[   28.654057] kauditd_printk_skb: 7 callbacks suppressed
[   28.654071] audit: type=1800 audit(1542388890.585:28): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   29.387257] audit: type=1800 audit(1542388891.315:29): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   29.406657] audit: type=1800 audit(1542388891.315:30): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.380004] sshd (6043) used greatest stack depth: 15744 bytes left
Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts.
executing program
[   40.126289] IPVS: ftp: loaded support on port[0] = 21
[   40.331196] WARNING: CPU: 0 PID: 6062 at fs/fuse/inode.c:119 fuse_destroy_inode+0x251/0x2c0
[   40.339810] Kernel panic - not syncing: panic_on_warn set ...
[   40.345698] CPU: 0 PID: 6062 Comm: syz-executor067 Not tainted 4.20.0-rc2+ #337
[   40.353127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.362462] Call Trace:
[   40.365037]  dump_stack+0x244/0x39d
[   40.368663]  ? dump_stack_print_info.cold.1+0x20/0x20
[   40.373850]  panic+0x2ad/0x55c
[   40.377057]  ? add_taint.cold.5+0x16/0x16
[   40.381204]  ? __warn.cold.8+0x5/0x45
[   40.385009]  ? __warn+0xe8/0x1d0
[   40.388360]  ? fuse_destroy_inode+0x251/0x2c0
[   40.392839]  __warn.cold.8+0x20/0x45
[   40.396539]  ? rcu_softirq_qs+0x20/0x20
[   40.400498]  ? fuse_destroy_inode+0x251/0x2c0
[   40.404977]  report_bug+0x254/0x2d0
[   40.408592]  do_error_trap+0x11b/0x200
[   40.412467]  do_invalid_op+0x36/0x40
[   40.416163]  ? fuse_destroy_inode+0x251/0x2c0
[   40.420653]  invalid_op+0x14/0x20
[   40.424123] RIP: 0010:fuse_destroy_inode+0x251/0x2c0
[   40.429243] Code: 41 c6 44 15 00 f8 0f 84 8c fe ff ff e8 c8 f2 f2 fe 0f 0b e9 80 fe ff ff 48 89 df e8 b9 3f 36 ff e9 50 fe ff ff e8 af f2 f2 fe <0f> 0b e9 6a ff ff ff e8 e3 3f 36 ff e9 90 fe ff ff e8 29 5a bc fe
[   40.448128] RSP: 0018:ffff8881c12fe818 EFLAGS: 00010293
[   40.453477] RAX: ffff8881d82b22c0 RBX: ffff8881b21855c0 RCX: 1ffff1103825fd08
[   40.460735] RDX: 0000000000000000 RSI: ffffffff828c9531 RDI: 0000000000000003
[   40.467994] RBP: ffff8881c12fe8e8 R08: ffff8881d82b22c0 R09: 0000000000000008
[   40.475250] R10: 0000000000000002 R11: ffff8881d82b22c0 R12: 1ffff1103825fd04
[   40.482508] R13: 1ffff1103825fd08 R14: ffff8881c12fe8c0 R15: ffff8881b2185998
[   40.489795]  ? fuse_destroy_inode+0x251/0x2c0
[   40.494282]  ? fuse_destroy_inode+0x251/0x2c0
[   40.498765]  ? fuse_evict_inode+0x1e0/0x1e0
[   40.503073]  ? evict+0x5d8/0x980
[   40.506426]  ? lock_downgrade+0x900/0x900
[   40.510564]  ? fuse_evict_inode+0x1e0/0x1e0
[   40.514870]  destroy_inode+0x159/0x200
[   40.518743]  ? __destroy_inode+0x820/0x820
[   40.522966]  ? fuse_queue_forget+0x138/0x190
[   40.527365]  evict+0x5e0/0x980
[   40.530545]  ? destroy_inode+0x200/0x200
[   40.534591]  ? iput+0x671/0xa90
[   40.537860]  ? lock_downgrade+0x900/0x900
[   40.541997]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   40.547526]  ? kasan_check_read+0x11/0x20
