[....] Starting enhanced syslogd: rsyslogd[ 13.834321] audit: type=1400 audit(1514862497.788:4): avc: denied { syslog } for pid=3177 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.239' (ECDSA) to the list of known hosts. 2018/01/02 03:08:29 parsed 1 programs 2018/01/02 03:08:29 executed programs: 0 syzkaller login: [ 25.159846] IPVS: Creating netns size=2536 id=1 [ 25.177201] audit: type=1400 audit(1514862509.138:5): avc: denied { set_context_mgr } for pid=3357 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 [ 25.201131] IPVS: Creating netns size=2536 id=2 [ 25.206138] audit: type=1400 audit(1514862509.178:6): avc: denied { call } for pid=3357 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 [ 25.221207] binder: send failed reply for transaction 4 to 3363:3364 [ 25.240500] IPVS: Creating netns size=2536 id=3 [ 25.241020] binder: 3363:3366 ERROR: BC_REGISTER_LOOPER called without request [ 25.254362] binder: send failed reply for transaction 6 to 3363:3364 [ 25.260881] ------------[ cut here ]------------ [ 25.265647] WARNING: CPU: 1 PID: 1553 at drivers/android/binder.c:2151 binder_send_failed_reply+0x147/0x3a0 [ 25.275520] Unexpected reply error: 29189 [ 25.279647] Kernel panic - not syncing: panic_on_warn set ... [ 25.279647] [ 25.281893] binder: BINDER_SET_CONTEXT_MGR already set [ 25.281902] binder: 3370:3373 ioctl 40046207 0 returned -16 [ 25.284164] binder: 3370:3371 got new transaction with bad transaction stack, transaction 8 has target 3370:0 [ 25.284172] binder: 3370:3371 transaction failed 29201/-71, size 0-0 line 3031 [ 25.286785] binder: BINDER_SET_CONTEXT_MGR already set [ 25.286790] binder: 3357:3376 ioctl 40046207 0 returned -16 [ 25.289330] binder_alloc: 3357: binder_alloc_buf, no vma [ 25.289342] binder: 3357:3361 transaction failed 29189/-3, size 0-0 line 3127 [ 25.303598] binder: BINDER_SET_CONTEXT_MGR already set [ 25.303603] binder: 3377:3382 ioctl 40046207 0 returned -16 [ 25.305850] binder: 3377:3379 got new transaction with bad transaction stack, transaction 12 has target 3377:0 [ 25.305858] binder: 3377:3379 transaction failed 29201/-71, size 0-0 line 3031 [ 25.307207] binder: BINDER_SET_CONTEXT_MGR already set [ 25.307211] binder: 3384:3386 ioctl 40046207 0 returned -16 [ 25.307305] binder_alloc: 3370: binder_alloc_buf, no vma [ 25.307315] binder: 3384:3386 transaction failed 29189/-3, size 0-0 line 3127 [ 25.313522] binder: BINDER_SET_CONTEXT_MGR already set [ 25.313526] binder: 3385:3389 ioctl 40046207 0 returned -16 [ 25.313624] binder_alloc: 3357: binder_alloc_buf, no vma [ 25.313635] binder: 3385:3389 transaction failed 29189/-3, size 0-0 line 3127 [ 25.325685] binder: BINDER_SET_CONTEXT_MGR already set [ 25.325690] binder: 3384:3388 ioctl 40046207 0 returned -16 [ 25.327764] binder: BINDER_SET_CONTEXT_MGR already set [ 25.327768] binder: 3392:3395 ioctl 40046207 0 returned -16 [ 25.327907] binder_alloc: 3377: binder_alloc_buf, no vma [ 25.327919] binder: 3392:3395 transaction failed 29189/-3, size 0-0 line 3127 [ 25.337451] binder: BINDER_SET_CONTEXT_MGR already set [ 25.337456] binder: 3385:3391 ioctl 40046207 0 returned -16 [ 25.342807] binder: BINDER_SET_CONTEXT_MGR already set [ 25.342813] binder: 3392:3397 ioctl 40046207 0 returned -16 [ 25.346439] binder: BINDER_SET_CONTEXT_MGR already set [ 