[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   71.207923][   T27] audit: type=1800 audit(1577513995.855:25): pid=9296 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   71.237514][   T27] audit: type=1800 audit(1577513995.855:26): pid=9296 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   71.285203][   T27] audit: type=1800 audit(1577513995.855:27): pid=9296 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.134' (ECDSA) to the list of known hosts.
syzkaller login: [   82.330372][ T9454] IPVS: ftp: loaded support on port[0] = 21
[   82.390927][ T9454] chnl_net:caif_netlink_parms(): no params data found
[   82.421645][ T9454] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.429670][ T9454] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.438516][ T9454] device bridge_slave_0 entered promiscuous mode
[   82.446848][ T9454] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.454058][ T9454] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.462236][ T9454] device bridge_slave_1 entered promiscuous mode
[   82.479912][ T9454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.491451][ T9454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.511826][ T9454] team0: Port device team_slave_0 added
[   82.519101][ T9454] team0: Port device team_slave_1 added
[   82.579922][ T9454] device hsr_slave_0 entered promiscuous mode
[   82.617803][ T9454] device hsr_slave_1 entered promiscuous mode
[   82.693045][ T9454] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.740376][ T9454] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.810250][ T9454] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.869668][ T9454] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.918767][ T9454] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.926054][ T9454] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.933937][ T9454] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.941016][ T9454] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.982016][ T9454] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.996788][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.008940][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.017544][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.025876][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   83.040393][ T9454] 8021q: adding VLAN 0 to HW filter on device team0
[   83.051658][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.060431][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.067551][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.078466][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.086837][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.093936][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.121994][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   83.130898][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   83.139712][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.148859][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   83.157924][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   83.169646][ T9454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[   83.190439][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   83.198031][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   83.212486][ T9454] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.257963][ T9454] ------------[ cut here ]------------
[   83.263454][ T9454] net/hsr/hsr_forward.c:354: Malformed frame (port_src hsr0)
[   83.271498][ T9454] WARNING: CPU: 1 PID: 9454 at net/hsr/hsr_forward.c:353 hsr_forward_skb+0x127b/0x1d30
[   83.281131][ T9454] Kernel panic - not syncing: panic_on_warn set ...
[   83.287725][ T9454] CPU: 1 PID: 9454 Comm: syz-executor032 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[   83.297607][ T9454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   83.307653][ T9454] Call Trace:
[   83.310929][ T9454]  dump_stack+0x197/0x210
[   83.315255][ T9454]  ? hsr_forward_skb+0x1180/0x1d30
[   83.320362][ T9454]  panic+0x2e3/0x75c
[   83.324246][ T9454]  ? add_taint.cold+0x16/0x16
[   83.330051][ T9454]  ? __kasan_check_write+0x14/0x20
[   83.335141][ T9454]  ? __warn.cold+0x14/0x3e
[   83.339537][ T9454]  ? __warn+0xd9/0x1cf
[   83.343605][ T9454]  ? hsr_forward_skb+0x127b/0x1d30
[   83.348699][ T9454]  __warn.cold+0x2f/0x3e
[   83.352923][ T9454]  ? hsr_forward_skb+0x127b/0x1d30
[   83.358049][ T9454]  report_bug+0x289/0x300
[   83.362373][ T9454]  do_error_trap+0x11b/0x200
[   83.367089][ T9454]  do_invalid_op+0x37/0x50
[   83.371512][ T9454]  ? hsr_forward_skb+0x127b/0x1d30
[   83.376620][ T9454]  invalid_op+0x23/0x30
[   83.380831][ T9454] RIP: 0010:hsr_forward_skb+0x127b/0x1d30
[   83.386556][ T9454] Code: fa ff ff e8 b7 e0 b0 f9 4c 89 e1 ba 62 01 00 00 48 c7 c6 40 26 f6 88 48 c7 c7 80 26 f6 88 c6 05 3f 6e b8 02 01 e8 c4 66 81 f9 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 80 3c 02
[   83.406270][ T9454] RSP: 0018:ffffc90007c2f8c0 EFLAGS: 00010286
[   83.412446][ T9454] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   83.420418][ T9454] RDX: 0000000000000000 RSI: ffffffff815e9f66 RDI: fffff52000f85f0a
[   83.428428][ T9454] RBP: ffffc90007c2f970 R08: ffff88808e74a280 R09: 0000000000000000
[   83.436403][ T9454] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880a8128000
[   83.444358][ T9454] R13: ffff888098ed5090 R14: 000000000000ffff R15: ffff88808fbdadc0
[   83.452328][ T9454]  ? vprintk_func+0x86/0x189
[   83.456921][ T9454]  ? validate_xmit_skb+0x81f/0xe50
[   83.462012][ T9454]  ? netdev_pick_tx+0x4c6/0xb00
[   83.466878][ T9454]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   83.472586][ T9454]  hsr_dev_xmit+0x7d/0xe0
[   83.476903][ T9454]  dev_direct_xmit+0x419/0x630
[   83.481649][ T9454]  ? __check_heap_object+0x81/0xb3
[   83.486742][ T9454]  ? validate_xmit_skb_list+0x150/0x150
[   83.492284][ T9454]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   83.498520][ T9454]  ? netdev_pick_tx+0x14e/0xb00
[   83.503361][ T9454]  packet_direct_xmit+0x1a9/0x250
[   83.508383][ T9454]  packet_sendmsg+0x25f7/0x6210
[   83.513230][ T9454]  ? ___might_sleep+0x163/0x2c0
[   83.518092][ T9454]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   83.524331][ T9454]  ? aa_label_sk_perm+0x91/0xf0
[   83.529191][ T9454]  ? packet_notifier+0x880/0x880
[   83.534118][ T9454]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   83.539905][ T9454]  ? apparmor_socket_sendmsg+0x2a/0x30
[   83.545371][ T9454]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   83.551766][ T9454]  ? security_socket_sendmsg+0x8d/0xc0
[   83.557219][ T9454]  ? packet_notifier+0x880/0x880
[   83.562159][ T9454]  sock_sendmsg+0xd7/0x130
[   83.566575][ T9454]  __sys_sendto+0x262/0x380
[   83.571069][ T9454]  ? __ia32_sys_getpeername+0xb0/0xb0
[   83.576429][ T9454]  ? __ia32_sys_socketpair+0xf0/0xf0
[   83.581702][ T9454]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   83.587141][ T9454]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   83.592579][ T9454]  ? do_syscall_64+0x26/0x790
[   83.597248][ T9454]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   83.603333][ T9454]  __x64_sys_sendto+0xe1/0x1a0
[   83.608108][ T9454]  do_syscall_64+0xfa/0x790
[   83.612614][ T9454]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   83.618507][ T9454] RIP: 0033:0x442099
[   83.622405][ T9454] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   83.642015][ T9454] RSP: 002b:00007ffcabe1baa8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   83.650610][ T9454] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442099
[   83.658569][ T9454] RDX: 000000000000000e RSI: 0000000020000100 RDI: 0000000000000003
[   83.666534][ T9454] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
[   83.674497][ T9454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.682450][ T9454] R13: 0000000000403610 R14: 0000000000000000 R15: 0000000000000000
[   83.691953][ T9454] Kernel Offset: disabled
[   83.696381][ T9454] Rebooting in 86400 seconds..