[....] Starting enhanced syslogd: rsyslogd[ 16.354585] audit: type=1400 audit(1517490678.943:4): avc: denied { syslog } for pid=3902 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.225' (ECDSA) to the list of known hosts. 2018/02/01 13:12:17 parsed 1 programs 2018/02/01 13:12:17 executed programs: 0 syzkaller login: [ 74.923011] audit: type=1400 audit(1517490737.513:5): avc: denied { sys_admin } for pid=4090 comm="syz-executor0" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 74.951617] IPVS: Creating netns size=2536 id=1 [ 74.973025] IPVS: Creating netns size=2536 id=2 [ 74.983265] IPVS: Creating netns size=2536 id=3 [ 74.988265] audit: type=1400 audit(1517490737.583:6): avc: denied { sys_chroot } for pid=4094 comm="syz-executor2" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 74.989040] audit: type=1400 audit(1517490737.583:7): avc: denied { net_admin } for pid=4094 comm="syz-executor2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 74.993577] audit: type=1400 audit(1517490737.583:8): avc: denied { dac_override } for pid=4114 comm="syz-executor2" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 75.088795] IPVS: Creating netns size=2536 id=4 [ 75.099736] IPVS: Creating netns size=2536 id=5 [ 75.122411] IPVS: Creating netns size=2536 id=6 [ 75.133370] IPVS: Creating netns size=2536 id=7 [ 75.154420] IPVS: Creating netns size=2536 id=8 2018/02/01 13:12:22 executed programs: 469 2018/02/01 13:12:27 executed programs: 944 2018/02/01 13:12:32 executed programs: 1421 2018/02/01 13:12:37 executed programs: 1897 2018/02/01 13:12:42 executed programs: 2381 2018/02/01 13:12:47 executed programs: 2860 2018/02/01 13:12:52 executed programs: 3339 2018/02/01 13:12:57 executed programs: 3817 INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes 2018/02/01 13:13:02 executed programs: 4292 [ 120.396055] ================================================================== [ 120.403454] BUG: KASAN: stack-out-of-bounds in unwind_get_return_address+0x92/0xa0 [ 120.411154] Read of size 8 at addr ffff8801d88e7a10 by task syz-executor0/25777 [ 120.418579] [ 120.420194] CPU: 0 PID: 25777 Comm: syz-executor0 Not tainted 4.9.79-g71f1469 #34 [ 120.427791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.437123] ffff8801b1637b50 ffffffff81d94829 ffffea00076239c0 ffff8801d88e7a10 [ 120.445120] 0000000000000000 ffff8801d88e7a10 0000000000000000 ffff8801b1637b88 [ 120.453124] ffffffff8153e083 ffff8801d88e7a10 0000000000000008 0000000000000000 [ 120.461101] Call Trace: [ 120.463664] [] dump_stack+0xc1/0x128 [ 120.469008] [] print_address_description+0x73/0x280 [ 120.475664] [] kasan_report+0x275/0x360 [ 120.481273] [] ? unwind_get_return_address+0x92/0xa0 [ 120.488015] [] __asan_report_load8_noabort+0x14/0x20 [ 120.494749] [] unwind_get_return_address+0x92/0xa0 [ 120.501299] [] __save_stack_trace+0x8d/0xf0 [ 120.507244] [] save_stack_trace_tsk+0x48/0x70 [ 120.513370] [] proc_pid_stack+0x146/0x230 [ 120.519149] [] ? lock_trace+0xc0/0xc0 [ 120.524580] [] proc_single_show+0xf8/0x170 [ 120.530449] [] traverse+0x231/0x900 [ 120.535696] [] ? seq_buf_alloc+0x80/0x80 [ 120.541383] [] ? mutex_lock_killable_nested+0x960/0x960 [ 120.548371] [] ? __fget+0x47/0x3a0 [ 120.553552] [] seq_lseek+0x136/0x3c0 [ 120.558891] [] ? traverse+0x900/0x900 [ 120.564343] [] compat_SyS_lseek+0xeb/0x170 [ 120.570201] [] ? SyS_lseek+0x170/0x170 [ 120.575716] [] do_fast_syscall_32+0x2f7/0x890 [ 120.581842] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 120.588489] [] entry_SYSENTER_compat+0x74/0x83 [ 120.594701] [ 120.596312] The buggy address belongs to the page: [ 120.601237] page:ffffea00076239c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 120.609477] flags: 0x8000000000000000() [ 120.613418] page dumped because: kasan: bad access detected [ 120.619096] [ 120.620695] Memory state around the buggy address: [ 120.625601] ffff8801d88e7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 120.632945] ffff8801d88e7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 120.640293] >ffff8801d88e7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 120.647641] ^ [ 120.651508] ffff8801d88e7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 120.658857] ffff8801d88e7b00: f1 f1 f1 00 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 [ 120.666191] ================================================================== [ 120.673535] Disabling lock debugging due to kernel taint [ 120.681987] Kernel panic - not syncing: panic_on_warn set ... [ 120.681987] [ 120.689349] CPU: 0 PID: 25777 Comm: syz-executor0 Tainted: G B 4.9.79-g71f1469 #34 [ 120.698155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.707489] ffff8801b1637aa8 ffffffff81d94829 ffffffff8419709f ffff8801b1637b80 [ 120.715483] 0000000000000000 ffff8801d88e7a10 0000000000000000 ffff8801b1637b70 [ 120.723470] ffffffff8142f531 0000000041b58ab3 ffffffff8418ab10 ffffffff8142f375 [ 120.731453] Call Trace: [ 120.734015] [] dump_stack+0xc1/0x128 [ 120.739351] [] panic+0x1bc/0x3a8 [ 120.744339] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 120.752546] [] ? preempt_schedule+0x25/0x30 [ 120.758497] [] ? ___preempt_schedule+0x16/0x18 [ 120.764700] [] kasan_end_report+0x50/0x50 [ 120.770471] [] kasan_report+0x167/0x360 [ 120.776067] [] ? unwind_get_return_address+0x92/0xa0 [ 120.782794] [] __asan_report_load8_noabort+0x14/0x20 [ 120.789518] [] unwind_get_return_address+0x92/0xa0 [ 120.796070] [] __save_stack_trace+0x8d/0xf0 [ 120.802014] [] save_stack_trace_tsk+0x48/0x70 [ 120.808132] [] proc_pid_stack+0x146/0x230 [ 120.813898] [] ? lock_trace+0xc0/0xc0 [ 120.819323] [] proc_single_show+0xf8/0x170 [ 120.825180] [] traverse+0x231/0x900 [ 120.830440] [] ? seq_buf_alloc+0x80/0x80 [ 120.836125] [] ? mutex_lock_killable_nested+0x960/0x960 [ 120.843110] [] ? __fget+0x47/0x3a0 [ 120.848270] [] seq_lseek+0x136/0x3c0 [ 120.853606] [] ? traverse+0x900/0x900 [ 120.859034] [] compat_SyS_lseek+0xeb/0x170 [ 120.864888] [] ? SyS_lseek+0x170/0x170 [ 120.870395] [] do_fast_syscall_32+0x2f7/0x890 [ 120.876511] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 120.883146] [] entry_SYSENTER_compat+0x74/0x83 [ 120.889800] Dumping ftrace buffer: [ 120.893320] (ftrace buffer empty) [ 120.897002] Kernel Offset: disabled [ 120.900599] Rebooting in 86400 seconds..