[   14.807765] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   20.692350] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available)
[   20.944285] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available)
[   21.761416] random: sshd: uninitialized urandom read (32 bytes read, 96 bits of entropy available)
[   33.886423] random: sshd: uninitialized urandom read (32 bytes read, 105 bits of entropy available)
Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts.
[   39.247296] random: sshd: uninitialized urandom read (32 bytes read, 109 bits of entropy available)
executing program
[   39.336140] ==================================================================
[   39.343520] BUG: KASAN: slab-out-of-bounds in strnlen+0xc1/0xd0
[   39.349547] Read of size 1 at addr ffff8800b4166210 by task syzkaller458348/3325
[   39.357043] 
[   39.358656] CPU: 0 PID: 3325 Comm: syzkaller458348 Not tainted 4.4.113-ge70c132 #27
[   39.366415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.375737]  0000000000000000 eae1dbf084bcf86b ffff8801d024f580 ffffffff81d0278d
[   39.383696]  ffffea0002d05980 ffff8800b4166210 0000000000000000 ffff8800b4166210
[   39.391657]  ffff8801d024f850 ffff8801d024f5b8 ffffffff814fd053 ffff8800b4166210
[   39.399618] Call Trace:
[   39.402174]  [<ffffffff81d0278d>] dump_stack+0xc1/0x124
[   39.407507]  [<ffffffff814fd053>] print_address_description+0x73/0x260
[   39.414140]  [<ffffffff814fd565>] kasan_report+0x285/0x370
[   39.419729]  [<ffffffff81d1e171>] ? strnlen+0xc1/0xd0
[   39.424895]  [<ffffffff814fd664>] __asan_report_load1_noabort+0x14/0x20
[   39.431620]  [<ffffffff81d1e171>] strnlen+0xc1/0xd0
[   39.436604]  [<ffffffff81d25dfc>] string.isra.4+0x4c/0x240
[   39.442196]  [<ffffffff81d214e8>] ? format_decode+0x118/0xa50
[   39.448046]  [<ffffffff81d2b2a6>] vsnprintf+0x766/0x15f0
[   39.453465]  [<ffffffff81d2ab40>] ? pointer.isra.22+0xa00/0xa00
[   39.459493]  [<ffffffff8376bf82>] ? __mutex_unlock_slowpath+0x242/0x3b0
[   39.466213]  [<ffffffff8117160f>] __request_module+0x14f/0x810
[   39.472158]  [<ffffffff8376bd40>] ? __ww_mutex_lock_interruptible+0x14d0/0x14d0
[   39.479576]  [<ffffffff811714c0>] ? call_usermodehelper_setup+0x2c0/0x2c0
[   39.486467]  [<ffffffff8376bf48>] ? __mutex_unlock_slowpath+0x208/0x3b0
[   39.493185]  [<ffffffff8376c0f9>] ? mutex_unlock+0x9/0x10
[   39.498688]  [<ffffffff8302c36b>] ? xt_find_target+0x17b/0x1e0
[   39.504626]  [<ffffffff8302c64b>] xt_request_find_target+0x8b/0xb0
[   39.510913]  [<ffffffff8326a258>] translate_compat_table+0x568/0x1760
[   39.517462]  [<ffffffff83269cf0>] ? ipt_register_table+0x1f0/0x1f0
[   39.523747]  [<ffffffff814945a4>] ? __might_fault+0xe4/0x1d0
[   39.529512]  [<ffffffff81514328>] ? check_stack_object+0x68/0x140
[   39.535709]  [<ffffffff81514554>] ? __check_object_size+0x154/0x35b
[   39.542080]  [<ffffffff810002b8>] ? 0xffffffff810002b8
[   39.547324]  [<ffffffff8326b641>] compat_do_replace.isra.15+0x1f1/0x410
[   39.554047]  [<ffffffff8326b450>] ? translate_compat_table+0x1760/0x1760