25.346444] binder: 3399:3400 ioctl 40046207 0 returned -16 [ 25.346540] binder_alloc: 3370: binder_alloc_buf, no vma [ 25.346551] binder: 3399:3400 transaction failed 29189/-3, size 0-0 line 3127 [ 25.359179] binder: BINDER_SET_CONTEXT_MGR already set [ 25.359184] binder: 3399:3402 ioctl 40046207 0 returned -16 [ 25.366438] binder: BINDER_SET_CONTEXT_MGR already set [ 25.366443] binder: 3404:3406 ioctl 40046207 0 returned -16 [ 25.366545] binder_alloc: 3377: binder_alloc_buf, no vma [ 25.366555] binder: 3404:3406 transaction failed 29189/-3, size 0-0 line 3127 [ 25.369536] binder: BINDER_SET_CONTEXT_MGR already set [ 25.369540] binder: 3405:3407 ioctl 40046207 0 returned -16 [ 25.369636] binder_alloc: 3357: binder_alloc_buf, no vma [ 25.369646] binder: 3405:3407 transaction failed 29189/-3, size 0-0 line 3127 [ 25.379378] binder: BINDER_SET_CONTEXT_MGR already set [ 25.379383] binder: 3412:3413 ioctl 40046207 0 returned -16 [ 25.379482] binder_alloc: 3370: binder_alloc_buf, no vma [ 25.379494] binder: 3412:3413 transaction failed 29189/-3, size 0-0 line 3127 [ 25.387841] binder: BINDER_SET_CONTEXT_MGR already set [ 25.387847] binder: 3405:3411 ioctl 40046207 0 returned -16 [ 25.391666] binder: BINDER_SET_CONTEXT_MGR already set [ 25.391671] binder: 3412:3416 ioctl 40046207 0 returned -16 [ 25.397208] binder: BINDER_SET_CONTEXT_MGR already set [ 25.397214] binder: 3404:3410 ioctl 40046207 0 returned -16 [ 25.608601] CPU: 1 PID: 1553 Comm: kworker/1:2 Not tainted 4.9.73-gf3f3457 #11 [ 25.615926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.625263] Workqueue: events binder_deferred_func [ 25.630274] ffff8801d0a17910 ffffffff81d922b9 ffffffff83a46d00 ffff8801d0a179e8 [ 25.638231] ffffffff83eab500 ffffffff82d60a57 0000000000000009 ffff8801d0a179d8 [ 25.646184] ffffffff8142d741 0000000041b58ab3 ffffffff84189000 ffffffff8142d585 [ 25.654138] Call Trace: [ 25.656698] [] dump_stack+0xc1/0x128 [ 25.662031] [] ? binder_send_failed_reply+0x147/0x3a0 [ 25.668849] [] panic+0x1bc/0x3a8 [ 25.673833] [] ? percpu_up_read_preempt_enable.constprop.53+0xd7/0xd7 [ 25.682035] [] ? vprintk_emit+0x3ad/0x750 [ 25.687804] [] ? __warn+0x1a9/0x1e0 [ 25.693049] [] ? binder_send_failed_reply+0x147/0x3a0 [ 25.699859] [] __warn+0x1c4/0x1e0 [ 25.704927] [] warn_slowpath_fmt+0xc4/0x110 [ 25.710866] [] ? __warn+0x1e0/0x1e0 [ 25.716112] [] ? _binder_inner_proc_lock+0x2c/0x50 [ 25.722661] [] binder_send_failed_reply+0x147/0x3a0 [ 25.729304] [] binder_cleanup_transaction+0xd2/0x140 [ 25.736020] [] binder_release_work+0x1b0/0x260 [ 25.742227] [] ? _raw_spin_unlock+0x2c/0x50 [ 25.748169] [] binder_deferred_func+0x9a2/0xd10 [ 25.754457] [] ? __lock_is_held+0xa1/0xf0 [ 25.760226] [] process_one_work+0x7e0/0x1610 [ 25.766252] [] ? process_one_work+0x72c/0x1610 [ 25.772469] [] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 25.778933] [] worker_thread+0xe0/0x10d0 [ 25.784633] [] ? __schedule+0x683/0x1ba0 [ 25.790311] [] kthread+0x26d/0x300 [ 25.795478] [] ? process_one_work+0x1610/0x1610 [ 25.801767] [] ? kthread_park+0xa0/0xa0 [ 25.807646] [] ? kthread_park+0xa0/0xa0 [ 25.813337] [] ? kthread_park+0xa0/0xa0 [ 25.818940] [] ret_from_fork+0x2a/0x40 [ 25.824961] Dumping ftrace buffer: [ 25.828525] (ftrace buffer empty) [ 25.832216] Kernel Offset: disabled [ 25.835829] Rebooting in 86400 seconds..