Warning: Permanently added '10.128.0.237' (ECDSA) to the list of known hosts. syzkaller login: [ 39.536240] audit: type=1400 audit(1598607002.947:8): avc: denied { execmem } for pid=6445 comm="syz-executor649" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 39.720435] ------------[ cut here ]------------ [ 39.727541] ------------[ cut here ]------------ [ 39.732616] WARNING: CPU: 0 PID: 6460 at sound/core/oss/mulaw.c:332 snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.741513] ------------[ cut here ]------------ [ 39.742717] Kernel panic - not syncing: panic_on_warn set ... [ 39.742717] [ 39.742735] CPU: 0 PID: 6460 Comm: syz-executor649 Not tainted 4.19.142-syzkaller #0 [ 39.742743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.742747] Call Trace: [ 39.742774] dump_stack+0x1fc/0x2fe [ 39.749173] WARNING: CPU: 1 PID: 6456 at sound/core/oss/mulaw.c:332 snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.756288] panic+0x26a/0x50e [ 39.764855] Modules linked in: [ 39.776665] ? __warn_printk+0xf3/0xf3 [ 39.779240] CPU: 1 PID: 6456 Comm: syz-executor649 Not tainted 4.19.142-syzkaller #0 [ 39.782860] ? snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.792886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.796080] ? __probe_kernel_read+0x16c/0x1b0 [ 39.799275] RIP: 0010:snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.803154] ? __warn.cold+0x5/0x61 [ 39.811040] Code: c7 c7 e0 fa 22 88 e8 a9 c5 c1 fb 0f 0b 49 c7 c4 fa ff ff ff e9 df e8 ff ff e8 27 b9 d6 fb 48 c7 c7 e0 fa 22 88 e8 8a c5 c1 fb <0f> 0b 41 bc fa ff ff ff e9 85 fd ff ff e8 09 b9 d6 fb 48 c7 c7 e0 [ 39.816488] ? __warn+0xe4/0x200 [ 39.825849] RSP: 0018:ffff8880a5cc78c8 EFLAGS: 00010282 [ 39.830445] ? snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.836481] RAX: 0000000000000024 RBX: ffff8880a5cc79b0 RCX: 0000000000000000 [ 39.840102] __warn.cold+0x20/0x61 [ 39.859004] RDX: 0000000000000000 RSI: ffffffff8154d001 RDI: ffffed1014b98f0b [ 39.862375] ? io_schedule_timeout+0x140/0x140 [ 39.867708] RBP: 1ffff11014b98f1b R08: 0000000000000024 R09: 0000000000000000 [ 39.873152] ? snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.880396] R10: 0000000000000005 R11: 0000000000000000 R12: ffff8880a5cc79d0 [ 39.883932] report_bug+0x262/0x2b0 [ 39.891192] R13: ffff8880a5cc79f0 R14: 0000000000000000 R15: ffff8880a5cc79d0 [ 39.895777] do_error_trap+0x1d7/0x310 [ 39.903030] FS: 000000000148e880(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 39.908576] ? math_error+0x310/0x310 [ 39.915832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.919453] ? __irq_work_queue_local+0x101/0x160 [ 39.926702] CR2: 00007ffedab90e14 CR3: 00000000a4692000 CR4: 00000000001406e0 [ 39.930585] ? irq_work_queue+0x29/0x80 [ 39.938794] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.942606] ? wake_up_klogd.part.0+0x8c/0xc0 [ 39.948640] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.953479] ? trace_hardirqs_off_caller+0x69/0x210 [ 39.960723] Call Trace: [ 39.964696] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 39.971956] ? mulaw_transfer+0x260/0x260 [ 39.976436] invalid_op+0x14/0x20 [ 39.983704] ? mulaw_encode+0x780/0x780 [ 39.988717] RIP: 0010:snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 39.991279] ? pm_qos_add_request+0x1f1/0x4d0 [ 39.996540] Code: c7 c7 e0 fa 22 88 e8 a9 c5 c1 fb 0f 0b 49 c7 c4 fa ff ff ff e9 df e8 ff ff e8 27 b9 d6 fb 48 c7 c7 e0 fa 22 88 e8 8a c5 c1 fb <0f> 0b 41 bc fa ff ff ff e9 85 fd ff ff e8 09 b9 d6 fb 48 c7 c7 e0 [ 40.000942] ? snd_pcm_hw_params+0xbf2/0x2250 [ 40.004370] RSP: 0018:ffff8880899cf7d8 EFLAGS: 00010286 [ 40.008349] snd_pcm_plug_format_plugins+0xb70/0x1360 [ 40.014382] RAX: 0000000000000024 RBX: ffff8880899cf8c0 RCX: 0000000000000000 [ 40.018894] ? snd_pcm_plug_slave_format+0x5a0/0x5a0 [ 40.038041] RDX: 0000000000000000 RSI: ffffffff8154d001 RDI: ffffed1011339eed [ 40.042551] ? snd_pcm_oss_plugin_clear.isra.0+0xd0/0xd0 [ 40.047889] RBP: 1ffff11011339efd R08: 0000000000000024 R09: 0000000000000000 [ 40.053079] snd_pcm_oss_change_params_locked+0x2a88/0x35c0 [ 40.060347] R10: 0000000000000005 R11: 0000000000000000 R12: ffff8880899cf8e0 [ 40.065460] ? snd_pcm_oss_open+0x50/0x50 [ 40.072711] R13: ffff8880899cf900 R14: 0000000000000000 R15: ffff8880899cf900 [ 40.072740] ? vprintk_func+0x81/0x17e [ 40.078193] ? snd_pcm_oss_make_ready+0xc4/0x2e0 [ 40.085460] ? snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 40.091162] ? __mutex_add_waiter+0x160/0x160 [ 40.098433] ? mulaw_decode+0x750/0x750 [ 40.102567] ? mark_held_locks+0xf0/0xf0 [ 40.109835] ? mulaw_encode+0x780/0x780 [ 40.113710] ? mark_held_locks+0xf0/0xf0 [ 40.118462] ? pm_qos_add_request+0x1f1/0x4d0 [ 40.123895] ? debug_check_no_obj_freed+0x201/0x482 [ 40.128372] ? snd_pcm_hw_params+0xbf2/0x2250 [ 40.132326] snd_pcm_oss_make_ready+0xe6/0x2e0 [ 40.136367] snd_pcm_plug_format_plugins+0xb70/0x1360 [ 40.140328] ? snd_pcm_oss_sync+0x800/0x800 [ 40.144383] ? snd_pcm_plug_slave_format+0x5a0/0x5a0 [ 40.148857] snd_pcm_oss_sync+0x2e0/0x800 [ 40.153858] ? snd_pcm_oss_plugin_clear.isra.0+0xd0/0xd0 [ 40.158334] ? snd_pcm_oss_sync+0x800/0x800 [ 40.162931] snd_pcm_oss_change_params_locked+0x2a88/0x35c0 [ 40.169451] snd_pcm_oss_release+0x26c/0x300 [ 40.173775] ? snd_pcm_oss_open+0x50/0x50 [ 40.179030] ? snd_pcm_oss_sync+0x800/0x800 [ 40.183167] ? snd_pcm_oss_get_active_substream+0x142/0x1c0 [ 40.188599] __fput+0x2ce/0x890 [ 40.192912] ? __mutex_add_waiter+0x160/0x160 [ 40.198638] task_work_run+0x148/0x1c0 [ 40.203039] ? check_preemption_disabled+0x41/0x280 [ 40.207173] do_exit+0xbb2/0x2b70 [ 40.211489] ? avc_has_extended_perms+0x86d/0xea0 [ 40.217185] ? lock_downgrade+0x720/0x720 [ 40.220458] snd_pcm_oss_get_active_substream+0x164/0x1c0 [ 40.224942] ? mm_update_next_owner+0x650/0x650 [ 40.228819] snd_pcm_oss_get_formats+0x75/0x340 [ 40.233821] ? up_read+0x17/0x110 [ 40.237271] ? lock_acquire+0x170/0x3c0 [ 40.242097] ? __do_page_fault+0x1ca/0xde0 [ 40.246231] ? snd_pcm_oss_get_active_substream+0x1c0/0x1c0 [ 40.251779] do_group_exit+0x125/0x310 [ 40.256431] snd_pcm_oss_ioctl+0x145f/0x3380 [ 40.261099] __x64_sys_exit_group+0x3a/0x50 [ 40.264536] ? finish_mkwrite_fault+0x640/0x640 [ 40.268493] do_syscall_64+0xf9/0x620 [ 40.272706] ? __handle_mm_fault+0x15f6/0x41c0 [ 40.278451] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.282318] ? snd_pcm_oss_release+0x300/0x300 [ 40.286709] RIP: 0033:0x440028 [ 40.291024] ? mark_held_locks+0xf0/0xf0 [ 40.295679] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 [ 40.299497] ? __handle_mm_fault+0xf34/0x41c0 [ 40.304667] RSP: 002b:00007ffedab90db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 40.309859] ? snd_pcm_oss_release+0x300/0x300 [ 40.314417] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440028 [ 40.317626] do_vfs_ioctl+0xcdb/0x12e0 [ 40.321677] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 40.340587] ? selinux_file_ioctl+0x506/0x6c0 [ 40.345060] RBP: 00000000004bf830 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 40.353089] ? ioctl_preallocate+0x200/0x200 [ 40.357662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 40.364926] ? selinux_inode_link+0x20/0x20 [ 40.368788] R13: 00000000006d1180 R14: 0000000000000000 R15: 0000000000000000 [ 40.376060] ? lock_downgrade+0x720/0x720 [ 40.380536] irq event stamp: 7586 [ 40.387816] ksys_ioctl+0x9b/0xc0 [ 40.392204] hardirqs last enabled at (7585): [] _raw_spin_unlock_irq+0x24/0x80 [ 40.400270] __x64_sys_ioctl+0x6f/0xb0 [ 40.405023] hardirqs last disabled at (7586): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 40.412287] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 40.416421] softirqs last enabled at (3102): [] __do_softirq+0x69a/0x9a0 [ 40.419856] do_syscall_64+0xf9/0x620 [ 40.423296] softirqs last disabled at (3017): [] irq_exit+0x215/0x260 [ 40.432303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.436168] ---[ end trace 6ab1911f256ffd76 ]--- [ 40.445525] RIP: 0033:0x4413b9 [ 40.450872] WARNING: CPU: 1 PID: 6455 at sound/core/oss/mulaw.c:332 snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 40.458567] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 40.462346] Modules linked in: [ 40.470476] RSP: 002b:00007ffedab90e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 40.475658] CPU: 1 PID: 6455 Comm: syz-executor649 Tainted: G W 4.19.142-syzkaller #0 [ 40.480401] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004413b9 [ 40.483581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.493641] RDX: 0000000020000000 RSI: 00000000c0045005 RDI: 0000000000000003 [ 40.493656] RBP: 0000000000009a73 R08: 00000000004002c8 R09: 00000000004002c8 [ 40.512581] RIP: 0010:snd_pcm_plugin_build_mulaw.cold+0x11/0x7c [ 40.515746] R10: 0000000000000004 R11: 0000000000000246 R12: 00000000004020b0 [ 40.524158] Code: c7 c7 e0 fa 22 88 e8 a9 c5 c1 fb 0f 0b 49 c7 c4 fa ff ff ff e9 df e8 ff ff e8 27 b9 d6 fb 48 c7 c7 e0 fa 22 88 e8 8a c5 c1 fb <0f> 0b 41 bc fa ff ff ff e9 85 fd ff ff e8 09 b9 d6 fb 48 c7 c7 e0 [ 40.533512] R13: 0000000000402140 R14: 0000000000000000 R15: 0000000000000000 [ 40.540777] RSP: 0018:ffff8880a5ce78c8 EFLAGS: 00010282 [ 40.610468] RAX: 0000000000000024 RBX: ffff8880a5ce79b0 RCX: 0000000000000000 [ 40.617759] RDX: 0000000000000000 