[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 76.585697][ T23] audit: type=1800 audit(1580115076.713:25): pid=9514 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 76.607718][ T23] audit: type=1800 audit(1580115076.713:26): pid=9514 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 76.666130][ T23] audit: type=1800 audit(1580115076.713:27): pid=9514 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts. syzkaller login: [ 84.759653][ T9666] IPVS: ftp: loaded support on port[0] = 21 [ 84.806832][ T9666] chnl_net:caif_netlink_parms(): no params data found [ 84.833947][ T9666] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.841521][ T9666] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.849560][ T9666] device bridge_slave_0 entered promiscuous mode [ 84.858010][ T9666] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.865083][ T9666] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.873702][ T9666] device bridge_slave_1 entered promiscuous mode [ 84.890315][ T9666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.901095][ T9666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.920544][ T9666] team0: Port device team_slave_0 added [ 84.928081][ T9666] team0: Port device team_slave_1 added [ 84.942532][ T9666] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.949793][ T9666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.975791][ T9666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.988177][ T9666] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.995244][ T9666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.021433][ T9666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.079740][ T9666] device hsr_slave_0 entered promiscuous mode [ 85.127787][ T9666] device hsr_slave_1 entered promiscuous mode [ 85.250307][ T9666] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 85.299902][ T9666] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 85.360313][ T9666] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 85.409028][ T9666] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.469391][ T9666] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.476743][ T9666] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.484858][ T9666] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.491997][ T9666] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.538843][ T9666] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.552051][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 85.562933][ T2853] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.571350][ T2853] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.580136][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 85.593102][ T9666] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.604029][ T2852] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 85.612762][ T2852] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.619903][ T2852] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.631834][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 85.641057][ T2853] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.648188][ T2853] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.669087][ T2859] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 85.678169][ T2859] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 85.698208][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 85.707056][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 85.715458][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 85.725246][ T9666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 85.744280][ T2859] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 85.752085][ T2859] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 85.765534][ T9666] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.785311][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 85.806042][ T9666] device veth0_vlan entered promiscuous mode [ 85.814438][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 85.823137][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 85.831310][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 85.845525][ T9666] device veth1_vlan entered promiscuous mode [ 85.866666][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 85.876132][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 85.887941][ T9666] device veth0_macvtap entered promiscuous mode [ 85.897524][ T9666] device veth1_macvtap entered promiscuous mode [ 85.914287][ T9666] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.921762][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 85.930732][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 85.939032][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 85.948554][ T2854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program [ 85.960708][ T9666] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.968130][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 85.976778][ T2853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.472683][ T9670] kasan: CONFIG_KASAN_INLINE