[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 29.686394] kauditd_printk_skb: 7 callbacks suppressed [ 29.686407] audit: type=1800 audit(1543825641.335:29): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 29.710993] audit: type=1800 audit(1543825641.335:30): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 33.280070] sshd (6029) used greatest stack depth: 15744 bytes left Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. [ 39.823591] IPVS: ftp: loaded support on port[0] = 21 [ 39.984653] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.991438] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.998380] device bridge_slave_0 entered promiscuous mode [ 40.017459] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.024234] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.031156] device bridge_slave_1 entered promiscuous mode [ 40.048568] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 40.066078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 40.116035] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.137122] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.213496] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.220784] team0: Port device team_slave_0 added [ 40.237292] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.244452] team0: Port device team_slave_1 added [ 40.260794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.280668] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.300157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.319500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported [ 40.419137] ip (6116) used greatest stack depth: 15728 bytes left RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 40.466712] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.473142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.479849] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.486261] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 40.993764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.043774] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 41.094323] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 41.100607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.109373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.157872] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 41.719428] BUG: unable to handle kernel paging request at ffff888220000000 [ 41.726609] PGD be01067 P4D be01067 PUD be04067 PMD 0 [ 41.731896] Oops: 0000 [#1] PREEMPT SMP KASAN [ 41.736395] CPU: 1 PID: 6046 Comm: syz-executor753 Not tainted 4.20.0-rc4+ #139 [ 41.743837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.753455] RIP: 0010:do_csum+0x192/0x410 [ 41.757756] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 41.776656] RSP: 0018:ffff8881d9686568 EFLAGS: 00010282 [ 41.781996] RAX: 0000000000000000 RBX: b34e70d5af05b7d9 RCX: ffffffff87d8eca6 [ 41.789246] RDX: 0000000000000000 RSI: 0000000002411006 RDI: 0000000000000000 [ 41.796511] RBP: ffff8881d96865a0 R08: ffff8881cea8c400 R09: ffff8881b0450194 [ 41.803896] R10: 000000000000ffd4 R11: ffffea0006f1f337 R12: 00000000ffff0038 [ 41.811283] R13: ffff8881b0450198 R14: 0000000002411006 R15: ffff88821fffffd8 [ 41.818545] FS: 0000000000c41880(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000 [ 41.826859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.832835] CR2: ffff888220000000 CR3: 00000001bfc1f000 CR4: 00000000001406e0 [ 41.840086] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.847337] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.854709] Call Trace: [ 41.857295] csum_partial+0x21/0x30 [ 41.860906] tcp_gso_segment+0xa7d/0x17b0 [ 41.865098] ? sk_common_release+0x320/0x320 [ 41.869505] tcp6_gso_segment+0x1c8/0x580 [ 41.873659] ipv6_gso_segment+0x554/0x1130 [ 41.877884] ? audit_tree_freeing_mark+0xee2/0xfd0 [ 41.882802] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 41.887757] ? __lock_is_held+0xb5/0x140 [ 41.891821] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 41.896672] inet_gso_segment+0x639/0x1350 [ 41.900897] ? inet_sock_destruct+0x9b0/0x9b0 [ 41.905379] ipv6_gso_segment+0x554/0x1130 [ 41.909594] ? skb_mac_gso_segment+0x229/0x740 [ 41.914332] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 41.919255] ? kasan_check_read+0x11/0x20 [ 41.923394] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 41.928650] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 41.933819] ? rcu_softirq_qs+0x20/0x20 [ 41.937773] ? skb_network_protocol+0xfc/0x4c0 [ 41.942338] skb_mac_gso_segment+0x3b3/0x740 [ 41.946869] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 41.951700] ? skb_network_protocol+0x4c0/0x4c0 [ 41.956354] ? print_usage_bug+0xc0/0xc0 [ 41.960400] ? __lock_acquire+0x2aff/0x4c20 [ 41.964706] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 41.970048] ? skb_network_protocol+0xfc/0x4c0 [ 41.974623] __skb_gso_segment+0x3c3/0x880 [ 41.978844] ? skb_mac_gso_segment+0x740/0x740 [ 41.983414] validate_xmit_skb+0x640/0xf30 [ 41.987861] ? netif_skb_features+0xb70/0xb70 [ 41.992346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 41.997868] ? check_preemption_disabled+0x48/0x280 [ 42.002914] validate_xmit_skb_list+0xd1/0x140 [ 42.007481] sch_direct_xmit+0x30e/0x1130 [ 42.011609] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.017137] ? check_preemption_disabled+0x48/0x280 [ 