Starting OpenBSD Secure Shell server...
[�[0;32m OK �[0m] Started Regular background program processing daemon.
Starting getty on tty2-tty6 if dbus and logind are not available...
Starting Permit User Sessions...
Starting System Logging Service...
[�[0;32m OK �[0m] Started Permit User Sessions.
[�[0;32m OK �[0m] Found device /dev/ttyS0.
[�[0;32m OK �[0m] Started System Logging Service.
[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
[�[0;32m OK �[0m] Started getty on tty2-tty6 if dbus and logind are not available.
[�[0;32m OK �[0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[�[0;32m OK �[0m] Started Getty on tty6.
[�[0;32m OK �[0m] Started Getty on tty5.
[�[0;32m OK �[0m] Started Getty on tty4.
[�[0;32m OK �[0m] Started Getty on tty3.
[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.167' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 70.853783][ T28] audit: type=1400 audit(1597666503.501:8): avc: denied { execmem } for pid=6849 comm="syz-executor735" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 70.862631][ T6849] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 70.924480][ T6849] ==================================================================
[ 70.932725][ T6849] BUG: KASAN: use-after-free in paging32_walk_addr_generic+0x155d/0x1980
[ 70.941122][ T6849] Write of size 4 at addr ffff888000105000 by task syz-executor735/6849
[ 70.949527][ T6849]
[ 70.951857][ T6849] CPU: 1 PID: 6849 Comm: syz-executor735 Not tainted 5.9.0-rc1-syzkaller #0
[ 70.960559][ T6849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 70.970600][ T6849] Call Trace:
[ 70.973882][ T6849] dump_stack+0x18f/0x20d
[ 70.978201][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 70.984260][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 70.990326][ T6849] print_address_description.constprop.0.cold+0xae/0x497
[ 70.997359][ T6849] ? region_intersects+0x257/0x2e0
[ 71.002452][ T6849] ? vprintk_func+0x97/0x1a6
[ 71.007021][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.013072][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.019216][ T6849] kasan_report.cold+0x1f/0x37
[ 71.023971][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.030019][ T6849] check_memory_region+0x13d/0x180
[ 71.035121][ T6849] paging32_walk_addr_generic+0x155d/0x1980
[ 71.041002][ T6849] ? ept_gva_to_gpa+0x1e0/0x1e0
[ 71.045935][ T6849] ? lock_acquire+0x1f1/0xad0
[ 71.051052][ T6849] ? __might_fault+0xef/0x1d0
[ 71.055720][ T6849] ? find_held_lock+0x2d/0x110
[ 71.060471][ T6849] paging32_gva_to_gpa+0xb2/0x1d0
[ 71.065511][ T6849] ? paging32_walk_addr_generic+0x1980/0x1980
[ 71.071560][ T6849] ? vmx_read_guest_seg_ar+0x7a/0x160
[ 71.076926][ T6849] ? __virt_addr_valid+0x1fe/0x2b0
[ 71.082041][ T6849] ? __phys_addr+0x9a/0x110
[ 71.086727][ T6849] ? __phys_addr_symbol+0x2c/0x70
[ 71.091757][ T6849] ? __check_object_size+0x171/0x3e4
[ 71.097034][ T6849] ? __kvm_read_guest_page+0x138/0x170
[ 71.102482][ T6849] ? vmx_segment_cache_test_set+0xc3/0x170
[ 71.108369][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.113389][ T6849] emulator_read_write_onepage+0x2f3/0xa70
[ 71.119183][ T6849] ? em_ltr+0xf0/0xf0
[ 71.123149][ T6849] emulator_read_write+0x1c4/0x5a0
[ 71.128239][ T6849] ? decode_operand+0xb7/0x30a0
[ 71.133070][ T6849] ? __sanitizer_cov_trace_switch+0x45/0x70
[ 71.138946][ T6849] emulator_fix_hypercall+0x132/0x190
[ 71.144304][ T6849] ? trace_event_raw_event_kvm_pio+0x490/0x490
[ 71.150459][ T6849] ? em_clts+0x100/0x100
[ 71.154680][ T6849] em_hypercall+0x5d/0x130
[ 71.159081][ T6849] x86_emulate_insn+0x5e8/0x3d20
[ 71.164010][ T6849] ? kvm_put_guest_fpu+0x4c0/0x4c0
[ 71.169127][ T6849] ? init_decode_cache+0xb0/0xb0
[ 71.174052][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.178973][ T6849] x86_emulate_instruction+0x752/0x1e00
[ 71.184520][ T6849] handle_ud+0xa8/0x240
[ 71.188677][ T6849] ? kvm_emulate_instruction+0x30/0x30
[ 71.194121][ T6849] ? lock_acquire+0x1f1/0xad0
