[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.209' (ECDSA) to the list of known hosts.
syzkaller login: [   30.856925] skbuff: skb_over_panic: text:ffffffff864c860d len:232 put:72 head:ffff8880aa9ba780 data:ffff8880aa9ba780 tail:0xe8 end:0xc0 dev:<NULL>
[   31.002036] ------------[ cut here ]------------
[   31.006947] kernel BUG at net/core/skbuff.c:104!
[   31.170669] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   31.176064] Modules linked in:
[   31.179255] CPU: 0 PID: 8086 Comm: syz-executor069 Not tainted 4.14.216-syzkaller #0
[   31.187132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   31.196486] task: ffff888098b9e6c0 task.stack: ffff888095500000
[   31.202547] RIP: 0010:skb_panic+0x172/0x174
[   31.206876] RSP: 0018:ffff8880955071c8 EFLAGS: 00010282
[   31.212331] RAX: 0000000000000086 RBX: ffff8880ab853080 RCX: 0000000000000000
[   31.219630] RDX: 0000000000000000 RSI: ffffffff878bbb40 RDI: ffffed1012aa0e2f
[   31.226905] RBP: ffffffff885550a0 R08: 0000000000000086 R09: 0000000000000000
[   31.234273] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff864c860d
[   31.241581] R13: 0000000000000048 R14: ffffffff88554900 R15: 00000000000000c0
[   31.248855] FS:  00007f1650606700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
[   31.257088] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   31.263065] CR2: 00007f91e41105e0 CR3: 00000000aef8d000 CR4: 00000000001406f0
[   31.270656] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   31.277930] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   31.285297] Call Trace:
[   31.287892]  ? pfkey_send_acquire+0x161d/0x2360
[   31.292596]  skb_put.cold+0x24/0x24
[   31.296224]  pfkey_send_acquire+0x161d/0x2360
[   31.301252]  km_query+0xa9/0x1b0
[   31.304620]  xfrm_state_find+0x1847/0x27c0
[   31.308869]  ? xfrm_state_afinfo_get_rcu+0xb0/0xb0
[   31.313912]  ? __lock_acquire+0x5fc/0x3f20
[   31.318263]  xfrm_resolve_and_create_bundle+0x29b/0x2630
[   31.323712]  ? trace_hardirqs_on+0x10/0x10
[   31.327951]  ? register_lock_class+0xcd2/0x1320
[   31.332665]  ? xfrm_net_init+0x970/0x970
[   31.336741]  ? xfrm_sk_policy_lookup+0x2b4/0x450
[   31.341501]  ? lock_acquire+0x170/0x3f0
[   31.345571]  ? lock_downgrade+0x740/0x740
[   31.349750]  ? xfrm_sk_policy_lookup+0x2db/0x450
[   31.354509]  ? xfrm_expand_policies+0x36e/0x520
[   31.359180]  xfrm_lookup+0x1ee/0x1790
[   31.362978]  ? ipv4_neigh_lookup+0x642/0x6e0
[   31.367426]  ? xfrm_expand_policies+0x520/0x520
[   31.372094]  ? ip_route_output_key_hash+0x1d6/0x2a0
[   31.377134]  ? ip_route_output_key_hash_rcu+0x29f0/0x29f0
[   31.382674]  ? udp_sendmsg+0xe45/0x1c80
[   31.386652]  xfrm_lookup_route+0x33/0x1b0
[   31.390801]  ip_route_output_flow+0xf9/0x130
[   31.395210]  udp_sendmsg+0x13b5/0x1c80
[   31.399102]  ? ip_do_fragment+0x1fb0/0x1fb0
[   31.403437]  ? udp_seq_next+0xa0/0xa0
[   31.407239]  ? __might_fault+0x104/0x1b0
[   31.411305]  ? rw_copy_check_uvector+0x1dd/0x2b0
[   31.416068]  ? lock_acquire+0x170/0x3f0
[   31.420838]  ? dup_iter+0x240/0x240
[   31.424470]  ? copy_msghdr_from_user+0x218/0x3b0
[   31.429232]  ? kernel_recvmsg+0x210/0x210
[   31.433389]  inet_sendmsg+0x11a/0x4e0
[   31.437209]  ? security_socket_sendmsg+0x83/0xb0
[   31.441969]  ? inet_recvmsg+0x4d0/0x4d0
[   31.445954]  sock_sendmsg+0xb5/0x100
[   31.449781]  ___sys_sendmsg+0x326/0x800
[   31.453826]  ? copy_msghdr_from_user+0x3b0/0x3b0
[   31.458590]  ? trace_hardirqs_on+0x10/0x10
[   31.463156]  ? trace_hardirqs_on_caller+0x3a8/0x580
[   31.468261]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   31.473172]  ? retint_kernel+0x2d/0x2d
[   31.477146]  ? __might_fault+0x104/0x1b0
[   31.481207]  ? lock_acquire+0x170/0x3f0
[   31.485210]  __sys_sendmmsg+0x129/0x330
[   31.489202]  ? SyS_sendmsg+0x40/0x40
[   31.492977]  ? trace_hardirqs_on+0x10/0x10
[   31.497216]  ? finish_task_switch+0x178/0x610
[   31.501710]  ? lock_downgrade+0x740/0x740
[   31.505856]  ? _raw_spin_unlock_irq+0x24/0x80
[   31.510350]  ? trace_hardirqs_on_caller+0x3a8/0x580
[   31.515403]  SyS_sendmmsg+0x2f/0x50
[   31.519198]  ? __sys_sendmmsg+0x330/0x330
[   31.523340]  do_syscall_64+0x1d5/0x640
[   31.527249]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   31.532454] RIP: 0033:0x446db9
[   31.535637] RSP: 002b:00007f1650605da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   31.543520] RAX: ffffffffffffffda RBX: 00000000006dbc78 RCX: 0000000000446db9
[   31.550792] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000005
[   31.558067] RBP: 00000000006dbc70 R08: 00007f1650606700 R09: 0000000000000000
[   31.565335] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc7c
[   31.572607] R13: 0000000000000002 R14: 0000000009000702 R15: 0000000000000001
[   31.579881] Code: 8b 4c 24 10 8b 8b 80 00 00 00 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 40 49 55 88 ff 74 24 10 ff 74 24 20 e8 90 73 e4 ff <0f> 0b e8 b5 3b 3a fa 4c 8b 64 24 18 e8 bb 9f 63 fa 48 c7 c1 60 
[   31.614096] RIP: skb_panic+0x172/0x174 RSP: ffff8880955071c8
[   32.877792] ---[ end trace 802d03ac521a5712 ]---
[   32.882818] Kernel panic - not syncing: Fatal exception
[   32.888635] Kernel Offset: disabled
[   32.892269] Rebooting in 86400 seconds..