[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 62.868875][ T27] audit: type=1800 audit(1583636544.845:25): pid=9450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 62.909151][ T27] audit: type=1800 audit(1583636544.845:26): pid=9450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 62.965517][ T27] audit: type=1800 audit(1583636544.845:27): pid=9450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.24' (ECDSA) to the list of known hosts. syzkaller login: [ 75.111592][ T9605] IPVS: ftp: loaded support on port[0] = 21 [ 75.165582][ T9605] chnl_net:caif_netlink_parms(): no params data found [ 75.205808][ T9605] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.213421][ T9605] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.221690][ T9605] device bridge_slave_0 entered promiscuous mode [ 75.230610][ T9605] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.237736][ T9605] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.245721][ T9605] device bridge_slave_1 entered promiscuous mode [ 75.265080][ T9605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.276555][ T9605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.297146][ T9605] team0: Port device team_slave_0 added [ 75.304471][ T9605] team0: Port device team_slave_1 added [ 75.319714][ T9605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.326670][ T9605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.352747][ T9605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.365001][ T9605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.372257][ T9605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.398284][ T9605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.481547][ T9605] device hsr_slave_0 entered promiscuous mode [ 75.519442][ T9605] device hsr_slave_1 entered promiscuous mode [ 75.647517][ T9605] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.702384][ T9605] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.762292][ T9605] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.821813][ T9605] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.875412][ T9605] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.882626][ T9605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.890475][ T9605] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.897536][ T9605] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.944144][ T9605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.957399][ T2706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.968741][ T2706] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.978856][ T2706] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.988177][ T2706] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 76.004398][ T9605] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.015886][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.025370][ T2695] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.032576][ T2695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.044399][ T2706] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 76.053538][ T2706] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.060621][ T2706] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.080988][ T2706] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 76.100922][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 76.108922][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 76.117826][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 76.126529][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 76.138571][ T9605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 76.157371][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 76.165324][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 76.185023][ T9605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.206109][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 76.215878][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.236472][ T9605] device veth0_vlan entered promiscuous mode [ 76.244074][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 76.252804][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.262381][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.271057][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.283428][ T9605] device veth1_vlan entered promiscuous mode [ 76.304504][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.313192][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.321386][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.330052][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.341630][ T9605] device veth0_macvtap entered promiscuous mode [ 76.351833][ T9605] device veth1_macvtap entered promiscuous mode [ 76.370700][ T9605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.378108][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.386357][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.394891][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.403804][ T2696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.416361][ T9605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.423927][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.433088][ T2695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 76.608269][ T9610] vcan0 speed is unknown, defaulting to 1000 [ 76.615054][ T9610] vcan0 speed is unknown, defaulting to 1000 [ 76.622411][ T9610] vcan0 speed is unknown, defaulting to 1000 [ 76.723228][ T9610] infiniband syz1: set active [ 76.728337][ T2695] vcan0 speed is unknown, defaulting to 1000 [ 76.734656][ T9610] infiniband syz1: added vcan0 [ 76.766257][ T9610] general protection fault, probably for non-canonical address 0xdffffc0000000086: 0000 [#1] PREEMPT SMP KASAN [ 76.778306][ T9610] KASAN: null-ptr-deref in range [0x0000000000000430-0x0000000000000437] [ 76.786751][ T9610] CPU: 1 PID: 9610 Comm: syz-executor643 Not tainted 5.6.0-rc3-next-20200228-syzkaller #0 [ 76.796617][ T9610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.806902][ T9610] RIP: 0010:rds_ib_add_one+0xbb/0xc80 [ 76.812256][ T9610] Code: 80 3c 02 00 0f 85 3a 0a 00 00 49 8b 9c 24 a8 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d bb 30 04 00 00 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 4f [ 76.831851][ T9610] RSP: 0018:ffffc90001dc6fe0 EFLAGS: 00010202 [ 76.838072][ T9610] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff873e8c5a [ 76.846160][ T9610] RDX: 0000000000000086 RSI: ffffffff873e8c78 RDI: 0000000000000430 [ 76.854115][ T9610] RBP: 0000000000000001 R08: ffff8880a8f70140 R09: ffffed1011e4e89c [ 76.862067][ T9610] R10: ffffed1011e4e89b R11: ffff88808f2744df R12: ffff88808f274000 [ 76.870017][ T9610] R13: ffff88808f274558 R14: ffff88808f2744d0 R15: ffffffff873e8c00 [ 76.877967][ T9610] FS: 00007f61f3019700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 76.886869][ T9610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.893432][ T9610] CR2: 00007fc005ce4000 CR3: 00000000a7d23000 CR4: 00000000001406e0 [ 76.901383][ T9610] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.909344][ T9610] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.917290][ T9610] Call Trace: [ 76.920568][ T9610] ? rds_ib_remove_one+0x280/0x280 [ 76.925653][ T9610] add_client_context+0x400/0x560 [ 76.930666][ T9610] ? ib_device_get_by_netdev+0x510/0x510 [ 76.936297][ T9610] ? rxe_enable_driver+0x63/0x90 [ 76.941262][ T9610] enable_device_and_get+0x1cd/0x3b0 [ 76.946530][ T9610] ? add_one_compat_dev+0x7e0/0x7e0 [ 76.951709][ T9610] ? rxe_ib_alloc_hw_stats+0xf9/0x130 [ 76.957060][ T9610] ib_register_device+0xa12/0xda0 [ 76.962069][ T9610] ? enable_device_and_get+0x3b0/0x3b0 [ 76.967503][ T9610] ? crypto_create_tfm+0x118/0x2f0 [ 76.972600][ T9610] ? crypto_alloc_tfm+0x124/0x340 [ 76.977608][ T9610] ? ib_device_set_netdev+0x499/0x680 [ 76.983390][ T9610] rxe_register_device+0x4fa/0x621 [ 76.988487][ T9610] rxe_add+0x1227/0x1664 [ 76.992708][ T9610] rxe_net_add+0x8c/0xe0 [ 76.996934][ T9610] rxe_newlink+0x34/0x90 [ 77.001161][ T9610] nldev_newlink+0x27f/0x400 [ 77.005727][ T9610] ? nldev_set_doit+0x3e0/0x3e0 [ 77.010581][ T9610] ? apparmor_capable+0x49c/0x8a0 [ 77.015595][ T9610] ? apparmor_capable+0x49c/0x8a0 [ 77.020652][ T9610] ? apparmor_cred_prepare+0x760/0x760 [ 77.026089][ T9610] ? apparmor_cred_prepare+0x760/0x760 [ 77.031530][ T9610] ? cap_capable+0x1eb/0x250 [ 77.036104][ T9610] ? ns_capable_common+0xe2/0x100 [ 77.041117][ T9610] ? nldev_set_doit+0x3e0/0x3e0 [ 77.045944][ T9610] rdma_nl_rcv+0x586/0x900 [ 77.050340][ T9610] ? rdma_nl_multicast+0x310/0x310 [ 77.055425][ T9610] ? netlink_deliver_tap+0x227/0xb50 [ 77.060689][ T9610] netlink_unicast+0x537/0x740 [ 77.065439][ T9610] ? netlink_attachskb+0x810/0x810 [ 77.070529][ T9610] ? _copy_from_iter_full+0x25c/0x870 [ 77.075884][ T9610] ? __phys_addr_symbol+0x2c/0x70 [ 77.081413][ T9610] ? __check_object_size+0x171/0x437 [ 77.086677][ T9610] netlink_sendmsg+0x882/0xe10 [ 77.091487][ T9610] ? aa_af_perm+0x260/0x260 [ 77.095980][ T9610] ? netlink_unicast+0x740/0x740 [ 77.100912][ T9610] ? netlink_unicast+0x740/0x740 [ 77.105831][ T9610] sock_sendmsg+0xcf/0x120 [ 77.110227][ T9610] ____sys_sendmsg+0x6b9/0x7d0 [ 77.115016][ T9610] ? kernel_sendmsg+0x50/0x50 [ 77.119673][ T9610] ? mark_lock+0xbc/0x1220 [ 77.124069][ T9610] ___sys_sendmsg+0x100/0x170 [ 77.128739][ T9610] ? sendmsg_copy_msghdr+0x70/0x70 [ 77.133877][ T9610] ? __fget_files+0x329/0x4f0 [ 77.138538][ T9610] ? do_dup2+0x520/0x520 [ 77.142758][ T9610] ? vm_insert_pages+0x6a0/0x6a0 [ 77.147689][ T9610] ? __fget_light+0x208/0x270 [ 77.152348][ T9610] __sys_sendmsg+0xec/0x1b0 [ 77.156829][ T9610] ? __sys_sendmsg_sock+0xb0/0xb0 [ 77.161842][ T9610] ? trace_hardirqs_off_caller+0x55/0x230 [ 77.167548][ T9610] ? do_syscall_64+0x21/0x790 [ 77.172215][ T9610] do_syscall_64+0xf6/0x790 [ 77.176715][ T9610] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.182691][ T9610] RIP: 0033:0x448a49 [ 77.186567][ T9610] Code: e8 cc 14 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.206149][ T9610] RSP: 002b:00007f61f3018da8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.214549][ T9610] RAX: ffffffffffffffda RBX: 00000000006dec28 RCX: 0000000000448a49 [ 77.222510][ T9610] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 77.230472][ T9610] RBP: 00000000006dec20 R08: 0000000000000014 R09: 0000000000000000 [ 77.238432][ T9610] R10: 0000000000000041 R11: 0000000000000246 R12: 00000000006dec2c [ 77.246395][ T9610] R13: 0000000000000000 R14: 000000306e616376 R15: 0000000000000000 [ 77.254360][ T9610] Modules linked in: [ 77.262798][ T9610] ---[ end trace 946dda50edd8dcab ]--- [ 77.268271][ T9610] RIP: 0010:rds_ib_add_one+0xbb/0xc80 [ 77.273694][ T9610] Code: 80 3c 02 00 0f 85 3a 0a 00 00 49 8b 9c 24 a8 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d bb 30 04 00 00 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 4f [ 77.293714][ T9610] RSP: 0018:ffffc90001dc6fe0 EFLAGS: 00010202 [ 77.299810][ T9610] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff873e8c5a [ 77.307793][ T9610] RDX: 0000000000000086 RSI: ffffffff873e8c78 RDI: 0000000000000430 [ 77.315807][ T9610] RBP: 0000000000000001 R08: ffff8880a8f70140 R09: ffffed1011e4e89c [ 77.324198][ T9610] R10: ffffed1011e4e89b R11: ffff88808f2744df R12: ffff88808f274000 [ 77.332275][ T9610] R13: ffff88808f274558 R14: ffff88808f2744d0 R15: ffffffff873e8c00 [ 77.340414][ T9610] FS: 00007f61f3019700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 77.349414][ T9610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.355997][ T9610] CR2: 00007fc005ce4000 CR3: 00000000a7d23000 CR4: 00000000001406e0 [ 77.364021][ T9610] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.372025][ T9610] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.380028][ T9610] Kernel panic - not syncing: Fatal exception [ 77.387383][ T9610] Kernel Offset: disabled [ 77.391718][ T9610] Rebooting in 86400 seconds..