[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   28.240214] kauditd_printk_skb: 7 callbacks suppressed
[   28.240226] audit: type=1800 audit(1542387310.926:29): pid=5882 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   28.270782] audit: type=1800 audit(1542387310.926:30): pid=5882 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.110519] sshd (6020) used greatest stack depth: 15744 bytes left
Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts.
executing program
[   38.673460] IPVS: ftp: loaded support on port[0] = 21
[   38.880275] WARNING: CPU: 0 PID: 6039 at fs/fuse/inode.c:119 fuse_destroy_inode+0x251/0x2c0
[   38.888890] Kernel panic - not syncing: panic_on_warn set ...
[   38.894764] CPU: 0 PID: 6039 Comm: syz-executor459 Not tainted 4.20.0-rc2+ #337
[   38.902203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   38.911538] Call Trace:
[   38.914114]  dump_stack+0x244/0x39d
[   38.917740]  ? dump_stack_print_info.cold.1+0x20/0x20
[   38.922921]  panic+0x2ad/0x55c
[   38.926094]  ? add_taint.cold.5+0x16/0x16
[   38.930230]  ? __warn.cold.8+0x5/0x45
[   38.934011]  ? __warn+0xe8/0x1d0
[   38.937384]  ? fuse_destroy_inode+0x251/0x2c0
[   38.941868]  __warn.cold.8+0x20/0x45
[   38.945564]  ? rcu_softirq_qs+0x20/0x20
[   38.949520]  ? fuse_destroy_inode+0x251/0x2c0
[   38.954027]  report_bug+0x254/0x2d0
[   38.957639]  do_error_trap+0x11b/0x200
[   38.961512]  do_invalid_op+0x36/0x40
[   38.965203]  ? fuse_destroy_inode+0x251/0x2c0
[   38.969681]  invalid_op+0x14/0x20
[   38.973118] RIP: 0010:fuse_destroy_inode+0x251/0x2c0
[   38.978205] Code: 41 c6 44 15 00 f8 0f 84 8c fe ff ff e8 c8 f2 f2 fe 0f 0b e9 80 fe ff ff 48 89 df e8 b9 3f 36 ff e9 50 fe ff ff e8 af f2 f2 fe <0f> 0b e9 6a ff ff ff e8 e3 3f 36 ff e9 90 fe ff ff e8 29 5a bc fe
[   38.997091] RSP: 0018:ffff8881c0b76818 EFLAGS: 00010293
[   39.002436] RAX: ffff8881c435c700 RBX: ffff8881b19bb5c0 RCX: 1ffff1103816ed08
[   39.009687] RDX: 0000000000000000 RSI: ffffffff828c9531 RDI: 0000000000000003
[   39.016938] RBP: ffff8881c0b768e8 R08: ffff8881c435c700 R09: 0000000000000008
[   39.024192] R10: 0000000000000002 R11: ffff8881c435c700 R12: 1ffff1103816ed04
[   39.031453] R13: 1ffff1103816ed08 R14: ffff8881c0b768c0 R15: ffff8881b19bb998
[   39.038730]  ? fuse_destroy_inode+0x251/0x2c0
[   39.043212]  ? fuse_destroy_inode+0x251/0x2c0
[   39.047688]  ? fuse_evict_inode+0x1e0/0x1e0
[   39.051992]  ? evict+0x5d8/0x980
[   39.055379]  ? lock_downgrade+0x900/0x900
[   39.059512]  ? fuse_evict_inode+0x1e0/0x1e0
[   39.063815]  destroy_inode+0x159/0x200
[   39.067691]  ? __destroy_inode+0x820/0x820
[   39.071917]  ? fuse_queue_forget+0x138/0x190
[   39.076311]  evict+0x5e0/0x980
[   39.079498]  ? destroy_inode+0x200/0x200
[   39.083541]  ? iput+0x671/0xa90
[   39.086806]  ? lock_downgrade+0x900/0x900
[   39.090956]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   39.096484]  ? kasan_check_read+0x11/0x20
