[   37.727280] audit: type=1400 audit(1576181271.920:37): avc:  denied  { map } for  pid=6673 comm="syz-fuzzer" path="/root/syzkaller-shm052133982" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   37.970940] IPVS: ftp: loaded support on port[0] = 21
[   39.098719] can: request_module (can-proto-0) failed.
[   39.107989] can: request_module (can-proto-0) failed.
[   39.262544] audit: type=1400 audit(1576181273.460:38): avc:  denied  { create } for  pid=6673 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
[   39.286709] audit: type=1400 audit(1576181273.460:39): avc:  denied  { create } for  pid=6673 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   39.311259] audit: type=1400 audit(1576181273.460:40): avc:  denied  { create } for  pid=6673 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[   39.467883] random: sshd: uninitialized urandom read (32 bytes read)
[   40.209026] random: sshd: uninitialized urandom read (32 bytes read)
[   40.407833] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.15.201' (ECDSA) to the list of known hosts.
2019/12/12 20:08:00 parsed 1 programs
2019/12/12 20:08:00 executed programs: 0
[   46.352221] IPVS: ftp: loaded support on port[0] = 21
[   47.215296] chnl_net:caif_netlink_parms(): no params data found
[   47.249489] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.257100] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.264217] device bridge_slave_0 entered promiscuous mode
[   47.273691] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.280456] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.287424] device bridge_slave_1 entered promiscuous mode
[   47.295318] IPVS: ftp: loaded support on port[0] = 21
[   47.316944] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   47.328421] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   47.353683] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   47.361170] team0: Port device team_slave_0 added
[   47.369375] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   47.377563] team0: Port device team_slave_1 added
[   47.382955] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   47.392387] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   47.452492] device hsr_slave_0 entered promiscuous mode
[   47.510327] device hsr_slave_1 entered promiscuous mode
[   47.570685] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   47.579860] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   47.621803] IPVS: ftp: loaded support on port[0] = 21
[   47.632188] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.639652] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.647439] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.653862] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.664884] chnl_net:caif_netlink_parms(): no params data found
[   47.698242] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.705509] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.712836] device bridge_slave_0 entered promiscuous mode
[   47.731911] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.738531] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.746142] device bridge_slave_1 entered promiscuous mode
[   47.767840] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   47.778491] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   47.792884] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   47.799393] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.815477] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   47.822802] team0: Port device team_slave_0 added
[   47.830314] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   47.837547] team0: Port device team_slave_1 added
[   47.843571] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   47.851170] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   47.868883] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   47.879429] IPVS: ftp: loaded support on port[0] = 21
[   47.911916] device hsr_slave_0 entered promiscuous mode
[   47.950374] device hsr_slave_1 entered promiscuous mode
[   47.995984] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   48.004313] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   48.013520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.021651] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.028681] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.038889] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   48.045080] 8021q: adding VLAN 0 to HW filter on device team0
[   48.057399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.065322] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.071706] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.102330] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   48.151079] IPVS: ftp: loaded support on port[0] = 21
[   48.164920] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.174591] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.181331] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.196731] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   48.208196] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.221626] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   48.232230] chnl_net:caif_netlink_parms(): no params data found
[   48.249461] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   48.259205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   48.268518] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   48.276289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.284526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.292036] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   48.299137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   48.329796] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   48.348993] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.356912] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.365541] device bridge_slave_0 entered promiscuous mode
[   48.372927] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.379274] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.388328] device bridge_slave_1 entered promiscuous mode
