[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 67.796747][ T26] audit: type=1800 audit(1575582962.346:25): pid=9165 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 67.816819][ T26] audit: type=1800 audit(1575582962.356:26): pid=9165 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 67.855193][ T26] audit: type=1800 audit(1575582962.366:27): pid=9165 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.90' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 87.699542][ T9318] ------------[ cut here ]------------ [ 87.705417][ T9318] refcount_t: underflow; use-after-free. [ 87.711596][ T9318] WARNING: CPU: 1 PID: 9318 at lib/refcount.c:28 refcount_warn_saturate+0x1dc/0x1f0 [ 87.721226][ T9318] Kernel panic - not syncing: panic_on_warn set ... [ 87.728125][ T9318] CPU: 1 PID: 9318 Comm: syz-executor327 Not tainted 5.4.0-next-20191205-syzkaller #0 [ 87.738046][ T9318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.749328][ T9318] Call Trace: [ 87.752965][ T9318] dump_stack+0x197/0x210 [ 87.757312][ T9318] ? refcount_warn_saturate+0x110/0x1f0 [ 87.762888][ T9318] panic+0x2e3/0x75c [ 87.766985][ T9318] ? add_taint.cold+0x16/0x16 [ 87.772044][ T9318] ? __kasan_check_write+0x14/0x20 [ 87.777168][ T9318] ? __warn.cold+0x14/0x3e [ 87.781629][ T9318] ? __warn+0xd9/0x1cf [ 87.785844][ T9318] ? refcount_warn_saturate+0x1dc/0x1f0 [ 87.791421][ T9318] __warn.cold+0x2f/0x3e [ 87.795800][ T9318] ? refcount_warn_saturate+0x1dc/0x1f0 [ 87.801633][ T9318] report_bug+0x289/0x300 [ 87.806226][ T9318] do_error_trap+0x11b/0x200 [ 87.810817][ T9318] do_invalid_op+0x37/0x50 [ 87.815263][ T9318] ? refcount_warn_saturate+0x1dc/0x1f0 [ 87.820943][ T9318] invalid_op+0x23/0x30 [ 87.825427][ T9318] RIP: 0010:refcount_warn_saturate+0x1dc/0x1f0 [ 87.831682][ T9318] Code: e9 d8 fe ff ff 48 89 df e8 01 52 23 fe e9 85 fe ff ff e8 b7 ae e5 fd 48 c7 c7 e0 b7 6f 88 c6 05 5d d5 ec 06 01 e8 b3 5a b6 fd <0f> 0b e9 ac fe ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 [ 87.855319][ T9318] RSP: 0018:ffffc90001e77bf0 EFLAGS: 00010282 [ 87.862270][ T9318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.871107][ T9318] RDX: 0000000000000000 RSI: ffffffff815e5896 RDI: fffff520003cef70 [ 87.879460][ T9318] RBP: ffffc90001e77c00 R08: ffff8880a7154640 R09: 0000000000000000 [ 87.888787][ T9318] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000003 [ 87.897064][ T9318] R13: ffff8880950c5e58 R14: ffff8880950c5e00 R15: ffffffff8a0218c0 [ 87.905474][ T9318] ? vprintk_func+0x86/0x189 [ 87.911126][ T9318] put_watch+0xa2/0xb0 [ 87.915276][ T9318] watch_queue_release+0x34b/0xc40 [ 87.920579][ T9318] __fput+0x2ff/0x890 [ 87.924723][ T9318] ? __post_watch_notification+0x840/0x840 [ 87.930549][ T9318] ____fput+0x16/0x20 [ 87.934529][ T9318] task_work_run+0x145/0x1c0 [ 87.939180][ T9318] do_exit+0x8e7/0x2ef0 [ 87.943512][ T9318] ? mm_update_next_owner+0x7c0/0x7c0 [ 87.948994][ T9318] ? __x64_sys_watch_devices+0x1e4/0x290 [ 87.954879][ T9318] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 87.960460][ T9318] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 87.967055][ T9318] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 87.972684][ T9318] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 87.978712][ T9318] do_group_exit+0x135/0x360 [ 87.983703][ T9318] __x64_sys_exit_group+0x44/0x50 [ 87.988988][ T9318] do_syscall_64+0xfa/0x790 [ 87.993531][ T9318] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.999667][ T9318] RIP: 0033:0x43edb8 [ 88.004289][ T9318] Code: Bad RIP value. [ 88.009151][ T9318] RSP: 002b:00007ffc74c09078 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.018120][ T9318] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043edb8 [ 88.026093][ T9318] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 88.034611][ T9318] RBP: 00000000004be5c8 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 88.042804][ T9318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.051057][ T9318] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 88.060977][ T9318] Kernel Offset: disabled [ 88.065595][ T9318] Rebooting in 86400 seconds..