[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 16.643186] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.293252] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 21.602376] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 22.370119] random: sshd: uninitialized urandom read (32 bytes read, 94 bits of entropy available) [ 22.534482] random: sshd: uninitialized urandom read (32 bytes read, 96 bits of entropy available) Warning: Permanently added 'ci-android-44-kasan-gce-386-2,10.128.15.221' (ECDSA) to the list of known hosts. [ 27.937710] random: sshd: uninitialized urandom read (32 bytes read, 104 bits of entropy available) executing program [ 28.045450] IPVS: set_ctl: invalid protocol: 45975 236.44.193.237:56990 晴 [ 28.058673] ================================================================== [ 28.066065] BUG: KASAN: stack-out-of-bounds in strnlen+0xc1/0xd0 [ 28.072188] Read of size 1 at addr ffff8800b4a9fcc4 by task syzkaller160407/3328 [ 28.079695] [ 28.081291] CPU: 1 PID: 3328 Comm: syzkaller160407 Not tainted 4.4.107-g610c835 #4 [ 28.088971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.098397] 0000000000000000 38191bb260e0c42e ffff8800b4a9f718 ffffffff81d0457d [ 28.106375] ffffea0002d2a7c0 ffff8800b4a9fcc4 0000000000000000 ffff8800b4a9fcc4 [ 28.114329] ffffffff856b29c0 ffff8800b4a9f750 ffffffff814fbb23 ffff8800b4a9fcc4 [ 28.122286] Call Trace: [ 28.124844] [] dump_stack+0xc1/0x124 [ 28.130186] [] print_address_description+0x73/0x260 [ 28.136826] [] kasan_report+0x285/0x370 [ 28.142419] [] ? strnlen+0xc1/0xd0 [ 28.147573] [] __asan_report_load1_noabort+0x14/0x20 [ 28.154300] [] strnlen+0xc1/0xd0 [ 28.159297] [] string.isra.4+0x4c/0x240 [ 28.164891] [] ? format_decode+0x118/0xa50 [ 28.170754] [] vsnprintf+0x766/0x15f0 [ 28.176169] [] ? pointer.isra.22+0xa00/0xa00 [ 28.182192] [] vscnprintf+0x2d/0x60 [ 28.187434] [] vprintk_emit+0xdb/0x850 [ 28.192939] [] ? mark_held_locks+0xaf/0x100 [ 28.198884] [] vprintk+0x28/0x30 [ 28.203868] [] vprintk_default+0x1d/0x30 [ 28.209555] [] printk+0xb7/0xe2 [ 28.214451] [] ? pm_qos_get_value.part.4+0xb/0xb [ 28.220836] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 28.227034] [] do_ip_vs_set_ctl+0x9b7/0xba0 [ 28.232988] [] ? ip_vs_genl_set_cmd+0x9a0/0x9a0 [ 28.239274] [] ? __lock_is_held+0xa1/0xf0 [ 28.245038] [] ? mark_held_locks+0xaf/0x100 [ 28.250975] [] ? mutex_lock_nested+0x5d4/0x850 [ 28.257180] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 28.263993] [] ? mutex_unlock+0x9/0x10 [ 28.269497] [] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 28.276564] [] compat_nf_setsockopt+0xfa/0x130 [ 28.282763] [] compat_ip_setsockopt+0x9d/0xf0 [ 28.288891] [] compat_udp_setsockopt+0x45/0x80 [ 28.295097] [] compat_sock_common_setsockopt+0xb2/0x140 [ 28.302085] [] ? udp_lib_setsockopt+0x560/0x560 [ 28.308373] [] compat_SyS_setsockopt+0x149/0x290 [ 28.314745] [] ? sock_common_setsockopt+0xd0/0xd0 [ 28.321205] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 28.327760] [] ? vmacache_update+0xfe/0x130 [ 28.333699] [] ? do_fast_syscall_32+0xd7/0x890 [ 28.339905] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 28.346449] [] do_fast_syscall_32+0x314/0x890 [ 28.352570] [] sysenter_flags_fixed+0xd/0x17 [ 28.358590] [ 28.360184] The buggy address belongs to the page: [ 