[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 39.593898][ T26] audit: type=1800 audit(1552415981.349:25): pid=7664 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 39.622181][ T26] audit: type=1800 audit(1552415981.349:26): pid=7664 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 39.651206][ T26] audit: type=1800 audit(1552415981.359:27): pid=7664 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts. syzkaller login: [ 70.687734][ T7816] IPVS: ftp: loaded support on port[0] = 21 [ 70.746445][ T7816] chnl_net:caif_netlink_parms(): no params data found [ 70.777847][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.785804][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.793839][ T7816] device bridge_slave_0 entered promiscuous mode [ 70.802287][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.809597][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.817738][ T7816] device bridge_slave_1 entered promiscuous mode [ 70.834998][ T7816] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.845693][ T7816] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.864046][ T7816] team0: Port device team_slave_0 added [ 70.871415][ T7816] team0: Port device team_slave_1 added [ 70.949881][ T7816] device hsr_slave_0 entered promiscuous mode [ 71.018605][ T7816] device hsr_slave_1 entered promiscuous mode [ 71.075490][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.083026][ T7816] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.091132][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.098461][ T7816] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.131800][ T7816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.143448][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.164899][ T22] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.173555][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.183214][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 71.195315][ T7816] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.206830][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.216216][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.223429][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.246639][ T7816] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.257892][ T7816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.270710][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.279738][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.286996][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.297743][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.308355][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.317599][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.326766][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.336266][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 71.345017][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.364982][ T7816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.379939][ T7821] Started in network mode [ 71.385172][ T7821] Own node identity ac1414aa, cluster identity 4711 [ 71.397576][ T7821] New replicast peer: 172.20.20.187 [ 71.404441][ T7821] Enabled bearer , priority 10 [ 71.411996][ T7821] Enabling of bearer rejected, already enabled [ 71.528602][ T7821] kasan: CONFIG_KASAN_INLINE enabled [ 71.534177][ T7821] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 71.542486][ T7821] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 71.549836][ T7821] CPU: 1 PID: 7821 Comm: syz-executor772 Not tainted 5.0.0-next-20190306 #4 [ 71.559435][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.569855][ T7821] RIP: 0010:fib6_purge_rt+0x4b3/0x670 [ 71.575229][ T7821] Code: 0f b6 35 5a f6 44 03 31 ff 44 89 f6 e8 a6 1c 5b fb 45 84 f6 0f 84 b3 00 00 00 e8 58 1b 5b fb 49 8d 7f 70 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 64 01 