[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
Starting mcstransd: 
[    9.580776] random: sshd: uninitialized urandom read (32 bytes read)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   16.448473] random: crng init done
Warning: Permanently added '10.128.0.101' (ECDSA) to the list of known hosts.
executing program
[   39.834453] audit: type=1400 audit(1553659619.573:5): avc:  denied  { set_context_mgr } for  pid=2058 comm="syz-executor553" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[   39.858098] audit: type=1400 audit(1553659619.603:6): avc:  denied  { call } for  pid=2058 comm="syz-executor553" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
[   39.881383] ------------[ cut here ]------------
[   39.886220] kernel BUG at drivers/android/binder_alloc.c:1105!
[   39.892175] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   39.897561] Modules linked in:
[   39.900873] CPU: 1 PID: 2058 Comm: syz-executor553 Not tainted 4.9.165+ #28
[   39.907952] task: ffff8801cf388000 task.stack: ffff8801c4ce8000
[   39.913989] RIP: 0010:[<ffffffff8221c34b>]  [<ffffffff8221c34b>] binder_alloc_do_buffer_copy+0xcb/0x500
[   39.923644] RSP: 0018:ffff8801c4cef518  EFLAGS: 00010293
[   39.929073] RAX: ffff8801cf388000 RBX: 0000000020001000 RCX: 0000000200000000
[   39.936321] RDX: 0000000000000000 RSI: ffffffff8221c34b RDI: ffff8801cef3a058
[   39.943570] RBP: ffff8801c4cef598 R08: ffff8801c4cef870 R09: 0000000000000028
[   39.950824] R10: ffffed003899defe R11: ffff8801c4cef7f7 R12: 0000000000000008
[   39.958073] R13: ffff8801cf301498 R14: 0000000000000028 R15: ffff8801c4cef870
[   39.965367] FS:  0000000001aaa940(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000
[   39.973631] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.979499] CR2: 0000000000000000 CR3: 00000001d485e000 CR4: 00000000001606b0
[   39.986862] Stack:
[   39.988992]  ffff8801c4cef7f0 ffff8801c4cef548 ffffffff814f79e6 0000000000000008
[   39.997101]  dffffc0000000000 ffff8801cef3a0d8 00ff8801c4cef5d8 ffff8801cef3a080
[   40.005278]  ffff8801cf389260 ffff8801cf301400 0000000200000000 ffff8801c4cef870
[   40.013406] Call Trace:
[   40.016188]  [<ffffffff814f79e6>] ? memcpy+0x46/0x50
[   40.021328]  [<ffffffff8221fc17>] binder_alloc_copy_from_buffer+0x37/0x42
[   40.028292]  [<ffffffff821fa9e2>] binder_get_object+0xa2/0x1a0
[   40.034286]  [<ffffffff82211acf>] binder_transaction+0x1fdf/0x5840
[   40.040594]  [<ffffffff82210c31>] ? binder_transaction+0x1141/0x5840
[   40.047073]  [<ffffffff81205fbe>] ? check_usage+0x14e/0x520
[   40.052821]  [<ffffffff8220faf0>] ? binder_inc_ref_for_node+0xba0/0xba0
[   40.059563]  [<ffffffff8107744a>] ? __save_stack_trace+0x7a/0xf0
[   40.065691]  [<ffffffff81becefc>] ? depot_save_stack+0x13c/0x4a0
[   40.072170]  [<ffffffff812441d1>] ? debug_lockdep_rcu_enabled+0x71/0xa0
[   40.079390]  [<ffffffff814999b4>] ? __might_fault+0x114/0x1d0
[   40.085393]  [<ffffffff822158c3>] binder_thread_write+0x593/0x2110
[   40.091709]  [<ffffffff81207f30>] ? trace_hardirqs_on+0x10/0x10
[   40.097804]  [<ffffffff82215330>] ? binder_transaction+0x5840/0x5840
[   40.104296]  [<ffffffff814999b4>] ? __might_fault+0x114/0x1d0
[   40.110173]  [<ffffffff82218d1d>] binder_ioctl+0xecd/0x1720
[   40.115883]  [<ffffffff814ae95e>] ? validate_mm+0x2fe/0x5a0
[   40.121583]  [<ffffffff82217e50>] ? binder_poll+0x240/0x240
[   40.127277]  [<ffffffff81208515>] ? __lock_acquire+0x5e5/0x4350
[   40.133364]  [<ffffffff814b44d0>] ? SyS_mmap_pgoff+0x1b0/0x1b0
[   40.139327]  [<ffffffff813f4950>] ? uprobe_apply+0x150/0x150
[   40.145112]  [<ffffffff811671e5>] ? __might_sleep+0x95/0x1a0
[   40.151020]  [<ffffffff82217e50>] ? binder_poll+0x240/0x240
[   40.156815]  [<ffffffff8154d887>] do_vfs_ioctl+0xb87/0x11d0
[   40.162890]  [<ffffffff81a143f3>] ? selinux_file_ioctl+0x103/0x550
[   40.169364]  [<ffffffff8154cd00>] ? ioctl_preallocate+0x210/0x210
[   40.175594]  [<ffffffff81a142f0>] ? selinux_parse_skb.constprop.0+0x16b0/0x16b0
[   40.183081]  [<ffffffff815704a8>] ? __fget+0x208/0x370
[   40.188350]  [<ffffffff815704cf>] ? __fget+0x22f/0x370
[   40.193696]  [<ffffffff815702e7>] ? __fget+0x47/0x370
[   40.198878]  [<ffffffff819eea1f>] ? security_file_ioctl+0x8f/0xc0
[   40.205101]  [<ffffffff8154df5f>] SyS_ioctl+0x8f/0xc0
[   40.210282]  [<ffffffff8154ded0>] ? do_vfs_ioctl+0x11d0/0x11d0
[   40.216235]  [<ffffffff810056bd>] do_syscall_64+0x1ad/0x570
[   40.221930]  [<ffffffff8280c213>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[   40.228833] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 0a 04 00 00 4d 8b 64 24 58 49 29 dc e8 0f 0a 10 ff 4d 39 e6 76 07 e8 05 0a 10 ff <0f> 0b e8 fe 09 10 ff 4c 8b 6d d0 4d 29 f4 4d 39 e5 77 e8 e8 ed 
[   40.256605] RIP  [<ffffffff8221c34b>] binder_alloc_do_buffer_copy+0xcb/0x500
[   40.264085]  RSP <ffff8801c4cef518>
[   40.267958] ---[ end trace a40759a90ea99f6e ]---
[   40.273073] Kernel panic - not syncing: Fatal exception
[   40.278786] Kernel Offset: disabled
[   40.282403] Rebooting in 86400 seconds..