Warning: Permanently added '10.128.0.160' (ECDSA) to the list of known hosts.
2021/05/04 00:25:40 fuzzer started
2021/05/04 00:25:40 dialing manager at 10.128.0.169:34381
2021/05/04 00:25:41 syscalls: 3586
2021/05/04 00:25:41 code coverage: enabled
2021/05/04 00:25:41 comparison tracing: enabled
2021/05/04 00:25:41 extra coverage: enabled
2021/05/04 00:25:41 setuid sandbox: enabled
2021/05/04 00:25:41 namespace sandbox: enabled
2021/05/04 00:25:41 Android sandbox: /sys/fs/selinux/policy does not exist
2021/05/04 00:25:41 fault injection: enabled
2021/05/04 00:25:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2021/05/04 00:25:41 net packet injection: enabled
2021/05/04 00:25:41 net device setup: enabled
2021/05/04 00:25:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2021/05/04 00:25:41 devlink PCI setup: PCI device 0000:00:10.0 is not available
2021/05/04 00:25:41 USB emulation: enabled
2021/05/04 00:25:41 hci packet injection: enabled
2021/05/04 00:25:41 wifi device emulation: enabled
2021/05/04 00:25:41 802.15.4 emulation: enabled
2021/05/04 00:25:41 fetching corpus: 0, signal 0/2000 (executing program)
2021/05/04 00:25:41 fetching corpus: 50, signal 58175/61761 (executing program)
syzkaller login: [   78.402559][ T8443] ==================================================================
[   78.412182][ T8443] BUG: KASAN: use-after-free in __skb_datagram_iter+0x6b8/0x770
[   78.420080][ T8443] Read of size 4 at addr ffff88801dcb0004 by task syz-fuzzer/8443
[   78.428758][ T8443] 
[   78.431085][ T8443] CPU: 0 PID: 8443 Comm: syz-fuzzer Not tainted 5.12.0-rc8-next-20210423-syzkaller #0
[   78.441041][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   78.452457][ T8443] Call Trace:
[   78.455940][ T8443]  dump_stack+0x141/0x1d7
[   78.460471][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.466493][ T8443]  print_address_description.constprop.0.cold+0x5b/0x2f8
[   78.475373][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.480989][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.486705][ T8443]  kasan_report.cold+0x7c/0xd8
[   78.492085][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.497663][ T8443]  __skb_datagram_iter+0x6b8/0x770
[   78.503304][ T8443]  ? zerocopy_sg_from_iter+0x110/0x110
[   78.509570][ T8443]  skb_copy_datagram_iter+0x40/0x50
[   78.516421][ T8443]  tcp_recvmsg_locked+0x1048/0x22f0
[   78.522319][ T8443]  ? tcp_splice_read+0x8b0/0x8b0
[   78.528235][ T8443]  ? mark_held_locks+0x9f/0xe0
[   78.533579][ T8443]  ? __local_bh_enable_ip+0xa0/0x120
[   78.541118][ T8443]  tcp_recvmsg+0x134/0x550
[   78.548826][ T8443]  ? tcp_recvmsg_locked+0x22f0/0x22f0
[   78.554967][ T8443]  ? aa_sk_perm+0x311/0xab0
[   78.561050][ T8443]  inet_recvmsg+0x11b/0x5e0
[   78.567422][ T8443]  ? inet_sendpage+0x140/0x140
[   78.573955][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   78.582339][ T8443]  ? security_socket_recvmsg+0x8f/0xc0
[   78.589775][ T8443]  sock_read_iter+0x33c/0x470
[   78.598640][ T8443]  ? ____sys_recvmsg+0x600/0x600
[   78.605241][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   78.613497][ T8443]  ? fsnotify+0xa58/0x1060
[   78.618250][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   78.625113][ T8443]  new_sync_read+0x5b7/0x6e0
[   78.630623][ T8443]  ? ksys_lseek+0x1b0/0x1b0
[   78.635293][ T8443]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   78.641322][ T8443]  vfs_read+0x35c/0x570
[   78.645557][ T8443]  ksys_read+0x1ee/0x250
[   78.650037][ T8443]  ? vfs_write+0xa40/0xa40
[   78.654848][ T8443]  ? syscall_enter_from_user_mode+0x27/0x70
[   78.661429][ T8443]  do_syscall_64+0x3a/0xb0
[   78.666574][ T8443]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   78.673190][ T8443] RIP: 0033:0x4af19b
[   78.677310][ T8443] Code: fb ff eb bd e8 a6 b6 fb ff e9 61 ff ff ff cc e8 9b 82 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   78.713226][ T8443] RSP: 002b:000000c0007ea828 EFLAGS: 00000212 ORIG_RAX: 0000000000000000
[   78.724392][ T8443] RAX: ffffffffffffffda RBX: 000000c00001c000 RCX: 00000000004af19b
[   78.733269][ T8443] RDX: 0000000000001000 RSI: 000000c000198000 RDI: 0000000000000006
[   78.744507][ T8443] RBP: 000000c0007ea878 R08: 0000000000000001 R09: 0000000000000002
[   78.759288][ T8443] R10: 0000000000006493 R11: 0000000000000212 R12: 0000000000006478
[   78.768723][ T8443] R13: 0000000000000080 R14: 0000000000000040 R15: 0000000000000010
[   78.781162][ T8443] 
[   78.783750][ T8443] The buggy address belongs to the page:
[   78.789798][ T8443] page:ffffea0000772c00 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1dcb0
[   78.801024][ T8443] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   78.808168][ T8443] raw: 00fff00000000000 ffffea000075a808 ffffea0000734408 0000000000000000
[   78.817363][ T8443] raw: 0000000000000000 0000000000000003 00000000ffffff7f 0000000000000000
[   78.826685][ T8443] page dumped because: kasan: bad access detected
[   78.833179][ T8443] 
[   78.835506][ T8443] Memory state around the buggy address:
[   78.841311][ T8443]  ffff88801dcaff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   78.849916][ T8443]  ffff88801dcaff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   78.858214][ T8443] >ffff88801dcb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   78.866656][ T8443]                    ^
[   78.870980][ T8443]  ffff88801dcb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   78.880458][ T8443]  ffff88801dcb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   78.889123][ T8443] ==================================================================
[   78.898106][ T8443] Disabling lock debugging due to kernel taint
[   78.906318][ T8443] Kernel panic - not syncing: panic_on_warn set ...
