Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.231' (ECDSA) to the list of known hosts. 2021/04/23 00:49:20 fuzzer started 2021/04/23 00:49:21 dialing manager at 10.128.0.169:37359 2021/04/23 00:49:21 syscalls: 3560 2021/04/23 00:49:21 code coverage: enabled 2021/04/23 00:49:21 comparison tracing: enabled 2021/04/23 00:49:21 extra coverage: enabled 2021/04/23 00:49:21 setuid sandbox: enabled 2021/04/23 00:49:21 namespace sandbox: enabled 2021/04/23 00:49:21 Android sandbox: /sys/fs/selinux/policy does not exist 2021/04/23 00:49:21 fault injection: enabled 2021/04/23 00:49:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/04/23 00:49:21 net packet injection: enabled 2021/04/23 00:49:21 net device setup: enabled 2021/04/23 00:49:21 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/04/23 00:49:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/04/23 00:49:21 USB emulation: enabled 2021/04/23 00:49:21 hci packet injection: enabled 2021/04/23 00:49:21 wifi device emulation: enabled 2021/04/23 00:49:21 802.15.4 emulation: enabled 2021/04/23 00:49:21 fetching corpus: 0, signal 0/2000 (executing program) syzkaller login: [ 70.019690][ T8464] BUG: unable to handle page fault for address: 000011d0ffffea08 [ 70.027460][ T8464] #PF: supervisor read access in kernel mode [ 70.033441][ T8464] #PF: error_code(0x0000) - not-present page [ 70.039426][ T8464] PGD 0 P4D 0 [ 70.042807][ T8464] Oops: 0000 [#1] PREEMPT SMP KASAN [ 70.048007][ T8464] CPU: 0 PID: 8464 Comm: systemd-udevd Not tainted 5.12.0-rc8-next-20210422-syzkaller #0 [ 70.057837][ T8464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.067895][ T8464] RIP: 0010:stack_depot_save+0x12b/0x4e0 [ 70.073557][ T8464] Code: 05 da 55 b8 0c 89 da 81 e2 ff ff 0f 00 4c 8d 3c d0 4d 8b 37 4d 85 f6 75 11 e9 94 00 00 00 4d 8b 36 4d 85 f6 0f 84 88 00 00 00 <41> 39 5e 08 75 ee 45 3b 66 0c 75 e8 31 c0 49 8b 4c c6 18 48 39 4c [ 70.093182][ T8464] RSP: 0018:ffffc9000171f790 EFLAGS: 00010206 [ 70.099309][ T8464] RAX: ffff88823b000000 RBX: 00000000c3959de3 RCX: 0000000000000003 [ 70.107285][ T8464] RDX: 0000000000059de3 RSI: 0000000000000800 RDI: 00000000c0bd4def [ 70.115240][ T8464] RBP: ffffc9000171f800 R08: 0000000095f83906 R09: 0000000000000000 [ 70.123195][ T8464] R10: 0000000000000001 R11: 0000000000000000 R12: 000000000000000c [ 70.131162][ T8464] R13: 000000000000000c R14: 000011d0ffffea00 R15: ffff88823b2cef18 [ 70.139119][ T8464] FS: 00007f76660568c0(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 70.148031][ T8464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.154598][ T8464] CR2: 000011d0ffffea08 CR3: 00000000153c5000 CR4: 00000000001506f0 [ 70.162557][ T8464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.170511][ T8464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.178499][ T8464] Call Trace: [ 70.181780][ T8464] ? kfree+0xe5/0x7f0 [ 70.185751][ T8464] kasan_save_stack+0x32/0x40 [ 70.190415][ T8464] ? kasan_save_stack+0x1b/0x40 [ 70.195253][ T8464] ? kasan_set_track+0x1c/0x30 [ 70.200001][ T8464] ? kasan_set_free_info+0x20/0x30 [ 70.205101][ T8464] ? __kasan_slab_free+0xfb/0x130 [ 70.210117][ T8464] ? slab_free_freelist_hook+0xdf/0x240 [ 70.215678][ T8464] ? kfree+0xe5/0x7f0 [ 70.219755][ T8464] ? tomoyo_path_number_perm+0x441/0x590 [ 70.225380][ T8464] ? security_path_chmod+0xe0/0x150 [ 70.230568][ T8464] ? chmod_common+0x156/0x440 [ 70.235237][ T8464] ? __x64_sys_fchmod+0x10e/0x190 [ 70.240247][ T8464] ? do_syscall_64+0x3a/0xb0 [ 70.244840][ T8464] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.250906][ T8464] ? find_held_lock+0x2d/0x110 [ 70.255675][ T8464] ? debug_check_no_obj_freed+0x20c/0x420 [ 70.261383][ T8464] ? mark_held_locks+0x9f/0xe0 [ 70.266135][ T8464] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 70.271927][ T8464] ? lockdep_hardirqs_on+0x79/0x100 [ 70.277130][ T8464] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 70.282924][ T8464] ? debug_check_no_obj_freed+0x20c/0x420 [ 70.288632][ T8464] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 70.294871][ T8464] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 70.301114][ T8464] kasan_set_track+0x1c/0x30 [ 70.305694][ T8464] kasan_set_free_info+0x20/0x30 [ 70.310617][ T8464] __kasan_slab_free+0xfb/0x130 [ 70.315465][ T8464] slab_free_freelist_hook+0xdf/0x240 [ 70.320823][ T8464] kfree+0xe5/0x7f0 [ 70.324635][ T8464] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 70.330864][ T8464] ? tomoyo_path_number_perm+0x441/0x590 [ 70.336500][ T8464] tomoyo_path_number_perm+0x441/0x590 [ 70.341966][ T8464] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 70.347801][ T8464] ? down_write+0xe0/0x150 [ 70.352204][ T8464] ? down_write_killable+0x170/0x170 [ 70.357488][ T8464] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 70.363732][ T8464] security_path_chmod+0xe0/0x150 [ 70.368753][ T8464] chmod_common+0x156/0x440 [ 70.373244][ T8464] ? __ia32_sys_chroot+0x330/0x330 [ 70.378356][ T8464] ? __context_tracking_exit+0xb8/0xe0 [ 70.383802][ T8464] __x64_sys_fchmod+0x10e/0x190 [ 70.388651][ T8464] do_syscall_64+0x3a/0xb0 [ 70.393053][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.398930][ T8464] RIP: 0033:0x7f7664ec85c7 [ 70.403329][ T8464] Code: 73 01 c3 48 8b 0d d1 d8 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 5b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d8 2b 00 f7 d8 64 89 01 48 [ 70.422921][ T8464] RSP: 002b:00007fff48f51e48 EFLAGS: 00000213 ORIG_RAX: 000000000000005b [ 70.431339][ T8464] RAX: ffffffffffffffda RBX: 0000000000000124 RCX: 00007f7664ec85c7 [ 70.439299][ T8464] RDX: 0000000000000124 RSI: 0000000000000124 RDI: 000000000000000f [ 70.447271][ T8464] RBP: 000000000000000f R08: 000000000000c0c1 R09: 0000000000000000 [ 70.455236][ T8464] R10: 00007fff48f51e80 R11: 0000000000000213 R12: 0000000000000018 [ 70.463189][ T8464] R13: 00007fff48f51e70 R14: 0000565397997920 R15: 000000000000000e [ 70.471146][ T8464] Modules linked in: [ 70.475021][ T8464] CR2: 000011d0ffffea08 [ 70.483169][ T8464] ---[ end trace 45515646a23d9650 ]--- [ 70.490594][ T8464] RIP: 0010:stack_depot_save+0x12b/0x4e0 [ 70.497113][ T8464] Code: 05 da 55 b8 0c 89 da 81 e2 ff ff 0f 00 4c 8d 3c d0 4d 8b 37 4d 85 f6 75 11 e9 94 00 00 00 4d 8b 36 4d 85 f6 0f 84 88 00 00 00 <41> 39 5e 08 75 ee 45 3b 66 0c 75 e8 31 c0 49 8b 4c c6 18 48 39 4c [ 70.519099][ T8464] RSP: 0018:ffffc9000171f790 EFLAGS: 00010206 [ 70.525240][ T8464] RAX: ffff88823b000000 RBX: 00000000c3959de3 RCX: 0000000000000003 [ 70.533306][ T8464] RDX: 0000000000059de3 RSI: 0000000000000800 RDI: 00000000c0bd4def [ 70.545113][ T8464] RBP: ffffc9000171f800 R08: 0000000095f83906 R09: 0000000000000000 [ 70.556928][ T8464] R10: 0000000000000001 R11: 0000000000000000 R12: 000000000000000c 2021/04/23 00:49:22 fetching corpus: 50, signal 42786/46551 (executing program) [ 70.566362][ T8464] R13: 000000000000000c R14: 000011d0ffffea00 R15: ffff88823b2cef18 [ 70.575007][ T8464] FS: 00007f76660568c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 70.584746][ T8464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.591985][ T8464] CR2: 000000c000838000 CR3: 00000000153c5000 CR4: 00000000001506e0 [ 70.600802][ T8464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.608818][ T8464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.617915][ T8464] Kernel panic - not syncing: Fatal exception [ 70.624644][ T8464] Kernel Offset: disabled [ 70.628960][ T8464] Rebooting in 86400 seconds..