[   39.826355] audit: type=1800 audit(1546835999.427:25): pid=7807 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   39.849274] audit: type=1800 audit(1546835999.427:26): pid=7807 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   39.893526] audit: type=1800 audit(1546835999.427:27): pid=7807 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[1G[[31mFAIL[39;49m8[?25h[?0c [31mfailed![39;49m

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts.
2019/01/07 04:40:15 parsed 1 programs
2019/01/07 04:40:17 executed programs: 0
syzkaller login: [   57.913959] IPVS: ftp: loaded support on port[0] = 21
[   57.980153] chnl_net:caif_netlink_parms(): no params data found
[   58.012841] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.019496] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.026622] device bridge_slave_0 entered promiscuous mode
[   58.034545] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.040944] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.048210] device bridge_slave_1 entered promiscuous mode
[   58.065502] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   58.075623] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   58.091887] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   58.100318] team0: Port device team_slave_0 added
[   58.105677] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   58.113067] team0: Port device team_slave_1 added
[   58.118252] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   58.125674] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   58.174801] device hsr_slave_0 entered promiscuous mode
[   58.222619] device hsr_slave_1 entered promiscuous mode
[   58.283048] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   58.289967] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   58.304404] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.310816] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.317736] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.324105] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.356713] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   58.364063] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.372057] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   58.380808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   58.401182] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.408795] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.418429] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   58.428579] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   58.434992] 8021q: adding VLAN 0 to HW filter on device team0
[   58.443692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   58.451274] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.457678] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.466925] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   58.474991] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.481324] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.503437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   58.511287] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   58.520311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   58.528337] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   58.538044] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.549648] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   58.556351] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   58.563638] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   58.577595] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   58.587500] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.641158] kasan: CONFIG_KASAN_INLINE enabled
[   58.646030] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   58.653447] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   58.659710] CPU: 1 PID: 8002 Comm: syz-executor0 Not tainted 4.20.0+ #13
[   58.666534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.675909] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2ba0
[   58.681524] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 26 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d2
[   58.700419] RSP: 0018:ffff8880a638f0f0 EFLAGS: 00010203
[   58.705791] RAX: dffffc0000000000 RBX: ffff88808ce89240 RCX: 0000000000000000
[   58.713058] RDX: 0000000000000001 RSI: ffffffff87b6cca2 RDI: 000000000000000e
[   58.720318] RBP: ffff8880a638f3b8 R08: ffff88808c26e040 R09: ffff8880858d0e50
[   58.727578] R10: fffffbfff14a1168 R11: ffffffff8a508b43 R12: ffff8880a8b057a0
[   58.734833] R13: ffff8880858d0e00 R14: ffff88808ce896a0 R15: 0000000000000000
[   58.742100] FS:  0000000000000000(0000) GS:ffff8880ae700000(0063) knlGS:00000000f7f9fb40
[   58.750313] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   58.756182] CR2: 0000000000000000 CR3: 000000008b4ae000 CR4: 00000000001406e0
[   58.763446] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   58.770722] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   58.778003] Call Trace:
[   58.780600]  ? __kmalloc_node_track_caller+0x4e/0x70
[   58.785698]  ? __alloc_skb+0x12d/0x730
[   58.789616]  ? smc_diag_handler_dump+0x350/0x350
[   58.794370]  ? sock_sendmsg+0xdd/0x130
[   58.798276]  ? ___sys_sendmsg+0x7ec/0x910
