[....] Starting enhanced syslogd: rsyslogd[ 12.190724] audit: type=1400 audit(1518726520.273:4): avc: denied { syslog } for pid=3590 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. 2018/02/15 20:28:48 parsed 1 programs 2018/02/15 20:28:48 executed programs: 0 syzkaller login: [ 20.005754] audit: type=1400 audit(1518726528.093:5): avc: denied { sys_admin } for pid=3743 comm="syz-executor4" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 20.037604] IPVS: Creating netns size=2536 id=1 [ 20.060383] IPVS: Creating netns size=2536 id=2 [ 20.071347] IPVS: Creating netns size=2536 id=3 [ 20.082389] IPVS: Creating netns size=2536 id=4 [ 20.087476] audit: type=1400 audit(1518726528.173:6): avc: denied { sys_chroot } for pid=3746 comm="syz-executor5" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 20.106398] audit: type=1400 audit(1518726528.173:7): avc: denied { net_admin } for pid=3748 comm="syz-executor4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 20.137109] IPVS: Creating netns size=2536 id=5 [ 20.147347] audit: type=1400 audit(1518726528.233:8): avc: denied { dac_override } for pid=3773 comm="syz-executor4" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 20.172469] IPVS: Creating netns size=2536 id=6 [ 20.189101] IPVS: Creating netns size=2536 id=7 [ 20.233804] IPVS: Creating netns size=2536 id=8 2018/02/15 20:28:53 executed programs: 436 2018/02/15 20:28:58 executed programs: 878 [ 32.713435] ================================================================== [ 32.720839] BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 [ 32.727218] Read of size 8 at addr ffff8801c181f850 by task syz-executor2/10112 [ 32.734635] [ 32.736248] CPU: 1 PID: 10112 Comm: syz-executor2 Not tainted 4.9.81-g2a5cc53 #43 [ 32.743846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.753186] ffff8801d7c27778 ffffffff81d94de9 ffffea00070607c0 ffff8801c181f850 [ 32.761191] 0000000000000000 ffff8801c181f858 ffff8801d7c278a8 ffff8801d7c277b0 [ 32.769154] ffffffff8153e173 ffff8801c181f850 0000000000000008 0000000000000000 [ 32.777116] Call Trace: [ 32.779674] [] dump_stack+0xc1/0x128 [ 32.785014] [] print_address_description+0x73/0x280 [ 32.791661] [] kasan_report+0x275/0x360 [ 32.797277] [] ? __unwind_start+0x3a7/0x3c0 [ 32.797285] [] __asan_report_load8_noabort+0x14/0x20 [ 32.797290] [] __unwind_start+0x3a7/0x3c0 [ 32.797300] [] ? ptrace_may_access+0x24/0x50 [ 32.797306] [] __save_stack_trace+0x59/0xf0 [ 32.797311] [] save_stack_trace_tsk+0x48/0x70 [ 32.797317] [] proc_pid_stack+0x146/0x230 [ 32.797323] [] ? lock_trace+0xc0/0xc0 [ 32.797329] [] proc_single_show+0xf8/0x170 [ 32.797337] [] seq_read+0x32f/0x1290 [ 32.797345] [] ? seq_escape+0x200/0x200 [ 32.797350] [] ? fsnotify+0x86/0xf30 [ 32.797355] [] ? fsnotify+0xf30/0xf30 [ 32.797363] [] ? avc_policy_seqno+0x9/0x20 [ 32.797375] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 32.797381] [] ? security_file_permission+0x89/0x1e0 [ 32.797388] [] ? seq_escape+0x200/0x200 [ 32.797394] [] ? seq_escape+0x200/0x200 [ 32.797401] [] compat_do_readv_writev+0x522/0x760 [ 32.797407] [] ? do_pwritev+0x1a0/0x1a0 [ 32.797416] [] ? mutex_lock_nested+0x5e3/0x870 [ 32.797425] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.797431] [] ? mutex_lock_nested+0x56f/0x870 [ 32.797437] [] ? __fdget_pos+0x9f/0xc0 [ 32.797442] [] ? __fget+0x20a/0x3b0 [ 32.797449] [] ? mutex_lock_killable_nested+0x960/0x960 [ 32.797455] [] ? __fget+0x47/0x3b0 [ 32.797461] [] compat_readv+0xe3/0x150 [ 32.797468] [] do_compat_readv+0xf4/0x1d0 [ 32.797474] [] ? compat_readv+0x150/0x150 [ 32.797481] [] compat_SyS_readv+0x26/0x30 [ 32.797487] [] ? SyS_pwritev2+0x80/0x80 [ 32.797495] [] do_fast_syscall_32+0x2f7/0x870 [ 32.797501] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.797508] [] entry_SYSENTER_compat+0x74/0x83 [ 32.797511] [ 32.797512] The buggy address belongs to the page: [ 32.797520] page:ffffea00070607c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 32.797523] flags: 0x8000000000000000() [ 32.797525] page dumped because: kasan: bad access detected [ 32.797526] [ 32.797528] Memory state around the buggy address: [ 32.797533] ffff8801c181f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.797537] ffff8801c181f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.797542] >ffff8801c181f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.797544] ^ [ 32.797549] ffff8801c181f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.797553] ffff8801c181f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.797555] ================================================================== [ 32.797557] Disabling lock debugging due to kernel taint [ 32.808937] Kernel panic - not syncing: panic_on_warn set ... [ 32.808937] [ 32.808946] CPU: 1 PID: 10112 Comm: syz-executor2 Tainted: G B 4.9.81-g2a5cc53 #43 [ 32.808949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.808960] ffff8801d7c276d0 ffffffff81d94de9 ffffffff84197637 ffff8801d7c277a8 [ 32.808968] 0000000000000000 ffff8801c181f858 ffff8801d7c278a8 ffff8801d7c27798 [ 32.808976] ffffffff8142f621 0000000041b58ab3 ffffffff8418b0a8 ffffffff8142f465 [ 32.808977] Call Trace: [ 32.808987] [] dump_stack+0xc1/0x128 [ 32.808996] [] panic+0x1bc/0x3a8 [ 32.809004] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 32.809013] [] ? preempt_schedule+0x25/0x30 [ 32.809025] [] ? ___preempt_schedule+0x16/0x18 [ 32.809032] [] kasan_end_report+0x50/0x50 [ 32.809039] [] kasan_report+0x167/0x360 [ 32.809047] [] ? __unwind_start+0x3a7/0x3c0 [ 32.809054] [] __asan_report_load8_noabort+0x14/0x20 [ 32.809060] [] __unwind_start+0x3a7/0x3c0 [ 32.809068] [] ? ptrace_may_access+0x24/0x50 [ 32.809075] [] __save_stack_trace+0x59/0xf0 [ 32.809081] [] save_stack_trace_tsk+0x48/0x70 [ 32.809089] [] proc_pid_stack+0x146/0x230 [ 32.809095] [] ? lock_trace+0xc0/0xc0 [ 32.809101] [] proc_single_show+0xf8/0x170 [ 32.809109] [] seq_read+0x32f/0x1290 [ 32.809117] [] ? seq_escape+0x200/0x200 [ 32.809122] [] ? fsnotify+0x86/0xf30 [ 32.809127] [] ? fsnotify+0xf30/0xf30 [ 32.809134] [] ? avc_policy_seqno+0x9/0x20 [ 32.809142] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 32.809148] [] ? security_file_permission+0x89/0x1e0 [ 32.809154] [] ? seq_escape+0x200/0x200 [ 32.809161] [] ? seq_escape+0x200/0x200 [ 32.809167] [] compat_do_readv_writev+0x522/0x760 [ 32.809174] [] ? do_pwritev+0x1a0/0x1a0 [ 32.809181] [] ? mutex_lock_nested+0x5e3/0x870 [ 32.809189] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.809196] [] ? mutex_lock_nested+0x56f/0x870 [ 32.809201] [] ? __fdget_pos+0x9f/0xc0 [ 32.809207] [] ? __fget+0x20a/0x3b0 [ 32.809214] [] ? mutex_lock_killable_nested+0x960/0x960 [ 32.809219] [] ? __fget+0x47/0x3b0 [ 32.809226] [] compat_readv+0xe3/0x150 [ 32.809232] [] do_compat_readv+0xf4/0x1d0 [ 32.809238] [] ? compat_readv+0x150/0x150 [ 32.809246] [] compat_SyS_readv+0x26/0x30 [ 32.809252] [] ? SyS_pwritev2+0x80/0x80 [ 32.809258] [] do_fast_syscall_32+0x2f7/0x870 [ 32.809264] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.809271] [] entry_SYSENTER_compat+0x74/0x83 [ 32.811202] Dumping ftrace buffer: [ 32.811206] (ftrace buffer empty) [ 32.811209] Kernel Offset: disabled [ 33.403010] Rebooting in 86400 seconds..