[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining dae[   40.971118] audit: type=1800 audit(1574584162.898:33): pid=7442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
mon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   41.000197] audit: type=1800 audit(1574584162.898:34): pid=7442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   44.247538] audit: type=1400 audit(1574584166.168:35): avc:  denied  { map } for  pid=7618 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.10.25' (ECDSA) to the list of known hosts.
[   79.954401] audit: type=1400 audit(1574584201.878:36): avc:  denied  { map } for  pid=7630 comm="syz-executor501" path="/root/syz-executor501520066" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   79.980758] IPVS: ftp: loaded support on port[0] = 21
[   80.004441] audit: type=1400 audit(1574584201.928:37): avc:  denied  { create } for  pid=7631 comm="syz-executor501" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   80.033988] audit: type=1400 audit(1574584201.928:38): avc:  denied  { write } for  pid=7631 comm="syz-executor501" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   80.059449] audit: type=1400 audit(1574584201.928:39): avc:  denied  { read } for  pid=7631 comm="syz-executor501" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   80.107210] chnl_net:caif_netlink_parms(): no params data found
[   80.139192] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.145721] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.152913] device bridge_slave_0 entered promiscuous mode
[   80.160092] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.166465] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.173547] device bridge_slave_1 entered promiscuous mode
[   80.188136] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   80.196895] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   80.213044] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   80.220714] team0: Port device team_slave_0 added
[   80.226118] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   80.233376] team0: Port device team_slave_1 added
[   80.238852] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   80.246163] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   80.299809] device hsr_slave_0 entered promiscuous mode
[   80.367840] device hsr_slave_1 entered promiscuous mode
[   80.408245] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   80.415297] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   80.431014] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.437402] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.444277] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.450660] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.481818] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   80.488882] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.496668] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   80.506035] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.524607] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.531909] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.539732] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   80.550130] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   80.556189] 8021q: adding VLAN 0 to HW filter on device team0
[   80.566338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.574241] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.580624] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.598295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   80.605884] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.612275] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.619949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   80.627506] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   80.636108] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   80.646102] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   80.655620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   80.664955] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   80.671160] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[   80.684153] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   80.691728] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   80.698592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   80.708966] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.721678] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[   80.742466] audit: type=1400 audit(1574584202.668:40): avc:  denied  { prog_load } for  pid=7631 comm="syz-executor501" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   80.775602] audit: type=1400 audit(1574584202.698:41): avc:  denied  { prog_run } for  pid=7631 comm="syz-executor501" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[   80.825605] kasan: CONFIG_KASAN_INLINE enabled
