[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 9.559637] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.808061] random: crng init done Warning: Permanently added '10.128.10.12' (ECDSA) to the list of known hosts. 2018/11/14 06:56:56 parsed 1 programs 2018/11/14 06:56:58 executed programs: 0 [ 50.461730] ip (2755) used greatest stack depth: 24376 bytes left [ 53.736344] audit: type=1400 audit(1542178622.559:5): avc: denied { associate } for pid=2069 comm="syz-executor2" name="syz2" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 54.059169] ================================================================== [ 54.066564] BUG: KASAN: user-memory-access in n_tty_set_termios+0xf6/0xd30 [ 54.073575] Write of size 512 at addr 0000000000001060 by task syz-executor3/4753 [ 54.081181] [ 54.082807] CPU: 1 PID: 4753 Comm: syz-executor3 Not tainted 4.9.135+ #65 [ 54.089726] ffff8801d993f708 ffffffff81b42b89 0000000000001060 0000000000000200 [ 54.097814] 0000000000000001 000000000000005d ffff8801d993f848 ffff8801d993f750 [ 54.105897] ffffffff81500be2 ffffffff81d2f416 0000000000000286 31f22736ef2afe96 [ 54.113969] Call Trace: [ 54.116560] [] dump_stack+0xc1/0x128 [ 54.121929] [] kasan_report.cold.6+0x6d/0x2fe [ 54.128073] [] ? n_tty_set_termios+0xf6/0xd30 [ 54.134218] [] check_memory_region+0x14d/0x1b0 [ 54.140449] [] memset+0x23/0x40 [ 54.145615] [] n_tty_set_termios+0xf6/0xd30 [ 54.151590] [] ? process_echoes+0x150/0x150 [ 54.157559] [] tty_set_termios+0x626/0x8a0 [ 54.163443] [] ? tty_wait_until_sent+0x4d0/0x4d0 [ 54.169843] [] ? tty_ldisc_ref+0x71/0x80 [ 54.175553] [] ? ldsem_up_read+0x3a/0x70 [ 54.181264] [] set_termios+0x38f/0x620 [ 54.186806] [] ? __tty_perform_flush+0x220/0x220 [ 54.193209] [] ? vfs_setxattr+0xbe/0xe0 [ 54.198833] [] ? ldsem_down_read+0x32/0x40 [ 54.204719] [] tty_mode_ioctl+0x8c2/0x980 [ 54.210512] [] ? tty_perform_flush+0x80/0x80 [ 54.216567] [] ? __ldsem_down_read_nested+0xce/0x610 [ 54.223317] [] ? ldsem_down_read+0x32/0x40 [ 54.229201] [] ? get_futex_key_refs.isra.4+0xa0/0xa0 [ 54.235955] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 54.242802] [] ? __ldsem_wake+0x330/0x330 [ 54.248600] [] n_tty_ioctl_helper+0x44/0x370 [ 54.255121] [] n_tty_ioctl+0x46/0x2e0 [ 54.260569] [] ? ldsem_down_read+0x32/0x40 [ 54.266450] [] tty_ioctl+0x440/0x2190 [ 54.271901] [] ? n_tty_receive_buf+0x40/0x40 [ 54.277958] [] ? no_tty+0xa0/0xa0 [ 54.283091] [] ? avc_ss_reset+0x110/0x110 [ 54.288897] [] ? __lock_acquire+0x654/0x4a10 [ 54.294954] [] ? __might_sleep+0x95/0x1a0 [ 54.300747] [] ? no_tty+0xa0/0xa0 [ 54.305840] [] do_vfs_ioctl+0x1ac/0x11a0 [ 54.311529] [] ? ioctl_preallocate+0x220/0x220 [ 54.317740] [] ? selinux_parse_skb.constprop.42+0x1a90/0x1a90 [ 54.325260] [] ? check_preemption_disabled+0x3b/0x170 [ 54.332098] [] ? __fget+0x214/0x3d0 [ 54.337353] [] ? __fget+0x23b/0x3d0 [ 54.342608] [] ? __fget+0x47/0x3d0 [ 54.347773] [] ? security_file_ioctl+0x8f/0xc0 [ 54.353990] [] SyS_ioctl+0x8f/0xc0 [ 