[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 26.426302] kauditd_printk_skb: 7 callbacks suppressed [ 26.426315] audit: type=1800 audit(1538342312.912:29): pid=5233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 26.460488] audit: type=1800 audit(1538342312.912:30): pid=5233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.125' (ECDSA) to the list of known hosts. syzkaller login: [ 33.856051] IPVS: ftp: loaded support on port[0] = 21 [ 34.023341] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.029949] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.037415] device bridge_slave_0 entered promiscuous mode [ 34.055402] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.062054] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.069423] device bridge_slave_1 entered promiscuous mode [ 34.086238] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 34.104378] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 34.152604] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 34.172756] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 34.247762] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 34.256080] team0: Port device team_slave_0 added [ 34.271954] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 34.279281] team0: Port device team_slave_1 added [ 34.296092] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 34.317369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 34.336120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 34.355015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 34.500599] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.507083] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.514227] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.520608] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 35.014345] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.064234] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 35.114631] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 35.121305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.129170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.176661] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 35.467114] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 35.480470] CPU: 0 PID: 5633 Comm: syz-executor594 Not tainted 4.19.0-rc6+ #262 [ 35.487905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.497257] Call Trace: [ 35.499823] [ 35.501970] dump_stack+0x1c4/0x2b4 [ 35.505586] ? dump_stack_print_info.cold.2+0x52/0x52 [ 35.510765] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 35.516290] ? tfrc_rx_handle_loss+0x67b/0x1eb0 [ 35.520949] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 35.526133] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 35.530895] ? dccp_parse_options+0x4a1/0x12f0 [ 35.535471] ? ccid3_hc_tx_send_packet+0x880/0x880 [ 35.540390] dccp_deliver_input_to_ccids+0xf0/0x280 [ 35.545397] dccp_rcv_established+0x87/0xb0 [ 35.549707] dccp_v4_do_rcv+0x153/0x180 [ 35.553669] __sk_receive_skb+0x3e5/0xec0 [ 35.557808] ? sk_free+0x50/0x50 [ 35.561169] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 35.565650] ? reqsk_fastopen_remove+0x660/0x660 [ 35.570396] ? lock_downgrade+0x900/0x900 [ 35.574535] ? check_preemption_disabled+0x48/0x200 [ 35.579539] ? dccp_invalid_packet+0x64/0x880 [ 35.584025] dccp_v4_rcv+0x10f9/0x1f58 [ 35.587912] ? dccp_v4_err+0x18a0/0x18a0 [ 35.591966] ? __lock_is_held+0xb5/0x140 [ 35.596024] ip_local_deliver_finish+0x2e9/0xda0 [ 35.600789] ? ip_sublist_rcv_finish+0x3f0/0x3f0 [ 35.605536] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 