[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   24.165691] audit: type=1800 audit(1537958639.832:21): pid=5188 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[   24.192599] audit: type=1800 audit(1537958639.842:22): pid=5188 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.49' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
syzkaller login: [   37.774694] kauditd_printk_skb: 8 callbacks suppressed
[   37.774708] audit: type=1400 audit(1537958653.442:31): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5344 comm="syz-executor289"
[   37.807124] audit: type=1400 audit(1537958653.472:32): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5345 comm="syz-executor289"
executing program
executing program
[   37.833865] audit: type=1400 audit(1537958653.502:33): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5346 comm="syz-executor289"
[   37.861249] audit: type=1400 audit(1537958653.532:34): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5347 comm="syz-executor289"
executing program
[   37.887756] audit: type=1400 audit(1537958653.562:35): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="&&" pid=5348 comm="syz-executor289"
[   37.906843] ==================================================================
[   37.914273] BUG: KASAN: stack-out-of-bounds in memcmp+0xe3/0x160
[   37.920442] Read of size 1 at addr ffff8801bb2af400 by task syz-executor289/5349
[   37.927952] 
[   37.929566] CPU: 0 PID: 5349 Comm: syz-executor289 Not tainted 4.19.0-rc5+ #255
[   37.936998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   37.946345] Call Trace:
[   37.948917]  dump_stack+0x1c4/0x2b4
[   37.952533]  ? dump_stack_print_info.cold.2+0x52/0x52
[   37.957709]  ? printk+0xa7/0xcf
[   37.960976]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[   37.965737]  print_address_description.cold.8+0x9/0x1ff
[   37.971093]  kasan_report.cold.9+0x242/0x309
[   37.975489]  ? memcmp+0xe3/0x160
[   37.978860]  __asan_report_load1_noabort+0x14/0x20
[   37.983776]  memcmp+0xe3/0x160
[   37.986958]  strnstr+0x4b/0x70
[   37.990140]  __aa_lookupn_ns+0xc1/0x570
[   37.994122]  ? aa_find_ns+0x30/0x30
[   37.997739]  ? lock_acquire+0x1ed/0x520
[   38.001699]  ? __aa_lookupn_ns+0x570/0x570
[   38.005921]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.011445]  ? check_preemption_disabled+0x48/0x200
[   38.016448]  ? kasan_check_read+0x11/0x20
[   38.020586]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   38.025865]  ? rcu_bh_qs+0xc0/0xc0
[   38.029411]  ? print_usage_bug+0xc0/0xc0
[   38.033465]  aa_lookupn_ns+0x88/0x1e0
[   38.037254]  aa_fqlookupn_profile+0x1b9/0x1010
[   38.041830]  ? lru_cache_add+0x417/0xa50
[   38.045882]  ? aa_lookup_profile+0x30/0x30
[   38.050105]  ? __lock_acquire+0x7ec/0x4ec0
[   38.054325]  ? noop_count+0x40/0x40
[   38.057938]  ? rcu_bh_qs+0xc0/0xc0
[   38.061468]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.066998]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   38.072451]  ? refcount_add_not_zero_checked+0x330/0x330
[   38.077889]  ? mark_held_locks+0x130/0x130
[   38.082129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.087666]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   38.093196]  fqlookupn_profile+0x80/0xc0
[   38.097254]  aa_label_strn_parse+0xa3a/0x1230
[   38.101753]  ? aa_label_printk+0x850/0x850
[   38.105977]  ? lockdep_on+0x50/0x50
[   38.109593]  ? graph_lock+0x170/0x170
[   38.113384]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.118907]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   38.124346]  ? refcount_add_not_zero_checked+0x330/0x330
[   38.129783]  ? graph_lock+0x170/0x170
[   38.133567]  ? find_held_lock+0x36/0x1c0
[   38.137616]  aa_label_parse+0x42/0x50
[   38.141412]  aa_change_profile+0x513/0x3510
[   38.145722]  ? lock_acquire+0x1ed/0x520
[   38.149701]  ? aa_change_hat+0x1a20/0x1a20
[   38.153925]  ? is_bpf_text_address+0xd3/0x170
[   38.158412]  ? __mutex_lock+0x85e/0x1700
[   38.162480]  ? proc_pid_attr_write+0x28a/0x540
[   38.167062]  ? mutex_trylock+0x2b0/0x2b0
[   38.171124]  ? save_stack+0xa9/0xd0
[   38.174734]  ? save_stack+0x43/0xd0
[   38.178343]  ? kasan_kmalloc+0xc7/0xe0
[   38.182232]  ? __kmalloc_track_caller+0x14a/0x750
[   38.187067]  ? memdup_user+0x2c/0xa0
[   38.190783]  ? proc_pid_attr_write+0x198/0x540
[   38.195363]  ? graph_lock+0x170/0x170
[   38.199149]  ? __x64_sys_write+0x73/0xb0
