ef6e8df2ef3584f0fb6935ccd6b7f0e376ae16486fa70c34ce1eaedfdba091c53839f965f29f91909f58e08f46ea68814571d4a7ec86250df1e1eead6bacca7557a6d2b91647190aaec0868442f80f8c905d4c4c6feb84e0e13166a80d047e00fae4216f9c174ac9fb0d678c49ee5ddd35f4c61fb7f16f80c0f05a4ba7246db6827e66a77943fe3d2bfbdb47e9d40a66af74a6c0b4dae655072d94e156305d86a9758f7f0d797309dbe7d038a0aa7fb2eace0472abcb581f05683f7c26170b4e86ca6cbbf7f8e4409cc12decbad577d45dcaaf3e727e1a10103da65d9b589830a899fe101db11c9e7120d36bb726015d00ea7bd31ad7954955110d0f2c40ee0755e66a4a5374018f4e55e688e73b23862bf450f167e0eb9cb710abb10700bd572dfd5fc6f5a0e1d7d545fe4300919164156e761daed705eacce25d87be6413986c1c9744390cf0b86166bdbd7d87a36ca09e131f9add53bd84b9bcde3e299140a2b9499b584204b565aecfef7669965fd86074d0e0e83cdcd11d733877b5af916ad4403bc11ce796039702ee1c27bb94ebe1b3510013e0d4c4ca59a90042537e2c36cc43e676e473c4c11b664a3006ec2e71825cef01a4612b080f695145be35720835f73fd630d646dc2c95ef3e8450efaec979a49cd70e935d37c3254c76f4be14d893ef031bc40f7aa05c2728949b18ea2c5767c59c979a6ce776ee69015f47e7f235b4f0edbbe622228d1c965fd2391595914de1d4303f168b6c48a2bf7c793d5e2baf16b22bd45097c86b0556901b574bc618ce2c8fdf2f3f1c6a3ac552202168e32358a6b0c5426c10bd6345d28788541f441360a78d7959a63ef6f092da2e9103541ecd4e27ba8692952f0d08efb902b9436576d2d3148eaa90072ece98d1c6676f7178db34b2acb923df37f5023f7b2cc1e729d878f1446e9be79d123abe9ac999191d8f944a4f9ca110cee3dc79823c2f6a57c5a52a69296bc83101d14fe01f7339cba06f93955858af23f42a3828ede8ae56f1c7a027d4b95cf506ce555643bda2da020a6ea520982fb2256965d58c6dd55822f2a45bf68c84ae3e10a76a3ad0dacf777f6aa487206e1ceb2d4c5a9d000c0ff324259f49a428e4e59da5d18c8a312270f26d024642bf761d47287bd0aac926c2687bad32200336fe2919676978356d9eb0b39bf7436c98c63d9bf483bab8a1fcc2d3519950ab6b9bb8f2d3a79346a2aefd740141e1627d1b872a1ff8e33fbb855fd26b8e9352863a054e80f85a243c4b17d2588e3c216c443d0fef743f745c45be92396b1e3677a3119a83b439b19f8b3f35afc2f63e543eb04ddd34a7ecd7a14850298ec63350719d2614db7f331fbd74741adf9301270962451fc107b0159dbde3cb0c0d07408ec86a74e909d0445a88c98f44fc74f0e1e882a756579d769fcd6418a562ebaddf5b36a8bc0351491de40e0ba6279371dcaf9303593b753bfb808ed4f6cddfa48ff46343997331e255cf51bb8e872979d493671f75296140b6ce29302792b8b4353120bc6ad3c58e363c09d7d45ab59f4ee95671ce2f14cd070a97298a6045cbdfad2fd1a873a774881ee4616e2fb07da4b04e8420896777e2c488e04ae4a1dff759e556ce0f956b8fd5f69bd694e9e3a291511499c687b31b7b57efc3c901748c65a6f212cde52521872ba3f7cf6409ff2c65b9c8c799592d0499dcedb9e6d12f6c42503152753bff5bcfe2bebdd33b402a9fe05740f606f3d1021eaae7c2d0c0db28ad8f32808c4a4f6a9ceeec44fd43cd449636d032a9bc4bcd382b2b99862b9f824b4070742c0bea1c00bab631cf8a58de72d8275b17ee474e37766e5995422c90b377920715ab8e15e62ca5f1d4cec81c502c48ca23aaf6f62575eb7c304829eaabdc1704644a24734ac85645de1d9a07ad29402ce880db98ff635909f4aff6549042a9ff8b4c72af1f4af87d30f92c08cdd1b5839b98aebe2e069714951b4a81db0e51abd7694fc7ce220a5bbe261fd4b601983657d40a8229bcdacae80dbbf9bb8cce342563ce164e322f62c7b1285a29adca6ee1e7f5d8c4f4a23affc2f1000d4c0f6a4857a106dabd4f3702595a8c3b34710dfa9ad2c75e7611440d418eab983a7c7c421ec52a915acc53060ecfca9dec048fc54adc89d6bb2464e80edd50f9cfe870bde8f2fa902e6a7fd837797db7f22d4716755b13abc7ed06a26db06db9f20c46188b63622eca789662f7884c51ba27a8a4d38e5922f434e67f9c393c0659