[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   24.268209] audit: type=1800 audit(1538330609.843:21): pid=5178 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[   24.295875] audit: type=1800 audit(1538330609.843:22): pid=5178 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
syzkaller login: [   34.247098] kauditd_printk_skb: 8 callbacks suppressed
[   34.247112] audit: type=1400 audit(1538330619.813:31): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5334 comm="syz-executor973"
[   34.261778] ==================================================================
[   34.270485] audit: type=1400 audit(1538330619.823:32): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5335 comm="syz-executor973"
[   34.277415] BUG: KASAN: stack-out-of-bounds in memcmp+0xe3/0x160
[   34.277427] Read of size 1 at addr ffff8801d8f973b0 by task syz-executor973/5336
[   34.277430] 
[   34.277446] CPU: 0 PID: 5336 Comm: syz-executor973 Not tainted 4.19.0-rc5+ #164
[   34.277454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.277459] Call Trace:
[   34.277480]  dump_stack+0x1c4/0x2b4
[   34.277500]  ? dump_stack_print_info.cold.2+0x52/0x52
[   34.338224]  ? printk+0xa7/0xcf
[   34.341491]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[   34.346246]  print_address_description.cold.8+0x9/0x1ff
[   34.351601]  kasan_report.cold.9+0x242/0x309
[   34.355997]  ? memcmp+0xe3/0x160
[   34.359352]  __asan_report_load1_noabort+0x14/0x20
[   34.364270]  memcmp+0xe3/0x160
[   34.367452]  strnstr+0x4b/0x70
[   34.370631]  __aa_lookupn_ns+0xc1/0x570
[   34.374594]  ? aa_find_ns+0x30/0x30
[   34.378208]  ? lock_acquire+0x1ed/0x520
[   34.382167]  ? __aa_lookupn_ns+0x570/0x570
[   34.386413]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.391973]  ? check_preemption_disabled+0x48/0x200
[   34.396982]  ? kasan_check_read+0x11/0x20
[   34.401129]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   34.406404]  ? rcu_bh_qs+0xc0/0xc0
[   34.409950]  ? print_usage_bug+0xc0/0xc0
[   34.414029]  aa_lookupn_ns+0x88/0x1e0
[   34.417854]  aa_fqlookupn_profile+0x1b9/0x1010
[   34.422469]  ? aa_lookup_profile+0x30/0x30
[   34.426692]  ? __lock_acquire+0x7ec/0x4ec0
[   34.430920]  ? noop_count+0x40/0x40
[   34.434571]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.440101]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   34.445561]  ? refcount_add_not_zero_checked+0x330/0x330
[   34.451009]  ? mark_held_locks+0x130/0x130
[   34.455272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.460820]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   34.466380]  fqlookupn_profile+0x80/0xc0
[   34.470455]  aa_label_strn_parse+0xa3a/0x1230
[   34.474950]  ? aa_label_printk+0x850/0x850
[   34.479180]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[   34.484970]  ? kasan_check_read+0x11/0x20
[   34.489111]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   34.494383]  ? rcu_bh_qs+0xc0/0xc0
[   34.497941]  ? rcu_bh_qs+0xc0/0xc0
[   34.501469]  ? unwind_dump+0x190/0x190
[   34.505988]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.513257]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   34.520346]  ? refcount_add_not_zero_checked+0x330/0x330
[   34.527346]  ? unwind_get_return_address+0x61/0xa0
[   34.532263]  ? __save_stack_trace+0x8d/0xf0
[   34.536578]  aa_label_parse+0x42/0x50
[   34.540367]  aa_change_profile+0x513/0x3260
[   34.544677]  ? save_stack+0x43/0xd0
[   34.548293]  ? kasan_kmalloc+0xc7/0xe0
[   34.552165]  ? apparmor_setprocattr+0x2ab/0x1150
[   34.556907]  ? __vfs_write+0x119/0x9f0
[   34.560786]  ? __x64_sys_write+0x91/0xb0
[   34.564868]  ? do_fast_syscall_32+0x34d/0xfb2
[   34.569349]  ? entry_SYSENTER_compat+0x70/0x7f
[   34.573916]  ? aa_change_hat+0x1890/0x1890
[   34.578135]  ? find_held_lock+0x36/0x1c0
[   34.582212]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.587750]  ? check_preemption_disabled+0x48/0x200
[   34.592775]  ? check_preemption_disabled+0x48/0x200
[   34.597790]  ? __lock_is_held+0xb5/0x140
[   34.601840]  ? rcu_read_lock_sched_held+0x108/0x120
[   34.606883]  ? __kmalloc+0x5de/0x760
[   34.610591]  ? graph_lock+0x170/0x170
[   34.614375]  ? mark_held_locks+0x130/0x130
[   34.618599]  apparmor_setprocattr+0xa8b/0x1150
[   34.623176]  ? apparmor_task_kill+0xcb0/0xcb0
[   34.627662]  ? lock_downgrade+0x900/0x900
[   34.631800]  ? arch_local_save_flags+0x40/0x40
