[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   27.124467] kauditd_printk_skb: 7 callbacks suppressed
[   27.124479] audit: type=1800 audit(1540984761.307:29): pid=5521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   27.149794] audit: type=1800 audit(1540984761.317:30): pid=5521 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.95' (ECDSA) to the list of known hosts.
syzkaller login: [   65.037524] IPVS: ftp: loaded support on port[0] = 21
[   65.192937] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.199762] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.206750] device bridge_slave_0 entered promiscuous mode
[   65.224852] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.231413] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.238356] device bridge_slave_1 entered promiscuous mode
[   65.256338] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   65.274341] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   65.322766] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   65.342371] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   65.414746] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   65.422302] team0: Port device team_slave_0 added
[   65.439192] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   65.446273] team0: Port device team_slave_1 added
[   65.463373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.482864] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.500856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.519699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
RTNETLINK answers: Operation not supported
[   65.662290] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.668778] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.675576] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.682013] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   66.187220] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.236850] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   66.287315] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   66.293460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   66.301480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   66.345080] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   66.655755] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt()
[   66.669212] CPU: 1 PID: 5918 Comm: syz-executor491 Not tainted 4.19.0+ #312
[   66.676300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.685635] Call Trace:
[   66.688199]  <IRQ>
[   66.690339]  dump_stack+0x244/0x39d
[   66.693957]  ? dump_stack_print_info.cold.1+0x20/0x20
[   66.699133]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   66.704708]  ? tfrc_rx_handle_loss+0x67b/0x1eb0
[   66.709507]  tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c
[   66.714694]  ccid3_hc_rx_packet_recv+0x5c4/0xeb0
[   66.719435]  ? dccp_parse_options+0x4a1/0x12f0
[   66.724004]  ? ccid3_first_li+0x400/0x400
[   66.728145]  dccp_deliver_input_to_ccids+0xf0/0x280
[   66.733261]  dccp_rcv_established+0x87/0xb0
[   66.737569]  dccp_v4_do_rcv+0x153/0x180
[   66.741580]  __sk_receive_skb+0x3e5/0xec0
[   66.745724]  ? sk_free+0x50/0x50
[   66.749091]  ? inet_lhash2_lookup+0x6e0/0x6e0
[   66.753576]  ? reqsk_fastopen_remove+0x660/0x660
[   66.758318]  ? lock_downgrade+0x900/0x900
[   66.762455]  ? check_preemption_disabled+0x48/0x280
[   66.767457]  ? dccp_invalid_packet+0x64/0x880
[   66.771945]  dccp_v4_rcv+0x10f9/0x1f58
[   66.775836]  ? dccp_v4_err+0x18a0/0x18a0
[   66.780000]  ? __lock_is_held+0xb5/0x140
[   66.784066]  ip_local_deliver_finish+0x2e9/0xda0
[   66.788817]  ? ip_sublist_rcv_finish+0x3a0/0x3a0
