Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [ 29.294748] kauditd_printk_skb: 9 callbacks suppressed [ 29.294760] audit: type=1800 audit(1540017719.033:33): pid=5284 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 29.323467] audit: type=1800 audit(1540017719.033:34): pid=5284 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 32.949942] audit: type=1400 audit(1540017722.693:35): avc: denied { map } for pid=5460 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.104' (ECDSA) to the list of known hosts. [ 53.693618] audit: type=1400 audit(1540017743.433:36): avc: denied { map } for pid=5475 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/10/20 06:42:24 parsed 1 programs [ 54.256030] audit: type=1400 audit(1540017743.993:37): avc: denied { map } for pid=5475 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14751 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 55.773456] ld (5485) used greatest stack depth: 15528 bytes left 2018/10/20 06:42:25 executed programs: 0 [ 55.921625] IPVS: ftp: loaded support on port[0] = 21 [ 56.172961] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.179954] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.186930] device bridge_slave_0 entered promiscuous mode [ 56.205416] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.211894] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.219005] device bridge_slave_1 entered promiscuous mode [ 56.236703] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 56.255788] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 56.305392] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.327123] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.402903] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 56.410417] team0: Port device team_slave_0 added [ 56.427992] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 56.435355] team0: Port device team_slave_1 added [ 56.452495] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.474416] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.494196] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.513250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.662145] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.668730] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.675546] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.681971] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.214927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.268122] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.321058] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.327193] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.335033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.379252] 8021q: adding VLAN 0 to HW filter on device team0 2018/10/20 06:42:30 executed programs: 157 2018/10/20 06:42:35 executed programs: 389 2018/10/20 06:42:40 executed programs: 630 2018/10/20 06:42:45 executed programs: 857 [ 77.018285] kasan: CONFIG_KASAN_INLINE enabled [ 77.023060] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 77.031569] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 77.037812] CPU: 0 PID: 9352 Comm: syz-executor0 Not tainted 4.19.0-rc8+ #71 [ 77.044977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.054339] RIP: 0010:n_tty_set_termios+0x2d9/0xe80 [ 77.059366] Code: 45 d0 31 ff 83 e0 02 89 c6 89 45 d0 e8 a0 fa a9 fd 8b 45 d0 4c 89 f1 48 ba 00 00 00 00 00 fc ff df 85 c0 0f 95 c0 48 c1 e9 03 <0f> b6 14 11 4c 89 f1 83 e1 07 38 ca 7f 08 84 d2 0f 85 96 09 00 00 [ 77.078260] RSP: 0018:ffff8801c4ee7678 EFLAGS: 00010203 [ 77.083610] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000b [ 77.090865] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 77.098119] RBP: ffff8801c4ee76b0 R08: ffff8801b3b2e680 R09: 0000000000000002 [ 77.105381] R10: ffff8801b3b2ef50 R11: 7fce1cf71b39f5c7 R12: ffff8801b3ac3340 [ 77.112633] R13: ffff8801b3ac36f4 R14: 000000000000005d R15: ffff8801c4ee7710 [ 77.119889] FS: 00007fa62a102700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 77.128106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.133980] CR2: 