[ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Warning: Permanently added '10.128.15.204' (ECDSA) to the list of known hosts. Debian GNU/Linux 9 syzkaller ttyS0 executing program executing program executing program executing program executing program executing program syzkaller login: [ 69.779124][ T37] audit: type=1400 audit(1626138954.759:8): avc: denied { execmem } for pid=8452 comm="syz-executor886" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 70.190082][ T8139] ------------[ cut here ]------------ [ 70.200945][ T8139] kernel BUG at fs/io_uring.c:1293! [ 70.210281][ T2947] ------------[ cut here ]------------ [ 70.214336][ T8139] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 70.217123][ T2947] kernel BUG at fs/io_uring.c:1293! [ 70.222813][ T8139] CPU: 1 PID: 8139 Comm: kworker/1:3 Tainted: G W 5.14.0-rc1-syzkaller #0 [ 70.222842][ T8139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.222858][ T8139] Workqueue: events io_fallback_req_func [ 70.222888][ T8139] RIP: 0010:io_queue_async_work+0x539/0x5f0 [ 70.222917][ T8139] Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb [ 70.280368][ T8139] RSP: 0018:ffffc9000c627ba8 EFLAGS: 00010293 [ 70.286743][ T8139] RAX: 0000000000000000 RBX: ffff88802d256000 RCX: 0000000000000000 [ 70.295649][ T8139] RDX: ffff888030f4e180 RSI: ffffffff81df55c9 RDI: ffff88802ef66a50 [ 70.303754][ T8139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019 [ 70.311807][ T8139] R10: ffffffff81df517c R11: 000000000000000f R12: ffff8880441eb6c0 [ 70.320177][ T8139] R13: 0000000000000019 R14: ffff88802d2560b0 R15: ffff8880441eb718 [ 70.329089][ T8139] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 70.338272][ T8139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.344858][ T8139] CR2: 000000000049a01d CR3: 00000000396af000 CR4: 00000000001506e0 [ 70.352849][ T8139] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.361349][ T8139] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.369539][ T8139] Call Trace: [ 70.372829][ T8139] __io_queue_sqe+0x913/0xf10 [ 70.377565][ T8139] ? mutex_lock_io_nested+0xf00/0xf00 [ 70.382949][ T8139] ? io_issue_sqe+0x6920/0x6920 [ 70.387948][ T8139] ? lock_release+0x720/0x720 [ 70.392830][ T8139] ? lock_downgrade+0x6e0/0x6e0 [ 70.397837][ T8139] io_req_task_submit+0x100/0x120 [ 70.403283][ T8139] io_fallback_req_func+0x81/0xb0 [ 70.408810][ T8139] process_one_work+0x98d/0x1630 [ 70.414141][ T8139] ? pwq_dec_nr_in_flight+0x320/0x320 [ 70.419874][ T8139] ? rwlock_bug.part.0+0x90/0x90 [ 70.425446][ T8139] worker_thread+0x658/0x11f0 [ 70.430656][ T8139] ? process_one_work+0x1630/0x1630 [ 70.435859][ T8139] kthread+0x3e5/0x4d0 [ 70.439922][ T8139] ? _raw_spin_unlock_irq+0x1f/0x40 [ 70.445116][ T8139] ? set_kthread_struct+0x130/0x130 [ 70.450402][ T8139] ret_from_fork+0x1f/0x30 [ 70.454835][ T8139] Modules linked in: [ 70.458779][ T2947] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 70.464876][ T2947] CPU: 0 PID: 2947 Comm: kworker/0:2 Tainted: G D W 5.14.0-rc1-syzkaller #0 [ 70.474812][ T2947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.485074][ T2947] Workqueue: events io_fallback_req_func [ 70.490809][ T2947] RIP: 0010:io_queue_async_work+0x539/0x5f0 [ 70.496798][ T2947] Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb [ 70.516858][ T2947] RSP: 0018:ffffc90002247ba8 EFLAGS: 00010293 [ 70.522966][ T2947] RAX: 0000000000000000 RBX: ffff88802addf800 RCX: 0000000000000000 [ 70.530942][ T2947] RDX: ffff888020356200 RSI: ffffffff81df55c9 RDI: ffff88802f266990 [ 70.539011][ T2947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019 [ 70.547193][ T2947] R10: ffffffff81df517c R11: 000000000000000f R12: ffff88801d6f9a00 [ 70.555180][ T2947] R13: 