[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 61.524104][ T6821] ==================================================================
[ 61.532280][ T6821] BUG: KASAN: use-after-free in path_init+0x116b/0x13c0
[ 61.539237][ T6821] Read of size 8 at addr ffff8880950a8a80 by task syz-executor167/6821
[ 61.547442][ T6821]
[ 61.549751][ T6821] CPU: 0 PID: 6821 Comm: syz-executor167 Not tainted 5.8.0-syzkaller #0
[ 61.558058][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 61.568088][ T6821] Call Trace:
[ 61.571370][ T6821] dump_stack+0x18f/0x20d
[ 61.575689][ T6821] ? path_init+0x116b/0x13c0
[ 61.580268][ T6821] ? path_init+0x116b/0x13c0
[ 61.584849][ T6821] print_address_description.constprop.0.cold+0xae/0x497
[ 61.591852][ T6821] ? vprintk_func+0x97/0x1a6
[ 61.596434][ T6821] ? path_init+0x116b/0x13c0
[ 61.600997][ T6821] ? path_init+0x116b/0x13c0
[ 61.605576][ T6821] kasan_report.cold+0x1f/0x37
[ 61.610329][ T6821] ? path_init+0x116b/0x13c0
[ 61.614897][ T6821] path_init+0x116b/0x13c0
[ 61.619289][ T6821] ? __kasan_slab_free+0xd8/0x120
[ 61.624301][ T6821] ? kmem_cache_free.part.0+0x67/0x1f0
[ 61.629799][ T6821] ? putname+0xe1/0x120
[ 61.633929][ T6821] ? do_rmdir+0x145/0x440
[ 61.638235][ T6821] ? do_syscall_64+0x2d/0x70
[ 61.642804][ T6821] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 61.648851][ T6821] path_parentat+0x22/0x1b0
[ 61.653346][ T6821] filename_parentat+0x188/0x560
[ 61.658276][ T6821] ? getname+0xd0/0xd0
[ 61.662326][ T6821] ? lockdep_hardirqs_off+0x89/0xc0
[ 61.667504][ T6821] ? _raw_spin_unlock_irqrestore+0x9b/0xe0
[ 61.673284][ T6821] ? lockdep_hardirqs_off+0x89/0xc0
[ 61.678472][ T6821] ? check_preemption_disabled+0x50/0x130
[ 61.684200][ T6821] ? putname+0xe1/0x120
[ 61.688334][ T6821] ? rcu_read_lock_sched_held+0x3a/0xb0
[ 61.693850][ T6821] ? putname+0xe1/0x120
[ 61.697981][ T6821] ? kmem_cache_free.part.0+0x1c4/0x1f0
[ 61.703500][ T6821] do_rmdir+0xa8/0x440
[ 61.707562][ T6821] ? __ia32_sys_mkdir+0x80/0x80
[ 61.712391][ T6821] ? strncpy_from_user+0x2bf/0x3e0
[ 61.717482][ T6821] ? trace_hardirqs_on+0x5f/0x220
[ 61.722499][ T6821] do_syscall_64+0x2d/0x70
[ 61.726894][ T6821] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 61.732763][ T6821] RIP: 0033:0x4403e9
[ 61.736665][ T6821] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 61.756252][ T6821] RSP: 002b:00007ffd4e3bdb58 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 61.764641][ T6821] RAX: ffffffffffffffda RBX: 69662f7375622f2e RCX: 00000000004403e9
[ 61.772590][ T6821] RDX: 00000000004403e9 RSI: 00000000004403e9 RDI: 0000000020000080
[ 61.780539][ T6821] RBP: 2f31656c69662f2e R08: 0000000000000000 R09: 0000000000000000
[ 61.788488][ T6821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401bf0
[ 61.796443][ T6821] R13: 0000000000401c80 R14: 0000000000000000 R15: 0000000000000000
[ 61.804410][ T6821]
[ 61.806718][ T6821] Allocated by task 6821:
[ 61.811028][ T6821] kasan_save_stack+0x1b/0x40
[ 61.815684][ T6821] __kasan_kmalloc.constprop.0+0xbf/0xd0
[ 61.821290][ T6821] kmem_cache_alloc+0x138/0x3a0
[ 61.826129][ T6821] getname_flags.part.0+0x50/0x4f0
[ 61.831213][ T6821] __x64_sys_rmdir+0xb1/0x100
[ 61.835884][ T6821] do_syscall_64+0x2d/0x70
[ 61.840292][ T6821] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 61.846151][ T6821]
[ 61.848451][ T6821] Freed by task 6821:
[ 61.852420][ T6821] kasan_save_stack+0x1b/0x40
[ 61.857088][ T6821] kasan_set_track+0x1c/0x30
[ 61.861656][ T6821] kasan_set_free_info+0x1b/0x30
[ 61.866574][ T6821] __kasan_slab_free+0xd8/0x120
[ 61.871415][ T6821] kmem_cache_free.part.0+0x67/0x1f0
[ 61.876675][ T6821] putname+0xe1/0x120
[ 61.880630][ T6821] do_rmdir+0x145/0x440
[ 61.884768][ T6821] do_syscall_64+0x2d/0x70
[ 61.889179][ T6821] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 61.895055][ T6821]
[ 61.897362][ T6821] The buggy address belongs to the object at ffff8880950a8a80
[ 61.897362][ T6821] which belongs to the cache names_cache of size 4096
[ 61.911488][ T6821] The buggy address is located 0 bytes inside of
[ 61.911488][ T6821] 4096-byte region [ffff8880950a8a80, ffff8880950a9a80)
[ 61.924644][ T6821] The buggy address belongs to the page:
[ 61.930256][ T6821] page:00000000c8532513 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x950a8
[ 61.940381][ T6821] head:00000000c8532513 order:1 compound_mapcount:0
[ 61.946960][ T6821] flags: 0xfffe0000010200(slab|head)
[ 61.952222][ T6821] raw: 00fffe0000010200 ffffea0002540e88 ffffea000251ef88 ffff88821bc47a00
[ 61.960782][ T6821] raw: 0000000000000000 ffff8880950a8a80 0000000100000001 0000000000000000
[ 61.969339][ T6821] page dumped because: kasan: bad access detected
[ 61.975730][ T6821]
[ 61.978038][ T6821] Memory state around the buggy address:
[ 61.983660][ T6821] ffff8880950a8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 61.991719][ T6821] ffff8880950a8a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 61.999767][ T6821] >ffff8880950a8a80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 62.007806][ T6821] ^
[ 62.011861][ T6821] ffff8880950a8b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 62.019909][ T6821] ffff8880950a8b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 62.027959][ T6821] ==================================================================
[ 62.035992][ T6821] Disabling lock debugging due to kernel taint
[ 62.042782][ T6821] Kernel panic - not syncing: panic_on_warn set ...
