[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.496535] kauditd_printk_skb: 7 callbacks suppressed [ 26.496546] audit: type=1800 audit(1539714221.504:29): pid=5425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 26.521710] audit: type=1800 audit(1539714221.514:30): pid=5425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.50' (ECDSA) to the list of known hosts. 2018/10/16 18:24:17 parsed 1 programs 2018/10/16 18:24:19 executed programs: 0 syzkaller login: [ 64.517084] IPVS: ftp: loaded support on port[0] = 21 [ 64.770919] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.777857] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.784930] device bridge_slave_0 entered promiscuous mode [ 64.804049] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.810771] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.817865] device bridge_slave_1 entered promiscuous mode [ 64.836206] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 64.854486] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 64.904383] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 64.924384] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 65.002964] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 65.010677] team0: Port device team_slave_0 added [ 65.027455] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 65.034896] team0: Port device team_slave_1 added [ 65.052408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.073765] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.094293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.114560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.262939] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.269547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.276343] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.282724] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.808866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.862033] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 65.915344] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 65.921849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.929242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.974781] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.339048] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 67.156992] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 67.975058] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 68.791021] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 69.545743] WARNING: CPU: 0 PID: 5872 at include/net/sock.h:1539 tcp_cleanup_ulp+0x1ad/0x200 [ 69.554458] Kernel panic - not syncing: panic_on_warn set ... [ 69.560337] CPU: 0 PID: 5872 Comm: syz-executor0 Not tainted 4.19.0-rc8-next-20181016+ #95 [ 69.568736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.578079] Call Trace: [ 69.580659] [ 69.582846] dump_stack+0x244/0x39d [ 69.586462] ? dump_stack_print_info.cold.1+0x20/0x20 [ 69.591647] panic+0x2ad/0x55c [ 69.594827] ? add_taint.cold.5+0x16/0x16 [ 69.598995] ? __warn.cold.8+0x5/0x45 [ 69.602827] ? __warn+0xe8/0x1d0 [ 69.606183] ? tcp_cleanup_ulp+0x1ad/0x200 [ 69.610406] __warn.cold.8+0x20/0x45 [ 69.614126] ? rcu_softirq_qs+0x20/0x20 [ 69.618088] ? tcp_cleanup_ulp+0x1ad/0x200 [ 69.622326] report_bug+0x254/0x2d0 [ 69.625943] do_error_trap+0x11b/0x200 [ 69.629819] do_invalid_op+0x36/0x40 [ 69.633524] ? tcp_cleanup_ulp+0x1ad/0x200 [ 69.637744] invalid_op+0x14/0x20 [ 69.641182] RIP: 0010:tcp_cleanup_ulp+0x1ad/0x200 [ 69.646008] Code: 83 c0 03 38 d0 7c 04 84 d2 75 61 44 8b 25 cb 4e df 02 31 ff 44 89 e6 e8 51 3d ed fa 45 85 e4 0f 84 91 fe ff ff e8 33 3c ed fa <0f> 0b e9 85 fe ff ff 4c 89 ef e8 34 84 30 fb e9 9f fe ff ff 4c 89 [ 