[   66.793570]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   66.798574]  ? nf_hook_slow+0x11e/0x1c0
[   66.802540]  ip_local_deliver+0x1e9/0x750
[   66.806681]  ? ip_call_ra_chain+0x730/0x730
[   66.810996]  ? ip_sublist_rcv_finish+0x3a0/0x3a0
[   66.815806]  ? rcu_read_unlock_special+0x1c0/0x1c0
[   66.820730]  ? kasan_check_read+0x11/0x20
[   66.824864]  ? rcu_softirq_qs+0x20/0x20
[   66.828978]  ip_rcv_finish+0x1f9/0x300
[   66.832862]  ip_rcv+0xed/0x600
[   66.836052]  ? ip_local_deliver+0x750/0x750
[   66.840409]  ? ip_rcv_finish_core.isra.16+0x1f40/0x1f40
[   66.845776]  ? lock_acquire+0x1ed/0x520
[   66.849787]  ? process_backlog+0x1dd/0x7a0
[   66.854018]  __netif_receive_skb_one_core+0x14d/0x200
[   66.859201]  ? __netif_receive_skb_core+0x3b30/0x3b30
[   66.864382]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[   66.869642]  ? rcu_softirq_qs+0x20/0x20
[   66.873602]  ? trace_hardirqs_off_caller+0x310/0x310
[   66.878692]  __netif_receive_skb+0x2c/0x1e0
[   66.883006]  process_backlog+0x24e/0x7a0
[   66.887066]  net_rx_action+0x7fa/0x19b0
[   66.891040]  ? napi_complete_done+0x7a0/0x7a0
[   66.895529]  ? zap_class+0x640/0x640
[   66.899241]  ? __run_timers+0xa4a/0xc70
[   66.903206]  ? timer_fixup_init+0x70/0x70
[   66.907396]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   66.912457]  ? zap_class+0x640/0x640
[   66.916172]  ? enqueue_hrtimer+0x1a5/0x560
[   66.920407]  ? find_held_lock+0x36/0x1c0
[   66.924464]  ? pvclock_read_flags+0x160/0x160
[   66.928959]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   66.934489]  ? check_preemption_disabled+0x48/0x280
[   66.939500]  ? print_usage_bug+0xc0/0xc0
[   66.943550]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   66.949088]  ? check_preemption_disabled+0x48/0x280
[   66.954105]  ? __local_bh_enable+0xf6/0x140
[   66.958521]  ? zap_class+0x640/0x640
[   66.962227]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   66.967761]  ? check_preemption_disabled+0x48/0x280
[   66.972770]  ? __lock_is_held+0xb5/0x140
[   66.976829]  __do_softirq+0x308/0xb7e
[   66.980629]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   66.986627]  ? __irqentry_text_end+0x1f9658/0x1f9658
[   66.991749]  ? smp_reschedule_interrupt+0x109/0x650
[   66.996753]  ? smp_thermal_interrupt+0x850/0x850
[   67.001495]  ? ret_from_intr+0xb/0x1e
[   67.005283]  ? trace_hardirqs_off_caller+0xbb/0x310
[   67.010286]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   67.015124]  ? trace_hardirqs_on_caller+0x310/0x310
[   67.020140]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   67.024977]  ? ip_finish_output2+0xa83/0x1860
[   67.029537]  do_softirq_own_stack+0x2a/0x40
[   67.033851]  </IRQ>
[   67.036077]  do_softirq.part.14+0x126/0x160
[   67.040390]  __local_bh_enable_ip+0x21d/0x260
[   67.044885]  ip_finish_output2+0xab6/0x1860
[   67.049239]  ? rcu_read_unlock_special+0x1c0/0x1c0
[   67.054169]  ? ip_copy_metadata+0xe10/0xe10
[   67.058529]  ? zap_class+0x640/0x640
[   67.062255]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   67.067795]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   67.073331]  ? ipv4_mtu+0x39f/0x590
[   67.076956]  ? __lock_is_held+0xb5/0x140
[   67.081015]  ip_finish_output+0x7fd/0xfa0
[   67.085149]  ? ip_finish_output+0x7fd/0xfa0
[   67.089463]  ? ip_fragment.constprop.50+0x240/0x240
[   67.094476]  ? kasan_check_read+0x11/0x20
[   67.098619]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[   67.103895]  ? rcu_softirq_qs+0x20/0x20
[   67.107873]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   67.112887]  ? nf_hook_slow+0x11e/0x1c0
