[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 60.631063][ T26] audit: type=1800 audit(1567097224.582:25): pid=8660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 60.652099][ T26] audit: type=1800 audit(1567097224.582:26): pid=8660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 60.697624][ T26] audit: type=1800 audit(1567097224.582:27): pid=8660 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.96' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 70.479602][ T8815] ------------[ cut here ]------------ [ 70.485198][ T8815] virt_to_cache: Object is not a Slab page! [ 70.491212][ T8815] WARNING: CPU: 0 PID: 8815 at mm/slab.h:473 kfree+0x1d3/0x2c0 [ 70.498735][ T8815] Kernel panic - not syncing: panic_on_warn set ... [ 70.505307][ T8815] CPU: 0 PID: 8815 Comm: syz-executor970 Not tainted 5.3.0-rc6-next-20190827 #74 [ 70.514388][ T8815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.524422][ T8815] Call Trace: [ 70.527907][ T8815] dump_stack+0x172/0x1f0 [ 70.532224][ T8815] ? kfree+0x1b0/0x2c0 [ 70.536274][ T8815] panic+0x2dc/0x755 [ 70.540163][ T8815] ? add_taint.cold+0x16/0x16 [ 70.544833][ T8815] ? __kasan_check_write+0x14/0x20 [ 70.549941][ T8815] ? __warn.cold+0x14/0x3c [ 70.554770][ T8815] ? __warn+0xd9/0x1d0 [ 70.558912][ T8815] ? kfree+0x1d3/0x2c0 [ 70.563469][ T8815] __warn.cold+0x2f/0x3c [ 70.567701][ T8815] ? kfree+0x1d3/0x2c0 [ 70.571752][ T8815] report_bug+0x289/0x300 [ 70.576089][ T8815] do_error_trap+0x11b/0x200 [ 70.580660][ T8815] do_invalid_op+0x37/0x50 [ 70.585051][ T8815] ? kfree+0x1d3/0x2c0 [ 70.589098][ T8815] invalid_op+0x23/0x30 [ 70.593240][ T8815] RIP: 0010:kfree+0x1d3/0x2c0 [ 70.597905][ T8815] Code: 53 ff e9 67 fe ff ff 80 3d 5d e4 14 08 00 75 1c 48 c7 c6 a0 6c b5 87 48 c7 c7 d0 be a7 88 c6 05 46 e4 14 08 01 e8 d5 b8 96 ff <0f> 0b f6 c7 02 75 6d 48 83 3d 2e 23 46 07 00 0f 85 4b ff ff ff 0f [ 70.617491][ T8815] RSP: 0018:ffff888089e978e8 EFLAGS: 00010082 [ 70.623553][ T8815] RAX: 0000000000000000 RBX: 0000000000000282 RCX: 0000000000000000 [ 70.631510][ T8815] RDX: 0000000000000000 RSI: ffffffff815bd606 RDI: ffffed10113d2f0f [ 70.639548][ T8815] RBP: ffff888089e97908 R08: ffff8880a03e0680 R09: ffffed1015d04109 [ 70.647512][ T8815] R10: ffffed1015d04108 R11: ffff8880ae820847 R12: ffffffff81756100 [ 70.655464][ T8815] R13: ffffffff829d0110 R14: ffff8880aa0bae80 R15: ffff88821b827170 [ 70.663436][ T8815] ? debugfs_release_dentry+0x60/0x80 [ 70.668888][ T8815] ? buffer_pipe_buf_get+0xc0/0xc0 [ 70.673993][ T8815] ? vprintk_func+0x86/0x189 [ 70.678578][ T8815] ? kfree+0x1d3/0x2c0 [ 70.682625][ T8815] ? buffer_pipe_buf_get+0xc0/0xc0 [ 70.687805][ T8815] debugfs_release_dentry+0x60/0x80 [ 70.692992][ T8815] ? debugfs_get_tree+0x30/0x30 [ 70.697838][ T8815] __dentry_kill+0x3f7/0x600 [ 70.702756][ T8815] shrink_dentry_list+0x152/0x4a0 [ 70.707761][ T8815] shrink_dcache_parent+0x23d/0x400 [ 70.712947][ T8815] ? shrink_dcache_sb+0x270/0x270 [ 70.717953][ T8815] ? __init_rwsem+0x1a0/0x1a0 [ 70.722617][ T8815] ? __kasan_check_read+0x11/0x20 [ 70.727643][ T8815] ? do_raw_spin_unlock+0x57/0x270 [ 70.732829][ T8815] do_one_tree+0x16/0x40 [ 70.737050][ T8815] shrink_dcache_for_umount+0x72/0x170 [ 70.742490][ T8815] generic_shutdown_super+0x6d/0x370 [ 70.747756][ T8815] kill_anon_super+0x3e/0x60 [ 70.752328][ T8815] kill_litter_super+0x50/0x60 [ 70.757076][ T8815] deactivate_locked_super+0x95/0x100 [ 70.762428][ T8815] deactivate_super+0x1b2/0x1d0 [ 70.767268][ T8815] ? mount_bdev+0x3c0/0x3c0 [ 70.771747][ T8815] ? dput+0x38/0xe10 [ 70.775619][ T8815] ? dput+0x1f2/0xe10 [ 70.779702][ T8815] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.785923][ T8815] ? locks_remove_file+0x32f/0x580 [ 70.791016][ T8815] put_fs_context+0xae/0x5b0 [ 70.795584][ T8815] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 70.801806][ T8815] fscontext_release+0x51/0x70 [ 70.806551][ T8815] __fput+0x2ff/0x890 [ 70.810515][ T8815] ? fs_validate_description+0x6e9/0x6e9 [ 70.816125][ T8815] ____fput+0x16/0x20 [ 70.820086][ T8815] task_work_run+0x145/0x1c0 [ 70.824670][ T8815] do_exit+0x904/0x2e60 [ 70.828812][ T8815] ? mm_update_next_owner+0x640/0x640 [ 70.834179][ T8815] ? down_read_non_owner+0x490/0x490 [ 70.839445][ T8815] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 70.845843][ T8815] ? handle_mm_fault+0x1d3/0x6c0 [ 70.850762][ T8815] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 70.856198][ T8815] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 70.861638][ T8815] do_group_exit+0x135/0x360 [ 70.866224][ T8815] __x64_sys_exit_group+0x44/0x50 [ 70.871334][ T8815] do_syscall_64+0xfa/0x760 [ 70.875876][ T8815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.882829][ T8815] RIP: 0033:0x43fde8 [ 70.886715][ T8815] Code: Bad RIP value. [ 70.890845][ T8815] RSP: 002b:00007ffd9fbe5158 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.899240][ T8815] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043fde8 [ 70.907192][ T8815] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 70.915148][ T8815] RBP: 00000000004bf670 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 70.923111][ T8815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.931067][ T8815] R13: 00000000006d1180 R14: 0000000000000000 R15: 0000000000000000 [ 70.940447][ T8815] Kernel Offset: disabled [ 70.944856][ T8815] Rebooting in 86400 seconds..