[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 39.948629] audit: type=1800 audit(1548629195.676:25): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 39.980673] audit: type=1800 audit(1548629195.686:26): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 40.006098] audit: type=1800 audit(1548629195.686:27): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts. 2019/01/27 22:47:13 parsed 1 programs 2019/01/27 22:47:16 executed programs: 0 syzkaller login: [ 80.512811] IPVS: ftp: loaded support on port[0] = 21 [ 80.533612] IPVS: ftp: loaded support on port[0] = 21 [ 80.533628] IPVS: ftp: loaded support on port[0] = 21 [ 80.547228] IPVS: ftp: loaded support on port[0] = 21 [ 80.557820] IPVS: ftp: loaded support on port[0] = 21 [ 80.567255] IPVS: ftp: loaded support on port[0] = 21 [ 80.960343] chnl_net:caif_netlink_parms(): no params data found [ 80.971686] chnl_net:caif_netlink_parms(): no params data found [ 80.987432] chnl_net:caif_netlink_parms(): no params data found [ 81.000072] chnl_net:caif_netlink_parms(): no params data found [ 81.067939] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.075300] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.082852] device bridge_slave_0 entered promiscuous mode [ 81.135466] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.141878] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.148877] device bridge_slave_1 entered promiscuous mode [ 81.245001] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.252132] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.259092] device bridge_slave_0 entered promiscuous mode [ 81.285397] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.301240] chnl_net:caif_netlink_parms(): no params data found [ 81.315746] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.322198] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.329131] device bridge_slave_1 entered promiscuous mode [ 81.359894] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.367526] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.374272] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.383124] device bridge_slave_0 entered promiscuous mode [ 81.395173] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.402162] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.409126] device bridge_slave_1 entered promiscuous mode [ 81.426748] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.436651] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.443224] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.450327] device bridge_slave_0 entered promiscuous mode [ 81.473046] chnl_net:caif_netlink_parms(): no params data found [ 81.489004] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.497823] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.504413] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.512184] device bridge_slave_1 entered promiscuous mode [ 81.532389] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.546287] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.575936] team0: Port device team_slave_0 added [ 81.588495] team0: Port device team_slave_1 added [ 81.606601] team0: Port device team_slave_0 added [ 81.639545] team0: Port device team_slave_1 added [ 81.651976] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.658333] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.665407] device bridge_slave_0 entered promiscuous mode [ 81.674155] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.690155] team0: Port device team_slave_0 added [ 81.732115] device hsr_slave_0 entered promiscuous mode [ 81.769488] device hsr_slave_1 entered promiscuous mode [ 81.837288] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.845045] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.852329] device bridge_slave_1 entered promiscuous mode [ 81.860230] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.877690] team0: Port device team_slave_1 added [ 81.918098] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.928700] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.936834] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.943439] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.950852] device bridge_slave_0 entered promiscuous mode [ 81.992646] device hsr_slave_0 entered promiscuous mode [ 82.039408] device hsr_slave_1 entered promiscuous mode [ 82.127891] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.136075] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.144707] device bridge_slave_1 entered promiscuous mode [ 82.152407] team0: Port device team_slave_0 added [ 82.262354] device hsr_slave_0 entered promiscuous mode [ 82.329453] device hsr_slave_1 entered promiscuous mode [ 82.381266] team0: Port device