[   46.368892] audit: type=1800 audit(1546155021.569:29): pid=8165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   46.408835] audit: type=1800 audit(1546155021.579:30): pid=8165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.224' (ECDSA) to the list of known hosts.
syzkaller login: [   54.910694] kauditd_printk_skb: 5 callbacks suppressed
[   54.910712] audit: type=1400 audit(1546155030.119:36): avc:  denied  { map } for  pid=8354 comm="syz-executor074" path="/root/syz-executor074124255" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   54.935496] IPVS: ftp: loaded support on port[0] = 21
[   55.002354] chnl_net:caif_netlink_parms(): no params data found
[   55.036144] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.044669] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.051845] device bridge_slave_0 entered promiscuous mode
[   55.058994] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.065521] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.072478] device bridge_slave_1 entered promiscuous mode
[   55.090806] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   55.099600] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   55.116483] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   55.124264] team0: Port device team_slave_0 added
[   55.129666] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   55.136944] team0: Port device team_slave_1 added
[   55.142137] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   55.149353] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   55.212287] device hsr_slave_0 entered promiscuous mode
[   55.250138] device hsr_slave_1 entered promiscuous mode
[   55.290303] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   55.297174] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   55.311351] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.317779] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.324842] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.331204] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.365361] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   55.371762] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.379739] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   55.388855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.411015] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.418234] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.426132] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   55.436663] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   55.443109] 8021q: adding VLAN 0 to HW filter on device team0
[   55.451777] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.459348] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.465785] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.474974] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.483077] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.489428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.505906] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   55.513962] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   55.524559] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   55.535778] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.546742] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.557844] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
executing program
[   55.564504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   55.573018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.585168] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   55.597693] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.608679] ------------[ cut here ]------------
[   55.613519] HSR: VLAN not yet supported
[   55.613925] WARNING: CPU: 0 PID: 8355 at net/hsr/hsr_forward.c:336 hsr_forward_skb+0x2196/0x28a0
[   55.626781] Kernel panic - not syncing: panic_on_warn set ...
