[ 41.053398] audit: type=1400 audit(1583411707.983:37): avc: denied { map } for pid=6845 comm="syz-fuzzer" path="/root/syzkaller-shm631057478" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 41.310856] IPVS: ftp: loaded support on port[0] = 21 [ 42.454704] can: request_module (can-proto-0) failed. [ 42.463762] can: request_module (can-proto-0) failed. [ 42.622286] audit: type=1400 audit(1583411709.553:38): avc: denied { create } for pid=6845 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 42.646456] audit: type=1400 audit(1583411709.553:39): avc: denied { create } for pid=6845 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 42.670083] audit: type=1400 audit(1583411709.553:40): avc: denied { create } for pid=6845 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 42.917686] random: sshd: uninitialized urandom read (32 bytes read) [ 43.655592] random: sshd: uninitialized urandom read (32 bytes read) [ 43.821055] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.164' (ECDSA) to the list of known hosts. 2020/03/05 12:35:17 parsed 1 programs 2020/03/05 12:35:17 executed programs: 0 [ 50.780917] IPVS: ftp: loaded support on port[0] = 21 [ 51.535333] IPVS: ftp: loaded support on port[0] = 21 [ 51.585836] chnl_net:caif_netlink_parms(): no params data found [ 51.627006] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.633780] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.641067] device bridge_slave_0 entered promiscuous mode [ 51.649943] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.656453] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.663745] device bridge_slave_1 entered promiscuous mode [ 51.663922] IPVS: ftp: loaded support on port[0] = 21 [ 51.691933] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 51.710977] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 51.741200] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 51.748451] team0: Port device team_slave_0 added [ 51.759578] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 51.766794] team0: Port device team_slave_1 added [ 51.774179] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 51.783090] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 51.792066] chnl_net:caif_netlink_parms(): no params data found [ 51.851186] IPVS: ftp: loaded support on port[0] = 21 [ 51.871890] device hsr_slave_0 entered promiscuous mode [ 51.910353] device hsr_slave_1 entered promiscuous mode [ 51.990808] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 51.997892] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.042309] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.048779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.055818] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.062197] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.087881] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.094328] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.101284] device bridge_slave_0 entered promiscuous mode [ 52.109227] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.116504] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.123452] device bridge_slave_1 entered promiscuous mode [ 52.132389] chnl_net:caif_netlink_parms(): no params data found [ 52.154456] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.172608] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.214059] IPVS: ftp: loaded support on port[0] = 21 [ 52.231613] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.238042] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.245501] device bridge_slave_0 entered promiscuous mode [ 52.252706] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.259042] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.266276] device bridge_slave_1 entered promiscuous mode [ 52.272498] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 52.279488] team0: Port device team_slave_0 added [ 52.285242] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.292359] team0: Port device team_slave_1 added [ 52.297750] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.305791] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.391926] device hsr_slave_0 entered promiscuous mode [ 52.460395] device hsr_slave_1 entered promiscuous mode [ 52.513790] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 52.542603] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.551524] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 52.558979] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.591413] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 52.597481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.625823] IPVS: ftp: loaded support on port[0] = 21 [ 52.631740] chnl_net:caif_netlink_parms(): no params data found [ 52.648476] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 52.655515] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.673051] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.679912] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 52.689639] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 52.722001] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 52.729040] team0: Port device team_slave_0 added [ 52.737685] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 52.745045] team0: Port device team_slave_1 added [ 52.750456] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 52.757981] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 52.797983] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 52.862989] device hsr_slave_0 entered promiscuous mode [ 52.900353] device hsr_slave_1 entered promiscuous mode [ 52.950253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.957086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.966258] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 52.972500] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.984574] chnl_net:caif_netlink_parms(): no params data found [ 53.002012] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.026131] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.032637] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.039579] device bridge_slave_0 entered promiscuous mode [ 53.047922] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.057761] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.068463] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.075519] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.082667] device