INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts.
2018/04/24 05:29:53 parsed 1 programs
2018/04/24 05:29:53 executed programs: 0
syzkaller login: [   30.330457] IPVS: ftp: loaded support on port[0] = 21
[   30.528069] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.534542] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.541904] device bridge_slave_0 entered promiscuous mode
[   30.549921] ip (4553) used greatest stack depth: 17144 bytes left
[   30.559759] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.566514] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.573694] device bridge_slave_1 entered promiscuous mode
[   30.589335] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   30.604893] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   30.645987] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   30.664872] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   30.724590] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   30.731846] team0: Port device team_slave_0 added
[   30.746075] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   30.753738] team0: Port device team_slave_1 added
[   30.768267] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   30.786569] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   30.802858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.820886] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.900047] ip (4604) used greatest stack depth: 16312 bytes left
[   30.935340] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.941781] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.948711] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.955074] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.352330] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   31.358469] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.400460] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   31.442551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.450283] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   31.489338] 8021q: adding VLAN 0 to HW filter on device team0
[   31.733499] 
[   31.735538] =============================
[   31.739719] WARNING: suspicious RCU usage
[   31.743884] 4.17.0-rc1+ #16 Not tainted
[   31.747868] -----------------------------
[   31.752029] net/ipv6/route.c:1550 suspicious rcu_dereference_protected() usage!
[   31.759495] 
[   31.759495] other info that might help us debug this:
[   31.759495] 
[   31.767781] 
[   31.767781] rcu_scheduler_active = 2, debug_locks = 1
[   31.774469] 3 locks held by syz-executor0/4773:
[   31.779151]  #0: 000000002bf362ba (rcu_read_lock_bh){....}, at: ip6_finish_output2+0x253/0x2800
[   31.788052]  #1: 000000002bf362ba (rcu_read_lock_bh){....}, at: __dev_queue_xmit+0x30f/0x34c0
[   31.796768]  #2: 000000002c85a532 (rcu_read_lock){....}, at: ip6_link_failure+0xfe/0x790
[   31.805064] 
[   31.805064] stack backtrace:
[   31.809578] CPU: 1 PID: 4773 Comm: syz-executor0 Not tainted 4.17.0-rc1+ #16
[   31.816746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   31.826078] Call Trace:
[   31.828652]  dump_stack+0x1b9/0x294
[   31.832266]  ? dump_stack_print_info.cold.2+0x52/0x52
[   31.837440]  ? print_lock+0xd1/0xd6
[   31.841059]  ? vprintk_func+0x81/0xe7
[   31.844845]  lockdep_rcu_suspicious+0x14a/0x153
[   31.849496]  rt6_remove_exception_rt+0x416/0x4d0
[   31.854233]  ? __rt6_find_exception_spinlock+0x330/0x330
[   31.859665]  ? kasan_check_read+0x11/0x20
[   31.863799]  ? rcu_is_watching+0x85/0x140
[   31.867939]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   31.873116]  ? ip6_neigh_lookup+0x899/0xcb0
