[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   38.302428] audit: type=1800 audit(1546828329.098:25): pid=7863 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   38.339283] audit: type=1800 audit(1546828329.098:26): pid=7863 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   38.385799] audit: type=1800 audit(1546828329.098:27): pid=7863 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.112' (ECDSA) to the list of known hosts.
2019/01/07 02:32:20 parsed 1 programs
2019/01/07 02:32:21 executed programs: 0
syzkaller login: [   51.130093] IPVS: ftp: loaded support on port[0] = 21
[   51.195131] chnl_net:caif_netlink_parms(): no params data found
[   51.229504] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.236479] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.243664] device bridge_slave_0 entered promiscuous mode
[   51.250987] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.257462] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.264511] device bridge_slave_1 entered promiscuous mode
[   51.281324] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   51.292284] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   51.308835] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   51.316459] team0: Port device team_slave_0 added
[   51.321798] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   51.329604] team0: Port device team_slave_1 added
[   51.334967] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   51.342282] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   51.414489] device hsr_slave_0 entered promiscuous mode
[   51.462871] device hsr_slave_1 entered promiscuous mode
[   51.532771] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   51.539682] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   51.553985] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.560401] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.567429] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.573816] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.606912] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   51.613306] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.621147] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   51.630023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.649655] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.657324] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.666380] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   51.676554] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   51.683020] 8021q: adding VLAN 0 to HW filter on device team0
[   51.693879] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.701519] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.707916] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.720915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.729029] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.735428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.753737] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   51.761642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   51.770081] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   51.779745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.791219] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   51.801818] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   51.808608] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   51.816031] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.829810] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   51.840398] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.984951] kasan: CONFIG_KASAN_INLINE enabled
[   51.989696] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   51.997423] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   52.003658] CPU: 0 PID: 8054 Comm: syz-executor0 Not tainted 4.20.0+ #3
[   52.010402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   52.019775] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2b80
[   52.025309] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 08 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 b4
[   52.044210] RSP: 0018:ffff8880982ef120 EFLAGS: 00010203
[   52.049564] RAX: dffffc0000000000 RBX: ffff88808d28d280 RCX: 0000000000000000
[   52.056827] RDX: 0000000000000001 RSI: ffffffff87b995b2 RDI: 000000000000000e
[   52.064086] RBP: ffff8880982ef3e8 R08: ffff88808c2944c0 R09: ffff8880977f0f90
[   52.071345] R10: fffffbfff149fdc0 R11: ffffffff8a4fee03 R12: ffff88808e5d2760
[   52.078608] R13: ffff8880977f0f40 R14: ffff88808d28d6e0 R15: 0000000000000000
[   52.085874] FS:  00007f99f82ff700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[   52.094094] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.099969] CR2: 0000000000000000 CR3: 00000000a0a71000 CR4: 00000000001406f0
[   52.107234] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.114500] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.121761] Call Trace:
[   52.124352]  ? __kmalloc_node_track_caller+0x51/0x80
[   52.129452]  ? __alloc_skb+0x12d/0x730
[   52.133338]  ? smc_diag_handler_dump+0x350/0x350
[   52.138089]  ? sock_sendmsg+0xdd/0x130
[   52.141967]  ? ___sys_sendmsg+0x7ec/0x910
[   52.146104]  ? __sys_sendmsg+0x112/0x270
