[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   62.892757][   T26] kauditd_printk_skb: 7 callbacks suppressed
[   62.892766][   T26] audit: type=1800 audit(1567994441.113:29): pid=9598 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   62.918996][   T26] audit: type=1800 audit(1567994441.123:30): pid=9598 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.57' (ECDSA) to the list of known hosts.
syzkaller login: [  260.155916][ T9750] IPVS: ftp: loaded support on port[0] = 21
[  260.197967][ T9750] chnl_net:caif_netlink_parms(): no params data found
[  260.219542][ T9750] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.226951][ T9750] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.234488][ T9750] device bridge_slave_0 entered promiscuous mode
[  260.241655][ T9750] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.248806][ T9750] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.256313][ T9750] device bridge_slave_1 entered promiscuous mode
[  260.269829][ T9750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  260.280197][ T9750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.295939][ T9750] team0: Port device team_slave_0 added
[  260.302383][ T9750] team0: Port device team_slave_1 added
[  260.356209][ T9750] device hsr_slave_0 entered promiscuous mode
[  260.424667][ T9750] device hsr_slave_1 entered promiscuous mode
[  260.509424][ T9750] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.516557][ T9750] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.523822][ T9750] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.530878][ T9750] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.555217][ T9750] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.565550][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  260.573441][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.581559][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.589218][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  260.598942][ T9750] 8021q: adding VLAN 0 to HW filter on device team0
[  260.607858][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  260.616136][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.623181][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.632359][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  260.640743][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.647812][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.666065][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  260.674727][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  260.682893][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  260.691298][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  260.699457][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  260.708419][ T9750] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[  260.722675][ T9750] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.754402][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  365.761147][    C1] rcu: 	1-...!: (1 GPs behind) idle=f8a/1/0x4000000000000002 softirq=10117/10118 fqs=207 
[  365.771004][    C1] 	(t=10501 jiffies g=9001 q=166)
[  365.776005][    C1] rcu: rcu_preempt kthread starved for 10088 jiffies! g9001 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  365.787256][    C1] rcu: RCU grace-period kthread stack dump:
[  365.793122][    C1] rcu_preempt     I29520    10      2 0x80004000
[  365.799429][    C1] Call Trace:
[  365.802778][    C1]  __schedule+0x755/0x1580
[  365.807177][    C1]  ? __sched_text_start+0x8/0x8
[  365.812005][    C1]  schedule+0xd9/0x260
[  365.816051][    C1]  schedule_timeout+0x486/0xc50
[  365.820876][    C1]  ? rwlock_bug.part.0+0x90/0x90
[  365.825787][    C1]  ? usleep_range+0x170/0x170
[  365.830439][    C1]  ? trace_hardirqs_on+0x67/0x240
[  365.835439][    C1]  ? __kasan_check_read+0x11/0x20
[  365.840439][    C1]  ? __next_timer_interrupt+0x1a0/0x1a0
[  365.845958][    C1]  ? swake_up_one+0x60/0x60
[  365.850442][    C1]  rcu_gp_kthread+0x9b2/0x18c0
[  365.855188][    C1]  ? rcu_barrier+0x310/0x310
[  365.859763][    C1]  ? trace_hardirqs_on+0x67/0x240
[  365.864763][    C1]  ? __kasan_check_read+0x11/0x20
[  365.869765][    C1]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  365.875989][    C1]  ? __kthread_parkme+0x108/0x1c0
[  365.880986][    C1]  ? __kasan_check_read+0x11/0x20
[  365.885987][    C1]  kthread+0x361/0x430
[  365.890029][    C1]  ? rcu_barrier+0x310/0x310
[  365.894600][    C1]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  365.900815][    C1]  ret_from_fork+0x24/0x30
[  365.905229][    C1] NMI backtrace for cpu 1
[  365.909537][    C1] CPU: 1 PID: 9750 Comm: syz-executor540 Not tainted 5.3.0-rc7+ #0
[  365.917396][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  365.927424][    C1] Call Trace:
[  365.930682][    C1]  <IRQ>
[  365.933511][    C1]  dump_stack+0x172/0x1f0
[  365.937828][    C1]  nmi_cpu_backtrace.cold+0x70/0xb2
[  365.943010][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  365.949226][    C1]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  365.954832][    C1]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  365.960787][    C1]  arch_trigger_cpumask_backtrace+0x14/0x20
[  365.966658][    C1]  rcu_dump_cpu_stacks+0x183/0x1cf
[  365.971747][    C1]  rcu_sched_clock_irq.cold+0x4dd/0xc13
[  365.977268][    C1]  ? raise_softirq+0x138/0x340
[  365.982009][    C1]  update_process_times+0x32/0x80