54.359156] [] ? do_vfs_ioctl+0x11a0/0x11a0 [ 54.365107] [] do_syscall_64+0x19f/0x550 [ 54.370803] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 54.377709] ================================================================== [ 54.385059] Disabling lock debugging due to kernel taint [ 54.391694] Kernel panic - not syncing: panic_on_warn set ... [ 54.391694] [ 54.399073] CPU: 1 PID: 4753 Comm: syz-executor3 Tainted: G B 4.9.135+ #65 [ 54.407206] ffff8801d993f630 ffffffff81b42b89 ffffffff82e371c0 00000000ffffffff [ 54.415289] 0000000000000000 0000000000000001 ffff8801d993f848 ffff8801d993f6f0 [ 54.423366] ffffffff813f6aa5 0000000041b58ab3 ffffffff82e2b1c3 ffffffff813f68e6 [ 54.431458] Call Trace: [ 54.434054] [] dump_stack+0xc1/0x128 [ 54.439419] [] panic+0x1bf/0x39f [ 54.444464] [] ? add_taint.cold.6+0x16/0x16 [ 54.450435] [] ? ___preempt_schedule+0x16/0x18 2018/11/14 06:57:03 executed programs: 25 [ 54.456668] [] kasan_end_report+0x47/0x4f [ 54.462463] [] kasan_report.cold.6+0x76/0x2fe [ 54.468605] [] ? n_tty_set_termios+0xf6/0xd30 [ 54.474753] [] check_memory_region+0x14d/0x1b0 [ 54.480993] [] memset+0x23/0x40 [ 54.485932] [] n_tty_set_termios+0xf6/0xd30 [ 54.491904] [] ? process_echoes+0x150/0x150 [ 54.497871] [] tty_set_termios+0x626/0x8a0 [ 54.503756] [] ? tty_wait_until_sent+0x4d0/0x4d0 [ 54.510167] [] ? tty_ldisc_ref+0x71/0x80 [ 54.515878] [] ? ldsem_up_read+0x3a/0x70 [ 54.521587] [] set_termios+0x38f/0x620 [ 54.527125] [] ? __tty_perform_flush+0x220/0x220 [ 54.533523] [] ? vfs_setxattr+0xbe/0xe0 [ 54.539136] [] ? ldsem_down_read+0x32/0x40 [ 54.545007] [] tty_mode_ioctl+0x8c2/0x980 [ 54.550793] [] ? tty_perform_flush+0x80/0x80 [ 54.556831] [] ? __ldsem_down_read_nested+0xce/0x610 [ 54.563562] [] ? ldsem_down_read+0x32/0x40 [ 54.569425] [] ? get_futex_key_refs.isra.4+0xa0/0xa0 [ 54.576156] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 54.582973] [] ? __ldsem_wake+0x330/0x330 [ 54.588748] [] n_tty_ioctl_helper+0x44/0x370 [ 54.594810] [] n_tty_ioctl+0x46/0x2e0 [ 54.600243] [] ? ldsem_down_read+0x32/0x40 [ 54.606104] [] tty_ioctl+0x440/0x2190 [ 54.611532] [] ? n_tty_receive_buf+0x40/0x40 [ 54.617568] [] ? no_tty+0xa0/0xa0 [ 54.622649] [] ? avc_ss_reset+0x110/0x110 [ 54.628425] [] ? __lock_acquire+0x654/0x4a10 [ 54.634461] [] ? __might_sleep+0x95/0x1a0 [ 54.640234] [] ? no_tty+0xa0/0xa0 [ 54.645344] [] do_vfs_ioctl+0x1ac/0x11a0 [ 54.651039] [] ? ioctl_preallocate+0x220/0x220 [ 54.657269] [] ? selinux_parse_skb.constprop.42+0x1a90/0x1a90 [ 54.664789] [] ? check_preemption_disabled+0x3b/0x170 [ 54.671606] [] ? __fget+0x214/0x3d0 [ 54.676864] [] ? __fget+0x23b/0x3d0 [ 54.682146] [] ? __fget+0x47/0x3d0 [ 54.687315] [] ? security_file_ioctl+0x8f/0xc0 [ 54.693526] [] SyS_ioctl+0x8f/0xc0 [ 54.698698] [] ? do_vfs_ioctl+0x11a0/0x11a0 [ 54.704659] [] do_syscall_64+0x19f/0x550 [ 54.710354] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 54.717569] Kernel Offset: disabled [ 54.721190] Rebooting in 86400 seconds..