team_slave_1 added [ 82.388767] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 82.398523] team0: Port device team_slave_0 added [ 82.413129] team0: Port device team_slave_1 added [ 82.430160] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 82.483738] team0: Port device team_slave_0 added [ 82.532622] device hsr_slave_0 entered promiscuous mode [ 82.589556] device hsr_slave_1 entered promiscuous mode [ 82.692220] device hsr_slave_0 entered promiscuous mode [ 82.739650] device hsr_slave_1 entered promiscuous mode [ 82.810473] team0: Port device team_slave_1 added [ 82.892476] device hsr_slave_0 entered promiscuous mode [ 82.932772] device hsr_slave_1 entered promiscuous mode [ 83.081246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.090473] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.121284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.128846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.138443] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.166542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.173767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.183478] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.204890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.213171] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.221002] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.227385] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.234671] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.242973] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.250742] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.257062] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.264698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.273189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.292057] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.311148] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.323845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.331749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.340067] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.346405] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.353420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 83.361141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.371343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.378851] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.385441] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.392253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 83.400442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.407301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.414267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 83.422037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.429989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.437530] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.443914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.451050] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.492308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 83.500343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.508053] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.516215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.524206] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.533065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.541124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.548695] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.555122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.561959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 83.571137] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.578288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.586560] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.608520] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.625796] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.633127] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.641323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.648823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 83.657047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.664964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.672734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.680353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.691015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.708035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.723044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 