[   31.877420]  ip6_link_failure+0x484/0x790
[   31.881811]  ? rt6_do_update_pmtu+0x730/0x730
[   31.886289]  ? refcount_inc_not_zero+0x2d0/0x2d0
[   31.891061]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   31.896581]  ? __ipv6_addr_type+0x219/0x32f
[   31.900887]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   31.906409]  ? ip6_tnl_get_cap+0x16e/0x190
[   31.910623]  ? check_usage+0x2bc/0x770
[   31.915242]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   31.920767]  ? ip6_tnl_xmit_ctl+0x104/0x450
[   31.925070]  ? rt6_do_update_pmtu+0x730/0x730
[   31.929546]  ip6_tnl_xmit+0x49a/0x34b0
[   31.933415]  ? check_usage_forwards+0x3a0/0x3a0
[   31.938063]  ? __bfs+0xa8/0x790
[   31.941328]  ? ip6ip6_err+0x730/0x730
[   31.945113]  ? __lock_acquire+0x7f5/0x5140
[   31.949327]  ? graph_lock+0x170/0x170
[   31.953124]  ? kasan_check_read+0x11/0x20
[   31.957265]  ? __lock_acquire+0x28fb/0x5140
[   31.961598]  ? print_usage_bug+0xc0/0xc0
[   31.965667]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   31.970681]  ? map_id_range_down+0x1e6/0x410
[   31.975098]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   31.980640]  ? iptunnel_handle_offloads+0x3c2/0x710
[   31.985644]  ? iptunnel_metadata_reply+0x380/0x380
[   31.990563]  ip6_tnl_start_xmit+0x8fc/0x2290
[   31.994952]  ? ip6_tnl_start_xmit+0x8fc/0x2290
[   31.999516]  ? ip6_tnl_xmit+0x34b0/0x34b0
[   32.003649]  ? debug_check_no_locks_freed+0x310/0x310
[   32.008833]  ? __lock_acquire+0x7f5/0x5140
[   32.013055]  ? debug_check_no_locks_freed+0x310/0x310
[   32.018226]  ? debug_check_no_locks_freed+0x310/0x310
[   32.023395]  ? graph_lock+0x170/0x170
[   32.027183]  ? graph_lock+0x170/0x170
[   32.030961]  ? graph_lock+0x170/0x170
[   32.034753]  ? __lock_acquire+0x7f5/0x5140
[   32.038987]  dev_hard_start_xmit+0x264/0xc10
[   32.043387]  ? validate_xmit_skb_list+0x120/0x120
[   32.048222]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   32.053746]  ? netif_skb_features+0x696/0xb40
[   32.058226]  ? validate_xmit_xfrm+0x1ef/0xdc0
[   32.062707]  ? lock_acquire+0x1dc/0x520
[   32.066663]  ? validate_xmit_skb+0x704/0xd90
[   32.071065]  ? netif_skb_features+0xb40/0xb40
[   32.075547]  __dev_queue_xmit+0x2724/0x34c0
[   32.079853]  ? find_held_lock+0x36/0x1c0
[   32.083897]  ? netdev_pick_tx+0x2d0/0x2d0
[   32.088037]  ? match_held_lock+0x860/0x8b0
[   32.092267]  ? lock_downgrade+0x8e0/0x8e0
[   32.096396]  ? lock_release+0xa10/0xa10
[   32.100351]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   32.105879]  ? __local_bh_enable_ip+0x161/0x230
[   32.110528]  ? trace_hardirqs_on_caller+0x19e/0x5c0
[   32.115527]  ? __neigh_create+0x1447/0x2050
[   32.119827]  ? trace_hardirqs_on+0xd/0x10
[   32.123964]  ? __local_bh_enable_ip+0x161/0x230
[   32.128620]  ? _raw_write_unlock_bh+0x30/0x40
[   32.133097]  ? __neigh_create+0xd2c/0x2050
[   32.137322]  ? debug_check_no_locks_freed+0x310/0x310
[   32.142500]  ? neigh_hash_alloc+0x1e0/0x1e0
[   32.146803]  ? kasan_unpoison_shadow+0x35/0x50
[   32.151364]  ? kasan_kmalloc+0xc4/0xe0
[   32.155234]  ? __local_bh_enable_ip+0x161/0x230
[   32.159890]  ? ip6t_do_table+0xd6c/0x1cd0
[   32.164036]  ? lock_acquire+0x1dc/0x520
[   32.168009]  ? ip6_finish_output2+0x253/0x2800
[   32.172586]  ? kasan_check_read+0x11/0x20
[   32.176718]  ? rcu_is_watching+0x85/0x140
[   32.180849]  ? rcu_pm_notify+0xc0/0xc0
[   32.184722]  dev_queue_xmit+0x17/0x20
[   32.188505]  ? dev_queue_xmit+0x17/0x20
[   32.192464]  neigh_direct_output+0x15/0x20
[   32.196683]  ip6_finish_output2+0xc93/0x2800
[   32.201075]  ? find_held_lock+0x36/0x1c0
