[ 45.924045] audit: type=1800 audit(1579199012.904:32): pid=8012 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 51.530747] kauditd_printk_skb: 2 callbacks suppressed [ 51.530762] audit: type=1400 audit(1579199018.604:35): avc: denied { map } for pid=8186 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts. executing program [ 73.939929] audit: type=1400 audit(1579199041.014:36): avc: denied { map } for pid=8198 comm="syz-executor671" path="/root/syz-executor671249523" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 73.944826] kasan: CONFIG_KASAN_INLINE enabled [ 73.966580] audit: type=1400 audit(1579199041.014:37): avc: denied { create } for pid=8198 comm="syz-executor671" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 73.971312] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 73.995240] audit: type=1400 audit(1579199041.014:38): avc: denied { write } for pid=8198 comm="syz-executor671" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 74.003778] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 74.032945] CPU: 1 PID: 8198 Comm: syz-executor671 Not tainted 4.19.96-syzkaller #0 [ 74.040726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.050081] RIP: 0010:nft_chain_parse_hook+0x37c/0x8c0 [ 74.055378] Code: 00 e8 98 7d 6a fb 41 83 fd 05 0f 87 30 04 00 00 e8 09 7c 6a fb 48 8d 7b 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 77 04 00 00 44 89 e9 be 01 00 [ 74.074305] RSP: 0018:ffff8880916ff200 EFLAGS: 00010206 [ 74.079652] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff860099a8 [ 74.086915] RDX: 0000000000000003 RSI: ffffffff860099b7 RDI: 0000000000000018 [ 74.094173] RBP: ffff8880916ff2f0 R08: ffff88808ac48040 R09: 0000000000000000 [ 74.101432] R10: ffffed10122dfe4c R11: ffff8880916ff267 R12: ffff8880916ff370 [ 74.108685] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880916ff2c8 [ 74.115951] FS: 0000000001f2b880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 74.124278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.130192] CR2: 0000560989fab1b0 CR3: 000000009f6c0000 CR4: 00000000001406e0 [ 74.137451] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.144714] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.151966] Call Trace: [ 74.154555] ? nf_tables_expr_parse+0x5e0/0x5e0 [ 74.159210] ? nf_tables_gettable+0x490/0x490 [ 74.163703] ? mark_held_locks+0x100/0x100 [ 74.167938] nf_tables_addchain.constprop.0+0x1a6/0xf90 [ 74.173287] ? nft_delchain+0x1b0/0x1b0 [ 74.177262] ? nla_strcmp+0xe3/0x120 [ 74.180974] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.186494] ? nft_table_lookup+0x154/0x1b0 [ 74.191349] nf_tables_newchain+0xf54/0x14d0 [ 74.195773] ? nf_tables_newrule+0x2140/0x2140 [ 74.200489] ? kasan_check_write+0x14/0x20 [ 74.204732] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 74.209574] ? rcu_read_lock_sched_held+0x110/0x130 [ 74.214586] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 74.219759] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 74.224759] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.230281] ? nla_parse+0x1fc/0x2f0 [ 74.233983] nfnetlink_rcv_batch+0xef6/0x1750 [ 74.238480] ? nf_tables_newrule+0x2140/0x2140 [ 74.243045] ? nfnl_err_del+0x170/0x170 [ 74.247004] ? cred_has_capability+0x193/0x320 [ 74.251599] ? selinux_capable+0x36/0x40 [ 74.255682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.261239] ? security_capable+0x92/0xc0 [ 74.265376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.270915] ? ns_capable_common+0x141/0x170 [ 74.275320] ? memset+0x32/0x40 [ 74.278583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.284119] ? nla_parse+0x1fc/0x2f0 [ 74.287827] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 74.292829] nfnetlink_rcv+0x3ed/0x460 [ 74.296700] ? nfnetlink_rcv_batch+0x1750/0x1750 [ 74.301437] ? netlink_deliver_tap+0x254/0xc20 [ 74.306003] ? kasan_check_write+0x14/0x20 [ 74.310230] netlink_unicast+0x53a/0x730 [ 74.314275] ? netlink_attachskb+0x770/0x770 [ 74.318676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.324198] netlink_sendmsg+0x8ae/0xd70 [ 74.328254] ? netlink_unicast+0x730/0x730 [ 74.332473] ? selinux_socket_sendmsg+0x36/0x40 [ 74.337126] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.342662] ? security_socket_sendmsg+0x8d/0xc0 [ 74.347403] ? netlink_unicast+0x730/0x730 [ 74.351630] sock_sendmsg+0xd7/0x130 [ 74.355339] ___sys_sendmsg+0x803/0x920 [ 74.359300] ? copy_msghdr_from_user+0x430/0x430 [ 74.364038] ? rcu_read_lock_sched_held+0x110/0x130 [ 74.369041] ? mark_held_locks+0x100/0x100 [ 74.373258] ? __this_cpu_preempt_check+0x1d/0x30 [ 74.378093] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.383621] ? percpu_counter_add_batch+0x13c/0x190 [ 74.388620] ? __fd_install+0x1bc/0x640 [ 74.392580] ? find_held_lock+0x35/0x130 [ 74.396632] ? __fd_install+0x1bc/0x640 [ 74.400707] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 74.406242] ? __fget_light+0x1a9/0x230 [ 74.410219] ? __fdget+0x1b/0x20 [ 74.413581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 74.419105] __sys_sendmsg+0x105/0x1d0 [ 74.422986] ? __ia32_sys_shutdown+0x80/0x80 [ 74.427396] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 74.432137] ? do_syscall_64+0x26/0x620 [ 74.436119] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.441477] ? do_syscall_64+0x26/0x620 [ 74.445436] __x64_sys_sendmsg+0x78/0xb0 [ 74.449490] do_syscall_64+0xfd/0x620 [ 74.453285] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.458461] RIP: 0033:0x440559 [ 74.461640] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.480546] RSP: 002b:00007ffc25717898 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.488251] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440559 [ 74.495514] RDX: 0000000004000000 RSI: 000000002000d400 RDI: 0000000000000004 [ 74.502768] RBP: 00000000006ca018 R08: 0000000000000003 R09: 00000000004002c8 [ 74.510030] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000401de0 [ 74.517294] R13: 0000000000401e70 R14: 0000000000000000 R15: 0000000000000000 [ 74.524696] Modules linked in: [ 74.528381] ---[ end trace 13c6606361f2d9a2 ]--- [ 74.533464] RIP: 0010:nft_chain_parse_hook+0x37c/0x8c0 [ 74.538780] Code: 00 e8 98 7d 6a fb 41 83 fd 05 0f 87 30 04 00 00 e8 09 7c 6a fb 48 8d 7b 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 77 04 00 00 44 89 e9 be 01 00 [ 74.557966] RSP: 0018:ffff8880916ff200 EFLAGS: 00010206 [ 74.563322] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff860099a8 [ 74.570625] RDX: 0000000000000003 RSI: ffffffff860099b7 RDI: 0000000000000018 [ 74.577951] RBP: ffff8880916ff2f0 R08: ffff88808ac48040 R09: 0000000000000000 [ 74.585217] R10: ffffed10122dfe4c R11: ffff8880916ff267 R12: ffff8880916ff370 [ 74.592560] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880916ff2c8 [ 74.600301] FS: 0000000001f2b880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 74.608610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.614494] CR2: 0000560989fab1b0 CR3: 000000009f6c0000 CR4: 00000000001406e0 [ 74.621899] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.629209] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.636529] Kernel panic - not syncing: Fatal exception [ 74.643488] Kernel Offset: disabled [ 74.647197] Rebooting in 86400 seconds..