69.664910] RSP: 0018:ffff8801dae06860 EFLAGS: 00010206 [ 69.670254] RAX: ffff8801b933c480 RBX: ffff8801ce18cc80 RCX: ffffffff8690e6ff [ 69.677505] RDX: 0000000000000100 RSI: ffffffff8690e70d RDI: 0000000000000005 [ 69.684798] RBP: ffff8801dae06880 R08: ffff8801b933c480 R09: 0000000000000002 [ 69.692056] R10: 0000000000000000 R11: ffff8801b933c480 R12: 0000000000000001 [ 69.699323] R13: 0000000000000000 R14: 0000000000000003 R15: ffff8801dae069a0 [ 69.706596] ? tcp_cleanup_ulp+0x19f/0x200 [ 69.710834] ? tcp_cleanup_ulp+0x1ad/0x200 [ 69.715075] tcp_v4_destroy_sock+0x15c/0x980 [ 69.719487] ? debug_object_init_on_stack+0x20/0x20 [ 69.724520] ? ip_queue_xmit+0x70/0x70 [ 69.728431] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 69.734011] ? hrtimer_try_to_cancel+0xb8/0x6f0 [ 69.738696] ? tcp_set_state+0x1d0/0x9c0 [ 69.742750] ? del_timer+0xf9/0x150 [ 69.746382] ? detach_if_pending+0x6b0/0x6b0 [ 69.750784] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.756354] ? check_preemption_disabled+0x48/0x280 [ 69.761395] tcp_v6_destroy_sock+0x15/0x20 [ 69.765618] inet_csk_destroy_sock+0x19f/0x440 [ 69.770183] tcp_done+0x272/0x310 [ 69.773623] tcp_v6_syn_recv_sock+0x1f21/0x25f0 [ 69.778296] ? inet6_sk_rx_dst_set+0xb30/0xb30 [ 69.782865] ? ip6_dst_lookup_tail+0xba3/0x1d60 [ 69.787531] ? __local_bh_enable_ip+0x160/0x260 [ 69.792188] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.797708] ? ip6_dst_lookup_tail+0x3c8/0x1d60 [ 69.802374] ? __lock_is_held+0xb5/0x140 [ 69.806450] ? rcu_read_lock_sched_held+0x14f/0x180 [ 69.811469] tcp_get_cookie_sock+0x10e/0x580 [ 69.815865] ? cookie_ecn_ok+0x140/0x140 [ 69.819911] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.825436] ? xfrm_lookup_route+0x74/0x1f0 [ 69.829745] ? ip6_dst_lookup_flow+0x1ce/0x270 [ 69.834313] ? ip6_dst_lookup+0x60/0x60 [ 69.838303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.843829] ? tcp_select_initial_window+0x1e6/0x400 [ 69.848927] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.854479] cookie_v6_check+0x1830/0x27d0 [ 69.858733] ? cookie_v6_init_sequence+0xe0/0xe0 [ 69.863475] ? find_held_lock+0x36/0x1c0 [ 69.867535] ? sk_filter_trim_cap+0x476/0xa60 [ 69.872022] ? lock_downgrade+0x900/0x900 [ 69.876153] ? check_preemption_disabled+0x48/0x280 [ 69.881158] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 69.886072] ? kasan_check_read+0x11/0x20 [ 69.890236] ? rcu_softirq_qs+0x20/0x20 [ 69.894198] ? sk_filter_trim_cap+0xfb/0xa60 [ 69.898606] ? tcp_v6_inbound_md5_hash+0x1b7/0x410 [ 69.903546] tcp_v6_do_rcv+0x10ea/0x13c0 [ 69.907593] ? tcp_v6_do_rcv+0x10ea/0x13c0 [ 69.911831] tcp_v6_rcv+0x34e0/0x3ab0 [ 69.915630] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 69.920638] ? tcp_v6_reqsk_send_ack+0x370/0x370 [ 69.925382] ? __lock_is_held+0xb5/0x140 [ 69.929435] ip6_input_finish+0x3fc/0x1aa0 [ 69.933669] ? ip6_rcv_core.isra.16+0x1e10/0x1e10 [ 69.938499] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 69.943507] ? nf_hook_slow+0x11e/0x1c0 [ 69.947476] ip6_input+0xe4/0x600 [ 69.950937] ? ip6_input_finish+0x1aa0/0x1aa0 [ 69.955434] ? ip6_rcv_core.isra.16+0x1e10/0x1e10 [ 69.960263] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 69.965192] ? kasan_check_read+0x11/0x20 [ 69.969326] ? rcu_softirq_qs+0x20/0x20 [ 69.973289] ip6_rcv_finish+0x17a/0x330 [ 69.977253] ipv6_rcv+0x110/0x630 [ 69.980700] ? ip6_input+0x600/0x600 [ 69.984401] ? ip6_rcv_finish_core.isra.13+0x720/0x720 [ 69.989664] ? lock_acquire+0x1ed/0x520 [ 69.993621] ? process_backlog+0x1dd/0x7a0 [ 69.997842] __netif_receive_skb_one_core+0x14d/0x200 [ 70.003021] ? __netif_receive_skb_core+0x3b20/0x3b20 [ 70.008193] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 