[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.554808] kauditd_printk_skb: 7 callbacks suppressed [ 28.554822] audit: type=1800 audit(1543769391.864:29): pid=5849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.586748] audit: type=1800 audit(1543769391.874:30): pid=5849 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts. syzkaller login: [ 56.935363] IPVS: ftp: loaded support on port[0] = 21 [ 57.091322] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.098477] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.105794] device bridge_slave_0 entered promiscuous mode [ 57.123761] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.130341] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.137333] device bridge_slave_1 entered promiscuous mode [ 57.154505] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.172402] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 57.220155] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.239683] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.313908] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 57.321922] team0: Port device team_slave_0 added [ 57.338473] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 57.345716] team0: Port device team_slave_1 added [ 57.362921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.381910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.401570] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.421141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 57.566949] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.573510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.580447] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.586816] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 58.088913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.137902] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.187527] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.193690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.201394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.249303] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 58.785396] BUG: unable to handle kernel paging request at ffff888220000000 [ 58.792776] PGD be01067 P4D be01067 PUD be04067 PMD 0 [ 58.798044] Oops: 0000 [#1] PREEMPT SMP KASAN [ 58.802521] CPU: 1 PID: 6005 Comm: syz-executor941 Not tainted 4.20.0-rc4+ #262 [ 58.809942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 58.819285] RIP: 0010:do_csum+0x192/0x410 [ 58.823415] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 58.842510] RSP: 0018:ffff8881cd606518 EFLAGS: 00010202 [ 58.847849] RAX: 0000000000000000 RBX: 154458b985b9e73e RCX: ffffffff87d8eca6 [ 58.855115] RDX: 0000000000000000 RSI: 00000000024af006 RDI: 0000000000000000 [ 58.862380] RBP: ffff8881cd606550 R08: ffff8881c1dd2000 R09: ffff8881b2bd0194 [ 58.869840] R10: 000000000000ffd4 R11: ffffea0006db8db7 R12: 00000000ffff0038 [ 58.877188] R13: ffff8881b2bd0198 R14: 00000000024af006 R15: ffff88821fffffd8 [ 58.884461] FS: 0000000000000000(0000) GS:ffff8881daf00000(0063) knlGS:0000000008738840 [ 58.892670] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 58.898547] CR2: ffff888220000000 CR3: 00000001c150f000 CR4: 00000000001406e0 [ 58.905799] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.913048] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.920355] Call Trace: [ 58.922931] csum_partial+0x21/0x30 [ 58.926540] tcp_gso_segment+0xa7d/0x17b0 [ 58.930670] ? sk_common_release+0x320/0x320 [ 58.935173] tcp6_gso_segment+0x1c8/0x580 [ 58.939323] ipv6_gso_segment+0x554/0x1130 [ 58.943536] ? audit_tree_freeing_mark+0xee2/0xfd0 [ 58.948472] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 58.953456] ? __lock_is_held+0xb5/0x140 [ 58.957563] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 58.962389] inet_gso_segment+0x639/0x1350 [ 58.966605] ? inet_sock_destruct+0x9b0/0x9b0 [ 58.971085] ipv6_gso_segment+0x554/0x1130 [ 58.975297] ? skb_mac_gso_segment+0x229/0x740 [ 58.979863] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 58.984686] ? kasan_check_read+0x11/0x20 [ 58.988834] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 58.994089] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 58.999257] ? rcu_softirq_qs+0x20/0x20 [ 59.003222] ? skb_network_protocol+0xfc/0x4c0 [ 59.007789] skb_mac_gso_segment+0x3b3/0x740 [ 59.012180] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 59.017021] ? skb_network_protocol+0x4c0/0x4c0 [ 59.021788] ? print_usage_bug+0xc0/0xc0 [ 59.025844] ? __lock_acquire+0x2aff/0x4c20 [ 59.030163] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 59.035336] ? skb_network_protocol+0xfc/0x4c0 [ 59.039903] __skb_gso_segment+0x3c3/0x880 [ 59.044121] ? skb_mac_gso_segment+0x740/0x740 [ 59.048686] validate_xmit_skb+0x640/0xf30 [ 59.052904] ? netif_skb_features+0xb70/0xb70 [ 59.057380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.062898] ? check_preemption_disabled+0x48/0x280 [ 59.067967] validate_xmit_skb_list+0xd1/0x140 [ 59.072535] sch_direct_xmit+0x30e/0x1130 [ 59.076668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.082199] ? check_preemption_disabled+0x48/0x280 [ 59.087197] ? dev_watchdog+0xb10/0xb10 [ 59.091266] ? __lock_is_held+0xb5/0x140 [ 59.095331] __qdisc_run+0x636/0x1990 [ 