[   12.854523] audit: type=1400 audit(1512841774.967:5): avc:  denied  { syslog } for  pid=2993 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   34.670371] audit: type=1400 audit(1512841796.783:6): avc:  denied  { map } for  pid=3140 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added 'ci-upstream-mmots-kasan-gce-2,10.128.0.11' (ECDSA) to the list of known hosts.
[   40.738375] audit: type=1400 audit(1512841802.851:7): avc:  denied  { map } for  pid=3152 comm="syzkaller521448" path="/root/syzkaller521448375" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   40.741473] ==================================================================
[   40.741489] BUG: KASAN: global-out-of-bounds in show_timer+0x278/0x2b0
[   40.741494] Read of size 8 at addr ffffffff85942fa8 by task syzkaller521448/3152
[   40.741497] 
[   40.741503] CPU: 0 PID: 3152 Comm: syzkaller521448 Not tainted 4.15.0-rc2-mm1+ #39
[   40.741507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.741510] Call Trace:
[   40.741520]  dump_stack+0x194/0x257
[   40.741530]  ? arch_local_irq_restore+0x53/0x53
[   40.741538]  ? show_regs_print_info+0x18/0x18
[   40.741548]  ? seq_printf+0xb3/0xe0
[   40.741556]  ? show_timer+0x278/0x2b0
[   40.741565]  print_address_description+0x178/0x250
[   40.741572]  ? show_timer+0x278/0x2b0
[   40.741579]  kasan_report+0x25b/0x340
[   40.741589]  __asan_report_load8_noabort+0x14/0x20
[   40.741595]  show_timer+0x278/0x2b0
[   40.741600]  ? timers_start+0x14c/0x1c0
[   40.741609]  seq_read+0x385/0x13d0
[   40.741631]  ? seq_lseek+0x3c0/0x3c0
[   40.741638]  ? selinux_file_permission+0x82/0x460
[   40.741654]  ? security_file_permission+0x89/0x1f0
[   40.741664]  ? rw_verify_area+0xe5/0x2b0
[   40.741677]  do_iter_read+0x3db/0x5b0
[   40.741688]  ? dup_iter+0x260/0x260
[   40.741707]  vfs_readv+0x121/0x1c0
[   40.741717]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   40.741728]  ? lock_release+0xda0/0xda0
[   40.741735]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   40.741746]  ? fget_raw+0x20/0x20
[   40.741756]  ? __might_sleep+0x95/0x190
[   40.741769]  ? kasan_check_write+0x14/0x20
[   40.741774]  ? _copy_from_user+0x99/0x110
[   40.741787]  do_preadv+0x11b/0x1a0
[   40.741793]  ? do_preadv+0x11b/0x1a0
[   40.741803]  SyS_preadv+0x30/0x40
[   40.741815]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   40.741820] RIP: 0033:0x440159
[   40.741824] RSP: 002b:00007fff68a88938 EFLAGS: 00000217 ORIG_RAX: 0000000000000127
[   40.741831] RAX: ffffffffffffffda RBX: 00007fff68a88940 RCX: 0000000000440159
[   40.741835] RDX: 0000000000000001 RSI: 00000000205e2ff0 RDI: 0000000000000003
[   40.741840] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f
[   40.741843] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401a20
[   40.741847] R13: 0000000000401ab0 R14: 0000000000000000 R15: 0000000000000000
[   40.741866] 
[   40.741869] The buggy address belongs to the variable:
[   40.741875]  amdgpu_fb_funcs+0x128/0x1c0
[   40.741877] 
[   40.741880] Memory state around the buggy address:
[   40.741885]  ffffffff85942e80: 00 00 00 fa fa fa fa fa 05 fa fa fa fa fa fa fa
[   40.741889]  ffffffff85942f00: 05 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa
[   40.741894] >ffffffff85942f80: 05 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa
[   40.741897]                                   ^
[   40.741901]  ffffffff85943000: 05 fa fa fa fa fa fa fa 00 00 00 00 00 00 fa fa
[   40.741906]  ffffffff85943080: fa fa fa fa 05 fa fa fa fa fa fa fa 00 06 fa fa
[   40.741908] ==================================================================
[   40.741910] Disabling lock debugging due to kernel taint
[   40.741913] Kernel panic - not syncing: panic_on_warn set ...
[   40.741913] 
[   40.741917] CPU: 0 PID: 3152 Comm: syzkaller521448 Tainted: G    B            4.15.0-rc2-mm1+ #39
[   40.741919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.741920] Call Trace:
[   40.741924]  dump_stack+0x194/0x257
[   40.741930]  ? arch_local_irq_restore+0x53/0x53
[   40.741935]  ? vprintk_default+0x28/0x30
[   40.741941]  ? vsnprintf+0x1ed/0x1900
[   40.741945]  ? show_timer+0x1e0/0x2b0
[   40.741950]  panic+0x1e4/0x41c
[   40.741954]  ? refcount_error_report+0x214/0x214
[   40.741961]  ? add_taint+0x40/0x50
[   40.741964]  ? add_taint+0x1c/0x50
[   40.741969]  ? show_timer+0x278/0x2b0
[   40.741973]  kasan_end_report+0x50/0x50
[   40.741977]  kasan_report+0x144/0x340
[   40.741983]  __asan_report_load8_noabort+0x14/0x20
[   40.741986]  show_timer+0x278/0x2b0
[   40.741990]  ? timers_start+0x14c/0x1c0
[   40.741995]  seq_read+0x385/0x13d0
[   40.742009]  ? seq_lseek+0x3c0/0x3c0
[   40.742013]  ? selinux_file_permission+0x82/0x460
[   40.742019]  ? security_file_permission+0x89/0x1f0
[   40.742024]  ? rw_verify_area+0xe5/0x2b0
[   40.742030]  do_iter_read+0x3db/0x5b0
[   40.742034]  ? dup_iter+0x260/0x260
[   40.742042]  vfs_readv+0x121/0x1c0
[   40.742048]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   40.742053]  ? lock_release+0xda0/0xda0
[   40.742057]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   40.742063]  ? fget_raw+0x20/0x20
[   40.742069]  ? __might_sleep+0x95/0x190
[   40.742075]  ? kasan_check_write+0x14/0x20
[   40.742079]  ? _copy_from_user+0x99/0x110
[   40.742086]  do_preadv+0x11b/0x1a0
[   40.742089]  ? do_preadv+0x11b/0x1a0
[   40.742095]  SyS_preadv+0x30/0x40
[   40.742101]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   40.742103] RIP: 0033:0x440159
[   40.742105] RSP: 002b:00007fff68a88938 EFLAGS: 00000217 ORIG_RAX: 0000000000000127
[   40.742109] RAX: ffffffffffffffda RBX: 00007fff68a88940 RCX: 0000000000440159
[   40.742111] RDX: 0000000000000001 RSI: 00000000205e2ff0 RDI: 0000000000000003
[   40.742113] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f
[   40.742115] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401a20
[   40.742117] R13: 0000000000401ab0 R14: 0000000000000000 R15: 0000000000000000
[   40.764607] Dumping ftrace buffer:
[   40.764610]    (ftrace buffer empty)
[   40.764612] Kernel Offset: disabled
[   41.270408] Rebooting in 86400 seconds..