[....] Starting enhanced syslogd: rsyslogd[   12.286617] audit: type=1400 audit(1516137544.531:5): avc:  denied  { syslog } for  pid=3499 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.203350] audit: type=1400 audit(1516137551.448:6): avc:  denied  { map } for  pid=3640 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts.
executing program
[   25.473531] audit: type=1400 audit(1516137557.718:7): avc:  denied  { map } for  pid=3654 comm="syzkaller920506" path="/root/syzkaller920506472" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   25.478168] FAULT_INJECTION: forcing a failure.
[   25.478168] name failslab, interval 1, probability 0, space 0, times 1
[   25.478177] CPU: 1 PID: 3654 Comm: syzkaller920506 Not tainted 4.15.0-rc8+ #264
[   25.478180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.478182] Call Trace:
[   25.478194]  dump_stack+0x194/0x257
[   25.478206]  ? arch_local_irq_restore+0x53/0x53
[   25.478226]  should_fail+0x8c0/0xa40
[   25.478234]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   25.478240]  ? add_lock_to_list.isra.28+0x24d/0x352
[   25.478246]  ? check_noncircular+0x20/0x20
[   25.478250]  ? print_lockdep_cache.isra.31+0x109/0x109
[   25.478260]  ? save_stack_trace+0x1a/0x20
[   25.478264]  ? save_trace+0xe0/0x2b0
[   25.478273]  ? __lock_acquire+0x36c0/0x3e00
[   25.478277]  ? print_irqtrace_events+0x270/0x270
[   25.478290]  ? find_held_lock+0x35/0x1d0
[   25.478304]  ? nametbl_find_seq+0x1d0/0x580
[   25.478310]  ? lock_downgrade+0x980/0x980
[   25.478318]  ? lock_release+0xa40/0xa40
[   25.478332]  should_failslab+0xec/0x120
[   25.478338]  kmem_cache_alloc_trace+0x4b/0x750
[   25.478347]  ? nametbl_find_seq+0x3dd/0x580
[   25.478356]  tipc_nameseq_create+0xad/0x540
[   25.478360]  ? lock_release+0xa40/0xa40
[   25.478366]  ? __tipc_nl_add_monitor+0xf80/0xf80
[   25.478387]  tipc_nametbl_subscribe+0x91f/0xc10
[   25.478391]  ? tipc_setsockopt+0x249/0xc10
[   25.478406]  ? tipc_nametbl_withdraw+0x6e0/0x6e0
[   25.478409]  ? tipc_subscrb_rcv_cb+0x6b6/0xd10
[   25.478414]  ? __lock_is_held+0xb6/0x140
[   25.478423]  ? lock_release+0xa40/0xa40
[   25.478430]  ? tipc_subscrb_rcv_cb+0x51b/0xd10
[   25.478436]  ? rcu_read_lock_sched_held+0x108/0x120
[   25.478441]  ? kmem_cache_alloc_trace+0x456/0x750
[   25.478448]  ? tipc_subscrb_rcv_cb+0x6b6/0xd10
[   25.478459]  tipc_subscrb_rcv_cb+0x7d6/0xd10
[   25.478463]  ? mark_held_locks+0xaf/0x100
[   25.478472]  ? tipc_subscrb_release_cb+0x30/0x30
[   25.478476]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.478482]  ? __lockdep_init_map+0xe4/0x650
[   25.478490]  ? lockdep_init_map+0x9/0x10
[   25.478496]  ? __raw_spin_lock_init+0x2d/0x100
[   25.478502]  ? tipc_subscrb_connect_cb+0x1bd/0x270
[   25.478508]  ? tipc_subscrb_put+0x30/0x30
[   25.478515]  ? __lock_is_held+0xb6/0x140
[   25.478529]  ? tipc_subscrb_release_cb+0x30/0x30
[   25.478535]  tipc_topsrv_kern_subscr+0x54a/0x850
[   25.478544]  ? tipc_conn_terminate+0x50/0x50
[   25.478553]  ? addr_domain+0x204/0x380
[   25.478557]  ? tipc_nlist_init+0x77/0x130
[   25.478574]  tipc_group_create+0x702/0x9c0
[   25.478583]  ? tipc_group_size+0x50/0x50
[   25.478588]  ? lock_release+0xa40/0xa40
[   25.478609]  ? addr_domain+0x204/0x380
[   25.478615]  ? in_own_node+0x320/0x320
[   25.478620]  ? lock_sock_nested+0x91/0x110
[   25.478624]  ? trace_hardirqs_on+0xd/0x10
[   25.478630]  ? __local_bh_enable_ip+0x121/0x230
[   25.478641]  tipc_setsockopt+0x249/0xc10
[   25.478650]  ? tipc_sk_leave+0x200/0x200
[   25.478666]  ? security_socket_setsockopt+0x89/0xb0
[   25.478674]  SyS_setsockopt+0x189/0x360
[   25.478683]  ? SyS_recv+0x40/0x40
[   25.478688]  ? SyS_write+0x184/0x220