83.732126] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.740977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.748457] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.757437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.764451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.780327] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.789676] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.802830] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.810235] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.817393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 83.825252] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.833002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.840165] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.846992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.854616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.866070] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.878460] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.895625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.903583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.911791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.919585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.953944] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.963627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.974915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.983030] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.989442] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.996368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 84.004904] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.012810] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.019147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.025956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 84.034362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 84.042416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 84.050683] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 84.058180] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.064554] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.072415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 84.080384] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.087888] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.094257] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.103582] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.118679] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.141828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.149055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.156822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 84.193068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.203578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 84.212084] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 84.220327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 84.227993] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 84.235757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 84.243562] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 84.251641] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 84.259250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 84.267419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 84.275058] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 84.284840] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 84.294928] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.333657] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.344268] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.369092] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.379904] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.403597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 84.412549] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 84.424846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 84.432861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 84.441618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 84.449643] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 84.457239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 84.465216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 84.473524] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 84.481216] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 84.491582] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 84.498481] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 84.542821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 84.553113] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 84.567839] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.574284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.603287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 84.611387] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.619017] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.625429] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.633024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 84.642512] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.664284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 84.672386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 84.681514] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 84.698531] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.708925] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.723208] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.730448] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 84.737583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 84.745834] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 84.753878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 84.761776] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 84.769560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 84.777091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 84.785706] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 84.814033] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.858553] 8021q: adding VLAN 0 to HW filter on device batadv0 2019/01/27 22:47:21 executed programs: 7 [ 89.686050] [ 89.687725] ===================================================== [ 89.693941] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 89.698606] kobject: 'loop3' (00000000631236d9): kobject_uevent_env [ 89.700685] 5.0.0-rc3+ #48 Not tainted [ 89.700690] ----------------------------------------------------- [ 89.700704] syz-executor2/8206 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 89.700709] 0000000078655a67 (&ctx->fd_wqh){....}, at: aio_poll+0x7b9/0x14e0 [ 89.700734] [ 89.700734] and this task is already holding: [ 89.700738] 000000006f2fe873 (&(&ctx->ctx_lock)->rlock){..-.}, at: aio_poll+0x790/0x14e0 [ 89.707251] kobject: 'loop3' (00000000631236d9): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 89.711010] which would create a new lock dependency: [ 89.711013] (&(&ctx->ctx_lock)->rlock){..-.} -> (&ctx->fd_wqh){....} [ 89.711032] [ 89.711032] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 89.711035] (&(&ctx->ctx_lock)->rlock){..-.} [ 89.711043] [ 89.711043] ... which became SOFTIRQ-irq-safe at: [ 89.711058] lock_acquire+0x1db/0x570 [ 89.711071] _raw_spin_lock_irq+0x60/0x80 [ 89.711093] free_ioctx_users+0xa7/0x6e0 [ 89.797940] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 [ 89.803461] rcu_process_callbacks+0xc4a/0x1680 [ 89.808201] __do_softirq+0x30b/0xb11 [ 89.812070] irq_exit+0x180/0x1d0 [ 89.815600] smp_apic_timer_interrupt+0x1b7/0x760 [ 89.820524] apic_timer_interrupt+0xf/0x20 [ 89.824828] _raw_spin_unlock_irqrestore+0x95/0xe0 [ 89.829850] hrtimer_start_range_ns+0x6ae/0xda0 [ 89.834601] do_nanosleep+0x1a2/0x750 [ 89.838480] hrtimer_nanosleep+0x2e4/0x640 [ 89.842786] __ia32_compat_sys_nanosleep+0x1e7/0x280 [ 89.847967] do_fast_syscall_32+0x333/0xf98 [ 89.852630] entry_SYSENTER_compat+0x70/0x7f [ 89.857103] [ 89.857103] to a SOFTIRQ-irq-unsafe lock: [ 89.862698] (&ctx->fault_pending_wqh){+.+.} [ 89.862704] [ 89.862704] ... which became SOFTIRQ-irq-unsafe at: [ 89.873547] ... [ 89.873560] lock_acquire+0x1db/0x570 [ 89.879296] _raw_spin_lock+0x2f/0x40 [ 89.883164] userfaultfd_release+0x609/0x8c0 [ 89.887638] __fput+0x3c5/0xb10 [ 89.890987] ____fput+0x16/0x20 [ 89.894350] task_work_run+0x1f4/0x2b0 [ 89.898309] get_signal+0x168d/0x19b0 [ 89.902175] do_signal+0x91/0x1ea0 [ 89.905797] exit_to_usermode_loop+0x2f7/0x3b0 [ 89.910462] do_fast_syscall_32+0xc97/0xf98 [ 89.914869] entry_SYSENTER_compat+0x70/0x7f [ 89.919348] [ 89.919348] other info that might help us debug this: [ 89.919348] [ 89.927460] Chain exists of: [ 89.927460] &(&ctx->ctx_lock)->rlock --> &ctx->fd_wqh --> &ctx->fault_pending_wqh [ 89.927460] [ 89.939598] Possible interrupt unsafe locking scenario: [ 89.939598] [ 89.946500] CPU0 CPU1 [ 89.951147] ---- ---- [ 89.955791] lock(&ctx->fault_pending_wqh); [ 89.960177] local_irq_disable(); [ 89.966206] lock(&(&ctx->ctx_lock)->rlock); [ 89.973195] lock(&ctx->fd_wqh); [ 89.979153] [ 89.981893] lock(&(&ctx->ctx_lock)->rlock); [ 89.986538] [ 89.986538] *** DEADLOCK *** [ 89.986538] [ 89.992582] 1 lock held by syz-executor2/8206: [ 89.997141] #0: 000000006f2fe873 (&(&ctx->ctx_lock)->rlock){..-.}, at: aio_poll+0x790/0x14e0 [ 90.005799] [ 90.005799] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 90.014810] -> (&(&ctx->ctx_lock)->rlock){..-.