[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 69.002428][ T27] audit: type=1800 audit(1583376335.687:25): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 69.022182][ T27] audit: type=1800 audit(1583376335.687:26): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 69.074948][ T27] audit: type=1800 audit(1583376335.697:27): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 81.530354][ T9604] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 81.540618][ T9604] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 81.553202][ T9604] netlink: 'syz-executor673': attribute type 1 has an invalid length. [ 81.606128][ T9604] bond1: (slave gretap1): making interface the new active one [ 81.625420][ T9604] [ 81.627796][ T9604] ====================================================== [ 81.634807][ T9604] WARNING: possible circular locking dependency detected [ 81.641821][ T9604] 5.6.0-rc2-syzkaller #0 Not tainted [ 81.647091][ T9604] ------------------------------------------------------ [ 81.654103][ T9604] syz-executor673/9604 is trying to acquire lock: [ 81.660506][ T9604] ffffffff8a5d27a0 (lock#3){+.+.}, at: cma_netdev_callback+0xc6/0x380 [ 81.668664][ T9604] [ 81.668664][ T9604] but task is already holding lock: [ 81.676022][ T9604] ffffffff8a74d740 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 81.684448][ T9604] [ 81.684448][ T9604] which lock already depends on the new lock. [ 81.684448][ T9604] [ 81.694844][ T9604] [ 81.694844][ T9604] the existing dependency chain (in reverse order) is: [ 81.703862][ T9604] [ 81.703862][ T9604] -> #1 (rtnl_mutex){+.+.}: [ 81.710545][ T9604] __mutex_lock+0x156/0x13c0 [ 81.715652][ T9604] mutex_lock_nested+0x16/0x20 [ 81.720938][ T9604] rtnl_lock+0x17/0x20 [ 81.725550][ T9604] siw_create_listen+0x329/0xed0 [ 81.731113][ T9604] iw_cm_listen+0x16e/0x1f0 [ 81.736139][ T9604] rdma_listen+0x613/0x970 [ 81.741078][ T9604] cma_listen_on_dev+0x530/0x6a0 [ 81.746538][ T9604] cma_add_one+0x6fe/0xbf0 [ 81.751477][ T9604] add_client_context+0x3dd/0x550 [ 81.757019][ T9604] enable_device_and_get+0x1df/0x3c0 [ 81.762823][ T9604] ib_register_device+0xa89/0xe40 [ 81.768367][ T9604] siw_newlink+0xdef/0x1310 [ 81.773388][ T9604] nldev_newlink+0x28a/0x430 [ 81.778493][ T9604] rdma_nl_rcv+0x5d9/0x980 [ 81.783434][ T9604] netlink_unicast+0x59e/0x7e0 [ 81.788714][ T9604] netlink_sendmsg+0x91c/0xea0 [ 81.793993][ T9604] sock_sendmsg+0xd7/0x130 [ 81.798925][ T9604] ____sys_sendmsg+0x753/0x880 [ 81.804220][ T9604] ___sys_sendmsg+0x100/0x170 [ 81.809436][ T9604] __sys_sendmsg+0x105/0x1d0 [ 81.814544][ T9604] __x64_sys_sendmsg+0x78/0xb0 [ 81.819835][ T9604] do_syscall_64+0xfa/0x790 [ 81.824859][ T9604] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.831257][ T9604] [ 81.831257][ T9604] -> #0 (lock#3){+.+.