[   72.326184][   T26] audit: type=1800 audit(1568564605.412:27): pid=10118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   72.347826][   T26] audit: type=1800 audit(1568564605.422:28): pid=10118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   73.362437][   T26] audit: type=1800 audit(1568564606.522:29): pid=10118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   73.384376][   T26] audit: type=1800 audit(1568564606.522:30): pid=10118 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.27' (ECDSA) to the list of known hosts.
syzkaller login: [   83.525369][T10270] IPVS: ftp: loaded support on port[0] = 21
[   83.570083][T10270] chnl_net:caif_netlink_parms(): no params data found
[   83.593447][T10270] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.600756][T10270] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.608531][T10270] device bridge_slave_0 entered promiscuous mode
[   83.616005][T10270] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.623138][T10270] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.630682][T10270] device bridge_slave_1 entered promiscuous mode
[   83.645982][T10270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.656680][T10270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.672947][T10270] team0: Port device team_slave_0 added
[   83.681163][T10270] team0: Port device team_slave_1 added
[   83.763378][T10270] device hsr_slave_0 entered promiscuous mode
[   83.832049][T10270] device hsr_slave_1 entered promiscuous mode
[   83.907011][T10270] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.914218][T10270] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.921680][T10270] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.928954][T10270] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.954150][T10270] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.965469][ T3339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.973843][ T3339] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.981425][ T3339] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.991353][ T3339] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   84.001444][T10270] 8021q: adding VLAN 0 to HW filter on device team0
[   84.011396][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.020360][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.027572][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.052427][T10274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   84.060791][T10274] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.067881][T10274] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.076254][T10274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   84.085588][T10274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   84.095082][T10274] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
executing program
[   84.104823][ T3339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   84.116249][T10270] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.127847][T10270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.135707][ T3339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   84.151042][T10270] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.183571][T10270] netlink: 'syz-executor129': attribute type 1 has an invalid length.
[   84.192706][T10270] kasan: CONFIG_KASAN_INLINE enabled
[   84.197974][T10270] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   84.206350][T10270] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   84.213326][T10270] CPU: 1 PID: 10270 Comm: syz-executor129 Not tainted 5.3.0-rc8+ #0
[   84.221304][T10270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.231492][T10270] RIP: 0010:qdisc_put+0x25/0x90
[   84.236355][T10270] Code: 00 00 00 00 00 55 48 89 e5 41 54 49 89 fc 53 e8 81 2f bf fb 49 8d 7c 24 10 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 54 41 8b 5c 24 10 31 ff 83 e3 01
[   84.256310][T10270] RSP: 0018:ffff88808f6bf470 EFLAGS: 00010202
[   84.262393][T10270] RAX: dffffc0000000000 RBX: ffff888096b03b40 RCX: 1ffffffff134b5fe
[   84.270456][T10270] RDX: 0000000000000002 RSI: ffffffff85b3557f RDI: 0000000000000010
[   84.278487][T10270] RBP: ffff88808f6bf480 R08: ffff88808db9e400 R09: fffffbfff134afc0
[   84.286667][T10270] R10: fffffbfff134afbf R11: ffffffff89a57dff R12: 0000000000000000
[   84.294628][T10270] R13: ffff888096b03b40 R14: ffff8880932da600 R15: ffff888096b03b7c
[   84.302600][T10270] FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:0000000057728840
[   84.311612][T10270] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   84.318187][T10270] CR2: 0000000020000600 CR3: 00000000a1ed6000 CR4: 00000000001406e0
[   84.326150][T10270] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.334122][T10270] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.342175][T10270] Call Trace:
[   84.345482][T10270]  dsmark_destroy+0x63/0xd0
