INIT: Entering runlevel: 2

[info] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts.
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
executing program
syzkaller login: [   36.871850] 
[   36.873503] ======================================================
[   36.879789] [ INFO: possible circular locking dependency detected ]
[   36.886162] 4.4.153+ #27 Not tainted
[   36.889842] -------------------------------------------------------
[   36.896217] syz-executor814/2263 is trying to acquire lock:
[   36.901898]  (&(&q->lock)->rlock){+.-...}, at: [<ffffffff823233bb>] ip_defrag+0x31b/0x40c0
[   36.910770] 
[   36.910770] but task is already holding lock:
[   36.916720]  (_xmit_NETROM){+.-...}, at: [<ffffffff8221dac3>] sch_direct_xmit+0x233/0x6c0
[   36.925499] 
[   36.925499] which lock already depends on the new lock.
[   36.925499] 
[   36.933818] 
[   36.933818] the existing dependency chain (in reverse order) is:
[   36.941543] 
-> #1 (_xmit_NETROM){+.-...}:
[   36.946314]        [<ffffffff811fa43e>] lock_acquire+0x15e/0x450
[   36.952567]        [<ffffffff8267b97e>] _raw_spin_lock_irqsave+0x4e/0x70
[   36.959502]        [<ffffffff81adebdb>] depot_save_stack+0x20b/0x5eb
[   36.966094]        [<ffffffff8145ed49>] kasan_kmalloc.part.1+0xc9/0xf0
[   36.972849]        [<ffffffff8145ef5f>] kasan_kmalloc+0xaf/0xc0
[   36.979016]        [<ffffffff8145f522>] kasan_slab_alloc+0x12/0x20
[   36.985452]        [<ffffffff8145ae1a>] kmem_cache_alloc+0xba/0x2a0
[   36.991962]        [<ffffffff8231d91d>] inet_getpeer+0x159d/0x1d70
[   36.998372]        [<ffffffff82588607>] icmp6_send+0x17b7/0x1b70
[   37.004633]        [<ffffffff82589dc9>] icmpv6_param_prob+0x29/0x40
[   37.011162]        [<ffffffff825a52a6>] ipv6_frag_rcv+0x3de6/0x4f80
[   37.017667]        [<ffffffff82519f5d>] ip6_input_finish+0x57d/0x1510
[   37.024338]        [<ffffffff8251ccf6>] ip6_input+0xf6/0x200
[   37.030235]        [<ffffffff825194be>] ip6_rcv_finish+0x14e/0x670
[   37.036642]        [<ffffffff8251bfa2>] ipv6_rcv+0x10b2/0x1d10
[   37.042733]        [<ffffffff8219d748>] __netif_receive_skb_core+0x12c8/0x2820
[   37.050198]        [<ffffffff821a54db>] __netif_receive_skb+0x5b/0x1c0
[   37.056957]        [<ffffffff821ac43a>] process_backlog+0x20a/0x670
[   37.063453]        [<ffffffff821ab8cc>] net_rx_action+0x2ec/0xc50
[   37.069790]        [<ffffffff8267f59c>] __do_softirq+0x22c/0xa1a
[   37.076027]        [<ffffffff8267d79c>] do_softirq_own_stack+0x1c/0x30
[   37.082819]        [<ffffffff810deaa4>] do_softirq.part.2+0x54/0x60
[   37.089321]        [<ffffffff810debf9>] do_softirq+0x19/0x20
[   37.095208]        [<ffffffff8219bdac>] netif_rx_ni+0xec/0x3a0
[   37.101266]        [<ffffffff81da7f5a>] tun_get_user+0xf3a/0x2690
[   37.107591]        [<ffffffff81da98c5>] tun_chr_write_iter+0xd5/0x190
[   37.114258]        [<ffffffff81471e13>] do_iter_readv_writev+0x133/0x1d0
[   37.121204]        [<ffffffff81473997>] compat_do_readv_writev+0x337/0x6f0