fd8d24ac73863a21e9db5e18cad14002798ea331ae3c19acb40425395343c4b07b8949cc8ee63e27f6cbe6a343f9aeccb7e5fa0bda46a5ec299d0c255c70a2410298d96ae9694db52f10e8298269f704709261a69380ee61dbbe90f046dc3f89c6266c93dde15783727a19d2642cc8eaa09c3b30faf8a0af78fa4275e1f9039d553ff700cc5646f4a420dfb010752096b4864d0ddf8251bf5f2f2e5c3fb05a4ac9dd9dcf916d9ef260f4e69f93a2455fc12f97bd75b4ed5b5c40e06cb4c2dc6ad229b14c757f80a6202e6315749719c169419dc282cfe84a153bae447acaaf0968694772443ed2689a2946cd0c90c5f9e8133aea8e810c158c49573e2035db843bb3f2f33e2b470e3931294ce1d072d78ca64a7079abb165bb7007fd9a1612b176a5998e4eaff6cfde838e7e18c61beb0c9278911ac65dad808c0d1334f67041d3cd908821c1724bddfd6cd541ad9dea0b2542d0600fde38325f5812132d460f09d4dc861add4945a7b9dc2af8f4057fb6afa7482bdd45b18d66290f26f56e71ea2ce8addf1a42992ca9f46e7eafcbb921f0d7a5befa5cdd08393b2a32ec8472418cf09dd4aea55b1a1d554e30f5"}], 0x11a0, 0x90}, 0x1) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000871000)=0x0, &(0x7f0000efd000)=0x4) munmap(&(0x7f0000579000/0x1000)=nil, 0x1000) r1 = syz_open_procfs(0x0, &(0x7f000076c000)='pagemap\x00') sendfile(r1, r1, &(0x7f0000014000)=0x0, 0xffff) [ 34.155549] audit: type=1400 audit(1516416896.919:12): avc: denied { dac_override } for pid=4526 comm="syz-executor5" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 2018/01/20 02:54:57 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x25}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, [@jmp={0x5, 0x0, 0x20001, 0x0, 0x0, 0x0, 0xfffffffffffffff8}], {0x95, 0x0, 0x0, 0x0}}, &(0x7f0000004000-0xa)='syzkaller\x00', 0x3, 0xc3, &(0x7f0000386000)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x48) socket$nl_route(0x10, 0x3, 0x0) 2018/01/20 02:54:57 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) seccomp(0x1, 0x0, &(0x7f0000bd5000)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x407ffc0003}]}) ustat(0x10, &(0x7f0000934000)={0x0, 0x0, 0x0, 0x0, 0x0}) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00001d1000-0x11)='/dev/qat_adf_ctl\x00', 0x2101, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00009a2000-0x108)={0x0, @in={{0x2, 0x2, @broadcast=0xffffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, [0x7fffffff, 0xfff, 0xda9, 0x8, 0x101, 0x5e, 0x1, 0x1f, 0x7, 0x1, 0x2, 0x80000000, 0x9, 0x4, 0x15]}, &(0x7f000083d000)=0x108) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000bc8000)={r1, 0x6, 0x10}, &(0x7f0000fde000-0x4)=0xc) arch_prctl(0x1007, &(0x7f0000574000-0xce)="7d14e76c722140079dda9f5a474a8f3d6a0ada1be594a8807b510940f88d1af5a1f976e4d680f03febd1b82832251edbf34891d643e383955f86b198e977a01ee143b6a6315d9aa51148079a7730d1b6579b30c814907723e3542fc09ead068bc3338afd49ccf32f6dbca48109ff7b362f69053c7c730a6d08d4c12556e437c3f484076c3639ce51de20f0ce51fb5ac10f0bb08ceef063bd9429f1f404a332831dc2108019aa0d9c2a6f7f791aedb48e89aa3e9cf3d61a65ce6139d0b0cf168e5e74735f17ff99d403ca7cc4e7d0") [ 34.285452] audit: type=1400 audit(1516416897.048:13): avc: denied { prog_load } for pid=4559 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 2018/01/20 02:54:57 executing program 5: mmap(&(0x7f0000000000/0xf4a000)=nil, 0xf4a000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000f48000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx2\x00'}, 