[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 59.797933][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 59.797941][ T26] audit: type=1800 audit(1564331519.899:29): pid=9492 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 59.823614][ T26] audit: type=1800 audit(1564331519.899:30): pid=9492 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts. executing program executing program executing program syzkaller login: [ 87.375806][ T9648] ------------[ cut here ]------------ [ 87.381289][ T9648] ODEBUG: free active (active state 0) object type: timer_list hint: rfcomm_dlc_timeout+0x0/0x80 [ 87.391903][ T9648] WARNING: CPU: 0 PID: 9648 at lib/debugobjects.c:484 debug_check_no_obj_freed+0x464/0x5b0 [ 87.401858][ T9648] Kernel panic - not syncing: panic_on_warn set ... [ 87.408465][ T9648] CPU: 0 PID: 9648 Comm: syz-executor678 Not tainted 5.3.0-rc1+ #53 [ 87.416420][ T9648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.426550][ T9648] Call Trace: [ 87.429832][ T9648] dump_stack+0x1d8/0x2f8 [ 87.434155][ T9648] panic+0x29b/0x7d9 [ 87.438028][ T9648] ? __warn+0x126/0x230 [ 87.442173][ T9648] ? nmi_panic+0x97/0x97 [ 87.446565][ T9648] ? __probe_kernel_read+0x14b/0x1a0 [ 87.451843][ T9648] ? debug_check_no_obj_freed+0x464/0x5b0 [ 87.457545][ T9648] ? is_valid_bugaddr+0x81/0x100 [ 87.462469][ T9648] __warn+0x22f/0x230 [ 87.466498][ T9648] ? debug_check_no_obj_freed+0x464/0x5b0 [ 87.472320][ T9648] report_bug+0x190/0x290 [ 87.476645][ T9648] ? debug_check_no_obj_freed+0x464/0x5b0 [ 87.482346][ T9648] do_error_trap+0xd7/0x440 [ 87.486833][ T9648] do_invalid_op+0x36/0x40 [ 87.491224][ T9648] ? debug_check_no_obj_freed+0x464/0x5b0 [ 87.497002][ T9648] invalid_op+0x23/0x30 [ 87.501190][ T9648] RIP: 0010:debug_check_no_obj_freed+0x464/0x5b0 [ 87.507503][ T9648] Code: 08 48 89 df e8 dd e3 49 fe 4c 8b 03 48 c7 c7 aa 57 88 88 48 c7 c6 fd f2 a0 88 4c 89 e2 44 89 f9 4d 89 e9 31 c0 e8 5c 4a e0 fd <0f> 0b 4c 8b 6d a8 ff 05 64 79 95 05 49 83 c5 30 4c 89 e8 48 c1 e8 [ 87.527088][ T9648] RSP: 0018:ffff88808a3077d0 EFLAGS: 00010046 [ 87.533230][ T9648] RAX: b18d8681da014600 RBX: ffffffff88cda040 RCX: ffff88808d038480 [ 87.541192][ T9648] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 87.549144][ T9648] RBP: ffff88808a307868 R08: ffffffff816068b4 R09: ffffed1015d440d2 [ 87.557248][ T9648] R10: ffffed1015d440d2 R11: 0000000000000000 R12: ffffffff8893f29f [ 87.565408][ T9648] R13: ffffffff86f3c250 R14: dffffc0000000000 R15: 0000000000000000 [ 87.573376][ T9648] ? rfcomm_dlc_alloc+0x3a0/0x3a0 [ 87.578422][ T9648] ? vprintk_emit+0x2d4/0x3a0 [ 87.583092][ T9648] ? rfcomm_dlc_free+0x1e/0x30 [ 87.587834][ T9648] kfree+0x107/0x200 [ 87.591841][ T9648] rfcomm_dlc_free+0x1e/0x30 [ 87.596514][ T9648] rfcomm_dev_ioctl+0xc7e/0x1e60 [ 87.601435][ T9648] ? trace_lock_release+0x135/0x1a0 [ 87.606615][ T9648] ? rfcomm_sock_debugfs_show+0x140/0x140 [ 87.612318][ T9648] ? trace_lock_acquire+0x159/0x1d0 [ 87.617499][ T9648] ? __local_bh_enable_ip+0x13a/0x240 [ 87.622854][ T9648] ? check_preemption_disabled+0x47/0x2a0 [ 87.629135][ T9648] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 87.634862][ T9648] ? local_bh_enable+0x9/0x30 [ 87.639698][ T9648] ? __local_bh_enable_ip+0x13a/0x240 [ 87.645186][ T9648] ? local_bh_enable+0x1f/0x30 [ 87.649923][ T9648] ? lock_sock_nested+0xd6/0x120 [ 87.654833][ T9648] rfcomm_sock_ioctl+0x7e/0xa0 [ 87.659580][ T9648] sock_do_ioctl+0xd6/0x300 [ 87.664060][ T9648] ? sock_splice_read+0xf0/0xf0 [ 87.668893][ T9648] ? __lock_acquire+0x4750/0x4750 [ 87.673895][ T9648] ? trace_irq_enable_rcuidle+0x23/0x1e0 [ 87.679500][ T9648] ? trace_hardirqs_on+0x74/0x80 [ 87.684517][ T9648] sock_ioctl+0x4f8/0x730 [ 87.688837][ T9648] ? sock_poll+0x310/0x310 [ 87.693236][ T9648] ? tomoyo_check_path_acl+0x180/0x180 [ 87.698900][ T9648] ? smk_access+0x4f0/0x4f0 [ 87.703381][ T9648] ? smk_access+0x18c/0x4f0 [ 87.707862][ T9648] ? sock_poll+0x310/0x310 [ 87.712367][ T9648] do_vfs_ioctl+0x7d4/0x18f0 [ 87.716938][ T9648] ? ioctl_preallocate+0x240/0x240 [ 87.722043][ T9648] ? up_read+0x22/0x30 [ 87.726137][ T9648] ? tomoyo_file_ioctl+0x23/0x30 [ 87.731064][ T9648] ? security_file_ioctl+0xa1/0xd0 [ 87.736160][ T9648] __x64_sys_ioctl+0xe3/0x120 [ 87.740909][ T9648] do_syscall_64+0xfe/0x140 [ 87.745457][ T9648] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.751331][ T9648] RIP: 0033:0x441229 [ 87.755282][ T9648] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.775067][ T9648] RSP: 002b:00007ffdac304318 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.783464][ T9648] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441229 [ 87.791419][ T9648] RDX: 0000000020000100 RSI: 00000000400452c8 RDI: 0000000000000003 [ 87.799375][ T9648] RBP: 0000000000015530 R08: 00000000004002c8 R09: 00000000004002c8 [ 87.807325][ T9648] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402050 [ 87.815271][ T9648] R13: 00000000004020e0 R14: 0000000000000000 R15: 0000000000000000 [ 87.824321][ T9648] Kernel Offset: disabled [ 87.828638][ T9648] Rebooting in 86400 seconds..