[   36.925955][   T26] audit: type=1800 audit(1555532416.637:27): pid=7576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   36.956811][   T26] audit: type=1800 audit(1555532416.647:28): pid=7576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   37.710963][   T26] audit: type=1800 audit(1555532417.487:29): pid=7576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   37.731528][   T26] audit: type=1800 audit(1555532417.487:30): pid=7576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.90' (ECDSA) to the list of known hosts.
syzkaller login: [   63.802776][ T7729] IPVS: ftp: loaded support on port[0] = 21
[   63.859917][ T7729] chnl_net:caif_netlink_parms(): no params data found
[   63.887718][ T7729] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.895674][ T7729] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.903571][ T7729] device bridge_slave_0 entered promiscuous mode
[   63.912502][ T7729] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.920182][ T7729] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.927995][ T7729] device bridge_slave_1 entered promiscuous mode
[   63.943825][ T7729] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   63.953568][ T7729] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   63.970324][ T7729] team0: Port device team_slave_0 added
[   63.977049][ T7729] team0: Port device team_slave_1 added
[   64.056303][ T7729] device hsr_slave_0 entered promiscuous mode
[   64.125049][ T7729] device hsr_slave_1 entered promiscuous mode
[   64.202067][ T7729] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.209341][ T7729] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.217278][ T7729] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.224343][ T7729] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.258183][ T7729] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.269419][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.291759][   T17] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.300234][   T17] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.309684][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   64.321143][ T7729] 8021q: adding VLAN 0 to HW filter on device team0
[   64.331162][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.339687][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.347049][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.366056][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.375314][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.382412][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.390837][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.399710][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.408572][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
executing program
[   64.419468][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.431715][ T7731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.440852][ T7729] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.457876][ T7729] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.470802][ T7729] ------------[ cut here ]------------
[   64.476427][ T7729] hsr_addr_subst_dest: Unknown node
[   64.481997][ T7729] WARNING: CPU: 0 PID: 7729 at net/hsr/hsr_framereg.c:294 hsr_addr_subst_dest+0x382/0x460
[   64.491877][ T7729] Kernel panic - not syncing: panic_on_warn set ...
[   64.498465][ T7729] CPU: 0 PID: 7729 Comm: syz-executor309 Not tainted 5.1.0-rc5-next-20190417 #27
[   64.507647][ T7729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   64.517837][ T7729] Call Trace:
[   64.521133][ T7729]  dump_stack+0x172/0x1f0
[   64.525475][ T7729]  ? hsr_addr_subst_dest+0x300/0x460
[   64.530990][ T7729]  panic+0x2cb/0x72b
[   64.534882][ T7729]  ? __warn_printk+0xf3/0xf3
[   64.539660][ T7729]  ? hsr_addr_subst_dest+0x382/0x460
[   64.545033][ T7729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   64.551406][ T7729]  ? __warn.cold+0x5/0x46
[   64.555743][ T7729]  ? __warn+0xe8/0x1d0
[   64.559810][ T7729]  ? hsr_addr_subst_dest+0x382/0x460
[   64.565102][ T7729]  __warn.cold+0x20/0x46
[   64.569395][ T7729]  ? vprintk_emit+0x1ea/0x700
[   64.574084][ T7729]  ? hsr_addr_subst_dest+0x382/0x460
[   64.579371][ T7729]  report_bug+0x263/0x2b0
