[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   66.745861][   T27] audit: type=1800 audit(1576628110.260:25): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   66.774933][   T27] audit: type=1800 audit(1576628110.260:26): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   66.824930][   T27] audit: type=1800 audit(1576628110.270:27): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.38' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   79.502018][ T9321] ------------[ cut here ]------------
[   79.507625][ T9321] refcount_t: underflow; use-after-free.
[   79.513502][ T9321] WARNING: CPU: 0 PID: 9321 at lib/refcount.c:28 refcount_warn_saturate+0x1dc/0x1f0
[   79.522975][ T9321] Kernel panic - not syncing: panic_on_warn set ...
[   79.529552][ T9321] CPU: 0 PID: 9321 Comm: syz-executor338 Not tainted 5.5.0-rc2-next-20191217-syzkaller #0
[   79.539416][ T9321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.549456][ T9321] Call Trace:
[   79.552732][ T9321]  dump_stack+0x197/0x210
[   79.557046][ T9321]  ? refcount_warn_saturate+0x140/0x1f0
[   79.562587][ T9321]  panic+0x2e3/0x75c
[   79.566476][ T9321]  ? add_taint.cold+0x16/0x16
[   79.571146][ T9321]  ? __kasan_check_write+0x14/0x20
[   79.576249][ T9321]  ? __warn.cold+0x14/0x3e
[   79.580663][ T9321]  ? __warn+0xd9/0x1cf
[   79.584815][ T9321]  ? refcount_warn_saturate+0x1dc/0x1f0
[   79.590360][ T9321]  __warn.cold+0x2f/0x3e
[   79.594585][ T9321]  ? refcount_warn_saturate+0x1dc/0x1f0
[   79.600124][ T9321]  report_bug+0x289/0x300
[   79.604435][ T9321]  do_error_trap+0x11b/0x200
[   79.609031][ T9321]  do_invalid_op+0x37/0x50
[   79.613560][ T9321]  ? refcount_warn_saturate+0x1dc/0x1f0
[   79.619117][ T9321]  invalid_op+0x23/0x30
[   79.623299][ T9321] RIP: 0010:refcount_warn_saturate+0x1dc/0x1f0
[   79.629520][ T9321] Code: e9 d8 fe ff ff 48 89 df e8 31 3d 23 fe e9 85 fe ff ff e8 d7 4f e5 fd 48 c7 c7 20 d9 6f 88 c6 05 38 8a ec 06 01 e8 23 de b5 fd <0f> 0b e9 ac fe ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 48
[   79.649106][ T9321] RSP: 0018:ffffc90001dd7bf0 EFLAGS: 00010282
[   79.655163][ T9321] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   79.663114][ T9321] RDX: 0000000000000000 RSI: ffffffff815e9766 RDI: fffff520003baf70
[   79.671078][ T9321] RBP: ffffc90001dd7c00 R08: ffff8880a0bb2340 R09: ffffed1015d045c9
[   79.679044][ T9321] R10: ffffed1015d045c8 R11: ffff8880ae822e43 R12: 0000000000000003
[   79.687018][ T9321] R13: ffff8880a0109c58 R14: ffff8880a0109c00 R15: ffffffff8a023580
[   79.694990][ T9321]  ? vprintk_func+0x86/0x189
[   79.699564][ T9321]  put_watch+0xa2/0xb0
[   79.703611][ T9321]  watch_queue_release+0x34b/0xc40
[   79.708723][ T9321]  __fput+0x2ff/0x890
[   79.712702][ T9321]  ? __post_watch_notification+0x840/0x840
[   79.718503][ T9321]  ____fput+0x16/0x20
[   79.722467][ T9321]  task_work_run+0x145/0x1c0
[   79.727059][ T9321]  do_exit+0x909/0x2f20
[   79.731201][ T9321]  ? mm_update_next_owner+0x7c0/0x7c0
[   79.736569][ T9321]  ? __x64_sys_watch_devices+0x1e4/0x290
[   79.742193][ T9321]  ? rcu_read_lock_sched_held+0x9c/0xd0
[   79.747729][ T9321]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[   79.755008][ T9321]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   79.760461][ T9321]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   79.765976][ T9321]  do_group_exit+0x135/0x360
[   79.770593][ T9321]  __x64_sys_exit_group+0x44/0x50
[   79.775603][ T9321]  do_syscall_64+0xfa/0x790
[   79.780189][ T9321]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   79.786234][ T9321] RIP: 0033:0x43f168
[   79.790117][ T9321] Code: Bad RIP value.
[   79.794163][ T9321] RSP: 002b:00007fffdf5554d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   79.802610][ T9321] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043f168
[   79.810617][ T9321] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   79.818597][ T9321] RBP: 00000000004be848 R08: 00000000000000e7 R09: ffffffffffffffd4
[   79.826624][ T9321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.834590][ T9321] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000
[   79.844167][ T9321] Kernel Offset: disabled
[   79.848573][ T9321] Rebooting in 86400 seconds..