[....] Starting enhanced syslogd: rsyslogd[ 12.860941] audit: type=1400 audit(1513001966.869:5): avc: denied { syslog } for pid=2995 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.233658] audit: type=1400 audit(1513001981.242:6): avc: denied { map } for pid=3137 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added 'ci-upstream-next-kasan-gce-4,10.128.15.216' (ECDSA) to the list of known hosts. [ 33.276600] audit: type=1400 audit(1513001987.285:7): avc: denied { map } for pid=3148 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2017/12/11 14:19:47 fuzzer started 2017/12/11 14:19:47 dialing manager at 10.128.0.26:42639 2017/12/11 14:19:55 kcov=true, comps=true [ 41.854457] audit: type=1400 audit(1513001995.863:8): avc: denied { map } for pid=3148 comm="syz-fuzzer" path="/sys/kernel/debug/kcov" dev="debugfs" ino=8745 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2017/12/11 14:19:56 executing program 0: 2017/12/11 14:19:56 executing program 4: 2017/12/11 14:19:56 executing program 1: 2017/12/11 14:19:56 executing program 2: 2017/12/11 14:19:56 executing program 5: 2017/12/11 14:19:56 executing program 6: 2017/12/11 14:19:56 executing program 3: 2017/12/11 14:19:56 executing program 7: [ 42.247876] audit: type=1400 audit(1513001996.256:9): avc: denied { map } for pid=3148 comm="syz-fuzzer" path="/root/syzkaller-shm503090985" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 43.426877] audit: type=1400 audit(1513001997.435:10): avc: denied { sys_admin } for pid=3191 comm="syz-executor1" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 2017/12/11 14:19:57 executing program 1: r0 = creat(&(0x7f00001a9000)="2e2f66696c653000", 0x80) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000000)={0x2, &(0x7f0000df8000)=[{0x4, 0x0, 0x3, 0x5}, {0x7, 0xcc73, 0x1, 0xffffffffffffffff}]}, 0x10) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000485000-0xb)="2f6465762f6877726e6700", 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000e9b000-0x28)={&(0x7f00005c2000/0x3000)=nil, 0x81, 0x5, 0x4, &(0x7f0000cb3000/0x2000)=nil, 0x40000000000592f}) r2 = socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000c58000)={0x0, 0x0}, &(0x7f0000858000)=0x8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00002e0000-0x4)=r3, 0x4) writev(r2, &(0x7f0000ebe000-0x10)=[{&(0x7f0000ea5000-0x3a)="390000001000093805bb61e119050021071c005e02000000000000000261800419000d00f0000a00f00bff31f30f3cc30300800000011e3a69c7", 0x3a}], 0x1) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000b8a000)={0x0, 0x1ff, 0x4, 0xc3, 0x5, 0x4, 0x2, 0x7, {0x0, @in6={{0xa, 0x0, 0x14, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xbb}, 0x8}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x80, 0x7ff, 0x100000000, 0x20, 0x1f}}, &(0x7f0000990000-0x4)=0xb8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000410000)={r4, 