Starting getty on tty2-tty6 if dbus and logind are not available...
Starting Permit User Sessions...
[[0;32m OK [0m] Started System Logging Service.
[[0;32m OK [0m] Started Permit User Sessions.
[[0;32m OK [0m] Started OpenBSD Secure Shell server.
[[0;32m OK [0m] Started getty on tty2-tty6 if dbus and logind are not available.
[[0;32m OK [0m] Started Getty on tty6.
[[0;32m OK [0m] Started Getty on tty5.
[[0;32m OK [0m] Started Getty on tty4.
[[0;32m OK [0m] Started Getty on tty3.
[[0;32m OK [0m] Started Getty on tty2.
[[0;32m OK [0m] Started Serial Getty on ttyS0.
[[0;32m OK [0m] Started Getty on tty1.
[[0;32m OK [0m] Reached target Login Prompts.
Starting Load/Save RF Kill Switch Status...
[[0;32m OK [0m] Reached target Multi-User System.
[[0;32m OK [0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[[0;32m OK [0m] Started Load/Save RF Kill Switch Status.
[[0;32m OK [0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.1.76' (ECDSA) to the list of known hosts.
2021/12/01 08:31:35 fuzzer started
2021/12/01 08:31:36 connecting to host at 10.128.0.169:41065
2021/12/01 08:31:36 checking machine...
2021/12/01 08:31:36 checking revisions...
2021/12/01 08:31:36 testing simple program...
syzkaller login: [ 75.633070][ T6551] cgroup: Unknown subsys name 'net'
[ 75.639825][ T6551]
[ 75.642167][ T6551] =========================
[ 75.646661][ T6551] WARNING: held lock freed!
[ 75.651165][ T6551] 5.16.0-rc3-next-20211201-syzkaller #0 Not tainted
[ 75.657816][ T6551] -------------------------
[ 75.662292][ T6551] syz-executor/6551 is freeing memory ffff88814ada7c00-ffff88814ada7dff, with a lock still held there!
[ 75.673401][ T6551] ffff88814ada7d48 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_destroy_root+0x81/0xb0
[ 75.683226][ T6551] 2 locks held by syz-executor/6551:
[ 75.688489][ T6551] #0: ffffffff8bbc4e48 (cgroup_mutex){+.+.}-{3:3}, at: cgroup_lock_and_drain_offline+0xa5/0x900
[ 75.699104][ T6551] #1: ffff88814ada7d48 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_destroy_root+0x81/0xb0
[ 75.709266][ T6551]
[ 75.709266][ T6551] stack backtrace:
[ 75.715151][ T6551] CPU: 1 PID: 6551 Comm: syz-executor Not tainted 5.16.0-rc3-next-20211201-syzkaller #0
[ 75.724854][ T6551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 75.734922][ T6551] Call Trace:
[ 75.738383][ T6551]
[ 75.741489][ T6551] dump_stack_lvl+0xcd/0x134
[ 75.746081][ T6551] debug_check_no_locks_freed.cold+0x9d/0xa9
[ 75.752057][ T6551] ? lockdep_hardirqs_on+0x79/0x100
[ 75.757248][ T6551] slab_free_freelist_hook+0x73/0x1c0
[ 75.762620][ T6551] ? kernfs_put.part.0+0x331/0x540
[ 75.767721][ T6551] kfree+0xe0/0x430
[ 75.771528][ T6551] ? kmem_cache_free+0xba/0x4a0
[ 75.776500][ T6551] ? rwlock_bug.part.0+0x90/0x90
[ 75.781435][ T6551] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 75.787803][ T6551] kernfs_put.part.0+0x331/0x540
[ 75.792771][ T6551] kernfs_put+0x42/0x50
[ 75.796925][ T6551] __kernfs_remove+0x7a3/0xb20
[ 75.801683][ T6551] ? kernfs_next_descendant_post+0x2f0/0x2f0
[ 75.807657][ T6551] ? down_write+0xde/0x150
[ 75.812062][ T6551] ? down_write_killable_nested+0x180/0x180
[ 75.817953][ T6551] kernfs_destroy_root+0x89/0xb0
[ 75.822902][ T6551] cgroup_setup_root+0x3a6/0xad0
[ 75.827846][ T6551] ? rebind_subsystems+0x10e0/0x10e0
[ 75.833138][ T6551] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 75.839375][ T6551] cgroup1_get_tree+0xd33/0x1390
[ 75.844326][ T6551] vfs_get_tree+0x89/0x2f0
[ 75.848737][ T6551] path_mount+0x1320/0x1fa0
[ 75.853252][ T6551] ? kmem_cache_free+0xba/0x4a0
[ 75.858095][ T6551] ? finish_automount+0xaf0/0xaf0
[ 75.863114][ T6551] ? putname+0xfe/0x140
