[ 79.728876][ T27] audit: type=1800 audit(1584538806.548:26): pid=9548 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 80.695236][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 80.695246][ T27] audit: type=1800 audit(1584538807.538:29): pid=9548 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 80.722022][ T27] audit: type=1800 audit(1584538807.538:30): pid=9548 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.235' (ECDSA) to the list of known hosts. 2020/03/18 13:40:17 parsed 1 programs 2020/03/18 13:40:19 executed programs: 0 syzkaller login: [ 92.806259][ T9720] IPVS: ftp: loaded support on port[0] = 21 [ 92.862981][ T9720] chnl_net:caif_netlink_parms(): no params data found [ 92.899726][ T9720] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.907228][ T9720] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.915227][ T9720] device bridge_slave_0 entered promiscuous mode [ 92.923973][ T9720] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.931027][ T9720] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.938859][ T9720] device bridge_slave_1 entered promiscuous mode [ 92.957018][ T9720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.967771][ T9720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.986772][ T9720] team0: Port device team_slave_0 added [ 92.994033][ T9720] team0: Port device team_slave_1 added [ 93.008487][ T9720] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.015614][ T9720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.041557][ T9720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.053971][ T9720] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.060902][ T9720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.087457][ T9720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.144743][ T9720] device hsr_slave_0 entered promiscuous mode [ 93.182787][ T9720] device hsr_slave_1 entered promiscuous mode [ 93.314745][ T9720] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.345761][ T9720] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.405485][ T9720] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.444137][ T9720] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.506709][ T9720] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.513887][ T9720] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.521379][ T9720] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.528480][ T9720] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.571872][ T9720] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.585630][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 93.596765][ T2689] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.605315][ T2689] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.614041][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 93.627370][ T9720] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.637858][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 93.646462][ T3184] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.653558][ T3184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.664084][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 93.672374][ T2689] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.679471][ T2689] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.705380][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 93.714727][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 93.723387][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 93.737897][ T9720] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 93.750399][ T9720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 93.758932][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 93.766978][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 93.785012][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 93.792369][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 93.806349][ T9720] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.825516][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 93.844917][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 93.854402][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 93.862054][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 93.873968][ T9720] device veth0_vlan entered promiscuous mode [ 93.885579][ T9720] device veth1_vlan entered promiscuous mode [ 93.912955][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 93.921246][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 93.932228][ T9720] device veth0_macvtap entered promiscuous mode [ 93.944496][ T9720] device veth1_macvtap entered promiscuous mode [ 93.960704][ T9720] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.968729][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 93.977219][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 93.985393][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 93.994295][ T2689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 94.006581][ T9720] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.013914][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 94.022868][ T3184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 94.510878][ T9755] ------------[ cut here ]------------ [ 94.517568][ T9755] ODEBUG: activate active (active state 1) object type: rcu_head hint: 0x0 [ 94.527631][ T9755] WARNING: CPU: 0 PID: 9755 at lib/debugobjects.c:485 debug_print_object+0x160/0x250 [ 94.537111][ T9755] Kernel panic - not syncing: panic_on_warn set ... [ 94.543676][ T9755] CPU: 0 PID: 9755 Comm: syz-executor.0 Not tainted 5.6.0-rc6-syzkaller #0 [ 94.552254][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.562282][ T9755] Call Trace: [ 94.565570][ T9755] dump_stack+0x188/0x20d [ 94.569910][ T9755] ? debug_print_object+0x120/0x250 [ 94.575084][ T9755] panic+0x2e3/0x75c [ 94.578957][ T9755] ? add_taint.cold+0x16/0x16 [ 94.583627][ T9755] ? __probe_kernel_read+0x188/0x1d0 [ 94.588919][ T9755] ? __warn.cold+0x14/0x35 [ 94.593321][ T9755] ? __warn+0xd5/0x1c8 [ 94.597389][ T9755] ? debug_print_object+0x160/0x250 [ 94.602582][ T9755] __warn.cold+0x2f/0x35 [ 94.606817][ T9755] ? debug_print_object+0x160/0x250 [ 94.612000][ T9755] report_bug+0x27b/0x2f0 [ 94.616323][ T9755] do_error_trap+0x12b/0x220 [ 94.620892][ T9755] ? debug_print_object+0x160/0x250 [ 94.626070][ T9755] do_invalid_op+0x32/0x40 [ 94.630470][ T9755] ? debug_print_object+0x160/0x250 [ 94.635663][ T9755] invalid_op+0x23/0x30 [ 94.639795][ T9755] RIP: 0010:debug_print_object+0x160/0x250 [ 94.645593][ T9755] Code: dd c0 f3 51 88 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd c0 f3 51 88 48 c7 c7 20 e9 51 88 e8 d8 cc b1 fd <0f> 0b 83 05 ab 9a d3 06 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89 [ 94.665171][ T9755] RSP: 0018:ffffc90002187168 EFLAGS: 00010286 [ 94.671211][ T9755] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 94.679172][ T9755] RDX: 0000000000000000 RSI: ffffffff815c06c1 RDI: fffff52000430e1f [ 94.687162][ T9755] RBP: 0000000000000001 R08: ffff88809d658600 R09: fffffbfff180e578 [ 94.695115][ T9755] R10: fffffbfff180e577 R11: ffffffff8c072bbf R12: ffffffff897acba0 [ 94.703061][ T9755] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000430e3a [ 94.711020][ T9755] ? vprintk_func+0x81/0x17e [ 94.715599][ T9755] ? debug_print_object+0x160/0x250 [ 94.720777][ T9755] ? lockdep_hardirqs_on+0x417/0x5d0 [ 94.726048][ T9755] debug_object_activate+0x346/0x470 [ 94.731314][ T9755] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 94.737114][ T9755] ? debug_object_init_on_stack+0x20/0x20 [ 94.742818][ T9755] ? find_held_lock+0x2d/0x110 [ 94.747564][ T9755] ? free_object+0x70/0x70 [ 94.751955][ T9755] ? lock_downgrade+0x7f0/0x7f0 [ 94.756781][ T9755] ? delayed_work_timer_fn+0x90/0x90 [ 94.762046][ T9755] call_rcu+0x2c/0x690 [ 94.766107][ T9755] queue_rcu_work+0x82/0xa0 [ 94.770604][ T9755] route4_change+0x19e8/0x2250 [ 94.775376][ T9755] ? route4_destroy+0x800/0x800 [ 94.780213][ T9755] ? wait_for_completion+0x3c0/0x3c0 [ 94.785482][ T9755] tc_new_tfilter+0xa59/0x20b0 [ 94.790225][ T9755] ? route4_destroy+0x800/0x800 [ 94.795124][ T9755] ? tc_del_tfilter+0x1430/0x1430 [ 94.800136][ T9755] ? __lock_acquire+0x80b/0x3ca0 [ 94.805060][ T9755] ? apparmor_capable+0x454/0x8a0 [ 94.810071][ T9755] ? rcu_read_lock_held+0x9c/0xb0 [ 94.815078][ T9755] ? tc_del_tfilter+0x1430/0x1430 [ 94.820180][ T9755] rtnetlink_rcv_msg+0x810/0xad0 [ 94.825097][ T9755] ? rtnl_bridge_getlink+0x880/0x880 [ 94.830360][ T9755] ? netdev_core_pick_tx+0x2e0/0x2e0 [ 94.835625][ T9755] ? __copy_skb_header+0x1e0/0x5b0 [ 94.840743][ T9755] ? skb_splice_bits+0x1a0/0x1a0 [ 94.845678][ T9755] ? __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 94.851471][ T9755] netlink_rcv_skb+0x15a/0x410 [ 94.856216][ T9755] ? rtnl_bridge_getlink+0x880/0x880 [ 94.861499][ T9755] ? netlink_ack+0xa80/0xa80 [ 94.866093][ T9755] netlink_unicast+0x537/0x740 [ 94.870856][ T9755] ? netlink_attachskb+0x810/0x810 [ 94.875942][ T9755] ? _copy_from_iter_full+0x25c/0x870 [ 94.881308][ T9755] ? __phys_addr_symbol+0x2c/0x70 [ 94.886328][ T9755] ? __check_object_size+0x171/0x437 [ 94.891593][ T9755] netlink_sendmsg+0x882/0xe10 [ 94.896355][ T9755] ? aa_af_perm+0x260/0x260 [ 94.900834][ T9755] ? netlink_unicast+0x740/0x740 [ 94.905753][ T9755] ? netlink_unicast+0x740/0x740 [ 94.910665][ T9755] sock_sendmsg+0xcf/0x120 [ 94.915059][ T9755] ____sys_sendmsg+0x6b9/0x7d0 [ 94.919849][ T9755] ? kernel_sendmsg+0x50/0x50 [ 94.924552][ T9755] ? mark_lock+0xbc/0x1220 [ 94.928960][ T9755] ___sys_sendmsg+0x100/0x170 [ 94.933621][ T9755] ? sendmsg_copy_msghdr+0x70/0x70 [ 94.938722][ T9755] ? __fget_files+0x329/0x4f0 [ 94.943383][ T9755] ? ksys_dup3+0x3c0/0x3c0 [ 94.947788][ T9755] ? __fget_light+0x208/0x270 [ 94.952448][ T9755] __sys_sendmsg+0xec/0x1b0 [ 94.956929][ T9755] ? __sys_sendmsg_sock+0xb0/0xb0 [ 94.961930][ T9755] ? __ia32_sys_futex_time32+0x32a/0x494 [ 94.967549][ T9755] ? trace_hardirqs_off_caller+0x55/0x230 [ 94.973247][ T9755] ? do_fast_syscall_32+0xcc/0xe8f [ 94.978353][ T9755] do_fast_syscall_32+0x270/0xe8f [ 94.983373][ T9755] entry_SYSENTER_compat+0x70/0x7f [ 94.989566][ T9755] Kernel Offset: disabled [ 94.993917][ T9755] Rebooting in 86400 seconds..