[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.26' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 71.649856][ T27] audit: type=1400 audit(1602317368.557:8): avc: denied { execmem } for pid=6887 comm="syz-executor693" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 71.666202][ T6887] gfs2: fsid=loop0: Trying to join cluster "lock_nolock", "loop0" [ 71.678637][ T6887] gfs2: fsid=loop0: Now mounting FS... [ 71.687436][ T6887] ================================================================================ [ 71.697378][ T6887] UBSAN: array-index-out-of-bounds in fs/gfs2/ops_fstype.c:342:21 [ 71.705699][ T6887] index 11 is out of range for type 'u64 [11]' [ 71.711861][ T6887] CPU: 0 PID: 6887 Comm: syz-executor693 Not tainted 5.9.0-rc8-syzkaller #0 [ 71.720514][ T6887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.730555][ T6887] Call Trace: [ 71.733851][ T6887] dump_stack+0x198/0x1fd [ 71.738174][ T6887] ubsan_epilogue+0xb/0x5a [ 71.742589][ T6887] __ubsan_handle_out_of_bounds.cold+0x62/0x6c [ 71.748724][ T6887] init_sb+0xc37/0xd30 [ 71.752776][ T6887] ? gfs2_read_super+0x1080/0x1080 [ 71.757870][ T6887] ? gfs2_glock_nq_num+0xf9/0x240 [ 71.762871][ T6887] ? __debugfs_create_file+0x36b/0x4f0 [ 71.768322][ T6887] gfs2_fill_super+0x1796/0x254a [ 71.773463][ T6887] ? gfs2_reconfigure+0x1020/0x1020 [ 71.778650][ T6887] ? lock_downgrade+0x830/0x830 [ 71.783488][ T6887] ? gfs2_glock_nq_num+0xf9/0x240 [ 71.788495][ T6887] ? snprintf+0xbb/0xf0 [ 71.792659][ T6887] ? vsprintf+0x30/0x30 [ 71.796796][ T6887] ? wait_for_completion+0x260/0x260 [ 71.802067][ T6887] ? set_blocksize+0x1c1/0x400 [ 71.806815][ T6887] get_tree_bdev+0x421/0x740 [ 71.811416][ T6887] ? gfs2_reconfigure+0x1020/0x1020 [ 71.816594][ T6887] gfs2_get_tree+0x4a/0x270 [ 71.821078][ T6887] vfs_get_tree+0x89/0x2f0 [ 71.825484][ T6887] path_mount+0x1387/0x20a0 [ 71.829978][ T6887] ? strncpy_from_user+0x2bf/0x3e0 [ 71.835065][ T6887] ? copy_mount_string+0x40/0x40 [ 71.839978][ T6887] ? getname_flags.part.0+0x1dd/0x4f0 [ 71.845331][ T6887] __x64_sys_mount+0x27f/0x300 [ 71.850080][ T6887] ? copy_mnt_ns+0xa60/0xa60 [ 71.854650][ T6887] ? check_preemption_disabled+0x50/0x130 [ 71.860354][ T6887] ? syscall_enter_from_user_mode+0x1d/0x60 [ 71.866229][ T6887] do_syscall_64+0x2d/0x70 [ 71.870623][ T6887] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 71.876500][ T6887] RIP: 0033:0x446dba [ 71.880379][ T6887] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 fd ad fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 da ad fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 71.900001][ T6887] RSP: 002b:00007ffcd944f138 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5 [ 71.908403][ T6887] RAX: ffffffffffffffda RBX: 00007ffcd944f190 RCX: 0000000000446dba [ 71.916352][ T6887] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd944f150 [ 71.924304][ T6887] RBP: 00007ffcd944f150 R08: 00007ffcd944f190 R09: 00007ffc00000015 [ 71.932254][ T6887] R10: 0000000002200000 R11: 0000000000000293 R12: 