Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.46' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
syzkaller login: [   81.552731][ T6542] ==================================================================
[   81.560981][ T6542] BUG: KASAN: slab-out-of-bounds in copy_data+0xf3/0x2e0
[   81.568145][ T6542] Read of size 64 at addr ffff88801a7a1580 by task syz-executor989/6542
[   81.576574][ T6542] 
[   81.578892][ T6542] CPU: 1 PID: 6542 Comm: syz-executor989 Not tainted 5.15.0-rc6-next-20211025-syzkaller #0
[   81.588854][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   81.598895][ T6542] Call Trace:
[   81.602165][ T6542]  <TASK>
[   81.605087][ T6542]  dump_stack_lvl+0xcd/0x134
[   81.609700][ T6542]  print_address_description.constprop.0.cold+0x8d/0x320
[   81.616720][ T6542]  ? copy_data+0xf3/0x2e0
[   81.621036][ T6542]  ? copy_data+0xf3/0x2e0
[   81.625446][ T6542]  kasan_report.cold+0x83/0xdf
[   81.630209][ T6542]  ? copy_data+0xf3/0x2e0
[   81.634528][ T6542]  kasan_check_range+0x13d/0x180
[   81.639476][ T6542]  memcpy+0x20/0x60
[   81.643295][ T6542]  copy_data+0xf3/0x2e0
[   81.647440][ T6542]  ? virtrng_restore+0x140/0x140
[   81.652366][ T6542]  ? mutex_lock_io_nested+0x1150/0x1150
[   81.657909][ T6542]  virtio_read+0x1e0/0x230
[   81.662321][ T6542]  rng_dev_read+0x400/0x660
[   81.666813][ T6542]  ? copy_data+0x2e0/0x2e0
[   81.671214][ T6542]  ? enable_best_rng+0xc0/0xc0
[   81.675959][ T6542]  vfs_read+0x1b5/0x600
[   81.680107][ T6542]  ksys_read+0x12d/0x250
[   81.684337][ T6542]  ? vfs_write+0xae0/0xae0
[   81.688747][ T6542]  ? syscall_enter_from_user_mode+0x21/0x70
[   81.694629][ T6542]  do_syscall_64+0x35/0xb0
[   81.699036][ T6542]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   81.704916][ T6542] RIP: 0033:0x7f05696617e9
[   81.709315][ T6542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48
[   81.728905][ T6542] RSP: 002b:00007ffd06461948 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.737316][ T6542] RAX: ffffffffffffffda RBX: 000000000001294d RCX: 00007f05696617e9
[   81.745278][ T6542] RDX: 00000000fffffff1 RSI: 0000000020000180 RDI: 0000000000000003
[   81.753253][ T6542] RBP: 0000000000000000 R08: 00007ffd064619b0 R09: 00007ffd064619b0
[   81.761211][ T6542] R10: 00007ffd064613d0 R11: 0000000000000246 R12: 00007ffd0646197c
[   81.769167][ T6542] R13: 00007ffd064619b0 R14: 00007ffd06461990 R15: 0000000000000002
[   81.777134][ T6542]  </TASK>
[   81.780139][ T6542] 
[   81.782445][ T6542] Allocated by task 1:
[   81.786491][ T6542]  kasan_save_stack+0x1e/0x50
[   81.791172][ T6542]  __kasan_kmalloc+0xa9/0xd0
[   81.795750][ T6542]  probe_common+0xaa/0x5b0
[   81.800166][ T6542]  virtio_dev_probe+0x44e/0x760
[   81.805022][ T6542]  really_probe+0x245/0xcc0
[   81.809523][ T6542]  __driver_probe_device+0x338/0x4d0
[   81.814803][ T6542]  driver_probe_device+0x4c/0x1a0
[   81.819871][ T6542]  __driver_attach+0x22d/0x4e0
[   81.824650][ T6542]  bus_for_each_dev+0x147/0x1d0
[   81.829641][ T6542]  bus_add_driver+0x41d/0x630
[   81.834360][ T6542]  driver_register+0x220/0x3a0
[   81.839116][ T6542]  do_one_initcall+0x103/0x650
[   81.843870][ T6542]  kernel_init_freeable+0x6b1/0x73a
[   81.849059][ T6542]  kernel_init+0x1a/0x1d0
[   81.853418][ T6542]  ret_from_fork+0x1f/0x30
[   81.857845][ T6542] 
[   81.860161][ T6542] The buggy address belongs to the object at ffff88801a7a1400
[   81.860161][ T6542]  which belongs to the cache kmalloc-512 of size 512
[   81.874300][ T6542] The buggy address is located 384 bytes inside of
[   81.874300][ T6542]  512-byte region [ffff88801a7a1400, ffff88801a7a1600)
[   81.887564][ T6542] The buggy address belongs to the page:
[   81.893179][ T6542] page:ffffea000069e800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1a7a0
[   81.903315][ T6542] head:ffffea000069e800 order:2 compound_mapcount:0 compound_pincount:0
[   81.911622][ T6542] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[   81.919682][ T6542] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888010c41c80
[   81.928253][ T6542] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   81.936820][ T6542] page dumped because: kasan: bad access detected
[   81.943305][ T6542] page_owner tracks the page as allocated
