[....] Starting enhanced syslogd: rsyslogd[ 12.835799] audit: type=1400 audit(1515055537.290:4): avc: denied { syslog } for pid=3176 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.232' (ECDSA) to the list of known hosts. 2018/01/04 08:47:06 parsed 1 programs 2018/01/04 08:47:06 executed programs: 0 syzkaller login: [ 101.903262] IPVS: Creating netns size=2536 id=1 [ 101.924548] IPVS: Creating netns size=2536 id=2 [ 101.955372] IPVS: Creating netns size=2536 id=3 [ 101.980569] IPVS: Creating netns size=2536 id=4 [ 102.012161] IPVS: Creating netns size=2536 id=5 [ 102.037059] IPVS: Creating netns size=2536 id=6 [ 102.069740] IPVS: Creating netns size=2536 id=7 [ 102.105454] IPVS: Creating netns size=2536 id=8 [ 103.946017] ================================================================== [ 103.953400] BUG: KASAN: out-of-bounds in __unwind_start+0x3a7/0x3c0 [ 103.959860] Read of size 8 at addr ffff8801c302fc30 by task syz-executor4/4478 [ 103.967181] [ 103.968783] CPU: 1 PID: 4478 Comm: syz-executor4 Not tainted 4.9.74-g173c52e #4 [ 103.976191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.985513] ffff8801c30f78f0 ffffffff81d91b09 ffffea00070c0bc0 ffff8801c302fc30 [ 103.993474] 0000000000000000 ffff8801c302fc38 ffff8801c30f7a20 ffff8801c30f7928 [ 104.001418] ffffffff8153b503 ffff8801c302fc30 0000000000000008 0000000000000000 [ 104.009364] Call Trace: [ 104.011920] [] dump_stack+0xc1/0x128 [ 104.017252] [] print_address_description+0x73/0x280 [ 104.023882] [] kasan_report+0x275/0x360 [ 104.029475] [] ? __unwind_start+0x3a7/0x3c0 [ 104.035417] [] __asan_report_load8_noabort+0x14/0x20 [ 104.042142] [] __unwind_start+0x3a7/0x3c0 [ 104.048255] [] ? ptrace_may_access+0x24/0x50 [ 104.054276] [] __save_stack_trace+0x59/0xf0 [ 104.060214] [] save_stack_trace_tsk+0x48/0x70 [ 104.066325] [] proc_pid_stack+0x146/0x230 [ 104.072091] [] ? lock_trace+0xc0/0xc0 [ 104.077509] [] proc_single_show+0xf8/0x170 [ 104.083362] [] seq_read+0x32f/0x1290 [ 104.088866] [] ? seq_escape+0x200/0x200 [ 104.094457] [] ? do_futex+0x3f8/0x15c0 [ 104.099965] [] ? __lock_is_held+0xa1/0xf0 [ 104.106173] [] ? seq_escape+0x200/0x200 [ 104.111769] [] __vfs_read+0x103/0x670 [ 104.117194] [] ? default_llseek+0x290/0x290 [ 104.123133] [] ? fsnotify+0x86/0xf30 [ 104.128474] [] ? fsnotify+0xf30/0xf30 [ 104.133900] [] ? avc_policy_seqno+0x9/0x20 [ 104.139751] [] ? selinux_file_permission+0x82/0x460 [ 104.147778] [] ? security_file_permission+0x89/0x1e0 [ 104.154504] [] ? rw_verify_area+0xe5/0x2b0 [ 104.160362] [] vfs_read+0x11e/0x380 [ 104.165604] [] SyS_read+0xd9/0x1b0 [ 104.170768] [] ? vfs_copy_file_range+0x740/0x740 [ 104.178444] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 104.185250] [] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 104.191801] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 104.198350] [ 104.199944] The buggy address belongs to the page: [ 104.204843] page:ffffea00070c0bc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 104.213075] flags: 0x8000000000000000() [ 104.217025] page dumped because: kasan: bad access detected [ 104.222703] [ 104.224299] Memory state around the buggy address: [ 104.229209] ffff8801c302fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.236547] ffff8801c302fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.244576] >ffff8801c302fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.251906] ^ [ 104.257076] ffff8801c302fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.264405] ffff8801c302fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.271733] ================================================================== [ 104.279067] Disabling lock debugging due to kernel taint [ 104.288406] Kernel panic - not syncing: panic_on_warn set ... [ 104.288406] [ 104.295787] CPU: 0 PID: 4478 Comm: syz-executor4 Tainted: G B 4.9.74-g173c52e #4 [ 104.304422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.314103] ffff8801c30f7848 ffffffff81d91b09 ffffffff841955df ffff8801c30f7920 [ 104.322047] 0000000000000000 ffff8801c302fc38 ffff8801c30f7a20 ffff8801c30f7910 [ 104.329990] ffffffff8142d161 0000000041b58ab3 ffffffff84189020 ffffffff8142cfa5 [ 104.338306] Call Trace: [ 104.340860] [] dump_stack+0xc1/0x128 [ 104.346189] [] panic+0x1bc/0x3a8 [ 104.351170] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 104.359374] [] ? preempt_schedule+0x25/0x30 [ 104.366005] [] ? ___preempt_schedule+0x16/0x18 [ 104.372209] [] kasan_end_report+0x50/0x50 [ 104.377970] [] kasan_report+0x167/0x360 [ 104.383559] [] ? __unwind_start+0x3a7/0x3c0 [ 104.389930] [] __asan_report_load8_noabort+0x14/0x20 [ 104.396651] [] __unwind_start+0x3a7/0x3c0 [ 104.402414] [] ? ptrace_may_access+0x24/0x50 [ 104.408522] [] __save_stack_trace+0x59/0xf0 [ 104.414457] [] save_stack_trace_tsk+0x48/0x70 [ 104.420569] [] proc_pid_stack+0x146/0x230 [ 104.426330] [] ? lock_trace+0xc0/0xc0 [ 104.433481] [] proc_single_show+0xf8/0x170 [ 104.440378] [] seq_read+0x32f/0x1290 [ 104.445706] [] ? seq_escape+0x200/0x200 [ 104.451294] [] ? do_futex+0x3f8/0x15c0 [ 104.456798] [] ? __lock_is_held+0xa1/0xf0 [ 104.462567] [] ? seq_escape+0x200/0x200 [ 104.468893] [] __vfs_read+0x103/0x670 [ 104.474306] [] ? default_llseek+0x290/0x290 [ 104.480850] [] ? fsnotify+0x86/0xf30 [ 104.486176] [] ? fsnotify+0xf30/0xf30 [ 104.491597] [] ? avc_policy_seqno+0x9/0x20 [ 104.497451] [] ? selinux_file_permission+0x82/0x460 [ 104.504083] [] ? security_file_permission+0x89/0x1e0 [ 104.510802] [] ? rw_verify_area+0xe5/0x2b0 [ 104.516651] [] vfs_read+0x11e/0x380 [ 104.521893] [] SyS_read+0xd9/0x1b0 [ 104.527046] [] ? vfs_copy_file_range+0x740/0x740 [ 104.533421] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 104.540226] [] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 104.546771] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 104.554050] Dumping ftrace buffer: [ 104.557559] (ftrace buffer empty) [ 104.561411] Kernel Offset: disabled [ 104.565002] Rebooting in 86400 seconds..