[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 69.975765][ T27] audit: type=1800 audit(1576809655.971:25): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 70.006142][ T27] audit: type=1800 audit(1576809655.981:26): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 70.069105][ T27] audit: type=1800 audit(1576809655.981:27): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 86.485196][ T9383] ------------[ cut here ]------------ [ 86.490785][ T9383] refcount_t: underflow; use-after-free. [ 86.496883][ T9383] WARNING: CPU: 1 PID: 9383 at lib/refcount.c:28 refcount_warn_saturate+0x1dc/0x1f0 [ 86.506291][ T9383] Kernel panic - not syncing: panic_on_warn set ... [ 86.512859][ T9383] CPU: 1 PID: 9383 Comm: syz-executor091 Not tainted 5.5.0-rc2-next-20191219-syzkaller #0 [ 86.522730][ T9383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.532780][ T9383] Call Trace: [ 86.536066][ T9383] dump_stack+0x197/0x210 [ 86.540378][ T9383] ? refcount_warn_saturate+0x140/0x1f0 [ 86.545902][ T9383] panic+0x2e3/0x75c [ 86.549774][ T9383] ? add_taint.cold+0x16/0x16 [ 86.554528][ T9383] ? __kasan_check_write+0x14/0x20 [ 86.559627][ T9383] ? __warn.cold+0x14/0x3e [ 86.564021][ T9383] ? __warn+0xd9/0x1cf [ 86.568070][ T9383] ? refcount_warn_saturate+0x1dc/0x1f0 [ 86.573678][ T9383] __warn.cold+0x2f/0x3e [ 86.577961][ T9383] ? refcount_warn_saturate+0x1dc/0x1f0 [ 86.583501][ T9383] report_bug+0x289/0x300 [ 86.587837][ T9383] do_error_trap+0x11b/0x200 [ 86.592450][ T9383] do_invalid_op+0x37/0x50 [ 86.596854][ T9383] ? refcount_warn_saturate+0x1dc/0x1f0 [ 86.602400][ T9383] invalid_op+0x23/0x30 [ 86.606564][ T9383] RIP: 0010:refcount_warn_saturate+0x1dc/0x1f0 [ 86.612698][ T9383] Code: e9 d8 fe ff ff 48 89 df e8 11 d8 22 fe e9 85 fe ff ff e8 d7 ec e4 fd 48 c7 c7 c0 dc 6f 88 c6 05 84 73 ec 06 01 e8 23 75 b5 fd <0f> 0b e9 ac fe ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 [ 86.632367][ T9383] RSP: 0018:ffffc90001ca7bf0 EFLAGS: 00010282 [ 86.638426][ T9383] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.646395][ T9383] RDX: 0000000000000000 RSI: ffffffff815e9f66 RDI: fffff52000394f70 [ 86.654348][ T9383] RBP: ffffc90001ca7c00 R08: ffff88809733c0c0 R09: 0000000000000000 [ 86.662306][ T9383] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000003 [ 86.670257][ T9383] R13: ffff8880a81d5358 R14: ffff8880a81d5300 R15: ffffffff8a025100 [ 86.678229][ T9383] ? vprintk_func+0x86/0x189 [ 86.682814][ T9383] put_watch+0xa2/0xb0 [ 86.686871][ T9383] watch_queue_release+0x34b/0xc40 [ 86.691971][ T9383] __fput+0x2ff/0x890 [ 86.695936][ T9383] ? __post_watch_notification+0x840/0x840 [ 86.701729][ T9383] ____fput+0x16/0x20 [ 86.705697][ T9383] task_work_run+0x145/0x1c0 [ 86.710284][ T9383] do_exit+0x909/0x2f20 [ 86.714426][ T9383] ? mm_update_next_owner+0x7c0/0x7c0 [ 86.719780][ T9383] ? __x64_sys_watch_devices+0x1e4/0x290 [ 86.725405][ T9383] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 86.730957][ T9383] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 86.737022][ T9383] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 86.742460][ T9383] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 86.747916][ T9383] do_group_exit+0x135/0x360 [ 86.752505][ T9383] __x64_sys_exit_group+0x44/0x50 [ 86.757610][ T9383] do_syscall_64+0xfa/0x790 [ 86.762105][ T9383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 86.767978][ T9383] RIP: 0033:0x43edb8 [ 86.771862][ T9383] Code: Bad RIP value. [ 86.775923][ T9383] RSP: 002b:00007ffe2e506308 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.784310][ T9383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043edb8 [ 86.792265][ T9383] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 86.800217][ T9383] RBP: 00000000004be5c8 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 86.808170][ T9383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.816123][ T9383] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 86.825499][ T9383] Kernel Offset: disabled [ 86.829895][ T9383] Rebooting in 86400 seconds..