[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 60.637129][ T26] audit: type=1800 audit(1563573274.704:25): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 60.664987][ T26] audit: type=1800 audit(1563573274.704:26): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 60.708428][ T26] audit: type=1800 audit(1563573274.704:27): pid=8914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.131' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 72.628438][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz-executor043'. [ 72.637976][ T9066] kasan: CONFIG_KASAN_INLINE enabled [ 72.643340][ T9066] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 72.651474][ T9066] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 72.658422][ T9066] CPU: 1 PID: 9066 Comm: syz-executor043 Not tainted 5.2.0-next-20190718 #41 [ 72.667300][ T9066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.677355][ T9066] RIP: 0010:tcf_ife_init+0x25c/0x1850 [ 72.682734][ T9066] Code: 00 00 48 c7 c7 80 c0 da 88 e8 10 6e a1 fb 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c7 85 e8 fe ff ff 00 00 00 00 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 e2 [ 72.702319][ T9066] RSP: 0018:ffff88808b1e6eb8 EFLAGS: 00010246 [ 72.708368][ T9066] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1101158f1e9 [ 72.716320][ T9066] RDX: 0000000000000000 RSI: 1ffff1101158f1f0 RDI: 0000000000000282 [ 72.724311][ T9066] RBP: ffff88808b1e7060 R08: 0000000000000002 R09: ffff88808ac78f50 [ 72.732271][ T9066] R10: fffffbfff134a3ff R11: ffffffff89a51fff R12: 0000000000000001 [ 72.740224][ T9066] R13: ffff88809b416dc0 R14: ffff88808b1e78c0 R15: 0000000000000000 [ 72.748176][ T9066] FS: 0000555555f7a880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 72.757081][ T9066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.763643][ T9066] CR2: 0000000020000180 CR3: 0000000090532000 CR4: 00000000001406e0 [ 72.771646][ T9066] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.779600][ T9066] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.787553][ T9066] Call Trace: [ 72.790863][ T9066] ? tc_lookup_action_n+0xd2/0x100 [ 72.795978][ T9066] ? __add_metainfo+0x480/0x480 [ 72.800832][ T9066] ? tc_lookup_action_n+0xd2/0x100 [ 72.805922][ T9066] ? __kasan_check_read+0x11/0x20 [ 72.810939][ T9066] ? lock_downgrade+0x920/0x920 [ 72.815786][ T9066] ? __kasan_check_write+0x14/0x20 [ 72.820875][ T9066] ? do_raw_read_unlock+0x3f/0x70 [ 72.825963][ T9066] tcf_action_init_1+0x6f2/0xa80 [ 72.830902][ T9066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.837121][ T9066] ? tcf_action_dump_old+0x80/0x80 [ 72.842210][ T9066] ? lock_downgrade+0x920/0x920 [ 72.847040][ T9066] ? __kasan_check_read+0x11/0x20 [ 72.852039][ T9066] ? mark_lock+0xc0/0x11e0 [ 72.856443][ T9066] tcf_action_init+0x241/0x360 [ 72.861183][ T9066] ? tcf_action_init_1+0xa80/0xa80 [ 72.866269][ T9066] ? mark_lock+0xc0/0x11e0 [ 72.870670][ T9066] ? mark_lock+0xc0/0x11e0 [ 72.875064][ T9066] ? __kasan_check_read+0x11/0x20 [ 72.880065][ T9066] tcf_action_add+0xe8/0x370 [ 72.884647][ T9066] ? tca_action_gd+0x1710/0x1710 [ 72.889563][ T9066] ? refcount_dec_not_one+0x1f0/0x1f0 [ 72.894920][ T9066] ? __nla_parse+0x43/0x60 [ 72.899316][ T9066] tc_ctl_action+0x3b5/0x4bc [ 72.903885][ T9066] ? tcf_action_add+0x370/0x370 [ 72.908717][ T9066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.914934][ T9066] ? tcf_action_add+0x370/0x370 [ 72.919761][ T9066] rtnetlink_rcv_msg+0x463/0xb00 [ 72.924692][ T9066] ? rtnetlink_put_metrics+0x580/0x580 [ 72.930193][ T9066] ? lock_downgrade+0x920/0x920 [ 72.935116][ T9066] ? netlink_deliver_tap+0x22d/0xbf0 [ 72.940382][ T9066] ? find_held_lock+0x35/0x130 [ 72.945142][ T9066] netlink_rcv_skb+0x177/0x450 [ 72.949888][ T9066] ? rtnetlink_put_metrics+0x580/0x580 [ 72.955354][ T9066] ? netlink_ack+0xb30/0xb30 [ 72.959958][ T9066] ? __kasan_check_read+0x11/0x20 [ 72.964963][ T9066] ? netlink_deliver_tap+0x254/0xbf0 [ 72.970244][ T9066] rtnetlink_rcv+0x1d/0x30 [ 72.974642][ T9066] netlink_unicast+0x531/0x710 [ 72.979400][ T9066] ? netlink_attachskb+0x7c0/0x7c0 [ 72.984489][ T9066] ? _copy_from_iter_full+0x25d/0x8a0 [ 72.989864][ T9066] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 72.995564][ T9066] ? __check_object_size+0x3d/0x43c [ 73.000742][ T9066] netlink_sendmsg+0x8a5/0xd60 [ 73.005486][ T9066] ? netlink_unicast+0x710/0x710 [ 73.010399][ T9066] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 73.015950][ T9066] ? apparmor_socket_sendmsg+0x2a/0x30 [ 73.021407][ T9066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 73.027645][ T9066] ? security_socket_sendmsg+0x8d/0xc0 [ 73.033085][ T9066] ? netlink_unicast+0x710/0x710 [ 73.038017][ T9066] sock_sendmsg+0xd7/0x130 [ 73.042412][ T9066] ___sys_sendmsg+0x803/0x920 [ 73.047072][ T9066] ? copy_msghdr_from_user+0x440/0x440 [ 73.052521][ T9066] ? prep_transhuge_page+0xa0/0xa0 [ 73.057622][ T9066] ? percpu_counter_add_batch+0x13c/0x190 [ 73.063346][ T9066] ? __do_page_fault+0x56a/0xdd0 [ 73.068265][ T9066] ? find_held_lock+0x35/0x130 [ 73.073193][ T9066] ? __do_page_fault+0x56a/0xdd0 [ 73.078113][ T9066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 73.084333][ T9066] ? __fget_light+0x1a9/0x230 [ 73.089003][ T9066] ? __fdget+0x1b/0x20 [ 73.093050][ T9066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.099275][ T9066] __sys_sendmsg+0x105/0x1d0 [ 73.103846][ T9066] ? __sys_sendmsg_sock+0xd0/0xd0 [ 73.108852][ T9066] ? down_read_non_owner+0x450/0x450 [ 73.114119][ T9066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 73.119569][ T9066] ? do_syscall_64+0x26/0x6a0 [ 73.124247][ T9066] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.130311][ T9066] ? do_syscall_64+0x26/0x6a0 [ 73.134982][ T9066] __x64_sys_sendmsg+0x78/0xb0 [ 73.139726][ T9066] do_syscall_64+0xfd/0x6a0 [ 73.144208][ T9066] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.150078][ T9066] RIP: 0033:0x4401d9 [ 73.153950][ T9066] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.173561][ T9066] RSP: 002b:00007ffd77c35618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.181963][ T9066] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401d9 [ 73.189924][ T9066] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 73.197884][ T9066] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 73.205863][ T9066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a60 [ 73.213824][ T9066] R13: 0000000000401af0 R14: 0000000000000000 R15: 0000000000000000 [ 73.221782][ T9066] Modules linked in: [ 73.225993][ T9066] ---[ end trace a43702cefb6f9e41 ]--- [ 73.231483][ T9066] RIP: 0010:tcf_ife_init+0x25c/0x1850 [ 73.236963][ T9066] Code: 00 00 48 c7 c7 80 c0 da 88 e8 10 6e a1 fb 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c7 85 e8 fe ff ff 00 00 00 00 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 e2 [ 73.256641][ T9066] RSP: 0018:ffff88808b1e6eb8 EFLAGS: 00010246 [ 73.262709][ T9066] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1101158f1e9 [ 73.270719][ T9066] RDX: 0000000000000000 RSI: 1ffff1101158f1f0 RDI: 0000000000000282 [ 73.278720][ T9066] RBP: ffff88808b1e7060 R08: 0000000000000002 R09: ffff88808ac78f50 [ 73.286713][ T9066] R10: fffffbfff134a3ff R11: ffffffff89a51fff R12: 0000000000000001 [ 73.294678][ T9066] R13: ffff88809b416dc0 R14: ffff88808b1e78c0 R15: 0000000000000000 [ 73.302683][ T9066] FS: 0000555555f7a880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 73.311653][ T9066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.318265][ T9066] CR2: 0000000020000180 CR3: 0000000090532000 CR4: 00000000001406e0 [ 73.326275][ T9066] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.334242][ T9066] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.342262][ T9066] Kernel panic - not syncing: Fatal exception [ 73.349322][ T9066] Kernel Offset: disabled [ 73.361210][ T9066] Rebooting in 86400 seconds..