35.610561] ? nf_hook_slow+0x11e/0x1c0 [ 35.614526] ip_local_deliver+0x1e9/0x750 [ 35.618664] ? ip_call_ra_chain+0x730/0x730 [ 35.622977] ? ip_sublist_rcv_finish+0x3f0/0x3f0 [ 35.627730] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 35.633515] ? kasan_check_read+0x11/0x20 [ 35.637648] ? rcu_bh_qs+0xc0/0xc0 [ 35.641181] ip_rcv_finish+0x1f9/0x300 [ 35.645055] ip_rcv+0xed/0x610 [ 35.648251] ? enqueue_entity+0x34b/0x1ff0 [ 35.652562] ? ip_local_deliver+0x750/0x750 [ 35.656879] ? ip_rcv_finish_core.isra.15+0x1f40/0x1f40 [ 35.662237] ? lock_acquire+0x1ed/0x520 [ 35.666244] ? process_backlog+0x1a7/0x6f0 [ 35.670493] __netif_receive_skb_one_core+0x14d/0x200 [ 35.675691] ? __netif_receive_skb_core+0x3b60/0x3b60 [ 35.680898] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 35.686183] ? rcu_bh_qs+0xc0/0xc0 [ 35.689727] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 35.695185] __netif_receive_skb+0x2c/0x1e0 [ 35.699514] process_backlog+0x218/0x6f0 [ 35.703589] net_rx_action+0x7c5/0x1950 [ 35.707584] ? napi_complete_done+0x6d0/0x6d0 [ 35.712092] ? try_to_wake_up+0x10a/0x12f0 [ 35.716341] ? trace_hardirqs_off+0xb8/0x310 [ 35.720750] ? kasan_check_read+0x11/0x20 [ 35.724917] ? do_raw_spin_unlock+0xa7/0x2f0 [ 35.729331] ? trace_hardirqs_on+0x310/0x310 [ 35.733745] ? rcu_read_lock+0x70/0x70 [ 35.737645] ? try_to_wake_up+0x10a/0x12f0 [ 35.741905] ? migrate_swap_stop+0x930/0x930 [ 35.746315] ? find_held_lock+0x36/0x1c0 [ 35.750410] ? pvclock_read_flags+0x160/0x160 [ 35.754917] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.760464] ? check_preemption_disabled+0x48/0x200 [ 35.765495] ? print_usage_bug+0xc0/0xc0 [ 35.769595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.775139] ? check_preemption_disabled+0x48/0x200 [ 35.780171] ? __local_bh_enable+0xef/0x130 [ 35.784520] ? graph_lock+0x170/0x170 [ 35.788328] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.793890] ? check_preemption_disabled+0x48/0x200 [ 35.798921] ? check_preemption_disabled+0x48/0x200 [ 35.803953] ? __lock_is_held+0xb5/0x140 [ 35.808056] __do_softirq+0x30b/0xad8 [ 35.811889] ? __irqentry_text_end+0x1f9618/0x1f9618 [ 35.817001] ? smp_reschedule_interrupt+0x109/0x650 [ 35.822024] ? smp_thermal_interrupt+0x850/0x850 [ 35.826783] ? ret_from_intr+0xb/0x1e [ 35.830593] ? trace_hardirqs_off_caller+0xbb/0x310 [ 35.835617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.840468] ? trace_hardirqs_on_caller+0x310/0x310 [ 35.845488] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.851031] ? check_preemption_disabled+0x48/0x200 [ 35.856049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.861598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.866449] ? ip_finish_output2+0xa83/0x1860 [ 35.870949] do_softirq_own_stack+0x2a/0x40 [ 35.875266] [ 35.877509] do_softirq.part.13+0x126/0x160 [ 35.881840] __local_bh_enable_ip+0x21d/0x260 [ 35.886353] ip_finish_output2+0xab6/0x1860 [ 35.890683] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 35.896502] ? ip_copy_metadata+0xe10/0xe10 [ 35.900833] ? graph_lock+0x170/0x170 [ 35.904639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.910185] ? check_preemption_disabled+0x48/0x200 [ 35.915201] ? check_preemption_disabled+0x48/0x200 [ 35.920220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 35.925762] ? ipv4_mtu+0x37d/0x590 [ 35.929402] ? __lock_is_held+0xb5/0x140 [ 35.933479] ip_finish_output+0x7fd/0xf60 [ 35.937687] ? ip_finish_output+0x7fd/0xf60 [ 35.942016] ? ip_fragment.constprop.49+0x240/0x240 [ 35.947033] ? kasan_check_read+0x11/0x20 [ 35.951185] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 