Warning: Permanently added '10.128.0.108' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 70.232222] ODEBUG: object 0000000015e9012c is on stack 00000000115bcb67, but NOT annotated. [ 70.242329] WARNING: CPU: 0 PID: 5594 at lib/debugobjects.c:369 __debug_object_init.cold.14+0x51/0xdf [ 70.251671] Kernel panic - not syncing: panic_on_warn set ... [ 70.257585] CPU: 0 PID: 5594 Comm: syz-executor740 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 70.266290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.275692] Call Trace: [ 70.278280] dump_stack+0x244/0x39d [ 70.281898] ? dump_stack_print_info.cold.1+0x20/0x20 [ 70.287080] panic+0x2ad/0x55c [ 70.290257] ? add_taint.cold.5+0x16/0x16 [ 70.294392] ? __warn.cold.8+0x5/0x45 [ 70.298202] ? __warn+0xe8/0x1d0 [ 70.301589] ? __debug_object_init.cold.14+0x51/0xdf [ 70.306700] __warn.cold.8+0x20/0x45 [ 70.310405] ? __debug_object_init.cold.14+0x51/0xdf [ 70.315506] report_bug+0x254/0x2d0 [ 70.319120] do_error_trap+0x11b/0x200 [ 70.322991] do_invalid_op+0x36/0x40 [ 70.326686] ? __debug_object_init.cold.14+0x51/0xdf [ 70.331782] invalid_op+0x14/0x20 [ 70.335232] RIP: 0010:__debug_object_init.cold.14+0x51/0xdf [ 70.340928] Code: ea 03 80 3c 02 00 75 7c 49 8b 54 24 18 48 89 de 48 c7 c7 c0 f1 40 88 4c 89 85 d0 fd ff ff e8 09 8c d1 fd 4c 8b 85 d0 fd ff ff <0f> 0b e9 09 d6 ff ff 41 83 c4 01 b8 ff ff 37 00 44 89 25 b7 4e 66 [ 70.359860] RSP: 0018:ffff8801bb387308 EFLAGS: 00010086 [ 70.365209] RAX: 0000000000000050 RBX: ffff8801bb387af8 RCX: 0000000000000000 [ 70.372463] RDX: 0000000000000000 RSI: ffffffff816585a5 RDI: 0000000000000005 [ 70.379716] RBP: ffff8801bb387560 R08: ffff8801cb208a20 R09: ffffed003b5c5008 [ 70.386971] R10: ffffed003b5c5008 R11: ffff8801dae28047 R12: ffff8801d82ea300 [ 70.394224] R13: 0000000000069700 R14: ffff8801d82ea300 R15: ffff8801cb208a10 [ 70.401487] ? vprintk_func+0x85/0x181 [ 70.405446] ? __debug_object_init.cold.14+0x4a/0xdf [ 70.410553] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 70.415118] ? debug_object_free+0x690/0x690 [ 70.419533] ? unwind_get_return_address+0x61/0xa0 [ 70.424461] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 70.429552] ? depot_save_stack+0x292/0x470 [ 70.433883] ? save_stack+0xa9/0xd0 [ 70.437492] ? save_stack+0x43/0xd0 [ 70.441097] ? kasan_kmalloc+0xc7/0xe0 [ 70.444967] ? bpf_test_init.isra.10+0x98/0x100 [ 70.449613] ? zap_class+0x640/0x640 [ 70.453309] ? do_syscall_64+0x1b9/0x820 [ 70.457407] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.462764] ? kasan_check_read+0x11/0x20 [ 70.466894] ? __lock_acquire+0x2aff/0x4c20 [ 70.471243] ? find_held_lock+0x36/0x1c0 [ 70.475296] debug_object_init+0x16/0x20 [ 70.479340] init_timer_key+0xa9/0x480 [ 70.483216] ? init_timer_on_stack_key+0xe0/0xe0 [ 70.487956] ? __might_fault+0x12b/0x1e0 [ 70.492042] ? __lockdep_init_map+0x105/0x590 [ 70.496526] ? __lockdep_init_map+0x105/0x590 [ 70.501010] ? lockdep_init_map+0x9/0x10 [ 70.505056] sock_init_data+0xe1/0xdc0 [ 70.508925] ? sk_stop_timer+0x50/0x50 [ 70.512799] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.518315] ? _copy_from_user+0xdf/0x150 [ 70.522446] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.527967] ? bpf_test_init.isra.10+0x70/0x100 [ 70.532621] bpf_prog_test_run_skb+0x255/0xc40 [ 70.537201] ? refcount_inc_not_zero_checked+0x2f0/0x2f0 [ 70.542636] ? bpf_test_finish.isra.9+0x1f0/0x1f0 [ 70.547458] ? __lock_acquire+0x62f/0x4c20 [ 