Warning: Permanently added '10.128.1.57' (ECDSA) to the list of known hosts. 2019/12/02 10:55:17 parsed 1 programs 2019/12/02 10:55:19 executed programs: 0 [ 80.883129][ T9038] IPVS: ftp: loaded support on port[0] = 21 [ 80.946895][ T9038] chnl_net:caif_netlink_parms(): no params data found [ 80.976085][ T9038] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.983804][ T9038] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.991790][ T9038] device bridge_slave_0 entered promiscuous mode [ 81.000016][ T9038] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.007216][ T9038] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.015013][ T9038] device bridge_slave_1 entered promiscuous mode [ 81.033814][ T9038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.044966][ T9038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.064607][ T9038] team0: Port device team_slave_0 added [ 81.071943][ T9038] team0: Port device team_slave_1 added [ 81.142530][ T9038] device hsr_slave_0 entered promiscuous mode [ 81.180269][ T9038] device hsr_slave_1 entered promiscuous mode [ 81.254764][ T9038] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.302350][ T9038] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.352112][ T9038] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.402305][ T9038] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.470910][ T9038] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.478197][ T9038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.486223][ T9038] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.493340][ T9038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.528178][ T9038] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.542870][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 81.564613][ T3054] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.583487][ T3054] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.591872][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 81.604659][ T9038] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.614865][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.624188][ T3695] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.631297][ T3695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.642645][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.651525][ T3054] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.658558][ T3054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.680951][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 81.689647][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 81.698746][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 81.707439][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 81.716540][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 81.725843][ T9038] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 81.742838][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 81.750682][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 81.763550][ T9038] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.978655][ T9045] ================================================================== [ 81.986968][ T9045] BUG: KASAN: slab-out-of-bounds in pipe_write+0xe30/0x1000 [ 81.994231][ T9045] Write of size 8 at addr ffff888097ee17a8 by task syz-executor.0/9045 [ 82.002439][ T9045] [ 82.004754][ T9045] CPU: 0 PID: 9045 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 82.012997][ T9045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.023031][ T9045] Call Trace: [ 82.026332][ T9045] dump_stack+0x197/0x210 [ 82.030644][ T9045] ? pipe_write+0xe30/0x1000 [ 82.035215][ T9045] print_address_description.constprop.0.cold+0xd4/0x30b [ 82.042212][ T9045] ? pipe_write+0xe30/0x1000 [ 82.046777][ T9045] ? pipe_write+0xe30/0x1000 [ 82.051359][ T9045] __kasan_report.cold+0x1b/0x41 [ 82.056274][ T9045] ? pipe_write+0xe30/0x1000 [ 82.060855][ T9045] kasan_report+0x12/0x20 [ 82.065163][ T9045] __asan_report_store8_noabort+0x17/0x20 [ 82.070873][ T9045] pipe_write+0xe30/0x1000 [ 82.075274][ T9045] new_sync_write+0x4d3/0x770 [ 82.079930][ T9045] ? new_sync_read+0x800/0x800 [ 82.084678][ T9045] ? __fget+0x37f/0x550 [ 82.088843][ T9045] ? apparmor_file_permission+0x25/0x30 [ 82.094376][ T9045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.100611][ T9045] ? security_file_permission+0x8f/0x380 [ 82.106225][ T9045] __vfs_write+0xe1/0x110 [ 82.110549][ T9045] vfs_write+0x268/0x5d0 [ 82.114776][ T9045] ksys_write+0x220/0x290 [ 82.119080][ T9045] ? __ia32_sys_read+0xb0/0xb0 [ 82.123822][ T9045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.129256][ T9045] ? do_fast_syscall_32+0xd1/0xe16 [ 82.134347][ T9045] ? entry_SYSENTER_compat+0x70/0x7f [ 82.139604][ T9045] ? do_fast_syscall_32+0xd1/0xe16 [ 82.144696][ T9045] __ia32_sys_write+0x71/0xb0 [ 82.149349][ T9045] do_fast_syscall_32+0x27b/0xe16 [ 82.154370][ T9045] entry_SYSENTER_compat+0x70/0x7f [ 82.159458][ T9045] RIP: 0023:0xf7f4ba39 [ 82.163521][ T9045] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 82.183103][ T9045] RSP: 002b:00000000f7f470cc EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 82.191509][ T9045] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 82.199467][ T9045] RDX: 00000000fffffef3 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.207417][ T9045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.215366][ T9045] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 82.223316][ T9045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.231287][ T9045] [ 82.233602][ T9045] Allocated by task 9047: [ 82.237910][ T9045] save_stack+0x23/0x90 [ 82.242055][ T9045] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 82.247661][ T9045] kasan_kmalloc+0x9/0x10 [ 82.251968][ T9045] __kmalloc+0x163/0x770 [ 82.256186][ T9045] pipe_fcntl+0x3f7/0x8e0 [ 82.260490][ T9045] do_fcntl+0x255/0x1030 [ 82.264721][ T9045] do_compat_fcntl64+0x387/0x540 [ 82.269635][ T9045] __ia32_compat_sys_fcntl64+0x73/0xb0 [ 82.275072][ T9045] do_fast_syscall_32+0x27b/0xe16 [ 82.280073][ T9045] entry_SYSENTER_compat+0x70/0x7f [ 82.285151][ T9045] [ 82.287453][ T9045] Freed by task 0: [ 82.291145][ T9045] (stack is not available) [ 82.295534][ T9045] [ 82.297840][ T9045] The buggy address belongs to the object at ffff888097ee1780 [ 82.297840][ T9045] which belongs to the cache kmalloc-64(17:syz0) of size 64 [ 82.312530][ T9045] The buggy address is located 40 bytes inside of [ 82.312530][ T9045] 64-byte region [ffff888097ee1780, ffff888097ee17c0) [ 82.325715][ T9045] The buggy address belongs to the page: [ 82.331337][ T9045] page:ffffea00025fb840 refcount:1 mapcount:0 mapping:ffff8880a8a1d700 index:0xffff888097ee1f80 [ 82.341727][ T9045] raw: 00fffe0000000200 ffff8880a1823738 ffff8880a1823738 ffff8880a8a1d700 [ 82.350296][ T9045] raw: ffff888097ee1f80 ffff888097ee1000 0000000100000010 0000000000000000 [ 82.358857][ T9045] page dumped because: kasan: bad access detected [ 82.365256][ T9045] [ 82.367564][ T9045] Memory state around the buggy address: [ 82.373215][ T9045] ffff888097ee1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.381297][ T9045] ffff888097ee1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.389334][ T9045] >ffff888097ee1780: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 82.397380][ T9045] ^ [ 82.402736][ T9045] ffff888097ee1800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.410775][ T9045] ffff888097ee1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.418822][ T9045] ================================================================== [ 82.426856][ T9045] Disabling lock debugging due to kernel taint [ 82.436241][ T9045] Kernel panic - not syncing: panic_on_warn set ... [ 82.442838][ T9045] CPU: 0 PID: 9045 Comm: syz-executor.0 Tainted: G B 5.4.0-syzkaller #0 [ 82.452439][ T9045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.462479][ T9045] Call Trace: [ 82.465771][ T9045] dump_stack+0x197/0x210 [ 82.470082][ T9045] panic+0x2e3/0x75c [ 82.473970][ T9045] ? add_taint.cold+0x16/0x16 [ 82.478626][ T9045] ? pipe_write+0xe30/0x1000 [ 82.483193][ T9045] ? preempt_schedule+0x4b/0x60 [ 82.488121][ T9045] ? ___preempt_schedule+0x16/0x18 [ 82.493268][ T9045] ? trace_hardirqs_on+0x5e/0x240 [ 82.498272][ T9045] ? pipe_write+0xe30/0x1000 [ 82.502840][ T9045] end_report+0x47/0x4f [ 82.507022][ T9045] ? pipe_write+0xe30/0x1000 [ 82.511591][ T9045] __kasan_report.cold+0xe/0x41 [ 82.516421][ T9045] ? pipe_write+0xe30/0x1000 [ 82.520988][ T9045] kasan_report+0x12/0x20 [ 82.525294][ T9045] __asan_report_store8_noabort+0x17/0x20 [ 82.531034][ T9045] pipe_write+0xe30/0x1000 [ 82.535450][ T9045] new_sync_write+0x4d3/0x770 [ 82.540122][ T9045] ? new_sync_read+0x800/0x800 [ 82.544866][ T9045] ? __fget+0x37f/0x550 [ 82.549000][ T9045] ? apparmor_file_permission+0x25/0x30 [ 82.554539][ T9045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.560772][ T9045] ? security_file_permission+0x8f/0x380 [ 82.566392][ T9045] __vfs_write+0xe1/0x110 [ 82.570717][ T9045] vfs_write+0x268/0x5d0 [ 82.574938][ T9045] ksys_write+0x220/0x290 [ 82.579246][ T9045] ? __ia32_sys_read+0xb0/0xb0 [ 82.584010][ T9045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.589461][ T9045] ? do_fast_syscall_32+0xd1/0xe16 [ 82.594550][ T9045] ? entry_SYSENTER_compat+0x70/0x7f [ 82.599813][ T9045] ? do_fast_syscall_32+0xd1/0xe16 [ 82.604905][ T9045] __ia32_sys_write+0x71/0xb0 [ 82.609564][ T9045] do_fast_syscall_32+0x27b/0xe16 [ 82.614570][ T9045] entry_SYSENTER_compat+0x70/0x7f [ 82.619656][ T9045] RIP: 0023:0xf7f4ba39 [ 82.623734][ T9045] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 82.643319][ T9045] RSP: 002b:00000000f7f470cc EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 82.651709][ T9045] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 82.659658][ T9045] RDX: 00000000fffffef3 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.667884][ T9045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.675859][ T9045] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 82.683839][ T9045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.693065][ T9045] Kernel Offset: disabled [ 82.697402][ T9045] Rebooting in 86400 seconds..