[   95.957407][   T27] audit: type=1400 audit(1580710334.659:37): avc:  denied  { watch } for  pid=10640 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1
[   95.995419][   T27] audit: type=1400 audit(1580710334.689:38): avc:  denied  { watch } for  pid=10640 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   99.870344][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   99.870360][   T27] audit: type=1400 audit(1580710338.569:41): avc:  denied  { map } for  pid=10722 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[  382.440466][   T27] audit: type=1400 audit(1580710621.139:42): avc:  denied  { map } for  pid=10730 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts.
[ 1003.825026][   T27] audit: type=1400 audit(1580711242.529:43): avc:  denied  { map } for  pid=11068 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=2339 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2020/02/03 06:27:22 parsed 1 programs
[ 1005.540881][   T27] audit: type=1400 audit(1580711244.239:44): avc:  denied  { integrity } for  pid=11068 comm="syz-execprog" lockdown_reason="debugfs access" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=lockdown permissive=1
[ 1005.568647][   T27] audit: type=1400 audit(1580711244.239:45): avc:  denied  { map } for  pid=11068 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=22677 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
2020/02/03 06:27:24 executed programs: 0
[ 1005.809294][T11085] IPVS: ftp: loaded support on port[0] = 21
[ 1005.872748][T11085] chnl_net:caif_netlink_parms(): no params data found
[ 1005.909478][T11085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1005.917173][T11085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1005.927721][T11085] device bridge_slave_0 entered promiscuous mode
[ 1005.937231][T11085] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1005.944844][T11085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.953325][T11085] device bridge_slave_1 entered promiscuous mode
[ 1005.970959][T11085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1005.983755][T11085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1006.003923][T11085] team0: Port device team_slave_0 added
[ 1006.012655][T11085] team0: Port device team_slave_1 added
[ 1006.028451][T11085] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1006.035543][T11085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.061889][T11085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1006.075555][T11085] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1006.082738][T11085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1006.109079][T11085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1006.164738][T11085] device hsr_slave_0 entered promiscuous mode
[ 1006.202648][T11085] device hsr_slave_1 entered promiscuous mode
[ 1006.339107][   T27] audit: type=1400 audit(1580711245.039:46): avc:  denied  { create } for  pid=11085 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[ 1006.343013][T11085] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1006.371351][   T27] audit: type=1400 audit(1580711245.039:47): avc:  denied  { write } for  pid=11085 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[ 1006.396962][   T27] audit: type=1400 audit(1580711245.039:48): avc:  denied  { read } for  pid=11085 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[ 1006.425888][T11085] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1006.494626][T11085] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1006.555254][T11085] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1006.627785][T11085] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1006.635090][T11085] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1006.643034][T11085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1006.650098][T11085] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1006.706150][T11085] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1006.721407][ T2966] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1006.742901][ T2966] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1006.761760][ T2966] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1006.770244][ T2966] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1006.784374][T11085] 8021q: adding VLAN 0 to HW filter on device team0
[ 1006.796595][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1006.806045][ T3127] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1006.813149][ T3127] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1006.834273][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1006.844354][ T2976] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1006.851459][ T2976] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1006.869490][T11094] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1006.878061][T11094] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1006.887017][T11094] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1006.897198][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1006.906696][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1006.921390][T11085] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1006.934400][T11085] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1006.942776][T11094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1006.951035][T11094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1006.977838][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1006.985779][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1007.000672][T11085] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1007.023595][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1007.032912][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1007.054840][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1007.063905][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1007.075701][T11085] device veth0_vlan entered promiscuous mode