bridge_slave_1 entered promiscuous mode [ 53.094388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.102333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.109833] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.116220] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.136325] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.152013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.159942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.169387] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.175767] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.198159] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.206039] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.212770] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.219752] device bridge_slave_0 entered promiscuous mode [ 53.228415] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.235022] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.241936] device bridge_slave_1 entered promiscuous mode [ 53.261428] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.269106] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.279406] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.294406] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.302796] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.313183] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.326601] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.333689] team0: Port device team_slave_0 added [ 53.339644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.357218] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 53.364485] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.371988] team0: Port device team_slave_1 added [ 53.379227] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.387394] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 53.401331] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.408426] team0: Port device team_slave_0 added [ 53.414284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 53.421994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.429443] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.439353] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.456558] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.464036] team0: Port device team_slave_1 added [ 53.469453] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.476958] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.490903] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 53.532155] device hsr_slave_0 entered promiscuous mode [ 53.570279] device hsr_slave_1 entered promiscuous mode [ 53.610727] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.622533] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.651283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 53.659092] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.669235] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 53.732121] device hsr_slave_0 entered promiscuous mode [ 53.770289] device hsr_slave_1 entered promiscuous mode [ 53.827603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 53.835076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.849084] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 53.856130] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.864053] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.873968] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 53.882318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.890446] chnl_net:caif_netlink_parms(): no params data found [ 53.906767] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 53.917519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.929115] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.938033] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.945970] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 53.957464] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.979022] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 53.992129] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.006207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.017069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.024289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.033406] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.039478] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.056389] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.087845] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.094495] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.101636] device bridge_slave_0 entered promiscuous mode [ 54.107885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.116406] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.124245] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.130654] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.148434] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.156544] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.165873] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.175586] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.183706] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.190713] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.198311] device bridge_slave_1 entered promiscuous mode [ 54.205482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.213290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.221831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.229686] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.236071] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.245053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.261789] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.268500] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.285032] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 54.299721] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.310573] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.319437] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.326342] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.334600] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.350492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.358223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.365266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.374685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.387237] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.395527] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.413762] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.428840] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.446915] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.457665] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 