[ 92.679532][ T28] audit: type=1800 audit(1579335383.379:27): pid=9849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 92.719909][ T28] audit: type=1800 audit(1579335383.379:28): pid=9849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 93.560314][ T28] audit: type=1800 audit(1579335384.309:29): pid=9849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 93.581393][ T28] audit: type=1800 audit(1579335384.309:30): pid=9849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.93' (ECDSA) to the list of known hosts. syzkaller login: [ 102.289711][T10009] IPVS: ftp: loaded support on port[0] = 21 [ 102.305277][T10012] IPVS: ftp: loaded support on port[0] = 21 [ 102.315509][T10013] IPVS: ftp: loaded support on port[0] = 21 [ 102.323874][T10010] IPVS: ftp: loaded support on port[0] = 21 [ 102.324115][T10005] IPVS: ftp: loaded support on port[0] = 21 [ 102.337679][T10011] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program [ 102.427743][T10015] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.459505][T10018] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. executing program [ 102.503322][T10022] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.507640][T10026] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.523454][T10027] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. executing program executing program executing program [ 102.552878][T10028] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.561658][T10033] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. executing program executing program executing program [ 102.622568][T10040] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.632178][T10043] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. [ 102.632248][T10047] netlink: 20 bytes leftover after parsing attributes in process `syz-executor790'. executing program [ 102.682685][T10047] list_del corruption, ffff8880a302a400->prev is LIST_POISON2 (dead000000000122) [ 102.692702][T10047] ------------[ cut here ]------------ [ 102.698218][T10047] kernel BUG at lib/list_debug.c:48! [ 102.709016][T10047] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 102.715132][T10047] CPU: 0 PID: 10047 Comm: syz-executor790 Not tainted 5.5.0-rc5-syzkaller #0 [ 102.724028][T10047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.729044][T10058] list_del corruption, ffff8880947e7400->prev is LIST_POISON2 (dead000000000122) [ 102.734117][T10047] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 102.734131][T10047] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 ba be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c ba be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b ba be fd 0f 0b cc cc cc [ 102.734137][T10047] RSP: 0018:ffffc900021c7478 EFLAGS: 00010282 [ 102.734146][T10047] RAX: 000000000000004e RBX: ffff8880a302a400 RCX: 0000000000000000 [ 102.734153][T10047] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff52000438e81 [ 102.734168][T10047] RBP: ffffc900021c7490 R08: 000000000000004e R09: ffffed1015d06621 [ 102.753775][T10058] ------------[ cut here ]------------ [ 102.769313][T10047] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122 [ 102.775621][T10058] kernel BUG at lib/list_debug.c:48! [ 102.783706][T10047] R13: ffff8880921d92f0 R14: ffff8880a302a400 R15: ffff8880936a7c80 [ 102.827562][T10047] FS: 00007fd3a288c700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 102.836507][T10047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.843090][T10047] CR2: 00007ffde1b0aeb0 CR3: 000000009f715000 CR4: 00000000001406f0 [ 102.851070][T10047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 102.859046][T10047] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 102.867150][T10047] Call Trace: [ 102.870434][T10047] __nf_tables_abort+0x1e53/0x2a50 [ 102.875808][T10047] ? nfnl_err_del+0x115/0x170 [ 102.880510][T10047] nf_tables_abort+0x17/0x30 [ 102.885146][T10047] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 102.890415][T10047] ? nf_tables_delobj+0x8f0/0x8f0 [ 102.895446][T10047] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 102.901273][T10047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 102.907514][T10047] ? apparmor_capable+0x497/0x900 [ 102.912543][T10047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 102.918922][T10047] ? __nla_validate_parse+0x2d0/0x1ee0 [ 102.924399][T10047] ? cap_capable+0x205/0x270 [ 102.928995][T10047] ? nla_memcpy+0xb0/0xb0 [ 102.934094][T10047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 102.940335][T10047] ? ns_capable_common+0x93/0x100 [ 102.945355][T10047] ? __nla_parse+0x43/0x60 [ 102.949794][T10047] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 102.955505][T10047] nfnetlink_rcv+0x3e7/0x460 [ 102.960094][T10047] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 102.965687][T10047] ? netlink_deliver_tap+0x24a/0xbe0 [ 102.970981][T10047] ? __kasan_check_write+0x14/0x20 [ 102.976096][T10047] netlink_unicast+0x58c/0x7d0 [ 102.980848][T10047] ? netlink_attachskb+0x870/0x870 [ 102.985966][T10047] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 102.991691][T10047] ? __check_object_size+0x3d/0x437 [ 102.996893][T10047] netlink_sendmsg+0x91c/0xea0 [ 103.001783][T10047] ? netlink_unicast+0x7d0/0x7d0 [ 103.006737][T10047] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 103.012294][T10047] ? apparmor_socket_sendmsg+0x2a/0x30 [ 103.017762][T10047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.024010][T10047] ? security_socket_sendmsg+0x8d/0xc0 [ 103.029473][T10047] ? netlink_unicast+0x7d0/0x7d0 [ 103.034398][T10047] sock_sendmsg+0xd7/0x130 [ 103.038910][T10047] ____sys_sendmsg+0x753/0x880 [ 103.043683][T10047] ? kernel_sendmsg+0x50/0x50 [ 103.048346][T10047] ? __fget+0x35d/0x550 [ 103.052505][T10047] ? find_held_lock+0x35/0x130 [ 103.057369][T10047] ___sys_sendmsg+0x100/0x170 [ 103.062059][T10047] ? sendmsg_copy_msghdr+0x70/0x70 [ 103.067306][T10047] ? __kasan_check_read+0x11/0x20 [ 103.072340][T10047] ? __fget+0x37f/0x550 [ 103.076497][T10047] ? ksys_dup3+0x3e0/0x3e0 [ 103.080929][T10047] ? __do_page_fault+0x56a/0xd80 [ 103.085868][T10047] ? __fget_light+0x1a9/0x230 [ 103.091465][T10047] ? __fdget+0x1b/0x20 [ 103.095539][T10047] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 103.101779][T10047] __sys_sendmsg+0x105/0x1d0 [ 103.106366][T10047] ? __sys_sendmsg_sock+0xc0/0xc0 [ 103.111508][T10047] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 103.117066][T10047] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 103.122528][T10047] ? do_syscall_64+0x26/0x790 [ 103.127196][T10047] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.133311][T10047] ? do_syscall_64+0x26/0x790 [ 103.137999][T10047] __x64_sys_sendmsg+0x78/0xb0 [ 103.142871][T10047] do_syscall_64+0xfa/0x790 [ 103.147484][T10047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.153500][T10047] RIP: 0033:0x446b19 [ 103.157634][T10047] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 103.177236][T10047] RSP: 002b:00007fd3a288bd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 103.185705][T10047] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446b19 [ 103.193739][T10047] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 103.201766][T10047] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 103.209788][T10047] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 103.217763][T10047] R13: 00000000200002c0 R14: 00000000004aeb00 R15: 0000000000000000 [ 103.225809][T10047] Modules linked in: [ 103.229765][T10058] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 103.235854][T10058] CPU: 1 PID: 10058 Comm: syz-executor790 Tainted: G D 5.5.0-rc5-syzkaller #0 [ 103.239797][T10047] ---[ end trace c2ab85444d78ba35 ]--- [ 103.246224][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.246251][T10058] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 103.246264][T10058] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 ba be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c ba be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b ba be fd 0f 0b cc cc cc [ 103.246270][T10058] RSP: 0018:ffffc90002257478 EFLAGS: 00010282 [ 103.246280][T10058] RAX: 000000000000004e RBX: ffff8880947e7400 RCX: 0000000000000000 [ 103.246286][T10058] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff5200044ae81 [ 103.246292][T10058] RBP: ffffc90002257490 R08: 000000000000004e R09: ffffed1015d26621 [ 103.246299][T10058] R10: ffffed1015d26620 R11: ffff8880ae933107 R12: dead000000000122 [ 103.246306][T10058] R13: ffff8880965a92b0 R14: ffff8880947e7400 R15: ffff88809fadbe80 [ 103.246316][T10058] FS: 00007fd3a288c700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 103.246323][T10058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.246337][T10058] CR2: 00007fd3a286ae78 CR3: 00000000a0236000 CR4: 00000000001406e0 [ 103.251859][T10047] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 103.261959][T10058] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 103.261967][T10058] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 executing program [ 103.261972][T10058] Call Trace: [ 103.261994][T10058] __nf_tables_abort+0x1e53/0x2a50 [ 103.262012][T10058] ? nfnl_err_del+0x115/0x170 [ 103.262024][T10058] nf_tables_abort+0x17/0x30 [ 103.262036][T10058] nfnetlink_rcv_batch+0xa5d/0x17a0 [ 103.262051][T10058] ? nf_tables_delobj+0x8f0/0x8f0 [ 103.262065][T10058] ? nfnetlink_subsys_register+0x2b0/0x2b0 [ 103.262089][T10058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.268779][T10047] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 ba be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c ba be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b ba be fd 0f 0b cc cc cc [ 103.288359][T10058] ? apparmor_capable+0x497/0x900 [ 103.288379][T10058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.288391][T10058] ? __nla_validate_parse+0x2d0/0x1ee0 [ 103.288407][T10058] ? cap_capable+0x205/0x270 [ 103.288421][T10058] ? nla_memcpy+0xb0/0xb0 [ 