INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-upstream-next-kasan-gce-0,10.128.15.199' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.891648] ================================================================== [ 33.892757] BUG: KASAN: stack-out-of-bounds in sha3_update+0xdf/0x2e0 [ 33.893643] Write of size 4096 at addr ffff8801cc16fc40 by task syzkaller923632/3049 [ 33.894691] [ 33.894925] CPU: 1 PID: 3049 Comm: syzkaller923632 Not tainted 4.14.0-next-20171124+ #51 [ 33.896000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.897219] Call Trace: [ 33.897576] dump_stack+0x194/0x257 [ 33.898069] ? arch_local_irq_restore+0x53/0x53 [ 33.898691] ? show_regs_print_info+0x65/0x65 [ 33.899297] ? check_usage+0xb60/0xb60 [ 33.899820] ? sha3_update+0xdf/0x2e0 [ 33.900354] print_address_description+0x73/0x250 [ 33.900997] ? sha3_update+0xdf/0x2e0 [ 33.901510] kasan_report+0x25b/0x340 [ 33.902036] check_memory_region+0x137/0x190 [ 33.902626] memcpy+0x37/0x50 [ 33.903049] sha3_update+0xdf/0x2e0 [ 33.903584] crypto_shash_update+0xcb/0x220 [ 33.904170] shash_finup_unaligned+0x2a/0x60 [ 33.904764] crypto_shash_finup+0xc4/0x120 [ 33.905336] hmac_finup+0x182/0x330 [ 33.905823] ? shash_default_import+0x5b/0x80 [ 33.906428] crypto_shash_finup+0xc4/0x120 [ 33.906997] shash_digest_unaligned+0x9e/0xd0 [ 33.907601] crypto_shash_digest+0xc4/0x120 [ 33.908185] hmac_setkey+0x36a/0x690 [ 33.908721] ? hmac_setkey+0x20/0x690 [ 33.909239] crypto_shash_setkey+0xad/0x190 [ 33.909820] shash_async_setkey+0x47/0x60 [ 33.910377] crypto_ahash_setkey+0xaf/0x180 [ 33.910960] hash_setkey+0x40/0x90 [ 33.911438] ? hash_accept_parent+0xd0/0xd0 [ 33.912016] alg_setsockopt+0x2a1/0x350 [ 33.915962] SyS_setsockopt+0x189/0x360 [ 33.919905] ? SyS_recv+0x40/0x40 [ 33.923328] ? entry_SYSCALL_64_fastpath+0x5/0x96 [ 33.928136] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 33.933122] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 33.937850] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 33.942570] RIP: 0033:0x43fdb9 [ 33.945726] RSP: 002b:00007ffcdf753708 EFLAGS: 00000217 ORIG_RAX: 0000000000000036 [ 33.953399] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdb9 [ 33.960634] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 33.967870] RBP: 0000000000000086 R08: 0000000000001000 R09: 0000000000000000 [ 33.975107] R10: 0000000020ea5000 R11: 0000000000000217 R12: 0000000000401720 [ 33.982350] R13: 00000000004017b0 R14: 0000000000000000 R15: 0000000000000000 [ 33.989602] [ 33.991197] The buggy address belongs to the page: [ 33.996090] page:ffffea0007305bc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 34.004198] flags: 0x2fffc0000000000() [ 34.008063] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff [ 34.015908] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 34.023750] page dumped because: kasan: bad access detected [ 34.029422] [ 34.031014] Memory state around the buggy address: [ 34.035907] ffff8801cc16fd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.043232] ffff8801cc16fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.050553] >ffff8801cc16fe80: f1 f1 f1 f1 04 f2 f2 f2 f2 f2 f2 f2 04 f2 f2 f2 [ 34.057874] ^ [ 34.061204] ffff8801cc16ff00: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.068531] ffff8801cc16ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 34.075866] ================================================================== [ 34.083189] Disabling lock debugging due to kernel taint [ 34.088696] Kernel panic - not syncing: panic_on_warn set ... [ 34.088696] [ 34.096028] CPU: 1 PID: 3049 Comm: syzkaller923632 Tainted: G B 4.14.0-next-20171124+ #51 [ 34.105519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.114851] Call Trace: [ 34.117408] dump_stack+0x194/0x257 [ 34.121003] ? arch_local_irq_restore+0x53/0x53 [ 34.125639] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 34.130359] ? vsnprintf+0x1ed/0x1900 [ 34.134127] ? sha3_update+0xc0/0x2e0 [ 34.137904] panic+0x1e4/0x41c [ 34.141063] ? refcount_error_report+0x214/0x214 [ 34.145784] ? add_taint+0x1c/0x50 [ 34.149289] ? add_taint+0x1c/0x50 [ 34.152970] ? sha3_update+0xdf/0x2e0 [ 34.156739] kasan_end_report+0x50/0x50 [ 34.160681] kasan_report+0x144/0x340 [ 34.164449] check_memory_region+0x137/0x190 [ 34.168822] memcpy+0x37/0x50 [ 34.171894] sha3_update+0xdf/0x2e0 [ 34.175496] crypto_shash_update+0xcb/0x220 [ 34.179788] shash_finup_unaligned+0x2a/0x60 [ 34.184167] crypto_shash_finup+0xc4/0x120 [ 34.188373] hmac_finup+0x182/0x330 [ 34.191965] ? shash_default_import+0x5b/0x80 [ 34.196429] crypto_shash_finup+0xc4/0x120 [ 34.200630] shash_digest_unaligned+0x9e/0xd0 [ 34.205091] crypto_shash_digest+0xc4/0x120 [ 34.209381] hmac_setkey+0x36a/0x690 [ 34.213079] ? hmac_setkey+0x20/0x690 [ 34.216862] crypto_shash_setkey+0xad/0x190 [ 34.221157] shash_async_setkey+0x47/0x60 [ 34.225272] crypto_ahash_setkey+0xaf/0x180 [ 34.229561] hash_setkey+0x40/0x90 [ 34.233066] ? hash_accept_parent+0xd0/0xd0 [ 34.237352] alg_setsockopt+0x2a1/0x350 [ 34.241295] SyS_setsockopt+0x189/0x360 [ 34.245238] ? SyS_recv+0x40/0x40 [ 34.248659] ? entry_SYSCALL_64_fastpath+0x5/0x96 [ 34.253466] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 34.258447] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 34.263340] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 34.268069] RIP: 0033:0x43fdb9 [ 34.271228] RSP: 002b:00007ffcdf753708 EFLAGS: 00000217 ORIG_RAX: 0000000000000036 [ 34.278900] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdb9 [ 34.286135] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 34.293369] RBP: 0000000000000086 R08: 0000000000001000 R09: 0000000000000000 [ 34.300603] R10: 0000000020ea5000 R11: 0000000000000217 R12: 0000000000401720 [ 34.307837] R13: 00000000004017b0 R14: 0000000000000000 R15: 0000000000000000 [ 34.315116] Dumping ftrace buffer: [ 34.318622] (ftrace buffer empty) [ 34.322300] Kernel Offset: disabled [ 34.325895] Rebooting in 86400 seconds..