[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 9.430898] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.311509] random: sshd: uninitialized urandom read (32 bytes read) [ 34.350319] random: crng init done Warning: Permanently added '10.128.0.100' (ECDSA) to the list of known hosts. 2018/11/28 07:23:20 parsed 1 programs 2018/11/28 07:23:21 executed programs: 0 [ 43.930790] audit: type=1400 audit(1543389802.736:5): avc: denied { associate } for pid=2065 comm="syz-executor0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2018/11/28 07:23:26 executed programs: 533 2018/11/28 07:23:31 executed programs: 1159 [ 54.451945] ================================================================== [ 54.459338] BUG: KASAN: user-memory-access in n_tty_set_termios+0xf6/0xd30 [ 54.466327] Write of size 512 at addr 0000000000001060 by task syz-executor0/7501 [ 54.473918] [ 54.475524] CPU: 0 PID: 7501 Comm: syz-executor0 Not tainted 4.9.141+ #69 [ 54.482425] ffff8801c7b7f708 ffffffff81b42e79 0000000000001060 0000000000000200 [ 54.490438] 0000000000000001 000000000000005d ffff8801c7b7f848 ffff8801c7b7f750 [ 54.498441] ffffffff81500bed ffffffff81d2f7b6 0000000000000286 b2386a01248cb711 [ 54.506447] Call Trace: [ 54.509016] [] dump_stack+0xc1/0x128 [ 54.514362] [] kasan_report.cold.6+0x6d/0x2fe [ 54.520483] [] ? n_tty_set_termios+0xf6/0xd30 [ 54.526888] [] check_memory_region+0x14d/0x1b0 [ 54.533101] [] memset+0x23/0x40 [ 54.538015] [] n_tty_set_termios+0xf6/0xd30 [ 54.543961] [] ? process_echoes+0x150/0x150 [ 54.549906] [] tty_set_termios+0x626/0x8a0 [ 54.555768] [] ? tty_wait_until_sent+0x4d0/0x4d0 [ 54.562155] [] set_termios+0x311/0x520 [ 54.567666] [] ? __tty_perform_flush+0x220/0x220 [ 54.574050] [] ? ldsem_down_read+0x32/0x40 [ 54.579909] [] tty_mode_ioctl+0x8c2/0x980 [ 54.585682] [] ? tty_perform_flush+0x80/0x80 [ 54.591719] [] ? __ldsem_down_read_nested+0xce/0x610 [ 54.598451] [] ? ldsem_down_read+0x32/0x40 [ 54.604311] [] ? __ldsem_wake+0x330/0x330 [ 54.610080] [] n_tty_ioctl_helper+0x44/0x370 [ 54.616112] [] n_tty_ioctl+0x46/0x2e0 [ 54.621541] [] ? ldsem_down_read+0x32/0x40 [ 54.627488] [] tty_ioctl+0x440/0x2190 [ 54.632914] [] ? n_tty_receive_buf+0x40/0x40 [ 54.638949] [] ? no_tty+0xa0/0xa0 [ 54.644031] [] ? avc_ss_reset+0x110/0x110 [ 54.650166] [] ? __lock_acquire+0x654/0x4a10 [ 54.656207] [] ? __fget+0x23b/0x3d0 [ 54.661459] [] ? __might_sleep+0x95/0x1a0 [ 54.667229] [] ? no_tty+0xa0/0xa0 [ 54.672430] [] do_vfs_ioctl+0x1ac/0x11a0 [ 54.678117] [] ? ioctl_preallocate+0x220/0x220 [ 54.684322] [] ? selinux_parse_skb.constprop.42+0x1a90/0x1a90 [ 54.691831] [] ? check_preemption_disabled+0x3b/0x200 [ 54.698644] [] ? __fget+0x214/0x3d0 [ 54.703893] [] ? __fget+0x23b/0x3d0 [ 54.709514] [] ? __fget+0x47/0x3d0 [ 54.714677] [] ? security_file_ioctl+0x8f/0xc0 [ 54.720880] [] SyS_ioctl+0x8f/0xc0 [ 54.726043] [] ? do_vfs_ioctl+0x11a0/0x11a0 [ 54.731985] [] do_syscall_64+0x19f/0x550 [ 54.737671] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 54.744569] ================================================================== [ 54.751898] Disabling lock debugging due to kernel taint [ 54.757553] Kernel panic - not syncing: panic_on_warn set ... [ 54.757553] [ 54.765058] CPU: 0 PID: 7501 Comm: syz-executor0 Tainted: G B 4.9.141+ #69 [ 54.773172] ffff8801c7b7f630 ffffffff81b42e79 ffffffff82e37630 00000000ffffffff [ 54.781164] 0000000000000000 0000000000000000 ffff8801c7b7f848 ffff8801c7b7f6f0 [ 54.789338] ffffffff813f7125 0000000041b58ab3 ffffffff82e2b62b ffffffff813f6f66 [ 54.797330] Call Trace: [ 54.799896] [] dump_stack+0xc1/0x128 [ 54.805237] [] panic+0x1bf/0x39f [ 54.810226] [] ? add_taint.cold.5+0x16/0x16 [ 54.816175] [] ? ___preempt_schedule+0x16/0x18 [ 54.822394] [] kasan_end_report+0x47/0x4f [ 54.828167] [] kasan_report.cold.6+0x76/0x2fe [ 54.834300] [] ? n_tty_set_termios+0xf6/0xd30 [ 54.840428] [] check_memory_region+0x14d/0x1b0 [ 54.846634] [] memset+0x23/0x40 [ 54.851540] [] n_tty_set_termios+0xf6/0xd30 [ 54.857484] [] ? process_echoes+0x150/0x150 [ 54.863428] [] tty_set_termios+0x626/0x8a0 [ 54.869289] [] ? tty_wait_until_sent+0x4d0/0x4d0 [ 54.875669] [] set_termios+0x311/0x520 [ 54.881182] [] ? __tty_perform_flush+0x220/0x220 [ 54.887940] [] ? ldsem_down_read+0x32/0x40 [ 54.893799] [] tty_mode_ioctl+0x8c2/0x980 [ 54.899573] [] ? tty_perform_flush+0x80/0x80 [ 54.905606] [] ? __ldsem_down_read_nested+0xce/0x610 [ 54.912333] [] ? ldsem_down_read+0x32/0x40 [ 54.918193] [] ? __ldsem_wake+0x330/0x330 [ 54.923967] [] n_tty_ioctl_helper+0x44/0x370 [ 54.929997] [] n_tty_ioctl+0x46/0x2e0 [ 54.935433] [] ? ldsem_down_read+0x32/0x40 [ 54.941296] [] tty_ioctl+0x440/0x2190 [ 54.946729] [] ? n_tty_receive_buf+0x40/0x40 [ 54.952762] [] ? no_tty+0xa0/0xa0 [ 54.957838] [] ? avc_ss_reset+0x110/0x110 [ 54.963611] [] ? __lock_acquire+0x654/0x4a10 [ 54.969645] [] ? __fget+0x23b/0x3d0 [ 54.974900] [] ? __might_sleep+0x95/0x1a0 [ 54.980672] [] ? no_tty+0xa0/0xa0 [ 54.985752] [] do_vfs_ioctl+0x1ac/0x11a0 [ 54.991440] [] ? ioctl_preallocate+0x220/0x220 [ 54.997647] [] ? selinux_parse_skb.constprop.42+0x1a90/0x1a90 [ 55.005467] [] ? check_preemption_disabled+0x3b/0x200 [ 55.012366] [] ? __fget+0x214/0x3d0 [ 55.017626] [] ? __fget+0x23b/0x3d0 [ 55.022874] [] ? __fget+0x47/0x3d0 [ 55.028046] [] ? security_file_ioctl+0x8f/0xc0 [ 55.034341] [] SyS_ioctl+0x8f/0xc0 [ 55.039509] [] ? do_vfs_ioctl+0x11a0/0x11a0 [ 55.045457] [] do_syscall_64+0x19f/0x550 [ 55.051146] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 55.058088] Kernel Offset: disabled [ 55.061704] Rebooting in 86400 seconds..