Warning: Permanently added '10.128.0.190' (ECDSA) to the list of known hosts. [ 38.323085] IPVS: ftp: loaded support on port[0] = 21 executing program [ 40.360452] Bluetooth: hci0: command 0x0409 tx timeout [ 42.438555] Bluetooth: hci0: command 0x041b tx timeout [ 43.398086] Bluetooth: Found 0 CAPI controller(s) on device 10:aa:aa:aa:aa:aa [ 43.405844] ================================================================== [ 43.413303] BUG: KASAN: global-out-of-bounds in detach_capi_ctr+0xaf/0x120 [ 43.420330] Read of size 8 at addr ffffffff8dd14538 by task kcmtpd_ctr_0/8156 [ 43.427586] [ 43.429204] CPU: 0 PID: 8156 Comm: kcmtpd_ctr_0 Not tainted 4.19.211-syzkaller #0 [ 43.436804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.446269] Call Trace: [ 43.448849] dump_stack+0x1fc/0x2ef [ 43.452576] print_address_description.cold+0x5/0x219 [ 43.457751] kasan_report_error.cold+0x8a/0x1b9 [ 43.462412] ? detach_capi_ctr+0xaf/0x120 [ 43.466543] __asan_report_load8_noabort+0x88/0x90 [ 43.471510] ? detach_capi_ctr+0xaf/0x120 [ 43.475641] detach_capi_ctr+0xaf/0x120 [ 43.479615] cmtp_session+0x162e/0x19e0 [ 43.483604] ? lock_downgrade+0x720/0x720 [ 43.487756] ? lock_acquire+0x170/0x3c0 [ 43.491726] ? cmtp_send_frame.isra.0+0x170/0x170 [ 43.496553] ? do_wait_intr_irq+0x270/0x270 [ 43.500859] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 43.505424] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 43.510519] ? __kthread_parkme+0x133/0x1e0 [ 43.514821] ? cmtp_send_frame.isra.0+0x170/0x170 [ 43.519648] kthread+0x33f/0x460 [ 43.522994] ? kthread_park+0x180/0x180 [ 43.526968] ret_from_fork+0x24/0x30 [ 43.530671] [ 43.532277] The buggy address belongs to the variable: [ 43.537546] capi_applications+0x798/0x7a0 [ 43.541771] [ 43.543407] Memory state around the buggy address: [ 43.548333] ffffffff8dd14400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 43.555674] ffffffff8dd14480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 43.563024] >ffffffff8dd14500: 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 00 00 [ 43.570371] ^ [ 43.575541] ffffffff8dd14580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 43.582881] ffffffff8dd14600: 00 00 00 00 00 00 00 00 fa fa fa fa 00 fa fa fa [ 43.590303] ================================================================== [ 43.597673] Disabling lock debugging due to kernel taint [ 43.603359] Kernel panic - not syncing: panic_on_warn set ... [ 43.603359] [ 43.610732] CPU: 0 PID: 8156 Comm: kcmtpd_ctr_0 Tainted: G B 4.19.211-syzkaller #0 [ 43.619727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.629059] Call Trace: [ 43.631633] dump_stack+0x1fc/0x2ef [ 43.635248] panic+0x26a/0x50e [ 43.638422] ? __warn_printk+0xf3/0xf3 [ 43.642294] ? preempt_schedule_common+0x45/0xc0 [ 43.647053] ? ___preempt_schedule+0x16/0x18 [ 43.651446] ? trace_hardirqs_on+0x55/0x210 [ 43.655758] kasan_end_report+0x43/0x49 [ 43.659715] kasan_report_error.cold+0xa7/0x1b9 [ 43.664368] ? detach_capi_ctr+0xaf/0x120 [ 43.668513] __asan_report_load8_noabort+0x88/0x90 [ 43.673424] ? detach_capi_ctr+0xaf/0x120 [ 43.677553] detach_capi_ctr+0xaf/0x120 [ 43.681522] cmtp_session+0x162e/0x19e0 [ 43.685479] ? lock_downgrade+0x720/0x720 [ 43.689606] ? lock_acquire+0x170/0x3c0 [ 43.693559] ? cmtp_send_frame.isra.0+0x170/0x170 [ 43.698394] ? do_wait_intr_irq+0x270/0x270 [ 43.702711] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 43.707295] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 43.712376] ? __kthread_parkme+0x133/0x1e0 [ 43.716676] ? cmtp_send_frame.isra.0+0x170/0x170 [ 43.721503] kthread+0x33f/0x460 [ 43.724860] ? kthread_park+0x180/0x180 [ 43.728815] ret_from_fork+0x24/0x30 [ 43.732829] Kernel Offset: disabled [ 43.736442] Rebooting in 86400 seconds..