[   40.551660]  ? do_raw_spin_trylock+0x270/0x270
[   40.556235]  ? find_held_lock+0x36/0x1c0
[   40.560286]  iput+0x679/0xa90
[   40.563400]  ? inode_add_lru+0x2a0/0x2a0
[   40.567455]  ? d_walk+0x797/0xc70
[   40.570895]  ? kasan_check_read+0x11/0x20
[   40.575030]  ? do_raw_spin_unlock+0xa7/0x330
[   40.579421]  ? do_raw_spin_trylock+0x270/0x270
[   40.583991]  ? print_usage_bug+0xc0/0xc0
[   40.588039]  ? do_raw_spin_unlock+0xa7/0x330
[   40.592441]  dentry_unlink_inode+0x461/0x5e0
[   40.596844]  ? d_lru_del+0x130/0x130
[   40.600548]  ? zap_class+0x640/0x640
[   40.604249]  ? d_walk+0x797/0xc70
[   40.607695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   40.613222]  ? lockref_mark_dead+0xef/0x170
[   40.617528]  ? lockref_get_not_dead+0x90/0x90
[   40.622019]  ? lock_acquire+0x1ed/0x520
[   40.625982]  __dentry_kill+0x44c/0x7a0
[   40.629857]  ? d_drop+0x70/0x70
[   40.633123]  ? lock_downgrade+0x900/0x900
[   40.637272]  ? rcu_read_unlock_special+0x1c0/0x1c0
[   40.642201]  ? kasan_check_read+0x11/0x20
[   40.646355]  dentry_kill+0xc9/0x680
[   40.649985]  dput.part.25+0x660/0x860
[   40.653776]  ? shrink_dcache_sb+0x350/0x350
[   40.658088]  do_one_tree+0x37/0x40
[   40.661615]  shrink_dcache_for_umount+0xc7/0x2b0
[   40.666357]  ? lock_downgrade+0x900/0x900
[   40.670493]  ? d_set_mounted+0x2e0/0x2e0
[   40.674538]  ? lock_release+0xa00/0xa00
[   40.678498]  ? perf_trace_sched_process_exec+0x860/0x860
[   40.683933]  ? unregister_shrinker+0x270/0x460
[   40.688613]  generic_shutdown_super+0xd5/0x530
[   40.693192]  ? destroy_super_rcu+0x210/0x210
[   40.697586]  ? up_write+0x7b/0x220
[   40.701111]  ? down_write_nested+0x130/0x130
[   40.705511]  ? down_read+0x120/0x120
[   40.709273]  ? prepare_kswapd_sleep+0x220/0x220
[   40.714095]  kill_anon_super+0x3e/0x60
[   40.717971]  fuse_kill_sb_anon+0x1d/0x20
[   40.722019]  deactivate_locked_super+0x97/0x100
[   40.726786]  deactivate_super+0x2bb/0x320
[   40.730926]  ? get_super_exclusive_thawed+0x20/0x20
[   40.735935]  ? fsnotify_destroy_marks+0x1d2/0x270
[   40.740770]  ? shrink_dcache_sb+0x350/0x350
[   40.745100]  ? cpumask_next+0x41/0x50
[   40.749004]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   40.754148]  ? mnt_get_writers.isra.26+0xf8/0x150
[   40.758987]  cleanup_mnt+0xbf/0x160
[   40.762604]  __cleanup_mnt+0x16/0x20
[   40.766307]  task_work_run+0x1e8/0x2a0
[   40.770194]  ? task_work_cancel+0x240/0x240
[   40.774626]  ? switch_task_namespaces+0xb8/0xd0
[   40.779340]  do_exit+0x1ad6/0x26d0
[   40.782878]  ? do_raw_spin_trylock+0x251/0x270
[   40.787478]  ? mm_update_next_owner+0x990/0x990
[   40.792237]  ? print_usage_bug+0xc0/0xc0
[   40.796296]  ? zap_class+0x640/0x640
[   40.800002]  ? find_held_lock+0x36/0x1c0
[   40.804157]  ? __lock_acquire+0x62f/0x4c20
[   40.808385]  ? lock_downgrade+0x900/0x900
[   40.812527]  ? mark_held_locks+0x130/0x130
