[   79.536413][   T27] audit: type=1800 audit(1578729659.803:25): pid=9508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   79.573330][   T27] audit: type=1800 audit(1578729659.803:26): pid=9508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   79.617520][   T27] audit: type=1800 audit(1578729659.813:27): pid=9508 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   80.062316][ T9573] sshd (9573) used greatest stack depth: 23144 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.16' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   92.194505][ T9663] netlink: 4 bytes leftover after parsing attributes in process `syz-executor202'.
[   92.204602][ T9663] kasan: CONFIG_KASAN_INLINE enabled
[   92.209971][ T9663] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   92.218710][ T9663] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   92.226089][ T9663] CPU: 1 PID: 9663 Comm: syz-executor202 Not tainted 5.5.0-rc5-syzkaller #0
[   92.234751][ T9663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   92.244811][ T9663] RIP: 0010:tcf_ife_cleanup+0x6e/0x400
[   92.250299][ T9663] Code: 48 c1 ea 03 80 3c 02 00 0f 85 94 03 00 00 49 8b bd f8 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8d 67 e8 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 5c 03 00 00 48 bb 00 00 00 00 00 fc ff df 48 8b
[   92.269894][ T9663] RSP: 0018:ffffc90001d96d00 EFLAGS: 00010246
[   92.275950][ T9663] RAX: dffffc0000000000 RBX: ffffffff864619c0 RCX: ffffffff815bfa09
[   92.283935][ T9663] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[   92.291898][ T9663] RBP: ffffc90001d96d50 R08: 0000000000000004 R09: fffff520003b2d8e
[   92.299856][ T9663] R10: fffff520003b2d8d R11: 0000000000000003 R12: ffffffffffffffe8
[   92.307809][ T9663] R13: ffff888099f66400 R14: ffff88821509e400 R15: 0000000000000000
[   92.316991][ T9663] FS:  0000000001025880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   92.326444][ T9663] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   92.333899][ T9663] CR2: 0000000020007300 CR3: 00000000a701e000 CR4: 00000000001406e0
[   92.342060][ T9663] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   92.350111][ T9663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   92.358166][ T9663] Call Trace:
[   92.361558][ T9663]  ? unregister_ife_op+0x270/0x270
[   92.366917][ T9663]  tcf_action_cleanup+0x62/0x1b0
[   92.371841][ T9663]  __tcf_action_put+0xfa/0x130
[   92.376608][ T9663]  __tcf_idr_release+0x59/0xf0
[   92.381362][ T9663]  tcf_ife_init+0x97c/0x1870
[   92.385932][ T9663]  ? tcf_ife_dump+0xc00/0xc00
[   92.390586][ T9663]  ? tc_lookup_action_n+0xd2/0x100
[   92.395693][ T9663]  ? lock_downgrade+0x920/0x920
[   92.400614][ T9663]  ? __kasan_check_write+0x14/0x20
[   92.406277][ T9663]  ? do_raw_read_unlock+0x3f/0x70
[   92.411294][ T9663]  tcf_action_init_1+0x6b6/0xa40
[   92.416230][ T9663]  ? tcf_action_dump_old+0x80/0x80
[   92.421323][ T9663]  ? __nla_validate_parse+0x2d0/0x1ee0
[   92.427106][ T9663]  ? __kasan_check_read+0x11/0x20
[   92.432270][ T9663]  ? mark_lock+0xc2/0x1220
[   92.436677][ T9663]  ? is_bpf_text_address+0xac/0x160
[   92.441893][ T9663]  ? __kasan_check_read+0x11/0x20
[   92.446988][ T9663]  ? mark_lock+0xc2/0x1220
[   92.451440][ T9663]  tcf_action_init+0x21a/0x330
[   92.456201][ T9663]  ? tcf_action_init_1+0xa40/0xa40
[   92.461293][ T9663]  ? __lock_acquire+0x16f2/0x4a00
[   92.466444][ T9663]  ? mark_lock+0xc2/0x1220
[   92.471338][ T9663]  ? __kasan_check_read+0x11/0x20
[   92.476368][ T9663]  tcf_action_add+0xf5/0x3b0
[   92.480951][ T9663]  ? tca_action_gd+0x1760/0x1760
[   92.486014][ T9663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.492600][ T9663]  ? __nla_parse+0x43/0x60
[   92.497230][ T9663]  tc_ctl_action+0x390/0x488
[   92.501902][ T9663]  ? tcf_action_add+0x3b0/0x3b0
[   92.506783][ T9663]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   92.513018][ T9663]  ? tcf_action_add+0x3b0/0x3b0
[   92.517852][ T9663]  rtnetlink_rcv_msg+0x45e/0xaf0
[   92.523851][ T9663]  ? rtnl_bridge_getlink+0x910/0x910
[   92.529229][ T9663]  ? lock_downgrade+0x920/0x920
[   92.534248][ T9663]  ? netlink_deliver_tap+0x228/0xbe0
[   92.539792][ T9663]  ? find_held_lock+0x35/0x130
[   92.544735][ T9663]  netlink_rcv_skb+0x177/0x450
[   92.550460][ T9663]  ? rtnl_bridge_getlink+0x910/0x910
[   92.556797][ T9663]  ? netlink_ack+0xb50/0xb50
[   92.561612][ T9663]  ? __kasan_check_read+0x11/0x20
