[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.104' (ECDSA) to the list of known hosts.
syzkaller login: [   37.120098] IPVS: ftp: loaded support on port[0] = 21
[   37.915837] chnl_net:caif_netlink_parms(): no params data found
[   38.002501] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.009643] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.016698] device bridge_slave_0 entered promiscuous mode
[   38.024902] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.032095] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.039326] device bridge_slave_1 entered promiscuous mode
[   38.056546] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   38.065538] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   38.084387] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   38.091662] team0: Port device team_slave_0 added
[   38.097687] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   38.105172] team0: Port device team_slave_1 added
[   38.121147] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.127404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.153059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.164571] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.170885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.196253] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.207119] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   38.214867] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   38.290955] device hsr_slave_0 entered promiscuous mode
[   38.338522] device hsr_slave_1 entered promiscuous mode
[   38.388673] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   38.395741] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   38.462310] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.468773] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.475637] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.482049] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.512900] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   38.519906] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.529787] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   38.538899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.547089] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.565303] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.575797] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   38.582160] 8021q: adding VLAN 0 to HW filter on device team0
[   38.590720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.598793] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.605313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.618769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.626437] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.632852] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.642779] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   38.651363] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   38.665231] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.676085] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.686847] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   38.693792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   38.701949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.709849] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.717478] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   38.729945] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   38.738533] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   38.745180] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   38.755460] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.810701] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   38.821411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.853961] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   38.861592] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   38.868159] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   38.879653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.886959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   38.894040] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   38.901362] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   38.910443] device veth0_vlan entered promiscuous mode
[   38.919717] device veth1_vlan entered promiscuous mode
[   38.933264] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   38.943065] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
[   38.951358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   38.959984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.970057] device veth0_macvtap entered promiscuous mode
[   38.976132] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   38.984809] device veth1_macvtap entered promiscuous mode
[   38.991482] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
[   39.001588] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   39.011492] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   39.021445] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[   39.029157] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.035859] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   39.044200] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   39.052116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   39.060699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   39.071357] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[   39.078475] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.085040] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   39.093559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   39.217570] BUG: spinlock recursion on CPU#0, syz-executor189/6344
[   39.228016]  lock: 0xffff888086b80ae8, .magic: dead4ead, .owner: syz-executor189/6344, .owner_cpu: 0
[   39.237282] CPU: 0 PID: 6344 Comm: syz-executor189 Not tainted 4.14.175-syzkaller #0
[   39.245159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.254500] Call Trace:
[   39.257076]  dump_stack+0x13e/0x194
[   39.260690]  do_raw_spin_lock+0x1cd/0x230
[   39.264858]  dev_mc_sync+0x10b/0x1c0
[   39.268560]  ? vlan_dev_set_mac_address+0x5c0/0x5c0
[   39.273573]  vlan_dev_set_rx_mode+0x38/0x80
[   39.278269]  __dev_set_rx_mode+0x191/0x2a0
[   39.282498]  dev_uc_unsync+0x16c/0x1c0
[   39.286413]  bond_hw_addr_flush+0x5c/0xe0
[   39.290646]  ? bond_set_dev_addr.isra.0+0xb0/0xb0
[   39.295567]  bond_enslave+0x1e53/0x49e0
[   39.299526]  ? bond_update_slave_arr+0x6c0/0x6c0
[   39.304263]  ? rtmsg_ifinfo_event.part.0+0x9a/0xc0
[   39.309223]  ? rtmsg_ifinfo+0x64/0x80
[   39.313001]  ? __dev_notify_flags+0x110/0x210
[   39.317477]  ? dev_change_name+0x990/0x990
[   39.321692]  ? bond_update_slave_arr+0x6c0/0x6c0
[   39.326547]  do_set_master+0x19e/0x200
[   39.330420]  rtnl_newlink+0x1319/0x1720
[   39.334409]  ? trace_hardirqs_on+0x10/0x10
[   39.338639]  ? rtnl_link_unregister+0x1f0/0x1f0
[   39.343308]  ? lock_acquire+0x170/0x3f0
[   39.347265]  ? lock_acquire+0x170/0x3f0
[   39.351222]  ? rtnetlink_rcv_msg+0x31d/0xb10
[   39.355615]  ? __lock_is_held+0xad/0x140
[   39.359668]  ? lock_downgrade+0x6e0/0x6e0
[   39.363818]  ? rtnl_link_unregister+0x1f0/0x1f0
[   39.368466]  rtnetlink_rcv_msg+0x3be/0xb10
[   39.372695]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   39.377792]  ? netdev_pick_tx+0x2e0/0x2e0
[   39.381916]  ? skb_clone+0x11c/0x310
[   39.385616]  ? save_trace+0x290/0x290
[   39.389394]  netlink_rcv_skb+0x127/0x370
[   39.393452]  ? rtnl_bridge_getlink+0x7a0/0x7a0
[   39.398020]  ? netlink_ack+0x980/0x980
[   39.401890]  netlink_unicast+0x437/0x620
[   39.405926]  ? netlink_attachskb+0x600/0x600
[   39.410317]  netlink_sendmsg+0x733/0xbe0
[   39.414354]  ? netlink_unicast+0x620/0x620
[   39.418562]  ? SYSC_sendto+0x2b0/0x2b0
[   39.422427]  ? security_socket_sendmsg+0x83/0xb0
[   39.427165]  ? netlink_unicast+0x620/0x620
[   39.431381]  sock_sendmsg+0xc5/0x100
[   39.435086]  ___sys_sendmsg+0x70a/0x840
[   39.439061]  ? copy_msghdr_from_user+0x380/0x380
[   39.443811]  ? trace_hardirqs_on+0x10/0x10
[   39.448070]  ? save_trace+0x290/0x290
[   39.451894]  ? trace_hardirqs_on+0x10/0x10
[   39.456119]  ? find_held_lock+0x2d/0x110
[   39.460166]  ? __might_fault+0x104/0x1b0
[   39.464208]  ? lock_acquire+0x170/0x3f0
[   39.468158]  ? lock_downgrade+0x6e0/0x6e0
[   39.472295]  ? __might_fault+0x177/0x1b0
[   39.476336]  ? _copy_to_user+0x82/0xd0
[   39.480201]  ? __fget_light+0x16a/0x1f0
[   39.484154]  ? sockfd_lookup_light+0xb2/0x160
[   39.488635]  __sys_sendmsg+0xa3/0x120
[   39.492414]  ? SyS_shutdown+0x160/0x160
[   39.496366]  ? move_addr_to_kernel+0x60/0x60
[   39.500750]  SyS_sendmsg+0x27/0x40
[   39.504276]  ? __sys_sendmsg+0x120/0x120
[   39.508315]  do_syscall_64+0x1d5/0x640
[   39.512181]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   39.517347] RIP: 0033:0x443c99
[   39.520511] RSP: 002b:00007ffdf2cb82a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   39.528211] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443c99
[   39.535467] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000010
[   39.542798] RBP: 00007ffdf2cb82c0 R08: 00000000bb1414ac R09: 00000000bb1414ac
[   39.550044] R10: 00000000bb1414ac R11: 0000000000000246 R12: 00007ffdf2cb82f0
[   39.557299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000