[   55.632668] CPU: 0 PID: 8355 Comm: syz-executor074 Not tainted 4.20.0+ #176
[   55.639744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.649076] Call Trace:
[   55.651646]  dump_stack+0x1d3/0x2c6
[   55.655257]  ? dump_stack_print_info.cold.1+0x20/0x20
[   55.660448]  panic+0x2ad/0x55f
[   55.663625]  ? add_taint.cold.5+0x16/0x16
[   55.667760]  ? __warn.cold.8+0x5/0x52
[   55.671544]  ? __warn+0xe8/0x1d0
[   55.674898]  ? hsr_forward_skb+0x2196/0x28a0
[   55.679289]  __warn.cold.8+0x20/0x52
[   55.682988]  ? rcu_softirq_qs+0x20/0x20
[   55.686945]  ? hsr_forward_skb+0x2196/0x28a0
[   55.691338]  report_bug+0x254/0x2d0
[   55.694963]  do_error_trap+0x11b/0x200
[   55.698834]  do_invalid_op+0x36/0x40
[   55.702530]  ? hsr_forward_skb+0x2196/0x28a0
[   55.706942]  invalid_op+0x14/0x20
[   55.710382] RIP: 0010:hsr_forward_skb+0x2196/0x28a0
[   55.715403] Code: e7 e8 9e 2a ff ff e9 8f f3 ff ff 48 89 85 b0 fe ff ff e8 8d d5 95 f9 48 c7 c7 a0 0e fa 88 c6 05 25 bc 4a 02 01 e8 0a 1b 5f f9 <0f> 0b 48 8b 85 a8 fe ff ff 48 b9 00 00 00 00 00 fc ff df 48 89 c2
[   55.734295] RSP: 0018:ffff88808f47eb28 EFLAGS: 00010282
[   55.739639] RAX: 0000000000000000 RBX: ffff88807bb0a040 RCX: 0000000000000000
[   55.746887] RDX: 0000000000000000 RSI: ffffffff81683f55 RDI: 0000000000000006
[   55.754139] RBP: ffff88808f47ecb8 R08: ffff888089f8e100 R09: 0000000000000000
[   55.761391] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   55.768653] R13: ffff88808fe8dd80 R14: ffff88807bb0a0f6 R15: ffff88808f47ec90
[   55.775960]  ? vprintk_func+0x85/0x181
[   55.779861]  ? hsr_forward_skb+0x2196/0x28a0
[   55.784256]  ? rcu_read_unlock_special+0x370/0x370
[   55.789165]  ? find_held_lock+0x36/0x1c0
[   55.793210]  ? hsr_del_port+0x480/0x480
[   55.797180]  ? rcu_read_unlock+0x5e/0xa0
[   55.801228]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   55.806243]  ? hsr_netdev_notify+0x1070/0x1070
[   55.810823]  ? __lock_is_held+0xb5/0x140
[   55.814886]  hsr_dev_xmit+0x71/0xa0
[   55.818511]  dev_hard_start_xmit+0x286/0xc80
[   55.822948]  ? dev_direct_xmit+0x6a0/0x6a0
[   55.827166]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   55.832713]  ? netif_skb_features+0x681/0xb50
[   55.837191]  ? skb_flow_dissect_tunnel_info+0xd80/0xd80
[   55.842556]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   55.848078]  ? validate_xmit_xfrm+0x41c/0xef0
[   55.852562]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   55.858083]  ? validate_xmit_skb+0x849/0xf70
[   55.862507]  ? netif_skb_features+0xb50/0xb50
[   55.866988]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   55.872509]  ? check_preemption_disabled+0x48/0x280
[   55.877505]  ? check_preemption_disabled+0x48/0x280
[   55.882507]  __dev_queue_xmit+0x2f62/0x3ac0
[   55.886814]  ? kasan_kmalloc+0xcb/0xd0
[   55.890690]  ? netdev_pick_tx+0x300/0x300
[   55.894822]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   55.900345]  ? __alloc_skb+0x4bd/0x760
[   55.904226]  ? print_usage_bug+0xc0/0xc0
[   55.908271]  ? skb_scrub_packet+0x440/0x440
[   55.912575]  ? mark_held_locks+0x130/0x130
[   55.916791]  ? find_held_lock+0x36/0x1c0
[   55.920858]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   55.926378]  ? refcount_add_not_zero_checked+0x21e/0x330
[   55.931825]  ? refcount_dec_if_one+0x180/0x180
[   55.936404]  ? alloc_skb_with_frags+0x508/0x7c0
[   55.941066]  ? pagevec_lru_move_fn+0x259/0x350
[   55.945655]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   55.951192]  ? refcount_add_checked+0x2f/0x70
[   55.955669]  ? skb_set_owner_w+0x21d/0x320
[   55.959901]  ? sock_alloc_send_pskb+0x7bb/0xab0
[   55.964565]  ? __lru_cache_add+0x2ff/0x4e0
[   55.968784]  ? sock_wmalloc+0x1f0/0x1f0
[   55.972744]  ? dev_get_by_index+0xf0/0x1c0
[   55.976970]  ? lock_downgrade+0x900/0x900
[   55.981100]  ? check_preemption_disabled+0x48/0x280
[   55.986101]  ? kasan_check_read+0x11/0x20
