[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.748963] kauditd_printk_skb: 7 callbacks suppressed [ 28.748975] audit: type=1800 audit(1543769353.443:29): pid=5874 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.775574] audit: type=1800 audit(1543769353.453:30): pid=5874 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts. syzkaller login: [ 40.042921] IPVS: ftp: loaded support on port[0] = 21 [ 40.208061] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.215469] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.223222] device bridge_slave_0 entered promiscuous mode [ 40.242502] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.249027] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.256316] device bridge_slave_1 entered promiscuous mode [ 40.274383] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 40.293355] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 40.345365] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.366056] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.445878] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.453261] team0: Port device team_slave_0 added [ 40.470413] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.477599] team0: Port device team_slave_1 added [ 40.495745] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.516768] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.536324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.556683] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 40.706930] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.713411] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.720526] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.726876] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 41.273217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.327172] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 41.380881] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 41.387092] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.395207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.444735] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 41.994383] BUG: unable to handle kernel paging request at ffff888220000000 [ 42.001513] PGD be01067 P4D be01067 PUD be04067 PMD 0 [ 42.006781] Oops: 0000 [#1] PREEMPT SMP KASAN [ 42.011260] CPU: 0 PID: 6029 Comm: syz-executor487 Not tainted 4.20.0-rc4+ #359 [ 42.018725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.028079] RIP: 0010:do_csum+0x192/0x410 [ 42.032216] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 42.051106] RSP: 0018:ffff8881c103e568 EFLAGS: 00010212 [ 42.056453] RAX: 0000000000000000 RBX: 6e4c7504dd0c7592 RCX: ffffffff87d8eca6 [ 42.063707] RDX: 0000000000000000 RSI: 000000000260a006 RDI: 0000000000000000 [ 42.070965] RBP: ffff8881c103e5a0 R08: ffff8881c4090600 R09: ffff8881b8290194 [ 42.078236] R10: 000000000000ffd4 R11: ffffea0006f59877 R12: 00000000ffff0038 [ 42.085492] R13: ffff8881b8290198 R14: 000000000260a006 R15: ffff88821fffffd8 [ 42.092748] FS: 0000000000aa0880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000 [ 42.100957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.106822] CR2: ffff888220000000 CR3: 00000001c28ea000 CR4: 00000000001406f0 [ 42.114097] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.121354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.128605] Call Trace: [ 42.131194] csum_partial+0x21/0x30 [ 42.134804] tcp_gso_segment+0xa7d/0x17b0 [ 42.138975] ? sk_common_release+0x320/0x320 [ 42.143371] tcp6_gso_segment+0x1c8/0x580 [ 42.147502] ipv6_gso_segment+0x554/0x1130 [ 42.151724] ? audit_tree_freeing_mark+0xee2/0xfd0 [ 42.156660] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 42.161507] ? __lock_is_held+0xb5/0x140 [ 42.165878] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 42.170708] inet_gso_segment+0x639/0x1350 [ 42.174932] ? inet_sock_destruct+0x9b0/0x9b0 [ 42.179416] ipv6_gso_segment+0x554/0x1130 [ 42.183634] ? skb_mac_gso_segment+0x229/0x740 [ 42.188211] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 42.193042] ? kasan_check_read+0x11/0x20 [ 42.197231] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 42.202518] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 42.207728] ? rcu_softirq_qs+0x20/0x20 [ 42.211690] ? skb_network_protocol+0xfc/0x4c0 [ 42.216260] skb_mac_gso_segment+0x3b3/0x740 [ 42.220656] ? sit_ip6ip6_gro_receive+0x100/0x100 [ 42.225495] ? skb_network_protocol+0x4c0/0x4c0 [ 42.230163] ? print_usage_bug+0xc0/0xc0 [ 42.234214] ? __lock_acquire+0x2aff/0x4c20 [ 42.238523] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 42.243705] ? skb_network_protocol+0xfc/0x4c0 [ 42.248275] __skb_gso_segment+0x3c3/0x880 [ 42.252495] ? skb_mac_gso_segment+0x740/0x740 [ 42.257063] validate_xmit_skb+0x640/0xf30 [ 42.261302] ? netif_skb_features+0xb70/0xb70 [ 42.265792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.271318] ? check_preemption_disabled+0x48/0x280 [ 42.276320] validate_xmit_skb_list+0xd1/0x140 [ 42.280891] sch_direct_xmit+0x30e/0x1130 [ 42.285023] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.290555] ? check_preemption_disabled+0x48/0x280 [ 42.295560] ? dev_watchdog+0xb10/0xb10 [ 42.299519] ? __lock_is_held+0xb5/0x140 [ 42.303596] __qdisc_run+0x636/0x1990 [ 42.307390] ? sch_direct_xmit+0x1130/0x1130 [ 42.311785] ? lock_acquire+0x1ed/0x520 [ 42.315740] ? dev_queue_xmit+0x17/0x20 [ 42.319706] ? lock_release+0xa00/0xa00 [ 42.323664] ? mini_qdisc_pair_init+0x160/0x160 [ 42.328323] __dev_queue_xmit+0x1915/0x3ad0 [ 42.332630] ? dev_queue_xmit+0x17/0x20 [ 42.336589] ? netdev_pick_tx+0x310/0x310 [ 42.340726] ? __alloc_skb+0x4c6/0x770 [ 42.344607] ? mark_held_locks+0x130/0x130 [ 42.348827] ? kasan_check_read+0x11/0x20 [ 42.352959] ? zap_class+0x640/0x640 [ 42.356670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.362198] ? refcount_add_not_zero_checked+0x21e/0x330 [ 42.367650] ? find_held_lock+0x36/0x1c0 [ 42.371706] ? perf_trace_sched_process_exec+0x860/0x860 [ 42.377145] ? kasan_check_write+0x14/0x20 [ 42.381385] ? copyin+0xb7/0x100 [ 42.384739] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 42.389741] ? copy_page_from_iter+0x541/0x8f0 [ 42.394313] ? _copy_from_iter+0xf70/0xf70 [ 42.398532] ? _copy_from_iter_full+0x2d8/0xce0 [ 42.403194] ? kasan_check_read+0x11/0x20 [ 42.407341] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 42.412602] ? depot_save_stack+0x292/0x470 [ 42.416908] ? skb_copy_datagram_from_iter+0x451/0x660 [ 42.422171] dev_queue_xmit+0x17/0x20 [ 42.425958] ? dev_queue_xmit+0x17/0x20 [ 42.429916] packet_sendmsg+0x430a/0x6570 [ 42.434049] ? find_held_lock+0x36/0x1c0 [ 42.438104] ? packet_getname+0x5f0/0x5f0 [ 42.442236] ? perf_trace_sched_process_exec+0x860/0x860 [ 42.447681] ? usercopy_warn+0x110/0x110 [ 42.451729] ? tg_cfs_schedulable_down+0x10/0x330 [ 42.456560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.462082] ? _copy_from_user+0xdf/0x150 [ 42.466217] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.471740] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 42.476658] ? aa_sk_perm+0x22b/0x8e0 [ 42.480442] ? import_iovec+0x2a3/0x4b0 [ 42.484449] ? aa_af_perm+0x5a0/0x5a0 [ 42.488237] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.493761] ? aa_sock_msg_perm.isra.14+0xba/0x160 [ 42.498674] ? apparmor_socket_sendmsg+0x29/0x30 [ 42.503417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.508954] ? security_socket_sendmsg+0x94/0xc0 [ 42.513695] ? packet_getname+0x5f0/0x5f0 [ 42.517825] sock_sendmsg+0xd5/0x120 [ 42.521535] ___sys_sendmsg+0x7fd/0x930 [ 42.525497] ? find_held_lock+0x36/0x1c0 [ 42.529556] ? copy_msghdr_from_user+0x580/0x580 [ 42.534303] ? zap_class+0x640/0x640 [ 42.538023] ? perf_trace_sched_process_exec+0x860/0x860 [ 42.543463] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.548990] ? __fget_light+0x2e9/0x430 [ 42.552946] ? fget_raw+0x20/0x20 [ 42.556382] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.561929] ? aa_af_perm+0x5a0/0x5a0 [ 42.565729] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.571249] ? sockfd_lookup_light+0xc5/0x160 [ 42.575726] __sys_sendmsg+0x11d/0x280 [ 42.579597] ? __ia32_sys_shutdown+0x80/0x80 [ 42.583999] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.589537] ? __sys_setsockopt+0x254/0x3c0 [ 42.593850] ? do_syscall_64+0x9a/0x820 [ 42.597807] ? do_syscall_64+0x9a/0x820 [ 42.601771] ? trace_hardirqs_off_caller+0x310/0x310 [ 42.606858] __x64_sys_sendmsg+0x78/0xb0 [ 42.610903] do_syscall_64+0x1b9/0x820 [ 42.614772] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 42.620123] ? syscall_return_slowpath+0x5e0/0x5e0 [ 42.625036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.629864] ? trace_hardirqs_on_caller+0x310/0x310 [ 42.634862] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 42.639876] ? prepare_exit_to_usermode+0x291/0x3b0 [ 42.644893] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.649720] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.654890] RIP: 0033:0x441449 [ 42.658068] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 42.676957] RSP: 002b:00007ffcc02cf808 EFLAGS: 00000286 ORIG_RAX: 000000000000002e [ 42.684678] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441449 [ 42.691930] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003 [ 42.699191] RBP: 00000000006cc018 R08: 0000000000000100 R09: 0000000000000100 [ 42.706456] R10: 0000000000000100 R11: 0000000000000286 R12: 00000000004023b0 [ 42.713707] R13: 0000000000402440 R14: 0000000000000000 R15: 0000000000000000 [ 42.720964] Modules linked in: [ 42.724140] CR2: ffff888220000000 [ 42.727576] ---[ end trace f3839d6281929007 ]--- [ 42.732320] RIP: 0010:do_csum+0x192/0x410 [ 42.736449] Code: 85 f6 74 54 4d 89 ef e8 4c af a6 f9 41 83 ee 01 31 ff 31 c0 44 89 f6 49 03 1f 49 13 5f 08 49 13 5f 10 49 13 5f 18 49 13 5f 20 <49> 13 5f 28 49 13 5f 30 49 13 5f 38 48 11 c3 e8 2a b0 a6 f9 49 83 [ 42.755340] RSP: 0018:ffff8881c103e568 EFLAGS: 00010212 [ 42.760686] RAX: 0000000000000000 RBX: 6e4c7504dd0c7592 RCX: ffffffff87d8eca6 [ 42.767939] RDX: 0000000000000000 RSI: 000000000260a006 RDI: 0000000000000000 [ 42.775196] RBP: ffff8881c103e5a0 R08: ffff8881c4090600 R09: ffff8881b8290194 [ 42.782450] R10: 000000000000ffd4 R11: ffffea0006f59877 R12: 00000000ffff0038 [ 42.789704] R13: ffff8881b8290198 R14: 000000000260a006 R15: ffff88821fffffd8 [ 42.796973] FS: 0000000000aa0880(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000 [ 42.805190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.811055] CR2: ffff888220000000 CR3: 00000001c28ea000 CR4: 00000000001406f0 [ 42.818315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.825570] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.832823] Kernel panic - not syncing: Fatal exception in interrupt [ 42.840251] Kernel Offset: disabled [ 42.843877] Rebooting in 86400 seconds..