
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   26.856376] audit: type=1800 audit(1542927687.691:21): pid=5842 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.676281] sshd (5981) used greatest stack depth: 15632 bytes left
Warning: Permanently added '10.128.10.42' (ECDSA) to the list of known hosts.
2018/11/22 23:02:30 parsed 1 programs
[   91.328726] ld (6008) used greatest stack depth: 15328 bytes left
2018/11/22 23:02:32 executed programs: 0
[   91.483886] IPVS: ftp: loaded support on port[0] = 21
[   91.730373] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.737152] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.745376] device bridge_slave_0 entered promiscuous mode
[   91.763081] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.769514] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.776393] device bridge_slave_1 entered promiscuous mode
[   91.793722] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   91.812860] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   91.861781] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   91.881506] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   91.957002] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   91.964632] team0: Port device team_slave_0 added
[   91.981465] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   91.988728] team0: Port device team_slave_1 added
[   92.006276] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.025657] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   92.044277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.064353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.210842] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.217293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.224219] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.230580] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.752190] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.804396] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   92.856107] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   92.862926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.870388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.915354] 8021q: adding VLAN 0 to HW filter on device team0
2018/11/22 23:02:37 executed programs: 42
2018/11/22 23:02:42 executed programs: 113
2018/11/22 23:02:47 executed programs: 190
2018/11/22 23:02:52 executed programs: 269
2018/11/22 23:02:57 executed programs: 350
[  116.800926] list_del corruption, ffff8801ba1d0bb0->next is LIST_POISON1 (dead000000000100)
[  116.809954] ------------[ cut here ]------------
[  116.814713] kernel BUG at lib/list_debug.c:47!
[  116.819343] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  116.824712] CPU: 1 PID: 22 Comm: kworker/1:1 Not tainted 4.20.0-rc1-next-20181109+ #110
[  116.832843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.842203] Workqueue: events p9_read_work
[  116.846447] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  116.852333] Code: d3 fd 0f 0b 4c 89 e2 48 89 de 48 c7 c7 80 ff 60 88 e8 86 9b d3 fd 0f 0b 4c 89 ea 48 89 de 48 c7 c7 e0 fe 60 88 e8 72 9b d3 fd <0f> 0b 48 89 de 48 c7 c7 40 00 61 88 e8 61 9b d3 fd 0f 0b 48 89 de
[  116.871228] RSP: 0018:ffff8801d945f5c0 EFLAGS: 00010286
[  116.876587] RAX: 000000000000004e RBX: ffff8801ba1d0bb0 RCX: 0000000000000000
[  116.883866] RDX: 0000000000000000 RSI: ffffffff8165ba15 RDI: 0000000000000005
[  116.891157] RBP: ffff8801d945f5d8 R08: ffff8801d944a5c0 R09: ffffed003b5e5020
[  116.898425] R10: ffffed003b5e5020 R11: ffff8801daf28107 R12: dead000000000200
[  116.905693] R13: dead000000000100 R14: ffff8801cdbfdcd0 R15: ffff8801cdbfdc90
[  116.912960] FS:  0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  116.921183] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  116.927095] CR2: 0000000000000000 CR3: 00000001cf3df000 CR4: 00000000001406e0
