[ OK ] Started Getty on tty3. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started Getty on tty2. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.45' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 33.589005] ------------[ cut here ]------------ [ 33.604992] refcount_t: underflow; use-after-free. [ 33.611464] WARNING: CPU: 0 PID: 8133 at lib/refcount.c:280 refcount_dec_not_one+0x1bc/0x1d0 [ 33.620036] Kernel panic - not syncing: panic_on_warn set ... [ 33.620036] [ 33.627379] CPU: 0 PID: 8133 Comm: systemd-udevd Not tainted 4.19.211-syzkaller #0 [ 33.635061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 33.644392] Call Trace: [ 33.646981] dump_stack+0x1fc/0x2ef [ 33.650591] panic+0x26a/0x50e [ 33.653764] ? __warn_printk+0xf3/0xf3 [ 33.657649] ? refcount_dec_not_one+0x1bc/0x1d0 [ 33.662310] ? __probe_kernel_read+0x130/0x1b0 [ 33.666878] ? __warn.cold+0x5/0x5a [ 33.670487] ? __warn+0xe4/0x200 [ 33.673836] ? refcount_dec_not_one+0x1bc/0x1d0 [ 33.678491] __warn.cold+0x20/0x5a [ 33.682011] ? refcount_dec_not_one+0x1bc/0x1d0 [ 33.686663] report_bug+0x262/0x2b0 [ 33.690273] do_error_trap+0x1d7/0x310 [ 33.694139] ? math_error+0x310/0x310 [ 33.697921] ? __irq_work_queue_local+0x101/0x160 [ 33.702742] ? irq_work_queue+0x29/0x80 [ 33.706699] ? error_entry+0x72/0xd0 [ 33.710392] ? trace_hardirqs_off_caller+0x6e/0x210 [ 33.715389] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 33.720215] invalid_op+0x14/0x20 [ 33.723649] RIP: 0010:refcount_dec_not_one+0x1bc/0x1d0 [ 33.728903] Code: 1d d5 96 98 07 31 ff 89 de e8 f0 71 ec fd 84 db 75 89 e8 b7 70 ec fd 48 c7 c7 e0 c0 b3 88 c6 05 b5 96 98 07 01 e8 89 a8 7c 04 <0f> 0b 41 bc 01 00 00 00 e9 6a ff ff ff e8 22 91 c1 fd 66 90 41 54 [ 33.747784] RSP: 0018:ffff8880b144fbd0 EFLAGS: 00010282 [ 33.753137] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 33.760398] RDX: 0000000000000000 RSI: ffffffff814dff01 RDI: ffffed1016289f6c [ 33.767650] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 33.774899] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000ffffffff [ 33.782147] R13: 1ffff11016289f7b R14: ffff8880b144fbf8 R15: ffff8880ae4f4928 [ 33.789410] ? vprintk_func+0x81/0x180 [ 33.793281] ? __mutex_unlock_slowpath+0x2be/0x610 [ 33.798197] ? refcount_dec_and_test_checked+0x20/0x20 [ 33.803460] ? wait_for_completion_io+0x10/0x10 [ 33.808112] refcount_dec_and_mutex_lock+0x1c/0x80 [ 33.813026] nbd_config_put+0x5bb/0x870 [ 33.816983] nbd_release+0xf4/0x170 [ 33.820600] ? nbd_queue_rq+0xe60/0xe60 [ 33.825596] __blkdev_put+0x636/0x870 [ 33.829378] ? fsync_bdev+0xc0/0xc0 [ 33.833000] ? locks_remove_file+0x2cd/0x450 [ 33.837399] ? blkdev_put+0x85/0x520 [ 33.841093] ? blkdev_put+0x520/0x520 [ 33.844886] blkdev_close+0x86/0xb0 [ 33.848507] __fput+0x2ce/0x890 [ 33.851782] task_work_run+0x148/0x1c0 [ 33.855656] exit_to_usermode_loop+0x251/0x2a0 [ 33.860221] do_syscall_64+0x538/0x620 [ 33.864120] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.869305] RIP: 0033:0x7f12bb606270 [ 33.873010] Code: 73 01 c3 48 8b 0d 38 7d 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 59 c1 20 00 00 75 10 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 ee fb ff ff 48 89 04 24 [ 33.891891] RSP: 002b:00007ffe3bb5a898 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 33.899587] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 00007f12bb606270 [ 33.906839] RDX: 000000000aba9500 RSI: 0000000000000000 RDI: 0000000000000007 [ 33.914088] RBP: 00007f12bc4c0710 R08: 000000000000004a R09: 0000000000000008 [ 33.921346] R10: 000055d3c9c691b8 R11: 0000000000000246 R12: 0000000000000000 [ 33.928596] R13: 000055d3c9c67880 R14: 0000000000000003 R15: 000000000000000e [ 33.936211] Kernel Offset: disabled [ 33.939859] Rebooting in 86400 seconds..