[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 63.978936][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 63.978943][ T26] audit: type=1800 audit(1565693470.664:29): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 64.004556][ T26] audit: type=1800 audit(1565693470.664:30): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts. syzkaller login: [ 73.943685][ T9548] IPVS: ftp: loaded support on port[0] = 21 [ 73.986943][ T9548] chnl_net:caif_netlink_parms(): no params data found [ 74.006673][ T9548] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.014261][ T9548] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.021857][ T9548] device bridge_slave_0 entered promiscuous mode [ 74.029051][ T9548] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.036178][ T9548] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.043743][ T9548] device bridge_slave_1 entered promiscuous mode [ 74.057029][ T9548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.067459][ T9548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.082962][ T9548] team0: Port device team_slave_0 added [ 74.089571][ T9548] team0: Port device team_slave_1 added [ 74.162351][ T9548] device hsr_slave_0 entered promiscuous mode [ 74.230786][ T9548] device hsr_slave_1 entered promiscuous mode [ 74.305691][ T9548] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.312811][ T9548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.320104][ T9548] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.327221][ T9548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.350877][ T9548] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.362225][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.370177][ T3024] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.377755][ T3024] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.385436][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 74.395463][ T9548] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.404534][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.412853][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.419895][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.429203][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.437507][ T3024] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.444583][ T3024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.458017][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.466930][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.476799][ T3024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.488921][ T9548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network executing program [ 74.499816][ T9548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.512123][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.520378][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.528819][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.542248][ T9548] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.582403][ T9558] x86/PAT: syz-executor347:9558 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 74.593268][ T9558] FAULT_INJECTION: forcing a failure. [ 74.593268][ T9558] name failslab, interval 1, probability 0, space 0, times 1 [ 74.606146][ T9558] CPU: 1 PID: 9558 Comm: syz-executor347 Not tainted 5.3.0-rc4 #73 [ 74.614054][ T9558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.624093][ T9558] Call Trace: [ 74.627368][ T9558] dump_stack+0x1d8/0x2f8 [ 74.631686][ T9558] should_fail+0x555/0x770 [ 74.636116][ T9558] __should_failslab+0x11a/0x160 [ 74.641044][ T9558] should_failslab+0x9/0x20 [ 74.645528][ T9558] kmem_cache_alloc_trace+0x5d/0x2f0 [ 74.650807][ T9558] ? reserve_memtype+0x3a3/0xaf0 [ 74.655740][ T9558] reserve_memtype+0x3a3/0xaf0 [ 74.660533][ T9558] reserve_pfn_range+0x268/0xd00 [ 74.665473][ T9558] track_pfn_copy+0x154/0x180 [ 74.670242][ T9558] copy_page_range+0x269a/0x2850 [ 74.675296][ T9558] ? rcu_lock_release+0x4/0x20 [ 74.680058][ T9558] ? rcu_lock_release+0x4/0x20 [ 74.684838][ T9558] ? dup_mmap+0x8f3/0xe00 [ 74.689154][ T9558] ? trace_lock_release+0x135/0x1a0 [ 74.694371][ T9558] ? dup_mmap+0x8f3/0xe00 [ 74.698785][ T9558] ? lock_acquire+0x158/0x250 [ 74.703453][ T9558] ? dup_mmap+0x883/0xe00 [ 74.707770][ T9558] ? init_admin_reserve+0xc0/0xc0 [ 74.712801][ T9558] ? __vma_link_rb+0x839/0x860 [ 74.717561][ T9558] dup_mmap+0xa01/0xe00 [ 74.721787][ T9558] dup_mm+0x9e/0x340 [ 74.725716][ T9558] copy_process+0x2563/0x5ac0 [ 74.730416][ T9558] ? __kasan_check_write+0x14/0x20 [ 74.735545][ T9558] ? refcount_sub_and_test_checked+0x179/0x230 [ 74.741811][ T9558] _do_fork+0x13f/0x5b0 [ 74.746152][ T9558] ? debug_smp_processor_id+0x1c/0x20 [ 74.751662][ T9558] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 74.757894][ T9558] __x64_sys_clone+0x1ec/0x230 [ 74.762659][ T9558] do_syscall_64+0xfe/0x140 [ 74.767327][ T9558] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 74.773251][ T9558] RIP: 0033:0x4432d9 [ 74.777144][ T9558] Code: e8 1c 0d 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 74.796907][ T9558] RSP: 002b:00007ffc1519c3b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 74.805305][ T9558] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004432d9 [ 74.813352][ T9558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 74.821338][ T9558] RBP: ffffffffffffffff R08: 0000000000000000 R09: 00000000004aa942 [ 74.829390][ T9558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 74.837356][ T9558] R13: 00007ffc1519c410 R14: 0000000000000000 R15: 0000000000000000 [ 74.846866][ T9558] WARNING: CPU: 1 PID: 9558 at arch/x86/mm/pat.c:1065 untrack_pfn+0x222/0x370 [ 74.855894][ T9558] Kernel panic - not syncing: panic_on_warn set ... [ 74.862581][ T9558] CPU: 1 PID: 9558 Comm: syz-executor347 Not tainted 5.3.0-rc4 #73 [ 74.870475][ T9558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.880543][ T9558] Call Trace: [ 74.883865][ T9558] dump_stack+0x1d8/0x2f8 [ 74.888320][ T9558] panic+0x25c/0x799 [ 74.892329][ T9558] ? __warn+0x126/0x230 [ 74.896481][ T9558] __warn+0x22f/0x230 [ 74.900470][ T9558] ? untrack_pfn+0x222/0x370 [ 74.905172][ T9558] report_bug+0x190/0x290 [ 74.909533][ T9558] ? untrack_pfn+0x222/0x370 [ 74.914118][ T9558] do_error_trap+0xd7/0x440 [ 74.918797][ T9558] do_invalid_op+0x36/0x40 [ 74.923416][ T9558] ? untrack_pfn+0x222/0x370 [ 74.928038][ T9558] invalid_op+0x23/0x30 [ 74.932208][ T9558] RIP: 0010:untrack_pfn+0x222/0x370 [ 74.939605][ T9558] Code: 4d b0 4c 8d 45 b8 4c 89 ff 31 d2 e8 98 1d 69 00 41 89 c6 31 ff 89 c6 e8 8c 59 3d 00 45 85 f6 0f 84 af 00 00 00 e8 de 55 3d 00 <0f> 0b eb 63 e8 d5 55 3d 00 48 b8 00 00 00 00 00 fc ff df 48 89 c1 [ 74.959546][ T9558] RSP: 0018:ffff88808dabf9e0 EFLAGS: 00010293 [ 74.965603][ T9558] RAX: ffffffff81362ea2 RBX: 1ffff11011b57f3f RCX: ffff8880959ae100 [ 74.973862][ T9558] RDX: 0000000000000000 RSI: 00000000ffffffea RDI: 0000000000000000 [ 74.987733][ T9558] RBP: ffff88808dabfa40 R08: ffffffff81362e94 R09: ffffed1012bd7598 [ 74.996220][ T9558] R10: ffffed1012bd7598 R11: 0000000000000000 R12: 1ffff11012e3dc29 [ 75.005644][ T9558] R13: 0000000000000000 R14: 00000000ffffffea R15: ffff8880971ee148 [ 75.013656][ T9558] ? untrack_pfn+0x214/0x370 [ 75.018352][ T9558] ? untrack_pfn+0x222/0x370 [ 75.022968][ T9558] ? uprobe_munmap+0x1a4/0x490 [ 75.027727][ T9558] unmap_single_vma+0x1f4/0x2e0 [ 75.032710][ T9558] unmap_vmas+0x1b4/0x2b0 [ 75.037036][ T9558] exit_mmap+0x27b/0x530 [ 75.041374][ T9558] __mmput+0x120/0x3a0 [ 75.045465][ T9558] dup_mm+0x31b/0x340 [ 75.049658][ T9558] copy_process+0x2563/0x5ac0 [ 75.054357][ T9558] ? __kasan_check_write+0x14/0x20 [ 75.059898][ T9558] ? refcount_sub_and_test_checked+0x179/0x230 [ 75.066079][ T9558] _do_fork+0x13f/0x5b0 [ 75.070252][ T9558] ? debug_smp_processor_id+0x1c/0x20 [ 75.075817][ T9558] ? fpregs_assert_state_consistent+0xb7/0xe0 [ 75.081928][ T9558] __x64_sys_clone+0x1ec/0x230 [ 75.086688][ T9558] do_syscall_64+0xfe/0x140 [ 75.091212][ T9558] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 75.097122][ T9558] RIP: 0033:0x4432d9 [ 75.101039][ T9558] Code: e8 1c 0d 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 75.121201][ T9558] RSP: 002b:00007ffc1519c3b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 75.131746][ T9558] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004432d9 [ 75.139738][ T9558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 75.147937][ T9558] RBP: ffffffffffffffff R08: 0000000000000000 R09: 00000000004aa942 [ 75.155898][ T9558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 75.163857][ T9558] R13: 00007ffc1519c410 R14: 0000000000000000 R15: 0000000000000000 [ 75.173226][ T9558] Kernel Offset: disabled [ 75.180481][ T9558] Rebooting in 86400 seconds..