[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.
[   11.606404] audit: type=1400 audit(1513618354.572:6): avc:  denied  { map } for  pid=3124 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-kasan-gce-386-3,10.128.15.242' (ECDSA) to the list of known hosts.
syzkaller login: [   17.688480] audit: type=1400 audit(1513618360.654:7): avc:  denied  { map } for  pid=3138 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2017/12/18 17:32:40 parsed 1 programs
2017/12/18 17:32:40 executed programs: 0
[   17.795936] audit: type=1400 audit(1513618360.761:8): avc:  denied  { map } for  pid=3138 comm="syz-execprog" path="/root/syzkaller-shm793092575" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   17.889611] ==================================================================
[   17.897004] BUG: KASAN: stack-out-of-bounds in rds_sendmsg+0x1f02/0x1f90
[   17.903836] Read of size 8 at addr ffff8801c9197960 by task syz-executor0/3147
[   17.911295] 
[   17.912892] CPU: 0 PID: 3147 Comm: syz-executor0 Not tainted 4.15.0-rc4+ #137
[   17.920130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   17.929450] Call Trace:
[   17.932012]  dump_stack+0x194/0x257
[   17.935617]  ? arch_local_irq_restore+0x53/0x53
[   17.940252]  ? show_regs_print_info+0x18/0x18
[   17.944717]  ? _raw_spin_unlock_bh+0x30/0x40
[   17.949103]  ? rds_sendmsg+0x1f02/0x1f90
[   17.953133]  print_address_description+0x73/0x250
[   17.957943]  ? rds_sendmsg+0x1f02/0x1f90
[   17.961970]  kasan_report+0x25b/0x340
[   17.965752]  __asan_report_load8_noabort+0x14/0x20
[   17.970651]  rds_sendmsg+0x1f02/0x1f90
[   17.974520]  ? rds_send_drop_to+0x19d0/0x19d0
[   17.978984]  ? lock_downgrade+0x980/0x980
[   17.983106]  ? sock_has_perm+0x29c/0x400
[   17.987137]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   17.992472]  ? __might_sleep+0x95/0x190
[   17.996420]  ? kasan_check_write+0x14/0x20
[   18.000629]  ? _copy_from_user+0x99/0x110
[   18.004749]  ? selinux_socket_sendmsg+0x36/0x40
[   18.009383]  ? security_socket_sendmsg+0x89/0xb0
[   18.014107]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.018571]  sock_sendmsg+0xca/0x110
[   18.022254]  ___sys_sendmsg+0x31c/0x890
[   18.026202]  ? copy_msghdr_from_user+0x590/0x590
[   18.030930]  ? exit_robust_list+0x240/0x240
[   18.035220]  ? finish_task_switch+0x1d3/0x740
[   18.039693]  ? finish_task_switch+0x1aa/0x740
[   18.044160]  ? copy_overflow+0x20/0x20
[   18.048031]  ? __fget_light+0x297/0x380
[   18.051977]  ? fget_raw+0x20/0x20
[   18.055395]  ? check_noncircular+0x20/0x20
[   18.059601]  ? __handle_mm_fault+0x80e/0x3ce0
[   18.064066]  ? check_noncircular+0x20/0x20
[   18.068265]  ? __pmd_alloc+0x4e0/0x4e0
[   18.072127]  ? __fdget+0x18/0x20
[   18.075468]  __sys_sendmmsg+0x313/0x5f0
[   18.079408]  ? __sys_sendmmsg+0x313/0x5f0
[   18.083534]  ? SyS_sendmsg+0x50/0x50
[   18.087222]  ? __do_page_fault+0x5f7/0xc90
[   18.091425]  ? lock_downgrade+0x980/0x980
[   18.095558]  ? compat_SyS_futex+0x288/0x380
[   18.099851]  ? compat_SyS_get_robust_list+0x300/0x300
[   18.105014]  ? __do_page_fault+0x3d6/0xc90
[   18.109231]  compat_SyS_sendmmsg+0x32/0x40
[   18.113607]  ? compat_SyS_sendmsg+0x40/0x40
[   18.117990]  do_fast_syscall_32+0x3ee/0xf9d
[   18.122291]  ? do_int80_syscall_32+0x9d0/0x9d0
[   18.126839]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   18.131593]  ? syscall_return_slowpath+0x2ad/0x550
[   18.136495]  ? prepare_exit_to_usermode+0x340/0x340
[   18.141481]  ? sysret32_from_system_call+0x5/0x3b
[   18.146294]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   18.151110]  entry_SYSENTER_compat+0x51/0x60
[   18.155484] RIP: 0023:0xf7f2fc79
[   18.158812] RSP: 002b:00000000ff84459c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[   18.166487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020573000
[   18.173721] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[   18.180958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   18.188193] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   18.195429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   18.202684] 
[   18.204277] The buggy address belongs to the page:
[   18.209171] page:00000000495cf36f count:0 mapcount:0 mapping:          (null) index:0x0
[   18.217283] flags: 0x2fffc0000000000()
[   18.221144] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
[   18.229004] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000
[   18.236854] page dumped because: kasan: bad access detected
[   18.242525] 
[   18.244119] Memory state around the buggy address:
[   18.249020]  ffff8801c9197800: 00 00 f2 f2 f2 f3 f3 f3 f3 00 00 00 00 00 00 00
[   18.256349]  ffff8801c9197880: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[   18.263673] >ffff8801c9197900: 00 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 04 f2 f2 f2
[   18.271106]                                                        ^
[   18.277560]  ffff8801c9197980: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 00 00
[   18.284884]  ffff8801c9197a00: 00 00 00 00 f2 f2 f2 f2 00 00 00 00 00 00 00 00
[   18.292206] ==================================================================
[   18.299530] Disabling lock debugging due to kernel taint
[   18.305033] Kernel panic - not syncing: panic_on_warn set ...
