[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts. 2020/05/21 23:22:03 parsed 1 programs 2020/05/21 23:22:03 executed programs: 0 syzkaller login: [ 46.753467] audit: type=1400 audit(1590103323.814:8): avc: denied { execmem } for pid=6350 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 47.036854] IPVS: ftp: loaded support on port[0] = 21 [ 47.908649] chnl_net:caif_netlink_parms(): no params data found [ 48.008281] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.014910] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.022884] device bridge_slave_0 entered promiscuous mode [ 48.030732] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.037393] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.044301] device bridge_slave_1 entered promiscuous mode [ 48.061598] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.070778] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.089508] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 48.096961] team0: Port device team_slave_0 added [ 48.103155] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 48.110589] team0: Port device team_slave_1 added [ 48.126811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.133408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.159706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.173951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.181436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.207589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.218994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 48.226975] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 48.278387] device hsr_slave_0 entered promiscuous mode [ 48.315866] device hsr_slave_1 entered promiscuous mode [ 48.376173] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 48.384303] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 48.449835] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.456433] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.463227] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.469686] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.500833] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 48.508133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.518428] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 48.530983] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 48.550362] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.557877] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.569626] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 48.576092] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.584395] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 48.593381] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.599836] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.611175] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.619091] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.625642] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.639882] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 48.648369] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 48.662787] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 48.673177] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.684410] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 48.691591] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 48.699620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.708229] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.717327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 48.730920] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 48.738907] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 48.746519] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 48.757416] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.810166] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 48.820814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.851074] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 48.858775] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 48.866621] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 48.876626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.884114] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.891505] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.899768] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 48.908733] device veth0_vlan entered promiscuous mode [ 48.919714] device veth1_vlan entered promiscuous mode [ 48.933605] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 48.943747] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 48.951675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.960200] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.969363] device veth0_macvtap entered promiscuous mode [ 48.976916] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 48.985159] device veth1_macvtap entered promiscuous mode [ 48.992349] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 49.001117] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 49.012006] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 49.022211] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 49.029859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.037132] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.044373] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.051800] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.059948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.070265] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 49.077330] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.084023] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.092046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.341029] vma ffff8880905a6840 start 0000000020000000 end 0000000020b36000 [ 50.341029] next ffff8880a196a420 prev ffff88808e47ec60 mm ffff8880941b6000 [ 50.341029] prot 25 anon_vma (null) vm_ops ffffffff8690c420 [ 50.341029] pgoff 0 file ffff8880964cd2c0 private_data (null) [ 50.341029] flags: 0xfe(write|exec|shared|mayread|maywrite|mayexec|mayshare) [ 50.380197] ------------[ cut here ]------------ [ 50.385188] kernel BUG at mm/memory.c:3895! [ 50.390481] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 50.395869] Modules linked in: [ 50.399069] CPU: 0 PID: 6582 Comm: syz-executor.0 Not tainted 4.14.181-syzkaller #0 [ 50.407809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.417159] task: ffff8880948b06c0 task.stack: ffff888096780000 [ 50.423212] RIP: 0010:__handle_mm_fault+0x213f/0x3700 [ 50.428419] RSP: 0018:ffff888096787d48 EFLAGS: 00010283 [ 50.433779] RAX: 0000000000000137 RBX: 0000000000000000 RCX: 0000000000000000 [ 50.441028] RDX: 0000000000000000 RSI: ffffffff868c0a40 RDI: ffffed1012cf0f88 [ 50.448379] RBP: 0000000080a000e5 R08: 0000000000000137 R09: 0000000000000000 [ 50.456341] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff11012cf0faf [ 50.463757] R13: ffff8880905a6840 R14: 0000000000000080 R15: ffffffff87806758 [ 50.471212] FS: 0000000000e44940(0000) GS:ffff8880aec00000(0000) knlGS:0000000000000000 [ 50.479596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.485738] CR2: 00000000200001c0 CR3: 000000009fd07000 CR4: 00000000001406f0 [ 50.493248] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.502543] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.509824] Call Trace: [ 50.512405] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 50.517146] handle_mm_fault+0x306/0x794 [ 50.521186] __do_page_fault+0x578/0xb50 [ 50.525236] ? mm_fault_error+0x2c0/0x2c0 [ 50.529401] ? do_page_fault+0x60/0x4f2 [ 50.533373] ? page_fault+0x2f/0x50 [ 50.537067] page_fault+0x45/0x50 [ 50.540506] RIP: c4ea:0xfffffffffffffffe [ 50.544545] RSP: 0000:0000000000790378 EFLAGS: 00790380 [ 50.544552] Code: df ff f0 ff 4d 1c 0f 85 ba ed ff ff e8 5b d1 df ff 48 89 ef e8 d3 d4 f6 ff e9 a8 ed ff ff e8 49 d1 df ff 4c 89 ef e8 fd ab fd ff <0f> 0b e8 3a d1 df ff 4c 8d 7c 24 60 4c 89 ff e8 4d b2 0a 00 41 [ 50.569233] RIP: __handle_mm_fault+0x213f/0x3700 RSP: ffff888096787d48 [ 50.577551] ---[ end trace 0b180e244032d3c2 ]--- [ 50.582412] Kernel panic - not syncing: Fatal exception [ 50.589167] Kernel Offset: disabled [ 50.592794] Rebooting in 86400 seconds..