0x1002, "8751c10840a82326563e420ea0d69f2a15b2ead214d8af0d9c9ce0c639b34f9da8bd6644fdce78b7bedc42d2c54bc67755eaad0dff677f8fd65527b6f3acd4dd64f900b42d878f7419df35291134f181e4178bb348060f011d5fb8f3cb9a115b407cb87a02177354d6169f12fdc0b8e8abd005ab881db6a85f1aee1f81a4f686b6c0f09708bd5bf3866c2ced63ffc5446289791c5267d298989c32a1fcccce30104c1ad3232a0b304c362acbc7aa122b31711e6574b9150a10e13b389d4db31fcc45fd375a6a820bf8be73c8a93dc9fa536d20af1d7a63095d073045145f78c3190d711b1a3610f45a59a6de21e9833903c753bc721f82767cfd0ced9419e6bc4f33dee4c3bc604e9df1f60d0566081ed6ca37975d1b910a9a4bba2872a244c6dc87cda41fd2c6e55928efec59196a8025247fb2df42df578eb91d5070ea54f5c49bd380becc8aac3fd071c569b3af2d7696f661c1619ae261c17cdd47864058638c606b028b379b7301c646e2e8ca5c8e8fba4a1941afe480791e5747ae08e928a68fadd37ca96dbd3c408c42b99b8d895622cd3f12b8fd5b428d63afea746019a8b000bb3e47c6fe23ea4578bae31eaec6b79e634681a2d5a9a1fedfaac82275ee0a09b75fdb6cc27bb388cb4a1c4f06f7138b8478dca2439b00261d37889797e239e1a514ccb46bebcc9885cbe2a9d5f1981e42faa851bc21d976c5eb711b4bb0780f1b55c72869a22d4ac8bdae63810202a87c661c8a840215501de325b727609b114923018ac933daa42d9a10465bd405cd9586ba799d746c09684d0f449ac427329464a706f722f71f0baa6c8e1237ed5fad62aada725258f170c700367f389f370ae587f120a3d01db3e6b0550b4e5f7543b299d43854c8fffa3185731af5d3b71991f96ec1c24be3a30d255ed3d6b38e14520b7fc2e4f334381797ff868a0a4f54cf86d2dd906b9f97a06b5877a45bf907ca406525b617b6e08916249a6740bab5d79b22b874bc9ebe979373f27a9992266e073b87b09a352cc1d1d310f78e1c49df6c630f70886326e27beb2110ff8c4877ad65519d8dc86553fcf2f6f0c4bb494d2af588e7eca120d716a38c6915ecc8315fd809a5dacb977cdd7ba87f395d12fe711448f8cabe8de6de7924470fb88bac2d5f91fa79ef04a55d2953cdef1f04a57b14d343538ef3eb86130cee80995116db2303040fcc38f267bcc1f01cb11c0db047cb695f5e5878e6d701b7d0fc529bef213cdacc42bff8ad8cddd8f27f480998f2fc2840221864b2ab989aa8b2faf8e98827de13bccdf702eaf9a757725b9ffe4b4f34aa5de7e7440d967decccb0efb2e7935a6db325d7f9cfe5d80f5e843f66b467ecfdfa9eaae6a5b354b15afb65bb1bd1d6cb044cc781bc1a82286c0fcfdcc578c73cddeec74f5a2a32c4ce2e01ddc7a59dd3384e9a429493d111bacb903dab883ce305824871abb8ae8e2802caefff9f29e5cb4be9fa8b919773cd4ca49d2154bd2da615b4cbe372bb0abdd6eea1b5b0491fe7f5167e755b5e28b5cd5761984b5d92febae64f331aeceb311aadf73836acba18796406d1c385fd9cee193e44c6314ed889e755e9bfc49898173997354ae0ba7c427d2f0d379cc819205425b855177ffaddcf3e0861e3a68806028336666932a86f28a94d70bfcc3c17a2ffe1aa1ffe1f673a861522e60604d50579719ea8251a24e81dc44635b4f6b138e0d28b6377219ad62d041d444d53111ed49e082fecf72c241e009a860ccbebf5d37dde1dba6f1171255592ce103dbf1b4f9eaa6bfc75f485c7d5e43582199eb4d4bb58113c6bd8baf2b939efcb19850bf66361a0f3c38e986d0c12f96844ff9d22a8745cc7a463df5ced062b2a9a3c54e024d2eef25a68e788dcda01d7549d4252b02539ad45ca70029f855beb712c7abcb336d825f752b7d94623dfa8347f44a27f1f234ddaf08f08933ad971c6cd4ef247e9a0fce6546662fe68f821ab96894de02d159f486320f75455475453c64db3b7b3ce06839f3bf992d65003aa2e8117567ab9f72594f53cb53bf1581e52f2c602e5b9eb3612cef748053e982311854d45dbfd077e930abf1e7b16310691a0591dad58a6361947630bdd10c3955da9100fc74851045cded0b69a423906c4d57dfb5cf1d98866145c1efce9406cdcbe679fd255c8e45d39935d53d1013309509c6715c6c46242d289d891494e5058ebc05d505e9a916e743d2160c45364aabbb9f47f3f60136be49b766f2f983969181958ec0ecce022b741b20e9fd005567b0af74df971fbdf0c0596719615b6026a2645f019dea840c46292f4b207abff6f4441a904ee99c4ea1b9a2baea7be6b6a6f46041747129a204ad5ba73b6f