[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 79.909372][ T26] audit: type=1800 audit(1579125817.607:25): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 79.943093][ T26] audit: type=1800 audit(1579125817.607:26): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 79.974077][ T26] audit: type=1800 audit(1579125817.607:27): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.112' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 92.598823][ T9668] list_del corruption, ffff8880a89ba800->prev is LIST_POISON2 (dead000000000122) [ 92.608622][ T9668] ------------[ cut here ]------------ [ 92.614095][ T9668] kernel BUG at lib/list_debug.c:48! [ 92.619488][ T9668] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 92.625615][ T9668] CPU: 1 PID: 9668 Comm: syz-executor178 Not tainted 5.5.0-rc5-syzkaller #0 [ 92.634385][ T9668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.644559][ T9668] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 92.650958][ T9668] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 bb be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c bb be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b bb be fd 0f 0b cc cc cc [ 92.670794][ T9668] RSP: 0018:ffffc90001e573f0 EFLAGS: 00010282 [ 92.677131][ T9668] RAX: 000000000000004e RBX: ffff8880a89ba800 RCX: 0000000000000000 [ 92.685089][ T9668] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff520003cae70 [ 92.693049][ T9668] RBP: ffffc90001e57408 R08: 000000000000004e R09: ffffed1015d26621 [ 92.701077][ T9668] R10: ffffed1015d26620 R11: ffff8880ae933107 R12: dead000000000122 [ 92.709043][ T9668] R13: ffff8880a45b1980 R14: ffff8880a89ba800 R15: dffffc0000000000 [ 92.717112][ T9668] FS: 0000000001475880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 92.726030][ T9668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.732602][ T9668] CR2: 0000000020003ac0 CR3: 00000000a742d000 CR4: 00000000001406e0 [ 92.740570][ T9668] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 92.748559][ T9668] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 92.756672][ T9668] Call Trace: [ 92.759952][ T9668] nf_tables_commit+0x1068/0x3b30 [ 92.764976][ T9668] ? nla_memcpy+0xb0/0xb0 [ 92.769302][ T9668] ? nf_tables_setelem_notify.constprop.0+0x1f0/0x1f0 [ 92.776071][ T9668] ? __nla_parse+0x43/0x60 [ 92.780494][ T9668] nfnetlink_rcv_batch+0xc78/0x17a0 [ 92.785759][ T9668] ? nft_obj_init+0x121/0x360 [ 92.790489][ T9668] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 92.796302][ T9668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.802536][ T9668] ? apparmor_capable+0x497/0x900 [ 92.807556][ T9668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.813795][ T9668] ? __nla_validate_parse+0x2d0/0x1ee0 [ 92.819253][ T9668] ? cap_capable+0x205/0x270 [ 92.823842][ T9668] ? nla_memcpy+0xb0/0xb0 [ 92.828173][ T9668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.834409][ T9668] ? ns_capable_common+0x93/0x100 [ 92.839445][ T9668] ? __nla_parse+0x43/0x60 [ 92.843851][ T9668] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 92.849561][ T9668] nfnetlink_rcv+0x3e7/0x460 [ 92.854139][ T9668] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 92.859585][ T9668] ? netlink_deliver_tap+0x24a/0xbe0 [ 92.864861][ T9668] ? __kasan_check_write+0x14/0x20 [ 92.869966][ T9668] netlink_unicast+0x58c/0x7d0 [ 92.874858][ T9668] ? netlink_attachskb+0x870/0x870 [ 92.880011][ T9668] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 92.885732][ T9668] ? __check_object_size+0x3d/0x437 [ 92.891080][ T9668] netlink_sendmsg+0x91c/0xea0 [ 92.895872][ T9668] ? netlink_unicast+0x7d0/0x7d0 [ 92.900873][ T9668] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 