0x58) mmap(&(0x7f0000f4a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000f4b000-0x1e)='/selinux/commit_pending_bools\x00', 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000cd8000-0x160)={{{{0x2, 0x1, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, {{0xa, 0x2, 0x7ff, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xc}, 0x3}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x3ff, 0x5, 0x7fe00000000, "021de5415a3cd223fc987df6a8a10d9f080b6d1883ce839eb5be7673d9594937517fea02ed4fa959249f16932766753609bdfda4c96b1f80e8af5c8450b152525dda34e04da8d297720474bb6b9b1f38"}, 0x160) mmap(&(0x7f0000f4b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000f4b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000f4c000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000f4d000-0x50)={@generic="ae38319b48cc00fff11e7c4beae20b5e", @ifru_mtu=0xff}) accept4$ax25(r1, &(0x7f0000f4c000-0x10)={0x0, {""/7}, 0x0}, &(0x7f0000f4b000)=0x10, 0x80000) r2 = accept$alg(r0, 0x0, 0x0) readv(r2, &(0x7f000074b000-0xa0)=[{&(0x7f0000964000-0xd)=""/24, 0x18}], 0x1) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f000027b000-0x4)=0x0) mmap(&(0x7f0000f4b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000f4b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffff9c, 0xc1105517, &(0x7f0000f4c000-0x110)={{0x100000001, 0x6, 0x2, 0x9, "d7494a73d3ae513a02e9570eb979f3c74a99f352cc6c6c25cc38d8c71e78c12b61ed1a1eeda2aae9f33104c4", 0x80000000}, 0x0, 0x0, 0x1, r3, 0x200, 0x9, "ddafb1d9d6325c84df8d635a694b1fe6c51612fe0d93054e9c3b0d0142044720580616832cc54a235601b65873636be6ca1a9ad6a8ce6ded80eb6451842d2542", &(0x7f0000f4b000)='/eth1mime_type.eth0ppp0securitybdev%.vboxnet1\x00', 0x2e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], [0xcc, 0x4031, 0x10000, 0x2000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 34.378069] audit: type=1326 audit(1516416897.109:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4570 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 2018/01/20 02:54:57 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000b20000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000883000)={0x0, 0x0, 0x0}, &(0x7f0000f7e000-0x4)=0xc) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000fc3000-0x4)=r1) r2 = socket$netlink(0x10, 0x3, 0x4) r3 = syz_open_dev$dmmidi(&(0x7f0000414000)='/dev/dmmidi#\x00', 0x8, 0x0) ioctl$EVIOCGLED(r3, 0x80404519, &(0x7f00004e7000-0x6c)=""/108) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000727000-0x10)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00004c1000)=0x10) writev(r2, &(0x7f00000a8000)=[{&(0x7f0000286000)="580000001400190c00ae4b80040d8c5628060000000004106a9643c218fe59a2e04a03ca8164243e890000000a215a0004fbf50dfff90003a500a504001ce1ed5e0000000000221f100001000700f8ff090000ec6b0f536e", 0x58}], 0x1) bind$ipx(r3, &(0x7f0000c26000+0x9a7)={0x4, 0x44, 0x9, "58edef730176", 0x6, 0x0}, 0x10) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f00000af000)={r4, 0x4}, 0x8) openat$autofs(0xffffffffffffff9c, &(0x7f0000128000-0xc)='/dev/autofs\x00', 0xc00, 0x0) [ 34.484102] audit: type=1326 audit(1516416897.114:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4570 