RSI: ffffffff8154d001 RDI: ffffed1014b9cf0b [ 40.625991] RBP: 1ffff11014b9cf1b R08: 0000000000000024 R09: 0000000000000000 [ 40.633291] R10: 0000000000000005 R11: 0000000000000000 R12: ffff8880a5ce79d0 [ 40.640571] R13: ffff8880a5ce79f0 R14: 0000000000000000 R15: ffff8880a5ce79d0 [ 40.647857] FS: 000000000148e880(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 40.656113] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.662015] CR2: 00007ffedab90e14 CR3: 00000000a4692000 CR4: 00000000001406e0 [ 40.669295] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.676566] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.683849] Call Trace: [ 40.686452] ? mulaw_transfer+0x260/0x260 [ 40.690629] ? mulaw_encode+0x780/0x780 [ 40.694620] ? pm_qos_add_request+0x1f1/0x4d0 [ 40.699156] ? snd_pcm_hw_params+0xbf2/0x2250 [ 40.703669] snd_pcm_plug_format_plugins+0xb70/0x1360 [ 40.708894] ? snd_pcm_plug_slave_format+0x5a0/0x5a0 [ 40.714043] ? snd_pcm_oss_plugin_clear.isra.0+0xd0/0xd0 [ 40.719512] snd_pcm_oss_change_params_locked+0x2a88/0x35c0 [ 40.725252] ? snd_pcm_oss_open+0x50/0x50 [ 40.729401] ? snd_pcm_oss_make_ready+0xc4/0x2e0 [ 40.734165] ? __mutex_add_waiter+0x160/0x160 [ 40.738671] ? mark_held_locks+0xf0/0xf0 [ 40.742766] ? mark_held_locks+0xf0/0xf0 [ 40.746849] ? debug_check_no_obj_freed+0x201/0x482 [ 40.751889] snd_pcm_oss_make_ready+0xe6/0x2e0 [ 40.756496] ? snd_pcm_oss_sync+0x800/0x800 [ 40.760819] snd_pcm_oss_sync+0x2e0/0x800 [ 40.764996] ? snd_pcm_oss_sync+0x800/0x800 [ 40.769339] snd_pcm_oss_release+0x26c/0x300 [ 40.773786] ? snd_pcm_oss_sync+0x800/0x800 [ 40.778114] __fput+0x2ce/0x890 [ 40.781535] task_work_run+0x148/0x1c0 [ 40.785460] do_exit+0xbb2/0x2b70 [ 40.788939] ? lock_downgrade+0x720/0x720 [ 40.793158] ? mm_update_next_owner+0x650/0x650 [ 40.797868] ? up_read+0x17/0x110 [ 40.801366] ? __do_page_fault+0x1ca/0xde0 [ 40.805631] do_group_exit+0x125/0x310 [ 40.809567] __x64_sys_exit_group+0x3a/0x50 [ 40.813937] do_syscall_64+0xf9/0x620 [ 40.817766] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.822970] RIP: 0033:0x440028 [ 40.826172] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 [ 40.845086] RSP: 002b:00007ffedab90db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 40.853202] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440028 [ 40.860486] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 40.867766] RBP: 00000000004bf830 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 40.875047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 40.882339] R13: 00000000006d1180 R14: 0000000000000000 R15: 0000000000000000 [ 40.889643] irq event stamp: 7534 [ 40.893125] hardirqs last enabled at (7533): [] _raw_spin_unlock_irq+0x24/0x80 [ 40.902156] hardirqs last disabled at (7534): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 40.911538] softirqs last enabled at (7530): [] __do_softirq+0x69a/0x9a0 [ 40.920069] softirqs last disabled at (7501): [] irq_exit+0x215/0x260 [ 40.928213] ---[ end trace 6ab1911f256ffd77 ]--- [ 40.933918] Kernel Offset: disabled [ 40.937594] Rebooting in 86400 seconds..