[....] Starting enhanced syslogd: rsyslogd[ 11.629906] audit: type=1400 audit(1513764739.208:4): avc: denied { syslog } for pid=3167 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-8,10.128.0.34' (ECDSA) to the list of known hosts. net.ipv6.conf.syz0.accept_dad = 0 net.ipv6.conf.syz0.router_solicitations = 0 executing program syzkaller login: [ 47.087897] IPVS: Creating netns size=2536 id=1 [ 47.139232] sg_write: data in/out 36090/8 bytes for SCSI command 0x67-- guessing data in; [ 47.139232] program syzkaller318660 not setting count and/or reply_len properly [ 47.142552] ================================================================== [ 47.142563] BUG: KASAN: wild-memory-access in sg_read+0x1296/0x1440 [ 47.142566] Read of size 26 at addr ffe7087452d97000 by task syzkaller318660/3362 [ 47.142567] [ 47.142572] CPU: 1 PID: 3362 Comm: syzkaller318660 Not tainted 4.9.70-gc14c7b3 #110 [ 47.142575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.142583] ffff8801c7ef7a38 ffffffff81d90c49 ffe7087452d97000 000000000000001a [ 47.142587] 0000000000000000 ffff8801c93a3120 ffff8801c7d8c340 ffff8801c7ef7a80 [ 47.142592] ffffffff8153aafe ffffffff82662d46 0000000000000282 b1305061a78bfb3d [ 47.142593] Call Trace: [ 47.142599] [] dump_stack+0xc1/0x128 [ 47.142605] [] kasan_report+0x15e/0x360 [ 47.142608] [] ? sg_read+0x1296/0x1440 [ 47.142612] [] check_memory_region+0x137/0x190 [ 47.142616] [] kasan_check_read+0x11/0x20 [ 47.142620] [] sg_read+0x1296/0x1440 [ 47.142624] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142630] [] ? fsnotify+0xf30/0xf30 [ 47.142635] [] ? avc_policy_seqno+0x9/0x20 [ 47.142640] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 47.142646] [] ? security_file_permission+0x89/0x1e0 [ 47.142650] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142654] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142657] [] do_readv_writev+0x520/0x750 [ 47.142660] [] ? vfs_write+0x530/0x530 [ 47.142664] [] ? __fget+0x201/0x3a0 [ 47.142667] [] ? __fget+0x228/0x3a0 [ 47.142670] [] ? __fget+0x47/0x3a0 [ 47.142673] [] vfs_readv+0x84/0xc0 [ 47.142677] [] do_readv+0xe6/0x250 [ 47.142680] [] ? vfs_readv+0xc0/0xc0 [ 47.142686] [] ? entry_SYSCALL_64_fastpath+0x5/0xc6 [ 47.142692] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 47.142696] [] SyS_readv+0x27/0x30 [ 47.142700] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 47.142702] ================================================================== [ 47.142703] Disabling lock debugging due to kernel taint [ 47.142705] Kernel panic - not syncing: panic_on_warn set ... [ 47.142705] [ 47.142709] CPU: 1 PID: 3362 Comm: syzkaller318660 Tainted: G B 4.9.70-gc14c7b3 #110 [ 47.142711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.142716] ffff8801c7ef7958 ffffffff81d90c49 ffffffff84193817 ffff8801c7ef7a30 [ 47.142720] 0000000000000000 ffff8801c93a3120 ffff8801c7d8c340 ffff8801c7ef7a20 [ 47.142725] ffffffff8142c481 0000000041b58ab3 ffffffff84187288 ffffffff8142c2c5 [ 47.142726] Call Trace: [ 47.142729] [] dump_stack+0xc1/0x128 [ 47.142734] [] panic+0x1bc/0x3a8 [ 47.142738] [] ? percpu_up_read_preempt_enable.constprop.54+0xd7/0xd7 [ 47.142742] [] kasan_end_report+0x50/0x50 [ 47.142745] [] kasan_report+0x167/0x360 [ 47.142749] [] ? sg_read+0x1296/0x1440 [ 47.142752] [] check_memory_region+0x137/0x190 [ 47.142755] [] kasan_check_read+0x11/0x20 [ 47.142759] [] sg_read+0x1296/0x1440 [ 47.142763] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142767] [] ? fsnotify+0xf30/0xf30 [ 47.142770] [] ? avc_policy_seqno+0x9/0x20 [ 47.142774] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 47.142778] [] ? security_file_permission+0x89/0x1e0 [ 47.142782] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142786] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 47.142790] [] do_readv_writev+0x520/0x750 [ 47.142793] [] ? vfs_write+0x530/0x530 [ 47.142796] [] ? __fget+0x201/0x3a0 [ 47.142799] [] ? __fget+0x228/0x3a0 [ 47.142802] [] ? __fget+0x47/0x3a0 [ 47.142805] [] vfs_readv+0x84/0xc0 [ 47.142809] [] do_readv+0xe6/0x250 [ 47.142812] [] ? vfs_readv+0xc0/0xc0 [ 47.142816] [] ? entry_SYSCALL_64_fastpath+0x5/0xc6 [ 47.142820] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 47.142823] [] SyS_readv+0x27/0x30 [ 47.142827] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 47.155142] Dumping ftrace buffer: [ 47.155145] (ftrace buffer empty) [ 47.155147] Kernel Offset: disabled [ 47.606095] Rebooting in 86400 seconds..