[ 22.939511] audit: type=1800 audit(1539704221.356:21): pid=5175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 22.977114] audit: type=1800 audit(1539704221.366:22): pid=5175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 24.044324] sshd (5241) used greatest stack depth: 15560 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts. 2018/10/16 15:38:17 parsed 1 programs 2018/10/16 15:38:19 executed programs: 0 syzkaller login: [ 100.650284] IPVS: ftp: loaded support on port[0] = 21 [ 100.879240] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.886145] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.893484] device bridge_slave_0 entered promiscuous mode [ 100.910944] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.917395] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.924472] device bridge_slave_1 entered promiscuous mode [ 100.941541] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 100.958740] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 101.005156] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 101.024885] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 101.095455] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 101.103009] team0: Port device team_slave_0 added [ 101.118155] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 101.125496] team0: Port device team_slave_1 added [ 101.140987] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.159794] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.178263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 101.196255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 101.333705] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.340140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.347033] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.353407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.818642] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 101.824783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.831118] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 101.878925] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 101.927752] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 101.934133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 101.941048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 101.986862] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.327425] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 103.141575] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 103.896826] WARNING: CPU: 0 PID: 5611 at include/net/sock.h:1539 tcp_cleanup_ulp+0x1ad/0x200 [ 103.905580] Kernel panic - not syncing: panic_on_warn set ... [ 103.905580] [ 103.912933] CPU: 0 PID: 5611 Comm: syz-executor0 Not tainted 4.19.0-rc7+ #263 [ 103.920189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.929546] Call Trace: [ 103.932110] [ 103.934249] dump_stack+0x1c4/0x2b4 [ 103.937877] ? dump_stack_print_info.cold.2+0x52/0x52 [ 103.943102] panic+0x238/0x4e7 [ 103.946280] ? add_taint.cold.5+0x16/0x16 [ 103.950422] ? __warn.cold.8+0x148/0x1ba [ 103.954471] ? __warn.cold.8+0x117/0x1ba [ 103.958537] ? tcp_cleanup_ulp+0x1ad/0x200 [ 103.962783] __warn.cold.8+0x163/0x1ba [ 103.966676] ? rcu_bh_qs+0xc0/0xc0 [ 103.970203] ? tcp_cleanup_ulp+0x1ad/0x200 [ 103.974435] report_bug+0x254/0x2d0 [ 103.978049] do_error_trap+0x1fc/0x4d0 [ 103.981933] ? math_error+0x3f0/0x3f0 [ 103.985729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 103.990562] ? trace_hardirqs_on_caller+0x310/0x310 [ 103.995564] ? debug_object_assert_init+0x368/0x4b0 [ 104.000569] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.005542] do_invalid_op+0x1b/0x20 [ 104.009249] invalid_op+0x14/0x20 [ 104.012686] RIP: 0010:tcp_cleanup_ulp+0x1ad/0x200 [ 104.017666] Code: 83 c0 03 38 d0 7c 04 84 d2 75 61 44 8b 25 5b 21 e8 02 31 ff 44 89 e6 e8 71 20 f7 fa 45 85 e4 0f 84 91 fe ff ff e8 53 1f f7 fa <0f> 