Warning: Permanently added '10.128.0.161' (ECDSA) to the list of known hosts. [ 28.920180] IPVS: ftp: loaded support on port[0] = 21 executing program [ 29.208550] audit: type=1800 audit(1653885352.431:2): pid=8014 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor467" name="/" dev="fuse" ino=2 res=0 [ 29.368244] ================================================================== [ 29.375657] BUG: KASAN: stack-out-of-bounds in iov_iter_revert+0x800/0x900 [ 29.382643] Read of size 8 at addr ffff8880b37ffd38 by task syz-executor467/8012 [ 29.390144] [ 29.391746] CPU: 1 PID: 8012 Comm: syz-executor467 Not tainted 4.14.281-syzkaller #0 [ 29.399595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.408920] Call Trace: [ 29.411485] dump_stack+0x1b2/0x281 [ 29.415088] print_address_description.cold+0x54/0x1d3 [ 29.420339] kasan_report_error.cold+0x8a/0x191 [ 29.424981] ? iov_iter_revert+0x800/0x900 [ 29.429196] __asan_report_load8_noabort+0x68/0x70 [ 29.434105] ? iov_iter_revert+0x800/0x900 [ 29.438315] iov_iter_revert+0x800/0x900 [ 29.442352] ? mapping_needs_writeback+0xd4/0x110 [ 29.447170] ? filemap_check_errors+0x75/0x90 [ 29.451645] generic_file_read_iter+0x1183/0x21c0 [ 29.456460] ? aa_file_perm+0x304/0xab0 [ 29.460408] ? aa_path_link+0x3a0/0x3a0 [ 29.464357] ? fsnotify+0x974/0x11b0 [ 29.468044] fuse_file_read_iter+0x1bd/0x270 [ 29.472428] __vfs_read+0x449/0x620 [ 29.476028] ? vfs_copy_file_range+0x9b0/0x9b0 [ 29.480588] ? rw_verify_area+0xe1/0x2a0 [ 29.484645] vfs_read+0x139/0x340 [ 29.488091] SyS_read+0xf2/0x210 [ 29.491440] ? kernel_write+0x110/0x110 [ 29.495400] ? __do_page_fault+0x159/0xad0 [ 29.499613] ? do_syscall_64+0x4c/0x640 [ 29.503565] ? kernel_write+0x110/0x110 [ 29.507515] do_syscall_64+0x1d5/0x640 [ 29.511386] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.516551] RIP: 0033:0x7f5a51a82159 [ 29.520239] RSP: 002b:00007f5a51a122f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 29.527921] RAX: ffffffffffffffda RBX: 00007f5a51b134d0 RCX: 00007f5a51a82159 [ 29.535164] RDX: 000000002000a3a0 RSI: 0000000020008380 RDI: 0000000000000005 [ 29.542406] RBP: 00007f5a51ae00e4 R08: 0000000000000000 R09: 0000000000000000 [ 29.549651] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 29.556985] R13: 00007f5a51adc0d8 R14: 00007f5a51ade0e0 R15: 00007f5a51b134d8 [ 29.564236] [ 29.565836] The buggy address belongs to the page: [ 29.570738] page:ffffea0002cdffc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 29.578866] flags: 0xfff00000000000() [ 29.582641] raw: 00fff00000000000 0000000000000000 0000000000000000 00000000ffffffff [ 29.590494] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 29.598342] page dumped because: kasan: bad access detected [ 29.604022] [ 29.605625] Memory state around the buggy address: [ 29.610528] ffff8880b37ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.617857] ffff8880b37ffc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.625186] >ffff8880b37ffd00: 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 00 00 00 00 [ 29.632515] ^ [ 29.637677] ffff8880b37ffd80: 00 f2 f2 f2 f2 f2 00 00 00 00 00 f3 f3 f3 f3 f3 [ 29.645009] ffff8880b37ffe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.652336] ================================================================== [ 29.659663] Disabling lock debugging due to kernel taint [ 29.667350] Kernel panic - not syncing: panic_on_warn set ... [ 29.667350] [ 29.674725] CPU: 0 PID: 8012 Comm: syz-executor467 Tainted: G B 4.14.281-syzkaller #0 [ 29.683801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.693136] Call Trace: [ 29.695704] dump_stack+0x1b2/0x281 [ 29.699313] panic+0x1f9/0x42d [ 29.702478] ? add_taint.cold+0x16/0x16 [ 29.706434] ? ___preempt_schedule+0x16/0x18 [ 29.710817] kasan_end_report+0x43/0x49 [ 29.714781] kasan_report_error.cold+0xa7/0x191 [ 29.719424] ? iov_iter_revert+0x800/0x900 [ 29.723634] __asan_report_load8_noabort+0x68/0x70 [ 29.728535] ? iov_iter_revert+0x800/0x900 [ 29.732741] iov_iter_revert+0x800/0x900 [ 29.736909] ? mapping_needs_writeback+0xd4/0x110 [ 29.741738] ? filemap_check_errors+0x75/0x90 [ 29.746206] generic_file_read_iter+0x1183/0x21c0 [ 29.751038] ? aa_file_perm+0x304/0xab0 [ 29.754987] ? aa_path_link+0x3a0/0x3a0 [ 29.758950] ? fsnotify+0x974/0x11b0 [ 29.762650] fuse_file_read_iter+0x1bd/0x270 [ 29.767043] __vfs_read+0x449/0x620 [ 29.770647] ? vfs_copy_file_range+0x9b0/0x9b0 [ 29.775205] ? rw_verify_area+0xe1/0x2a0 [ 29.779239] vfs_read+0x139/0x340 [ 29.782668] SyS_read+0xf2/0x210 [ 29.786015] ? kernel_write+0x110/0x110 [ 29.789968] ? __do_page_fault+0x159/0xad0 [ 29.794276] ? do_syscall_64+0x4c/0x640 [ 29.798232] ? kernel_write+0x110/0x110 [ 29.802214] do_syscall_64+0x1d5/0x640 [ 29.806085] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.811251] RIP: 0033:0x7f5a51a82159 [ 29.814943] RSP: 002b:00007f5a51a122f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 29.822626] RAX: ffffffffffffffda RBX: 00007f5a51b134d0 RCX: 00007f5a51a82159 [ 29.829871] RDX: 000000002000a3a0 RSI: 0000000020008380 RDI: 0000000000000005 [ 29.837117] RBP: 00007f5a51ae00e4 R08: 0000000000000000 R09: 0000000000000000 [ 29.844361] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 29.851605] R13: 00007f5a51adc0d8 R14: 00007f5a51ade0e0 R15: 00007f5a51b134d8 [ 29.859024] Kernel Offset: disabled [ 29.862628] Rebooting in 86400 seconds..