[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   13.051675] audit: type=1400 audit(1513475535.408:6): avc:  denied  { map } for  pid=3130 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-mmots-kasan-gce-1,10.128.15.242' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   19.350332] audit: type=1400 audit(1513475541.707:7): avc:  denied  { map } for  pid=3144 comm="syzkaller265098" path="/root/syzkaller265098237" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   19.356451] ==================================================================
[   19.356473] BUG: KASAN: slab-out-of-bounds in pfkey_add+0x1634/0x3270
[   19.356481] Read of size 8192 at addr ffff8801ccc262d8 by task syzkaller265098/3144
[   19.356485] 
[   19.356495] CPU: 1 PID: 3144 Comm: syzkaller265098 Not tainted 4.15.0-rc2-mm1+ #39
[   19.356501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   19.356506] Call Trace:
[   19.356519]  dump_stack+0x194/0x257
[   19.356534]  ? arch_local_irq_restore+0x53/0x53
[   19.356547]  ? show_regs_print_info+0x18/0x18
[   19.356555]  ? __lock_is_held+0xbc/0x140
[   19.356573]  ? pfkey_add+0x1634/0x3270
[   19.356587]  print_address_description+0x73/0x250
[   19.356598]  ? pfkey_add+0x1634/0x3270
[   19.356609]  kasan_report+0x25b/0x340
[   19.356626]  check_memory_region+0x137/0x190
[   19.356637]  memcpy+0x23/0x50
[   19.356650]  pfkey_add+0x1634/0x3270
[   19.356677]  ? set_ipsecrequest+0x310/0x310
[   19.356691]  ? lock_release+0xda0/0xda0
[   19.356703]  ? set_ipsecrequest+0x310/0x310
[   19.356717]  pfkey_process+0x60b/0x720
[   19.356736]  ? pfkey_send_new_mapping+0x11b0/0x11b0
[   19.356744]  ? kasan_check_write+0x14/0x20
[   19.356786]  ? dup_iter+0x182/0x260
[   19.356808]  pfkey_sendmsg+0x4d6/0x9f0
[   19.356825]  ? pfkey_spdget+0xb00/0xb00
[   19.356840]  ? selinux_socket_sendmsg+0x36/0x40
[   19.356852]  ? security_socket_sendmsg+0x89/0xb0
[   19.356862]  ? pfkey_spdget+0xb00/0xb00
[   19.356876]  sock_sendmsg+0xca/0x110
[   19.356890]  ___sys_sendmsg+0x75b/0x8a0
[   19.356908]  ? copy_msghdr_from_user+0x590/0x590
[   19.356920]  ? lock_downgrade+0x980/0x980
[   19.356958]  ? fget_raw+0x20/0x20
[   19.356970]  ? __handle_mm_fault+0x3dd0/0x3dd0
[   19.356978]  ? vmacache_find+0x5f/0x280
[   19.356999]  ? up_read+0x1a/0x40
[   19.357015]  ? __do_page_fault+0x3d6/0xc90
[   19.357023]  ? get_unused_fd_flags+0x190/0x190
[   19.357045]  ? __fdget+0x18/0x20
[   19.357063]  __sys_sendmsg+0xe5/0x210
[   19.357071]  ? __sys_sendmsg+0xe5/0x210
[   19.357084]  ? SyS_shutdown+0x290/0x290
[   19.357097]  ? __do_page_fault+0xc90/0xc90
[   19.357114]  ? fd_install+0x4d/0x60
[   19.357143]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   19.357163]  SyS_sendmsg+0x2d/0x50
[   19.357179]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   19.357190] RIP: 0033:0x43ff59
[   19.357196] RSP: 002b:00007ffcfa0afab8 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   19.357208] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ff59
[   19.357214] RDX: 0000000000000000 RSI: 00000000205f5000 RDI: 0000000000000003
[   19.357220] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   19.357226] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004018c0
[   19.357232] R13: 0000000000401950 R14: 0000000000000000 R15: 0000000000000000
[   19.357264] 
[   19.357269] Allocated by task 3144:
[   19.357277]  save_stack+0x43/0xd0
[   19.357285]  kasan_kmalloc+0xad/0xe0
[   19.357294]  __kmalloc_node_track_caller+0x47/0x70
[   19.357302]  __kmalloc_reserve.isra.41+0x41/0xd0
[   19.357309]  __alloc_skb+0x13b/0x780
[   19.357317]  pfkey_sendmsg+0x20f/0x9f0
[   19.357323]  sock_sendmsg+0xca/0x110
[   19.357331]  ___sys_sendmsg+0x75b/0x8a0
[   19.357338]  __sys_sendmsg+0xe5/0x210
[   19.357345]  SyS_sendmsg+0x2d/0x50
[   19.357353]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   19.357357] 
[   19.357362] Freed by task 1599:
[   19.357369]  save_stack+0x43/0xd0
[   19.357376]  kasan_slab_free+0x71/0xc0
[   19.357384]  kfree+0xca/0x250
[   19.357392]  skb_free_head+0x74/0xb0
[   19.357399]  skb_release_data+0x58c/0x790
[   19.357406]  skb_release_all+0x4a/0x60
[   19.357413]  consume_skb+0x153/0x490
[   19.357421]  skb_free_datagram+0x1a/0xe0
[   19.357429]  netlink_recvmsg+0x5c6/0x1300
[   19.357436]  sock_recvmsg+0xc9/0x110
[   19.357443]  ___sys_recvmsg+0x29b/0x630
[   19.357451]  __sys_recvmsg+0xe2/0x210
[   19.357458]  SyS_recvmsg+0x2d/0x50
[   19.357466]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   19.357470] 
[   19.357476] The buggy address belongs to the object at ffff8801ccc262c0
[   19.357476]  which belongs to the cache kmalloc-512 of size 512
[   19.357484] The buggy address is located 24 bytes inside of
[   19.357484]  512-byte region [ffff8801ccc262c0, ffff8801ccc264c0)
[   19.357488] The buggy address belongs to the page:
[   19.357497] page:00000000c77ee0e4 count:1 mapcount:0 mapping:000000000c8440c2 index:0xffff8801ccc26a40
[   19.357507] flags: 0x2fffc0000000100(slab)
[   19.357519] raw: 02fffc0000000100 ffff8801ccc26040 ffff8801ccc26a40 0000000100000003
[   19.357528] raw: ffffea0007330860 ffffea0007333ee0 ffff8801dac00940 0000000000000000
[   19.357533] page dumped because: kasan: bad access detected
[   19.357537] 
[   19.357541] Memory state around the buggy address:
[   19.357548]  ffff8801ccc26380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.357555]  ffff8801ccc26400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.357562] >ffff8801ccc26480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   19.357567]                                            ^
[   19.357574]  ffff8801ccc26500: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[   19.357581]  ffff8801ccc26580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.357586] ==================================================================
[   19.357589] Disabling lock debugging due to kernel taint
[   19.357604] Kernel panic - not syncing: panic_on_warn set ...