0b e9 85 fe ff ff 4c 89 ef e8 d4 4f 39 fb e9 9f fe ff ff 4c 89 [ 104.036553] RSP: 0018:ffff8801dae06860 EFLAGS: 00010206 [ 104.041914] RAX: ffff8801cf6a4200 RBX: ffff8801cf488c80 RCX: ffffffff8687b9ef [ 104.049199] RDX: 0000000000000100 RSI: ffffffff8687b9fd RDI: 0000000000000005 [ 104.056459] RBP: ffff8801dae06880 R08: ffff8801cf6a4200 R09: 0000000000000002 [ 104.063719] R10: 0000000000000000 R11: ffff8801cf6a4200 R12: 0000000000000001 [ 104.070979] R13: 0000000000000000 R14: 0000000000000003 R15: ffff8801dae069a0 [ 104.078239] ? tcp_cleanup_ulp+0x19f/0x200 [ 104.082456] ? tcp_cleanup_ulp+0x1ad/0x200 [ 104.086677] tcp_v4_destroy_sock+0x161/0x990 [ 104.091100] ? debug_object_init_on_stack+0x20/0x20 [ 104.096127] ? ip_queue_xmit+0x70/0x70 [ 104.100003] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 104.105526] ? hrtimer_try_to_cancel+0xb8/0x6f0 [ 104.110236] ? tcp_set_state+0x1b0/0x9d0 [ 104.114286] ? del_timer+0xf9/0x150 [ 104.117900] ? detach_if_pending+0x6a0/0x6a0 [ 104.122310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.127835] ? check_preemption_disabled+0x48/0x200 [ 104.132845] tcp_v6_destroy_sock+0x15/0x20 [ 104.137068] inet_csk_destroy_sock+0x19f/0x440 [ 104.141648] tcp_done+0x272/0x310 [ 104.145086] tcp_v6_syn_recv_sock+0x1f21/0x25f0 [ 104.149743] ? inet6_sk_rx_dst_set+0xb30/0xb30 [ 104.154313] ? ip6_dst_lookup_tail+0xba3/0x1d60 [ 104.158995] ? __local_bh_enable_ip+0x160/0x260 [ 104.163670] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 104.169193] ? ip6_dst_lookup_tail+0x3c8/0x1d60 [ 104.173860] ? __lock_is_held+0xb5/0x140 [ 104.177916] ? rcu_read_lock_sched_held+0x108/0x120 [ 104.182926] tcp_get_cookie_sock+0x10e/0x580 [ 104.187341] ? cookie_ecn_ok+0x140/0x140 [ 104.191404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 104.196932] ? xfrm_lookup_route+0x74/0x1f0 [ 104.201241] ? ip6_dst_lookup_flow+0x1ce/0x270 [ 104.205811] ? ip6_dst_lookup+0x60/0x60 [ 104.209788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.215318] ? tcp_select_initial_window+0x1e6/0x400 [ 104.220415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.225939] cookie_v6_check+0x17c7/0x27d0 [ 104.230162] ? cookie_v6_init_sequence+0xe0/0xe0 [ 104.234906] ? find_held_lock+0x36/0x1c0 [ 104.238961] ? sk_filter_trim_cap+0x410/0xa70 [ 104.243448] ? lock_downgrade+0x900/0x900 [ 104.247584] ? check_preemption_disabled+0x48/0x200 [ 104.252606] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 104.258395] ? kasan_check_read+0x11/0x20 [ 104.262535] ? rcu_bh_qs+0xc0/0xc0 [ 104.266069] ? sk_filter_trim_cap+0x43c/0xa70 [ 104.270555] ? tcp_v6_inbound_md5_hash+0x1b7/0x410 [ 104.275476] tcp_v6_do_rcv+0x10ea/0x13c0 [ 104.279520] ? tcp_v6_do_rcv+0x10ea/0x13c0 [ 104.283742] tcp_v6_rcv+0x320f/0x3890 [ 104.287532] ? __sanitizer_cov_trace_cmp8+0x8/0x20 [ 104.292458] ? tcp_v6_reqsk_send_ack+0x370/0x370 [ 104.297203] ? __lock_is_held+0xb5/0x140 [ 104.301263] ip6_input_finish+0x3fc/0x1aa0 [ 104.305493] ? ip6_sublist_rcv+0xfb0/0xfb0 [ 104.309722] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 104.314726] ? nf_hook_slow+0x11e/0x1c0 [ 104.318690] ip6_input+0xe9/0x600 [ 104.322130] ? ip6_input_finish+0x1aa0/0x1aa0 [ 104.326616] ? ip6_sublist_rcv+0xfb0/0xfb0 [ 104.330840] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 104.336627] ? kasan_check_read+0x11/0x20 [ 104.340761] ? rcu_bh_qs+0xc0/0xc0 [ 104.344292] ip6_rcv_finish+0x17a/0x330 [ 104.348256] ipv6_rcv+0x115/0x640 [ 104.351693] ? ip6_rcv_core.isra.16+0x1e10/0x1e10 [ 104.356525] ? ip6_rcv_finish_core.isra.13+0x720/0x720 [ 104.361788] ? lock_acquire+0x1ed/0x520 [ 104.365752] ? process_backlog+0x1a7/0x6f0 [ 104.369976] __netif_receive_skb_one_core+0x14d/0x200 [ 104.375159] ? __netif_receive_skb_core+0x3b30/0x3b30 [ 104.380332] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 104.385601] ? rcu_bh_qs+0xc0/0xc0 [ 104.389146] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 