INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.37' (ECDSA) to the list of known hosts.
2018/04/24 04:47:45 parsed 1 programs
2018/04/24 04:47:45 executed programs: 0
syzkaller login: [   29.347768] IPVS: ftp: loaded support on port[0] = 21
[   29.530802] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.537240] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.544762] device bridge_slave_0 entered promiscuous mode
[   29.560757] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.567124] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.574270] device bridge_slave_1 entered promiscuous mode
[   29.589866] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   29.605186] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   29.644406] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   29.662290] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   29.720170] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   29.727558] team0: Port device team_slave_0 added
[   29.741772] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   29.748881] team0: Port device team_slave_1 added
[   29.763479] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   29.780357] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   29.796804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   29.813633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   29.922673] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.929101] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.936038] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.942396] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.335562] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   30.341695] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.383354] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   30.425408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.433595] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   30.469985] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   30.476097] 8021q: adding VLAN 0 to HW filter on device team0
[   30.482951] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   30.719679] 
[   30.721449] =============================
[   30.725629] WARNING: suspicious RCU usage
[   30.729788] 4.17.0-rc1+ #16 Not tainted
[   30.733769] -----------------------------
[   30.737946] net/ipv6/route.c:1550 suspicious rcu_dereference_protected() usage!
[   30.745408] 
[   30.745408] other info that might help us debug this:
[   30.745408] 
[   30.753564] 
[   30.753564] rcu_scheduler_active = 2, debug_locks = 1
[   30.760245] 3 locks held by syz-executor0/4741:
[   30.764926]  #0: 00000000c0a1e72b (rcu_read_lock_bh){....}, at: ip6_finish_output2+0x253/0x2800
[   30.773800]  #1: 00000000c0a1e72b (rcu_read_lock_bh){....}, at: __dev_queue_xmit+0x30f/0x34c0
[   30.782512]  #2: 00000000e06cb70d (rcu_read_lock){....}, at: ip6_link_failure+0xfe/0x790
[   30.790779] 
[   30.790779] stack backtrace:
[   30.795291] CPU: 0 PID: 4741 Comm: syz-executor0 Not tainted 4.17.0-rc1+ #16
[   30.802456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   30.811786] Call Trace:
[   30.814360]  dump_stack+0x1b9/0x294
[   30.817971]  ? dump_stack_print_info.cold.2+0x52/0x52
[   30.823143]  ? print_lock+0xd1/0xd6
[   30.826765]  ? vprintk_func+0x81/0xe7
[   30.830549]  lockdep_rcu_suspicious+0x14a/0x153
[   30.835209]  rt6_remove_exception_rt+0x416/0x4d0
[   30.839956]  ? __rt6_find_exception_spinlock+0x330/0x330
[   30.845401]  ? kasan_check_read+0x11/0x20
[   30.849532]  ? rcu_is_watching+0x85/0x140
[   30.853662]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   30.858834]  ? ip6_neigh_lookup+0x899/0xcb0