[   48.453198] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.466962] chnl_net:caif_netlink_parms(): no params data found
[   48.485261] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   48.499797] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.511593] IPVS: ftp: loaded support on port[0] = 21
[   48.526957] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   48.538348] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   48.598898] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   48.629676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   48.638134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.673577] kasan: CONFIG_KASAN_INLINE enabled
[   48.673828] kobject: 'tx-8' (ffff8880a0c71e98): kobject_uevent_env
[   48.679327] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   48.679346] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   48.679350] Modules linked in:
[   48.679357] CPU: 0 PID: 6799 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[   48.679360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.679362] task: ffff8880a1786040 task.stack: ffff888086bd8000
[   48.679374] RIP: 0010:do_blockdev_direct_IO+0x18fb/0x6bf0
[   48.685804] kobject: 'tx-8' (ffff8880a0c71e98): fill_kobj_path: path = '/devices/virtual/net/team0/queues/tx-8'
[   48.693022] RSP: 0018:ffff888086bdf490 EFLAGS: 00010202
[   48.693027] RAX: 0000000000000004 RBX: ffffea00027ffe1c RCX: 000000000000000c
[   48.693029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000020
[   48.693031] RBP: ffff888086bdf7a0 R08: 0000000000000000 R09: ffff888096613dc0
[   48.693033] R10: ffffed1012cc27c8 R11: 0000000000000000 R12: dffffc0000000000
[   48.693035] R13: 0000000000000000 R14: ffffea00027ffe00 R15: ffff888088c5fa40
[   48.693038] FS:  00007ff26fab1700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
[   48.693040] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   48.693042] CR2: 0000000020788ffc CR3: 00000000a0eea000 CR4: 00000000001406f0
[   48.693047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   48.702219] kobject: 'tx-9' (ffff8880a0c72018): kobject_add_internal: parent: 'queues', set: 'queues'
[   48.703686] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   48.711828] kobject: 'tx-9' (ffff8880a0c72018): kobject_uevent_env
[   48.721138] Call Trace:
[   48.721159]  ? sb_init_dio_done_wq+0x60/0x60
[   48.721172]  ? ext4_dio_get_block_unwritten_sync+0xb0/0xb0
[   48.721178]  ? ext4_direct_IO+0xf70/0x1a90
[   48.721184]  ? lock_downgrade+0x7f0/0x7f0
[   48.721188]  __blockdev_direct_IO+0x72/0xd9
[   48.721194]  ext4_direct_IO+0x651/0x1a90
[   48.721203]  generic_file_direct_write+0x1ee/0x410
[   48.727811] kobject: 'tx-9' (ffff8880a0c72018): fill_kobj_path: path = '/devices/virtual/net/team0/queues/tx-9'
[   48.732965]  __generic_file_write_iter+0x270/0x580
[   48.732972]  ext4_file_write_iter+0x279/0xe70
[   48.732977]  ? __lock_is_held+0xb5/0x140
[   48.732982]  ? ext4_file_mmap+0x260/0x260
[   48.732990]  ? __might_sleep+0x93/0xb0
[   48.743925] kobject: 'tx-10' (ffff8880a0c72198): kobject_add_internal: parent: 'queues', set: 'queues'
[   48.748904]  do_iter_readv_writev+0x460/0x900
[   48.748912]  ? selinux_file_permission+0x31f/0x3e0
[   48.748916]  ? vfs_dedupe_file_range+0x800/0x800
[   48.748921]  ? rw_verify_area+0xb8/0x2b0
[   48.748927]  do_iter_write+0x12b/0x520
[   48.757208] kobject: 'tx-10' (ffff8880a0c72198): kobject_uevent_env
[   48.764451]  ? rcu_read_lock_sched_held+0x108/0x120
[   48.764458]  ? __kmalloc+0x36d/0x7b0
[   48.764464]  vfs_iter_write+0x5b/0xb0
[   48.764470]  iter_file_splice_write+0x540/0xc20
[   48.764477]  ? default_file_splice_read+0x820/0x820
[   48.772183] kobject: 'tx-10' (ffff8880a0c72198): fill_kobj_path: path = '/devices/virtual/net/team0/queues/tx-10'
[   48.779334]  ? rcu_sync_lockdep_assert+0x6d/0xb0
[   48.779339]  ? __sb_start_write+0x1f3/0x2a0
[   48.779346]  SyS_splice+0x6e9/0x1580
[   48.787331] kobject: 'tx-11' (ffff8880a0c72318): kobject_add_internal: parent: 'queues', set: 'queues'
[   48.795219]  ? put_timespec64+0xa4/0xf0
[   48.795224]  ? nsecs_to_jiffies+0x20/0x20
[   48.795231]  ? compat_SyS_vmsplice+0x1e0/0x1e0
[   48.795237]  ? do_syscall_64+0x4c/0x5b0
[   48.795241]  ? compat_SyS_vmsplice+0x1e0/0x1e0
[   48.795244]  do_syscall_64+0x1c7/0x5b0
[   48.795247]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   48.795253]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   48.795257] RIP: 0033:0x459a59
[   48.795263] RSP: 002b:00007ff26fab0c78 EFLAGS: 00000246
[   48.801557] kobject: 'tx-11' (ffff8880a0c72318): kobject_uevent_env
[   48.808601]  ORIG_RAX: 0000000000000113
[   48.808604] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000459a59
[   48.808606] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000004
[   48.808608] RBP: 000000000075bf20 R08: 00000000ffffffff R09: 0000000000000000
[   48.808610] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff26fab16d4
[   48.808612] R13: 00000000004c954e R14: 00000000004dffb0 R15: 00000000ffffffff
[   48.808620] Code: 
[   48.816422] kobject: 'tx-11' (ffff8880a0c72318): fill_kobj_path: path = '/devices/virtual/net/team0/queues/tx-11'
[   48.825315] ff ff 48 8b bc 24 e0 00 00 00 48 c7 c6 00 84 94 86 e8 4a fc e0 ff 0f 0b 48 8b 84 24 e0 00 00 00 48 8d 78 20 48 89 f8 48 c1 e8 03 <42> 80 
[   48.833041] kobject: 'tx-12' (ffff8880a0c72498): kobject_add_internal: parent: 'queues', set: 'queues'
[   48.839078] 3c 20 00 0f 85 f3 44 00 00 48 8b 9c 24 e0 00 00 00 48 8b 
[   48.839109] RIP: do_blockdev_direct_IO+0x18fb/0x6bf0 RSP: ffff888086bdf490
[   48.839638] ---[ end trace 1a548b184461a58b ]---
[   48.844249] kobject: 'tx-12' (ffff8880a0c72498): kobject_uevent_env
[   48.846207] Kernel panic - not syncing: Fatal exception
[   48.851964] kobject: 'tx-12' (ffff8880a0c72498): fill_kobj_path: path = '/devices/virtual/net/team0/queues/tx-12'
[   48.858160] Kernel Offset: disabled
[   49.176077] Rebooting in 86400 seconds..