[   67.116865]  ip_output+0x21d/0x8d0
[   67.120404]  ? ip_mc_output+0x15b0/0x15b0
[   67.124542]  ? ip_fragment.constprop.50+0x240/0x240
[   67.129548]  ? __lock_is_held+0xb5/0x140
[   67.133600]  ip_local_out+0xc5/0x1b0
[   67.137301]  __ip_queue_xmit+0x9af/0x1f30
[   67.141437]  ? ip_build_and_send_pkt+0xc90/0xc90
[   67.146183]  ? __skb_checksum+0x920/0x920
[   67.150314]  ? skb_send_sock+0x50/0x50
[   67.154195]  ? reqsk_fastopen_remove+0x660/0x660
[   67.158956]  ? dccp_insert_option_padding+0xbc/0xe0
[   67.163978]  ip_queue_xmit+0x56/0x70
[   67.167689]  dccp_transmit_skb+0x98c/0x12e0
[   67.172005]  dccp_xmit_packet+0x25e/0x7d0
[   67.176142]  ? _copy_from_iter_full+0x2b8/0xc20
[   67.180794]  ? dccp_send_sync+0x270/0x270
[   67.184935]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   67.189947]  ? ccid3_hc_tx_send_packet+0x358/0x876
[   67.194877]  dccp_write_xmit+0x190/0x1f0
[   67.198926]  dccp_sendmsg+0xdc8/0x1020
[   67.202807]  ? dccp_setsockopt_cscov.part.10+0x290/0x290
[   67.208249]  ? debug_lockdep_rcu_enabled+0x77/0x90
[   67.213171]  ? aa_sk_perm+0x218/0x8b0
[   67.217009]  ? import_iovec+0x269/0x470
[   67.220987]  ? aa_af_perm+0x5a0/0x5a0
[   67.224783]  inet_sendmsg+0x1a1/0x690
[   67.228573]  ? ipip_gro_receive+0x100/0x100
[   67.232881]  ? apparmor_socket_sendmsg+0x29/0x30
[   67.237625]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   67.243155]  ? security_socket_sendmsg+0x94/0xc0
[   67.247901]  ? ipip_gro_receive+0x100/0x100
[   67.252220]  sock_sendmsg+0xd5/0x120
[   67.255933]  ___sys_sendmsg+0x7fd/0x930
[   67.259913]  ? copy_msghdr_from_user+0x580/0x580
[   67.264664]  ? _raw_spin_unlock_bh+0x30/0x40
[   67.269072]  ? check_preemption_disabled+0x48/0x280
[   67.274080]  ? __fget_light+0x2e9/0x430
[   67.278038]  ? fget_raw+0x20/0x20
[   67.281487]  ? release_sock+0x1ec/0x2c0
[   67.285492]  ? lock_sock_nested+0x9a/0x120
[   67.289721]  ? __release_sock+0x3a0/0x3a0
[   67.293854]  ? __local_bh_enable_ip+0x160/0x260
[   67.298515]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   67.304090]  ? sockfd_lookup_light+0xc5/0x160
[   67.308580]  __sys_sendmsg+0x11d/0x280
[   67.312461]  ? __ia32_sys_shutdown+0x80/0x80
[   67.316863]  ? __x64_sys_futex+0x47f/0x6a0
[   67.321091]  ? do_syscall_64+0x9a/0x820
[   67.325052]  ? do_syscall_64+0x9a/0x820
[   67.329018]  ? trace_hardirqs_off_caller+0x310/0x310
[   67.334108]  ? trace_hardirqs_off+0xb8/0x310
[   67.338511]  __x64_sys_sendmsg+0x78/0xb0
[   67.342650]  do_syscall_64+0x1b9/0x820
[   67.346526]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   67.351877]  ? syscall_return_slowpath+0x5e0/0x5e0
[   67.356794]  ? trace_hardirqs_on_caller+0x310/0x310
[   67.361809]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   67.366821]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[   67.373583]  ? __switch_to_asm+0x40/0x70
[   67.377639]  ? __switch_to_asm+0x34/0x70
[   67.381694]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   67.386525]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   67.391697] RIP: 0033:0x446a69
[   67.394877] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   67.413770] RSP: 002b:00007fcc6bb19da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e
[   67.421464] RAX: ffffffffffffffda RBX: 00000000006dcc68 RCX: 0000000000446a69
[   67.428722] RDX: 0000000000000800 RSI: 00000000200004c0 RDI: 0000000000000005
[   67.435981] RBP: 00000000006dcc60 R08: 0000000000000000 R09: 0000000000000000
[   67.443232] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc6c
[   67.450526] R13: b8f0db312c1fe558 R14: d6bf4eea9265b264 R15: 0000000000000005