[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 39.199287] audit: type=1800 audit(1538085721.119:25): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 39.235783] audit: type=1800 audit(1538085721.119:26): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 39.257249] audit: type=1800 audit(1538085721.119:27): pid=5918 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.17' (ECDSA) to the list of known hosts. syzkaller login: [ 71.076588] IPVS: ftp: loaded support on port[0] = 21 [ 71.197939] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.204359] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.211207] device bridge_slave_0 entered promiscuous mode [ 71.226448] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.232854] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.239863] device bridge_slave_1 entered promiscuous mode [ 71.254579] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 71.269439] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 71.306620] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 71.323392] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 71.379116] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.386315] team0: Port device team_slave_0 added [ 71.399481] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.406501] team0: Port device team_slave_1 added [ 71.420385] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.435731] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.451282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.467695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 71.573033] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.579499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.586203] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.592725] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 71.960358] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 71.966523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.005805] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 72.045955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 72.053841] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 72.085670] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 72.092537] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.147479] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready executing program executing program [ 72.338949] netlink: 9 bytes leftover after parsing attributes in process `syz-executor811'. [ 72.352385] kasan: CONFIG_KASAN_INLINE enabled [ 72.357024] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 72.364480] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 72.370715] CPU: 1 PID: 6313 Comm: syz-executor811 Not tainted 4.19.0-rc5-next-20180927+ #82 [ 72.379367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.388721] RIP: 0010:addr_resolve+0x7bd/0x1b80 [ 72.393376] Code: 0f 84 da 01 00 00 e8 e2 ff e8 fb 48 8b 85 d0 fd ff ff 48 8d b8 54 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 95 [ 72.412316] RSP: 0018:ffff8801ce897368 EFLAGS: 00010202 [ 72.417673] RAX: dffffc0000000000 RBX: ffff8801ce897578 RCX: ffffffff859459d0 [ 72.425008] RDX: 000000000000003e RSI: ffffffff859459de RDI: 00000000000001f1 [ 72.432265] RBP: ffff8801ce8975a0 R08: ffff8801ce192300 R09: 0000000000000000 [ 72.439654] R10: ffffed0039d12e60 R11: 0000000000000000 R12: ffff8801bf2fcd20 [ 72.446910] R13: 00000000ffffff9d R14: 0000000000000001 R15: 000000000000000a [ 72.454204] FS: 00000000011ea880(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000 [ 72.462415] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.468272] CR2: 00000000006cd0a0 CR3: 00000001cdff3000 CR4: 00000000001406e0 [ 72.475522] Call Trace: [ 72.478098] ? rdma_translate_ip+0x300/0x300 [ 72.482490] ? fs_reclaim_acquire+0x20/0x20 [ 72.486793] ? lock_downgrade+0x900/0x900 [ 72.490936] ? __lockdep_init_map+0x105/0x590 [ 72.495410] ? lockdep_init_map+0x9/0x10 [ 72.499450] ? init_timer_key+0x1a0/0x480 [ 72.503579] ? work_on_cpu_safe+0x90/0x90 [ 72.507706] ? init_timer_on_stack_key+0xe0/0xe0 [ 72.512445] ? kmem_cache_alloc_trace+0x31f/0x750 [ 72.517275] ? __lockdep_init_map+0x105/0x590 [ 72.521750] rdma_resolve_ip+0x499/0x790 [ 72.525792] ? cma_work_handler+0x1f0/0x1f0 [ 72.530103] ? process_one_req+0x920/0x920 [ 72.534323] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 