Warning: Permanently added '10.128.0.111' (ECDSA) to the list of known hosts. syzkaller login: [ 80.500991] audit: type=1400 audit(1591632609.095:8): avc: denied { execmem } for pid=6353 comm="syz-executor597" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 80.727117] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program [ 81.826965] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 82.867257] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 83.877215] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 84.856425] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 85.816339] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 102.974239] ================================================================== [ 102.981676] BUG: KASAN: stack-out-of-bounds in unwind_next_frame+0x131a/0x1700 [ 102.989030] Read of size 8 at addr ffff8880952af9a0 by task syz-executor597/7186 [ 102.996577] [ 102.998205] CPU: 1 PID: 7186 Comm: syz-executor597 Not tainted 4.14.183-syzkaller #0 [ 103.006089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.015449] Call Trace: [ 103.018043] dump_stack+0x1b2/0x283 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.021679] ? unwind_next_frame+0x131a/0x1700 [ 103.026272] print_address_description.cold+0x54/0x1dc [ 103.031555] ? unwind_next_frame+0x131a/0x1700 [ 103.036136] kasan_report.cold+0xa9/0x2b9 [ 103.040460] unwind_next_frame+0x131a/0x1700 [ 103.044868] ? retint_kernel+0x2d/0x2d [ 103.048771] ? deref_stack_reg+0xc0/0xc0 [ 103.052828] ? no_context+0x9c/0x7c0 [ 103.056542] ? check_preemption_disabled+0x35/0x240 [ 103.061559] ? retint_kernel+0x2d/0x2d [ 103.065444] perf_callchain_kernel+0x38c/0x520 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.070026] ? arch_perf_update_userpage+0x300/0x300 [ 103.075127] ? __do_page_fault+0x19a/0xb50 [ 103.079366] ? cmp_ex_sort+0xb0/0xb0 [ 103.083099] ? check_preemption_disabled+0x35/0x240 [ 103.088122] get_perf_callchain+0x2df/0x740 [ 103.092438] ? put_callchain_buffers+0x60/0x60 [ 103.097016] ? __task_pid_nr_ns+0x1ea/0x440 [ 103.101337] perf_callchain+0x147/0x190 [ 103.105314] perf_prepare_sample+0x75b/0x1350 [ 103.109813] ? cmp_ex_sort+0xb0/0xb0 [ 103.113529] ? perf_output_sample+0x1720/0x1720 [ 103.118205] perf_event_output_forward+0xc9/0x1f0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.123061] ? perf_prepare_sample+0x1350/0x1350 [ 103.127852] ? __task_pid_nr_ns+0x1ea/0x440 [ 103.132301] ? check_preemption_disabled+0x35/0x240 [ 103.137321] __perf_event_overflow+0x113/0x310 [ 103.141905] perf_swevent_overflow+0x17b/0x210 [ 103.146491] ? lock_downgrade+0x6e0/0x6e0 [ 103.150647] perf_swevent_event+0x19c/0x270 [ 103.154978] perf_tp_event+0x611/0x7d0 [ 103.158869] ? perf_prepare_sample+0x1350/0x1350 [ 103.163717] ? perf_swevent_put_recursion_context+0xa0/0xa0 [ 103.169634] ? check_preemption_disabled+0x35/0x240 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.174652] ? lock_acquire+0x2b8/0x3f0 [ 103.178624] ? lock_downgrade+0x6e0/0x6e0 [ 103.182770] ? check_preemption_disabled+0x35/0x240 [ 103.187787] ? perf_swevent_put_recursion_context+0x1a/0xa0 [ 103.193498] ? perf_tp_event+0x4b2/0x7d0 [ 103.197558] ? perf_prepare_sample+0x1350/0x1350 [ 103.202317] ? perf_swevent_put_recursion_context+0xa0/0xa0 [ 103.208027] ? check_preemption_disabled+0x35/0x240 [ 103.213050] ? perf_trace_run_bpf_submit+0x113/0x170 [ 103.218161] ? check_preemption_disabled+0x35/0x240 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.223264] perf_trace_run_bpf_submit+0x113/0x170 [ 103.228195] perf_trace_lock_acquire+0x32c/0x4b0 [ 103.232961] ? HARDIRQ_verbose+0x10/0x10 [ 103.237024] ? retint_kernel+0x2d/0x2d [ 103.240912] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 103.245961] lock_acquire+0x2b8/0x3f0 [ 103.249793] ? event_function+0x14d/0x370 [ 103.253941] _raw_spin_lock+0x2a/0x40 [ 103.257743] ? event_function+0x14d/0x370 [ 103.261888] event_function+0x14d/0x370 [ 103.265861] ? check_preemption_disabled+0x35/0x240 [ 103.270873] ? unclone_ctx+0x130/0x130 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.274761] remote_function+0x10d/0x190 [ 