[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.185' (ECDSA) to the list of known hosts. syzkaller login: [ 533.506493][ C0] hrtimer: interrupt took 49108 ns [ 535.756170][ T6654] syz-executor702[6654]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 535.879069][ T6654] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 536.023660][ T6658] syz-executor702[6658]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 536.063984][ T6658] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 536.571358][ T6664] syz-executor702[6664]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 536.571664][ T6536] traps: syz-executor702[6536] trap stack segment ip:4035d8 sp:7fff8b4a9470 error:0 [ 536.651905][ T6664] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 536.655935][ T6536] in syz-executor702648932[401000+82000] [ 536.760351][ T6668] syz-executor702[6668]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 536.887444][ T6668] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 537.225860][ T6675] syz-executor702[6675]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 537.314599][ T6675] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 537.963004][ T6682] syz-executor702[6682]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 538.005629][ T6682] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 539.091136][ T6752] syz-executor702[6752]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 539.131159][ T6752] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 539.837011][ T6782] syz-executor702[6782]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 539.852772][ T6782] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 540.604384][ T6808] syz-executor702[6808]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 540.619121][ T6808] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 541.021530][ T6816] syz-executor702[6816]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 541.052452][ T6816] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 541.539797][ T6822] syz-executor702[6822]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 541.554226][ T6822] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 541.936765][ T6834] syz-executor702[6834]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 541.951785][ T6683] traps: syz-executor702[6683] trap stack segment ip:4035d8 sp:7fff8b4a9470 error:0 in syz-executor702648932[401000+82000] [ 542.001489][ T6834] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 543.152808][ T6863] syz-executor702[6863]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 543.167799][ T6863] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 545.393978][ T6914] syz-executor702[6914]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 545.410816][ T6914] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 545.792720][ T6920] syz-executor702[6920]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 545.842758][ T6920] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 546.939543][ T6953] syz-executor702[6953]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 546.993109][ T6953] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 549.275265][ T7049] syz-executor702[7049]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 549.374756][ T7049] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 550.068064][ T7062] syz-executor702[7062]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 550.147972][ T7062] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 550.592593][ T7067] syz-executor702[7067]: segfault at 1 ip 0000000000000001 sp 00007fff8b4a94e8 error 14 in syz-executor702648932[400000+1000] [ 550.722768][ T7067] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd7. [ 716.111084][ T27] INFO: task syz-executor702:6954 can't die for more than 143 seconds. [ 716.119544][ T27] task:syz-executor702 state:R running task stack:24344 pid: 6954 ppid: 6540 flags:0x00004006 [ 716.285053][ T27] Call Trace: [ 716.305501][ T27] __schedule+0x940/0x26f0 [ 716.346526][ T27] ? irqentry_enter+0x28/0x50 [ 716.400396][ T27] ? sysvec_apic_timer_interrupt+0x73/0xc0 [ 