[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 20.888453] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 26.443022] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 26.777539] random: sshd: uninitialized urandom read (32 bytes read, 39 bits of entropy available) [ 28.114563] random: nonblocking pool is initialized Warning: Permanently added '10.128.10.62' (ECDSA) to the list of known hosts. 2018/08/01 06:35:06 parsed 1 programs INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes 2018/08/01 06:35:08 executed programs: 0 [ 122.391341] IPVS: Creating netns size=2552 id=1 [ 122.638890] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 122.654473] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 122.737893] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 122.752991] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 122.837568] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 122.853971] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 122.870963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 122.889862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 123.653357] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 123.694800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 124.625086] [ 124.626752] =============================== [ 124.631070] [ INFO: suspicious RCU usage. ] [ 124.635375] 4.4.143-g7bbfac1 #13 Not tainted [ 124.639761] ------------------------------- [ 124.644090] kernel/rcu/tree_plugin.h:685 Illegal synchronize_rcu() in RCU read-side critical section! [ 124.653438] [ 124.653438] other info that might help us debug this: [ 124.653438] [ 124.661578] [ 124.661578] rcu_scheduler_active = 1, debug_locks = 0 [ 124.668234] 2 locks held by syz-executor0/4270: [ 124.672919] #0: (rcu_read_lock_bh){......}, at: [] ip6_finish_output2+0x1d5/0x1ca0 [ 124.683032] #1: (&n->lock){++--..}, at: [] __neigh_event_send+0x2f/0xc50 [ 124.692249] [ 124.692249] stack backtrace: [ 124.696742] CPU: 1 PID: 4270 Comm: syz-executor0 Not tainted 4.4.143-g7bbfac1 #13 [ 124.704342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.713685] 0000000000000000 042fb8fda8e4f785 ffff8800b9b0f000 ffffffff81e1002d [ 124.721736] ffff8801d4ac8000 0000000000000000 0000000000000001 ffffffff83a676c0 [ 124.730331] ffff8800b79f2dd8 ffff8800b9b0f030 ffffffff8140e407 ffff8800b79f2c80 [ 124.738375] Call Trace: [ 124.740946] [] dump_stack+0xc1/0x124 [ 124.746299] [] lockdep_rcu_suspicious.cold.47+0x110/0x141 [ 124.753473] [] synchronize_rcu+0x78/0xa0 [ 124.759164] [] __l2tp_session_unhash+0x38a/0x520 [ 124.765548] [] ? __l2tp_session_unhash+0x1ac/0x520 [ 124.772104] [] ? l2tp_udp_encap_recv+0xa40/0xa40 [ 124.778483] [] l2tp_tunnel_closeall+0x1cb/0x350 [ 124.784789] [] l2tp_tunnel_destruct+0x2f2/0x590 [ 124.791086] [] ? l2tp_tunnel_destruct+0x1aa/0x590 [ 124.797563] [] ? l2tp_tunnel_del_work+0x460/0x460 [ 124.804045] [] ? __neigh_event_send+0x652/0xc50 [ 124.810342] [] sk_destruct+0x4c/0x4c0 [ 124.815768] [] __sk_free+0x4f/0x220 [ 124.821034] [] sock_wfree+0x103/0x140 [ 