Warning: Permanently added '10.128.0.154' (ECDSA) to the list of known hosts. [ 55.101272][ T8466] IPVS: ftp: loaded support on port[0] = 21 [ 55.179569][ T8466] chnl_net:caif_netlink_parms(): no params data found [ 55.219142][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.226695][ T8466] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.235767][ T8466] device bridge_slave_0 entered promiscuous mode [ 55.244110][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.252935][ T8466] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.261218][ T8466] device bridge_slave_1 entered promiscuous mode [ 55.277751][ T8466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.288772][ T8466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.308316][ T8466] team0: Port device team_slave_0 added [ 55.315386][ T8466] team0: Port device team_slave_1 added [ 55.330627][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.337797][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.364265][ T8466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.377343][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.384342][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.410402][ T8466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.433677][ T8466] device hsr_slave_0 entered promiscuous mode [ 55.440275][ T8466] device hsr_slave_1 entered promiscuous mode [ 55.519366][ T8466] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.533012][ T8466] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.542149][ T8466] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.553600][ T8466] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.574799][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.582002][ T8466] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.589846][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.596916][ T8466] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.635111][ T8466] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.654901][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.666274][ T3213] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.675663][ T3213] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.684375][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 55.697410][ T8466] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.709236][ T4897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.717732][ T4897] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.724798][ T4897] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.747922][ T4897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.756320][ T4897] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.763442][ T4897] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.772489][ T4897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.782664][ T4897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.791234][ T4897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.801514][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.811348][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.822877][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.841005][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 55.848816][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 55.862070][ T8466] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.880210][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.898437][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.907136][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 55.916608][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 55.926777][ T8466] device veth0_vlan entered promiscuous mode [ 55.939866][ T8466] device veth1_vlan entered promiscuous mode [ 55.959558][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 55.969323][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 55.979457][ T3213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.990013][ T8466] device veth0_macvtap entered promiscuous mode [ 56.001227][ T8466] device veth1_macvtap entered promiscuous mode [ 56.016740][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.024991][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.034818][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 56.046955][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.056584][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.067565][ T8466] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.076970][ T8466] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.089418][ T8466] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.098258][ T8466] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.163583][ T733] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.177313][ T733] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.209384][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 56.230231][ T733] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 executing program [ 56.253437][ T733] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.263148][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 56.275950][ T35] audit: type=1107 audit(1611549453.765:2): pid=8466 uid=0 auid=0 ses=5 subj==unconfined msg='йwqX*FOlj\2|2E޿`E}x@Mj@p4NŸ&"xnd_"cs?"J8垝XT3xzs(JΝ6YM%u)^~&+Gmf-([6gYV䠃<,mJ˻IJsʭI נx`-DkGGn萨S| --倲 W,{֎$nFH}:CZvU/[v@4z3!