104.394588] __netif_receive_skb+0x2c/0x1e0 [ 104.398903] process_backlog+0x218/0x6f0 [ 104.402988] net_rx_action+0x7c5/0x1950 [ 104.406955] ? napi_complete_done+0x6d0/0x6d0 [ 104.411436] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 104.416536] ? try_to_wake_up+0x10a/0x12f0 [ 104.420761] ? migrate_swap_stop+0x930/0x930 [ 104.425154] ? find_held_lock+0x36/0x1c0 [ 104.429205] ? graph_lock+0x170/0x170 [ 104.433003] ? check_preemption_disabled+0x48/0x200 [ 104.438014] ? check_preemption_disabled+0x48/0x200 [ 104.443024] ? lock_release+0x970/0x970 [ 104.446987] ? trace_hardirqs_off+0xb8/0x310 [ 104.451389] ? find_held_lock+0x36/0x1c0 [ 104.455443] ? clockevents_program_event+0x158/0x370 [ 104.460534] ? lock_downgrade+0x900/0x900 [ 104.464675] ? print_usage_bug+0xc0/0xc0 [ 104.468724] ? trace_hardirqs_on+0x310/0x310 [ 104.473138] ? kvm_clock_read+0x18/0x30 [ 104.477095] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 104.482103] ? ktime_get+0x2e1/0x440 [ 104.485812] ? graph_lock+0x170/0x170 [ 104.489614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.495140] ? check_preemption_disabled+0x48/0x200 [ 104.500140] ? check_preemption_disabled+0x48/0x200 [ 104.505148] ? __lock_is_held+0xb5/0x140 [ 104.509207] __do_softirq+0x30b/0xad8 [ 104.512998] ? __irqentry_text_end+0x1f9618/0x1f9618 [ 104.518087] ? irq_exit+0xbd/0x1c0 [ 104.521613] ? smp_apic_timer_interrupt+0x1cb/0x760 [ 104.526611] ? smp_reschedule_interrupt+0x109/0x650 [ 104.531608] ? smp_call_function_single_interrupt+0x650/0x650 [ 104.537476] ? ret_from_intr+0xb/0x1e [ 104.541263] ? trace_hardirqs_off_caller+0xbb/0x310 [ 104.546262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.551087] ? trace_hardirqs_on_caller+0x310/0x310 [ 104.556088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.561611] ? check_preemption_disabled+0x48/0x200 [ 104.566613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.572139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.576967] ? ip6_finish_output2+0xcb1/0x27a0 [ 104.581534] do_softirq_own_stack+0x2a/0x40 [ 104.585835] [ 104.588078] do_softirq.part.13+0x126/0x160 [ 104.592393] __local_bh_enable_ip+0x21d/0x260 [ 104.596913] ip6_finish_output2+0xce4/0x27a0 [ 104.601314] ? ip6_copy_metadata+0xe30/0xe30 [ 104.605709] ? ip6_mtu+0x39c/0x520 [ 104.609252] ? lock_downgrade+0x900/0x900 [ 104.613391] ? check_preemption_disabled+0x48/0x200 [ 104.618396] ? graph_lock+0x170/0x170 [ 104.622179] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 104.627438] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.632956] ? check_preemption_disabled+0x48/0x200 [ 104.637973] ? __lock_is_held+0xb5/0x140 [ 104.642044] ip6_finish_output+0x5fe/0xbc0 [ 104.646268] ? ip6_finish_output+0x5fe/0xbc0 [ 104.650750] ip6_output+0x232/0x9d0 [ 104.654373] ? ip6_finish_output+0xbc0/0xbc0 [ 104.658774] ? ip6_fragment+0x38e0/0x38e0 [ 104.662926] ? __lock_is_held+0xb5/0x140 [ 104.667083] ip6_xmit+0xf69/0x2420 [ 104.670607] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 104.675886] ? ip6_finish_output2+0x27a0/0x27a0 [ 104.680536] ? inet6_csk_route_socket+0x704/0x1020 [ 104.685454] ? inet6_csk_route_req+0x820/0x820 [ 104.690026] ? memcpy+0x45/0x50 [ 104.693291] ? ip6_append_data+0x2d0/0x2d0 [ 104.697648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.703171] ? check_preemption_disabled+0x48/0x200 [ 104.708167] ? check_preemption_disabled+0x48/0x200 [ 104.713171] ? __lock_is_held+0xb5/0x140 [ 104.717222] inet6_csk_xmit+0x375/0x630 [ 104.721199] ? inet6_csk_update_pmtu+0x190/0x190 [ 104.725949] ? tcp_schedule_loss_probe+0x530/0x530 [ 104.730867] __tcp_transmit_skb+0x1c0e/0x3b60 [ 104.735364] ? __tcp_select_window+0x9f0/0x9f0 [ 104.739942] ? pvclock_read_flags+0x160/0x160 [ 104.744426] ? tcp_write_xmit+0xf1/0x5780 [ 104.748562] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 104.754021] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 