[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.236' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 67.132899][ T8511] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN [ 67.144995][ T8511] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 67.153483][ T8511] CPU: 0 PID: 8511 Comm: syz-executor248 Not tainted 5.10.0-rc1-next-20201102-syzkaller #0 [ 67.163441][ T8511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.173493][ T8511] RIP: 0010:jffs2_parse_param+0x141/0x330 [ 67.179358][ T8511] Code: 48 c1 ea 03 4d 63 fc 80 3c 02 00 0f 85 de 01 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 75 00 49 8d 7e 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 c8 01 00 00 4d 8b 76 08 4c 89 ff 4c 89 f6 e8 d6 [ 67.198949][ T8511] RSP: 0018:ffffc9000162fb78 EFLAGS: 00010202 [ 67.205041][ T8511] RAX: dffffc0000000000 RBX: ffff88802139f800 RCX: ffffffff8286a774 [ 67.212999][ T8511] RDX: 0000000000000001 RSI: ffffffff8286a786 RDI: 0000000000000008 [ 67.221004][ T8511] RBP: 1ffff920002c5f6f R08: 0000000000000001 R09: ffff888011168d93 [ 67.229051][ T8511] R10: 00000000003fffff R11: 0000000000000000 R12: 000000000000ac00 [ 67.237009][ T8511] R13: ffff888013d04000 R14: 0000000000000000 R15: 000000000000ac00 [ 67.244969][ T8511] FS: 0000000002563880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 67.253918][ T8511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.260536][ T8511] CR2: 000000000043ea70 CR3: 0000000016d41000 CR4: 00000000001506f0 [ 67.268496][ T8511] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.276467][ T8511] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.284427][ T8511] Call Trace: [ 67.287710][ T8511] ? jffs2_alloc_inode+0x40/0x40 [ 67.292637][ T8511] ? vfs_parse_fs_string+0x10/0x150 [ 67.297820][ T8511] ? rcu_read_lock_sched_held+0x3a/0x70 [ 67.303475][ T8511] ? jffs2_alloc_inode+0x40/0x40 [ 67.308407][ T8511] vfs_parse_fs_param+0x203/0x550 [ 67.313418][ T8511] vfs_parse_fs_string+0xe6/0x150 [ 67.318461][ T8511] ? vfs_parse_fs_param+0x550/0x550 [ 67.323643][ T8511] ? bpf_lsm_sb_eat_lsm_opts+0x5/0x10 [ 67.328999][ T8511] generic_parse_monolithic+0x16f/0x1f0 [ 67.334529][ T8511] ? vfs_parse_fs_string+0x150/0x150 [ 67.339800][ T8511] ? jffs2_get_parent+0x60/0x60 [ 67.344635][ T8511] ? alloc_fs_context+0x5c6/0x9f0 [ 67.349645][ T8511] path_mount+0x1266/0x1e70 [ 67.354136][ T8511] ? strncpy_from_user+0x29e/0x3a0 [ 67.359404][ T8511] ? finish_automount+0xac0/0xac0 [ 67.364444][ T8511] ? getname_flags.part.0+0x1dd/0x4f0 [ 67.369801][ T8511] __x64_sys_mount+0x27f/0x300 [ 67.374554][ T8511] ? copy_mnt_ns+0xae0/0xae0 [ 67.379167][ T8511] ? syscall_enter_from_user_mode+0x1d/0x50 [ 67.385044][ T8511] do_syscall_64+0x2d/0x70 [ 67.389448][ T8511] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.395573][ T8511] RIP: 0033:0x446bda [ 67.399453][ T8511] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d ae fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a ae fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 67.419172][ T8511] RSP: 002b:00007ffd23589ba8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 67.427572][ T8511] RAX: ffffffffffffffda RBX: 00007ffd23589bf0 RCX: 0000000000446bda [ 67.435532][ T8511] RDX: 0000000020000000 RSI: 0000000020000080 RDI: 0000000000000000 [ 67.443505][ T8511] RBP: 0000000000000080 R08: 00007ffd23589bf0 R09: 0000000000000014 [ 67.451617][ T8511] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000401ec0 [ 67.459587][ T8511] R13: 0000000000401f50 R14: 0000000000000000 R15: 0000000000000000 [ 67.467672][ T8511] Modules linked in: [ 67.472136][ T8511] ---[ end trace 6bb26378bf4849a4 ]--- [ 67.477611][ T8511] RIP: 0010:jffs2_parse_param+0x141/0x330 [ 67.483642][ T8511] Code: 48 c1 ea 03 4d 63 fc 80 3c 02 00 0f 85 de 01 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 75 00 49 8d 7e 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 c8 01 00 00 4d 8b 76 08 4c 89 ff 4c 89 f6 e8 d6 [ 67.503575][ T8511] RSP: 0018:ffffc9000162fb78 EFLAGS: 00010202 [ 67.509723][ T8511] RAX: dffffc0000000000 RBX: ffff88802139f800 RCX: ffffffff8286a774 [ 67.517738][ T8511] RDX: 0000000000000001 RSI: ffffffff8286a786 RDI: 0000000000000008 [ 67.525751][ T8511] RBP: 1ffff920002c5f6f R08: 0000000000000001 R09: ffff888011168d93 [ 67.533909][ T8511] R10: 00000000003fffff R11: 0000000000000000 R12: 000000000000ac00 [ 67.541930][ T8511] R13: ffff888013d04000 R14: 0000000000000000 R15: 000000000000ac00 [ 67.550056][ T8511] FS: 0000000002563880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 67.559145][ T8511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.565736][ T8511] CR2: 000000000043ea70 CR3: 0000000016d41000 CR4: 00000000001506f0 [ 67.573738][ T8511] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.581897][ T8511] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.589923][ T8511] Kernel panic - not syncing: Fatal exception [ 67.596936][ T8511] Kernel Offset: disabled [ 67.601414][ T8511] Rebooting in 86400 seconds..