Warning: Permanently added '10.128.10.16' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 57.345996] ================================================================== [ 57.348299] BUG: KASAN: stack-out-of-bounds in unwind_get_return_address+0x96/0xa0 [ 57.349654] Read of size 8 at addr ffff8801ce32fa68 by task syz-executor602/2411 [ 57.350742] [ 57.351077] CPU: 1 PID: 2411 Comm: syz-executor602 Not tainted 4.9.153+ #18 [ 57.352026] ffff8801cda177e8 ffffffff81b47491 0000000000000000 ffffea000738cbc0 [ 57.353387] ffff8801ce32fa68 0000000000000008 ffffffff810ab576 ffff8801cda17820 [ 57.355668] ffffffff81502615 0000000000000000 ffff8801ce32fa68 ffff8801ce32fa68 [ 57.357199] Call Trace: [ 57.358022] [] dump_stack+0xc1/0x120 [ 57.358773] [] ? unwind_get_return_address+0x96/0xa0 [ 57.361558] [] print_address_description+0x6f/0x238 [ 57.362855] [] ? unwind_get_return_address+0x96/0xa0 [ 57.363785] [] kasan_report.cold+0x8c/0x2ba [ 57.365451] [] __asan_report_load8_noabort+0x14/0x20 [ 57.370807] [] unwind_get_return_address+0x96/0xa0 [ 57.378992] [] __save_stack_trace+0x8a/0xf0 [ 57.385493] [] save_stack_trace_tsk+0x42/0x60 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.393003] [] proc_pid_stack+0x1a2/0x290 [ 57.398785] [] ? check_preemption_disabled+0x3c/0x200 [ 57.406032] [] ? lock_trace+0xc0/0xc0 [ 57.411759] [] ? check_preemption_disabled+0x3c/0x200 [ 57.419334] [] ? get_pid_task+0x9e/0x150 [ 57.425261] [] proc_single_show+0xf6/0x160 [ 57.431129] [] seq_read+0x4cd/0x1250 [ 57.436974] [] ? seq_lseek+0x3c0/0x3c0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.443949] [] ? __fsnotify_inode_delete+0x30/0x30 [ 57.450875] [] do_loop_readv_writev.part.0+0xcc/0x2c0 [ 57.458657] [] do_readv_writev+0x556/0x7a0 [ 57.465463] [] ? vfs_write+0x520/0x520 [ 57.472087] [] ? check_preemption_disabled+0x3c/0x200 [ 57.479575] [] ? check_preemption_disabled+0x3c/0x200 [ 57.487168] [] ? check_preemption_disabled+0x3c/0x200 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.494101] [] ? __fget+0x208/0x370 [ 57.499405] [] ? __fget+0x22f/0x370 [ 57.505303] [] ? __fget+0x47/0x370 [ 57.511283] [] vfs_readv+0x86/0xc0 [ 57.516694] [] do_preadv+0x19b/0x240 [ 57.522576] [] ? do_readv+0x260/0x260 [ 57.528246] [] ? _raw_spin_unlock_irq+0x28/0x60 [ 57.535156] [] ? SyS_writev+0x30/0x30 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.542111] [] SyS_preadv+0x31/0x40 [ 57.548527] [] do_syscall_64+0x1ad/0x570 [ 57.554225] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 57.563590] [ 57.566662] The buggy address belongs to the page: [ 57.572116] page:ffffea000738cbc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 57.580792] flags: 0x4000000000000000() [ 57.584812] page dumped because: kasan: bad access detected [ 57.592177] executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.593786] Memory state around the buggy address: [ 57.598693] ffff8801ce32f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.606917] ffff8801ce32f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.614468] >ffff8801ce32fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.622644] ^ [ 57.629372] ffff8801ce32fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 57.636706] ffff8801ce32fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.644040] ================================================================== [ 57.652107] Disabling lock debugging due to kernel taint [ 57.662538] Kernel panic - not syncing: panic_on_warn set ... [ 57.662538] [ 57.670286] CPU: 1 PID: 2411 Comm: syz-executor602 Tainted: G B 4.9.153+ #18 [ 57.679161] ffff8801cda17728 ffffffff81b47491 ffff8801cda17800 ffffffff82e4391a [ 57.688776] 00000000ffffffff 0000000000000001 ffffffff810ab576 ffff8801cda17808 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.696772] ffffffff813f725a 0000000041b58ab3 ffffffff82e35a42 ffffffff813f7081 [ 57.704773] Call Trace: [ 57.707340] [] dump_stack+0xc1/0x120 [ 57.712685] [] ? unwind_get_return_address+0x96/0xa0 [ 57.719415] [] panic+0x1d9/0x3bd [ 57.724407] [] ? add_taint.cold+0x16/0x16 [ 57.730304] [] ? preempt_schedule_common+0x4f/0xe0 [ 57.736872] [] ? unwind_get_return_address+0x96/0xa0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.743609] [] ? preempt_schedule+0x26/0x30 [ 57.749556] [] ? ___preempt_schedule+0x16/0x18 [ 57.755763] [] kasan_end_report+0x47/0x4f [ 57.761667] [] kasan_report.cold+0xa9/0x2ba [ 57.769577] [] __asan_report_load8_noabort+0x14/0x20 [ 57.776766] [] unwind_get_return_address+0x96/0xa0 [ 57.783328] [] __save_stack_trace+0x8a/0xf0 [ 57.789277] [] save_stack_trace_tsk+0x42/0x60 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.795402] [] proc_pid_stack+0x1a2/0x290 [ 57.801177] [] ? check_preemption_disabled+0x3c/0x200 [ 57.807994] [] ? lock_trace+0xc0/0xc0 [ 57.813421] [] ? check_preemption_disabled+0x3c/0x200 [ 57.820237] [] ? get_pid_task+0x9e/0x150 [ 57.825921] [] proc_single_show+0xf6/0x160 [ 57.831778] [] seq_read+0x4cd/0x1250 [ 57.837117] [] ? seq_lseek+0x3c0/0x3c0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.842629] [] ? __fsnotify_inode_delete+0x30/0x30 [ 57.849185] [] do_loop_readv_writev.part.0+0xcc/0x2c0 [ 57.855999] [] do_readv_writev+0x556/0x7a0 [ 57.862119] [] ? vfs_write+0x520/0x520 [ 57.867867] [] ? check_preemption_disabled+0x3c/0x200 [ 57.874691] [] ? check_preemption_disabled+0x3c/0x200 [ 57.881520] [] ? check_preemption_disabled+0x3c/0x200 [ 57.888338] [] ? __fget+0x208/0x370 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 57.893601] [] ? __fget+0x22f/0x370 [ 57.898859] [] ? __fget+0x47/0x370 [ 57.904040] [] vfs_readv+0x86/0xc0 [ 57.909214] [] do_preadv+0x19b/0x240 [ 57.914556] [] ? do_readv+0x260/0x260 [ 57.919986] [] ? _raw_spin_unlock_irq+0x28/0x60 [ 57.926406] [] ? SyS_writev+0x30/0x30 [ 57.931840] [] SyS_preadv+0x31/0x40 [ 57.937102] [] do_syscall_64+0x1ad/0x570 [ 57.942793] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 57.950069] Kernel Offset: disabled [ 57.953684] Rebooting in 86400 seconds..