[....] Starting enhanced syslogd: rsyslogd[   11.254326] audit: type=1400 audit(1514273323.003:5): avc:  denied  { syslog } for  pid=2998 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   16.356728] audit: type=1400 audit(1514273328.105:6): avc:  denied  { map } for  pid=3137 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-kasan-gce-386-0,10.128.0.52' (ECDSA) to the list of known hosts.
executing program
[   42.773673] audit: type=1400 audit(1514273354.522:7): avc:  denied  { map } for  pid=3155 comm="syzkaller671712" path="/root/syzkaller671712426" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   42.800523] ==================================================================
[   42.807906] BUG: KASAN: stack-out-of-bounds in rds_sendmsg+0x1f02/0x1f90
[   42.814721] Read of size 8 at addr ffff8801c852f9e0 by task syzkaller671712/3155
[   42.822221] 
[   42.823820] CPU: 1 PID: 3155 Comm: syzkaller671712 Not tainted 4.15.0-rc5+ #147
[   42.831231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   42.840560] Call Trace:
[   42.843125]  dump_stack+0x194/0x257
[   42.846724]  ? arch_local_irq_restore+0x53/0x53
[   42.851366]  ? show_regs_print_info+0x18/0x18
[   42.855834]  ? _raw_spin_unlock_bh+0x30/0x40
[   42.860215]  ? rds_sendmsg+0x1f02/0x1f90
[   42.864246]  print_address_description+0x73/0x250
[   42.869059]  ? rds_sendmsg+0x1f02/0x1f90
[   42.873101]  kasan_report+0x25b/0x340
[   42.876880]  __asan_report_load8_noabort+0x14/0x20
[   42.881778]  rds_sendmsg+0x1f02/0x1f90
[   42.885645]  ? rds_send_drop_to+0x19d0/0x19d0
[   42.890114]  ? lock_downgrade+0x980/0x980
[   42.894237]  ? sock_has_perm+0x2a4/0x420
[   42.898270]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   42.903614]  ? __might_sleep+0x95/0x190
[   42.907585]  ? kasan_check_write+0x14/0x20
[   42.911800]  ? _copy_from_user+0x99/0x110
[   42.915927]  ? selinux_socket_sendmsg+0x36/0x40
[   42.920574]  ? security_socket_sendmsg+0x89/0xb0
[   42.925307]  ? rds_send_drop_to+0x19d0/0x19d0
[   42.929784]  sock_sendmsg+0xca/0x110
[   42.933488]  ___sys_sendmsg+0x320/0x8b0
[   42.937453]  ? copy_msghdr_from_user+0x590/0x590
[   42.942186]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   42.947175]  ? trace_hardirqs_on+0xd/0x10
[   42.951291]  ? _raw_spin_unlock_irq+0x27/0x70
[   42.955753]  ? finish_task_switch+0x1d3/0x740
[   42.960217]  ? finish_task_switch+0x1aa/0x740
[   42.964689]  ? copy_overflow+0x20/0x20
[   42.968547]  ? __fget_light+0x297/0x380
[   42.972493]  ? check_noncircular+0x20/0x20
[   42.976709]  ? check_noncircular+0x20/0x20
[   42.980909]  ? __pmd_alloc+0x4e0/0x4e0
[   42.984769]  ? __fdget+0x18/0x20
[   42.988144]  __sys_sendmmsg+0x31b/0x620
[   42.992084]  ? __sys_sendmmsg+0x31b/0x620
[   42.996206]  ? SyS_sendmsg+0x50/0x50
[   42.999895]  ? __do_page_fault+0x5f7/0xc90
[   43.004094]  ? lock_downgrade+0x980/0x980
[   43.008222]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   43.012769]  ? vmacache_find+0x5f/0x280
[   43.016729]  ? up_read+0x1a/0x40
[   43.020075]  ? __do_page_fault+0x3d6/0xc90
[   43.024297]  compat_SyS_sendmmsg+0x32/0x40
[   43.028515]  ? compat_SyS_sendmsg+0x40/0x40
[   43.032808]  do_fast_syscall_32+0x3ee/0xf9d
[   43.037105]  ? do_int80_syscall_32+0x9d0/0x9d0
[   43.041655]  ? kasan_check_read+0x11/0x20
[   43.045772]  ? syscall_return_slowpath+0x550/0x550
[   43.050672]  ? SyS_rt_sigaction+0x94/0x1b0
[   43.054876]  ? SyS_sigprocmask+0x4b0/0x4b0
[   43.059080]  ? SyS_read+0x184/0x220
[   43.062683]  ? retint_user+0x18/0x18
[   43.066378]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   43.071198]  entry_SYSENTER_compat+0x54/0x63
[   43.075575] RIP: 0023:0xf7ffcc79
[   43.079221] RSP: 002b:00000000fff7951c EFLAGS: 00000282 ORIG_RAX: 0000000000000159
[   43.086905] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020573000
[   43.094149] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000015
[   43.101388] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[   43.108627] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   43.115866] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   43.123121] 
[   43.124715] The buggy address belongs to the page:
[   43.129616] page:000000001ba4586c count:0 mapcount:0 mapping:          (null) index:0x0
[   43.137727] flags: 0x2fffc0000000000()
[   43.141580] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[   43.149427] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000
[   43.157271] page dumped because: kasan: bad access detected
[   43.162944] 
[   43.164537] Memory state around the buggy address:
[   43.169432]  ffff8801c852f880: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2
[   43.176759]  ffff8801c852f900: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[   43.184082] >ffff8801c852f980: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 04 f2 f2 f2
[   43.191406]                                                        ^
[   43.197862]  ffff8801c852fa00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[   43.205187]  ffff8801c852fa80: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
[   43.212508] ==================================================================
[   43.219830] Disabling lock debugging due to kernel taint
[   43.225303] Kernel panic - not syncing: panic_on_warn set ...