[ 75.867271][ T6551] __x64_sys_mount+0x27f/0x300
[ 75.872321][ T6551] ? copy_mnt_ns+0xae0/0xae0
[ 75.876920][ T6551] ? syscall_enter_from_user_mode+0x21/0x70
[ 75.882820][ T6551] do_syscall_64+0x35/0xb0
[ 75.887234][ T6551] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 75.893259][ T6551] RIP: 0033:0x7f5e6dd8401a
[ 75.897662][ T6551] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 75.917277][ T6551] RSP: 002b:00007ffee84fa7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 75.925678][ T6551] RAX: ffffffffffffffda RBX: 00007ffee84fa978 RCX: 00007f5e6dd8401a
[ 75.933657][ T6551] RDX: 00007f5e6dde6fe2 RSI: 00007f5e6dddd29a RDI: 00007f5e6dddbd71
[ 75.941632][ T6551] RBP: 00007f5e6dddd29a R08: 00007f5e6dddd3f7 R09: 0000000000000026
[ 75.949590][ T6551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee84fa7f0
[ 75.957561][ T6551] R13: 00007ffee84fa998 R14: 00007ffee84fa8c0 R15: 00007f5e6dddd3f1
[ 75.965537][ T6551]
[ 75.970146][ T6551] ==================================================================
[ 75.978421][ T6551] BUG: KASAN: use-after-free in up_write+0x3ac/0x470
[ 75.985195][ T6551] Read of size 8 at addr ffff88814ada7d40 by task syz-executor/6551
[ 75.993174][ T6551]
[ 75.995599][ T6551] CPU: 0 PID: 6551 Comm: syz-executor Not tainted 5.16.0-rc3-next-20211201-syzkaller #0
[ 76.005526][ T6551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 76.015742][ T6551] Call Trace:
[ 76.019013][ T6551]
[ 76.021996][ T6551] dump_stack_lvl+0xcd/0x134
[ 76.026580][ T6551] print_address_description.constprop.0.cold+0xa5/0x3ed
[ 76.033597][ T6551] ? up_write+0x3ac/0x470
[ 76.037914][ T6551] ? up_write+0x3ac/0x470
[ 76.042227][ T6551] kasan_report.cold+0x83/0xdf
[ 76.046981][ T6551] ? up_write+0x3ac/0x470
[ 76.051297][ T6551] up_write+0x3ac/0x470
[ 76.055448][ T6551] cgroup_setup_root+0x3a6/0xad0
[ 76.060382][ T6551] ? rebind_subsystems+0x10e0/0x10e0
[ 76.065659][ T6551] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 76.071890][ T6551] cgroup1_get_tree+0xd33/0x1390
[ 76.076821][ T6551] vfs_get_tree+0x89/0x2f0
[ 76.081228][ T6551] path_mount+0x1320/0x1fa0
[ 76.085720][ T6551] ? kmem_cache_free+0xba/0x4a0
[ 76.090583][ T6551] ? finish_automount+0xaf0/0xaf0
[ 76.095701][ T6551] ? putname+0xfe/0x140
[ 76.099899][ T6551] __x64_sys_mount+0x27f/0x300
[ 76.104668][ T6551] ? copy_mnt_ns+0xae0/0xae0
[ 76.109246][ T6551] ? syscall_enter_from_user_mode+0x21/0x70
[ 76.115132][ T6551] do_syscall_64+0x35/0xb0
[ 76.119658][ T6551] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 76.125602][ T6551] RIP: 0033:0x7f5e6dd8401a
[ 76.130022][ T6551] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 76.150179][ T6551] RSP: 002b:00007ffee84fa7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 76.158694][ T6551] RAX: ffffffffffffffda RBX: 00007ffee84fa978 RCX: 00007f5e6dd8401a
[ 76.166837][ T6551] RDX: 00007f5e6dde6fe2 RSI: 00007f5e6dddd29a RDI: 00007f5e6dddbd71
[ 76.174938][ T6551] RBP: 00007f5e6dddd29a R08: 00007f5e6dddd3f7 R09: 0000000000000026
[ 76.182916][ T6551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee84fa7f0
[ 76.190875][ T6551] R13: 00007ffee84fa998 R14: 00007ffee84fa8c0 R15: 00007f5e6dddd3f1
[ 76.198837][ T6551]
[ 76.201839][ T6551]
[ 76.204144][ T6551] Allocated by task 6551:
[ 76.208449][ T6551] kasan_save_stack+0x1e/0x50
[ 76.213115][ T6551] __kasan_kmalloc+0xa9/0xd0
[ 76.217687][ T6551] kernfs_create_root+0x4c/0x410
[ 76.222625][ T6551] cgroup_setup_root+0x243/0xad0
[ 76.227552][ T6551] cgroup1_get_tree+0xd33/0x1390
[ 76.232473][ T6551] vfs_get_tree+0x89/0x2f0
[ 76.236881][ T6551] path_mount+0x1320/0x1fa0
[ 76.241369][ T6551] __x64_sys_mount+0x27f/0x300
[ 76.246117][ T6551] do_syscall_64+0x35/0xb0
