syzkaller login: [ 42.760669] kauditd_printk_skb: 10 callbacks suppressed [ 42.760674] audit: type=1400 audit(1560771017.929:35): avc: denied { map } for pid=7463 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 49.135823] audit: type=1400 audit(1560771024.299:36): avc: denied { map } for pid=7472 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 52.050719] IPVS: ftp: loaded support on port[0] = 21 [ 52.467505] can: request_module (can-proto-0) failed. [ 53.575449] can: request_module (can-proto-0) failed. [ 53.750457] audit: type=1400 audit(1560771028.919:37): avc: denied { create } for pid=7472 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 53.774492] audit: type=1400 audit(1560771028.919:38): avc: denied { create } for pid=7472 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 53.798222] audit: type=1400 audit(1560771028.919:39): avc: denied { create } for pid=7472 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Warning: Permanently added '10.128.0.194' (ECDSA) to the list of known hosts. 2019/06/17 11:30:36 parsed 1 programs 2019/06/17 11:30:37 executed programs: 0 [ 62.264785] IPVS: ftp: loaded support on port[0] = 21 [ 62.275638] IPVS: ftp: loaded support on port[0] = 21 [ 62.280345] IPVS: ftp: loaded support on port[0] = 21 [ 62.333797] IPVS: ftp: loaded support on port[0] = 21 [ 62.333806] IPVS: ftp: loaded support on port[0] = 21 [ 62.404389] IPVS: ftp: loaded support on port[0] = 21 [ 62.513836] chnl_net:caif_netlink_parms(): no params data found [ 62.606540] chnl_net:caif_netlink_parms(): no params data found [ 62.625532] chnl_net:caif_netlink_parms(): no params data found [ 62.660363] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.667180] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.674827] device bridge_slave_0 entered promiscuous mode [ 62.682997] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.689427] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.696568] device bridge_slave_1 entered promiscuous mode [ 62.755182] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.763399] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.770931] device bridge_slave_0 entered promiscuous mode [ 62.782705] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.789143] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.796208] device bridge_slave_1 entered promiscuous mode [ 62.836022] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.845345] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.890096] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.903561] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.923449] chnl_net:caif_netlink_parms(): no params data found [ 62.937497] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.944207] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.951268] device bridge_slave_0 entered promiscuous mode [ 62.962730] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.969654] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.976924] device bridge_slave_1 entered promiscuous mode [ 62.994029] chnl_net:caif_netlink_parms(): no params data found [ 63.017091] team0: Port device team_slave_0 added [ 63.028630] team0: Port device team_slave_1 added [ 63.034442] team0: Port device team_slave_0 added [ 63.064055] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.073465] team0: Port device team_slave_1 added [ 63.097687] chnl_net:caif_netlink_parms(): no params data found [ 63.107041] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.140330] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.146795] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.154181] device bridge_slave_0 entered promiscuous mode [ 63.219999] device hsr_slave_0 entered promiscuous mode [ 63.258675] device hsr_slave_1 entered promiscuous mode [ 63.298742] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.305156] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.312628] device bridge_slave_0 entered promiscuous mode [ 63.323627] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.330196] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.337240] device bridge_slave_1 entered promiscuous mode [ 63.363033] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.370136] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.377086] device bridge_slave_1 entered promiscuous mode [ 63.439707] device hsr_slave_0 entered promiscuous mode [ 63.498120] device hsr_slave_1 entered promiscuous mode [ 63.569454] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.578179] team0: Port device team_slave_0 added [ 63.602223] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.611426] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.625194] team0: Port device team_slave_1 added [ 63.639764] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 63.667415] team0: Port device team_slave_0 added [ 63.675743] team0: Port device team_slave_1 added [ 63.681530] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.688448] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.695460] device bridge_slave_0 entered promiscuous mode [ 63.702723] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.709377] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.716505] device bridge_slave_1 entered promiscuous mode [ 63.761290] team0: Port device team_slave_0 added [ 63.772783] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 63.795271] team0: Port device team_slave_1 added [ 63.870500] device hsr_slave_0 entered promiscuous mode [ 63.928344] device hsr_slave_1 entered promiscuous mode [ 63.974618] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 64.029919] device hsr_slave_0 entered promiscuous mode [ 64.090372] device hsr_slave_1 entered promiscuous mode [ 64.180657] device hsr_slave_0 entered promiscuous mode [ 64.248249] device hsr_slave_1 entered promiscuous mode [ 64.303425] team0: Port device team_slave_0 added [ 64.314098] team0: Port device team_slave_1 added [ 64.328211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.351708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.383379] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.450771] device hsr_slave_0 entered promiscuous mode [ 64.498136] device hsr_slave_1 entered promiscuous mode [ 