103.288434][T10058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.288448][T10058] ? ns_capable_common+0x93/0x100 [ 103.288460][T10058] ? __nla_parse+0x43/0x60 [ 103.288481][T10058] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 103.295336][T10047] RSP: 0018:ffffc900021c7478 EFLAGS: 00010282 [ 103.302617][T10058] nfnetlink_rcv+0x3e7/0x460 [ 103.302635][T10058] ? nfnetlink_rcv_batch+0x17a0/0x17a0 [ 103.302654][T10058] ? netlink_deliver_tap+0x24a/0xbe0 [ 103.302669][T10058] ? __kasan_check_write+0x14/0x20 [ 103.302681][T10058] netlink_unicast+0x58c/0x7d0 [ 103.302694][T10058] ? netlink_attachskb+0x870/0x870 [ 103.302709][T10058] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 103.302734][T10058] ? __check_object_size+0x3d/0x437 [ 103.310786][T10047] RAX: 000000000000004e RBX: ffff8880a302a400 RCX: 0000000000000000 [ 103.318702][T10058] netlink_sendmsg+0x91c/0xea0 [ 103.318722][T10058] ? netlink_unicast+0x7d0/0x7d0 [ 103.318738][T10058] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 103.318752][T10058] ? apparmor_socket_sendmsg+0x2a/0x30 [ 103.318768][T10058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.318783][T10058] ? security_socket_sendmsg+0x8d/0xc0 [ 103.318802][T10058] ? netlink_unicast+0x7d0/0x7d0 [ 103.326968][T10047] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff52000438e81 [ 103.334787][T10058] sock_sendmsg+0xd7/0x130 [ 103.334801][T10058] ____sys_sendmsg+0x753/0x880 [ 103.334814][T10058] ? kernel_sendmsg+0x50/0x50 [ 103.334826][T10058] ? __fget+0x35d/0x550 [ 103.334838][T10058] ? find_held_lock+0x35/0x130 [ 103.334854][T10058] ___sys_sendmsg+0x100/0x170 [ 103.334874][T10058] ? sendmsg_copy_msghdr+0x70/0x70 [ 103.344019][T10047] RBP: ffffc900021c7490 R08: 000000000000004e R09: ffffed1015d06621 [ 103.350562][T10058] ? __kasan_check_read+0x11/0x20 [ 103.350578][T10058] ? __fget+0x37f/0x550 [ 103.350593][T10058] ? ksys_dup3+0x3e0/0x3e0 [ 103.350617][T10058] ? __do_page_fault+0x56a/0xd80 [ 103.358694][T10047] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122 [ 103.365019][T10058] ? __fget_light+0x1a9/0x230 [ 103.365033][T10058] ? __fdget+0x1b/0x20 [ 103.365049][T10058] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 103.365064][T10058] __sys_sendmsg+0x105/0x1d0 [ 103.365078][T10058] ? __sys_sendmsg_sock+0xc0/0xc0 [ 103.365091][T10058] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 103.365118][T10058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 103.365139][T10058] ? do_syscall_64+0x26/0x790 [ 103.375525][T10047] R13: ffff8880921d92f0 R14: ffff8880a302a400 R15: ffff8880936a7c80 [ 103.383366][T10058] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.383383][T10058] ? do_syscall_64+0x26/0x790 [ 103.383401][T10058] __x64_sys_sendmsg+0x78/0xb0 [ 103.383416][T10058] do_syscall_64+0xfa/0x790 [ 103.383430][T10058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 103.383440][T10058] RIP: 0033:0x446b19 [ 103.383459][T10058] Code: e8 8c e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 103.386887][T10047] FS: 00007fd3a288c700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 103.392037][T10058] RSP: 002b:00007fd3a288bd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 103.392049][T10058] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446b19 [ 103.392056][T10058] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 103.392063][T10058] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 103.392071][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c [ 103.392077][T10058] R13: 00000000200002c0 R14: 00000000004aeb00 R15: 0000000000000000 [ 103.392088][T10058] Modules linked in: [ 103.396938][T10058] ---[ end trace c2ab85444d78ba36 ]--- [ 103.396965][T10058] RIP: 0010:__list_del_entry_valid.cold+0x37/0x4f [ 103.396980][T10058] Code: be fd 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 a0 65 71 88 e8 a0 ba be fd 0f 0b 4c 89 e2 4c 89 f6 48 c7 c7 00 66 71 88 e8 8c ba be fd <0f> 0b 4c 89 f6 48 c7 c7 c0 66 71 88 e8 7b ba be fd 0f 0b cc cc cc [ 103.396987][T10058] RSP: 0018:ffffc900021c7478 EFLAGS: 00010282 [ 103.396996][T10058] RAX: 000000000000004e RBX: ffff8880a302a400 RCX: 0000000000000000 [ 103.397003][T10058] RDX: 0000000000000000 RSI: ffffffff815e53a6 RDI: fffff52000438e81 [ 103.397010][T10058] RBP: ffffc900021c7490 R08: 000000000000004e R09: ffffed1015d06621 [ 103.397017][T10058] R10: ffffed1015d06620 R11: ffff8880ae833107 R12: dead000000000122 [ 103.397024][T10058] R13: ffff8880921d92f0 R14: ffff8880a302a400 R15: ffff8880936a7c80 [ 103.397034][T10058] FS: 00007fd3a288c700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 103.397041][T10058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.397048][T10058] CR2: 00007fd3a286ae78 CR3: 00000000a0236000 CR4: 00000000001406e0 [ 103.397065][T10058] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 103.397071][T10058] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 103.397079][T10058] Kernel panic - not syncing: Fatal exception [ 103.403226][T10058] Kernel Offset: disabled [ 103.946789][T10058] Rebooting in 86400 seconds..