[ OK ] Started Regular background program processing daemon. Starting getty on tty2-tty6 if dbus and logind are not available... [ OK ] Started Daily Cleanup of Temporary Directories. [ OK ] Reached target Timers. Starting Permit User Sessions... [ OK ] Started System Logging Service. [ 62.978595][ T8166] sshd (8166) used greatest stack depth: 22912 bytes left [ OK ] Started Permit User Sessions. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.59' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 82.468490][ T35] audit: type=1400 audit(1608690678.021:8): avc: denied { execmem } for pid=8499 comm="syz-executor383" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 82.492686][ T3852] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 82.500516][ T3852] #PF: supervisor read access in kernel mode [ 82.506487][ T3852] #PF: error_code(0x0000) - not-present page [ 82.512456][ T3852] PGD 2d993067 P4D 2d993067 PUD 19a3c067 PMD 0 [ 82.518715][ T3852] Oops: 0000 [#1] PREEMPT SMP KASAN [ 82.523914][ T3852] CPU: 1 PID: 3852 Comm: kworker/1:2 Not tainted 5.10.0-syzkaller #0 [ 82.531978][ T3852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.542039][ T3852] Workqueue: events free_ipc [ 82.546653][ T3852] RIP: 0010:kasan_record_aux_stack+0x77/0xb0 [ 82.552643][ T3852] Code: 48 f7 fe 8b 47 24 49 89 f0 48 29 d3 8d 70 ff 41 0f af f0 48 01 ce 48 39 f3 48 0f 46 f3 e8 81 e9 ff ff bf 00 08 00 00 48 89 c3 <8b> 40 08 89 43 0c e8 1e e6 ff ff 89 43 08 5b c3 48 8b 50 08 48 c7 [ 82.572257][ T3852] RSP: 0018:ffffc90002e6fae8 EFLAGS: 00010046 [ 82.578329][ T3852] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888039800000 [ 82.586300][ T3852] RDX: 0000000000000078 RSI: ffff888039800000 RDI: 0000000000000800 [ 82.594268][ T3852] RBP: ffffffff837ef3a0 R08: 0000000000400000 R09: 000000000000002e [ 82.602234][ T3852] R10: ffffffff8132b7ea R11: 000000000000003f R12: 0000000000035b40 [ 82.610218][ T3852] R13: ffff888039800088 R14: ffffc90002e6fc08 R15: 0000000000000200 [ 82.618190][ T3852] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 82.627119][ T3852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.633702][ T3852] CR2: 0000000000000008 CR3: 0000000011841000 CR4: 00000000001506e0 [ 82.641684][ T3852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.649652][ T3852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.657628][ T3852] Call Trace: [ 82.660906][ T3852] call_rcu+0xbb/0x710 [ 82.664983][ T3852] ? sem_more_checks+0xa0/0xa0 [ 82.669747][ T3852] ipc_rcu_putref+0x83/0xb0 [ 82.674248][ T3852] freeary+0x139c/0x1b30 [ 82.678495][ T3852] ? newary+0xc60/0xc60 [ 82.682664][ T3852] ? rwlock_bug.part.0+0x90/0x90 [ 82.687606][ T3852] ? __radix_tree_lookup+0x211/0x2a0 [ 82.692897][ T3852] free_ipcs+0x98/0x1e0 [ 82.697052][ T3852] ? newary+0xc60/0xc60 [ 82.701312][ T3852] sem_exit_ns+0x1b/0x40 [ 82.705558][ T3852] free_ipc+0xf8/0x200 [ 82.709629][ T3852] process_one_work+0x98d/0x1630 [ 82.714571][ T3852] ? pwq_dec_nr_in_flight+0x320/0x320 [ 82.719943][ T3852] ? rwlock_bug.part.0+0x90/0x90 [ 82.724884][ T3852] ? _raw_spin_lock_irq+0x41/0x50 [ 82.729923][ T3852] worker_thread+0x64c/0x1120 [ 82.734604][ T3852] ? __kthread_parkme+0x13f/0x1e0 [ 82.739624][ T3852] ? process_one_work+0x1630/0x1630 [ 82.744843][ T3852] kthread+0x3b1/0x4a0 [ 82.748909][ T3852] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 82.754799][ T3852] ret_from_fork+0x1f/0x30 [ 82.759238][ T3852] Modules linked in: [ 82.763125][ T3852] CR2: 0000000000000008 [ 82.767274][ T3852] ---[ end trace 28dc093e61d44dc2 ]--- [ 82.772719][ T3852] RIP: 0010:kasan_record_aux_stack+0x77/0xb0 [ 82.778701][ T3852] Code: 48 f7 fe 8b 47 24 49 89 f0 48 29 d3 8d 70 ff 41 0f af f0 48 01 ce 48 39 f3 48 0f 46 f3 e8 81 e9 ff ff bf 00 08 00 00 48 89 c3 <8b> 40 08 89 43 0c e8 1e e6 ff ff 89 43 08 5b c3 48 8b 50 08 48 c7 [ 82.798307][ T3852] RSP: 0018:ffffc90002e6fae8 EFLAGS: 00010046 [ 82.804390][ T3852] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888039800000 [ 82.812360][ T3852] RDX: 0000000000000078 RSI: ffff888039800000 RDI: 0000000000000800 [ 82.820333][ T3852] RBP: ffffffff837ef3a0 R08: 0000000000400000 R09: 000000000000002e [ 82.828300][ T3852] R10: ffffffff8132b7ea R11: 000000000000003f R12: 0000000000035b40 [ 82.836282][ T3852] R13: ffff888039800088 R14: ffffc90002e6fc08 R15: 0000000000000200 [ 82.844253][ T3852] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 82.853183][ T3852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.859764][ T3852] CR2: 0000000000000008 CR3: 0000000011841000 CR4: 00000000001506e0 [ 82.867735][ T3852] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.875708][ T3852] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.883680][ T3852] Kernel panic - not syncing: Fatal exception [ 82.890233][ T3852] Kernel Offset: disabled [ 82.894591][ T3852] Rebooting in 86400 seconds..