[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 27.124467] kauditd_printk_skb: 7 callbacks suppressed [ 27.124479] audit: type=1800 audit(1540984761.307:29): pid=5521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 27.149794] audit: type=1800 audit(1540984761.317:30): pid=5521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.95' (ECDSA) to the list of known hosts. syzkaller login: [ 65.037524] IPVS: ftp: loaded support on port[0] = 21 [ 65.192937] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.199762] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.206750] device bridge_slave_0 entered promiscuous mode [ 65.224852] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.231413] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.238356] device bridge_slave_1 entered promiscuous mode [ 65.256338] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 65.274341] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 65.322766] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 65.342371] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 65.414746] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 65.422302] team0: Port device team_slave_0 added [ 65.439192] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 65.446273] team0: Port device team_slave_1 added [ 65.463373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.482864] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.500856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.519699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 65.662290] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.668778] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.675576] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.682013] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 66.187220] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.236850] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 66.287315] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 66.293460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 66.301480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.345080] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 66.655755] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 66.669212] CPU: 1 PID: 5918 Comm: syz-executor491 Not tainted 4.19.0+ #312 [ 66.676300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.685635] Call Trace: [ 66.688199] [ 66.690339] dump_stack+0x244/0x39d [ 66.693957] ? dump_stack_print_info.cold.1+0x20/0x20 [ 66.699133] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 66.704708] ? tfrc_rx_handle_loss+0x67b/0x1eb0 [ 66.709507] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 66.714694] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 66.719435] ? dccp_parse_options+0x4a1/0x12f0 [ 66.724004] ? ccid3_first_li+0x400/0x400 [ 66.728145] dccp_deliver_input_to_ccids+0xf0/0x280 [ 66.733261] dccp_rcv_established+0x87/0xb0 [ 66.737569] dccp_v4_do_rcv+0x153/0x180 [ 66.741580] __sk_receive_skb+0x3e5/0xec0 [ 66.745724] ? sk_free+0x50/0x50 [ 66.749091] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 66.753576] ? reqsk_fastopen_remove+0x660/0x660 [ 66.758318] ? lock_downgrade+0x900/0x900 [ 66.762455] ? check_preemption_disabled+0x48/0x280 [ 66.767457] ? dccp_invalid_packet+0x64/0x880 [ 66.771945] dccp_v4_rcv+0x10f9/0x1f58 [ 66.775836] ? dccp_v4_err+0x18a0/0x18a0 [ 66.780000] ? __lock_is_held+0xb5/0x140 [ 66.784066] ip_local_deliver_finish+0x2e9/0xda0 [ 66.788817] ? ip_sublist_rcv_finish+0x3a0/0x3a0 [ 66.793570] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 66.798574] ? nf_hook_slow+0x11e/0x1c0 [ 66.802540] ip_local_deliver+0x1e9/0x750 [ 66.806681] ? ip_call_ra_chain+0x730/0x730 [ 66.810996] ? ip_sublist_rcv_finish+0x3a0/0x3a0 [ 66.815806] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 66.820730] ? kasan_check_read+0x11/0x20 [ 66.824864] ? rcu_softirq_qs+0x20/0x20 [ 66.828978] ip_rcv_finish+0x1f9/0x300 [ 66.832862] ip_rcv+0xed/0x600 [ 66.836052] ? ip_local_deliver+0x750/0x750 [ 66.840409] ? ip_rcv_finish_core.isra.16+0x1f40/0x1f40 [ 66.845776] ? lock_acquire+0x1ed/0x520 [ 66.849787] ? process_backlog+0x1dd/0x7a0 [ 66.854018] __netif_receive_skb_one_core+0x14d/0x200 [ 66.859201] ? __netif_receive_skb_core+0x3b30/0x3b30 [ 66.864382] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 66.869642] ? rcu_softirq_qs+0x20/0x20 [ 66.873602] ? trace_hardirqs_off_caller+0x310/0x310 [ 66.878692] __netif_receive_skb+0x2c/0x1e0 [ 66.883006] process_backlog+0x24e/0x7a0 [ 66.887066] net_rx_action+0x7fa/0x19b0 [ 66.891040] ? napi_complete_done+0x7a0/0x7a0 [ 66.895529] ? zap_class+0x640/0x640 [ 66.899241] ? __run_timers+0xa4a/0xc70 [ 66.903206] ? timer_fixup_init+0x70/0x70 [ 66.907396] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 66.912457] ? zap_class+0x640/0x640 [ 66.916172] ? enqueue_hrtimer+0x1a5/0x560 [ 66.920407] ? find_held_lock+0x36/0x1c0 [ 66.924464] ? pvclock_read_flags+0x160/0x160 [ 66.928959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.934489] ? check_preemption_disabled+0x48/0x280 [ 66.939500] ? print_usage_bug+0xc0/0xc0 [ 66.943550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.949088] ? check_preemption_disabled+0x48/0x280 [ 66.954105] ? __local_bh_enable+0xf6/0x140 [ 66.958521] ? zap_class+0x640/0x640 [ 66.962227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.967761] ? check_preemption_disabled+0x48/0x280 [ 66.972770] ? __lock_is_held+0xb5/0x140 [ 66.976829] __do_softirq+0x308/0xb7e [ 66.980629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.986627] ? __irqentry_text_end+0x1f9658/0x1f9658 [ 66.991749] ? smp_reschedule_interrupt+0x109/0x650 [ 66.996753] ? smp_thermal_interrupt+0x850/0x850 [ 67.001495] ? ret_from_intr+0xb/0x1e [ 67.005283] ? trace_hardirqs_off_caller+0xbb/0x310 [ 67.010286] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 67.015124] ? trace_hardirqs_on_caller+0x310/0x310 [ 67.020140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 67.024977] ? ip_finish_output2+0xa83/0x1860 [ 67.029537] do_softirq_own_stack+0x2a/0x40 [ 67.033851] [ 67.036077] do_softirq.part.14+0x126/0x160 [ 67.040390] __local_bh_enable_ip+0x21d/0x260 [ 67.044885] ip_finish_output2+0xab6/0x1860 [ 67.049239] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 67.054169] ? ip_copy_metadata+0xe10/0xe10 [ 67.058529] ? zap_class+0x640/0x640 [ 67.062255] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.067795] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.073331] ? ipv4_mtu+0x39f/0x590 [ 67.076956] ? __lock_is_held+0xb5/0x140 [ 67.081015] ip_finish_output+0x7fd/0xfa0 [ 67.085149] ? ip_finish_output+0x7fd/0xfa0 [ 67.089463] ? ip_fragment.constprop.50+0x240/0x240 [ 67.094476] ? kasan_check_read+0x11/0x20 [ 67.098619] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 67.103895] ? rcu_softirq_qs+0x20/0x20 [ 67.107873] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 67.112887] ? nf_hook_slow+0x11e/0x1c0 [ 67.116865] ip_output+0x21d/0x8d0 [ 67.120404] ? ip_mc_output+0x15b0/0x15b0 [ 67.124542] ? ip_fragment.constprop.50+0x240/0x240 [ 67.129548] ? __lock_is_held+0xb5/0x140 [ 67.133600] ip_local_out+0xc5/0x1b0 [ 67.137301] __ip_queue_xmit+0x9af/0x1f30 [ 67.141437] ? ip_build_and_send_pkt+0xc90/0xc90 [ 67.146183] ? __skb_checksum+0x920/0x920 [ 67.150314] ? skb_send_sock+0x50/0x50 [ 67.154195] ? reqsk_fastopen_remove+0x660/0x660 [ 67.158956] ? dccp_insert_option_padding+0xbc/0xe0 [ 67.163978] ip_queue_xmit+0x56/0x70 [ 67.167689] dccp_transmit_skb+0x98c/0x12e0 [ 67.172005] dccp_xmit_packet+0x25e/0x7d0 [ 67.176142] ? _copy_from_iter_full+0x2b8/0xc20 [ 67.180794] ? dccp_send_sync+0x270/0x270 [ 67.184935] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 67.189947] ? ccid3_hc_tx_send_packet+0x358/0x876 [ 67.194877] dccp_write_xmit+0x190/0x1f0 [ 67.198926] dccp_sendmsg+0xdc8/0x1020 [ 67.202807] ? dccp_setsockopt_cscov.part.10+0x290/0x290 [ 67.208249] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 67.213171] ? aa_sk_perm+0x218/0x8b0 [ 67.217009] ? import_iovec+0x269/0x470 [ 67.220987] ? aa_af_perm+0x5a0/0x5a0 [ 67.224783] inet_sendmsg+0x1a1/0x690 [ 67.228573] ? ipip_gro_receive+0x100/0x100 [ 67.232881] ? apparmor_socket_sendmsg+0x29/0x30 [ 67.237625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.243155] ? security_socket_sendmsg+0x94/0xc0 [ 67.247901] ? ipip_gro_receive+0x100/0x100 [ 67.252220] sock_sendmsg+0xd5/0x120 [ 67.255933] ___sys_sendmsg+0x7fd/0x930 [ 67.259913] ? copy_msghdr_from_user+0x580/0x580 [ 67.264664] ? _raw_spin_unlock_bh+0x30/0x40 [ 67.269072] ? check_preemption_disabled+0x48/0x280 [ 67.274080] ? __fget_light+0x2e9/0x430 [ 67.278038] ? fget_raw+0x20/0x20 [ 67.281487] ? release_sock+0x1ec/0x2c0 [ 67.285492] ? lock_sock_nested+0x9a/0x120 [ 67.289721] ? __release_sock+0x3a0/0x3a0 [ 67.293854] ? __local_bh_enable_ip+0x160/0x260 [ 67.298515] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.304090] ? sockfd_lookup_light+0xc5/0x160 [ 67.308580] __sys_sendmsg+0x11d/0x280 [ 67.312461] ? __ia32_sys_shutdown+0x80/0x80 [ 67.316863] ? __x64_sys_futex+0x47f/0x6a0 [ 67.321091] ? do_syscall_64+0x9a/0x820 [ 67.325052] ? do_syscall_64+0x9a/0x820 [ 67.329018] ? trace_hardirqs_off_caller+0x310/0x310 [ 67.334108] ? trace_hardirqs_off+0xb8/0x310 [ 67.338511] __x64_sys_sendmsg+0x78/0xb0 [ 67.342650] do_syscall_64+0x1b9/0x820 [ 67.346526] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 67.351877] ? syscall_return_slowpath+0x5e0/0x5e0 [ 67.356794] ? trace_hardirqs_on_caller+0x310/0x310 [ 67.361809] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 67.366821] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 67.373583] ? __switch_to_asm+0x40/0x70 [ 67.377639] ? __switch_to_asm+0x34/0x70 [ 67.381694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 67.386525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.391697] RIP: 0033:0x446a69 [ 67.394877] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.413770] RSP: 002b:00007fcc6bb19da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 67.421464] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000446a69 [ 67.428722] RDX: 0000000000000800 RSI: 00000000200004c0 RDI: 0000000000000005 [ 67.435981] RBP: 00000000006dcc60 R08: 0000000000000000 R09: 0000000000000000 [ 67.443232] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc6c [ 67.450526] R13: b8f0db312c1fe558 R14: d6bf4eea9265b264 R15: 0000000000000005