[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m[   38.661753] audit: type=1800 audit(1556946491.200:33): pid=7419 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   43.346498] kauditd_printk_skb: 1 callbacks suppressed
[   43.346511] audit: type=1400 audit(1556946495.880:35): avc:  denied  { map } for  pid=7594 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts.
[   50.071529] audit: type=1400 audit(1556946502.610:36): avc:  denied  { map } for  pid=7606 comm="syz-executor111" path="/root/syz-executor111212676" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   50.093889] IPVS: ftp: loaded support on port[0] = 21
[   50.158071] chnl_net:caif_netlink_parms(): no params data found
[   50.189289] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.196180] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.203408] device bridge_slave_0 entered promiscuous mode
[   50.210605] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.217083] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.224071] device bridge_slave_1 entered promiscuous mode
[   50.239321] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   50.249378] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   50.266092] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   50.274302] team0: Port device team_slave_0 added
[   50.279734] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   50.287954] team0: Port device team_slave_1 added
[   50.293203] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   50.300545] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   50.353150] device hsr_slave_0 entered promiscuous mode
[   50.421063] device hsr_slave_1 entered promiscuous mode
[   50.461463] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   50.468418] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   50.482090] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.488510] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.495467] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.501872] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.533448] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   50.539541] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.547986] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   50.557069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.576700] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.584524] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.593106] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   50.602968] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   50.610724] 8021q: adding VLAN 0 to HW filter on device team0
[   50.633211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.641728] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.648081] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.655181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.663139] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.670156] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.677532] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   50.685282] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   50.692961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.700296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.708339] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   50.717716] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   50.724875] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[   50.737118] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   50.749536] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.762586] kasan: CONFIG_KASAN_INLINE enabled
[   50.767274] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   50.774911] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   50.781148] CPU: 1 PID: 7607 Comm: syz-executor111 Not tainted 4.19.38 #6
[   50.788128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.797485] RIP: 0010:xfrmi_decode_session+0xeb/0x630
[   50.802660] Code: 7c e7 10 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 fd 04 00 00 48 b8 00 00 00 00 00 fc ff df 4f 8b 64 e7 10 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 2c 05 00 00 4d 8b 3c 24 e8 d2 4c 65 fb e8 bd a9
[   50.821548] RSP: 0018:ffff88809e43f178 EFLAGS: 00010246
[   50.827040] RAX: dffffc0000000000 RBX: ffff8880938ea3c0 RCX: ffffffff85ef124e
[   50.834297] RDX: 0000000000000000 RSI: ffffffff85f3c5a5 RDI: ffff8880909c2788
[   50.841549] RBP: ffff88809e43f1a0 R08: ffff8880a199c540 R09: ffffed1015d24733
[   50.848805] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000
[   50.856058] R13: 0000000000000037 R14: ffff8880938ea3d0 R15: ffff8880909c2780
[   50.863421] FS:  0000000001b82880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   50.871627] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   50.877498] CR2: 0000000020000022 CR3: 0000000089b2c000 CR4: 00000000001406e0
[   50.884770] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   50.892037] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   50.899289] Call Trace:
[   50.901868]  __xfrm_policy_check+0x1fa/0x2560
[   50.906348]  ? kasan_check_read+0x11/0x20
