[ 39.111483] audit: type=1800 audit(1569489219.118:32): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [ 39.876396] audit: type=1800 audit(1569489219.968:33): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. 2019/09/26 09:13:47 parsed 1 programs syzkaller login: [ 47.643078] kauditd_printk_skb: 2 callbacks suppressed [ 47.643093] audit: type=1400 audit(1569489227.738:36): avc: denied { map } for pid=7670 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 47.717100] audit: type=1400 audit(1569489227.808:37): avc: denied { map } for pid=7670 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14992 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2019/09/26 09:13:49 executed programs: 0 [ 49.102600] IPVS: ftp: loaded support on port[0] = 21 [ 49.165294] chnl_net:caif_netlink_parms(): no params data found [ 49.200262] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.207126] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.214415] device bridge_slave_0 entered promiscuous mode [ 49.221871] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.228283] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.235466] device bridge_slave_1 entered promiscuous mode [ 49.251351] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 49.260675] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 49.277968] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.285888] team0: Port device team_slave_0 added [ 49.291382] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.298751] team0: Port device team_slave_1 added [ 49.304036] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.312514] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.364170] device hsr_slave_0 entered promiscuous mode [ 49.432126] device hsr_slave_1 entered promiscuous mode [ 49.503018] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 49.510182] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 49.524746] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.531308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.538446] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.544853] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.575911] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 49.583787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.592873] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 49.600957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.620235] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.627673] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.635836] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 49.646577] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 49.652754] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.662381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.669958] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.676567] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.688826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.697237] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.703728] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.722977] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.730989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.738803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.746746] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 49.755541] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.765510] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 49.771512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 49.784082] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 49.795433] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.806311] audit: type=1400 audit(1569489229.898:38): avc: denied { associate } for pid=7687 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 49.866808] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.878085] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.903450] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.913757] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.939963] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.950478] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.977238] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 49.987510] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 50.018670] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 50.028602] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 50.543697] ------------[ cut here ]------------ [ 50.549131] WARNING: CPU: 1 PID: 7809 at net/xfrm/xfrm_policy.c:761 xfrm_policy_insert.cold+0x11/0x8c [ 50.558498] Kernel panic - not syncing: panic_on_warn set ... [ 50.558498] [ 50.565982] CPU: 1 PID: 7809 Comm: syz-executor.0 