[ 36.281462] audit: type=1800 audit(1551739555.491:28): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 37.119971] audit: type=1800 audit(1551739556.411:29): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 37.139360] audit: type=1800 audit(1551739556.411:30): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.60' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 49.528072] kobject_add_internal failed for hci2 (error: -2 parent: bluetooth) [ 49.544534] Bluetooth: Can't register HCI device [ 49.557025] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) executing program executing program executing program executing program executing program executing program [ 49.576196] Bluetooth: Can't register HCI device executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 49.687810] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 49.701081] Bluetooth: Can't register HCI device [ 49.719817] kasan: CONFIG_KASAN_INLINE enabled executing program executing program executing program [ 49.737970] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 49.759102] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 49.774502] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 49.776695] Bluetooth: Can't register HCI device [ 49.780746] CPU: 1 PID: 7916 Comm: syz-executor327 Not tainted 5.0.0+ #5 [ 49.780754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.780772] RIP: 0010:kernfs_add_one+0x343/0x4d0 [ 49.780786] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 52 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5b 70 48 8d 7b 08 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 1f 01 00 00 8b 5b 08 31 ff 83 [ 49.780796] RSP: 0018:ffff88808bc27858 EFLAGS: 00010202 [ 49.787381] kobject: 'hci1' (00000000a60c7f94): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 49.792367] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87026eb8 [ 49.792382] RDX: 0000000000000001 RSI: ffffffff81d2502b RDI: 0000000000000008 [ 49.792392] RBP: ffff88808bc27898 R08: 1ffffffff1151224 R09: fffffbfff1151225 [ 49.792400] R10: fffffbfff1151224 R11: ffffffff88a89127 R12: ffff88808eb0e000 [ 49.792408] R13: ffff88808eb0e000 R14: 0000000000000000 R15: 0000000000000000 [ 49.792420] FS: 00007f2d380a6700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 49.792429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.792440] CR2: 0000000000000004 CR3: 00000000a92a1000 CR4: 00000000001406e0 [ 49.803318] kobject: 'hci3' (0000000081bba7cd): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 49.806530] Call Trace: [ 49.806543] kernfs_create_dir_ns+0xff/0x160 [ 49.806552] sysfs_create_dir_ns+0x131/0x2a0 [ 49.806559] ? sysfs_create_mount_point+0xa0/0xa0 [ 49.806571] ? class_dir_child_ns_type+0xd/0x60 [ 49.806581] kobject_add_internal.cold+0xe5/0x5d4 [ 49.806588] kobject_add+0x150/0x1c0 [ 49.806595] ? kset_create_and_add+0x1a0/0x1a0 [ 49.806606] ? mutex_unlock+0xd/0x10 [ 49.806612] ? device_add+0x30f/0x1870 [ 49.806619] device_add+0x3d5/0x1870 [ 49.806627] ? device_initialize+0x440/0x440 [ 49.806635] ? get_device_parent.isra.0+0x570/0x570 [ 49.806645] hci_register_dev+0x304/0x880 [ 49.806655] __vhci_create_device+0x2d0/0x5a0 [ 49.806662] vhci_write+0x2d0/0x470 [ 49.806672] __vfs_write+0x613/0x8e0 [ 49.806680] ? kernel_read+0x120/0x120 [ 49.806688] ? common_file_perm+0x1d6/0x6f0 [ 49.806697] ? apparmor_file_permission+0x25/0x30 [ 49.806706] ? rw_verify_area+0x118/0x360 [ 49.806714] vfs_write+0x20c/0x580 [ 49.806722] ksys_write+0xea/0x1f0 [ 49.806729] ? __ia32_sys_read+0xb0/0xb0 [ 49.806738] ? do_syscall_64+0x26/0x610 [ 49.806746] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.806753] ? do_syscall_64+0x26/0x610 [ 49.806761] __x64_sys_write+0x73/0xb0 [ 49.806782] do_syscall_64+0x103/0x610 [ 49.806790] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 49.806796] RIP: 0033:0x44a1f9 [ 49.806815] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b cc fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 49.806819] RSP: 