Starting OpenBSD Secure Shell server...
Starting Permit User Sessions...
[�[0;32m OK �[0m] Started Permit User Sessions.
[�[0;32m OK �[0m] Started Getty on tty4.
[�[0;32m OK �[0m] Started Getty on tty3.
[�[0;32m OK �[0m] Started Getty on tty6.
[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Getty on tty5.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts.
executing program
[�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (8s / 1min 30s)�[K[�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (8s / 1min 30s)�[K[�[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (9s / 1min 30s)�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (9s / 1min 30s)�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m* �[0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m*�[0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)�[K[ �[0;31m*�[0;1;31m*�[0m] A start job is running for dev-ttyS0.device (11s / 1min 30s)�[K[ �[0;31m*�[0m] A start job is running for dev-ttyS0.device (11s / 1min 30s)�[K[ �[0;31m*�[0;1;31m*�[0m] A start job is running for dev-ttyS0.device (12s / 1min 30s)[ 19.921030][ T22] audit: type=1400 audit(1617151036.441:8): avc: denied { execmem } for pid=341 comm="syz-executor319" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 19.953757][ T343] ==================================================================
[ 19.961854][ T343] BUG: KASAN: slab-out-of-bounds in eth_header_parse_protocol+0xad/0xd0
[ 19.970183][ T343] Read of size 2 at addr ffff8881e97c600b by task syz-executor319/343
[ 19.978308][ T343]
[ 19.980637][ T343] CPU: 1 PID: 343 Comm: syz-executor319 Not tainted 5.4.108-syzkaller-00848-g4a75e4d41639 #0
[ 19.990847][ T343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 20.000902][ T343] Call Trace:
[ 20.004186][ T343] dump_stack+0x1d8/0x24e
[ 20.008514][ T343] ? gfp_pfmemalloc_allowed+0x120/0x120
[ 20.014043][ T343] ? vmacache_find+0x205/0x4b0
[ 20.018801][ T343] ? show_regs_print_info+0x12/0x12
[ 20.023979][ T343] ? printk+0xcf/0x114
[ 20.028046][ T343] print_address_description+0x9b/0x650
[ 20.033696][ T343] ? devkmsg_release+0x11c/0x11c
[ 20.038617][ T343] ? page_fault+0x2f/0x40
[ 20.043014][ T343] __kasan_report+0x182/0x260
[ 20.047679][ T343] ? eth_header_parse_protocol+0xad/0xd0
[ 20.053447][ T343] kasan_report+0x30/0x60
[ 20.057782][ T343] eth_header_parse_protocol+0xad/0xd0
[ 20.063263][ T343] ? eth_header_cache_update+0x30/0x30
[ 20.068721][ T343] virtio_net_hdr_to_skb+0x6de/0xd70
[ 20.075119][ T343] ? fanout_demux_bpf+0x230/0x230
[ 20.080137][ T343] ? skb_copy_datagram_from_iter+0x604/0x6b0
[ 20.086098][ T343] packet_sendmsg+0x483a/0x6780
[ 20.091064][ T343] ? debug_smp_processor_id+0x20/0x20
[ 20.097330][ T343] ? debug_smp_processor_id+0x20/0x20
[ 20.102721][ T343] ? avc_has_perm_noaudit+0x30c/0x400
[ 20.108103][ T343] ? avc_denied+0x1c0/0x1c0
[ 20.112674][ T343] ? memset+0x1f/0x40
[ 20.116659][ T343] ? selinux_socket_sendmsg+0x11f/0x340
[ 20.122204][ T343] ? selinux_socket_accept+0x5b0/0x5b0
[ 20.127717][ T343] ? compat_packet_setsockopt+0x160/0x160
[ 20.133452][ T343] ? stack_trace_save+0x120/0x1f0
[ 20.138482][ T343] ? security_socket_sendmsg+0x9d/0xb0
[ 20.143940][ T343] ? compat_packet_setsockopt+0x160/0x160
[ 20.149664][ T343] sock_write_iter+0x330/0x450
[ 20.154414][ T343] ? sock_read_iter+0x430/0x430
[ 20.159265][ T343] ? __kasan_kmalloc+0x1a3/0x1e0
[ 20.164204][ T343] ? security_file_permission+0x128/0x300
[ 20.169924][ T343] aio_write+0x47b/0x610
[ 20.174171][ T343] ? aio_read+0x500/0x500
[ 20.178515][ T343] ? fget_many+0x20/0x20
[ 20.182760][ T343] ? io_submit_one+0x163/0x2300
