[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.53' (ECDSA) to the list of known hosts.
syzkaller login: [   35.382997] audit: type=1400 audit(1587750963.751:8): avc:  denied  { execmem } for  pid=6337 comm="syz-executor221" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   35.619409] IPVS: ftp: loaded support on port[0] = 21
[   36.476249] chnl_net:caif_netlink_parms(): no params data found
[   36.565004] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.571686] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.579980] device bridge_slave_0 entered promiscuous mode
[   36.586910] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.594742] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.602348] device bridge_slave_1 entered promiscuous mode
[   36.620101] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   36.629156] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   36.648370] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   36.655850] team0: Port device team_slave_0 added
[   36.661760] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   36.669165] team0: Port device team_slave_1 added
[   36.684449] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.691354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.716794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.728682] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.735070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.761241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.771990] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   36.779809] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   36.830059] device hsr_slave_0 entered promiscuous mode
[   36.867815] device hsr_slave_1 entered promiscuous mode
[   36.898100] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   36.905334] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   36.971155] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.977787] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.984603] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.991005] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.021076] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   37.027147] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.035860] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   37.045206] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   37.063892] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.072122] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.082344] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   37.088967] 8021q: adding VLAN 0 to HW filter on device team0
[   37.097691] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   37.105323] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.111755] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.121253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   37.129324] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.135663] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.155699] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.166115] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.178112] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   37.185047] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   37.193198] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   37.201678] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   37.209443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   37.217117] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   37.224075] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   37.236774] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   37.244560] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   37.251463] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   37.261770] 8021q: adding VLAN 0 to HW filter on device batadv0
[   37.316179] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   37.326468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   37.355581] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   37.363053] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   37.370787] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   37.380356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   37.388474] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   37.395410] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   37.404417] device veth0_vlan entered promiscuous mode
[   37.413517] device veth1_vlan entered promiscuous mode
[   37.419637] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   37.428634] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   37.440815] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   37.450142] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   37.457752] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   37.464949] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   37.473440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   37.483636] device veth0_macvtap entered promiscuous mode
[   37.493197] device veth1_macvtap entered promiscuous mode
[   37.501740] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   37.510992] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   37.520883] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[   37.528572] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.535339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   37.543509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.554511] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[   37.561869] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.569020] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   37.576909] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   37.707154] BUG: spinlock recursion on CPU#0, syz-executor221/6340
[   37.713715]  lock: 0xffff88809d7c1ae8, .magic: dead4ead, .owner: syz-executor221/6340, .owner_cpu: 0
[   37.723682] CPU: 0 PID: 6340 Comm: syz-executor221 Not tainted 4.14.177-syzkaller #0
[   37.732101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   37.742908] Call Trace:
[   37.745780]  dump_stack+0x13e/0x194
[   37.749458]  do_raw_spin_lock+0x1cd/0x230
[   37.753584]  dev_mc_sync+0x10b/0x1c0
[   37.757279]  ? vlan_dev_set_mac_address+0x5c0/0x5c0
[   37.762289]  vlan_dev_set_rx_mode+0x38/0x80
[   37.766600]  __dev_set_rx_mode+0x191/0x2a0
[   37.770835]  dev_uc_unsync+0x16c/0x1c0
[   37.774755]  bond_hw_addr_flush+0x5c/0xe0
[   37.778910]  ? bond_set_dev_addr.isra.0+0xb0/0xb0
[   37.784977]  bond_enslave+0x1e53/0x49e0
[   37.789035]  ? bond_update_slave_arr+0x6c0/0x6c0
[   37.793781]  ? rtmsg_ifinfo_event.part.0+0x9a/0xc0
[   37.798875]  ? rtmsg_ifinfo+0x64/0x80
[   37.802652]  ? __dev_notify_flags+0x110/0x210
[   37.807605]  ? dev_change_name+0x990/0x990
[   37.811828]  ? bond_update_slave_arr+0x6c0/0x6c0
[   37.816571]  do_set_master+0x19e/0x200
[   37.820434]  rtnl_newlink+0x1319/0x1720
[   37.824393]  ? trace_hardirqs_on+0x10/0x10
[   37.828701]  ? rtnl_link_unregister+0x1f0/0x1f0
[   37.833355]  ? find_held_lock+0x2d/0x110
[   37.837397]  ? lock_acquire+0x170/0x3f0
[   37.841359]  ? check_preemption_disabled+0x35/0x240
[   37.846369]  ? __lock_is_held+0xad/0x140
[   37.850503]  ? lock_downgrade+0x6e0/0x6e0
[   37.854643]  ? rtnl_link_unregister+0x1f0/0x1f0
[   37.859502]  rtnetlink_rcv_msg+0x3be/0xb10
[   37.863716]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   37.868281]  ? netdev_pick_tx+0x2e0/0x2e0
[   37.872432]  ? skb_clone+0x11c/0x310
[   37.876139]  ? save_trace+0x290/0x290
[   37.879915]  netlink_rcv_skb+0x127/0x370
[   37.883973]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   37.888559]  ? netlink_ack+0x980/0x980
[   37.892469]  netlink_unicast+0x437/0x620
[   37.896513]  ? netlink_attachskb+0x600/0x600
[   37.900939]  netlink_sendmsg+0x733/0xbe0
[   37.904994]  ? netlink_unicast+0x620/0x620
[   37.909241]  ? SYSC_sendto+0x2b0/0x2b0
[   37.913115]  ? security_socket_sendmsg+0x83/0xb0
[   37.917866]  ? netlink_unicast+0x620/0x620
[   37.922540]  sock_sendmsg+0xc5/0x100
[   37.926226]  ___sys_sendmsg+0x70a/0x840
[   37.930534]  ? copy_msghdr_from_user+0x380/0x380
[   37.935390]  ? trace_hardirqs_on+0x10/0x10
[   37.939600]  ? save_trace+0x290/0x290
[   37.943376]  ? trace_hardirqs_on+0x10/0x10
[   37.947585]  ? find_held_lock+0x2d/0x110
[   37.951621]  ? __might_fault+0x104/0x1b0
[   37.955654]  ? lock_acquire+0x170/0x3f0
[   37.959695]  ? lock_downgrade+0x6e0/0x6e0
[   37.963836]  ? __might_fault+0x177/0x1b0
[   37.968504]  ? _copy_to_user+0x82/0xd0
[   37.972366]  ? __fget_light+0x16a/0x1f0
[   37.976313]  ? sockfd_lookup_light+0xb2/0x160
[   37.981215]  __sys_sendmsg+0xa3/0x120
[   37.985956]  ? SyS_shutdown+0x160/0x160
[   37.989907]  ? move_addr_to_kernel+0x60/0x60
[   37.994303]  SyS_sendmsg+0x27/0x40
[   37.997996]  ? __sys_sendmsg+0x120/0x120
[   38.002394]  do_syscall_64+0x1d5/0x640
[   38.006260]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   38.011429] RIP: 0033:0x443cc9
[   38.014620] RSP: 002b:00007ffc239ff848 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   38.024210] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000443cc9
[   38.031455] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000010
[   38.038708] RBP: 000000000073a850 R08: 00000000bb1414ac R09: 00000000bb1414ac
[   38.045970] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000013
[   38.053386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000