[ 28.755370][ T26] audit: type=1800 audit(1567346656.804:22): pid=6994 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 43.724078][ T7162] IPVS: ftp: loaded support on port[0] = 21 [ 44.151928][ T7159] can: request_module (can-proto-0) failed. [ 45.079886][ T7159] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.188' (ECDSA) to the list of known hosts. 2019/09/01 14:04:40 parsed 1 programs 2019/09/01 14:04:41 executed programs: 0 [ 53.516362][ T7236] IPVS: ftp: loaded support on port[0] = 21 [ 53.535322][ T7237] IPVS: ftp: loaded support on port[0] = 21 [ 53.559273][ T7239] IPVS: ftp: loaded support on port[0] = 21 [ 53.617537][ T7241] IPVS: ftp: loaded support on port[0] = 21 [ 53.629847][ T7245] IPVS: ftp: loaded support on port[0] = 21 [ 53.651434][ T7244] IPVS: ftp: loaded support on port[0] = 21 [ 53.716154][ T7236] chnl_net:caif_netlink_parms(): no params data found [ 53.780186][ T7237] chnl_net:caif_netlink_parms(): no params data found [ 53.795430][ T7236] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.803197][ T7236] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.811116][ T7236] device bridge_slave_0 entered promiscuous mode [ 53.820466][ T7236] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.827914][ T7236] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.835870][ T7236] device bridge_slave_1 entered promiscuous mode [ 53.912533][ T7236] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.922300][ T7237] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.929598][ T7237] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.937408][ T7237] device bridge_slave_0 entered promiscuous mode [ 53.946421][ T7237] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.953449][ T7237] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.961010][ T7237] device bridge_slave_1 entered promiscuous mode [ 53.972961][ T7241] chnl_net:caif_netlink_parms(): no params data found [ 53.986695][ T7236] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.997861][ T7245] chnl_net:caif_netlink_parms(): no params data found [ 54.009220][ T7239] chnl_net:caif_netlink_parms(): no params data found [ 54.030455][ T7237] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.040087][ T7237] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.061498][ T7236] team0: Port device team_slave_0 added [ 54.069386][ T7236] team0: Port device team_slave_1 added [ 54.146277][ T7236] device hsr_slave_0 entered promiscuous mode [ 54.214172][ T7236] device hsr_slave_1 entered promiscuous mode [ 54.295821][ T7241] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.302942][ T7241] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.310993][ T7241] device bridge_slave_0 entered promiscuous mode [ 54.321726][ T7237] team0: Port device team_slave_0 added [ 54.328685][ T7237] team0: Port device team_slave_1 added [ 54.343689][ T7241] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.352380][ T7241] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.360319][ T7241] device bridge_slave_1 entered promiscuous mode [ 54.436267][ T7237] device hsr_slave_0 entered promiscuous mode [ 54.494324][ T7237] device hsr_slave_1 entered promiscuous mode [ 54.534503][ T7239] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.541620][ T7239] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.549387][ T7239] device bridge_slave_0 entered promiscuous mode [ 54.559385][ T7239] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.566548][ T7239] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.574584][ T7239] device bridge_slave_1 entered promiscuous mode [ 54.581633][ T7245] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.589045][ T7245] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.597157][ T7245] device bridge_slave_0 entered promiscuous mode [ 54.604734][ T7245] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.611769][ T7245] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.620472][ T7245] device bridge_slave_1 entered promiscuous mode [ 54.639301][ T7241] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.673518][ T7245] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.693197][ T7239] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.703593][ T7241] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.712844][ T7236] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.720068][ T7236] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.728081][ T7236] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.735242][ T7236] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.750864][ T7245] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.762623][ T7239] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.778221][ T2980] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.798129][ T2980] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.809525][ T7244] chnl_net:caif_netlink_parms(): no params data found [ 54.833559][ T7245] team0: Port device team_slave_0 added [ 54.843537][ T7241] team0: Port device team_slave_0 added [ 54.863700][ T7245] team0: Port device team_slave_1 added [ 54.873238][ T7241] team0: Port device team_slave_1 added [ 54.907698][ T7241] device hsr_slave_0 entered promiscuous mode [ 54.965027][ T7241] device hsr_slave_1 entered promiscuous mode [ 55.025632][ T7239] team0: Port device team_slave_0 added [ 55.045245][ T7239] team0: Port device team_slave_1 added [ 55.051464][ T7244] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.058929][ T7244] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.066742][ T7244] device bridge_slave_0 entered promiscuous mode [ 55.077069][ T7244] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.084756][ T7244] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.095306][ T7244] device bridge_slave_1 entered promiscuous mode [ 55.109993][ T7244] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 55.176368][ T7245] device hsr_slave_0 entered promiscuous mode [ 55.244249][ T7245] device hsr_slave_1 entered promiscuous mode [ 55.285085][ T7244] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 55.312677][ T7237] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.333437][ T7236] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.347449][ T7244] team0: Port device team_slave_0 added [ 55.362427][ T7244] team0: Port device team_slave_1 added [ 55.406300][ T7239] device hsr_slave_0 entered promiscuous mode [ 55.464308][ T7239] device hsr_slave_1 entered promiscuous mode [ 55.508798][ T7237] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.519297][ T7236] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.537808][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.547355][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.555683][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 55.563289][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.605442][ T7244] device hsr_slave_0 entered promiscuous mode [ 55.654303][ T7244] device hsr_slave_1 entered promiscuous mode [ 55.703069][ T7241] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.711923][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.721859][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.730590][ T7248] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.737699][ T7248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.745340][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.753902][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.762168][ T7248] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.769241][ T7248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.776717][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.787007][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.795312][ T7248] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.802327][ T7248] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.810777][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.818988][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.827514][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.836674][ T7248] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.843695][ T7248] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.881837][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.892764][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.902130][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.911267][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.920285][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.935423][ T7245] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.951965][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.960766][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.969379][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.978026][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.986594][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.995136][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.003327][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.012063][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.020384][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.028663][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.036758][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.045088][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.053958][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.065846][ T7237] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.078056][ T7237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.088089][ T7236] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.099665][ T7236] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.112346][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.121128][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.129373][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.137688][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.151549][ T7241] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.162055][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.171150][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.180526][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.189232][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.199062][ T7252] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.206148][ T7252] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.214298][ T7252] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.230830][ T7245] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.249409][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.257168][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.273264][ T7241] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.284659][ T7241] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.307248][ T7236] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.322917][ T7237] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.338872][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.347826][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.361514][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.368627][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.376837][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.385396][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.395566][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.404116][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.412288][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.421060][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.429692][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.438017][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.446892][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.455186][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.463316][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.472099][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.480658][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.487825][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.495929][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.504669][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.512914][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.519991][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.527576][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.536596][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.545248][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.552831][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.560569][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.591239][ T7245] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 56.606761][ T7245] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 56.618711][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.628327][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.636829][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 56.645514][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.653691][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 56.662199][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.671700][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 56.680011][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.688256][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.695948][ T7248] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.708233][ T7244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.737320][ T7241] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.750810][ T7239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.803069][ T7245] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.829210][ T7244] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.840882][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.853564][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.873462][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.904534][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.914902][ T7239] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.930657][ T7287] BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1415 [ 56.939887][ T7287] in_atomic(): 0, irqs_disabled(): 1, pid: 7287, name: syz-executor.4 [ 56.948045][ T7287] 2 locks held by syz-executor.4/7287: [ 56.953492][ T7287] #0: 000000008c9536e5 (&type->s_umount_key#34){+.