[....] Starting enhanced syslogd: rsyslogd[ 12.869970] audit: type=1400 audit(1512787605.897:5): avc: denied { syslog } for pid=2991 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.356640] audit: type=1400 audit(1512787612.384:6): avc: denied { map } for pid=3131 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added 'ci-upstream-next-kasan-gce-5,10.128.0.46' (ECDSA) to the list of known hosts. executing program [ 25.700063] audit: type=1400 audit(1512787618.727:7): avc: denied { map } for pid=3145 comm="syzkaller142491" path="/root/syzkaller142491001" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 25.731025] ================================================================== [ 25.738445] BUG: KASAN: wild-memory-access in scatterwalk_copychunks+0x206/0x480 [ 25.745963] Write of size 16 at addr 00050800c51daf18 by task syzkaller142491/3145 [ 25.753642] [ 25.755245] CPU: 0 PID: 3145 Comm: syzkaller142491 Not tainted 4.15.0-rc2-next-20171208+ #63 [ 25.763788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.773118] Call Trace: [ 25.775680] dump_stack+0x194/0x257 [ 25.779281] ? arch_local_irq_restore+0x53/0x53 [ 25.783930] ? scatterwalk_copychunks+0x206/0x480 [ 25.788755] kasan_report+0x13b/0x340 [ 25.792531] check_memory_region+0x137/0x190 [ 25.796910] memcpy+0x37/0x50 [ 25.799996] scatterwalk_copychunks+0x206/0x480 [ 25.804649] blkcipher_walk_done+0xa4b/0xde0 [ 25.809041] glue_ctr_crypt_128bit+0x597/0xc20 [ 25.813605] ? glue_ecb_crypt_128bit+0x5c0/0x5c0 [ 25.818337] ? wp512_final+0x19e/0x2a0 [ 25.822199] ? memset+0x31/0x40 [ 25.825454] ? memzero_explicit+0xe/0x10 [ 25.829498] ? wp384_final+0x8b/0xc0 [ 25.833186] ? wp256_final+0xc0/0xc0 [ 25.836871] ? wp512_update+0x3b5/0x510 [ 25.840840] ctr_crypt+0x34/0x40 [ 25.844180] ? ctr_crypt+0x34/0x40 [ 25.847693] ? encrypt_callback+0x240/0x240 [ 25.851985] __ablk_encrypt+0x1d1/0x2d0 [ 25.855940] ? ablk_set_key+0x1a0/0x1a0 [ 25.859888] ? shash_async_update+0x20/0x20 [ 25.864180] ? kfree+0xe4/0x250 [ 25.867437] ? __ablk_encrypt+0x2d0/0x2d0 [ 25.871555] ablk_encrypt+0x23e/0x2c0 [ 25.875327] ? __ablk_encrypt+0x2d0/0x2d0 [ 25.879447] skcipher_decrypt_ablkcipher+0x312/0x420 [ 25.884518] ? scatterwalk_ffwd+0xbf/0x370 [ 25.888736] poly_tail_continue+0x42a/0x6b0 [ 25.893045] poly_tail+0x40f/0x520 [ 25.896565] poly_cipherpad+0x33e/0x470 [ 25.900516] poly_cipher+0x303/0x440 [ 25.904205] poly_adpad+0x347/0x480 [ 25.907809] poly_ad+0x25c/0x300 [ 25.911149] poly_setkey+0x2fc/0x3e0 [ 25.914839] poly_init+0x16c/0x1d0 [ 25.918354] poly_genkey+0x422/0x590 [ 25.922046] chachapoly_decrypt+0x73/0x90 [ 25.926168] aead_recvmsg+0x14a7/0x1bc0 [ 25.930137] ? aead_release+0x50/0x50 [ 25.933912] ? selinux_socket_recvmsg+0x36/0x40 [ 25.938551] ? security_socket_recvmsg+0x91/0xc0 [ 25.943280] ? aead_release+0x50/0x50 [ 25.947056] sock_recvmsg+0xc9/0x110 [ 25.950746] ? __sock_recv_wifi_status+0x210/0x210 [ 25.955649] ___sys_recvmsg+0x29b/0x630 [ 25.959607] ? ___sys_sendmsg+0x8a0/0x8a0 [ 25.963745] ? fget_raw+0x20/0x20 [ 25.967172] ? __handle_mm_fault+0x3dd0/0x3dd0 [ 25.971725] ? vmacache_find+0x5f/0x280 [ 25.975680] ? up_read+0x1a/0x40 [ 25.979028] ? __do_page_fault+0x3d6/0xc90 [ 25.983236] ? fd_install+0x4d/0x60 [ 25.986840] ? __fdget+0x18/0x20 [ 25.990184] __sys_recvmsg+0xe2/0x210 [ 25.993955] ? __sys_recvmsg+0xe2/0x210 [ 25.997902] ? SyS_sendmmsg+0x60/0x60 [ 26.001686] ? __do_page_fault+0xc90/0xc90 [ 26.005899] ? SyS_setsockopt+0x215/0x360 [ 26.010047] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 26.015043] SyS_recvmsg+0x2d/0x50 [ 26.018558] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 26.023284] RIP: 0033:0x43ff39 [ 26.026445] RSP: 002b:00007ffc1fbbe868 EFLAGS: 00000217 ORIG_RAX: 000000000000002f [ 26.034125] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff39 [ 26.041365] RDX: 0000000000000000 RSI: 0000000020c0c000 RDI: 0000000000000004 [ 26.048605] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 26.055846] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018a0 [ 26.063094] R13: 0000000000401930 R14: 0000000000000000 R15: 0000000000000000 [ 26.070350] ================================================================== [ 26.077677] Disabling lock debugging due to kernel taint [ 26.083167] Kernel panic - not syncing: panic_on_warn set ... [ 26.083167] [ 26.090515] CPU: 0 PID: 3145 Comm: syzkaller142491 Tainted: G B 4.15.0-rc2-next-20171208+ #63 [ 26.100355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.109673] Call Trace: [ 26.112230] dump_stack+0x194/0x257 [ 26.115823] ? arch_local_irq_restore+0x53/0x53 [ 26.120460] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.125179] ? vsnprintf+0x1ed/0x1900 [ 26.128948] ? scatterwalk_copychunks+0x170/0x480 [ 26.133757] panic+0x1e4/0x41c [ 26.136916] ? refcount_error_report+0x214/0x214 [ 26.141638] ? add_taint+0x1c/0x50 [ 26.145145] ? add_taint+0x1c/0x50 [ 26.148650] ? scatterwalk_copychunks+0x206/0x480 [ 26.153794] kasan_end_report+0x50/0x50 [ 26.157736] kasan_report+0x144/0x340 [ 26.161502] check_memory_region+0x137/0x190 [ 26.165876] memcpy+0x37/0x50 [ 26.168949] scatterwalk_copychunks+0x206/0x480 [ 26.173587] blkcipher_walk_done+0xa4b/0xde0 [ 26.177965] glue_ctr_crypt_128bit+0x597/0xc20 [ 26.182518] ? glue_ecb_crypt_128bit+0x5c0/0x5c0 [ 26.187244] ? wp512_final+0x19e/0x2a0 [ 26.191097] ? memset+0x31/0x40 [ 26.194346] ? memzero_explicit+0xe/0x10 [ 26.198382] ? wp384_final+0x8b/0xc0 [ 26.202067] ? wp256_final+0xc0/0xc0 [ 26.205747] ? wp512_update+0x3b5/0x510 [ 26.209699] ctr_crypt+0x34/0x40 [ 26.213035] ? ctr_crypt+0x34/0x40 [ 26.216546] ? encrypt_callback+0x240/0x240 [ 26.220837] __ablk_encrypt+0x1d1/0x2d0 [ 26.224778] ? ablk_set_key+0x1a0/0x1a0 [ 26.228720] ? shash_async_update+0x20/0x20 [ 26.233010] ? kfree+0xe4/0x250 [ 26.236262] ? __ablk_encrypt+0x2d0/0x2d0 [ 26.240380] ablk_encrypt+0x23e/0x2c0 [ 26.244147] ? __ablk_encrypt+0x2d0/0x2d0 [ 26.248261] skcipher_decrypt_ablkcipher+0x312/0x420 [ 26.253329] ? scatterwalk_ffwd+0xbf/0x370 [ 26.257531] poly_tail_continue+0x42a/0x6b0 [ 26.261819] poly_tail+0x40f/0x520 [ 26.265325] poly_cipherpad+0x33e/0x470 [ 26.269267] poly_cipher+0x303/0x440 [ 26.272947] poly_adpad+0x347/0x480 [ 26.276548] poly_ad+0x25c/0x300 [ 26.279884] poly_setkey+0x2fc/0x3e0 [ 26.283568] poly_init+0x16c/0x1d0 [ 26.287076] poly_genkey+0x422/0x590 [ 26.290758] chachapoly_decrypt+0x73/0x90 [ 26.294873] aead_recvmsg+0x14a7/0x1bc0 [ 26.298821] ? aead_release+0x50/0x50 [ 26.302597] ? selinux_socket_recvmsg+0x36/0x40 [ 26.307233] ? security_socket_recvmsg+0x91/0xc0 [ 26.311958] ? aead_release+0x50/0x50 [ 26.315723] sock_recvmsg+0xc9/0x110 [ 26.319402] ? __sock_recv_wifi_status+0x210/0x210 [ 26.324299] ___sys_recvmsg+0x29b/0x630 [ 26.328244] ? ___sys_sendmsg+0x8a0/0x8a0 [ 26.332369] ? fget_raw+0x20/0x20 [ 26.335787] ? __handle_mm_fault+0x3dd0/0x3dd0 [ 26.340345] ? vmacache_find+0x5f/0x280 [ 26.344287] ? up_read+0x1a/0x40 [ 26.347618] ? __do_page_fault+0x3d6/0xc90 [ 26.351820] ? fd_install+0x4d/0x60 [ 26.355415] ? __fdget+0x18/0x20 [ 26.358749] __sys_recvmsg+0xe2/0x210 [ 26.362514] ? __sys_recvmsg+0xe2/0x210 [ 26.366453] ? SyS_sendmmsg+0x60/0x60 [ 26.370219] ? __do_page_fault+0xc90/0xc90 [ 26.374419] ? SyS_setsockopt+0x215/0x360 [ 26.378541] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 26.383529] SyS_recvmsg+0x2d/0x50 [ 26.387037] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 26.391756] RIP: 0033:0x43ff39 [ 26.394911] RSP: 002b:00007ffc1fbbe868 EFLAGS: 00000217 ORIG_RAX: 000000000000002f [ 26.402598] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff39 [ 26.409834] RDX: 0000000000000000 RSI: 0000000020c0c000 RDI: 0000000000000004 [ 26.417075] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 26.424329] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018a0 [ 26.431585] R13: 0000000000401930 R14: 0000000000000000 R15: 0000000000000000 [ 26.439279] Dumping ftrace buffer: [ 26.442787] (ftrace buffer empty) [ 26.446465] Kernel Offset: disabled [ 26.450059] Rebooting in 86400 seconds..