28.365080] page:ffffea0002d2a7c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 28.373185] flags: 0x4000000000000000() [ 28.377261] page dumped because: kasan: bad access detected [ 28.382943] [ 28.384535] Memory state around the buggy address: [ 28.389429] ffff8800b4a9fb80: 00 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 04 f2 f2 [ 28.396760] ffff8800b4a9fc00: f2 f2 f2 f2 00 00 00 00 00 00 00 00 f2 f2 f2 f2 [ 28.404081] >ffff8800b4a9fc80: 00 00 00 00 00 00 00 00 04 f2 f2 f2 00 00 00 00 [ 28.411404] ^ [ 28.416820] ffff8800b4a9fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.424144] ffff8800b4a9fd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.431472] ================================================================== [ 28.438803] Kernel panic - not syncing: panic_on_warn set ... [ 28.438803] [ 28.446130] CPU: 1 PID: 3328 Comm: syzkaller160407 Tainted: G B 4.4.107-g610c835 #4 [ 28.455023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.464342] 0000000000000000 38191bb260e0c42e ffff8800b4a9f670 ffffffff81d0457d [ 28.472306] ffffffff83fb2cde ffff8800b4a9f748 0000000000000000 ffff8800b4a9fcc4 [ 28.480258] ffffffff856b29c0 ffff8800b4a9f738 ffffffff8141774a 0000000041b58ab3 [ 28.488220] Call Trace: [ 28.490776] [] dump_stack+0xc1/0x124 [ 28.496116] [] panic+0x1aa/0x388 [ 28.501108] [] ? percpu_up_read.constprop.45+0xe1/0xe1 [ 28.507999] [] ? pm_qos_get_value.part.4+0xb/0xb [ 28.514369] [] kasan_end_report+0x50/0x50 [ 28.520130] [] kasan_report+0x15c/0x370 [ 28.525719] [] ? strnlen+0xc1/0xd0 [ 28.530874] [] __asan_report_load1_noabort+0x14/0x20 [ 28.537590] [] strnlen+0xc1/0xd0 [ 28.542573] [] string.isra.4+0x4c/0x240 [ 28.548161] [] ? format_decode+0x118/0xa50 [ 28.554009] [] vsnprintf+0x766/0x15f0 [ 28.559431] [] ? pointer.isra.22+0xa00/0xa00 [ 28.565461] [] vscnprintf+0x2d/0x60 [ 28.570703] [] vprintk_emit+0xdb/0x850 [ 28.576206] [] ? mark_held_locks+0xaf/0x100 [ 28.582146] [] vprintk+0x28/0x30 [ 28.587135] [] vprintk_default+0x1d/0x30 [ 28.592822] [] printk+0xb7/0xe2 [ 28.597717] [] ? pm_qos_get_value.part.4+0xb/0xb [ 28.604100] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 28.610298] [] do_ip_vs_set_ctl+0x9b7/0xba0 [ 28.616242] [] ? ip_vs_genl_set_cmd+0x9a0/0x9a0 [ 28.622524] [] ? __lock_is_held+0xa1/0xf0 [ 28.628288] [] ? mark_held_locks+0xaf/0x100 [ 28.634225] [] ? mutex_lock_nested+0x5d4/0x850 [ 28.640430] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 28.647235] [] ? mutex_unlock+0x9/0x10 [ 28.652739] [] ? nf_sockopt_find.constprop.0+0x1a7/0x220 [ 28.659802] [] compat_nf_setsockopt+0xfa/0x130 [ 28.666000] [] compat_ip_setsockopt+0x9d/0xf0 [ 28.672118] [] compat_udp_setsockopt+0x45/0x80 [ 28.678323] [] compat_sock_common_setsockopt+0xb2/0x140 [ 28.685301] [] ? udp_lib_setsockopt+0x560/0x560 [ 28.691597] [] compat_SyS_setsockopt+0x149/0x290 [ 28.697970] [] ? sock_common_setsockopt+0xd0/0xd0 [ 28.704435] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 28.710980] [] ? vmacache_update+0xfe/0x130 [ 28.716916] [] ? do_fast_syscall_32+0xd7/0x890 [ 28.723115] [] ? scm_detach_fds_compat+0x3c0/0x3c0 [ 28.729666] [] do_fast_syscall_32+0x314/0x890 [ 28.735777] [] sysenter_flags_fixed+0xd/0x17 [ 28.742248] Dumping ftrace buffer: [ 28.745757] (ftrace buffer empty) [ 28.749434] Kernel Offset: disabled [ 28.753028] Rebooting in 86400 seconds..