[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   52.832624][   T27] audit: type=1800 audit(1584476833.349:25): pid=8610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   52.852160][   T27] audit: type=1800 audit(1584476833.349:26): pid=8610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   52.884630][   T27] audit: type=1800 audit(1584476833.349:27): pid=8610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.126' (ECDSA) to the list of known hosts.
2020/03/17 20:27:27 parsed 1 programs
2020/03/17 20:27:28 executed programs: 0
syzkaller login: [   68.347654][ T8779] IPVS: ftp: loaded support on port[0] = 21
[   68.402818][ T8779] chnl_net:caif_netlink_parms(): no params data found
[   68.450625][ T8779] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.460376][ T8779] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.493539][ T8779] device bridge_slave_0 entered promiscuous mode
[   68.502741][ T8779] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.510362][ T8779] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.518983][ T8779] device bridge_slave_1 entered promiscuous mode
[   68.543288][ T8779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.553950][ T8779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.572152][ T8779] team0: Port device team_slave_0 added
[   68.579469][ T8779] team0: Port device team_slave_1 added
[   68.593018][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.600278][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.626779][ T8779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.639939][ T8779] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.647189][ T8779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.673126][ T8779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.726781][ T8779] device hsr_slave_0 entered promiscuous mode
[   68.764861][ T8779] device hsr_slave_1 entered promiscuous mode
[   68.888750][ T8779] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.936965][ T8779] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.997267][ T8779] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.037052][ T8779] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.088246][ T8779] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.098508][ T8779] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.106430][ T8779] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.113511][ T8779] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.154028][ T8779] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.168665][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   69.179564][ T2850] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.187944][ T2850] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.197421][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   69.210288][ T8779] 8021q: adding VLAN 0 to HW filter on device team0
[   69.220409][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   69.229106][ T2792] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.236790][ T2792] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.248846][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   69.257874][ T2850] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.264989][ T2850] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.285283][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   69.293878][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   69.305317][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   69.313041][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   69.324338][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   69.336481][ T8779] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   69.355866][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.372846][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.387077][ T8779] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.404696][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.426622][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.436179][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.445499][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.456879][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.472387][ T8779] device veth0_vlan entered promiscuous mode
[   69.484022][ T8779] device veth1_vlan entered promiscuous mode
[   69.504191][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   69.514396][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   69.523583][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.539604][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.551903][ T8779] device veth0_macvtap entered promiscuous mode
[   69.569931][ T8779] device veth1_macvtap entered promiscuous mode