[   58.802415]  ? __sys_sendmsg+0x112/0x270
[   58.806468]  ? __ia32_compat_sys_sendmsg+0x7a/0xb0
[   58.811403]  ? do_fast_syscall_32+0x333/0xf98
[   58.815888]  ? entry_SYSENTER_compat+0x70/0x7f
[   58.820463]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   58.826003]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   58.831532]  ? check_preemption_disabled+0x48/0x290
[   58.836552]  ? __lock_is_held+0xb6/0x140
[   58.840605]  ? __kmalloc_node_track_caller+0x3d/0x70
[   58.845705]  ? lock_acquire+0x1db/0x570
[   58.849665]  ? smc_diag_dump_proto.isra.0+0xfb/0x3c0
[   58.854758]  ? lock_release+0xc40/0xc40
[   58.858723]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   58.864250]  ? kasan_check_write+0x14/0x20
[   58.868478]  smc_diag_dump_proto.isra.0+0x2e7/0x3c0
[   58.873517]  ? __smc_diag_dump.isra.0+0x2ba0/0x2ba0
[   58.878528]  ? find_held_lock+0x35/0x120
[   58.883033]  smc_diag_dump+0x27/0x80
[   58.886741]  netlink_dump+0x5f2/0x1070
[   58.890626]  ? netlink_broadcast+0x50/0x50
[   58.894896]  __netlink_dump_start+0x5b4/0x7e0
[   58.899385]  smc_diag_handler_dump+0x2a7/0x350
[   58.903969]  ? smc_gid_be16_convert+0x2c0/0x2c0
[   58.908628]  ? lock_downgrade+0x910/0x910
[   58.912766]  ? smc_diag_dump_proto.isra.0+0x3c0/0x3c0
[   58.917956]  ? rcu_read_unlock_special+0x380/0x380
[   58.922907]  sock_diag_rcv_msg+0x322/0x410
[   58.927156]  netlink_rcv_skb+0x17d/0x410
[   58.931240]  ? sock_diag_bind+0x80/0x80
[   58.935222]  ? netlink_ack+0xba0/0xba0
[   58.939111]  sock_diag_rcv+0x2b/0x40
[   58.942823]  netlink_unicast+0x574/0x770
[   58.946888]  ? netlink_attachskb+0x980/0x980
[   58.951306]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   58.956834]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   58.961891]  netlink_sendmsg+0xa05/0xf90
[   58.965958]  ? netlink_unicast+0x770/0x770
[   58.970188]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   58.975043]  ? apparmor_socket_sendmsg+0x2a/0x30
[   58.979792]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   58.985318]  ? security_socket_sendmsg+0x93/0xc0
[   58.990072]  ? netlink_unicast+0x770/0x770
[   58.994300]  sock_sendmsg+0xdd/0x130
[   58.998008]  ___sys_sendmsg+0x7ec/0x910
[   59.001976]  ? copy_msghdr_from_user+0x570/0x570
[   59.006727]  ? iterate_fd+0x4b0/0x4b0
[   59.010522]  ? __might_fault+0x12b/0x1e0
[   59.014575]  ? find_held_lock+0x35/0x120
[   59.018630]  ? __might_fault+0x12b/0x1e0
[   59.022718]  ? __fget_light+0x2db/0x420
[   59.026699]  ? fget_raw+0x20/0x20
[   59.030142]  ? lock_release+0xc40/0xc40
[   59.034112]  ? trace_hardirqs_off_caller+0x300/0x300
[   59.039210]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   59.044759]  ? __fdget+0x1b/0x20
[   59.048131]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   59.053660]  ? sockfd_lookup_light+0xc2/0x160
[   59.058153]  __sys_sendmsg+0x112/0x270
[   59.062039]  ? __ia32_sys_shutdown+0x80/0x80
[   59.066503]  ? entry_SYSENTER_compat+0x70/0x7f
[   59.071096]  ? trace_hardirqs_off_caller+0x300/0x300
[   59.076204]  __ia32_compat_sys_sendmsg+0x7a/0xb0
[   59.080954]  do_fast_syscall_32+0x333/0xf98
[   59.085279]  ? do_int80_syscall_32+0x880/0x880
[   59.089850]  ? trace_hardirqs_off+0x310/0x310
[   59.094350]  ? syscall_return_slowpath+0x3b0/0x5f0
[   59.099278]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   59.104285]  ? __switch_to_asm+0x34/0x70
[   59.108338]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   59.113178]  entry_SYSENTER_compat+0x70/0x7f
[   59.117571] RIP: 0023:0xf7fa3869
[   59.120930] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   59.139840] RSP: 002b:00000000f7f9f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   59.147547] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000040
[   59.154808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   59.162082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   59.169353] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   59.176621] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   59.183889] Modules linked in:
[   59.187162] ---[ end trace 91b621cefbea4e82 ]---
[   59.191923] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2ba0
[   59.197483] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 26 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d2
[   59.216405] RSP: 0018:ffff8880a638f0f0 EFLAGS: 00010203
[   59.221761] RAX: dffffc0000000000 RBX: ffff88808ce89240 RCX: 0000000000000000
[   59.229050] RDX: 0000000000000001 RSI: ffffffff87b6cca2 RDI: 000000000000000e
[   59.236380] RBP: ffff8880a638f3b8 R08: ffff88808c26e040 R09: ffff8880858d0e50
[   59.243700] R10: fffffbfff14a1168 R11: ffffffff8a508b43 R12: ffff8880a8b057a0
[   59.250963] R13: ffff8880858d0e00 R14: ffff88808ce896a0 R15: 0000000000000000
[   59.258269] FS:  0000000000000000(0000) GS:ffff8880ae700000(0063) knlGS:00000000f7f9fb40
[   59.266542] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   59.272458] CR2: 0000000000000000 CR3: 000000008b4ae000 CR4: 00000000001406e0
[   59.279749] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.287031] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.294403] Kernel panic - not syncing: Fatal exception
[   59.300654] Kernel Offset: disabled
[   59.304275] Rebooting in 86400 seconds..