[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   12.198099] audit: type=1400 audit(1513975244.200:6): avc:  denied  { map } for  pid=3124 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-kasan-gce-386-0,10.128.15.232' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   18.389188] audit: type=1400 audit(1513975250.391:7): avc:  denied  { map } for  pid=3138 comm="syzkaller380324" path="/root/syzkaller380324646" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   18.418128] ==================================================================
[   18.425516] BUG: KASAN: stack-out-of-bounds in rds_sendmsg+0x1f02/0x1f90
[   18.432323] Read of size 8 at addr ffff8801c90ef9e0 by task syzkaller380324/3138
[   18.439821] 
[   18.441421] CPU: 0 PID: 3138 Comm: syzkaller380324 Not tainted 4.15.0-rc4+ #144
[   18.448830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   18.458153] Call Trace:
[   18.460711]  dump_stack+0x194/0x257
[   18.464311]  ? arch_local_irq_restore+0x53/0x53
[   18.468948]  ? show_regs_print_info+0x18/0x18
[   18.473415]  ? _raw_spin_unlock_bh+0x30/0x40
[   18.477792]  ? rds_sendmsg+0x1f02/0x1f90
[   18.481823]  print_address_description+0x73/0x250
[   18.486634]  ? rds_sendmsg+0x1f02/0x1f90
[   18.490662]  kasan_report+0x25b/0x340
[   18.494442]  __asan_report_load8_noabort+0x14/0x20
[   18.499355]  rds_sendmsg+0x1f02/0x1f90
[   18.503247]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.507711]  ? lock_downgrade+0x980/0x980
[   18.511834]  ? sock_has_perm+0x2a4/0x420
[   18.515877]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   18.521214]  ? __might_sleep+0x95/0x190
[   18.525163]  ? kasan_check_write+0x14/0x20
[   18.529368]  ? _copy_from_user+0x99/0x110
[   18.533488]  ? selinux_socket_sendmsg+0x36/0x40
[   18.538131]  ? security_socket_sendmsg+0x89/0xb0
[   18.542858]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.547324]  sock_sendmsg+0xca/0x110
[   18.551011]  ___sys_sendmsg+0x320/0x8b0
[   18.554962]  ? copy_msghdr_from_user+0x590/0x590
[   18.559686]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   18.564671]  ? trace_hardirqs_on+0xd/0x10
[   18.568787]  ? _raw_spin_unlock_irq+0x27/0x70
[   18.573250]  ? finish_task_switch+0x1d3/0x740
[   18.577710]  ? finish_task_switch+0x1aa/0x740
[   18.582177]  ? copy_overflow+0x20/0x20
[   18.586035]  ? __fget_light+0x297/0x380
[   18.589985]  ? check_noncircular+0x20/0x20
[   18.594199]  ? check_noncircular+0x20/0x20
[   18.598402]  ? __pmd_alloc+0x4e0/0x4e0
[   18.602266]  ? __fdget+0x18/0x20
[   18.605605]  __sys_sendmmsg+0x31b/0x620
[   18.609544]  ? __sys_sendmmsg+0x31b/0x620
[   18.613666]  ? SyS_sendmsg+0x50/0x50
[   18.617353]  ? __do_page_fault+0x5f7/0xc90
[   18.621555]  ? lock_downgrade+0x980/0x980
[   18.625681]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   18.630232]  ? vmacache_find+0x5f/0x280
[   18.634180]  ? up_read+0x1a/0x40
[   18.637514]  ? __do_page_fault+0x3d6/0xc90
[   18.641728]  compat_SyS_sendmmsg+0x32/0x40
[   18.645932]  ? compat_SyS_sendmsg+0x40/0x40
[   18.650228]  do_fast_syscall_32+0x3ee/0xf9d
[   18.654523]  ? do_int80_syscall_32+0x9d0/0x9d0
[   18.659088]  ? kasan_check_read+0x11/0x20
[   18.663217]  ? syscall_return_slowpath+0x550/0x550
[   18.668123]  ? SyS_rt_sigaction+0x94/0x1b0
[   18.672329]  ? SyS_sigprocmask+0x4b0/0x4b0
[   18.676531]  ? SyS_read+0x184/0x220
[   18.680127]  ? retint_user+0x18/0x18
[   18.683813]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   18.688632]  entry_SYSENTER_compat+0x54/0x63
[   18.693008] RIP: 0023:0xf7f10c79
[   18.696341] RSP: 002b:00000000ffb2e29c EFLAGS: 00000286 ORIG_RAX: 0000000000000159
[   18.704020] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020573000
[   18.711260] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000015
[   18.718495] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[   18.725739] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   18.732979] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   18.740246] 
[   18.741839] The buggy address belongs to the page:
[   18.746735] page:00000000d42b8502 count:0 mapcount:0 mapping:          (null) index:0x0
[   18.754843] flags: 0x2fffc0000000000()
[   18.758699] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[   18.766544] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000
[   18.775258] page dumped because: kasan: bad access detected
[   18.780932] 
[   18.782524] Memory state around the buggy address:
[   18.787419]  ffff8801c90ef880: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2
[   18.794743]  ffff8801c90ef900: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[   18.802066] >ffff8801c90ef980: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 04 f2 f2 f2
[   18.809391]                                                        ^
[   18.815849]  ffff8801c90efa00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[   18.823173]  ffff8801c90efa80: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
[   18.830497] ==================================================================
[   18.837819] Disabling lock debugging due to kernel taint
[   18.843286] Kernel panic - not syncing: panic_on_warn set ...
