[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 62.101197][ T26] audit: type=1800 audit(1570940135.350:25): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 62.147420][ T26] audit: type=1800 audit(1570940135.350:26): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 62.194081][ T26] audit: type=1800 audit(1570940135.360:27): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.137' (ECDSA) to the list of known hosts. syzkaller login: [ 84.611056][ T8986] IPVS: ftp: loaded support on port[0] = 21 [ 84.671153][ T8986] chnl_net:caif_netlink_parms(): no params data found [ 84.701395][ T8986] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.709517][ T8986] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.718068][ T8986] device bridge_slave_0 entered promiscuous mode [ 84.726438][ T8986] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.733789][ T8986] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.745426][ T8986] device bridge_slave_1 entered promiscuous mode [ 84.763986][ T8986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.774890][ T8986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.795083][ T8986] team0: Port device team_slave_0 added [ 84.802911][ T8986] team0: Port device team_slave_1 added [ 84.860221][ T8986] device hsr_slave_0 entered promiscuous mode [ 84.927773][ T8986] device hsr_slave_1 entered promiscuous mode [ 84.996625][ T8986] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.004637][ T8986] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.014814][ T8986] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.022102][ T8986] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.061768][ T8986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.073837][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 85.085810][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.096907][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.105871][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 85.119240][ T8986] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.130241][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 85.139776][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.146868][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.159404][ T3219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 85.168556][ T3219] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.176069][ T3219] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.197250][ T8986] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 85.208604][ T8986] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.223104][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 85.232209][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 85.241277][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 85.250402][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready executing program [ 85.258989][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 85.266791][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 85.284774][ T8986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.329177][ T8986] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 85.337430][ T8986] #PF: supervisor instruction fetch in kernel mode [ 85.343938][ T8986] #PF: error_code(0x0010) - not-present page [ 85.349908][ T8986] PGD 924e5067 P4D 924e5067 PUD a4324067 PMD 0 [ 85.356143][ T8986] Oops: 0010 [#1] PREEMPT SMP KASAN [ 85.361339][ T8986] CPU: 1 PID: 8986 Comm: syz-executor050 Not tainted 5.4.0-rc2+ #0 [ 85.369222][ T8986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.379315][ T8986] RIP: 0010:0x0 [ 85.382770][ T8986] Code: Bad RIP value. [ 85.387081][ T8986] RSP: 0018:ffff888095e2f848 EFLAGS: 00010246 [ 85.393169][ T8986] RAX: 0000000000000000 RBX: ffff8880a7c02000 RCX: 1ffff11014f80494 [ 85.401133][ T8986] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffff8880a79b0000 [ 85.409112][ T8986] RBP: ffff888095e2f880 R08: ffff88809fce0080 R09: ffffed1014f80449 [ 85.417086][ T8986] R10: ffffed1014f80448 R11: ffff8880a7c02247 R12: 0000000000000002 [ 85.425159][ T8986] R13: 0000000000000304 R14: ffff8880a79b0000 R15: 0000000000000000 [ 85.433123][ T8986] FS: 000000000259a880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 85.442040][ T8986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.448613][ T8986] CR2: ffffffffffffffd6 CR3: 00000000a0aa6000 CR4: 00000000001406e0 [ 