70.013452] ? rcu_softirq_qs+0x20/0x20 [ 70.017419] ? trace_hardirqs_off_caller+0x300/0x300 [ 70.022548] __netif_receive_skb+0x27/0x1e0 [ 70.026857] process_backlog+0x24e/0x7a0 [ 70.030906] net_rx_action+0x7fa/0x19b0 [ 70.034871] ? napi_complete_done+0x7a0/0x7a0 [ 70.039353] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 70.044454] ? try_to_wake_up+0x10a/0x12e0 [ 70.048678] ? migrate_swap_stop+0x8a0/0x8a0 [ 70.053075] ? find_held_lock+0x36/0x1c0 [ 70.057126] ? zap_class+0x640/0x640 [ 70.060838] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.066361] ? kasan_check_read+0x11/0x20 [ 70.070491] ? do_raw_spin_lock+0x14f/0x350 [ 70.074808] ? find_held_lock+0x36/0x1c0 [ 70.078874] ? clockevents_program_event+0x158/0x370 [ 70.083968] ? lock_downgrade+0x900/0x900 [ 70.088099] ? zap_class+0x640/0x640 [ 70.091806] ? print_usage_bug+0xc0/0xc0 [ 70.095860] ? trace_hardirqs_on+0x310/0x310 [ 70.100274] ? kvm_clock_read+0x18/0x30 [ 70.104233] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 70.109241] ? ktime_get+0x2c1/0x400 [ 70.112957] ? zap_class+0x640/0x640 [ 70.116669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.122206] ? check_preemption_disabled+0x48/0x280 [ 70.127450] ? __lock_is_held+0xb5/0x140 [ 70.131559] __do_softirq+0x308/0xb7e [ 70.135364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.140887] ? __irqentry_text_end+0x1f9688/0x1f9688 [ 70.145979] ? smp_reschedule_interrupt+0x109/0x650 [ 70.150994] ? smp_thermal_interrupt+0x850/0x850 [ 70.155751] ? ret_from_intr+0xb/0x1e [ 70.159557] ? trace_hardirqs_off_caller+0xbb/0x300 [ 70.164571] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.169412] ? trace_hardirqs_on_caller+0x310/0x310 [ 70.174416] ? task_prio+0x50/0x50 [ 70.177943] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.183468] ? check_preemption_disabled+0x48/0x280 [ 70.188480] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.193317] ? ip6_finish_output2+0xcb1/0x27a0 [ 70.197885] do_softirq_own_stack+0x2a/0x40 [ 70.202185] [ 70.204409] do_softirq.part.14+0x126/0x160 [ 70.208722] __local_bh_enable_ip+0x21d/0x260 [ 70.213214] ip6_finish_output2+0xce4/0x27a0 [ 70.217613] ? ip6_copy_metadata+0xe30/0xe30 [ 70.222007] ? ip6_mtu+0x39c/0x520 [ 70.225542] ? lock_downgrade+0x900/0x900 [ 70.229674] ? check_preemption_disabled+0x48/0x280 [ 70.234678] ? zap_class+0x640/0x640 [ 70.238380] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 70.243675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.249227] ? check_preemption_disabled+0x48/0x280 [ 70.254265] ? __lock_is_held+0xb5/0x140 [ 70.258339] ip6_finish_output+0x468/0xc60 [ 70.262575] ? ip6_finish_output+0x468/0xc60 [ 70.266971] ip6_output+0x232/0x9d0 [ 70.270612] ? ip6_finish_output+0xc60/0xc60 [ 70.275019] ? ip6_fragment+0x38e0/0x38e0 [ 70.279151] ? __lock_is_held+0xb5/0x140 [ 70.283205] ip6_xmit+0xf64/0x2410 [ 70.286730] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 70.291997] ? ip6_finish_output2+0x27a0/0x27a0 [ 70.296654] ? inet6_csk_route_socket+0x704/0x1020 [ 70.301629] ? inet6_csk_route_req+0x820/0x820 [ 70.306199] ? memcpy+0x45/0x50 [ 70.309468] ? ip6_append_data+0x2d0/0x2d0 [ 70.313687] ? lock_acquire+0x1ed/0x520 [ 70.317645] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.323166] ? check_preemption_disabled+0x48/0x280 [ 70.328187] ? __lock_is_held+0xb5/0x140 [ 70.332238] inet6_csk_xmit+0x375/0x630 [ 70.336196] ? inet6_csk_update_pmtu+0x190/0x190 [ 70.340954] ? tcp_schedule_loss_probe+0x530/0x530 [ 70.345878] __tcp_transmit_skb+0x1bc5/0x3b00 [ 70.350368] ? __tcp_select_window+0x9e0/0x9e0 [ 70.354936] ? pvclock_read_flags+0x160/0x160 [ 70.359417] ? tcp_write_xmit+0xf1/0x5710 [ 70.363551] ? trace_hardirqs_off_caller+0x300/0x300 [ 