[   19.357604] 
[   19.357610] CPU: 1 PID: 3144 Comm: syzkaller265098 Tainted: G    B            4.15.0-rc2-mm1+ #39
[   19.357614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   19.357615] Call Trace:
[   19.357622]  dump_stack+0x194/0x257
[   19.357631]  ? arch_local_irq_restore+0x53/0x53
[   19.357641]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   19.357649]  ? vsnprintf+0x1ed/0x1900
[   19.357657]  ? pfkey_add+0x15f0/0x3270
[   19.357664]  panic+0x1e4/0x41c
[   19.357670]  ? refcount_error_report+0x214/0x214
[   19.357679]  ? add_taint+0x1c/0x50
[   19.357686]  ? add_taint+0x1c/0x50
[   19.357694]  ? pfkey_add+0x1634/0x3270
[   19.357700]  kasan_end_report+0x50/0x50
[   19.357706]  kasan_report+0x144/0x340
[   19.357715]  check_memory_region+0x137/0x190
[   19.357722]  memcpy+0x23/0x50
[   19.357730]  pfkey_add+0x1634/0x3270
[   19.357744]  ? set_ipsecrequest+0x310/0x310
[   19.357752]  ? lock_release+0xda0/0xda0
[   19.357760]  ? set_ipsecrequest+0x310/0x310
[   19.357768]  pfkey_process+0x60b/0x720
[   19.357779]  ? pfkey_send_new_mapping+0x11b0/0x11b0
[   19.357784]  ? kasan_check_write+0x14/0x20
[   19.357804]  ? dup_iter+0x182/0x260
[   19.357816]  pfkey_sendmsg+0x4d6/0x9f0
[   19.357826]  ? pfkey_spdget+0xb00/0xb00
[   19.357835]  ? selinux_socket_sendmsg+0x36/0x40
[   19.357842]  ? security_socket_sendmsg+0x89/0xb0
[   19.357849]  ? pfkey_spdget+0xb00/0xb00
[   19.357856]  sock_sendmsg+0xca/0x110
[   19.357863]  ___sys_sendmsg+0x75b/0x8a0
[   19.357874]  ? copy_msghdr_from_user+0x590/0x590
[   19.357881]  ? lock_downgrade+0x980/0x980
[   19.357899]  ? fget_raw+0x20/0x20
[   19.357906]  ? __handle_mm_fault+0x3dd0/0x3dd0
[   19.357912]  ? vmacache_find+0x5f/0x280
[   19.357923]  ? up_read+0x1a/0x40
[   19.357929]  ? __do_page_fault+0x3d6/0xc90
[   19.357935]  ? get_unused_fd_flags+0x190/0x190
[   19.357947]  ? __fdget+0x18/0x20
[   19.357957]  __sys_sendmsg+0xe5/0x210
[   19.357962]  ? __sys_sendmsg+0xe5/0x210
[   19.357969]  ? SyS_shutdown+0x290/0x290
[   19.357978]  ? __do_page_fault+0xc90/0xc90
[   19.357987]  ? fd_install+0x4d/0x60
[   19.358005]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   19.358016]  SyS_sendmsg+0x2d/0x50
[   19.358024]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   19.358028] RIP: 0033:0x43ff59
[   19.358031] RSP: 002b:00007ffcfa0afab8 EFLAGS: 00000203 ORIG_RAX: 000000000000002e
[   19.358037] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ff59
[   19.358041] RDX: 0000000000000000 RSI: 00000000205f5000 RDI: 0000000000000003
[   19.358044] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   19.358048] R10: 0000000000000000 R11: 0000000000000203 R12: 00000000004018c0
[   19.358051] R13: 0000000000401950 R14: 0000000000000000 R15: 0000000000000000
[   19.376656] Dumping ftrace buffer:
[   19.376660]    (ftrace buffer empty)
[   19.376662] Kernel Offset: disabled
[   20.141896] Rebooting in 86400 seconds..