124.826458] [] ? sk_receive_skb+0x940/0x940 [ 124.832406] [] skb_release_head_state+0x103/0x210 [ 124.838874] [] skb_release_all+0x15/0x60 [ 124.844565] [] __kfree_skb+0x15/0x20 [ 124.849903] [] kfree_skb+0xf7/0x3e0 [ 124.855157] [] __neigh_event_send+0x652/0xc50 [ 124.861291] [] neigh_resolve_output+0x4eb/0x790 [ 124.867595] [] ? check_preemption_disabled+0x3b/0x170 [ 124.874415] [] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 124.881671] [] ip6_finish_output2+0x929/0x1ca0 [ 124.887884] [] ? ip6_finish_output2+0x1d5/0x1ca0 [ 124.894295] [] ? ip6_sk_dst_lookup_flow+0x580/0x580 [ 124.900938] [] ? ip6_mtu+0x217/0x340 [ 124.906277] [] ip6_finish_output+0x3b8/0x760 [ 124.912321] [] ip6_output+0x1b8/0x520 [ 124.917748] [] ? ip6_finish_output+0x760/0x760 [ 124.923963] [] ? ip6_fragment+0x3510/0x3510 [ 124.929950] [] ? rt6_check_expired+0xa2/0x120 [ 124.936078] [] ip6_local_out+0x9b/0x180 [ 124.941679] [] ip6_send_skb+0xa1/0x340 [ 124.947195] [] ? csum_ipv6_magic+0x2b/0x90 [ 124.953060] [] udp_v6_send_skb+0x5ba/0xe70 [ 124.958923] [] udpv6_sendmsg+0x1f2e/0x24c0 [ 124.964789] [] ? ip_reply_glue_bits+0xc0/0xc0 [ 124.970914] [] ? udp6_lib_lookup2+0x990/0x990 [ 124.977040] [] ? debug_check_no_locks_freed+0x210/0x210 [ 124.984034] [] ? sock_has_perm+0x1c1/0x400 [ 124.989895] [] ? sock_has_perm+0x29f/0x400 [ 124.995764] [] ? sock_has_perm+0x9f/0x400 [ 125.001541] [] ? inet_sendmsg+0x143/0x4d0 [ 125.007315] [] inet_sendmsg+0x203/0x4d0 [ 125.013524] [] ? inet_sendmsg+0x73/0x4d0 [ 125.019226] [] ? inet_recvmsg+0x4c0/0x4c0 [ 125.024998] [] sock_sendmsg+0xcc/0x110 [ 125.030510] [] ___sys_sendmsg+0x441/0x880 [ 125.036288] [] ? hash_futex+0x15/0x210 [ 125.041802] [] ? copy_msghdr_from_user+0x550/0x550 [ 125.048358] [] ? get_futex_key+0xdc0/0xdc0 [ 125.054218] [] ? release_sock+0x3b6/0x500 [ 125.059991] [] ? do_futex+0x12d/0x17f0 [ 125.065507] [] ? pppol2tp_recv+0x320/0x320 [ 125.071370] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 125.078107] [] ? __fget_light+0x9f/0x1f0 [ 125.083794] [] ? __fdget+0x18/0x20 [ 125.088959] [] ? sockfd_lookup_light+0xb6/0x160 [ 125.095261] [] __sys_sendmmsg+0x1d4/0x2e0 [ 125.101034] [] ? SyS_sendmsg+0x50/0x50 [ 125.106549] [] ? security_socket_connect+0x8f/0xc0 [ 125.113102] [] ? SYSC_connect+0x22a/0x300 [ 125.118887] [] ? SYSC_bind+0x280/0x280 [ 125.124411] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 125.130533] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 125.137536] [] compat_SyS_sendmmsg+0x32/0x40 [ 125.143571] [] ? compat_SyS_sendmsg+0x40/0x40 [ 125.149694] [] do_fast_syscall_32+0x326/0x8b0 [ 125.155823] [] sysenter_flags_fixed+0xd/0x17 [ 125.161893] BUG: sleeping function called from invalid context at kernel/sched/completion.c:90 [ 125.170726] in_atomic(): 1, irqs_disabled(): 0, pid: 4270, name: syz-executor0 [ 125.178083] INFO: lockdep is turned off. [ 125.182135] Preemption disabled at:[] ip6_finish_output+0x3b8/0x760 [ 125.190207] [ 125.191831] CPU: 1 PID: 4270 Comm: syz-executor0 Not tainted 4.4.143-g7bbfac1 #13 [ 