[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   29.049703] kauditd_printk_skb: 7 callbacks suppressed
[   29.049715] audit: type=1800 audit(1542156564.719:29): pid=5880 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   29.082476] audit: type=1800 audit(1542156564.729:30): pid=5880 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   40.691558] BUG: GPF in non-whitelisted uaccess (non-canonical address?)
[   40.698505] kasan: CONFIG_KASAN_INLINE enabled
[   40.703510] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   40.710892] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   40.717113] CPU: 0 PID: 6035 Comm: syz-executor052 Not tainted 4.20.0-rc2+ #333
[   40.724544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.733895] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20
[   40.739765] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83
[   40.751182] kobject: 'regulatory.0' (000000002432bef0): kobject_uevent_env
[   40.758668] RSP: 0018:ffff8881cc727398 EFLAGS: 00010206
[   40.765779] kobject: 'regulatory.0' (000000002432bef0): fill_kobj_path: path = '/devices/platform/regulatory.0'
[   40.771063] RAX: 0000000000000000 RBX: 0000000000000109 RCX: 0000000000000109
[   40.771072] RDX: 0000000000000109 RSI: 241037f828e5769d RDI: ffff8881c2c506f8
[   40.771080] RBP: ffff8881cc7273d0 R08: ffffed103858a101 R09: ffffed103858a101
[   40.771089] R10: ffffed103858a100 R11: ffff8881c2c50800 R12: 241037f828e577a6
[   40.771097] R13: 241037f828e5769d R14: ffff8881c2c506f8 R15: ffffffffffffffff
[   40.771109] FS:  000000000258a880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
[   40.771123] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   40.831718] CR2: 0000000020d83ff8 CR3: 00000001c23f8000 CR4: 00000000001406f0
[   40.838972] Call Trace:
[   40.841546]  ? _copy_from_user+0x10d/0x150
[   40.845764]  uhid_dev_create+0x20c/0xb40
[   40.849808]  ? uhid_dev_create2+0x7e0/0x7e0
[   40.854140]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   40.859662]  uhid_char_write+0xc74/0xef0
[   40.863724]  __vfs_write+0x119/0x9f0
[   40.867419]  ? uhid_hid_stop+0x90/0x90
[   40.871301]  ? kernel_read+0x120/0x120
[   40.875190]  ? perf_trace_sched_process_exec+0x860/0x860
[   40.880621]  ? aa_path_link+0x5e0/0x5e0
[   40.884583]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   40.890103]  __kernel_write+0x10c/0x370
[   40.894069]  write_pipe_buf+0x180/0x240
[   40.898046]  ? debug_mutex_init+0x2d/0x60
[   40.902177]  ? do_splice_direct+0x420/0x420
[   40.906482]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   40.912025]  ? splice_from_pipe_next.part.11+0x296/0x340
[   40.917459]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   40.923007]  __splice_from_pipe+0x38b/0x7c0
[   40.927312]  ? do_splice_direct+0x420/0x420
[   40.931619]  splice_from_pipe+0x1ec/0x340
[   40.935754]  ? do_splice_direct+0x420/0x420
[   40.940058]  ? splice_shrink_spd+0xd0/0xd0
[   40.944280]  default_file_splice_write+0x3c/0x90
[   40.949017]  ? generic_splice_sendpage+0x50/0x50
[   40.953758]  direct_splice_actor+0x128/0x190
[   40.958151]  splice_direct_to_actor+0x318/0x8f0
[   40.962808]  ? pipe_to_sendpage+0x400/0x400
[   40.967117]  ? do_splice_to+0x190/0x190
[   40.971090]  ? security_file_permission+0x1c2/0x220
[   40.976095]  ? rw_verify_area+0x118/0x360
[   40.980223]  do_splice_direct+0x2d4/0x420
[   40.984356]  ? splice_direct_to_actor+0x8f0/0x8f0
[   40.989180]  ? apparmor_file_permission+0x24/0x30
[   40.994018]  ? rw_verify_area+0x118/0x360
[   40.998174]  do_sendfile+0x62a/0xe20
[   41.001879]  ? do_compat_pwritev64+0x1c0/0x1c0
[   41.006447]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   41.011972]  ? _copy_from_user+0xdf/0x150
[   41.016112]  __x64_sys_sendfile64+0x15d/0x250
[   41.020591]  ? __ia32_sys_sendfile+0x2a0/0x2a0
[   41.025167]  do_syscall_64+0x1b9/0x820
[   41.029037]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   41.034387]  ? syscall_return_slowpath+0x5e0/0x5e0
[   41.039303]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   41.044133]  ? trace_hardirqs_on_caller+0x310/0x310
[   41.049133]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   41.054144]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   41.059663]  ? prepare_exit_to_usermode+0x291/0x3b0
[   41.064666]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   41.069496]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   41.074689] RIP: 0033:0x440309
[   41.077869] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   41.096762] RSP: 002b:00007ffc9b07dff8 EFLAGS: 00000203 ORIG_RAX: 0000000000000028
[   41.104481] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440309
[   41.111739] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[   41.118990] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
[   41.126260] R10: 00008000fffffffe R11: 0000000000000203 R12: 0000000000401b90
[   41.133514] R13: 0000000000401c20 R14: 0000000000000000 R15: 0000000000000000
[   41.140787] Modules linked in:
[   41.144076] ---[ end trace 7328faeb289a6d9c ]---
[   41.148847] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20
[   41.154761] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83
[   41.173699] RSP: 0018:ffff8881cc727398 EFLAGS: 00010206
[   41.179054] RAX: 0000000000000000 RBX: 0000000000000109 RCX: 0000000000000109
[   41.186363] RDX: 0000000000000109 RSI: 241037f828e5769d RDI: ffff8881c2c506f8
[   41.193652] RBP: ffff8881cc7273d0 R08: ffffed103858a101 R09: ffffed103858a101
[   41.200910] R10: ffffed103858a100 R11: ffff8881c2c50800 R12: 241037f828e577a6
[   41.208201] R13: 241037f828e5769d R14: ffff8881c2c506f8 R15: ffffffffffffffff
[   41.215492] FS:  000000000258a880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
[   41.223760] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.229641] CR2: 0000000020d83ff8 CR3: 00000001c23f8000 CR4: 00000000001406f0
[   41.236949] Kernel panic - not syncing: Fatal exception
[   41.243213] Kernel Offset: disabled
[   41.246835] Rebooting in 86400 seconds..