}: [ 81.837591][ T9604] __lock_acquire+0x2596/0x4a00 [ 81.842964][ T9604] lock_acquire+0x190/0x410 [ 81.848063][ T9604] __mutex_lock+0x156/0x13c0 [ 81.853174][ T9604] mutex_lock_nested+0x16/0x20 [ 81.858456][ T9604] cma_netdev_callback+0xc6/0x380 [ 81.863999][ T9604] notifier_call_chain+0xc2/0x230 [ 81.869542][ T9604] raw_notifier_call_chain+0x2e/0x40 [ 81.875345][ T9604] call_netdevice_notifiers_info+0xba/0x130 [ 81.881758][ T9604] call_netdevice_notifiers+0x79/0xa0 [ 81.887652][ T9604] bond_change_active_slave+0x8a8/0x2050 [ 81.893805][ T9604] bond_select_active_slave+0x276/0xae0 [ 81.899873][ T9604] bond_enslave+0x44ef/0x4af0 [ 81.905070][ T9604] do_set_master+0x1dd/0x240 [ 81.910175][ T9604] __rtnl_newlink+0x13a3/0x1790 [ 81.915667][ T9604] rtnl_newlink+0x69/0xa0 [ 81.920512][ T9604] rtnetlink_rcv_msg+0x45e/0xaf0 [ 81.925967][ T9604] netlink_rcv_skb+0x177/0x450 [ 81.931254][ T9604] rtnetlink_rcv+0x1d/0x30 [ 81.936187][ T9604] netlink_unicast+0x59e/0x7e0 [ 81.941469][ T9604] netlink_sendmsg+0x91c/0xea0 [ 81.946751][ T9604] sock_sendmsg+0xd7/0x130 [ 81.951683][ T9604] ____sys_sendmsg+0x753/0x880 [ 81.957076][ T9604] ___sys_sendmsg+0x100/0x170 [ 81.962270][ T9604] __sys_sendmsg+0x105/0x1d0 [ 81.967377][ T9604] __x64_sys_sendmsg+0x78/0xb0 [ 81.972658][ T9604] do_syscall_64+0xfa/0x790 [ 81.977684][ T9604] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.984187][ T9604] [ 81.984187][ T9604] other info that might help us debug this: [ 81.984187][ T9604] [ 81.994521][ T9604] Possible unsafe locking scenario: [ 81.994521][ T9604] [ 82.001963][ T9604] CPU0 CPU1 [ 82.007320][ T9604] ---- ---- [ 82.012676][ T9604] lock(rtnl_mutex); [ 82.016736][ T9604] lock(lock#3); [ 82.022881][ T9604] lock(rtnl_mutex); [ 82.029426][ T9604] lock(lock#3); [ 82.033054][ T9604] [ 82.033054][ T9604] *** DEADLOCK *** [ 82.033054][ T9604] [ 82.041226][ T9604] 1 lock held by syz-executor673/9604: [ 82.046671][ T9604] #0: ffffffff8a74d740 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 82.055531][ T9604] [ 82.055531][ T9604] stack backtrace: [ 82.061425][ T9604] CPU: 0 PID: 9604 Comm: syz-executor673 Not tainted 5.6.0-rc2-syzkaller #0 [ 82.070082][ T9604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.080129][ T9604] Call Trace: [ 82.083426][ T9604] dump_stack+0x197/0x210 [ 82.087756][ T9604] print_circular_bug.isra.0.cold+0x163/0x172 [ 82.093826][ T9604] check_noncircular+0x32e/0x3e0 [ 82.098766][ T9604] ? print_circular_bug.isra.0+0x230/0x230 [ 82.104699][ T9604] ? alloc_list_entry+0xc0/0xc0 [ 82.109550][ T9604] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 82.115788][ T9604] ? find_first_zero_bit+0x9a/0xc0 [ 82.120904][ T9604] __lock_acquire+0x2596/0x4a00 [ 82.125862][ T9604] ? mark_held_locks+0xf0/0xf0 [ 82.130651][ T9604] lock_acquire+0x190/0x410 [ 82.135155][ T9604] ? cma_netdev_callback+0xc6/0x380 [ 82.140365][ T9604] __mutex_lock+0x156/0x13c0 [ 82.144956][ T9604] ? cma_netdev_callback+0xc6/0x380 [ 82.150157][ T9604] ? cfg80211_netdev_notifier_call+0x186/0x17bb [ 82.156394][ T9604] ? queue_work_on+0xef/0x210 [ 82.161069][ T9604] ? cma_netdev_callback+0xc6/0x380 [ 82.166270][ T9604] ? cfg80211_init_wdev+0x500/0x500 [ 82.171465][ T9604] ? mutex_trylock+0x2d0/0x2d0 [ 82.176231][ T9604] ? __kasan_check_read+0x11/0x20 [ 82.181262][ T9604] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 82.187156][ T9604] ? tun_device_event+0x76/0x10e0 [ 82.192288][ T9604] mutex_lock_nested+0x16/0x20 [ 82.197048][ T9604] ? mutex_lock_nested+0x16/0x20 [ 82.201985][ T9604] cma_netdev_callback+0xc6/0x380 [ 82.207009][ T9604] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 82.212900][ T9604] notifier_call_chain+0xc2/0x230 [ 82.217924][ T9604] raw_notifier_call_chain+0x2e/0x40 [ 82.223210][ T9604] call_netdevice_notifiers_info+0xba/0x130 [ 82.229103][ T9604] call_netdevice_notifiers+0x79/0xa0 [ 82.234473][ T9604] ? call_netdevice_notifiers_info+0x130/0x130 [ 82.240627][ T9604] ? queue_delayed_work_on+0x134/0x210 [ 82.246091][ T9604] bond_change_active_slave+0x8a8/0x2050 [ 82.251729][ T9604] ? bond_slave_link_status+0x70/0x70 [ 82.257107][ T9604] bond_select_active_slave+0x276/0xae0 [ 82.262656][ T9604] ? bond_change_active_slave+0x2050/0x2050 [ 82.268549][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.274790][ T9604] bond_enslave+0x44ef/0x4af0 [ 82.279484][ T9604] ? bond_update_slave_arr+0x880/0x880 [ 82.284939][ T9604] ? rtmsg_ifinfo+0x61/0xa0 [ 82.289446][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.295685][ T9604] ? __dev_notify_flags+0x183/0x2c0 [ 82.300884][ T9604] ? dev_change_name+0x930/0x930 [ 82.305829][ T9604] ? alloc_netdev_mqs+0xa78/0xe40 [ 82.310856][ T9604] ? __kasan_check_read+0x11/0x20 [ 82.315997][ T9604] ? mutex_is_locked+0x12/0x50 [ 82.320762][ T9604] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 82.326486][ T9604] ? bond_update_slave_arr+0x880/0x880 [ 82.331941][ T9604] do_set_master+0x1dd/0x240 [ 82.336531][ T9604] __rtnl_newlink+0x13a3/0x1790 [ 82.341376][ T9604] ? lock_downgrade+0x920/0x920 [ 82.346231][ T9604] ? rtnl_link_unregister+0x250/0x250 [ 82.351604][ T9604] ? is_bpf_image_address+0x1da/0x290 [ 82.356983][ T9604] ? __kernel_text_address+0xd/0x40 [ 82.362182][ T9604] ? unwind_get_return_address+0x61/0xa0 [ 82.367814][ T9604] ? profile_setup.cold+0xbb/0xbb [ 82.372846][ T9604] ? arch_stack_walk+0x97/0xf0 [ 82.377613][ T9604] ? stack_trace_save+0x8f/0xc0 [ 82.382461][ T9604] ? stack_trace_consume_entry+0x170/0x170 [ 82.388281][ T9604] ? is_bpf_image_address+0x1b8/0x290 [ 82.393658][ T9604] ? save_stack+0x5c/0x90 [ 82.397979][ T9604] ? save_stack+0x23/0x90 [ 82.402310][ T9604] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 82.408130][ T9604] ? rtnl_newlink+0x4b/0xa0 [ 82.412628][ T9604] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 82.418171][ T9604] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 82.424160][ T9604] rtnl_newlink+0x69/0xa0 [ 82.428484][ T9604] ? __rtnl_newlink+0x1790/0x1790 [ 82.433502][ T9604] rtnetlink_rcv_msg+0x45e/0xaf0 [ 82.438436][ T9604] ? rtnl_bridge_getlink+0x910/0x910 [ 82.443716][ T9604] ? lock_downgrade+0x920/0x920 [ 82.448562][ T9604] ? netlink_deliver_tap+0x226/0xbf0 [ 82.453942][ T9604] ? find_held_lock+0x35/0x130 [ 82.458704][ T9604] netlink_rcv_skb+0x177/0x450 [ 82.463459][ T9604] ? rtnl_bridge_getlink+0x910/0x910 [ 82.468740][ T9604] ? netlink_ack+0xb50/0xb50 [ 82.473330][ T9604] ? __kasan_check_read+0x11/0x20 [ 82.478351][ T9604] ? netlink_deliver_tap+0x248/0xbf0 [ 82.483633][ T9604] rtnetlink_rcv+0x1d/0x30 [ 82.488040][ T9604] netlink_unicast+0x59e/0x7e0 [ 82.492801][ T9604] ? netlink_attachskb+0x870/0x870 [ 82.497912][ T9604] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 82.503628][ T9604] ? __check_object_size+0x3d/0x437 [ 82.508835][ T9604] netlink_sendmsg+0x91c/0xea0 [ 82.513613][ T9604] ? netlink_unicast+0x7e0/0x7e0 [ 82.518566][ T9604] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 82.524114][ T9604] ? apparmor_socket_sendmsg+0x2a/0x30 [ 82.529571][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.535808][ T9604] ? security_socket_sendmsg+0x8d/0xc0 [ 82.541263][ T9604] ? netlink_unicast+0x7e0/0x7e0 [ 82.546203][ T9604] sock_sendmsg+0xd7/0x130 [ 82.550616][ T9604] ____sys_sendmsg+0x753/0x880 [ 82.555378][ T9604] ? kernel_sendmsg+0x50/0x50 [ 82.560060][ T9604] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 82.565607][ T9604] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 82.571590][ T9604] ___sys_sendmsg+0x100/0x170 [ 82.576263][ T9604] ? sendmsg_copy_msghdr+0x70/0x70 [ 82.581468][ T9604] ? __kasan_check_read+0x11/0x20 [ 82.586495][ T9604] ? __lock_acquire+0x8a0/0x4a00 [ 82.591435][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.597676][ T9604] ? __this_cpu_preempt_check+0x35/0x190 [ 82.603313][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.609556][ T9604] ? percpu_counter_add_batch+0x13c/0x190 [ 82.615377][ T9604] ? __fd_install+0x1bc/0x640 [ 82.620049][ T9604] ? find_held_lock+0x35/0x130 [ 82.624812][ T9604] ? __fd_install+0x1bc/0x640 [ 82.629496][ T9604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.635735][ T9604] ? __fget_light+0x1ad/0x270 [ 82.640410][ T9604] ? __fdget+0x1b/0x20 [ 82.644477][ T9604] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 82.650718][ T9604] __sys_sendmsg+0x105/0x1d0 [ 82.655327][ T9604] ? __sys_sendmsg_sock+0xc0/0xc0 [ 82.660350][ T9604] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 82.666334][ T9604] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.671801][ T9604] ? do_syscall_64+0x26/0x790 [ 82.676477][ T9604] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.682549][ T9604] ? do_syscall_64+0x26/0x790 [ 82.687228][ T9604] __x64_sys_sendmsg+0x78/0xb0 [ 82.691994][ T9604] do_syscall_64+0xfa/0x790 [ 82.696501][ T9604] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.702387][ T9604] RIP: 0033:0x440529 [ 82.706275][ T9604] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.725870][ T9604] RSP: 002b:00007ffea3270b78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.734276][ T9604] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529 [ 82.742243][ T9604] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 82.750213][ T9604] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 82.758180][ T9604] R10: 0000000