[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.145' (ECDSA) to the list of known hosts.
syzkaller login: [ 33.406006] audit: type=1400 audit(1595412582.355:8): avc: denied { execmem } for pid=6343 comm="syz-executor319" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 33.660595] IPVS: ftp: loaded support on port[0] = 21
[ 34.612670] chnl_net:caif_netlink_parms(): no params data found
[ 34.671900] bridge0: port 1(bridge_slave_0) entered blocking state
[ 34.678451] bridge0: port 1(bridge_slave_0) entered disabled state
[ 34.686224] device bridge_slave_0 entered promiscuous mode
[ 34.693666] bridge0: port 2(bridge_slave_1) entered blocking state
[ 34.700586] bridge0: port 2(bridge_slave_1) entered disabled state
[ 34.707451] device bridge_slave_1 entered promiscuous mode
[ 34.723260] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 34.731838] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 34.748633] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 34.756157] team0: Port device team_slave_0 added
[ 34.761925] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 34.769201] team0: Port device team_slave_1 added
[ 34.783057] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 34.789405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 34.814703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 34.826082] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 34.832369] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 34.857639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 34.868460] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 34.876066] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 34.931590] device hsr_slave_0 entered promiscuous mode
[ 34.979119] device hsr_slave_1 entered promiscuous mode
[ 35.019641] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 35.026672] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 35.088087] bridge0: port 2(bridge_slave_1) entered blocking state
[ 35.094543] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 35.101429] bridge0: port 1(bridge_slave_0) entered blocking state
[ 35.107783] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 35.137451] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 35.144762] 8021q: adding VLAN 0 to HW filter on device bond0
[ 35.153115] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 35.162296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 35.181310] bridge0: port 1(bridge_slave_0) entered disabled state
[ 35.188244] bridge0: port 2(bridge_slave_1) entered disabled state
[ 35.198317] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 35.204544] 8021q: adding VLAN 0 to HW filter on device team0
[ 35.212813] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 35.220677] bridge0: port 1(bridge_slave_0) entered blocking state
[ 35.227029] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 35.239946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 35.247497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 35.253892] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 35.263979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 35.272652] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 35.290167] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 35.297659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 35.307469] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 35.317326] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 35.323636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 35.336537] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[ 35.343993] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 35.350751] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 35.361507] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 35.410568] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[ 35.420584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 35.452389] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[ 35.459841] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[ 35.466242] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[ 35.475647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 35.483917] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 35.491128] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 35.500709] device veth0_vlan entered promiscuous mode
[ 35.509444] device veth1_vlan entered promiscuous mode