[   40.816855]  ? __sanitizer_cov_trace_switch+0x53/0x90
[   40.822038]  ? drop_futex_key_refs.isra.14+0x6d/0xe0
[   40.827123]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   40.832644]  ? futex_wait+0x5ec/0xa50
[   40.836432]  ? futex_wait_setup+0x3e0/0x3e0
[   40.840743]  ? drop_futex_key_refs.isra.14+0x6d/0xe0
[   40.845948]  ? futex_wake+0x304/0x760
[   40.849744]  ? zap_class+0x640/0x640
[   40.853449]  ? memset+0x31/0x40
[   40.856722]  ? find_held_lock+0x36/0x1c0
[   40.860780]  ? get_signal+0x95b/0x1980
[   40.864663]  ? _raw_spin_unlock_irq+0x27/0x80
[   40.869150]  ? _raw_spin_unlock_irq+0x27/0x80
[   40.873654]  do_group_exit+0x177/0x440
[   40.877539]  ? trace_hardirqs_off_caller+0x310/0x310
[   40.882637]  ? __ia32_sys_exit+0x50/0x50
[   40.886699]  get_signal+0x8b0/0x1980
[   40.890404]  ? ptrace_notify+0x130/0x130
[   40.894461]  ? filename_lookup+0x39f/0x520
[   40.898758]  ? filename_parentat.isra.56+0x570/0x570
[   40.903854]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   40.909385]  ? digsig_verify+0x1530/0x1530
[   40.913620]  do_signal+0x9c/0x21c0
[   40.917154]  ? getname_flags+0x26e/0x590
[   40.921216]  ? user_path_at_empty+0x40/0x50
[   40.925524]  ? setup_sigcontext+0x7d0/0x7d0
[   40.929869]  ? vfs_statx+0x17a/0x210
[   40.933692]  ? exit_to_usermode_loop+0x8c/0x380
[   40.938352]  ? exit_to_usermode_loop+0x8c/0x380
[   40.943079]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   40.947655]  ? trace_hardirqs_on+0xbd/0x310
[   40.952075]  ? do_syscall_64+0x6be/0x820
[   40.956131]  ? __x64_sys_futex+0x47f/0x6a0
[   40.960644]  exit_to_usermode_loop+0x2e5/0x380
[   40.965220]  ? __bpf_trace_sys_exit+0x30/0x30
[   40.969704]  ? trace_hardirqs_off+0xb8/0x310
[   40.974124]  do_syscall_64+0x6be/0x820
[   40.978005]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   40.983470]  ? syscall_return_slowpath+0x5e0/0x5e0
[   40.988435]  ? trace_hardirqs_on_caller+0x310/0x310
[   40.993443]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   40.998448]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[   41.005098]  ? __switch_to_asm+0x40/0x70
[   41.009263]  ? __switch_to_asm+0x34/0x70
[   41.013426]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   41.018286]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   41.023466] RIP: 0033:0x445f79
[   41.026660] Code: Bad RIP value.
[   41.030013] RSP: 002b:00007fe86699cda8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   41.037711] RAX: fffffffffffffe00 RBX: 00000000006dbc38 RCX: 0000000000445f79
[   41.044969] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dbc38
[   41.052225] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000
[   41.059485] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c
[   41.066745] R13: 2f30656c69662f2e R14: 0000000100000001 R15: 0000000000000001
[   41.075216] Kernel Offset: disabled
[   41.078910] Rebooting in 86400 seconds..