[   55.990234]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[   55.995489]  ? mark_held_locks+0x130/0x130
[   55.999706]  ? rcu_read_unlock_special+0x370/0x370
[   56.004619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.010154]  ? skb_copy_datagram_from_iter+0x445/0x650
[   56.015436]  ? memcpy+0x45/0x50
[   56.018701]  dev_queue_xmit+0x17/0x20
[   56.022482]  ? dev_queue_xmit+0x17/0x20
[   56.026446]  packet_sendmsg+0x298a/0x6ad0
[   56.030577]  ? avc_has_perm+0x469/0x7e0
[   56.034532]  ? lock_downgrade+0x900/0x900
[   56.038659]  ? check_preemption_disabled+0x48/0x280
[   56.043660]  ? kasan_check_read+0x11/0x20
[   56.047815]  ? mark_held_locks+0xe0/0x130
[   56.051955]  ? packet_getname+0x5f0/0x5f0
[   56.056087]  ? avc_has_perm_noaudit+0x630/0x630
[   56.060742]  ? __might_fault+0x12b/0x1e0
[   56.064784]  ? lock_downgrade+0x900/0x900
[   56.068916]  ? lock_release+0xa00/0xa00
[   56.072895]  ? arch_local_save_flags+0x40/0x40
[   56.077474]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   56.082995]  ? rw_copy_check_uvector+0x310/0x3e0
[   56.087736]  ? iov_iter_init+0xe5/0x210
[   56.091695]  ? sock_has_perm+0x2bc/0x3e0
[   56.095740]  ? selinux_secmark_relabel_packet+0xe0/0xe0
[   56.101095]  ? copy_msghdr_from_user+0x3c1/0x580
[   56.105838]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.111361]  ? security_socket_sendmsg+0x94/0xc0
[   56.116100]  ? packet_getname+0x5f0/0x5f0
[   56.120233]  sock_sendmsg+0xd5/0x120
[   56.123932]  ___sys_sendmsg+0x51d/0x930
[   56.127892]  ? copy_msghdr_from_user+0x580/0x580
[   56.132631]  ? _copy_to_user+0xc8/0x110
[   56.136590]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   56.142109]  ? sock_do_ioctl+0x110/0x420
[   56.146157]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.151676]  ? __fget_light+0x2e9/0x430
[   56.155630]  ? fget_raw+0x20/0x20
[   56.159071]  ? __sanitizer_cov_trace_switch+0x53/0x90
[   56.164250]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   56.169770]  ? sockfd_lookup_light+0xc5/0x160
[   56.174250]  __sys_sendmmsg+0x246/0x6d0
[   56.178211]  ? __ia32_sys_sendmsg+0xb0/0xb0
[   56.182518]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.188038]  ? do_vfs_ioctl+0x201/0x1790
[   56.192247]  ? ioctl_preallocate+0x300/0x300
[   56.196648]  ? do_syscall_64+0x9a/0x820
[   56.200608]  ? do_syscall_64+0x9a/0x820
[   56.204566]  ? lockdep_hardirqs_on+0x421/0x5c0
[   56.209150]  ? trace_hardirqs_on+0xbd/0x310
[   56.213469]  ? security_file_ioctl+0x94/0xc0
[   56.217865]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   56.223211]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   56.228642]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   56.234179]  __x64_sys_sendmmsg+0x9d/0x100
[   56.238401]  do_syscall_64+0x1b9/0x820
[   56.242282]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   56.247633]  ? syscall_return_slowpath+0x5e0/0x5e0
[   56.252547]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   56.257374]  ? trace_hardirqs_on_caller+0x310/0x310
[   56.262375]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   56.267376]  ? prepare_exit_to_usermode+0x291/0x3b0
[   56.272378]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   56.277211]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   56.282384] RIP: 0033:0x4418a9
[   56.285583] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   56.304478] RSP: 002b:00007ffe7c997968 EFLAGS: 00000213 ORIG_RAX: 0000000000000133
[   56.312168] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004418a9
[   56.319603] RDX: 0000000000000300 RSI: 0000000020008a80 RDI: 0000000000000003
[   56.326859] RBP: 0000000000000003 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[   56.334111] R10: 0000000000000000 R11: 0000000000000213 R12: 00007ffe7c9979b0
[   56.341360] R13: 00007ffe7c9979a0 R14: 0000000000000000 R15: 0000000000000000
[   56.349604] Kernel Offset: disabled
[   56.353265] Rebooting in 86400 seconds..