92.906476][ T9668] ? apparmor_socket_sendmsg+0x2a/0x30 [ 92.911985][ T9668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.918706][ T9668] ? security_socket_sendmsg+0x8d/0xc0 [ 92.924161][ T9668] ? netlink_unicast+0x7d0/0x7d0 [ 92.929207][ T9668] sock_sendmsg+0xd7/0x130 [ 92.933673][ T9668] ____sys_sendmsg+0x753/0x880 [ 92.938433][ T9668] ? kernel_sendmsg+0x50/0x50 [ 92.943108][ T9668] ? _raw_spin_unlock+0x28/0x40 [ 92.947971][ T9668] ? do_huge_pmd_wp_page+0x53a/0x21c0 [ 92.953340][ T9668] ___sys_sendmsg+0x100/0x170 [ 92.958036][ T9668] ? sendmsg_copy_msghdr+0x70/0x70 [ 92.963270][ T9668] ? fault_around_bytes_set+0xa0/0xa0 [ 92.968647][ T9668] ? __do_page_fault+0x56a/0xd80 [ 92.973648][ T9668] ? find_held_lock+0x35/0x130 [ 92.978603][ T9668] ? __do_page_fault+0x56a/0xd80 [ 92.983539][ T9668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 92.989772][ T9668] ? __fget_light+0x1a9/0x230 [ 92.994449][ T9668] ? __fdget+0x1b/0x20 [ 92.998512][ T9668] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 93.004749][ T9668] __sys_sendmsg+0x105/0x1d0 [ 93.009368][ T9668] ? __sys_sendmsg_sock+0xc0/0xc0 [ 93.014398][ T9668] ? down_read_non_owner+0x490/0x490 [ 93.019734][ T9668] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 93.025215][ T9668] ? do_syscall_64+0x26/0x790 [ 93.029940][ T9668] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.035994][ T9668] ? do_syscall_64+0x26/0x790 [ 93.040700][ T9668] __x64_sys_sendmsg+0x78/0xb0 [ 93.045459][ T9668] do_syscall_64+0xfa/0x790 [ 93.049999][ T9668] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 93.055882][ T9668] RIP: 0033:0x441aa9 [ 93.059780][ T9668] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 93.079514][ T9668] RSP: 002b:00007ffc0cb3f008 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.087983][ T9668] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441aa9 [ 93.095995][ T9668] RDX: 0000000000000042 RSI: 0000000020003ac0 RDI: 0000000000000003 [ 93.103959][ T9668] RBP: 0000000000006f6c R08: 00000000004002c8 R09: 00000000004002c8 [ 93.111976][ T9668] R10: 0000000000000004 R11: 0000000000000246 R12: 00000000004028d0 [ 93.119951][ T9668] R13: 0000000000402960 R14: 0000000000000000 R15: 0000000000000000 [ 93.127975][ T9668] Modules linked in: [ 93.132380][ T9668] ---[ end trace e663500eb6e4c1ad ]--- [ 93.138138][ T9668] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 93.144750][ T9668] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 bb be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c bb be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b bb be fd 0f 0b cc cc cc [ 93.164449][ T9668] RSP: 0018:ffffc90001e573f0 EFLAGS: 00010282 [ 93.170552][ T9668] RAX: 000000000000004e RBX: ffff8880a89ba800 RCX: 0000000000000000 [ 93.178557][ T9668] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff520003cae70 [ 93.186567][ T9668] RBP: ffffc90001e57408 R08: 000000000000004e R09: ffffed1015d26621 [ 93.194560][ T9668] R10: ffffed1015d26620 R11: ffff8880ae933107 R12: dead000000000122 [ 93.202534][ T9668] R13: ffff8880a45b1980 R14: ffff8880a89ba800 R15: dffffc0000000000 [ 93.210601][ T9668] FS: 0000000001475880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 93.219561][ T9668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.226206][ T9668] CR2: 0000000020003ac0 CR3: 00000000a742d000 CR4: 00000000001406e0 [ 93.234234][ T9668] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 93.242230][ T9668] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 93.250306][ T9668] Kernel panic - not syncing: Fatal exception [ 93.257160][ T9668] Kernel Offset: disabled [ 93.261487][ T9668] Rebooting in 86400 seconds..