Warning: Permanently added '10.128.0.92' (ECDSA) to the list of known hosts. syzkaller login: [ 34.452252] random: sshd: uninitialized urandom read (32 bytes read) [ 34.566373] kauditd_printk_skb: 10 callbacks suppressed [ 34.566381] audit: type=1400 audit(1572043682.545:36): avc: denied { map } for pid=6730 comm="syz-executor888" path="/root/syz-executor888363741" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 34.576080] ================================================================== [ 34.600879] BUG: unable to handle kernel [ 34.605423] BUG: KASAN: null-ptr-deref in llcp_sock_getname+0x38f/0x4a0 [ 34.605424] NULL pointer dereference at (null) [ 34.609547] Read of size 63 at addr (null) by task syz-executor888/6739 [ 34.616274] IP: memcpy_erms+0x6/0x10 [ 34.621687] [ 34.629276] PGD 9bc60067 [ 34.632960] CPU: 0 PID: 6739 Comm: syz-executor888 Not tainted 4.14.150 #0 [ 34.634557] P4D 9bc60067 [ 34.637284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.644265] PUD 9207a067 [ 34.646994] Call Trace: [ 34.656323] PMD 0 [ 34.659056] dump_stack+0x138/0x197 [ 34.663730] ? llcp_sock_getname+0x38f/0x4a0 [ 34.673660] Oops: 0000 [#1] PREEMPT SMP KASAN [ 34.678043] kasan_report.cold+0x127/0x2af [ 34.682501] Modules linked in: [ 34.686707] check_memory_region+0x123/0x190 [ 34.686714] memcpy+0x24/0x50 [ 34.689887] CPU: 1 PID: 6737 Comm: syz-executor888 Not tainted 4.14.150 #0 [ 34.694267] llcp_sock_getname+0x38f/0x4a0 [ 34.697340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.704325] sock_getsockopt+0xc0d/0x1840 [ 34.708523] task: ffff88808d2ae340 task.stack: ffff8880a7100000 [ 34.717851] ? sk_get_meminfo+0x450/0x450 [ 34.721966] RIP: 0010:memcpy_erms+0x6/0x10 [ 34.728006] ? selinux_tun_dev_create+0xc0/0xc0 [ 34.732121] RSP: 0018:ffff8880a7107bf8 EFLAGS: 00010246 [ 34.736342] ? selinux_socket_getsockopt+0x36/0x40 [ 34.746310] ? security_socket_getsockopt+0x89/0xb0 [ 34.751205] RAX: ffff8880a7107d82 RBX: ffff8880a7107d70 RCX: 000000000000003f [ 34.756193] SyS_getsockopt+0x1bd/0x1e0 [ 34.763432] RDX: 000000000000003f RSI: 0000000000000000 RDI: ffff8880a7107d82 [ 34.767379] ? SyS_setsockopt+0x210/0x210 [ 34.774638] RBP: ffff8880a7107c18 R08: 1ffff11014e20fb0 R09: ffffed1014e20fb9 [ 34.778758] ? do_syscall_64+0x53/0x640 [ 34.785995] R10: ffffed1014e20fb8 R11: ffff8880a7107dc0 R12: 000000000000003f [ 34.789937] ? SyS_setsockopt+0x210/0x210 [ 34.797174] R13: ffff8880a7107d82 R14: 0000000000000000 R15: ffff8880946e19c0 [ 34.801300] do_syscall_64+0x1e8/0x640 [ 34.808539] FS: 0000000001df2880(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000 [ 34.812404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.820600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.825413] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.831271] CR2: 0000000000000000 CR3: 0000000091656000 CR4: 00000000001406e0 [ 34.836427] RIP: 0033:0x4412b9 [ 34.843668] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.846829] RSP: 002b:00007fff17f81598 EFLAGS: 00000246 [ 34.854069] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.854074] ORIG_RAX: 0000000000000037 [ 34.859412] Call Trace: [ 34.866663] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004412b9 [ 34.870612] ? memcpy+0x46/0x50 [ 34.873159] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000003 [ 34.880417] llcp_sock_getname+0x38f/0x4a0 [ 34.883663] RBP: 00000000006cb018 R08: 0000000020000140 R09: 00000000004002c8 [ 34.891035] sock_getsockopt+0xc0d/0x1840 [ 34.895237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402030 [ 34.902489] ? sk_get_meminfo+0x450/0x450 [ 34.906602] R13: 00000000004020c0 R14: 0000000000000000 R15: 0000000000000000 [ 34.913854] ? selinux_tun_dev_create+0xc0/0xc0 [ 34.917970] ================================================================== [ 34.925216] ? selinux_socket_getsockopt+0x36/0x40 [ 34.935606] Kernel panic - not syncing: panic_on_warn set ... [ 34.935606] [ 34.937220] ? security_socket_getsockopt+0x89/0xb0 [ 34.954463] SyS_getsockopt+0x1bd/0x1e0 [ 34.958414] ? SyS_setsockopt+0x210/0x210 [ 34.962537] ? do_syscall_64+0x53/0x640 [ 34.966661] ? SyS_setsockopt+0x210/0x210 [ 34.970785] do_syscall_64+0x1e8/0x640 [ 34.974647] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.979471] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.984637] RIP: 0033:0x4412b9 [ 34.987802] RSP: 002b:00007fff17f81598 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 34.995484] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004412b9 [ 35.002748] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000003 [ 35.009993] RBP: 00000000006cb018 R08: 0000000020000140 R09: 00000000004002c8 [ 35.017242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402030 [ 35.024494] R13: 00000000004020c0 R14: 0000000000000000 R15: 0000000000000000 [ 35.031743] Code: 90 90 90 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 [ 35.050853] RIP: memcpy_erms+0x6/0x10 RSP: ffff8880a7107bf8 [ 35.056536] CR2: 0000000000000000 [ 35.061184] Kernel Offset: disabled [ 35.064800] Rebooting in 86400 seconds..