[   69.585508][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.593274][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.602549][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.611378][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.620365][ T2850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.632250][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.640949][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.650561][ T2792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.935858][ T8786] general protection fault, probably for non-canonical address 0xdffffc0000001fff: 0000 [#1] PREEMPT SMP KASAN
[   69.947629][ T8786] KASAN: probably user-memory-access in range [0x000000000000fff8-0x000000000000ffff]
[   69.957209][ T8786] CPU: 0 PID: 8786 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0
[   69.966035][ T8786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   69.976192][ T8786] RIP: 0010:tcf_action_destroy+0x31/0x210
[   69.982707][ T8786] Code: 41 54 53 50 41 89 f5 49 89 fc 49 be 00 00 00 00 00 fc ff df e8 a0 ae 08 fb 31 ff 44 89 ee e8 36 b2 08 fb 4c 89 e0 48 c1 e8 03 <42> 80 3c 30 00 74 08 4c 89 e7 e8 40 ea 44 fb 4d 8b 3c 24 4d 85 ff
[   70.002565][ T8786] RSP: 0018:ffffc900020173d0 EFLAGS: 00010207
[   70.008683][ T8786] RAX: 0000000000001fff RBX: ffff8880a700ed10 RCX: 0000000000000000
[   70.016850][ T8786] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[   70.024827][ T8786] RBP: ffffc90002017630 R08: ffffffff866bf78a R09: ffffed1014e01da6
[   70.033658][ T8786] R10: ffffed1014e01da6 R11: 0000000000000000 R12: 000000000000ffff
[   70.041729][ T8786] R13: 0000000000000001 R14: dffffc0000000000 R15: 000000000000ffff
[   70.049720][ T8786] FS:  00007f29a29bb700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[   70.059080][ T8786] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.065820][ T8786] CR2: 000000000076c000 CR3: 00000000a6c7a000 CR4: 00000000001406f0
[   70.073958][ T8786] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   70.082527][ T8786] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   70.090479][ T8786] Call Trace:
[   70.095301][ T8786]  ? tcf_exts_change+0x4e/0x80
[   70.100886][ T8786]  tcf_exts_change+0x5b/0x80
[   70.105460][ T8786]  tcindex_change+0x1c71/0x27b0
[   70.110299][ T8786]  ? tcindex_destroy+0x970/0x970
[   70.115249][ T8786]  ? tcindex_lookup+0x13e/0x360
[   70.120637][ T8786]  tc_new_tfilter+0x1490/0x2f50
[   70.125783][ T8786]  ? tcindex_get+0x1c0/0x1c0
[   70.132040][ T8786]  ? tcf_tunnel_encap_put_tunnel+0x20/0x20
[   70.138085][ T8786]  rtnetlink_rcv_msg+0x8fb/0xd40
[   70.143117][ T8786]  ? __local_bh_enable_ip+0x133/0x230
[   70.148509][ T8786]  ? local_bh_enable+0x5/0x20
[   70.153167][ T8786]  ? __local_bh_enable_ip+0x133/0x230
[   70.158513][ T8786]  ? __dev_queue_xmit+0x1c47/0x28a0
[   70.163699][ T8786]  ? check_preemption_disabled+0x40/0x240
[   70.169398][ T8786]  ? debug_smp_processor_id+0x5/0x20
[   70.175106][ T8786]  netlink_rcv_skb+0x190/0x3a0
[   70.179945][ T8786]  ? rtnetlink_bind+0x80/0x80
[   70.185517][ T8786]  netlink_unicast+0x786/0x940
[   70.191943][ T8786]  netlink_sendmsg+0xa57/0xd70
[   70.196709][ T8786]  ? netlink_getsockopt+0x9d0/0x9d0
[   70.201912][ T8786]  ____sys_sendmsg+0x4f9/0x7c0
[   70.206939][ T8786]  __sys_sendmsg+0x1ed/0x290
[   70.211637][ T8786]  ? __might_fault+0xf5/0x150
[   70.216299][ T8786]  ? _copy_to_user+0x100/0x140
[   70.221056][ T8786]  ? check_preemption_disabled+0xb0/0x240
[   70.226758][ T8786]  ? debug_smp_processor_id+0x5/0x20
[   70.232018][ T8786]  ? trace_irq_disable_rcuidle+0x1f/0x1d0
[   70.237713][ T8786]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   70.243806][ T8786]  ? do_syscall_64+0x19/0x1b0
[   70.248507][ T8786]  do_syscall_64+0xf3/0x1b0
[   70.253005][ T8786]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   70.258889][ T8786] RIP: 0033:0x45c849
[   70.262769][ T8786] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   70.282399][ T8786] RSP: 002b:00007f29a29bac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.290805][ T8786] RAX: ffffffffffffffda RBX: 00007f29a29bb6d4 RCX: 000000000045c849
[   70.299195][ T8786] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[   70.307269][ T8786] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[   70.315218][ T8786] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   70.323163][ T8786] R13: 00000000000009fa R14: 00000000004ccb28 R15: 000000000076bf0c
[   70.331125][ T8786] Modules linked in:
[   70.337094][ T8786] ---[ end trace 75b23810752e51e9 ]---
[   70.343094][ T8786] RIP: 0010:tcf_action_destroy+0x31/0x210
[   70.349483][    C0] ------------[ cut here ]------------
[   70.349499][    C0] WARNING: CPU: 0 PID: 8786 at kernel/workqueue.c:1471 __queue_work+0xa67/0xc60
[   70.349503][    C0] Kernel panic - not syncing: panic_on_warn set ...
[   70.350811][    C0] Kernel Offset: disabled
[   70.377467][    C0] Rebooting in 86400 seconds..