[  116.934357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  116.941622] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  116.948885] Call Trace:
[  116.951473]  p9_read_work+0xa95/0x1140
[  116.955357]  ? graph_lock+0x270/0x270
[  116.959154]  ? p9_poll_workfn+0x6e0/0x6e0
[  116.963303]  ? __lock_is_held+0xb5/0x140
[  116.967368]  process_one_work+0xc8b/0x1c40
[  116.971602]  ? mark_held_locks+0x130/0x130
[  116.975839]  ? pwq_dec_nr_in_flight+0x4a0/0x4a0
[  116.980507]  ? __switch_to_asm+0x34/0x70
[  116.984605]  ? __switch_to_asm+0x34/0x70
[  116.988664]  ? __switch_to_asm+0x40/0x70
[  116.992775]  ? __switch_to_asm+0x34/0x70
[  116.996831]  ? __switch_to_asm+0x40/0x70
[  117.000889]  ? __switch_to_asm+0x34/0x70
[  117.004950]  ? __switch_to_asm+0x34/0x70
[  117.009010]  ? __switch_to_asm+0x40/0x70
[  117.013075]  ? __switch_to_asm+0x34/0x70
[  117.017133]  ? __switch_to_asm+0x40/0x70
[  117.021193]  ? __switch_to_asm+0x34/0x70
[  117.025252]  ? __switch_to_asm+0x40/0x70
[  117.029311]  ? __switch_to_asm+0x34/0x70
[  117.033383]  ? __sched_text_start+0x8/0x8
[  117.037534]  ? graph_lock+0x270/0x270
[  117.041362]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  117.045958]  ? find_held_lock+0x36/0x1c0
[  117.050107]  ? lock_acquire+0x1ed/0x520
[  117.054084]  ? worker_thread+0x3e0/0x1390
[  117.058235]  ? kasan_check_write+0x14/0x20
[  117.062466]  ? do_raw_spin_lock+0x14f/0x350
[  117.066787]  ? __schedule+0x21d0/0x21d0
[  117.070756]  ? rwlock_bug.part.2+0x90/0x90
[  117.074988]  ? trace_hardirqs_on+0x310/0x310
[  117.079399]  worker_thread+0x17f/0x1390
[  117.083375]  ? preempt_notifier_register+0x200/0x200
[  117.088494]  ? process_one_work+0x1c40/0x1c40
[  117.092993]  ? __schedule+0x8d7/0x21d0
[  117.096890]  ? kmem_cache_alloc_trace+0x152/0x750
[  117.101733]  ? __sched_text_start+0x8/0x8
[  117.105893]  ? __kthread_parkme+0xce/0x1a0
[  117.110133]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  117.115232]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  117.120338]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  117.124917]  ? trace_hardirqs_on+0xbd/0x310
[  117.129234]  ? kasan_check_read+0x11/0x20
[  117.133378]  ? __kthread_parkme+0xce/0x1a0
[  117.137614]  ? trace_hardirqs_off_caller+0x300/0x300
[  117.142718]  ? __schedule+0x21d0/0x21d0
[  117.146693]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  117.151794]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  117.157349]  ? __kthread_parkme+0xfb/0x1a0
[  117.161582]  ? process_one_work+0x1c40/0x1c40
[  117.166076]  kthread+0x35a/0x440
[  117.169444]  ? kthread_stop+0x8f0/0x8f0
[  117.173420]  ret_from_fork+0x3a/0x50
[  117.177130] Modules linked in:
[  117.180474] ---[ end trace 3141932dd2958ebb ]---
[  117.185235] RIP: 0010:__list_del_entry_valid.cold.1+0x26/0x4a
[  117.191139] Code: d3 fd 0f 0b 4c 89 e2 48 89 de 48 c7 c7 80 ff 60 88 e8 86 9b d3 fd 0f 0b 4c 89 ea 48 89 de 48 c7 c7 e0 fe 60 88 e8 72 9b d3 fd <0f> 0b 48 89 de 48 c7 c7 40 00 61 88 e8 61 9b d3 fd 0f 0b 48 89 de
[  117.210105] RSP: 0018:ffff8801d945f5c0 EFLAGS: 00010286
[  117.215493] RAX: 000000000000004e RBX: ffff8801ba1d0bb0 RCX: 0000000000000000
[  117.222782] RDX: 0000000000000000 RSI: ffffffff8165ba15 RDI: 0000000000000005
[  117.230077] RBP: ffff8801d945f5d8 R08: ffff8801d944a5c0 R09: ffffed003b5e5020
[  117.237348] R10: ffffed003b5e5020 R11: ffff8801daf28107 R12: dead000000000200
[  117.244631] R13: dead000000000100 R14: ffff8801cdbfdcd0 R15: ffff8801cdbfdc90
[  117.251933] FS:  0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  117.260170] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  117.266064] CR2: 0000000000000000 CR3: 00000001cf3df000 CR4: 00000000001406e0
[  117.273350] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  117.280633] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  117.287912] Kernel panic - not syncing: Fatal exception
[  118.508952] Shutting down cpus with NMI
[  118.513805] Kernel Offset: disabled
[  118.517441] Rebooting in 86400 seconds..