[   25.478694]  ? entry_SYSCALL_64_fastpath+0x5/0xa0
[   25.478701]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.478708]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   25.478720]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   25.478724] RIP: 0033:0x440419
[   25.478727] RSP: 002b:00007ffed2a54488 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   25.478732] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000440419
[   25.478735] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003
[   25.478737] RBP: 0000000000000004 R08: 0000000000000010 R09: 0000000000000036
[   25.478740] R10: 00000000207f0000 R11: 0000000000000246 R12: 0000000000401d40
[   25.478742] R13: 0000000000401dd0 R14: 0000000000000000 R15: 0000000000000000
[   25.478767] Name sequence creation failed, no memory
[   25.478775] Failed to create subscription for {1020,0,4294967295}
[   25.479820] kasan: CONFIG_KASAN_INLINE enabled
[   25.479827] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   25.479832] general protection fault: 0000 [#1] SMP KASAN
[   25.479836] Dumping ftrace buffer:
[   25.479839]    (ftrace buffer empty)
[   25.479840] Modules linked in:
[   25.479846] CPU: 1 PID: 3654 Comm: syzkaller920506 Not tainted 4.15.0-rc8+ #264
[   25.479848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   25.479855] RIP: 0010:__list_del_entry_valid+0x7e/0x150
[   25.479857] RSP: 0018:ffff8801bc2a7058 EFLAGS: 00010246
[   25.479861] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   25.479863] RDX: 0000000000000000 RSI: ffff8801d2e63360 RDI: ffff8801d2e63368
[   25.479865] RBP: ffff8801bc2a7070 R08: 0000000000000003 R09: 1ffffffff0eba5d0
[   25.479867] R10: ffff8801bc2a6f38 R11: dffffc0000000000 R12: 0000000000000000
[   25.479869] R13: ffff8801bc2a7210 R14: ffff8801d2e63360 R15: ffff8801d8b88180
[   25.479873] FS:  0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
[   25.479875] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   25.479877] CR2: 00000000207f0000 CR3: 0000000006822003 CR4: 00000000001606e0
[   25.479882] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   25.479884] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   25.479886] Call Trace:
[   25.479891]  ? _raw_spin_lock_bh+0x39/0x40
[   25.479896]  tipc_nametbl_unsubscribe+0x318/0x990
[   25.479900]  ? rcu_read_lock_sched_held+0x108/0x120
[   25.479906]  ? tipc_nametbl_subscribe+0xc10/0xc10
[   25.479911]  ? lock_acquire+0x1d5/0x580
[   25.479915]  ? lock_acquire+0x1d5/0x580
[   25.479919]  ? tipc_subscrb_subscrp_delete+0x8f/0x460
[   25.479924]  ? __radix_tree_lookup+0x435/0x5e0
[   25.479930]  ? lock_release+0xa40/0xa40
[   25.479935]  ? print_irqtrace_events+0x270/0x270
[   25.479939]  ? find_held_lock+0x35/0x1d0
[   25.479946]  ? tipc_subscrb_subscrp_delete+0x8f/0x460
[   25.479953]  tipc_subscrb_subscrp_delete+0x1e9/0x460
[   25.479960]  ? tipc_subscrp_put+0x360/0x360
[   25.479964]  ? __local_bh_enable_ip+0x121/0x230
[   25.479970]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.479974]  ? tipc_conn_lookup+0x74/0x90
[   25.479977]  ? tipc_subscrb_subscrp_delete+0x460/0x460
[   25.479982]  tipc_subscrb_release_cb+0x17/0x30
[   25.479986]  tipc_close_conn+0x171/0x270
[   25.479993]  tipc_topsrv_kern_unsubscr+0x213/0x340
[   25.479996]  ? tipc_dest_del+0x350/0x350
[   25.480004]  ? tipc_topsrv_kern_subscr+0x850/0x850
[   25.480009]  ? tipc_node_distr_xmit+0x212/0x2b0
[   25.480017]  tipc_group_delete+0x2c0/0x3d0
[   25.480024]  ? tipc_group_create+0x9c0/0x9c0
[   25.480029]  ? __tipc_shutdown+0x916/0xc80
[   25.480032]  ? find_held_lock+0x35/0x1d0
[   25.480040]  ? tipc_sk_respond+0x550/0x550
[   25.480049]  tipc_sk_leave+0x10b/0x200
