[....] Starting enhanced syslogd: rsyslogd[ 12.782967] audit: type=1400 audit(1516532352.017:4): avc: denied { syslog } for pid=3177 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.065456] IPVS: Creating netns size=2536 id=1 [ 26.102120] ================================================================== [ 26.109496] BUG: KASAN: null-ptr-deref in snd_timer_user_read+0x510/0x700 [ 26.116389] Read of size 32 at addr (null) by task syzkaller753474/3339 [ 26.123974] [ 26.125571] CPU: 0 PID: 3339 Comm: syzkaller753474 Not tainted 4.9.77-ge12a9c4 #27 [ 26.133245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.142568] ffff8801c7e87968 ffffffff81d941c9 0000000000000000 0000000000000020 [ 26.150534] 0000000000000000 ffff8801c7e87b30 ffff8801cd70bbc8 ffff8801c7e879b0 [ 26.158496] ffffffff8153df9e ffffffff82da5800 0000000000000286 0cea9696f38bc5db [ 26.166460] Call Trace: [ 26.169018] [] dump_stack+0xc1/0x128 [ 26.174352] [] kasan_report+0x15e/0x360 [ 26.179944] [] ? snd_timer_user_read+0x510/0x700 [ 26.186321] [] check_memory_region+0x137/0x190 [ 26.192525] [] kasan_check_read+0x11/0x20 [ 26.198289] [] snd_timer_user_read+0x510/0x700 [ 26.204498] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.211307] [] ? __fsnotify_parent+0xbc/0x340 [ 26.218500] [] ? fsnotify+0x86/0xf30 [ 26.223829] [] ? fsnotify+0xf30/0xf30 [ 26.229247] [] ? avc_policy_seqno+0x9/0x20 [ 26.235100] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 26.242080] [] ? security_file_permission+0x89/0x1e0 [ 26.248803] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.255612] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.262421] [] compat_do_readv_writev+0x522/0x760 [ 26.269922] [] ? do_pwritev+0x1a0/0x1a0 [ 26.275512] [] ? exit_robust_list+0x230/0x230 [ 26.281624] [] ? __fget+0x228/0x3a0 [ 26.286866] [] ? __fget+0x47/0x3a0 [ 26.292027] [] compat_readv+0xe3/0x150 [ 26.297535] [] do_compat_readv+0xf4/0x1d0 [ 26.303300] [] ? compat_readv+0x150/0x150 [ 26.309674] [] ? compat_SyS_ioctl+0x8c/0x2050 [ 26.315785] [] compat_SyS_readv+0x26/0x30 [ 26.321549] [] ? SyS_pwritev2+0x80/0x80 [ 26.327141] [] do_fast_syscall_32+0x2f7/0x890 [ 26.333252] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.339886] [] entry_SYSENTER_compat+0x74/0x83 [ 26.346081] ================================================================== [ 26.353406] Disabling lock debugging due to kernel taint [ 26.359206] Kernel panic - not syncing: panic_on_warn set ... [ 26.359206] [ 26.366553] CPU: 0 PID: 3339 Comm: syzkaller753474 Tainted: G B 4.9.77-ge12a9c4 #27 [ 26.375442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.384762] ffff8801c7e87888 ffffffff81d941c9 ffffffff841970ff ffff8801c7e87960 [ 26.392722] 0000000000000000 ffff8801c7e87b30 ffff8801cd70bbc8 ffff8801c7e87950 [ 26.400687] ffffffff8142f3c1 0000000041b58ab3 ffffffff8418ab70 ffffffff8142f205 [ 26.408645] Call Trace: [ 26.411202] [] dump_stack+0xc1/0x128 [ 26.416535] [] panic+0x1bc/0x3a8 [ 26.421520] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 26.430064] [] ? preempt_schedule+0x25/0x30 [ 26.436009] [] ? ___preempt_schedule+0x16/0x18 [ 26.442208] [] kasan_end_report+0x50/0x50 [ 26.447974] [] kasan_report+0x167/0x360 [ 26.453566] [] ? snd_timer_user_read+0x510/0x700 [ 26.459941] [] check_memory_region+0x137/0x190 [ 26.466138] [] kasan_check_read+0x11/0x20 [ 26.471903] [] snd_timer_user_read+0x510/0x700 [ 26.478101] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.484924] [] ? __fsnotify_parent+0xbc/0x340 [ 26.491736] [] ? fsnotify+0x86/0xf30 [ 26.497069] [] ? fsnotify+0xf30/0xf30 [ 26.502486] [] ? avc_policy_seqno+0x9/0x20 [ 26.508337] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 26.515316] [] ? security_file_permission+0x89/0x1e0 [ 26.522034] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.528838] [] ? snd_timer_user_interrupt+0x3c0/0x3c0 [ 26.535641] [] compat_do_readv_writev+0x522/0x760 [ 26.542098] [] ? do_pwritev+0x1a0/0x1a0 [ 26.547688] [] ? exit_robust_list+0x230/0x230 [ 26.553800] [] ? __fget+0x228/0x3a0 [ 26.559042] [] ? __fget+0x47/0x3a0 [ 26.564199] [] compat_readv+0xe3/0x150 [ 26.569704] [] do_compat_readv+0xf4/0x1d0 [ 26.575469] [] ? compat_readv+0x150/0x150 [ 26.581234] [] ? compat_SyS_ioctl+0x8c/0x2050 [ 26.587353] [] compat_SyS_readv+0x26/0x30 [ 26.593118] [] ? SyS_pwritev2+0x80/0x80 [ 26.598710] [] do_fast_syscall_32+0x2f7/0x890 [ 26.604822] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.611460] [] entry_SYSENTER_compat+0x74/0x83 [ 26.618240] Dumping ftrace buffer: [ 26.621752] (ftrace buffer empty) [ 26.625433] Kernel Offset: disabled [ 26.629028] Rebooting in 86400 seconds..