70.551712] ? bpf_prog_add+0x69/0xd0 [ 70.555505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.561024] ? __bpf_prog_get+0x9b/0x290 [ 70.565068] ? bpf_test_finish.isra.9+0x1f0/0x1f0 [ 70.569888] bpf_prog_test_run+0x130/0x1a0 [ 70.574116] __x64_sys_bpf+0x3d8/0x510 [ 70.577998] ? bpf_prog_get+0x20/0x20 [ 70.581789] do_syscall_64+0x1b9/0x820 [ 70.585657] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 70.591007] ? syscall_return_slowpath+0x5e0/0x5e0 [ 70.595915] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.600740] ? trace_hardirqs_on_caller+0x310/0x310 [ 70.605739] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 70.610742] ? prepare_exit_to_usermode+0x291/0x3b0 [ 70.615745] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.620636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.625859] RIP: 0033:0x440259 [ 70.629042] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.647928] RSP: 002b:00007ffc212cf818 EFLAGS: 00000213 ORIG_RAX: 0000000000000141 [ 70.655634] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440259 [ 70.662899] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 70.670169] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 70.677424] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000401ae0 [ 70.684677] R13: 0000000000401b70 R14: 0000000000000000 R15: 0000000000000000 [ 70.691938] [ 70.691942] ====================================================== [ 70.691945] WARNING: possible circular locking dependency detected [ 70.691948] 4.19.0-rc8-next-20181019+ #98 Not tainted [ 70.691952] ------------------------------------------------------ [ 70.691955] syz-executor740/5594 is trying to acquire lock: [ 70.691957] 00000000688fcc6b ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70 [ 70.691965] [ 70.691967] but task is already holding lock: [ 70.691969] 00000000505ead1b (&obj_hash[i].lock){-.-.}, at: __debug_object_init+0x127/0x1290 [ 70.691978] [ 70.691980] which lock already depends on the new lock. [ 70.691982] [ 70.691983] [ 70.691986] the existing dependency chain (in reverse order) is: [ 70.691988] [ 70.691989] -> #3 (&obj_hash[i].lock){-.-.}: [ 70.691997] _raw_spin_lock_irqsave+0x99/0xd0 [ 70.692000] __debug_object_init+0x127/0x1290 [ 70.692002] debug_object_init+0x16/0x20 [ 70.692005] hrtimer_init+0x97/0x490 [ 70.692007] init_dl_task_timer+0x1b/0x50 [ 70.692009] __sched_fork+0x2ae/0x590 [ 70.692011] init_idle+0x75/0x740 [ 70.692014] sched_init+0xb33/0xc02 [ 70.692016] start_kernel+0x4be/0xa2b [ 70.692019] x86_64_start_reservations+0x2e/0x30 [ 70.692021] x86_64_start_kernel+0x76/0x79 [ 70.692024] secondary_startup_64+0xa4/0xb0 [ 70.692025] [ 70.692026] -> #2 (&rq->lock){-.-.}: [ 70.692034] _raw_spin_lock+0x2d/0x40 [ 70.692036] task_fork_fair+0xb0/0x6d0 [ 70.692039] sched_fork+0x443/0xba0 [ 70.692041] copy_process+0x2585/0x8770 [ 70.692043] _do_fork+0x1cb/0x11c0 [ 70.692046] kernel_thread+0x34/0x40 [ 70.692048] rest_init+0x28/0x372 [ 70.692050] arch_call_rest_init+0xe/0x1b [ 70.692052] start_kernel+0x9f0/0xa2b [ 70.692055] x86_64_start_reservations+0x2e/0x30 [ 70.692058] x86_64_start_kernel+0x76/0x79 [ 70.692060] secondary_startup_64+0xa4/0xb0 [ 70.692061] [ 70.692063] -> #1 (&p->pi_lock){-.-.