103.278824] ? perf_duration_warn+0x30/0x30 [ 103.283145] generic_exec_single+0x21e/0x420 [ 103.287551] smp_call_function_single+0x16f/0x380 [ 103.292392] ? perf_duration_warn+0x30/0x30 [ 103.296719] ? generic_exec_single+0x420/0x420 [ 103.301301] ? lock_acquire+0x170/0x3f0 [ 103.305277] ? perf_event_ctx_lock_nested+0x14d/0x2c0 [ 103.310464] ? unclone_ctx+0x130/0x130 [ 103.314352] task_function_call+0xb2/0x110 [ 103.318613] ? perf_event_addr_filters_exec+0x2b0/0x2b0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.323979] ? unclone_ctx+0x130/0x130 [ 103.327866] event_function_call+0x1e8/0x3c0 [ 103.332274] ? event_sched_out.isra.0+0xf50/0xf50 [ 103.337121] ? task_function_call+0x110/0x110 [ 103.341618] ? event_sched_out.isra.0+0xf50/0xf50 [ 103.346458] ? lock_acquire+0x170/0x3f0 [ 103.350431] ? lock_downgrade+0x6e0/0x6e0 [ 103.354586] perf_remove_from_context+0x89/0x170 [ 103.359346] perf_event_release_kernel+0xd8/0x870 [ 103.364218] ? fcntl_setlk+0xb30/0xb30 [ 103.368105] ? perf_event_release_kernel+0x870/0x870 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.373206] perf_release+0x33/0x40 [ 103.376829] __fput+0x25f/0x7a0 [ 103.380111] task_work_run+0x113/0x190 [ 103.383998] exit_to_usermode_loop+0x1ad/0x200 [ 103.388581] do_syscall_64+0x4a3/0x640 [ 103.392474] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 103.397660] RIP: 0033:0x4011f0 [ 103.400846] RSP: 002b:00007ffdabe195c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 103.408551] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004011f0 [ 103.415817] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000003 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.423082] RBP: 00000000000191d7 R08: 0000000000000000 R09: 0000000100000000 [ 103.430347] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000402270 [ 103.437640] R13: 0000000000402300 R14: 0000000000000000 R15: 0000000000000000 [ 103.444907] [ 103.446526] The buggy address belongs to the page: [ 103.451452] page:ffffea000254abc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 103.459675] flags: 0xfffe0000000000() [ 103.463473] raw: 00fffe0000000000 0000000000000000 0000000000000000 00000000ffffffff executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.471347] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 103.479225] page dumped because: kasan: bad access detected [ 103.485125] [ 103.486743] Memory state around the buggy address: [ 103.491924] ffff8880952af880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 103.499278] ffff8880952af900: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 [ 103.506634] >ffff8880952af980: f1 04 f2 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 [ 103.513985] ^ [ 103.518392] ffff8880952afa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.525747] ffff8880952afa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 103.533096] ================================================================== [ 103.540472] Disabling lock debugging due to kernel taint [ 103.545913] Kernel panic - not syncing: panic_on_warn set ... [ 103.545913] [ 103.553273] CPU: 1 PID: 7186 Comm: syz-executor597 Tainted: G B 4.14.183-syzkaller #0 [ 103.562364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.571722] Call Trace: executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.574308] dump_stack+0x1b2/0x283 [ 103.577933] panic+0x1f9/0x42d [ 103.581124] ? add_taint.cold+0x16/0x16 [ 103.585106] ? lock_downgrade+0x6e0/0x6e0 [ 103.589255] ? unwind_next_frame+0x131a/0x1700 [ 103.593838] kasan_end_report+0x43/0x49 [ 103.597816] kasan_report.cold+0x12f/0x2b9 [ 103.602055] unwind_next_frame+0x131a/0x1700 [ 103.606467] ? retint_kernel+0x2d/0x2d [ 103.610359] ? deref_stack_reg+0xc0/0xc0 [ 103.614426] ? no_context+0x9c/0x7c0 [ 103.618140] ? check_preemption_disabled+0x35/0x240 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.623158] ? retint_kernel+0x2d/0x2d [ 103.627185] perf_callchain_kernel+0x38c/0x520 [ 103.631769] ? arch_perf_update_userpage+0x300/0x300 [ 103.636876] ? __do_page_fault+0x19a/0xb50 [ 103.641118] ? cmp_ex_sort+0xb0/0xb0 [ 103.644835] ? check_preemption_disabled+0x35/0x240 [ 103.649848] get_perf_callchain+0x2df/0x740 [ 103.654169] ? put_callchain_buffers+0x60/0x60 [ 103.658755] ? __task_pid_nr_ns+0x1ea/0x440 [ 103.663093] perf_callchain+0x147/0x190 [ 103.667070] perf_prepare_sample+0x75b/0x1350 [ 103.671570] ? cmp_ex_sort+0xb0/0xb0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.675286] ? perf_output_sample+0x1720/0x1720 [ 103.679960] perf_event_output_forward+0xc9/0x1f0 [ 103.684808] ? perf_prepare_sample+0x1350/0x1350 [ 103.689565] ? __task_pid_nr_ns+0x1ea/0x440 [ 103.693888] ? check_preemption_disabled+0x35/0x240 [ 103.698907] __perf_event_overflow+0x113/0x310 [ 103.703492] perf_swevent_overflow+0x17b/0x210 [ 103.708076] ? lock_downgrade+0x6e0/0x6e0 [ 103.712225] perf_swevent_event+0x19c/0x270 [ 103.716557] perf_tp_event+0x611/0x7d0 [ 103.720545] ? perf_prepare_sample+0x1350/0x1350 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.725308] ? perf_swevent_put_recursion_context+0xa0/0xa0 [ 103.731388] ? check_preemption_disabled+0x35/0x240 [ 103.736409] ? lock_acquire+0x2b8/0x3f0 [ 103.740577] ? lock_downgrade+0x6e0/0x6e0 [ 103.744730] ? check_preemption_disabled+0x35/0x240 [ 103.749756] ? perf_swevent_put_recursion_context+0x1a/0xa0 [ 103.755475] ? perf_tp_event+0x4b2/0x7d0 [ 103.759578] ? perf_prepare_sample+0x1350/0x1350 [ 103.764337] ? perf_swevent_put_recursion_context+0xa0/0xa0 [ 103.770058] ? check_preemption_disabled+0x35/0x240 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.775082] ? perf_trace_run_bpf_submit+0x113/0x170 [ 103.780186] ? check_preemption_disabled+0x35/0x240 [ 103.785204] perf_trace_run_bpf_submit+0x113/0x170 [ 103.790136] perf_trace_lock_acquire+0x32c/0x4b0 [ 103.794905] ? HARDIRQ_verbose+0x10/0x10 [ 103.798973] ? retint_kernel+0x2d/0x2d [ 103.808507] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 103.813526] lock_acquire+0x2b8/0x3f0 [ 103.817340] ? event_function+0x14d/0x370 [ 103.821488] _raw_spin_lock+0x2a/0x40 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.825296] ? event_function+0x14d/0x370 [ 103.829446] event_function+0x14d/0x370 [ 103.833423] ? check_preemption_disabled+0x35/0x240 [ 103.838441] ? unclone_ctx+0x130/0x130 [ 103.842330] remote_function+0x10d/0x190 [ 103.846392] ? perf_duration_warn+0x30/0x30 [ 103.850711] generic_exec_single+0x21e/0x420 [ 103.855247] smp_call_function_single+0x16f/0x380 [ 103.860089] ? perf_duration_warn+0x30/0x30 [ 103.864414] ? generic_exec_single+0x420/0x420 [ 103.869003] ? lock_acquire+0x170/0x3f0 [ 103.872978] ? perf_event_ctx_lock_nested+0x14d/0x2c0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.878170] ? unclone_ctx+0x130/0x130 [ 103.882062] task_function_call+0xb2/0x110 [ 103.886564] ? perf_event_addr_filters_exec+0x2b0/0x2b0 [ 103.891926] ? unclone_ctx+0x130/0x130 [ 103.895814] event_function_call+0x1e8/0x3c0 [ 103.900228] ? event_sched_out.isra.0+0xf50/0xf50 [ 103.905071] ? task_function_call+0x110/0x110 [ 103.909574] ? event_sched_out.isra.0+0xf50/0xf50 [ 103.914427] ? lock_acquire+0x170/0x3f0 [ 103.918400] ? lock_downgrade+0x6e0/0x6e0 [ 103.922555] perf_remove_from_context+0x89/0x170 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.927348] perf_event_release_kernel+0xd8/0x870 [ 103.932191] ? fcntl_setlk+0xb30/0xb30 [ 103.936083] ? perf_event_release_kernel+0x870/0x870 [ 103.941188] perf_release+0x33/0x40 [ 103.944811] __fput+0x25f/0x7a0 [ 103.948096] task_work_run+0x113/0x190 [ 103.951985] exit_to_usermode_loop+0x1ad/0x200 [ 103.956576] do_syscall_64+0x4a3/0x640 [ 103.960471] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 103.965666] RIP: 0033:0x4011f0 [ 103.968857] RSP: 002b:00007ffdabe195c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 103.976562] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004011f0 [ 103.983841] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 103.991136] RBP: 00000000000191d7 R08: 0000000000000000 R09: 0000000100000000 [ 103.998402] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000402270 [ 104.005669] R13: 0000000000402300 R14: 0000000000000000 R15: 0000000000000000 [ 104.014557] Kernel Offset: disabled [ 104.018175] Rebooting in 86400 seconds..