[   37.128340]        [<ffffffff814740f1>] compat_writev+0xe1/0x150
[   37.134577]        [<ffffffff81476408>] compat_SyS_writev+0xd8/0x1c0
[   37.141181]        [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[   37.147961]        [<ffffffff8267de10>] sysenter_flags_fixed+0xd/0x1a
[   37.154636] 
-> #0 (&(&q->lock)->rlock){+.-...}:
[   37.159923]        [<ffffffff811f6aee>] __lock_acquire+0x3b6e/0x5ba0
[   37.166508]        [<ffffffff811fa43e>] lock_acquire+0x15e/0x450
[   37.172760]        [<ffffffff8267b7c6>] _raw_spin_lock+0x36/0x50
[   37.178995]        [<ffffffff823233bb>] ip_defrag+0x31b/0x40c0
[   37.185055]        [<ffffffff82327507>] ip_check_defrag+0x3a7/0x710
[   37.191548]        [<ffffffff826461aa>] packet_rcv_fanout+0x52a/0x5e0
[   37.198216]        [<ffffffff821b1540>] dev_hard_start_xmit+0x650/0x11c0
[   37.205158]        [<ffffffff8221db48>] sch_direct_xmit+0x2b8/0x6c0
[   37.211656]        [<ffffffff821b3305>] __dev_queue_xmit+0xf95/0x1c30
[   37.218343]        [<ffffffff821b3fb7>] dev_queue_xmit+0x17/0x20
[   37.224587]        [<ffffffff821d3cc0>] neigh_resolve_output+0x600/0x780
[   37.231556]        [<ffffffff8232ee60>] ip_finish_output2+0x8f0/0x1100
[   37.238313]        [<ffffffff823316e0>] ip_do_fragment+0x1870/0x1f60
[   37.244895]        [<ffffffff823353b5>] ip_fragment.constprop.5+0x145/0x200
[   37.252089]        [<ffffffff82335806>] ip_finish_output+0x396/0xc00
[   37.258676]        [<ffffffff82338f87>] ip_mc_output+0x237/0x980
[   37.264940]        [<ffffffff8233680b>] ip_local_out+0x9b/0x180
[   37.271098]        [<ffffffff8233c52c>] ip_send_skb+0x3c/0xc0
[   37.277099]        [<ffffffff823e1ad3>] udp_send_skb+0x503/0xc70
[   37.283338]        [<ffffffff823e8959>] udp_sendmsg+0x16c9/0x1c70
[   37.289657]        [<ffffffff82411bf3>] inet_sendmsg+0x203/0x4d0
[   37.295894]        [<ffffffff8214696b>] sock_sendmsg+0xbb/0x110
[   37.302041]        [<ffffffff8214ab70>] SyS_sendto+0x220/0x370
[   37.308101]        [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[   37.314881]        [<ffffffff8267de10>] sysenter_flags_fixed+0xd/0x1a
[   37.321558] 
[   37.321558] other info that might help us debug this:
[   37.321558] 
[   37.329861]  Possible unsafe locking scenario:
[   37.329861] 
[   37.335891]        CPU0                    CPU1
[   37.340543]        ----                    ----
[   37.345180]   lock(_xmit_NETROM);
[   37.348865]                                lock(&(&q->lock)->rlock);
[   37.355594]                                lock(_xmit_NETROM);
[   37.361764]   lock(&(&q->lock)->rlock);
[   37.365984] 
[   37.365984]  *** DEADLOCK ***
[   37.365984] 
[   37.372016] 4 locks held by syz-executor814/2263:
[   37.376828]  #0:  (rcu_read_lock_bh){......}, at: [<ffffffff8232e77b>] ip_finish_output2+0x20b/0x1100
[   37.386754]  #1:  (rcu_read_lock_bh){......}, at: [<ffffffff821b2547>] __dev_queue_xmit+0x1d7/0x1c30