[   30.863147]  ip6_link_failure+0x484/0x790
[   30.867280]  ? rt6_do_update_pmtu+0x730/0x730
[   30.871759]  ? refcount_inc_not_zero+0x2d0/0x2d0
[   30.876501]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   30.882032]  ? __ipv6_addr_type+0x219/0x32f
[   30.886344]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   30.891866]  ? ip6_tnl_get_cap+0x16e/0x190
[   30.896094]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   30.901615]  ? ip6_tnl_xmit_ctl+0x104/0x450
[   30.905922]  ? rt6_do_update_pmtu+0x730/0x730
[   30.910402]  ip6_tnl_xmit+0x49a/0x34b0
[   30.914282]  ? ip6ip6_err+0x730/0x730
[   30.920339]  ? print_usage_bug+0xc0/0xc0
[   30.924395]  ? __lock_acquire+0x7f5/0x5140
[   30.928612]  ? graph_lock+0x170/0x170
[   30.932398]  ? __lock_acquire+0x7f5/0x5140
[   30.936617]  ? __lock_acquire+0x7f5/0x5140
[   30.940843]  ? debug_check_no_locks_freed+0x310/0x310
[   30.946025]  ? print_usage_bug+0xc0/0xc0
[   30.950088]  ? print_usage_bug+0xc0/0xc0
[   30.954135]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   30.959139]  ? map_id_range_down+0x1e6/0x410
[   30.963533]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   30.969079]  ? iptunnel_handle_offloads+0x3c2/0x710
[   30.974091]  ? iptunnel_metadata_reply+0x380/0x380
[   30.979013]  ip6_tnl_start_xmit+0x8fc/0x2290
[   30.983412]  ? ip6_tnl_start_xmit+0x8fc/0x2290
[   30.987986]  ? ip6_tnl_xmit+0x34b0/0x34b0
[   30.992136]  ? debug_check_no_locks_freed+0x310/0x310
[   30.997310]  ? __lock_acquire+0x7f5/0x5140
[   31.001526]  ? debug_check_no_locks_freed+0x310/0x310
[   31.006701]  ? debug_check_no_locks_freed+0x310/0x310
[   31.011874]  ? graph_lock+0x170/0x170
[   31.015658]  ? graph_lock+0x170/0x170
[   31.019441]  ? graph_lock+0x170/0x170
[   31.023234]  ? __lock_acquire+0x7f5/0x5140
[   31.027463]  dev_hard_start_xmit+0x264/0xc10
[   31.031861]  ? validate_xmit_skb_list+0x120/0x120
[   31.036698]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   31.042224]  ? netif_skb_features+0x696/0xb40
[   31.046707]  ? validate_xmit_xfrm+0x1ef/0xdc0
[   31.051189]  ? lock_acquire+0x1dc/0x520
[   31.055154]  ? validate_xmit_skb+0x704/0xd90
[   31.060237]  ? netif_skb_features+0xb40/0xb40
[   31.064725]  __dev_queue_xmit+0x2724/0x34c0
[   31.069042]  ? find_held_lock+0x36/0x1c0
[   31.073107]  ? netdev_pick_tx+0x2d0/0x2d0
[   31.077241]  ? match_held_lock+0x860/0x8b0
[   31.081463]  ? lock_downgrade+0x8e0/0x8e0
[   31.085594]  ? lock_release+0xa10/0xa10
[   31.089554]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   31.095077]  ? __local_bh_enable_ip+0x161/0x230
[   31.099738]  ? trace_hardirqs_on_caller+0x19e/0x5c0
[   31.104740]  ? __neigh_create+0x1447/0x2050
[   31.109055]  ? trace_hardirqs_on+0xd/0x10
[   31.113195]  ? __local_bh_enable_ip+0x161/0x230
[   31.117852]  ? _raw_write_unlock_bh+0x30/0x40
[   31.122331]  ? __neigh_create+0xd2c/0x2050
[   31.126556]  ? debug_check_no_locks_freed+0x310/0x310
[   31.131733]  ? neigh_hash_alloc+0x1e0/0x1e0
[   31.136046]  ? kasan_unpoison_shadow+0x35/0x50
[   31.140610]  ? kasan_kmalloc+0xc4/0xe0
[   31.144483]  ? __local_bh_enable_ip+0x161/0x230
[   31.149143]  ? ip6t_do_table+0xd6c/0x1cd0
[   31.153278]  ? lock_acquire+0x1dc/0x520
[   31.157237]  ? ip6_finish_output2+0x253/0x2800
[   31.161808]  ? kasan_check_read+0x11/0x20
[   31.165938]  ? rcu_is_watching+0x85/0x140
[   31.170073]  ? rcu_pm_notify+0xc0/0xc0
[   31.173946]  dev_queue_xmit+0x17/0x20
[   31.177729]  ? dev_queue_xmit+0x17/0x20
[   31.181687]  neigh_direct_output+0x15/0x20
[   31.185908]  ip6_finish_output2+0xc93/0x2800
[   31.190306]  ? find_held_lock+0x36/0x1c0
