[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.184' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   59.486870][ T6805] ------------[ cut here ]------------
[   59.492362][ T6805] WARNING: CPU: 1 PID: 6805 at drivers/android/binder.c:2348 binder_transaction_buffer_release+0x601/0x8a0
[   59.503776][ T6805] Kernel panic - not syncing: panic_on_warn set ...
[   59.510367][ T6805] CPU: 1 PID: 6805 Comm: syz-executor820 Not tainted 5.7.0-rc6-next-20200522-syzkaller #0
[   59.520343][ T6805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   59.530391][ T6805] Call Trace:
[   59.533682][ T6805]  dump_stack+0x18f/0x20d
[   59.537997][ T6805]  ? binder_transaction_buffer_release+0x5c0/0x8a0
[   59.544495][ T6805]  panic+0x2e3/0x75c
[   59.548459][ T6805]  ? __warn_printk+0xf3/0xf3
[   59.553043][ T6805]  ? printk+0xba/0xed
[   59.557014][ T6805]  ? log_store.cold+0x16/0x16
[   59.561931][ T6805]  ? __warn.cold+0x14/0x3a
[   59.566370][ T6805]  ? __warn+0xd6/0x1b2
[   59.570435][ T6805]  ? binder_transaction_buffer_release+0x601/0x8a0
[   59.576924][ T6805]  __warn.cold+0x2f/0x3a
[   59.581439][ T6805]  ? binder_transaction_buffer_release+0x601/0x8a0
[   59.588049][ T6805]  report_bug+0x27b/0x2f0
[   59.592725][ T6805]  do_error_trap+0x12b/0x220
[   59.597299][ T6805]  ? binder_transaction_buffer_release+0x601/0x8a0
[   59.604190][ T6805]  do_invalid_op+0x32/0x40
[   59.608955][ T6805]  ? binder_transaction_buffer_release+0x601/0x8a0
[   59.615624][ T6805]  invalid_op+0x23/0x30
[   59.619773][ T6805] RIP: 0010:binder_transaction_buffer_release+0x601/0x8a0
[   59.626872][ T6805] Code: b5 fd 31 ff 41 89 c5 89 c6 e8 db 13 77 fb 45 85 ed 0f 85 69 75 01 00 48 8d 45 40 48 89 44 24 28 e9 fa fa ff ff e8 1f 12 77 fb <0f> 0b e9 87 fc ff ff e8 13 12 77 fb 4c 8b 44 24 20 48 89 d8 45 31
[   59.647431][ T6805] RSP: 0018:ffffc900017d7620 EFLAGS: 00010293
[   59.653480][ T6805] RAX: ffff888096a420c0 RBX: 0000000000000058 RCX: 1ffff11012d484bb
[   59.661543][ T6805] RDX: 0000000000000000 RSI: ffffffff85fc9541 RDI: ffff88809238f848
[   59.670041][ T6805] RBP: ffff888095b62680 R08: ffff888096a420c0 R09: fffff520002faee7
[   59.678080][ T6805] R10: ffffc900017d7737 R11: fffff520002faee6 R12: ffff8880a91b65c0
[   59.686140][ T6805] R13: 0000000000000060 R14: ffff88809238f800 R15: 0000000000000060
[   59.694198][ T6805]  ? binder_transaction_buffer_release+0x601/0x8a0
[   59.700717][ T6805]  ? debug_smp_processor_id+0x2f/0x185
[   59.706186][ T6805]  ? binder_deferred_fd_close+0x150/0x150
[   59.712067][ T6805]  ? binder_translate_fd.isra.0+0x175/0x7b0
[   59.717961][ T6805]  ? trace_hardirqs_off+0x50/0x220
[   59.723138][ T6805]  ? trace_hardirqs_off+0x50/0x220
[   59.728336][ T6805]  ? kfree+0x1eb/0x2b0
[   59.732400][ T6805]  ? debug_smp_processor_id+0x2f/0x185
[   59.738841][ T6805]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   59.744459][ T6805]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   59.750419][ T6805]  ? binder_free_txn_fixups+0x15a/0x230
[   59.758484][ T6805]  binder_transaction+0x146d/0x6500
[   59.763680][ T6805]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[   59.769655][ T6805]  ? binder_translate_fd.isra.0+0x7b0/0x7b0
[   59.775789][ T6805]  ? stack_trace_consume_entry+0x160/0x160
[   59.781771][ T6805]  ? find_held_lock+0x2d/0x110
[   59.786567][ T6805]  ? __might_fault+0x11f/0x1d0
[   59.791326][ T6805]  ? lock_downgrade+0x840/0x840
[   59.796228][ T6805]  ? __might_fault+0x190/0x1d0
[   59.800992][ T6805]  binder_thread_write+0x818/0x2560
[   59.806279][ T6805]  ? binder_transaction+0x6500/0x6500
[   59.811734][ T6805]  ? __might_fault+0x11f/0x1d0
[   59.816962][ T6805]  ? lock_downgrade+0x840/0x840
[   59.821822][ T6805]  ? do_raw_spin_lock+0x129/0x2e0
[   59.827171][ T6805]  ? rwlock_bug.part.0+0x90/0x90
[   59.832124][ T6805]  ? __might_fault+0x190/0x1d0
[   59.837014][ T6805]  binder_ioctl+0x1008/0x1862
[   59.842060][ T6805]  ? __sanitizer_cov_trace_switch+0x45/0x70
[   59.848028][ T6805]  ? binder_thread_read+0x3b80/0x3b80
[   59.853761][ T6805]  ? ioctl_file_clone+0x180/0x180
[   59.858799][ T6805]  ? __fget_files+0x32f/0x500
[   59.863462][ T6805]  ? do_dup2+0x520/0x520
[   59.868098][ T6805]  ? binder_thread_read+0x3b80/0x3b80
[   59.874111][ T6805]  ksys_ioctl+0x11a/0x180
[   59.878532][ T6805]  __x64_sys_ioctl+0x6f/0xb0
[   59.883148][ T6805]  do_syscall_64+0xf6/0x7d0
[   59.887637][ T6805]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[   59.893787][ T6805] RIP: 0033:0x44b5d9
[   59.897760][ T6805] Code: e8 8c b5 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b cc fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   59.918435][ T6805] RSP: 002b:00007f2f58b40ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   59.927197][ T6805] RAX: ffffffffffffffda RBX: 00000000006dcc48 RCX: 000000000044b5d9
[   59.935162][ T6805] RDX: 0000000020000540 RSI: 00000000c0306201 RDI: 0000000000000003
[   59.944535][ T6805] RBP: 00000000006dcc40 R08: 0000000000000000 R09: 0000000000000000
[   59.952987][ T6805] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc4c
[   59.960980][ T6805] R13: 00007ffd8e965def R14: 00007f2f58b419c0 R15: 20c49ba5e353f7cf
[   59.971344][ T6805] Kernel Offset: disabled
[   59.975784][ T6805] Rebooting in 86400 seconds..