} { [ 90.019642] IN-SOFTIRQ-W at: [ 90.022910] lock_acquire+0x1db/0x570 [ 90.028371] _raw_spin_lock_irq+0x60/0x80 [ 90.034151] free_ioctx_users+0xa7/0x6e0 [ 90.039852] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 [ 90.046951] rcu_process_callbacks+0xc4a/0x1680 [ 90.053259] __do_softirq+0x30b/0xb11 [ 90.058707] irq_exit+0x180/0x1d0 [ 90.063805] smp_apic_timer_interrupt+0x1b7/0x760 [ 90.070278] apic_timer_interrupt+0xf/0x20 [ 90.076146] _raw_spin_unlock_irqrestore+0x95/0xe0 [ 90.082709] hrtimer_start_range_ns+0x6ae/0xda0 [ 90.089014] do_nanosleep+0x1a2/0x750 [ 90.094461] hrtimer_nanosleep+0x2e4/0x640 [ 90.100345] __ia32_compat_sys_nanosleep+0x1e7/0x280 [ 90.107084] do_fast_syscall_32+0x333/0xf98 [ 90.113036] entry_SYSENTER_compat+0x70/0x7f [ 90.119088] INITIAL USE at: [ 90.122267] lock_acquire+0x1db/0x570 [ 90.127628] _raw_spin_lock_irq+0x60/0x80 [ 90.133322] free_ioctx_users+0xa7/0x6e0 [ 90.138922] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 [ 90.145917] rcu_process_callbacks+0xc4a/0x1680 [ 90.152129] __do_softirq+0x30b/0xb11 [ 90.157474] irq_exit+0x180/0x1d0 [ 90.162477] smp_apic_timer_interrupt+0x1b7/0x760 [ 90.168875] apic_timer_interrupt+0xf/0x20 [ 90.174666] _raw_spin_unlock_irqrestore+0x95/0xe0 [ 90.181156] hrtimer_start_range_ns+0x6ae/0xda0 [ 90.187380] do_nanosleep+0x1a2/0x750 [ 90.192725] hrtimer_nanosleep+0x2e4/0x640 [ 90.198503] __ia32_compat_sys_nanosleep+0x1e7/0x280 [ 90.205148] do_fast_syscall_32+0x333/0xf98 [ 90.211013] entry_SYSENTER_compat+0x70/0x7f [ 90.216960] } [ 90.218755] ... key at: [] __key.51949+0x0/0x40 [ 90.225481] ... acquired at: [ 90.228588] lock_acquire+0x1db/0x570 [ 90.232557] _raw_spin_lock+0x2f/0x40 [ 90.236517] aio_poll+0x7b9/0x14e0 [ 90.240210] io_submit_one+0xc39/0x1050 [ 90.244340] __ia32_compat_sys_io_submit+0x1c5/0x5c0 [ 90.249633] do_fast_syscall_32+0x333/0xf98 [ 90.254129] entry_SYSENTER_compat+0x70/0x7f [ 90.258716] [ 90.260321] [ 90.260321] the dependencies between the lock to be acquired [ 90.260324] and SOFTIRQ-irq-unsafe lock: [ 90.271708] -> (&ctx->fault_pending_wqh){+.+.} { [ 90.276534] HARDIRQ-ON-W at: [ 90.279908] lock_acquire+0x1db/0x570 [ 90.285532] _raw_spin_lock+0x2f/0x40 [ 90.291166] userfaultfd_release+0x609/0x8c0 [ 90.297385] __fput+0x3c5/0xb10 [ 90.302487] ____fput+0x16/0x20 [ 90.307577] task_work_run+0x1f4/0x2b0 [ 90.313280] get_signal+0x168d/0x19b0 [ 90.318921] do_signal+0x91/0x1ea0 [ 90.324303] exit_to_usermode_loop+0x2f7/0x3b0 [ 90.330699] do_fast_syscall_32+0xc97/0xf98 [ 90.336838] entry_SYSENTER_compat+0x70/0x7f [ 90.343047] SOFTIRQ-ON-W at: [ 90.346394] lock_acquire+0x1db/0x570 [ 90.351998] _raw_spin_lock+0x2f/0x40 [ 90.357620] userfaultfd_release+0x609/0x8c0 [ 90.363837] __fput+0x3c5/0xb10 [ 90.368939] ____fput+0x16/0x20 [ 90.374021] task_work_run+0x1f4/0x2b0 [ 90.379708] get_signal+0x168d/0x19b0 [ 90.385310] do_signal+0x91/0x1ea0 [ 90.390658] exit_to_usermode_loop+0x2f7/0x3b0 [ 90.397051] do_fast_syscall_32+0xc97/0xf98 [ 90.403193] entry_SYSENTER_compat+0x70/0x7f [ 90.409399] INITIAL USE at: [ 90.412666] lock_acquire+0x1db/0x570 [ 90.418189] _raw_spin_lock+0x2f/0x40 [ 90.423721] userfaultfd_ctx_read+0x690/0x2060 [ 90.430029] userfaultfd_read+0x1e0/0x2c0 [ 90.435891] __vfs_read+0x116/0xb20 [ 90.441233] vfs_read+0x194/0x3e0 [ 90.446404] ksys_read+0x105/0x260 [ 90.451670] __ia32_sys_read+0x71/0xb0 [ 90.457295] do_fast_syscall_32+0x333/0xf98 [ 90.463358] entry_SYSENTER_compat+0x70/0x7f [ 90.469478] } [ 90.471351] ... key at: [] __key.44850+0x0/0x40 [ 90.478162] ... acquired at: [ 90.481348] _raw_spin_lock+0x2f/0x40 [ 90.485311] userfaultfd_ctx_read+0x690/0x2060 [ 90.490057] userfaultfd_read+0x1e0/0x2c0 [ 90.494391] __vfs_read+0x116/0xb20 [ 90.498169] vfs_read+0x194/0x3e0 [ 90.501776] ksys_read+0x105/0x260 [ 90.505471] __ia32_sys_read+0x71/0xb0 [ 90.509543] do_fast_syscall_32+0x333/0xf98 [ 90.514034] entry_SYSENTER_compat+0x70/0x7f [ 90.518602] [ 90.520210] -> (&ctx->fd_wqh){....} { [ 90.523992] INITIAL USE at: [ 90.527168] lock_acquire+0x1db/0x570 [ 90.532511] _raw_spin_lock_irq+0x60/0x80 [ 90.538202] userfaultfd_ctx_read+0x25e/0x2060 [ 90.544337] userfaultfd_read+0x1e0/0x2c0 [ 90.550042] __vfs_read+0x116/0xb20 [ 90.555226] vfs_read+0x194/0x3e0 [ 90.560365] ksys_read+0x105/0x260 [ 90.565449] __ia32_sys_read+0x71/0xb0 [ 90.570887] do_fast_syscall_32+0x333/0xf98 [ 90.576756] entry_SYSENTER_compat+0x70/0x7f [ 90.582702] } [ 90.584489] ... key at: [] __key.44853+0x0/0x40 [ 90.591216] ... acquired at: [ 90.594311] lock_acquire+0x1db/0x570 [ 90.598261] _raw_spin_lock+0x2f/0x40 [ 90.602232] aio_poll+0x7b9/0x14e0 [ 90.605935] io_submit_one+0xc39/0x1050 [ 90.610061] __ia32_compat_sys_io_submit+0x1c5/0x5c0 [ 90.615326] do_fast_syscall_32+0x333/0xf98 [ 90.619802] entry_SYSENTER_compat+0x70/0x7f [ 90.624380] [ 90.625984] [ 90.625984] stack backtrace: [ 90.630471] CPU: 1 PID: 8206 Comm: syz-executor2 Not