Warning: Permanently added '10.128.1.175' (ECDSA) to the list of known hosts. syzkaller login: [ 30.366686] IPVS: ftp: loaded support on port[0] = 21 executing program [ 30.636176] audit: type=1800 audit(1674890868.782:2): pid=7998 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor341" name="/" dev="fuse" ino=1 res=0 [ 30.865935] ================================================================== [ 30.873400] BUG: KASAN: stack-out-of-bounds in iov_iter_revert+0x800/0x900 [ 30.880390] Read of size 8 at addr ffff88809634fd38 by task syz-executor341/7997 [ 30.887898] [ 30.889512] CPU: 0 PID: 7997 Comm: syz-executor341 Not tainted 4.14.304-syzkaller #0 [ 30.897373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 30.906718] Call Trace: [ 30.909283] dump_stack+0x1b2/0x281 [ 30.912904] print_address_description.cold+0x54/0x1d3 [ 30.918161] kasan_report_error.cold+0x8a/0x191 [ 30.922824] ? iov_iter_revert+0x800/0x900 [ 30.927038] __asan_report_load8_noabort+0x68/0x70 [ 30.931941] ? iov_iter_revert+0x800/0x900 [ 30.936171] iov_iter_revert+0x800/0x900 [ 30.940209] ? mapping_needs_writeback+0xd4/0x110 [ 30.945024] ? filemap_check_errors+0x75/0x90 [ 30.949496] generic_file_read_iter+0x1183/0x21c0 [ 30.954318] fuse_file_read_iter+0x1bd/0x270 [ 30.958702] __vfs_read+0x449/0x620 [ 30.962304] ? vfs_copy_file_range+0x9b0/0x9b0 [ 30.966865] ? rw_verify_area+0xe1/0x2a0 [ 30.970922] vfs_read+0x139/0x340 [ 30.974374] SyS_read+0xf2/0x210 [ 30.977715] ? kernel_write+0x110/0x110 [ 30.981683] ? do_syscall_64+0x4c/0x640 [ 30.985633] ? kernel_write+0x110/0x110 [ 30.989582] do_syscall_64+0x1d5/0x640 [ 30.993450] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 30.998615] RIP: 0033:0x7f8d37ce3169 [ 31.002301] RSP: 002b:00007f8d37c522f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 31.009983] RAX: ffffffffffffffda RBX: 00007f8d37d744e0 RCX: 00007f8d37ce3169 [ 31.017226] RDX: 000000007ffff000 RSI: 0000000020016400 RDI: 0000000000000005 [ 31.024479] RBP: 00007f8d37d410e4 R08: 0000000000000000 R09: 0000000000000000 [ 31.031724] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 31.038968] R13: 00007f8d37d3d0d8 R14: 00007f8d37d3f0e0 R15: 00007f8d37d744e8 [ 31.046219] [ 31.047835] The buggy address belongs to the page: [ 31.052738] page:ffffea000258d3c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 31.060852] flags: 0xfff00000000000() [ 31.064626] raw: 00fff00000000000 0000000000000000 0000000000000000 00000000ffffffff [ 31.072483] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 31.080334] page dumped because: kasan: bad access detected [ 31.086028] [ 31.087628] Memory state around the buggy address: [ 31.092530] ffff88809634fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.099860] ffff88809634fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.107191] >ffff88809634fd00: 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 00 00 00 00 [ 31.114523] ^ [ 31.119688] ffff88809634fd80: 00 f2 f2 f2 f2 f2 00 00 00 00 00 f3 f3 f3 f3 f3 [ 31.127037] ffff88809634fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 31.134365] ================================================================== [ 31.141697] Disabling lock debugging due to kernel taint [ 31.147595] Kernel panic - not syncing: panic_on_warn set ... [ 31.147595] [ 31.154957] CPU: 0 PID: 7997 Comm: syz-executor341 Tainted: G B 4.14.304-syzkaller #0 [ 31.164036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 31.173363] Call Trace: [ 31.175954] dump_stack+0x1b2/0x281 [ 31.179554] panic+0x1f9/0x42d [ 31.182720] ? add_taint.cold+0x16/0x16 [ 31.186670] ? ___preempt_schedule+0x16/0x18 [ 31.191052] kasan_end_report+0x43/0x49 [ 31.194998] kasan_report_error.cold+0xa7/0x191 [ 31.199640] ? iov_iter_revert+0x800/0x900 [ 31.203848] __asan_report_load8_noabort+0x68/0x70 [ 31.208750] ? iov_iter_revert+0x800/0x900 [ 31.212955] iov_iter_revert+0x800/0x900 [ 31.216990] ? mapping_needs_writeback+0xd4/0x110 [ 31.221804] ? filemap_check_errors+0x75/0x90 [ 31.226272] generic_file_read_iter+0x1183/0x21c0 [ 31.231092] fuse_file_read_iter+0x1bd/0x270 [ 31.235492] __vfs_read+0x449/0x620 [ 31.239109] ? vfs_copy_file_range+0x9b0/0x9b0 [ 31.243665] ? rw_verify_area+0xe1/0x2a0 [ 31.247700] vfs_read+0x139/0x340 [ 31.251123] SyS_read+0xf2/0x210 [ 31.254461] ? kernel_write+0x110/0x110 [ 31.258413] ? do_syscall_64+0x4c/0x640 [ 31.262362] ? kernel_write+0x110/0x110 [ 31.266309] do_syscall_64+0x1d5/0x640 [ 31.270174] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 31.275337] RIP: 0033:0x7f8d37ce3169 [ 31.279021] RSP: 002b:00007f8d37c522f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 31.286703] RAX: ffffffffffffffda RBX: 00007f8d37d744e0 RCX: 00007f8d37ce3169 [ 31.293945] RDX: 000000007ffff000 RSI: 0000000020016400 RDI: 0000000000000005 [ 31.301189] RBP: 00007f8d37d410e4 R08: 0000000000000000 R09: 0000000000000000 [ 31.308443] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 31.315684] R13: 00007f8d37d3d0d8 R14: 00007f8d37d3f0e0 R15: 00007f8d37d744e8 [ 31.323122] Kernel Offset: disabled [ 31.326728] Rebooting in 86400 seconds..