[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.461904] kauditd_printk_skb: 8 callbacks suppressed [ 28.461916] audit: type=1800 audit(1542503685.868:29): pid=5867 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.486815] audit: type=1800 audit(1542503685.878:30): pid=5867 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.61' (ECDSA) to the list of known hosts. 2018/11/18 01:15:02 parsed 1 programs 2018/11/18 01:15:04 executed programs: 0 syzkaller login: [ 46.729249] IPVS: ftp: loaded support on port[0] = 21 [ 46.738234] IPVS: ftp: loaded support on port[0] = 21 [ 46.739617] IPVS: ftp: loaded support on port[0] = 21 [ 46.761427] IPVS: ftp: loaded support on port[0] = 21 [ 46.773630] IPVS: ftp: loaded support on port[0] = 21 [ 46.786980] IPVS: ftp: loaded support on port[0] = 21 [ 47.546515] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.555240] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.562339] device bridge_slave_0 entered promiscuous mode [ 47.590022] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.603188] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.615373] device bridge_slave_0 entered promiscuous mode [ 47.623216] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.630939] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.637934] device bridge_slave_0 entered promiscuous mode [ 47.645015] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.651350] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.659363] device bridge_slave_1 entered promiscuous mode [ 47.676614] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.682945] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.698213] device bridge_slave_0 entered promiscuous mode [ 47.706499] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.712986] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.721235] device bridge_slave_1 entered promiscuous mode [ 47.728976] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.736903] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.744310] device bridge_slave_1 entered promiscuous mode [ 47.751964] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.758658] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.766482] device bridge_slave_0 entered promiscuous mode [ 47.774177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.786434] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.794757] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.801126] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.809316] device bridge_slave_0 entered promiscuous mode [ 47.818843] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.828586] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.839010] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.850959] device bridge_slave_1 entered promiscuous mode [ 47.860923] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.867934] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.876456] device bridge_slave_1 entered promiscuous mode [ 47.884998] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.894446] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.905709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.913093] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.933812] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.941766] device bridge_slave_1 entered promiscuous mode [ 47.950378] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 47.958914] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 47.994619] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 48.004543] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 48.023838] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 48.113434] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 48.146412] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.177104] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.228053] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.240570] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.259950] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.273445] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.290579] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.309541] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.329884] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.375954] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.385665] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.392688] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.407653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.425888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.437271] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.449410] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.458601] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.471311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.482505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.493516] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.505440] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.516747] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.525324] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.541150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.556061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.572016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.581043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.591525] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.610260] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.645800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.667155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 48.687144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.744129] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.752195] team0: Port device team_slave_0 added [ 48.767380] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 48.781055] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.804835] team0: Port device team_slave_0 added [ 48.810738] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.830540] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.840174] team0: Port device team_slave_0 added [ 48.860438] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.871154] team0: Port device team_slave_1 added [ 48.883061] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.891929] team0: Port device team_slave_0 added [ 48.902896] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.912410] team0: Port device team_slave_1 added [ 48.920880] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.929688] team0: Port device team_slave_0 added [ 48.938771] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.946530] team0: Port device team_slave_1 added [ 48.978433] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.002485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.014014] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.021692] team0: Port device team_slave_1 added [ 49.040136] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.053057] team0: Port device team_slave_1 added [ 49.066410] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.074838] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.089219] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.100463] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 49.108055] team0: Port device team_slave_0 added [ 