[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 27.479330] kauditd_printk_skb: 7 callbacks suppressed [ 27.479342] audit: type=1800 audit(1538342306.045:29): pid=5234 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 27.505718] audit: type=1800 audit(1538342306.045:30): pid=5234 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.13' (ECDSA) to the list of known hosts. syzkaller login: [ 38.199634] IPVS: ftp: loaded support on port[0] = 21 [ 38.362914] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.369961] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.377581] device bridge_slave_0 entered promiscuous mode [ 38.396142] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.402542] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.410054] device bridge_slave_1 entered promiscuous mode [ 38.427793] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 38.445623] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 38.494049] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 38.514930] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 38.587737] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 38.595369] team0: Port device team_slave_0 added [ 38.613112] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 38.620367] team0: Port device team_slave_1 added [ 38.637083] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.656152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.675049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.694238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready RTNETLINK answers: Operation not supported RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported [ 38.839259] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.845772] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.852532] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.858927] bridge0: port 1(bridge_slave_0) entered forwarding state RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 39.359566] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.412936] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 39.462711] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 39.469239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.476602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.521918] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 39.805171] BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() [ 39.818525] CPU: 0 PID: 5631 Comm: syz-executor091 Not tainted 4.19.0-rc6+ #262 [ 39.825969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.835316] Call Trace: [ 39.837894] [ 39.840037] dump_stack+0x1c4/0x2b4 [ 39.843667] ? dump_stack_print_info.cold.2+0x52/0x52 [ 39.848853] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 39.854389] ? tfrc_rx_handle_loss+0x67b/0x1eb0 [ 39.859059] tfrc_rx_hist_sample_rtt.cold.3+0x54/0x5c [ 39.864238] ccid3_hc_rx_packet_recv+0x5c4/0xeb0 [ 39.868982] ? dccp_parse_options+0x4a1/0x12f0 [ 39.873556] ? ccid3_hc_tx_send_packet+0x880/0x880 [ 39.878475] dccp_deliver_input_to_ccids+0xf0/0x280 [ 39.883478] dccp_rcv_established+0x87/0xb0 [ 39.887890] dccp_v4_do_rcv+0x153/0x180 [ 39.891853] __sk_receive_skb+0x3e5/0xec0 [ 39.895993] ? sk_free+0x50/0x50 [ 39.899351] ? inet_lhash2_lookup+0x6e0/0x6e0 [ 39.903827] ? reqsk_fastopen_remove+0x660/0x660 [ 39.908576] ? lock_downgrade+0x900/0x900 [ 39.912711] ? check_preemption_disabled+0x48/0x200 [ 39.917722] ? dccp_invalid_packet+0x64/0x880 [ 39.922217] dccp_v4_rcv+0x10f9/0x1f58 [ 39.926113] ? dccp_v4_err+0x18a0/0x18a0 [ 39.930225] ? __lock_is_held+0xb5/0x140 [ 39.934284] ip_local_deliver_finish+0x2e9/0xda0 [ 39.939149] ? ip_sublist_rcv_finish+0x3f0/0x3f0 [ 39.943901] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 39.948907] ? nf_hook_slow+0x11e/0x1c0 [ 39.953021] ip_local_deliver+0x1e9/0x750 [ 39.957165] ? ip_call_ra_chain+0x730/0x730 [ 39.961550] ? ip_sublist_rcv_finish+0x3f0/0x3f0 [ 39.966659] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 39.972459] ? kasan_check_read+0x11/0x20 [ 39.976643] ? rcu_bh_qs+0xc0/0xc0 [ 39.980173] ip_rcv_finish+0x1f9/0x300 [ 39.984044] ip_rcv+0xed/0x610 [ 39.987223] ? ip_local_deliver+0x750/0x750 [ 39.991539] ? ip_rcv_finish_core.isra.15+0x1f40/0x1f40 [ 39.996891] ? lock_acquire+0x1ed/0x520 [ 40.000847] ? process_backlog+0x1a7/0x6f0 [ 40.005080] __netif_receive_skb_one_core+0x14d/0x200 [ 40.010287] ? __netif_receive_skb_core+0x3b60/0x3b60 [ 40.015464] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 40.020722] ? rcu_bh_qs+0xc0/0xc0 [ 40.024245] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 40.029689] __netif_receive_skb+0x2c/0x1e0 [ 40.033998] process_backlog+0x218/0x6f0 [ 40.038050] net_rx_action+0x7c5/0x1950 [ 40.042134] ? napi_complete_done+0x6d0/0x6d0 [ 40.046819] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 40.052148] ? rcu_bh_qs+0xc0/0xc0 [ 40.055679] ? rebalance_domains+0x375/0xdc0 [ 40.060082] ? load_balance+0x3430/0x3430 [ 40.064220] ? enqueue_hrtimer+0x1a5/0x560 [ 40.068436] ? lock_release+0x970/0x970 [ 40.072405] ? find_held_lock+0x36/0x1c0 [ 40.076457] ? pvclock_read_flags+0x160/0x160 [ 40.080937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.086469] ? check_preemption_disabled+0x48/0x200 [ 40.091475] ? check_preemption_disabled+0x48/0x200 [ 40.096484] ? print_usage_bug+0xc0/0xc0 [ 40.100528] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.106060] ? check_preemption_disabled+0x48/0x200 [ 40.111071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.116601] ? __local_bh_enable+0xef/0x130 [ 40.120908] ? graph_lock+0x170/0x170 [ 40.124702] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.130242] ? check_preemption_disabled+0x48/0x200 [ 40.135242] ? check_preemption_disabled+0x48/0x200 [ 40.140246] ? __lock_is_held+0xb5/0x140 [ 40.144298] __do_softirq+0x30b/0xad8 [ 40.148096] ? __irqentry_text_end+0x1f9618/0x1f9618 [ 40.153457] ? smp_reschedule_interrupt+0x109/0x650 [ 40.158485] ? smp_thermal_interrupt+0x850/0x850 [ 40.163227] ? ret_from_intr+0xb/0x1e [ 40.167011] ? trace_hardirqs_off_caller+0xbb/0x310 [ 40.172009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.176834] ? trace_hardirqs_on_caller+0x310/0x310 [ 40.181836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.187361] ? check_preemption_disabled+0x48/0x200 [ 40.192359] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.197891] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.202721] ? ip_finish_output2+0xa83/0x1860 [ 40.207287] do_softirq_own_stack+0x2a/0x40 [ 40.211702] [ 40.213931] do_softirq.part.13+0x126/0x160 [ 40.219199] __local_bh_enable_ip+0x21d/0x260 [ 40.223684] ip_finish_output2+0xab6/0x1860 [ 40.227992] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 40.233774] ? ip_copy_metadata+0xe10/0xe10 [ 40.238080] ? graph_lock+0x170/0x170 [ 40.241865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.247411] ? check_preemption_disabled+0x48/0x200 [ 40.252412] ? check_preemption_disabled+0x48/0x200 [ 40.257416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.262936] ? ipv4_mtu+0x37d/0x590 [ 40.266553] ? __lock_is_held+0xb5/0x140 [ 40.270626] ip_finish_output+0x7fd/0xf60 [ 40.274758] ? ip_finish_output+0x7fd/0xf60 [ 40.279076] ? ip_fragment.constprop.49+0x240/0x240 [ 40.284079] ? kasan_check_read+0x11/0x20 [ 40.288215] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 