[   18.843286] 
[   18.850635] CPU: 0 PID: 3138 Comm: syzkaller380324 Tainted: G    B            4.15.0-rc4+ #144
[   18.859349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   18.868667] Call Trace:
[   18.871238]  dump_stack+0x194/0x257
[   18.874833]  ? arch_local_irq_restore+0x53/0x53
[   18.879470]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   18.884192]  ? vsnprintf+0x1ed/0x1900
[   18.887963]  ? rds_sendmsg+0x1e50/0x1f90
[   18.891988]  panic+0x1e4/0x41c
[   18.895149]  ? refcount_error_report+0x214/0x214
[   18.899871]  ? add_taint+0x1c/0x50
[   18.903377]  ? add_taint+0x1c/0x50
[   18.906882]  ? rds_sendmsg+0x1f02/0x1f90
[   18.910921]  kasan_end_report+0x50/0x50
[   18.914860]  kasan_report+0x144/0x340
[   18.918627]  __asan_report_load8_noabort+0x14/0x20
[   18.923523]  rds_sendmsg+0x1f02/0x1f90
[   18.927384]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.931845]  ? lock_downgrade+0x980/0x980
[   18.935964]  ? sock_has_perm+0x2a4/0x420
[   18.939993]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   18.945325]  ? __might_sleep+0x95/0x190
[   18.949268]  ? kasan_check_write+0x14/0x20
[   18.953469]  ? _copy_from_user+0x99/0x110
[   18.957590]  ? selinux_socket_sendmsg+0x36/0x40
[   18.962230]  ? security_socket_sendmsg+0x89/0xb0
[   18.966953]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.971415]  sock_sendmsg+0xca/0x110
[   18.975096]  ___sys_sendmsg+0x320/0x8b0
[   18.979039]  ? copy_msghdr_from_user+0x590/0x590
[   18.983758]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   18.988738]  ? trace_hardirqs_on+0xd/0x10
[   18.992849]  ? _raw_spin_unlock_irq+0x27/0x70
[   18.997306]  ? finish_task_switch+0x1d3/0x740
[   19.001766]  ? finish_task_switch+0x1aa/0x740
[   19.006228]  ? copy_overflow+0x20/0x20
[   19.010082]  ? __fget_light+0x297/0x380
[   19.014024]  ? check_noncircular+0x20/0x20
[   19.018230]  ? check_noncircular+0x20/0x20
[   19.022428]  ? __pmd_alloc+0x4e0/0x4e0
[   19.026284]  ? __fdget+0x18/0x20
[   19.029616]  __sys_sendmmsg+0x31b/0x620
[   19.033560]  ? __sys_sendmmsg+0x31b/0x620
[   19.037674]  ? SyS_sendmsg+0x50/0x50
[   19.041355]  ? __do_page_fault+0x5f7/0xc90
[   19.045555]  ? lock_downgrade+0x980/0x980
[   19.049673]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   19.054222]  ? vmacache_find+0x5f/0x280
[   19.058164]  ? up_read+0x1a/0x40
[   19.061497]  ? __do_page_fault+0x3d6/0xc90
[   19.065703]  compat_SyS_sendmmsg+0x32/0x40
[   19.069904]  ? compat_SyS_sendmsg+0x40/0x40
[   19.074196]  do_fast_syscall_32+0x3ee/0xf9d
[   19.078486]  ? do_int80_syscall_32+0x9d0/0x9d0
[   19.083034]  ? kasan_check_read+0x11/0x20
[   19.087148]  ? syscall_return_slowpath+0x550/0x550
[   19.092043]  ? SyS_rt_sigaction+0x94/0x1b0
[   19.096246]  ? SyS_sigprocmask+0x4b0/0x4b0
[   19.100445]  ? SyS_read+0x184/0x220
[   19.104038]  ? retint_user+0x18/0x18
[   19.107718]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   19.112529]  entry_SYSENTER_compat+0x54/0x63
[   19.116904] RIP: 0023:0xf7f10c79
[   19.120235] RSP: 002b:00000000ffb2e29c EFLAGS: 00000286 ORIG_RAX: 0000000000000159
[   19.127907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020573000
[   19.135144] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000015
[   19.142385] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000
[   19.149618] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   19.156851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   19.164522] Dumping ftrace buffer:
[   19.168036]    (ftrace buffer empty)
[   19.171714] Kernel Offset: disabled
[   19.175317] Rebooting in 86400 seconds..