[   39.100619]  ? do_raw_spin_trylock+0x270/0x270
[   39.105210]  ? find_held_lock+0x36/0x1c0
[   39.109305]  iput+0x679/0xa90
[   39.112405]  ? inode_add_lru+0x2a0/0x2a0
[   39.116448]  ? d_walk+0x797/0xc70
[   39.119906]  ? kasan_check_read+0x11/0x20
[   39.124040]  ? do_raw_spin_unlock+0xa7/0x330
[   39.128445]  ? do_raw_spin_trylock+0x270/0x270
[   39.133013]  ? print_usage_bug+0xc0/0xc0
[   39.137057]  ? do_raw_spin_unlock+0xa7/0x330
[   39.141466]  dentry_unlink_inode+0x461/0x5e0
[   39.145865]  ? d_lru_del+0x130/0x130
[   39.149566]  ? zap_class+0x640/0x640
[   39.153259]  ? d_walk+0x797/0xc70
[   39.156700]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   39.162223]  ? lockref_mark_dead+0xef/0x170
[   39.166526]  ? lockref_get_not_dead+0x90/0x90
[   39.171010]  ? lock_acquire+0x1ed/0x520
[   39.174972]  __dentry_kill+0x44c/0x7a0
[   39.178845]  ? d_drop+0x70/0x70
[   39.182109]  ? lock_downgrade+0x900/0x900
[   39.186242]  ? rcu_read_unlock_special+0x1c0/0x1c0
[   39.191192]  ? kasan_check_read+0x11/0x20
[   39.195328]  dentry_kill+0xc9/0x680
[   39.198954]  dput.part.25+0x660/0x860
[   39.202739]  ? shrink_dcache_sb+0x350/0x350
[   39.207048]  do_one_tree+0x37/0x40
[   39.210588]  shrink_dcache_for_umount+0xc7/0x2b0
[   39.215336]  ? lock_downgrade+0x900/0x900
[   39.219474]  ? d_set_mounted+0x2e0/0x2e0
[   39.223521]  ? lock_release+0xa00/0xa00
[   39.227477]  ? perf_trace_sched_process_exec+0x860/0x860
[   39.232912]  ? unregister_shrinker+0x270/0x460
[   39.237492]  generic_shutdown_super+0xd5/0x530
[   39.242058]  ? destroy_super_rcu+0x210/0x210
[   39.246453]  ? up_write+0x7b/0x220
[   39.249978]  ? down_write_nested+0x130/0x130
[   39.254372]  ? down_read+0x120/0x120
[   39.258086]  ? prepare_kswapd_sleep+0x220/0x220
[   39.262745]  kill_anon_super+0x3e/0x60
[   39.266619]  fuse_kill_sb_anon+0x1d/0x20
[   39.270664]  deactivate_locked_super+0x97/0x100
[   39.275319]  deactivate_super+0x2bb/0x320
[   39.279460]  ? get_super_exclusive_thawed+0x20/0x20
[   39.284462]  ? fsnotify_destroy_marks+0x1d2/0x270
[   39.289289]  ? shrink_dcache_sb+0x350/0x350
[   39.293599]  ? cpumask_next+0x41/0x50
[   39.297383]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   39.302390]  ? mnt_get_writers.isra.26+0xf8/0x150
[   39.307216]  cleanup_mnt+0xbf/0x160
[   39.310826]  __cleanup_mnt+0x16/0x20
[   39.314524]  task_work_run+0x1e8/0x2a0
[   39.318396]  ? task_work_cancel+0x240/0x240
[   39.322711]  ? switch_task_namespaces+0xb8/0xd0
[   39.327376]  do_exit+0x1ad6/0x26d0
[   39.330909]  ? do_raw_spin_trylock+0x251/0x270
[   39.335475]  ? mm_update_next_owner+0x990/0x990
[   39.340129]  ? print_usage_bug+0xc0/0xc0
[   39.344172]  ? zap_class+0x640/0x640
[   39.347877]  ? find_held_lock+0x36/0x1c0
[   39.351926]  ? __lock_acquire+0x62f/0x4c20
[   39.356143]  ? lock_downgrade+0x900/0x900
[   39.360317]  ? mark_held_locks+0x130/0x130