[   78.913078][ T8443] CPU: 1 PID: 8443 Comm: syz-fuzzer Tainted: G    B             5.12.0-rc8-next-20210423-syzkaller #0
[   78.924717][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   78.935199][ T8443] Call Trace:
[   78.938641][ T8443]  dump_stack+0x141/0x1d7
[   78.943086][ T8443]  panic+0x306/0x73d
[   78.946984][ T8443]  ? __warn_printk+0xf3/0xf3
[   78.951643][ T8443]  ? preempt_schedule_common+0x59/0xc0
[   78.957109][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.962601][ T8443]  ? preempt_schedule_thunk+0x16/0x18
[   78.968009][ T8443]  ? trace_hardirqs_on+0x38/0x1c0
[   78.973302][ T8443]  ? trace_hardirqs_on+0x51/0x1c0
[   78.978515][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.983984][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   78.990281][ T8443]  end_report.cold+0x5a/0x5a
[   78.995449][ T8443]  kasan_report.cold+0x6a/0xd8
[   79.000545][ T8443]  ? __skb_datagram_iter+0x6b8/0x770
[   79.006183][ T8443]  __skb_datagram_iter+0x6b8/0x770
[   79.012045][ T8443]  ? zerocopy_sg_from_iter+0x110/0x110
[   79.019790][ T8443]  skb_copy_datagram_iter+0x40/0x50
[   79.026219][ T8443]  tcp_recvmsg_locked+0x1048/0x22f0
[   79.036316][ T8443]  ? tcp_splice_read+0x8b0/0x8b0
[   79.041292][ T8443]  ? mark_held_locks+0x9f/0xe0
[   79.046073][ T8443]  ? __local_bh_enable_ip+0xa0/0x120
[   79.051712][ T8443]  tcp_recvmsg+0x134/0x550
[   79.056310][ T8443]  ? tcp_recvmsg_locked+0x22f0/0x22f0
[   79.061998][ T8443]  ? aa_sk_perm+0x311/0xab0
[   79.066627][ T8443]  inet_recvmsg+0x11b/0x5e0
[   79.072569][ T8443]  ? inet_sendpage+0x140/0x140
[   79.077449][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.084580][ T8443]  ? security_socket_recvmsg+0x8f/0xc0
[   79.090561][ T8443]  sock_read_iter+0x33c/0x470
[   79.095527][ T8443]  ? ____sys_recvmsg+0x600/0x600
[   79.100814][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.107464][ T8443]  ? fsnotify+0xa58/0x1060
[   79.112343][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.119064][ T8443]  new_sync_read+0x5b7/0x6e0
[   79.123683][ T8443]  ? ksys_lseek+0x1b0/0x1b0
[   79.128919][ T8443]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   79.137293][ T8443]  vfs_read+0x35c/0x570
[   79.142345][ T8443]  ksys_read+0x1ee/0x250
[   79.147410][ T8443]  ? vfs_write+0xa40/0xa40
[   79.152212][ T8443]  ? syscall_enter_from_user_mode+0x27/0x70
[   79.158404][ T8443]  do_syscall_64+0x3a/0xb0
[   79.163028][ T8443]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   79.169990][ T8443] RIP: 0033:0x4af19b
[   79.174320][ T8443] Code: fb ff eb bd e8 a6 b6 fb ff e9 61 ff ff ff cc e8 9b 82 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   79.196599][ T8443] RSP: 002b:000000c0007ea828 EFLAGS: 00000212 ORIG_RAX: 0000000000000000
[   79.206381][ T8443] RAX: ffffffffffffffda RBX: 000000c00001c000 RCX: 00000000004af19b
[   79.214812][ T8443] RDX: 0000000000001000 RSI: 000000c000198000 RDI: 0000000000000006
[   79.223735][ T8443] RBP: 000000c0007ea878 R08: 0000000000000001 R09: 0000000000000002
[   79.232312][ T8443] R10: 0000000000006493 R11: 0000000000000212 R12: 0000000000006478
[   79.241727][ T8443] R13: 0000000000000080 R14: 0000000000000040 R15: 0000000000000010
[   79.251229][ T8443] Kernel Offset: disabled
[   79.255868][ T8443] Rebooting in 86400 seconds..