[ 41.390430] audit: type=1800 audit(1577499678.208:31): pid=7568 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [ 41.411919] audit: type=1800 audit(1577499678.208:32): pid=7568 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.130' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 51.988893] kauditd_printk_skb: 3 callbacks suppressed [ 51.988911] audit: type=1400 audit(1577499688.858:36): avc: denied { map } for pid=7752 comm="syz-executor339" path="/root/syz-executor339418214" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 51.992765] kasan: CONFIG_KASAN_INLINE enabled [ 52.025657] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 52.033025] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 52.039439] CPU: 1 PID: 7752 Comm: syz-executor339 Not tainted 4.19.91-syzkaller #0 [ 52.047219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.056594] RIP: 0010:nf_ct_netns_do_get+0xd3/0x5c0 [ 52.061596] Code: 76 7b fb 45 84 ff 0f 84 6f 02 00 00 e8 06 75 7b fb 49 8d bc 24 48 1b 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 cd 04 00 00 4d 8b bc 24 48 1b 00 00 e8 96 86 68 [ 52.080680] RSP: 0018:ffff8880a829f808 EFLAGS: 00010206 [ 52.086029] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: ffffffff85efd1ba [ 52.093310] RDX: 0000000000000369 RSI: ffffffff85efcf3a RDI: 0000000000001b48 [ 52.100925] RBP: ffff8880a829f838 R08: ffff88809153c3c0 R09: ffffed1015d24733 [ 52.108290] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000 [ 52.115545] R13: 0000000000000003 R14: 0000000000000028 R15: 0000000000000001 [ 52.122804] FS: 0000000002081880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 52.131024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.136892] CR2: 00005570bd293180 CR3: 000000009670a000 CR4: 00000000001406e0 [ 52.144147] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 52.151402] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 52.158942] Call Trace: [ 52.161626] nf_ct_netns_get+0x3d/0xc0 [ 52.165499] connmark_tg_check+0x61/0xe0 [ 52.169557] ? connmark_mt_destroy+0x80/0x80 [ 52.173956] xt_check_target+0x283/0x6a0 [ 52.178002] ? textify_hooks.constprop.0+0x1a0/0x1a0 [ 52.183103] ? mutex_unlock+0xd/0x10 [ 52.186920] ? xt_find_target+0x73/0x280 [ 52.191313] ? xt_find_target+0x73/0x280 [ 52.196234] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 52.201773] translate_table+0x1005/0x1d70 [ 52.205998] ? arpt_alloc_initial_table+0x690/0x690 [ 52.211001] ? lock_downgrade+0x880/0x880 [ 52.215142] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 52.220755] ? _copy_from_user+0xdd/0x150 [ 52.224906] do_arpt_set_ctl+0x303/0x640 [ 52.228952] ? compat_do_arpt_get_ctl+0x850/0x850 [ 52.233794] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 52.238645] ? wait_for_completion+0x440/0x440 [ 52.243225] ? mutex_unlock+0xd/0x10 [ 52.246925] ? nf_sockopt_find.constprop.0+0x226/0x290 [ 52.252202] nf_setsockopt+0x77/0xd0 [ 52.255916] ip_setsockopt+0xdf/0x100 [ 52.259719] udp_setsockopt+0x68/0xb0 [ 52.263518] sock_common_setsockopt+0x94/0xd0 [ 52.268016] __sys_setsockopt+0x17a/0x280 [ 52.272174] ? kernel_accept+0x310/0x310 [ 52.276234] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 52.281260] ? do_syscall_64+0x26/0x620 [ 52.285226] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 52.290576] ? do_syscall_64+0x26/0x620 [ 52.294546] __x64_sys_setsockopt+0xbe/0x150 [ 52.298947] do_syscall_64+0xfd/0x620 [ 52.302735] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 52.307912] RIP: 0033:0x441369 [ 52.311090] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 52.330074] RSP: 002b:00007fffa9e149a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 52.337773] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441369 [ 52.345053] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000003 [ 52.352329] RBP: 00000000006cb018 R08: 0000000000000418 R09: 00000000004002c8 [ 52.359594] R10: 0000000020000880 R11: 0000000000000246 R12: 0000000000402bf0 [ 52.366851] R13: 0000000000402c80 R14: 0000000000000000 R15: 0000000000000000 [ 52.374109] Modules linked in: [ 52.377784] ---[ end trace 274f94ba5b6de556 ]--- [ 52.382568] RIP: 0010:nf_ct_netns_do_get+0xd3/0x5c0 [ 52.387645] Code: 76 7b fb 45 84 ff 0f 84 6f 02 00 00 e8 06 75 7b fb 49 8d bc 24 48 1b 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 cd 04 00 00 4d 8b bc 24 48 1b 00 00 e8 96 86 68 [ 52.406574] RSP: 0018:ffff8880a829f808 EFLAGS: 00010206 [ 52.412011] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: ffffffff85efd1ba [ 52.419388] RDX: 0000000000000369 RSI: ffffffff85efcf3a RDI: 0000000000001b48 [ 52.426691] RBP: ffff8880a829f838 R08: ffff88809153c3c0 R09: ffffed1015d24733 [ 52.433969] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000 [ 52.441264] R13: 0000000000000003 R14: 0000000000000028 R15: 0000000000000001 [ 52.448687] FS: 0000000002081880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 52.457047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.462954] CR2: 00005570bd293180 CR3: 000000009670a000 CR4: 00000000001406e0 [ 52.470287] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 52.477586] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 52.484887] Kernel panic - not syncing: Fatal exception [ 52.491601] Kernel Offset: disabled [ 52.495235] Rebooting in 86400 seconds..