[   43.225303] 
[   43.232635] CPU: 1 PID: 3155 Comm: syzkaller671712 Tainted: G    B            4.15.0-rc5+ #147
[   43.241350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   43.250684] Call Trace:
[   43.253243]  dump_stack+0x194/0x257
[   43.256839]  ? arch_local_irq_restore+0x53/0x53
[   43.261476]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   43.266198]  ? vsnprintf+0x1ed/0x1900
[   43.269964]  ? rds_sendmsg+0x1e50/0x1f90
[   43.273992]  panic+0x1e4/0x41c
[   43.277149]  ? refcount_error_report+0x214/0x214
[   43.281870]  ? add_taint+0x1c/0x50
[   43.285384]  ? add_taint+0x1c/0x50
[   43.288891]  ? rds_sendmsg+0x1f02/0x1f90
[   43.292917]  kasan_end_report+0x50/0x50
[   43.296854]  kasan_report+0x144/0x340
[   43.300620]  __asan_report_load8_noabort+0x14/0x20
[   43.305524]  rds_sendmsg+0x1f02/0x1f90
[   43.309387]  ? rds_send_drop_to+0x19d0/0x19d0
[   43.313846]  ? lock_downgrade+0x980/0x980
[   43.317965]  ? sock_has_perm+0x2a4/0x420
[   43.321993]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   43.327323]  ? __might_sleep+0x95/0x190
[   43.331266]  ? kasan_check_write+0x14/0x20
[   43.335465]  ? _copy_from_user+0x99/0x110
[   43.339580]  ? selinux_socket_sendmsg+0x36/0x40
[   43.344211]  ? security_socket_sendmsg+0x89/0xb0
[   43.348942]  ? rds_send_drop_to+0x19d0/0x19d0
[   43.353405]  sock_sendmsg+0xca/0x110
[   43.357084]  ___sys_sendmsg+0x320/0x8b0
[   43.361023]  ? copy_msghdr_from_user+0x590/0x590
[   43.365744]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   43.370727]  ? trace_hardirqs_on+0xd/0x10
[   43.374840]  ? _raw_spin_unlock_irq+0x27/0x70
[   43.379299]  ? finish_task_switch+0x1d3/0x740
[   43.383756]  ? finish_task_switch+0x1aa/0x740
[   43.388218]  ? copy_overflow+0x20/0x20
[   43.392071]  ? __fget_light+0x297/0x380
[   43.396014]  ? check_noncircular+0x20/0x20
[   43.400226]  ? check_noncircular+0x20/0x20
[   43.404434]  ? __pmd_alloc+0x4e0/0x4e0
[   43.408292]  ? __fdget+0x18/0x20
[   43.411629]  __sys_sendmmsg+0x31b/0x620
[   43.415577]  ? __sys_sendmmsg+0x31b/0x620
[   43.419716]  ? SyS_sendmsg+0x50/0x50
[   43.423423]  ? __do_page_fault+0x5f7/0xc90
[   43.427634]  ? lock_downgrade+0x980/0x980
[   43.431768]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   43.436324]  ? vmacache_find+0x5f/0x280
[   43.440270]  ? up_read+0x1a/0x40
[   43.443611]  ? __do_page_fault+0x3d6/0xc90
[   43.447837]  compat_SyS_sendmmsg+0x32/0x40
[   43.452046]  ? compat_SyS_sendmsg+0x40/0x40
[   43.456336]  do_fast_syscall_32+0x3ee/0xf9d
[   43.460640]  ? do_int80_syscall_32+0x9d0/0x9d0
[   43.465196]  ? kasan_check_read+0x11/0x20
[   43.469314]  ? syscall_return_slowpath+0x550/0x550
[   43.474212]  ? SyS_rt_sigaction+0x94/0x1b0
[   43.478411]  ? SyS_sigprocmask+0x4b0/0x4b0
[   43.482610]  ? SyS_read+0x184/0x220
[   43.486203]  ? retint_user+0x18/0x18
[   43.489886]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   43.494709]  entry_SYSENTER_compat+0x54/0x63
[   43.499093] RIP: 0023:0xf7ffcc79
[   43.502428] RSP: 002b:00000000fff7951c EFLAGS: 00000282 ORIG_RAX: 0000000000000159
[   43.510113] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020573000
[   43.517360] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000015
[   43.524615] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[   43.531865] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   43.539107] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   43.546746] Dumping ftrace buffer:
[   43.550263]    (ftrace buffer empty)
[   43.553938] Kernel Offset: disabled
[   43.557533] Rebooting in 86400 seconds..