79a383efe2a4cfc945ee19552b27efc22ab28e5ff1545ccc16aef6e147ec2821d5825b94d0234d2708a9bc6003a398d473891378c343391741d67b7b60c9ed6af5ca8ba9826957a49fbc218f7bb4330515ab759ae342d5284065850c4ee8398c998e0e07778f9f1c02d052b4075677e50a9c3b6281a5a1140c2ed297f0503ed1672562f0547f86fedcc7bfdda9207c7b26be92327cb8ce75e3870d7a71cdf9c606e6b8ac98c3c56c6b68c75d8a86d8f3f597d38971239ae7185903a2e44806c5855b8b6c3c4e884c166e98c26e791b96eba2a3662098a644ab5d2c63e853cb09ac2f8ce88e5e3dc6d41aed0748b5df606482217b89e70a9527920d758c55548e3124b8e4135f771aff922fc25d791c7543aece86437d791c60561801bad9df0299d67dc1bd83a3d1e78443591f327f70162fba5d871500fc200922f01d9acff5a952ad8212d3019e6db806620af2e496d38aa89e8adc5dddd69f3166e3e1097f69f0e6f0c7d3bb1f2bfffea2615f12ec64bb0365a31701e86b569bb6731ce86d1436fc69be10590230fba352fbd9d26ff9bc09b0b024e7602f88c9979f0c40e5953c507d07f72c301a59c7bb4b7e075f90a7e7b5112dd41b2a58642101be1745314d7799489ebc11586e2af361785ec4816bc5889188dcce1faf947dff7e9c5c2be57924c29cdeca71c3faa5887d48c088682561ee780754be17fcf3138dfc1a0c2021797f8fe841437159747515e8fb2fb2ca47a5001d794663ad50bc5a7971dcf44e4365ea8d371d30af7f1b2c354f393c3adcc35b6e37ee2dbd62a44fad30b70a73c4edd5fead3ac1c2c5aaf816a6bc50470dd387442b407255520936526e4a577a8b335a95a3cbeff45c9ec3a32421f850e845249fd1ce12e1369e8970f86ec04fe398e03e1a9217c69f6a0be15bf627afbfacf737aae8bc77042ce944d82a85658c2a07d9872c5108355bd21156911ac743cfed2f7c959f660693850aa0edaeaf6f44a039d6eb8d1c6b87799321d17cbff93ee9a2c8403b061b539059b5e9f46c29f82887a995cf8d3d9e7be9c30ace17e5ed9112c2517f3e6c7382334fa73104be25b3d462bd75758789ec81e1b1efb9929d0a77009a57143dcc7beb7e46bb2ef6863d5c23d7df361bd9d7e15524806a7edc0c2f3894399487d2d625e16eb624c92b01223252cb35062883a011b198860dabf87b263f3843ff2aff7647db65446a513aa243bd7044a2db25bba61d08edcdf8bc7705f9d3f1af366dc63cfaafba0e6bf8f68766017c00790df99728192dd6f8a9dc5e13b507d43a3a019aae93a9c282be95a552ef1e71f701801862d313f05887d5a0265dc7ec1655418b47780b8f178afc4b6c9441c765b6617f5be11442764698953d87438f886fe6a758cdd67e1997fbe3c3e38df1e536004371f3a51c5eef98b7225f672c49ef518eff6b3b2fed09c12d2c192a89ea7ad1d3e79ef615ebf9cf0ebb11a677359121c33f2978f231492bdf6eb55a75b62b407cda1c33c08f52fb6bd37c4d359a76241d4a9da53d0baad6a0fc8eef2cf51ba6ae49941813313255d05a5fce4884149dbc41d301f59d9449be9788bcb91513fa960a95acf97a7ac3e8a76ac1010d449798aa5b4c43a885e3844699430ccb6bbcff79357c8d69da20e4b513642040263d60919bee0bbce747171fe68ab2dc40e0bdfaf5a18d49d6d9e617b84127b8597fca6fdd5e474afe2ba1901aba56bfc9796373985040a3b75cba6e4ddad050d6bed03fabc4bd32a4512abcf416bd9b69cbdcdef88d83754132d4a03ae7aaeb2a0e3ac8e77fdf142866b5183a84b2fe6b35f299c6af0b1d0c7666cc821fce0ee51bbf8286fe3ac615d0aa9bd78d3de0d8b2f33fff22b7ebe4116c0a74d0be160fe12a6146362be9170c813b60b9ebb174393edb628382ce1e6d28103aeb52af386b4def4e524dc715950355cfd7483515f65fabfb759f000494d415abc68924f0823151299c3326c6aeabc7ed86aae8eea9cc1914da185fd7be77cdeb2115e2f14d2bb5adfea78e8c1c83afea198ca3f047eef927999a04281d865f53d5a5a25298c0300f600ed7fc1a97566c6b1c4d640f8cd34dab56f3c1f4257591c9e0c4760674132da6cc49aa4ec2bbda5e43ee5a6dd6f96d82bd571ef274efb4d840f79d046a7088cb10320af695c3cebceebc6b42710decd7c856f9