[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   59.146430][   T26] audit: type=1800 audit(1560808856.915:25): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   59.186216][   T26] audit: type=1800 audit(1560808856.925:26): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   59.239589][   T26] audit: type=1800 audit(1560808856.925:27): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   68.686192][ T8936] ------------[ cut here ]------------
[   68.691792][ T8936] kernel BUG at drivers/android/binder_alloc.c:1130!
[   68.698666][ T8936] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   68.704772][ T8936] CPU: 1 PID: 8936 Comm: syz-executor789 Not tainted 5.2.0-rc5 #28
[   68.712647][ T8936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   68.722709][ T8936] RIP: 0010:binder_alloc_do_buffer_copy+0xd6/0x510
[   68.729202][ T8936] Code: 02 00 0f 85 20 04 00 00 4d 8b 64 24 58 49 29 dc e8 bf 9d 1c fc 4c 89 e6 4c 89 ef e8 d4 9e 1c fc 4d 39 e5 76 07 e8 aa 9d 1c fc <0f> 0b e8 a3 9d 1c fc 4c 8b 75 d0 4d 29 ec 4c 89 e6 4c 89 f7 e8 b1
[   68.748800][ T8936] RSP: 0018:ffff8880962e7668 EFLAGS: 00010293
[   68.754881][ T8936] RAX: ffff8880a84ae000 RBX: 0000000020001000 RCX: ffffffff855423cf
[   68.762868][ T8936] RDX: 0000000000000000 RSI: ffffffff855423b6 RDI: 0000000000000006
[   68.770835][ T8936] RBP: ffff8880962e76e8 R08: ffff8880a84ae000 R09: 0000000000000008
[   68.778804][ T8936] R10: ffffed1012c5cf46 R11: ffff8880962e7a37 R12: 0000000000000078
[   68.786799][ T8936] R13: 0000000000000008 R14: 00000000000000e8 R15: 0000000000000000
[   68.794777][ T8936] FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:00000000567fb900
[   68.803700][ T8936] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   68.810286][ T8936] CR2: 0000000000000000 CR3: 00000000a8371000 CR4: 00000000001406e0
[   68.818359][ T8936] Call Trace:
[   68.821647][ T8936]  ? find_held_lock+0x35/0x130
[   68.826427][ T8936]  binder_alloc_copy_from_buffer+0x37/0x42
[   68.832378][ T8936]  binder_validate_ptr+0xcc/0x1d0
[   68.837501][ T8936]  ? binder_get_object+0x210/0x210
[   68.842629][ T8936]  ? binder_alloc_copy_from_buffer+0x37/0x42
[   68.848615][ T8936]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   68.854724][ T8936]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   68.860535][ T8936]  ? binder_get_object+0x181/0x210
[   68.865653][ T8936]  binder_transaction+0x2c9c/0x6620
[   68.870882][ T8936]  ? binder_thread_read+0x3d00/0x3d00
[   68.876270][ T8936]  ? mark_held_locks+0xf0/0xf0
[   68.881048][ T8936]  ? save_stack+0x23/0x90
[   68.885840][ T8936]  ? __might_fault+0x12b/0x1e0
[   68.890608][ T8936]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   68.896862][ T8936]  ? _copy_from_user+0xdd/0x150
[   68.901813][ T8936]  binder_thread_write+0x64a/0x2820
[   68.907030][ T8936]  ? mark_held_locks+0xf0/0xf0
[   68.911798][ T8936]  ? binder_transaction+0x6620/0x6620
[   68.917182][ T8936]  ? __might_fault+0x12b/0x1e0
[   68.921948][ T8936]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   68.928186][ T8936]  ? _copy_from_user+0xdd/0x150
[   68.933030][ T8936]  binder_ioctl+0x102f/0x1833
[   68.937703][ T8936]  ? binder_thread_write+0x2820/0x2820
[   68.943183][ T8936]  ? vma_is_stack_for_current+0xd0/0xd0
[   68.948720][ T8936]  ? ksys_dup3+0x3e0/0x3e0
[   68.953151][ T8936]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   68.959421][ T8936]  ? fput_many+0x12c/0x1a0
[   68.963852][ T8936]  ? fput+0x1b/0x20
[   68.967659][ T8936]  ? tomoyo_file_ioctl+0x23/0x30
[   68.972608][ T8936]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   68.978982][ T8936]  ? security_file_ioctl+0x8d/0xc0
[   68.984139][ T8936]  ? binder_thread_write+0x2820/0x2820
[   68.989605][ T8936]  __ia32_compat_sys_ioctl+0x195/0x620
[   68.995071][ T8936]  do_fast_syscall_32+0x27b/0xd7d
[   69.000115][ T8936]  entry_SYSENTER_compat+0x70/0x7f
[   69.005220][ T8936] RIP: 0023:0xf7f43849
[   69.009300][ T8936] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   69.036446][ T8936] RSP: 002b:00000000ff815c1c EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   69.045830][ T8936] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[   69.055505][ T8936] RDX: 0000000020000440 RSI: 0000000008049250 RDI: 0000000000000000
[   69.063475][ T8936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.071485][ T8936] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   69.079462][ T8936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.087447][ T8936] Modules linked in:
[   69.091792][ T8936] ---[ end trace 6a9a17a763653fcc ]---
[   69.097388][ T8936] RIP: 0010:binder_alloc_do_buffer_copy+0xd6/0x510
[   69.103956][ T8936] Code: 02 00 0f 85 20 04 00 00 4d 8b 64 24 58 49 29 dc e8 bf 9d 1c fc 4c 89 e6 4c 89 ef e8 d4 9e 1c fc 4d 39 e5 76 07 e8 aa 9d 1c fc <0f> 0b e8 a3 9d 1c fc 4c 8b 75 d0 4d 29 ec 4c 89 e6 4c 89 f7 e8 b1
[   69.123718][ T8936] RSP: 0018:ffff8880962e7668 EFLAGS: 00010293
[   69.129825][ T8936] RAX: ffff8880a84ae000 RBX: 0000000020001000 RCX: ffffffff855423cf
[   69.137813][ T8936] RDX: 0000000000000000 RSI: ffffffff855423b6 RDI: 0000000000000006
[   69.145829][ T8936] RBP: ffff8880962e76e8 R08: ffff8880a84ae000 R09: 0000000000000008
[   69.153871][ T8936] R10: ffffed1012c5cf46 R11: ffff8880962e7a37 R12: 0000000000000078
[   69.162167][ T8936] R13: 0000000000000008 R14: 00000000000000e8 R15: 0000000000000000
[   69.170197][ T8936] FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:00000000567fb900
[   69.179120][ T8936] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   69.185739][ T8936] CR2: 0000000000000000 CR3: 00000000a8371000 CR4: 00000000001406e0
[   69.193747][ T8936] Kernel panic - not syncing: Fatal exception
[   69.200943][ T8936] Kernel Offset: disabled
[   69.205311][ T8936] Rebooting in 86400 seconds..