[ 71.198795][ T6849] ? vcpu_enter_guest+0x1371/0x3b60
[ 71.203998][ T6849] ? vmx_skip_emulated_instruction+0x250/0x250
[ 71.210236][ T6849] handle_exception_nmi+0xaf7/0x1270
[ 71.215518][ T6849] ? vmx_skip_emulated_instruction+0x250/0x250
[ 71.221742][ T6849] vmx_handle_exit+0x293/0x14c0
[ 71.226587][ T6849] vcpu_enter_guest+0x14d6/0x3b60
[ 71.231652][ T6849] ? kvm_vcpu_reload_apic_access_page+0x80/0x80
[ 71.237886][ T6849] ? lock_release+0x8e0/0x8e0
[ 71.242547][ T6849] ? mark_held_locks+0x9f/0xe0
[ 71.247307][ T6849] ? __local_bh_enable_ip+0xd1/0x190
[ 71.252809][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.257826][ T6849] ? kvm_arch_vcpu_ioctl_run+0x440/0x1780
[ 71.263747][ T6849] kvm_arch_vcpu_ioctl_run+0x440/0x1780
[ 71.269302][ T6849] kvm_vcpu_ioctl+0x467/0xdf0
[ 71.274849][ T6849] ? kvm_gfn_to_hva_cache_init+0x1a0/0x1a0
[ 71.280646][ T6849] ? generic_block_fiemap+0x60/0x60
[ 71.285851][ T6849] ? selinux_inode_getsecctx+0x90/0x90
[ 71.291318][ T6849] ? _down_write_nest_lock+0x150/0x150
[ 71.296795][ T6849] ? bpf_lsm_file_ioctl+0x5/0x10
[ 71.301923][ T6849] ? kvm_gfn_to_hva_cache_init+0x1a0/0x1a0
[ 71.307721][ T6849] __x64_sys_ioctl+0x193/0x200
[ 71.312480][ T6849] do_syscall_64+0x2d/0x70
[ 71.316908][ T6849] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 71.322817][ T6849] RIP: 0033:0x443639
[ 71.326692][ T6849] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0b fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 71.346557][ T6849] RSP: 002b:00007ffcf07dea38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 71.356148][ T6849] RAX: ffffffffffffffda RBX: 00007ffcf07dea40 RCX: 0000000000443639
[ 71.364802][ T6849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 71.372950][ T6849] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000004011b0
[ 71.380918][ T6849] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000404660
[ 71.388966][ T6849] R13: 00000000004046f0 R14: 0000000000000000 R15: 0000000000000000
[ 71.396955][ T6849]
[ 71.399275][ T6849] The buggy address belongs to the page:
[ 71.404895][ T6849] page:000000000c451483 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105
[ 71.414856][ T6849] flags: 0x7ffe0000000000()
[ 71.419347][ T6849] raw: 007ffe0000000000 ffffea0000004148 ffffea0000004148 0000000000000000
[ 71.427920][ T6849] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 71.436601][ T6849] page dumped because: kasan: bad access detected
[ 71.443007][ T6849]
[ 71.445314][ T6849] Memory state around the buggy address:
[ 71.450925][ T6849] ffff888000104f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 71.458983][ T6849] ffff888000104f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 71.467024][ T6849] >ffff888000105000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 71.475158][ T6849] ^
[ 71.479236][ T6849] ffff888000105080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 71.487279][ T6849] ffff888000105100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 71.495320][ T6849] ==================================================================
[ 71.504137][ T6849] Disabling lock debugging due to kernel taint
[ 71.513925][ T6849] Kernel panic - not syncing: panic_on_warn set ...
[ 71.520521][ T6849] CPU: 1 PID: 6849 Comm: syz-executor735 Tainted: G B 5.9.0-rc1-syzkaller #0
[ 71.530573][ T6849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 71.540634][ T6849] Call Trace:
[ 71.543930][ T6849] dump_stack+0x18f/0x20d
[ 71.548261][ T6849] ? paging32_walk_addr_generic+0x14b0/0x1980
[ 71.554325][ T6849] panic+0x2e3/0x75c
[ 71.558224][ T6849] ? __warn_printk+0xf3/0xf3
[ 71.562808][ T6849] ? preempt_schedule_common+0x59/0xc0
[ 71.568257][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.574306][ T6849] ? preempt_schedule_thunk+0x16/0x18
[ 71.579676][ T6849] ? trace_hardirqs_on+0x55/0x220
[ 71.584678][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.590741][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.596802][ T6849] end_report+0x4d/0x53
