[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 59.947962][ T27] audit: type=1800 audit(1575617010.807:25): pid=8785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 59.976096][ T27] audit: type=1800 audit(1575617010.807:26): pid=8785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 60.046628][ T27] audit: type=1800 audit(1575617010.807:27): pid=8785 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 75.827468][ T8941] IPVS: ftp: loaded support on port[0] = 21 [ 75.863757][ T3674] BUG: unable to handle page fault for address: fffff52000600000 [ 75.871673][ T3674] #PF: supervisor read access in kernel mode [ 75.877745][ T3674] #PF: error_code(0x0000) - not-present page [ 75.883816][ T3674] PGD 21ffee067 P4D 21ffee067 PUD aa51c067 PMD a8171067 PTE 0 [ 75.891264][ T3674] Oops: 0000 [#1] PREEMPT SMP KASAN [ 75.897196][ T3674] CPU: 1 PID: 3674 Comm: ion_system_heap Not tainted 5.4.0-syzkaller #0 [ 75.905497][ T3674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.915549][ T3674] RIP: 0010:check_memory_region+0x9c/0x1a0 [ 75.921349][ T3674] Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80 [ 75.941116][ T3674] RSP: 0018:ffffc9000c987ab8 EFLAGS: 00010212 [ 75.947958][ T3674] RAX: fffff52000600000 RBX: fffff52000601600 RCX: ffffffff85dd9ce9 [ 75.956017][ T3674] RDX: 0000000000000001 RSI: 000000000000b000 RDI: ffffc90003000000 [ 75.964074][ T3674] RBP: ffffc9000c987ad0 R08: fffff52000601600 R09: 0000000000001600 [ 75.972171][ T3674] R10: fffff520006015ff R11: ffffc9000300afff R12: fffff52000600000 [ 75.980181][ T3674] R13: 000000000000b000 R14: 0000000000000000 R15: ffffc9000c987d08 [ 75.988250][ T3674] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 75.997445][ T3674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.004312][ T3674] CR2: fffff52000600000 CR3: 00000000a2bc9000 CR4: 00000000001406e0 [ 76.012282][ T3674] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.020396][ T3674] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.028578][ T3674] Call Trace: [ 76.032090][ T3674] memset+0x24/0x40 [ 76.035903][ T3674] ion_heap_clear_pages+0x49/0x70 [ 76.041268][ T3674] ion_heap_sglist_zero+0x245/0x270 [ 76.046479][ T3674] ? ion_heap_deferred_free+0x630/0x630 [ 76.054599][ T3674] ? mark_lock+0xc2/0x1220 [ 76.060689][ T3674] ? __kasan_check_read+0x11/0x20 [ 76.066287][ T3674] ? __lock_acquire+0x16f2/0x4a00 [ 76.072093][ T3674] ? finish_wait+0x18c/0x260 [ 76.076691][ T3674] ? find_held_lock+0x35/0x130 [ 76.081453][ T3674] ? ion_heap_deferred_free+0x295/0x630 [ 76.087013][ T3674] ? pgprot_writecombine+0x5e/0xf0 [ 76.092114][ T3674] ? pagerange_is_ram_callback+0x130/0x130 [ 76.098428][ T3674] ? ion_heap_deferred_free+0x295/0x630 [ 76.104311][ T3674] ion_heap_buffer_zero+0xf5/0x150 [ 76.109609][ T3674] ion_system_heap_free+0x1eb/0x250 [ 76.114997][ T3674] ion_buffer_destroy+0x159/0x2d0 [ 76.120054][ T3674] ion_heap_deferred_free+0x29d/0x630 [ 76.125485][ T3674] ? ion_heap_shrink_scan+0x1d0/0x1d0 [ 76.130869][ T3674] ? trace_hardirqs_on+0x67/0x240 [ 76.136019][ T3674] ? finish_wait+0x260/0x260 [ 76.140852][ T3674] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 76.147105][ T3674] ? __kthread_parkme+0x108/0x1c0 [ 76.152131][ T3674] ? __kasan_check_read+0x11/0x20 [ 76.157607][ T3674] kthread+0x361/0x430 [ 76.161872][ T3674] ? ion_heap_shrink_scan+0x1d0/0x1d0 [ 76.167338][ T3674] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 76.173048][ T3674] ret_from_fork+0x24/0x30 [ 76.177530][ T3674] Modules linked in: [ 76.181683][ T3674] CR2: fffff52000600000 [ 76.186959][ T3674] ---[ end trace afd3d48af9633dba ]--- [ 76.193799][ T3674] RIP: 0010:check_memory_region+0x9c/0x1a0 [ 76.199744][ T3674] Code: c9 4d 0f 49 c1 49 c1 f8 03 45 85 c0 0f 84 10 01 00 00 41 83 e8 01 4e 8d 44 c0 08 eb 0d 48 83 c0 08 4c 39 c0 0f 84 a7 00 00 00 <48> 83 38 00 74 ed 4c 8d 40 08 eb 09 48 83 c0 01 49 39 c0 74 53 80 [ 76.219911][ T3674] RSP: 0018:ffffc9000c987ab8 EFLAGS: 00010212 [ 76.226063][ T3674] RAX: fffff52000600000 RBX: fffff52000601600 RCX: ffffffff85dd9ce9 [ 76.234041][ T3674] RDX: 0000000000000001 RSI: 000000000000b000 RDI: ffffc90003000000 [ 76.242440][ T3674] RBP: ffffc9000c987ad0 R08: fffff52000601600 R09: 0000000000001600 [ 76.250725][ T3674] R10: fffff520006015ff R11: ffffc9000300afff R12: fffff52000600000 [ 76.259979][ T3674] R13: 000000000000b000 R14: 0000000000000000 R15: ffffc9000c987d08 [ 76.268583][ T3674] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 76.277717][ T3674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.284296][ T3674] CR2: fffff52000600000 CR3: 00000000a2bc9000 CR4: 00000000001406e0 [ 76.293619][ T3674] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.301789][ T3674] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.309928][ T3674] Kernel panic - not syncing: Fatal exception [ 76.317639][ T3674] Kernel Offset: disabled [ 76.324633][ T3674] Rebooting in 86400 seconds..