[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   40.688165] audit: type=1800 audit(1546626339.866:25): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   40.725791] audit: type=1800 audit(1546626339.866:26): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   40.764413] audit: type=1800 audit(1546626339.876:27): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.4' (ECDSA) to the list of known hosts.
2019/01/04 18:25:48 parsed 1 programs
2019/01/04 18:25:51 executed programs: 0
syzkaller login: [   52.069487] IPVS: ftp: loaded support on port[0] = 21
[   52.132753] chnl_net:caif_netlink_parms(): no params data found
[   52.167806] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.174598] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.181586] device bridge_slave_0 entered promiscuous mode
[   52.189347] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.195860] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.202741] device bridge_slave_1 entered promiscuous mode
[   52.219491] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   52.228528] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   52.244991] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   52.252504] team0: Port device team_slave_0 added
[   52.257987] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   52.265204] team0: Port device team_slave_1 added
[   52.270394] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   52.277808] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   52.345728] device hsr_slave_0 entered promiscuous mode
[   52.414893] device hsr_slave_1 entered promiscuous mode
[   52.474459] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   52.481353] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   52.496833] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.503234] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.510308] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.516691] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.549657] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   52.557165] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.565931] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   52.575066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.584970] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.592851] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.600127] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   52.611005] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   52.617725] 8021q: adding VLAN 0 to HW filter on device team0
[   52.626600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.634773] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.641123] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.656478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.664399] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.670730] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.678357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   52.687068] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   52.700772] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   52.710649] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   52.721770] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   52.731224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   52.739048] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.746942] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.754672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   52.768396] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   52.778299] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.031200] kasan: CONFIG_KASAN_INLINE enabled
[   53.036191] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   53.043573] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   53.049821] CPU: 0 PID: 8150 Comm: syz-executor0 Not tainted 4.20.0+ #9
[   53.056579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   53.065950] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2ba0
[   53.071484] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 26 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d2
[   53.090543] RSP: 0018:ffff888098cff0f0 EFLAGS: 00010203
[   53.095917] RAX: dffffc0000000000 RBX: ffff8880986e9280 RCX: 0000000000000000
[   53.103195] RDX: 0000000000000001 RSI: ffffffff87b6b452 RDI: 000000000000000e
[   53.110462] RBP: ffff888098cff3b8 R08: ffff888090540080 R09: ffff88808c451298
[   53.117751] R10: ffffed101188a248 R11: ffff88808c451247 R12: ffff88808c674b20
[   53.125013] R13: ffff88808c451248 R14: ffff8880986e96e0 R15: 0000000000000000
[   53.132292] FS:  0000000000000000(0000) GS:ffff8880ae600000(0063) knlGS:00000000f7f11b40
[   53.140530] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   53.146430] CR2: 0000000020000040 CR3: 00000000a9221000 CR4: 00000000001406f0
[   53.153713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.160974] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.168231] Call Trace:
[   53.170817]  ? __kmalloc_node_track_caller+0x4e/0x70
[   53.175914]  ? __alloc_skb+0x185/0x730
[   53.179801]  ? smc_diag_handler_dump+0x350/0x350
[   53.184565]  ? sock_sendmsg+0xdd/0x130
[   53.188449]  ? ___sys_sendmsg+0x7ec/0x910