54.464274] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.471442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.479445] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.488244] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.494661] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.506413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.514230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.527468] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 54.536242] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.565946] ================================================================== [ 54.573449] BUG: KASAN: use-after-free in _copy_to_user+0x84/0xb0 [ 54.579663] Read of size 931 at addr ffff88806cfffff3 by task syz-executor.2/6990 [ 54.587258] [ 54.588867] CPU: 0 PID: 6990 Comm: syz-executor.2 Not tainted 4.14.172-syzkaller #0 [ 54.596646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.606003] Call Trace: [ 54.608578] dump_stack+0xf7/0x13b [ 54.612098] ? _copy_to_user+0x84/0xb0 [ 54.615973] print_address_description.cold.7+0x9/0x1c9 [ 54.621315] ? _copy_to_user+0x84/0xb0 [ 54.625185] kasan_report.cold.8+0x11a/0x2d3 [ 54.629574] check_memory_region+0x13e/0x1b0 [ 54.633961] kasan_check_read+0x11/0x20 [ 54.637912] _copy_to_user+0x84/0xb0 [ 54.641609] bpf_test_finish.isra.5+0xd5/0x170 [ 54.646345] ? bpf_test_run+0x2d0/0x2d0 [ 54.650315] ? kvm_clock_read+0x23/0x40 [ 54.654269] ? kvm_clock_get_cycles+0x9/0x10 [ 54.658670] ? ktime_get+0x13c/0x240 [ 54.662366] ? bpf_test_run+0x210/0x2d0 [ 54.666320] ? eth_gro_receive+0x880/0x880 [ 54.670540] bpf_prog_test_run_skb+0x66d/0xbc0 [ 54.675544] ? bpf_test_init.isra.6+0xa0/0xa0 [ 54.680036] ? __bpf_prog_get+0x128/0x170 [ 54.684167] SyS_bpf+0x97e/0x28d3 [ 54.687608] ? bpf_prog_get+0x10/0x10 [ 54.691386] ? kasan_check_read+0x11/0x20 [ 54.695521] ? _copy_to_user+0x91/0xb0 [ 54.699396] ? put_timespec64+0xa4/0xf0 [ 54.703363] ? nsecs_to_jiffies+0x20/0x20 [ 54.707495] ? SyS_clock_gettime+0x115/0x160 [ 54.711894] ? do_syscall_64+0x4c/0x5b0 [ 54.715863] ? bpf_prog_get+0x10/0x10 [ 54.719645] do_syscall_64+0x1c7/0x5b0 [ 54.723512] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 54.728339] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 54.733516] RIP: 0033:0x459829 [ 54.736686] RSP: 002b:00007ffb69243c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 54.744393] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 54.751643] RDX: 0000000000000028 RSI: 0000000020000140 RDI: 000000000000000a [ 54.758893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 54.766140] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffb692446d4 [ 54.773392] R13: 00000000004bfb92 R14: 00000000004d1758 R15: 00000000ffffffff [ 54.780651] [ 54.782260] The buggy address belongs to the page: [ 54.787181] page:ffffea0001b3ffc0 count:0 mapcount:0 mapping: (null) index:0x0 [ 54.795441] flags: 0x1fffc0000000000() [ 54.799338] raw: 01fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff [ 54.807198] raw: ffffea0001b3ffe0 ffffea0001b3ffe0 0000000000000000 0000000000000000 [ 54.815066] page dumped because: kasan: bad access detected [ 54.820759] [ 54.822974] Memory state around the buggy address: [ 54.827885] ffff88806cfffe80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.835221] ffff88806cffff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.842566] >ffff88806cffff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 54.849904] ^ [ 54.856990] ffff88806d000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 54.864340] ffff88806d000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 54.871690] ================================================================== [ 54.879031] Disabling lock debugging due to kernel taint [ 54.889618] Kernel panic - not syncing: panic_on_warn set ... [ 54.889618] [ 54.897011] CPU: 0 PID: 6990 Comm: syz-executor.2 Tainted: G B 4.14.172-syzkaller #0 [ 54.905997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.915449] Call Trace: [ 54.918021] dump_stack+0xf7/0x13b [ 54.921551] ? _copy_to_user+0x84/0xb0 [ 54.925439] panic+0x1b0/0x358 [ 54.928611] ? add_taint.cold.5+0x11/0x11 [ 54.932752] ? ___preempt_schedule+0x16/0x18 [ 54.937140] ? _copy_to_user+0x84/0xb0 [ 54.941007] kasan_end_report+0x47/0x4f [ 54.944962] kasan_report.cold.8+0x76/0x2d3 [ 54.949265] check_memory_region+0x13e/0x1b0 [ 54.953670] kasan_check_read+0x11/0x20 [ 54.957619] _copy_to_user+0x84/0xb0 [ 54.961309] bpf_test_finish.isra.5+0xd5/0x170 [ 54.965866] ? bpf_test_run+0x2d0/0x2d0 [ 54.969822] ? kvm_clock_read+0x23/0x40 [ 54.973773] ? kvm_clock_get_cycles+0x9/0x10 [ 54.978169] ? ktime_get+0x13c/0x240 [ 54.981863] ? bpf_test_run+0x210/0x2d0 [ 54.985819] ? eth_gro_receive+0x880/0x880 [ 54.990034] bpf_prog_test_run_skb+0x66d/0xbc0 [ 54.994606] ? bpf_test_init.isra.6+0xa0/0xa0 [ 54.999260] ? __bpf_prog_get+0x128/0x170 [ 55.003412] SyS_bpf+0x97e/0x28d3 [ 55.006895] ? bpf_prog_get+0x10/0x10 [ 55.010675] ? kasan_check_read+0x11/0x20 [ 55.014802] ? _copy_to_user+0x91/0xb0 [ 55.018670] ? put_timespec64+0xa4/0xf0 [ 55.022624] ? nsecs_to_jiffies+0x20/0x20 [ 55.026768] ? SyS_clock_gettime+0x115/0x160 [ 55.031154] ? do_syscall_64+0x4c/0x5b0 [ 55.035105] ? bpf_prog_get+0x10/0x10 [ 55.038882] do_syscall_64+0x1c7/0x5b0 [ 55.042747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.047565] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 55.052730] RIP: 0033:0x459829 [ 55.055907] RSP: 002b:00007ffb69243c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 55.063620] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 55.070874] RDX: 0000000000000028 RSI: 0000000020000140 RDI: 000000000000000a [ 55.078136] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 55.085401] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffb692446d4 [ 55.092751] R13: 00000000004bfb92 R14: 00000000004d1758 R15: 00000000ffffffff [ 55.101428] Kernel Offset: disabled [ 55.105054] Rebooting in 86400 seconds..