[   31.194363]  ? ip6_flush_pending_frames+0xc0/0xc0
[   31.199194]  ? lock_downgrade+0x8e0/0x8e0
[   31.203328]  ? kasan_check_read+0x11/0x20
[   31.207460]  ? rcu_is_watching+0x85/0x140
[   31.211591]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   31.216780]  ? ip6_mtu+0x159/0x510
[   31.220305]  ? ip6_dst_ifdown+0x4c0/0x4c0
[   31.224448]  ? kasan_check_read+0x11/0x20
[   31.228579]  ? rcu_is_watching+0x85/0x140
[   31.232712]  ip6_finish_output+0x5fe/0xbc0
[   31.236931]  ? ip6_finish_output+0x5fe/0xbc0
[   31.241323]  ip6_output+0x227/0x9b0
[   31.244935]  ? ip6_finish_output+0xbc0/0xbc0
[   31.249331]  ? kasan_check_read+0x11/0x20
[   31.253464]  ? rcu_is_watching+0x85/0x140
[   31.257599]  ? ip6_fragment+0x3910/0x3910
[   31.261738]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   31.266743]  ? nf_hook_slow+0x11e/0x1c0
[   31.270705]  rawv6_sendmsg+0x2674/0x4590
[   31.274755]  ? rawv6_getsockopt+0x140/0x140
[   31.279061]  ? graph_lock+0x170/0x170
[   31.282853]  ? find_get_entries_tag+0x10a0/0x10a0
[   31.287680]  ? graph_lock+0x170/0x170
[   31.291466]  ? find_held_lock+0x36/0x1c0
[   31.295519]  ? lock_release+0xa10/0xa10
[   31.299478]  ? __check_object_size+0x95/0x5d9
[   31.303971]  ? rawv6_recvmsg+0xe80/0xe80
[   31.308028]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   31.313556]  ? _copy_from_user+0xdf/0x150
[   31.317694]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   31.322697]  ? rw_copy_check_uvector+0x2d3/0x3a0
[   31.327447]  inet_sendmsg+0x19f/0x690
[   31.331239]  ? rawv6_getsockopt+0x140/0x140
[   31.335551]  ? inet_sendmsg+0x19f/0x690
[   31.339515]  ? copy_msghdr_from_user+0x3bc/0x560
[   31.344254]  ? ipip_gro_receive+0x100/0x100
[   31.348557]  ? move_addr_to_kernel.part.18+0x100/0x100
[   31.353817]  ? do_raw_spin_unlock+0x9e/0x2e0
[   31.358211]  ? security_socket_sendmsg+0x94/0xc0
[   31.362954]  ? ipip_gro_receive+0x100/0x100
[   31.367273]  sock_sendmsg+0xd5/0x120
[   31.370973]  ___sys_sendmsg+0x805/0x940
[   31.374931]  ? __handle_mm_fault+0x93a/0x4310
[   31.379410]  ? copy_msghdr_from_user+0x560/0x560
[   31.384149]  ? vm_insert_mixed_mkwrite+0x40/0x40
[   31.388890]  ? graph_lock+0x170/0x170
[   31.392695]  ? __local_bh_enable_ip+0x161/0x230
[   31.397363]  ? find_held_lock+0x36/0x1c0
[   31.401427]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   31.406963]  ? __fget_light+0x2ef/0x430
[   31.410923]  ? fget_raw+0x20/0x20
[   31.414360]  ? find_held_lock+0x36/0x1c0
[   31.418409]  ? lock_downgrade+0x8e0/0x8e0
[   31.422543]  ? handle_mm_fault+0x8c0/0xc70
[   31.426769]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   31.432294]  ? sockfd_lookup_light+0xc5/0x160
[   31.436775]  __sys_sendmsg+0x115/0x270
[   31.440652]  ? __ia32_sys_shutdown+0x80/0x80
[   31.445065]  ? __x64_sys_futex+0x477/0x680
[   31.449298]  ? __ia32_sys_clock_settime+0x280/0x280
[   31.454301]  __x64_sys_sendmsg+0x78/0xb0
[   31.458350]  do_syscall_64+0x1b1/0x800
[   31.462222]  ? syscall_return_slowpath+0x5c0/0x5c0
[   31.467137]  ? syscall_return_slowpath+0x30f/0x5c0
[   31.472062]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[   31.477414]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   31.482246]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   31.487416] RIP: 0033:0x455389
[   31.490586] RSP: 002b:00007ffea672eb08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   31.498275] RAX: ffffffffffffffda RBX: 000000000181a914 RCX: 0000000000455389
[   31.505526] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[   31.512779] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   31.520036] R10: 0000000000000000