[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   13.674237] sshd (5668) used greatest stack depth: 11960 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.51' (ECDSA) to the list of known hosts.
2019/09/23 11:32:09 fuzzer started
2019/09/23 11:32:11 dialing manager at 10.128.0.105:39541
2019/09/23 11:32:11 syscalls: 2425
2019/09/23 11:32:11 code coverage: CONFIG_KCOV is not enabled
2019/09/23 11:32:11 comparison tracing: CONFIG_KCOV is not enabled
2019/09/23 11:32:11 extra coverage: CONFIG_KCOV is not enabled
2019/09/23 11:32:11 setuid sandbox: enabled
2019/09/23 11:32:11 namespace sandbox: enabled
2019/09/23 11:32:11 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/23 11:32:11 fault injection: kernel does not have systematic fault injection support
2019/09/23 11:32:11 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/23 11:32:11 net packet injection: enabled
2019/09/23 11:32:11 net device setup: enabled
11:32:11 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = getpid()
prlimit64(r2, 0x0, 0x0, 0x0)

11:32:11 executing program 1:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='io.max\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="373a3209487fa0920f0f1ade967dabd01f96077c9ed370c98fde3154adf250f4cd9446ba1885857c92922c6d15054bfe877007948ea079b4409a477a3be3f09917bc116656d432bcbb3f8967cd8fdf6ebba9bd3f4362419c518d57128827604515bbf14eeff05eb6bc41b719044fd1eddb5193f6266c3520000000000000002ec477fd73732420d11acbaffabcb8cc6f62bc3074be9984685abea12b5893d303f05c322bd83320578ec608f3e84251ae5854a4c76aba87ad5470a2c4a293696b63e628918a5f2852ee62a8a9a00b7535bd1113d9993ce6ee59e87f2ae0977e85b9cda041697f2e21edd03a5bee87c7023d68f93a6e753c1c47dc1c8b7164adc492f851f610"], 0x4)

11:32:11 executing program 2:
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='fd\x00')
fcntl$notify(r1, 0x402, 0x2c)
fchown(r1, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
shutdown(r2, 0x0)

11:32:11 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000200)='./bus\x00', 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x1000)
r1 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x2)
sendfile(r0, r1, 0x0, 0x40d09)

11:32:11 executing program 4:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, &(0x7f0000000000))
connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @multicast2}, 0x3, 0x4, 0x1, 0x800}}, 0xfffffffffffffc73)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x410000)
ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000000)={0x5000, 0x4, 0x0, 0x7, 0x9})
socket$inet(0x2, 0x4000000000000001, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60b4, 0x5, 0x0, 0x0, 0x1000000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80, 0x0, 0x0, 0x0, 0x4, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-control\x00', 0x23c5a3b657292a0e, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYBLOB="207e52454f8570a4d0f70398c542633e136f68dd0a262dba9c03eb76120ecb1f6bb05eedeeddf5feab8202a4058a84d85e986079ed7280d75ff61015085e0bb65f07f834de67a82f3d00000000ed5e105243ba19b8a7b8d3a14aa0a8f613599146"], &(0x7f0000000300)=0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha384\x00'}, 0x58)
r3 = accept4(r1, 0x0, 0x0, 0x80000)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000280)={0x0, 0x0, 0x4}, 0x0, &(0x7f00000004c0), &(0x7f0000000500)=""/4)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
r5 = dup(r4)
open(&(0x7f00000000c0)='./bus\x00', 0x90800, 0x0)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x87ff7)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r5, 0x84, 0x65, &(0x7f0000000540)=[@in6={0xa, 0x0, 0x6, @remote, 0x100000000}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e23, 0x5, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xdf}, @in={0x2, 0x4e21, @broadcast}], 0x58)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r3)
clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00\x10', 0xffffffffffffffff, 0x4c00000000006800}, &(0x7f0000001fee)='R\x10rist\xe3cusgrVid:De', 0x0)