[   34.636386]  security_setprocattr+0x66/0xc0
[   34.640698]  proc_pid_attr_write+0x301/0x540
[   34.645096]  __vfs_write+0x119/0x9f0
[   34.648803]  ? check_preemption_disabled+0x48/0x200
[   34.653803]  ? proc_loginuid_write+0x4f0/0x4f0
[   34.659001]  ? kernel_read+0x120/0x120
[   34.662876]  ? __lock_is_held+0xb5/0x140
[   34.666952]  ? rcu_read_lock_sched_held+0x108/0x120
[   34.671965]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.677490]  ? __sb_start_write+0x1b2/0x370
[   34.681820]  vfs_write+0x1fc/0x560
[   34.685369]  ksys_write+0x101/0x260
[   34.688984]  ? __ia32_sys_read+0xb0/0xb0
[   34.693033]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   34.698473]  __ia32_sys_write+0x71/0xb0
[   34.702437]  do_fast_syscall_32+0x34d/0xfb2
[   34.706745]  ? do_int80_syscall_32+0x890/0x890
[   34.711336]  ? entry_SYSENTER_compat+0x68/0x7f
[   34.715906]  ? trace_hardirqs_off_caller+0xbb/0x310
[   34.721359]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.726201]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.731033]  ? trace_hardirqs_on_caller+0x310/0x310
[   34.736321]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   34.741324]  ? prepare_exit_to_usermode+0x291/0x3b0
[   34.746333]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.751173]  entry_SYSENTER_compat+0x70/0x7f
[   34.755574] RIP: 0023:0xf7f8cca9
[   34.758928] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   34.777838] RSP: 002b:00000000ffc7783c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[   34.785539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[   34.792796] RDX: 000000000000002c RSI: 00000000ffc77984 RDI: 00000000ffc7798c
[   34.800051] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   34.807308] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   34.814566] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   34.821851] 
[   34.823462] The buggy address belongs to the page:
[   34.828376] page:ffffea000763e5c0 count:0 mapcount:0 mapping:0000000000000000 index:0x0
[   34.836504] flags: 0x2fffc0000000000()
[   34.840418] raw: 02fffc0000000000 0000000000000000 ffffffff07630101 0000000000000000
[   34.848285] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   34.856146] page dumped because: kasan: bad access detected
[   34.862340] 
[   34.863966] Memory state around the buggy address:
[   34.868878]  ffff8801d8f97280: f2 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00 00 00 00
[   34.876220]  ffff8801d8f97300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.883578] >ffff8801d8f97380: 00 00 00 00 00 f1 f1 f1 f1 f8 f2 f2 f2 f2 f2 f2
[   34.890916]                                      ^
[   34.895825]  ffff8801d8f97400: f2 00 f2 f2 f2 f2 f2 f2 f2 f8 f2 f2 f2 f2 f2 f2
[   34.903175]  ffff8801d8f97480: f2 00 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00
[   34.910532] ==================================================================
[   34.918044] Disabling lock debugging due to kernel taint
[   34.925263] Kernel panic - not syncing: panic_on_warn set ...
[   34.925263] 
[   34.932655] CPU: 0 PID: 5336 Comm: syz-executor973 Tainted: G    B             4.19.0-rc5+ #164
[   34.942519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.951853] Call Trace:
[   34.954448]  dump_stack+0x1c4/0x2b4
[   34.958065]  ? dump_stack_print_info.cold.2+0x52/0x52
[   34.963245]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   34.967988]  panic+0x238/0x4e7
[   34.972159]  ? add_taint.cold.5+0x16/0x16
[   34.977527]  ? preempt_schedule+0x4d/0x60
[   34.983049]  ? ___preempt_schedule+0x16/0x18
[   34.988919]  ? trace_hardirqs_on+0xb4/0x310
[   34.993229]  kasan_end_report+0x47/0x4f
[   34.997207]  kasan_report.cold.9+0x76/0x309
[   35.001520]  ? memcmp+0xe3/0x160
[   35.004873]  __asan_report_load1_noabort+0x14/0x20
[   35.009789]  memcmp+0xe3/0x160
[   35.012971]  strnstr+0x4b/0x70
[   35.016150]  __aa_lookupn_ns+0xc1/0x570
[   35.020113]  ? aa_find_ns+0x30/0x30
[   35.023726]  ? lock_acquire+0x1ed/0x520
[   35.027688]  ? __aa_lookupn_ns+0x570/0x570
[   35.031910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.037447]  ? check_preemption_disabled+0x48/0x200
[   35.042449]  ? kasan_check_read+0x11/0x20
[   35.046582]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   35.051844]  ? rcu_bh_qs+0xc0/0xc0
[   35.055369]  ? print_usage_bug+0xc0/0xc0
[   35.059417]  aa_lookupn_ns+0x88/0x1e0
