[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 55.254945][ T26] audit: type=1800 audit(1574307303.462:25): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 55.299711][ T26] audit: type=1800 audit(1574307303.462:26): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 55.340364][ T26] audit: type=1800 audit(1574307303.472:27): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.215' (ECDSA) to the list of known hosts. syzkaller login: [ 66.958860][ T8849] IPVS: ftp: loaded support on port[0] = 21 [ 67.024086][ T8849] chnl_net:caif_netlink_parms(): no params data found [ 67.050530][ T8849] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.058439][ T8849] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.066526][ T8849] device bridge_slave_0 entered promiscuous mode [ 67.074778][ T8849] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.081998][ T8849] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.089636][ T8849] device bridge_slave_1 entered promiscuous mode [ 67.107086][ T8849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.117894][ T8849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.137349][ T8849] team0: Port device team_slave_0 added [ 67.144581][ T8849] team0: Port device team_slave_1 added [ 67.223666][ T8849] device hsr_slave_0 entered promiscuous mode [ 67.291972][ T8849] device hsr_slave_1 entered promiscuous mode [ 67.384010][ T8849] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.391276][ T8849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.399226][ T8849] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.406361][ T8849] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.573523][ T8849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.598259][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.644127][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.663564][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.702991][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 67.739313][ T8849] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.792225][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.800742][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.807870][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.863349][ T8877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.873027][ T8877] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.880110][ T8877] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.934447][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.944808][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.964063][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.988211][ T8849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.032437][ T8849] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 68.050190][ T8877] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 68.063183][ T8877] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 68.092133][ T8851] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 68.099587][ T8851] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 68.143876][ T8849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.448726][ C0] vcan0: j1939_tp_rxtimer: 0x00000000344c6d3f: rx timeout, send abort [ 69.457626][ C0] vcan0: j1939_xtp_rx_abort_one: 0x00000000344c6d3f: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 69.472475][ C0] ------------[ cut here ]------------ [ 69.478030][ C0] WARNING: CPU: 0 PID: 9 at net/can/j1939/socket.c:180 j1939_sk_queue_activate_next+0x359/0x460 [ 69.488425][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 69.494992][ C0] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.4.0-rc8-syzkaller #0 [ 69.503030][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.513062][ C0] Call Trace: [ 69.516352][ C0] dump_stack+0x197/0x210 [ 69.520665][ C0] ? j1939_sk_queue_activate_next+0x280/0x460 [ 69.526709][ C0] panic+0x2e3/0x75c [ 69.530579][ C0] ? add_taint.cold+0x16/0x16 [ 69.535237][ C0] ? printk+0xba/0xed [ 69.539197][ C0] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 69.544642][ C0] ? __warn.cold+0x14/0x35 [ 69.549036][ C0] ? __warn+0xd9/0x1d0 [ 69.553101][ C0] ? j1939_sk_queue_activate_next+0x359/0x460 [ 69.559145][ C0] __warn.cold+0x2f/0x35 [ 69.563367][ C0] ? report_bug.cold+0x63/0xad [ 69.568111][ C0] ? j1939_sk_queue_activate_next+0x359/0x460 [ 69.574158][ C0] report_bug+0x289/0x300 [ 69.578467][ C0] do_error_trap+0x11b/0x200 [ 69.583038][ C0] do_invalid_op+0x37/0x50 [ 69.587432][ C0] ? j1939_sk_queue_activate_next+0x359/0x460 [ 69.593488][ C0] invalid_op+0x23/0x30 [ 69.597637][ C0] RIP: 0010:j1939_sk_queue_activate_next+0x359/0x460 [ 69.604288][ C0] Code: e8 1c 83 c0 0a 89 45 cc eb 9f 48 c7 c7 b4 aa c6 89 e8 3b 15 2f fb e9 6a fd ff ff e8 31 15 2f fb e9 19 fe ff ff e8 d7 a9 f3 fa <0f> 0b 48 8b 45 c0 48 8d b8 b0 00 00 00 48 89 f8 48 c1 e8 03 42 0f [ 69.623958][ C0] RSP: 0018:ffff8880a98af918 EFLAGS: 00010206 [ 69.630001][ C0] RAX: ffff8880a98a2240 RBX: ffff88809c00c000 RCX: ffffffff867fac38 [ 69.637951][ C0] RDX: 0000000000000100 RSI: ffffffff867facd9 RDI: 0000000000000005 [ 69.645901][ C0] RBP: ffff8880a98af970 R08: ffff8880a98a2240 R09: fffffbfff14f014c [ 69.653850][ C0] R10: fffffbfff14f014b R11: ffffffff8a780a5f R12: ffff88809c00c510 [ 69.661798][ C0] R13: ffff8880a9000800 R14: ffff88809c00c548 R15: dffffc0000000000 [ 69.669774][ C0] ? j1939_sk_queue_activate_next+0x2b8/0x460 [ 69.675820][ C0] ? j1939_sk_queue_activate_next+0x359/0x460 [ 69.681881][ C0] ? j1939_sk_queue_activate_next+0x359/0x460 [ 69.687927][ C0] ? __local_bh_enable_ip+0x15a/0x270 [ 69.693290][ C0] j1939_session_deactivate_activate_next+0x3d/0x50 [ 69.699872][ C0] j1939_xtp_rx_abort_one.cold+0x21a/0x35e [ 69.705657][ C0] ? j1939_ecu_get_by_addr_locked+0x63/0xf0 [ 69.711574][ C0] j1939_tp_recv+0x783/0x9b0 [ 69.716160][ C0] j1939_can_recv+0x502/0x610 [ 69.720822][ C0] can_rcv_filter+0x292/0x8e0 [ 69.725498][ C0] can_receive+0x2e7/0x530 [ 69.729903][ C0] can_rcv+0x133/0x1b0 [ 69.733955][ C0] ? can_receive+0x530/0x530 [ 69.738643][ C0] __netif_receive_skb_one_core+0x113/0x1a0 [ 69.744517][ C0] ? __netif_receive_skb_core+0x3450/0x3450 [ 69.750824][ C0] ? lock_acquire+0x190/0x410 [ 69.755485][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.761756][ C0] __netif_receive_skb+0x2c/0x1d0 [ 69.766763][ C0] process_backlog+0x206/0x750 [ 69.771510][ C0] ? net_rx_action+0x27b/0x1120 [ 69.776358][ C0] ? lockdep_hardirqs_on+0x19e/0x5e0 [ 69.781631][ C0] net_rx_action+0x508/0x1120 [ 69.786375][ C0] ? napi_busy_loop+0x970/0x970 [ 69.791237][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 69.796850][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 69.802838][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.809066][ C0] __do_softirq+0x262/0x98c [ 69.813566][ C0] ? takeover_tasklets+0x820/0x820 [ 69.818785][ C0] run_ksoftirqd+0x8e/0x110 [ 69.823271][ C0] smpboot_thread_fn+0x6a3/0xa40 [ 69.828193][ C0] ? smpboot_register_percpu_thread+0x390/0x390 [ 69.834417][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 69.840659][ C0] ? __kthread_parkme+0x108/0x1c0 [ 69.845717][ C0] ? __kasan_check_read+0x11/0x20 [ 69.850785][ C0] kthread+0x361/0x430 [ 69.854857][ C0] ? smpboot_register_percpu_thread+0x390/0x390 [ 69.861122][ C0] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 69.866833][ C0] ret_from_fork+0x24/0x30 [ 69.872929][ C0] Kernel Offset: disabled [ 69.877326][ C0] Rebooting in 86400 seconds..