11:32:11 executing program 5:
r0 = gettid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000280)={0x2, r0})
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x0, 0x0)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000040)={0x0, 0x0})
recvmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)}, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x101080, 0x0)
ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000300))
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$VIDIOC_S_TUNER(0xffffffffffffffff, 0x4054561e, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="580000001400192340834b80020d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000a0c1000418e00000004fcff", 0x58}], 0x1)
gettid()
getpid()
pipe(&(0x7f0000000240))
r3 = socket(0x40000000002, 0x3, 0x2)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000007900)={{{@in=@initdev, @in6=@remote}}, {{@in=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000800)=0xe8)
getpid()
msgget(0x1, 0x4)

syzkaller login: [   46.306056] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready
[   46.312591] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready
[   46.319184] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready
[   46.326238] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready
[   46.332971] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready
[   46.333758] IPVS: Creating netns size=2712 id=1
[   46.333770] IPVS: ftp: loaded support on port[0] = 21
[   46.349962] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready
[   46.361304] IPVS: Creating netns size=2712 id=2
[   46.366058] IPVS: ftp: loaded support on port[0] = 21
[   46.379718] chnl_net:caif_netlink_parms(): no params data found
[   46.387001] ------------[ cut here ]------------
[   46.391765] WARNING: CPU: 1 PID: 5774 at net/batman-adv/main.c:750 batadv_tvlv_container_remove+0x7b/0x80()
[   46.401700] Kernel panic - not syncing: panic_on_warn set ...
[   46.401700] 
[   46.409105] CPU: 1 PID: 5774 Comm: syz-executor.3 Not tainted 4.4.194 #0
[   46.415916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   46.425286]  0000000000000082 ffff8800b0867870 ffffffff818a6f22 0000000000000000
[   46.433328]  ffffffff82e96378 ffffffff8300ac2f ffff8800b08678e8 ffffffff8126f9bc
[   46.441327]  ffff880000000008 ffff8800b08678f8 ffff8800b0867898 ffffffff81274e1f
[   46.449363] Call Trace:
[   46.451940]  [<ffffffff818a6f22>] dump_stack+0xa1/0xdf
[   46.457213]  [<ffffffff8126f9bc>] panic+0xd2/0x225
[   46.462114]  [<ffffffff81274e1f>] ? printk+0x48/0x4a
[   46.467187]  [<ffffffff8126fb35>] warn_slowpath_common.cold+0x16/0x16
[   46.473741]  [<ffffffff811715f5>] warn_slowpath_null+0x15/0x20
[   46.479683]  [<ffffffff825e852b>] batadv_tvlv_container_remove+0x7b/0x80
[   46.486491]  [<ffffffff825e9333>] batadv_tvlv_container_register+0xb3/0x120
[   46.493562]  [<ffffffff825e27b6>] batadv_dat_tvlv_container_update+0x26/0x40
[   46.500733]  [<ffffffff825e321a>] batadv_dat_init+0x6a/0x80
[   46.506416]  [<ffffffff825e89b9>] batadv_mesh_init+0x239/0x290
[   46.512359]  [<ffffffff825f3b11>] batadv_softif_init_late+0x271/0x2c0
[   46.518908]  [<ffffffff820e542a>] register_netdevice+0xfa/0x450
[   46.524935]  [<ffffffff820f4e85>] rtnl_newlink+0x8a5/0x910
[   46.530529]  [<ffffffff820f475d>] ? rtnl_newlink+0x17d/0x910
[   46.536298]  [<ffffffff820f3440>] rtnetlink_rcv_msg+0x170/0x1e0
[   46.542325]  [<ffffffff811c48fd>] ? trace_hardirqs_on+0xd/0x10
[   46.548269]  [<ffffffff8264f0fa>] ? mutex_lock_nested+0x30a/0x5a0
[   46.554470]  [<ffffffff820f32b7>] ? rtnetlink_rcv+0x17/0x30
[   46.560150]  [<ffffffff820f32d0>] ? rtnetlink_rcv+0x30/0x30
[   46.565833]  [<ffffffff82157821>] netlink_rcv_skb+0x31/0xc0
[   46.571600]  [<ffffffff820f32c6>] rtnetlink_rcv+0x26/0x30
[   46.577107]  [<ffffffff82157298>] netlink_unicast+0x168/0x210
[   46.582961]  [<ffffffff82157531>] netlink_sendmsg+0x1f1/0x390
[   46.588816]  [<ffffffff820c01f5>] sock_sendmsg+0x35/0x40
[   46.594234]  [<ffffffff820c067d>] SYSC_sendto+0xed/0x160
[   46.599654]  [<ffffffff820bd88c>] ? sock_alloc_file+0x8c/0x120
[   46.605605]  [<ffffffff813247d2>] ? fd_install+0x22/0x30
[   46.611032]  [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14
[   46.617501]  [<ffffffff820c1509>] SyS_sendto+0x9/0x10
[   46.622666]  [<ffffffff826548bc>] entry_SYSCALL_64_fastpath+0x1c/0x7c
[   46.630864] Kernel Offset: disabled
[   46.634501] Rebooting in 86400 seconds..