[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 18.059172] audit: type=1400 audit(1519462091.326:6): avc: denied { map } for pid=4168 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.22' (ECDSA) to the list of known hosts. syzkaller login: [ 24.344011] audit: type=1400 audit(1519462097.611:7): avc: denied { map } for pid=4182 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/02/24 08:48:17 parsed 1 programs 2018/02/24 08:48:17 executed programs: 0 [ 24.608080] audit: type=1400 audit(1519462097.875:8): avc: denied { map } for pid=4182 comm="syz-execprog" path="/root/syzkaller-shm598900326" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 24.650731] audit: type=1400 audit(1519462097.918:9): avc: denied { sys_admin } for pid=4190 comm="syz-executor5" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 24.667916] IPVS: ftp: loaded support on port[0] = 21 [ 24.717432] IPVS: ftp: loaded support on port[0] = 21 [ 24.722777] audit: type=1400 audit(1519462097.982:10): avc: denied { net_admin } for pid=4194 comm="syz-executor5" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 24.777710] IPVS: ftp: loaded support on port[0] = 21 [ 24.832749] IPVS: ftp: loaded support on port[0] = 21 [ 24.888162] IPVS: ftp: loaded support on port[0] = 21 [ 24.969339] IPVS: ftp: loaded support on port[0] = 21 [ 25.095298] IPVS: ftp: loaded support on port[0] = 21 [ 25.219231] IPVS: ftp: loaded support on port[0] = 21 [ 25.945468] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.060579] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.372330] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.401680] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.470987] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.632689] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.776649] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 26.872206] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 28.385761] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 28.391997] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.412927] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 28.419277] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.607684] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 28.681923] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 28.854502] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 28.860897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 28.870787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 28.898547] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 28.898843] audit: type=1400 audit(1519462102.163:11): avc: denied { sys_chroot } for pid=4194 comm="syz-executor5" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 28.904695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.955846] ------------[ cut here ]------------ [ 28.960795] kernel BUG at ./include/linux/skbuff.h:2073! [ 28.961577] audit: type=1400 audit(1519462102.223:12): avc: denied { net_raw } for pid=5333 comm="syz-executor5" capability=13 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 28.966323] invalid opcode: 0000 [#1] SMP KASAN [ 28.995031] Dumping ftrace buffer: [ 28.998563] (ftrace buffer empty) [ 29.002260] Modules linked in: [ 29.003936] IPv6: veth0: IPv6 duplicate address fe80::a8aa:aaff:feaa:50f used by aa:aa:aa:aa:05:0f detected! [ 29.005441] CPU: 1 PID: 5335 Comm: syz-executor5 Not tainted 4.16.0-rc2+ #236 [ 29.005445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.005461] RIP: 0010:__ip6_make_skb+0x1ac8/0x2190 [ 29.005467] RSP: 0018:ffff8801afa670a0 EFLAGS: 00010293 [ 29.042287] RAX: ffff8801c7320380 RBX: 0000000000000738 RCX: ffffffff84f01828 [ 29.049549] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801d015ec18 [ 29.056808] RBP: ffff8801afa67310 R08: ffff8801cbe23e84 R09: 0000000000000000 [ 29.064072] R10: ffff8801afa67330 R11: ffffed003986d131 R12: 00000000000000d6 [ 29.071332] R13: ffff8801d015e740 R14: dffffc0000000000 R15: ffff8801cbe23e00 [ 29.072635] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 29.078587] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f7fddb40 [ 29.078591] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 29.078595] CR2: 000000002000b000 