[ 1007.082445][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1007.090121][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1007.106532][T11085] device veth1_vlan entered promiscuous mode
[ 1007.133507][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1007.141770][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1007.150996][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1007.160022][ T3127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1007.171755][T11085] device veth0_macvtap entered promiscuous mode
[ 1007.183474][T11085] device veth1_macvtap entered promiscuous mode
[ 1007.205237][T11085] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1007.214077][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1007.222628][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1007.230585][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1007.239820][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1007.253726][T11085] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1007.262264][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1007.270781][ T2976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1007.366202][   T27] audit: type=1400 audit(1580711246.069:49): avc:  denied  { associate } for  pid=11085 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[ 1007.474078][   T27] audit: type=1400 audit(1580711246.179:50): avc:  denied  { open } for  pid=11096 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=perf_event permissive=1
2020/02/03 06:27:29 executed programs: 86
2020/02/03 06:27:34 executed programs: 224
2020/02/03 06:27:39 executed programs: 365
2020/02/03 06:27:44 executed programs: 507
2020/02/03 06:27:49 executed programs: 649
2020/02/03 06:27:54 executed programs: 794
2020/02/03 06:27:59 executed programs: 930
2020/02/03 06:28:04 executed programs: 1070
2020/02/03 06:28:09 executed programs: 1212
2020/02/03 06:28:14 executed programs: 1353
2020/02/03 06:28:19 executed programs: 1492
2020/02/03 06:28:24 executed programs: 1629
2020/02/03 06:28:29 executed programs: 1769
2020/02/03 06:28:34 executed programs: 1908
2020/02/03 06:28:39 executed programs: 2048
2020/02/03 06:28:44 executed programs: 2190
2020/02/03 06:28:49 executed programs: 2326
2020/02/03 06:28:54 executed programs: 2467
2020/02/03 06:28:59 executed programs: 2604
2020/02/03 06:29:04 executed programs: 2742
2020/02/03 06:29:09 executed programs: 2882
2020/02/03 06:29:14 executed programs: 3021
2020/02/03 06:29:19 executed programs: 3160
2020/02/03 06:29:24 executed programs: 3299
2020/02/03 06:29:29 executed programs: 3437
2020/02/03 06:29:34 executed programs: 3576
2020/02/03 06:29:39 executed programs: 3709
2020/02/03 06:29:44 executed programs: 3844
2020/02/03 06:29:49 executed programs: 3986
2020/02/03 06:29:54 executed programs: 4128
2020/02/03 06:29:59 executed programs: 4266
2020/02/03 06:30:04 executed programs: 4403
2020/02/03 06:30:09 executed programs: 4543
2020/02/03 06:30:14 executed programs: 4685
2020/02/03 06:30:19 executed programs: 4825
2020/02/03 06:30:25 executed programs: 4964
2020/02/03 06:30:30 executed programs: 5102
2020/02/03 06:30:35 executed programs: 5240
[ 1200.794975][    T0] NOHZ: local_softirq_pending 08
[ 1200.802062][    T0] NOHZ: local_softirq_pending 08
2020/02/03 06:30:40 executed programs: 5377
2020/02/03 06:30:45 executed programs: 5517
[ 1210.915793][T13290] ==================================================================
[ 1210.924213][T13290] BUG: KASAN: use-after-free in vgem_gem_dumb_create+0x238/0x250
[ 1210.931930][T13290] Read of size 8 at addr ffff88809f885908 by task syz-executor.0/13290
[ 1210.940310][T13290] 
[ 1210.942764][T13290] CPU: 1 PID: 13290 Comm: syz-executor.0 Not tainted 5.5.0-syzkaller #0
[ 1210.951798][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1210.962138][T13290] Call Trace:
[ 1210.965585][T13290]  dump_stack+0x197/0x210
[ 1210.970050][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1210.975504][T13290]  print_address_description.constprop.0.cold+0xd4/0x30b
[ 1210.982774][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1210.988192][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1210.993605][T13290]  __kasan_report.cold+0x1b/0x32
[ 1210.998547][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1211.004136][T13290]  kasan_report+0x12/0x20
[ 1211.008546][T13290]  __asan_report_load8_noabort+0x14/0x20
[ 1211.014290][T13290]  vgem_gem_dumb_create+0x238/0x250