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=136 compat=0 ip=0x452ee9 code=0x7ffc0000 2018/01/20 02:54:57 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000662000-0x7)=':eth0*\x00', 0x5) seccomp(0x1, 0x0, &(0x7f0000874000)={0x1, &(0x7f0000000000)=[{0x4, 0x0, 0x0, 0x407ffc0003}]}) lseek(r0, 0x1, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00008bc000-0xc)={0x0, 0x0, 0x0}, &(0x7f0000db6000-0x4)=0xc) 2018/01/20 02:54:57 executing program 7: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000b92000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f000078f000-0x38)={0x2, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, {0xa, 0xb3ea, 0x0, 0x0, 0xfffffffffffffffe, 0x0}]}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f000096a000)={0x1, 0x0, [{0x2000000038d, 0x0, 0x9}]}) [ 34.610523] audit: type=1326 audit(1516416897.116:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4570 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 [ 34.691643] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu [ 34.695108] kvm_pmu: event creation failed -2 [ 34.746527] audit: type=1326 audit(1516416897.119:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4570 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=257 compat=0 ip=0x452ee9 code=0x7ffc0000 [ 34.822535] audit: type=1326 audit(1516416897.120:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=4570 comm="syz-executor5" exe="/root/syz-executor5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 [ 35.076940] ================================================================== [ 35.084371] BUG: KASAN: double-free or invalid-free in relay_open+0x6a1/0xa40 [ 35.091631] [ 35.093252] CPU: 0 PID: 4742 Comm: syz-executor1 Not tainted 4.15.0-rc8+ #269 [ 35.100514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.109852] Call Trace: [ 35.112426] dump_stack+0x194/0x257 [ 35.116039] ? arch_local_irq_restore+0x53/0x53 [ 35.120683] ? show_regs_print_info+0x18/0x18 [ 35.125150] ? __lock_is_held+0xb6/0x140 [ 35.129195] ? relay_open+0x6a1/0xa40 [ 35.132974] print_address_description+0x73/0x250 [ 35.137787] ? relay_open+0x6a1/0xa40 [ 35.141558] ? relay_open+0x6a1/0xa40 [ 35.145333] kasan_report_double_free+0x55/0x80 [ 35.149982] kasan_slab_free+0xa3/0xc0 [ 35.153844] kfree+0xd6/0x260 [ 35.156926] relay_open+0x6a1/0xa40 [ 35.160530] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 35.165355] ? __debugfs_create_file+0x2cf/0x3d0 [ 35.170090] ? debugfs_create_file+0x57/0x70 [ 35.174481] do_blk_trace_setup+0x4a4/0xcd0 [ 35.178783] ? blk_tracer_print_line+0x40/0x40 [ 35.183346] ? __might_sleep+0x95/0x190 [ 35.187300] ? kasan_check_write+0x14/0x20 [ 35.191508] ? _copy_from_user+0x99/0x110 [ 35.195635] __blk_trace_setup+0xbe/0x150 [ 35.199760] ? do_blk_trace_setup+0xcd0/0xcd0 [ 35.204234] ? disk_name+0x98/0x100 [ 35.207844] blk_trace_ioctl+0x206/0x2e0 [ 35.211879] ? blk_add_trace_rq_remap+0x680/0x680 [ 35.216704] ? avc_has_extended_perms+0x7fa/0x12c0 [ 35.221613] blkdev_ioctl+0x1845/0x1e00 [ 35.225564] ? blkpg_ioctl+0xb40/0xb40 [ 35.229424] ? avc_ss_reset+0x110/0x110 [ 35.233372] ? lock_downgrade+0x980/0x980 [ 35.237498] ? lock_release+0xa40/0xa40 [ 35.241448] ? __lock_is_held+0xb6/0x140 [ 