[   50.910482]  ? __xfrm_route_forward+0x870/0x870
[   50.915135]  ? nf_ct_deliver_cached_events+0x216/0x6e0
[   50.921227]  ? find_held_lock+0x35/0x130
[   50.925303]  ? vti_input+0x217/0x790
[   50.929024]  ? find_held_lock+0x35/0x130
[   50.934268]  ? vti_input+0x217/0x790
[   50.937973]  ? lock_downgrade+0x810/0x810
[   50.942123]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[   50.947658]  ? ip_tunnel_lookup+0xa0f/0xe00
[   50.951981]  vti_input+0x50f/0x790
[   50.955520]  vti_rcv+0x10b/0x140
[   50.958867]  xfrm4_esp_rcv+0xd8/0x240
[   50.962657]  ip_local_deliver_finish+0x284/0xc60
[   50.967396]  ip_local_deliver+0x1e9/0x520
[   50.971532]  ? ip_call_ra_chain+0x5c0/0x5c0
[   50.975835]  ? ip_sublist_rcv_finish+0x320/0x320
[   50.980574]  ? ip_rcv_finish_core.isra.0+0x805/0x1b80
[   50.985748]  ip_rcv_finish+0x1e1/0x300
[   50.989633]  ip_rcv+0xe8/0x3f0
[   50.992817]  ? ip_local_deliver+0x520/0x520
[   50.997121]  ? ip_rcv_finish_core.isra.0+0x1b80/0x1b80
[   51.002380]  ? ip_local_deliver+0x520/0x520
[   51.006697]  __netif_receive_skb_one_core+0x115/0x1a0
[   51.011870]  ? __netif_receive_skb_core+0x2fb0/0x2fb0
[   51.017146]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   51.022669]  ? check_preemption_disabled+0x48/0x290
[   51.027670]  ? lock_acquire+0x16f/0x3f0
[   51.031637]  __netif_receive_skb+0x2c/0x1d0
[   51.035960]  netif_receive_skb_internal+0x117/0x520
[   51.040984]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[   51.046513]  ? dev_cpu_dead+0x920/0x920
[   51.050470]  ? eth_gro_receive+0x8a0/0x8a0
[   51.054688]  napi_gro_frags+0x623/0xa30
[   51.058664]  tun_get_user+0x2edb/0x4bb0
[   51.062628]  ? mark_held_locks+0x100/0x100
[   51.066854]  ? tun_build_skb.isra.0+0x1920/0x1920
[   51.071680]  ? tun_get+0x171/0x290
[   51.075381]  ? lock_downgrade+0x810/0x810
[   51.079516]  ? kasan_check_read+0x11/0x20
[   51.083666]  tun_chr_write_iter+0xbd/0x156
[   51.087896]  do_iter_readv_writev+0x55d/0x830
[   51.092372]  ? vfs_dedupe_file_range+0x6f0/0x6f0
[   51.097112]  ? security_file_permission+0x8f/0x230
[   51.102020]  ? rw_verify_area+0x118/0x360
[   51.106149]  do_iter_write+0x184/0x600
[   51.110020]  ? dup_iter+0x280/0x280
[   51.113631]  vfs_writev+0x1b3/0x2f0
[   51.117244]  ? vfs_iter_write+0xb0/0xb0
[   51.121199]  ? vmf_insert_mixed_mkwrite+0x90/0x90
[   51.126024]  ? find_held_lock+0x35/0x130
[   51.130071]  ? __do_page_fault+0x676/0xe90
[   51.134309]  ? lock_downgrade+0x810/0x810
[   51.138447]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   51.143978]  ? __fget_light+0x1a9/0x230
[   51.147946]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   51.153549]  do_writev+0xf6/0x290
[   51.157068]  ? vfs_writev+0x2f0/0x2f0
[   51.160852]  ? do_syscall_64+0x26/0x610
[   51.164810]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   51.170169]  ? do_syscall_64+0x26/0x610
[   51.174133]  __x64_sys_writev+0x75/0xb0
[   51.178098]  do_syscall_64+0x103/0x610
[   51.181977]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   51.187150] RIP: 0033:0x441ee0
[   51.190334] Code: 05 48 3d 01 f0 ff ff 0f 83 3d 0f fc ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 3d 31 91 29 00 00 75 14 b8 14 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 14 0f fc ff c3 48 83 ec 08 e8 7a 2b 00 00
[   51.209224] RSP: 002b:00007ffdeaa58538 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   51.217012] RAX: ffffffffffffffda RBX: 00007ffdeaa58570 RCX: 0000000000441ee0
[   51.224291] RDX: 0000000000000001 RSI: 00007ffdeaa58570 RDI: 00000000000000f0
[   51.231545] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[   51.238797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   51.246060] R13: 0000000000403310 R14: 0000000000000000 R15: 0000000000000000
[   51.253333] Modules linked in:
[   51.256589] ---[ end trace db2ab56c76baa898 ]---
[   51.261397] RIP: 0010:xfrmi_decode_session+0xeb/0x630
[   51.266594] Code: 7c e7 10 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 fd 04 00 00 48 b8 00 00 00 00 00 fc ff df 4f 8b 64 e7 10 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 2c 05 00 00 4d 8b 3c 24 e8 d2 4c 65 fb e8 bd a9
[   51.285716] RSP: 0018:ffff88809e43f178 EFLAGS: 00010246
[   51.291114] RAX: dffffc0000000000 RBX: ffff8880938ea3c0 RCX: ffffffff85ef124e
[   51.298392] RDX: 0000000000000000 RSI: ffffffff85f3c5a5 RDI: ffff8880909c2788
[   51.305675] RBP: ffff88809e43f1a0 R08: ffff8880a199c540 R09: ffffed1015d24733
[   51.312978] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: 0000000000000000
[   51.320368] R13: 0000000000000037 R14: ffff8880938ea3d0 R15: ffff8880909c2780
[   51.327754] FS:  0000000001b82880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   51.336007] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.342023] CR2: 0000000020000022 CR3: 0000000089b2c000 CR4: 00000000001406e0
[   51.349292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   51.356600] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   51.363901] Kernel panic - not syncing: Fatal exception in interrupt
[   51.371077] Kernel Offset: disabled
[   51.374702] Rebooting in 86400 seconds..