[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [ 25.282831][ T24] audit: type=1800 audit(1561130020.020:33): pid=6848 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 25.305475][ T24] audit: type=1800 audit(1561130020.020:34): pid=6848 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 68.929135][ T24] audit: type=1400 audit(1561130063.670:35): avc: denied { map } for pid=7031 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts. [ 168.276469][ T24] audit: type=1400 audit(1561130163.010:36): avc: denied { map } for pid=7043 comm="syz-executor301" path="/root/syz-executor301110382" dev="sda1" ino=16461 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program [ 174.980522][ T7044] FAULT_INJECTION: forcing a failure. [ 174.980522][ T7044] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 174.994379][ T7044] CPU: 1 PID: 7044 Comm: syz-executor301 Not tainted 5.2.0-rc5+ #39 [ 175.002762][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.012801][ T7044] Call Trace: [ 175.016124][ T7044] dump_stack+0xaa/0xd6 [ 175.020273][ T7044] should_fail.cold+0x3c/0x49 [ 175.024928][ T7044] should_fail_alloc_page+0x50/0x60 [ 175.030152][ T7044] __alloc_pages_nodemask+0xd2/0x310 [ 175.035424][ T7044] alloc_pages_vma+0x9a/0x260 [ 175.040120][ T7044] wp_page_copy+0xc6/0xa30 [ 175.044627][ T7044] ? reuse_swap_page+0x200/0x550 [ 175.049556][ T7044] do_wp_page+0x1ee/0x770 [ 175.053907][ T7044] __handle_mm_fault+0xeae/0x1810 [ 175.059149][ T7044] handle_mm_fault+0x140/0x2f0 [ 175.063903][ T7044] __do_page_fault+0x2f1/0x630 [ 175.068644][ T7044] do_page_fault+0x4e/0x16b [ 175.073129][ T7044] ? page_fault+0x8/0x30 [ 175.077451][ T7044] page_fault+0x1e/0x30 [ 175.081597][ T7044] RIP: 0033:0x40fdb6 [ 175.085466][ T7044] Code: 08 48 8b 11 48 83 fa 03 0f 84 a6 00 00 00 48 83 fa 04 74 78 48 83 fa 02 74 4a 48 83 e9 20 48 85 c0 75 d6 49 8b 45 00 48 85 c0 <48> 89 45 00 0f 85 9d 00 00 00 45 84 e4 74 20 b8 c8 0f 4c 00 48 3d [ 175.105195][ T7044] RSP: 002b:00007fff4752e680 EFLAGS: 00010246 [ 175.111239][ T7044] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000006f3190 [ 175.119357][ T7044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1008 [ 175.127312][ T7044] RBP: 00000000006cd0a0 R08: 00000000200001c0 R09: 0000000000000000 [ 175.135279][ T7044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.143914][ T7044] R13: 00000000006f31a0 R14: 0000000000000000 R15: 0000000000000000 [ 175.152009][ T7044] syz-executor301 invoked oom-killer: gfp_mask=0x0(), order=0, oom_score_adj=1000 [ 175.161488][ T7044] CPU: 1 PID: 7044 Comm: syz-executor301 Not tainted 5.2.0-rc5+ #39 [ 175.169568][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.179701][ T7044] Call Trace: [ 175.182969][ T7044] dump_stack+0xaa/0xd6 [ 175.187101][ T7044] dump_header+0x57/0x36d [ 175.191411][ T7044] ? find_lock_task_mm+0x5b/0xa0 [ 175.196364][ T7044] ? preempt_count_add+0x80/0xc0 [ 175.201360][ T7044] ? _raw_spin_unlock_irqrestore+0x33/0x50 [ 175.207167][ T7044] oom_kill_process.cold+0x10/0x15 [ 175.212251][ T7044] out_of_memory+0x38f/0x610 [ 175.216862][ T7044] pagefault_out_of_memory+0x80/0x93 [ 175.222225][ T7044] mm_fault_error+0x8f/0x1f0 [ 175.226800][ T7044] __do_page_fault+0x5ed/0x630 [ 175.231806][ T7044] do_page_fault+0x4e/0x16b [ 175.236298][ T7044] ? page_fault+0x8/0x30 [ 175.240517][ T7044] page_fault+0x1e/0x30 [ 175.244650][ T7044] RIP: 0033:0x40fdb6 [ 175.248520][ T7044] Code: 08 48 8b 11 48 83 fa 03 0f 84 a6 00 00 00 48 83 fa 04 74 78 48 83 fa 02 74 4a 48 83 e9 20 48 85 c0 75 d6 49 8b 45 00 48 85 c0 <48> 89 45 00 0f 85 9d 00 00 00 45 84 e4 74 20 b8 c8 0f 4c 00 48 3d [ 175.268305][ T7044] RSP: 002b:00007fff4752e680 EFLAGS: 00010246 [ 175.274348][ T7044] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000006f3190 [ 175.282424][ T7044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1008 [ 175.290376][ T7044] RBP: 00000000006cd0a0 R08: 00000000200001c0 R09: 0000000000000000 [ 175.298788][ T7044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.306740][ T7044] R13: 00000000006f31a0 R14: 0000000000000000 R15: 0000000000000000 [ 175.314849][ T7044] Mem-Info: [ 175.317966][ T7044] active_anon:4340 inactive_anon:202 isolated_anon:0 [ 175.317966][ T7044] active_file:4130 inactive_file:6383 isolated_file:0 [ 175.317966][ T7044] unevictable:0 dirty:245 writeback:0 unstable:0 [ 175.317966][ T7044] slab_reclaimable:4539 slab_unreclaimable:32099 [ 175.317966][ T7044] mapped:1939 shmem:246 pagetables:306 bounce:0 [ 175.317966][ T7044] free:1817068 free_pcp:785 free_cma:0 [ 175.355788][ T7044] Node 0 active_anon:17360kB inactive_anon:808kB active_file:16384kB inactive_file:25532kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:7756kB dirty:980kB writeback:0kB shmem:984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 175.384002][ T7044] Node 1 active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 175.410595][ T7044] Node 0 DMA free:15908kB min:188kB low:232kB high:276kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 175.437555][ T7044] lowmem_reserve[]: 0 2934 3641 3641 [ 175.442892][ T7044] Node 0 DMA32 free:3007652kB min:35552kB low:44440kB high:53328kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3008984kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1332kB local_pcp:0kB free_cma:0kB [ 175.471226][ T7044] lowmem_reserve[]: 0 0 707 707 [ 175.476326][ T7044] Node 0 Normal free:455884kB min:8572kB low:10712kB high:12852kB active_anon:17360kB inactive_anon:808kB active_file:16384kB inactive_file:25532kB unevictable:0kB writepending:980kB present:786432kB managed:724504kB mlocked:0kB kernel_stack:2920kB pagetables:1224kB bounce:0kB free_pcp:2048kB local_pcp:1368kB free_cma:0kB [ 175.506947][ T7044] lowmem_reserve[]: 0 0 0 0 [ 175.511582][ T7044] Node 1 Normal free:3788576kB min:45796kB low:57244kB high:68692kB active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870232kB mlocked:0kB kernel_stack:8kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 175.540897][ T7044] lowmem_reserve[]: 