[ 58.300914][ T27] audit: type=1800 audit(1576001943.192:25): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 58.323249][ T27] audit: type=1800 audit(1576001943.192:26): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 58.376873][ T27] audit: type=1800 audit(1576001943.192:27): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 59.024684][ T8908] sshd (8908) used greatest stack depth: 22888 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.35' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 68.411359][ T8995] ================================================================== [ 68.411414][ T8995] BUG: KASAN: wild-memory-access in insert_char+0x206/0x400 [ 68.411425][ T8995] Read of size 212 at addr 00000000ffffff3a by task syz-executor266/8995 [ 68.411429][ T8995] [ 68.411444][ T8995] CPU: 1 PID: 8995 Comm: syz-executor266 Not tainted 5.5.0-rc1-syzkaller #0 [ 68.411452][ T8995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.411457][ T8995] Call Trace: [ 68.411475][ T8995] dump_stack+0x197/0x210 [ 68.411489][ T8995] ? insert_char+0x206/0x400 [ 68.411502][ T8995] ? insert_char+0x206/0x400 [ 68.411519][ T8995] __kasan_report.cold+0x5/0x41 [ 68.411534][ T8995] ? insert_char+0x206/0x400 [ 68.411550][ T8995] kasan_report+0x12/0x20 [ 68.411564][ T8995] check_memory_region+0x134/0x1a0 [ 68.411578][ T8995] memmove+0x24/0x50 [ 68.411593][ T8995] insert_char+0x206/0x400 [ 68.411614][ T8995] do_con_trol+0x41a6/0x61b0 [ 68.411633][ T8995] ? reset_palette+0x190/0x190 [ 68.411647][ T8995] ? __kasan_check_read+0x11/0x20 [ 68.411667][ T8995] ? __atomic_notifier_call_chain+0xf8/0x1a0 [ 68.411687][ T8995] do_con_write.part.0+0xfd9/0x1ef0 [ 68.411716][ T8995] ? do_con_trol+0x61b0/0x61b0 [ 68.411729][ T8995] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 68.411739][ T8995] ? add_wait_queue+0x112/0x170 [ 68.411751][ T8995] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 68.411770][ T8995] ? trace_hardirqs_on+0x67/0x240 [ 68.411790][ T8995] con_write+0x46/0xd0 [ 68.411806][ T8995] n_tty_write+0x40e/0x1080 [ 68.411834][ T8995] ? n_tty_read+0x1bf0/0x1bf0 [ 68.411849][ T8995] ? prepare_to_wait_exclusive+0x320/0x320 [ 68.411868][ T8995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.411882][ T8995] ? _copy_from_user+0x12c/0x1a0 [ 68.411898][ T8995] tty_write+0x496/0x7f0 [ 68.411922][ T8995] ? n_tty_read+0x1bf0/0x1bf0 [ 68.411940][ T8995] __vfs_write+0x8a/0x110 [ 68.411952][ T8995] ? put_tty_driver+0x20/0x20 [ 68.411967][ T8995] vfs_write+0x268/0x5d0 [ 68.411984][ T8995] ksys_write+0x14f/0x290 [ 68.412000][ T8995] ? __ia32_sys_read+0xb0/0xb0 [ 68.412017][ T8995] ? do_fast_syscall_32+0xd1/0xe16 [ 68.412030][ T8995] ? entry_SYSENTER_compat+0x70/0x7f [ 68.412042][ T8995] ? do_fast_syscall_32+0xd1/0xe16 [ 68.412060][ T8995] __ia32_sys_write+0x71/0xb0 [ 68.412076][ T8995] do_fast_syscall_32+0x27b/0xe16 [ 68.412094][ T8995] entry_SYSENTER_compat+0x70/0x7f [ 68.412104][ T8995] RIP: 0023:0xf7fc6a39 [ 68.412116][ T8995] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 68.412123][ T8995] RSP: 002b:00000000ffdae18c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 68.412136][ T8995] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000 [ 68.412143][ T8995] RDX: 0000000000000078 RSI: 00000000080eb080 RDI: 00000000ffdae1e0 [ 68.412151][ T8995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.412159][ T8995] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 68.412167][ T8995] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.412187][ T8995] ================================================================== [ 68.412192][ T8995] Disabling lock debugging due to kernel taint [ 68.412198][ T8995] Kernel panic - not syncing: panic_on_warn set ... [ 68.412212][ T8995] CPU: 1 PID: 8995 Comm: syz-executor266 Tainted: G B 5.5.0-rc1-syzkaller #0 [ 68.412219][ T8995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.412222][ T8995] Call Trace: [ 68.412234][ T8995] dump_stack+0x197/0x210 [ 68.412250][ T8995] panic+0x2e3/0x75c [ 68.412263][ T8995] ? add_taint.cold+0x16/0x16 [ 68.412278][ T8995] ? trace_hardirqs_on+0x67/0x240 [ 68.412289][ T8995] ? trace_hardirqs_on+0x5e/0x240 [ 68.412301][ T8995] ? insert_char+0x206/0x400 [ 68.412311][ T8995] end_report+0x47/0x4f [ 68.412321][ T8995] ? insert_char+0x206/0x400 [ 68.412331][ T8995] __kasan_report.cold+0xe/0x41 [ 68.412345][ T8995] ? insert_char+0x206/0x400 [ 68.412358][ T8995] kasan_report+0x12/0x20 [ 68.412370][ T8995] check_memory_region+0x134/0x1a0 [ 68.412382][ T8995] memmove+0x24/0x50 [ 68.412395][ T8995] insert_char+0x206/0x400 [ 68.412411][ T8995] do_con_trol+0x41a6/0x61b0 [ 68.412425][ T8995] ? reset_palette+0x190/0x190 [ 68.412438][ T8995] ? __kasan_check_read+0x11/0x20 [ 68.412452][ T8995] ? __atomic_notifier_call_chain+0xf8/0x1a0 [ 68.412470][ T8995] do_con_write.part.0+0xfd9/0x1ef0 [ 68.412491][ T8995] ? do_con_trol+0x61b0/0x61b0 [ 68.412503][ T8995] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 68.412513][ T8995] ? add_wait_queue+0x112/0x170 [ 68.412525][ T8995] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 68.412539][ T8995] ? trace_hardirqs_on+0x67/0x240 [ 68.412556][ T8995] con_write+0x46/0xd0 [ 68.412569][ T8995] n_tty_write+0x40e/0x1080 [ 68.412589][ T8995] ? n_tty_read+0x1bf0/0x1bf0 [ 68.412602][ T8995] ? prepare_to_wait_exclusive+0x320/0x320 [ 68.412618][ T8995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.412629][ T8995] ? _copy_from_user+0x12c/0x1a0 [ 68.412643][ T8995] tty_write+0x496/0x7f0 [ 68.412656][ T8995] ? n_tty_read+0x1bf0/0x1bf0 [ 68.412670][ T8995] __vfs_write+0x8a/0x110 [ 68.412681][ T8995] ? put_tty_driver+0x20/0x20 [ 68.412694][ T8995] vfs_write+0x268/0x5d0 [ 68.412708][ T8995] ksys_write+0x14f/0x290 [ 68.412721][ T8995] ? __ia32_sys_read+0xb0/0xb0 [ 68.412735][ T8995] ? do_fast_syscall_32+0xd1/0xe16 [ 68.412748][ T8995] ? entry_SYSENTER_compat+0x70/0x7f [ 68.412761][ T8995] ? do_fast_syscall_32+0xd1/0xe16 [ 68.412775][ T8995] __ia32_sys_write+0x71/0xb0 [ 68.412789][ T8995] do_fast_syscall_32+0x27b/0xe16 [ 68.412808][ T8995] entry_SYSENTER_compat+0x70/0x7f [ 68.412816][ T8995] RIP: 0023:0xf7fc6a39 [ 68.412826][ T8995] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 68.412832][ T8995] RSP: 002b:00000000ffdae18c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 68.412842][ T8995] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000 [ 68.412849][ T8995] RDX: 0000000000000078 RSI: 00000000080eb080 RDI: 00000000ffdae1e0 [ 68.412855][ T8995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.412861][ T8995] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 68.412868][ T8995] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.414394][ T8995] Kernel Offset: disabled [ 69.049286][ T8995] Rebooting in 86400 seconds..