[....] Starting enhanced syslogd: rsyslogd[   12.067680] audit: type=1400 audit(1516307407.905:5): avc:  denied  { syslog } for  pid=3495 comm="rsyslogd" capability=34  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   17.501963] audit: type=1400 audit(1516307413.339:6): avc:  denied  { map } for  pid=3635 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.15.214' (ECDSA) to the list of known hosts.
executing program
[   28.170606] audit: type=1400 audit(1516307424.008:7): avc:  denied  { map } for  pid=3651 comm="syzkaller355354" path="/root/syzkaller355354068" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   28.175452] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2816 sclass=netlink_tcpdiag_socket pig=3651 comm=syzkaller355354
[   28.175538] ==================================================================
[   28.175555] BUG: KASAN: stack-out-of-bounds in __nla_put+0x37/0x40
[   28.175559] Read of size 255 at addr ffff8801bbbaf8b0 by task syzkaller355354/3651
[   28.175560] 
[   28.175566] CPU: 1 PID: 3651 Comm: syzkaller355354 Not tainted 4.15.0-rc8+ #196
[   28.175569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.175571] Call Trace:
[   28.175579]  dump_stack+0x194/0x257
[   28.175589]  ? arch_local_irq_restore+0x53/0x53
[   28.175596]  ? show_regs_print_info+0x18/0x18
[   28.175605]  ? __alloc_skb+0x57e/0x780
[   28.175612]  ? __nla_put+0x37/0x40
[   28.175620]  print_address_description+0x73/0x250
[   28.175625]  ? __nla_put+0x37/0x40
[   28.175632]  kasan_report+0x25b/0x340
[   28.175641]  check_memory_region+0x137/0x190
[   28.175647]  memcpy+0x23/0x50
[   28.175654]  __nla_put+0x37/0x40
[   28.175661]  nla_put+0xf5/0x130
[   28.175672]  netlink_ack+0x78a/0xa10
[   28.175681]  ? netlink_sendmsg+0xe60/0xe60
[   28.175690]  ? netlink_tap_init_net+0x350/0x350
[   28.175699]  netlink_rcv_skb+0x2d1/0x400
[   28.175713]  ? sock_diag_bind+0x80/0x80
[   28.175721]  ? netlink_ack+0xa10/0xa10
[   28.175727]  ? idr_get_free_cmn+0xfd0/0xfd0
[   28.175733]  ? netlink_skb_destructor+0x1d0/0x1d0
[   28.175746]  sock_diag_rcv+0x2a/0x40
[   28.175751]  netlink_unicast+0x4c4/0x6b0
[   28.175761]  ? netlink_attachskb+0x8a0/0x8a0
[   28.175773]  ? security_netlink_send+0x81/0xb0
[   28.175781]  netlink_sendmsg+0xa4a/0xe60
[   28.175793]  ? netlink_unicast+0x6b0/0x6b0
[   28.175802]  ? security_socket_sendmsg+0x89/0xb0
[   28.175807]  ? netlink_unicast+0x6b0/0x6b0
[   28.175815]  sock_sendmsg+0xca/0x110
[   28.175823]  ___sys_sendmsg+0x767/0x8b0
[   28.175833]  ? copy_msghdr_from_user+0x590/0x590
[   28.175847]  ? __do_page_fault+0x5f7/0xc90
[   28.175855]  ? lock_downgrade+0x980/0x980
[   28.175868]  ? __fget_light+0x297/0x380
[   28.175874]  ? fget_raw+0x20/0x20
[   28.175882]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   28.175885]  ? vmacache_find+0x5f/0x280
[   28.175897]  ? up_read+0x1a/0x40
[   28.175902]  ? __do_page_fault+0x3d6/0xc90
[   28.175907]  ? lock_release+0xa40/0xa40
[   28.175918]  ? __fdget+0x18/0x20
[   28.175927]  __sys_sendmsg+0xe5/0x210
[   28.175931]  ? __sys_sendmsg+0xe5/0x210
[   28.175938]  ? SyS_shutdown+0x290/0x290
[   28.175945]  ? __do_page_fault+0xc90/0xc90
[   28.175954]  ? SyS_setsockopt+0x215/0x360
[   28.175970]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.175980]  SyS_sendmsg+0x2d/0x50
[   28.175990]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   28.175994] RIP: 0033:0x43fdc9
[   28.175996] RSP: 002b:00007ffe9a68b078 EFLAGS: 00000217 ORIG_RAX: 000000000000002e
[   28.176004] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdc9
[   28.176007] RDX: 0000000000000000 RSI: 000000002058efc8 RDI: 0000000000000003
[   28.176009] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   28.176012] R10: 0000000000000004 R11: 0000000000000217 R12: 00000000004016f0
[   28.176014] R13: 0000000000401780 R14: 0000000000000000 R15: 0000000000000000
[   28.176040] 
[   28.176042] The buggy address belongs to the page:
[   28.176048] page:ffffea0006eeebc0 count:0 mapcount:0 mapping:          (null) index:0x0
[   28.176052] flags: 0x2fffc0000000000()
[   28.176058] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[   28.176063] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000
[   28.176064] page dumped because: kasan: bad access detected
[   28.176066] 
[   28.176067] Memory state around the buggy address:
[   28.176070]  ffff8801bbbaf780: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f2 f2 f2
[   28.176073]  ffff8801bbbaf800: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[   28.176077] >ffff8801bbbaf880: f1 f1 f1 f1 00 00 00 00 00 f2 f2 f2 00 00 00 00
[   28.176079]                                               ^
[   28.176082]  ffff8801bbbaf900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.176085]  ffff8801bbbaf980: 00 f1 f1 f1 f1 00 f2 f2 f2 f3 f3 f3 f3 00 00 00
[   28.176086] ==================================================================
[   28.176088] Disabling lock debugging due to kernel taint
[   28.176106] Kernel panic - not syncing: panic_on_warn set ...
