[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.4' (ECDSA) to the list of known hosts. 2020/09/01 11:25:14 parsed 1 programs 2020/09/01 11:25:14 executed programs: 0 syzkaller login: [ 149.076910] audit: type=1400 audit(1598959514.762:8): avc: denied { execmem } for pid=6495 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 150.151796] IPVS: ftp: loaded support on port[0] = 21 [ 150.263248] chnl_net:caif_netlink_parms(): no params data found [ 150.382608] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.389255] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.397506] device bridge_slave_0 entered promiscuous mode [ 150.405296] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.411720] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.419401] device bridge_slave_1 entered promiscuous mode [ 150.437894] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.446725] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.465645] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 150.473111] team0: Port device team_slave_0 added [ 150.478623] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 150.486991] team0: Port device team_slave_1 added [ 150.502929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 150.509187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.535012] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 150.546687] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 150.553023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 150.578260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 150.589230] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 150.596949] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 150.616370] device hsr_slave_0 entered promiscuous mode [ 150.622395] device hsr_slave_1 entered promiscuous mode [ 150.628786] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 150.636090] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 150.701727] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.708398] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.715409] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.723592] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.757422] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 150.764025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 150.773625] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 150.783905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 150.793279] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.800479] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.808329] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 150.819088] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 150.825431] 8021q: adding VLAN 0 to HW filter on device team0 [ 150.834756] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 150.843052] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.849423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.863551] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 150.871197] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.877601] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.888565] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 150.896443] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 150.906492] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 150.917376] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 150.927543] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 150.937872] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 150.944084] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 150.958799] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 150.966139] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 150.973404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 150.983797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.996371] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 151.005679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 151.038856] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 151.046004] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 151.053569] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 151.063884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 151.071422] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 151.078749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 151.088116] device veth0_vlan entered promiscuous mode [ 151.097300] device veth1_vlan entered promiscuous mode [ 151.103674] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 151.113307] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 151.125916] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 151.135253] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 151.143640] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 151.150902] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 151.161341] device veth0_macvtap entered promiscuous mode [ 151.168340] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 151.176868] device veth1_macvtap entered promiscuous mode [ 151.185708] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 151.195475] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 151.206086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 151.213316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 151.221423] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 151.231720] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 151.239239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 151.350949] audit: type=1400 audit(1598959517.032:9): avc: denied { block_suspend } for pid=6728 comm="syz-executor.0" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 152.182763] Bluetooth: hci0: command 0x0409 tx timeout 2020/09/01 11:25:19 executed programs: 143 [ 154.262975] Bluetooth: hci0: command 0x041b tx timeout [ 156.341780] Bluetooth: hci0: command 0x040f tx timeout [ 158.421674] Bluetooth: hci0: command 0x0419 tx timeout 2020/09/01 11:25:24 executed programs: 660 2020/09/01 11:25:29 executed programs: 1177 2020/09/01 11:25:34 executed programs: 1692 [ 169.624112] ------------[ cut here ]------------ [ 169.628887] kernel BUG at fs/inode.c:1571! [ 169.633247] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 169.638749] CPU: 0 PID: 12155 Comm: syz-executor.0 Not tainted 4.19.142-syzkaller #0 [ 169.646605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.655945] RIP: 0010:iput+0x727/0x860 [ 169.659809] Code: b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 84 18 fd ff ff 48 8b 3c 24 e8 33 10 ef ff e9 0a fd ff ff e8 49 ef b8 ff <0f> 0b e8 42 ef b8 ff 48 89 ef e8 1a f7 ff ff 4c 89 f7 e8 12 c7 8c [ 169.678774] RSP: 0018:ffff88808fc97da8 EFLAGS: 00010293 [ 169.684116] RAX: ffff88808e1da680 RBX: 0000000000000040 RCX: ffffffff81b0bb6e [ 169.691381] RDX: 0000000000000000 RSI: ffffffff81b0c237 RDI: 0000000000000007 [ 169.698642] RBP: ffff88807c63a1b0 R08: 0000000000000000 R09: 0000000000000000 [ 169.705942] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 169.713202] R13: ffff88807c63a1a8 R14: ffffffff85afcc50 R15: ffff8880a94f2a20 [ 169.720450] FS: 00007fb3f510f700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 169.728654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.734525] CR2: 00000000016a8660 CR3: 000000008bf44000 CR4: 00000000001406f0 [ 169.741775] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 169.749038] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 169.756298] Call Trace: [ 169.758872] ? fcntl_setlk+0xee0/0xee0 [ 169.762740] ? __sock_release+0x2a0/0x2a0 [ 169.766882] __sock_release+0x226/0x2a0 [ 169.770834] ? __sock_release+0x2a0/0x2a0 [ 169.774959] sock_close+0x15/0x20 [ 169.778390] __fput+0x2ce/0x890 [ 169.781663] task_work_run+0x148/0x1c0 [ 169.785538] exit_to_usermode_loop+0x251/0x2a0 [ 169.790097] do_syscall_64+0x538/0x620 [ 169.793979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 169.799144] RIP: 0033:0x45d5b9 [ 169.802315] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 169.821199] RSP: 002b:00007fb3f510ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 169.828895] RAX: 0000000000000000 RBX: 0000000000002ac0 RCX: 000000000045d5b9 [ 169.836141] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000005 [ 169.843400] RBP: 000000000118cf88 R08: 0000000000000000 R09: 0000000000000000 [ 169.850647] R10: 0000000020000040 R11: 0000000000000246 R12: 000000000118cf4c [ 169.857914] R13: 00007ffe38ff1b8f R14: 00007fb3f510f9c0 R15: 000000000118cf4c [ 169.865172] Modules linked in: [ 169.869124] ---[ end trace bed1a4a147cff8bd ]--- [ 169.873951] RIP: 0010:iput+0x727/0x860 [ 169.877837] Code: b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 84 18 fd ff ff 48 8b 3c 24 e8 33 10 ef ff e9 0a fd ff ff e8 49 ef b8 ff <0f> 0b e8 42 ef b8 ff 48 89 ef e8 1a f7 ff ff 4c 89 f7 e8 12 c7 8c [ 169.896787] RSP: 0018:ffff88808fc97da8 EFLAGS: 00010293 [ 169.902194] RAX: ffff88808e1da680 RBX: 0000000000000040 RCX: ffffffff81b0bb6e [ 169.909455] RDX: 0000000000000000 RSI: ffffffff81b0c237 RDI: 0000000000000007 [ 169.916749] RBP: ffff88807c63a1b0 R08: 0000000000000000 R09: 0000000000000000 [ 169.924086] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 169.931376] R13: ffff88807c63a1a8 R14: ffffffff85afcc50 R15: ffff8880a94f2a20 [ 169.938642] FS: 00007fb3f510f700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 169.946897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.952816] CR2: 00000000016a8660 CR3: 000000008bf44000 CR4: 00000000001406f0 [ 169.960074] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 169.967368] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 169.974696] Kernel panic - not syncing: Fatal exception [ 169.981298] Kernel Offset: disabled [ 169.984914] Rebooting in 86400 seconds..