INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-net-kasan-gce-9,10.128.0.62' (ECDSA) to the list of known hosts.
net.ipv6.conf.syz0.accept_dad = 0
net.ipv6.conf.syz0.router_solicitations = 0
executing program
syzkaller login: [   40.890777] 
[   40.891188] ================================
[   40.891771] WARNING: inconsistent lock state
[   40.892400] 4.13.0-rc4+ #2 Not tainted
[   40.892961] --------------------------------
[   40.893570] inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
[   40.894416] syzkaller251025/2915 [HC0[0]:SC0[0]:HE1:SE1] takes:
[   40.895314]  (slock-AF_INET){+.?...}, at: [<ffffffff83527856>] sk_clone_lock+0x446/0x1270
[   40.896470] {IN-SOFTIRQ-W} state was registered at:
[   40.897172]   __lock_acquire+0xcbb/0x3dc0
[   40.897742]   lock_acquire+0x1d5/0x580
[   40.898263]   _raw_spin_lock+0x2a/0x40
[   40.898780]   sk_clone_lock+0x446/0x1270
[   40.899320]   inet_csk_clone_lock+0x92/0x4f0
[   40.899922]   tcp_create_openreq_child+0x7e/0x1b60
[   40.900572]   tcp_v4_syn_recv_sock+0x113/0x1150
[   40.901191]   tcp_check_req+0xe7f/0x1620
[   40.901731]   tcp_v4_rcv+0x1694/0x2de0
[   40.902252]   ip_local_deliver_finish+0x2e2/0xba0
[   40.902893]   ip_local_deliver+0x1ce/0x6d0
[   40.903487]   ip_rcv_finish+0x8db/0x19c0
[   40.904029]   ip_rcv+0xc3f/0x17d0
[   40.904507]   __netif_receive_skb_core+0x19af/0x33d0
[   40.905207]   __netif_receive_skb+0x2c/0x1b0
[   40.905839]   netif_receive_skb_internal+0xfd/0x4d0
[   40.906517]   napi_gro_receive+0x3d0/0x500
[   40.907115]   receive_buf+0xccd/0x5270
[   40.907649]   virtnet_poll+0x304/0xad0
[   40.908168]   net_rx_action+0x792/0x1910
[   40.908720]   __do_softirq+0x2f5/0xba3
[   40.909260]   irq_exit+0x1cc/0x200
[   40.909734]   do_IRQ+0xf6/0x190
[   40.910173]   ret_from_intr+0x0/0x1e
[   40.910670]   native_safe_halt+0x6/0x10
[   40.913566]   default_idle+0xbf/0x460
[   40.917334]   arch_cpu_idle+0xa/0x10
[   40.921012]   default_idle_call+0x36/0x90
[   40.925127]   do_idle+0x256/0x3b0
[   40.928545]   cpu_startup_entry+0x18/0x20
[   40.932661]   rest_init+0xfb/0x100
[   40.936170]   start_kernel+0x70d/0x733
[   40.940020]   x86_64_start_reservations+0x2a/0x2c
[   40.944826]   x86_64_start_kernel+0x13c/0x149
[   40.949285]   verify_cpu+0x0/0xf1
[   40.952701] irq event stamp: 10286
[   40.956209] hardirqs last  enabled at (10284): [<ffffffff819f5577>] kmem_cache_free+0xd7/0x240
[   40.964933] hardirqs last disabled at (10285): [<ffffffff8141f40c>] __local_bh_enable_ip+0x5c/0x160
[   40.974088] softirqs last  enabled at (10286): [<ffffffff82dd5b6d>] tun_rx_batched.isra.42+0x5bd/0x860
[   40.983497] softirqs last disabled at (10238): [<ffffffff82dd5b6d>] tun_rx_batched.isra.42+0x5bd/0x860
[   40.992905] 
[   40.992905] other info that might help us debug this:
[   40.999532]  Possible unsafe locking scenario:
[   40.999532] 
[   41.005551]        CPU0
[   41.008098]        ----
[   41.010645]   lock(slock-AF_INET);
[   41.014146]   <Interrupt>
[   41.016864]     lock(slock-AF_INET);
[   41.020547] 
[   41.020547]  *** DEADLOCK ***
[   41.020547] 
[   41.026569] 1 lock held by syzkaller251025/2915:
[   41.031284]  #0:  (slock-AF_INET){+.?...}, at: [<ffffffff83527856>] sk_clone_lock+0x446/0x1270
[   41.040005] 
[   41.040005] stack backtrace:
[   41.044466] CPU: 1 PID: 2915 Comm: syzkaller251025 Not tainted 4.13.0-rc4+ #2