[  365.987007][    C1]  tick_sched_handle+0xa2/0x190
[  365.991833][    C1]  tick_sched_timer+0x53/0x140
[  365.996575][    C1]  __hrtimer_run_queues+0x364/0xe40
[  366.001747][    C1]  ? tick_sched_do_timer+0x1b0/0x1b0
[  366.007029][    C1]  ? hrtimer_start_range_ns+0xcb0/0xcb0
[  366.012555][    C1]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  366.018253][    C1]  ? ktime_get_update_offsets_now+0x2d3/0x440
[  366.024298][    C1]  hrtimer_interrupt+0x314/0x770
[  366.029280][    C1]  smp_apic_timer_interrupt+0x160/0x610
[  366.034807][    C1]  apic_timer_interrupt+0xf/0x20
[  366.039719][    C1]  </IRQ>
[  366.042646][    C1] RIP: 0010:__list_del_entry_valid+0x2c/0xf5
[  366.048700][    C1] Code: 00 00 00 00 00 fc ff df 55 48 89 e5 41 56 49 89 fe 48 83 c7 08 48 89 fa 41 55 48 c1 ea 03 41 54 80 3c 02 00 0f 85 a1 00 00 00 <4c> 89 f2 4d 8b 66 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80
[  366.068293][    C1] RSP: 0018:ffff88809426f320 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  366.076684][    C1] RAX: dffffc0000000000 RBX: ffff88809ede5538 RCX: ffffffff85c65e49
[  366.084643][    C1] RDX: 1ffff11013dbcaa8 RSI: ffffffff85c66316 RDI: ffff88809ede5540
[  366.092595][    C1] RBP: ffff88809426f338 R08: ffff88809acfc640 R09: 0000000000000000
[  366.100547][    C1] R10: fffffbfff134af9f R11: ffff88809acfc640 R12: dffffc0000000000
[  366.108499][    C1] R13: ffff88809ede5240 R14: ffff88809ede5538 R15: 0000000000000000
[  366.116533][    C1]  ? hhf_dequeue+0xb9/0xa20
[  366.121013][    C1]  ? hhf_dequeue+0x586/0xa20
[  366.125585][    C1]  hhf_dequeue+0x5c5/0xa20
[  366.130029][    C1]  __qdisc_run+0x1e5/0x1a00
[  366.134524][    C1]  ? dev_queue_xmit+0x18/0x20
[  366.139203][    C1]  __dev_queue_xmit+0x16f1/0x3650
[  366.144231][    C1]  ? netlink_sendmsg+0x8a5/0xd60
[  366.149164][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  366.155392][    C1]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  366.160727][    C1]  ? __copy_skb_header+0x2e8/0x550
[  366.165826][    C1]  ? __skb_checksum_complete+0x3f0/0x3f0
[  366.171443][    C1]  ? kasan_slab_alloc+0xf/0x20
[  366.176205][    C1]  ? __kasan_check_write+0x14/0x20
[  366.181297][    C1]  ? __skb_clone+0x5c8/0x820
[  366.185868][    C1]  dev_queue_xmit+0x18/0x20
[  366.190353][    C1]  ? dev_queue_xmit+0x18/0x20
[  366.195014][    C1]  netlink_deliver_tap+0x8e2/0xbf0
[  366.200109][    C1]  __netlink_sendskb+0x62/0xc0
[  366.204856][    C1]  netlink_unicast+0x60a/0x710
[  366.209602][    C1]  ? netlink_attachskb+0x7c0/0x7c0
[  366.214693][    C1]  netlink_ack+0x63f/0xb30
[  366.219088][    C1]  ? netlink_sendmsg+0xd60/0xd60
[  366.224002][    C1]  ? __copy_skb_header+0x250/0x550
[  366.229092][    C1]  netlink_rcv_skb+0x376/0x450
[  366.233904][    C1]  ? rtnetlink_put_metrics+0x580/0x580
[  366.239345][    C1]  ? netlink_ack+0xb30/0xb30
[  366.243916][    C1]  ? netlink_deliver_tap+0x254/0xbf0
[  366.249179][    C1]  rtnetlink_rcv+0x1d/0x30
[  366.253571][    C1]  netlink_unicast+0x531/0x710
[  366.258312][    C1]  ? netlink_attachskb+0x7c0/0x7c0
[  366.263408][    C1]  ? _copy_from_iter_full+0x25d/0x8a0
[  366.268759][    C1]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  366.274457][    C1]  ? __check_object_size+0x3d/0x437
[  366.279637][    C1]  netlink_sendmsg+0x8a5/0xd60
[  366.284380][    C1]  ? netlink_unicast+0x710/0x710
[  366.289296][    C1]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  366.294828][    C1]  ? apparmor_socket_sendmsg+0x2a/0x30
[  366.300262][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  366.306477][    C1]  ? security_socket_sendmsg+0x8d/0xc0
[  366.311916][    C1]  ? netlink_unicast+0x710/0x710
[  366.316840][    C1]  sock_sendmsg+0xd7/0x130
[  366.321232][    C1]  ___sys_sendmsg+0x803/0x920
[  366.325886][    C1]  ? copy_msghdr_from_user+0x440/0x440
[  366.331320][    C1]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  366.337538][    C1]  ? tomoyo_path_number_perm+0x263/0x520
[  366.343149][    C1]  ? sock_ioctl+0x489/0x780
[  366.347632][    C1]  ? dlci_ioctl_set+0x40/0x40
[  366.352292][    C1]  ? dlci_ioctl_set+0x40/0x40
[  366.356949][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  366.363165][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  366.369382][    C1]  ? __fget_light+0x1a9/0x230
[  366.374034][    C1]  ? __fdget+0x1b/0x20
[  366.378079][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  366.384309][    C1]  __sys_sendmsg+0x105/0x1d0
[  366.388985][    C1]  ? __sys_sendmsg_sock+0xd0/0xd0
[  366.394100][    C1]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  366.400148][    C1]  __x64_sys_sendmsg+0x78/0xb0
[  366.404893][    C1]  do_syscall_64+0xfd/0x6a0
[  366.409375][    C1]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  366.415246][    C1] RIP: 0033:0x441b19
[  366.419124][    C1] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  366.438706][    C1] RSP: 002b:00007ffdf6c432f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.447092][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441b19
[  366.455041][    C1] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  366.462991][    C1] RBP: 00007ffdf6c43310 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[  366.470940][    C1] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000000
[  366.478889][    C1] R13: 00000000004030b0 R14: 0000000000000000 R15: 0000000000000000