104.759019] ? kvm_clock_read+0x18/0x30 [ 104.762975] ? tcp_rtx_synack+0x740/0x740 [ 104.767107] ? ktime_get_raw_ts64+0x4f0/0x4f0 [ 104.771583] ? graph_lock+0x170/0x170 [ 104.775372] ? mem_cgroup_sk_free+0x90/0x90 [ 104.779680] tcp_write_xmit+0x10e0/0x5780 [ 104.783818] ? __might_fault+0x100/0x1e0 [ 104.787868] ? __tcp_transmit_skb+0x3b60/0x3b60 [ 104.792525] ? iov_iter_npages+0xe80/0xe80 [ 104.796768] ? kasan_check_write+0x14/0x20 [ 104.800991] ? copyin+0xb7/0x100 [ 104.804356] ? _copy_from_iter_full+0x2b3/0xd20 [ 104.809008] ? tcp_chrono_start+0x190/0x1e0 [ 104.813313] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 104.818328] ? tcp_rate_check_app_limited+0x121/0x460 [ 104.823505] ? iov_iter_advance+0x1460/0x1460 [ 104.828000] tcp_push_one+0xdd/0x110 [ 104.831702] tcp_sendmsg_locked+0xbc3/0x3f00 [ 104.836105] ? tcp_sendpage+0x60/0x60 [ 104.839898] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 104.845420] ? aa_label_sk_perm+0x46d/0x8e0 [ 104.849729] ? find_held_lock+0x36/0x1c0 [ 104.853774] ? mark_held_locks+0xc7/0x130 [ 104.857920] ? __local_bh_enable_ip+0x160/0x260 [ 104.862587] ? __local_bh_enable_ip+0x160/0x260 [ 104.867239] ? trace_hardirqs_on+0xbd/0x310 [ 104.871541] ? lock_release+0x970/0x970 [ 104.875501] ? lock_sock_nested+0xe2/0x120 [ 104.879719] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 104.885155] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.890679] ? check_preemption_disabled+0x48/0x200 [ 104.895702] ? lock_sock_nested+0x9a/0x120 [ 104.899932] ? lock_sock_nested+0x9a/0x120 [ 104.904155] ? __local_bh_enable_ip+0x160/0x260 [ 104.908836] tcp_sendmsg+0x2f/0x50 [ 104.912376] inet_sendmsg+0x1a1/0x690 [ 104.916173] ? ipip_gro_receive+0x100/0x100 [ 104.920476] ? apparmor_socket_sendmsg+0x29/0x30 [ 104.925219] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.930742] ? security_socket_sendmsg+0x94/0xc0 [ 104.935484] ? ipip_gro_receive+0x100/0x100 [ 104.939789] sock_sendmsg+0xd5/0x120 [ 104.943491] __sys_sendto+0x3d7/0x670 [ 104.947285] ? __ia32_sys_getpeername+0xb0/0xb0 [ 104.951952] ? lock_release+0x970/0x970 [ 104.955909] ? arch_local_save_flags+0x40/0x40 [ 104.960474] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 104.965935] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 104.971460] ? put_timespec64+0x10f/0x1b0 [ 104.975595] ? do_syscall_64+0x9a/0x820 [ 104.979552] ? do_syscall_64+0x9a/0x820 [ 104.983511] ? lockdep_hardirqs_on+0x421/0x5c0 [ 104.988076] ? trace_hardirqs_on+0xbd/0x310 [ 104.992381] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.997904] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 105.003347] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 105.008785] __x64_sys_sendto+0xe1/0x1a0 [ 105.012836] do_syscall_64+0x1b9/0x820 [ 105.016707] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 105.022073] ? syscall_return_slowpath+0x5e0/0x5e0 [ 105.026986] ? trace_hardirqs_on_caller+0x310/0x310 [ 105.031990] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 105.036987] ? recalc_sigpending_tsk+0x180/0x180 [ 105.041724] ? kasan_check_write+0x14/0x20 [ 105.045943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 105.050770] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 105.055944] RIP: 0033:0x457569 [ 105.059124] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 105.078117] RSP: 002b:00007f958711dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 105.085839] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 105.093093] RDX: fffffffffffffedd RSI: 0000000020000280 RDI: 0000000000000008 [ 105.100364] RBP: 000000000072c040 R08: 0000000020000080 R09: 000000000000001c [ 105.107613] R10: 0000000020000004 R11: 0000000000000246 R12: 00007f958711e6d4 [ 105.114861] R13: 00000000004c3921 R14: 00000000004d57d8 R15: 00000000ffffffff [ 105.123451] Kernel Offset: disabled [ 105.127099] Rebooting in 86400 seconds..