002b:00007f2d380a5db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 49.806825] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 000000000044a1f9 [ 49.806829] RDX: 0000000000000002 RSI: 00000000200000c0 RDI: 0000000000000003 [ 49.806833] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 49.806837] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 49.806842] R13: 00007ffe34f27d2f R14: 00007f2d380a69c0 R15: 0000000000000000 [ 49.806873] Modules linked in: [ 49.807834] kobject: 'rfkill127' (00000000e2bb1f78): kobject_uevent_env [ 49.834524] kobject: 'hci1' (00000000a60c7f94): kobject_uevent_env [ 49.842919] kobject: 'hci4' (00000000c9d970c9): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 49.859588] kobject: 'hci1' (00000000ef71e953): kobject_cleanup, parent (null) [ 49.864726] kobject: 'hci4' (00000000c9d970c9): kobject_uevent_env [ 49.875592] kobject: 'hci1' (00000000ef71e953): calling ktype release [ 49.878422] kobject: 'hci4' (00000000c9d970c9): fill_kobj_path: path = '/devices/virtual/bluetooth/hci4' [ 49.908293] kobject: 'hci1' (00000000a60c7f94): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1' [ 49.909417] ---[ end trace 96f956127235ac6c ]--- [ 49.919231] kobject: 'hci1': free name [ 49.922607] kobject: 'rfkill127' (00000000e2bb1f78): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2/rfkill127' [ 49.926326] kobject: 'rfkill129' (000000008b8b5ade): kobject_add_internal: parent: 'hci1', set: 'devices' [ 49.931693] RIP: 0010:kernfs_add_one+0x343/0x4d0 [ 49.944265] kobject: 'hci3' (0000000081bba7cd): kobject_uevent_env [ 49.948330] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 52 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 5b 70 48 8d 7b 08 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 1f 01 00 00 8b 5b 08 31 ff 83 [ 49.960004] kobject: 'hci3' (0000000081bba7cd): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3' [ 49.968044] kobject: 'hci5' (0000000042c47044): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 49.977308] kobject: 'rfkill129' (000000008b8b5ade): kobject_uevent_env [ 49.982261] kobject: 'hci5' (0000000042c47044): kobject_uevent_env [ 49.994694] kobject: 'hci6' (0000000026f04a48): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 49.999705] RSP: 0018:ffff88808bc27858 EFLAGS: 00010202 [ 50.002694] kobject: 'hci6' (0000000026f04a48): kobject_uevent_env [ 50.005604] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87026eb8 [ 50.010619] kobject: 'hci5' (0000000042c47044): fill_kobj_path: path = '/devices/virtual/bluetooth/hci5' [ 50.014217] RDX: 0000000000000001 RSI: ffffffff81d2502b RDI: 0000000000000008 [ 50.023631] kobject: 'hci6' (0000000026f04a48): fill_kobj_path: path = '/devices/virtual/bluetooth/hci6' [ 50.027671] RBP: ffff88808bc27898 R08: 1ffffffff1151224 R09: fffffbfff1151225 [ 50.039036] kobject: 'rfkill129' (000000008b8b5ade): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1/rfkill129' [ 50.040121] R10: fffffbfff1151224 R11: ffffffff88a89127 R12: ffff88808eb0e000 [ 50.081006] kobject: 'hci7' (000000001bd21a61): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 50.083361] R13: ffff88808eb0e000 R14: 0000000000000000 R15: 0000000000000000 [ 50.099087] kobject: 'hci7' (000000001bd21a61): kobject_uevent_env [ 50.104604] FS: 00007f2d380a6700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 50.111158] kobject: 'hci7' (000000001bd21a61): fill_kobj_path: path = '/devices/virtual/bluetooth/hci7' [ 50.116350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.125120] kobject: 'rfkill127' (00000000e2bb1f78): kobject_cleanup, parent (null) [ 50.130358] CR2: 0000000000000004 CR3: 00000000a92a1000 CR4: 00000000001406e0 [ 50.138206] kobject: 'rfkill130' (0000000062a3d5a8): kobject_add_internal: parent: 'hci3', set: 'devices' [ 50.144729] Kernel panic - not syncing: Fatal exception [ 50.152622] kobject: 'rfkill129' (000000008b8b5ade): kobject_uevent_env [ 50.161327] Kernel Offset: disabled [ 50.430635] Rebooting in 86400 seconds..