35.245512] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 35.251370] ? get_unused_fd_flags+0x190/0x190 [ 35.255925] ? rcu_note_context_switch+0x710/0x710 [ 35.260835] block_ioctl+0xde/0x120 [ 35.264437] ? blkdev_fallocate+0x3b0/0x3b0 [ 35.268732] do_vfs_ioctl+0x1b1/0x1520 [ 35.272590] ? _cond_resched+0x14/0x30 [ 35.276456] ? ioctl_preallocate+0x2b0/0x2b0 [ 35.280845] ? selinux_capable+0x40/0x40 [ 35.284887] ? SyS_futex+0x269/0x390 [ 35.288589] ? security_file_ioctl+0x89/0xb0 [ 35.292989] SyS_ioctl+0x8f/0xc0 [ 35.296340] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 35.301070] RIP: 0033:0x452ee9 [ 35.304230] RSP: 002b:00007fb68f1bac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 [ 35.311912] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452ee9 [ 35.319160] RDX: 0000000020beaf68 RSI: 00000000c0481273 RDI: 0000000000000013 [ 35.326405] RBP: 000000000000061b R08: 0000000000000000 R09: 0000000000000000 [ 35.333647] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f8328 [ 35.340889] R13: 00000000ffffffff R14: 00007fb68f1bb6d4 R15: 0000000000000000 [ 35.348150] [ 35.349751] Allocated by task 4742: [ 35.353358] save_stack+0x43/0xd0 [ 35.356783] kasan_kmalloc+0xad/0xe0 [ 35.360467] kmem_cache_alloc_trace+0x136/0x750 [ 35.365110] relay_open+0xf2/0xa40 [ 35.368621] do_blk_trace_setup+0x4a4/0xcd0 [ 35.372912] __blk_trace_setup+0xbe/0x150 [ 35.377033] blk_trace_ioctl+0x206/0x2e0 [ 35.381065] blkdev_ioctl+0x1845/0x1e00 [ 35.385013] block_ioctl+0xde/0x120 [ 35.388613] do_vfs_ioctl+0x1b1/0x1520 [ 35.392471] SyS_ioctl+0x8f/0xc0 [ 35.395808] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 35.400532] [ 35.402133] Freed by task 4742: [ 35.405385] save_stack+0x43/0xd0 [ 35.408812] kasan_slab_free+0x71/0xc0 [ 35.412669] kfree+0xd6/0x260 [ 35.415746] relay_open+0x84a/0xa40 [ 35.419343] do_blk_trace_setup+0x4a4/0xcd0 [ 35.423638] __blk_trace_setup+0xbe/0x150 [ 35.427757] blk_trace_ioctl+0x206/0x2e0 [ 35.431792] blkdev_ioctl+0x1845/0x1e00 [ 35.435737] block_ioctl+0xde/0x120 [ 35.439338] do_vfs_ioctl+0x1b1/0x1520 [ 35.443217] SyS_ioctl+0x8f/0xc0 [ 35.446553] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 35.451275] [ 35.452879] The buggy address belongs to the object at ffff8801cbd0f340 [ 35.452879] which belongs to the cache kmalloc-512 of size 512 [ 35.465506] The buggy address is located 0 bytes inside of [ 35.465506] 512-byte region [ffff8801cbd0f340, ffff8801cbd0f540) [ 35.477178] The buggy address belongs to the page: [ 35.482082] page:ffffea00072f43c0 count:1 mapcount:0 mapping:ffff8801cbd0f0c0 index:0x0 [ 35.490196] flags: 0x2fffc0000000100(slab) [ 35.494406] raw: 02fffc0000000100 ffff8801cbd0f0c0 0000000000000000 0000000100000006 [ 35.502258] raw: ffffea00070f92e0 ffffea000739a660 ffff8801dac00940 0000000000000000 [ 35.510116] page dumped because: kasan: bad access detected [ 35.515793] [ 35.517391] Memory state around the buggy address: [ 35.522289] ffff8801cbd0f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.529622] ffff8801cbd0f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.536951] >ffff8801cbd0f300: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 35.544281] ^ [ 