+.}, at: deactivate_super+0x12e/0x150 [ 56.963305][ T7287] #1: 00000000a272ed4e (&mm->mmap_sem#2){++++}, at: __do_page_fault+0x21d/0xa20 [ 56.972405][ T7287] irq event stamp: 9350 [ 56.976557][ T7287] hardirqs last enabled at (9349): [] __call_rcu.constprop.67+0x292/0x700 [ 56.986696][ T7287] hardirqs last disabled at (9350): [] kfree+0x73/0x220 [ 56.995190][ T7287] softirqs last enabled at (766): [] fpu__copy+0x142/0x5f0 [ 57.004019][ T7287] softirqs last disabled at (764): [] fpu__copy+0x99/0x5f0 [ 57.012768][ T7287] CPU: 0 PID: 7287 Comm: syz-executor.4 Not tainted 5.2.0-rc1+ #1 [ 57.020548][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.031405][ T7287] Call Trace: [ 57.034682][ T7287] dump_stack+0x113/0x167 [ 57.038996][ T7287] ? debug_object_active_state+0xff/0x3b0 [ 57.044698][ T7287] ___might_sleep.cold.88+0x1bb/0x1f4 [ 57.050048][ T7287] __might_sleep+0x95/0x190 [ 57.054525][ T7287] ? call_rcu+0xb/0x10 [ 57.058601][ T7287] __do_page_fault+0x238/0xa20 [ 57.063344][ T7287] ? trace_hardirqs_off_caller+0x49/0x180 [ 57.069065][ T7287] do_page_fault+0x64/0x3a7 [ 57.073552][ T7287] page_fault+0x1e/0x30 [ 57.077689][ T7287] RIP: 0010:kfree+0xa8/0x220 [ 57.082265][ T7287] Code: 48 c1 e8 0c 48 89 c2 48 b8 00 00 00 00 00 ea ff ff 48 c1 e2 06 48 01 c2 48 8b 42 08 48 8d 48 ff a8 01 48 0f 45 d1 4c 8b 6a 18 <49> 63 75 74 e8 df ec b7 ff 49 63 75 74 48 89 df e8 03 c0 67 01 4c [ 57.101851][ T7287] RSP: 0018:ffff8880a52efa88 EFLAGS: 00010046 [ 57.107904][ T7287] RAX: ffffea000005a2c8 RBX: ffffffff8168b550 RCX: ffffea000005a2c7 [ 57.115857][ T7287] RDX: ffffea000005a2c0 RSI: 0000000000000000 RDI: ffffffff8168b550 [ 57.123828][ T7287] RBP: ffff8880a52efaa8 R08: ffffed1015d46be0 R09: ffffed1015d46bdf [ 57.131786][ T7287] R10: ffffed1015d46bdf R11: ffff8880aea35efb R12: 0000000000000282 [ 57.139748][ T7287] R13: 0000000000000000 R14: ffff8880aa0eb7e0 R15: ffff88821b841b10 [ 57.148745][ T7287] ? buffer_pipe_buf_get+0xa0/0xa0 [ 57.153856][ T7287] ? buffer_pipe_buf_get+0xa0/0xa0 [ 57.158974][ T7287] ? kfree+0x7b/0x220 [ 57.162939][ T7287] debugfs_release_dentry+0x3b/0x50 [ 57.168123][ T7287] __dentry_kill+0x32f/0x550 [ 57.172687][ T7287] ? d_shrink_del+0x59/0x1c0 [ 57.177251][ T7287] shrink_dentry_list+0x1cc/0x510 [ 57.182252][ T7287] shrink_dcache_parent+0x109/0x120 [ 57.187434][ T7287] ? path_has_submounts+0x110/0x110 [ 57.192616][ T7287] ? up_read_non_owner+0x350/0x350 [ 57.197701][ T7287] ? kasan_check_read+0x11/0x20 [ 57.202525][ T7287] ? do_raw_spin_unlock+0x54/0x260 [ 57.207619][ T7287] do_one_tree+0xd/0x40 [ 57.211760][ T7287] shrink_dcache_for_umount+0x56/0x120 [ 57.217205][ T7287] generic_shutdown_super+0x61/0x330 [ 57.222494][ T7287] kill_anon_super+0x38/0x60 [ 57.227079][ T7287] kill_litter_super+0x39/0x50 [ 57.231959][ T7287] deactivate_locked_super+0x77/0xd0 [ 57.237249][ T7287] deactivate_super+0x136/0x150 [ 57.242079][ T7287] ? mount_bdev+0x330/0x330 [ 57.246574][ T7287] ? dput.part.26+0x2a/0x480 [ 57.251146][ T7287] ? dput.part.26+0x126/0x480 [ 57.255799][ T7287] put_fs_context+0xa3/0x4b0 [ 57.260392][ T7287] fscontext_release+0x42/0x60 [ 57.265144][ T7287] __fput+0x25a/0x770 [ 57.269110][ T7287] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.274283][ T7287] ____fput+0x9/0x10 [ 57.278502][ T7287] task_work_run+0x108/0x180 [ 57.283071][ T7287] exit_to_usermode_loop+0x1a9/0x200 [ 57.288433][ T7287] do_syscall_64+0x447/0x530 [ 57.293003][ T7287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.298870][ T7287] RIP: 0033:0x413561 [ 57.302740][ T7287] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 57.322590][ T7287] RSP: 002b:00007ffe83cef6d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 57.331005][ T7287] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413561 [ 57.338961][ T7287] RDX: 0000001b2fe20000 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.346921][ T7287] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff [ 57.354881][ T7287] R10: 00007ffe83cef7b0 R11: 0000000000000293 R12: 000000000075bf20 [ 57.362847][ T7287] R13: 000000000000de21 R14: 00000000007601f0 R15: ffffffffffffffff [ 57.370818][ T7287] BUG: kernel NULL pointer dereference, address: 0000000000000074 [ 57.378598][ T7287] #PF: supervisor read access in kernel mode [ 57.384557][ T7287] #PF: error_code(0x0000) - not-present page [ 57.390517][ T7287] PGD 9221b067 P4D 9221b067 PUD a50b0067 PMD 0 [ 57.396729][ T7287] Oops: 0000 [#1] PREEMPT SMP KASAN [ 57.401897][ T7287] CPU: 0 PID: 7287 Comm: syz-executor.4 Tainted: G W 5.2.0-rc1+ #1 [ 57.411061][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.421135][ T7287] RIP: 0010:kfree+0xa8/0x220 [ 57.425700][ T7287] Code: 48 c1 e8 0c 48 89 c2 48 b8 00 00 00 00 00 ea ff ff 48 c1 e2 06 48 01 c2 48 8b 42 08 48 8d 48 ff a8 01 48 0f 45 d1 4c 8b 6a 18 <49> 63 75 74 e8 df ec b7 ff 49 63 75 74 48 89 df e8 03 c0 67 01 4c [ 57.445477][ T7287] RSP: 0018:ffff8880a52efa88 EFLAGS: 00010046 [ 57.451543][ T7287] RAX: ffffea000005a2c8 RBX: ffffffff8168b550 RCX: ffffea000005a2c7 [ 57.459586][ T7287] RDX: ffffea000005a2c0 RSI: 0000000000000000 RDI: ffffffff8168b550 [ 57.467539][ T7287] RBP: ffff8880a52efaa8 R08: ffffed1015d46be0 R09: ffffed1015d46bdf [ 57.475501][ T7287] R10: ffffed1015d46bdf R11: ffff8880aea35efb R12: 0000000000000282 [ 57.483451][ T7287] R13: 0000000000000000 R14: ffff8880aa0eb7e0 R15: ffff88821b841b10 [ 57.491398][ T7287] FS: 00005555561f8940(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 57.500308][ T7287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.506883][ T7287] CR2: 0000000000000074 CR3: 0000000093444000 CR4: 00000000001406f0 [ 57.514833][ T7287] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.522787][ T7287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.530735][ T7287] Call Trace: [ 57.534038][ T7287] debugfs_release_dentry+0x3b/0x50 [ 57.539214][ T7287] __dentry_kill+0x32f/0x550 [ 57.543777][ T7287] ? d_shrink_del+0x59/0x1c0 [ 57.548344][ T7287] shrink_dentry_list+0x1cc/0x510 [ 57.553340][ T7287] shrink_dcache_parent+0x109/0x120 [ 57.558508][ T7287] ? path_has_submounts+0x110/0x110 [ 57.563693][ T7287] ? up_read_non_owner+0x350/0x350 [ 57.568797][ T7287] ? kasan_check_read+0x11/0x20 [ 57.573632][ T7287] ? do_raw_spin_unlock+0x54/0x260 [ 57.578715][ T7287] do_one_tree+0xd/0x40 [ 57.582847][ T7287] shrink_dcache_for_umount+0x56/0x120 [ 57.588299][ T7287] generic_shutdown_super+0x61/0x330 [ 57.593591][ T7287] kill_anon_super+0x38/0x60 [ 57.598160][ T7287] kill_litter_super+0x39/0x50 [ 57.602893][ T7287] deactivate_locked_super+0x77/0xd0 [ 57.608150][ T7287] deactivate_super+0x136/0x150 [ 57.613001][ T7287] ? mount_bdev+0x330/0x330 [ 57.617480][ T7287] ? dput.part.26+0x2a/0x480 [ 57.622088][ T7287] ? dput.part.26+0x126/0x480 [ 57.626739][ T7287] put_fs_context+0xa3/0x4b0 [ 57.631405][ T7287] fscontext_release+0x42/0x60 [ 57.636159][ T7287] __fput+0x25a/0x770 [ 57.640130][ T7287] ? _raw_spin_unlock_irq+0x27/0x80 [ 57.645311][ T7287] ____fput+0x9/0x10 [ 57.649211][ T7287] task_work_run+0x108/0x180 [ 57.653789][ T7287] exit_to_usermode_loop+0x1a9/0x200 [ 57.659071][ T7287] do_syscall_64+0x447/0x530 [ 57.663639][ T7287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 57.669530][ T7287] RIP: 0033:0x413561 [ 57.673399][ T7287] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 57.692988][ T7287] RSP: 002b:00007ffe83cef6d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 57.701556][ T7287] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413561 [ 57.709531][ T7287] RDX: 0000001b2fe20000 RSI: 0000000000000000 RDI: 0000000000000003 [ 57.717515][ T7287] RBP: 0000000000000001 R08: ffffffffffffffff R09: ffffffffffffffff [ 57.725465][ T7287] R10: 00007ffe83cef7b0 R11: 0000000000000293 R12: 000000000075bf20 [ 57.733437][ T7287] R13: 000000000000de21 R14: 00000000007601f0 R15: ffffffffffffffff [ 57.741396][ T7287] Modules linked in: [ 57.745269][ T7287] CR2: 0000000000000074 [ 57.749410][ T7287] ---[ end trace 6e96a8329b2ade0c ]--- [ 57.754846][ T7287] RIP: 0010:kfree+0xa8/0x220 [ 57.759412][ T7287] Code: 48 c1 e8 0c 48 89 c2 48 b8 00 00 00 00 00 ea ff ff 48 c1 e2 06 48 01 c2 48 8b 42 08 48 8d 48 ff a8 01 48 0f 45 d1 4c 8b 6a 18 <49> 63 75 74 e8 df ec b7 ff 49 63 75 74 48 89 df e8 03 c0 67 01 4c [ 57.778995][ T7287] RSP: 0018:ffff8880a52efa88 EFLAGS: 00010046 [ 57.785051][ T7287] RAX: ffffea000005a2c8 RBX: ffffffff8168b550 RCX: ffffea000005a2c7 [ 57.793359][ T7287] RDX: ffffea000005a2c0 RSI: 0000000000000000 RDI: ffffffff8168b550 [ 57.801306][ T7287] RBP: ffff8880a52efaa8 R08: ffffed1015d46be0 R09: ffffed1015d46bdf [ 57.809276][ T7287] R10: ffffed1015d46bdf R11: ffff8880aea35efb R12: 0000000000000282 [ 57.817230][ T7287] R13: 0000000000000000 R14: ffff8880aa0eb7e0 R15: ffff88821b841b10 [ 57.825191][ T7287] FS: 00005555561f8940(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 57.834115][ T7287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.840670][ T7287] CR2: 0000000000000074 CR3: 0000000093444000 CR4: 00000000001406f0 [ 57.848621][ T7287] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.856566][ T7287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.864520][ T7287] Kernel panic - not syncing: Fatal exception [ 57.871846][ T7287] Kernel Offset: disabled [ 57.876168][ T7287] Rebooting in 86400 seconds..