[ 1211.019642][T13290]  drm_mode_create_dumb+0x282/0x310
[ 1211.024850][T13290]  drm_mode_create_dumb_ioctl+0x26/0x30
[ 1211.030448][T13290]  drm_ioctl_kernel+0x244/0x300
[ 1211.035296][T13290]  ? drm_mode_create_dumb+0x310/0x310
[ 1211.040687][T13290]  ? drm_setversion+0x8c0/0x8c0
[ 1211.045842][T13290]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1211.052368][T13290]  ? _copy_from_user+0x12c/0x1a0
[ 1211.057449][T13290]  drm_ioctl+0x54e/0xa60
[ 1211.061754][T13290]  ? drm_mode_create_dumb+0x310/0x310
[ 1211.067139][T13290]  ? drm_ioctl_kernel+0x300/0x300
[ 1211.072328][T13290]  ? ksys_dup3+0x3e0/0x3e0
[ 1211.076828][T13290]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1211.082766][T13290]  ? tomoyo_file_ioctl+0x23/0x30
[ 1211.087699][T13290]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1211.094145][T13290]  ? security_file_ioctl+0x8d/0xc0
[ 1211.099251][T13290]  ? drm_ioctl_kernel+0x300/0x300
[ 1211.104324][T13290]  ksys_ioctl+0x123/0x180
[ 1211.108669][T13290]  __x64_sys_ioctl+0x73/0xb0
[ 1211.114082][T13290]  do_syscall_64+0xfa/0x790
[ 1211.118676][T13290]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.124563][T13290] RIP: 0033:0x45b399
[ 1211.128443][T13290] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1211.148419][T13290] RSP: 002b:00007f4b52418c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1211.156939][T13290] RAX: ffffffffffffffda RBX: 00007f4b524196d4 RCX: 000000000045b399
[ 1211.165050][T13290] RDX: 0000000020000000 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1211.173450][T13290] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1211.181490][T13290] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1211.189476][T13290] R13: 0000000000000285 R14: 00000000004d1588 R15: 000000000075bf2c
[ 1211.197933][T13290] 
[ 1211.200251][T13290] Allocated by task 13290:
[ 1211.204663][T13290]  save_stack+0x23/0x90
[ 1211.208818][T13290]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 1211.214454][T13290]  kasan_kmalloc+0x9/0x10
[ 1211.218923][T13290]  kmem_cache_alloc_trace+0x158/0x790
[ 1211.224308][T13290]  __vgem_gem_create+0x49/0x100
[ 1211.229156][T13290]  vgem_gem_dumb_create+0xd7/0x250
[ 1211.234361][T13290]  drm_mode_create_dumb+0x282/0x310
[ 1211.239629][T13290]  drm_mode_create_dumb_ioctl+0x26/0x30
[ 1211.245353][T13290]  drm_ioctl_kernel+0x244/0x300
[ 1211.250346][T13290]  drm_ioctl+0x54e/0xa60
[ 1211.254626][T13290]  ksys_ioctl+0x123/0x180
[ 1211.258946][T13290]  __x64_sys_ioctl+0x73/0xb0
[ 1211.263523][T13290]  do_syscall_64+0xfa/0x790
[ 1211.268024][T13290]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.273904][T13290] 
[ 1211.276220][T13290] Freed by task 13290:
[ 1211.280276][T13290]  save_stack+0x23/0x90
[ 1211.284478][T13290]  __kasan_slab_free+0x102/0x150
[ 1211.289473][T13290]  kasan_slab_free+0xe/0x10
[ 1211.294083][T13290]  kfree+0x10a/0x2c0
[ 1211.297983][T13290]  vgem_gem_free_object+0xbe/0xe0
[ 1211.303179][T13290]  drm_gem_object_free+0x100/0x220
[ 1211.308298][T13290]  drm_gem_object_put_unlocked+0x196/0x1c0
[ 1211.314100][T13290]  vgem_gem_dumb_create+0x115/0x250
[ 1211.319282][T13290]  drm_mode_create_dumb+0x282/0x310
[ 1211.324488][T13290]  drm_mode_create_dumb_ioctl+0x26/0x30
[ 1211.330039][T13290]  drm_ioctl_kernel+0x244/0x300
[ 1211.334881][T13290]  drm_ioctl+0x54e/0xa60
[ 1211.339110][T13290]  ksys_ioctl+0x123/0x180
[ 1211.343438][T13290]  __x64_sys_ioctl+0x73/0xb0
[ 1211.348081][T13290]  do_syscall_64+0xfa/0x790
[ 1211.352593][T13290]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.358523][T13290] 
[ 1211.360845][T13290] The buggy address belongs to the object at ffff88809f885800
[ 1211.360845][T13290]  which belongs to the cache kmalloc-1k of size 1024
[ 1211.375040][T13290] The buggy address is located 264 bytes inside of
[ 1211.375040][T13290]  1024-byte region [ffff88809f885800, ffff88809f885c00)
[ 1211.388413][T13290] The buggy address belongs to the page:
[ 1211.394036][T13290] page:ffffea00027e2140 refcount:1 mapcount:0 mapping:ffff8880aa400c40 index:0xffff88809f885000
[ 1211.404436][T13290] flags: 0xfffe0000000200(slab)
[ 1211.409286][T13290] raw: 00fffe0000000200 ffffea000251a308 ffffea0002587d48 ffff8880aa400c40
[ 1211.417970][T13290] raw: ffff88809f885000 ffff88809f885000 0000000100000001 0000000000000000
[ 1211.426607][T13290] page dumped because: kasan: bad access detected
[ 1211.433016][T13290] 
[ 1211.435336][T13290] Memory state around the buggy address:
[ 1211.440962][T13290]  ffff88809f885800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1211.449145][T13290]  ffff88809f885880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1211.457263][T13290] >ffff88809f885900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1211.465310][T13290]                       ^
[ 1211.469633][T13290]  ffff88809f885980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1211.477733][T13290]  ffff88809f885a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1211.485787][T13290] ==================================================================
[ 1211.494017][T13290] Disabling lock debugging due to kernel taint
[ 1211.501981][T13290] Kernel panic - not syncing: panic_on_warn set ...
