INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes Warning: Permanently added '10.128.10.9' (ECDSA) to the list of known hosts. 2018/04/23 19:29:40 parsed 1 programs 2018/04/23 19:29:40 executed programs: 0 [ 363.301239] IPVS: Creating netns size=2536 id=1 [ 364.055898] ================================================================== [ 364.063409] BUG: KASAN: out-of-bounds in __unwind_start+0x37c/0x3c0 [ 364.069816] Read of size 8 at addr ffff8801d3f7f818 by task syz-executor0/4232 [ 364.077146] [ 364.078751] CPU: 0 PID: 4232 Comm: syz-executor0 Not tainted 4.9.95-g142d4b5 #7 [ 364.086173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.095526] ffff8801d39d7130 ffffffff81eb0f89 ffffea00074fdfc0 ffff8801d3f7f818 [ 364.103505] 0000000000000000 ffff8801d3f7f820 ffff8801d39d7268 ffff8801d39d7168 [ 364.111494] ffffffff815653cb ffff8801d3f7f818 0000000000000008 0000000000000000 [ 364.119468] Call Trace: [ 364.122057] [] dump_stack+0xc1/0x128 [ 364.127407] [] print_address_description+0x6c/0x234 [ 364.134052] [] kasan_report.cold.6+0x242/0x2fe [ 364.140263] [] ? __unwind_start+0x37c/0x3c0 [ 364.146222] [] __asan_report_load8_noabort+0x14/0x20 [ 364.152949] [] __unwind_start+0x37c/0x3c0 [ 364.158739] [] ? ptrace_may_access+0x24/0x50 [ 364.164778] [] __save_stack_trace+0x59/0xf0 [ 364.170720] [] save_stack_trace_tsk+0x48/0x70 [ 364.176868] [] proc_pid_stack+0x148/0x220 [ 364.182665] [] ? lock_trace+0xc0/0xc0 [ 364.188086] [] proc_single_show+0xfd/0x170 [ 364.193954] [] seq_read+0x4b6/0x12e0 [ 364.199288] [] ? seq_dentry+0x290/0x290 [ 364.204910] [] ? __fsnotify_update_child_dentry_flags.part.1+0x300/0x300 [ 364.213368] [] ? fsnotify+0x1100/0x1100 [ 364.218963] [] do_loop_readv_writev.part.18+0xd5/0x280 [ 364.225870] [] do_readv_writev+0x565/0x7a0 [ 364.231724] [] ? vfs_write+0x530/0x530 [ 364.237232] [] ? kasan_unpoison_shadow+0x35/0x50 [ 364.243620] [] ? push_pipe+0x3f4/0x780 [ 364.249126] [] ? iov_iter_get_pages_alloc+0x2bb/0xf10 [ 364.255946] [] vfs_readv+0x84/0xc0 [ 364.261121] [] default_file_splice_read+0x44b/0x7e0 [ 364.267823] [] ? depot_save_stack+0x132/0x460 [ 364.273938] [] ? do_splice_direct+0x270/0x270 [ 364.280055] [] ? save_stack+0x43/0xd0 [ 364.285504] [] ? __kmalloc+0x11d/0x300 [ 364.291017] [] ? alloc_pipe_info+0x164/0x380 [ 364.297052] [] ? splice_direct_to_actor+0x62c/0x7e0 [ 364.303687] [] ? do_splice_direct+0x1a3/0x270 [ 364.309807] [] ? do_sendfile+0x4f0/0xc60 [ 364.315488] [] ? compat_SyS_sendfile+0xd1/0x160 [ 364.321779] [] ? do_fast_syscall_32+0x2f7/0x870 [ 364.328071] [] ? refill_pi_state_cache.part.8+0x200/0x200 [ 364.335251] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 364.342063] [] ? rw_verify_area+0xe5/0x2b0 [ 364.347917] [] ? do_splice_direct+0x270/0x270 [ 364.354032] [] do_splice_to+0x10c/0x170 [ 364.359625] [] splice_direct_to_actor+0x23f/0x7e0 [ 364.366087] [] ? pipe_to_sendpage+0x330/0x330 [ 364.372201] [] ? do_splice_to+0x170/0x170 [ 364.378000] [] ? security_file_permission+0x8f/0x1f0 [ 364.384746] [] ? rw_verify_area+0xe5/0x2b0 [ 364.390615] [] do_splice_direct+0x1a3/0x270 [ 364.396573] [] ? splice_direct_to_actor+0x7e0/0x7e0 [ 364.403208] [] ? rw_verify_area+0xe5/0x2b0 [ 364.409064] [] do_sendfile+0x4f0/0xc60 [ 364.414578] [] ? do_compat_pwritev64+0x180/0x180 [ 364.420974] [] ? __might_fault+0x114/0x1d0 [ 364.426831] [] compat_SyS_sendfile+0xd1/0x160 [ 364.432946] [] ? SyS_sendfile64+0x160/0x160 [ 364.439072] [] ? do_fast_syscall_32+0xcf/0x870 [ 364.445273] [] ? SyS_sendfile64+0x160/0x160 [ 364.451216] [] do_fast_syscall_32+0x2f7/0x870 [ 364.457330] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.463969] [] entry_SYSENTER_compat+0x90/0xa2 [ 364.470170] [ 364.471768] The buggy address belongs to the page: [ 364.476666] page:ffffea00074fdfc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 364.484893] flags: 0x8000000000000000() [ 364.488833] page dumped because: kasan: bad access detected [ 364.494511] [ 364.496109] Memory state around the buggy address: [ 