00 00 48 89 f8 4d 8b 77 70 48 c1 e8 03 80 [ 71.597122][ T7821] RSP: 0018:ffff8880a5a26e98 EFLAGS: 00010202 [ 71.603278][ T7821] RAX: 000000000000000e RBX: dffffc0000000000 RCX: ffffffff861579a9 [ 71.611384][ T7821] RDX: 0000000000000000 RSI: ffffffff861578d8 RDI: 0000000000000071 [ 71.620823][ T7821] RBP: ffff8880a5a26ef0 R08: ffff88808f9a6300 R09: ffffed101406c2f6 [ 71.628834][ T7821] R10: ffffed101406c2f5 R11: ffff8880a03617af R12: 0000000000000000 [ 71.636827][ T7821] R13: ffff8880a0361780 R14: 0000000000000001 R15: 0000000000000001 [ 71.645374][ T7821] FS: 00007fe8383f8700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 71.654568][ T7821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.661237][ T7821] CR2: 00005612a363f110 CR3: 0000000093362000 CR4: 00000000001406e0 [ 71.669531][ T7821] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 71.677773][ T7821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 71.685779][ T7821] Call Trace: [ 71.689074][ T7821] fib6_del+0xac2/0x10a0 [ 71.693575][ T7821] ? fib6_locate+0x150/0x150 [ 71.698382][ T7821] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 71.704331][ T7821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 71.710569][ T7821] ? fib6_ifdown+0xe7/0x8e0 [ 71.715064][ T7821] ? fib6_walker_link+0x10c/0x160 [ 71.720160][ T7821] fib6_clean_node+0x3a8/0x590 [ 71.726358][ T7821] ? fib6_del+0x10a0/0x10a0 [ 71.730851][ T7821] ? __local_bh_enable_ip+0x15a/0x270 [ 71.736226][ T7821] ? fib6_walker_link+0x10c/0x160 [ 71.741416][ T7821] ? trace_hardirqs_on+0x67/0x230 [ 71.746451][ T7821] ? fib6_walker_link+0x10c/0x160 [ 71.752256][ T7821] fib6_walk_continue+0x495/0x900 [ 71.762032][ T7821] fib6_walk+0x9d/0x100 [ 71.766192][ T7821] ? fib6_ifup+0x230/0x230 [ 71.770802][ T7821] fib6_clean_tree+0xe0/0x120 [ 71.776210][ T7821] ? fib6_walk+0x100/0x100 [ 71.780611][ T7821] ? fib6_del+0x10a0/0x10a0 [ 71.785334][ T7821] ? rwlock_bug.part.0+0x90/0x90 [ 71.790262][ T7821] ? fib6_ifup+0x230/0x230 [ 71.794749][ T7821] __fib6_clean_all+0x118/0x2a0 [ 71.799692][ T7821] ? fib6_ifup+0x230/0x230 [ 71.804780][ T7821] ? fib6_ifup+0x230/0x230 [ 71.809389][ T7821] fib6_clean_all+0x2b/0x40 [ 71.813896][ T7821] rt6_sync_down_dev+0x134/0x150 [ 71.818831][ T7821] ? rt6_sync_up+0x170/0x170 [ 71.823601][ T7821] rt6_disable_ip+0x27/0x5f0 [ 71.828184][ T7821] ? tee_netdev_event+0x431/0x5e0 [ 71.833202][ T7821] addrconf_ifdown+0xa2/0x1220 [ 71.837991][ T7821] addrconf_notify+0x19a/0x2260 [ 71.842855][ T7821] ? lockdep_hardirqs_on+0x418/0x5d0 [ 71.848219][ T7821] ? clusterip_netdev_event+0x474/0x670 [ 71.853885][ T7821] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.860495][ T7821] ? tls_dev_event+0x118/0xad0 [ 71.865657][ T7821] ? clusterip_netdev_event+0x474/0x670 [ 71.871294][ T7821] ? inet6_ifinfo_notify+0x150/0x150 [ 71.876578][ T7821] ? tls_device_sk_destruct+0x670/0x670 [ 71.882211][ T7821] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 71.888652][ T7821] ? ip6mr_device_event+0x1ad/0x220 [ 71.895194][ T7821] notifier_call_chain+0xc7/0x240 [ 71.900421][ T7821] ? inet6_ifinfo_notify+0x150/0x150 [ 71.905891][ T7821] ? notifier_call_chain+0xc7/0x240 [ 71.911184][ T7821] raw_notifier_call_chain+0x2e/0x40 [ 71.916758][ T7821] call_netdevice_notifiers_info+0x3f/0x90 [ 71.923181][ T7821] dev_close_many+0x33f/0x6f0 [ 71.928855][ T7821] ? netdev_master_upper_dev_link+0x50/0x50 [ 71.944387][ T7821] rollback_registered_many+0x43b/0xfd0 [ 71.949944][ T7821] ? generic_xdp_install+0x3d0/0x3d0 [ 71.955254][ T7821] ? mark_held_locks+0xa4/0xf0 [ 71.960211][ T7821] ? linkwatch_fire_event+0xca/0x1f0 [ 71.965993][ T7821] ? queue_delayed_work_on+0xe6/0x200 [ 71.971780][ T7821] ? linkwatch_schedule_work+0x13c/0x170 [ 71.977644][ T7821] ? queue_delayed_work_on+0xe6/0x200 [ 71.983632][ T7821] ? lockdep_hardirqs_on+0x418/0x5d0 [ 71.989022][ T7821] rollback_registered+0x109/0x1d0 [ 71.994176][ T7821] ? rollback_registered_many+0xfd0/0xfd0 [ 71.999901][ T7821] unregister_netdevice_queue+0x1ee/0x2c0 [ 72.005695][ T7821] __tun_detach+0xd5b/0x1000 [ 72.010490][ T7821] ? __tun_detach+0x1000/0x1000 [ 72.015656][ T7821] tun_chr_close+0xe0/0x180 [ 72.020659][ T7821] __fput+0x2e5/0x8d0 [ 72.024643][ T7821] ____fput+0x16/0x20 [ 72.028737][ T7821] task_work_run+0x14a/0x1c0 [ 72.033361][ T7821] do_exit+0x90a/0x2fa0 [ 72.038547][ T7821] ? get_signal+0x331/0x1d50 [ 72.043304][ T7821] ? mm_update_next_owner+0x640/0x640 [ 72.050093][ T7821] ? kasan_check_write+0x14/0x20 [ 72.055032][ T7821] ? _raw_spin_unlock_irq+0x28/0x90 [ 72.060394][ T7821] ? get_signal+0x331/0x1d50 [ 72.065098][ T7821] ? _raw_spin_unlock_irq+0x28/0x90 [ 72.071793][ T7821] do_group_exit+0x135/0x370 [ 72.076811][ T7821] get_signal+0x399/0x1d50 [ 72.081592][ T7821] ? ksys_dup3+0x3e0/0x3e0 [ 72.086096][ T7821] ? ___sys_recvmsg+0x5a0/0x5a0 [ 72.090946][ T7821] do_signal+0x87/0x1940 [ 72.095702][ T7821] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 72.102066][ T7821] ? fput_many+0x12c/0x1a0 [ 72.106535][ T7821] ? fput+0x1b/0x20 [ 72.110754][ T7821] ? setup_sigcontext+0x7d0/0x7d0 [ 72.115776][ T7821] ? exit_to_usermode_loop+0x43/0x2c0 [ 72.121137][ T7821] ? do_syscall_64+0x52d/0x610 [ 72.126326][ T7821] ? exit_to_usermode_loop+0x43/0x2c0 [ 72.131879][ T7821] ? lockdep_hardirqs_on+0x418/0x5d0 [ 72.137308][ T7821] ? trace_hardirqs_on+0x67/0x230 [ 72.142687][ T7821] exit_to_usermode_loop+0x244/0x2c0 [ 72.148096][ T7821] do_syscall_64+0x52d/0x610 [ 72.153084][ T7821] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.159100][ T7821] RIP: 0033:0x44bca9 [ 72.162987][ T7821] Code: 5b 65 73 63 61 70 65 20 63 6f 6e 74 72 6f 6c 2d 63 68 61 72 61 63 74 65 72 73 5d 20 00 5b 64 72 6f 70 20 63 6f 6e 74 72 6f 6c <2d> 63 68 61 72 61 63 74 65 72 73 5d 20 00 5b 73 6c 61 73 68 65 73 [ 72.183841][ T7821] RSP: 002b:00007fe8383f7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 72.192700][ T7821] RAX: fffffffffffffe00 RBX: 00000000006dec48 RCX: 000000000044bca9 [ 72.200821][ T7821] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dec48 [ 72.209035][ T7821] RBP: 00000000006dec40 R08: 0000000000000000 R09: 0000000000000000 [ 72.217201][ T7821] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dec4c [ 72.225652][ T7821] R13: 00007ffd4d27000f R14: 00007fe8383f89c0 R15: 000000000000002d [ 72.233828][ T7821] Modules linked in: [ 72.238057][ T7821] ---[ end trace 9a88786341e68810 ]--- [ 72.243591][ T7821] RIP: 0010:fib6_purge_rt+0x4b3/0x670 [ 72.249171][ T7821] Code: 0f b6 35 5a f6 44 03 31 ff 44 89 f6 e8 a6 1c 5b fb 45 84 f6 0f 84 b3 00 00 00 e8 58 1b 5b fb 49 8d 7f 70 48 89 f8 48 c1 e8 03 <80> 3c 18 00 0f 85 64 01 00 00 48 89 f8 4d 8b 77 70 48 c1 e8 03 80 [ 72.268833][ T7821] RSP: 0018:ffff8880a5a26e98 EFLAGS: 00010202 [ 72.274931][ T7821] RAX: 000000000000000e RBX: dffffc0000000000 RCX: ffffffff861579a9 [ 72.283416][ T7821] RDX: 0000000000000000 RSI: ffffffff861578d8 RDI: 0000000000000071 [ 72.291964][ T7821] RBP: ffff8880a5a26ef0 R08: ffff88808f9a6300 R09: ffffed101406c2f6 [ 72.300371][ T7821] R10: ffffed101406c2f5 R11: ffff8880a03617af R12: 0000000000000000 [ 72.309869][ T7821] R13: ffff8880a0361780 R14: 0000000000000001 R15: 0000000000000001 [ 72.318242][ T7821] FS: 00007fe8383f8700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 72.327429][ T7821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.334084][ T7821] CR2: 00005612a363f110 CR3: 0000000093362000 CR4: 00000000001406e0 [ 72.342280][ T7821] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 72.350614][ T7821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 72.358805][ T7821] Kernel panic - not syncing: Fatal exception in interrupt [ 72.366964][ T7821] Kernel Offset: disabled [ 72.371313][ T7821] Rebooting in 86400 seconds..