[ 37.739394] audit: type=1800 audit(1550965417.275:26): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 37.772562] audit: type=1800 audit(1550965417.275:27): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 37.793593] audit: type=1800 audit(1550965417.275:28): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 38.475918] audit: type=1800 audit(1550965418.025:29): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.123' (ECDSA) to the list of known hosts. syzkaller login: [ 50.395387] IPVS: ftp: loaded support on port[0] = 21 [ 50.453886] chnl_net:caif_netlink_parms(): no params data found [ 50.482710] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.490063] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.497048] device bridge_slave_0 entered promiscuous mode [ 50.504895] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.511262] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.518244] device bridge_slave_1 entered promiscuous mode [ 50.534615] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 50.543862] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 50.561015] team0: Port device team_slave_0 added [ 50.567544] team0: Port device team_slave_1 added [ 50.624821] device hsr_slave_0 entered promiscuous mode [ 50.663192] device hsr_slave_1 entered promiscuous mode [ 50.739907] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.746373] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.753306] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.759659] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.788584] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.799422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.818878] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.826050] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.834437] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 50.844710] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.854118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.861801] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.868210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.883833] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.891415] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.897840] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.906075] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.914354] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.922348] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 50.931894] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready executing program [ 50.944737] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 50.955216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 50.962127] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.979976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.991551] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 51.383261] WARNING: CPU: 0 PID: 7811 at net/ipv4/tcp_output.c:2535 tcp_send_loss_probe+0x771/0x8a0 [ 51.392559] Kernel panic - not syncing: panic_on_warn set ... [ 51.398430] CPU: 0 PID: 7811 Comm: kworker/0:3 Not tainted 5.0.0-rc7+ #92 [ 51.405333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.414676] Workqueue: events iterate_cleanup_work [ 51.419583] Call Trace: [ 51.422143] [ 51.424280] dump_stack+0x172/0x1f0 [ 51.427891] ? tcp_send_loss_probe+0x750/0x8a0 [ 51.432457] panic+0x2cb/0x65c [ 51.435643] ? __warn_printk+0xf3/0xf3 [ 51.439513] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.444075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 51.449590] ? __warn.cold+0x5/0x45 [ 51.453197] ? __warn+0xe8/0x1d0 [ 51.456544] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.461105] __warn.cold+0x20/0x45 [ 51.464629] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.469195] report_bug+0x263/0x2b0 [ 51.472808] do_error_trap+0x11b/0x200 [ 51.476678] do_invalid_op+0x37/0x50 [ 51.480393] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.484958] invalid_op+0x14/0x20 [ 51.488388] RIP: 0010:tcp_send_loss_probe+0x771/0x8a0 [ 51.493559] Code: 88 fc ff ff 4c 89 ef e8 ed 61 c9 fb e9 c8 fc ff ff e8 43 62 c9 fb e9 63 fd ff ff e8 d9 61 c9 fb e9 94 f9 ff ff e8 5f 61 92 fb <0f> 0b e9 7d fa ff ff e8 53 61 92 fb 0f b6 1d 3a 5d 7b 03 31 ff 89 [ 51.512452] RSP: 0018:ffff8880ae807c68 EFLAGS: 00010206 [ 51.517811] RAX: ffff8880a0c48300 RBX: 0000000000000000 RCX: ffffffff85dd7b4b [ 51.525060] RDX: 0000000000000100 RSI: ffffffff85dd8021 RDI: 0000000000000005 [ 51.532311] RBP: ffff8880ae807c98 R08: ffff8880a0c48300 R09: ffffed1011cd0339 [ 51.539557] R10: ffffed1011cd0338 R11: ffff88808e6819c3 R12: ffff88808c510040 [ 51.546817] R13: ffff88808e681800 R14: 0000000000008000 R15: ffff88808c510850 [ 51.554084] ? tcp_send_loss_probe+0x29b/0x8a0 [ 51.558645] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.563208] ? tcp_send_loss_probe+0x771/0x8a0 [ 51.567806] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 51.572809] tcp_write_timer_handler+0x4f8/0x8e0 [ 51.577547] tcp_write_timer+0x10e/0x1d0 [ 51.581593] call_timer_fn+0x190/0x720 [ 51.585464] ? tcp_write_timer_handler+0x8e0/0x8e0 [ 51.590373] ? process_timeout+0x40/0x40 [ 51.594413] ? run_timer_softirq+0x647/0x1700 [ 51.598891] ? trace_hardirqs_on+0x67/0x230 [ 51.603194] ? kasan_check_read+0x11/0x20 [ 51.607323] ? tcp_write_timer_handler+0x8e0/0x8e0 [ 51.612230] run_timer_softirq+0x652/0x1700 [ 51.616539] ? add_timer+0xbe0/0xbe0 [ 51.620232] ? __lock_is_held+0xb6/0x140 [ 51.624287] ? check_preemption_disabled+0x48/0x290 [ 51.629288] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 51.634725] __do_softirq+0x266/0x95a [ 51.638508] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 51.644113] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 51.649636] irq_exit+0x180/0x1d0 [ 51.653072] smp_apic_timer_interrupt+0x14a/0x570 [ 51.657897] apic_timer_interrupt+0xf/0x20 [ 51.662268] [ 51.664487] RIP: 0010:lock_is_held_type+0x50/0x210 [ 51.669396] Code: 48 83 ec 08 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 61 01 00 00 8b 83 7c 08 00 00 <85> c0 0f 85 39 01 00 00 48 c7 c0 e8 82 92 88 48 ba 00 00 00 00 00 [ 51.688274] RSP: 0018:ffff8880979ffb70 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 51.695965] RAX: 0000000000000000 RBX: ffff8880a0c48300 RCX: 1ffffffff12b9587 [ 51.703214] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff8880a0c48b7c [ 51.710465] RBP: ffff8880979ffb90 R08: ffff8880a0c48300 R09: ffff8880a0c48bc8 [ 51.717713] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff889a42c0 [ 51.724961] R13: 0000000000000775 R14: 0000000000000001 R15: dffffc0000000000 [ 51.732225] ___might_sleep+0x201/0x280 [ 51.736183] nf_ct_iterate_cleanup+0x22a/0x4e0 [ 51.740776] ? nf_ct_alloc_hashtable+0x150/0x150 [ 51.745517] nf_ct_iterate_cleanup_net+0x133/0x190 [ 51.750431] ? nf_nat_masquerade_ipv6_unregister_notifier+0x70/0x70 [ 51.756818] ? nf_ct_iterate_cleanup+0x4e0/0x4e0 [ 51.761550] ? nf_nat_masquerade_ipv6_unregister_notifier+0x70/0x70 [ 51.767932] ? __lock_is_held+0xb6/0x140 [ 51.771973] ? check_preemption_disabled+0x48/0x290 [ 51.776974] iterate_cleanup_work+0x4a/0xe0 [ 51.781276] process_one_work+0x98e/0x1790 [ 51.785563] ? pwq_dec_nr_in_flight+0x320/0x320 [ 51.790209] ? lock_acquire+0x16f/0x3f0 [ 51.794169] worker_thread+0x98/0xe40 [ 51.797951] ? trace_hardirqs_on+0x67/0x230 [ 51.802271] kthread+0x357/0x430 [ 51.805632] ? process_one_work+0x1790/0x1790 [ 51.810111] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 51.815871] ret_from_fork+0x3a/0x50 [ 51.820775] Kernel Offset: disabled [ 51.824451] Rebooting in 86400 seconds..