[ 76.250755][ T6551] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 76.256773][ T6551]
[ 76.259077][ T6551] Freed by task 6551:
[ 76.263039][ T6551] kasan_save_stack+0x1e/0x50
[ 76.267701][ T6551] kasan_set_track+0x21/0x30
[ 76.272284][ T6551] kasan_set_free_info+0x20/0x30
[ 76.277205][ T6551] __kasan_slab_free+0x103/0x170
[ 76.282175][ T6551] slab_free_freelist_hook+0x8b/0x1c0
[ 76.287633][ T6551] kfree+0xe0/0x430
[ 76.291458][ T6551] kernfs_put.part.0+0x331/0x540
[ 76.296494][ T6551] kernfs_put+0x42/0x50
[ 76.300636][ T6551] __kernfs_remove+0x7a3/0xb20
[ 76.305394][ T6551] kernfs_destroy_root+0x89/0xb0
[ 76.310324][ T6551] cgroup_setup_root+0x3a6/0xad0
[ 76.315256][ T6551] cgroup1_get_tree+0xd33/0x1390
[ 76.320176][ T6551] vfs_get_tree+0x89/0x2f0
[ 76.324583][ T6551] path_mount+0x1320/0x1fa0
[ 76.329079][ T6551] __x64_sys_mount+0x27f/0x300
[ 76.333824][ T6551] do_syscall_64+0x35/0xb0
[ 76.338327][ T6551] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 76.344215][ T6551]
[ 76.346558][ T6551] The buggy address belongs to the object at ffff88814ada7c00
[ 76.346558][ T6551] which belongs to the cache kmalloc-512 of size 512
[ 76.360863][ T6551] The buggy address is located 320 bytes inside of
[ 76.360863][ T6551] 512-byte region [ffff88814ada7c00, ffff88814ada7e00)
[ 76.374392][ T6551] The buggy address belongs to the page:
[ 76.380006][ T6551] page:ffffea00052b6900 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14ada4
[ 76.390332][ T6551] head:ffffea00052b6900 order:2 compound_mapcount:0 compound_pincount:0
[ 76.398652][ T6551] flags: 0x57ff00000010200(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[ 76.406711][ T6551] raw: 057ff00000010200 ffffea000525c600 dead000000000002 ffff888010c41c80
[ 76.415366][ T6551] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 76.424029][ T6551] page dumped because: kasan: bad access detected
[ 76.430508][ T6551] page_owner tracks the page as allocated
[ 76.436198][ T6551] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 15332351958, free_ts 0
[ 76.454338][ T6551] get_page_from_freelist+0xa72/0x2f40
[ 76.459790][ T6551] __alloc_pages+0x1b2/0x500
[ 76.464500][ T6551] alloc_page_interleave+0x1e/0x200
[ 76.469684][ T6551] alloc_pages+0x29f/0x300
[ 76.474082][ T6551] new_slab+0x261/0x460
[ 76.478655][ T6551] ___slab_alloc+0x798/0xf30
[ 76.483538][ T6551] __slab_alloc.constprop.0+0x4d/0xa0
[ 76.490200][ T6551] __kmalloc_node_track_caller+0x2cb/0x360
[ 76.496043][ T6551] __alloc_skb+0xde/0x340
[ 76.500362][ T6551] inet6_netconf_notify_devconf+0xa0/0x1e0
[ 76.506158][ T6551] __addrconf_sysctl_register+0x269/0x3d0
[ 76.511877][ T6551] addrconf_sysctl_register+0x139/0x1d0
[ 76.517418][ T6551] ipv6_add_dev+0x96d/0x1160
[ 76.522087][ T6551] addrconf_notify+0x60e/0x1ba0
[ 76.526922][ T6551] call_netdevice_register_net_notifiers+0xdd/0x2b0
[ 76.533875][ T6551] register_netdevice_notifier+0xf5/0x260
[ 76.539757][ T6551] page_owner free stack trace missing
[ 76.545192][ T6551]
[ 76.547514][ T6551] Memory state around the buggy address:
[ 76.553216][ T6551] ffff88814ada7c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.561264][ T6551] ffff88814ada7c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.569308][ T6551] >ffff88814ada7d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.577346][ T6551] ^
[ 76.584177][ T6551] ffff88814ada7d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.592303][ T6551] ffff88814ada7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 76.600599][ T6551] ==================================================================
[ 76.612209][ T6551] Kernel panic - not syncing: panic_on_warn set ...