72.539407] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 72.544579] rdma_resolve_addr+0x2d6/0x2870 [ 72.548883] ? __kernel_text_address+0xd/0x40 [ 72.553370] ? unwind_get_return_address+0x61/0xa0 [ 72.558277] ? rdma_bind_addr+0x23d0/0x23d0 [ 72.562581] ? ucma_get_ctx+0x7f/0x160 [ 72.566447] ? lock_downgrade+0x900/0x900 [ 72.570577] ? save_stack+0xa9/0xd0 [ 72.574184] ? save_stack+0x43/0xd0 [ 72.577788] ? __kasan_slab_free+0x102/0x150 [ 72.582185] ? kfree+0xcf/0x230 [ 72.585451] ? ucma_set_option+0x2d5/0x5f0 [ 72.589671] ? __vfs_write+0x119/0x9f0 [ 72.593537] ? vfs_write+0x1fc/0x560 [ 72.597236] ? ksys_write+0x101/0x260 [ 72.601023] ? __x64_sys_write+0x73/0xb0 [ 72.605098] ? do_syscall_64+0x1b9/0x820 [ 72.609141] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.614484] ? kasan_check_write+0x14/0x20 [ 72.618698] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 72.623613] ? wait_for_completion+0x8a0/0x8a0 [ 72.628193] ? lock_release+0x970/0x970 [ 72.632144] ? ttwu_stat+0x5c0/0x5c0 [ 72.635836] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 72.640745] ? trace_find_mark+0x10/0xe0 [ 72.644788] ? debug_check_no_obj_freed+0x305/0x58d [ 72.649787] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.655309] ucma_resolve_ip+0x242/0x2a0 [ 72.659351] ? ucma_resolve_ip+0x242/0x2a0 [ 72.663568] ? ucma_query+0xb20/0xb20 [ 72.667359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.672884] ? _copy_from_user+0xdf/0x150 [ 72.677032] ? ucma_query+0xb20/0xb20 [ 72.680894] ucma_write+0x336/0x420 [ 72.684527] ? ucma_open+0x3f0/0x3f0 [ 72.688246] __vfs_write+0x119/0x9f0 [ 72.691946] ? ucma_open+0x3f0/0x3f0 [ 72.695639] ? kernel_read+0x120/0x120 [ 72.699510] ? apparmor_path_rmdir+0x30/0x30 [ 72.703902] ? fsnotify_first_mark+0x350/0x350 [ 72.708480] ? apparmor_file_permission+0x24/0x30 [ 72.713324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.718845] ? security_file_permission+0x1c2/0x230 [ 72.723839] ? rw_verify_area+0x118/0x360 [ 72.727980] vfs_write+0x1fc/0x560 [ 72.731498] ksys_write+0x101/0x260 [ 72.735104] ? __ia32_sys_read+0xb0/0xb0 [ 72.739144] ? trace_hardirqs_off_caller+0x300/0x300 [ 72.744239] __x64_sys_write+0x73/0xb0 [ 72.748108] do_syscall_64+0x1b9/0x820 [ 72.751975] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 72.757317] ? syscall_return_slowpath+0x5e0/0x5e0 [ 72.762225] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 72.767047] ? trace_hardirqs_off+0x310/0x310 [ 72.771520] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 72.776513] ? prepare_exit_to_usermode+0x291/0x3b0 [ 72.781529] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 72.786357] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.791525] RIP: 0033:0x441ff9 [ 72.794700] Code: e8 0c ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 04 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.813582] RSP: 002b:00007ffceec770c8 EFLAGS: 00000213 ORIG_RAX: 0000000000000001 [ 72.821271] RAX: ffffffffffffffda RBX: 0000000020000140 RCX: 0000000000441ff9 [ 72.828521] RDX: 0000000000000048 RSI: 0000000020000100 RDI: 0000000000000003 [ 72.835769] RBP: 0000000000011a59 R08: 0000000000000000 R09: 0000000000000000 [ 72.843020] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000000000 [ 72.850268] R13: 0000000000402a10 R14: 0000000000000000 R15: 0000000000000000 [ 72.857521] Modules linked in: [ 72.862588] ---[ end trace 1ee654df4023a5cc ]--- [ 72.867424] RIP: 0010:addr_resolve+0x7bd/0x1b80 [ 72.872086] Code: 0f 84 da 01 00 00 e8 e2 ff e8 fb 48 8b 85 d0 fd ff ff 48 8d b8 54 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 95 [ 72.891038] RSP: 0018:ffff8801ce897368 EFLAGS: 00010202 [ 72.896469] RAX: dffffc0000000000 RBX: ffff8801ce897578 RCX: ffffffff859459d0 [ 72.903970] RDX: 000000000000003e RSI: ffffffff859459de RDI: 00000000000001f1 [ 72.911262] RBP: ffff8801ce8975a0 R08: ffff8801ce192300 R09: 0000000000000000 [ 72.918681] R10: ffffed0039d12e60 R11: 0000000000000000 R12: ffff8801bf2fcd20 [ 72.925953] R13: 00000000ffffff9d R14: 0000000000000001 R15: 000000000000000a [ 72.933270] FS: 00000000011ea880(0000) GS:ffff8801dac00000(0000) knlGS:0000000000000000 [ 72.941618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.947602] CR2: 00000000004c0ba8 CR3: 00000001cdff3000 CR4: 00000000001406f0 [ 72.954864] Kernel panic - not syncing: Fatal exception [ 72.961161] Kernel Offset: disabled [ 72.964786] Rebooting in 86400 seconds..