[ 39.515881] audit: type=1800 audit(1546419067.084:31): pid=7823 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 39.542845] audit: type=1800 audit(1546419067.084:32): pid=7823 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.24' (ECDSA) to the list of known hosts. syzkaller login: [ 845.379294] kauditd_printk_skb: 3 callbacks suppressed [ 845.379307] audit: type=1400 audit(1546419873.004:36): avc: denied { map } for pid=8010 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/01/02 09:04:33 parsed 1 programs [ 846.111847] audit: type=1400 audit(1546419873.734:37): avc: denied { map } for pid=8010 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=4072 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2019/01/02 09:04:35 executed programs: 0 [ 847.672657] IPVS: ftp: loaded support on port[0] = 21 [ 847.734548] chnl_net:caif_netlink_parms(): no params data found [ 847.767882] bridge0: port 1(bridge_slave_0) entered blocking state [ 847.774776] bridge0: port 1(bridge_slave_0) entered disabled state [ 847.781841] device bridge_slave_0 entered promiscuous mode [ 847.789211] bridge0: port 2(bridge_slave_1) entered blocking state [ 847.795760] bridge0: port 2(bridge_slave_1) entered disabled state [ 847.802634] device bridge_slave_1 entered promiscuous mode [ 847.818875] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 847.828183] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 847.843295] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 847.851046] team0: Port device team_slave_0 added [ 847.856507] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 847.863553] team0: Port device team_slave_1 added [ 847.869024] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 847.876320] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 847.936257] device hsr_slave_0 entered promiscuous mode [ 847.983954] device hsr_slave_1 entered promiscuous mode [ 848.024406] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 848.031406] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 848.044999] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.051412] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.060730] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.067086] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.098834] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 848.105839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 848.114596] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 848.122981] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 848.142435] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.150279] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.158240] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 848.168040] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 848.174460] 8021q: adding VLAN 0 to HW filter on device team0 [ 848.182488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 848.190191] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.196570] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.205643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 848.213223] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.219620] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.235966] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 848.243631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 848.251463] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 848.263105] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 848.273401] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 848.284277] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 848.290826] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 848.298643] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 848.308810] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 848.321017] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 848.330627] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 848.341122] audit: type=1400 audit(1546419875.974:38): avc: denied { associate } for pid=8023 comm="syz-executor0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2019/01/02 09:04:40 executed programs: 52 2019/01/02 09:04:45 executed programs: 111 2019/01/02 09:04:50 executed programs: 171 2019/01/02 09:04:55 executed programs: 231 2019/01/02 09:05:00 executed programs: 291 2019/01/02 09:05:05 executed programs: 350 2019/01/02 09:05:10 executed programs: 410 2019/01/02 09:05:15 executed programs: 470 2019/01/02 09:05:20 executed programs: 529 2019/01/02 09:05:25 executed programs: 589 2019/01/02 09:05:30 executed programs: 647 2019/01/02 09:05:35 executed programs: 705 2019/01/02 09:05:40 executed programs: 765 2019/01/02 09:05:45 executed programs: 825 2019/01/02 09:05:50 executed programs: 883 2019/01/02 09:05:55 executed programs: 943 2019/01/02 09:06:00 executed programs: 1002 2019/01/02 09:06:06 executed programs: 1062 2019/01/02 09:06:11 executed programs: 1122 2019/01/02 09:06:16 executed programs: 1182 2019/01/02 09:06:21 executed programs: 1244 2019/01/02 09:06:26 executed programs: 1305 2019/01/02 09:06:31 executed programs: 1365 2019/01/02 09:06:36 executed programs: 1424 2019/01/02 09:06:41 executed programs: 1482 2019/01/02 09:06:46 executed programs: 1542 2019/01/02 09:06:51 executed programs: 1605 2019/01/02 