[ 62.049388][ T6821] CPU: 0 PID: 6821 Comm: syz-executor167 Tainted: G B 5.8.0-syzkaller #0
[ 62.059092][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 62.069137][ T6821] Call Trace:
[ 62.072426][ T6821] dump_stack+0x18f/0x20d
[ 62.076743][ T6821] ? path_init+0x1160/0x13c0
[ 62.081320][ T6821] panic+0x2e3/0x75c
[ 62.085189][ T6821] ? __warn_printk+0xf3/0xf3
[ 62.089767][ T6821] ? preempt_schedule_common+0x59/0xc0
[ 62.095202][ T6821] ? path_init+0x116b/0x13c0
[ 62.099781][ T6821] ? preempt_schedule_thunk+0x16/0x18
[ 62.105133][ T6821] ? trace_hardirqs_on+0x55/0x220
[ 62.110129][ T6821] ? path_init+0x116b/0x13c0
[ 62.114706][ T6821] ? path_init+0x116b/0x13c0
[ 62.119270][ T6821] end_report+0x4d/0x53
[ 62.123421][ T6821] kasan_report.cold+0xd/0x37
[ 62.128071][ T6821] ? path_init+0x116b/0x13c0
[ 62.132632][ T6821] path_init+0x116b/0x13c0
[ 62.137026][ T6821] ? __kasan_slab_free+0xd8/0x120
[ 62.142024][ T6821] ? kmem_cache_free.part.0+0x67/0x1f0
[ 62.147452][ T6821] ? putname+0xe1/0x120
[ 62.151578][ T6821] ? do_rmdir+0x145/0x440
[ 62.155883][ T6821] ? do_syscall_64+0x2d/0x70
[ 62.160457][ T6821] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 62.166497][ T6821] path_parentat+0x22/0x1b0
[ 62.170985][ T6821] filename_parentat+0x188/0x560
[ 62.175897][ T6821] ? getname+0xd0/0xd0
[ 62.179944][ T6821] ? lockdep_hardirqs_off+0x89/0xc0
[ 62.185141][ T6821] ? _raw_spin_unlock_irqrestore+0x9b/0xe0
[ 62.190917][ T6821] ? lockdep_hardirqs_off+0x89/0xc0
[ 62.196086][ T6821] ? check_preemption_disabled+0x50/0x130
[ 62.201777][ T6821] ? putname+0xe1/0x120
[ 62.205920][ T6821] ? rcu_read_lock_sched_held+0x3a/0xb0
[ 62.211436][ T6821] ? putname+0xe1/0x120
[ 62.215580][ T6821] ? kmem_cache_free.part.0+0x1c4/0x1f0
[ 62.221145][ T6821] do_rmdir+0xa8/0x440
[ 62.225195][ T6821] ? __ia32_sys_mkdir+0x80/0x80
[ 62.230020][ T6821] ? strncpy_from_user+0x2bf/0x3e0
[ 62.235111][ T6821] ? trace_hardirqs_on+0x5f/0x220
[ 62.240134][ T6821] do_syscall_64+0x2d/0x70
[ 62.244529][ T6821] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 62.250391][ T6821] RIP: 0033:0x4403e9
[ 62.254272][ T6821] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 62.273872][ T6821] RSP: 002b:00007ffd4e3bdb58 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[ 62.282275][ T6821] RAX: ffffffffffffffda RBX: 69662f7375622f2e RCX: 00000000004403e9
[ 62.290237][ T6821] RDX: 00000000004403e9 RSI: 00000000004403e9 RDI: 0000000020000080
[ 62.298182][ T6821] RBP: 2f31656c69662f2e R08: 0000000000000000 R09: 0000000000000000
[ 62.306127][ T6821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401bf0
[ 62.314073][ T6821] R13: 0000000000401c80 R14: 0000000000000000 R15: 0000000000000000
[ 62.323005][ T6821] Kernel Offset: disabled
[ 62.327319][ T6821] Rebooting in 86400 seconds..