[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
Warning: Permanently added '10.128.1.4' (ECDSA) to the list of known hosts.
executing program
[[0m[0;31m*     [0m] A start job is running for dev-ttyS0.device (8s / 1min 30s)[K[[0;1;31m*[0m[0;31m*    [0m] A start job is running for dev-ttyS0.device (9s / 1min 30s)[K[[0;31m*[0;1;31m*[0m[0;31m*   [0m] A start job is running for dev-ttyS0.device (9s / 1min 30s)[K[ [0;31m*[0;1;31m*[0m[0;31m*  [0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)[K[  [0;31m*[0;1;31m*[0m[0;31m* [0m] A start job is running for dev-ttyS0.device (10s / 1min 30s)[K[   [0;31m*[0;1;31m*[0m[0;31m*[0m] A start job is running for dev-ttyS0.device (11s / 1min 30s)[K[    [0;31m*[0;1;31m*[0m] A start job is running for dev-ttyS0.device (11s / 1min 30s)[K[     [0;31m*[0m] A start job is running for dev-ttyS0.device (12s / 1min 30s)[K[    [0;31m*[0;1;31m*[0m] A start job is running for dev-ttyS0.device (12s / 1min 30s)[K[   [0;31m*[0;1;31m*[0m[0;31m*[0m] A start job is running for dev-ttyS0.device (13s / 1min 30s)[K[  [0;31m*[0;1;31m*[0m[0;31m* [0m] A start job is running for dev-ttyS0.device (13s / 1min 30s)[K[ [0;31m*[0;1;31m*[0m[0;31m*  [0m] A start job is running for dev-ttyS0.device (14s / 1min 30s)[K[[0;31m*[0;1;31m*[0m[0;31m*   [0m] A start job is running for dev-ttyS0.device (14s / 1min 30s)[K[[0;1;31m*[0m[0;31m*    [0m] A start job is running for dev-ttyS0.device (15s / 1min 30s)[K[[0m[0;31m*     [0m] A start job is running for dev-ttyS0.device (15s / 1min 30s)[K[[0;1;31m*[0m[0;31m*    [0m] A start job is running for dev-ttyS0.device (16s / 1min 30s)[K[[0;31m*[0;1;31m*[0m[0;31m*   [0m] A start job is running for dev-ttyS0.device (16s / 1min 30s)[   23.875063][   T22] audit: type=1400 audit(1611333137.585:8): avc:  denied  { execmem } for  pid=358 comm="syz-executor579" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   23.878780][  T359] FAULT_INJECTION: forcing a failure.
[   23.878780][  T359] name failslab, interval 1, probability 0, space 0, times 1
[   23.908358][  T359] CPU: 0 PID: 359 Comm: syz-executor579 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0
[   23.918394][  T359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   23.928426][  T359] Call Trace:
[   23.931712][  T359]  dump_stack+0x1dd/0x24e
[   23.936026][  T359]  ? devkmsg_release+0x11c/0x11c
[   23.940943][  T359]  ? show_regs_print_info+0x12/0x12
[   23.946131][  T359]  ? _raw_spin_unlock_irqrestore+0x57/0x80
[   23.951926][  T359]  ? __io_submit_sqe+0x174a/0x3b80
[   23.961459][  T359]  should_fail+0x6fb/0x860
[   23.965866][  T359]  ? setup_fault_attr+0x3d0/0x3d0
[   23.970861][  T359]  ? preempt_count_add+0x66/0x150
[   23.975860][  T359]  ? percpu_ref_tryget+0xdc/0x260
[   23.980866][  T359]  ? io_get_req+0x11b/0x5c0
[   23.985349][  T359]  should_failslab+0x5/0x20
[   23.989828][  T359]  kmem_cache_alloc+0x36/0x270
[   23.994582][  T359]  io_get_req+0x11b/0x5c0
[   23.998886][  T359]  io_submit_sqe+0x83/0xe90
[   24.003364][  T359]  ? __io_queue_sqe+0x21f/0xc70
[   24.008284][  T359]  __se_sys_io_uring_enter+0x8b6/0x1df0
[   24.013917][  T359]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[   24.019452][  T359]  ? __fsnotify_parent+0x310/0x310
executing program
[   24.024539][  T359]  ? check_preemption_disabled+0x15a/0x330
[   24.030406][  T359]  ? __ia32_sys_read+0x80/0x80
[   24.035257][  T359]  ? __x64_sys_io_uring_enter+0x1d/0xf0
[   24.041081][  T359]  do_syscall_64+0xcb/0x150
[   24.045574][  T359]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.051501][  T359] RIP: 0033:0x441629
[   24.055392][  T359] Code: e8 5c ae 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   24.074986][  T359] RSP: 002b:00007ffd815bb618 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   24.083385][  T359] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441629
[   24.091336][  T359] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[   24.099306][  T359] RBP: 00007ffd815bb640 R08: 0000000000000000 R09: 0000000000000000
[   24.107274][  T359] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   24.115238][  T359] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[   24.158893][  T360] FAULT_INJECTION: forcing a failure.
