[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.43' (ECDSA) to the list of known hosts.
syzkaller login: [   74.226390][ T8480] IPVS: ftp: loaded support on port[0] = 21
executing program
[   74.531913][ T8480] ==================================================================
[   74.540149][ T8480] BUG: KASAN: slab-out-of-bounds in add_adv_patterns_monitor+0x91f/0xa90
[   74.548600][ T8480] Read of size 1 at addr ffff888013251b29 by task syz-executor387/8480
[   74.556824][ T8480] 
[   74.559135][ T8480] CPU: 1 PID: 8480 Comm: syz-executor387 Not tainted 5.11.0-rc4-syzkaller #0
[   74.567885][ T8480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   74.577934][ T8480] Call Trace:
[   74.581204][ T8480]  dump_stack+0x107/0x163
[   74.585538][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   74.591245][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   74.596951][ T8480]  print_address_description.constprop.0.cold+0x5b/0x2f8
[   74.603977][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   74.609693][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   74.615400][ T8480]  kasan_report.cold+0x79/0xd5
[   74.620167][ T8480]  ? ____kasan_kmalloc.constprop.0+0x30/0xa0
[   74.626148][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   74.631860][ T8480]  add_adv_patterns_monitor+0x91f/0xa90
[   74.637410][ T8480]  ? add_advertising_complete+0x680/0x680
[   74.643123][ T8480]  ? lockdep_init_map_waits+0x26a/0x720
[   74.648666][ T8480]  ? get_device_flags+0x320/0x320
[   74.653687][ T8480]  hci_sock_sendmsg+0x1b98/0x21d0
[   74.658705][ T8480]  ? static_obj+0x60/0xc0
[   74.663021][ T8480]  ? hci_sock_compat_ioctl+0x80/0x80
[   74.668299][ T8480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   74.674531][ T8480]  ? hci_sock_compat_ioctl+0x80/0x80
[   74.679809][ T8480]  sock_sendmsg+0xcf/0x120
[   74.684215][ T8480]  sock_write_iter+0x289/0x3c0
[   74.688976][ T8480]  ? sock_sendmsg+0x120/0x120
[   74.693647][ T8480]  ? aa_path_link+0x2f0/0x2f0
[   74.698314][ T8480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   74.704560][ T8480]  new_sync_write+0x426/0x650
[   74.709231][ T8480]  ? new_sync_read+0x6e0/0x6e0
[   74.713988][ T8480]  ? apparmor_file_permission+0x26e/0x4e0
[   74.719714][ T8480]  vfs_write+0x791/0xa30
[   74.723949][ T8480]  ksys_write+0x1ee/0x250
[   74.728271][ T8480]  ? __ia32_sys_read+0xb0/0xb0
[   74.733021][ T8480]  ? syscall_enter_from_user_mode+0x1d/0x50
[   74.738918][ T8480]  do_syscall_64+0x2d/0x70
[   74.743319][ T8480]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   74.749227][ T8480] RIP: 0033:0x447579
[   74.753110][ T8480] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   74.772707][ T8480] RSP: 002b:00007ffe0f4194b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   74.781112][ T8480] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000447579
[   74.789078][ T8480] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 0000000000000004
[   74.797037][ T8480] RBP: 00000000018e1914 R08: 00000000018e1914 R09: 00007ffe0f4194a0
[   74.805005][ T8480] R10: 00007ffe0f4194c0 R11: 0000000000000246 R12: 0000000000000004
[   74.812960][ T8480] R13: 0000000000000072 R14: 00000000018e1914 R15: 0000000000000000
[   74.820930][ T8480] 
[   74.823240][ T8480] Allocated by task 8480:
[   74.827545][ T8480]  kasan_save_stack+0x1b/0x40
[   74.832212][ T8480]  ____kasan_kmalloc.constprop.0+0x82/0xa0
[   74.838013][ T8480]  hci_sock_sendmsg+0x9b8/0x21d0
[   74.842952][ T8480]  sock_sendmsg+0xcf/0x120
[   74.847351][ T8480]  sock_write_iter+0x289/0x3c0
[   74.852098][ T8480]  new_sync_write+0x426/0x650
[   74.856768][ T8480]  vfs_write+0x791/0xa30
[   74.860996][ T8480]  ksys_write+0x1ee/0x250
[   74.865314][ T8480]  do_syscall_64+0x2d/0x70
[   74.869715][ T8480]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   74.875595][ T8480] 
[   74.877899][ T8480] The buggy address belongs to the object at ffff888013251b20
[   74.877899][ T8480]  which belongs to the cache kmalloc-16 of size 16
[   74.891772][ T8480] The buggy address is located 9 bytes inside of
[   74.891772][ T8480]  16-byte region [ffff888013251b20, ffff888013251b30)
[   74.904778][ T8480] The buggy address belongs to the page:
[   74.910388][ T8480] page:00000000a4467645 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13251
[   74.920539][ T8480] flags: 0xfff00000000200(slab)
[   74.925378][ T8480] raw: 00fff00000000200 ffffea00004ed440 0000000300000003 ffff888010041b40
[   74.933955][ T8480] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000
[   74.942518][ T8480] page dumped because: kasan: bad access detected
[   74.948920][ T8480] 
[   74.951240][ T8480] Memory state around the buggy address:
[   74.956850][ T8480]  ffff888013251a00: fb fb fc fc fb fb fc fc 00 00 fc fc fb fb fc fc
[   74.964893][ T8480]  ffff888013251a80: 00 00 fc fc 00 00 fc fc fb fb fc fc 00 00 fc fc
[   74.972937][ T8480] >ffff888013251b00: 00 00 fc fc 00 01 fc fc fb fb fc fc fa fb fc fc
[   74.980990][ T8480]                                   ^
[   74.986383][ T8480]  ffff888013251b80: 00 00 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc
[   74.994428][ T8480]  ffff888013251c00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc
[   75.002470][ T8480] ==================================================================
[   75.010540][ T8480] Disabling lock debugging due to kernel taint
[   75.017227][ T8480] Kernel panic - not syncing: panic_on_warn set ...