35.549700] ffff8801cbd0f380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.557029] ffff8801cbd0f400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.564887] ================================================================== [ 35.572216] Disabling lock debugging due to kernel taint [ 35.577638] Kernel panic - not syncing: panic_on_warn set ... [ 35.577638] [ 35.584970] CPU: 0 PID: 4742 Comm: syz-executor1 Tainted: G B 4.15.0-rc8+ #269 [ 35.593511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.602834] Call Trace: [ 35.605397] dump_stack+0x194/0x257 [ 35.609002] ? arch_local_irq_restore+0x53/0x53 [ 35.613644] ? kasan_end_report+0x32/0x50 [ 35.617765] ? lock_downgrade+0x980/0x980 [ 35.621887] ? vsnprintf+0x1ed/0x1900 [ 35.625664] panic+0x1e4/0x41c [ 35.628829] ? refcount_error_report+0x214/0x214 [ 35.633561] ? add_taint+0x40/0x50 [ 35.637073] ? add_taint+0x1c/0x50 [ 35.640586] ? relay_open+0x6a1/0xa40 [ 35.644356] ? relay_open+0x6a1/0xa40 [ 35.648129] kasan_end_report+0x50/0x50 [ 35.652073] kasan_report_double_free+0x72/0x80 [ 35.656714] kasan_slab_free+0xa3/0xc0 [ 35.660575] kfree+0xd6/0x260 [ 35.663654] relay_open+0x6a1/0xa40 [ 35.667256] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 35.672072] ? __debugfs_create_file+0x2cf/0x3d0 [ 35.676801] ? debugfs_create_file+0x57/0x70 [ 35.681183] do_blk_trace_setup+0x4a4/0xcd0 [ 35.685480] ? blk_tracer_print_line+0x40/0x40 [ 35.690033] ? __might_sleep+0x95/0x190 [ 35.693984] ? kasan_check_write+0x14/0x20 [ 35.698191] ? _copy_from_user+0x99/0x110 [ 35.702315] __blk_trace_setup+0xbe/0x150 [ 35.706435] ? do_blk_trace_setup+0xcd0/0xcd0 [ 35.710906] ? disk_name+0x98/0x100 [ 35.714508] blk_trace_ioctl+0x206/0x2e0 [ 35.718544] ? blk_add_trace_rq_remap+0x680/0x680 [ 35.723362] ? avc_has_extended_perms+0x7fa/0x12c0 [ 35.728263] blkdev_ioctl+0x1845/0x1e00 [ 35.732212] ? blkpg_ioctl+0xb40/0xb40 [ 35.736069] ? avc_ss_reset+0x110/0x110 [ 35.740015] ? lock_downgrade+0x980/0x980 [ 35.744138] ? lock_release+0xa40/0xa40 [ 35.748093] ? __lock_is_held+0xb6/0x140 [ 35.752140] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 35.757997] ? get_unused_fd_flags+0x190/0x190 [ 35.762556] ? rcu_note_context_switch+0x710/0x710 [ 35.767461] block_ioctl+0xde/0x120 [ 35.771059] ? blkdev_fallocate+0x3b0/0x3b0 [ 35.775354] do_vfs_ioctl+0x1b1/0x1520 [ 35.779211] ? _cond_resched+0x14/0x30 [ 35.783074] ? ioctl_preallocate+0x2b0/0x2b0 [ 35.787455] ? selinux_capable+0x40/0x40 [ 35.791490] ? SyS_futex+0x269/0x390 [ 35.795184] ? security_file_ioctl+0x89/0xb0 [ 35.799565] SyS_ioctl+0x8f/0xc0 [ 35.802908] entry_SYSCALL_64_fastpath+0x29/0xa0 [ 35.807633] RIP: 0033:0x452ee9 [ 35.810793] RSP: 002b:00007fb68f1bac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 [ 35.818470] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452ee9 [ 35.825710] RDX: 0000000020beaf68 RSI: 00000000c0481273 RDI: 0000000000000013 [ 35.832952] RBP: 000000000000061b R08: 0000000000000000 R09: 0000000000000000 [ 35.840191] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f8328 [ 35.847432] R13: 00000000ffffffff R14: 00007fb68f1bb6d4 R15: 0000000000000000 [ 35.855139] Dumping ftrace buffer: [ 35.858653] (ftrace buffer empty) [ 35.862332] Kernel Offset: disabled [ 35.865927] Rebooting in 86400 seconds..