[   84.349969][T10270]  ? dsmark_peek+0x90/0x90
[   84.354390][T10270]  qdisc_create+0xbc6/0x1210
[   84.358974][T10270]  ? tc_get_qdisc+0xc10/0xc10
[   84.363673][T10270]  ? __nla_parse+0x43/0x60
[   84.368107][T10270]  tc_modify_qdisc+0x524/0x1c50
[   84.372970][T10270]  ? qdisc_create+0x1210/0x1210
[   84.377818][T10270]  ? rtnetlink_rcv_msg+0x1ea/0xb00
[   84.383013][T10270]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   84.389238][T10270]  ? qdisc_create+0x1210/0x1210
[   84.394087][T10270]  rtnetlink_rcv_msg+0x463/0xb00
[   84.399108][T10270]  ? rtnetlink_put_metrics+0x580/0x580
[   84.404551][T10270]  ? netdev_core_pick_tx+0x2f0/0x2f0
[   84.409904][T10270]  ? __copy_skb_header+0x250/0x550
[   84.415028][T10270]  netlink_rcv_skb+0x177/0x450
[   84.419776][T10270]  ? rtnetlink_put_metrics+0x580/0x580
[   84.425231][T10270]  ? netlink_ack+0xb30/0xb30
[   84.429861][T10270]  ? netlink_deliver_tap+0x254/0xbf0
[   84.435254][T10270]  rtnetlink_rcv+0x1d/0x30
[   84.439718][T10270]  netlink_unicast+0x531/0x710
[   84.444517][T10270]  ? netlink_attachskb+0x7c0/0x7c0
[   84.450224][T10270]  ? _copy_from_iter_full+0x25d/0x8a0
[   84.455603][T10270]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   84.461305][T10270]  ? __check_object_size+0x3d/0x437
[   84.466499][T10270]  netlink_sendmsg+0x8a5/0xd60
[   84.471279][T10270]  ? netlink_unicast+0x710/0x710
[   84.476214][T10270]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[   84.481788][T10270]  ? apparmor_socket_sendmsg+0x2a/0x30
[   84.487782][T10270]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   84.494007][T10270]  ? security_socket_sendmsg+0x8d/0xc0
[   84.499623][T10270]  ? netlink_unicast+0x710/0x710
[   84.504564][T10270]  sock_sendmsg+0xd7/0x130
[   84.508974][T10270]  ___sys_sendmsg+0x803/0x920
[   84.514467][T10270]  ? copy_msghdr_from_user+0x440/0x440
[   84.519912][T10270]  ? _copy_to_user+0x118/0x160
[   84.524665][T10270]  ? __might_fault+0x12b/0x1e0
[   84.529497][T10270]  ? __kasan_check_read+0x11/0x20
[   84.534530][T10270]  ? lock_downgrade+0x920/0x920
[   84.539415][T10270]  ? __might_fault+0xfb/0x1e0
[   84.544106][T10270]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   84.550415][T10270]  ? __fget_light+0x1a9/0x230
[   84.555086][T10270]  ? __fdget+0x1b/0x20
[   84.559144][T10270]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   84.565399][T10270]  __sys_sendmsg+0x105/0x1d0
[   84.569981][T10270]  ? __sys_sendmsg_sock+0xd0/0xd0
[   84.575003][T10270]  ? up_read+0x159/0x570
[   84.579232][T10270]  ? security_file_ioctl+0x8d/0xc0
[   84.584335][T10270]  ? entry_SYSENTER_compat+0x68/0x7f
[   84.589606][T10270]  __ia32_compat_sys_sendmsg+0x7a/0xb0
[   84.595056][T10270]  do_fast_syscall_32+0x27b/0xdb3
[   84.600065][T10270]  entry_SYSENTER_compat+0x70/0x7f
[   84.605168][T10270] RIP: 0023:0xf7faaa29
[   84.609218][T10270] Code: b8 80 96 98 00 eb cc 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   84.628810][T10270] RSP: 002b:00000000ff83a04c EFLAGS: 00000202 ORIG_RAX: 0000000000000172
[   84.637208][T10270] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[   84.645190][T10270] RDX: 0000000000000000 RSI: 00000000f7faa28c RDI: 0000000000000004
[   84.653173][T10270] RBP: 0000000057729018 R08: 0000000000000000 R09: 0000000000000000
[   84.661150][T10270] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   84.669117][T10270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   84.677227][T10270] Modules linked in:
[   84.682856][T10270] ---[ end trace b61b255a674607e9 ]---
[   84.688513][T10270] RIP: 0010:qdisc_put+0x25/0x90
[   84.693830][T10270] Code: 00 00 00 00 00 55 48 89 e5 41 54 49 89 fc 53 e8 81 2f bf fb 49 8d 7c 24 10 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 54 41 8b 5c 24 10 31 ff 83 e3 01
[   84.714447][T10270] RSP: 0018:ffff88808f6bf470 EFLAGS: 00010202
[   84.721072][T10270] RAX: dffffc0000000000 RBX: ffff888096b03b40 RCX: 1ffffffff134b5fe
[   84.729430][T10270] RDX: 0000000000000002 RSI: ffffffff85b3557f RDI: 0000000000000010
[   84.737584][T10270] RBP: ffff88808f6bf480 R08: ffff88808db9e400 R09: fffffbfff134afc0
[   84.745582][T10270] R10: fffffbfff134afbf R11: ffffffff89a57dff R12: 0000000000000000
[   84.753583][T10270] R13: ffff888096b03b40 R14: ffff8880932da600 R15: ffff888096b03b7c
[   84.761666][T10270] FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:0000000057728840
[   84.770576][T10270] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   84.777726][T10270] CR2: 0000000020000600 CR3: 00000000a1ed6000 CR4: 00000000001406e0
[   84.786008][T10270] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.794021][T10270] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.802186][T10270] Kernel panic - not syncing: Fatal exception
[   84.809999][T10270] Kernel Offset: disabled
[   84.814345][T10270] Rebooting in 86400 seconds..