[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 53.490417][ T27] audit: type=1800 audit(1584416963.922:25): pid=8501 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 53.534423][ T27] audit: type=1800 audit(1584416963.922:26): pid=8501 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 53.559430][ T27] audit: type=1800 audit(1584416963.922:27): pid=8501 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 65.126857][ T8658] IPVS: ftp: loaded support on port[0] = 21 [ 65.156559][ T8658] netlink: 16 bytes leftover after parsing attributes in process `syz-executor975'. [ 65.202392][ T8658] ------------[ cut here ]------------ [ 65.207898][ T8658] refcount_t: underflow; use-after-free. [ 65.214023][ T8658] WARNING: CPU: 1 PID: 8658 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 [ 65.223393][ T8658] Kernel panic - not syncing: panic_on_warn set ... [ 65.230002][ T8658] CPU: 1 PID: 8658 Comm: syz-executor975 Not tainted 5.6.0-rc6-syzkaller #0 [ 65.238649][ T8658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.248682][ T8658] Call Trace: [ 65.251969][ T8658] dump_stack+0x1e9/0x30e [ 65.257288][ T8658] panic+0x264/0x7a0 [ 65.261188][ T8658] ? __warn+0x102/0x210 [ 65.285136][ T8658] ? refcount_warn_saturate+0x15b/0x1a0 [ 65.290667][ T8658] __warn+0x209/0x210 [ 65.294645][ T8658] ? refcount_warn_saturate+0x15b/0x1a0 [ 65.300165][ T8658] report_bug+0x1ac/0x2d0 [ 65.304492][ T8658] do_error_trap+0xca/0x1c0 [ 65.308972][ T8658] do_invalid_op+0x32/0x40 [ 65.313401][ T8658] ? refcount_warn_saturate+0x15b/0x1a0 [ 65.318934][ T8658] invalid_op+0x23/0x30 [ 65.323067][ T8658] RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 [ 65.329197][ T8658] Code: c7 14 00 d1 88 31 c0 e8 53 38 b3 fd 0f 0b eb 85 e8 da 59 e0 fd c6 05 2e 86 b1 05 01 48 c7 c7 40 00 d1 88 31 c0 e8 35 38 b3 fd <0f> 0b e9 64 ff ff ff e8 b9 59 e0 fd c6 05 0e 86 b1 05 01 48 c7 c7 [ 65.348871][ T8658] RSP: 0018:ffffc90004117d98 EFLAGS: 00010246 [ 65.354927][ T8658] RAX: bda07dc86d91cd00 RBX: 0000000000000003 RCX: ffff888096e6c1c0 [ 65.362886][ T8658] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 65.370842][ T8658] RBP: 0000000000000003 R08: ffffffff815e17a6 R09: fffffbfff121afc3 [ 65.378813][ T8658] R10: fffffbfff121afc3 R11: 0000000000000000 R12: ffff88808c2ba040 [ 65.386767][ T8658] R13: 0000000000000100 R14: ffff8880a9a7db60 R15: ffff88808c2ba044 [ 65.394799][ T8658] ? vprintk_emit+0x2e6/0x3b0 [ 65.399636][ T8658] ? refcount_warn_saturate+0x15b/0x1a0 [ 65.405157][ T8658] free_nsproxy+0x343/0x3b0 [ 65.409638][ T8658] do_exit+0x5ea/0x1f80 [ 65.413788][ T8658] ? __up_read+0x1f1/0x6e0 [ 65.418189][ T8658] do_group_exit+0x15e/0x2c0 [ 65.422771][ T8658] ? trace_irq_disable_rcuidle+0x1f/0x1d0 [ 65.428497][ T8658] __do_sys_exit_group+0x13/0x20 [ 65.433409][ T8658] __se_sys_exit_group+0x10/0x10 [ 65.438320][ T8658] __x64_sys_exit_group+0x37/0x40 [ 65.443317][ T8658] do_syscall_64+0xf3/0x1b0 [ 65.447808][ T8658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.453688][ T8658] RIP: 0033:0x43f998 [ 65.457582][ T8658] Code: 24 38 80 f9 3a 0f 85 5f 01 00 00 48 8d 74 24 34 48 8d 7c 24 38 83 ea 01 89 54 24 34 e8 61 f8 ff ff 83 f8 3c 41 89 c1 0f 87 3d <01> 00 00 8b 4c 24 34 85 c9 0f 8e 59 01 00 00 48 8b 54 24 38 c7 44 [ 65.477168][ T8658] RSP: 002b:00007ffd16db08e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 65.485556][ T8658] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000043f998 [ 65.493521][ T8658] RDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001 [ 65.501502][ T8658] RBP: 00000000004bfa10 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 65.509568][ T8658] R10: 0000000120080522 R11: 0000000000000246 R12: 0000000000000001 [ 65.517537][ T8658] R13: 00000000006d11c0 R14: 0000000000000000 R15: 0000000000000000 [ 65.526917][ T8658] Kernel Offset: disabled [ 65.531313][ T8658] Rebooting in 86400 seconds..