INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-upstream-net-kasan-gce-4,10.128.0.2' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.654344] ================================================================== [ 33.655480] BUG: KASAN: wild-memory-access in scatterwalk_copychunks+0x206/0x480 [ 33.656487] Write of size 16 at addr 0005080000000000 by task syzkaller952806/3086 [ 33.657534] [ 33.657777] CPU: 1 PID: 3086 Comm: syzkaller952806 Not tainted 4.15.0-rc2+ #142 [ 33.658755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.660018] Call Trace: [ 33.660379] dump_stack+0x194/0x257 [ 33.660871] ? arch_local_irq_restore+0x53/0x53 [ 33.661502] ? scatterwalk_copychunks+0x206/0x480 [ 33.662150] kasan_report+0x13b/0x340 [ 33.662699] check_memory_region+0x137/0x190 [ 33.663288] memcpy+0x37/0x50 [ 33.663712] scatterwalk_copychunks+0x206/0x480 [ 33.664402] blkcipher_walk_done+0xa4b/0xde0 [ 33.665020] glue_ctr_crypt_128bit+0x597/0xc20 [ 33.665667] ? glue_ecb_crypt_128bit+0x5c0/0x5c0 [ 33.666311] ? wp512_final+0x19e/0x2a0 [ 33.666834] ? memset+0x31/0x40 [ 33.667283] ? memzero_explicit+0xe/0x10 [ 33.667856] ? wp384_final+0x8b/0xc0 [ 33.668357] ? wp256_final+0xc0/0xc0 [ 33.668878] ? wp512_update+0x3b5/0x510 [ 33.669440] ctr_crypt+0x34/0x40 [ 33.669909] ? ctr_crypt+0x34/0x40 [ 33.670389] ? encrypt_callback+0x240/0x240 [ 33.670971] __ablk_encrypt+0x1d1/0x2d0 [ 33.671509] ? ablk_set_key+0x1a0/0x1a0 [ 33.672045] ? shash_async_update+0x20/0x20 [ 33.672623] ? kfree+0xe4/0x250 [ 33.673069] ? __ablk_encrypt+0x2d0/0x2d0 [ 33.673631] ablk_encrypt+0x23e/0x2c0 [ 33.674142] ? __ablk_encrypt+0x2d0/0x2d0 [ 33.676163] skcipher_decrypt_ablkcipher+0x312/0x420 [ 33.681236] ? scatterwalk_ffwd+0xbf/0x370 [ 33.685448] poly_tail_continue+0x42a/0x6b0 [ 33.689745] poly_tail+0x40f/0x520 [ 33.693262] poly_cipherpad+0x33e/0x470 [ 33.697209] poly_cipher+0x303/0x440 [ 33.700896] poly_adpad+0x347/0x480 [ 33.704498] poly_ad+0x25c/0x300 [ 33.707836] poly_setkey+0x2fc/0x3e0 [ 33.711521] poly_init+0x16c/0x1d0 [ 33.715031] poly_genkey+0x422/0x590 [ 33.718715] chachapoly_decrypt+0x73/0x90 [ 33.722830] aead_recvmsg+0x14a7/0x1bc0 [ 33.726793] ? aead_release+0x50/0x50 [ 33.730590] ? selinux_socket_recvmsg+0x36/0x40 [ 33.735236] ? security_socket_recvmsg+0x91/0xc0 [ 33.739969] ? aead_release+0x50/0x50 [ 33.743740] sock_recvmsg+0xc9/0x110 [ 33.747427] ? __sock_recv_wifi_status+0x210/0x210 [ 33.752324] ___sys_recvmsg+0x29b/0x630 [ 33.756277] ? ___sys_sendmsg+0x8a0/0x8a0 [ 33.760412] ? fget_raw+0x20/0x20 [ 33.763834] ? __handle_mm_fault+0x3e20/0x3e20 [ 33.768385] ? vmacache_find+0x5f/0x280 [ 33.772334] ? up_read+0x1a/0x40 [ 33.775672] ? __do_page_fault+0x3d6/0xc90 [ 33.779881] ? fd_install+0x4d/0x60 [ 33.783484] ? __fdget+0x18/0x20 [ 33.786828] __sys_recvmsg+0xe2/0x210 [ 33.790595] ? __sys_recvmsg+0xe2/0x210 [ 33.794541] ? SyS_sendmmsg+0x60/0x60 [ 33.798311] ? __do_page_fault+0xc90/0xc90 [ 33.802517] ? SyS_setsockopt+0x215/0x360 [ 33.806647] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 33.811638] SyS_recvmsg+0x2d/0x50 [ 33.815152] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 33.819875] RIP: 0033:0x43ff39 [ 33.823032] RSP: 002b:00007ffe6f979678 EFLAGS: 00000217 ORIG_RAX: 000000000000002f [ 33.830709] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff39 [ 33.837944] RDX: 0000000000000000 RSI: 0000000020c0c000 RDI: 0000000000000004 [ 33.845190] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 33.852428] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018a0 [ 33.859669] R13: 0000000000401930 R14: 0000000000000000 R15: 0000000000000000 [ 33.866925] ================================================================== [ 33.874246] Disabling lock debugging due to kernel taint [ 33.879720] Kernel