70.368654] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 70.373674] ? tcp_rtx_synack+0x730/0x730 [ 70.377812] ? ktime_get_raw_ts64+0x4d0/0x4d0 [ 70.382297] ? zap_class+0x640/0x640 [ 70.386032] tcp_write_xmit+0x1676/0x5710 [ 70.390173] ? __tcp_transmit_skb+0x3b00/0x3b00 [ 70.394829] ? iov_iter_npages+0xdd0/0xdd0 [ 70.399052] ? kasan_check_write+0x14/0x20 [ 70.403272] ? copyin+0xb7/0x100 [ 70.406629] ? _copy_from_iter_full+0x2b8/0xc20 [ 70.411282] ? tcp_chrono_start+0x190/0x1e0 [ 70.415593] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 70.420595] ? tcp_rate_check_app_limited+0x121/0x460 [ 70.425779] ? iov_iter_advance+0x1370/0x1370 [ 70.430266] tcp_push_one+0xdd/0x110 [ 70.433970] tcp_sendmsg_locked+0xbc3/0x3fa0 [ 70.438378] ? tcp_sendpage+0x60/0x60 [ 70.442169] ? find_held_lock+0x36/0x1c0 [ 70.446218] ? mark_held_locks+0xc7/0x130 [ 70.450366] ? __local_bh_enable_ip+0x160/0x260 [ 70.455020] ? __local_bh_enable_ip+0x160/0x260 [ 70.459684] ? trace_hardirqs_on+0xbd/0x310 [ 70.463990] ? lock_release+0xa10/0xa10 [ 70.467947] ? lock_sock_nested+0xe2/0x120 [ 70.472170] ? trace_hardirqs_off_caller+0x300/0x300 [ 70.477259] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.482781] ? check_preemption_disabled+0x48/0x280 [ 70.487794] ? lock_sock_nested+0x9a/0x120 [ 70.492024] ? lock_sock_nested+0x9a/0x120 [ 70.496267] ? __local_bh_enable_ip+0x160/0x260 [ 70.500927] tcp_sendmsg+0x2f/0x50 [ 70.504455] inet_sendmsg+0x19c/0x690 [ 70.508241] ? ipip_gro_receive+0x100/0x100 [ 70.512554] ? apparmor_socket_sendmsg+0x29/0x30 [ 70.517294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.522816] ? security_socket_sendmsg+0x94/0xc0 [ 70.527559] ? ipip_gro_receive+0x100/0x100 [ 70.531868] sock_sendmsg+0xd5/0x120 [ 70.535581] __sys_sendto+0x3d7/0x670 [ 70.539387] ? __ia32_sys_getpeername+0xb0/0xb0 [ 70.544045] ? lock_release+0xa10/0xa10 [ 70.548010] ? perf_trace_sched_process_exec+0x860/0x860 [ 70.553444] ? posix_ktime_get_ts+0x15/0x20 [ 70.557753] ? trace_hardirqs_off_caller+0x300/0x300 [ 70.562851] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.568375] ? put_timespec64+0x10f/0x1b0 [ 70.572522] ? do_syscall_64+0x9a/0x820 [ 70.576549] ? do_syscall_64+0x9a/0x820 [ 70.580529] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 70.585114] ? trace_hardirqs_on+0xbd/0x310 [ 70.589422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.594945] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.600354] ? trace_hardirqs_off_caller+0x300/0x300 [ 70.605446] __x64_sys_sendto+0xe1/0x1a0 [ 70.609500] do_syscall_64+0x1b9/0x820 [ 70.613388] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 70.618738] ? syscall_return_slowpath+0x5e0/0x5e0 [ 70.623657] ? trace_hardirqs_on_caller+0x310/0x310 [ 70.628667] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 70.633684] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 70.640333] ? __switch_to_asm+0x40/0x70 [ 70.644378] ? __switch_to_asm+0x34/0x70 [ 70.648430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.653274] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.658464] RIP: 0033:0x457569 [ 70.661640] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.680555] RSP: 002b:00007fa9f39e1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 70.688244] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 70.695512] RDX: fffffffffffffedd RSI: 0000000020000280 RDI: 0000000000000008 [ 70.702774] RBP: 000000000072c040 R08: 0000000020000080 R09: 000000000000001c [ 70.710030] R10: 0000000020000004 R11: 0000000000000246 R12: 00007fa9f39e26d4 [ 70.717284] R13: 00000000004c3921 R14: 00000000004d57d8 R15: 00000000ffffffff [ 70.725470] Kernel Offset: disabled [ 70.729094] Rebooting in 86400 seconds..