64.540882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.549147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.556201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.564279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.572374] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.579070] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.586829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.598758] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.614970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.622134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.646742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.655291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.663116] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.669667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.677125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.685587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.693898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.702034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.710126] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.716460] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.748293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.756581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.765281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.773174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.781302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.789315] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.795689] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.803059] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.811254] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.819236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.826921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.834690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.842301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.850148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.858139] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.865623] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.873427] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.881496] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.888816] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.923293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.931215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.940093] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.947594] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.975504] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.986686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.995617] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.012082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.018701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.026338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.048554] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.061978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.074457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.092560] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.112746] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.121802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.130002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.137179] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.145542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.153208] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.159594] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.166828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.173898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.181208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.196778] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.203804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.211584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.223067] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.233571] audit: type=1400 audit(1560771040.399:40): avc: denied { associate } for pid=7564 comm="syz-executor.2" name="syz2" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 65.258509] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.264872] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.282435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.291974] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.326968] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.337745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.367130] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.373596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.384138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.392459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.400459] WARNING: CPU: 1 PID: 7302 at fs/notify/fanotify/fanotify.c:274 fanotify_handle_event+0x564/0xb27 [ 65.411013] Kernel panic - not syncing: panic_on_warn set ... [ 65.417130] CPU: 1 PID: 7302 Comm: rs:main Q:Reg Not tainted 5.0.0-rc4+ #1 [ 65.424135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.433756] Call Trace: [ 65.436421] dump_stack+0x113/0x167 [ 65.440149] ? fanotify_handle_event+0x564/0xb27 [ 65.444930] panic+0x212/0x40b [ 65.448129] ? __warn_printk+0xd6/0xd6 [ 65.452019] ? current_time+0xc3/0x120 [ 65.455898] __warn.cold.8+0x1b/0x38 [ 65.459614] ? fanotify_handle_event+0x564/0xb27 [ 65.464370] report_bug+0x1a4/0x200 [ 65.468018] do_error_trap+0x11b/0x200 [ 65.471939] do_invalid_op+0x36/0x40 [ 65.475875] ? fanotify_handle_event+0x564/0xb27 [ 65.480632] invalid_op+0x14/0x20 [ 65.484303] RIP: 0010:fanotify_handle_event+0x564/0xb27 [ 65.489665] Code: 0f b6 0c 29 45 84 c9 74 0a 41 80 f9 03 0f 8e 4e 04 00 00 41 8b 7e 40 41 89 c2 41 09 fa 74 0b 89 45 98 89 7d 9c e9 09 fd ff ff <0f> 0b 41 83 c7 01 49 83 c0 08 41 83 ff 03 0f 85 52 ff ff ff 31 ff [ 65.508569] RSP: 0018:ffff888082967b80 EFLAGS: 00010246 [ 65.513937] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffff888096834850 [ 65.521209] RDX: 0000000000000004 RSI: ffff88807c142830 RDI: 0000000000000000 [ 65.528577] RBP: ffff888082967cc0 R08: ffff888082967d78 R09: 0000000000000000 [ 65.535849] R10: 0000000000000000 R11: 0000000000400000 R12: 0000000000000000 [ 65.543118] R13: dffffc0000000000 R14: ffff88808215cd98 R15: 0000000000000002 [ 65.550414] ? fanotify_alloc_event+0xd10/0xd10 [ 65.555080] ? mark_held_locks+0x130/0x130 [ 65.559318] ? __lock_is_held+0xb5/0x140 [ 65.563869] fsnotify+0x537/0xab0 [ 65.567312] ? fsnotify_first_mark+0x130/0x130 [ 65.571879] ? rcu_lockdep_current_cpu_online+0xe5/0x130 [ 65.577320] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 65.582077] ? __sb_start_write+0x1f3/0x2a0 [ 65.586397] vfs_write+0x38c/0x4e0 [ 65.589935] ksys_write+0xcd/0x1b0 [ 65.593459] ? __ia32_sys_read+0xa0/0xa0 [ 65.597513] ? do_syscall_64+0x21/0x4d0 [ 65.601526] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.606898] __x64_sys_write+0x6e/0xb0 [ 65.610886] do_syscall_64+0xd0/0x4d0 [ 65.614711] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.619910] RIP: 0033:0x7f5e5b8b319d [ 65.623625] Code: d1 20 00 00 75 10 b8 01 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 be fa ff ff 48 89 04 24 b8 01 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 07 fb ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 65.642522] RSP: 002b:00007f5e59e54000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 65.650254] RAX: ffffffffffffffda RBX: 00000000000000e4 RCX: 00007f5e5b8b319d [ 65.657528] RDX: 00000000000000e4 RSI: 00000000014d7a90 RDI: 0000000000000005 [ 65.664947] RBP: 00000000014d7a90 R08: 31203731206e754a R09: 2030343a30333a31 [ 65.672222] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 65.679484] R13: 00007f5e59e54480 R14: 0000000000000002 R15: 00000000014d7890 [ 65.688317] Kernel Offset: disabled [ 65.692002] Rebooting in 86400 seconds..