[   41.051713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.061031] Call Trace:
[   41.063588]  dump_stack+0x194/0x257
[   41.067179]  ? arch_local_irq_restore+0x53/0x53
[   41.071815]  print_usage_bug+0x421/0x480
[   41.075846]  ? save_stack_trace+0x16/0x20
[   41.079961]  ? print_irqtrace_events+0x270/0x270
[   41.084684]  ? hlock_class+0x140/0x140
[   41.088537]  mark_lock+0xe59/0x13d0
[   41.092127]  ? check_usage_forwards+0x430/0x430
[   41.096759]  ? print_usage_bug+0x480/0x480
[   41.100955]  ? lock_release+0xa40/0xa40
[   41.104893]  ? do_gettimeofday+0x190/0x190
[   41.109096]  ? find_held_lock+0x35/0x1d0
[   41.113142]  ? __netif_receive_skb+0x2c/0x1b0
[   41.117604]  ? netif_receive_skb_internal+0x13b/0x4d0
[   41.122758]  ? dev_cpu_dead+0xb00/0xb00
[   41.126700]  ? rcu_pm_notify+0xc0/0xc0
[   41.130552]  ? netif_receive_skb+0xae/0x390
[   41.134836]  mark_held_locks+0xaf/0x100
[   41.138776]  ? __local_bh_enable_ip+0x9d/0x160
[   41.143331]  trace_hardirqs_on_caller+0x421/0x5c0
[   41.148142]  ? tun_rx_batched.isra.42+0x5bd/0x860
[   41.152947]  trace_hardirqs_on+0xd/0x10
[   41.156888]  __local_bh_enable_ip+0x9d/0x160
[   41.161263]  tun_rx_batched.isra.42+0x5fd/0x860
[   41.165898]  ? skb_get_hash_perturb+0x9d0/0x9d0
[   41.170538]  ? tun_sock_write_space+0x370/0x370
[   41.175206]  ? tun_free_netdev+0x1b0/0x1b0
[   41.179404]  ? check_noncircular+0x20/0x20
[   41.183602]  tun_get_user+0x1076/0x28f0
[   41.187543]  ? tun_chr_ioctl+0x40/0x40
[   41.191398]  ? find_held_lock+0x35/0x1d0
[   41.195426]  ? release_sock+0x1d4/0x2a0
[   41.199364]  ? lock_downgrade+0x990/0x990
[   41.203475]  ? lock_downgrade+0x990/0x990
[   41.207589]  ? do_raw_spin_trylock+0x190/0x190
[   41.212139]  ? find_held_lock+0x35/0x1d0
[   41.216165]  ? __tun_get+0x1ab/0x2e0
[   41.219854]  ? lock_downgrade+0x990/0x990
[   41.223969]  ? _raw_spin_unlock_bh+0x30/0x40
[   41.228355]  ? lock_release+0xa40/0xa40
[   41.232311]  ? __lock_is_held+0xb6/0x140
[   41.236339]  ? __tun_get+0x1d4/0x2e0
[   41.240024]  ? tun_chr_close+0x60/0x60
[   41.243879]  tun_chr_write_iter+0xd8/0x190
[   41.248082]  __vfs_write+0x684/0x970
[   41.251766]  ? default_llseek+0x290/0x290
[   41.255885]  ? avc_policy_seqno+0x9/0x20
[   41.259916]  ? selinux_file_permission+0x82/0x460
[   41.264725]  ? rw_verify_area+0xe5/0x2b0
[   41.268752]  ? __fdget_raw+0x20/0x20
[   41.272428]  vfs_write+0x189/0x510
[   41.275932]  SyS_write+0xef/0x220
[   41.279352]  ? SyS_read+0x220/0x220
[   41.282943]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   41.287935]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   41.292659]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[   41.297399] RIP: 0033:0x4016f0
[   41.300555] RSP: 002b:00007ffca06afba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   41.308230] RAX: ffffffffffffffda RBX: 00000000006d6ee0 RCX: 00000000004016f0
[   41.315463] RDX: 0000000000000036 RSI: 0000000020004000 RDI: 0000000000000003
[   41.322709] RBP: 0000000000000086 R08: 0000000000000013 R09: 0000000000000052
[   41.329959] R10: 0000000020016ff0 R11: 0000000000000246 R12: 00000000004025e0
[   41.337200] R13: 0000000000402670 R14: 0000000000000000 R15: 0000000000000000
[   41.344647] BUG: scheduling while atomic: syzkaller251025/2915/0x00000002
[   41.351575] INFO: lockdep is turned off.