[   39.364542]  ? __sanitizer_cov_trace_switch+0x53/0x90
[   39.369721]  ? drop_futex_key_refs.isra.14+0x6d/0xe0
[   39.374807]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   39.380325]  ? futex_wait+0x5ec/0xa50
[   39.384208]  ? futex_wait_setup+0x3e0/0x3e0
[   39.388517]  ? drop_futex_key_refs.isra.14+0x6d/0xe0
[   39.393602]  ? futex_wake+0x304/0x760
[   39.397391]  ? zap_class+0x640/0x640
[   39.401094]  ? memset+0x31/0x40
[   39.404382]  ? find_held_lock+0x36/0x1c0
[   39.408431]  ? get_signal+0x95b/0x1980
[   39.412303]  ? _raw_spin_unlock_irq+0x27/0x80
[   39.416780]  ? _raw_spin_unlock_irq+0x27/0x80
[   39.421264]  do_group_exit+0x177/0x440
[   39.425141]  ? trace_hardirqs_off_caller+0x310/0x310
[   39.430228]  ? __ia32_sys_exit+0x50/0x50
[   39.434275]  get_signal+0x8b0/0x1980
[   39.437986]  ? ptrace_notify+0x130/0x130
[   39.442036]  ? filename_lookup+0x39f/0x520
[   39.446257]  ? filename_parentat.isra.56+0x570/0x570
[   39.451350]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   39.456895]  ? digsig_verify+0x1530/0x1530
[   39.461120]  do_signal+0x9c/0x21c0
[   39.464646]  ? getname_flags+0x26e/0x590
[   39.468706]  ? user_path_at_empty+0x40/0x50
[   39.473020]  ? setup_sigcontext+0x7d0/0x7d0
[   39.477320]  ? vfs_statx+0x17a/0x210
[   39.481030]  ? exit_to_usermode_loop+0x8c/0x380
[   39.485683]  ? exit_to_usermode_loop+0x8c/0x380
[   39.490366]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   39.494934]  ? trace_hardirqs_on+0xbd/0x310
[   39.499239]  ? do_syscall_64+0x6be/0x820
[   39.503300]  ? __x64_sys_futex+0x47f/0x6a0
[   39.507525]  exit_to_usermode_loop+0x2e5/0x380
[   39.512095]  ? __bpf_trace_sys_exit+0x30/0x30
[   39.516572]  ? trace_hardirqs_off+0xb8/0x310
[   39.520968]  do_syscall_64+0x6be/0x820
[   39.524858]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   39.530209]  ? syscall_return_slowpath+0x5e0/0x5e0
[   39.535140]  ? trace_hardirqs_on_caller+0x310/0x310
[   39.540140]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   39.545142]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[   39.551793]  ? __switch_to_asm+0x40/0x70
[   39.555836]  ? __switch_to_asm+0x34/0x70
[   39.559887]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   39.564714]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   39.569888] RIP: 0033:0x445f79
[   39.573075] Code: Bad RIP value.
[   39.576424] RSP: 002b:00007f081109ada8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   39.584111] RAX: fffffffffffffe00 RBX: 00000000006dbc38 RCX: 0000000000445f79
[   39.591388] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dbc38
[   39.598640] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000
[   39.605893] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c
[   39.613152] R13: 2f30656c69662f2e R14: 0000000100000001 R15: 0000000000000001
[   39.621480] Kernel Offset: disabled
[   39.625147] Rebooting in 86400 seconds..