DUID 00:04:a3:03:08:15:93:78:e3:1f:4c:1c:fb:56:e6:f5:4b:05
forked to background, child pid 3172
[ 28.964914][ T3173] 8021q: adding VLAN 0 to HW filter on device bond0
[ 28.982910][ T3173] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.10.21' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 49.754253][ T3595] ==================================================================
[ 49.762546][ T3595] BUG: KASAN: vmalloc-out-of-bounds in ringbuf_map_alloc+0x725/0x7b0
[ 49.770629][ T3595] Write of size 8 at addr ffffc9000c7a9078 by task syz-executor070/3595
[ 49.778976][ T3595]
[ 49.781291][ T3595] CPU: 0 PID: 3595 Comm: syz-executor070 Not tainted 5.17.0-rc2-next-20220202-syzkaller #0
[ 49.791371][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.801416][ T3595] Call Trace:
[ 49.804684][ T3595]
[ 49.807607][ T3595] dump_stack_lvl+0xcd/0x134
[ 49.812213][ T3595] print_address_description.constprop.0.cold+0xf/0x3e0
[ 49.819162][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 49.824272][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 49.829378][ T3595] kasan_report.cold+0x83/0xdf
[ 49.834148][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 49.839258][ T3595] ringbuf_map_alloc+0x725/0x7b0
[ 49.844205][ T3595] ? bpf_ringbuf_output+0x220/0x220
[ 49.849411][ T3595] __sys_bpf+0xc0f/0x5f10
[ 49.853747][ T3595] ? bpf_link_get_from_fd+0x110/0x110
[ 49.859131][ T3595] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 49.865126][ T3595] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 49.871130][ T3595] ? find_held_lock+0x2d/0x110
[ 49.875922][ T3595] ? trace_hardirqs_on+0x38/0x1c0
[ 49.880948][ T3595] __x64_sys_bpf+0x75/0xb0
[ 49.885365][ T3595] ? syscall_enter_from_user_mode+0x21/0x70
[ 49.891264][ T3595] do_syscall_64+0x35/0xb0
[ 49.895679][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.901583][ T3595] RIP: 0033:0x7f26ddd0a029
[ 49.905996][ T3595] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.925599][ T3595] RSP: 002b:00007fff911fde88 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 49.934010][ T3595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f26ddd0a029
[ 49.942932][ T3595] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000000
[ 49.950897][ T3595] RBP: 00007f26ddcce010 R08: 0000000000000000 R09: 0000000000000000
[ 49.958859][ T3595] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f26ddcce0a0
[ 49.966847][ T3595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 49.975437][ T3595]
[ 49.978452][ T3595]
[ 49.980768][ T3595]
[ 49.983081][ T3595] Memory state around the buggy address:
[ 49.988698][ T3595] ffffc9000c7a8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 49.996750][ T3595] ffffc9000c7a8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 50.004889][ T3595] >ffffc9000c7a9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 50.012937][ T3595] ^
[ 50.020899][ T3595] ffffc9000c7a9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 50.028951][ T3595] ffffc9000c7a9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 50.036996][ T3595] ==================================================================
[ 50.045038][ T3595] Disabling lock debugging due to kernel taint
[ 50.051422][ T3595] Kernel panic - not syncing: panic_on_warn set ...
[ 50.058004][ T3595] CPU: 0 PID: 3595 Comm: syz-executor070 Tainted: G B 5.17.0-rc2-next-20220202-syzkaller #0
[ 50.069348][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.079385][ T3595] Call Trace:
[ 50.082651][ T3595]
[ 50.085565][ T3595] dump_stack_lvl+0xcd/0x134
[ 50.090144][ T3595] panic+0x2b0/0x605
[ 50.094035][ T3595] ? __warn_printk+0xf3/0xf3
[ 50.098612][ T3595] ? preempt_schedule_common+0x59/0xc0
[ 50.104054][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 50.109151][ T3595] ? preempt_schedule_thunk+0x16/0x18
[ 50.114509][ T3595] ? trace_hardirqs_on+0x38/0x1c0
[ 50.119517][ T3595] ? trace_hardirqs_on+0x51/0x1c0
[ 50.124523][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 50.129617][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 50.134711][ T3595] end_report.cold+0x63/0x6f
[ 50.139290][ T3595] kasan_report.cold+0x71/0xdf
[ 50.144058][ T3595] ? ringbuf_map_alloc+0x725/0x7b0
[ 50.149161][ T3595] ringbuf_map_alloc+0x725/0x7b0
[ 50.154088][ T3595] ? bpf_ringbuf_output+0x220/0x220
[ 50.159284][ T3595] __sys_bpf+0xc0f/0x5f10
[ 50.163607][ T3595] ? bpf_link_get_from_fd+0x110/0x110
[ 50.168978][ T3595] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 50.174958][ T3595] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 50.180946][ T3595] ? find_held_lock+0x2d/0x110
[ 50.185723][ T3595] ? trace_hardirqs_on+0x38/0x1c0
[ 50.190739][ T3595] __x64_sys_bpf+0x75/0xb0
[ 50.195153][ T3595] ? syscall_enter_from_user_mode+0x21/0x70
[ 50.201048][ T3595] do_syscall_64+0x35/0xb0
[ 50.205463][ T3595] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 50.211359][ T3595] RIP: 0033:0x7f26ddd0a029
[ 50.215811][ T3595] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.235410][ T3595] RSP: 002b:00007fff911fde88 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 50.243899][ T3595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f26ddd0a029
[ 50.251864][ T3595] RDX: 0000000000000048 RSI: 0000000020000280 RDI: 0000000000000000
[ 50.259824][ T3595] RBP: 00007f26ddcce010 R08: 0000000000000000 R09: 0000000000000000
[ 50.267885][ T3595] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007f26ddcce0a0
[ 50.275864][ T3595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 50.283829][ T3595]
[ 50.287081][ T3595] Kernel Offset: disabled
[ 50.291400][ T3595] Rebooting in 86400 seconds..