}: [ 70.692071] _raw_spin_lock_irqsave+0x99/0xd0 [ 70.692073] try_to_wake_up+0xd2/0x12e0 [ 70.692075] wake_up_process+0x10/0x20 [ 70.692078] __up.isra.1+0x1c0/0x2a0 [ 70.692080] up+0x13c/0x1c0 [ 70.692082] __up_console_sem+0xbe/0x1b0 [ 70.692085] console_unlock+0x80c/0x1190 [ 70.692087] vprintk_emit+0x391/0x990 [ 70.692089] vprintk_default+0x28/0x30 [ 70.692092] vprintk_func+0x7e/0x181 [ 70.692094] printk+0xa7/0xcf [ 70.692096] do_exit.cold.18+0x57/0x16f [ 70.692098] do_group_exit+0x177/0x440 [ 70.692101] __x64_sys_exit_group+0x3e/0x50 [ 70.692103] do_syscall_64+0x1b9/0x820 [ 70.692106] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.692107] [ 70.692109] -> #0 ((console_sem).lock){-.-.}: [ 70.692117] lock_acquire+0x1ed/0x520 [ 70.692119] _raw_spin_lock_irqsave+0x99/0xd0 [ 70.692122] down_trylock+0x13/0x70 [ 70.692124] __down_trylock_console_sem+0xae/0x1f0 [ 70.692127] console_trylock+0x15/0xa0 [ 70.692129] vprintk_emit+0x372/0x990 [ 70.692132] vprintk_default+0x28/0x30 [ 70.692134] vprintk_func+0x7e/0x181 [ 70.692136] printk+0xa7/0xcf [ 70.692139] __debug_object_init.cold.14+0x4a/0xdf [ 70.692141] debug_object_init+0x16/0x20 [ 70.692144] init_timer_key+0xa9/0x480 [ 70.692146] sock_init_data+0xe1/0xdc0 [ 70.692149] bpf_prog_test_run_skb+0x255/0xc40 [ 70.692151] bpf_prog_test_run+0x130/0x1a0 [ 70.692153] __x64_sys_bpf+0x3d8/0x510 [ 70.692156] do_syscall_64+0x1b9/0x820 [ 70.692159] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.692160] [ 70.692163] other info that might help us debug this: [ 70.692164] [ 70.692166] Chain exists of: [ 70.692167] (console_sem).lock --> &rq->lock --> &obj_hash[i].lock [ 70.692177] [ 70.692180] Possible unsafe locking scenario: [ 70.692181] [ 70.692183] CPU0 CPU1 [ 70.692186] ---- ---- [ 70.692187] lock(&obj_hash[i].lock); [ 70.692193] lock(&rq->lock); [ 70.692198] lock(&obj_hash[i].lock); [ 70.692203] lock((console_sem).lock); [ 70.692207] [ 70.692209] *** DEADLOCK *** [ 70.692210] [ 70.692213] 1 lock held by syz-executor740/5594: [ 70.692214] #0: 00000000505ead1b (&obj_hash[i].lock){-.-.}, at: __debug_object_init+0x127/0x1290 [ 70.692224] [ 70.692226] stack backtrace: [ 70.692230] CPU: 0 PID: 5594 Comm: syz-executor740 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 70.692234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.692236] Call Trace: [ 70.692238] dump_stack+0x244/0x39d [ 70.692241] ? dump_stack_print_info.cold.1+0x20/0x20 [ 70.692243] ? vprintk_func+0x85/0x181 [ 70.692246] print_circular_bug.isra.35.cold.54+0x1bd/0x27d [ 70.692248] ? save_trace+0xe0/0x290 [ 70.692251] __lock_acquire+0x3399/0x4c20 [ 70.692253] ? mark_held_locks+0x130/0x130 [ 70.692255] ? put_dec+0xf0/0xf0 [ 70.692258] ? mark_held_locks+0x130/0x130 [ 70.692260] ? kasan_check_read+0x11/0x20 [ 70.692263] ? pointer_string+0x14e/0x1b0 [ 70.692265] ? number+0xca0/0xca0 [ 70.692267] ? print_usage_bug+0xc0/0xc0 [ 70.692269] ? ptr_to_id+0xd0/0x1d0 [ 70.692272] ? dentry_name+0x8f0/0x8f0 [ 70.692274] ? print_usage_bug+0xc0/0xc0 [ 70.692276] ? zap_class+0x640/0x640 [ 70.692279] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 70.692281] lock_acquire+0x1ed/0x520 [ 70.692283] ? down_trylock+0x13/0x70 [ 70.692286] ? lock_release+0xa10/0xa10 [ 70.692288] ? trace_hardirqs_off+0xb8/0x310 [ 70.692290] ? vprintk_emit+0x1de/0x990 [ 70.692293] ? trace_hardirqs_on+0x310/0x310 [ 70.692295] ? trace_hardirqs_off+0xb8/0x310 [ 70.692298] ? log_store+0x344/0x4c0 [ 70.692300] ? vprintk_emit+0x372/0x990 [ 70.692304] _raw_spin_lock_irqsave+0x99/0xd0 [ 70.692307] ? down_trylock+0x13/0x70 [ 70.692309] down_trylock+0x13/0x70 [ 70.692312] __down_trylock_console_sem+0xae/0x1f0 [ 