85.456573][ T8986] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.464536][ T8986] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.472513][ T8986] Call Trace: [ 85.475810][ T8986] xsk_poll+0x1e7/0x5a0 [ 85.479955][ T8986] ? xsk_setsockopt+0x730/0x730 [ 85.484814][ T8986] sock_poll+0x15e/0x480 [ 85.489047][ T8986] ? do_recvmmsg+0x7a0/0x7a0 [ 85.493628][ T8986] do_sys_poll+0x63c/0xdd0 [ 85.498044][ T8986] ? arch_stack_walk+0x97/0xf0 [ 85.502815][ T8986] ? compat_core_sys_select+0x770/0x770 [ 85.508351][ T8986] ? __rtnl_unlock+0x36/0x90 [ 85.512940][ T8986] ? find_held_lock+0x35/0x130 [ 85.517707][ T8986] ? lock_downgrade+0x920/0x920 [ 85.522572][ T8986] ? __kasan_check_write+0x14/0x20 [ 85.527669][ T8986] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 85.533203][ T8986] ? find_held_lock+0x35/0x130 [ 85.537951][ T8986] ? poll_initwait+0x180/0x180 [ 85.543315][ T8986] ? poll_freewait+0x260/0x260 [ 85.548084][ T8986] ? mutex_unlock+0xd/0x10 [ 85.552501][ T8986] ? __rtnl_unlock+0x7c/0x90 [ 85.557075][ T8986] ? netdev_run_todo+0x559/0x7d0 [ 85.562032][ T8986] ? __kasan_check_write+0x14/0x20 [ 85.567147][ T8986] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 85.572699][ T8986] ? register_netdev+0x50/0x50 [ 85.577455][ T8986] ? wait_for_completion+0x440/0x440 [ 85.582755][ T8986] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 85.588550][ T8986] ? xdp_add_sk_umem+0x134/0x1c0 [ 85.593478][ T8986] ? rtnl_unlock+0xe/0x10 [ 85.597800][ T8986] ? xsk_bind+0x1e7/0x1190 [ 85.602233][ T8986] ? xsk_clear_rx_need_wakeup+0x100/0x100 [ 85.607964][ T8986] ? apparmor_socket_bind+0xb6/0x160 [ 85.613254][ T8986] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 85.619497][ T8986] ? security_socket_bind+0x8d/0xc0 [ 85.624703][ T8986] ? set_user_sigmask+0x166/0x1e0 [ 85.629738][ T8986] ? sigprocmask+0x2b0/0x2b0 [ 85.634319][ T8986] ? __ia32_sys_socketpair+0xf0/0xf0 [ 85.639703][ T8986] __x64_sys_ppoll+0x259/0x310 [ 85.644458][ T8986] ? __sys_socket+0x180/0x220 [ 85.649126][ T8986] ? __ia32_sys_poll+0x470/0x470 [ 85.654069][ T8986] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 85.659519][ T8986] ? do_syscall_64+0x26/0x760 [ 85.664184][ T8986] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 85.670238][ T8986] ? do_syscall_64+0x26/0x760 [ 85.674996][ T8986] ? lockdep_hardirqs_on+0x421/0x5e0 [ 85.680277][ T8986] ? trace_hardirqs_on+0x67/0x240 [ 85.685310][ T8986] do_syscall_64+0xfa/0x760 [ 85.689811][ T8986] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 85.695687][ T8986] RIP: 0033:0x441bd9 [ 85.700004][ T8986] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 85.719594][ T8986] RSP: 002b:00007fff33a1fe38 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 85.728008][ T8986] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441bd9 [ 85.735968][ T8986] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000020000040 [ 85.744814][ T8986] RBP: 00007fff33a1fe50 R08: 0000000000000000 R09: 0000000001bbbbbb [ 85.752775][ T8986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.760734][ T8986] R13: 0000000000403170 R14: 0000000000000000 R15: 0000000000000000 [ 85.768694][ T8986] Modules linked in: [ 85.772575][ T8986] CR2: 0000000000000000 [ 85.778965][ T8986] ---[ end trace a8d44e42f57b6874 ]--- [ 85.784498][ T8986] RIP: 0010:0x0 [ 85.788067][ T8986] Code: Bad RIP value. [ 85.792146][ T8986] RSP: 0018:ffff888095e2f848 EFLAGS: 00010246 [ 85.798813][ T8986] RAX: 0000000000000000 RBX: ffff8880a7c02000 RCX: 1ffff11014f80494 [ 85.806984][ T8986] RDX: 0000000000000002 RSI: 0000000000000000 RDI: ffff8880a79b0000 [ 85.815056][ T8986] RBP: ffff888095e2f880 R08: ffff88809fce0080 R09: ffffed1014f80449 [ 85.823113][ T8986] R10: ffffed1014f80448 R11: ffff8880a7c02247 R12: 0000000000000002 [ 85.831329][ T8986] R13: 0000000000000304 R14: ffff8880a79b0000 R15: 0000000000000000 [ 85.839395][ T8986] FS: 000000000259a880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 85.848386][ T8986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.854958][ T8986] CR2: ffffffffffffffd6 CR3: 00000000a0aa6000 CR4: 00000000001406e0 [ 85.862984][ T8986] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.871171][ T8986] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.879222][ T8986] Kernel panic - not syncing: Fatal exception [ 85.886852][ T8986] Kernel Offset: disabled [ 85.891315][ T8986] Rebooting in 86400 seconds..