59.099133] ? sch_direct_xmit+0x1130/0x1130 [ 59.103554] ? lock_acquire+0x1ed/0x520 [ 59.107512] ? dev_queue_xmit+0x17/0x20 [ 59.111498] ? lock_release+0xa00/0xa00 [ 59.115453] ? mini_qdisc_pair_init+0x160/0x160 [ 59.120164] __dev_queue_xmit+0x1915/0x3ad0 [ 59.124475] ? dev_queue_xmit+0x17/0x20 [ 59.128434] ? netdev_pick_tx+0x310/0x310 [ 59.132560] ? __alloc_skb+0x4c6/0x770 [ 59.136436] ? mark_held_locks+0x130/0x130 [ 59.140930] ? zap_class+0x640/0x640 [ 59.144630] ? zap_class+0x640/0x640 [ 59.148327] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.153867] ? refcount_add_not_zero_checked+0x21e/0x330 [ 59.159301] ? find_held_lock+0x36/0x1c0 [ 59.163435] ? perf_trace_sched_process_exec+0x860/0x860 [ 59.168904] ? kasan_check_write+0x14/0x20 [ 59.173238] ? copyin+0xb7/0x100 [ 59.176592] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 59.181593] ? copy_page_from_iter+0x541/0x8f0 [ 59.186185] ? _copy_from_iter+0xf70/0xf70 [ 59.190400] ? _copy_from_iter_full+0x2d8/0xce0 [ 59.195049] ? kasan_check_read+0x11/0x20 [ 59.199175] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 59.204431] ? skb_copy_datagram_from_iter+0x451/0x660 [ 59.209690] dev_queue_xmit+0x17/0x20 [ 59.213468] ? dev_queue_xmit+0x17/0x20 [ 59.217421] packet_sendmsg+0x430a/0x6570 [ 59.221549] ? find_held_lock+0x36/0x1c0 [ 59.225597] ? packet_getname+0x5f0/0x5f0 [ 59.229735] ? rcu_pm_notify+0xc0/0xc0 [ 59.233605] ? tg_cfs_schedulable_down+0x10/0x330 [ 59.238445] ? compat_rw_copy_check_uvector+0x3bb/0x440 [ 59.243788] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 59.249303] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 59.254217] ? aa_sk_perm+0x22b/0x8e0 [ 59.258009] ? compat_import_iovec+0x2a3/0x4af [ 59.262572] ? aa_af_perm+0x5a0/0x5a0 [ 59.266353] ? move_addr_to_kernel.part.18+0xc6/0x100 [ 59.271521] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 59.276430] ? apparmor_socket_sendmsg+0x29/0x30 [ 59.281280] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.286829] ? security_socket_sendmsg+0x94/0xc0 [ 59.291592] ? packet_getname+0x5f0/0x5f0 [ 59.295738] sock_sendmsg+0xd5/0x120 [ 59.299434] ___sys_sendmsg+0x7fd/0x930 [ 59.303387] ? lock_downgrade+0x900/0x900 [ 59.307523] ? check_preemption_disabled+0x48/0x280 [ 59.312524] ? copy_msghdr_from_user+0x580/0x580 [ 59.317262] ? perf_trace_sched_process_exec+0x860/0x860 [ 59.322710] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.328228] ? __fget_light+0x2e9/0x430 [ 59.332198] ? fget_raw+0x20/0x20 [ 59.335645] ? aa_af_perm+0x5a0/0x5a0 [ 59.339431] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 59.344951] ? sockfd_lookup_light+0xc5/0x160 [ 59.349443] __sys_sendmsg+0x11d/0x280 [ 59.353311] ? __ia32_sys_shutdown+0x80/0x80 [ 59.357705] ? __compat_sys_setsockopt+0x235/0x860 [ 59.362618] ? do_fast_syscall_32+0x150/0xfb2 [ 59.367105] ? do_fast_syscall_32+0x150/0xfb2 [ 59.371582] ? trace_hardirqs_off_caller+0x310/0x310 [ 59.376669] __ia32_compat_sys_sendmsg+0x7a/0xb0 [ 59.381407] do_fast_syscall_32+0x34d/0xfb2 [ 59.385731] ? do_int80_syscall_32+0x890/0x890 [ 59.390295] ? entry_SYSENTER_compat+0x68/0x7f [ 59.394857] ? trace_hardirqs_off_caller+0xbb/0x310 [ 59.399854] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 59.404676] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 59.409500] ? trace_hardirqs_on_caller+0x310/0x310 [ 59.414512] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 59.419509] ? prepare_exit_to_usermode+0x291/0x3b0 [ 59.424522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 59.429346] entry_SYSENTER_compat+0x70/0x7f [ 59.433732] RIP: 0023:0xf7f13a29 [ 59.437081] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 59.455962] RSP: 002b:00000000ff9b710c EFLAGS: 00000217 ORIG_RAX: 0000000000000172 [ 59.463650] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000480 [ 59.470900] RDX: 0000000000000000 RSI: 0000000000000174 RDI: 00000000ffffffff [ 59.478152] RBP: 0000000020000440 R08: 0000000000000000 R09: 0000000000000000 [ 59.485405] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 59.492670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 59.499921] Modules linked in: [ 59.503093] CR2: ffff888220000000 [ 59.506527] ---[ end trace 5805c32444f219be ]--- [ 59.511260] RIP: 0010:do_csum+0x192/0x410 [ 59.515388] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 59.534273] RSP: 0018:ffff8881cd606518 EFLAGS: 00010202 [ 59.539613] RAX: 0000000000000000 RBX: 154458b985b9e73e RCX: ffffffff87d8eca6 [ 59.546865] RDX: 0000000000000000 RSI: 00000000024af006 RDI: 0000000000000000 [ 59.554112] RBP: ffff8881cd606550 R08: ffff8881c1dd2000 R09: ffff8881b2bd0194 [ 59.561373] R10: 000000000000ffd4 R11: ffffea0006db8db7 R12: 00000000ffff0038 [ 59.568628] R13: ffff8881b2bd0198 R14: 00000000024af006 R15: ffff88821fffffd8 [ 59.575910] FS: 0000000000000000(0000) GS:ffff8881daf00000(0063) knlGS:0000000008738840 [ 59.584113] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 59.589988] CR2: ffff888220000000 CR3: 00000001c150f000 CR4: 00000000001406e0 [ 59.597238] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.604746] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.611994] Kernel panic - not syncing: Fatal exception in interrupt [ 59.619417] Kernel Offset: disabled [ 59.623036] Rebooting in 86400 seconds..