[   38.203197]  ? graph_lock+0x170/0x170
[   38.206988]  ? mark_held_locks+0x130/0x130
[   38.211228]  apparmor_setprocattr+0xaa4/0x1150
[   38.215799]  ? apparmor_task_kill+0xcb0/0xcb0
[   38.220282]  ? lock_downgrade+0x900/0x900
[   38.224421]  ? arch_local_save_flags+0x40/0x40
[   38.229000]  security_setprocattr+0x66/0xc0
[   38.233310]  proc_pid_attr_write+0x301/0x540
[   38.237706]  __vfs_write+0x119/0x9f0
[   38.241406]  ? check_preemption_disabled+0x48/0x200
[   38.246408]  ? proc_loginuid_write+0x4f0/0x4f0
[   38.250990]  ? kernel_read+0x120/0x120
[   38.254864]  ? __lock_is_held+0xb5/0x140
[   38.258918]  ? rcu_read_lock_sched_held+0x108/0x120
[   38.263923]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.269447]  ? __sb_start_write+0x1b2/0x370
[   38.273758]  vfs_write+0x1fc/0x560
[   38.277291]  ksys_write+0x101/0x260
[   38.280906]  ? __ia32_sys_read+0xb0/0xb0
[   38.284963]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   38.290402]  __x64_sys_write+0x73/0xb0
[   38.294277]  do_syscall_64+0x1b9/0x820
[   38.298159]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   38.303510]  ? syscall_return_slowpath+0x5e0/0x5e0
[   38.308426]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   38.313265]  ? trace_hardirqs_on_caller+0x310/0x310
[   38.318301]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   38.323312]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.328859]  ? prepare_exit_to_usermode+0x291/0x3b0
[   38.333966]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   38.338800]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   38.343972] RIP: 0033:0x440d49
[   38.347153] Code: e8 cc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   38.366046] RSP: 002b:00007ffd35060f28 EFLAGS: 00000213 ORIG_RAX: 0000000000000001
[   38.373738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d49
[   38.380989] RDX: 0000000000000009 RSI: 0000000020000040 RDI: 0000000000000003
[   38.388244] RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8
[   38.395495] R10: 0000000001836880 R11: 0000000000000213 R12: 00000000000093df
[   38.402748] R13: 0000000000401d20 R14: 0000000000000000 R15: 0000000000000000
[   38.410006] 
[   38.411614] The buggy address belongs to the page:
[   38.416525] page:ffffea0006ecabc0 count:0 mapcount:0 mapping:0000000000000000 index:0x0
[   38.424671] flags: 0x2fffc0000000000()
[   38.428551] raw: 02fffc0000000000 0000000000000000 ffffffff06ec0101 0000000000000000
[   38.436424] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   38.444284] page dumped because: kasan: bad access detected
[   38.449986] 
[   38.451592] Memory state around the buggy address:
[   38.456505]  ffff8801bb2af300: f2 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.463845]  ffff8801bb2af380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1
[   38.471185] >ffff8801bb2af400: f1 f1 f1 f8 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2
[   38.478540]                    ^
[   38.481891]  ffff8801bb2af480: f2 f2 f2 f8 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2
[   38.489235]  ffff8801bb2af500: f2 f2 f2 00 00 00 00 00 00 00 00 f3 f3 f3 f3 00
[   38.496570] ==================================================================
[   38.503907] Disabling lock debugging due to kernel taint
[   38.509841] Kernel panic - not syncing: panic_on_warn set ...
[   38.509841] 
[   38.517240] CPU: 0 PID: 5349 Comm: syz-executor289 Tainted: G    B             4.19.0-rc5+ #255
[   38.526058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.535391] Call Trace:
[   38.537966]  dump_stack+0x1c4/0x2b4
[   38.541580]  ? dump_stack_print_info.cold.2+0x52/0x52
[   38.546781]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   38.551524]  panic+0x238/0x4e7
[   38.554714]  ? add_taint.cold.5+0x16/0x16
[   38.558851]  ? preempt_schedule+0x4d/0x60
[   38.562997]  ? ___preempt_schedule+0x16/0x18
[   38.567390]  ? trace_hardirqs_on+0xb4/0x310
[   38.571696]  kasan_end_report+0x47/0x4f
[   38.575664]  kasan_report.cold.9+0x76/0x309
[   38.579969]  ? memcmp+0xe3/0x160
[   38.583319]  __asan_report_load1_noabort+0x14/0x20
[   38.588228]  memcmp+0xe3/0x160
[   38.591404]  strnstr+0x4b/0x70
[   38.594581]  __aa_lookupn_ns+0xc1/0x570
[   38.598542]  ? aa_find_ns+0x30/0x30
[   38.602154]  ? lock_acquire+0x1ed/0x520
[   38.606114]  ? __aa_lookupn_ns+0x570/0x570