[   25.480054]  ? tipc_sk_withdraw+0x6b0/0x6b0
[   25.480060]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.480065]  ? lock_sock_nested+0x91/0x110
[   25.480069]  ? __local_bh_enable_ip+0x121/0x230
[   25.480077]  tipc_release+0x154/0xfe0
[   25.480085]  ? mntput_no_expire+0x130/0xa90
[   25.480091]  ? tipc_sk_backlog_rcv+0x390/0x390
[   25.480096]  ? lock_release+0xa40/0xa40
[   25.480100]  ? list_lru_count_node+0x70/0x70
[   25.480109]  ? do_raw_spin_trylock+0x190/0x190
[   25.480115]  ? locks_remove_file+0x3fa/0x5a0
[   25.480120]  ? fcntl_setlk+0x10c0/0x10c0
[   25.480123]  ? fsnotify+0x7b3/0x1140
[   25.480132]  ? fsnotify_first_mark+0x2b0/0x2b0
[   25.480139]  sock_release+0x8d/0x1e0
[   25.480144]  ? sock_alloc_file+0x560/0x560
[   25.480148]  sock_close+0x16/0x20
[   25.480153]  __fput+0x327/0x7e0
[   25.480164]  ? fput+0x140/0x140
[   25.480171]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   25.480175]  ? _raw_spin_unlock_irq+0x27/0x70
[   25.480182]  ____fput+0x15/0x20
[   25.480188]  task_work_run+0x199/0x270
[   25.480195]  ? task_work_cancel+0x210/0x210
[   25.480199]  ? _raw_spin_unlock+0x22/0x30
[   25.480204]  ? switch_task_namespaces+0x87/0xc0
[   25.480210]  do_exit+0x9bb/0x1ad0
[   25.480218]  ? mm_update_next_owner+0x930/0x930
[   25.480221]  ? reacquire_held_locks+0x1f9/0x3e0
[   25.480227]  ? find_held_lock+0x35/0x1d0
[   25.480235]  ? release_sock+0x1d4/0x2a0
[   25.480240]  ? lock_downgrade+0x980/0x980
[   25.480244]  ? lock_downgrade+0x980/0x980
[   25.480248]  ? lock_release+0xa40/0xa40
[   25.480252]  ? tipc_nametbl_publish+0x346/0x4f0
[   25.480258]  ? __local_bh_enable_ip+0x121/0x230
[   25.480263]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.480267]  ? release_sock+0x1d4/0x2a0
[   25.480271]  ? __local_bh_enable_ip+0x121/0x230
[   25.480277]  ? _raw_spin_unlock_bh+0x30/0x40
[   25.480281]  ? release_sock+0x1d4/0x2a0
[   25.480286]  ? __release_sock+0x360/0x360
[   25.480290]  ? tipc_nametbl_build_group+0x27a/0x370
[   25.480294]  ? __local_bh_enable_ip+0x121/0x230
[   25.480301]  ? tipc_setsockopt+0x6eb/0xc10
[   25.480307]  ? tipc_sk_leave+0x200/0x200
[   25.480317]  ? security_socket_setsockopt+0x89/0xb0
[   25.480323]  ? SyS_setsockopt+0x215/0x360
[   25.480328]  do_group_exit+0x149/0x400
[   25.480331]  ? SyS_recv+0x40/0x40
[   25.480335]  ? SyS_write+0x184/0x220
[   25.480339]  ? SyS_exit+0x30/0x30
[   25.480344]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.480349]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   25.480355]  SyS_exit_group+0x1d/0x20
[   25.480361]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   25.480363] RIP: 0033:0x43f118
[   25.480365] RSP: 002b:00007ffed2a544a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   25.480369] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000043f118
[   25.480371] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   25.480373] RBP: 0000000000000004 R08: 00000000000000e7 R09: ffffffffffffffd0
[   25.480375] R10: 00000000207f0000 R11: 0000000000000246 R12: 0000000000401d40
[   25.480377] R13: 0000000000401dd0 R14: 0000000000000000 R15: 0000000000000000
[   25.480386] Code: 00 00 00 00 ad de 49 39 c4 74 66 48 b8 00 02 00 00 00 00 ad de 48 89 da 48 39 c3 74 65 48 c1 ea 03 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 75 7b 48 8b 13 48 39 f2 75 57 49 8d 7c 24 08 48 b8 
[   25.480454] RIP: __list_del_entry_valid+0x7e/0x150 RSP: ffff8801bc2a7058
[   25.480478] ---[ end trace e7b4ffb8e4a452da ]---
[   25.480481] Kernel panic - not syncing: Fatal exception in interrupt
[   25.499421] Dumping ftrace buffer:
[   25.499425]    (ftrace buffer empty)
[   25.499427] Kernel Offset: disabled
[   26.460230] Rebooting in 86400 seconds..