[....] Starting enhanced syslogd: rsyslogd[ 10.175489] audit: type=1400 audit(1513316690.932:4): avc: denied { syslog } for pid=3168 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-2,10.128.0.16' (ECDSA) to the list of known hosts. 2017/12/15 05:45:02 parsed 1 programs 2017/12/15 05:45:02 executed programs: 0 syzkaller login: [ 21.687394] audit: type=1400 audit(1513316702.442:5): avc: denied { sys_admin } for pid=3329 comm="syz-executor3" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 21.706951] IPVS: Creating netns size=2536 id=1 [ 21.722768] IPVS: Creating netns size=2536 id=2 [ 21.742630] IPVS: Creating netns size=2536 id=3 [ 21.747530] audit: type=1400 audit(1513316702.502:6): avc: denied { sys_chroot } for pid=3333 comm="syz-executor4" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 21.756674] capability: warning: `syz-executor4' uses 32-bit capabilities (legacy support in use) [ 21.781152] audit: type=1400 audit(1513316702.532:7): avc: denied { dac_override } for pid=3353 comm="syz-executor4" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 21.821369] IPVS: Creating netns size=2536 id=4 [ 21.841482] IPVS: Creating netns size=2536 id=5 [ 21.872993] IPVS: Creating netns size=2536 id=6 [ 21.902134] IPVS: Creating netns size=2536 id=7 [ 21.932851] IPVS: Creating netns size=2536 id=8 2017/12/15 05:45:07 executed programs: 310 [ 31.101031] ================================================================== [ 31.108422] BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 at addr ffff8801cff7fc28 [ 31.116972] Read of size 8 by task syz-executor5/8278 [ 31.122127] page:ffffea00073fdfc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 31.130343] flags: 0x8000000000000000() [ 31.134283] page dumped because: kasan: bad access detected [ 31.139971] CPU: 0 PID: 8278 Comm: syz-executor5 Not tainted 4.9.69-g3f1d77c #108 [ 31.147564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.156911] ffff8801cffcf8e8 ffffffff81d90a29 ffffed0039feff86 0000000000000008 [ 31.164868] 0000000000000000 ffffed0039feff86 ffff8801cff7fc28 ffff8801cffcf970 [ 31.172853] ffffffff8153a9c3 ffffffff838a01fe dffffc0000000000 ffffffff810d41b7 [ 31.180818] Call Trace: [ 31.183380] [] dump_stack+0xc1/0x128 [ 31.188716] [] kasan_report.part.1+0x4c3/0x500 [ 31.194930] [] ? mutex_lock_killable_nested+0x60e/0x960 [ 31.201927] [] ? __unwind_start+0x3a7/0x3c0 [ 31.207869] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 31.214677] [] __asan_report_load8_noabort+0x29/0x30 [ 31.221397] [] __unwind_start+0x3a7/0x3c0 [ 31.227168] [] ? ptrace_may_access+0x24/0x50 [ 31.233220] [] __save_stack_trace+0x59/0xf0 [ 31.239157] [] save_stack_trace_tsk+0x48/0x70 [ 31.245268] [] proc_pid_stack+0x146/0x230 [ 31.251030] [] ? lock_trace+0xc0/0xc0 [ 31.256452] [] proc_single_show+0xf8/0x170 [ 31.262306] [] seq_read+0x32f/0x1290 [ 31.267631] [] ? seq_escape+0x200/0x200 [ 31.273218] [] ? do_futex+0x3f8/0x15c0 [ 31.278718] [] ? __lock_is_held+0xa1/0xf0 [ 31.284479] [] ? seq_escape+0x200/0x200 [ 31.290067] [] __vfs_read+0x103/0x670 [ 31.295483] [] ? default_llseek+0x290/0x290 [ 31.301417] [] ? fsnotify+0x86/0xf30 [ 31.306745] [] ? fsnotify+0xf30/0xf30 [ 31.312161] [] ? avc_policy_seqno+0x9/0x20 [ 31.318019] [] ? selinux_file_permission+0x82/0x460 [ 31.324654] [] ? security_file_permission+0x89/0x1e0 [ 31.331370] [] ? rw_verify_area+0xe5/0x2b0 [ 31.337219] [] vfs_read+0x11e/0x380 [ 31.342461] [] SyS_read+0xd9/0x1b0 [ 31.347618] [] ? vfs_copy_file_range+0x740/0x740 [ 