[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   18.622191] audit: type=1400 audit(1521026695.616:6): avc:  denied  { map } for  pid=4218 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts.
syzkaller login: [   24.969239] audit: type=1400 audit(1521026701.963:7): avc:  denied  { map } for  pid=4232 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2018/03/14 11:25:02 parsed 1 programs
2018/03/14 11:25:02 executed programs: 0
[   25.225506] audit: type=1400 audit(1521026702.219:8): avc:  denied  { map } for  pid=4232 comm="syz-execprog" path="/root/syzkaller-shm635065967" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   25.238314] IPVS: ftp: loaded support on port[0] = 21
[   25.504542] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   25.855484] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   25.861574] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.898837] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   25.935921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   25.967401] ==================================================================
[   25.974809] BUG: KASAN: slab-out-of-bounds in ip6_xmit+0x1f76/0x2260
[   25.981271] Read of size 8 at addr ffff8801b7107218 by task syz-executor0/4399
[   25.988599] 
[   25.990199] CPU: 1 PID: 4399 Comm: syz-executor0 Not tainted 4.16.0-rc5+ #262
[   25.997438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   26.006762] Call Trace:
[   26.009325]  dump_stack+0x194/0x24d
[   26.012927]  ? arch_local_irq_restore+0x53/0x53
[   26.017568]  ? show_regs_print_info+0x18/0x18
[   26.022046]  ? ip6_xmit+0x1f76/0x2260
[   26.025824]  print_address_description+0x73/0x250
[   26.030641]  ? ip6_xmit+0x1f76/0x2260
[   26.034414]  kasan_report+0x23c/0x360
[   26.038191]  __asan_report_load8_noabort+0x14/0x20
[   26.043105]  ip6_xmit+0x1f76/0x2260
[   26.046718]  ? ip6_finish_output2+0x23a0/0x23a0
[   26.051361]  ? fl6_update_dst+0x127/0x2b0
[   26.055486]  ? inet6_csk_route_socket+0x691/0xe80
[   26.060302]  ? trace_hardirqs_off+0x10/0x10
[   26.064597]  ? lock_acquire+0x1d5/0x580
[   26.069035]  ? lock_acquire+0x1d5/0x580
[   26.072983]  ? inet6_csk_xmit+0x114/0x580
[   26.077109]  ? trace_hardirqs_off+0x10/0x10
[   26.081411]  ? lock_release+0xa40/0xa40
[   26.085377]  inet6_csk_xmit+0x2fc/0x580
[   26.089358]  ? inet6_csk_update_pmtu+0x160/0x160
[   26.094100]  ? __sk_dst_check+0x1a5/0x380
[   26.098221]  ? sock_kfree_s+0x60/0x60
[   26.102010]  l2tp_xmit_skb+0x105f/0x1410
[   26.106059]  ? l2tp_session_create+0xb80/0xb80
[   26.110614]  ? sock_wmalloc+0x15d/0x1d0
[   26.114561]  ? iov_iter_advance+0x13f0/0x13f0
[   26.119036]  ? pppol2tp_sendmsg+0x41b/0x670
[   26.123333]  pppol2tp_sendmsg+0x470/0x670
[   26.127457]  ? selinux_socket_sendmsg+0x36/0x40
[   26.132106]  ? pppol2tp_getsockopt+0x900/0x900
[   26.136663]  sock_sendmsg+0xca/0x110
[   26.140700]  SYSC_sendto+0x361/0x5c0
[   26.144390]  ? SYSC_connect+0x4a0/0x4a0
[   26.148339]  ? find_held_lock+0x35/0x1d0
[   26.152382]  ? lock_downgrade+0x980/0x980
[   26.156524]  ? __do_page_fault+0x3d6/0xc90
[   26.160737]  SyS_sendto+0x40/0x50
[   26.164162]  ? SyS_getpeername+0x30/0x30
[   26.168196]  do_fast_syscall_32+0x3ec/0xf9f
[   26.172494]  ? do_int80_syscall_32+0x9c0/0x9c0
[   26.177053]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.181786]  ? syscall_return_slowpath+0x2ac/0x550
[   26.186687]  ? prepare_exit_to_usermode+0x350/0x350
[   26.191677]  ? sysret32_from_system_call+0x5/0x3c
[   26.196497]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   26.201315]  entry_SYSENTER_compat+0x70/0x7f
[   26.205694] RIP: 0023:0xf7f51c99
[   26.209031] RSP: 002b:00000000fffa279c EFLAGS: 00000286 ORIG_RAX: 0000000000000171
[   26.216713] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001180
[   26.223955] RDX: 0000000000000000 RSI: 0000000000040001 RDI: 00000000200021c0
[   26.231198] RBP: 0000000000000080 R08: 0000000000000000 R09: 0000000000000000
[   26.238442] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   26.245682] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   26.252937] 
[   26.254534] Allocated by task 0:
[   26.257872] (stack is not available)
[   26.261559] 
[   26.263159] Freed by task 0:
[   26.266144] (stack is not available)
[   26.269825] 
[   26.271426] The buggy address belongs to the object at ffff8801b7107200
[   26.271426]  which belongs to the cache ip_dst_cache of size 168
[   26.284138] The buggy address is located 24 bytes inside of
[   26.284138]  168-byte region [ffff8801b7107200, ffff8801b71072a8)
[   26.295900] The buggy address belongs to the page:
[   26.300798] page:ffffea0006dc41c0 count:1 mapcount:0 mapping:ffff8801b7107000 index:0x0
[   26.308908] flags: 0x2fffc0000000100(slab)
[   26.313746] raw: 02fffc0000000100 ffff8801b7107000 0000000000000000 0000000100000010
[   26.321598] raw: ffffea0007478420 ffff8801d6bc8548 ffff8801d6bc7340 0000000000000000
[   26.329446] page dumped because: kasan: bad access detected
[   26.335126] 
[   26.336724] Memory state around the buggy address:
[   26.341621]  ffff8801b7107100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.348951]  ffff8801b7107180: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   26.356277] >ffff8801b7107200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.363603]                             ^
[   26.367724]  ffff8801b7107280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.375051]  ffff8801b7107300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.382378] ==================================================================
[   26.389703] Disabling lock debugging due to kernel taint
[   26.395150] Kernel panic - not syncing: panic_on_warn set ...
