[   39.111483] audit: type=1800 audit(1569489219.118:32): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   39.876396] audit: type=1800 audit(1569489219.968:33): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts.
2019/09/26 09:13:47 parsed 1 programs
syzkaller login: [   47.643078] kauditd_printk_skb: 2 callbacks suppressed
[   47.643093] audit: type=1400 audit(1569489227.738:36): avc:  denied  { map } for  pid=7670 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   47.717100] audit: type=1400 audit(1569489227.808:37): avc:  denied  { map } for  pid=7670 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14992 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2019/09/26 09:13:49 executed programs: 0
[   49.102600] IPVS: ftp: loaded support on port[0] = 21
[   49.165294] chnl_net:caif_netlink_parms(): no params data found
[   49.200262] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.207126] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.214415] device bridge_slave_0 entered promiscuous mode
[   49.221871] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.228283] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.235466] device bridge_slave_1 entered promiscuous mode
[   49.251351] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   49.260675] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   49.277968] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   49.285888] team0: Port device team_slave_0 added
[   49.291382] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   49.298751] team0: Port device team_slave_1 added
[   49.304036] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   49.312514] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   49.364170] device hsr_slave_0 entered promiscuous mode
[   49.432126] device hsr_slave_1 entered promiscuous mode
[   49.503018] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   49.510182] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   49.524746] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.531308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.538446] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.544853] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.575911] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   49.583787] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.592873] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   49.600957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.620235] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.627673] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.635836] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   49.646577] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   49.652754] 8021q: adding VLAN 0 to HW filter on device team0
[   49.662381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.669958] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.676567] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.688826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.697237] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.703728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.722977] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   49.730989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   49.738803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.746746] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   49.755541] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.765510] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   49.771512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   49.784082] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   49.795433] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.806311] audit: type=1400 audit(1569489229.898:38): avc:  denied  { associate } for  pid=7687 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[   49.866808] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.878085] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.903450] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.913757] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.939963] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.950478] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.977238] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   49.987510] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   50.018670] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   50.028602] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   50.543697] ------------[ cut here ]------------
[   50.549131] WARNING: CPU: 1 PID: 7809 at net/xfrm/xfrm_policy.c:761 xfrm_policy_insert.cold+0x11/0x8c
[   50.558498] Kernel panic - not syncing: panic_on_warn set ...
[   50.558498] 
[   50.565982] CPU: 1 PID: 7809 Comm: syz-executor.0 Not tainted 4.19.75 #0
