[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 26.450819] sshd (5598) used greatest stack depth: 16200 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.690777] kauditd_printk_skb: 7 callbacks suppressed [ 26.690789] audit: type=1800 audit(1540855575.858:29): pid=5533 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 26.724956] audit: type=1800 audit(1540855575.858:30): pid=5533 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 31.489555] sshd (5671) used greatest stack depth: 15744 bytes left Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts. executing program [ 38.034019] FAULT_INJECTION: forcing a failure. [ 38.034019] name failslab, interval 1, probability 0, space 0, times 1 [ 38.045912] CPU: 0 PID: 5687 Comm: syz-executor385 Not tainted 4.19.0-next-20181029+ #100 [ 38.054214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.063552] Call Trace: [ 38.066135] dump_stack+0x244/0x39d [ 38.069752] ? dump_stack_print_info.cold.1+0x20/0x20 [ 38.074932] ? kernel_text_address+0x79/0xf0 [ 38.079336] should_fail.cold.4+0xa/0x17 [ 38.083391] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 38.088488] ? save_stack+0xa9/0xd0 [ 38.092103] ? save_stack+0x43/0xd0 [ 38.095721] ? kmem_cache_alloc_trace+0x152/0x750 [ 38.100548] ? vfs_new_fs_context+0x5e/0x77c [ 38.104948] ? do_mount+0xbfc/0x1ff0 [ 38.108651] ? ksys_mount+0x12d/0x140 [ 38.112441] ? __x64_sys_mount+0xbe/0x150 [ 38.116578] ? do_syscall_64+0x1b9/0x820 [ 38.120640] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 38.126011] ? find_held_lock+0x36/0x1c0 [ 38.130078] ? perf_trace_sched_process_exec+0x860/0x860 [ 38.135521] ? lockref_get+0x42/0x50 [ 38.139229] ? lock_downgrade+0x900/0x900 [ 38.143371] __should_failslab+0x124/0x180 [ 38.147680] should_failslab+0x9/0x14 [ 38.151481] kmem_cache_alloc_trace+0x2d7/0x750 [ 38.156147] ? rcu_read_lock_sched_held+0x14f/0x180 [ 38.161199] ? kmem_cache_alloc_trace+0x353/0x750 [ 38.166050] legacy_init_fs_context+0x187/0x230 [ 38.170775] ? vfs_dup_fs_context+0x400/0x400 [ 38.175269] vfs_new_fs_context+0x3f4/0x77c [ 38.179584] do_mount+0xbfc/0x1ff0 [ 38.183111] ? lock_release+0xa10/0xa10 [ 38.187079] ? copy_mount_string+0x40/0x40 [ 38.191317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.196848] ? _copy_from_user+0xdf/0x150 [ 38.200985] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.206513] ? copy_mount_options+0x315/0x430 [ 38.210995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.216529] ksys_mount+0x12d/0x140 [ 38.220153] __x64_sys_mount+0xbe/0x150 [ 38.224119] do_syscall_64+0x1b9/0x820 [ 38.227995] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 38.233346] ? syscall_return_slowpath+0x5e0/0x5e0 [ 38.238263] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 38.243092] ? trace_hardirqs_on_caller+0x310/0x310 [ 38.248096] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 38.253096] ? prepare_exit_to_usermode+0x291/0x3b0 [ 38.258105] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 38.262938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 38.268111] RIP: 0033:0x440339 [ 38.271296] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 38.290191] RSP: 002b:00007ffe2209f3b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 38.297888] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440339 [ 38.305146] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 38.312494] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000035 [ 38.319759] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000003 [ 38.327022] R13: ffffffffffffffff R14: 0000000000000000 R15: 0000000000000000 [ 38.335402] kasan: CONFIG_KASAN_INLINE enabled [ 38.340081] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 38.347524] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 38.353759] CPU: 0 PID: 5687 Comm: syz-executor385 Not tainted 4.19.0-next-20181029+ #100 [ 