[   35.063204]  aa_fqlookupn_profile+0x1b9/0x1010
[   35.067787]  ? aa_lookup_profile+0x30/0x30
[   35.072024]  ? __lock_acquire+0x7ec/0x4ec0
[   35.076251]  ? noop_count+0x40/0x40
[   35.079879]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.085402]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   35.090853]  ? refcount_add_not_zero_checked+0x330/0x330
[   35.096294]  ? mark_held_locks+0x130/0x130
[   35.100542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.106085]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   35.111609]  fqlookupn_profile+0x80/0xc0
[   35.115659]  aa_label_strn_parse+0xa3a/0x1230
[   35.120141]  ? aa_label_printk+0x850/0x850
[   35.124364]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[   35.130161]  ? kasan_check_read+0x11/0x20
[   35.134296]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   35.139557]  ? rcu_bh_qs+0xc0/0xc0
[   35.143083]  ? rcu_bh_qs+0xc0/0xc0
[   35.146608]  ? unwind_dump+0x190/0x190
[   35.150935]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.158129]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   35.164099]  ? refcount_add_not_zero_checked+0x330/0x330
[   35.169541]  ? unwind_get_return_address+0x61/0xa0
[   35.174460]  ? __save_stack_trace+0x8d/0xf0
[   35.178780]  aa_label_parse+0x42/0x50
[   35.182580]  aa_change_profile+0x513/0x3260
[   35.186889]  ? save_stack+0x43/0xd0
[   35.190498]  ? kasan_kmalloc+0xc7/0xe0
[   35.194375]  ? apparmor_setprocattr+0x2ab/0x1150
[   35.199117]  ? __vfs_write+0x119/0x9f0
[   35.202987]  ? __x64_sys_write+0x91/0xb0
[   35.207040]  ? do_fast_syscall_32+0x34d/0xfb2
[   35.211542]  ? entry_SYSENTER_compat+0x70/0x7f
[   35.216113]  ? aa_change_hat+0x1890/0x1890
[   35.220332]  ? find_held_lock+0x36/0x1c0
[   35.224381]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.229905]  ? check_preemption_disabled+0x48/0x200
[   35.234912]  ? check_preemption_disabled+0x48/0x200
[   35.239943]  ? __lock_is_held+0xb5/0x140
[   35.243991]  ? rcu_read_lock_sched_held+0x108/0x120
[   35.248991]  ? __kmalloc+0x5de/0x760
[   35.252688]  ? graph_lock+0x170/0x170
[   35.256475]  ? mark_held_locks+0x130/0x130
[   35.260695]  apparmor_setprocattr+0xa8b/0x1150
[   35.265287]  ? apparmor_task_kill+0xcb0/0xcb0
[   35.269800]  ? lock_downgrade+0x900/0x900
[   35.273938]  ? arch_local_save_flags+0x40/0x40
[   35.278521]  security_setprocattr+0x66/0xc0
[   35.282847]  proc_pid_attr_write+0x301/0x540
[   35.287260]  __vfs_write+0x119/0x9f0
[   35.290964]  ? check_preemption_disabled+0x48/0x200
[   35.295964]  ? proc_loginuid_write+0x4f0/0x4f0
[   35.300536]  ? kernel_read+0x120/0x120
[   35.304409]  ? __lock_is_held+0xb5/0x140
[   35.308474]  ? rcu_read_lock_sched_held+0x108/0x120
[   35.313480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   35.319003]  ? __sb_start_write+0x1b2/0x370
[   35.323311]  vfs_write+0x1fc/0x560
[   35.326838]  ksys_write+0x101/0x260
[   35.330450]  ? __ia32_sys_read+0xb0/0xb0
[   35.334496]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   35.339956]  __ia32_sys_write+0x71/0xb0
[   35.343936]  do_fast_syscall_32+0x34d/0xfb2
[   35.348283]  ? do_int80_syscall_32+0x890/0x890
[   35.352856]  ? entry_SYSENTER_compat+0x68/0x7f
[   35.357427]  ? trace_hardirqs_off_caller+0xbb/0x310
[   35.362863]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.368734]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.373582]  ? trace_hardirqs_on_caller+0x310/0x310
[   35.378611]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   35.383613]  ? prepare_exit_to_usermode+0x291/0x3b0
[   35.388617]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   35.393451]  entry_SYSENTER_compat+0x70/0x7f
[   35.397847] RIP: 0023:0xf7f8cca9
[   35.401267] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 0c 24 c3 8b 1c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   35.420158] RSP: 002b:00000000ffc7783c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[   35.427863] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[   35.435116] RDX: 000000000000002c RSI: 00000000ffc77984 RDI: 00000000ffc7798c
[   35.442382] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   35.449638] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   35.456914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   35.465487] Kernel Offset: disabled
[   35.469123] Rebooting in 86400 seconds..