[ 35.515180] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[ 35.524091] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[ 35.534966] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[ 35.544502] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 35.552109] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 35.559526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 35.569299] device veth0_macvtap entered promiscuous mode
[ 35.575275] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[ 35.584229] device veth1_macvtap entered promiscuous mode
[ 35.593183] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[ 35.600385] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 35.607512] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 35.616962] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[ 35.626173] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[ 35.633423] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 35.640312] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 35.647995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 35.659153] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[ 35.666012] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 35.672793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 35.680801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[ 35.788420] BUG: spinlock recursion on CPU#1, syz-executor319/6344
[ 35.794788] lock: 0xffff8880983dc728, .magic: dead4ead, .owner: syz-executor319/6344, .owner_cpu: 1
[ 35.804070] CPU: 1 PID: 6344 Comm: syz-executor319 Not tainted 4.14.189-syzkaller #0
[ 35.811931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 35.821256] Call Trace:
[ 35.823819] dump_stack+0x1b2/0x283
[ 35.827426] do_raw_spin_lock+0x1a2/0x200
[ 35.831549] dev_mc_sync+0x10b/0x1c0
[ 35.835354] ? vlan_dev_set_mac_address+0x5c0/0x5c0
[ 35.840345] vlan_dev_set_rx_mode+0x38/0x80
[ 35.844641] __dev_set_rx_mode+0x191/0x2a0
[ 35.848854] dev_uc_unsync+0x16c/0x1c0
[ 35.852743] bond_enslave+0x2014/0x4b00
[ 35.856719] ? bond_update_slave_arr+0x670/0x670
[ 35.861592] ? nlmsg_notify+0x126/0x170
[ 35.865544] ? rtmsg_ifinfo+0xd4/0x100
[ 35.869406] ? __dev_notify_flags+0x12b/0x260
[ 35.873875] ? dev_change_name+0x6a0/0x6a0
[ 35.878085] ? bond_update_slave_arr+0x670/0x670
[ 35.882817] do_set_master+0x19e/0x200
[ 35.886715] rtnl_newlink+0x134c/0x1810
[ 35.890671] ? __lock_acquire+0x5fc/0x3f20
[ 35.894893] ? kmem_cache_free+0x7c/0x2b0
[ 35.899018] ? rtnl_dellink+0x6a0/0x6a0
[ 35.902966] ? trace_hardirqs_on+0x10/0x10
[ 35.907184] ? lock_acquire+0x170/0x3f0
[ 35.911148] ? lock_acquire+0x170/0x3f0
[ 35.915365] ? lock_downgrade+0x740/0x740
[ 35.919488] ? rtnl_dellink+0x6a0/0x6a0
[ 35.923434] rtnetlink_rcv_msg+0x3be/0xb10
[ 35.927652] ? rtnl_calcit.isra.0+0x3a0/0x3a0
[ 35.932130] ? __netlink_lookup+0x345/0x5d0
[ 35.936425] ? netdev_pick_tx+0x2e0/0x2e0
[ 35.940557] netlink_rcv_skb+0x125/0x390
[ 35.944590] ? memcpy+0x35/0x50
[ 35.947855] ? rtnl_calcit.isra.0+0x3a0/0x3a0
[ 35.952326] ? netlink_ack+0x9a0/0x9a0
[ 35.956192] netlink_unicast+0x437/0x610
[ 35.961390] ? netlink_sendskb+0xd0/0xd0
[ 35.965430] netlink_sendmsg+0x62e/0xb80
[ 35.969479] ? nlmsg_notify+0x170/0x170
[ 35.973427] ? kernel_recvmsg+0x210/0x210
[ 35.977547] ? security_socket_sendmsg+0x83/0xb0
[ 35.982277] ? nlmsg_notify+0x170/0x170
[ 35.986235] sock_sendmsg+0xb5/0x100
[ 35.990009] ___sys_sendmsg+0x6c8/0x800
[ 35.993956] ? copy_msghdr_from_user+0x3b0/0x3b0
[ 35.998685] ? trace_hardirqs_on+0x10/0x10
[ 36.002903] ? trace_hardirqs_on+0x10/0x10
[ 36.007135] ? trace_hardirqs_on+0x10/0x10
[ 36.011441] ? trace_hardirqs_on+0x10/0x10
[ 36.015649] ? fs_reclaim_release+0xd0/0x110
[ 36.020031] ? __might_fault+0x104/0x1b0
[ 36.024076] ? lock_acquire+0x170/0x3f0
[ 36.028023] ? lock_downgrade+0x740/0x740
[ 36.032147] ? __might_fault+0x177/0x1b0
[ 36.036196] ? _copy_to_user+0x82/0xd0
[ 36.040068] ? move_addr_to_user+0x13f/0x180
[ 36.044465] ? __fdget+0x167/0x1f0
[ 36.047990] ? sockfd_lookup_light+0xb2/0x160
[ 36.052460] __sys_sendmsg+0xa3/0x120
[ 36.056243] ? SyS_shutdown+0x160/0x160
[ 36.060194] ? move_addr_to_kernel+0x60/0x60
[ 36.064577] SyS_sendmsg+0x27/0x40
[ 36.068094] ? __sys_sendmsg+0x120/0x120
[ 36.072133] do_syscall_64+0x1d5/0x640
[ 36.075995] entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 36.081168] RIP: 0033:0x443d29
[ 36.084341] RSP: 002b:00007ffd89e04078 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 36.092029] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443d29
[ 36.099627] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000010
[ 36.106893] RBP: 00007ffd89e04090 R08: 00000000bb1414ac R09: 00000000bb1414ac
[ 36.114143] R10: 00000000bb1414ac R11: 0000000000000246 R12: 00007ffd89e040c0
[ 36.121390] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000