[   39.560854]  [<ffffffff812357af>] ? mark_held_locks+0xaf/0x100
[   39.566793]  [<ffffffff8114810f>] ? ns_capable_common+0xcf/0x160
[   39.572904]  [<ffffffff8326b966>] compat_do_ipt_set_ctl+0x106/0x150
[   39.579277]  [<ffffffff82f94e58>] compat_nf_setsockopt+0x88/0x130
[   39.585474]  [<ffffffff8326b860>] ? compat_do_replace.isra.15+0x410/0x410
[   39.592368]  [<ffffffff830fc26d>] compat_ip_setsockopt+0x9d/0xf0
[   39.598480]  [<ffffffff83105455>] inet_csk_compat_setsockopt+0x95/0x120
[   39.605208]  [<ffffffff830fc1d0>] ? ip_setsockopt+0xb0/0xb0
[   39.610888]  [<ffffffff8311acbd>] compat_tcp_setsockopt+0x3d/0x70
[   39.617089]  [<ffffffff82df0732>] compat_sock_common_setsockopt+0xb2/0x140
[   39.624067]  [<ffffffff8311ac80>] ? tcp_setsockopt+0xd0/0xd0
[   39.629831]  [<ffffffff82ed7659>] compat_SyS_setsockopt+0x149/0x290
[   39.636202]  [<ffffffff82df0680>] ? sock_common_setsockopt+0xd0/0xd0
[   39.642659]  [<ffffffff82ed7510>] ? scm_detach_fds_compat+0x3c0/0x3c0
[   39.649214]  [<ffffffff8148ab8e>] ? vmacache_update+0xfe/0x130
[   39.655153]  [<ffffffff81006b37>] ? do_fast_syscall_32+0xd7/0x890
[   39.661351]  [<ffffffff82ed7510>] ? scm_detach_fds_compat+0x3c0/0x3c0
[   39.667896]  [<ffffffff81006d74>] do_fast_syscall_32+0x314/0x890
[   39.674006]  [<ffffffff837734ea>] sysenter_flags_fixed+0xd/0x17
[   39.680027] 
[   39.681622] Allocated by task 3325:
[   39.685214]  [<ffffffff81035df6>] save_stack_trace+0x26/0x50
[   39.691094]  [<ffffffff814fc0c3>] save_stack+0x43/0xd0
[   39.696451]  [<ffffffff814fc38d>] kasan_kmalloc+0xad/0xe0
[   39.702071]  [<ffffffff814f8674>] __kmalloc+0x124/0x320
[   39.707516]  [<ffffffff8302de91>] xt_alloc_table_info+0x71/0x100
[   39.713741]  [<ffffffff8326b5bb>] compat_do_replace.isra.15+0x16b/0x410
[   39.720573]  [<ffffffff8326b966>] compat_do_ipt_set_ctl+0x106/0x150
[   39.727062]  [<ffffffff82f94e58>] compat_nf_setsockopt+0x88/0x130
[   39.733376]  [<ffffffff830fc26d>] compat_ip_setsockopt+0x9d/0xf0
[   39.739603]  [<ffffffff83105455>] inet_csk_compat_setsockopt+0x95/0x120
[   39.746436]  [<ffffffff8311acbd>] compat_tcp_setsockopt+0x3d/0x70
[   39.752752]  [<ffffffff82df0732>] compat_sock_common_setsockopt+0xb2/0x140
[   39.759849]  [<ffffffff82ed7659>] compat_SyS_setsockopt+0x149/0x290
[   39.766334]  [<ffffffff81006d74>] do_fast_syscall_32+0x314/0x890
[   39.772559]  [<ffffffff837734ea>] sysenter_flags_fixed+0xd/0x17
[   39.778700] 
[   39.780296] Freed by task 1888:
[   39.783540]  [<ffffffff81035df6>] save_stack_trace+0x26/0x50
[   39.789421]  [<ffffffff814fc0c3>] save_stack+0x43/0xd0
[   39.794778]  [<ffffffff814fc9e2>] kasan_slab_free+0x72/0xc0
[   39.800567]  [<ffffffff814f947c>] kfree+0xfc/0x300
[   39.805577]  [<ffffffff8152dd8d>] free_bprm+0x19d/0x200
[   39.811033]  [<ffffffff81533401>] do_execveat_common.isra.33+0x1711/0x1e60
[   39.818132]  [<ffffffff815344c2>] SyS_execve+0x42/0x50
[   39.823493]  [<ffffffff83771e75>] return_from_execve+0x0/0x23
[   39.829456] 
[   39.831053] The buggy address belongs to the object at ffff8800b4166140
[   39.831053]  which belongs to the cache kmalloc-256 of size 256
