Warning: Permanently added '10.128.1.14' (ECDSA) to the list of known hosts. [ 37.211268] IPVS: ftp: loaded support on port[0] = 21 executing program [ 37.516068] audit: type=1800 audit(1674780623.111:2): pid=8128 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor193" name="/" dev="fuse" ino=1 res=0 [ 37.727314] ================================================================== [ 37.734870] BUG: KASAN: stack-out-of-bounds in iov_iter_revert+0x90c/0x9a0 [ 37.741869] Read of size 8 at addr ffff8880b168fd10 by task syz-executor193/8127 [ 37.749381] [ 37.751012] CPU: 0 PID: 8127 Comm: syz-executor193 Not tainted 4.19.211-syzkaller #0 [ 37.758872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 37.768205] Call Trace: [ 37.770794] dump_stack+0x1fc/0x2ef [ 37.774406] print_address_description.cold+0x54/0x219 [ 37.779663] kasan_report_error.cold+0x8a/0x1b9 [ 37.784314] ? iov_iter_revert+0x90c/0x9a0 [ 37.788530] __asan_report_load8_noabort+0x88/0x90 [ 37.793442] ? iov_iter_revert+0x90c/0x9a0 [ 37.797660] iov_iter_revert+0x90c/0x9a0 [ 37.801703] ? filemap_check_errors+0xb5/0xd0 [ 37.806180] generic_file_read_iter+0x16fb/0x2b60 [ 37.811008] ? do_futex+0x171/0x1880 [ 37.814712] fuse_file_read_iter+0x198/0x240 [ 37.819215] __vfs_read+0x518/0x750 [ 37.822858] ? __se_sys_copy_file_range+0x410/0x410 [ 37.827872] ? security_file_permission+0x1c0/0x220 [ 37.832877] vfs_read+0x194/0x3c0 [ 37.836315] ksys_read+0x12b/0x2a0 [ 37.839837] ? kernel_write+0x110/0x110 [ 37.843793] ? trace_hardirqs_off_caller+0x6e/0x210 [ 37.848804] ? do_syscall_64+0x21/0x620 [ 37.852773] do_syscall_64+0xf9/0x620 [ 37.856570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 37.861747] RIP: 0033:0x7f5f87eab169 [ 37.865441] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 37.884327] RSP: 002b:00007f5f87e1a2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 37.892016] RAX: ffffffffffffffda RBX: 00007f5f87f3c4e0 RCX: 00007f5f87eab169 [ 37.899269] RDX: 000000007ffff000 RSI: 0000000020016400 RDI: 0000000000000005 [ 37.906518] RBP: 00007f5f87f090e4 R08: 0000000000000000 R09: 0000000000000000 [ 37.913768] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 37.921016] R13: 00007f5f87f050d8 R14: 00007f5f87f070e0 R15: 00007f5f87f3c4e8 [ 37.928691] [ 37.930295] The buggy address belongs to the page: [ 37.935209] page:ffffea0002c5a3c0 count:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 37.943326] flags: 0xfff00000000000() [ 37.947136] raw: 00fff00000000000 0000000000000000 ffffffff02c50101 0000000000000000 [ 37.955185] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 37.963051] page dumped because: kasan: bad access detected [ 37.968752] [ 37.970383] Memory state around the buggy address: [ 37.975300] ffff8880b168fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 37.982652] ffff8880b168fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 37.989999] >ffff8880b168fd00: f1 f1 f1 00 00 f2 f2 00 00 00 00 00 f2 f2 f2 f2 [ 37.997340] ^ [ 38.001218] ffff8880b168fd80: f2 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 [ 38.008573] ffff8880b168fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.016175] ================================================================== [ 38.023509] Disabling lock debugging due to kernel taint [ 38.031565] Kernel panic - not syncing: panic_on_warn set ... [ 38.031565] [ 38.038957] CPU: 0 PID: 8127 Comm: syz-executor193 Tainted: G B 4.19.211-syzkaller #0 [ 38.048236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 38.057583] Call Trace: [ 38.060169] dump_stack+0x1fc/0x2ef [ 38.063782] panic+0x26a/0x50e [ 38.066953] ? __warn_printk+0xf3/0xf3 [ 38.070819] ? preempt_schedule_common+0x45/0xc0 [ 38.075552] ? ___preempt_schedule+0x16/0x18 [ 38.079940] ? trace_hardirqs_on+0x55/0x210 [ 38.084250] kasan_end_report+0x43/0x49 [ 38.088204] kasan_report_error.cold+0xa7/0x1b9 [ 38.092849] ? iov_iter_revert+0x90c/0x9a0 [ 38.097080] __asan_report_load8_noabort+0x88/0x90 [ 38.101987] ? iov_iter_revert+0x90c/0x9a0 [ 38.106215] iov_iter_revert+0x90c/0x9a0 [ 38.110264] ? filemap_check_errors+0xb5/0xd0 [ 38.114743] generic_file_read_iter+0x16fb/0x2b60 [ 38.119581] ? do_futex+0x171/0x1880 [ 38.123280] fuse_file_read_iter+0x198/0x240 [ 38.127697] __vfs_read+0x518/0x750 [ 38.131306] ? __se_sys_copy_file_range+0x410/0x410 [ 38.136309] ? security_file_permission+0x1c0/0x220 [ 38.141306] vfs_read+0x194/0x3c0 [ 38.144740] ksys_read+0x12b/0x2a0 [ 38.148261] ? kernel_write+0x110/0x110 [ 38.152216] ? trace_hardirqs_off_caller+0x6e/0x210 [ 38.157212] ? do_syscall_64+0x21/0x620 [ 38.161168] do_syscall_64+0xf9/0x620 [ 38.164963] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 38.170140] RIP: 0033:0x7f5f87eab169 [ 38.173854] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 38.192732] RSP: 002b:00007f5f87e1a2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 38.200418] RAX: ffffffffffffffda RBX: 00007f5f87f3c4e0 RCX: 00007f5f87eab169 [ 38.207665] RDX: 000000007ffff000 RSI: 0000000020016400 RDI: 0000000000000005 [ 38.214912] RBP: 00007f5f87f090e4 R08: 0000000000000000 R09: 0000000000000000 [ 38.222159] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 38.229419] R13: 00007f5f87f050d8 R14: 00007f5f87f070e0 R15: 00007f5f87f3c4e8 [ 38.236842] Kernel Offset: disabled [ 38.240453] Rebooting in 86400 seconds..