[   26.395150] 
[   26.402498] CPU: 1 PID: 4399 Comm: syz-executor0 Tainted: G    B            4.16.0-rc5+ #262
[   26.411050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   26.420376] Call Trace:
[   26.422935]  dump_stack+0x194/0x24d
[   26.426534]  ? arch_local_irq_restore+0x53/0x53
[   26.431175]  ? kasan_end_report+0x32/0x50
[   26.435292]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.440022]  ? vsnprintf+0x1ed/0x1900
[   26.443795]  ? ip6_xmit+0x1f30/0x2260
[   26.447567]  panic+0x1e4/0x41c
[   26.450730]  ? refcount_error_report+0x214/0x214
[   26.455457]  ? add_taint+0x1c/0x50
[   26.458965]  ? add_taint+0x1c/0x50
[   26.462478]  ? ip6_xmit+0x1f76/0x2260
[   26.466249]  kasan_end_report+0x50/0x50
[   26.470190]  kasan_report+0x149/0x360
[   26.473961]  __asan_report_load8_noabort+0x14/0x20
[   26.478858]  ip6_xmit+0x1f76/0x2260
[   26.482461]  ? ip6_finish_output2+0x23a0/0x23a0
[   26.487105]  ? fl6_update_dst+0x127/0x2b0
[   26.491235]  ? inet6_csk_route_socket+0x691/0xe80
[   26.496068]  ? trace_hardirqs_off+0x10/0x10
[   26.500360]  ? lock_acquire+0x1d5/0x580
[   26.504301]  ? lock_acquire+0x1d5/0x580
[   26.508242]  ? inet6_csk_xmit+0x114/0x580
[   26.512358]  ? trace_hardirqs_off+0x10/0x10
[   26.516651]  ? lock_release+0xa40/0xa40
[   26.520606]  inet6_csk_xmit+0x2fc/0x580
[   26.524552]  ? inet6_csk_update_pmtu+0x160/0x160
[   26.529278]  ? __sk_dst_check+0x1a5/0x380
[   26.533394]  ? sock_kfree_s+0x60/0x60
[   26.537169]  l2tp_xmit_skb+0x105f/0x1410
[   26.541206]  ? l2tp_session_create+0xb80/0xb80
[   26.545757]  ? sock_wmalloc+0x15d/0x1d0
[   26.549701]  ? iov_iter_advance+0x13f0/0x13f0
[   26.554168]  ? pppol2tp_sendmsg+0x41b/0x670
[   26.558458]  pppol2tp_sendmsg+0x470/0x670
[   26.562576]  ? selinux_socket_sendmsg+0x36/0x40
[   26.567212]  ? pppol2tp_getsockopt+0x900/0x900
[   26.571765]  sock_sendmsg+0xca/0x110
[   26.575447]  SYSC_sendto+0x361/0x5c0
[   26.579132]  ? SYSC_connect+0x4a0/0x4a0
[   26.583078]  ? find_held_lock+0x35/0x1d0
[   26.587115]  ? lock_downgrade+0x980/0x980
[   26.591242]  ? __do_page_fault+0x3d6/0xc90
[   26.595456]  SyS_sendto+0x40/0x50
[   26.598881]  ? SyS_getpeername+0x30/0x30
[   26.602913]  do_fast_syscall_32+0x3ec/0xf9f
[   26.607207]  ? do_int80_syscall_32+0x9c0/0x9c0
[   26.611759]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.616484]  ? syscall_return_slowpath+0x2ac/0x550
[   26.621381]  ? prepare_exit_to_usermode+0x350/0x350
[   26.626368]  ? sysret32_from_system_call+0x5/0x3c
[   26.631181]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   26.635995]  entry_SYSENTER_compat+0x70/0x7f
[   26.640376] RIP: 0023:0xf7f51c99
[   26.643708] RSP: 002b:00000000fffa279c EFLAGS: 00000286 ORIG_RAX: 0000000000000171
[   26.651381] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001180
[   26.658618] RDX: 0000000000000000 RSI: 0000000000040001 RDI: 00000000200021c0
[   26.665856] RBP: 0000000000000080 R08: 0000000000000000 R09: 0000000000000000
[   26.673093] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   26.680330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   26.687991] Dumping ftrace buffer:
[   26.691504]    (ftrace buffer empty)
[   26.695187] Kernel Offset: disabled
[   26.698782] Rebooting in 86400 seconds..