[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 84.931621][ T27] audit: type=1800 audit(1578802257.565:25): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 84.951971][ T27] audit: type=1800 audit(1578802257.565:26): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 84.999283][ T27] audit: type=1800 audit(1578802257.575:27): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.72' (ECDSA) to the list of known hosts. syzkaller login: [ 99.434346][ T9583] IPVS: ftp: loaded support on port[0] = 21 [ 99.481845][ T9583] chnl_net:caif_netlink_parms(): no params data found [ 99.508697][ T9583] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.516771][ T9583] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.524709][ T9583] device bridge_slave_0 entered promiscuous mode [ 99.533066][ T9583] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.540344][ T9583] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.547983][ T9583] device bridge_slave_1 entered promiscuous mode [ 99.565505][ T9583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.576435][ T9583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.597183][ T9583] team0: Port device team_slave_0 added [ 99.604859][ T9583] team0: Port device team_slave_1 added [ 99.701512][ T9583] device hsr_slave_0 entered promiscuous mode [ 99.750007][ T9583] device hsr_slave_1 entered promiscuous mode [ 99.847352][ T9583] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.902481][ T9583] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.961916][ T9583] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 100.001882][ T9583] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 100.061908][ T9583] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.069045][ T9583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.076820][ T9583] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.083929][ T9583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.126042][ T9583] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.139001][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.150734][ T3119] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.158664][ T3119] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.166971][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 100.181276][ T9583] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.191832][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.201038][ T3119] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.208144][ T3119] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.219808][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.228403][ T2831] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.235550][ T2831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.254066][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 100.264000][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 100.276362][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 100.290352][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.303677][ T9583] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.316032][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 100.324380][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.341883][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 100.349551][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 100.363503][ T9583] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.382570][ T2831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 100.401945][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 100.410909][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 100.418701][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 100.430856][ T9583] device veth0_vlan entered promiscuous mode [ 100.442548][ T9583] device veth1_vlan entered promiscuous mode [ 100.479958][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 100.488246][ T3119] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready executing program executing program executing program executing program executing program [ 101.065579][ T9596] bridge0: port 3(netdevsim0) entered blocking state [ 101.072479][ T9596] bridge0: port 3(netdevsim0) entered disabled state [ 101.080536][ T9596] device netdevsim0 entered promiscuous mode [ 101.086865][ T9596] bridge0: port 3(netdevsim0) entered blocking state [ 101.093639][ T9596] bridge0: port 3(netdevsim0) entered forwarding state executing program [ 101.245505][ T9598] device netdevsim0 left promiscuous mode [ 101.251661][ T9598] bridge0: port 3(netdevsim0) entered disabled state executing program [ 101.379368][ T9598] bond0: (slave netdevsim0): slave is up - this may be due to an out of date ifenslave executing program [ 101.526293][ T9603] batman_adv: batadv0: Adding interface: netdevsim0 [ 101.533455][ T9603] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.559663][ T9603] batman_adv: batadv0: Interface activated: netdevsim0 executing program [ 101.684956][ T9605] batman_adv: batadv0: Interface deactivated: netdevsim0 [ 101.692099][ T9605] batman_adv: batadv0: Removing interface: netdevsim0 [ 101.731350][ T9606] ------------[ cut here ]------------ [ 101.736941][ T9606] DEBUG_LOCKS_WARN_ON(1) [ 101.737010][ T9606] WARNING: CPU: 1 PID: 9606 at kernel/locking/lockdep.c:167 mark_lock+0x22b/0x1220 [ 101.750878][ T9606] Kernel panic - not syncing: panic_on_warn set ... [ 101.757496][ T9606] CPU: 1 PID: 9606 Comm: syz-executor264 Not tainted 5.5.0-rc5-next-20200110-syzkaller #0 [ 101.768633][ T9606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.778801][ T9606] Call Trace: [ 101.782083][ T9606] dump_stack+0x197/0x210 [ 101.786399][ T9606] ? mark_lock+0x1f0/0x1220 [ 101.791128][ T9606] panic+0x2e3/0x75c [ 101.795057][ T9606] ? add_taint.cold+0x16/0x16 [ 101.799730][ T9606] ? __kasan_check_write+0x14/0x20 [ 101.804826][ T9606] ? __warn.cold+0x14/0x3e [ 101.809227][ T9606] ? __warn+0xd9/0x1cf [ 101.813330][ T9606] ? mark_lock+0x22b/0x1220 [ 101.817938][ T9606] __warn.cold+0x2f/0x3e [ 101.822170][ T9606] ? mark_lock+0x22b/0x1220 [ 101.826828][ T9606] report_bug+0x289/0x300 [ 101.831153][ T9606] do_error_trap+0x11b/0x200 [ 101.835729][ T9606] do_invalid_op+0x37/0x50 [ 101.840131][ T9606] ? mark_lock+0x22b/0x1220 [ 101.844626][ T9606] invalid_op+0x23/0x30 [ 101.848763][ T9606] RIP: 0010:mark_lock+0x22b/0x1220 [ 101.853855][ T9606] Code: d0 7c 08 84 d2 0f 85 a8 0e 00 00 44 8b 1d 4d 6c 4a 09 45 85 db 75 b6 48 c7 c6 e0 91 4b 88 48 c7 c7 20 92 4b 88 e8 74 32 eb ff <0f> 0b 31 db e9 aa fe ff ff 48 c7 c7 20 a5 88 8b e8 70 e2 58 00 e9 [ 101.873632][ T9606] RSP: 0018:ffffc900062bf6a0 EFLAGS: 00010082 [ 101.879682][ T9606] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.887641][ T9606] RDX: 0000000000000000 RSI: ffffffff815e8546 RDI: fffff52000c57ec6 [ 101.895724][ T9606] RBP: ffffc900062bf6f0 R08: ffff888092694200 R09: fffffbfff13748ed [ 101.903682][ T9606] R10: fffffbfff13748ec R11: ffffffff89ba4763 R12: 0000000000000002 [ 101.911642][ T9606] R13: ffff888092694ac8 R14: 0000000000000000 R15: 00000000000405cd [ 101.919651][ T9606] ? vprintk_func+0x86/0x189 [ 101.924237][ T9606] ? __kasan_check_read+0x11/0x20 [ 101.929549][ T9606] ? mark_lock+0xc2/0x1220 [ 101.934008][ T9606] __lock_acquire+0x1370/0x4a00 [ 101.938991][ T9606] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 101.945126][ T9606] ? skb_network_protocol+0xf6/0x4a0 [ 101.950625][ T9606] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 101.956428][ T9606] ? mark_held_locks+0xf0/0xf0 [ 101.961179][ T9606] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 101.967672][ T9606] ? validate_xmit_xfrm+0x43c/0xf10 [ 101.973001][ T9606] lock_acquire+0x190/0x410 [ 101.977630][ T9606] ? __dev_queue_xmit+0x29c6/0x35c0 [ 101.982825][ T9606] _raw_spin_lock+0x2f/0x40 [ 101.987314][ T9606] ? __dev_queue_xmit+0x29c6/0x35c0 [ 101.992493][ T9606] __dev_queue_xmit+0x29c6/0x35c0 [ 101.997504][ T9606] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 102.002776][ T9606] ? mark_lock+0xc2/0x1220 [ 102.007178][ T9606] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 102.013417][ T9606] ? packet_parse_headers.isra.0+0x350/0x4a0 [ 102.019590][ T9606] ? packet_parse_headers.isra.0+0x12c/0x4a0 [ 102.026090][ T9606] ? __unregister_prot_hook+0x340/0x340 [ 102.031995][ T9606] dev_queue_xmit+0x18/0x20 [ 102.036510][ T9606] ? dev_queue_xmit+0x18/0x20 [ 102.041187][ T9606] packet_sendmsg+0x25f7/0x6210 [ 102.046291][ T9606] ? __kasan_check_read+0x11/0x20 [ 102.051333][ T9606] ? ___might_sleep+0x163/0x2c0 [ 102.056301][ T9606] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 102.062628][ T9606] ? aa_label_sk_perm+0x91/0xf0 [ 102.067648][ T9606] ? packet_notifier+0x880/0x880 [ 102.072581][ T9606] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 102.078118][ T9606] ? apparmor_socket_sendmsg+0x2a/0x30 [ 102.083562][ T9606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 102.089797][ T9606] ? security_socket_sendmsg+0x8d/0xc0 [ 102.095884][ T9606] ? packet_notifier+0x880/0x880 [ 102.100940][ T9606] sock_sendmsg+0xd7/0x130 [ 102.105342][ T9606] __sys_sendto+0x262/0x380 [ 102.109886][ T9606] ? __ia32_sys_getpeername+0xb0/0xb0 [ 102.115754][ T9606] ? _copy_to_user+0x118/0x160 [ 102.120504][ T9606] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 102.126736][ T9606] ? __ia32_sys_connect+0xb0/0xb0 [ 102.131936][ T9606] ? __x64_sys_futex+0x404/0x590 [ 102.136890][ T9606] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 102.142340][ T9606] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 102.147970][ T9606] ? do_syscall_64+0x26/0x790 [ 102.152671][ T9606] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 102.158929][ T9606] __x64_sys_sendto+0xe1/0x1a0 [ 102.163839][ T9606] do_syscall_64+0xfa/0x790 [ 102.168690][ T9606] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 102.174569][ T9606] RIP: 0033:0x448599 [ 102.178449][ T9606] Code: e8 ec 0e 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 102.198041][ T9606] RSP: 002b:00007f1da6e2ed98 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 102.206439][ T9606] RAX: ffffffffffffffda RBX: 00000000006ddc98 RCX: 0000000000448599 [ 102.214756][ T9606] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000007 [ 102.222810][ T9606] RBP: 00000000006ddc90 R08: 0000000020000100 R09: 0000000000000014 [ 102.230774][ T9606] R10: 0000000004020083 R11: 0000000000000246 R12: 00000000006ddc9c [ 102.238735][ T9606] R13: 000000000000306d R14: 697376656474656e R15: 000000000000000b [ 102.247386][ T9606] Kernel Offset: disabled [ 102.251725][ T9606] Rebooting in 86400 seconds..