Warning: Permanently added '[localhost]:64863' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 534.470890][ T3200] ================================================================== [ 534.472479][ T3200] BUG: KASAN: global-out-of-bounds in memcmp+0xc0/0xca [ 534.475261][ T3200] Read of size 1 at addr ffffffff895cb520 by task syz-executor156/3200 [ 534.476316][ T3200] [ 534.479518][ T3200] CPU: 1 UID: 0 PID: 3200 Comm: syz-executor156 Not tainted 6.12.0-rc1-syzkaller-00012-g5f153a692bac #0 [ 534.481005][ T3200] Hardware name: riscv-virtio,qemu (DT) [ 534.482100][ T3200] Call Trace: [ 534.483003][ T3200] [] dump_backtrace+0x2e/0x3c [ 534.485055][ T3200] [] show_stack+0x34/0x40 [ 534.485954][ T3200] [] dump_stack_lvl+0x122/0x196 [ 534.487313][ T3200] [] print_report+0x290/0x5a0 [ 534.488223][ T3200] [] kasan_report+0xec/0x118 [ 534.489304][ T3200] [] __asan_report_load1_noabort+0x12/0x1a [ 534.490227][ T3200] [] memcmp+0xc0/0xca [ 534.491341][ T3200] [] __hw_addr_add_ex+0xee/0x676 [ 534.492579][ T3200] [] dev_mc_add+0xac/0x108 [ 534.493731][ T3200] [] mrp_init_applicant+0xe8/0x56e [ 534.494793][ T3200] [] vlan_mvrp_init_applicant+0x26/0x30 [ 534.495850][ T3200] [] register_vlan_dev+0x1b4/0x922 [ 534.496853][ T3200] [] vlan_newlink+0x3d2/0x5fc [ 534.498096][ T3200] [] __rtnl_newlink+0xfe2/0x1738 [ 534.498978][ T3200] [] rtnl_newlink+0x6c/0xa2 [ 534.499699][ T3200] [] rtnetlink_rcv_msg+0x428/0xdbe [ 534.500649][ T3200] [] netlink_rcv_skb+0x216/0x3dc [ 534.501519][ T3200] [] rtnetlink_rcv+0x26/0x30 [ 534.502519][ T3200] [] netlink_unicast+0x4f0/0x82c [ 534.503541][ T3200] [] netlink_sendmsg+0x864/0xdc6 [ 534.504873][ T3200] [] __sock_sendmsg+0xcc/0x160 [ 534.506225][ T3200] [] ____sys_sendmsg+0x5ce/0x79e [ 534.507629][ T3200] [] ___sys_sendmsg+0x144/0x1e6 [ 534.508888][ T3200] [] __sys_sendmsg+0x130/0x1f0 [ 534.509905][ T3200] [] __riscv_sys_sendmsg+0x70/0xa2 [ 534.510877][ T3200] [] syscall_handler+0x94/0x118 [ 534.511932][ T3200] [] do_trap_ecall_u+0x1aa/0x216 [ 534.512957][ T3200] [] _new_vmalloc_restore_context_a0+0xc2/0xce [ 534.514274][ T3200] [ 534.514882][ T3200] The buggy address belongs to the variable: [ 534.515681][ T3200] vlan_mrp_app+0x60/0x3e80 [ 534.516748][ T3200] [ 534.517490][ T3200] The buggy address belongs to the physical page: [ 534.519150][ T3200] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x897cb [ 534.520729][ T3200] flags: 0xffe000000002000(reserved|node=0|zone=0|lastcpupid=0x7ff) [ 534.523017][ T3200] raw: 0ffe000000002000 ff1c00000025f2c8 ff1c00000025f2c8 0000000000000000 [ 534.524095][ T3200] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 534.525163][ T3200] page dumped because: kasan: bad access detected [ 534.526036][ T3200] page_owner info is not present (never set?) [ 534.527086][ T3200] [ 534.527889][ T3200] Memory state around the buggy address: [ 534.529123][ T3200] ffffffff895cb400: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 534.530119][ T3200] ffffffff895cb480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 534.531121][ T3200] >ffffffff895cb500: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 534.532099][ T3200] ^ [ 534.532945][ T3200] ffffffff895cb580: 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 [ 534.533936][ T3200] ffffffff895cb600: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 534.535019][ T3200] ================================================================== [ 534.537919][ T3200] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 534.539872][ T3200] CPU: 1 UID: 0 PID: 3200 Comm: syz-executor156 Not tainted 6.12.0-rc1-syzkaller-00012-g5f153a692bac #0 [ 534.541311][ T3200] Hardware name: riscv-virtio,qemu (DT) [ 534.542226][ T3200] Call Trace: [ 534.543009][ T3200] [] dump_backtrace+0x2e/0x3c [ 534.544346][ T3200] [] show_stack+0x34/0x40 [ 534.545485][ T3200] [] dump_stack_lvl+0x108/0x196 [ 534.546848][ T3200] [] dump_stack+0x1c/0x24 [ 534.548227][ T3200] [] panic+0x388/0x86c [ 534.549418][ T3200] [] check_panic_on_warn+0xc0/0xe4 [ 534.550799][ T3200] [] end_report.part.0+0x4a/0xaa [ 534.552236][ T3200] [] kasan_report+0x102/0x118 [ 534.553654][ T3200] [] __asan_report_load1_noabort+0x12/0x1a [ 534.555036][ T3200] [] memcmp+0xc0/0xca [ 534.556284][ T3200] [] __hw_addr_add_ex+0xee/0x676 [ 534.557486][ T3200] [] dev_mc_add+0xac/0x108 [ 534.558652][ T3200] [] mrp_init_applicant+0xe8/0x56e [ 534.559975][ T3200] [] vlan_mvrp_init_applicant+0x26/0x30 [ 534.561169][ T3200] [] register_vlan_dev+0x1b4/0x922 [ 534.562088][ T3200] [] vlan_newlink+0x3d2/0x5fc [ 534.562967][ T3200] [] __rtnl_newlink+0xfe2/0x1738 [ 534.563882][ T3200] [] rtnl_newlink+0x6c/0xa2 [ 534.564579][ T3200] [] rtnetlink_rcv_msg+0x428/0xdbe [ 534.565383][ T3200] [] netlink_rcv_skb+0x216/0x3dc [ 534.566114][ T3200] [] rtnetlink_rcv+0x26/0x30 [ 534.567208][ T3200] [] netlink_unicast+0x4f0/0x82c [ 534.568090][ T3200] [] netlink_sendmsg+0x864/0xdc6 [ 534.569075][ T3200] [] __sock_sendmsg+0xcc/0x160 [ 534.570052][ T3200] [] ____sys_sendmsg+0x5ce/0x79e [ 534.570920][ T3200] [] ___sys_sendmsg+0x144/0x1e6 [ 534.572097][ T3200] [] __sys_sendmsg+0x130/0x1f0 [ 534.573418][ T3200] [] __riscv_sys_sendmsg+0x70/0xa2 [ 534.574493][ T3200] [] syscall_handler+0x94/0x118 [ 534.575309][ T3200] [] do_trap_ecall_u+0x1aa/0x216 [ 534.576184][ T3200] [] _new_vmalloc_restore_context_a0+0xc2/0xce [ 534.577736][ T3200] SMP: stopping secondary CPUs [ 534.580277][ T3200] Rebooting in 86400 seconds.. VM DIAGNOSIS: 01:57:52 Registers: info registers vcpu 0 CPU#0 V = 0 pc ffffffff844cd7bc mhartid 0000000000000000 mstatus 0000000a000001a0 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000000 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 0000000080000428 stvec ffffffff85ffc980 vstvec 0000000000000000 mepc ffffffff8033d6b2 sepc ffffffff8097314a vsepc 0000000000000000 mcause 8000000000000003 scause 8000000000000005 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 0000000080029000 sscratch 0000000000000000 satp a012b00000099390 x0/zero 0000000000000000 x1/ra ffffffff844cd7bc x2/sp ff20000000007d50 x3/gp ffffffff897bea80 x4/tp ff6000001ae74ec0 x5/t0 ff6000001ae759e0 x6/t1 ff6000001ae75a08 x7/t2 000000000000003c x8/s0 ff20000000007d70 x9/s1 0000000142f5c73c x10/a0 0000000000015984 x11/a1 ff6000006ec2bd40 x12/a2 000000000000001e x13/a3 ffffffff844cd7bc x14/a4 0000000000000000 x15/a5 ff6000001ae74ec0 x16/a6 0000000000ff0100 x17/a7 0000000020938178 x18/s2 0000000000015984 x19/s3 0000000000000000 x20/s4 000000000000001e x21/s5 000000000086f7f4 x22/s6 ffebffff0dd83ab4 x23/s7 0000000000000004 x24/s8 ff6000006ec1d540 x25/s9 ff6000006ec1d594 x26/s10 7fffffffffffffff x27/s11 1fec00000dd83ae5 x28/t3 1fec0000035ceb3b x29/t4 000000000000000c x30/t5 cf5845a49c6a17af x31/t6 1fec0000035ceb45 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 CPU#1 V = 0 pc ffffffff85fd7886 mhartid 0000000000000001 mstatus 0000000a000000a0 hstatus 0000000200000000 vsstatus 0000000a00000000 mip 0000000000000020 mie 000000000000022a mideleg 0000000000001666 hideleg 0000000000000444 medeleg 0000000000f0b509 hedeleg 000000000000b109 mtvec 0000000080000428 stvec ffffffff85ffc980 vstvec 0000000000000000 mepc ffffffff8001fb16 sepc ffffffff80249f5c vsepc 0000000000000000 mcause 0000000000000009 scause 8000000000000005 vscause 0000000000000000 mtval 0000000000000000 stval 0000000000000000 htval 0000000000000000 mtval2 0000000000000000 mscratch 0000000080027000 sscratch 0000000000000000 satp a01360000009d97c x0/zero 0000000000000000 x1/ra ffffffff85fd7886 x2/sp ff20000007b56ce0 x3/gp ffffffff897bea80 x4/tp ff6000001b424ec0 x5/t0 ff20000007b568f4 x6/t1 fffffffef12f83e4 x7/t2 7320666f20646165 x8/s0 ff20000007b56d10 x9/s1 0000000000000000 x10/a0 0000000000000001 x11/a1 0000000000000000 x12/a2 0000000000000000 x13/a3 ffffffff85fd7886 x14/a4 0000000000000000 x15/a5 ff6000001b425ec0 x16/a6 0000000000000003 x17/a7 0000000000000003 x18/s2 ffffffff87780b78 x19/s3 ff1c00000025f2c0 x20/s4 ff60000070fec9e0 x21/s5 00000000897cb520 x22/s6 ffffffff879225c0 x23/s7 0000000000000004 x24/s8 ff60000014ad1600 x25/s9 0000000000000004 x26/s10 0000000000000000 x27/s11 ff6000001ac1a3d8 x28/t3 ff6000001b424ec8 x29/t4 fffffffef12f83e4 x30/t5 fffffffef12f83e5 x31/t6 ff20000007b566d8 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000