[   37.396650]  #2:  (_xmit_NETROM){+.-...}, at: [<ffffffff8221dac3>] sch_direct_xmit+0x233/0x6c0
[   37.405989]  #3:  (rcu_read_lock){......}, at: [<ffffffff821b0f98>] dev_hard_start_xmit+0xa8/0x11c0
[   37.415761] 
[   37.415761] stack backtrace:
[   37.420232] CPU: 1 PID: 2263 Comm: syz-executor814 Not tainted 4.4.153+ #27
[   37.427303]  0000000000000000 e3b96697ee6d0a75 ffff8800b97e6d18 ffffffff81a4510d
[   37.435308]  ffffffff83ac5c10 ffffffff83ac62d0 ffffffff83ac5c10 ffff8801cbb98938
[   37.443295]  ffff8801cbb98000 ffff8800b97e6d60 ffffffff81391172 0000000000000003
[   37.451292] Call Trace:
[   37.453855]  [<ffffffff81a4510d>] dump_stack+0xc1/0x124
[   37.459193]  [<ffffffff81391172>] print_circular_bug.cold.34+0x2f7/0x432
[   37.466028]  [<ffffffff811f6aee>] __lock_acquire+0x3b6e/0x5ba0
[   37.471975]  [<ffffffff811f2f80>] ? trace_hardirqs_on+0x10/0x10
[   37.478009]  [<ffffffff8267bb5a>] ? _raw_spin_unlock_irqrestore+0x5a/0x70
[   37.484910]  [<ffffffff811f2c46>] ? trace_hardirqs_on_caller+0x266/0x590
[   37.491736]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.498465]  [<ffffffff8124fa73>] ? mod_timer+0x433/0x8f0
[   37.503989]  [<ffffffff811fa43e>] lock_acquire+0x15e/0x450
[   37.509588]  [<ffffffff823233bb>] ? ip_defrag+0x31b/0x40c0
[   37.515198]  [<ffffffff8244b95a>] ? inet_frag_find+0x27a/0x9a0
[   37.521159]  [<ffffffff8267b7c6>] _raw_spin_lock+0x36/0x50
[   37.526768]  [<ffffffff823233bb>] ? ip_defrag+0x31b/0x40c0
[   37.532368]  [<ffffffff823233bb>] ip_defrag+0x31b/0x40c0
[   37.537818]  [<ffffffff811f2f80>] ? trace_hardirqs_on+0x10/0x10
[   37.543978]  [<ffffffff823230a0>] ? ipv4_frags_init_net+0x3a0/0x3a0
[   37.550357]  [<ffffffff82327507>] ip_check_defrag+0x3a7/0x710
[   37.556225]  [<ffffffff82327160>] ? ip_defrag+0x40c0/0x40c0
[   37.561924]  [<ffffffff826461aa>] packet_rcv_fanout+0x52a/0x5e0
[   37.567955]  [<ffffffff82645c80>] ? fanout_demux_rollover+0x4e0/0x4e0
[   37.574507]  [<ffffffff821b1540>] dev_hard_start_xmit+0x650/0x11c0
[   37.580798]  [<ffffffff821b0f98>] ? dev_hard_start_xmit+0xa8/0x11c0
[   37.587177]  [<ffffffff8221db48>] sch_direct_xmit+0x2b8/0x6c0
[   37.593074]  [<ffffffff8221d890>] ? dev_deactivate_queue.constprop.6+0x160/0x160
[   37.600580]  [<ffffffff821b3305>] __dev_queue_xmit+0xf95/0x1c30
[   37.606613]  [<ffffffff821b2547>] ? __dev_queue_xmit+0x1d7/0x1c30
[   37.612816]  [<ffffffff811f2f80>] ? trace_hardirqs_on+0x10/0x10
[   37.618847]  [<ffffffff821b2370>] ? netdev_pick_tx+0x2c0/0x2c0
[   37.624791]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.631514]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.638268]  [<ffffffff8145f0b5>] ? memcpy+0x45/0x50
[   37.643342]  [<ffffffff821b3fb7>] dev_queue_xmit+0x17/0x20
[   37.648937]  [<ffffffff821d3cc0>] neigh_resolve_output+0x600/0x780
[   37.655248]  [<ffffffff8232ee60>] ? ip_finish_output2+0x8f0/0x1100
[   37.661539]  [<ffffffff8232ee60>] ip_finish_output2+0x8f0/0x1100
[   37.667655]  [<ffffffff8232e77b>] ? ip_finish_output2+0x20b/0x1100