42.022138] ? dev_watchdog+0xb10/0xb10 [ 42.026098] ? __lock_is_held+0xb5/0x140 [ 42.030145] __qdisc_run+0x636/0x1990 [ 42.033935] ? sch_direct_xmit+0x1130/0x1130 [ 42.038337] ? lock_acquire+0x1ed/0x520 [ 42.042293] ? dev_queue_xmit+0x17/0x20 [ 42.046257] ? lock_release+0xa00/0xa00 [ 42.050216] ? mini_qdisc_pair_init+0x160/0x160 [ 42.054885] __dev_queue_xmit+0x1915/0x3ad0 [ 42.059203] ? dev_queue_xmit+0x17/0x20 [ 42.063204] ? netdev_pick_tx+0x310/0x310 [ 42.067336] ? __alloc_skb+0x4c6/0x770 [ 42.071217] ? mark_held_locks+0x130/0x130 [ 42.075513] ? kasan_check_read+0x11/0x20 [ 42.079681] ? zap_class+0x640/0x640 [ 42.083378] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.088894] ? refcount_add_not_zero_checked+0x21e/0x330 [ 42.094330] ? find_held_lock+0x36/0x1c0 [ 42.098496] ? perf_trace_sched_process_exec+0x860/0x860 [ 42.103938] ? kasan_check_write+0x14/0x20 [ 42.108156] ? copyin+0xb7/0x100 [ 42.111516] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 42.116518] ? copy_page_from_iter+0x541/0x8f0 [ 42.121083] ? _copy_from_iter+0xf70/0xf70 [ 42.125302] ? _copy_from_iter_full+0x2d8/0xce0 [ 42.129974] ? kasan_check_read+0x11/0x20 [ 42.134104] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 42.139359] ? depot_save_stack+0x292/0x470 [ 42.143771] ? skb_copy_datagram_from_iter+0x451/0x660 [ 42.149030] dev_queue_xmit+0x17/0x20 [ 42.152811] ? dev_queue_xmit+0x17/0x20 [ 42.156765] packet_sendmsg+0x430a/0x6570 [ 42.160909] ? find_held_lock+0x36/0x1c0 [ 42.164956] ? packet_getname+0x5f0/0x5f0 [ 42.169082] ? perf_trace_sched_process_exec+0x860/0x860 [ 42.174525] ? usercopy_warn+0x110/0x110 [ 42.178574] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.184097] ? _copy_from_user+0xdf/0x150 [ 42.188264] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 42.193370] ? rw_copy_check_uvector+0x310/0x3e0 [ 42.198110] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.203649] ? import_iovec+0x2a3/0x4b0 [ 42.207605] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.213141] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 42.218324] ? smack_socket_sendmsg+0xb0/0x190 [ 42.222891] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.228520] ? security_socket_sendmsg+0x94/0xc0 [ 42.233262] ? packet_getname+0x5f0/0x5f0 [ 42.237407] sock_sendmsg+0xd5/0x120 [ 42.241287] ___sys_sendmsg+0x7fd/0x930 [ 42.245396] ? find_held_lock+0x36/0x1c0 [ 42.249445] ? copy_msghdr_from_user+0x580/0x580 [ 42.254286] ? zap_class+0x640/0x640 [ 42.257983] ? zap_class+0x640/0x640 [ 42.261701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.267234] ? __fget_light+0x2e9/0x430 [ 42.271208] ? fget_raw+0x20/0x20 [ 42.274647] ? lock_downgrade+0x900/0x900 [ 42.278784] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.284310] ? sockfd_lookup_light+0xc5/0x160 [ 42.288808] __sys_sendmsg+0x11d/0x280 [ 42.292681] ? __ia32_sys_shutdown+0x80/0x80 [ 42.297078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.302700] ? __sys_setsockopt+0x254/0x3c0 [ 42.307005] ? do_syscall_64+0x9a/0x820 [ 42.310958] ? do_syscall_64+0x9a/0x820 [ 42.315016] ? trace_hardirqs_off_caller+0x310/0x310 [ 42.320106] __x64_sys_sendmsg+0x78/0xb0 [ 42.324151] do_syscall_64+0x1b9/0x820 [ 42.328024] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 42.333373] ? syscall_return_slowpath+0x5e0/0x5e0 [ 42.338285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.343116] ? trace_hardirqs_on_caller+0x310/0x310 [ 42.348121] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 42.353125] ? prepare_exit_to_usermode+0x291/0x3b0 [ 42.358129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.362972] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.368147] RIP: 0033:0x441449 [ 42.371344] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 42.390336] RSP: 002b:00007ffc75613e08 EFLAGS: 00000286 ORIG_RAX: 000000000000002e [ 42.398029] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441449 [ 42.405284] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003 [ 42.412583] RBP: 00000000006cc018 R08: 0000000000000100 R09: 0000000000000100 [ 42.419835] R10: 0000000000000100 R11: 0000000000000286 R12: 00000000004023b0 [ 42.427087] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 42.434491] Modules linked in: [ 42.437670] CR2: ffff888220000000 [ 42.441106] ---[ end trace 2f50cd86d9d5b5e8 ]--- [ 42.445846] RIP: 0010:do_csum+0x192/0x410 [ 42.449979] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 42.468862] RSP: 0018:ffff8881d9686568 EFLAGS: 00010282 [ 42.474205] RAX: 0000000000000000 RBX: b34e70d5af05b7d9 RCX: ffffffff87d8eca6 [ 42.481524] RDX: 0000000000000000 RSI: 0000000002411006 RDI: 0000000000000000 [ 42.488781] RBP: ffff8881d96865a0 R08: ffff8881cea8c400 R09: ffff8881b0450194 [ 42.496035] R10: 000000000000ffd4 R11: ffffea0006f1f337 R12: 00000000ffff0038 [ 42.503290] R13: ffff8881b0450198 R14: 0000000002411006 R15: ffff88821fffffd8 [ 42.510546] FS: 0000000000c41880(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000 [ 42.518895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.524776] CR2: ffff888220000000 CR3: 00000001bfc1f000 CR4: 00000000001406e0 [ 42.532030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.539286] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.546545] Kernel panic - not syncing: Fatal exception in interrupt [ 42.553943] Kernel Offset: disabled [ 42.557564] Rebooting in 86400 seconds..