[   46.763431] audit: type=1800 audit(1585615865.388:29): pid=7814 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   46.800003] audit: type=1800 audit(1585615865.388:30): pid=7814 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts.
syzkaller login: [  190.910838] kauditd_printk_skb: 5 callbacks suppressed
[  190.910851] audit: type=1400 audit(1585616009.538:36): avc:  denied  { map } for  pid=7999 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2020/03/31 00:53:29 parsed 1 programs
[  192.694274] audit: type=1400 audit(1585616011.318:37): avc:  denied  { map } for  pid=7999 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=92 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2020/03/31 00:53:31 executed programs: 0
[  192.888712] IPVS: ftp: loaded support on port[0] = 21
[  192.953585] chnl_net:caif_netlink_parms(): no params data found
[  193.005421] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.012411] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.019861] device bridge_slave_0 entered promiscuous mode
[  193.027646] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.034249] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.041626] device bridge_slave_1 entered promiscuous mode
[  193.058466] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  193.067662] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  193.085401] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  193.092938] team0: Port device team_slave_0 added
[  193.098658] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  193.107280] team0: Port device team_slave_1 added
[  193.122155] batman_adv: batadv0: Adding interface: batadv_slave_0
[  193.128408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.153910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.166041] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.172446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.197691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.208644] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  193.216352] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  193.302591] device hsr_slave_0 entered promiscuous mode
[  193.371498] device hsr_slave_1 entered promiscuous mode
[  193.432062] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  193.439403] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  193.493439] audit: type=1400 audit(1585616012.118:38): avc:  denied  { create } for  pid=8016 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  193.515355] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.518254] audit: type=1400 audit(1585616012.118:39): avc:  denied  { write } for  pid=8016 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  193.524442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.549615] audit: type=1400 audit(1585616012.128:40): avc:  denied  { read } for  pid=8016 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[  193.555322] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.584994] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.622222] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  193.628349] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.637615] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  193.648051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  193.667734] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.675186] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.683235] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  193.693900] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  193.699984] 8021q: adding VLAN 0 to HW filter on device team0
[  193.710848] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  193.718839] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.725319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.736037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  193.744146] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.750684] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.771862] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  193.779822] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  193.788427] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  193.797911] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  193.805587] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  193.815671] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  193.821775] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  193.836077] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[  193.843876] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  193.851684] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  193.863651] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.877909] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[  193.888136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  193.927292] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[  193.935121] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[  193.942111] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[  193.952790] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.960599] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.967604] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.976681] device veth0_vlan entered promiscuous mode
[  193.986892] device veth1_vlan entered promiscuous mode
[  194.003097] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[  194.013656] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
[  194.021747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  194.029651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  194.039247] device veth0_macvtap entered promiscuous mode
[  194.046053] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[  194.054670] device veth1_macvtap entered promiscuous mode
[  194.061414] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
[  194.070009] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[  194.079780] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[  194.091078] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[  194.098287] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.105486] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  194.113070] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  194.120194] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  194.128171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  194.139578] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[  194.146887] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.154456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  194.162784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  194.273438] audit: type=1400 audit(1585616012.898:41): avc:  denied  { associate } for  pid=8016 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[  194.337026] ------------[ cut here ]------------
[  194.341909] kernel BUG at drivers/dma-buf/dma-buf.c:68!
[  194.347615] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  194.353012] CPU: 0 PID: 8051 Comm: syz-executor.0 Not tainted 4.19.113-syzkaller #0
[  194.360787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  194.370138] RIP: 0010:dma_buf_release+0x345/0x630
[  194.374965] Code: e4 e8 af 63 49 fd 48 89 ef e8 f7 7b 88 fd e8 72 da 52 fd 44 89 e0 48 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 5b da 52 fd <0f> 0b e8 54 da 52 fd e8 ff 91 40 fd 48 8d bd 38 02 00 00 48 b8 00
[  194.394152] RSP: 0018:ffff88807e84fdf8 EFLAGS: 00010293
[  194.399504] RAX: ffff8880988de6c0 RBX: 0000000000000004 RCX: ffffffff8414c5ec
[  194.406766] RDX: 0000000000000000 RSI: ffffffff8414c845 RDI: 0000000000000005
[  194.414075] RBP: ffff8880980e8d80 R08: ffff8880988de6c0 R09: 0000000000000000
[  194.421329] R10: ffff88807e84fe40 R11: 0000000000000000 R12: ffff888092eb13bc
[  194.428583] R13: ffff888092eb1368 R14: ffffffff8414c500 R15: ffff88821b6b6820
[  194.435882] FS:  0000000001555940(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  194.444089] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  194.449954] CR2: 00007ff0b6590db8 CR3: 00000000a0188000 CR4: 00000000001406f0
[  194.457207] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  194.464497] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  194.471803] Call Trace:
[  194.474389]  ? ima_file_free+0xb6/0x460
[  194.478372]  ? dma_buf_debug_show+0x1210/0x1210
[  194.483040]  __fput+0x2cd/0x890
[  194.486317]  task_work_run+0x13f/0x1b0
[  194.490190]  exit_to_usermode_loop+0x25a/0x2b0
[  194.494766]  do_syscall_64+0x538/0x620
[  194.498649]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  194.503830] RIP: 0033:0x4163e1
[  194.507005] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  194.525897] RSP: 002b:00007ffd79643c40 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  194.533645] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 00000000004163e1
[  194.540900] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 0000000000000007
[  194.548152] RBP: 0000000000000000 R08: 0000000000000000 R09: 01ffffffffffffff
[  194.555456] R10: 00000000007708c0 R11: 0000000000000293 R12: 000000000076bf00
[  194.562749] R13: 00000000007708d0 R14: 0000000000000000 R15: 000000000076bf0c
[  194.570006] Modules linked in:
[  194.575221] ---[ end trace 5b687ef3a3f54b29 ]---
[  194.580002] RIP: 0010:dma_buf_release+0x345/0x630
[  194.585432] Code: e4 e8 af 63 49 fd 48 89 ef e8 f7 7b 88 fd e8 72 da 52 fd 44 89 e0 48 83 c4 10 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 5b da 52 fd <0f> 0b e8 54 da 52 fd e8 ff 91 40 fd 48 8d bd 38 02 00 00 48 b8 00
[  194.604780] RSP: 0018:ffff88807e84fdf8 EFLAGS: 00010293
[  194.610200] RAX: ffff8880988de6c0 RBX: 0000000000000004 RCX: ffffffff8414c5ec
[  194.618096] RDX: 0000000000000000 RSI: ffffffff8414c845 RDI: 0000000000000005
[  194.625627] RBP: ffff8880980e8d80 R08: ffff8880988de6c0 R09: 0000000000000000
[  194.633840] R10: ffff88807e84fe40 R11: 0000000000000000 R12: ffff888092eb13bc
[  194.641201] R13: ffff888092eb1368 R14: ffffffff8414c500 R15: ffff88821b6b6820
[  194.648475] FS:  0000000001555940(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  194.657036] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  194.663028] CR2: 00007ff0b6590db8 CR3: 00000000a0188000 CR4: 00000000001406f0
[  194.670306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  194.677800] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  194.685174] Kernel panic - not syncing: Fatal exception
[  194.691923] Kernel Offset: disabled
[  194.695624] Rebooting in 86400 seconds..