[   92.566806][ T9663]  ? netlink_deliver_tap+0x24a/0xbe0
[   92.572076][ T9663]  rtnetlink_rcv+0x1d/0x30
[   92.576576][ T9663]  netlink_unicast+0x58c/0x7d0
[   92.581439][ T9663]  ? netlink_attachskb+0x870/0x870
[   92.586851][ T9663]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   92.592952][ T9663]  ? __check_object_size+0x3d/0x437
[   92.598702][ T9663]  netlink_sendmsg+0x91c/0xea0
[   92.603455][ T9663]  ? netlink_unicast+0x7d0/0x7d0
[   92.608381][ T9663]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   92.614302][ T9663]  ? apparmor_socket_sendmsg+0x2a/0x30
[   92.619932][ T9663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.627315][ T9663]  ? security_socket_sendmsg+0x8d/0xc0
[   92.633303][ T9663]  ? netlink_unicast+0x7d0/0x7d0
[   92.638344][ T9663]  sock_sendmsg+0xd7/0x130
[   92.642923][ T9663]  ____sys_sendmsg+0x753/0x880
[   92.647671][ T9663]  ? kernel_sendmsg+0x50/0x50
[   92.652347][ T9663]  ? mark_held_locks+0xa4/0xf0
[   92.657308][ T9663]  ? do_huge_pmd_anonymous_page+0x1463/0x1a50
[   92.663394][ T9663]  ? __handle_mm_fault+0x3145/0x3cc0
[   92.668682][ T9663]  ? do_huge_pmd_anonymous_page+0x1463/0x1a50
[   92.674738][ T9663]  ___sys_sendmsg+0x100/0x170
[   92.679407][ T9663]  ? do_huge_pmd_anonymous_page+0xceb/0x1a50
[   92.685484][ T9663]  ? sendmsg_copy_msghdr+0x70/0x70
[   92.690593][ T9663]  ? __do_page_fault+0x56a/0xd80
[   92.695859][ T9663]  ? find_held_lock+0x35/0x130
[   92.700601][ T9663]  ? __do_page_fault+0x56a/0xd80
[   92.705536][ T9663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   92.711778][ T9663]  ? __fget_light+0x1a9/0x230
[   92.716444][ T9663]  ? __fdget+0x1b/0x20
[   92.723619][ T9663]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   92.729838][ T9663]  __sys_sendmsg+0x105/0x1d0
[   92.734420][ T9663]  ? __sys_sendmsg_sock+0xc0/0xc0
[   92.739511][ T9663]  ? down_read_non_owner+0x490/0x490
[   92.744779][ T9663]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   92.750389][ T9663]  ? do_syscall_64+0x26/0x790
[   92.756261][ T9663]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.762350][ T9663]  ? do_syscall_64+0x26/0x790
[   92.767049][ T9663]  __x64_sys_sendmsg+0x78/0xb0
[   92.771854][ T9663]  do_syscall_64+0xfa/0x790
[   92.776605][ T9663]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   92.782523][ T9663] RIP: 0033:0x440269
[   92.786415][ T9663] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   92.808208][ T9663] RSP: 002b:00007ffe025dde98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.816630][ T9663] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440269
[   92.825188][ T9663] RDX: 0000000000000000 RSI: 0000000020007300 RDI: 0000000000000003
[   92.833232][ T9663] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   92.841231][ T9663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401af0
[   92.849300][ T9663] R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000
[   92.857259][ T9663] Modules linked in:
[   92.861294][ T9663] ---[ end trace b9580b66b7967bc0 ]---
[   92.866814][ T9663] RIP: 0010:tcf_ife_cleanup+0x6e/0x400
[   92.872258][ T9663] Code: 48 c1 ea 03 80 3c 02 00 0f 85 94 03 00 00 49 8b bd f8 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8d 67 e8 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 5c 03 00 00 48 bb 00 00 00 00 00 fc ff df 48 8b
[   92.893038][ T9663] RSP: 0018:ffffc90001d96d00 EFLAGS: 00010246
[   92.899138][ T9663] RAX: dffffc0000000000 RBX: ffffffff864619c0 RCX: ffffffff815bfa09
[   92.907188][ T9663] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[   92.915229][ T9663] RBP: ffffc90001d96d50 R08: 0000000000000004 R09: fffff520003b2d8e
[   92.923244][ T9663] R10: fffff520003b2d8d R11: 0000000000000003 R12: ffffffffffffffe8
[   92.931315][ T9663] R13: ffff888099f66400 R14: ffff88821509e400 R15: 0000000000000000
[   92.939318][ T9663] FS:  0000000001025880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[   92.949105][ T9663] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   92.956095][ T9663] CR2: 0000000020007300 CR3: 00000000a701e000 CR4: 00000000001406e0
[   92.965160][ T9663] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   92.973136][ T9663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   92.981270][ T9663] Kernel panic - not syncing: Fatal exception in interrupt
[   92.989855][ T9663] Kernel Offset: disabled
[   92.994216][ T9663] Rebooting in 86400 seconds..