[ 1211.508569][T13290] CPU: 1 PID: 13290 Comm: syz-executor.0 Tainted: G    B             5.5.0-syzkaller #0
[ 1211.518388][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1211.528443][T13290] Call Trace:
[ 1211.531722][T13290]  dump_stack+0x197/0x210
[ 1211.536090][T13290]  panic+0x2e3/0x75c
[ 1211.539994][T13290]  ? add_taint.cold+0x16/0x16
[ 1211.544669][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1211.550031][T13290]  ? preempt_schedule+0x4b/0x60
[ 1211.554960][T13290]  ? ___preempt_schedule+0x16/0x18
[ 1211.560117][T13290]  ? trace_hardirqs_on+0x5e/0x240
[ 1211.565133][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1211.570615][T13290]  end_report+0x47/0x4f
[ 1211.574763][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1211.580130][T13290]  __kasan_report.cold+0xe/0x32
[ 1211.584986][T13290]  ? vgem_gem_dumb_create+0x238/0x250
[ 1211.590439][T13290]  kasan_report+0x12/0x20
[ 1211.594786][T13290]  __asan_report_load8_noabort+0x14/0x20
[ 1211.600413][T13290]  vgem_gem_dumb_create+0x238/0x250
[ 1211.605609][T13290]  drm_mode_create_dumb+0x282/0x310
[ 1211.610808][T13290]  drm_mode_create_dumb_ioctl+0x26/0x30
[ 1211.616422][T13290]  drm_ioctl_kernel+0x244/0x300
[ 1211.621366][T13290]  ? drm_mode_create_dumb+0x310/0x310
[ 1211.626763][T13290]  ? drm_setversion+0x8c0/0x8c0
[ 1211.631605][T13290]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1211.637892][T13290]  ? _copy_from_user+0x12c/0x1a0
[ 1211.642910][T13290]  drm_ioctl+0x54e/0xa60
[ 1211.647145][T13290]  ? drm_mode_create_dumb+0x310/0x310
[ 1211.652588][T13290]  ? drm_ioctl_kernel+0x300/0x300
[ 1211.657723][T13290]  ? ksys_dup3+0x3e0/0x3e0
[ 1211.662146][T13290]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1211.667872][T13290]  ? tomoyo_file_ioctl+0x23/0x30
[ 1211.672801][T13290]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1211.679032][T13290]  ? security_file_ioctl+0x8d/0xc0
[ 1211.684851][T13290]  ? drm_ioctl_kernel+0x300/0x300
[ 1211.689983][T13290]  ksys_ioctl+0x123/0x180
[ 1211.694305][T13290]  __x64_sys_ioctl+0x73/0xb0
[ 1211.698886][T13290]  do_syscall_64+0xfa/0x790
[ 1211.703439][T13290]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.709431][T13290] RIP: 0033:0x45b399
[ 1211.713322][T13290] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1211.732910][T13290] RSP: 002b:00007f4b52418c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1211.741341][T13290] RAX: ffffffffffffffda RBX: 00007f4b524196d4 RCX: 000000000045b399
[ 1211.749292][T13290] RDX: 0000000020000000 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1211.757251][T13290] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1211.765317][T13290] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1211.773357][T13290] R13: 0000000000000285 R14: 00000000004d1588 R15: 000000000075bf2c
[ 1211.783264][T13290] Kernel Offset: disabled
[ 1211.787593][T13290] Rebooting in 86400 seconds..