[   39.843674] The buggy address is located 208 bytes inside of
[   39.843674]  256-byte region [ffff8800b4166140, ffff8800b4166240)
[   39.855513] The buggy address belongs to the page:
[   41.309793] PANIC: double fault, error_code: 0x0
[   41.314585] CPU: 0 PID: 3325 Comm: syzkaller458348 Not tainted 4.4.113-ge70c132 #27
[   41.322345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.331668] task: ffff8800b4f7c740 task.stack: ffff8801d0248000
[   41.337695] RIP: 0010:[<ffffffff8148f762>]  [<ffffffff8148f762>] dump_page_badflags+0x12/0x250
[   41.346532] RSP: 0018:ffff880100000000  EFLAGS: 00010046
[   41.351951] RAX: ffff8800b4f7c740 RBX: ffffea0002d05980 RCX: ffffffff8148f8d0
[   41.359191] RDX: 0000000000000000 RSI: ffffffff838a8de0 RDI: ffffea0002d05980
[   41.366430] RBP: ffff880100000020 R08: 0000000000000001 R09: 0000000000000000
[   41.373666] R10: 0000000000000002 R11: fffffbfff0ad7e26 R12: 0000000000000000
[   41.380902] R13: ffffffff838a8de0 R14: 0000000000000000 R15: 0000000000000000
[   41.388140] FS:  0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000098bb840
[   41.396337] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   41.402192] CR2: ffff8800fffffff8 CR3: 00000001d445e000 CR4: 0000000000160670
[   41.409431] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   41.416672] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   41.423909] Stack:
[   41.426022] 
[   41.427614] Call Trace:
[   41.430162]  <UNK> 
[   41.432187] Code: 00 e9 50 fd ff ff e8 6e df 06 00 e9 1d fd ff ff 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 49 89 d4 <53> 48 89 fb 48 83 ec 08 e8 b1 04 ed ff 48 8d 7b 10 48 b8 00 00 
[   41.459190] Kernel panic - not syncing: Machine halted.
[   41.464522] CPU: 0 PID: 3325 Comm: syzkaller458348 Not tainted 4.4.113-ge70c132 #27
[   41.472284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.481604]  0000000000000000 eae1dbf084bcf86b ffff8801db20ce38 ffffffff81d0278d
[   41.489567]  ffffffff83837200 ffff8801db20cf10 ffffffff83808040 ffff880100000000
[   41.497540]  0000000000000000 ffff8801db20cf00 ffffffff81419b6a 0000000041b58ab3
[   41.505497] Call Trace:
[   41.508047]  <#DF>  [<ffffffff81d0278d>] dump_stack+0xc1/0x124
[   41.514131]  [<ffffffff81419b6a>] panic+0x1aa/0x388
[   41.519119]  [<ffffffff814199c0>] ? percpu_up_read.constprop.45+0xe1/0xe1
[   41.526012]  [<ffffffff81269242>] ? vprintk_emit+0x242/0x850
[   41.531781]  [<ffffffff8148f777>] ? dump_page_badflags+0x27/0x250
[   41.537979]  [<ffffffff81269242>] ? vprintk_emit+0x242/0x850
[   41.543744]  [<ffffffff810caf6d>] df_debug+0x2d/0x30
[   41.548814]  [<ffffffff81012d2b>] do_double_fault+0x10b/0x210
[   41.554667]  [<ffffffff83772c3d>] double_fault+0x2d/0x40
[   41.560087]  [<ffffffff8148f8d0>] ? dump_page_badflags+0x180/0x250
[   41.566372]  [<ffffffff8148f762>] ? dump_page_badflags+0x12/0x250
[   41.572568]  <<EOE>>  <UNK> 
[   41.575955] Dumping ftrace buffer:
[   41.579780]    (ftrace buffer empty)
[   41.583457] Kernel Offset: disabled
[   41.587060] Rebooting in 86400 seconds..