[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
[�[0;32m OK �[0m] Started getty on tty2-tty6 if dbus and logind are not available.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.1.97' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 67.636728][ T6528] ------------[ cut here ]------------
[ 67.642452][ T6528] refcount_t: addition on 0; use-after-free.
[ 67.648854][ T6528] WARNING: CPU: 1 PID: 6528 at lib/refcount.c:25 refcount_warn_saturate+0x169/0x1e0
[ 67.659120][ T6528] Modules linked in:
[ 67.663108][ T6528] CPU: 1 PID: 6528 Comm: syz-executor149 Not tainted 5.15.0-rc6-next-20211022-syzkaller #0
[ 67.673202][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 67.683329][ T6528] RIP: 0010:refcount_warn_saturate+0x169/0x1e0
[ 67.689644][ T6528] Code: 09 31 ff 89 de e8 27 1f 9f fd 84 db 0f 85 36 ff ff ff e8 3a 1b 9f fd 48 c7 c7 00 2e 04 8a c6 05 c7 25 a3 09 01 e8 92 ce 31 05 <0f> 0b e9 17 ff ff ff e8 1b 1b 9f fd 0f b6 1d ac 25 a3 09 31 ff 89
[ 67.710219][ T6528] RSP: 0018:ffffc90001a4ff10 EFLAGS: 00010286
[ 67.716388][ T6528] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 67.724468][ T6528] RDX: ffff88801d369d40 RSI: ffffffff815f06f8 RDI: fffff52000349fd4
[ 67.732520][ T6528] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 67.740610][ T6528] R10: ffffffff815ea4ce R11: 0000000000000000 R12: 0000000000000000
[ 67.748636][ T6528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 67.756695][ T6528] FS: 00005555565e9300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 67.765807][ T6528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 67.772653][ T6528] CR2: 00007f842b6f56c0 CR3: 000000001bc33000 CR4: 00000000003506e0
[ 67.780646][ T6528] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 67.788744][ T6528] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 67.796845][ T6528] Call Trace:
[ 67.800132][ T6528]
[ 67.803131][ T6528] __x64_sys_memfd_secret+0x182/0x1e0
[ 67.808517][ T6528] do_syscall_64+0x35/0xb0
[ 67.813008][ T6528] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 67.818905][ T6528] RIP: 0033:0x7fbeb6a4cf89
[ 67.823392][ T6528] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 67.843161][ T6528] RSP: 002b:00007ffde5076be8 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[ 67.851588][ T6528] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbeb6a4cf89
[ 67.859639][ T6528] RDX: 00007fbeb6a0fe93 RSI: 0000000000000012 RDI: 0000000000080000
[ 67.867704][ T6528] RBP: 00007fbeb6a10f70 R08: 0000000000000000 R09: 0000000000000000
[ 67.875820][ T6528] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fbeb6a11000
[ 67.883874][ T6528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 67.891934][ T6528]
[ 67.894954][ T6528] Kernel panic - not syncing: panic_on_warn set ...
[ 67.901534][ T6528] CPU: 1 PID: 6528 Comm: syz-executor149 Not tainted 5.15.0-rc6-next-20211022-syzkaller #0
[ 67.911492][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 67.921638][ T6528] Call Trace:
[ 67.924929][ T6528]
[ 67.927846][ T6528] dump_stack_lvl+0xcd/0x134
[ 67.932440][ T6528] panic+0x2b0/0x6dd
[ 67.936323][ T6528] ? __warn_printk+0xf3/0xf3
[ 67.940991][ T6528] ? __warn.cold+0x1a/0x44
[ 67.945390][ T6528] ? refcount_warn_saturate+0x169/0x1e0
[ 67.950926][ T6528] __warn.cold+0x35/0x44
[ 67.955166][ T6528] ? wake_up_klogd.part.0+0x9e/0xd0
[ 67.960482][ T6528] ? refcount_warn_saturate+0x169/0x1e0
[ 67.966029][ T6528] report_bug+0x1bd/0x210
[ 67.970354][ T6528] handle_bug+0x3c/0x60
[ 67.974497][ T6528] exc_invalid_op+0x14/0x40
[ 67.978996][ T6528] asm_exc_invalid_op+0x12/0x20
[ 67.983831][ T6528] RIP: 0010:refcount_warn_saturate+0x169/0x1e0
[ 67.989985][ T6528] Code: 09 31 ff 89 de e8 27 1f 9f fd 84 db 0f 85 36 ff ff ff e8 3a 1b 9f fd 48 c7 c7 00 2e 04 8a c6 05 c7 25 a3 09 01 e8 92 ce 31 05 <0f> 0b e9 17 ff ff ff e8 1b 1b 9f fd 0f b6 1d ac 25 a3 09 31 ff 89
[ 68.009574][ T6528] RSP: 0018:ffffc90001a4ff10 EFLAGS: 00010286
[ 68.015629][ T6528] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 68.023698][ T6528] RDX: ffff88801d369d40 RSI: ffffffff815f06f8 RDI: fffff52000349fd4
[ 68.031695][ T6528] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 68.039777][ T6528] R10: ffffffff815ea4ce R11: 0000000000000000 R12: 0000000000000000
[ 68.047742][ T6528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 68.055709][ T6528] ? wake_up_klogd.part.0+0x8e/0xd0
[ 68.060930][ T6528] ? vprintk+0x88/0x90
[ 68.064989][ T6528] __x64_sys_memfd_secret+0x182/0x1e0
[ 68.070345][ T6528] do_syscall_64+0x35/0xb0
[ 68.074751][ T6528] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 68.080630][ T6528] RIP: 0033:0x7fbeb6a4cf89
[ 68.085041][ T6528] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 68.104809][ T6528] RSP: 002b:00007ffde5076be8 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[ 68.113205][ T6528] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbeb6a4cf89
[ 68.121161][ T6528] RDX: 00007fbeb6a0fe93 RSI: 0000000000000012 RDI: 0000000000080000
[ 68.129210][ T6528] RBP: 00007fbeb6a10f70 R08: 0000000000000000 R09: 0000000000000000
[ 68.137165][ T6528] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fbeb6a11000
[ 68.145162][ T6528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 68.153147][ T6528]
[ 68.156582][ T6528] Kernel Offset: disabled
[ 68.160949][ T6528] Rebooting in 86400 seconds..