Not tainted 4.19.75 #0 [ 50.572813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.582433] Call Trace: [ 50.585146] dump_stack+0x172/0x1f0 [ 50.588776] panic+0x263/0x507 [ 50.591982] ? __warn_printk+0xf3/0xf3 [ 50.595869] ? xfrm_policy_insert.cold+0x11/0x8c [ 50.600720] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.606252] ? __warn.cold+0x5/0x4a [ 50.609891] ? __warn+0xe8/0x1d0 [ 50.613251] ? xfrm_policy_insert.cold+0x11/0x8c [ 50.617995] __warn.cold+0x20/0x4a [ 50.621537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.627092] ? xfrm_policy_insert.cold+0x11/0x8c [ 50.631839] report_bug+0x263/0x2b0 [ 50.635460] do_error_trap+0x204/0x360 [ 50.639596] ? math_error+0x340/0x340 [ 50.643400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.648935] ? wake_up_klogd+0x99/0xd0 [ 50.652814] ? error_entry+0x7c/0xe0 [ 50.656515] ? trace_hardirqs_off_caller+0x65/0x220 [ 50.661528] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 50.666395] do_invalid_op+0x1b/0x20 [ 50.670121] invalid_op+0x14/0x20 [ 50.673568] RIP: 0010:xfrm_policy_insert.cold+0x11/0x8c [ 50.678919] Code: ff e8 10 94 78 fb 48 c7 c7 c0 40 e9 87 e8 e8 fa 62 fb 0f 0b e9 c2 c5 fe ff e8 f8 93 78 fb 48 c7 c7 c0 40 e9 87 e8 d0 fa 62 fb <0f> 0b 48 8b 45 c0 42 0f b6 14 20 48 8b 45 d0 83 e0 07 83 c0 03 38 [ 50.697812] RSP: 0018:ffff88808864f468 EFLAGS: 00010286 [ 50.703167] RAX: 0000000000000024 RBX: ffff88808c3db200 RCX: 0000000000000000 [ 50.710434] RDX: 0000000000000000 RSI: ffffffff8155dbd6 RDI: ffffed10110c9e7f [ 50.717699] RBP: ffff88808864f508 R08: 0000000000000024 R09: ffffed1015d25079 [ 50.724962] R10: ffffed1015d25078 R11: ffff8880ae9283c7 R12: dffffc0000000000 [ 50.732252] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88809650a000 [ 50.739539] ? vprintk_func+0x86/0x189 [ 50.743430] ? xfrm_policy_insert.cold+0x11/0x8c [ 50.748185] xfrm_add_policy+0x28f/0x530 [ 50.752261] ? xfrm_policy_construct+0x680/0x680 [ 50.757030] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 50.762123] ? validate_nla+0x32f/0x810 [ 50.766089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.771613] ? nla_parse+0x1fc/0x2f0 [ 50.775325] ? xfrm_policy_construct+0x680/0x680 [ 50.780073] xfrm_user_rcv_msg+0x450/0x720 [ 50.784308] ? xfrm_dump_sa_done+0xf0/0xf0 [ 50.788539] ? __dev_queue_xmit+0x1757/0x2fe0 [ 50.793030] ? __local_bh_enable_ip+0x15a/0x270 [ 50.797685] ? __dev_queue_xmit+0x178a/0x2fe0 [ 50.802164] ? __local_bh_enable_ip+0x15a/0x270 [ 50.806835] ? __mutex_lock+0x3cd/0x1300 [ 50.810889] ? netlink_deliver_tap+0x22d/0xc20 [ 50.815458] ? xfrm_netlink_rcv+0x61/0x90 [ 50.819593] netlink_rcv_skb+0x17d/0x460 [ 50.823645] ? xfrm_dump_sa_done+0xf0/0xf0 [ 50.827869] ? netlink_ack+0xb30/0xb30 [ 50.831757] xfrm_netlink_rcv+0x70/0x90 [ 50.835719] netlink_unicast+0x537/0x720 [ 50.839768] ? netlink_attachskb+0x770/0x770 [ 50.844167] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.849764] netlink_sendmsg+0x8ae/0xd70 [ 50.853850] ? netlink_unicast+0x720/0x720 [ 50.858088] ? selinux_socket_sendmsg+0x36/0x40 [ 50.862747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.868298] ? security_socket_sendmsg+0x8d/0xc0 [ 50.873046] ? netlink_unicast+0x720/0x720 [ 50.877291] sock_sendmsg+0xd7/0x130 [ 50.881001] ___sys_sendmsg+0x803/0x920 [ 50.884979] ? copy_msghdr_from_user+0x430/0x430 [ 50.889736] ? lock_downgrade+0x810/0x810 [ 50.893885] ? kasan_check_read+0x11/0x20 [ 50.898033] ? __fget+0x367/0x540 [ 50.901484] ? iterate_fd+0x360/0x360 [ 50.905282] ? lock_downgrade+0x810/0x810 [ 50.909437] ? __fget_light+0x1a9/0x230 [ 50.913409] ? __fdget+0x1b/0x20 [ 50.916778] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 50.922308] __sys_sendmsg+0x105/0x1d0 [ 50.926199] ? __ia32_sys_shutdown+0x80/0x80 [ 50.930691] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 50.935432] ? do_syscall_64+0x26/0x620 [ 50.939397] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.944744] ? do_syscall_64+0x26/0x620 [ 50.948710] __x64_sys_sendmsg+0x78/0xb0 [ 50.952781] do_syscall_64+0xfd/0x620 [ 50.956591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.961768] RIP: 0033:0x459a29 [ 50.964947] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 50.984359] RSP: 002b:00007fa11dce4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 50.992071] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 50.999328] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003 [ 51.006591] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 51.013869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa11dce56d4 [ 51.021145] R13: 00000000004c797e R14: 00000000004dd360 R15: 00000000ffffffff [ 51.030147] Kernel Offset: disabled [ 51.033875] Rebooting in 86400 seconds..