09:06:56 executed programs: 1665 2019/01/02 09:07:01 executed programs: 1728 2019/01/02 09:07:06 executed programs: 1791 2019/01/02 09:07:11 executed programs: 1850 2019/01/02 09:07:16 executed programs: 1910 2019/01/02 09:07:21 executed programs: 1970 2019/01/02 09:07:26 executed programs: 2031 2019/01/02 09:07:31 executed programs: 2091 2019/01/02 09:07:36 executed programs: 2150 2019/01/02 09:07:41 executed programs: 2211 2019/01/02 09:07:46 executed programs: 2268 [ 1043.417441] list_del corruption, ffff88809e03f6b0->next is LIST_POISON1 (dead000000000100) [ 1043.426320] ------------[ cut here ]------------ [ 1043.431067] kernel BUG at lib/list_debug.c:45! [ 1043.435713] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 1043.441066] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 4.20.0+ #4 [ 1043.447372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1043.456841] Workqueue: events p9_read_work [ 1043.461090] RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f [ 1043.466787] Code: e8 e5 09 d8 fd 0f 0b 4c 89 f6 48 c7 c7 a0 3b 81 88 e8 d4 09 d8 fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 e0 3a 81 88 e8 c0 09 d8 fd <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 40 3b 81 88 e8 ac 09 d8 fd 0f 0b [ 1043.485673] RSP: 0018:ffff8880a94578b8 EFLAGS: 00010282 [ 1043.491018] RAX: 000000000000004e RBX: ffff88809e03f600 RCX: 0000000000000000 [ 1043.498269] RDX: 0000000000000000 RSI: ffffffff8167d666 RDI: ffffed101528af09 [ 1043.505543] RBP: ffff8880a94578d0 R08: 000000000000004e R09: ffffed1015cc5021 [ 1043.512796] R10: ffffed1015cc5020 R11: ffff8880ae628107 R12: dead000000000200 [ 1043.520143] R13: dead000000000100 R14: ffff88809e03f6b0 R15: 0000000000000015 [ 1043.527399] FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 1043.535606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1043.541476] CR2: 00007f33238dfdb8 CR3: 00000000a0e9a000 CR4: 00000000001406f0 [ 1043.548730] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1043.555986] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1043.563235] Call Trace: [ 1043.565812] p9_read_work+0xa7f/0x1140 [ 1043.569682] ? check_preemption_disabled+0x48/0x290 [ 1043.574685] ? p9_conn_cancel+0xd70/0xd70 [ 1043.578886] ? __lock_is_held+0xb6/0x140 [ 1043.582964] process_one_work+0xd0c/0x1ce0 [ 1043.587197] ? __switch_to_asm+0x34/0x70 [ 1043.591264] ? __switch_to_asm+0x40/0x70 [ 1043.595324] ? pwq_dec_nr_in_flight+0x4a0/0x4a0 [ 1043.600068] ? __schedule+0x89f/0x1e90 [ 1043.604025] ? pci_mmcfg_check_reserved+0x170/0x170 [ 1043.609029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1043.613767] ? worker_thread+0x3b7/0x14a0 [ 1043.617895] ? find_held_lock+0x35/0x120 [ 1043.621950] ? lock_acquire+0x1db/0x570 [ 1043.625912] ? worker_thread+0x3cd/0x14a0 [ 1043.630169] ? kasan_check_read+0x11/0x20 [ 1043.634312] ? do_raw_spin_lock+0x156/0x360 [ 1043.638623] ? lock_release+0xc40/0xc40 [ 1043.642581] ? rwlock_bug.part.0+0x90/0x90 [ 1043.646848] ? trace_hardirqs_on_caller+0x310/0x310 [ 1043.651857] worker_thread+0x143/0x14a0 [ 1043.655823] ? process_one_work+0x1ce0/0x1ce0 [ 1043.660310] ? __kthread_parkme+0xc3/0x1b0 [ 1043.664625] ? lock_acquire+0x1db/0x570 [ 1043.668586] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1043.673672] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1043.678235] ? trace_hardirqs_on+0xbd/0x310 [ 1043.682541] ? __kthread_parkme+0xc3/0x1b0 [ 1043.686773] ? trace_hardirqs_off_caller+0x300/0x300 [ 1043.691875] ? do_raw_spin_trylock+0x270/0x270 [ 1043.696441] ? schedule+0x108/0x350 [ 1043.700083] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1043.705213] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1043.710739] ? __kthread_parkme+0xfb/0x1b0 [ 1043.714960] kthread+0x357/0x430 [ 1043.718308] ? process_one_work+0x1ce0/0x1ce0 [ 1043.722794] ? kthread_stop+0x920/0x920 [ 1043.726756] ret_from_fork+0x3a/0x50 [ 1043.730453] Modules linked in: [ 1043.733761] ---[ end trace 8e444241377be4df ]--- [ 1043.738506] RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f [ 1043.744313] Code: e8 e5 09 d8 fd 0f 0b 4c 89 f6 48 c7 c7 a0 3b 81 88 e8 d4 09 d8 fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 e0 3a 81 88 e8 c0 09 d8 fd <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 40 3b 81 88 e8 ac 09 d8 fd 0f 0b [ 1043.763229] RSP: 0018:ffff8880a94578b8 EFLAGS: 00010282 [ 1043.768590] RAX: 000000000000004e RBX: ffff88809e03f600 RCX: 0000000000000000 [ 1043.775863] RDX: 0000000000000000 RSI: ffffffff8167d666 RDI: ffffed101528af09 [ 1043.783117] RBP: ffff8880a94578d0 R08: 000000000000004e R09: ffffed1015cc5021 [ 1043.790468] R10: ffffed1015cc5020 R11: ffff8880ae628107 R12: dead000000000200 [ 1043.797948] R13: dead000000000100 R14: ffff88809e03f6b0 R15: 0000000000000015 [ 1043.805222] FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 1043.813515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1043.819398] CR2: 00007f33238dfdb8 CR3: 00000000a0e9a000 CR4: 00000000001406f0 [ 1043.826669] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1043.833952] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1043.841205] Kernel panic - not syncing: Fatal exception [ 1044.999371] Shutting down cpus with NMI [ 1045.004650] Kernel Offset: disabled [ 1045.008273] Rebooting in 86400 seconds..