tainted 5.0.0-rc3+ #48 [ 90.637562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.646925] Call Trace: [ 90.649489] dump_stack+0x1db/0x2d0 [ 90.653108] ? dump_stack_print_info.cold+0x20/0x20 [ 90.658133] ? print_shortest_lock_dependencies.cold+0x176/0x1f0 [ 90.664257] ? vprintk_func+0x86/0x189 [ 90.668127] check_usage.cold+0x5e2/0x917 [ 90.672260] ? check_usage_forwards+0x3e0/0x3e0 [ 90.676909] ? __lock_acquire+0x572/0x4a30 [ 90.681125] ? lockdep_on+0x50/0x50 [ 90.684732] ? lock_pin_lock+0x3a0/0x3a0 [ 90.688780] ? mark_held_locks+0x100/0x100 [ 90.693015] ? save_trace+0x290/0x290 [ 90.696812] __lock_acquire+0x2169/0x4a30 [ 90.700947] ? __lock_acquire+0x2169/0x4a30 [ 90.705258] ? add_lock_to_list.isra.0+0x450/0x450 [ 90.710170] ? mark_held_locks+0x100/0x100 [ 90.714397] ? add_wait_queue+0x1bc/0x300 [ 90.718552] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 90.723645] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 90.728730] ? lockdep_hardirqs_on+0x415/0x5d0 [ 90.733293] ? trace_hardirqs_on+0xbd/0x310 [ 90.737595] ? kasan_check_read+0x11/0x20 [ 90.741738] ? add_wait_queue+0x1bc/0x300 [ 90.745869] ? trace_hardirqs_off_caller+0x300/0x300 [ 90.750967] ? do_raw_spin_trylock+0x270/0x270 [ 90.755560] ? kasan_check_read+0x11/0x20 [ 90.759698] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 90.764788] ? add_wait_queue+0x1bc/0x300 [ 90.768919] ? wait_woken+0x250/0x250 [ 90.772701] ? __fget+0x499/0x710 [ 90.776135] lock_acquire+0x1db/0x570 [ 90.779930] ? aio_poll+0x7b9/0x14e0 [ 90.783631] ? lock_release+0xc40/0xc40 [ 90.787618] ? rwlock_bug.part.0+0x90/0x90 [ 90.791850] ? trace_hardirqs_on_caller+0x310/0x310 [ 90.796847] ? add_lock_to_list.isra.0+0x450/0x450 [ 90.801758] _raw_spin_lock+0x2f/0x40 [ 90.805539] ? aio_poll+0x7b9/0x14e0 [ 90.809242] aio_poll+0x7b9/0x14e0 [ 90.812768] ? init_once_userfaultfd_ctx+0xd0/0xd0 [ 90.817683] ? free_ioctx_users+0x6e0/0x6e0 [ 90.821989] ? aio_setup_rw+0x180/0x180 [ 90.825949] ? find_held_lock+0x35/0x120 [ 90.830002] ? __might_fault+0x12b/0x1e0 [ 90.834057] ? lock_acquire+0x1db/0x570 [ 90.838014] ? lock_downgrade+0x910/0x910 [ 90.842152] ? lock_release+0xc40/0xc40 [ 90.846122] ? lock_downgrade+0x910/0x910 [ 90.850252] ? kasan_check_read+0x11/0x20 [ 90.854382] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 90.859671] io_submit_one+0xc39/0x1050 [ 90.863626] ? io_submit_one+0xc39/0x1050 [ 90.867768] ? aio_poll+0x14e0/0x14e0 [ 90.871551] ? lock_downgrade+0x910/0x910 [ 90.875722] __ia32_compat_sys_io_submit+0x1c5/0x5c0 [ 90.880807] ? __ia32_sys_io_submit+0x5c0/0x5c0 [ 90.885458] ? do_fast_syscall_32+0x13b/0xf98 [ 90.889947] ? lockdep_hardirqs_on+0x415/0x5d0 [ 90.894506] ? trace_hardirqs_on+0xbd/0x310 [ 90.898807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.904323] ? entry_SYSENTER_compat+0x70/0x7f [ 90.908886] ? trace_hardirqs_off_caller+0x300/0x300 [ 90.913967] ? trace_hardirqs_off+0xb8/0x310 [ 90.918357] do_fast_syscall_32+0x333/0xf98 [ 90.922671] ? __ia32_sys_io_submit+0x5c0/0x5c0 [ 90.927322] ? do_fast_syscall_32+0x333/0xf98 [ 90.931815] ? do_int80_syscall_32+0x880/0x880 [ 90.936420] ? trace_hardirqs_off+0x310/0x310 [ 90.940926] ? syscall_return_slowpath+0x3b0/0x5f0 [ 90.945837] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 90.950836] ? __switch_to_asm+0x34/0x70 [ 90.954889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.959726] entry_SYSENTER_compat+0x70/0x7f [ 90.964128] RIP: 0023:0xf7f5e869 [ 90.967474] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 90.986352] RSP: 002b:00000000f7ed50cc EFLAGS: 00000296 ORIG_RAX: 00000000000000f8 [ 90.994049] RAX: ffffffffffffffda RBX: 00000000f7f18000 RCX: 0000000000000001 [ 91.001295] RDX: 0000000020000600 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.008543] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.015792] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 91.023042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2019/01/27 22:47:26 executed programs: 34 [ 91.111755] kobject: 'loop5' (0000000054021b11): kobject_uevent_env [ 91.118343] kobject: 'loop5' (0000000054021b11): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 91.131696] kobject: 'loop2' (0000000041d5a236): kobject_uevent_env [ 91.145994] kobject: 'loop2' (0000000041d5a236): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 91.164429] kobject: 'loop1' (00000000fdd75042): kobject_uevent_env [ 91.171342] kobject: 'loop1' (00000000fdd75042): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 91.181512] kobject: 'loop3' (00000000631236d9): kobject_uevent_env [ 91.188021] kobject: 'loop3' (00000000631236d9): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 91.204693] kobject: 'loop4' (000000005169dc26): kobject_uevent_env [