[   32.205116]  ? ip6_flush_pending_frames+0xc0/0xc0
[   32.209952]  ? lock_downgrade+0x8e0/0x8e0
[   32.214083]  ? kasan_check_read+0x11/0x20
[   32.218215]  ? rcu_is_watching+0x85/0x140
[   32.222345]  ? rcu_bh_force_quiescent_state+0x20/0x20
[   32.227523]  ? ip6_mtu+0x159/0x510
[   32.231049]  ? ip6_dst_ifdown+0x4c0/0x4c0
[   32.235188]  ? kasan_check_read+0x11/0x20
[   32.239325]  ? rcu_is_watching+0x85/0x140
[   32.243464]  ip6_finish_output+0x5fe/0xbc0
[   32.247680]  ? ip6_finish_output+0x5fe/0xbc0
[   32.252072]  ip6_output+0x227/0x9b0
[   32.255691]  ? ip6_finish_output+0xbc0/0xbc0
[   32.260089]  ? kasan_check_read+0x11/0x20
[   32.264220]  ? rcu_is_watching+0x85/0x140
[   32.268348]  ? ip6_fragment+0x3910/0x3910
[   32.273262]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   32.278258]  ? nf_hook_slow+0x11e/0x1c0
[   32.282217]  rawv6_sendmsg+0x2674/0x4590
[   32.286279]  ? rawv6_getsockopt+0x140/0x140
[   32.290598]  ? graph_lock+0x170/0x170
[   32.294391]  ? debug_check_no_locks_freed+0x310/0x310
[   32.299565]  ? __lock_is_held+0xb5/0x140
[   32.303608]  ? find_held_lock+0x36/0x1c0
[   32.307658]  ? lock_release+0xa10/0xa10
[   32.311613]  ? __check_object_size+0x95/0x5d9
[   32.316096]  ? rawv6_recvmsg+0xe80/0xe80
[   32.320140]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   32.325658]  ? _copy_from_user+0xdf/0x150
[   32.329791]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   32.334789]  ? rw_copy_check_uvector+0x2d3/0x3a0
[   32.339538]  inet_sendmsg+0x19f/0x690
[   32.343322]  ? rawv6_getsockopt+0x140/0x140
[   32.347622]  ? inet_sendmsg+0x19f/0x690
[   32.351575]  ? copy_msghdr_from_user+0x3bc/0x560
[   32.356313]  ? ipip_gro_receive+0x100/0x100
[   32.360619]  ? move_addr_to_kernel.part.18+0x100/0x100
[   32.365881]  ? security_socket_sendmsg+0x94/0xc0
[   32.370626]  ? ipip_gro_receive+0x100/0x100
[   32.374940]  sock_sendmsg+0xd5/0x120
[   32.378645]  ___sys_sendmsg+0x805/0x940
[   32.382615]  ? copy_msghdr_from_user+0x560/0x560
[   32.387358]  ? __schedule+0x809/0x1e30
[   32.391229]  ? __local_bh_enable_ip+0x161/0x230
[   32.395890]  ? __sched_text_start+0x8/0x8
[   32.400025]  ? __local_bh_enable_ip+0x161/0x230
[   32.404686]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   32.410205]  ? __fget_light+0x2ef/0x430
[   32.414159]  ? fget_raw+0x20/0x20
[   32.417600]  ? __local_bh_enable_ip+0x161/0x230
[   32.422256]  ? ip6_datagram_connect+0x3a/0x50
[   32.426741]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   32.432286]  ? sockfd_lookup_light+0xc5/0x160
[   32.436762]  __sys_sendmsg+0x115/0x270
[   32.440642]  ? __ia32_sys_shutdown+0x80/0x80
[   32.445050]  ? __x64_sys_futex+0x477/0x680
[   32.449277]  ? exit_to_usermode_loop+0x87/0x310
[   32.453959]  ? syscall_slow_exit_work+0x4f0/0x4f0
[   32.458793]  __x64_sys_sendmsg+0x78/0xb0
[   32.462836]  do_syscall_64+0x1b1/0x800
[   32.466710]  ? syscall_slow_exit_work+0x4f0/0x4f0
[   32.471544]  ? syscall_return_slowpath+0x5c0/0x5c0
[   32.476471]  ? syscall_return_slowpath+0x30f/0x5c0
[   32.481400]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[   32.486751]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   32.491585]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   32.496755] RIP: 0033:0x455389
[   32.499922] RSP: 002b:00007ffcf3240c08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   32.507612] RAX: ffffffffffffffda RBX: 0000000001d3e914 RCX: 0000000000455389
[   32.514861] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[   32.522111] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   32.529361] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[   32.