[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 69.741750][ T27] audit: type=1800 audit(1578583296.974:25): pid=9537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 69.762520][ T27] audit: type=1800 audit(1578583296.974:26): pid=9537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 69.806608][ T27] audit: type=1800 audit(1578583296.984:27): pid=9537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.56' (ECDSA) to the list of known hosts. syzkaller login: [ 83.408515][ T9696] IPVS: ftp: loaded support on port[0] = 21 [ 83.478306][ T9696] chnl_net:caif_netlink_parms(): no params data found [ 83.510004][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.517885][ T9696] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.525702][ T9696] device bridge_slave_0 entered promiscuous mode [ 83.535182][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.542388][ T9696] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.550608][ T9696] device bridge_slave_1 entered promiscuous mode [ 83.569067][ T9696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.580107][ T9696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.600665][ T9696] team0: Port device team_slave_0 added [ 83.608095][ T9696] team0: Port device team_slave_1 added [ 83.688597][ T9696] device hsr_slave_0 entered promiscuous mode [ 83.737428][ T9696] device hsr_slave_1 entered promiscuous mode [ 83.860297][ T9696] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.899333][ T9696] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.938680][ T9696] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.989287][ T9696] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.067954][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.075259][ T9696] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.083178][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.090442][ T9696] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.131762][ T9696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.144343][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 84.154794][ T2956] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.162778][ T2956] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.170791][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 84.184712][ T9696] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.195254][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 84.203833][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.211010][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.222186][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.231510][ T2956] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.238611][ T2956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.260211][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 84.269074][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 84.278596][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 84.289982][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 84.304051][ T9696] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.315927][ T9696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 84.325688][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 84.343628][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 84.352005][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 84.363875][ T9696] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.383545][ T2956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 84.403255][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 84.411958][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 84.420001][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 84.431371][ T9696] device veth0_vlan entered promiscuous mode [ 84.443698][ T9696] device veth1_vlan entered promiscuous mode [ 84.467410][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 84.475597][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 84.577589][ T9696] ------------[ cut here ]------------ [ 84.583107][ T9696] ODEBUG: free active (active state 0) object type: work_struct hint: io_ring_file_ref_switch+0x0/0xac0 [ 84.594508][ T9696] WARNING: CPU: 1 PID: 9696 at lib/debugobjects.c:481 debug_print_object+0x168/0x250 [ 84.603955][ T9696] Kernel panic - not syncing: panic_on_warn set ... [ 84.610576][ T9696] CPU: 1 PID: 9696 Comm: syz-executor066 Not tainted 5.5.0-rc5-next-20200109-syzkaller #0 [ 84.620448][ T9696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.630498][ T9696] Call Trace: [ 84.633776][ T9696] dump_stack+0x197/0x210 [ 84.638099][ T9696] ? debug_print_object+0x120/0x250 [ 84.643284][ T9696] panic+0x2e3/0x75c [ 84.647159][ T9696] ? add_taint.cold+0x16/0x16 [ 84.651816][ T9696] ? __kasan_check_write+0x14/0x20 [ 84.656902][ T9696] ? __warn.cold+0x14/0x3e [ 84.661294][ T9696] ? __warn+0xd9/0x1cf [ 84.665395][ T9696] ? debug_print_object+0x168/0x250 [ 84.670570][ T9696] __warn.cold+0x2f/0x3e [ 84.674841][ T9696] ? debug_print_object+0x168/0x250 [ 84.680017][ T9696] report_bug+0x289/0x300 [ 84.684345][ T9696] do_error_trap+0x11b/0x200 [ 84.688928][ T9696] do_invalid_op+0x37/0x50 [ 84.693333][ T9696] ? debug_print_object+0x168/0x250 [ 84.698527][ T9696] invalid_op+0x23/0x30 [ 84.702667][ T9696] RIP: 0010:debug_print_object+0x168/0x250 [ 84.708540][ T9696] Code: dd 80 8c 91 88 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 00 00 00 48 8b 14 dd 80 8c 91 88 48 c7 c7 e0 81 91 88 e8 c7 95 a2 fd <0f> 0b 83 05 03 f8 00 07 01 48 83 c4 20 5b 41 5c 41 5d 41 5e 5d c3 [ 84.728124][ T9696] RSP: 0018:ffffc90001b77c30 EFLAGS: 00010082 [ 84.734167][ T9696] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 84.742116][ T9696] RDX: 0000000000000000 RSI: ffffffff815e68c6 RDI: fffff5200036ef78 [ 84.750070][ T9696] RBP: ffffc90001b77c70 R08: ffff888095d82100 R09: ffffed1015d245c9 [ 84.758019][ T9696] R10: ffffed1015d245c8 R11: ffff8880ae922e43 R12: 0000000000000001 [ 84.765979][ T9696] R13: ffffffff89b7c580 R14: ffffffff814c4450 R15: ffff8880a50ae690 [ 84.774075][ T9696] ? __exit_umh+0x2e0/0x2e0 [ 84.778575][ T9696] ? vprintk_func+0x86/0x189 [ 84.783150][ T9696] debug_check_no_obj_freed+0x2d4/0x43f [ 84.788688][ T9696] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 84.794218][ T9696] kfree+0xf8/0x2c0 [ 84.798009][ T9696] io_sqe_files_unregister+0x1fb/0x2f0 [ 84.803506][ T9696] io_ring_ctx_wait_and_kill+0x430/0x9a0 [ 84.809154][ T9696] ? write_comp_data+0x30/0x70 [ 84.813904][ T9696] io_uring_release+0x42/0x50 [ 84.818562][ T9696] __fput+0x2ff/0x890 [ 84.822529][ T9696] ? io_ring_ctx_wait_and_kill+0x9a0/0x9a0 [ 84.828318][ T9696] ____fput+0x16/0x20 [ 84.832292][ T9696] task_work_run+0x145/0x1c0 [ 84.836865][ T9696] exit_to_usermode_loop+0x316/0x380 [ 84.842130][ T9696] do_syscall_64+0x676/0x790 [ 84.846715][ T9696] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 84.852601][ T9696] RIP: 0033:0x403290 [ 84.856623][ T9696] Code: 01 f0 ff ff 0f 83 c0 0f 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d fd 9c 2d 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 94 0f 00 00 c3 48 83 ec 08 e8 fa 04 00 00 [ 84.876239][ T9696] RSP: 002b:00007ffcb0863058 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 84.884689][ T9696] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000403290 [ 84.892698][ T9696] RDX: 0000000020000280 RSI: 0000000000000002 RDI: 0000000000000003 [ 84.900703][ T9696] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000003 [ 84.908656][ T9696] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000004 [ 84.916606][ T9696] R13: 0000000000404740 R14: 0000000000000000 R15: 0000000000000000 [ 84.926102][ T9696] Kernel Offset: disabled [ 84.930522][ T9696] Rebooting in 86400 seconds..