Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 50.837414] kauditd_printk_skb: 4 callbacks suppressed [ 50.837437] audit: type=1400 audit(1548880590.064:35): avc: denied { map } for pid=8182 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.89' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program [ 69.542794] audit: type=1400 audit(1548880608.774:36): avc: denied { map } for pid=8194 comm="syz-executor922" path="/root/syz-executor922106315" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 69.577771] Bluetooth: hci2: Frame reassembly failed (-84) [ 69.583119] Bluetooth: hci0: Frame reassembly failed (-84) executing program [ 69.595335] Bluetooth: hci4: Frame reassembly failed (-84) [ 69.605346] Bluetooth: hci3: Frame reassembly failed (-84) [ 69.611787] Bluetooth: hci5: Frame reassembly failed (-84) [ 69.613983] Bluetooth: hci1: Frame reassembly failed (-84) [ 71.649051] Bluetooth: hci1: command 0x1003 tx timeout [ 71.654812] Bluetooth: hci1: sending frame failed (-49) [ 71.660354] Bluetooth: hci5: command 0x1003 tx timeout [ 71.665953] Bluetooth: hci3: command 0x1003 tx timeout [ 71.666013] Bluetooth: hci5: sending frame failed (-49) [ 71.671301] Bluetooth: hci4: command 0x1003 tx timeout [ 71.671319] Bluetooth: hci0: command 0x1003 tx timeout [ 71.671331] Bluetooth: hci2: command 0x1003 tx timeout [ 71.674464] Bluetooth: hci3: sending frame failed (-49) [ 71.676823] Bluetooth: hci4: sending frame failed (-49) [ 71.676852] Bluetooth: hci0: sending frame failed (-49) [ 71.676889] Bluetooth: hci2: sending frame failed (-49) [ 73.728461] Bluetooth: hci3: command 0x1001 tx timeout [ 73.728476] Bluetooth: hci2: command 0x1001 tx timeout [ 73.733822] Bluetooth: hci1: command 0x1001 tx timeout [ 73.739213] Bluetooth: hci3: sending frame failed (-49) [ 73.745042] Bluetooth: hci1: sending frame failed (-49) [ 73.749972] Bluetooth: hci2: sending frame failed (-49) [ 73.760700] Bluetooth: hci0: command 0x1001 tx timeout [ 73.765991] Bluetooth: hci4: command 0x1001 tx timeout [ 73.766037] Bluetooth: hci0: sending frame failed (-49) [ 73.771992] Bluetooth: hci4: sending frame failed (-49) [ 73.782324] Bluetooth: hci5: command 0x1001 tx timeout [ 73.787680] Bluetooth: hci5: sending frame failed (-49) [ 75.808524] Bluetooth: hci5: command 0x1009 tx timeout [ 75.808627] Bluetooth: hci4: command 0x1009 tx timeout [ 75.813896] Bluetooth: hci0: command 0x1009 tx timeout [ 75.819424] Bluetooth: hci2: command 0x1009 tx timeout [ 75.824773] Bluetooth: hci1: command 0x1009 tx timeout [ 75.829943] Bluetooth: hci3: command 0x1009 tx timeout executing program executing program executing program executing program executing program executing program [ 79.993305] Bluetooth: hci0: Frame reassembly failed (-84) [ 79.999979] BUG: unable to handle kernel paging request at ffffffffffffffd6 [ 80.000758] kobject: 'hci2' (00000000a78aced3): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 80.007271] #PF error: [normal kernel read fault] [ 80.007277] PGD 9874067 P4D 9874067 PUD 9876067 PMD 0 [ 80.007292] Oops: 0000 [#1] PREEMPT SMP KASAN [ 80.007323] CPU: 1 PID: 28 Comm: kworker/u4:2 Not tainted 5.0.0-rc4+ #52 [ 80.017248] kobject: 'rfkill12' (000000006bc3be80): kobject_uevent_env [ 80.022418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.022435] Workqueue: events_unbound flush_to_ldisc [ 80.022455] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 80.022464] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 80.022468] RSP: 0018:ffff8880a96bf6c0 EFLAGS: 00010246 [ 80.028065] kobject: 'rfkill12' (000000006bc3be80): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1/rfkill12' [ 80.032311] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 80.032316] RDX: dffffc0000000000 RSI: ffffffff858a4252 RDI: 0000000000000005 [ 80.032321] RBP: ffff8880a96bf748 R08: ffff8880a96b0000 R09: 0000000000000007 [ 80.032326] R10: ffffed1015ce5b8f R11: ffff8880ae72dc7b R12: 000000000000001c [ 80.032330] R13: ffff888091d310c0 R14: ffff888076e504a0 R15: 0000000000000001 [ 80.032337] FS: 0000000000000000(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 80.032342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.032350] CR2: ffffffffffffffd6 CR3: 00000000901b7000 CR4: 00000000001406e0 [ 80.039551] kobject: 'hci2' (00000000a78aced3): kobject_uevent_env [ 