[ 52.725284][ T26] audit: type=1800 audit(1568476512.072:22): pid=9141 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[ 53.185994][ T9165] rsyslogd (9165) used greatest stack depth: 24608 bytes left [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 53.710231][ T9209] sshd (9209) used greatest stack depth: 24584 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.40' (ECDSA) to the list of known hosts. 2019/09/14 15:55:22 parsed 1 programs 2019/09/14 15:55:24 executed programs: 0 syzkaller login: [ 64.945833][ T9306] IPVS: ftp: loaded support on port[0] = 21 [ 64.983152][ T9306] chnl_net:caif_netlink_parms(): no params data found [ 65.002601][ T9306] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.009787][ T9306] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.017258][ T9306] device bridge_slave_0 entered promiscuous mode [ 65.024695][ T9306] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.031793][ T9306] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.039323][ T9306] device bridge_slave_1 entered promiscuous mode [ 65.051247][ T9306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.061377][ T9306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.075092][ T9306] team0: Port device team_slave_0 added [ 65.081613][ T9306] team0: Port device team_slave_1 added [ 65.137528][ T9306] device hsr_slave_0 entered promiscuous mode [ 65.176364][ T9306] device hsr_slave_1 entered promiscuous mode [ 65.250413][ T9306] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.257482][ T9306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.264721][ T9306] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.271808][ T9306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.293442][ T9306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.302565][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.311739][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.319281][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.326730][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 65.335854][ T9306] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.344775][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.353016][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.360050][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.375471][ T9306] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.385982][ T9306] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.397553][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.405767][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.412827][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.420437][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.429382][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.437590][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.445583][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.453959][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.461388][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.474001][ T9306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.518169][ T9318] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 65.528835][ T9318] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 65.550086][ T9323] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 65.559609][ T9323] ------------[ cut here ]------------ [ 65.565203][ T9323] WARNING: CPU: 1 PID: 9323 at net/xfrm/xfrm_policy.c:1541 xfrm_policy_insert_list+0x1034/0x14e0 [ 65.575672][ T9323] Kernel panic - not syncing: panic_on_warn set ... [ 65.582234][ T9323] CPU: 1 PID: 9323 Comm: syz-executor.0 Not tainted 5.3.0-rc8+ #0 [ 65.590009][ T9323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.600035][ T9323] Call Trace: [ 65.603336][ T9323] dump_stack+0x1d8/0x2f8 [ 65.607638][ T9323] panic+0x25c/0x799 [ 65.611506][ T9323] ? __warn+0x126/0x230 [ 65.615632][ T9323] __warn+0x22f/0x230 [ 65.619590][ T9323] ? xfrm_policy_insert_list+0x1034/0x14e0 [ 65.625366][ T9323] report_bug+0x190/0x290 [ 65.629666][ T9323] ? xfrm_policy_insert_list+0x1034/0x14e0 [ 65.635441][ T9323] do_error_trap+0xd7/0x440 [ 65.639919][ T9323] do_invalid_op+0x36/0x40 [ 65.644313][ T9323] ? xfrm_policy_insert_list+0x1034/0x14e0 [ 65.650098][ T9323] invalid_op+0x23/0x30 [ 65.654225][ T9323] RIP: 0010:xfrm_policy_insert_list+0x1034/0x14e0 [ 65.660608][ T9323] Code: c1 03 38 c1 0f 8c 1f f6 ff ff 48 89 df e8 54 a5 37 fb e9 12 f6 ff ff e8 1a aa fe fa 48 c7 c7 8a b3 34 88 31 c0 e8 7f f0 e7 fa <0f> 0b e9 85 fc ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 21 f6 ff [ 65.680206][ T9323] RSP: 0018:ffff888082dff5d8 EFLAGS: 00010246 [ 65.686250][ T9323] RAX: 0000000000000024 RBX: ffff888095ed8b20 RCX: 473ce651c3e4fb00 [ 65.694199][ T9323] RDX: 0000000000000000 RSI: 0000000080000201 RDI: 0000000000000000 [ 65.702153][ T9323] RBP: ffff888082dff6d0 R08: ffffffff815cfa74 R09: ffffed1015d640d2 [ 65.710099][ T9323] R10: ffffed1015d640d2 R11: 0000000000000000 R12: ffff888095ed89b4 [ 65.718042][ T9323] R13: ffff888095ed8b19 R14: ffff8880954144c0 R15: 0000000000000000 [ 65.725993][ T9323] ? vprintk_emit+0x2d4/0x3a0 [ 65.730643][ T9323] ? xfrm_policy_insert_list+0x1034/0x14e0 [ 65.736442][ T9323] xfrm_policy_inexact_insert+0x110/0x1540 [ 65.742231][ T9323] ? trace_lock_acquire+0x159/0x1d0 [ 65.747405][ T9323] ? __kasan_check_write+0x14/0x20 [ 65.752487][ T9323] ? policy_hash_bysel+0x100/0xd50 [ 65.757571][ T9323] xfrm_policy_insert+0xdf/0xce0 [ 65.762479][ T9323] ? xfrm_policy_construct+0x870/0x1210 [ 65.768011][ T9323] xfrm_add_policy+0x420/0x8a0 [ 65.772748][ T9323] ? __nla_parse+0x41/0x50 [ 65.777145][ T9323] xfrm_user_rcv_msg+0x3e6/0x650 [ 65.782062][ T9323] netlink_rcv_skb+0x19e/0x3d0 [ 65.786804][ T9323] ? xfrm_netlink_rcv+0x90/0x90 [ 65.791664][ T9323] xfrm_netlink_rcv+0x74/0x90 [ 65.796325][ T9323] netlink_unicast+0x787/0x900 [ 65.801079][ T9323] netlink_sendmsg+0x993/0xc50 [ 65.805825][ T9323] ? netlink_getsockopt+0x9f0/0x9f0 [ 65.811032][ T9323] ___sys_sendmsg+0x60d/0x910 [ 65.815686][ T9323] ? rcu_lock_release+0xd/0x30 [ 65.820435][ T9323] ? rcu_lock_release+0x26/0x30 [ 65.825257][ T9323] ? __fget+0x4e6/0x510 [ 65.829388][ T9323] ? __fdget+0x17c/0x200 [ 65.833604][ T9323] __x64_sys_sendmsg+0x17c/0x200 [ 65.838519][ T9323] do_syscall_64+0xfe/0x140 [ 65.842997][ T9323] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.848859][ T9323] RIP: 0033:0x4598e9 [ 65.852722][ T9323] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.872294][ T9323] RSP: 002b:00007f9baa8a6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 65.880675][ T9323] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 65.888619][ T9323] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 65.896576][ T9323] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 65.904528][ T9323] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9baa8a76d4 [ 65.912470][ T9323] R13: 00000000004c7812 R14: 00000000004dd0b0 R15: 00000000ffffffff [ 65.921575][ T9323] Kernel Offset: disabled [ 65.925888][ T9323] Rebooting in 86400 seconds..