CR3: 00000001cbfe7003 CR4: 00000000001606e0 [ 29.078603] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.078606] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.078610] Call Trace: [ 29.078639] ? ip6_output+0x840/0x840 [ 29.084687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.092877] ? check_noncircular+0x20/0x20 [ 29.092884] ? print_irqtrace_events+0x270/0x270 [ 29.092892] ? print_irqtrace_events+0x270/0x270 [ 29.092904] ? __sched_text_start+0x8/0x8 [ 29.092912] ? print_irqtrace_events+0x270/0x270 [ 29.092922] ? print_irqtrace_events+0x270/0x270 [ 29.092928] ? find_held_lock+0x35/0x1d0 [ 29.092941] ? lock_acquire+0x1d5/0x580 [ 29.092950] ? lock_sock_nested+0xa3/0x110 [ 29.092954] ? lock_acquire+0x1d5/0x580 [ 29.092964] ? udpv6_sendmsg+0x9c5/0x3400 [ 29.092976] udp_v6_push_pending_frames+0x269/0x3b0 [ 29.092982] ? udp_v6_push_pending_frames+0x269/0x3b0 [ 29.092988] ? udp_v6_send_skb+0xf70/0xf70 [ 29.092993] ? ip6_append_data+0x189/0x290 [ 29.093014] udpv6_sendmsg+0x2a96/0x3400 [ 29.093022] ? udpv6_sendmsg+0x3400/0x3400 [ 29.093044] ? udpv6_setsockopt+0x80/0x80 [ 29.093062] ? avc_has_perm+0x43e/0x680 [ 29.093072] ? avc_has_perm_noaudit+0x520/0x520 [ 29.128206] IPv6: veth0: IPv6 duplicate address fe80::5:f used by aa:aa:aa:aa:05:0f detected! [ 29.132907] ? futex_wake+0x680/0x680 [ 29.132924] ? find_held_lock+0x35/0x1d0 [ 29.151189] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 29.151509] ? __might_fault+0x110/0x1d0 [ 29.190726] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 29.191416] ? lock_downgrade+0x980/0x980 [ 29.191430] ? sock_has_perm+0x2a4/0x420 [ 29.261448] ? selinux_secmark_relabel_packet+0xc0/0xc0 [ 29.266795] inet_sendmsg+0x11f/0x5e0 [ 29.270568] ? inet_sendmsg+0x11f/0x5e0 [ 29.274516] ? kasan_check_write+0x14/0x20 [ 29.278726] ? _copy_from_user+0x99/0x110 [ 29.282856] ? inet_create+0xf50/0xf50 [ 29.286720] ? selinux_socket_sendmsg+0x36/0x40 [ 29.291363] ? security_socket_sendmsg+0x89/0xb0 [ 29.296093] ? inet_create+0xf50/0xf50 [ 29.299956] sock_sendmsg+0xca/0x110 [ 29.303643] ___sys_sendmsg+0x320/0x8b0 [ 29.307592] ? copy_msghdr_from_user+0x590/0x590 [ 29.312331] ? __fget_light+0x2b2/0x3c0 [ 29.316280] ? __fd_install+0x25f/0x740 [ 29.320228] ? lock_downgrade+0x980/0x980 [ 29.324364] ? __fdget+0x18/0x20 [ 29.327708] __sys_sendmmsg+0x31b/0x620 [ 29.331656] ? __sys_sendmmsg+0x31b/0x620 [ 29.335780] ? SyS_sendmsg+0x50/0x50 [ 29.339470] ? fput+0xd2/0x140 [ 29.342648] ? compat_SyS_futex+0x288/0x380 [ 29.346948] ? fd_install+0x4d/0x60 [ 29.350554] ? compat_SyS_get_robust_list+0x300/0x300 [ 29.355720] ? move_addr_to_kernel+0x60/0x60 [ 29.360106] compat_SyS_sendmmsg+0x32/0x40 [ 29.364315] ? compat_SyS_sendmsg+0x40/0x40 [ 29.368611] do_fast_syscall_32+0x3ec/0xf9f [ 29.372905] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.377376] ? do_int80_syscall_32+0x9c0/0x9c0 [ 29.381930] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.386401] ? finish_task_switch+0x1c1/0x7e0 [ 29.390869] ? syscall_return_slowpath+0x2ac/0x550 [ 29.395770] ? prepare_exit_to_usermode+0x350/0x350 [ 29.400767] ? sysret32_from_system_call+0x5/0x3c [ 29.405596] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.410423] entry_SYSENTER_compat+0x70/0x7f [ 29.414805] RIP: 0023:0xf7fe1c99 [ 29.418141] RSP: 002b:00000000f7fdd09c EFLAGS: 00000286 ORIG_RAX: 0000000000000159 [ 29.425819] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001f00 [ 29.433060] RDX: 0000000000000003 RSI: 0000000020000080 RDI: 0000000000000000 [ 29.440301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 29.447543] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 29.454787] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 29.462046] Code: ff e8 1d 5e b9 fc e9 15 e9 ff ff e8 13 5e b9 fc e9 44 e8 ff ff e8 29 5e b9 fc e9 c0 e6 ff ff e8 3f f3 80 fc 0f 0b e8 38 f3 80 fc <0f> 0b 49 8d 87 80 00 00 00 4d 8d 87 84 00 00 00 48 89 85 20 fe [ 29.481128] RIP: __ip6_make_skb+0x1ac8/0x2190 RSP: ffff8801afa670a0 [ 29.488200] ---[ end trace 5319e8e7a6081565 ]--- [ 29.492960] Kernel panic - not syncing: Fatal exception [ 29.498768] Dumping ftrace buffer: [ 29.502281] (ftrace buffer empty) [ 29.505962] Kernel Offset: disabled [ 29.509560] Rebooting in 86400 seconds..