[ 20.187612][ T343] io_submit_one+0xa59/0x2300
[ 20.192284][ T343] ? lookup_ioctx+0x460/0x460
[ 20.197046][ T343] ? __se_sys_io_submit+0xa9/0x3d0
[ 20.202177][ T343] ? lookup_ioctx+0x273/0x460
[ 20.206970][ T343] __se_sys_io_submit+0x189/0x3d0
[ 20.211979][ T343] ? __x64_sys_io_submit+0x80/0x80
[ 20.217075][ T343] ? security_file_ioctl+0x9d/0xb0
[ 20.222188][ T343] do_syscall_64+0xcb/0x1e0
[ 20.226674][ T343] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 20.232543][ T343] RIP: 0033:0x440579
[ 20.236451][ T343] Code: 28 c3 e8 4a 15 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 20.256034][ T343] RSP: 002b:00007ffdd057ef78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 20.264448][ T343] RAX: ffffffffffffffda RBX: 00007ffdd057efa0 RCX: 0000000000440579
[ 20.272559][ T343] RDX: 0000000020000080 RSI: 0000000000000001 RDI: 00007f54b85a8000
[ 20.280646][ T343] RBP: 0000000000000003 R08: bb1414acd057efa7 R09: bb1414acd057efa7
[ 20.288606][ T343] R10: bb1414acd057efa7 R11: 0000000000000246 R12: 0000000000000000
[ 20.296586][ T343] R13: 00007ffdd057ef90 R14: 00007ffdd057ef88 R15: 00007ffdd057ef84
[ 20.304556][ T343]
[ 20.306866][ T343] Allocated by task 339:
[ 20.311114][ T343] __kasan_kmalloc+0x137/0x1e0
[ 20.315877][ T343] __kmalloc_track_caller+0x13a/0x2e0
[ 20.321238][ T343] __alloc_skb+0xaf/0x4d0
[ 20.325816][ T343] netlink_dump+0x203/0x12d0
[ 20.330390][ T343] netlink_recvmsg+0x6bb/0x11a0
[ 20.335233][ T343] __sys_recvmsg+0x563/0x800
[ 20.339818][ T343] do_syscall_64+0xcb/0x1e0
[ 20.344316][ T343] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 20.350190][ T343]
[ 20.352494][ T343] Freed by task 339:
[ 20.356368][ T343] __kasan_slab_free+0x18a/0x240
[ 20.361287][ T343] slab_free_freelist_hook+0x7b/0x150
[ 20.366650][ T343] kfree+0xe0/0x660
[ 20.370604][ T343] __kfree_skb+0x55/0x170
[ 20.374919][ T343] skb_free_datagram+0x24/0xd0
[ 20.379655][ T343] netlink_recvmsg+0x619/0x11a0
[ 20.384493][ T343] __sys_recvmsg+0x563/0x800
[ 20.389058][ T343] do_syscall_64+0xcb/0x1e0
[ 20.393765][ T343] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 20.399634][ T343]
[ 20.401966][ T343] The buggy address belongs to the object at ffff8881e97c4000
[ 20.401966][ T343] which belongs to the cache kmalloc-8k of size 8192
[ 20.416017][ T343] The buggy address is located 11 bytes to the right of
[ 20.416017][ T343] 8192-byte region [ffff8881e97c4000, ffff8881e97c6000)
[ 20.429790][ T343] The buggy address belongs to the page:
[ 20.435531][ T343] page:ffffea0007a5f000 refcount:1 mapcount:0 mapping:ffff8881f5c0c500 index:0x0 compound_mapcount: 0
[ 20.446439][ T343] flags: 0x8000000000010200(slab|head)
[ 20.451875][ T343] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f5c0c500
[ 20.460484][ T343] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 20.469056][ T343] page dumped because: kasan: bad access detected
[ 20.475549][ T343]
[ 20.477917][ T343] Memory state around the buggy address:
[ 20.483560][ T343] ffff8881e97c5f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 20.491636][ T343] ffff8881e97c5f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 20.499766][ T343] >ffff8881e97c6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 20.507821][ T343] ^
[ 20.512144][ T343] ffff8881e97c6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 20.520197][ T343] ffff8881e97c6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 20.528248][ T343] ==================================================================
[ 20.536295][ T343] Disabling lock debugging due to kernel taint
�[K[ �[0;31m*�[0;1;31m*�[0m�[0;31m*�[0m] A start job is running for dev-ttyS0.device (13s / 1min 30s)