[ 76.205281][ T26] audit: type=1800 audit(1565538520.541:27): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 76.227820][ T26] audit: type=1800 audit(1565538520.541:28): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 76.907720][ T26] audit: type=1800 audit(1565538521.311:29): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 76.928233][ T26] audit: type=1800 audit(1565538521.321:30): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.21' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 84.787578][T10556] ================================================================== [ 84.795742][T10556] BUG: KASAN: null-ptr-deref in rxrpc_unuse_local+0x23/0x70 [ 84.803005][T10556] Write of size 4 at addr 0000000000000010 by task syz-executor194/10556 [ 84.811386][T10556] [ 84.813713][T10556] CPU: 1 PID: 10556 Comm: syz-executor194 Not tainted 5.3.0-rc3+ #157 [ 84.821869][T10556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.831935][T10556] Call Trace: [ 84.835234][T10556] dump_stack+0x172/0x1f0 [ 84.839567][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 84.844489][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 84.849436][T10556] __kasan_report.cold+0x5/0x36 [ 84.854287][T10556] ? _raw_read_unlock_irqrestore+0xc1/0xe0 [ 84.860082][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 84.865009][T10556] kasan_report+0x12/0x17 [ 84.869326][T10556] check_memory_region+0x134/0x1a0 [ 84.874417][T10556] __kasan_check_write+0x14/0x20 [ 84.879338][T10556] rxrpc_unuse_local+0x23/0x70 [ 84.884111][T10556] rxrpc_release+0x47d/0x840 [ 84.888725][T10556] __sock_release+0xce/0x280 [ 84.893316][T10556] sock_close+0x1e/0x30 [ 84.897471][T10556] __fput+0x2ff/0x890 [ 84.901434][T10556] ? __sock_release+0x280/0x280 [ 84.906265][T10556] ____fput+0x16/0x20 [ 84.910251][T10556] task_work_run+0x145/0x1c0 [ 84.914822][T10556] do_exit+0x92f/0x2e50 [ 84.918974][T10556] ? __sanitizer_cov_trace_const_cmp4+0x1/0x20 [ 84.925109][T10556] ? mm_update_next_owner+0x640/0x640 [ 84.930477][T10556] ? fd_install+0x4d/0x60 [ 84.934794][T10556] ? __sys_socket+0x180/0x220 [ 84.939476][T10556] ? move_addr_to_kernel+0x80/0x80 [ 84.944581][T10556] ? __ia32_sys_fallocate+0xf0/0xf0 [ 84.949780][T10556] do_group_exit+0x135/0x360 [ 84.954348][T10556] __x64_sys_exit_group+0x44/0x50 [ 84.959370][T10556] do_syscall_64+0xfd/0x6a0 [ 84.963854][T10556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 84.969723][T10556] RIP: 0033:0x43ed68 [ 84.973602][T10556] Code: Bad RIP value. [ 84.978759][T10556] RSP: 002b:00007ffc7cd1a2a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.987622][T10556] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 84.995750][T10556] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 85.003713][T10556] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 85.011869][T10556] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 85.019854][T10556] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 85.027818][T10556] ================================================================== [ 85.036118][T10556] Kernel panic - not syncing: panic_on_warn set ... [ 85.042724][T10556] CPU: 1 PID: 10556 Comm: syz-executor194 Tainted: G B 5.3.0-rc3+ #157 [ 85.052261][T10556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.062321][T10556] Call Trace: [ 85.065606][T10556] dump_stack+0x172/0x1f0 [ 85.069972][T10556] panic+0x2dc/0x755 [ 85.073872][T10556] ? add_taint.cold+0x16/0x16 [ 85.078536][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 85.083547][T10556] ? preempt_schedule+0x4b/0x60 [ 85.088407][T10556] ? ___preempt_schedule+0x16/0x20 [ 85.093523][T10556] ? trace_hardirqs_on+0x5e/0x240 [ 85.098535][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 85.103473][T10556] end_report+0x47/0x4f [ 85.107612][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 85.112550][T10556] __kasan_report.cold+0xe/0x36 [ 85.117402][T10556] ? _raw_read_unlock_irqrestore+0xc1/0xe0 [ 85.123192][T10556] ? rxrpc_unuse_local+0x23/0x70 [ 85.128114][T10556] kasan_report+0x12/0x17 [ 85.132427][T10556] check_memory_region+0x134/0x1a0 [ 85.137547][T10556] __kasan_check_write+0x14/0x20 [ 85.142470][T10556] rxrpc_unuse_local+0x23/0x70 [ 85.147332][T10556] rxrpc_release+0x47d/0x840 [ 85.151909][T10556] __sock_release+0xce/0x280 [ 85.156480][T10556] sock_close+0x1e/0x30 [ 85.160619][T10556] __fput+0x2ff/0x890 [ 85.164580][T10556] ? __sock_release+0x280/0x280 [ 85.170746][T10556] ____fput+0x16/0x20 [ 85.174726][T10556] task_work_run+0x145/0x1c0 [ 85.179298][T10556] do_exit+0x92f/0x2e50 [ 85.183439][T10556] ? __sanitizer_cov_trace_const_cmp4+0x1/0x20 [ 85.189575][T10556] ? mm_update_next_owner+0x640/0x640 [ 85.194934][T10556] ? fd_install+0x4d/0x60 [ 85.199245][T10556] ? __sys_socket+0x180/0x220 [ 85.203906][T10556] ? move_addr_to_kernel+0x80/0x80 [ 85.208998][T10556] ? __ia32_sys_fallocate+0xf0/0xf0 [ 85.214181][T10556] do_group_exit+0x135/0x360 [ 85.218769][T10556] __x64_sys_exit_group+0x44/0x50 [ 85.223788][T10556] do_syscall_64+0xfd/0x6a0 [ 85.228274][T10556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 85.234146][T10556] RIP: 0033:0x43ed68 [ 85.238041][T10556] Code: Bad RIP value. [ 85.242192][T10556] RSP: 002b:00007ffc7cd1a2a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.250598][T10556] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ed68 [ 85.258559][T10556] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 85.266525][T10556] RBP: 00000000004be568 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 85.274482][T10556] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 85.282456][T10556] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 85.291761][T10556] Kernel Offset: disabled [ 85.296098][T10556] Rebooting in 86400 seconds..