[   64.583727][ T7729]  do_error_trap+0x11b/0x200
[   64.588319][ T7729]  do_invalid_op+0x37/0x50
[   64.592738][ T7729]  ? hsr_addr_subst_dest+0x382/0x460
[   64.598022][ T7729]  invalid_op+0x14/0x20
[   64.602178][ T7729] RIP: 0010:hsr_addr_subst_dest+0x382/0x460
[   64.608075][ T7729] Code: 89 de e8 71 ac 5e fa 84 db 75 d3 e8 28 ab 5e fa 48 c7 c6 60 ec 1a 88 48 c7 c7 20 ec 1a 88 c6 05 6c e1 49 02 01 e8 6c 25 31 fa <0f> 0b eb b0 e8 05 ab 5e fa 0f b6 1d 58 e1 49 02 31 ff 89 de e8 35
[   64.628900][ T7729] RSP: 0018:ffff8880933bf5e0 EFLAGS: 00010286
[   64.635060][ T7729] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   64.643028][ T7729] RDX: 0000000000000000 RSI: ffffffff815b2ba6 RDI: ffffed1012677eae
[   64.651040][ T7729] RBP: ffff8880933bf620 R08: ffff8880a8f5a440 R09: ffffed1015d05019
[   64.659150][ T7729] R10: ffffed1015d05018 R11: ffff8880ae8280c7 R12: ffff8880943776e0
[   64.667489][ T7729] R13: 00000000aaaaaaaa R14: 00000000fdd2fbfe R15: 000000000000aaaa
[   64.675485][ T7729]  ? vprintk_func+0x86/0x189
[   64.680195][ T7729]  hsr_forward_skb+0x138b/0x1d30
[   64.685217][ T7729]  hsr_dev_xmit+0x72/0xa0
[   64.689551][ T7729]  dev_hard_start_xmit+0x18f/0x960
[   64.694747][ T7729]  __dev_queue_xmit+0x2a9d/0x36c0
[   64.699782][ T7729]  ? __might_fault+0x12b/0x1e0
[   64.704542][ T7729]  ? find_held_lock+0x35/0x130
[   64.709316][ T7729]  ? netdev_core_pick_tx+0x300/0x300
[   64.714648][ T7729]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   64.720891][ T7729]  ? iov_iter_advance+0x295/0xf70
[   64.725924][ T7729]  dev_queue_xmit+0x18/0x20
[   64.730435][ T7729]  ? dev_queue_xmit+0x18/0x20
[   64.735112][ T7729]  pppoe_sendmsg+0x657/0x7e0
[   64.739713][ T7729]  ? ether_setup+0x2d0/0x2d0
[   64.744388][ T7729]  ? pppoe_getname+0x120/0x120
[   64.749141][ T7729]  ? apparmor_socket_sendmsg+0x2a/0x30
[   64.754711][ T7729]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   64.760955][ T7729]  ? security_socket_sendmsg+0x93/0xc0
[   64.766418][ T7729]  ? pppoe_getname+0x120/0x120
[   64.771389][ T7729]  sock_sendmsg+0xdd/0x130
[   64.775805][ T7729]  ___sys_sendmsg+0x3e2/0x930
[   64.780571][ T7729]  ? copy_msghdr_from_user+0x430/0x430
[   64.786239][ T7729]  ? __lock_acquire+0x548/0x3fb0
[   64.791247][ T7729]  ? mark_held_locks+0xf0/0xf0
[   64.796012][ T7729]  ? kasan_check_read+0x11/0x20
[   64.800860][ T7729]  ? __lock_acquire+0x242a/0x3fb0
[   64.806018][ T7729]  ? __might_fault+0x12b/0x1e0
[   64.810893][ T7729]  ? find_held_lock+0x35/0x130
[   64.815756][ T7729]  ? __might_fault+0x12b/0x1e0
[   64.820672][ T7729]  ? lock_downgrade+0x880/0x880
[   64.825701][ T7729]  ? ___might_sleep+0x163/0x280
[   64.830866][ T7729]  __sys_sendmmsg+0x1bf/0x4d0
[   64.835690][ T7729]  ? __ia32_sys_sendmsg+0xb0/0xb0
[   64.840737][ T7729]  ? __sys_connect+0x12d/0x330
[   64.845619][ T7729]  ? __ia32_sys_accept+0xb0/0xb0
[   64.850606][ T7729]  ? kasan_check_write+0x14/0x20
[   64.855546][ T7729]  ? up_read+0x90/0x1c0
[   64.859919][ T7729]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   64.865391][ T7729]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   64.870950][ T7729]  ? do_syscall_64+0x26/0x670
[   64.875684][ T7729]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   64.881759][ T7729]  ? do_syscall_64+0x26/0x670
[   64.886435][ T7729]  __x64_sys_sendmmsg+0x9d/0x100
[   64.891465][ T7729]  do_syscall_64+0x103/0x670
[   64.896057][ T7729]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   64.904114][ T7729] RIP: 0033:0x441929
[   64.908021][ T7729] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   64.928294][ T7729] RSP: 002b:00007ffef23fbbe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   64.936747][ T7729] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441929
[   64.944929][ T7729] RDX: 04000000000000eb RSI: 000000002000d180 RDI: 0000000000000003
[   64.952963][ T7729] RBP: 00000000004a8fd0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[   64.961136][ T7729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402e70
[   64.969137][ T7729] R13: 0000000000402f00 R14: 0000000000000000 R15: 0000000000000000
[   64.978566][ T7729] Kernel Offset: disabled
[   64.983107][ T7729] Rebooting in 86400 seconds..