[ 79.669284][ T26] audit: type=1800 audit(1565530529.463:26): pid=10464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 79.701802][ T26] audit: type=1800 audit(1565530529.463:27): pid=10464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 79.729261][ T26] audit: type=1800 audit(1565530529.463:28): pid=10464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 80.512776][ T26] audit: type=1800 audit(1565530530.343:29): pid=10464 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.238' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 90.227151][T10617] ================================================================== [ 90.235476][T10617] BUG: KASAN: null-ptr-deref in rxrpc_unuse_local+0x23/0x70 [ 90.242760][T10617] Write of size 4 at addr 0000000000000010 by task syz-executor120/10617 [ 90.251610][T10617] [ 90.253950][T10617] CPU: 1 PID: 10617 Comm: syz-executor120 Not tainted 5.3.0-rc3+ #157 [ 90.262351][T10617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.272421][T10617] Call Trace: [ 90.275737][T10617] dump_stack+0x172/0x1f0 [ 90.280064][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.285013][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.289978][T10617] __kasan_report.cold+0x5/0x36 [ 90.294895][T10617] ? _raw_read_unlock_irqrestore+0xc1/0xe0 [ 90.300703][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.305628][T10617] kasan_report+0x12/0x17 [ 90.309939][T10617] check_memory_region+0x134/0x1a0 [ 90.315060][T10617] __kasan_check_write+0x14/0x20 [ 90.320705][T10617] rxrpc_unuse_local+0x23/0x70 [ 90.325468][T10617] rxrpc_release+0x47d/0x840 [ 90.330077][T10617] __sock_release+0xce/0x280 [ 90.334659][T10617] sock_close+0x1e/0x30 [ 90.338814][T10617] __fput+0x2ff/0x890 [ 90.342792][T10617] ? __sock_release+0x280/0x280 [ 90.347676][T10617] ____fput+0x16/0x20 [ 90.351765][T10617] task_work_run+0x145/0x1c0 [ 90.356967][T10617] do_exit+0x92f/0x2e50 [ 90.361193][T10617] ? __sanitizer_cov_trace_const_cmp4+0x1/0x20 [ 90.367350][T10617] ? mm_update_next_owner+0x640/0x640 [ 90.372737][T10617] ? fd_install+0x4d/0x60 [ 90.377069][T10617] ? __sys_socket+0x180/0x220 [ 90.381773][T10617] ? move_addr_to_kernel+0x80/0x80 [ 90.386893][T10617] ? __ia32_sys_fallocate+0xf0/0xf0 [ 90.392102][T10617] do_group_exit+0x135/0x360 [ 90.396708][T10617] __x64_sys_exit_group+0x44/0x50 [ 90.401758][T10617] do_syscall_64+0xfd/0x6a0 [ 90.406293][T10617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.412284][T10617] RIP: 0033:0x43ed68 [ 90.416397][T10617] Code: Bad RIP value. [ 90.420463][T10617] RSP: 002b:00007ffefab917e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.429222][T10617] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 90.437193][T10617] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 90.445345][T10617] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 90.453941][T10617] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 90.461936][T10617] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 90.470107][T10617] ================================================================== [ 90.479042][T10617] Kernel panic - not syncing: panic_on_warn set ... [ 90.485648][T10617] CPU: 1 PID: 10617 Comm: syz-executor120 Tainted: G B 5.3.0-rc3+ #157 [ 90.495202][T10617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.505620][T10617] Call Trace: [ 90.508918][T10617] dump_stack+0x172/0x1f0 [ 90.513273][T10617] panic+0x2dc/0x755 [ 90.517175][T10617] ? add_taint.cold+0x16/0x16 [ 90.521843][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.526801][T10617] ? preempt_schedule+0x4b/0x60 [ 90.531754][T10617] ? ___preempt_schedule+0x16/0x20 [ 90.536901][T10617] ? trace_hardirqs_on+0x5e/0x240 [ 90.541951][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.546907][T10617] end_report+0x47/0x4f [ 90.551054][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.556012][T10617] __kasan_report.cold+0xe/0x36 [ 90.560891][T10617] ? _raw_read_unlock_irqrestore+0xc1/0xe0 [ 90.566713][T10617] ? rxrpc_unuse_local+0x23/0x70 [ 90.571649][T10617] kasan_report+0x12/0x17 [ 90.575978][T10617] check_memory_region+0x134/0x1a0 [ 90.581390][T10617] __kasan_check_write+0x14/0x20 [ 90.586447][T10617] rxrpc_unuse_local+0x23/0x70 [ 90.591250][T10617] rxrpc_release+0x47d/0x840 [ 90.595951][T10617] __sock_release+0xce/0x280 [ 90.600561][T10617] sock_close+0x1e/0x30 [ 90.604711][T10617] __fput+0x2ff/0x890 [ 90.608681][T10617] ? __sock_release+0x280/0x280 [ 90.613552][T10617] ____fput+0x16/0x20 [ 90.617546][T10617] task_work_run+0x145/0x1c0 [ 90.622156][T10617] do_exit+0x92f/0x2e50 [ 90.626321][T10617] ? __sanitizer_cov_trace_const_cmp4+0x1/0x20 [ 90.632475][T10617] ? mm_update_next_owner+0x640/0x640 [ 90.637845][T10617] ? fd_install+0x4d/0x60 [ 90.642230][T10617] ? __sys_socket+0x180/0x220 [ 90.646916][T10617] ? move_addr_to_kernel+0x80/0x80 [ 90.652117][T10617] ? __ia32_sys_fallocate+0xf0/0xf0 [ 90.657319][T10617] do_group_exit+0x135/0x360 [ 90.661928][T10617] __x64_sys_exit_group+0x44/0x50 [ 90.666958][T10617] do_syscall_64+0xfd/0x6a0 [ 90.671455][T10617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.677370][T10617] RIP: 0033:0x43ed68 [ 90.682090][T10617] Code: Bad RIP value. [ 90.686177][T10617] RSP: 002b:00007ffefab917e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.694618][T10617] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 90.702592][T10617] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 90.710567][T10617] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 90.718664][T10617] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 90.726655][T10617] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 90.736155][T10617] Kernel Offset: disabled [ 90.740529][T10617] Rebooting in 86400 seconds..