0 0 0 0 [ 175.545665][ T7044] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 175.560158][ T7044] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 3*16kB (M) 5*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 2*1024kB (M) 2*2048kB (M) 732*4096kB (M) = 3007652kB [ 175.576197][ T7044] Node 0 Normal: 1907*4kB (UME) 1341*8kB (UME) 670*16kB (UME) 156*32kB (UME) 17*64kB (UME) 105*128kB (UME) 77*256kB (UME) 47*512kB (ME) 21*1024kB (ME) 5*2048kB (UME) 81*4096kB (M) = 455892kB [ 175.594955][ T7044] Node 1 Normal: 8*4kB (UME) 6*8kB (UE) 5*16kB (UME) 2*32kB (E) 3*64kB (U) 3*128kB (UME) 2*256kB (ME) 3*512kB (ME) 3*1024kB (UM) 1*2048kB (E) 923*4096kB (M) = 3788576kB [ 175.611785][ T7044] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 175.621358][ T7044] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 175.630657][ T7044] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 175.640458][ T7044] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 175.649767][ T7044] 10767 total pagecache pages [ 175.654536][ T7044] 0 pages in swap cache [ 175.658987][ T7044] Swap cache stats: add 0, delete 0, find 0/0 [ 175.665030][ T7044] Free swap = 0kB [ 175.668765][ T7044] Total swap = 0kB [ 175.672555][ T7044] 1965979 pages RAM [ 175.676347][ T7044] 0 pages HighMem/MovableOnly [ 175.681034][ T7044] 61072 pages reserved [ 175.685076][ T7044] 0 pages cma reserved [ 175.689157][ T7044] Unreclaimable slab info: [ 175.693549][ T7044] Name Used Total [ 175.699849][ T7044] SCTPv6 1KB 7KB [ 175.705901][ T7044] DCCPv6 1KB 3KB [ 175.712028][ T7044] DCCP 1KB 6KB [ 175.718079][ T7044] RAWv6 7KB 7KB [ 175.724163][ T7044] UDPv6 2KB 7KB [ 175.730481][ T7044] TCPv6 4KB 13KB [ 175.736605][ T7044] nf_conntrack 2KB 8KB [ 175.742692][ T7044] scsi_sense_cache 1056KB 1060KB [ 175.749035][ T7044] mqueue_inode_cache 0KB 3KB [ 175.755176][ T7044] nfs_read_data 28KB 28KB [ 175.761256][ T7044] UNIX 11KB 28KB [ 175.767435][ T7044] xfrm_dst_cache 0KB 3KB [ 175.773624][ T7044] xfrm_state 2KB 7KB [ 175.779781][ T7044] RAW 4KB 4KB [ 175.785929][ T7044] TCP 4KB 6KB [ 175.792069][ T7044] hugetlbfs_inode_cache 1KB 3KB [ 175.798562][ T7044] eventpoll_pwq 0KB 11KB [ 175.804640][ T7044] request_queue 91KB 97KB [ 175.810702][ T7044] blkdev_ioc 0KB 7KB [ 175.817045][ T7044] biovec-max 544KB 544KB [ 175.823349][ T7044] biovec-128 20KB 20KB [ 175.829488][ T7044] biovec-64 2KB 4KB [ 175.835583][ T7044] dmaengine-unmap-256 2KB 6KB [ 175.841881][ T7044] dmaengine-unmap-128 1KB 7KB [ 175.848108][ T7044] dmaengine-unmap-16 43KB 59KB [ 175.854363][ T7044] dmaengine-unmap-2 0KB 3KB [ 175.860432][ T7044] skbuff_ext_cache 5KB 16KB [ 175.866506][ T7044] skbuff_fclone_cache 9KB 12KB [ 175.872764][ T7044] skbuff_head_cache 3KB 12KB [ 175.879045][ T7044] file_lock_cache 0KB 3KB [ 175.885212][ T7044] shmem_inode_cache 2418KB 2429KB [ 175.891311][ T7044] task_delay_info 18KB 51KB [ 175.897358][ T7044] proc_dir_entry 166KB 169KB [ 175.903553][ T7044] pde_opener 0KB 3KB [ 175.909803][ T7044] kernfs_node_cache 