[   81.949003][ T6542] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 7709676886, free_ts 0
[   81.966896][ T6542]  get_page_from_freelist+0xa72/0x2f50
[   81.972364][ T6542]  __alloc_pages+0x1b2/0x500
[   81.976944][ T6542]  alloc_page_interleave+0x1e/0x200
[   81.982127][ T6542]  alloc_pages+0x29f/0x300
[   81.986622][ T6542]  new_slab+0x32d/0x4a0
[   81.990825][ T6542]  ___slab_alloc+0x918/0xfe0
[   81.995488][ T6542]  __slab_alloc.constprop.0+0x4d/0xa0
[   82.000863][ T6542]  kmem_cache_alloc_trace+0x289/0x2c0
[   82.006266][ T6542]  device_add+0x11a7/0x1ee0
[   82.010756][ T6542]  device_create_groups_vargs+0x203/0x280
[   82.016461][ T6542]  device_create_with_groups+0xe3/0x120
[   82.021996][ T6542]  misc_register+0x20a/0x690
[   82.026576][ T6542]  hwrng_modinit+0xd0/0x109
[   82.031076][ T6542]  do_one_initcall+0x103/0x650
[   82.035853][ T6542]  kernel_init_freeable+0x6b1/0x73a
[   82.041318][ T6542]  kernel_init+0x1a/0x1d0
[   82.045632][ T6542] page_owner free stack trace missing
[   82.050978][ T6542] 
[   82.053291][ T6542] Memory state around the buggy address:
[   82.058918][ T6542]  ffff88801a7a1480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   82.066982][ T6542]  ffff88801a7a1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   82.075027][ T6542] >ffff88801a7a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   82.083082][ T6542]                    ^
[   82.087134][ T6542]  ffff88801a7a1600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   82.095179][ T6542]  ffff88801a7a1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   82.103316][ T6542] ==================================================================
[   82.111363][ T6542] Disabling lock debugging due to kernel taint
[   82.117974][ T6542] Kernel panic - not syncing: panic_on_warn set ...
[   82.124559][ T6542] CPU: 1 PID: 6542 Comm: syz-executor989 Tainted: G    B             5.15.0-rc6-next-20211025-syzkaller #0
[   82.136012][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.146067][ T6542] Call Trace:
[   82.149338][ T6542]  <TASK>
[   82.152284][ T6542]  dump_stack_lvl+0xcd/0x134
[   82.156895][ T6542]  panic+0x2b0/0x6dd
[   82.160792][ T6542]  ? __warn_printk+0xf3/0xf3
[   82.165393][ T6542]  ? copy_data+0xf3/0x2e0
[   82.169763][ T6542]  ? trace_hardirqs_on+0x38/0x1c0
[   82.174803][ T6542]  ? trace_hardirqs_on+0x51/0x1c0
[   82.179857][ T6542]  ? copy_data+0xf3/0x2e0
[   82.184194][ T6542]  ? copy_data+0xf3/0x2e0
[   82.188521][ T6542]  end_report.cold+0x63/0x6f
[   82.193132][ T6542]  kasan_report.cold+0x71/0xdf
[   82.197900][ T6542]  ? copy_data+0xf3/0x2e0
[   82.202228][ T6542]  kasan_check_range+0x13d/0x180
[   82.207171][ T6542]  memcpy+0x20/0x60
[   82.210988][ T6542]  copy_data+0xf3/0x2e0
[   82.215140][ T6542]  ? virtrng_restore+0x140/0x140
[   82.220072][ T6542]  ? mutex_lock_io_nested+0x1150/0x1150
[   82.225619][ T6542]  virtio_read+0x1e0/0x230
[   82.230042][ T6542]  rng_dev_read+0x400/0x660
[   82.234644][ T6542]  ? copy_data+0x2e0/0x2e0
[   82.239058][ T6542]  ? enable_best_rng+0xc0/0xc0
[   82.243903][ T6542]  vfs_read+0x1b5/0x600
[   82.248063][ T6542]  ksys_read+0x12d/0x250
[   82.252306][ T6542]  ? vfs_write+0xae0/0xae0
[   82.256741][ T6542]  ? syscall_enter_from_user_mode+0x21/0x70
[   82.262652][ T6542]  do_syscall_64+0x35/0xb0
[   82.267086][ T6542]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   82.272991][ T6542] RIP: 0033:0x7f05696617e9
[   82.277405][ T6542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48
[   82.297009][ T6542] RSP: 002b:00007ffd06461948 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   82.305512][ T6542] RAX: ffffffffffffffda RBX: 000000000001294d RCX: 00007f05696617e9
[   82.313491][ T6542] RDX: 00000000fffffff1 RSI: 0000000020000180 RDI: 0000000000000003
[   82.321586][ T6542] RBP: 0000000000000000 R08: 00007ffd064619b0 R09: 00007ffd064619b0
[   82.329565][ T6542] R10: 00007ffd064613d0 R11: 0000000000000246 R12: 00007ffd0646197c
[   82.337542][ T6542] R13: 00007ffd064619b0 R14: 00007ffd06461990 R15: 0000000000000002
[   82.345519][ T6542]  </TASK>
[   82.348588][ T6542] Kernel Offset: disabled
[   82.352915][ T6542] Rebooting in 86400 seconds..