d88d12d026ab084fe68d6a9555c6860957e30b0e5975847054779096d964815ebb1e31ef57059dd7801bc1166d3c4fe7c7d55f9876b5e41653532e1652951b71ce2ee0a28d03cb0303389a1682609c9f4b99314ab4c5dd811c42ecd5543e4796245024fc470ce956d9358924fda6e82be4039970217ca4656d6c5d84fa1b8622327218152311110d0be459be41d5c32678baf6bd082631899f96cfddb13fd9d45c66d37e32ad9141ac89c20b1d273e4de6a51f0c1ceac99cf89351c038da899be4c202276d6860e4fca9e81f9143dce7563acec8ae955c71757fa98fbb10967a8ef3e6200a9e7a1bbb0f62e7693fa4ae26025b6a67b491d84b0f60220614e71be11e4e14e665483c25b25e5c3422b6729b78a7cd36d66481b35a25cae6097dd2c3b630d5deaa5c3350942355440c08e2896812489ce27f59a45f144ea9e28d82cc6810373351eff2512c4a9de576bd7236d66975558b6f01059cff4911af7d1306081b5108b3baf9309ed9eb102a542840b027b22a27e5ac5a1924abdce98b0997ee786a2e378c859fdea293a0d32282b36dd2d200d4955a4be746ed411fe4304e98e5e20fa75e9cd78ed5121b88456ee7a236aac667c397915885479a1d3bc3220c50d58531db4bde49ccfe035fa12847acbf88c256570aa115beb237e11b9b5f1415efee8186a99d3b2da827399ca2fe3eee0facbe8eb20ab4270c817d67b224756621101a172a946e3ed020ee0101b3477aa93133d947c908fff9b327f4baa8110a61bdfb5c7af5c687dc873fa3cca58f808f19ccf4ca0a49f1a612ab2afb67692cfa99847f83c424d7df6eebed74288026cd25ffbd32735f0922664c60860f49b680106dcb459e6032450fa7a8c4f6010664d69d340f60d125b34fa1890f3672af8eb7c80f65b82b2f91e82cc152eee776ef20125defe8bde4f528cc54f0b194006fd5dbe79882d60dd95dddbf3fc98fd39aa7dd286aefc4543950531e69cf1cae7db7bfceaccd2a7d72ee82491fc6cb7c725239a748a83bceb7098981d3aa5fc1d299e35352ef0ac400880b17944645c12e06201b16305d08ded8011df919d1bd20bd4df02b4bccbf4433bfcb4e674381731bd9b70fbdf63e67baba89f5d3b56ee8019218d5e1a128914d800f4af566d9a8f71a7cd1ea9f4632ed2daa32c08baf9b1d83d8bfc97d316ae5b749410db2d394af3b64606"}, &(0x7f0000e38000)=0x100a) ustat(0xffffffffffffffe0, &(0x7f0000216000-0x20)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000ebf000-0xb8)={r5, 0x7, 0x20000007, 0x3, 0xfe, 0x7, 0xfffffffefffffffd, 0x3, {r5, @in6={{0xa, 0x0, 0xcff, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xbb}, 0x0}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x2, 0x7, 0x8c8, 0x5, 0x100000000}}, &(0x7f0000268000-0x4)=0xb8) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000f62000-0x10)={0x1, &(0x7f000071d000-0x8)=[{0x0, 0x0}]}) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000c46000-0x70)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000b36000)={0x0, 0x0}) ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000af3000-0x8)={r6, 0x3}) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) epoll_create1(0x7fffe) select(0x40, &(0x7f0000c2e000)={0x5, 0xf8a, 0xd40, 0x1, 0x9, 0x9, 0x5, 0x4}, &(0x7f00002f1000-0x40)={0x2, 0x3, 0x4, 0x6, 0x4, 0x8, 0x8, 0x7}, &(0x7f000041e000)={0x3, 0x1000, 0x0, 0x6, 0xa6a8, 0x2, 0x1, 0x200}, &(0x7f0000fab000-0x10)={0x77359400, 0x0}) poll(&(0x7f0000cbd000)=[], 0x0, 0x8) getsockopt$inet6_int(r7, 0x29, 0x13, &(0x7f0000345000)=0x0, &(0x7f0000985000-0x4)=0x4) setsockopt$inet6_int(r7, 0x29, 0x48, &(0x7f00004df000-0x4)=0x3, 0x4) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000516000)={0x1000, 0x7, 0x282e3a77, 0x2, 