716.467060][ T27] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 716.534806][ T27] RIP: 0000:0xffffc900034bf728 [ 716.588678][ T27] RSP: 34bf748:0000000000000000 EFLAGS: 00000046 ORIG_RAX: ffffffff89400c02 [ 716.691349][ T27] ================================================================== [ 716.699620][ T27] BUG: KASAN: stack-out-of-bounds in __show_regs.cold+0x2b/0x481 [ 716.707404][ T27] Read of size 8 at addr ffffc900034bf6c0 by task khungtaskd/27 [ 716.715123][ T27] [ 716.717444][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.14.0-next-20210830-syzkaller #0 [ 716.726464][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.736603][ T27] Call Trace: [ 716.739885][ T27] dump_stack_lvl+0xcd/0x134 [ 716.744562][ T27] print_address_description.constprop.0.cold+0xf/0x309 [ 716.751616][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.756564][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.761509][ T27] kasan_report.cold+0x83/0xdf [ 716.766289][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.771256][ T27] __show_regs.cold+0x2b/0x481 [ 716.776047][ T27] ? is_bpf_text_address+0x99/0x170 [ 716.781335][ T27] show_trace_log_lvl+0x25b/0x2ba [ 716.786373][ T27] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 716.792558][ T27] ? irqentry_enter+0x28/0x50 [ 716.797255][ T27] ? trace_hardirqs_off_finish+0xd1/0x270 [ 716.803068][ T27] sched_show_task+0x433/0x5b0 [ 716.807882][ T27] ? finish_task_switch.isra.0+0xa20/0xa20 [ 716.813711][ T27] watchdog.cold+0x74/0x1de [ 716.818254][ T27] ? trace_sched_process_hang+0x280/0x280 [ 716.824032][ T27] kthread+0x3e5/0x4d0 [ 716.828148][ T27] ? set_kthread_struct+0x130/0x130 [ 716.833385][ T27] ret_from_fork+0x1f/0x30 [ 716.837891][ T27] [ 716.840213][ T27] [ 716.842566][ T27] Memory state around the buggy address: [ 716.848195][ T27] ffffc900034bf580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 716.856263][ T27] ffffc900034bf600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 716.864338][ T27] >ffffc900034bf680: 00 00 00 f1 f1 f1 f1 00 00 f3 f3 00 00 00 00 00 [ 716.872403][ T27] ^ [ 716.878554][ T27] ffffc900034bf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 716.886620][ T27] ffffc900034bf780: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f2 [ 716.894678][ T27] ================================================================== [ 716.902819][ T27] Disabling lock debugging due to kernel taint [ 716.909858][ T27] Kernel panic - not syncing: panic_on_warn set ... [ 716.916450][ T27] CPU: 0 PID: 27 Comm: khungtaskd Tainted: G B 5.14.0-next-20210830-syzkaller #0 [ 716.926862][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.937005][ T27] Call Trace: [ 716.940280][ T27] dump_stack_lvl+0xcd/0x134 [ 716.944874][ T27] panic+0x2b0/0x6dd [ 716.948809][ T27] ? __warn_printk+0xf3/0xf3 [ 716.953491][ T27] ? preempt_schedule_common+0x59/0xc0 [ 716.958950][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.963975][ T27] ? preempt_schedule_thunk+0x16/0x18 [ 716.969348][ T27] ? trace_hardirqs_on+0x38/0x1c0 [ 716.974368][ T27] ? trace_hardirqs_on+0x51/0x1c0 [ 716.979394][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.984334][ T27] ? __show_regs.cold+0x2b/0x481 [ 716.989287][ T27] end_report.cold+0x63/0x6f [ 716.993875][ T27] kasan_report.cold+0x71/0xdf [ 716.998638][ T27] ? __show_regs.cold+0x2b/0x481 [ 717.003589][ T27] __show_regs.cold+0x2b/0x481 [ 717.008439][ T27] ? is_bpf_text_address+0x99/0x170 [ 717.013635][ T27] show_trace_log_lvl+0x25b/0x2ba [ 717.018655][ T27] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 717.024813][ T27] ? irqentry_enter+0x28/0x50 [ 717.029485][ T27] ? trace_hardirqs_off_finish+0xd1/0x270 [ 717.035205][ T27] sched_show_task+0x433/0x5b0 [ 717.039972][ T27] ? finish_task_switch.isra.0+0xa20/0xa20 [ 717.045786][ T27] watchdog.cold+0x74/0x1de [ 717.050286][ T27] ? trace_sched_process_hang+0x280/0x280 [ 717.056006][ T27] kthread+0x3e5/0x4d0 [ 717.060070][ T27] ? set_kthread_struct+0x130/0x130 [ 717.065266][ T27] ret_from_fork+0x1f/0x30 [ 717.070989][ T27] Kernel Offset: disabled [ 717.075299][ T27] Rebooting in 86400 seconds..