125.199442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.208773] 0000000000000000 042fb8fda8e4f785 ffff8800b9b0ed80 ffffffff81e1002d [ 125.216770] ffff8801d4ac8000 0000000000000000 ffff8801d4ac8000 000000000000005a [ 125.224790] ffff8801d4ac8000 ffff8800b9b0edb8 ffffffff8140c525 ffff8801d4ac8000 [ 125.232791] Call Trace: [ 125.235356] [] dump_stack+0xc1/0x124 [ 125.240696] [] ___might_sleep.cold.116+0x1bd/0x1d3 [ 125.247253] [] __might_sleep+0x90/0x1a0 [ 125.252852] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 125.259756] [] wait_for_completion+0x89/0x2e0 [ 125.265876] [] ? check_preemption_disabled+0x3b/0x170 [ 125.272692] [] ? wait_for_completion_interruptible+0x460/0x460 [ 125.280289] [] ? trace_hardirqs_on+0xd/0x10 [ 125.286233] [] __wait_rcu_gp+0x137/0x1b0 [ 125.291921] [] synchronize_rcu.part.55+0x94/0xd0 [ 125.298649] [] ? synchronize_rcu_bh.part.54+0xd0/0xd0 [ 125.305463] [] ? __call_rcu.constprop.66+0x930/0x930 [ 125.312195] [] ? trace_raw_output_rcu_utilization+0x150/0x150 [ 125.319714] [] ? lockdep_rcu_suspicious.cold.47+0x110/0x141 [ 125.327052] [] synchronize_rcu+0x37/0xa0 [ 125.332740] [] __l2tp_session_unhash+0x38a/0x520 [ 125.339122] [] ? __l2tp_session_unhash+0x1ac/0x520 [ 125.345677] [] ? l2tp_udp_encap_recv+0xa40/0xa40 [ 125.352057] [] l2tp_tunnel_closeall+0x1cb/0x350 [ 125.358351] [] l2tp_tunnel_destruct+0x2f2/0x590 [ 125.364643] [] ? l2tp_tunnel_destruct+0x1aa/0x590 [ 125.371111] [] ? l2tp_tunnel_del_work+0x460/0x460 [ 125.378274] [] ? __neigh_event_send+0x652/0xc50 [ 125.384828] [] sk_destruct+0x4c/0x4c0 [ 125.390253] [] __sk_free+0x4f/0x220 [ 125.395508] [] sock_wfree+0x103/0x140 [ 125.400987] [] ? sk_receive_skb+0x940/0x940 [ 125.406947] [] skb_release_head_state+0x103/0x210 [ 125.413415] [] skb_release_all+0x15/0x60 [ 125.419103] [] __kfree_skb+0x15/0x20 [ 125.424451] [] kfree_skb+0xf7/0x3e0 [ 125.429703] [] __neigh_event_send+0x652/0xc50 [ 125.435823] [] neigh_resolve_output+0x4eb/0x790 [ 125.442120] [] ? check_preemption_disabled+0x3b/0x170 [ 125.448934] [] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 125.456182] [] ip6_finish_output2+0x929/0x1ca0 [ 125.462396] [] ? ip6_finish_output2+0x1d5/0x1ca0 [ 125.468777] [] ? ip6_sk_dst_lookup_flow+0x580/0x580 [ 125.475433] [] ? ip6_mtu+0x217/0x340 [ 125.480775] [] ip6_finish_output+0x3b8/0x760 [ 125.486809] [] ip6_output+0x1b8/0x520 [ 125.492234] [] ? ip6_finish_output+0x760/0x760 [ 125.498438] [] ? ip6_fragment+0x3510/0x3510 [ 125.504386] [] ? rt6_check_expired+0xa2/0x120 [ 125.510508] [] ip6_local_out+0x9b/0x180 [ 125.516122] [] ip6_send_skb+0xa1/0x340 [ 125.521741] [] ? csum_ipv6_magic+0x2b/0x90 [ 125.527601] [] udp_v6_send_skb+0x5ba/0xe70 [ 125.533473] [] udpv6_sendmsg+0x1f2e/0x24c0 [ 125.539336] [] ? ip_reply_glue_bits+0xc0/0xc0 [ 125.545456] [] ? udp6_lib_lookup2+0x990/0x990 [ 125.551582] [] ? debug_check_no_locks_freed+0x210/0x210 [ 125.558588] [] ? sock_has_perm+0x1c1/0x400 [ 125.564452] [] ? sock_has_perm+0x29f/0x400 [ 125.570314] [] ? sock_has_perm+0x9f/0x400 [ 125.576091] [] ? inet_sendmsg+0x143/0x4d0 [ 