INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-upstream-kasan-gce-3,10.128.15.211' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.534415] ================================================================== [ 28.535554] BUG: KASAN: stack-out-of-bounds in sha3_update+0xdf/0x2e0 [ 28.536421] Write of size 4096 at addr ffff8801cca2fc40 by task syzkaller319830/3053 [ 28.537453] [ 28.537687] CPU: 0 PID: 3053 Comm: syzkaller319830 Not tainted 4.14.0+ #192 [ 28.538654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.539891] Call Trace: [ 28.540267] dump_stack+0x194/0x257 [ 28.540760] ? arch_local_irq_restore+0x53/0x53 [ 28.541418] ? show_regs_print_info+0x65/0x65 [ 28.542022] ? check_usage+0xb60/0xb60 [ 28.542545] ? sha3_update+0xdf/0x2e0 [ 28.543060] print_address_description+0x73/0x250 [ 28.543705] ? sha3_update+0xdf/0x2e0 [ 28.544233] kasan_report+0x25b/0x340 [ 28.544748] check_memory_region+0x137/0x190 [ 28.545338] memcpy+0x37/0x50 [ 28.545762] sha3_update+0xdf/0x2e0 [ 28.546265] crypto_shash_update+0xcb/0x220 [ 28.546851] shash_finup_unaligned+0x2a/0x60 [ 28.547442] crypto_shash_finup+0xc4/0x120 [ 28.548029] hmac_finup+0x182/0x330 [ 28.548518] ? shash_default_import+0x5b/0x80 [ 28.549123] crypto_shash_finup+0xc4/0x120 [ 28.549692] shash_digest_unaligned+0x9e/0xd0 [ 28.550307] crypto_shash_digest+0xc4/0x120 [ 28.550888] hmac_setkey+0x36a/0x690 [ 28.551424] ? hmac_setkey+0x20/0x690 [ 28.551957] crypto_shash_setkey+0xad/0x190 [ 28.552539] shash_async_setkey+0x47/0x60 [ 28.553109] crypto_ahash_setkey+0xaf/0x180 [ 28.553692] hash_setkey+0x40/0x90 [ 28.554212] ? hash_accept_parent+0xd0/0xd0 [ 28.556322] alg_setsockopt+0x2a1/0x350 [ 28.560271] SyS_setsockopt+0x189/0x360 [ 28.564216] ? SyS_recv+0x40/0x40 [ 28.567638] ? entry_SYSCALL_64_fastpath+0x5/0x96 [ 28.572451] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.577439] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.582168] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 28.586892] RIP: 0033:0x43fdb9 [ 28.590048] RSP: 002b:00007ffcc9c271c8 EFLAGS: 00000217 ORIG_RAX: 0000000000000036 [ 28.597723] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdb9 [ 28.604970] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 28.612206] RBP: 0000000000000086 R08: 0000000000001000 R09: 0000000000000000 [ 28.619443] R10: 0000000020ea5000 R11: 0000000000000217 R12: 0000000000401720 [ 28.626680] R13: 00000000004017b0 R14: 0000000000000000 R15: 0000000000000000 [ 28.633947] [ 28.635542] The buggy address belongs to the page: [ 28.640448] page:ffffea0007328bc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 28.648565] flags: 0x2fffc0000000000() [ 28.652424] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff [ 28.660271] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 28.668122] page dumped because: kasan: bad access detected [ 28.673798] [ 28.675402] Memory state around the buggy address: [ 28.680297] ffff8801cca2fd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.687619] ffff8801cca2fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.694941] >ffff8801cca2fe80: f1 f1 f1 f1 04 f2 f2 f2 f2 f2 f2 f2 04 f2 f2 f2 [ 28.702272] ^ [ 28.705605] ffff8801cca2ff00: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.712927] ffff8801cca2ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.720248] ================================================================== [ 28.727567] Disabling lock debugging due to kernel taint [ 28.733078] Kernel panic - not syncing: panic_on_warn set ... [ 28.733078] [ 28.740431] CPU: 0 PID: 3053 Comm: syzkaller319830 Tainted: G B 4.14.0+ #192 [ 28.748809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.758128] Call Trace: [ 28.760684] dump_stack+0x194/0x257 [ 28.764288] ? arch_local_irq_restore+0x53/0x53 [ 28.768936] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.773657] ? vsnprintf+0x1ed/0x1900 [ 28.777425] ? sha3_update+0x90/0x2e0 [ 28.781191] panic+0x1e4/0x41c [ 28.784347] ? refcount_error_report+0x214/0x214 [ 28.789078] ? add_taint+0x1c/0x50 [ 28.792581] ? add_taint+0x1c/0x50 [ 28.796088] ? sha3_update+0xdf/0x2e0 [ 28.799857] kasan_end_report+0x50/0x50 [ 28.803797] kasan_report+0x144/0x340 [ 28.807568] check_memory_region+0x137/0x190 [ 28.811941] memcpy+0x37/0x50 [ 28.815013] sha3_update+0xdf/0x2e0 [ 28.818614] crypto_shash_update+0xcb/0x220 [ 28.822907] shash_finup_unaligned+0x2a/0x60 [ 28.827281] crypto_shash_finup+0xc4/0x120 [ 28.831481] hmac_finup+0x182/0x330 [ 28.835084] ? shash_default_import+0x5b/0x80 [ 28.839550] crypto_shash_finup+0xc4/0x120 [ 28.843750] shash_digest_unaligned+0x9e/0xd0 [ 28.848210] crypto_shash_digest+0xc4/0x120 [ 28.852498] hmac_setkey+0x36a/0x690 [ 28.856194] ? hmac_setkey+0x20/0x690 [ 28.859963] crypto_shash_setkey+0xad/0x190 [ 28.864268] shash_async_setkey+0x47/0x60 [ 28.868380] crypto_ahash_setkey+0xaf/0x180 [ 28.872668] hash_setkey+0x40/0x90 [ 28.876174] ? hash_accept_parent+0xd0/0xd0 [ 28.880458] alg_setsockopt+0x2a1/0x350 [ 28.884399] SyS_setsockopt+0x189/0x360 [ 28.888339] ? SyS_recv+0x40/0x40 [ 28.891762] ? entry_SYSCALL_64_fastpath+0x5/0x96 [ 28.896581] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.901562] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.906296] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 28.911016] RIP: 0033:0x43fdb9 [ 28.914173] RSP: 002b:00007ffcc9c271c8 EFLAGS: 00000217 ORIG_RAX: 0000000000000036 [ 28.921846] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdb9 [ 28.929082] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 28.936324] RBP: 0000000000000086 R08: 0000000000001000 R09: 0000000000000000 [ 28.943567] R10: 0000000020ea5000 R11: 0000000000000217 R12: 0000000000401720 [ 28.950802] R13: 00000000004017b0 R14: 0000000000000000 R15: 0000000000000000 [ 28.958087] Dumping ftrace buffer: [ 28.961593] (ftrace buffer empty) [ 28.965269] Kernel Offset: disabled [ 28.968864] Rebooting in 86400 seconds..