[   75.023815][ T8480] CPU: 1 PID: 8480 Comm: syz-executor387 Tainted: G    B             5.11.0-rc4-syzkaller #0
[   75.033969][ T8480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   75.044022][ T8480] Call Trace:
[   75.047287][ T8480]  dump_stack+0x107/0x163
[   75.051605][ T8480]  ? add_adv_patterns_monitor+0x880/0xa90
[   75.057319][ T8480]  panic+0x306/0x73d
[   75.061214][ T8480]  ? __warn_printk+0xf3/0xf3
[   75.065790][ T8480]  ? preempt_schedule_common+0x59/0xc0
[   75.071231][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   75.076943][ T8480]  ? preempt_schedule_thunk+0x16/0x18
[   75.082298][ T8480]  ? trace_hardirqs_on+0x38/0x1c0
[   75.087308][ T8480]  ? trace_hardirqs_on+0x51/0x1c0
[   75.092326][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   75.098025][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   75.103724][ T8480]  end_report+0x58/0x5e
[   75.107864][ T8480]  kasan_report.cold+0x67/0xd5
[   75.112621][ T8480]  ? ____kasan_kmalloc.constprop.0+0x30/0xa0
[   75.118594][ T8480]  ? add_adv_patterns_monitor+0x91f/0xa90
[   75.124297][ T8480]  add_adv_patterns_monitor+0x91f/0xa90
[   75.129839][ T8480]  ? add_advertising_complete+0x680/0x680
[   75.135636][ T8480]  ? lockdep_init_map_waits+0x26a/0x720
[   75.141217][ T8480]  ? get_device_flags+0x320/0x320
[   75.146247][ T8480]  hci_sock_sendmsg+0x1b98/0x21d0
[   75.151260][ T8480]  ? static_obj+0x60/0xc0
[   75.155573][ T8480]  ? hci_sock_compat_ioctl+0x80/0x80
[   75.160846][ T8480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   75.167076][ T8480]  ? hci_sock_compat_ioctl+0x80/0x80
[   75.172372][ T8480]  sock_sendmsg+0xcf/0x120
[   75.176813][ T8480]  sock_write_iter+0x289/0x3c0
[   75.181589][ T8480]  ? sock_sendmsg+0x120/0x120
[   75.186283][ T8480]  ? aa_path_link+0x2f0/0x2f0
[   75.190944][ T8480]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   75.197171][ T8480]  new_sync_write+0x426/0x650
[   75.201830][ T8480]  ? new_sync_read+0x6e0/0x6e0
[   75.206580][ T8480]  ? apparmor_file_permission+0x26e/0x4e0
[   75.212293][ T8480]  vfs_write+0x791/0xa30
[   75.216520][ T8480]  ksys_write+0x1ee/0x250
[   75.220833][ T8480]  ? __ia32_sys_read+0xb0/0xb0
[   75.225592][ T8480]  ? syscall_enter_from_user_mode+0x1d/0x50
[   75.231470][ T8480]  do_syscall_64+0x2d/0x70
[   75.235873][ T8480]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   75.241754][ T8480] RIP: 0033:0x447579
[   75.245644][ T8480] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   75.265250][ T8480] RSP: 002b:00007ffe0f4194b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   75.273661][ T8480] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000447579
[   75.281615][ T8480] RDX: 0000000000000009 RSI: 0000000020000000 RDI: 0000000000000004
[   75.289568][ T8480] RBP: 00000000018e1914 R08: 00000000018e1914 R09: 00007ffe0f4194a0
[   75.297519][ T8480] R10: 00007ffe0f4194c0 R11: 0000000000000246 R12: 0000000000000004
[   75.305490][ T8480] R13: 0000000000000072 R14: 00000000018e1914 R15: 0000000000000000
[   75.313886][ T8480] Kernel Offset: disabled
[   75.318199][ T8480] Rebooting in 86400 seconds..