4653KB 4660KB [ 175.915975][ T7044] mnt_cache 13KB 18KB [ 175.922858][ T7044] filp 95KB 444KB [ 175.929723][ T7044] names_cache 100KB 100KB [ 175.936057][ T7044] ebitmap_node 250KB 252KB [ 175.942147][ T7044] avc_xperms_data 1KB 7KB [ 175.948195][ T7044] iint_cache 29KB 35KB [ 175.954552][ T7044] lsm_file_cache 4KB 26KB [ 175.960661][ T7044] vm_area_struct 216KB 675KB [ 175.966706][ T7044] mm_struct 34KB 111KB [ 175.972921][ T7044] fs_cache 2KB 23KB [ 175.979144][ T7044] files_cache 24KB 98KB [ 175.985239][ T7044] signal_cache 209KB 409KB [ 175.991332][ T7044] sighand_cache 396KB 476KB [ 175.997380][ T7044] task_struct 678KB 678KB [ 176.003460][ T7044] cred_jar 49KB 275KB [ 176.009522][ T7044] anon_vma_chain 62KB 284KB [ 176.015569][ T7044] anon_vma 52KB 250KB [ 176.021711][ T7044] pid 26KB 88KB [ 176.027963][ T7044] Acpi-Operand 138KB 141KB [ 176.034050][ T7044] Acpi-Parse 1313KB 1475KB [ 176.040308][ T7044] Acpi-State 37KB 47KB [ 176.046483][ T7044] Acpi-Namespace 17KB 23KB [ 176.052697][ T7044] numa_policy 678KB 683KB [ 176.058830][ T7044] kmemleak_scan_area 51KB 93KB [ 176.064966][ T7044] kmemleak_object 79349KB 85076KB [ 176.071282][ T7044] ftrace_event_field 317KB 319KB [ 176.077569][ T7044] pool_workqueue 36KB 40KB [ 176.083655][ T7044] vmap_area 378KB 533KB [ 176.090198][ T7044] kmalloc-4M 4096KB 4096KB [ 176.096508][ T7044] kmalloc-512k 2048KB 2048KB [ 176.102600][ T7044] kmalloc-256k 256KB 256KB [ 176.108884][ T7044] kmalloc-128k 512KB 512KB [ 176.114925][ T7044] kmalloc-64k 768KB 768KB [ 176.121145][ T7044] kmalloc-32k 640KB 640KB [ 176.127206][ T7044] kmalloc-16k 208KB 208KB [ 176.133306][ T7044] kmalloc-8k 256KB 296KB [ 176.139372][ T7044] kmalloc-4k 2292KB 2340KB [ 176.145507][ T7044] kmalloc-2k 1424KB 1448KB [ 176.152486][ T7044] kmalloc-1k 2729KB 2780KB [ 176.158536][ T7044] kmalloc-512 883KB 904KB [ 176.164618][ T7044] kmalloc-256 1267KB 1268KB [ 176.170686][ T7044] kmalloc-192 376KB 378KB [ 176.176823][ T7044] kmalloc-96 890KB 892KB [ 176.183006][ T7044] kmalloc-64 2409KB 2416KB [ 176.189074][ T7044] kmalloc-32 850KB 879KB [ 176.195122][ T7044] kmalloc-128 450KB 456KB [ 176.201205][ T7044] kmem_cache 63KB 68KB [ 176.207313][ T7044] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/,task=syz-executor301,pid=7044,uid=0 [ 176.221612][ T7044] Out of memory: Killed process 7044 (syz-executor301) total-vm:17656kB, anon-rss:2088kB, file-rss:0kB, shmem-rss:0kB [ 176.234167][ T1067] oom_reaper: reaped process 7044 (syz-executor301), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB executing program [ 182.031006][ T7045] FAULT_INJECTION: forcing a failure. [ 182.031006][ T7045] name failslab, interval 1, probability 0, space 0, times 1 [ 182.043652][ T7045] CPU: 1 PID: 7045 Comm: syz-executor301 Not tainted 5.2.0-rc5+ #39 [ 182.051607][ T7045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 182.061779][ T7045] Call Trace: [ 182.065051][ T7045] dump_stack+0xaa/0xd6 [ 182.069187][ T7045] should_fail.cold+0x3c/0x49 [ 