[ 76.618807][ T6551] CPU: 0 PID: 6551 Comm: syz-executor Tainted: G B 5.16.0-rc3-next-20211201-syzkaller #0
[ 76.630006][ T6551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 76.640064][ T6551] Call Trace:
[ 76.643341][ T6551]
[ 76.646269][ T6551] dump_stack_lvl+0xcd/0x134
[ 76.650874][ T6551] panic+0x2b0/0x6dd
[ 76.654865][ T6551] ? __warn_printk+0xf3/0xf3
[ 76.659457][ T6551] ? preempt_schedule_common+0x59/0xc0
[ 76.664911][ T6551] ? up_write+0x3ac/0x470
[ 76.669240][ T6551] ? preempt_schedule_thunk+0x16/0x18
[ 76.674618][ T6551] ? trace_hardirqs_on+0x38/0x1c0
[ 76.679721][ T6551] ? trace_hardirqs_on+0x51/0x1c0
[ 76.684827][ T6551] ? up_write+0x3ac/0x470
[ 76.689138][ T6551] ? up_write+0x3ac/0x470
[ 76.693473][ T6551] end_report.cold+0x63/0x6f
[ 76.698051][ T6551] kasan_report.cold+0x71/0xdf
[ 76.702897][ T6551] ? up_write+0x3ac/0x470
[ 76.707236][ T6551] up_write+0x3ac/0x470
[ 76.711409][ T6551] cgroup_setup_root+0x3a6/0xad0
[ 76.716364][ T6551] ? rebind_subsystems+0x10e0/0x10e0
[ 76.721664][ T6551] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 76.727921][ T6551] cgroup1_get_tree+0xd33/0x1390
[ 76.732861][ T6551] vfs_get_tree+0x89/0x2f0
[ 76.737277][ T6551] path_mount+0x1320/0x1fa0
[ 76.741782][ T6551] ? kmem_cache_free+0xba/0x4a0
[ 76.746640][ T6551] ? finish_automount+0xaf0/0xaf0
[ 76.751664][ T6551] ? putname+0xfe/0x140
[ 76.755822][ T6551] __x64_sys_mount+0x27f/0x300
[ 76.760588][ T6551] ? copy_mnt_ns+0xae0/0xae0
[ 76.765184][ T6551] ? syscall_enter_from_user_mode+0x21/0x70
[ 76.771168][ T6551] do_syscall_64+0x35/0xb0
[ 76.775580][ T6551] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 76.781558][ T6551] RIP: 0033:0x7f5e6dd8401a
[ 76.785968][ T6551] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 76.805751][ T6551] RSP: 002b:00007ffee84fa7e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 76.814247][ T6551] RAX: ffffffffffffffda RBX: 00007ffee84fa978 RCX: 00007f5e6dd8401a
[ 76.822309][ T6551] RDX: 00007f5e6dde6fe2 RSI: 00007f5e6dddd29a RDI: 00007f5e6dddbd71
[ 76.830294][ T6551] RBP: 00007f5e6dddd29a R08: 00007f5e6dddd3f7 R09: 0000000000000026
[ 76.838352][ T6551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffee84fa7f0
[ 76.847294][ T6551] R13: 00007ffee84fa998 R14: 00007ffee84fa8c0 R15: 00007f5e6dddd3f1
[ 76.855276][ T6551]
[ 76.858554][ T6551] Kernel Offset: disabled
[ 76.862863][ T6551] Rebooting in 86400 seconds..