[ 101.057944][ T27] audit: type=1800 audit(1580006003.081:26): pid=9700 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 102.191652][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 102.191665][ T27] audit: type=1800 audit(1580006004.231:29): pid=9700 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 102.218108][ T27] audit: type=1800 audit(1580006004.231:30): pid=9700 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.42' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 112.026849][ T266] kasan: CONFIG_KASAN_INLINE enabled [ 112.026920][ T266] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 112.026939][ T266] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 112.026951][ T266] CPU: 1 PID: 266 Comm: kworker/u4:5 Not tainted 5.5.0-rc7-syzkaller #0 [ 112.026959][ T266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.026974][ T266] Workqueue: events_unbound flush_to_ldisc [ 112.026995][ T266] RIP: 0010:do_con_write.part.0+0xa01/0x1ef0 [ 112.027008][ T266] Code: 7e fe ff ff 45 01 ef e8 fd 70 87 fd 48 8b 85 c8 fe ff ff 80 38 00 0f 85 71 12 00 00 49 8b 9e a0 03 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 14 20 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 [ 112.027015][ T266] RSP: 0018:ffffc900019077c8 EFLAGS: 00010203 [ 112.027025][ T266] RAX: 0000000020000001 RBX: 000000010000000e RCX: ffffffff83ed8610 [ 112.027032][ T266] RDX: 0000000000000000 RSI: ffffffff83ed8663 RDI: 0000000000000003 [ 112.027040][ T266] RBP: ffffc90001907958 R08: ffff8880a88982c0 R09: ffff8880a8898b50 [ 112.027049][ T266] R10: fffffbfff14f66d8 R11: ffffffff8a7b36c7 R12: dffffc0000000000 [ 112.027058][ T266] R13: 0000000000000000 R14: ffff8880a8941000 R15: 000000000000075e [ 112.027069][ T266] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 112.027078][ T266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.027086][ T266] CR2: 00000000004b4c93 CR3: 0000000093370000 CR4: 00000000001406e0 [ 112.027097][ T266] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 112.027105][ T266] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 112.027109][ T266] Call Trace: [ 112.027137][ T266] ? do_con_trol+0x61b0/0x61b0 [ 112.027157][ T266] ? n_tty_receive_buf_common+0xc3a/0x2b70 [ 112.027177][ T266] ? do_con_write.part.0+0x1ef0/0x1ef0 [ 112.027192][ T266] con_put_char+0xfa/0x110 [ 112.027208][ T266] ? do_con_write.part.0+0x1ef0/0x1ef0 [ 112.027225][ T266] ? n_tty_receive_buf_common+0xc4e/0x2b70 [ 112.027240][ T266] ? mutex_trylock+0x2d0/0x2d0 [ 112.027257][ T266] tty_put_char+0xc5/0x160 [ 112.027271][ T266] ? tty_hung_up_p+0x70/0x70 [ 112.027288][ T266] ? wait_for_completion+0x440/0x440 [ 112.027305][ T266] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 112.027319][ T266] ? con_write_room+0x5d/0x70 [ 112.027336][ T266] __process_echoes+0x5c8/0xa40 [ 112.027356][ T266] n_tty_receive_buf_common+0xc77/0x2b70 [ 112.027378][ T266] n_tty_receive_buf2+0x34/0x40 [ 112.027390][ T266] tty_ldisc_receive_buf+0xad/0x1c0 [ 112.027405][ T266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.027418][ T266] ? n_tty_receive_buf_common+0x2b70/0x2b70 [ 112.027437][ T266] tty_port_default_receive_buf+0x7d/0xb0 [ 112.027455][ T266] flush_to_ldisc+0x222/0x390 [ 112.027475][ T266] process_one_work+0x9af/0x1740 [ 112.027493][ T266] ? pwq_dec_nr_in_flight+0x320/0x320 [ 112.027504][ T266] ? lock_acquire+0x190/0x410 [ 112.027523][ T266] worker_thread+0x98/0xe40 [ 112.027541][ T266] kthread+0x361/0x430 [ 112.027555][ T266] ? process_one_work+0x1740/0x1740 [ 112.027567][ T266] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 112.027580][ T266] ret_from_fork+0x24/0x30 [ 112.027592][ T266] Modules linked in: [ 112.027634][ T266] ---[ end trace 7c24282a644a9c52 ]--- [ 112.027651][ T266] RIP: 0010:do_con_write.part.0+0xa01/0x1ef0 [ 112.027667][ T266] Code: 7e fe ff ff 45 01 ef e8 fd 70 87 fd 48 8b 85 c8 fe ff ff 80 38 00 0f 85 71 12 00 00 49 8b 9e a0 03 00 00 48 89 d8 48 c1 e8 03 <42> 0f b6 14 20 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 [ 112.027696][ T266] RSP: 0018:ffffc900019077c8 EFLAGS: 00010203 [ 112.027705][ T266] RAX: 0000000020000001 RBX: 000000010000000e RCX: ffffffff83ed8610 [ 112.027713][ T266] RDX: 0000000000000000 RSI: ffffffff83ed8663 RDI: 0000000000000003 [ 112.027721][ T266] RBP: ffffc90001907958 R08: ffff8880a88982c0 R09: ffff8880a8898b50 [ 112.027730][ T266] R10: fffffbfff14f66d8 R11: ffffffff8a7b36c7 R12: dffffc0000000000 [ 112.027738][ T266] R13: 0000000000000000 R14: ffff8880a8941000 R15: 000000000000075e [ 112.027748][ T266] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 112.027756][ T266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.027764][ T266] CR2: 00000000004b4c93 CR3: 0000000093370000 CR4: 00000000001406e0 [ 112.027774][ T266] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 112.027782][ T266] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 112.027789][ T266] Kernel panic - not syncing: Fatal exception [ 112.029264][ T266] Kernel Offset: disabled