[....] Starting enhanced syslogd: rsyslogd[ 17.221853] audit: type=1400 audit(1520695969.101:5): avc: denied { syslog } for pid=4088 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.107395] audit: type=1400 audit(1520695974.987:6): avc: denied { map } for pid=4229 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts. executing program executing program executing program [ 29.443413] audit: type=1400 audit(1520695981.323:7): avc: denied { map } for pid=4243 comm="syzkaller725999" path="/root/syzkaller725999096" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 29.494890] kasan: CONFIG_KASAN_INLINE enabled [ 29.499616] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 29.507342] general protection fault: 0000 [#1] SMP KASAN [ 29.512880] Dumping ftrace buffer: [ 29.516403] (ftrace buffer empty) [ 29.520093] Modules linked in: [ 29.523266] CPU: 0 PID: 4245 Comm: syzkaller725999 Not tainted 4.16.0-rc4+ #348 [ 29.530687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.540048] RIP: 0010:ucma_query_route+0x15e/0x1080 [ 29.545059] RSP: 0018:ffff8801af29f910 EFLAGS: 00010202 [ 29.550425] RAX: dffffc0000000000 RBX: 1ffff10035e53f26 RCX: 0000000000000000 [ 29.557692] RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffff8801cb070bb0 [ 29.564956] RBP: ffff8801af29fac0 R08: ffffed0035e53f4b R09: ffff8801af29f990 [ 29.572218] R10: 0000000000000000 R11: ffffed0035e53f4a R12: ffff8801cb070b40 [ 29.579481] R13: ffff8801af29f990 R14: 0000000000000020 R15: 0000000000000000 [ 29.586756] FS: 00007fb3e61b1700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 29.594977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.600857] CR2: 00007fb3e618fe78 CR3: 00000001af5a9005 CR4: 00000000001606f0 [ 29.608125] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.615389] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.622659] Call Trace: [ 29.625266] ? ucma_leave_multicast+0x860/0x860 [ 29.629950] ? lock_downgrade+0x980/0x980 [ 29.634181] ucma_write+0x2d6/0x3d0 [ 29.637804] ? ucma_write+0x2d6/0x3d0 [ 29.641613] ? ucma_leave_multicast+0x860/0x860 [ 29.646285] ? ucma_resolve_route+0x1a0/0x1a0 [ 29.650804] ? ucma_resolve_route+0x1a0/0x1a0 [ 29.655299] __vfs_write+0xef/0x970 [ 29.658924] ? rcu_note_context_switch+0x710/0x710 [ 29.663855] ? kernel_read+0x120/0x120 [ 29.667750] ? __might_sleep+0x95/0x190 [ 29.671734] ? _cond_resched+0x14/0x30 [ 29.675616] ? __inode_security_revalidate+0xd9/0x130 [ 29.680812] ? avc_policy_seqno+0x9/0x20 [ 29.684868] ? selinux_file_permission+0x82/0x460 [ 29.689740] ? security_file_permission+0x89/0x1e0 [ 29.694684] ? rw_verify_area+0xe5/0x2b0 [ 29.698743] ? __fdget_raw+0x20/0x20 [ 29.702464] vfs_write+0x189/0x510 [ 29.706017] SyS_write+0xef/0x220 [ 29.709465] ? exit_to_usermode_loop+0x198/0x2f0 [ 29.714228] ? SyS_read+0x220/0x220 [ 29.717861] ? do_syscall_64+0xb7/0x940 [ 29.721836] ? SyS_read+0x220/0x220 [ 29.725466] do_syscall_64+0x281/0x940 [ 29.729351] ? __do_page_fault+0xc90/0xc90 [ 29.733580] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.738074] ? finish_task_switch+0x1c1/0x7e0 [ 29.742575] ? syscall_return_slowpath+0x550/0x550 [ 29.747503] ? syscall_return_slowpath+0x2ac/0x550 [ 29.752430] ? prepare_exit_to_usermode+0x350/0x350 [ 29.757443] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.762813] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.767683] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.772866] RIP: 0033:0x4457a9 [ 29.776047] RSP: 002b:00007fb3e61b0da8 EFLAGS: 00000297 ORIG_RAX: 0000000000000001 [ 29.783752] RAX: ffffffffffffffda RBX: 00000000006dac5c RCX: 00000000004457a9 [ 29.791022] RDX: 0000000000000018 RSI: 00000000200027c0 RDI: 000000000000000d [ 29.798297] RBP: 00000000006dac58 R08: 0000000000000000 R09: 0000000000000000 [ 29.805582] R10: 0000000000000000 R11: 0000000000000297 R12: 006d635f616d6472 [ 29.812857] R13: 2f646e6162696e69 R14: 666e692f7665642f R15: 0000000000000006 [ 29.820175] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bb 0c 00 00 4d 8b 7c 24 70 48 b8 00 00 00 00 00 fc ff df 4d 8d 77 20 4c 89 f2 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 [ 29.839545] RIP: ucma_query_route+0x15e/0x1080 RSP: ffff8801af29f910 executing program [ 29.846240] ---[ end trace 72b57b773bd012e1 ]--- [ 29.851046] Kernel panic - not syncing: Fatal exception [ 29.856987] Dumping ftrace buffer: [ 29.860542] (ftrace buffer empty) [ 29.864255] Kernel Offset: disabled [ 29.867906] Rebooting in 86400 seconds..