enabled [ 86.478028][ T9670] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 86.486085][ T9670] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 86.493119][ T9670] CPU: 0 PID: 9670 Comm: syz-executor199 Not tainted 5.5.0-rc7-syzkaller #0 [ 86.501781][ T9670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.511844][ T9670] RIP: 0010:__lock_acquire+0x1254/0x4a00 [ 86.517558][ T9670] Code: 00 0f 85 96 24 00 00 48 81 c4 f0 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 0b 28 00 00 49 81 3e 20 c9 bd 8a 0f 84 5f ee ff [ 86.537149][ T9670] RSP: 0018:ffffc900020e7a18 EFLAGS: 00010006 [ 86.543201][ T9670] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.551279][ T9670] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001 [ 86.559233][ T9670] RBP: ffffc900020e7b30 R08: 0000000000000001 R09: 0000000000000001 [ 86.567182][ T9670] R10: fffffbfff14f66d8 R11: ffff88808c4b6140 R12: 0000000000000018 [ 86.575133][ T9670] R13: 0000000000000000 R14: 0000000000000018 R15: 0000000000000001 [ 86.583096][ T9670] FS: 00007ff6ffdfe700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 86.592031][ T9670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.598703][ T9670] CR2: 00000000004ad790 CR3: 000000009909e000 CR4: 00000000001406f0 [ 86.606656][ T9670] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 86.614619][ T9670] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 86.622642][ T9670] Call Trace: [ 86.625961][ T9670] ? __kasan_check_read+0x11/0x20 [ 86.630981][ T9670] ? mark_lock+0xc2/0x1220 [ 86.635402][ T9670] ? __kasan_check_read+0x11/0x20 [ 86.640416][ T9670] ? __lock_acquire+0x16f2/0x4a00 [ 86.645435][ T9670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.651659][ T9670] ? mark_held_locks+0xf0/0xf0 [ 86.656460][ T9670] lock_acquire+0x190/0x410 [ 86.660945][ T9670] ? prepare_to_wait+0x7c/0x300 [ 86.665820][ T9670] _raw_spin_lock_irqsave+0x95/0xcd [ 86.671011][ T9670] ? prepare_to_wait+0x7c/0x300 [ 86.675949][ T9670] prepare_to_wait+0x7c/0x300 [ 86.680627][ T9670] ? lock_sock_nested+0x9a/0x120 [ 86.685554][ T9670] ? add_wait_queue_exclusive+0x1a0/0x1a0 [ 86.691261][ T9670] ? lock_sock_nested+0xe2/0x120 [ 86.696175][ T9670] nr_accept+0x23c/0x760 [ 86.700501][ T9670] ? nr_recvmsg+0x4d0/0x4d0 [ 86.705027][ T9670] ? __alloc_fd+0x487/0x620 [ 86.709605][ T9670] ? finish_wait+0x260/0x260 [ 86.714196][ T9670] ? apparmor_socket_accept+0xb6/0x160 [ 86.720076][ T9670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.726323][ T9670] ? nr_recvmsg+0x4d0/0x4d0 [ 86.733946][ T9670] __sys_accept4_file+0x3be/0x5e0 [ 86.739005][ T9670] ? __ia32_sys_listen+0x80/0x80 [ 86.743935][ T9670] ? ksys_dup3+0x3e0/0x3e0 [ 86.748536][ T9670] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 86.754507][ T9670] ? __x64_sys_futex+0x404/0x590 [ 86.759427][ T9670] ? __fget_light+0x1a9/0x230 [ 86.764095][ T9670] __sys_accept4+0x5a/0xa0 [ 86.768511][ T9670] __x64_sys_accept+0x75/0xb0 [ 86.773182][ T9670] do_syscall_64+0xfa/0x790 [ 86.777679][ T9670] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 86.783554][ T9670] RIP: 0033:0x447fc9 [ 86.787483][ T9670] Code: e8 ec 14 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 86.807273][ T9670] RSP: 002b:00007ff6ffdfddb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 86.815833][ T9670] RAX: ffffffffffffffda RBX: 00000000006ddc68 RCX: 0000000000447fc9 [ 86.823855][ T9670] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000004 [ 86.831822][ T9670] RBP: 00000000006ddc60 R08: 0000000000000000 R09: 0000000000000000 [ 86.839827][ T9670] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006ddc6c [ 86.847806][ T9670] R13: 00007ffe680d7f4f R14: 00007ff6ffdfe9c0 R15: 000000000000002d [ 86.856209][ T9670] Modules linked in: [ 86.860104][ T9670] ---[ end trace 84b45f7e9e0b420c ]--- [ 86.865648][ T9670] RIP: 0010:__lock_acquire+0x1254/0x4a00 [ 86.871444][ T9670] Code: 00 0f 85 96 24 00 00 48 81 c4 f0 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 0b 28 00 00 49 81 3e 20 c9 bd 8a 0f 84 5f ee ff [ 86.891600][ T9670] RSP: 0018:ffffc900020e7a18 EFLAGS: 00010006 [ 86.897657][ T9670] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.905744][ T9670] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000001 [ 86.913702][ T9670] RBP: ffffc900020e7b30 R08: 0000000000000001 R09: 0000000000000001 [ 86.921731][ T9670] R10: fffffbfff14f66d8 R11: ffff88808c4b6140 R12: 0000000000000018 [ 86.929700][ T9670] R13: 0000000000000000 R14: 0000000000000018 R15: 0000000000000001 [ 86.937752][ T9670] FS: 00007ff6ffdfe700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 86.946667][ T9670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.953229][ T9670] CR2: 00000000004ad790 CR3: 000000009909e000 CR4: 00000000001406f0 [ 86.961264][ T9670] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 86.969231][ T9670] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 86.977304][ T9670] Kernel panic - not syncing: Fatal exception [ 86.984827][ T9670] Kernel Offset: disabled [ 86.989166][ T9670] Rebooting in 86400 seconds..