Warning: Permanently added '10.128.1.13' (ECDSA) to the list of known hosts. 2020/07/07 00:39:01 fuzzer started 2020/07/07 00:39:01 dialing manager at 10.128.0.26:45977 2020/07/07 00:39:01 syscalls: 3123 2020/07/07 00:39:01 code coverage: enabled 2020/07/07 00:39:01 comparison tracing: enabled 2020/07/07 00:39:01 extra coverage: enabled 2020/07/07 00:39:01 setuid sandbox: enabled 2020/07/07 00:39:01 namespace sandbox: enabled 2020/07/07 00:39:01 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/07 00:39:01 fault injection: enabled 2020/07/07 00:39:01 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/07 00:39:01 net packet injection: enabled 2020/07/07 00:39:01 net device setup: enabled 2020/07/07 00:39:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/07 00:39:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/07 00:39:01 USB emulation: enabled syzkaller login: [ 114.695349][ C0] ================================================================== [ 114.703578][ C0] BUG: KASAN: stack-out-of-bounds in csd_lock_record+0xd2/0xe0 [ 114.711191][ C0] Read of size 8 at addr ffffc90001647918 by task syz-fuzzer/6795 [ 114.718968][ C0] [ 114.721298][ C0] CPU: 0 PID: 6795 Comm: syz-fuzzer Not tainted 5.8.0-rc3-next-20200703-syzkaller #0 [ 114.730729][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.740764][ C0] Call Trace: [ 114.744044][ C0] dump_stack+0x18f/0x20d [ 114.748359][ C0] ? csd_lock_record+0xd2/0xe0 [ 114.753105][ C0] ? csd_lock_record+0xd2/0xe0 [ 114.757859][ C0] print_address_description.constprop.0.cold+0x5/0x436 [ 114.764778][ C0] ? lock_is_held_type+0xb0/0xe0 [ 114.769696][ C0] ? lockdep_hardirqs_off+0x66/0xa0 [ 114.774878][ C0] ? vprintk_func+0x97/0x1a6 [ 114.779454][ C0] ? csd_lock_record+0xd2/0xe0 [ 114.784200][ C0] kasan_report.cold+0x1f/0x37 [ 114.788948][ C0] ? csd_lock_record+0xd2/0xe0 [ 114.793698][ C0] csd_lock_record+0xd2/0xe0 [ 114.798272][ C0] flush_smp_call_function_queue+0x285/0x730 [ 114.804236][ C0] ? flush_tlb_func_common.constprop.0+0x420/0x420 [ 114.810723][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 114.816775][ C0] __sysvec_call_function_single+0x98/0x490 [ 114.822652][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 114.828698][ C0] sysvec_call_function_single+0x4f/0x120 [ 114.834405][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 114.840456][ C0] asm_sysvec_call_function_single+0x12/0x20 [ 114.846421][ C0] RIP: 0033:0x42055c [ 114.850292][ C0] Code: Bad RIP value. [ 114.854337][ C0] RSP: 002b:000000c0000dbea8 EFLAGS: 00000246 [ 114.860393][ C0] RAX: 0000000000203001 RBX: 00007f61bf983304 RCX: 000000c000066480 [ 114.868345][ C0] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 00007f61bf8e5790 [ 114.876300][ C0] RBP: 000000c0000dbf28 R08: 00007f61bfb1cfff R09: 000000c004cc6080 [ 114.884251][ C0] R10: 00000000000000f0 R11: 00000000000000ef R12: 0000000000000074 [ 114.892205][ C0] R13: 0000000000002000 R14: 0000000000000002 R15: 0000000000000002 [ 114.900168][ C0] [ 114.902475][ C0] [ 114.904782][ C0] Memory state around the buggy address: [ 114.910395][ C0] ffffc90001647800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.918438][ C0] ffffc90001647880: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 114.926480][ C0] >ffffc90001647900: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00 [ 114.934517][ C0] ^ [ 114.939607][ C0] ffffc90001647980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.947648][ C0] ffffc90001647a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 114.955686][ C0] ================================================================== [ 114.963723][ C0] Disabling lock debugging due to kernel taint [ 114.969852][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 114.976418][ C0] CPU: 0 PID: 6795 Comm: syz-fuzzer Tainted: G B 5.8.0-rc3-next-20200703-syzkaller #0 [ 114.987233][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 114.997264][ C0] Call Trace: [ 115.000538][ C0] dump_stack+0x18f/0x20d [ 115.004851][ C0] ? csd_lock_record+0x30/0xe0 [ 115.009595][ C0] panic+0x2e3/0x75c [ 115.013470][ C0] ? __warn_printk+0xf3/0xf3 [ 115.018042][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0xe0 [ 115.023829][ C0] ? csd_lock_record+0xd2/0xe0 [ 115.028569][ C0] ? csd_lock_record+0xd2/0xe0 [ 115.033309][ C0] end_report+0x4d/0x53 [ 115.037455][ C0] kasan_report.cold+0xd/0x37 [ 115.042110][ C0] ? csd_lock_record+0xd2/0xe0 [ 115.046852][ C0] csd_lock_record+0xd2/0xe0 [ 115.051420][ C0] flush_smp_call_function_queue+0x285/0x730 [ 115.057380][ C0] ? flush_tlb_func_common.constprop.0+0x420/0x420 [ 115.063861][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 115.069910][ C0] __sysvec_call_function_single+0x98/0x490 [ 115.075782][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 115.081828][ C0] sysvec_call_function_single+0x4f/0x120 [ 115.087526][ C0] ? asm_sysvec_call_function_single+0xa/0x20 [ 115.093570][ C0] asm_sysvec_call_function_single+0x12/0x20 [ 115.099526][ C0] RIP: 0033:0x42055c [ 115.103492][ C0] Code: Bad RIP value. [ 115.107537][ C0] RSP: 002b:000000c0000dbea8 EFLAGS: 00000246 [ 115.113580][ C0] RAX: 0000000000203001 RBX: 00007f61bf983304 RCX: 000000c000066480 [ 115.121529][ C0] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 00007f61bf8e5790 [ 115.129607][ C0] RBP: 000000c0000dbf28 R08: 00007f61bfb1cfff R09: 000000c004cc6080 [ 115.137562][ C0] R10: 00000000000000f0 R11: 00000000000000ef R12: 0000000000000074 [ 115.145519][ C0] R13: 0000000000002000 R14: 0000000000000002 R15: 0000000000000002 [ 115.154845][ C0] Kernel Offset: disabled [ 115.159158][ C0] Rebooting in 86400 seconds..