182.073845][ T7045] __should_failslab+0x65/0xa0 [ 182.078617][ T7045] should_failslab+0x9/0x14 [ 182.083279][ T7045] __kmalloc+0x54/0x2c0 [ 182.089149][ T7045] ? mpi_alloc_limb_space+0x29/0x50 [ 182.094347][ T7045] mpi_alloc_limb_space+0x29/0x50 [ 182.099350][ T7045] mpi_powm+0x829/0xdd0 [ 182.103484][ T7045] ? _raw_write_unlock_irqrestore+0x25/0x40 [ 182.109375][ T7045] dh_compute_value+0x160/0x220 [ 182.114204][ T7045] __keyctl_dh_compute+0x447/0x970 [ 182.119302][ T7045] ? fsnotify+0x250/0x4c0 [ 182.123611][ T7045] ? proc_cwd_link+0xe0/0xe0 [ 182.128403][ T7045] keyctl_dh_compute+0x67/0xa6 [ 182.133147][ T7045] __x64_sys_keyctl+0xa5/0x330 [ 182.137889][ T7045] do_syscall_64+0x76/0x1a0 [ 182.142374][ T7045] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 182.148243][ T7045] RIP: 0033:0x441ac9 [ 182.152289][ T7045] Code: e8 dc e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 182.171870][ T7045] RSP: 002b:00007fff4752e6b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 182.180254][ T7045] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441ac9 [ 182.188203][ T7045] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000017 [ 182.196148][ T7045] RBP: 00007fff4752e6f0 R08: 00000000200001c0 R09: 0000000000000000 [ 182.204095][ T7045] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 182.212044][ T7045] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 187.895902][ T7043] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88811f4da200 (size 512): comm "syz-executor301", pid 7045, jiffies 4294955450 (age 7.850s) hex dump (first 32 bytes): ad dc f4 43 66 b0 1a 88 8f 0c 17 d5 86 34 3a 85 ...Cf........4:. e3 63 c8 bf 2e 3b f5 0d 1c ab 63 30 15 fe a1 e9 .c...;....c0.... backtrace: [<00000000d5589961>] __kmalloc+0x161/0x2c0 [<00000000022eaa00>] mpi_alloc_limb_space+0x29/0x50 [<00000000d637c699>] mpihelp_mul_karatsuba_case+0x67/0x460 [<00000000401dc6f9>] mpi_powm+0x7b0/0xdd0 [<00000000be8dcb84>] dh_compute_value+0x160/0x220 [<00000000471846ad>] __keyctl_dh_compute+0x447/0x970 [<000000002f6d650d>] keyctl_dh_compute+0x67/0xa6 [<00000000b798bc7f>] __x64_sys_keyctl+0xa5/0x330 [<000000007a6f9515>] do_syscall_64+0x76/0x1a0 [<00000000057f2768>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88811f4dac00 (size 512): comm "syz-executor301", pid 7045, jiffies 4294955450 (age 7.850s) hex dump (first 32 bytes): 62 72 c4 ae ac af a3 ba e5 24 da a5 30 5e cb c4 br.......$..0^.. a6 46 44 39 76 2e 42 f6 85 6a 5b ad ae 97 4e 83 .FD9v.B..j[...N. backtrace: [<00000000d5589961>] __kmalloc+0x161/0x2c0 [<00000000022eaa00>] mpi_alloc_limb_space+0x29/0x50 [<0000000025804541>] mpihelp_mul_karatsuba_case+0x394/0x460 [<00000000401dc6f9>] mpi_powm+0x7b0/0xdd0 [<00000000be8dcb84>] dh_compute_value+0x160/0x220 [<00000000471846ad>] __keyctl_dh_compute+0x447/0x970 [<000000002f6d650d>] keyctl_dh_compute+0x67/0xa6 [<00000000b798bc7f>] __x64_sys_keyctl+0xa5/0x330 [<000000007a6f9515>] do_syscall_64+0x76/0x1a0 [<00000000057f2768>] entry_SYSCALL_64_after_hwframe+0x44/0xa9