0x5}) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000d0000-0x4)=0xffffffffffffffff) add_key(&(0x7f0000052000)="7573657200", &(0x7f0000ea3000-0x5)={0x73, 0x79, 0x7a, 0x1, 0x0}, &(0x7f000047f000-0x91)="8f9a21e7e387dc2ab10fc71ad42ea545aaca1e07857089519b2a727870d2a1201aaee89de4e0785031d2662cb218ba9ac9b829dd0a95bf5530e1e95792c038267026eb5d6d132f684749f41a2c94af00ee236c8e747a94e5ae1964f3abaa0d065389434dc88cfd7d40a2c462659882de76faee1f7295c2524c36d504a17d5b2b9ea45def749f4810bfaf563d4eac7ba462", 0x91, 0xfffffffffffffff8) r8 = add_key(&(0x7f00004dc000-0x6)="727872706300", &(0x7f0000bd2000-0x5)={0x73, 0x79, 0x7a, 0x2, 0x0}, &(0x7f00001fb000)="c4a97be65eb3709f68389cf58a4e9b29b40e6eacc6ef6641669dcd1b910885ae1822b947a8e76612fbca27e71cd01c5b5f0548e92e269d0691d7422ed5a676ea660abc273edb0d96fb943b06fb1458eb0b384a7e8cacef2901c62265ee6802fee57e9c06e4", 0x65, 0xfffffffffffffffd) r9 = request_key(&(0x7f0000fdd000-0x5)="7573657200", &(0x7f0000fdc000)={0x73, 0x79, 0x7a, 0x1, 0x0}, &(0x7f000036c000-0xb)="2f6465762f6877726e6700", r8) keyctl$get_security(0x11, r9, &(0x7f000056f000)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x41) linkat(r1, &(0x7f0000fdb000)="2e2f66696c653000", r1, &(0x7f0000347000-0x8)="2e2f66696c653000", 0x400) stat(&(0x7f0000bca000-0x8)="2e2f66696c653000", &(0x7f0000ec1000-0x44)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000299000-0xc)={0x7, 0x1, 0x2, 0x1, 0x200}, 0xc) [ 43.603108] audit: type=1400 audit(1513001997.610:11): avc: denied { sys_chroot } for pid=3365 comm="syz-executor1" capability=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 2017/12/11 14:19:57 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000d11000)=0x3fb, 0x4) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000faa000-0xb)="2f6465762f6877726e6700", 0x400440, 0x0) ioctl$VT_ACTIVATE(r1, 0x5606, 0x1) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000c46000-0xc)={0x0, 0x0, 0x0}, &(0x7f0000a83000)=0xc) timer_create(0x1, &(0x7f00003bb000)={0x0, 0x3b, 0x3, @tid=r2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f000024f000)=0x0) clock_gettime(0x2, &(0x7f00003f3000)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000f49000+0x89f)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000190000-0x20)={{r4, r5+30000000}, {r6, r7+10000000}}, &(0x7f0000656000)={{0x0, 0x0}, {0x0, 0x0}}) r8 = syz_open_procfs(0x0, &(0x7f0000338000-0xe)="74696d65727300") ioctl$TIOCMSET(r8, 0x5418, &(0x7f000020e000)=0x2b) timer_create(0x0, &(0x7f0000f6b000-0x60)={0x0, 0x0, 0x1, @thr={&(0x7f0000af2000)="", &(0x7f0000934000+0x65d)=""}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000ebe000)=0x0) preadv(r8, &(0x7f00005e3000-0x10)=[{&(0x7f0000fa6000)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x64}], 0x1, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f000039d000)={@multicast2=0x0, @remote={0x0, 0x0, 0x0, 0x0}, 0x0}, &(0x7f000063e000)=0xc) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000ef7000-0x50)={@loopback={0x0, 0x1}, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @loopback={0x0, 0x1}, 0x401, 0x1, 0x3, 0x100, 0x7, 0x44000000, r9}) bind$inet6(r0, &(0x7f00003fa000)={0xa, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0}, 