Warning: Permanently added '10.128.1.21' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 81.299780][ T9129] ================================================================== [ 81.307906][ T9129] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x3ba2/0x5490 [ 81.315834][ T9129] Read of size 8 at addr ffff88821665c6c0 by task syz-executor170/9129 [ 81.324543][ T9129] [ 81.326880][ T9129] CPU: 0 PID: 9129 Comm: syz-executor170 Not tainted 5.2.0-rc1+ #1 [ 81.334763][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.345851][ T9129] Call Trace: [ 81.349334][ T9129] dump_stack+0x172/0x1f0 [ 81.353711][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 81.358876][ T9129] print_address_description.cold+0x7c/0x20d [ 81.365189][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 81.370667][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 81.376684][ T9129] __kasan_report.cold+0x1b/0x40 [ 81.381666][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 81.386825][ T9129] kasan_report+0x12/0x20 [ 81.391196][ T9129] __asan_report_load8_noabort+0x14/0x20 [ 81.397102][ T9129] __lock_acquire+0x3ba2/0x5490 [ 81.402080][ T9129] ? sock_diag_rcv+0x2b/0x40 [ 81.406782][ T9129] ? netlink_unicast+0x531/0x710 [ 81.411724][ T9129] ? netlink_sendmsg+0x8ae/0xd70 [ 81.416728][ T9129] ? sock_sendmsg+0xd7/0x130 [ 81.421316][ T9129] ? ___sys_sendmsg+0x803/0x920 [ 81.426163][ T9129] ? __sys_sendmsg+0x105/0x1d0 [ 81.430924][ T9129] ? __x64_sys_sendmsg+0x78/0xb0 [ 81.436454][ T9129] ? do_syscall_64+0xfd/0x680 [ 81.441495][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.447790][ T9129] ? mark_held_locks+0xf0/0xf0 [ 81.452605][ T9129] ? cache_grow_end+0xa4/0x190 [ 81.457440][ T9129] ? kasan_check_write+0x14/0x20 [ 81.464192][ T9129] ? lock_downgrade+0x880/0x880 [ 81.469570][ T9129] lock_acquire+0x16f/0x3f0 [ 81.474177][ T9129] ? rhashtable_walk_enter+0xf9/0x390 [ 81.479556][ T9129] _raw_spin_lock+0x2f/0x40 [ 81.484057][ T9129] ? rhashtable_walk_enter+0xf9/0x390 [ 81.489862][ T9129] rhashtable_walk_enter+0xf9/0x390 [ 81.495121][ T9129] __tipc_dump_start+0x1fa/0x3c0 [ 81.500851][ T9129] tipc_dump_start+0x70/0x90 [ 81.506514][ T9129] __netlink_dump_start+0x4f8/0x7d0 [ 81.511838][ T9129] ? __tipc_dump_start+0x3c0/0x3c0 [ 81.517675][ T9129] tipc_sock_diag_handler_dump+0x1d9/0x270 [ 81.525453][ T9129] ? __tipc_diag_gen_cookie+0x90/0x90 [ 81.531161][ T9129] ? sock_diag_rcv+0x1c/0x40 [ 81.536150][ T9129] ? __tipc_dump_start+0x3c0/0x3c0 [ 81.541262][ T9129] ? tipc_unregister_sysctl+0x20/0x20 [ 81.546802][ T9129] ? tipc_ioctl+0x2e0/0x2e0 [ 81.551306][ T9129] sock_diag_rcv_msg+0x319/0x410 [ 81.556291][ T9129] netlink_rcv_skb+0x177/0x450 [ 81.561210][ T9129] ? sock_diag_bind+0x80/0x80 [ 81.566572][ T9129] ? netlink_ack+0xb50/0xb50 [ 81.571230][ T9129] ? kasan_check_read+0x11/0x20 [ 81.576739][ T9129] ? netlink_deliver_tap+0x254/0xbf0 [ 81.582264][ T9129] sock_diag_rcv+0x2b/0x40 [ 81.586899][ T9129] netlink_unicast+0x531/0x710 [ 81.591753][ T9129] ? netlink_attachskb+0x770/0x770 [ 81.597002][ T9129] ? _copy_from_iter_full+0x25d/0x8c0 [ 81.603121][ T9129] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 81.609276][ T9129] ? __check_object_size+0x3d/0x42f [ 81.614595][ T9129] netlink_sendmsg+0x8ae/0xd70 [ 81.619715][ T9129] ? netlink_unicast+0x710/0x710 [ 81.624889][ T9129] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 81.632370][ T9129] ? apparmor_socket_sendmsg+0x2a/0x30 [ 81.638844][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.649083][ T9129] ? security_socket_sendmsg+0x8d/0xc0 [ 81.654998][ T9129] ? netlink_unicast+0x710/0x710 [ 81.659961][ T9129] sock_sendmsg+0xd7/0x130 [ 81.665337][ T9129] ___sys_sendmsg+0x803/0x920 [ 81.670506][ T9129] ? copy_msghdr_from_user+0x430/0x430 [ 81.676774][ T9129] ? prep_transhuge_page+0xa0/0xa0 [ 81.682413][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.689230][ T9129] ? __handle_mm_fault+0x7cb/0x3eb0 [ 81.694519][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.701222][ T9129] ? __fget_light+0x1a9/0x230 [ 81.706198][ T9129] ? __fdget+0x1b/0x20 [ 81.710612][ T9129] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 81.717156][ T9129] __sys_sendmsg+0x105/0x1d0 [ 81.722054][ T9129] ? __ia32_sys_shutdown+0x80/0x80 [ 81.727405][ T9129] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 81.733322][ T9129] ? do_syscall_64+0x26/0x680 [ 81.738280][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.744359][ T9129] ? do_syscall_64+0x26/0x680 [ 81.750386][ T9129] __x64_sys_sendmsg+0x78/0xb0 [ 81.755781][ T9129] do_syscall_64+0xfd/0x680 [ 81.761246][ T9129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.767840][ T9129] RIP: 0033:0x440209 [ 81.772454][ T9129] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.793505][ T9129] RSP: 002b:00007ffc970ee8d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.803107][ T9129] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440209 [ 81.814910][ T9129] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 81.823815][ T9129] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 81.832254][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a90 [ 81.841273][ T9129] R13: 0000000000401b20 R14: 0000000000000000 R15: 0000000000000000 [ 81.849511][ T9129] [ 81.851828][ T9129] Allocated by task 1: [ 81.855890][ T9129] save_stack+0x23/0x90 [ 81.860121][ T9129] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 81.865922][ T9129] kasan_slab_alloc+0xf/0x20 [ 81.870504][ T9129] kmem_cache_alloc+0x11a/0x6f0 [ 81.875798][ T9129] __kernfs_new_node+0xf0/0x6c0 [ 81.881121][ T9129] kernfs_new_node+0x96/0x120 [ 81.885999][ T9129] __kernfs_create_file+0x51/0x340 [ 81.891529][ T9129] sysfs_add_file_mode_ns+0x222/0x560 [ 81.897431][ T9129] internal_create_group+0x359/0xc40 [ 81.903654][ T9129] sysfs_create_groups+0x9b/0x141 [ 81.908778][ T9129] device_add+0x80f/0x17a0 [ 81.913427][ T9129] netdev_register_kobject+0x183/0x3b0 [ 81.919007][ T9129] register_netdevice+0x875/0xff0 [ 81.924128][ T9129] register_netdev+0x30/0x50 [ 81.928943][ T9129] nr_proto_init+0x274/0x65f [ 81.933691][ T9129] do_one_initcall+0x107/0x7ba [ 81.938793][ T9129] kernel_init_freeable+0x4d4/0x5c3 [ 81.944363][ T9129] kernel_init+0x12/0x1c5 [ 81.949124][ T9129] ret_from_fork+0x24/0x30 [ 81.953925][ T9129] [ 81.956636][ T9129] Freed by task 0: [ 81.960362][ T9129] (stack is not available) [ 81.964785][ T9129] [ 81.967103][ T9129] The buggy address belongs to the object at ffff88821665c620 [ 81.967103][ T9129] which belongs to the cache kernfs_node_cache of size 160 [ 81.981952][ T9129] The buggy address is located 0 bytes to the right of [ 81.981952][ T9129] 160-byte region [ffff88821665c620, ffff88821665c6c0) [ 81.999145][ T9129] The buggy address belongs to the page: [ 82.005244][ T9129] page:ffffea0008599700 refcount:1 mapcount:0 mapping:ffff88821bc48500 index:0xffff88821665cfee [ 82.016106][ T9129] flags: 0x6fffc0000000200(slab) [ 82.021175][ T9129] raw: 06fffc0000000200 ffffea0008599688 ffffea0008599748 ffff88821bc48500 [ 82.030338][ T9129] raw: ffff88821665cfee ffff88821665c000 0000000100000012 0000000000000000 [ 82.039055][ T9129] page dumped because: kasan: bad access detected [ 82.046204][ T9129] [ 82.048817][ T9129] Memory state around the buggy address: [ 82.055030][ T9129] ffff88821665c580: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 82.063133][ T9129] ffff88821665c600: fc fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.071677][ T9129] >ffff88821665c680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 82.081267][ T9129] ^ [ 82.088318][ T9129] ffff88821665c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.096727][ T9129] ffff88821665c780: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 [ 82.105701][ T9129] ================================================================== [ 82.114456][ T9129] Disabling lock debugging due to kernel taint [ 82.120954][ T9129] Kernel panic - not syncing: panic_on_warn set ... [ 82.128486][ T9129] CPU: 0 PID: 9129 Comm: syz-executor170 Tainted: G B 5.2.0-rc1+ #1 [ 82.138042][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.150229][ T9129] Call Trace: [ 82.153546][ T9129] dump_stack+0x172/0x1f0 [ 82.158660][ T9129] panic+0x2cb/0x744 [ 82.162546][ T9129] ? __warn_printk+0xf3/0xf3 [ 82.167243][ T9129] ? lock_downgrade+0x880/0x880 [ 82.172855][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 82.177989][ T9129] ? trace_hardirqs_off+0x62/0x220 [ 82.183250][ T9129] ? trace_hardirqs_off+0x59/0x220 [ 82.188863][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 82.194513][ T9129] end_report+0x47/0x4f [ 82.199098][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 82.204123][ T9129] __kasan_report.cold+0xe/0x40 [ 82.211268][ T9129] ? __lock_acquire+0x3ba2/0x5490 [ 82.216698][ T9129] kasan_report+0x12/0x20 [ 82.221827][ T9129] __asan_report_load8_noabort+0x14/0x20 [ 82.227639][ T9129] __lock_acquire+0x3ba2/0x5490 [ 82.232689][ T9129] ? sock_diag_rcv+0x2b/0x40 [ 82.237367][ T9129] ? netlink_unicast+0x531/0x710 [ 82.242731][ T9129] ? netlink_sendmsg+0x8ae/0xd70 [ 82.248164][ T9129] ? sock_sendmsg+0xd7/0x130 [ 82.253116][ T9129] ? ___sys_sendmsg+0x803/0x920 [ 82.258353][ T9129] ? __sys_sendmsg+0x105/0x1d0 [ 82.263355][ T9129] ? __x64_sys_sendmsg+0x78/0xb0 [ 82.268338][ T9129] ? do_syscall_64+0xfd/0x680 [ 82.273434][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.279601][ T9129] ? mark_held_locks+0xf0/0xf0 [ 82.285002][ T9129] ? cache_grow_end+0xa4/0x190 [ 82.289814][ T9129] ? kasan_check_write+0x14/0x20 [ 82.295141][ T9129] ? lock_downgrade+0x880/0x880 [ 82.300251][ T9129] lock_acquire+0x16f/0x3f0 [ 82.305918][ T9129] ? rhashtable_walk_enter+0xf9/0x390 [ 82.311529][ T9129] _raw_spin_lock+0x2f/0x40 [ 82.316442][ T9129] ? rhashtable_walk_enter+0xf9/0x390 [ 82.322759][ T9129] rhashtable_walk_enter+0xf9/0x390 [ 82.327974][ T9129] __tipc_dump_start+0x1fa/0x3c0 [ 82.333085][ T9129] tipc_dump_start+0x70/0x90 [ 82.338324][ T9129] __netlink_dump_start+0x4f8/0x7d0 [ 82.344126][ T9129] ? __tipc_dump_start+0x3c0/0x3c0 [ 82.350673][ T9129] tipc_sock_diag_handler_dump+0x1d9/0x270 [ 82.356742][ T9129] ? __tipc_diag_gen_cookie+0x90/0x90 [ 82.362336][ T9129] ? sock_diag_rcv+0x1c/0x40 [ 82.366925][ T9129] ? __tipc_dump_start+0x3c0/0x3c0 [ 82.372122][ T9129] ? tipc_unregister_sysctl+0x20/0x20 [ 82.377623][ T9129] ? tipc_ioctl+0x2e0/0x2e0 [ 82.382307][ T9129] sock_diag_rcv_msg+0x319/0x410 [ 82.387710][ T9129] netlink_rcv_skb+0x177/0x450 [ 82.393614][ T9129] ? sock_diag_bind+0x80/0x80 [ 82.398303][ T9129] ? netlink_ack+0xb50/0xb50 [ 82.403122][ T9129] ? kasan_check_read+0x11/0x20 [ 82.408787][ T9129] ? netlink_deliver_tap+0x254/0xbf0 [ 82.414792][ T9129] sock_diag_rcv+0x2b/0x40 [ 82.419618][ T9129] netlink_unicast+0x531/0x710 [ 82.424682][ T9129] ? netlink_attachskb+0x770/0x770 [ 82.430307][ T9129] ? _copy_from_iter_full+0x25d/0x8c0 [ 82.436504][ T9129] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 82.442443][ T9129] ? __check_object_size+0x3d/0x42f [ 82.447912][ T9129] netlink_sendmsg+0x8ae/0xd70 [ 82.452682][ T9129] ? netlink_unicast+0x710/0x710 [ 82.458146][ T9129] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 82.463991][ T9129] ? apparmor_socket_sendmsg+0x2a/0x30 [ 82.470976][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.477486][ T9129] ? security_socket_sendmsg+0x8d/0xc0 [ 82.483181][ T9129] ? netlink_unicast+0x710/0x710 [ 82.488276][ T9129] sock_sendmsg+0xd7/0x130 [ 82.493813][ T9129] ___sys_sendmsg+0x803/0x920 [ 82.498802][ T9129] ? copy_msghdr_from_user+0x430/0x430 [ 82.504574][ T9129] ? prep_transhuge_page+0xa0/0xa0 [ 82.510336][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.520914][ T9129] ? __handle_mm_fault+0x7cb/0x3eb0 [ 82.527813][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.534137][ T9129] ? __fget_light+0x1a9/0x230 [ 82.538821][ T9129] ? __fdget+0x1b/0x20 [ 82.543306][ T9129] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 82.549546][ T9129] __sys_sendmsg+0x105/0x1d0 [ 82.554308][ T9129] ? __ia32_sys_shutdown+0x80/0x80 [ 82.560558][ T9129] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.566239][ T9129] ? do_syscall_64+0x26/0x680 [ 82.571267][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.577643][ T9129] ? do_syscall_64+0x26/0x680 [ 82.582328][ T9129] __x64_sys_sendmsg+0x78/0xb0 [ 82.587189][ T9129] do_syscall_64+0xfd/0x680 [ 82.591933][ T9129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.598000][ T9129] RIP: 0033:0x440209 [ 82.601948][ T9129] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.623164][ T9129] RSP: 002b:00007ffc970ee8d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.631582][ T9129] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440209 [ 82.640204][ T9129] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 82.648445][ T9129] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 82.656798][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a90 [ 82.665733][ T9129] R13: 0000000000401b20 R14: 0000000000000000 R15: 0000000000000000 [ 82.675149][ T9129] Kernel Offset: disabled [ 82.689762][ T9129] Rebooting in 86400 seconds..