[   38.610337]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.615876]  ? check_preemption_disabled+0x48/0x200
[   38.620886]  ? kasan_check_read+0x11/0x20
[   38.625020]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[   38.630281]  ? rcu_bh_qs+0xc0/0xc0
[   38.633805]  ? print_usage_bug+0xc0/0xc0
[   38.637861]  aa_lookupn_ns+0x88/0x1e0
[   38.641670]  aa_fqlookupn_profile+0x1b9/0x1010
[   38.646250]  ? lru_cache_add+0x417/0xa50
[   38.650296]  ? aa_lookup_profile+0x30/0x30
[   38.654512]  ? __lock_acquire+0x7ec/0x4ec0
[   38.658734]  ? noop_count+0x40/0x40
[   38.662357]  ? rcu_bh_qs+0xc0/0xc0
[   38.665881]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.671402]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   38.676840]  ? refcount_add_not_zero_checked+0x330/0x330
[   38.682272]  ? mark_held_locks+0x130/0x130
[   38.686491]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.692009]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   38.697530]  fqlookupn_profile+0x80/0xc0
[   38.701581]  aa_label_strn_parse+0xa3a/0x1230
[   38.706076]  ? aa_label_printk+0x850/0x850
[   38.710297]  ? lockdep_on+0x50/0x50
[   38.713908]  ? graph_lock+0x170/0x170
[   38.717699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.723220]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[   38.728705]  ? refcount_add_not_zero_checked+0x330/0x330
[   38.734140]  ? graph_lock+0x170/0x170
[   38.737928]  ? find_held_lock+0x36/0x1c0
[   38.741974]  aa_label_parse+0x42/0x50
[   38.745759]  aa_change_profile+0x513/0x3510
[   38.750066]  ? lock_acquire+0x1ed/0x520
[   38.754028]  ? aa_change_hat+0x1a20/0x1a20
[   38.758249]  ? is_bpf_text_address+0xd3/0x170
[   38.762731]  ? __mutex_lock+0x85e/0x1700
[   38.766775]  ? proc_pid_attr_write+0x28a/0x540
[   38.771339]  ? mutex_trylock+0x2b0/0x2b0
[   38.775384]  ? save_stack+0xa9/0xd0
[   38.778992]  ? save_stack+0x43/0xd0
[   38.782599]  ? kasan_kmalloc+0xc7/0xe0
[   38.786469]  ? __kmalloc_track_caller+0x14a/0x750
[   38.791292]  ? memdup_user+0x2c/0xa0
[   38.794991]  ? proc_pid_attr_write+0x198/0x540
[   38.799568]  ? graph_lock+0x170/0x170
[   38.803354]  ? __x64_sys_write+0x73/0xb0
[   38.807398]  ? graph_lock+0x170/0x170
[   38.811197]  ? mark_held_locks+0x130/0x130
[   38.815415]  apparmor_setprocattr+0xaa4/0x1150
[   38.819982]  ? apparmor_task_kill+0xcb0/0xcb0
[   38.824462]  ? lock_downgrade+0x900/0x900
[   38.828597]  ? arch_local_save_flags+0x40/0x40
[   38.833170]  security_setprocattr+0x66/0xc0
[   38.837475]  proc_pid_attr_write+0x301/0x540
[   38.841869]  __vfs_write+0x119/0x9f0
[   38.845572]  ? check_preemption_disabled+0x48/0x200
[   38.850582]  ? proc_loginuid_write+0x4f0/0x4f0
[   38.855147]  ? kernel_read+0x120/0x120
[   38.859020]  ? __lock_is_held+0xb5/0x140
[   38.863067]  ? rcu_read_lock_sched_held+0x108/0x120
[   38.868066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.873586]  ? __sb_start_write+0x1b2/0x370
[   38.877894]  vfs_write+0x1fc/0x560
[   38.881417]  ksys_write+0x101/0x260
[   38.885027]  ? __ia32_sys_read+0xb0/0xb0
[   38.889074]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   38.894511]  __x64_sys_write+0x73/0xb0
[   38.898383]  do_syscall_64+0x1b9/0x820
[   38.902254]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   38.907601]  ? syscall_return_slowpath+0x5e0/0x5e0
[   38.912512]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   38.917342]  ? trace_hardirqs_on_caller+0x310/0x310
[   38.922340]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   38.927337]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   38.932881]  ? prepare_exit_to_usermode+0x291/0x3b0
[   38.937885]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   38.942715]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   38.947910] RIP: 0033:0x440d49
[   38.951089] Code: e8 cc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   38.969972] RSP: 002b:00007ffd35060f28 EFLAGS: 00000213 ORIG_RAX: 0000000000000001
[   38.977670] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d49
[   38.984920] RDX: 0000000000000009 RSI: 0000000020000040 RDI: 0000000000000003
[   38.992170] RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8
[   38.999421] R10: 0000000001836880 R11: 0000000000000213 R12: 00000000000093df
[   39.006676] R13: 0000000000401d20 R14: 0000000000000000 R15: 0000000000000000
[   39.014920] Kernel Offset: disabled
[   39.018540] Rebooting in 86400 seconds..