[ 36.211143][ T27] audit: type=1800 audit(1552746933.612:28): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.969774][ T27] audit: type=1800 audit(1552746934.462:29): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 36.990122][ T27] audit: type=1800 audit(1552746934.462:30): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.31' (ECDSA) to the list of known hosts. 2019/03/16 14:35:47 parsed 1 programs 2019/03/16 14:35:50 executed programs: 0 syzkaller login: [ 52.728292][ T7717] IPVS: ftp: loaded support on port[0] = 21 [ 52.784142][ T7717] chnl_net:caif_netlink_parms(): no params data found [ 52.813632][ T7717] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.828702][ T7717] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.837370][ T7717] device bridge_slave_0 entered promiscuous mode [ 52.845259][ T7717] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.852463][ T7717] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.860114][ T7717] device bridge_slave_1 entered promiscuous mode [ 52.874920][ T7717] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 52.885063][ T7717] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 52.903052][ T7717] team0: Port device team_slave_0 added [ 52.910274][ T7717] team0: Port device team_slave_1 added [ 52.977276][ T7717] device hsr_slave_0 entered promiscuous mode [ 53.026151][ T7717] device hsr_slave_1 entered promiscuous mode [ 53.102513][ T7717] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.109736][ T7717] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.117543][ T7717] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.124614][ T7717] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.155201][ T7717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.168541][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.179204][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.188351][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.196563][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 53.210348][ T7717] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.219760][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.228918][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.236136][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.247179][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.256118][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.263155][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.283604][ T7717] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 53.294698][ T7717] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 53.308049][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.318360][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.327151][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.335694][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.344147][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.351881][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.368749][ T7717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.043407][ T7799] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 54.055089][ T7799] Bluetooth: Can't register HCI device [ 54.280955][ T7824] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 54.291482][ T7824] Bluetooth: Can't register HCI device [ 55.109425][ T7911] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 55.120117][ T7911] Bluetooth: Can't register HCI device [ 57.612226][ T8184] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 57.622830][ T8184] Bluetooth: Can't register HCI device 2019/03/16 14:35:55 executed programs: 160 [ 57.890716][ T8213] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 57.900962][ T8213] Bluetooth: Can't register HCI device [ 58.382573][ T8266] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 58.393523][ T8266] Bluetooth: Can't register HCI device [ 58.832370][ T8313] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 58.843128][ T8313] Bluetooth: Can't register HCI device [ 58.991235][ T8330] WARNING: CPU: 0 PID: 8330 at fs/kernfs/dir.c:494 kernfs_get.part.0+0x73/0x90 [ 59.000187][ T8330] Kernel panic - not syncing: panic_on_warn set ... [ 59.006751][ T8330] CPU: 0 PID: 8330 Comm: syz-executor.0 Not tainted 5.0.0+ #25 [ 59.014264][ T8330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.024318][ T8330] Call Trace: [ 59.027655][ T8330] dump_stack+0x172/0x1f0 [ 59.031973][ T8330] ? kernfs_get.part.0+0x40/0x90 [ 59.036891][ T8330] panic+0x2cb/0x65c [ 59.040769][ T8330] ? __warn_printk+0xf3/0xf3 [ 59.045340][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.050256][ T8330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.056480][ T8330] ? __warn.cold+0x5/0x45 [ 59.060808][ T8330] ? __warn+0xe8/0x1d0 [ 59.064861][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.069777][ T8330] __warn.cold+0x20/0x45 [ 59.074017][ T8330] ? idr_alloc+0x150/0x150 [ 59.078443][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.083371][ T8330] report_bug+0x263/0x2b0 [ 59.087680][ T8330] do_error_trap+0x11b/0x200 [ 59.092257][ T8330] do_invalid_op+0x37/0x50 [ 59.096654][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.101567][ T8330] invalid_op+0x14/0x20 [ 59.105712][ T8330] RIP: 0010:kernfs_get.part.0+0x73/0x90 [ 59.111256][ T8330] Code: e6 e8 a1 0e 9b ff 45 85 e4 74 1a e8 17 0d 9b ff be 04 00 00 00 48 89 df e8 0a e3 d2 ff f0 ff 03 5b 41 5c 5d c3 e8 fd 0c 9b ff <0f> 0b eb dd 48 89 df e8 01 09 d3 ff eb c1 0f 1f 44 00 00 66 2e 0f [ 59.130861][ T8330] RSP: 0018:ffff8880984677f8 EFLAGS: 00010293 [ 59.136940][ T8330] RAX: ffff888090c8e1c0 RBX: ffff8880a0bd39a0 RCX: ffffffff81d5570f [ 59.144902][ T8330] RDX: 0000000000000000 RSI: ffffffff81d55733 RDI: 0000000000000005 [ 59.154077][ T8330] RBP: ffff888098467808 R08: ffff888090c8e1c0 R09: ffffed101417a735 [ 59.162031][ T8330] R10: ffffed101417a734 R11: ffff8880a0bd39a3 R12: 0000000000000000 [ 59.170006][ T8330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 59.178012][ T8330] ? kernfs_get.part.0+0x4f/0x90 [ 59.182949][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.187894][ T8330] ? kernfs_get.part.0+0x73/0x90 [ 59.192811][ T8330] kernfs_new_node+0xb8/0x130 [ 59.197476][ T8330] kernfs_create_dir_ns+0x52/0x160 [ 59.202565][ T8330] sysfs_create_dir_ns+0x131/0x2a0 [ 59.207655][ T8330] ? sysfs_create_mount_point+0xa0/0xa0 [ 59.213205][ T8330] ? class_dir_child_ns_type+0xd/0x60 [ 59.218568][ T8330] kobject_add_internal.cold+0xe5/0x5d4 [ 59.224103][ T8330] kobject_add+0x150/0x1c0 [ 59.228499][ T8330] ? kset_create_and_add+0x1a0/0x1a0 [ 59.233778][ T8330] ? kasan_check_read+0x11/0x20 [ 59.238628][ T8330] ? mutex_unlock+0xd/0x10 [ 59.243045][ T8330] ? device_add+0x30f/0x18a0 [ 59.247628][ T8330] device_add+0x3d5/0x18a0 [ 59.252035][ T8330] ? device_initialize+0x440/0x440 [ 59.257132][ T8330] ? get_device_parent.isra.0+0x570/0x570 [ 59.262854][ T8330] ? start_creating+0x163/0x1e0 [ 59.267698][ T8330] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 59.273943][ T8330] hci_register_dev+0x2e8/0x860 [ 59.278818][ T8330] __vhci_create_device+0x2d0/0x5a0 [ 59.284030][ T8330] vhci_write+0x2d0/0x470 [ 59.288375][ T8330] new_sync_write+0x4c7/0x760 [ 59.293037][ T8330] ? default_llseek+0x2e0/0x2e0 [ 59.297966][ T8330] ? common_file_perm+0x238/0x720 [ 59.302996][ T8330] ? __fget+0x381/0x550 [ 59.307140][ T8330] ? apparmor_file_permission+0x25/0x30 [ 59.312678][ T8330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.318902][ T8330] ? security_file_permission+0x94/0x380 [ 59.324518][ T8330] __vfs_write+0xe4/0x110 [ 59.328828][ T8330] vfs_write+0x20c/0x580 [ 59.333075][ T8330] ksys_write+0xea/0x1f0 [ 59.337298][ T8330] ? __ia32_sys_read+0xb0/0xb0 [ 59.342040][ T8330] ? do_fast_syscall_32+0xd1/0xc98 [ 59.347138][ T8330] ? entry_SYSENTER_compat+0x70/0x7f [ 59.352406][ T8330] ? do_fast_syscall_32+0xd1/0xc98 [ 59.357509][ T8330] __ia32_sys_write+0x71/0xb0 [ 59.362164][ T8330] do_fast_syscall_32+0x281/0xc98 [ 59.367169][ T8330] entry_SYSENTER_compat+0x70/0x7f [ 59.372254][ T8330] RIP: 0023:0xf7ff8869 [ 59.376307][ T8330] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 59.395912][ T8330] RSP: 002b:00000000f7ff40cc EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 59.404307][ T8330] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 59.412278][ T8330] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 59.420227][ T8330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 59.428179][ T8330] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 59.436129][ T8330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 59.445136][ T8330] Kernel Offset: disabled [ 59.449538][ T8330] Rebooting in 86400 seconds..