[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts. 2020/05/27 00:24:25 parsed 1 programs 2020/05/27 00:24:25 executed programs: 0 syzkaller login: [ 33.010138] audit: type=1400 audit(1590539065.752:8): avc: denied { execmem } for pid=6353 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 33.267593] IPVS: ftp: loaded support on port[0] = 21 [ 34.200087] chnl_net:caif_netlink_parms(): no params data found [ 34.271933] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.278624] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.286547] device bridge_slave_0 entered promiscuous mode [ 34.293550] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.300485] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.307495] device bridge_slave_1 entered promiscuous mode [ 34.324221] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 34.332957] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 34.350624] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 34.357827] team0: Port device team_slave_0 added [ 34.363193] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 34.370607] team0: Port device team_slave_1 added [ 34.385957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.392188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.417626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.429124] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.435450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.461018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.471814] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 34.479411] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 34.527319] device hsr_slave_0 entered promiscuous mode [ 34.565334] device hsr_slave_1 entered promiscuous mode [ 34.625609] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 34.632651] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 34.694270] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.700735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.707636] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.713985] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.742954] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 34.750253] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.758777] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 34.768382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.786625] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.793613] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.803874] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 34.810609] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.818965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 34.827492] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.833887] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.854268] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 34.864141] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 34.875719] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 34.882264] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 34.890153] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.896535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.903618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 34.911845] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 34.919508] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.927175] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.935508] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 34.942200] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 34.955434] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 34.962529] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 34.969738] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 34.980277] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 35.032409] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 35.042288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 35.069566] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 35.076998] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 35.083393] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 35.093032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 35.101809] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 35.109177] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 35.118533] device veth0_vlan entered promiscuous mode [ 35.127690] device veth1_vlan entered promiscuous mode [ 35.133467] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 35.142257] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 35.152866] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 35.162294] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 35.169830] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 35.177307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.185605] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 35.193778] device veth0_macvtap entered promiscuous mode [ 35.202563] device veth1_macvtap entered promiscuous mode [ 35.211192] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 35.224026] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 35.236639] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 35.243805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 35.251560] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.259485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.268964] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 35.276048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 35.282818] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.290738] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2020/05/27 00:24:29 result: hanged=false err=executor 0: exit status 67 failed to mkdir (errno 30) loop exited with status 67 failed to mkdir (errno 30) loop exited with status 67 [ 37.026918] ------------[ cut here ]------------ [ 37.031815] WARNING: CPU: 1 PID: 6591 at kernel/cgroup/cgroup.c:2936 cgroup_apply_control_disable+0x39d/0x470 [ 37.041859] Kernel panic - not syncing: panic_on_warn set ... [ 37.041859] [ 37.049212] CPU: 1 PID: 6591 Comm: syz-executor.0 Not tainted 4.14.181-syzkaller #0 [ 37.056984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 37.066346] Call Trace: [ 37.068921] dump_stack+0x1b2/0x283 [ 37.072528] panic+0x1f9/0x42d [ 37.075699] ? add_taint.cold+0x16/0x16 [ 37.079670] ? cgroup_apply_control_disable+0x39d/0x470 [ 37.085029] ? cgroup_apply_control_disable+0x39d/0x470 [ 37.090369] __warn.cold+0x2f/0x30 [ 37.093905] ? ist_end_non_atomic+0x10/0x10 [ 37.098216] ? cgroup_apply_control_disable+0x39d/0x470 [ 37.103555] report_bug+0x20a/0x248 [ 37.107159] do_error_trap+0x195/0x2d0 [ 37.111020] ? math_error+0x2d0/0x2d0 [ 37.114799] ? mark_held_locks+0xa6/0xf0 [ 37.118841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.123677] invalid_op+0x1b/0x40 [ 37.127122] RIP: 0010:cgroup_apply_control_disable+0x39d/0x470 [ 37.133065] RSP: 0018:ffff8880929179b8 EFLAGS: 00010297 [ 37.138425] RAX: ffff8880929625c0 RBX: dffffc0000000000 RCX: 1ffffffff0fe798c [ 37.145671] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff888095e48b58 [ 37.152936] RBP: ffff888095e48b40 R08: 0000000000000001 R09: 0000000000000000 [ 37.160181] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff87ba3920 [ 37.167428] R13: ffffffff87bdb4e0 R14: ffff888094ca6b40 R15: ffff88821b705540 [ 37.174700] ? cgroup_apply_control_disable+0x39d/0x470 [ 37.180039] rebind_subsystems+0x364/0xa10 [ 37.184271] ? cgroup_apply_control_disable+0x470/0x470 [ 37.189611] ? kernfs_create_root+0x28d/0x370 [ 37.194100] cgroup_setup_root+0x3b5/0x950 [ 37.198325] ? rebind_subsystems+0xa10/0xa10 [ 37.202713] cgroup1_mount+0x55f/0xd3e [ 37.206591] ? cgroup1_release_agent+0x250/0x250 [ 37.211322] ? cap_capable+0x1c4/0x230 [ 37.215187] ? security_capable+0x88/0xb0 [ 37.219325] cgroup_mount+0x145/0x8d0 [ 37.223120] ? cgroup_attach_task+0x6e0/0x6e0 [ 37.227594] mount_fs+0x92/0x2a0 [ 37.230935] vfs_kern_mount.part.0+0x5b/0x3c0 [ 37.235423] do_mount+0x3c9/0x25e0 [ 37.238953] ? copy_mount_string+0x40/0x40 [ 37.243165] ? copy_mount_options+0x18c/0x2e0 [ 37.247635] ? copy_mount_options+0x1ec/0x2e0 [ 37.252105] ? copy_mnt_ns+0x8a0/0x8a0 [ 37.255984] SyS_mount+0xa8/0x120 [ 37.259427] ? copy_mnt_ns+0x8a0/0x8a0 [ 37.263290] do_syscall_64+0x1d5/0x640 [ 37.267170] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 37.272350] RIP: 0033:0x45f47a [ 37.275531] RSP: 002b:00007ffdb97fc118 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 37.283216] RAX: ffffffffffffffda RBX: 00007ffdb97fc170 RCX: 000000000045f47a [ 37.290461] RDX: 00000000004caf91 RSI: 00000000004c1665 RDI: 00000000004c1628 [ 37.297721] RBP: 0000000000000000 R08: 00000000004cfa00 R09: 000000000000001c [ 37.304982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000418590 [ 37.312227] R13: 00007ffdb97fc398 R14: 0000000000000000 R15: 0000000000000000 [ 37.320316] Kernel Offset: disabled [ 37.324015] Rebooting in 86400 seconds..