0000000000000001 [ 71.940211][ T6887] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 71.963833][ T6887] ================================================================================ [ 71.973146][ T6887] Kernel panic - not syncing: panic_on_warn set ... [ 71.979751][ T6887] CPU: 0 PID: 6887 Comm: syz-executor693 Not tainted 5.9.0-rc8-syzkaller #0 [ 71.988411][ T6887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.998478][ T6887] Call Trace: [ 72.001767][ T6887] dump_stack+0x198/0x1fd [ 72.006118][ T6887] panic+0x382/0x7fb [ 72.009993][ T6887] ? __warn_printk+0xf3/0xf3 [ 72.014957][ T6887] ? mark_lock+0x82/0x1660 [ 72.019349][ T6887] ? ubsan_epilogue+0x3e/0x5a [ 72.024002][ T6887] ? ubsan_epilogue+0x35/0x5a [ 72.028659][ T6887] ubsan_epilogue+0x54/0x5a [ 72.033149][ T6887] __ubsan_handle_out_of_bounds.cold+0x62/0x6c [ 72.039285][ T6887] init_sb+0xc37/0xd30 [ 72.043346][ T6887] ? gfs2_read_super+0x1080/0x1080 [ 72.048437][ T6887] ? gfs2_glock_nq_num+0xf9/0x240 [ 72.053451][ T6887] ? __debugfs_create_file+0x36b/0x4f0 [ 72.058890][ T6887] gfs2_fill_super+0x1796/0x254a [ 72.063822][ T6887] ? gfs2_reconfigure+0x1020/0x1020 [ 72.068996][ T6887] ? lock_downgrade+0x830/0x830 [ 72.073824][ T6887] ? gfs2_glock_nq_num+0xf9/0x240 [ 72.078822][ T6887] ? snprintf+0xbb/0xf0 [ 72.082950][ T6887] ? vsprintf+0x30/0x30 [ 72.087097][ T6887] ? wait_for_completion+0x260/0x260 [ 72.092364][ T6887] ? set_blocksize+0x1c1/0x400 [ 72.097111][ T6887] get_tree_bdev+0x421/0x740 [ 72.101693][ T6887] ? gfs2_reconfigure+0x1020/0x1020 [ 72.106895][ T6887] gfs2_get_tree+0x4a/0x270 [ 72.111381][ T6887] vfs_get_tree+0x89/0x2f0 [ 72.115775][ T6887] path_mount+0x1387/0x20a0 [ 72.120267][ T6887] ? strncpy_from_user+0x2bf/0x3e0 [ 72.125354][ T6887] ? copy_mount_string+0x40/0x40 [ 72.130279][ T6887] ? getname_flags.part.0+0x1dd/0x4f0 [ 72.135631][ T6887] __x64_sys_mount+0x27f/0x300 [ 72.140381][ T6887] ? copy_mnt_ns+0xa60/0xa60 [ 72.144949][ T6887] ? check_preemption_disabled+0x50/0x130 [ 72.150645][ T6887] ? syscall_enter_from_user_mode+0x1d/0x60 [ 72.156528][ T6887] do_syscall_64+0x2d/0x70 [ 72.160923][ T6887] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 72.166801][ T6887] RIP: 0033:0x446dba [ 72.170675][ T6887] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 fd ad fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 da ad fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 72.190273][ T6887] RSP: 002b:00007ffcd944f138 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5 [ 72.198667][ T6887] RAX: ffffffffffffffda RBX: 00007ffcd944f190 RCX: 0000000000446dba [ 72.206628][ T6887] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd944f150 [ 72.214589][ T6887] RBP: 00007ffcd944f150 R08: 00007ffcd944f190 R09: 00007ffc00000015 [ 72.222540][ T6887] R10: 0000000002200000 R11: 0000000000000293 R12: 0000000000000001 [ 72.230489][ T6887] R13: 0000000000000004 R14: 0000000000000003 R15: 0000000000000003 [ 72.239562][ T6887] Kernel Offset: disabled [ 72.243948][ T6887] Rebooting in 86400 seconds..