[   37.673950]  [<ffffffff8229a2d5>] ? nf_ct_deliver_cached_events+0x335/0x560
[   37.681023]  [<ffffffff8229a023>] ? nf_ct_deliver_cached_events+0x83/0x560
[   37.688009]  [<ffffffff82299fa0>] ? nf_conntrack_seqadj_fini+0x20/0x20
[   37.694649]  [<ffffffff8232e570>] ? ip_send_check+0xb0/0xb0
[   37.700336]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.707063]  [<ffffffff8232d4cc>] ? ip_options_fragment+0x1ac/0x280
[   37.713447]  [<ffffffff823316e0>] ip_do_fragment+0x1870/0x1f60
[   37.719393]  [<ffffffff8232e570>] ? ip_send_check+0xb0/0xb0
[   37.725080]  [<ffffffff823353b5>] ip_fragment.constprop.5+0x145/0x200
[   37.731630]  [<ffffffff82335806>] ip_finish_output+0x396/0xc00
[   37.737572]  [<ffffffff82338f87>] ip_mc_output+0x237/0x980
[   37.743171]  [<ffffffff82338d50>] ? ip_queue_xmit+0x1a80/0x1a80
[   37.749225]  [<ffffffff8233c776>] ? ip_make_skb+0x116/0x210
[   37.754911]  [<ffffffff82335470>] ? ip_fragment.constprop.5+0x200/0x200
[   37.761635]  [<ffffffff8233c660>] ? ip_flush_pending_frames+0x30/0x30
[   37.768214]  [<ffffffff8233680b>] ip_local_out+0x9b/0x180
[   37.773723]  [<ffffffff8233c52c>] ip_send_skb+0x3c/0xc0
[   37.779069]  [<ffffffff823e1ad3>] udp_send_skb+0x503/0xc70
[   37.784687]  [<ffffffff823e8959>] udp_sendmsg+0x16c9/0x1c70
[   37.790373]  [<ffffffff82332510>] ? ip_reply_glue_bits+0xc0/0xc0
[   37.796499]  [<ffffffff823e7290>] ? udp_lib_unhash+0x630/0x630
[   37.802449]  [<ffffffff811f2f80>] ? trace_hardirqs_on+0x10/0x10
[   37.808480]  [<ffffffff818fd161>] ? sock_has_perm+0x1c1/0x3f0
[   37.814336]  [<ffffffff818fd241>] ? sock_has_perm+0x2a1/0x3f0
[   37.820191]  [<ffffffff818fd03f>] ? sock_has_perm+0x9f/0x3f0
[   37.825970]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.832784]  [<ffffffff81aa239b>] ? check_preemption_disabled+0x3b/0x170
[   37.839613]  [<ffffffff82411b33>] ? inet_sendmsg+0x143/0x4d0
[   37.845411]  [<ffffffff82411bf3>] inet_sendmsg+0x203/0x4d0
[   37.851012]  [<ffffffff82411a63>] ? inet_sendmsg+0x73/0x4d0
[   37.856697]  [<ffffffff824119f0>] ? inet_recvmsg+0x4c0/0x4c0
[   37.862471]  [<ffffffff8214696b>] sock_sendmsg+0xbb/0x110
[   37.867983]  [<ffffffff8214ab70>] SyS_sendto+0x220/0x370
[   37.873403]  [<ffffffff8214a950>] ? SyS_getpeername+0x2d0/0x2d0
[   37.879439]  [<ffffffff8267ba9c>] ? _raw_spin_unlock+0x2c/0x50
[   37.885397]  [<ffffffff8141835a>] ? handle_mm_fault+0x49a/0x2f30
[   37.891512]  [<ffffffff8214a120>] ? SyS_accept+0x30/0x30
[   37.896934]  [<ffffffff814cb8b0>] ? get_unused_fd_flags+0xd0/0xd0
[   37.903139]  [<ffffffff8122eab7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[   37.909866]  [<ffffffff810a9546>] ? __do_page_fault+0x2b6/0x7e0
[   37.915899]  [<ffffffff81005dbb>] ? do_fast_syscall_32+0xdb/0x8b0
[   37.922189]  [<ffffffff8214a950>] ? SyS_getpeername+0x2d0/0x2d0
[   37.928226]  [<ffffffff81005ffe>] do_fast_syscall_32+0x31e/0x8b0
[   37.934548]  [<ffffffff8267de10>] sysenter_flags_fixed+0xd/0x1a