[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 81.364327][ T27] audit: type=1800 audit(1581583087.321:25): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 81.393312][ T27] audit: type=1800 audit(1581583087.321:26): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 81.441790][ T27] audit: type=1800 audit(1581583087.321:27): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 91.183000][ T9582] ================================================================== [ 91.183057][ T9582] BUG: KASAN: null-ptr-deref in do_con_trol+0x3b9/0x61b0 [ 91.183070][ T9582] Read of size 4294967294 at addr 0000000000000012 by task syz-executor837/9582 [ 91.183074][ T9582] [ 91.183090][ T9582] CPU: 0 PID: 9582 Comm: syz-executor837 Not tainted 5.6.0-rc1-syzkaller #0 [ 91.183099][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.183104][ T9582] Call Trace: [ 91.183122][ T9582] dump_stack+0x197/0x210 [ 91.183139][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.183154][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.183175][ T9582] __kasan_report.cold+0x5/0x32 [ 91.183202][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.183225][ T9582] kasan_report+0x12/0x20 [ 91.183244][ T9582] check_memory_region+0x134/0x1a0 [ 91.183263][ T9582] memcpy+0x24/0x50 [ 91.183281][ T9582] do_con_trol+0x3b9/0x61b0 [ 91.183307][ T9582] ? reset_palette+0x190/0x190 [ 91.183328][ T9582] ? __kasan_check_read+0x11/0x20 [ 91.183353][ T9582] ? __atomic_notifier_call_chain+0xf8/0x1a0 [ 91.183386][ T9582] do_con_write.part.0+0xfd9/0x1ef0 [ 91.183444][ T9582] ? do_con_trol+0x61b0/0x61b0 [ 91.183459][ T9582] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 91.183472][ T9582] ? add_wait_queue+0x112/0x170 [ 91.183486][ T9582] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 91.183512][ T9582] ? trace_hardirqs_on+0x67/0x240 [ 91.183543][ T9582] con_write+0x46/0xd0 [ 91.183565][ T9582] n_tty_write+0x40e/0x1080 [ 91.183612][ T9582] ? n_tty_read+0x1bf0/0x1bf0 [ 91.183633][ T9582] ? prepare_to_wait_exclusive+0x320/0x320 [ 91.183661][ T9582] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.183676][ T9582] ? _copy_from_user+0x12c/0x1a0 [ 91.183698][ T9582] tty_write+0x496/0x7f0 [ 91.183720][ T9582] ? n_tty_read+0x1bf0/0x1bf0 [ 91.183749][ T9582] __vfs_write+0x8a/0x110 [ 91.183761][ T9582] ? put_tty_driver+0x20/0x20 [ 91.183783][ T9582] vfs_write+0x268/0x5d0 [ 91.183810][ T9582] ksys_write+0x14f/0x290 [ 91.183833][ T9582] ? __ia32_sys_read+0xb0/0xb0 [ 91.183854][ T9582] ? do_fast_syscall_32+0xd1/0xe16 [ 91.183869][ T9582] ? entry_SYSENTER_compat+0x70/0x7f [ 91.183884][ T9582] ? do_fast_syscall_32+0xd1/0xe16 [ 91.183912][ T9582] __ia32_sys_write+0x71/0xb0 [ 91.183933][ T9582] do_fast_syscall_32+0x27b/0xe16 [ 91.183957][ T9582] entry_SYSENTER_compat+0x70/0x7f [ 91.183968][ T9582] RIP: 0023:0xf7f61e39 [ 91.183983][ T9582] Code: 1d 00 00 00 89 d3 5b 5e 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 91.183991][ T9582] RSP: 002b:00000000ffaf05cc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 91.184005][ T9582] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000140 [ 91.184014][ T9582] RDX: 0000000000000078 RSI: 00000000080eb080 RDI: 00000000ffaf0620 [ 91.184022][ T9582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.184030][ T9582] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 91.184039][ T9582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.184076][ T9582] ================================================================== [ 91.184081][ T9582] Disabling lock debugging due to kernel taint [ 91.185479][ T9582] Kernel panic - not syncing: panic_on_warn set ... [ 91.185496][ T9582] CPU: 0 PID: 9582 Comm: syz-executor837 Tainted: G B 5.6.0-rc1-syzkaller #0 [ 91.185503][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.185507][ T9582] Call Trace: [ 91.185525][ T9582] dump_stack+0x197/0x210 [ 91.185545][ T9582] panic+0x2e3/0x75c [ 91.185560][ T9582] ? add_taint.cold+0x16/0x16 [ 91.185580][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.185598][ T9582] ? preempt_schedule+0x4b/0x60 [ 91.185614][ T9582] ? ___preempt_schedule+0x16/0x18 [ 91.185633][ T9582] ? trace_hardirqs_on+0x5e/0x240 [ 91.185649][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.185666][ T9582] end_report+0x47/0x4f [ 91.185679][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.185694][ T9582] __kasan_report.cold+0xe/0x32 [ 91.185710][ T9582] ? do_con_trol+0x3b9/0x61b0 [ 91.185728][ T9582] kasan_report+0x12/0x20 [ 91.185745][ T9582] check_memory_region+0x134/0x1a0 [ 91.185760][ T9582] memcpy+0x24/0x50 [ 91.185776][ T9582] do_con_trol+0x3b9/0x61b0 [ 91.185794][ T9582] ? reset_palette+0x190/0x190 [ 91.185811][ T9582] ? __kasan_check_read+0x11/0x20 [ 91.185831][ T9582] ? __atomic_notifier_call_chain+0xf8/0x1a0 [ 91.185853][ T9582] do_con_write.part.0+0xfd9/0x1ef0 [ 91.185880][ T9582] ? do_con_trol+0x61b0/0x61b0 [ 91.185892][ T9582] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 91.185903][ T9582] ? add_wait_queue+0x112/0x170 [ 91.185916][ T9582] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 91.185935][ T9582] ? trace_hardirqs_on+0x67/0x240 [ 91.185953][ T9582] con_write+0x46/0xd0 [ 91.186040][ T9582] n_tty_write+0x40e/0x1080 [ 91.186069][ T9582] ? n_tty_read+0x1bf0/0x1bf0 [ 91.186085][ T9582] ? prepare_to_wait_exclusive+0x320/0x320 [ 91.186104][ T9582] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 91.186117][ T9582] ? _copy_from_user+0x12c/0x1a0 [ 91.186131][ T9582] tty_write+0x496/0x7f0 [ 91.186146][ T9582] ? n_tty_read+0x1bf0/0x1bf0 [ 91.186166][ T9582] __vfs_write+0x8a/0x110 [ 91.186177][ T9582] ? put_tty_driver+0x20/0x20 [ 91.186193][ T9582] vfs_write+0x268/0x5d0 [ 91.186212][ T9582] ksys_write+0x14f/0x290 [ 91.186228][ T9582] ? __ia32_sys_read+0xb0/0xb0 [ 91.186244][ T9582] ? do_fast_syscall_32+0xd1/0xe16 [ 91.186258][ T9582] ? entry_SYSENTER_compat+0x70/0x7f [ 91.186271][ T9582] ? do_fast_syscall_32+0xd1/0xe16 [ 91.186290][ T9582] __ia32_sys_write+0x71/0xb0 [ 91.186306][ T9582] do_fast_syscall_32+0x27b/0xe16 [ 91.186325][ T9582] entry_SYSENTER_compat+0x70/0x7f [ 91.186334][ T9582] RIP: 0023:0xf7f61e39 [ 91.186348][ T9582] Code: 1d 00 00 00 89 d3 5b 5e 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 91.186354][ T9582] RSP: 002b:00000000ffaf05cc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 91.186366][ T9582] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000140 [ 91.186373][ T9582] RDX: 0000000000000078 RSI: 00000000080eb080 RDI: 00000000ffaf0620 [ 91.186379][ T9582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.186386][ T9582] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 91.186401][ T9582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.187638][ T9582] Kernel Offset: disabled [ 91.820335][ T9582] Rebooting in 86400 seconds..