[   24.158893][  T360] name failslab, interval 1, probability 0, space 0, times 0
[   24.171588][  T360] CPU: 0 PID: 360 Comm: syz-executor579 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0
[   24.181642][  T360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   24.181646][  T360] Call Trace:
[   24.181666][  T360]  dump_stack+0x1dd/0x24e
[   24.181682][  T360]  ? devkmsg_release+0x11c/0x11c
[   24.204312][  T360]  ? show_regs_print_info+0x12/0x12
[   24.209518][  T360]  ? __rcu_read_lock+0x50/0x50
[   24.214436][  T360]  should_fail+0x6fb/0x860
[   24.218861][  T360]  ? setup_fault_attr+0x3d0/0x3d0
[   24.223883][  T360]  ? __fget+0x37c/0x3c0
[   24.228035][  T360]  ? io_req_defer+0x18c/0x5c0
[   24.232777][  T360]  should_failslab+0x5/0x20
[   24.237383][  T360]  kmem_cache_alloc_trace+0x39/0x290
[   24.242692][  T360]  io_req_defer+0x18c/0x5c0
[   24.248509][  T360]  ? io_submit_sqe+0x6cc/0xe90
[   24.253440][  T360]  io_queue_link_head+0x19c/0x5c0
[   24.258917][  T360]  __se_sys_io_uring_enter+0xbd1/0x1df0
[   24.264559][  T360]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[   24.270119][  T360]  ? __fsnotify_parent+0x310/0x310
[   24.275324][  T360]  ? check_preemption_disabled+0x15a/0x330
[   24.281133][  T360]  ? __ia32_sys_read+0x80/0x80
[   24.285897][  T360]  ? __x64_sys_io_uring_enter+0x1d/0xf0
[   24.291458][  T360]  do_syscall_64+0xcb/0x150
[   24.296079][  T360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.302671][  T360] RIP: 0033:0x441629
[   24.306544][  T360] Code: e8 5c ae 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   24.326226][  T360] RSP: 002b:00007ffd815bb618 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   24.334634][  T360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441629
[   24.342594][  T360] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[   24.351103][  T360] RBP: 00007ffd815bb640 R08: 0000000000000000 R09: 0000000000000000
[   24.359063][  T360] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   24.367366][  T360] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[K[ [0;31m*[[   24.375591][  T360] ==================================================================
[   24.384925][  T360] BUG: KASAN: use-after-free in io_queue_link_head+0x37a/0x5c0
[   24.392470][  T360] Read of size 8 at addr ffff8881e8c70050 by task syz-executor579/360
[   24.400618][  T360] 
[   24.402927][  T360] CPU: 0 PID: 360 Comm: syz-executor579 Not tainted 5.4.91-syzkaller-00438-g15cec007c4a8 #0
[   24.413059][  T360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   24.423101][  T360] Call Trace:
[   24.426383][  T360]  dump_stack+0x1dd/0x24e
[   24.430700][  T360]  ? show_regs_print_info+0x12/0x12
[   24.435890][  T360]  ? printk+0xcf/0x114
[   24.440676][  T360]  print_address_description+0x96/0x640
[   24.446205][  T360]  ? devkmsg_release+0x11c/0x11c
[   24.451126][  T360]  __kasan_report+0x177/0x1f0
[   24.455788][  T360]  ? io_queue_link_head+0x37a/0x5c0
[   24.460975][  T360]  kasan_report+0x30/0x60
[   24.465312][  T360]  io_queue_link_head+0x37a/0x5c0
[   24.470348][  T360]  __se_sys_io_uring_enter+0xbd1/0x1df0
[   24.475883][  T360]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[   24.481428][  T360]  ? __fsnotify_parent+0x310/0x310
[   24.486523][  T360]  ? check_preemption_disabled+0x15a/0x330
[   24.492315][  T360]  ? __ia32_sys_read+0x80/0x80
[   24.497077][  T360]  ? __x64_sys_io_uring_enter+0x1d/0xf0
[   24.502619][  T360]  do_syscall_64+0xcb/0x150
[   24.507106][  T360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.512979][  T360] RIP: 0033:0x441629
[   24.516852][  T360] Code: e8 5c ae 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   24.536458][  T360] RSP: 002b:00007ffd815bb618 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   24.544866][  T360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441629
[   24.552838][  T360] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[   24.560798][  T360] RBP: 00007ffd815bb640 R08: 0000000000000000 R09: 0000000000000000
[   24.568755][  T360] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   24.576738][  T360] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[   24.584697][  T360] 
[   24.587020][  T360] Allocated by task 360:
[   24.591246][  T360]  __kasan_kmalloc+0x129/0x1c0
[   24.595989][  T360]  kmem_cache_alloc+0x1e0/0x270
