Warning: Permanently added '10.128.0.40' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 76.756203][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 76.756217][ T26] audit: type=1400 audit(1566082720.076:36): avc: denied { map } for pid=10278 comm="syz-executor911" path="/root/syz-executor911575627" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program executing program [ 76.989390][T10310] ================================================================== [ 76.997504][T10310] BUG: KASAN: null-ptr-deref in queue_work_on+0xa6/0x210 [ 77.004520][T10310] Write of size 8 at addr 0000000000000050 by task syz-executor911/10310 [ 77.012915][T10310] [ 77.015242][T10310] CPU: 1 PID: 10310 Comm: syz-executor911 Not tainted 5.3.0-rc4+ #106 [ 77.023381][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.033428][T10310] Call Trace: [ 77.036726][T10310] dump_stack+0x172/0x1f0 [ 77.041053][T10310] ? queue_work_on+0xa6/0x210 [ 77.045729][T10310] ? queue_work_on+0xa6/0x210 [ 77.050407][T10310] __kasan_report.cold+0x5/0x36 [ 77.055259][T10310] ? queue_work_on+0xa6/0x210 [ 77.059930][T10310] ? slc_setup+0x260/0x260 [ 77.064344][T10310] kasan_report+0x12/0x17 [ 77.068677][T10310] check_memory_region+0x134/0x1a0 [ 77.073783][T10310] ? slc_setup+0x260/0x260 [ 77.078193][T10310] __kasan_check_write+0x14/0x20 [ 77.083124][T10310] queue_work_on+0xa6/0x210 [ 77.087623][T10310] ? slc_setup+0x260/0x260 [ 77.092032][T10310] slcan_write_wakeup+0x66/0x90 [ 77.096877][T10310] ? pty_write_room+0xf0/0xf0 [ 77.101547][T10310] tty_wakeup+0xe9/0x120 [ 77.105785][T10310] ? pty_write_room+0xf0/0xf0 [ 77.110461][T10310] pty_unthrottle+0x37/0x60 [ 77.114963][T10310] tty_unthrottle+0xab/0x110 [ 77.119561][T10310] ? n_tty_kick_worker+0x240/0x240 [ 77.124667][T10310] __tty_perform_flush+0x1b3/0x200 [ 77.129772][T10310] n_tty_ioctl_helper+0x1cc/0x3b0 [ 77.134789][T10310] n_tty_ioctl+0x59/0x370 [ 77.139117][T10310] ? ldsem_down_read+0x33/0x40 [ 77.143878][T10310] tty_ioctl+0xaf9/0x14f0 [ 77.148205][T10310] ? n_tty_receive_signal_char+0x120/0x120 [ 77.154005][T10310] ? do_tty_hangup+0x30/0x30 [ 77.158590][T10310] ? tomoyo_path_number_perm+0x459/0x520 [ 77.164223][T10310] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 77.170461][T10310] ? tomoyo_path_number_perm+0x263/0x520 [ 77.176089][T10310] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 77.181900][T10310] ? ___might_sleep+0x163/0x280 [ 77.186747][T10310] ? do_tty_hangup+0x30/0x30 [ 77.191334][T10310] do_vfs_ioctl+0xdb6/0x13e0 [ 77.195926][T10310] ? ioctl_preallocate+0x210/0x210 [ 77.201032][T10310] ? selinux_file_mprotect+0x620/0x620 [ 77.206485][T10310] ? __fget+0x384/0x560 [ 77.210639][T10310] ? ksys_dup3+0x3e0/0x3e0 [ 77.215053][T10310] ? calculate_sigpending+0x86/0xa0 [ 77.220247][T10310] ? __kasan_check_read+0x11/0x20 [ 77.225267][T10310] ? tomoyo_file_ioctl+0x23/0x30 [ 77.230199][T10310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.236436][T10310] ? security_file_ioctl+0x8d/0xc0 [ 77.241547][T10310] ksys_ioctl+0xab/0xd0 [ 77.245701][T10310] __x64_sys_ioctl+0x73/0xb0 [ 77.250289][T10310] do_syscall_64+0xfd/0x6a0 [ 77.254796][T10310] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.260680][T10310] RIP: 0033:0x446859 [ 77.264568][T10310] Code: e8 9c b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.284167][T10310] RSP: 002b:00007fb37b09dd18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 77.292568][T10310] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446859 [ 77.300529][T10310] RDX: 0000000000000000 RSI: 000000000000540b RDI: 0000000000000003 [ 77.308488][T10310] RBP: 00000000006dbc30 R08: 00007fb37b09e700 R09: 0000000000000000 [ 77.316450][T10310] R10: 00007fb37b09e700 R11: 0000000000000246 R12: 00000000006dbc3c [ 77.324413][T10310] R13: 