0000000000000019 R14: ffff88802addf8b0 R15: ffff88801d6f9a58 [ 70.563190][ T2947] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 70.572157][ T2947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.579013][ T2947] CR2: 0000000020000444 CR3: 0000000012de2000 CR4: 00000000001506f0 [ 70.587015][ T2947] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.595121][ T2947] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.603185][ T2947] Call Trace: [ 70.606478][ T2947] __io_queue_sqe+0x913/0xf10 [ 70.611179][ T2947] ? mutex_lock_io_nested+0xf00/0xf00 [ 70.616564][ T2947] ? io_issue_sqe+0x6920/0x6920 [ 70.621448][ T2947] ? lock_release+0x720/0x720 [ 70.627048][ T2947] ? lock_downgrade+0x6e0/0x6e0 [ 70.631919][ T2947] io_req_task_submit+0x100/0x120 [ 70.636963][ T2947] io_fallback_req_func+0x81/0xb0 [ 70.642024][ T2947] process_one_work+0x98d/0x1630 [ 70.647164][ T2947] ? pwq_dec_nr_in_flight+0x320/0x320 [ 70.652779][ T2947] ? rwlock_bug.part.0+0x90/0x90 [ 70.657781][ T2947] worker_thread+0x658/0x11f0 [ 70.662494][ T2947] ? process_one_work+0x1630/0x1630 [ 70.667711][ T2947] kthread+0x3e5/0x4d0 [ 70.671813][ T2947] ? set_kthread_struct+0x130/0x130 [ 70.677041][ T2947] ret_from_fork+0x1f/0x30 [ 70.681569][ T2947] Modules linked in: executing program executing program [ 70.689478][ T8139] ---[ end trace aa15edd5dcdbd7e3 ]--- [ 70.707611][ T8510] syz-executor886[8510]: segfault at 10c ip 00000000004024da sp 00007f5b4713e300 error 4 [ 70.718515][ T8139] RIP: 0010:io_queue_async_work+0x539/0x5f0 [ 70.738887][ T8139] Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb [ 70.755793][ T8510] Code: f3 0f 6f 0c 25 40 00 00 20 c7 04 25 58 00 00 20 00 80 00 00 c7 04 25 5c 00 00 20 00 00 00 00 c7 04 25 7c 00 00 20 00 00 00 00 <8b> 88 0c 01 00 00 48 c7 04 25 50 00 00 20 00 d0 20 20 48 c7 04 25 executing program executing program [ 70.837376][ T8139] RSP: 0018:ffffc9000c627ba8 EFLAGS: 00010293 [ 70.853726][ T2947] ---[ end trace aa15edd5dcdbd7e4 ]--- [ 70.866807][ T2947] RIP: 0010:io_queue_async_work+0x539/0x5f0 [ 70.869963][ T8139] RAX: 0000000000000000 RBX: ffff88802d256000 RCX: 0000000000000000 [ 70.890741][ T2947] Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb executing program [ 70.935046][ T8139] RDX: ffff888030f4e180 RSI: ffffffff81df55c9 RDI: ffff88802ef66a50 [ 70.973166][ T8139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019 executing program executing program [ 70.980941][ T2947] RSP: 0018:ffffc9000c627ba8 EFLAGS: 00010293 executing program [ 71.005709][ T8139] R10: ffffffff81df517c R11: 000000000000000f R12: ffff8880441eb6c0 [ 71.015976][ T2947] RAX: 0000000000000000 RBX: ffff88802d256000 RCX: 0000000000000000 [ 71.030775][ T8139] R13: 0000000000000019 R14: ffff88802d2560b0 R15: ffff8880441eb718 [ 71.039238][ T8139] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 executing program [ 71.066370][ T2947] RDX: ffff888030f4e180 RSI: ffffffff81df55c9 RDI: ffff88802ef66a50 [ 71.083482][ T8139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 executing program [ 71.109041][ T8139] CR2: 0000000020000444 CR3: 0000000042660000 CR4: 00000000001506e0 [ 71.115271][ T2947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019 [ 71.149094][ T8139] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 executing program [ 71.154283][ T2947] R10: ffffffff81df517c R11: 000000000000000f R12: ffff8880441eb6c0 [ 71.182466][ T8139] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 executing program [ 71.206224][ T2947] R13: 0000000000000019 R14: ffff88802d2560b0 R15: ffff8880441eb718 [ 71.216132][ T8139] Kernel panic - not syncing: Fatal exception [ 71.223114][ T8139] Kernel Offset: disabled [ 71.227443][ T8139] Rebooting in 86400 seconds..