[   18.305033] 
[   18.312372] CPU: 0 PID: 3147 Comm: syz-executor0 Tainted: G    B            4.15.0-rc4+ #137
[   18.320928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   18.330247] Call Trace:
[   18.332805]  dump_stack+0x194/0x257
[   18.336404]  ? arch_local_irq_restore+0x53/0x53
[   18.341042]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   18.345764]  ? vsnprintf+0x1ed/0x1900
[   18.349533]  ? rds_sendmsg+0x1e90/0x1f90
[   18.353559]  panic+0x1e4/0x41c
[   18.356715]  ? refcount_error_report+0x214/0x214
[   18.361435]  ? add_taint+0x1c/0x50
[   18.364940]  ? add_taint+0x1c/0x50
[   18.368446]  ? rds_sendmsg+0x1f02/0x1f90
[   18.372474]  kasan_end_report+0x50/0x50
[   18.376413]  kasan_report+0x144/0x340
[   18.380179]  __asan_report_load8_noabort+0x14/0x20
[   18.385075]  rds_sendmsg+0x1f02/0x1f90
[   18.388934]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.393396]  ? lock_downgrade+0x980/0x980
[   18.397513]  ? sock_has_perm+0x29c/0x400
[   18.401540]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   18.406867]  ? __might_sleep+0x95/0x190
[   18.410807]  ? kasan_check_write+0x14/0x20
[   18.415008]  ? _copy_from_user+0x99/0x110
[   18.419124]  ? selinux_socket_sendmsg+0x36/0x40
[   18.423756]  ? security_socket_sendmsg+0x89/0xb0
[   18.428476]  ? rds_send_drop_to+0x19d0/0x19d0
[   18.432939]  sock_sendmsg+0xca/0x110
[   18.436620]  ___sys_sendmsg+0x31c/0x890
[   18.440559]  ? copy_msghdr_from_user+0x590/0x590
[   18.446518]  ? exit_robust_list+0x240/0x240
[   18.450805]  ? finish_task_switch+0x1d3/0x740
[   18.455263]  ? finish_task_switch+0x1aa/0x740
[   18.459838]  ? copy_overflow+0x20/0x20
[   18.463693]  ? __fget_light+0x297/0x380
[   18.467631]  ? fget_raw+0x20/0x20
[   18.471048]  ? check_noncircular+0x20/0x20
[   18.475253]  ? __handle_mm_fault+0x80e/0x3ce0
[   18.480018]  ? check_noncircular+0x20/0x20
[   18.484399]  ? __pmd_alloc+0x4e0/0x4e0
[   18.488258]  ? __fdget+0x18/0x20
[   18.491593]  __sys_sendmmsg+0x313/0x5f0
[   18.495532]  ? __sys_sendmmsg+0x313/0x5f0
[   18.499649]  ? SyS_sendmsg+0x50/0x50
[   18.503332]  ? __do_page_fault+0x5f7/0xc90
[   18.507535]  ? lock_downgrade+0x980/0x980
[   18.511664]  ? compat_SyS_futex+0x288/0x380
[   18.515951]  ? compat_SyS_get_robust_list+0x300/0x300
[   18.521103]  ? __do_page_fault+0x3d6/0xc90
[   18.525306]  compat_SyS_sendmmsg+0x32/0x40
[   18.529504]  ? compat_SyS_sendmsg+0x40/0x40
[   18.533791]  do_fast_syscall_32+0x3ee/0xf9d
[   18.538079]  ? do_int80_syscall_32+0x9d0/0x9d0
[   18.542622]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   18.547345]  ? syscall_return_slowpath+0x2ad/0x550
[   18.552237]  ? prepare_exit_to_usermode+0x340/0x340
[   18.557249]  ? sysret32_from_system_call+0x5/0x3b
[   18.562061]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   18.566870]  entry_SYSENTER_compat+0x51/0x60
[   18.571241] RIP: 0023:0xf7f2fc79
[   18.574667] RSP: 002b:00000000ff84459c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[   18.582340] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020573000
[   18.589574] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[   18.596808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   18.604040] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   18.611273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   18.618947] Dumping ftrace buffer:
[   18.622465]    (ftrace buffer empty)
[   18.626139] Kernel Offset: disabled
[   18.629737] Rebooting in 86400 seconds..