80.045839] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.045845] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.045848] Call Trace: [ 80.045865] ? __lock_is_held+0xb6/0x140 [ 80.055665] Bluetooth: hci1: Frame reassembly failed (-84) [ 80.060474] ll_recv+0xe4/0x200 [ 80.060505] hci_uart_tty_receive+0x22b/0x530 [ 80.060517] ? hci_uart_write_work+0x710/0x710 [ 80.066205] kobject: 'hci2' (00000000a78aced3): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2' [ 80.084117] tty_ldisc_receive_buf+0x164/0x1c0 [ 80.084133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.090516] kobject: 'rfkill13' (000000000b717db3): kobject_add_internal: parent: 'hci2', set: 'devices' [ 80.100552] tty_port_default_receive_buf+0x114/0x190 [ 80.100565] ? do_raw_spin_unlock+0xa0/0x330 [ 80.100574] ? tty_port_lower_dtr_rts+0x90/0x90 [ 80.100585] ? process_one_work+0xbf1/0x1ce0 [ 80.100595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.100604] flush_to_ldisc+0x3b2/0x590 [ 80.100616] ? tty_insert_flip_string_flags+0x1b0/0x1b0 [ 80.100623] ? __lock_is_held+0xb6/0x140 [ 80.100634] process_one_work+0xd0c/0x1ce0 [ 80.100643] ? preempt_notifier_register+0x200/0x200 [ 80.100654] ? __switch_to_asm+0x34/0x70 [ 80.100667] ? pwq_dec_nr_in_flight+0x4a0/0x4a0 [ 80.110601] kobject: 'hci3' (000000006e2497ca): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 80.115196] ? __schedule+0x89f/0x1e60 [ 80.115207] ? pci_mmcfg_check_reserved+0x170/0x170 [ 80.115215] ? lockdep_hardirqs_on+0x415/0x5d0 [ 80.115227] ? worker_thread+0x3b7/0x14a0 [ 80.123766] kobject: 'hci4' (000000009b09a4ac): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 80.129763] ? find_held_lock+0x35/0x120 [ 80.129773] ? lock_acquire+0x1db/0x570 [ 80.129783] ? worker_thread+0x3cd/0x14a0 [ 80.129797] ? kasan_check_read+0x11/0x20 [ 80.137245] kobject: 'rfkill13' (000000000b717db3): kobject_uevent_env [ 80.145287] ? do_raw_spin_lock+0x156/0x360 [ 80.145295] ? lock_release+0xc40/0xc40 [ 80.145304] ? rwlock_bug.part.0+0x90/0x90 [ 80.145313] ? trace_hardirqs_on_caller+0x310/0x310 [ 80.145327] worker_thread+0x143/0x14a0 [ 80.145341] ? process_one_work+0x1ce0/0x1ce0 [ 80.152016] kobject: 'hci5' (0000000097dac6ec): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 80.158606] ? __kthread_parkme+0xc3/0x1b0 [ 80.158617] ? lock_acquire+0x1db/0x570 [ 80.158628] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 80.158636] ? lockdep_hardirqs_on+0x415/0x5d0 [ 80.158649] ? trace_hardirqs_on+0xbd/0x310 [ 80.407002] ? __kthread_parkme+0xc3/0x1b0 [ 80.411232] ? trace_hardirqs_off_caller+0x300/0x300 [ 80.416318] ? do_raw_spin_trylock+0x270/0x270 [ 80.420884] ? schedule+0x108/0x350 [ 80.424497] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 80.429578] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 80.435095] ? __kthread_parkme+0xfb/0x1b0 [ 80.439317] kthread+0x357/0x430 [ 80.442669] ? process_one_work+0x1ce0/0x1ce0 [ 80.447148] ? kthread_stop+0x920/0x920 [ 80.451111] ret_from_fork+0x3a/0x50 [ 80.454811] Modules linked in: [ 80.457989] CR2: ffffffffffffffd6 [ 80.461432] ---[ end trace 83a4bf70280f2afb ]--- [ 80.466174] RIP: 0010:h4_recv_buf+0x1ea/0xda0 [ 80.470653] Code: b6 14 10 48 89 c8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d7 0a 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 45 d0 4c 8d 60 70 <0f> b7 58 2a 4c 89 e0 48 c1 e8 03 0f b6 04 10 84 c0 74 08 3c 03 0f [ 80.489535] RSP: 0018:ffff8880a96bf6c0 EFLAGS: 00010246 [ 80.495054] RAX: ffffffffffffffac RBX: 0000000000000000 RCX: ffffffffffffffd6 [ 80.502310] RDX: dffffc0000000000 RSI: ffffffff858a4252 RDI: 0000000000000005 [ 80.509563] RBP: ffff8880a96bf748 R08: ffff8880a96b0000 R09: 0000000000000007 [ 80.516816] R10: ffffed1015ce5b8f R11: ffff8880ae72dc7b R12: 000000000000001c [ 80.524068] R13: ffff888091d310c0 R14: ffff888076e504a0 R15: 0000000000000001 [ 80.531321] FS: 0000000000000000(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 80.539530] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.545393] CR2: ffffffffffffffd6 CR3: 00000000901b7000 CR4: 00000000001406e0 [ 80.552647] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.559899] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.567150] Kernel panic - not syncing: Fatal exception [ 80.573563] Kernel Offset: disabled [ 80.577181] Rebooting in 86400 seconds..