125.581866] [] inet_sendmsg+0x203/0x4d0 [ 125.587465] [] ? inet_sendmsg+0x73/0x4d0 [ 125.593151] [] ? inet_recvmsg+0x4c0/0x4c0 [ 125.598941] [] sock_sendmsg+0xcc/0x110 [ 125.604453] [] ___sys_sendmsg+0x441/0x880 [ 125.610226] [] ? hash_futex+0x15/0x210 [ 125.615743] [] ? copy_msghdr_from_user+0x550/0x550 [ 125.622300] [] ? get_futex_key+0xdc0/0xdc0 [ 125.628165] [] ? release_sock+0x3b6/0x500 [ 125.633939] [] ? do_futex+0x12d/0x17f0 [ 125.639453] [] ? pppol2tp_recv+0x320/0x320 [ 125.645316] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 125.652048] [] ? __fget_light+0x9f/0x1f0 [ 125.657736] [] ? __fdget+0x18/0x20 [ 125.662901] [] ? sockfd_lookup_light+0xb6/0x160 [ 125.669195] [] __sys_sendmmsg+0x1d4/0x2e0 [ 125.674969] [] ? SyS_sendmsg+0x50/0x50 [ 125.680484] [] ? security_socket_connect+0x8f/0xc0 [ 125.687046] [] ? SYSC_connect+0x22a/0x300 [ 125.692821] [] ? SYSC_bind+0x280/0x280 [ 125.698334] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 125.704542] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 125.711543] [] compat_SyS_sendmmsg+0x32/0x40 [ 125.717578] [] ? compat_SyS_sendmsg+0x40/0x40 [ 125.723788] [] do_fast_syscall_32+0x326/0x8b0 [ 125.729912] [] sysenter_flags_fixed+0xd/0x17 [ 125.735976] BUG: scheduling while atomic: syz-executor0/4270/0x00000402 [ 125.742708] INFO: lockdep is turned off. [ 125.746745] Modules linked in: [ 125.750045] Preemption disabled at:[] ip6_finish_output+0x3b8/0x760 [ 125.758124] [ 125.759734] CPU: 1 PID: 4270 Comm: syz-executor0 Not tainted 4.4.143-g7bbfac1 #13 [ 125.767327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.776659] 0000000000000000 042fb8fda8e4f785 ffff8800b9b0ebd8 ffffffff81e1002d [ 125.784668] ffff8801d4ac8000 0000000000000402 000000000001f4c0 0000000000000000 [ 125.792680] 0000000000000001 ffff8800b9b0ebf8 ffffffff8140c619 ffff8801db31f4c0 [ 125.800681] Call Trace: [ 125.803245] [] dump_stack+0xc1/0x124 [ 125.808673] [] __schedule_bug.cold.117+0xde/0x100 [ 125.815153] [] __schedule+0x11ff/0x1d70 [ 125.820755] [] ? dump_trace+0x184/0x360 [ 125.826365] [] schedule+0x7a/0x1b0 [ 125.831621] [] schedule_timeout+0x481/0x8b0 [ 125.837570] [] ? usleep_range+0x140/0x140 [ 125.843345] [] ? dump_stack+0xfb/0x124 [ 125.848884] [] ? wait_for_completion+0x91/0x2e0 [ 125.855195] [] ? ___might_sleep.cold.116+0x1bd/0x1d3 [ 125.861924] [] ? wait_for_completion+0x1f6/0x2e0 [ 125.868316] [] wait_for_completion+0x1fe/0x2e0 [ 125.875132] [] ? wait_for_completion_interruptible+0x460/0x460 [ 125.882746] [] ? wake_up_process+0x20/0x20 [ 125.888618] [] __wait_rcu_gp+0x137/0x1b0 [ 125.894325] [] synchronize_rcu.part.55+0x94/0xd0 [ 125.900886] [] ? synchronize_rcu_bh.part.54+0xd0/0xd0 [ 125.908221] [] ? __call_rcu.constprop.66+0x930/0x930 [ 125.915048] [] ? trace_raw_output_rcu_utilization+0x150/0x150 [ 125.922562] [] ? lockdep_rcu_suspicious.cold.47+0x110/0x141 [ 125.932778] [] synchronize_rcu+0x37/0xa0 [ 125.938467] [] __l2tp_session_unhash+0x38a/0x520 [ 125.944861] [] ? __l2tp_session_unhash+0x1ac/0x520 [ 125.951430] [] ? l2tp_udp_encap_recv+0xa40/0xa40 [ 