[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   18.752986] audit: type=1400 audit(1520995125.429:6): avc:  denied  { map } for  pid=4222 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts.
syzkaller login: [   25.139451] audit: type=1400 audit(1520995131.816:7): avc:  denied  { map } for  pid=4236 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2018/03/14 02:38:52 parsed 1 programs
2018/03/14 02:38:52 executed programs: 0
[   25.393791] audit: type=1400 audit(1520995132.070:8): avc:  denied  { map } for  pid=4236 comm="syz-execprog" path="/root/syzkaller-shm212184915" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   25.408954] IPVS: ftp: loaded support on port[0] = 21
[   25.676468] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   26.038168] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   26.044271] 8021q: adding VLAN 0 to HW filter on device bond0
[   26.084777] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   26.122850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.138857] ==================================================================
[   26.146286] BUG: KASAN: slab-out-of-bounds in ip6_xmit+0x1f76/0x2260
[   26.152785] Read of size 8 at addr ffff8801a8ac1118 by task syz-executor0/4403
[   26.160145] 
[   26.161760] CPU: 1 PID: 4403 Comm: syz-executor0 Not tainted 4.16.0-rc5+ #262
[   26.169016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   26.178350] Call Trace:
[   26.180915]  dump_stack+0x194/0x24d
[   26.184526]  ? arch_local_irq_restore+0x53/0x53
[   26.189170]  ? show_regs_print_info+0x18/0x18
[   26.193647]  ? ip6_xmit+0x1f76/0x2260
[   26.197441]  print_address_description+0x73/0x250
[   26.202261]  ? ip6_xmit+0x1f76/0x2260
[   26.206042]  kasan_report+0x23c/0x360
[   26.209822]  __asan_report_load8_noabort+0x14/0x20
[   26.214733]  ip6_xmit+0x1f76/0x2260
[   26.218356]  ? ip6_finish_output2+0x23a0/0x23a0
[   26.223027]  ? fl6_update_dst+0x127/0x2b0
[   26.227155]  ? inet6_csk_route_socket+0x691/0xe80
[   26.231976]  ? trace_hardirqs_off+0x10/0x10
[   26.236283]  ? lock_acquire+0x1d5/0x580
[   26.240236]  ? lock_acquire+0x1d5/0x580
[   26.244183]  ? inet6_csk_xmit+0x114/0x580
[   26.248308]  ? trace_hardirqs_off+0x10/0x10
[   26.252653]  ? lock_release+0xa40/0xa40
[   26.256619]  inet6_csk_xmit+0x2fc/0x580
[   26.260573]  ? inet6_csk_update_pmtu+0x160/0x160
[   26.265310]  ? __sk_dst_check+0x1a5/0x380
[   26.269443]  ? sock_kfree_s+0x60/0x60
[   26.273240]  l2tp_xmit_skb+0x105f/0x1410
[   26.277286]  ? l2tp_session_create+0xb80/0xb80
[   26.281843]  ? sock_wmalloc+0x15d/0x1d0
[   26.285801]  ? iov_iter_advance+0x13f0/0x13f0
[   26.290273]  ? pppol2tp_sendmsg+0x41b/0x670
[   26.294572]  pppol2tp_sendmsg+0x470/0x670
[   26.298700]  ? selinux_socket_sendmsg+0x36/0x40
[   26.303348]  ? pppol2tp_getsockopt+0x900/0x900
[   26.307915]  sock_sendmsg+0xca/0x110
[   26.311608]  SYSC_sendto+0x361/0x5c0
[   26.315299]  ? SYSC_connect+0x4a0/0x4a0
[   26.319252]  ? find_held_lock+0x35/0x1d0
[   26.323297]  ? lock_downgrade+0x980/0x980
[   26.327443]  ? __do_page_fault+0x3d6/0xc90
[   26.331668]  SyS_sendto+0x40/0x50
[   26.335099]  ? SyS_getpeername+0x30/0x30
[   26.339139]  do_fast_syscall_32+0x3ec/0xf9f
[   26.343441]  ? do_int80_syscall_32+0x9c0/0x9c0
[   26.348000]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.352742]  ? syscall_return_slowpath+0x2ac/0x550
[   26.357649]  ? prepare_exit_to_usermode+0x350/0x350
[   26.362641]  ? sysret32_from_system_call+0x5/0x3c
[   26.367462]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   26.372293]  entry_SYSENTER_compat+0x70/0x7f
[   26.376674] RIP: 0023:0xf7ff9c99
[   26.380012] RSP: 002b:00000000ffc427dc EFLAGS: 00000282 ORIG_RAX: 0000000000000171
[   26.387700] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001180
[   26.394943] RDX: 0000000000000000 RSI: 0000000000040001 RDI: 00000000200021c0
[   26.402184] RBP: 0000000000000080 R08: 0000000000000000 R09: 0000000000000000
[   26.409426] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   26.416667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   26.423927] 
[   26.425526] Allocated by task 0:
[   26.428859] (stack is not available)
[   26.432539] 
[   26.434139] Freed by task 0:
[   26.437131] (stack is not available)
[   26.440823] 
[   26.442424] The buggy address belongs to the object at ffff8801a8ac1100
[   26.442424]  which belongs to the cache ip_dst_cache of size 168
[   26.455139] The buggy address is located 24 bytes inside of
[   26.455139]  168-byte region [ffff8801a8ac1100, ffff8801a8ac11a8)
[   26.466896] The buggy address belongs to the page:
[   26.471799] page:ffffea0006a2b040 count:1 mapcount:0 mapping:ffff8801a8ac1000 index:0x0
[   26.479914] flags: 0x2fffc0000000100(slab)
[   26.484119] raw: 02fffc0000000100 ffff8801a8ac1000 0000000000000000 0000000100000010
[   26.492582] raw: ffffea00072569e0 ffff8801d5401848 ffff8801d5403680 0000000000000000
[   26.500432] page dumped because: kasan: bad access detected
[   26.506112] 
[   26.507712] Memory state around the buggy address:
[   26.512611]  ffff8801a8ac1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.519946]  ffff8801a8ac1080: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   26.527279] >ffff8801a8ac1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.534610]                             ^
[   26.538738]  ffff8801a8ac1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.546069]  ffff8801a8ac1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.553397] ==================================================================
[   26.560724] Disabling lock debugging due to kernel taint
[   26.566170] Kernel panic - not syncing: panic_on_warn set ...