panic - not syncing: panic_on_warn set ... [ 33.879720] [ 33.887053] CPU: 1 PID: 3086 Comm: syzkaller952806 Tainted: G B 4.15.0-rc2+ #142 [ 33.895765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.905085] Call Trace: [ 33.907641] dump_stack+0x194/0x257 [ 33.911238] ? arch_local_irq_restore+0x53/0x53 [ 33.915877] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 33.920607] ? vsnprintf+0x1ed/0x1900 [ 33.924373] ? scatterwalk_copychunks+0x1c0/0x480 [ 33.929180] panic+0x1e4/0x41c [ 33.932338] ? refcount_error_report+0x214/0x214 [ 33.937063] ? add_taint+0x1c/0x50 [ 33.940579] ? add_taint+0x1c/0x50 [ 33.944089] ? scatterwalk_copychunks+0x206/0x480 [ 33.948900] kasan_end_report+0x50/0x50 [ 33.952842] kasan_report+0x144/0x340 [ 33.956967] check_memory_region+0x137/0x190 [ 33.961349] memcpy+0x37/0x50 [ 33.964422] scatterwalk_copychunks+0x206/0x480 [ 33.969063] blkcipher_walk_done+0xa4b/0xde0 [ 33.973445] glue_ctr_crypt_128bit+0x597/0xc20 [ 33.978018] ? glue_ecb_crypt_128bit+0x5c0/0x5c0 [ 33.982749] ? wp512_final+0x19e/0x2a0 [ 33.986602] ? memset+0x31/0x40 [ 33.989854] ? memzero_explicit+0xe/0x10 [ 33.993880] ? wp384_final+0x8b/0xc0 [ 33.997561] ? wp256_final+0xc0/0xc0 [ 34.001239] ? wp512_update+0x3b5/0x510 [ 34.005192] ctr_crypt+0x34/0x40 [ 34.008525] ? ctr_crypt+0x34/0x40 [ 34.012030] ? encrypt_callback+0x240/0x240 [ 34.016319] __ablk_encrypt+0x1d1/0x2d0 [ 34.020280] ? ablk_set_key+0x1a0/0x1a0 [ 34.024220] ? shash_async_update+0x20/0x20 [ 34.028509] ? kfree+0xe4/0x250 [ 34.031757] ? __ablk_encrypt+0x2d0/0x2d0 [ 34.035869] ablk_encrypt+0x23e/0x2c0 [ 34.039634] ? __ablk_encrypt+0x2d0/0x2d0 [ 34.043746] skcipher_decrypt_ablkcipher+0x312/0x420 [ 34.048815] ? scatterwalk_ffwd+0xbf/0x370 [ 34.053017] poly_tail_continue+0x42a/0x6b0 [ 34.057305] poly_tail+0x40f/0x520 [ 34.060812] poly_cipherpad+0x33e/0x470 [ 34.064751] poly_cipher+0x303/0x440 [ 34.068430] poly_adpad+0x347/0x480 [ 34.072025] poly_ad+0x25c/0x300 [ 34.075365] poly_setkey+0x2fc/0x3e0 [ 34.079047] poly_init+0x16c/0x1d0 [ 34.082557] poly_genkey+0x422/0x590 [ 34.086246] chachapoly_decrypt+0x73/0x90 [ 34.090366] aead_recvmsg+0x14a7/0x1bc0 [ 34.094325] ? aead_release+0x50/0x50 [ 34.098093] ? selinux_socket_recvmsg+0x36/0x40 [ 34.102729] ? security_socket_recvmsg+0x91/0xc0 [ 34.107452] ? aead_release+0x50/0x50 [ 34.111223] sock_recvmsg+0xc9/0x110 [ 34.114917] ? __sock_recv_wifi_status+0x210/0x210 [ 34.119810] ___sys_recvmsg+0x29b/0x630 [ 34.124285] ? ___sys_sendmsg+0x8a0/0x8a0 [ 34.128407] ? fget_raw+0x20/0x20 [ 34.131830] ? __handle_mm_fault+0x3e20/0x3e20 [ 34.136379] ? vmacache_find+0x5f/0x280 [ 34.140323] ? up_read+0x1a/0x40 [ 34.143657] ? __do_page_fault+0x3d6/0xc90 [ 34.147856] ? fd_install+0x4d/0x60 [ 34.151449] ? __fdget+0x18/0x20 [ 34.154788] __sys_recvmsg+0xe2/0x210 [ 34.159073] ? __sys_recvmsg+0xe2/0x210 [ 34.163015] ? SyS_sendmmsg+0x60/0x60 [ 34.166781] ? __do_page_fault+0xc90/0xc90 [ 34.170982] ? SyS_setsockopt+0x215/0x360 [ 34.175100] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 34.180085] SyS_recvmsg+0x2d/0x50 [ 34.183592] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 34.188310] RIP: 0033:0x43ff39 [ 34.191463] RSP: 002b:00007ffe6f979678 EFLAGS: 00000217 ORIG_RAX: 000000000000002f [ 34.199134] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043ff39 [ 34.206369] RDX: 0000000000000000 RSI: 0000000020c0c000 RDI: 0000000000000004 [ 34.213604] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 [ 34.220838] R10: 0000000000000000 R11: 0000000000000217 R12: 00000000004018a0 [ 34.228073] R13: 0000000000401930 R14: 0000000000000000 R15: 0000000000000000 [ 34.235351] Dumping ftrace buffer: [ 34.238859] (ftrace buffer empty) [ 34.242536] Kernel Offset: disabled [ 34.246135] Rebooting in 86400 seconds..