125.957812] [] l2tp_tunnel_closeall+0x1cb/0x350 [ 125.964127] [] l2tp_tunnel_destruct+0x2f2/0x590 [ 125.970421] [] ? l2tp_tunnel_destruct+0x1aa/0x590 [ 125.976889] [] ? l2tp_tunnel_del_work+0x460/0x460 [ 125.983361] [] ? __neigh_event_send+0x652/0xc50 [ 125.989666] [] sk_destruct+0x4c/0x4c0 [ 125.995090] [] __sk_free+0x4f/0x220 [ 126.000354] [] sock_wfree+0x103/0x140 [ 126.005782] [] ? sk_receive_skb+0x940/0x940 [ 126.011740] [] skb_release_head_state+0x103/0x210 [ 126.018208] [] skb_release_all+0x15/0x60 [ 126.023895] [] __kfree_skb+0x15/0x20 [ 126.029241] [] kfree_skb+0xf7/0x3e0 [ 126.034499] [] __neigh_event_send+0x652/0xc50 [ 126.040629] [] neigh_resolve_output+0x4eb/0x790 [ 126.047460] [] ? check_preemption_disabled+0x3b/0x170 [ 126.054276] [] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 126.061701] [] ip6_finish_output2+0x929/0x1ca0 [ 126.068026] [] ? ip6_finish_output2+0x1d5/0x1ca0 [ 126.074408] [] ? ip6_sk_dst_lookup_flow+0x580/0x580 [ 126.081060] [] ? ip6_mtu+0x217/0x340 [ 126.086400] [] ip6_finish_output+0x3b8/0x760 [ 126.092433] [] ip6_output+0x1b8/0x520 [ 126.097864] [] ? ip6_finish_output+0x760/0x760 [ 126.104075] [] ? ip6_fragment+0x3510/0x3510 [ 126.110025] [] ? rt6_check_expired+0xa2/0x120 [ 126.116148] [] ip6_local_out+0x9b/0x180 [ 126.121754] [] ip6_send_skb+0xa1/0x340 [ 126.127268] [] ? csum_ipv6_magic+0x2b/0x90 [ 126.133147] [] udp_v6_send_skb+0x5ba/0xe70 [ 126.139195] [] udpv6_sendmsg+0x1f2e/0x24c0 [ 126.145065] [] ? ip_reply_glue_bits+0xc0/0xc0 [ 126.151188] [] ? udp6_lib_lookup2+0x990/0x990 [ 126.157312] [] ? debug_check_no_locks_freed+0x210/0x210 [ 126.164304] [] ? sock_has_perm+0x1c1/0x400 [ 126.170250] [] ? sock_has_perm+0x29f/0x400 [ 126.176121] [] ? sock_has_perm+0x9f/0x400 [ 126.181900] [] ? inet_sendmsg+0x143/0x4d0 [ 126.187675] [] inet_sendmsg+0x203/0x4d0 [ 126.193276] [] ? inet_sendmsg+0x73/0x4d0 [ 126.198965] [] ? inet_recvmsg+0x4c0/0x4c0 [ 126.204756] [] sock_sendmsg+0xcc/0x110 [ 126.210272] [] ___sys_sendmsg+0x441/0x880 [ 126.216049] [] ? hash_futex+0x15/0x210 [ 126.221562] [] ? copy_msghdr_from_user+0x550/0x550 [ 126.228131] [] ? get_futex_key+0xdc0/0xdc0 [ 126.233996] [] ? release_sock+0x3b6/0x500 [ 126.239785] [] ? do_futex+0x12d/0x17f0 [ 126.245300] [] ? pppol2tp_recv+0x320/0x320 [ 126.251164] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 126.257983] [] ? __fget_light+0x9f/0x1f0 [ 126.263681] [] ? __fdget+0x18/0x20 [ 126.268845] [] ? sockfd_lookup_light+0xb6/0x160 [ 126.275154] [] __sys_sendmmsg+0x1d4/0x2e0 [ 126.280948] [] ? SyS_sendmsg+0x50/0x50 [ 126.286462] [] ? security_socket_connect+0x8f/0xc0 [ 126.293021] [] ? SYSC_connect+0x22a/0x300 [ 126.298797] [] ? SYSC_bind+0x280/0x280 [ 126.304315] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 126.310438] [] ? compat_SyS_get_robust_list+0x310/0x310 [ 126.317441] [] compat_SyS_sendmmsg+0x32/0x40 [ 126.323476] [] ? compat_SyS_sendmsg+0x40/0x40 [ 126.329625] [] do_fast_syscall_32+0x326/0x8b0 [ 126.335776] [] sysenter_flags_fixed+0xd/0x17 INIT: Id "3" respawning too fast: disabled for 5 minutes