[   41.355623] Modules linked in:
[   41.358796] Kernel panic - not syncing: scheduling while atomic
[   41.358796] 
[   41.366298] CPU: 1 PID: 2915 Comm: syzkaller251025 Not tainted 4.13.0-rc4+ #2
[   41.373537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   41.382863] Call Trace:
[   41.385461]  dump_stack+0x194/0x257
[   41.389061]  ? arch_local_irq_restore+0x53/0x53
[   41.393700]  ? print_modules+0x18c/0x2f7
[   41.397735]  panic+0x1e4/0x417
[   41.400899]  ? __warn+0x1d9/0x1d9
[   41.404325]  ? lock_downgrade+0x990/0x990
[   41.408445]  __schedule_bug+0x11f/0x130
[   41.412389]  __schedule+0x1315/0x2070
[   41.416162]  ? __sched_text_start+0x8/0x8
[   41.420273]  ? lock_downgrade+0x990/0x990
[   41.424385]  ? _raw_spin_unlock_bh+0x30/0x40
[   41.428760]  ? lock_release+0xa40/0xa40
[   41.432707]  ? __lock_is_held+0xb6/0x140
[   41.436745]  ? __tun_get+0x1d4/0x2e0
[   41.440423]  ? tun_chr_close+0x60/0x60
[   41.444279]  schedule+0x108/0x440
[   41.447697]  ? tun_chr_write_iter+0x133/0x190
[   41.452160]  ? __schedule+0x2070/0x2070
[   41.456103]  ? __vfs_write+0xf7/0x970
[   41.459876]  ? default_llseek+0x290/0x290
[   41.463998]  ? __fsnotify_parent+0xb4/0x3a0
[   41.468290]  exit_to_usermode_loop+0x250/0x2d0
[   41.472849]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   41.478354]  ? rw_verify_area+0xe5/0x2b0
[   41.482388]  ? __fdget_raw+0x20/0x20
[   41.486072]  syscall_return_slowpath+0x3a7/0x450
[   41.490795]  ? prepare_exit_to_usermode+0x220/0x220
[   41.495777]  ? SyS_write+0x184/0x220
[   41.499459]  ? SyS_read+0x220/0x220
[   41.503051]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   41.507776]  entry_SYSCALL_64_fastpath+0xbc/0xbe
[   41.512496] RIP: 0033:0x4016f0
[   41.515652] RSP: 002b:00007ffca06afba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   41.523326] RAX: 0000000000000036 RBX: 00000000006d6ee0 RCX: 00000000004016f0
[   41.530561] RDX: 0000000000000036 RSI: 0000000020004000 RDI: 0000000000000003
[   41.537805] RBP: ffffffffffffffff R08: 0000000000000013 R09: 0000000000000052
[   41.545044] R10: 0000000020016ff0 R11: 0000000000000246 R12: 00000000004025e0
[   41.552282] R13: 0000000000402670 R14: 0000000000000000 R15: 0000000000000000
[   41.559809] Dumping ftrace buffer:
[   41.563329]    (ftrace buffer empty)
[   41.567008] Kernel Offset: disabled
[   41.570611] Rebooting in 86400 seconds..