[   52.150154]  ? __x64_sys_sendmsg+0x78/0xb0
[   52.154384]  ? do_syscall_64+0x1a3/0x800
[   52.158442]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   52.163799]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   52.169331]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   52.174861]  ? check_preemption_disabled+0x48/0x290
[   52.179871]  ? __lock_is_held+0xb6/0x140
[   52.183932]  ? lock_acquire+0x1db/0x570
[   52.187903]  ? smc_diag_dump_proto.isra.0+0xfb/0x3c0
[   52.193005]  ? lock_release+0xc40/0xc40
[   52.196976]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   52.202526]  ? kasan_check_write+0x14/0x20
[   52.206773]  smc_diag_dump_proto.isra.0+0x2e7/0x3c0
[   52.211799]  ? __smc_diag_dump.isra.0+0x2b80/0x2b80
[   52.216824]  ? find_held_lock+0x35/0x120
[   52.220883]  smc_diag_dump+0x27/0x80
[   52.225101]  netlink_dump+0x5f2/0x1070
[   52.228984]  ? netlink_broadcast+0x50/0x50
[   52.233221]  __netlink_dump_start+0x5b4/0x7e0
[   52.237727]  smc_diag_handler_dump+0x2a7/0x350
[   52.242311]  ? smc_gid_be16_convert+0x2c0/0x2c0
[   52.246973]  ? lock_downgrade+0x910/0x910
[   52.251116]  ? smc_diag_dump_proto.isra.0+0x3c0/0x3c0
[   52.256306]  ? rcu_read_unlock_special+0x380/0x380
[   52.261237]  sock_diag_rcv_msg+0x322/0x410
[   52.265471]  netlink_rcv_skb+0x17d/0x410
[   52.269524]  ? sock_diag_bind+0x80/0x80
[   52.273494]  ? netlink_ack+0xba0/0xba0
[   52.277383]  sock_diag_rcv+0x2b/0x40
[   52.281089]  netlink_unicast+0x574/0x770
[   52.285147]  ? netlink_attachskb+0x980/0x980
[   52.289553]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   52.295085]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   52.300099]  netlink_sendmsg+0xa05/0xf90
[   52.304157]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   52.309705]  ? netlink_unicast+0x770/0x770
[   52.313948]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   52.318784]  ? apparmor_socket_sendmsg+0x2a/0x30
[   52.323530]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   52.329060]  ? security_socket_sendmsg+0x93/0xc0
[   52.333807]  ? netlink_unicast+0x770/0x770
[   52.338035]  sock_sendmsg+0xdd/0x130
[   52.341754]  ___sys_sendmsg+0x7ec/0x910
[   52.345744]  ? copy_msghdr_from_user+0x570/0x570
[   52.350491]  ? iterate_fd+0x4b0/0x4b0
[   52.354288]  ? __might_fault+0x12b/0x1e0
[   52.358558]  ? find_held_lock+0x35/0x120
[   52.362613]  ? __might_fault+0x12b/0x1e0
[   52.366666]  ? __fget_light+0x2db/0x420
[   52.370629]  ? fget_raw+0x20/0x20
[   52.374076]  ? lock_release+0xc40/0xc40
[   52.378043]  ? trace_hardirqs_off_caller+0x300/0x300
[   52.383139]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   52.388670]  ? __fdget+0x1b/0x20
[   52.392028]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   52.397555]  ? sockfd_lookup_light+0xc2/0x160
[   52.402041]  __sys_sendmsg+0x112/0x270
[   52.405923]  ? __ia32_sys_shutdown+0x80/0x80
[   52.410330]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   52.415688]  ? trace_hardirqs_off_caller+0x300/0x300
[   52.420796]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   52.425544]  __x64_sys_sendmsg+0x78/0xb0
[   52.429608]  do_syscall_64+0x1a3/0x800
[   52.433511]  ? syscall_return_slowpath+0x5f0/0x5f0
[   52.438434]  ? prepare_exit_to_usermode+0x232/0x3b0
[   52.443449]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   52.448291]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   52.453468] RIP: 0033:0x457ec9
[   52.456656] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   52.475550] RSP: 002b:00007f99f82fec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.483251] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457ec9
[   52.490508] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006
[   52.497768] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[   52.505028] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99f82ff6d4
[   52.512290] R13: 00000000004c52f9 R14: 00000000004d8d58 R15: 00000000ffffffff
[   52.519555] Modules linked in:
[   52.522811] ---[ end trace 75e567c88ae5d940 ]---
[   52.527575] RIP: 0010:__smc_diag_dump.isra.0+0x32a/0x2b80
[   52.533127] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 08 25 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 7f 20 49 8d 7f 0e 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 b4
[   52.552042] RSP: 0018:ffff8880982ef120 EFLAGS: 00010203
[   52.557418] RAX: dffffc0000000000 RBX: ffff88808d28d280 RCX: 0000000000000000
[   52.564700] RDX: 0000000000000001 RSI: ffffffff87b995b2 RDI: 000000000000000e
[   52.571974] RBP: ffff8880982ef3e8 R08: ffff88808c2944c0 R09: ffff8880977f0f90
[   52.579255] R10: fffffbfff149fdc0 R11: ffffffff8a4fee03 R12: ffff88808e5d2760
[   52.586536] R13: ffff8880977f0f40 R14: ffff88808d28d6e0 R15: 0000000000000000
[   52.593819] FS:  00007f99f82ff700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[   52.602034] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.607947] CR2: 0000000000000000 CR3: 00000000a0a71000 CR4: 00000000001406f0
[   52.615232] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.622513] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.629775] Kernel panic - not syncing: Fatal exception
[   52.635982] Kernel Offset: disabled
[   52.639602] Rebooting in 86400 seconds..