[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.667204] kauditd_printk_skb: 7 callbacks suppressed [ 26.667216] audit: type=1800 audit(1539536806.030:29): pid=5454 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 26.693857] audit: type=1800 audit(1539536806.030:30): pid=5454 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.63' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 70.824484] IPVS: ftp: loaded support on port[0] = 21 [ 70.954091] WARNING: CPU: 1 PID: 5614 at kernel/fork.c:718 __put_task_struct+0x3ef/0x620 [ 70.962491] Kernel panic - not syncing: panic_on_warn set ... [ 70.962491] [ 70.969862] CPU: 1 PID: 5614 Comm: syz-executor338 Not tainted 4.19.0-rc7-next-20181012+ #93 [ 70.978422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.987763] Call Trace: [ 70.990356] dump_stack+0x244/0x3ab [ 70.993970] ? dump_stack_print_info.cold.2+0x52/0x52 [ 70.999159] panic+0x238/0x4e7 [ 71.002396] ? add_taint.cold.5+0x16/0x16 [ 71.006566] ? __warn.cold.8+0x148/0x1ba [ 71.010612] ? __warn.cold.8+0x117/0x1ba [ 71.014662] ? __put_task_struct+0x3ef/0x620 [ 71.019061] __warn.cold.8+0x163/0x1ba [ 71.022937] ? rcu_softirq_qs+0x20/0x20 [ 71.026908] ? __put_task_struct+0x3ef/0x620 [ 71.031300] report_bug+0x254/0x2d0 [ 71.034927] do_error_trap+0x11b/0x200 [ 71.038807] do_invalid_op+0x36/0x40 [ 71.042504] ? __put_task_struct+0x3ef/0x620 [ 71.046899] invalid_op+0x14/0x20 [ 71.050336] RIP: 0010:__put_task_struct+0x3ef/0x620 [ 71.055339] Code: 4c 89 ee e8 c3 a3 7b 00 e9 a1 fe ff ff e8 69 55 37 00 0f 0b e9 7c fd ff ff e8 5d 55 37 00 0f 0b e9 87 fd ff ff e8 51 55 37 00 <0f> 0b e9 d0 fc ff ff e8 45 55 37 00 49 8d 87 90 05 00 00 31 f6 48 [ 71.074226] RSP: 0018:ffff8801d7fcee48 EFLAGS: 00010293 [ 71.079572] RAX: ffff8801d7ffe5c0 RBX: ffff8801d82be540 RCX: ffffffff814711cd [ 71.086823] RDX: 0000000000000000 RSI: ffffffff814714ff RDI: 0000000000000005 [ 71.094092] RBP: ffff8801d7fcef28 R08: ffff8801d7ffe5c0 R09: ffffed003b057cac [ 71.101343] R10: ffffed003b057cac R11: ffff8801d82be563 R12: 1ffff1003aff9dcc [ 71.108600] R13: 0000000000000000 R14: ffff8801d7fcef00 R15: ffff8801d7f7a9c0 [ 71.115872] ? __put_task_struct+0xbd/0x620 [ 71.120184] ? __put_task_struct+0x3ef/0x620 [ 71.124584] ? __put_task_struct+0x3ef/0x620 [ 71.128978] ? kasan_check_write+0x14/0x20 [ 71.133285] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 71.138267] ? free_task+0x1f0/0x1f0 [ 71.141983] ? wait_for_completion+0x8a0/0x8a0 [ 71.146559] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 71.151647] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 71.156743] rdma_restrack_del+0x2e0/0x3b0 [ 71.160967] ? trace_hardirqs_off_caller+0x300/0x300 [ 71.166058] ? rdma_restrack_put+0x60/0x60 [ 71.170278] ? wait_for_completion+0xe7/0x8a0 [ 71.174759] rdma_destroy_id+0x126/0xcc0 [ 71.178837] ? _raw_spin_unlock_irq+0x60/0x80 [ 71.183321] ? wait_for_completion+0xe7/0x8a0 [ 71.187806] ? cma_release_dev+0x380/0x380 [ 71.192036] ? wait_for_completion_interruptible+0x840/0x840 [ 71.197823] ? trace_hardirqs_on+0xbd/0x310 [ 71.202128] ? kasan_check_read+0x11/0x20 [ 71.206263] ? complete+0x62/0x80 [ 71.209702] ? trace_hardirqs_off_caller+0x300/0x300 [ 71.214823] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 71.219927] ? complete+0x62/0x80 [ 71.223370] ucma_close+0x114/0x310 [ 71.227046] __fput+0x3bc/0xa70 [ 71.230323] ? ucma_free_ctx+0xdb0/0xdb0 [ 71.234386] ? get_max_files+0x20/0x20 [ 71.238279] ? perf_trace_sched_process_exec+0x860/0x860 [ 71.243956] ____fput+0x15/0x20 [ 71.247220] task_work_run+0x1e8/0x2a0 [ 71.251096] ? task_work_cancel+0x240/0x240 [ 71.255417] ? switch_task_namespaces+0xb8/0xd0 [ 71.260085] do_exit+0x1ad2/0x2610 [ 71.263615] ? do_raw_spin_unlock+0x31/0x2f0 [ 71.268012] ? mm_update_next_owner+0x990/0x990 [ 71.272673] ? print_usage_bug+0xc0/0xc0 [ 71.276720] ? __might_sleep+0x95/0x190 [ 71.280679] ? find_held_lock+0x36/0x1c0 [ 71.284732] ? __lock_acquire+0x678/0x4da0 [ 71.288955] ? lock_downgrade+0x900/0x900 [ 71.293270] ? kasan_check_write+0x14/0x20 [ 71.297491] ? __unqueue_futex+0x1ee/0x2e0 [ 71.301719] ? mark_held_locks+0x130/0x130 [ 71.305941] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 71.311122] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 71.316212] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.321735] ? futex_wait+0x5ec/0xa50 [ 71.325529] ? futex_wait_setup+0x3e0/0x3e0 [ 71.329844] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 71.334938] ? futex_wake+0x304/0x760 [ 71.338730] ? zap_class+0x640/0x640 [ 71.342450] ? memset+0x31/0x40 [ 71.345716] ? find_held_lock+0x36/0x1c0 [ 71.349762] ? get_signal+0x953/0x1970 [ 71.353656] ? _raw_spin_unlock_irq+0x27/0x80 [ 71.358138] ? _raw_spin_unlock_irq+0x27/0x80 [ 71.362623] do_group_exit+0x177/0x440 [ 71.366496] ? trace_hardirqs_off_caller+0x300/0x300 [ 71.371593] ? __ia32_sys_exit+0x50/0x50 [ 71.375704] get_signal+0x8a8/0x1970 [ 71.379447] ? ptrace_notify+0x130/0x130 [ 71.383528] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.389051] ? ucma_write+0x12b/0x420 [ 71.392837] ? ucma_open+0x3f0/0x3f0 [ 71.396547] ? __vfs_write+0x121/0x9f0 [ 71.400431] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 71.405383] do_signal+0x9c/0x21c0 [ 71.408912] ? apparmor_path_rmdir+0x30/0x30 [ 71.413308] ? setup_sigcontext+0x7d0/0x7d0 [ 71.417625] ? apparmor_file_permission+0x24/0x30 [ 71.422464] ? exit_to_usermode_loop+0x8c/0x380 [ 71.427162] ? exit_to_usermode_loop+0x8c/0x380 [ 71.431836] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 71.436417] ? trace_hardirqs_on+0xbd/0x310 [ 71.440723] ? do_syscall_64+0x6be/0x820 [ 71.444841] ? __x64_sys_futex+0x47f/0x6a0 [ 71.449072] exit_to_usermode_loop+0x2e5/0x380 [ 71.453643] ? __bpf_trace_sys_exit+0x30/0x30 [ 71.458129] ? trace_hardirqs_off+0xb8/0x310 [ 71.462533] do_syscall_64+0x6be/0x820 [ 71.466406] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 71.471755] ? syscall_return_slowpath+0x5e0/0x5e0 [ 71.476672] ? trace_hardirqs_on_caller+0x310/0x310 [ 71.481676] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 71.486685] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 71.493350] ? __switch_to_asm+0x40/0x70 [ 71.497395] ? __switch_to_asm+0x34/0x70 [ 71.501443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 71.506276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.511452] RIP: 0033:0x4460a9 [ 71.514683] Code: Bad RIP value. [ 71.518039] RSP: 002b:00007f0e9c1a9da8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 71.525731] RAX: fffffffffffffe00 RBX: 00000000006dbc48 RCX: 00000000004460a9 [ 71.532983] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dbc48 [ 71.540237] RBP: 00000000006dbc40 R08: 0000000000000000 R09: 0000000000000000 [ 71.547491] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 71.554753] R13: 666e692f7665642f R14: 0100000000000000 R15: 0000000000000003 [ 71.563238] Kernel Offset: disabled [ 71.566915] Rebooting in 86400 seconds..