[ 71.600956][ T6849] kasan_report.cold+0xd/0x37
[ 71.605708][ T6849] ? paging32_walk_addr_generic+0x155d/0x1980
[ 71.612065][ T6849] check_memory_region+0x13d/0x180
[ 71.617159][ T6849] paging32_walk_addr_generic+0x155d/0x1980
[ 71.623049][ T6849] ? ept_gva_to_gpa+0x1e0/0x1e0
[ 71.627879][ T6849] ? lock_acquire+0x1f1/0xad0
[ 71.632549][ T6849] ? __might_fault+0xef/0x1d0
[ 71.637204][ T6849] ? find_held_lock+0x2d/0x110
[ 71.641972][ T6849] paging32_gva_to_gpa+0xb2/0x1d0
[ 71.646988][ T6849] ? paging32_walk_addr_generic+0x1980/0x1980
[ 71.653438][ T6849] ? vmx_read_guest_seg_ar+0x7a/0x160
[ 71.658813][ T6849] ? __virt_addr_valid+0x1fe/0x2b0
[ 71.663911][ T6849] ? __phys_addr+0x9a/0x110
[ 71.668432][ T6849] ? __phys_addr_symbol+0x2c/0x70
[ 71.673567][ T6849] ? __check_object_size+0x171/0x3e4
[ 71.678849][ T6849] ? __kvm_read_guest_page+0x138/0x170
[ 71.684638][ T6849] ? vmx_segment_cache_test_set+0xc3/0x170
[ 71.690545][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.695593][ T6849] emulator_read_write_onepage+0x2f3/0xa70
[ 71.701424][ T6849] ? em_ltr+0xf0/0xf0
[ 71.705393][ T6849] emulator_read_write+0x1c4/0x5a0
[ 71.710519][ T6849] ? decode_operand+0xb7/0x30a0
[ 71.715349][ T6849] ? __sanitizer_cov_trace_switch+0x45/0x70
[ 71.721250][ T6849] emulator_fix_hypercall+0x132/0x190
[ 71.726649][ T6849] ? trace_event_raw_event_kvm_pio+0x490/0x490
[ 71.732780][ T6849] ? em_clts+0x100/0x100
[ 71.737014][ T6849] em_hypercall+0x5d/0x130
[ 71.741439][ T6849] x86_emulate_insn+0x5e8/0x3d20
[ 71.746388][ T6849] ? kvm_put_guest_fpu+0x4c0/0x4c0
[ 71.751663][ T6849] ? init_decode_cache+0xb0/0xb0
[ 71.756604][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.761633][ T6849] x86_emulate_instruction+0x752/0x1e00
[ 71.767164][ T6849] handle_ud+0xa8/0x240
[ 71.771421][ T6849] ? kvm_emulate_instruction+0x30/0x30
[ 71.776889][ T6849] ? lock_acquire+0x1f1/0xad0
[ 71.781735][ T6849] ? vcpu_enter_guest+0x1371/0x3b60
[ 71.786913][ T6849] ? vmx_skip_emulated_instruction+0x250/0x250
[ 71.793051][ T6849] handle_exception_nmi+0xaf7/0x1270
[ 71.798340][ T6849] ? vmx_skip_emulated_instruction+0x250/0x250
[ 71.804472][ T6849] vmx_handle_exit+0x293/0x14c0
[ 71.809346][ T6849] vcpu_enter_guest+0x14d6/0x3b60
[ 71.814375][ T6849] ? kvm_vcpu_reload_apic_access_page+0x80/0x80
[ 71.820729][ T6849] ? lock_release+0x8e0/0x8e0
[ 71.825401][ T6849] ? mark_held_locks+0x9f/0xe0
[ 71.830144][ T6849] ? __local_bh_enable_ip+0xd1/0x190
[ 71.835404][ T6849] ? lock_is_held_type+0xbb/0xf0
[ 71.840339][ T6849] ? kvm_arch_vcpu_ioctl_run+0x440/0x1780
[ 71.846135][ T6849] kvm_arch_vcpu_ioctl_run+0x440/0x1780
[ 71.851763][ T6849] kvm_vcpu_ioctl+0x467/0xdf0
[ 71.856619][ T6849] ? kvm_gfn_to_hva_cache_init+0x1a0/0x1a0
[ 71.862428][ T6849] ? generic_block_fiemap+0x60/0x60
[ 71.867612][ T6849] ? selinux_inode_getsecctx+0x90/0x90
[ 71.873138][ T6849] ? _down_write_nest_lock+0x150/0x150
[ 71.878688][ T6849] ? bpf_lsm_file_ioctl+0x5/0x10
[ 71.884141][ T6849] ? kvm_gfn_to_hva_cache_init+0x1a0/0x1a0
[ 71.889956][ T6849] __x64_sys_ioctl+0x193/0x200
[ 71.894708][ T6849] do_syscall_64+0x2d/0x70
[ 71.899114][ T6849] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 71.906567][ T6849] RIP: 0033:0x443639
[ 71.910443][ T6849] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0b fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 71.930148][ T6849] RSP: 002b:00007ffcf07dea38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 71.938558][ T6849] RAX: ffffffffffffffda RBX: 00007ffcf07dea40 RCX: 0000000000443639
[ 71.946537][ T6849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 71.954587][ T6849] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000004011b0
[ 71.963287][ T6849] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000404660
[ 71.971258][ T6849] R13: 00000000004046f0 R14: 0000000000000000 R15: 0000000000000000
[ 71.980582][ T6849] Kernel Offset: disabled
[ 71.984914][ T6849] Rebooting in 86400 seconds..