31.353992] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 31.360795] [] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 31.367346] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 31.373893] Memory state around the buggy address: [ 31.378793] ffff8801cff7fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.386115] ffff8801cff7fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.393438] >ffff8801cff7fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.400757] ^ [ 31.405649] ffff8801cff7fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.412970] ffff8801cff7fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.420291] ================================================================== [ 31.427611] Disabling lock debugging due to kernel taint 2017/12/15 05:45:12 executed programs: 604 [ 35.230881] ================================================================== [ 35.238267] BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 at addr ffff8801ccc17c28 [ 35.246806] Read of size 8 by task syz-executor4/10468 [ 35.252056] page:ffffea00073305c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 35.260288] flags: 0x8000000000000000() [ 35.264230] page dumped because: kasan: bad access detected [ 35.269918] CPU: 1 PID: 10468 Comm: syz-executor4 Tainted: G B 4.9.69-g3f1d77c #108 [ 35.278822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.288153] ffff8801d8ccf8e8 ffffffff81d90a29 ffffed0039982f86 0000000000000008 [ 35.296127] 0000000000000000 ffffed0039982f86 ffff8801ccc17c28 ffff8801d8ccf970 [ 35.304081] ffffffff8153a9c3 ffff8801d8ccf9c0 0000000000000020 ffffffff810d41b7 [ 35.312032] Call Trace: [ 35.314586] [] dump_stack+0xc1/0x128 [ 35.319925] [] kasan_report.part.1+0x4c3/0x500 [ 35.326143] [] ? __unwind_start+0x3a7/0x3c0 [ 35.332102] [] __asan_report_load8_noabort+0x29/0x30 [ 35.338837] [] __unwind_start+0x3a7/0x3c0 [ 35.344604] [] ? ptrace_may_access+0x24/0x50 [ 35.350626] [] __save_stack_trace+0x59/0xf0 [ 35.356566] [] save_stack_trace_tsk+0x48/0x70 [ 35.362681] [] proc_pid_stack+0x146/0x230 [ 35.368453] [] ? lock_trace+0xc0/0xc0 [ 35.373871] [] proc_single_show+0xf8/0x170 [ 35.379725] [] seq_read+0x32f/0x1290 [ 35.385051] [] ? seq_escape+0x200/0x200 [ 35.390644] [] ? do_futex+0x3f8/0x15c0 [ 35.396150] [] ? finish_task_switch+0x1ed/0x630 [ 35.402435] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 35.409413] [] ? seq_escape+0x200/0x200 [ 35.415004] [] __vfs_read+0x103/0x670 [ 35.420422] [] ? default_llseek+0x290/0x290 [ 35.426357] [] ? fsnotify+0x86/0xf30 [ 35.431687] [] ? fsnotify+0xf30/0xf30 [ 35.437100] [] ? avc_policy_seqno+0x9/0x20 [ 35.442950] [] ? selinux_file_permission+0x82/0x460 [ 35.449594] [] ? security_file_permission+0x89/0x1e0 [ 35.456338] [] ? rw_verify_area+0xe5/0x2b0 [ 35.462206] [] vfs_read+0x11e/0x380 [ 35.467454] [] SyS_read+0xd9/0x1b0 [ 35.472612] [] ? vfs_copy_file_range+0x740/0x740 [ 35.478993] [] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 35.485552] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 35.492094] Memory state around the buggy address: [ 35.496984] ffff8801ccc17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.504306] ffff8801ccc17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.511630] >ffff8801ccc17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.518957] ^ [ 35.523852] ffff8801ccc17c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.531174] ffff8801ccc17d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.538495] ==================================================================