364.501012] ffff8801d3f7f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 364.508340] ffff8801d3f7f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 364.515670] >ffff8801d3f7f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 364.522999] ^ [ 364.527374] ffff8801d3f7f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 364.534702] ffff8801d3f7f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 364.542039] ================================================================== [ 364.549367] Disabling lock debugging due to kernel taint [ 364.555100] Kernel panic - not syncing: panic_on_warn set ... [ 364.555100] [ 364.562437] CPU: 0 PID: 4232 Comm: syz-executor0 Tainted: G B 4.9.95-g142d4b5 #7 [ 364.571156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.580484] ffff8801d39d7090 ffffffff81eb0f89 ffffffff841c4735 00000000ffffffff [ 364.588465] 0000000000000000 0000000000000000 ffff8801d39d7268 ffff8801d39d7150 [ 364.596436] ffffffff8141f945 0000000041b58ab3 ffffffff841b7e38 ffffffff8141f786 [ 364.604411] Call Trace: [ 364.606969] [] dump_stack+0xc1/0x128 [ 364.612351] [] panic+0x1bf/0x3bc [ 364.617351] [] ? add_taint.cold.6+0x16/0x16 [ 364.623290] [] ? ___preempt_schedule+0x16/0x18 [ 364.629489] [] kasan_end_report+0x47/0x4f [ 364.635254] [] kasan_report.cold.6+0x76/0x2fe [ 364.641373] [] ? __unwind_start+0x37c/0x3c0 [ 364.647319] [] __asan_report_load8_noabort+0x14/0x20 [ 364.654042] [] __unwind_start+0x37c/0x3c0 [ 364.659809] [] ? ptrace_may_access+0x24/0x50 [ 364.665852] [] __save_stack_trace+0x59/0xf0 [ 364.671793] [] save_stack_trace_tsk+0x48/0x70 [ 364.677909] [] proc_pid_stack+0x148/0x220 [ 364.683677] [] ? lock_trace+0xc0/0xc0 [ 364.689097] [] proc_single_show+0xfd/0x170 [ 364.694950] [] seq_read+0x4b6/0x12e0 [ 364.700284] [] ? seq_dentry+0x290/0x290 [ 364.705880] [] ? __fsnotify_update_child_dentry_flags.part.1+0x300/0x300 [ 364.714356] [] ? fsnotify+0x1100/0x1100 [ 364.719952] [] do_loop_readv_writev.part.18+0xd5/0x280 [ 364.726848] [] do_readv_writev+0x565/0x7a0 [ 364.732961] [] ? vfs_write+0x530/0x530 [ 364.738465] [] ? kasan_unpoison_shadow+0x35/0x50 [ 364.744841] [] ? push_pipe+0x3f4/0x780 [ 364.750349] [] ? iov_iter_get_pages_alloc+0x2bb/0xf10 [ 364.757167] [] vfs_readv+0x84/0xc0 [ 364.762326] [] default_file_splice_read+0x44b/0x7e0 [ 364.768964] [] ? depot_save_stack+0x132/0x460 [ 364.775080] [] ? do_splice_direct+0x270/0x270 [ 364.781193] [] ? save_stack+0x43/0xd0 [ 364.786615] [] ? __kmalloc+0x11d/0x300 [ 364.792121] [] ? alloc_pipe_info+0x164/0x380 [ 364.798149] [] ? splice_direct_to_actor+0x62c/0x7e0 [ 364.804785] [] ? do_splice_direct+0x1a3/0x270 [ 364.810900] [] ? do_sendfile+0x4f0/0xc60 [ 364.816582] [] ? compat_SyS_sendfile+0xd1/0x160 [ 364.822875] [] ? do_fast_syscall_32+0x2f7/0x870 [ 364.829168] [] ? refill_pi_state_cache.part.8+0x200/0x200 [ 364.836329] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 364.843139] [] ? rw_verify_area+0xe5/0x2b0 [ 364.848993] [] ? do_splice_direct+0x270/0x270 [ 364.855112] [] do_splice_to+0x10c/0x170 [ 364.860705] [] splice_direct_to_actor+0x23f/0x7e0 [ 364.867173] [] ? pipe_to_sendpage+0x330/0x330 [ 364.873470] [] ? do_splice_to+0x170/0x170 [ 364.879239] [] ? security_file_permission+0x8f/0x1f0 [ 364.885960] [] ? rw_verify_area+0xe5/0x2b0 [ 364.891814] [] do_splice_direct+0x1a3/0x270 [ 364.897755] [] ? splice_direct_to_actor+0x7e0/0x7e0 [ 364.904483] [] ? rw_verify_area+0xe5/0x2b0 [ 364.910338] [] do_sendfile+0x4f0/0xc60 [ 364.915846] [] ? do_compat_pwritev64+0x180/0x180 [ 364.922223] [] ? __might_fault+0x114/0x1d0 [ 364.928087] [] compat_SyS_sendfile+0xd1/0x160 [ 364.934212] [] ? SyS_sendfile64+0x160/0x160 [ 364.940153] [] ? do_fast_syscall_32+0xcf/0x870 [ 364.946356] [] ? SyS_sendfile64+0x160/0x160 [ 364.952305] [] do_fast_syscall_32+0x2f7/0x870 [ 364.958421] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.965057] [] entry_SYSENTER_compat+0x90/0xa2 [ 364.971767] Dumping ftrace buffer: [ 364.975275] (ftrace buffer empty) [ 364.978957] Kernel Offset: disabled [ 364.982564] Rebooting in 86400 seconds..