φ6~7h%'4KN(r.ҁ5g(uUuk28˕Bхyi$0Uw)Sp|߭8DGjmېT9m OحɴT pڼv1j9\O[@'|y~MS^4GΚ @Mӡv1ٷ)_>!*_] [ 56.275950][ T35] [ 56.500026][ T66] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.681763][ T8158] ================================================================== [ 57.681776][ T8158] BUG: KASAN: slab-out-of-bounds in record_print_text+0x33f/0x380 [ 57.681782][ T8158] Write of size 1 at addr ffff88801c2faf40 by task in:imklog/8158 [ 57.681787][ T8158] [ 57.681790][ T8158] CPU: 1 PID: 8158 Comm: in:imklog Not tainted 5.11.0-rc4-syzkaller #0 [ 57.681796][ T8158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.681801][ T8158] Call Trace: [ 57.681803][ T8158] dump_stack+0x107/0x163 [ 57.681806][ T8158] ? record_print_text+0x33f/0x380 [ 57.681810][ T8158] ? record_print_text+0x33f/0x380 [ 57.681814][ T8158] print_address_description.constprop.0.cold+0x5b/0x2f8 [ 57.681818][ T8158] ? record_print_text+0x33f/0x380 [ 57.681821][ T8158] ? record_print_text+0x33f/0x380 [ 57.681824][ T8158] kasan_report.cold+0x79/0xd5 [ 57.681828][ T8158] ? record_print_text+0x33f/0x380 [ 57.681831][ T8158] record_print_text+0x33f/0x380 [ 57.681834][ T8158] ? get_record_print_text_size+0x110/0x110 [ 57.681838][ T8158] ? prb_read_valid+0x75/0xa0 [ 57.681841][ T8158] ? prb_final_commit+0x20/0x20 [ 57.681844][ T8158] ? syslog_print+0x34b/0x430 [ 57.681847][ T8158] syslog_print+0x2bb/0x430 [ 57.681851][ T8158] ? kmsg_dump_rewind+0x180/0x180 [ 57.681854][ T8158] ? find_held_lock+0x2d/0x110 [ 57.681857][ T8158] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 57.681861][ T8158] do_syslog.part.0+0x2a8/0x7c0 [ 57.681864][ T8158] ? syslog_print_all+0x4a0/0x4a0 [ 57.681867][ T8158] ? aa_file_perm+0x5e2/0x1100 [ 57.681871][ T8158] ? finish_wait+0x260/0x260 [ 57.681874][ T8158] ? aa_path_link+0x2f0/0x2f0 [ 57.681877][ T8158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.681881][ T8158] ? __fsnotify_parent+0x488/0x9d0 [ 57.681884][ T8158] ? fsnotify+0x1070/0x1070 [ 57.681887][ T8158] ? __fdget_pos+0xe9/0x100 [ 57.681890][ T8158] ? lock_downgrade+0x6d0/0x6d0 [ 57.681894][ T8158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.681897][ T8158] ? security_syslog+0x73/0x90 [ 57.681901][ T8158] do_syslog+0x49/0x60 [ 57.681903][ T8158] kmsg_read+0x90/0xb0 [ 57.681906][ T8158] ? kmsg_release+0x20/0x20 [ 57.681909][ T8158] proc_reg_read+0x119/0x300 [ 57.681912][ T8158] ? rw_verify_area+0x11d/0x350 [ 57.681915][ T8158] ? proc_reg_write+0x300/0x300 [ 57.681919][ T8158] vfs_read+0x1b5/0x570 [ 57.681921][ T8158] ksys_read+0x12d/0x250 [ 57.681924][ T8158] ? vfs_write+0xa30/0xa30 [ 57.681928][ T8158] ? syscall_enter_from_user_mode+0x1d/0x50 [ 57.681931][ T8158] do_syscall_64+0x2d/0x70 [ 57.681934][ T8158] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.681938][ T8158] RIP: 0033:0x7f3e2eec922d [ 57.681944][ T8158] Code: c1 20 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 4e fc ff ff 48 89 04 24 b8 00 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 97 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 57.681953][ T8158] RSP: 002b:00007f3e2c865580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 [ 57.681963][ T8158] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3e2eec922d [ 57.681968][ T8158] RDX: 0000000000001fa0 RSI: 00007f3e2c865da0 RDI: 0000000000000004 [ 57.681973][ T8158] RBP: 000055d0880849d0 R08: 0000000000000000 R09: 0000000004000001 [ 57.681978][ T8158] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f3e2c865da0 [ 57.681983][ T8158] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f3e2c865df3 [ 57.681987][ T8158] [ 57.681989][ T8158] Allocated by task 8158: [ 57.681993][ T8158] kasan_save_stack+0x1b/0x40 [ 57.681996][ T8158] ____kasan_kmalloc.constprop.0+0x82/0xa0 [ 57.682000][ T8158] syslog_print+0xb2/0x430 [ 57.682003][ T8158] do_syslog.part.0+0x2a8/0x7c0 [ 57.682006][ T8158] do_syslog+0x49/0x60 [ 57.682008][ T8158] kmsg_read+0x90/0xb0 [ 57.682011][ T8158] proc_reg_read+0x119/0x300 [ 57.682014][ T8158] vfs_read+0x1b5/0x570 [ 57.682017][ T8158] ksys_read+0x12d/0x250 [ 57.682020][ T8158] do_syscall_64+0x2d/0x70 [ 57.682023][ T8158] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.682026][ T8158] [ 57.682029][ T8158] The buggy address belongs to the object at ffff88801c2fa800 [ 57.682034][ T8158] which belongs to the cache kmalloc-1k of size 1024 [ 57.682039][ T8158] The buggy address is located 832 bytes to the right of [ 57.682044][ T8158] 1024-byte region [ffff88801c2fa800, ffff88801c2fac00) [ 57.682048][ T8158] The buggy address belongs to the page: [ 57.682053][ T8158] page:00000000eb65f4f5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c2f8 [ 57.682059][ T8158] head:00000000eb65f4f5 order:2 compound_mapcount:0 compound_pincount:0 [ 57.682064][ T8158] flags: 0xfff00000010200(slab|head) [ 57.682069][ T8158] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888010041140 [ 57.682075][ T8158] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000 [ 57.682080][ T8158] page dumped because: kasan: bad access detected [ 57.682084][ T8158] [ 57.682086][ T8158] Memory state around the buggy address: [ 57.682091][ T8158] ffff88801c2fae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.682096][ T8158] ffff88801c2fae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.682102][ T8158] >ffff88801c2faf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.682107][ T8158] ^ [ 57.682111][ T8158] ffff88801c2faf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.682117][ T8158] ffff88801c2fb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.682122][ T8158] ================================================================== [ 57.682127][ T8158] Disabling lock debugging due to kernel taint [ 57.682132][ T8158] Kernel panic - not syncing: panic_on_warn set ... [ 57.682137][ T8158] CPU: 1 PID: 8158 Comm: in:imklog Tainted: G B 5.11.0-rc4-syzkaller #0 [ 57.682143][ T8158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.682148][ T8158] Call Trace: [ 57.682151][ T8158] dump_stack+0x107/0x163 [ 57.682154][ T8158] ? record_print_text+0x2e0/0x380 [ 57.682157][ T8158] panic+0x306/0x73d [ 57.682160][ T8158] ? __warn_printk+0xf3/0xf3 [ 57.682163][ T8158] ? record_print_text+0x33f/0x380 [ 57.682166][ T8158] ? record_print_text+0x33f/0x380 [ 57.682170][ T8158] ? record_print_text+0x33f/0x380 [ 57.682173][ T8158] end_report+0x58/0x5e [ 57.682176][ T8158] kasan_report.cold+0x67/0xd5 [ 57.682179][ T8158] ? record_print_text+0x33f/0x380 [ 57.682182][ T8158] record_print_text+0x33f/0x380 [ 57.682186][ T8158] ? get_record_print_text_size+0x110/0x110 [ 57.682189][ T8158] ? prb_read_valid+0x75/0xa0 [ 57.682193][ T8158] ? prb_final_commit+0x20/0x20 [ 57.682196][ T8158] ? syslog_print+0x34b/0x430 [ 57.682199][ T8158] syslog_print+0x2bb/0x430 [ 57.682202][ T8158] ? kmsg_dump_rewind+0x180/0x180 [ 57.682205][ T8158] ? find_held_lock+0x2d/0x110 [ 57.682209][ T8158] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 57.682212][ T8158] do_syslog.part.0+0x2a8/0x7c0 [ 57.682215][ T8158] ? syslog_print_all+0x4a0/0x4a0 [ 57.682219][ T8158] ? aa_file_perm+0x5e2/0x1100 [ 57.682222][ T8158] ? finish_wait+0x260/0x260 [ 57.682225][ T8158] ? aa_path_link+0x2f0/0x2f0 [ 57.682228][ T8158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.682232][ T8158] ? __fsnotify_parent+0x488/0x9d0 [ 57.682235][ T8158] ? fsnotify+0x1070/0x1070 [ 57.682238][ T8158] ? __fdget_pos+0xe9/0x100 [ 57.682242][ T8158] ? lock_downgrade+0x6d0/0x6d0 [ 57.682245][ T8158] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.682249][ T8158] ? security_syslog+0x73/0x90 [ 57.682252][ T8158] do_syslog+0x49/0x60 [ 57.682255][ T8158] kmsg_read+0x90/0xb0 [ 57.682257][ T8158] ? kmsg_release+0x20/0x20 [ 57.682260][ T8158] proc_reg_read+0x119/0x300 [ 57.682264][ T8158] ? rw_verify_area+0x11d/0x350 [ 57.682267][ T8158] ? proc_reg_write+0x300/0x300 [ 57.682270][ T8158] vfs_read+0x1b5/0x570 [ 57.682273][ T8158] ksys_read+0x12d/0x250 [ 57.682276][ T8158] ? vfs_write+0xa30/0xa30 [ 57.682279][ T8158] ? syscall_enter_from_user_mode+0x1d/0x50 [ 57.682282][ T8158] do_syscall_64+0x2d/0x70 [ 57.682286][ T8158] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.682289][ T8158] RIP: 0033:0x7f3e2eec922d [ 57.682295][ T8158] Code: c1 20 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 4e fc ff ff 48 89 04 24 b8 00 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 97 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 57.682305][ T8158] RSP: 002b:00007f3e2c865580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 [ 57.682313][ T8158] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3e2eec922d [ 57.682318][ T8158] RDX: 0000000000001fa0 RSI: 00007f3e2c865da0 RDI: 0000000000000004 [ 57.682323][ T8158] RBP: 000055d0880849d0 R08: 0000000000000000 R09: 0000000004000001 [ 57.682328][ T8158] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f3e2c865da0 [ 57.682333][ T8158] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f3e2c865df3 [ 57.682338][ T8158] Shutting down cpus with NMI [ 57.682341][ T8158] Kernel Offset: disabled