00007ffcd37cba0f R14: 00007fb37b09e9c0 R15: 20c49ba5e353f7cf [ 77.332399][T10310] ================================================================== [ 77.340450][T10310] Kernel panic - not syncing: panic_on_warn set ... [ 77.347031][T10310] CPU: 1 PID: 10310 Comm: syz-executor911 Tainted: G B 5.3.0-rc4+ #106 [ 77.356561][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.366626][T10310] Call Trace: [ 77.369916][T10310] dump_stack+0x172/0x1f0 [ 77.374247][T10310] panic+0x2dc/0x755 [ 77.378137][T10310] ? add_taint.cold+0x16/0x16 [ 77.382811][T10310] ? queue_work_on+0xa6/0x210 [ 77.387480][T10310] ? trace_hardirqs_off+0x62/0x240 [ 77.392582][T10310] ? trace_hardirqs_off+0x59/0x240 [ 77.397689][T10310] ? queue_work_on+0xa6/0x210 [ 77.402366][T10310] end_report+0x47/0x4f [ 77.406516][T10310] ? queue_work_on+0xa6/0x210 [ 77.411192][T10310] __kasan_report.cold+0xe/0x36 [ 77.416055][T10310] ? queue_work_on+0xa6/0x210 [ 77.420725][T10310] ? slc_setup+0x260/0x260 [ 77.425135][T10310] kasan_report+0x12/0x17 [ 77.429567][T10310] check_memory_region+0x134/0x1a0 [ 77.434673][T10310] ? slc_setup+0x260/0x260 [ 77.439079][T10310] __kasan_check_write+0x14/0x20 [ 77.444009][T10310] queue_work_on+0xa6/0x210 [ 77.448501][T10310] ? slc_setup+0x260/0x260 [ 77.452907][T10310] slcan_write_wakeup+0x66/0x90 [ 77.457750][T10310] ? pty_write_room+0xf0/0xf0 [ 77.462422][T10310] tty_wakeup+0xe9/0x120 [ 77.466658][T10310] ? pty_write_room+0xf0/0xf0 [ 77.471328][T10310] pty_unthrottle+0x37/0x60 [ 77.475826][T10310] tty_unthrottle+0xab/0x110 [ 77.480409][T10310] ? n_tty_kick_worker+0x240/0x240 [ 77.485514][T10310] __tty_perform_flush+0x1b3/0x200 [ 77.490623][T10310] n_tty_ioctl_helper+0x1cc/0x3b0 [ 77.495643][T10310] n_tty_ioctl+0x59/0x370 [ 77.499965][T10310] ? ldsem_down_read+0x33/0x40 [ 77.504724][T10310] tty_ioctl+0xaf9/0x14f0 [ 77.509048][T10310] ? n_tty_receive_signal_char+0x120/0x120 [ 77.514846][T10310] ? do_tty_hangup+0x30/0x30 [ 77.519431][T10310] ? tomoyo_path_number_perm+0x459/0x520 [ 77.525060][T10310] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 77.531294][T10310] ? tomoyo_path_number_perm+0x263/0x520 [ 77.536921][T10310] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 77.542729][T10310] ? ___might_sleep+0x163/0x280 [ 77.547576][T10310] ? do_tty_hangup+0x30/0x30 [ 77.552168][T10310] do_vfs_ioctl+0xdb6/0x13e0 [ 77.556751][T10310] ? ioctl_preallocate+0x210/0x210 [ 77.561860][T10310] ? selinux_file_mprotect+0x620/0x620 [ 77.567312][T10310] ? __fget+0x384/0x560 [ 77.571467][T10310] ? ksys_dup3+0x3e0/0x3e0 [ 77.575877][T10310] ? calculate_sigpending+0x86/0xa0 [ 77.581068][T10310] ? __kasan_check_read+0x11/0x20 [ 77.586088][T10310] ? tomoyo_file_ioctl+0x23/0x30 [ 77.591023][T10310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.597351][T10310] ? security_file_ioctl+0x8d/0xc0 [ 77.602459][T10310] ksys_ioctl+0xab/0xd0 [ 77.606613][T10310] __x64_sys_ioctl+0x73/0xb0 [ 77.611203][T10310] do_syscall_64+0xfd/0x6a0 [ 77.615712][T10310] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.621931][T10310] RIP: 0033:0x446859 [ 77.625818][T10310] Code: e8 9c b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.645412][T10310] RSP: 002b:00007fb37b09dd18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 77.653814][T10310] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446859 [ 77.661781][T10310] RDX: 0000000000000000 RSI: 000000000000540b RDI: 0000000000000003 [ 77.669742][T10310] RBP: 00000000006dbc30 R08: 00007fb37b09e700 R09: 0000000000000000 [ 77.677711][T10310] R10: 00007fb37b09e700 R11: 0000000000000246 R12: 00000000006dbc3c [ 77.685673][T10310] R13: 00007ffcd37cba0f R14: 00007fb37b09e9c0 R15: 20c49ba5e353f7cf [ 77.694772][T10310] Kernel Offset: disabled [ 77.699093][T10310] Rebooting in 86400 seconds..