70.692314] console_trylock+0x15/0xa0 [ 70.692316] vprintk_emit+0x372/0x990 [ 70.692318] ? wake_up_klogd+0x180/0x180 [ 70.692321] ? zap_class+0x640/0x640 [ 70.692323] ? __bpf_trace_xdp_cpumap_enqueue+0x40/0x40 [ 70.692326] ? print_usage_bug+0xc0/0xc0 [ 70.692328] ? find_held_lock+0x36/0x1c0 [ 70.692330] vprintk_default+0x28/0x30 [ 70.692332] vprintk_func+0x7e/0x181 [ 70.692334] printk+0xa7/0xcf [ 70.692337] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 70.692340] __debug_object_init.cold.14+0x4a/0xdf [ 70.692342] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 70.692345] ? debug_object_free+0x690/0x690 [ 70.692347] ? unwind_get_return_address+0x61/0xa0 [ 70.692350] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 70.692353] ? depot_save_stack+0x292/0x470 [ 70.692355] ? save_stack+0xa9/0xd0 [ 70.692357] ? save_stack+0x43/0xd0 [ 70.692359] ? kasan_kmalloc+0xc7/0xe0 [ 70.692362] ? bpf_test_init.isra.10+0x98/0x100 [ 70.692364] ? zap_class+0x640/0x640 [ 70.692367] ? do_syscall_64+0x1b9/0x820 [ 70.692369] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.692379] ? kasan_check_read+0x11/0x20 [ 70.692381] ? __lock_acquire+0x2aff/0x4c20 [ 70.692384] ? find_held_lock+0x36/0x1c0 [ 70.692386] debug_object_init+0x16/0x20 [ 70.692389] init_timer_key+0xa9/0x480 [ 70.692391] ? init_timer_on_stack_key+0xe0/0xe0 [ 70.692393] ? __might_fault+0x12b/0x1e0 [ 70.692396] ? __lockdep_init_map+0x105/0x590 [ 70.692399] ? __lockdep_init_map+0x105/0x590 [ 70.692401] ? lockdep_init_map+0x9/0x10 [ 70.692403] sock_init_data+0xe1/0xdc0 [ 70.692406] ? sk_stop_timer+0x50/0x50 [ 70.692409] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.692411] ? _copy_from_user+0xdf/0x150 [ 70.692414] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.692417] ? bpf_test_init.isra.10+0x70/0x100 [ 70.692419] bpf_prog_test_run_skb+0x255/0xc40 [ 70.692422] ? refcount_inc_not_zero_checked+0x2f0/0x2f0 [ 70.692425] ? bpf_test_finish.isra.9+0x1f0/0x1f0 [ 70.692427] ? __lock_acquire+0x62f/0x4c20 [ 70.692429] ? bpf_prog_add+0x69/0xd0 [ 70.692432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 70.692434] ? __bpf_prog_get+0x9b/0x290 [ 70.692437] ? bpf_test_finish.isra.9+0x1f0/0x1f0 [ 70.692440] bpf_prog_test_run+0x130/0x1a0 [ 70.692442] __x64_sys_bpf+0x3d8/0x510 [ 70.692444] ? bpf_prog_get+0x20/0x20 [ 70.692446] do_syscall_64+0x1b9/0x820 [ 70.692449] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 70.692452] ? syscall_return_slowpath+0x5e0/0x5e0 [ 70.692454] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.692457] ? trace_hardirqs_on_caller+0x310/0x310 [ 70.692460] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 70.692463] ? prepare_exit_to_usermode+0x291/0x3b0 [ 70.692465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 70.692468] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.692470] RIP: 0033:0x440259 [ 70.692481] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.692484] RSP: 002b:00007ffc212cf818 EFLAGS: 00000213 ORIG_RAX: 0000000000000141 [ 70.692490] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440259 [ 70.692493] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 70.692497] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 70.692500] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000401ae0 [ 70.692504] R13: 0000000000401b70 R14: 0000000000000000 R15: 0000000000000000 [ 70.693325] Kernel Offset: disabled [ 71.609984] Rebooting in 86400 seconds..