00007f47be04e000 CR3: 00000001ce958000 CR4: 00000000001406f0 [ 77.141260] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.148515] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.155764] Call Trace: [ 77.158366] ? n_tty_poll+0xa40/0xa40 [ 77.162162] tty_set_termios+0x7a0/0xac0 [ 77.166211] ? tty_wait_until_sent+0x5d0/0x5d0 [ 77.170781] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.176303] set_termios+0x41e/0x7d0 [ 77.180009] ? tty_perform_flush+0x80/0x80 [ 77.184239] tty_mode_ioctl+0x83a/0xb40 [ 77.188199] ? set_termios+0x7d0/0x7d0 [ 77.192088] ? ___might_sleep+0x1ed/0x300 [ 77.196228] ? arch_local_save_flags+0x40/0x40 [ 77.200795] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.206336] n_tty_ioctl_helper+0x54/0x3b0 [ 77.210571] n_tty_ioctl+0x54/0x360 [ 77.214179] ? ldsem_down_read+0x32/0x40 [ 77.218223] ? ldsem_down_read+0x32/0x40 [ 77.222268] tty_ioctl+0x5ad/0x1820 [ 77.225880] ? commit_echoes+0x1c0/0x1c0 [ 77.229922] ? tty_vhangup+0x30/0x30 [ 77.233620] ? rcu_bh_qs+0xc0/0xc0 [ 77.237152] ? ___might_sleep+0x1ed/0x300 [ 77.241288] ? arch_local_save_flags+0x40/0x40 [ 77.245854] ? __might_fault+0x12b/0x1e0 [ 77.249903] ? lock_downgrade+0x900/0x900 [ 77.254036] ? tty_vhangup+0x30/0x30 [ 77.257750] do_vfs_ioctl+0x1de/0x1720 [ 77.261624] ? ioctl_preallocate+0x300/0x300 [ 77.266020] ? selinux_file_mprotect+0x620/0x620 [ 77.270774] ? rhashtable_walk_next+0x7/0x6c0 [ 77.275256] ? __sanitizer_cov_trace_cmp8+0xb/0x20 [ 77.280168] ? put_timespec64+0x10f/0x1b0 [ 77.284301] ? nsecs_to_jiffies+0x30/0x30 [ 77.288432] ? do_syscall_64+0x9a/0x820 [ 77.292398] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.297935] ? security_file_ioctl+0x94/0xc0 [ 77.302331] ksys_ioctl+0xa9/0xd0 [ 77.305781] __x64_sys_ioctl+0x73/0xb0 [ 77.309684] do_syscall_64+0x1b9/0x820 [ 77.313602] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 77.318965] ? syscall_return_slowpath+0x5e0/0x5e0 [ 77.323880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 77.328711] ? trace_hardirqs_on_caller+0x310/0x310 [ 77.333712] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 77.338728] ? prepare_exit_to_usermode+0x291/0x3b0 [ 77.343816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 77.348662] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.353835] RIP: 0033:0x457569 [ 77.357015] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.375911] RSP: 002b:00007fa62a101c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 77.383603] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 77.390856] RDX: 0000000020000040 RSI: 0000000000005407 RDI: 0000000000000005 [ 77.398110] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 77.405376] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa62a1026d4 [ 77.412630] R13: 00000000004c0d89 R14: 00000000004d17a0 R15: 00000000ffffffff [ 77.419901] Modules linked in: [ 77.423180] ---[ end trace d8ce914ebfbf190b ]--- [ 77.427952] RIP: 0010:n_tty_set_termios+0x2d9/0xe80 [ 77.433382] Code: 45 d0 31 ff 83 e0 02 89 c6 89 45 d0 e8 a0 fa a9 fd 8b 45 d0 4c 89 f1 48 ba 00 00 00 00 00 fc ff df 85 c0 0f 95 c0 48 c1 e9 03 <0f> b6 14 11 4c 89 f1 83 e1 07 38 ca 7f 08 84 d2 0f 85 96 09 00 00 [ 77.452336] RSP: 0018:ffff8801c4ee7678 EFLAGS: 00010203 [ 77.457717] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000b [ 77.465009] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 77.472320] RBP: ffff8801c4ee76b0 R08: ffff8801b3b2e680 R09: 0000000000000002 [ 77.479709] R10: ffff8801b3b2ef50 R11: 7fce1cf71b39f5c7 R12: ffff8801b3ac3340 [ 77.486985] R13: ffff8801b3ac36f4 R14: 000000000000005d R15: ffff8801c4ee7710 [ 77.494288] FS: 00007fa62a102700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 77.502541] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.508445] CR2: 00007f47be04e000 CR3: 00000001ce958000 CR4: 00000000001406f0 [ 77.515718] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.523014] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.530303] Kernel panic - not syncing: Fatal exception [ 77.536571] Kernel Offset: disabled [ 77.540195] Rebooting in 86400 seconds..