[ 76.182871][ T27] audit: type=1800 audit(1565553893.678:27): pid=10222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 76.224737][ T27] audit: type=1800 audit(1565553893.768:28): pid=10222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 77.005629][ T27] audit: type=1800 audit(1565553894.548:29): pid=10222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 77.027567][ T27] audit: type=1800 audit(1565553894.548:30): pid=10222 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.57' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 86.825950][T10374] ================================================================== [ 86.834208][T10374] BUG: KASAN: null-ptr-deref in rxrpc_unuse_local+0x23/0x70 [ 86.841508][T10374] Write of size 4 at addr 0000000000000010 by task syz-executor748/10374 [ 86.849908][T10374] [ 86.852250][T10374] CPU: 1 PID: 10374 Comm: syz-executor748 Not tainted 5.3.0-rc3-next-20190809 #63 [ 86.861832][T10374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.871885][T10374] Call Trace: [ 86.875183][T10374] dump_stack+0x172/0x1f0 [ 86.879625][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 86.884583][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 86.889610][T10374] __kasan_report.cold+0x5/0x36 [ 86.894476][T10374] ? _raw_read_unlock_irqrestore+0xd1/0xe0 [ 86.900275][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 86.905209][T10374] kasan_report+0x12/0x17 [ 86.909543][T10374] check_memory_region+0x134/0x1a0 [ 86.914655][T10374] __kasan_check_write+0x14/0x20 [ 86.919596][T10374] rxrpc_unuse_local+0x23/0x70 [ 86.924383][T10374] rxrpc_release+0x47d/0x840 [ 86.929069][T10374] __sock_release+0xce/0x280 [ 86.933793][T10374] sock_close+0x1e/0x30 [ 86.937960][T10374] __fput+0x2ff/0x890 [ 86.941952][T10374] ? __sock_release+0x280/0x280 [ 86.946814][T10374] ____fput+0x16/0x20 [ 86.950805][T10374] task_work_run+0x145/0x1c0 [ 86.955396][T10374] do_exit+0x92f/0x2e50 [ 86.960980][T10374] ? __sanitizer_cov_trace_cmp1+0x11/0x20 [ 86.966707][T10374] ? mm_update_next_owner+0x640/0x640 [ 86.972113][T10374] ? fd_install+0x4d/0x60 [ 86.976447][T10374] ? __sys_socket+0x180/0x220 [ 86.981121][T10374] ? move_addr_to_kernel+0x80/0x80 [ 86.986324][T10374] ? __ia32_sys_fallocate+0xf0/0xf0 [ 86.991523][T10374] do_group_exit+0x135/0x360 [ 86.996113][T10374] __x64_sys_exit_group+0x44/0x50 [ 87.001163][T10374] do_syscall_64+0xfa/0x760 [ 87.005924][T10374] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.011915][T10374] RIP: 0033:0x43ed68 [ 87.015807][T10374] Code: Bad RIP value. [ 87.019860][T10374] RSP: 002b:00007fff3cb29578 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.028503][T10374] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 87.036733][T10374] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 87.045495][T10374] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 87.054538][T10374] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 87.062523][T10374] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 87.070501][T10374] ================================================================== [ 87.079055][T10374] Kernel panic - not syncing: panic_on_warn set ... [ 87.085695][T10374] CPU: 1 PID: 10374 Comm: syz-executor748 Tainted: G B 5.3.0-rc3-next-20190809 #63 [ 87.096386][T10374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.106462][T10374] Call Trace: [ 87.109775][T10374] dump_stack+0x172/0x1f0 [ 87.114126][T10374] panic+0x2dc/0x755 [ 87.118006][T10374] ? add_taint.cold+0x16/0x16 [ 87.122684][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 87.127608][T10374] ? preempt_schedule+0x4b/0x60 [ 87.133224][T10374] ? ___preempt_schedule+0x16/0x20 [ 87.138368][T10374] ? trace_hardirqs_on+0x5e/0x240 [ 87.143416][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 87.148378][T10374] end_report+0x47/0x4f [ 87.152525][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 87.158084][T10374] __kasan_report.cold+0xe/0x36 [ 87.162933][T10374] ? _raw_read_unlock_irqrestore+0xd1/0xe0 [ 87.168750][T10374] ? rxrpc_unuse_local+0x23/0x70 [ 87.173681][T10374] kasan_report+0x12/0x17 [ 87.178006][T10374] check_memory_region+0x134/0x1a0 [ 87.183134][T10374] __kasan_check_write+0x14/0x20 [ 87.188061][T10374] rxrpc_unuse_local+0x23/0x70 [ 87.192821][T10374] rxrpc_release+0x47d/0x840 [ 87.197499][T10374] __sock_release+0xce/0x280 [ 87.202363][T10374] sock_close+0x1e/0x30 [ 87.206519][T10374] __fput+0x2ff/0x890 [ 87.210492][T10374] ? __sock_release+0x280/0x280 [ 87.215470][T10374] ____fput+0x16/0x20 [ 87.219473][T10374] task_work_run+0x145/0x1c0 [ 87.224432][T10374] do_exit+0x92f/0x2e50 [ 87.228579][T10374] ? __sanitizer_cov_trace_cmp1+0x11/0x20 [ 87.234299][T10374] ? mm_update_next_owner+0x640/0x640 [ 87.239755][T10374] ? fd_install+0x4d/0x60 [ 87.244081][T10374] ? __sys_socket+0x180/0x220 [ 87.248779][T10374] ? move_addr_to_kernel+0x80/0x80 [ 87.253882][T10374] ? __ia32_sys_fallocate+0xf0/0xf0 [ 87.259081][T10374] do_group_exit+0x135/0x360 [ 87.263665][T10374] __x64_sys_exit_group+0x44/0x50 [ 87.268685][T10374] do_syscall_64+0xfa/0x760 [ 87.273486][T10374] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.279480][T10374] RIP: 0033:0x43ed68 [ 87.283861][T10374] Code: Bad RIP value. [ 87.287936][T10374] RSP: 002b:00007fff3cb29578 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.296358][T10374] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 87.304458][T10374] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 87.312436][T10374] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 87.320406][T10374] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 87.328379][T10374] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 87.337794][T10374] Kernel Offset: disabled [ 87.342155][T10374] Rebooting in 86400 seconds..