[   50.572813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.582433] Call Trace:
[   50.585146]  dump_stack+0x172/0x1f0
[   50.588776]  panic+0x263/0x507
[   50.591982]  ? __warn_printk+0xf3/0xf3
[   50.595869]  ? xfrm_policy_insert.cold+0x11/0x8c
[   50.600720]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.606252]  ? __warn.cold+0x5/0x4a
[   50.609891]  ? __warn+0xe8/0x1d0
[   50.613251]  ? xfrm_policy_insert.cold+0x11/0x8c
[   50.617995]  __warn.cold+0x20/0x4a
[   50.621537]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.627092]  ? xfrm_policy_insert.cold+0x11/0x8c
[   50.631839]  report_bug+0x263/0x2b0
[   50.635460]  do_error_trap+0x204/0x360
[   50.639596]  ? math_error+0x340/0x340
[   50.643400]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.648935]  ? wake_up_klogd+0x99/0xd0
[   50.652814]  ? error_entry+0x7c/0xe0
[   50.656515]  ? trace_hardirqs_off_caller+0x65/0x220
[   50.661528]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   50.666395]  do_invalid_op+0x1b/0x20
[   50.670121]  invalid_op+0x14/0x20
[   50.673568] RIP: 0010:xfrm_policy_insert.cold+0x11/0x8c
[   50.678919] Code: ff e8 10 94 78 fb 48 c7 c7 c0 40 e9 87 e8 e8 fa 62 fb 0f 0b e9 c2 c5 fe ff e8 f8 93 78 fb 48 c7 c7 c0 40 e9 87 e8 d0 fa 62 fb <0f> 0b 48 8b 45 c0 42 0f b6 14 20 48 8b 45 d0 83 e0 07 83 c0 03 38
[   50.697812] RSP: 0018:ffff88808864f468 EFLAGS: 00010286
[   50.703167] RAX: 0000000000000024 RBX: ffff88808c3db200 RCX: 0000000000000000
[   50.710434] RDX: 0000000000000000 RSI: ffffffff8155dbd6 RDI: ffffed10110c9e7f
[   50.717699] RBP: ffff88808864f508 R08: 0000000000000024 R09: ffffed1015d25079
[   50.724962] R10: ffffed1015d25078 R11: ffff8880ae9283c7 R12: dffffc0000000000
[   50.732252] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88809650a000
[   50.739539]  ? vprintk_func+0x86/0x189
[   50.743430]  ? xfrm_policy_insert.cold+0x11/0x8c
[   50.748185]  xfrm_add_policy+0x28f/0x530
[   50.752261]  ? xfrm_policy_construct+0x680/0x680
[   50.757030]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   50.762123]  ? validate_nla+0x32f/0x810
[   50.766089]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.771613]  ? nla_parse+0x1fc/0x2f0
[   50.775325]  ? xfrm_policy_construct+0x680/0x680
[   50.780073]  xfrm_user_rcv_msg+0x450/0x720
[   50.784308]  ? xfrm_dump_sa_done+0xf0/0xf0
[   50.788539]  ? __dev_queue_xmit+0x1757/0x2fe0
[   50.793030]  ? __local_bh_enable_ip+0x15a/0x270
[   50.797685]  ? __dev_queue_xmit+0x178a/0x2fe0
[   50.802164]  ? __local_bh_enable_ip+0x15a/0x270
[   50.806835]  ? __mutex_lock+0x3cd/0x1300
[   50.810889]  ? netlink_deliver_tap+0x22d/0xc20
[   50.815458]  ? xfrm_netlink_rcv+0x61/0x90
[   50.819593]  netlink_rcv_skb+0x17d/0x460
[   50.823645]  ? xfrm_dump_sa_done+0xf0/0xf0
[   50.827869]  ? netlink_ack+0xb30/0xb30
[   50.831757]  xfrm_netlink_rcv+0x70/0x90
[   50.835719]  netlink_unicast+0x537/0x720
[   50.839768]  ? netlink_attachskb+0x770/0x770
[   50.844167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.849764]  netlink_sendmsg+0x8ae/0xd70
[   50.853850]  ? netlink_unicast+0x720/0x720
[   50.858088]  ? selinux_socket_sendmsg+0x36/0x40
[   50.862747]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.868298]  ? security_socket_sendmsg+0x8d/0xc0
[   50.873046]  ? netlink_unicast+0x720/0x720
[   50.877291]  sock_sendmsg+0xd7/0x130
[   50.881001]  ___sys_sendmsg+0x803/0x920
[   50.884979]  ? copy_msghdr_from_user+0x430/0x430
[   50.889736]  ? lock_downgrade+0x810/0x810
[   50.893885]  ? kasan_check_read+0x11/0x20
[   50.898033]  ? __fget+0x367/0x540
[   50.901484]  ? iterate_fd+0x360/0x360
[   50.905282]  ? lock_downgrade+0x810/0x810
[   50.909437]  ? __fget_light+0x1a9/0x230
[   50.913409]  ? __fdget+0x1b/0x20
[   50.916778]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   50.922308]  __sys_sendmsg+0x105/0x1d0
[   50.926199]  ? __ia32_sys_shutdown+0x80/0x80
[   50.930691]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   50.935432]  ? do_syscall_64+0x26/0x620
[   50.939397]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   50.944744]  ? do_syscall_64+0x26/0x620
[   50.948710]  __x64_sys_sendmsg+0x78/0xb0
[   50.952781]  do_syscall_64+0xfd/0x620
[   50.956591]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   50.961768] RIP: 0033:0x459a29
[   50.964947] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   50.984359] RSP: 002b:00007fa11dce4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.992071] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29
[   50.999328] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003
[   51.006591] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   51.013869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa11dce56d4
[   51.021145] R13: 00000000004c797e R14: 00000000004dd360 R15: 00000000ffffffff
[   51.030147] Kernel Offset: disabled
[   51.033875] Rebooting in 86400 seconds..