40.293474] ? rcu_bh_qs+0xc0/0xc0 [ 40.297001] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 40.301998] ? nf_hook_slow+0x11e/0x1c0 [ 40.305960] ip_output+0x21d/0x8d0 [ 40.309495] ? ip_mc_output+0x15b0/0x15b0 [ 40.313632] ? ip_fragment.constprop.49+0x240/0x240 [ 40.326409] ? __lock_is_held+0xb5/0x140 [ 40.336090] ip_local_out+0xc5/0x1b0 [ 40.339797] __ip_queue_xmit+0x9af/0x1f30 [ 40.343935] ? ip_build_and_send_pkt+0xc80/0xc80 [ 40.348674] ? __skb_checksum+0x920/0x920 [ 40.352803] ? skb_send_sock+0x50/0x50 [ 40.356681] ? reqsk_fastopen_remove+0x660/0x660 [ 40.361419] ? dccp_insert_option_padding+0xbc/0xe0 [ 40.366423] ip_queue_xmit+0x56/0x70 [ 40.370128] dccp_transmit_skb+0x98c/0x12e0 [ 40.374437] dccp_xmit_packet+0x25e/0x7d0 [ 40.378613] ? kasan_check_write+0x14/0x20 [ 40.382832] ? do_raw_spin_lock+0xc1/0x200 [ 40.387050] ? dccp_send_sync+0x270/0x270 [ 40.391181] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 40.396182] ? ccid3_hc_tx_send_packet+0x358/0x880 [ 40.401100] dccp_write_xmit+0x190/0x1f0 [ 40.405146] dccp_sendmsg+0xdc8/0x1020 [ 40.409041] ? dccp_getsockopt+0xf0/0xf0 [ 40.413094] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 40.418017] ? aa_sk_perm+0x218/0x8b0 [ 40.421822] ? import_iovec+0x269/0x470 [ 40.425782] ? aa_af_perm+0x5a0/0x5a0 [ 40.429574] inet_sendmsg+0x1a1/0x690 [ 40.433374] ? ipip_gro_receive+0x100/0x100 [ 40.437680] ? apparmor_socket_sendmsg+0x29/0x30 [ 40.442419] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 40.447956] ? security_socket_sendmsg+0x94/0xc0 [ 40.452708] ? ipip_gro_receive+0x100/0x100 [ 40.457016] sock_sendmsg+0xd5/0x120 [ 40.460715] ___sys_sendmsg+0x7fd/0x930 [ 40.464677] ? copy_msghdr_from_user+0x580/0x580 [ 40.469418] ? kasan_check_write+0x14/0x20 [ 40.473644] ? __fget_light+0x2e9/0x430 [ 40.477610] ? fget_raw+0x20/0x20 [ 40.481049] ? do_dccp_setsockopt.isra.10+0x1fc/0x7b0 [ 40.486227] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 40.491661] ? __kasan_slab_free+0x119/0x150 [ 40.496066] ? do_dccp_setsockopt.isra.10+0x1fc/0x7b0 [ 40.501263] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 40.506787] ? sockfd_lookup_light+0xc5/0x160 [ 40.511280] __sys_sendmsg+0x11d/0x280 [ 40.515155] ? __ia32_sys_shutdown+0x80/0x80 [ 40.519544] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 40.525065] ? fput+0x130/0x1a0 [ 40.528332] ? __x64_sys_futex+0x47f/0x6a0 [ 40.532552] ? do_syscall_64+0x9a/0x820 [ 40.536516] ? do_syscall_64+0x9a/0x820 [ 40.540497] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 40.545948] __x64_sys_sendmsg+0x78/0xb0 [ 40.550000] do_syscall_64+0x1b9/0x820 [ 40.553872] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 40.559335] ? syscall_return_slowpath+0x5e0/0x5e0 [ 40.564249] ? trace_hardirqs_on_caller+0x310/0x310 [ 40.569252] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 40.574251] ? recalc_sigpending_tsk+0x180/0x180 [ 40.578989] ? kasan_check_write+0x14/0x20 [ 40.583211] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.588050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.593224] RIP: 0033:0x446a49 [ 40.596401] Code: e8 cc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 40.615292] RSP: 002b:00007f1ad68d2da8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 40.623210] RAX: ffffffffffffffda RBX: 00000000006dec58 RCX: 0000000000446a49 [ 40.630469] RDX: 0000000004000080 RSI: 00000000200030c0 RDI: 0000000000000005 [ 40.637738] RBP: 00000000006dec50 R08: 0000000000000000 R09: 0000000000000000 [ 40.644989] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dec5c [ 40.652241] R13: 00000000004b01c8 R14: 0000000020001f80 R15: 0000000000000001