[   24.600821][  T360]  io_get_req+0x11b/0x5c0
[   24.605147][  T360]  io_submit_sqe+0x83/0xe90
[   24.609747][  T360]  __se_sys_io_uring_enter+0x8b6/0x1df0
[   24.615287][  T360]  do_syscall_64+0xcb/0x150
[   24.619775][  T360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.625637][  T360] 
[   24.627969][  T360] Freed by task 360:
[   24.631839][  T360]  __kasan_slab_free+0x17e/0x230
[   24.636766][  T360]  slab_free_freelist_hook+0xd0/0x150
[   24.642114][  T360]  kmem_cache_free+0xac/0x610
[   24.646775][  T360]  io_queue_link_head+0x364/0x5c0
[   24.651780][  T360]  __se_sys_io_uring_enter+0xbd1/0x1df0
[   24.657323][  T360]  do_syscall_64+0xcb/0x150
[   24.661811][  T360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.667687][  T360] 
[   24.669996][  T360] The buggy address belongs to the object at ffff8881e8c70000
[   24.669996][  T360]  which belongs to the cache io_kiocb of size 264
[   24.684017][  T360] The buggy address is located 80 bytes inside of
[   24.684017][  T360]  264-byte region [ffff8881e8c70000, ffff8881e8c70108)
[   24.697200][  T360] The buggy address belongs to the page:
[   24.702818][  T360] page:ffffea0007a31c00 refcount:1 mapcount:0 mapping:ffff8881f418c280 index:0x0 compound_mapcount: 0
[   24.713730][  T360] flags: 0x8000000000010200(slab|head)
[   24.719188][  T360] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f418c280
[   24.727856][  T360] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000
[   24.736432][  T360] page dumped because: kasan: bad access detected
[   24.742838][  T360] 
[   24.745141][  T360] Memory state around the buggy address:
[   24.750754][  T360]  ffff8881e8c6ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.758823][  T360]  ffff8881e8c6ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   24.766873][  T360] >ffff8881e8c70000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.774938][  T360]                                                  ^
[   24.781607][  T360]  ffff8881e8c70080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.790009][  T360]  ffff8881e8c70100: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.798072][  T360] ==================================================================
[   24.806140][  T360] Disabling lock debugging due to kernel taint
0;1;31m*[0m[0;[   24.812943][  T360] Kernel panic - not syncing: panic_on_warn set ...
[   24.820760][  T360] CPU: 0 PID: 360 Comm: syz-executor579 Tainted: G    B             5.4.91-syzkaller-00438-g15cec007c4a8 #0
[   24.832218][  T360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   24.842290][  T360] Call Trace:
[   24.845579][  T360]  dump_stack+0x1dd/0x24e
[   24.849900][  T360]  ? devkmsg_release+0x11c/0x11c
[   24.854816][  T360]  ? show_regs_print_info+0x12/0x12
[   24.859995][  T360]  panic+0x285/0x750
[   24.863870][  T360]  ? add_taint+0x3e/0x90
[   24.868106][  T360]  ? nmi_panic+0x90/0x90
[   24.872326][  T360]  ? ___preempt_schedule+0x16/0x20
[   24.878148][  T360]  __kasan_report+0x1e8/0x1f0
[   24.882821][  T360]  ? io_queue_link_head+0x37a/0x5c0
[   24.888010][  T360]  kasan_report+0x30/0x60
[   24.892327][  T360]  io_queue_link_head+0x37a/0x5c0
[   24.897795][  T360]  __se_sys_io_uring_enter+0xbd1/0x1df0
[   24.903352][  T360]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[   24.908907][  T360]  ? __fsnotify_parent+0x310/0x310
[   24.914000][  T360]  ? check_preemption_disabled+0x15a/0x330
[   24.919804][  T360]  ? __ia32_sys_read+0x80/0x80
[   24.924561][  T360]  ? __x64_sys_io_uring_enter+0x1d/0xf0
[   24.930088][  T360]  do_syscall_64+0xcb/0x150
[   24.934607][  T360]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   24.940488][  T360] RIP: 0033:0x441629
[   24.944372][  T360] Code: e8 5c ae 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   24.963970][  T360] RSP: 002b:00007ffd815bb618 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   24.972374][  T360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441629
[   24.980339][  T360] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[   24.988332][  T360] RBP: 00007ffd815bb640 R08: 0000000000000000 R09: 0000000000000000
[   24.996302][  T360] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
[   25.004262][  T360] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
[   25.012755][  T360] Kernel Offset: disabled
[   25.017065][  T360] Rebooting in 86400 seconds..