38.362207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.371648] RIP: 0010:put_fs_context+0x31/0x5a0 [ 38.376311] Code: 56 41 55 41 54 53 48 89 fb 4c 8d ab 98 00 00 00 48 83 ec 18 e8 10 25 9f ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 03 05 00 00 4c 8b a3 98 00 00 00 4d 85 e4 74 66 [ 38.395307] RSP: 0018:ffff8801ba447bd8 EFLAGS: 00010207 [ 38.400662] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffffff81d99d2e [ 38.407920] RDX: 0000000000000011 RSI: ffffffff81e04360 RDI: fffffffffffffff4 [ 38.415179] RBP: ffff8801ba447c18 R08: ffff8801d59e0680 R09: 0000000000000000 [ 38.422436] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c938ac30 [ 38.429694] R13: 000000000000008c R14: ffff8801c92784c0 R15: 0000000000000000 [ 38.436948] FS: 0000000000a61880(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 38.445163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.451030] CR2: 0000000000455210 CR3: 00000001d7169000 CR4: 00000000001406f0 [ 38.458342] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 38.465604] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 38.472869] Call Trace: [ 38.475452] do_mount+0xda4/0x1ff0 [ 38.478978] ? lock_release+0xa10/0xa10 [ 38.483007] ? copy_mount_string+0x40/0x40 [ 38.487241] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.492764] ? _copy_from_user+0xdf/0x150 [ 38.496899] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.502425] ? copy_mount_options+0x315/0x430 [ 38.506911] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 38.512535] ksys_mount+0x12d/0x140 [ 38.516153] __x64_sys_mount+0xbe/0x150 [ 38.520112] do_syscall_64+0x1b9/0x820 [ 38.523983] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 38.529334] ? syscall_return_slowpath+0x5e0/0x5e0 [ 38.534352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 38.539205] ? trace_hardirqs_on_caller+0x310/0x310 [ 38.544211] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 38.549214] ? prepare_exit_to_usermode+0x291/0x3b0 [ 38.554220] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 38.559050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 38.564222] RIP: 0033:0x440339 [ 38.567399] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 38.586343] RSP: 002b:00007ffe2209f3b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 38.594044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440339 [ 38.601349] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 38.608614] RBP: 00000000006cb018 R08: 0000000000000000 R09: 0000000000000035 [ 38.615876] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000003 [ 38.623131] R13: ffffffffffffffff R14: 0000000000000000 R15: 0000000000000000 [ 38.630386] Modules linked in: [ 38.634099] ---[ end trace 9653fb4ba53c3c1b ]--- [ 38.639021] RIP: 0010:put_fs_context+0x31/0x5a0 [ 38.643682] Code: 56 41 55 41 54 53 48 89 fb 4c 8d ab 98 00 00 00 48 83 ec 18 e8 10 25 9f ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 03 05 00 00 4c 8b a3 98 00 00 00 4d 85 e4 74 66 [ 38.662654] RSP: 0018:ffff8801ba447bd8 EFLAGS: 00010207 [ 38.668042] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffffff81d99d2e [ 38.675347] RDX: 0000000000000011 RSI: ffffffff81e04360 RDI: fffffffffffffff4 [ 38.682620] RBP: ffff8801ba447c18 R08: ffff8801d59e0680 R09: 0000000000000000 [ 38.689927] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c938ac30 [ 38.697846] R13: 000000000000008c R14: ffff8801c92784c0 R15: 0000000000000000 [ 38.705156] FS: 0000000000a61880(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 38.713395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 38.719492] CR2: 0000000000455210 CR3: 00000001d7169000 CR4: 00000000001406f0 [ 38.726796] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 38.734058] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 38.741357] Kernel panic - not syncing: Fatal exception [ 38.747662] Kernel Offset: disabled [ 38.751291] Rebooting in 86400 seconds..