49.115705] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.134255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.144517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.152613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.162538] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.178842] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.196318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.221624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.229884] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.237521] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.245394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.257817] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.268701] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.285906] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.293537] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.312130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.320630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.328762] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.336708] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.345844] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.353859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.361809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.371012] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 49.379198] team0: Port device team_slave_1 added [ 49.385786] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.396117] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.408537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 49.422018] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.456694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.464953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.477406] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.494031] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.501153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.509530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.532977] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.541620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.551614] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 49.573486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 49.598924] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.617934] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.634141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.643576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 49.676370] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 49.690732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 49.705499] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.775473] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 49.782615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.791051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 49.867817] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 49.884507] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.901166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.243329] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.249946] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.256998] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.263399] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.272354] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.279771] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.286186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.292847] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.299267] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.307044] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.316540] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.322906] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.329621] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.336040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.346974] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.364010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.380299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.400939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.436558] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.442934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.449653] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.456073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.474476] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.571478] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.577940] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.584721] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.591089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.604721] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 50.790868] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.797315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.804016] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.810428] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.823460] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 51.437518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.454906] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 51.470372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 53.138938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.156478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.285082] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.364319] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.424106] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.432136] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.484104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.572188] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.590401] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.629266] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.651811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.664810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.706379] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.712539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.721303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.735819] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.751878] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.852393] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 53.870510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.887726] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.905034] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.919875] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.959746] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.025118] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.031289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.052569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.075939] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.087096] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.106801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.149997] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 54.164467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 54.171601] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 54.203887] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.335402] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.358712] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.460302] 8021q: adding VLAN 0 to HW filter on device team0 2018/11/18 01:15:13 executed programs: 6 2018/11/18 01:15:18 executed programs: 150 [ 63.761116] ================================================================== [ 63.768731] BUG: KASAN: user-memory-access in n_tty_set_termios+0x106/0xe80 [ 63.775840] Write of size 512 at addr 0000000000001060 by task syz-executor3/9026 [ 63.783464] [ 63.785134] CPU: 1 PID: 9026 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 63.793624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.802981] Call Trace: [ 63.805577] dump_stack+0x244/0x39d [ 63.805602] ? dump_stack_print_info.cold.1+0x20/0x20 [ 63.805623] ? vprintk_func+0x85/0x181 [ 63.805641] kasan_report.cold.8+0x6d/0x309 [ 63.805657] ? n_tty_set_termios+0x106/0xe80 [ 63.805678] check_memory_region+0x13e/0x1b0 [ 63.805694] memset+0x23/0x40 [ 63.805713] n_tty_set_termios+0x106/0xe80 [ 63.814640] ? n_tty_receive_signal_char+0x120/0x120 [ 63.814659] tty_set_termios+0x7a0/0xac0 [ 63.814681] ? tty_wait_until_sent+0x5d0/0x5d0 [ 63.814704] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 63.814723] set_termios+0x41e/0x7d0 [ 63.814745] ? tty_perform_flush+0x80/0x80 [ 63.834829] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 63.834850] tty_mode_ioctl+0x857/0xb40 [ 63.834867] ? set_termios+0x7d0/0x7d0 [ 63.834892] ? perf_trace_sched_process_exec+0x860/0x860 [ 63.834913] n_tty_ioctl_helper+0x54/0x3b0 [ 63.834936] n_tty_ioctl+0x54/0x360 [ 63.844306] ? ldsem_down_read+0x32/0x40 [ 63.844320] ? ldsem_down_read+0x32/0x40 [ 63.844340] tty_ioctl+0x5c6/0x17d0 [ 63.844355] ? commit_echoes+0x1c0/0x1c0 [ 63.844371] ? tty_vhangup+0x30/0x30 [ 63.844385] ? find_held_lock+0x36/0x1c0 [ 63.844408] ? __fget+0x4aa/0x740 [ 63.844437] ? lock_downgrade+0x900/0x900 [ 63.924081] ? check_preemption_disabled+0x48/0x280 [ 63.929176] ? kasan_check_read+0x11/0x20 [ 63.933343] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 63.938634] ? rcu_read_unlock_special+0x370/0x370 [ 63.943582] ? __fget+0x4d1/0x740 [ 63.947057] ? ksys_dup3+0x680/0x680 [ 63.950788] ? __might_fault+0x12b/0x1e0 [ 63.954867] ? lock_downgrade+0x900/0x900 [ 63.959044] ? lock_release+0xa10/0xa10 [ 63.963034] ? perf_trace_sched_process_exec+0x860/0x860 [ 63.968501] ? tty_vhangup+0x30/0x30 [ 63.972233] do_vfs_ioctl+0x1de/0x1790 [ 63.976139] ? ioctl_preallocate+0x300/0x300 [ 63.980557] ? __fget_light+0x2e9/0x430 [ 63.984571] ? fget_raw+0x20/0x20 [ 63.984585] ? _copy_to_user+0xc8/0x110 [ 63.984605] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 63.984622] ? put_timespec64+0x10f/0x1b0 [ 63.984652] ? nsecs_to_jiffies+0x30/0x30 [ 63.984669] ? do_syscall_64+0x9a/0x820 [ 63.984683] ? do_syscall_64+0x9a/0x820 [ 63.984699] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 63.984718] ? security_file_ioctl+0x94/0xc0 [ 63.984736] ksys_ioctl+0xa9/0xd0 [ 63.984752] __x64_sys_ioctl+0x73/0xb0 [ 63.984767] do_syscall_64+0x1b9/0x820 [ 63.984783] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 63.984797] ? syscall_return_slowpath+0x5e0/0x5e0 [ 63.984810] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 63.984827] ? trace_hardirqs_on_caller+0x310/0x310 [ 63.984844] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 63.984859] ? prepare_exit_to_usermode+0x291/0x3b0 [ 63.984881] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 63.984905] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 63.984917] RIP: 0033:0x457569 [ 63.984933] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 63.984940] RSP: 002b:00007f87e6216c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.984953] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 63.984963] RDX: 0000000020000100 RSI: 0000000000005402 RDI: 0000000000000005 [ 63.984971] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 63.984980] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f87e62176d4 [ 63.984989] R13: 00000000004c0ffe R14: 00000000004d1d88 R15: 00000000ffffffff [ 63.985027] ================================================================== [ 63.985032] Disabling lock debugging due to kernel taint [ 64.012576] Kernel panic - not syncing: panic_on_warn set ... [ 64.033586] kobject: 'loop2' (00000000d80a73fa): kobject_uevent_env [ 64.035799] CPU: 1 PID: 9026 Comm: syz-executor3 Tainted: G B 4.20.0-rc1-next-20181109+ #110 [ 64.035806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.035810] Call Trace: [ 64.035828] dump_stack+0x244/0x39d [ 64.035859] ? dump_stack_print_info.cold.1+0x20/0x20 [ 64.035899] panic+0x2ad/0x55c [ 64.043564] kobject: 'loop2' (00000000d80a73fa): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 64.046172] ? add_taint.cold.5+0x16/0x16 [ 64.046187] ? preempt_schedule+0x4d/0x60 [ 64.046209] ? ___preempt_schedule+0x16/0x18 [ 64.046225] ? trace_hardirqs_on+0xb4/0x310 [ 64.046242] kasan_end_report+0x47/0x4f [ 64.073220] kobject: 'loop0' (0000000003349fa4): kobject_uevent_env [ 64.076142] kasan_report.cold.8+0x76/0x309 [ 64.076158] ? n_tty_set_termios+0x106/0xe80 [ 64.076176] check_memory_region+0x13e/0x1b0 [ 64.076198] memset+0x23/0x40 [ 64.076247] n_tty_set_termios+0x106/0xe80 [ 64.081844] kobject: 'loop0' (0000000003349fa4): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 64.098354] ? n_tty_receive_signal_char+0x120/0x120 [ 64.098370] tty_set_termios+0x7a0/0xac0 [ 64.098404] ? tty_wait_until_sent+0x5d0/0x5d0 [ 64.098424] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 64.098450] set_termios+0x41e/0x7d0 [ 64.221851] kobject: 'loop5' (00000000c68949f8): kobject_uevent_env [ 64.223586] ? tty_perform_flush+0x80/0x80 [ 64.223608] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 64.232516] kobject: 'loop5' (00000000c68949f8): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 64.238277] tty_mode_ioctl+0x857/0xb40 [ 64.238291] ? set_termios+0x7d0/0x7d0 [ 64.238309] ? perf_trace_sched_process_exec+0x860/0x860 [ 64.238325] n_tty_ioctl_helper+0x54/0x3b0 [ 64.294619] kobject: 'loop4' (00000000ad234a87): kobject_uevent_env [ 64.297544] n_tty_ioctl+0x54/0x360 [ 64.301794] kobject: 'loop4' (00000000ad234a87): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 64.306871] ? ldsem_down_read+0x32/0x40 [ 64.306883] ? ldsem_down_read+0x32/0x40 [ 64.306899] tty_ioctl+0x5c6/0x17d0 [ 64.306913] ? commit_echoes+0x1c0/0x1c0 [ 64.306929] ? tty_vhangup+0x30/0x30 [ 64.372728] ? find_held_lock+0x36/0x1c0 [ 64.376778] ? __fget+0x4aa/0x740 [ 64.380212] ? lock_downgrade+0x900/0x900 [ 64.384343] ? check_preemption_disabled+0x48/0x280 [ 64.389343] ? kasan_check_read+0x11/0x20 [ 64.393486] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 64.398743] ? rcu_read_unlock_special+0x370/0x370 [ 64.403662] ? __fget+0x4d1/0x740 [ 64.407109] ? ksys_dup3+0x680/0x680 [ 64.410807] ? __might_fault+0x12b/0x1e0 [ 64.414851] ? lock_downgrade+0x900/0x900 [ 64.418996] ? lock_release+0xa10/0xa10 [ 64.422967] ? perf_trace_sched_process_exec+0x860/0x860 [ 64.428410] ? tty_vhangup+0x30/0x30 [ 64.432107] do_vfs_ioctl+0x1de/0x1790 [ 64.435978] ? ioctl_preallocate+0x300/0x300 [ 64.440365] ? __fget_light+0x2e9/0x430 [ 64.444320] ? fget_raw+0x20/0x20 [ 64.447772] ? _copy_to_user+0xc8/0x110 [ 64.451731] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 64.457266] ? put_timespec64+0x10f/0x1b0 [ 64.461395] ? nsecs_to_jiffies+0x30/0x30 [ 64.465527] ? do_syscall_64+0x9a/0x820 [ 64.469501] ? do_syscall_64+0x9a/0x820 [ 64.473461] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 64.478030] ? security_file_ioctl+0x94/0xc0 [ 64.482442] ksys_ioctl+0xa9/0xd0 [ 64.485880] __x64_sys_ioctl+0x73/0xb0 [ 64.489748] do_syscall_64+0x1b9/0x820 [ 64.493618] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 64.498960] ? syscall_return_slowpath+0x5e0/0x5e0 [ 64.503869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 64.508714] ? trace_hardirqs_on_caller+0x310/0x310 [ 64.513726] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 64.518733] ? prepare_exit_to_usermode+0x291/0x3b0 [ 64.523731] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 64.528570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 64.533741] RIP: 0033:0x457569 [ 64.536915] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 64.555802] RSP: 002b:00007f87e6216c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 64.563494] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 64.570744] RDX: 0000000020000100 RSI: 0000000000005402 RDI: 0000000000000005 [ 64.578013] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 64.585264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f87e62176d4 [ 64.592512] R13: 00000000004c0ffe R14: 00000000004d1d88 R15: 00000000ffffffff [ 64.600746] Kernel Offset: disabled [ 64.604391] Rebooting in 86400 seconds..