[   28.176106] 
[   28.176110] CPU: 1 PID: 3651 Comm: syzkaller355354 Tainted: G    B            4.15.0-rc8+ #196
[   28.176112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.176113] Call Trace:
[   28.176118]  dump_stack+0x194/0x257
[   28.176124]  ? arch_local_irq_restore+0x53/0x53
[   28.176128]  ? kasan_end_report+0x32/0x50
[   28.176137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   28.176142]  ? vsnprintf+0x1ed/0x1900
[   28.176147]  ? nla_put_64bit+0xc0/0x150
[   28.176152]  panic+0x1e4/0x41c
[   28.176156]  ? refcount_error_report+0x214/0x214
[   28.176162]  ? add_taint+0x1c/0x50
[   28.176166]  ? add_taint+0x1c/0x50
[   28.176171]  ? __nla_put+0x37/0x40
[   28.176175]  kasan_end_report+0x50/0x50
[   28.176179]  kasan_report+0x144/0x340
[   28.176186]  check_memory_region+0x137/0x190
[   28.176190]  memcpy+0x23/0x50
[   28.176195]  __nla_put+0x37/0x40
[   28.176200]  nla_put+0xf5/0x130
[   28.176206]  netlink_ack+0x78a/0xa10
[   28.176212]  ? netlink_sendmsg+0xe60/0xe60
[   28.176218]  ? netlink_tap_init_net+0x350/0x350
[   28.176224]  netlink_rcv_skb+0x2d1/0x400
[   28.176228]  ? sock_diag_bind+0x80/0x80
[   28.176233]  ? netlink_ack+0xa10/0xa10
[   28.176237]  ? idr_get_free_cmn+0xfd0/0xfd0
[   28.176242]  ? netlink_skb_destructor+0x1d0/0x1d0
[   28.176250]  sock_diag_rcv+0x2a/0x40
[   28.176254]  netlink_unicast+0x4c4/0x6b0
[   28.176261]  ? netlink_attachskb+0x8a0/0x8a0
[   28.176267]  ? security_netlink_send+0x81/0xb0
[   28.176273]  netlink_sendmsg+0xa4a/0xe60
[   28.176280]  ? netlink_unicast+0x6b0/0x6b0
[   28.176286]  ? security_socket_sendmsg+0x89/0xb0
[   28.176290]  ? netlink_unicast+0x6b0/0x6b0
[   28.176295]  sock_sendmsg+0xca/0x110
[   28.176300]  ___sys_sendmsg+0x767/0x8b0
[   28.176307]  ? copy_msghdr_from_user+0x590/0x590
[   28.176315]  ? __do_page_fault+0x5f7/0xc90
[   28.176320]  ? lock_downgrade+0x980/0x980
[   28.176327]  ? __fget_light+0x297/0x380
[   28.176331]  ? fget_raw+0x20/0x20
[   28.176336]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   28.176339]  ? vmacache_find+0x5f/0x280
[   28.176346]  ? up_read+0x1a/0x40
[   28.176350]  ? __do_page_fault+0x3d6/0xc90
[   28.176354]  ? lock_release+0xa40/0xa40
[   28.176361]  ? __fdget+0x18/0x20
[   28.176367]  __sys_sendmsg+0xe5/0x210
[   28.176371]  ? __sys_sendmsg+0xe5/0x210
[   28.176376]  ? SyS_shutdown+0x290/0x290
[   28.176381]  ? __do_page_fault+0xc90/0xc90
[   28.176387]  ? SyS_setsockopt+0x215/0x360
[   28.176397]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   28.176403]  SyS_sendmsg+0x2d/0x50
[   28.176409]  entry_SYSCALL_64_fastpath+0x29/0xa0
[   28.176412] RIP: 0033:0x43fdc9
[   28.176413] RSP: 002b:00007ffe9a68b078 EFLAGS: 00000217 ORIG_RAX: 000000000000002e
[   28.176417] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdc9
[   28.176419] RDX: 0000000000000000 RSI: 000000002058efc8 RDI: 0000000000000003
[   28.176421] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   28.176423] R10: 0000000000000004 R11: 0000000000000217 R12: 00000000004016f0
[   28.176425] R13: 0000000000401780 R14: 0000000000000000 R15: 0000000000000000
[   28.196820] Dumping ftrace buffer:
[   28.196823]    (ftrace buffer empty)
[   28.196825] Kernel Offset: disabled
[   28.901077] Rebooting in 86400 seconds..