35.956466] ? rcu_bh_qs+0xc0/0xc0 [ 35.960011] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 35.965028] ? nf_hook_slow+0x11e/0x1c0 [ 35.969014] ip_output+0x21d/0x8d0 [ 35.972557] ? ip_mc_output+0x15b0/0x15b0 [ 35.976711] ? ip_fragment.constprop.49+0x240/0x240 [ 35.981730] ? __lock_is_held+0xb5/0x140 [ 35.985806] ip_local_out+0xc5/0x1b0 [ 35.989528] __ip_queue_xmit+0x9af/0x1f30 [ 35.993689] ? ip_build_and_send_pkt+0xc80/0xc80 [ 35.998451] ? __skb_checksum+0x920/0x920 [ 36.002602] ? skb_send_sock+0x50/0x50 [ 36.006490] ? reqsk_fastopen_remove+0x660/0x660 [ 36.011247] ? dccp_insert_option_padding+0xbc/0xe0 [ 36.016275] ip_queue_xmit+0x56/0x70 [ 36.019994] dccp_transmit_skb+0x98c/0x12e0 [ 36.024329] dccp_xmit_packet+0x25e/0x7d0 [ 36.028479] ? kasan_check_write+0x14/0x20 [ 36.032717] ? do_raw_spin_lock+0xc1/0x200 [ 36.036956] ? dccp_send_sync+0x270/0x270 [ 36.041110] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 36.046128] ? ccid3_hc_tx_send_packet+0x358/0x880 [ 36.051072] dccp_write_xmit+0x190/0x1f0 [ 36.055144] dccp_sendmsg+0xdc8/0x1020 [ 36.059044] ? dccp_getsockopt+0xf0/0xf0 [ 36.063120] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 36.068050] ? aa_sk_perm+0x218/0x8b0 [ 36.071857] ? import_iovec+0x269/0x470 [ 36.075850] ? aa_af_perm+0x5a0/0x5a0 [ 36.079678] inet_sendmsg+0x1a1/0x690 [ 36.083488] ? ipip_gro_receive+0x100/0x100 [ 36.087814] ? apparmor_socket_sendmsg+0x29/0x30 [ 36.092576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.098120] ? security_socket_sendmsg+0x94/0xc0 [ 36.102890] ? ipip_gro_receive+0x100/0x100 [ 36.107221] sock_sendmsg+0xd5/0x120 [ 36.110945] ___sys_sendmsg+0x7fd/0x930 [ 36.114930] ? copy_msghdr_from_user+0x580/0x580 [ 36.119692] ? _raw_spin_unlock_bh+0x30/0x40 [ 36.124111] ? check_preemption_disabled+0x48/0x200 [ 36.129157] ? __fget_light+0x2e9/0x430 [ 36.133140] ? fget_raw+0x20/0x20 [ 36.136613] ? release_sock+0x1ec/0x2c0 [ 36.140603] ? lock_sock_nested+0x9a/0x120 [ 36.144844] ? __release_sock+0x3a0/0x3a0 [ 36.149012] ? __local_bh_enable_ip+0x160/0x260 [ 36.153716] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 36.159254] ? sockfd_lookup_light+0xc5/0x160 [ 36.163757] __sys_sendmsg+0x11d/0x280 [ 36.167650] ? __ia32_sys_shutdown+0x80/0x80 [ 36.172073] ? __x64_sys_futex+0x47f/0x6a0 [ 36.176314] ? do_syscall_64+0x9a/0x820 [ 36.180291] ? do_syscall_64+0x9a/0x820 [ 36.184281] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 36.189751] ? trace_hardirqs_off+0xb8/0x310 [ 36.194262] __x64_sys_sendmsg+0x78/0xb0 [ 36.198337] do_syscall_64+0x1b9/0x820 [ 36.202244] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 36.207611] ? syscall_return_slowpath+0x5e0/0x5e0 [ 36.212549] ? trace_hardirqs_on_caller+0x310/0x310 [ 36.217571] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 36.222594] ? recalc_sigpending_tsk+0x180/0x180 [ 36.227353] ? kasan_check_write+0x14/0x20 [ 36.231600] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.236467] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 36.241653] RIP: 0033:0x446a49 [ 36.244861] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 36.263777] RSP: 002b:00007f6dbe753da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 36.271494] RAX: ffffffffffffffda RBX: 00000000006dec68 RCX: 0000000000446a49 [ 36.278764] RDX: 0000000004000080 RSI: 00000000200030c0 RDI: 0000000000000005 [ 36.286032] RBP: 00000000006dec60 R08: 0000000000000000 R09: 0000000000000000 [ 36.293298] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dec6c [ 36.300570] R13: 00000000004b01c8 R14: 0000000020001f80 R15: 0000000000000005