[   53.192591]  ? __sys_sendmsg+0x112/0x270
[   53.196649]  ? __x32_compat_sys_getsockopt+0xf0/0x150
[   53.201832]  ? do_fast_syscall_32+0x333/0xf98
[   53.206324]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   53.211855]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   53.217390]  ? check_preemption_disabled+0x48/0x290
[   53.222577]  ? __lock_is_held+0xb6/0x140
[   53.226637]  ? __kmalloc_node_track_caller+0x3d/0x70
[   53.231740]  ? lock_acquire+0x1db/0x570
[   53.235709]  ? smc_diag_dump_proto.isra.0+0xfb/0x3c0
[   53.240807]  ? lock_release+0xc40/0xc40
[   53.244777]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   53.250310]  ? kasan_check_write+0x14/0x20
[   53.254546]  smc_diag_dump_proto.isra.0+0x2e7/0x3c0
[   53.259560]  ? __smc_diag_dump.isra.0+0x2ba0/0x2ba0
[   53.264600]  ? find_held_lock+0x35/0x120
[   53.268658]  smc_diag_dump+0x27/0x80
[   53.272376]  netlink_dump+0x5f2/0x1070
[   53.276265]  ? netlink_broadcast+0x50/0x50
[   53.280507]  __netlink_dump_start+0x5b4/0x7e0
[   53.285003]  smc_diag_handler_dump+0x2a7/0x350
[   53.289678]  ? smc_gid_be16_convert+0x2c0/0x2c0
[   53.294341]  ? lock_downgrade+0x910/0x910
[   53.298484]  ? smc_diag_dump_proto.isra.0+0x3c0/0x3c0
[   53.303672]  ? rcu_read_unlock_special+0x380/0x380
[   53.308603]  sock_diag_rcv_msg+0x322/0x410
[   53.312835]  netlink_rcv_skb+0x17d/0x410
[   53.316905]  ? sock_diag_bind+0x80/0x80
[   53.320878]  ? netlink_ack+0xba0/0xba0
[   53.324769]  sock_diag_rcv+0x2b/0x40
[   53.328487]  netlink_unicast+0x574/0x770
[   53.332547]  ? netlink_attachskb+0x980/0x980
[   53.336951]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   53.342482]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   53.347499]  netlink_sendmsg+0xa05/0xf90
[   53.351561]  ? netlink_unicast+0x770/0x770
[   53.355790]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   53.360632]  ? apparmor_socket_sendmsg+0x2a/0x30
[   53.365383]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   53.370917]  ? security_socket_sendmsg+0x93/0xc0
[   53.375670]  ? netlink_unicast+0x770/0x770
[   53.379899]  sock_sendmsg+0xdd/0x130
[   53.383616]  ___sys_sendmsg+0x7ec/0x910
[   53.387590]  ? copy_msghdr_from_user+0x570/0x570
[   53.392337]  ? iterate_fd+0x4b0/0x4b0
[   53.396137]  ? __might_fault+0x12b/0x1e0
[   53.400194]  ? find_held_lock+0x35/0x120
[   53.404247]  ? __might_fault+0x12b/0x1e0
[   53.408309]  ? __fget_light+0x2db/0x420
[   53.412286]  ? fget_raw+0x20/0x20
[   53.415736]  ? lock_release+0xc40/0xc40
[   53.419707]  ? trace_hardirqs_off_caller+0x300/0x300
[   53.424805]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   53.430341]  ? __fdget+0x1b/0x20
[   53.433698]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   53.439234]  ? sockfd_lookup_light+0xc2/0x160
[   53.443725]  __sys_sendmsg+0x112/0x270
[   53.447611]  ? __ia32_sys_shutdown+0x80/0x80
[   53.452028]  ? entry_SYSENTER_compat+0x70/0x7f
[   53.456610]  ? trace_hardirqs_off_caller+0x300/0x300
[   53.461720]  __ia32_compat_sys_sendmsg+0x7a/0xb0
[   53.466471]  do_fast_syscall_32+0x333/0xf98
[   53.470788]  ? do_int80_syscall_32+0x880/0x880
[   53.475371]  ? trace_hardirqs_off+0x310/0x310
[   53.479860]  ? syscall_return_slowpath+0x3b0/0x5f0
[   53.484838]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   53.489863]  ? __switch_to_asm+0x34/0x70
[   53.493926]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   53.498767]  entry_SYSENTER_compat+0x70/0x7f
[   53.503169] RIP: 0023:0xf7f15869
[   53.506533] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   53.525424] RSP: 002b:00000000f7f110cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   53.533123] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000040
[   53.540388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   53.547651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   53.554918] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   53.562178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   53.569445] Modules linked in:
[   53.572701] ---[ end trace 950ca091ac00e2fd ]---
[   53.577486] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2ba0
[   53.583032] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 26 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 d2
[   53.601950] RSP: 0018:ffff888098cff0f0 EFLAGS: 00010203
[   53.607329] RAX: dffffc0000000000 RBX: ffff8880986e9280 RCX: 0000000000000000
[   53.614618] RDX: 0000000000000001 RSI: ffffffff87b6b452 RDI: 000000000000000e
[   53.621885] RBP: ffff888098cff3b8 R08: ffff888090540080 R09: ffff88808c451298
[   53.629169] R10: ffffed101188a248 R11: ffff88808c451247 R12: ffff88808c674b20
[   53.636456] R13: ffff88808c451248 R14: ffff8880986e96e0 R15: 0000000000000000
[   53.643758] FS:  0000000000000000(0000) GS:ffff8880ae600000(0063) knlGS:00000000f7f11b40
[   53.651992] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   53.657899] CR2: 0000000020000040 CR3: 00000000a9221000 CR4: 00000000001406f0
[   53.665188] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   53.672449] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.679731] Kernel panic - not syncing: Fatal exception
[   53.685923] Kernel Offset: disabled
[   53.689544] Rebooting in 86400 seconds..