0x1c) sendto$inet6(r0, &(0x7f00007a9000-0x1)="", 0x0, 0xfffffefffffffffe, &(0x7f0000f63000-0x1c)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x0}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000efe000)=@syzn={0x73, 0x79, 0x7a, 0x0, 0x0}, 0x10) r10 = syz_open_pts(0xffffffffffffffff, 0x10000) ioctl$TIOCNOTTY(r10, 0x5422) sendmsg(r0, &(0x7f00002e7000)={&(0x7f0000d8d000)=@nfc={0x27, 0x0, 0x0, 0x0}, 0x10, &(0x7f0000c5e000)=[{&(0x7f00006b6000)="ca", 0x1}], 0x1, &(0x7f0000f18000)=[], 0x0, 0x0}, 0x0) sendto$inet6(r0, &(0x7f0000fea000-0x62)="b692c0c9609b0927370957c4a9175423c6bf3ce6c0b11b3018b993e9f5e78778f11c5d8f4c01419b259620362bf9adb47a215258ff8ea0ddcffbf7d0804c628ad779dd9d7404b2c83f860af0637fb6bae9ae589bcf748d06f5047e486facea9aab54", 0x62, 0x4000, &(0x7f0000609000)={0xa, 0x1, 0xd5, @loopback={0x0, 0x1}, 0x1}, 0x1c) [ 43.651149] audit: type=1400 audit(1513001997.659:12): avc: denied { net_admin } for pid=3395 comm="syz-executor1" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 43.651901] netlink: 'syz-executor1': attribute type 13 has an invalid length. [ 43.695624] netlink: 'syz-executor1': attribute type 13 has an invalid length. [ 43.704382] audit: type=1400 audit(1513001997.712:13): avc: denied { dac_override } for pid=3397 comm="syz-executor0" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 [ 43.708118] ================================================================== [ 43.708142] BUG: KASAN: global-out-of-bounds in show_timer+0x278/0x2b0 [ 43.708151] Read of size 8 at addr ffffffff857430f8 by task syz-executor0/3400 [ 43.708156] [ 43.708168] CPU: 1 PID: 3400 Comm: syz-executor0 Not tainted 4.15.0-rc2-next-20171211+ #64 [ 43.708176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.708181] Call Trace: [ 43.708198] dump_stack+0x194/0x257 [ 43.708217] ? arch_local_irq_restore+0x53/0x53 [ 43.708231] ? show_regs_print_info+0x18/0x18 [ 43.708246] ? seq_printf+0xb3/0xe0 [ 43.708261] ? show_timer+0x278/0x2b0 [ 43.708276] print_address_description+0x178/0x250 [ 43.708288] ? show_timer+0x278/0x2b0 [ 43.708301] kasan_report+0x25b/0x340 [ 43.708322] __asan_report_load8_noabort+0x14/0x20 [ 43.708333] show_timer+0x278/0x2b0 [ 43.708352] seq_read+0xb5a/0x13d0 [ 43.708393] ? seq_lseek+0x3c0/0x3c0 [ 43.708404] ? selinux_file_permission+0x82/0x460 [ 43.708425] ? security_file_permission+0x89/0x1f0 [ 43.708443] ? rw_verify_area+0xe5/0x2b0 [ 43.708462] do_iter_read+0x3db/0x5b0 [ 43.708474] ? dup_iter+0x260/0x260 [ 43.708507] vfs_readv+0x121/0x1c0 [ 43.708526] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 [ 43.708558] ? fget_raw+0x20/0x20 [ 43.708578] ? __might_sleep+0x95/0x190 [ 43.708600] ? SyS_futex+0x269/0x390 [ 43.708631] do_preadv+0x11b/0x1a0 [ 43.708641] ? do_preadv+0x11b/0x1a0 [ 43.708661] SyS_preadv+0x30/0x40 [ 43.708679] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 43.708687] RIP: 0033:0x452a39 [ 43.708694] RSP: 002b:00007fc89f8a0c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000127 [ 43.708707] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 [ 43.708714] RDX: 0000000000000001 RSI: 