[   80.830421] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   80.837782] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   80.844040] CPU: 1 PID: 7635 Comm: syz-executor501 Not tainted 4.19.85-syzkaller #0
[   80.851813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.861166] RIP: 0010:skb_unlink+0xc4/0x160
[   80.865470] Code: 00 00 49 8d 7d 08 4c 8b 63 08 48 b8 00 00 00 00 00 fc ff df 48 c7 43 08 00 00 00 00 48 89 fa 48 c7 03 00 00 00 00 48 c1 ea 03 <80> 3c 02 00 75 58 4c 89 e2 4d 89 65 08 48 b8 00 00 00 00 00 fc ff
[   80.884362] RSP: 0018:ffff88809ee67908 EFLAGS: 00010002
[   80.889713] RAX: dffffc0000000000 RBX: ffff8880962d3c80 RCX: ffffffff81531da8
[   80.896964] RDX: 0000000000000001 RSI: 0000000000000282 RDI: 0000000000000008
[   80.904226] RBP: ffff88809ee67930 R08: 1ffff110131aab3c R09: ffffed10131aab3d
[   80.911504] R10: ffffed10131aab3c R11: ffff888098d559e3 R12: 0000000000000000
[   80.918757] R13: 0000000000000000 R14: ffff888098d559e0 R15: ffff88809ee679d8
[   80.926009] FS:  00007ff7a8648700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   80.934220] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   80.940090] CR2: 000055e4628f21b0 CR3: 00000000a55b5000 CR4: 00000000001406e0
[   80.947398] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   80.954657] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.961906] Call Trace:
[   80.964480]  kcm_recvmsg+0x462/0x560
[   80.968177]  ? kcm_splice_read+0x360/0x360
[   80.972394]  ? kcm_splice_read+0x360/0x360
[   80.976608]  sock_recvmsg_nosec+0x89/0xb0
[   80.980742]  ? __sock_tx_timestamp+0xd0/0xd0
[   80.985140]  ___sys_recvmsg+0x271/0x580
[   80.989101]  ? ___sys_sendmsg+0x920/0x920
[   80.993231]  ? kasan_check_read+0x11/0x20
[   80.997361]  ? __might_fault+0x12b/0x1e0
[   81.001411]  ? find_held_lock+0x35/0x130
[   81.005458]  ? __might_fault+0x12b/0x1e0
[   81.009507]  __sys_recvmmsg+0x27e/0x790
[   81.013471]  ? __ia32_sys_recvmsg+0xb0/0xb0
[   81.017789]  ? lock_downgrade+0x880/0x880
[   81.021929]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   81.027445]  ? __fd_install+0x200/0x640
[   81.031409]  do_sys_recvmmsg+0x181/0x1a0
[   81.035454]  ? __sys_recvmmsg+0x790/0x790
[   81.039590]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   81.044341]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   81.049078]  ? do_syscall_64+0x26/0x620
[   81.053033]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.058375]  ? do_syscall_64+0x26/0x620
[   81.062327]  __x64_sys_recvmmsg+0xbe/0x150
[   81.066541]  do_syscall_64+0xfd/0x620
[   81.070332]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   81.075501] RIP: 0033:0x448b29
[   81.078677] Code: e8 0c 1b 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   81.097563] RSP: 002b:00007ff7a8647ce8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   81.105264] RAX: ffffffffffffffda RBX: 00000000006dfc48 RCX: 0000000000448b29
[   81.112604] RDX: 0400000000000310 RSI: 0000000020003540 RDI: 0000000000000005
[   81.119867] RBP: 00000000006dfc40 R08: 0000000000000000 R09: 0000000000000000
[   81.127132] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dfc4c
[   81.134379] R13: 00007ffc3828db3f R14: 00007ff7a86489c0 R15: 000000000000002d
[   81.141634] Modules linked in:
[   81.144816] ---[ end trace 5cc8695cf11eea5f ]---
[   81.149555] RIP: 0010:skb_unlink+0xc4/0x160
[   81.153868] Code: 00 00 49 8d 7d 08 4c 8b 63 08 48 b8 00 00 00 00 00 fc ff df 48 c7 43 08 00 00 00 00 48 89 fa 48 c7 03 00 00 00 00 48 c1 ea 03 <80> 3c 02 00 75 58 4c 89 e2 4d 89 65 08 48 b8 00 00 00 00 00 fc ff
[   81.172763] RSP: 0018:ffff88809ee67908 EFLAGS: 00010002
[   81.178118] RAX: dffffc0000000000 RBX: ffff8880962d3c80 RCX: ffffffff81531da8
[   81.185381] RDX: 0000000000000001 RSI: 0000000000000282 RDI: 0000000000000008
[   81.192662] RBP: ffff88809ee67930 R08: 1ffff110131aab3c R09: ffffed10131aab3d
[   81.199920] R10: ffffed10131aab3c R11: ffff888098d559e3 R12: 0000000000000000
[   81.207182] R13: 0000000000000000 R14: ffff888098d559e0 R15: ffff88809ee679d8
[   81.214444] FS:  00007ff7a8648700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   81.222698] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.228570] CR2: 000055e4628f21b0 CR3: 00000000a55b5000 CR4: 00000000001406e0
[   81.235834] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.243126] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.250383] Kernel panic - not syncing: Fatal exception
[   81.257207] Kernel Offset: disabled
[   81.260836] Rebooting in 86400 seconds..