[....] Starting enhanced syslogd: rsyslogd[ 11.098785] audit: type=1400 audit(1516378457.789:4): avc: denied { syslog } for pid=3170 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.163244] ================================================================== [ 26.164356] BUG: KASAN: null-ptr-deref in snd_timer_user_read+0x510/0x700 [ 26.165311] Read of size 32 at addr (null) by task syzkaller300733/3329 [ 26.166311] [ 26.166547] CPU: 0 PID: 3329 Comm: syzkaller300733 Not tainted 4.9.77-g9c3804b #17 [ 26.167557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.168795] ffff8801c912f9d8 ffffffff81d941c9 0000000000000000 0000000000000020 [ 26.170053] 0000000000000000 ffff8801c912fba0 ffff8801c8d4cf48 ffff8801c912fa20 [ 26.171207] ffffffff8153df9e ffffffff82da5800 0000000000000286 4ffe2257e229b61c [ 26.172446] Call Trace: [ 26.172806] [] dump_stack+0xc1/0x128 [ 26.173529] [] kasan_report+0x15e/0x360 [ 26.174290] [] ? snd_timer_user_read+0x510/0x700 [ 26.175147] [] check_memory_region+0x137/0x190 [ 26.175972] [] kasan_check_read+0x11/0x20 [ 26.176738] [] snd_timer_user_read+0x510/0x700 [ 26.177573] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.178477] [] ? __fsnotify_parent+0xbc/0x340 [ 26.179288] [] ? fsnotify+0x86/0xf30 [ 26.179999] [] ? fsnotify+0xf30/0xf30 [ 26.180724] [] ? avc_policy_seqno+0x9/0x20 [ 26.181508] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 26.182442] [] ? security_file_permission+0x89/0x1e0 [ 26.183412] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.190257] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.197081] [] do_readv_writev+0x520/0x750 [ 26.202939] [] ? vfs_write+0x530/0x530 [ 26.208443] [] ? exit_robust_list+0x230/0x230 [ 26.214572] [] ? __fget+0x228/0x3a0 [ 26.219820] [] ? __fget+0x47/0x3a0 [ 26.224980] [] vfs_readv+0x84/0xc0 [ 26.230144] [] do_readv+0xe6/0x250 [ 26.235304] [] ? vfs_readv+0xc0/0xc0 [ 26.240651] [] ? entry_SYSCALL_64_fastpath+0x5/0xe8 [ 26.247285] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 26.254096] [] SyS_readv+0x27/0x30 [ 26.259255] [] entry_SYSCALL_64_fastpath+0x29/0xe8 [ 26.265799] ================================================================== [ 26.273122] Disabling lock debugging due to kernel taint [ 26.279192] Kernel panic - not syncing: panic_on_warn set ... [ 26.279192] [ 26.286546] CPU: 0 PID: 3329 Comm: syzkaller300733 Tainted: G B 4.9.77-g9c3804b #17 [ 26.295438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.304763] ffff8801c912f8f8 ffffffff81d941c9 ffffffff841970ff ffff8801c912f9d0 [ 26.312737] 0000000000000000 ffff8801c912fba0 ffff8801c8d4cf48 ffff8801c912f9c0 [ 26.320699] ffffffff8142f3c1 0000000041b58ab3 ffffffff8418ab70 ffffffff8142f205 [ 26.328664] Call Trace: [ 26.331221] [] dump_stack+0xc1/0x128 [ 26.336570] [] panic+0x1bc/0x3a8 [ 26.341557] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 26.349756] [] ? preempt_schedule+0x25/0x30 [ 26.355695] [] ? ___preempt_schedule+0x16/0x18 [ 26.361898] [] kasan_end_report+0x50/0x50 [ 26.367664] [] kasan_report+0x167/0x360 [ 26.373257] [] ? snd_timer_user_read+0x510/0x700 [ 26.379629] [] check_memory_region+0x137/0x190 [ 26.385827] [] kasan_check_read+0x11/0x20 [ 26.391594] [] snd_timer_user_read+0x510/0x700 [ 26.397794] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.404601] [] ? __fsnotify_parent+0xbc/0x340 [ 26.410713] [] ? fsnotify+0x86/0xf30 [ 26.416045] [] ? fsnotify+0xf30/0xf30 [ 26.421465] [] ? avc_policy_seqno+0x9/0x20 [ 26.427331] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 26.434311] [] ? security_file_permission+0x89/0x1e0 [ 26.441034] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.447851] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.454661] [] do_readv_writev+0x520/0x750 [ 26.460514] [] ? vfs_write+0x530/0x530 [ 26.466018] [] ? exit_robust_list+0x230/0x230 [ 26.472140] [] ? __fget+0x228/0x3a0 [ 26.477384] [] ? __fget+0x47/0x3a0 [ 26.482540] [] vfs_readv+0x84/0xc0 [ 26.487699] [] do_readv+0xe6/0x250 [ 26.492859] [] ? vfs_readv+0xc0/0xc0 [ 26.498190] [] ? entry_SYSCALL_64_fastpath+0x5/0xe8 [ 26.504825] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 26.511633] [] SyS_readv+0x27/0x30 [ 26.516792] [] entry_SYSCALL_64_fastpath+0x29/0xe8 [ 26.523787] Dumping ftrace buffer: [ 26.527297] (ftrace buffer empty) [ 26.530976] Kernel Offset: disabled [ 26.534572] Rebooting in 86400 seconds..