00000000205e2ff0 RDI: 0000000000000014 [ 43.708721] RBP: 00000000000005bc R08: 0000000000000000 R09: 0000000000000000 [ 43.708727] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6a40 [ 43.708734] R13: 00000000ffffffff R14: 00007fc89f8a16d4 R15: 0000000000000000 [ 43.708770] [ 43.708775] The buggy address belongs to the variable: [ 43.708784] nstr.44399+0x18/0x40 [ 43.708788] [ 43.708793] Memory state around the buggy address: [ 43.708803] ffffffff85742f80: fa fa fa fa 00 00 00 fa fa fa fa fa 00 06 fa fa [ 43.708811] ffffffff85743000: fa fa fa fa 07 fa fa fa fa fa fa fa 05 fa fa fa [ 43.708819] >ffffffff85743080: fa fa fa fa 07 fa fa fa fa fa fa fa 00 00 00 fa [ 43.708826] ^ [ 43.708834] ffffffff85743100: fa fa fa fa 00 fa fa fa fa fa fa fa 00 00 00 00 [ 43.708842] ffffffff85743180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 43.708847] ================================================================== [ 43.708851] Disabling lock debugging due to kernel taint [ 43.708855] Kernel panic - not syncing: panic_on_warn set ... [ 43.708855] [ 43.708862] CPU: 1 PID: 3400 Comm: syz-executor0 Tainted: G B 4.15.0-rc2-next-20171211+ #64 [ 43.708865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.708867] Call Trace: [ 43.708874] dump_stack+0x194/0x257 [ 43.708883] ? arch_local_irq_restore+0x53/0x53 [ 43.708892] ? vprintk_default+0x28/0x30 [ 43.708900] ? vsnprintf+0x1ed/0x1900 [ 43.708907] ? show_timer+0x180/0x2b0 [ 43.708915] panic+0x1e4/0x41c [ 43.708921] ? refcount_error_report+0x214/0x214 [ 43.708932] ? add_taint+0x40/0x50 [ 43.708938] ? add_taint+0x1c/0x50 [ 43.708948] ? show_timer+0x278/0x2b0 [ 43.708955] kasan_end_report+0x50/0x50 [ 43.708962] kasan_report+0x144/0x340 [ 43.708980] __asan_report_load8_noabort+0x14/0x20 [ 43.708987] show_timer+0x278/0x2b0 [ 43.709001] seq_read+0xb5a/0x13d0 [ 43.709021] ? seq_lseek+0x3c0/0x3c0 [ 43.709028] ? selinux_file_permission+0x82/0x460 [ 43.709038] ? security_file_permission+0x89/0x1f0 [ 43.709048] ? rw_verify_area+0xe5/0x2b0 [ 43.709058] do_iter_read+0x3db/0x5b0 [ 43.709066] ? dup_iter+0x260/0x260 [ 43.709081] vfs_readv+0x121/0x1c0 [ 43.709092] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 [ 43.709106] ? fget_raw+0x20/0x20 [ 43.709115] ? __might_sleep+0x95/0x190 [ 43.709126] ? SyS_futex+0x269/0x390 [ 43.709141] do_preadv+0x11b/0x1a0 [ 43.709148] ? do_preadv+0x11b/0x1a0 [ 43.709158] SyS_preadv+0x30/0x40 [ 43.709168] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 43.709173] RIP: 0033:0x452a39 [ 43.709176] RSP: 002b:00007fc89f8a0c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000127 [ 43.709183] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 [ 43.709187] RDX: 0000000000000001 RSI: 00000000205e2ff0 RDI: 0000000000000014 [ 43.709190] RBP: 00000000000005bc R08: 0000000000000000 R09: 0000000000000000 [ 43.709194] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6a40 [ 43.709197] R13: 00000000ffffffff R14: 00007fc89f8a16d4 R15: 0000000000000000 [ 43.733992] Dumping ftrace buffer: [ 43.733996] (ftrace buffer empty) [ 43.733999] Kernel Offset: disabled [ 44.206197] Rebooting in 86400 seconds..