[   26.566170] 
[   26.573514] CPU: 1 PID: 4403 Comm: syz-executor0 Tainted: G    B            4.16.0-rc5+ #262
[   26.582060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   26.591472] Call Trace:
[   26.594039]  dump_stack+0x194/0x24d
[   26.597642]  ? arch_local_irq_restore+0x53/0x53
[   26.602284]  ? kasan_end_report+0x32/0x50
[   26.606405]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.611132]  ? vsnprintf+0x1ed/0x1900
[   26.614905]  ? ip6_xmit+0x1f30/0x2260
[   26.618678]  panic+0x1e4/0x41c
[   26.621841]  ? refcount_error_report+0x214/0x214
[   26.626569]  ? add_taint+0x1c/0x50
[   26.630080]  ? add_taint+0x1c/0x50
[   26.633591]  ? ip6_xmit+0x1f76/0x2260
[   26.637365]  kasan_end_report+0x50/0x50
[   26.641312]  kasan_report+0x149/0x360
[   26.645084]  __asan_report_load8_noabort+0x14/0x20
[   26.649982]  ip6_xmit+0x1f76/0x2260
[   26.653586]  ? ip6_finish_output2+0x23a0/0x23a0
[   26.658233]  ? fl6_update_dst+0x127/0x2b0
[   26.662355]  ? inet6_csk_route_socket+0x691/0xe80
[   26.667168]  ? trace_hardirqs_off+0x10/0x10
[   26.671458]  ? lock_acquire+0x1d5/0x580
[   26.675400]  ? lock_acquire+0x1d5/0x580
[   26.679344]  ? inet6_csk_xmit+0x114/0x580
[   26.683462]  ? trace_hardirqs_off+0x10/0x10
[   26.687757]  ? lock_release+0xa40/0xa40
[   26.691710]  inet6_csk_xmit+0x2fc/0x580
[   26.695663]  ? inet6_csk_update_pmtu+0x160/0x160
[   26.700390]  ? __sk_dst_check+0x1a5/0x380
[   26.704506]  ? sock_kfree_s+0x60/0x60
[   26.708288]  l2tp_xmit_skb+0x105f/0x1410
[   26.712326]  ? l2tp_session_create+0xb80/0xb80
[   26.716877]  ? sock_wmalloc+0x15d/0x1d0
[   26.720822]  ? iov_iter_advance+0x13f0/0x13f0
[   26.725289]  ? pppol2tp_sendmsg+0x41b/0x670
[   26.729580]  pppol2tp_sendmsg+0x470/0x670
[   26.733699]  ? selinux_socket_sendmsg+0x36/0x40
[   26.738340]  ? pppol2tp_getsockopt+0x900/0x900
[   26.742894]  sock_sendmsg+0xca/0x110
[   26.746579]  SYSC_sendto+0x361/0x5c0
[   26.750264]  ? SYSC_connect+0x4a0/0x4a0
[   26.754210]  ? find_held_lock+0x35/0x1d0
[   26.758254]  ? lock_downgrade+0x980/0x980
[   26.762384]  ? __do_page_fault+0x3d6/0xc90
[   26.766592]  SyS_sendto+0x40/0x50
[   26.770020]  ? SyS_getpeername+0x30/0x30
[   26.774058]  do_fast_syscall_32+0x3ec/0xf9f
[   26.778353]  ? do_int80_syscall_32+0x9c0/0x9c0
[   26.782904]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   26.787638]  ? syscall_return_slowpath+0x2ac/0x550
[   26.792538]  ? prepare_exit_to_usermode+0x350/0x350
[   26.797525]  ? sysret32_from_system_call+0x5/0x3c
[   26.802342]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   26.807156]  entry_SYSENTER_compat+0x70/0x7f
[   26.811533] RIP: 0023:0xf7ff9c99
[   26.814865] RSP: 002b:00000000ffc427dc EFLAGS: 00000282 ORIG_RAX: 0000000000000171
[   26.822545] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001180
[   26.829784] RDX: 0000000000000000 RSI: 0000000000040001 RDI: 00000000200021c0
[   26.837028] RBP: 0000000000000080 R08: 0000000000000000 R09: 0000000000000000
[   26.844272] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   26.851510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   26.859173] Dumping ftrace buffer:
[   26.862687]    (ftrace buffer empty)
[   26.866366] Kernel Offset: disabled
[   26.869961] Rebooting in 86400 seconds..