[�[0;32m OK �[0m] Found device /dev/ttyS0.
[�[0;32m OK �[0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.102' (ECDSA) to the list of known hosts.
syzkaller login: [ 27.841563] IPVS: ftp: loaded support on port[0] = 21
[ 27.912782] chnl_net:caif_netlink_parms(): no params data found
[ 27.975578] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.982643] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.990454] device bridge_slave_0 entered promiscuous mode
[ 27.997177] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.004351] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.011994] device bridge_slave_1 entered promiscuous mode
[ 28.028225] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 28.036773] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 28.054580] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 28.061954] team0: Port device team_slave_0 added
[ 28.068298] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 28.075404] team0: Port device team_slave_1 added
[ 28.090911] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 28.097189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 28.122969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 28.134509] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 28.141587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 28.167318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 28.177937] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 28.185182] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 28.203362] device hsr_slave_0 entered promiscuous mode
[ 28.208990] device hsr_slave_1 entered promiscuous mode
[ 28.214783] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 28.222488] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 28.281641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.288044] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.294712] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.301096] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.327228] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 28.333302] 8021q: adding VLAN 0 to HW filter on device bond0
[ 28.341949] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 28.350474] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 28.369573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.376663] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.386302] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 28.393058] 8021q: adding VLAN 0 to HW filter on device team0
[ 28.401510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 28.409173] bridge0: port 1(bridge_slave_0) entered blocking state
[ 28.415538] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 28.424540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 28.432284] bridge0: port 2(bridge_slave_1) entered blocking state
[ 28.438672] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 28.457680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 28.465224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 28.473429] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 28.481258] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 28.489055] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 28.497316] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 28.503309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 28.515502] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[ 28.522786] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 28.529486] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 28.540472] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 28.587677] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[ 28.596454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 28.624898] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[ 28.632789] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[ 28.640524] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[ 28.650140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 28.657993] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 28.664729] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 28.673713] device veth0_vlan entered promiscuous mode
[ 28.682157] device veth1_vlan entered promiscuous mode
[ 28.688170] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[ 28.696100] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[ 28.706251] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[ 28.715431] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 28.722765] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 28.730218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 28.739497] device veth0_macvtap entered promiscuous mode
[ 28.745468] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[ 28.753817] device veth1_macvtap entered promiscuous mode
[ 28.762292] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[ 28.771148] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[ 28.781031] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 28.788216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 28.797390] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 28.806568] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 28.817452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[ 28.890294]
[ 28.891932] ======================================================
[ 28.898230] WARNING: possible circular locking dependency detected
[ 28.904521] 4.14.284-syzkaller #0 Not tainted
[ 28.908986] ------------------------------------------------------
[ 28.915277] kworker/u4:2/34 is trying to acquire lock:
[ 28.920523] (sk_lock-AF_INET){+.+.}, at: [<ffffffff86826dde>] strp_work+0x3e/0x100
[ 28.928295]
[ 28.928295] but task is already holding lock:
[ 28.934241] ((&strp->work)){+.+.}, at: [<ffffffff81364f26>] process_one_work+0x6e6/0x14a0
[ 28.942639]
[ 28.942639] which lock already depends on the new lock.
[ 28.942639]
[ 28.950928]
[ 28.950928] the existing dependency chain (in reverse order) is:
[ 28.958537]
[ 28.958537] -> #1 ((&strp->work)){+.+.}:
[ 28.964056] flush_work+0xad/0x770
[ 28.968091] __cancel_work_timer+0x321/0x460
[ 28.973011] strp_done+0x53/0xd0
[ 28.977148] kcm_ioctl+0x828/0xfb0
[ 28.981181] sock_ioctl+0x2cc/0x4c0
[ 28.985300] do_vfs_ioctl+0x75a/0xff0
[ 28.989593] SyS_ioctl+0x7f/0xb0
[ 28.993559] do_syscall_64+0x1d5/0x640
[ 28.997939] entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 29.003622]
[ 29.003622] -> #0 (sk_lock-AF_INET){+.+.}:
[ 29.009418] lock_acquire+0x170/0x3f0
[ 29.013715] lock_sock_nested+0xb7/0x100
[ 29.018269] strp_work+0x3e/0x100
[ 29.022215] process_one_work+0x793/0x14a0
[ 29.027209] worker_thread+0x5cc/0xff0
[ 29.031592] kthread+0x30d/0x420
[ 29.035452] ret_from_fork+0x24/0x30
[ 29.040001]
[ 29.040001] other info that might help us debug this:
[ 29.040001]
[ 29.048199] Possible unsafe locking scenario:
[ 29.048199]
[ 29.054224] CPU0 CPU1
[ 29.058859] ---- ----
[ 29.063493] lock((&strp->work));
[ 29.067005] lock(sk_lock-AF_INET);
[ 29.073235] lock((&strp->work));
[ 29.079262] lock(sk_lock-AF_INET);
[ 29.082946]
[ 29.082946] *** DEADLOCK ***
[ 29.082946]
[ 29.088976] 2 locks held by kworker/u4:2/34:
[ 29.093363] #0: ("%s""kstrp"){+.+.}, at: [<ffffffff81364ef0>] process_one_work+0x6b0/0x14a0
[ 29.102010] #1: ((&strp->work)){+.+.}, at: [<ffffffff81364f26>] process_one_work+0x6e6/0x14a0
[ 29.110826]
[ 29.110826] stack backtrace:
[ 29.115302] CPU: 1 PID: 34 Comm: kworker/u4:2 Not tainted 4.14.284-syzkaller #0
[ 29.122802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 29.132138] Workqueue: kstrp strp_work
[ 29.135996] Call Trace:
[ 29.138586] dump_stack+0x1b2/0x281
[ 29.142203] print_circular_bug.constprop.0.cold+0x2d7/0x41e
[ 29.147977] __lock_acquire+0x2e0e/0x3f20
[ 29.152100] ? trace_hardirqs_on+0x10/0x10
[ 29.156310] ? trace_hardirqs_on+0x10/0x10
[ 29.160535] ? lock_acquire+0x170/0x3f0
[ 29.164498] ? lock_sock_nested+0x98/0x100
[ 29.168707] lock_acquire+0x170/0x3f0
[ 29.172579] ? strp_work+0x3e/0x100
[ 29.176184] lock_sock_nested+0xb7/0x100
[ 29.180224] ? strp_work+0x3e/0x100
[ 29.183824] strp_work+0x3e/0x100
[ 29.187251] process_one_work+0x793/0x14a0
[ 29.191468] ? work_busy+0x320/0x320
[ 29.195157] ? worker_thread+0x158/0xff0
[ 29.199193] ? _raw_spin_unlock_irq+0x24/0x80
[ 29.203663] worker_thread+0x5cc/0xff0
[ 29.207524] ? rescuer_thread+0xc80/0xc80
[ 29.211658] kthread+0x30d/0x420
[ 29.215004] ? kthread_create_on_node+0xd0/0xd0
[ 29.219649] ret_from_fork+0x24/0x30
[ 29.224384] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready