DUID 00:04:1b:4d:40:85:b1:6b:61:74:2c:72:11:ce:21:17:3d:97 forked to background, child pid 3169 [ 29.540156][ T3170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.559065][ T3170] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.101' (ECDSA) to the list of known hosts. syzkaller login: [ 73.035566][ T3584] cgroup: Unknown subsys name 'net' [ 73.172739][ T3584] cgroup: Unknown subsys name 'rlimit' executing program [ 73.466203][ T3586] [ 73.468552][ T3586] ====================================================== [ 73.475575][ T3586] WARNING: possible circular locking dependency detected [ 73.482587][ T3586] 5.15.104-syzkaller #0 Not tainted [ 73.487863][ T3586] ------------------------------------------------------ [ 73.494884][ T3586] syz-executor337/3586 is trying to acquire lock: [ 73.501275][ T3586] ffffffff8ceb9a70 ((crypto_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x5e/0x1b0 [ 73.511986][ T3586] [ 73.511986][ T3586] but task is already holding lock: [ 73.519330][ T3586] ffff888141b911b8 (&sb->s_type->i_mutex_key#19){+.+.}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 73.529332][ T3586] [ 73.529332][ T3586] which lock already depends on the new lock. [ 73.529332][ T3586] [ 73.539724][ T3586] [ 73.539724][ T3586] the existing dependency chain (in reverse order) is: [ 73.548723][ T3586] [ 73.548723][ T3586] -> #3 (&sb->s_type->i_mutex_key#19){+.+.}-{3:3}: [ 73.557418][ T3586] lock_acquire+0x1db/0x4f0 [ 73.562544][ T3586] down_write+0x97/0x170 [ 73.567306][ T3586] hugetlbfs_file_mmap+0x2bc/0x580 [ 73.572934][ T3586] mmap_region+0x10e7/0x1670 [ 73.578149][ T3586] do_mmap+0x78d/0xe00 [ 73.582837][ T3586] vm_mmap_pgoff+0x1ca/0x2d0 [ 73.587952][ T3586] ksys_mmap_pgoff+0x559/0x780 [ 73.593240][ T3586] do_syscall_64+0x3d/0xb0 [ 73.598165][ T3586] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 73.604585][ T3586] [ 73.604585][ T3586] -> #2 (&mm->mmap_lock#2){++++}-{3:3}: [ 73.612305][ T3586] lock_acquire+0x1db/0x4f0 [ 73.617315][ T3586] down_write+0x97/0x170 [ 73.622071][ T3586] mpol_rebind_mm+0x34/0x2b0 [ 73.627177][ T3586] cpuset_attach+0x393/0x540 [ 73.632277][ T3586] cgroup_migrate_execute+0x7fb/0x10e0 [ 73.638242][ T3586] cgroup_attach_task+0x58a/0x840 [ 73.643789][ T3586] __cgroup1_procs_write+0x2ec/0x460 [ 73.649584][ T3586] cgroup_file_write+0x2ac/0x670 [ 73.655031][ T3586] kernfs_fop_write_iter+0x3a2/0x4f0 [ 73.660837][ T3586] vfs_write+0xacf/0xe50 [ 73.665586][ T3586] ksys_write+0x1a2/0x2c0 [ 73.670422][ T3586] do_syscall_64+0x3d/0xb0 [ 73.675349][ T3586] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 73.681753][ T3586] [ 73.681753][ T3586] -> #1 (&cpuset_rwsem){++++}-{0:0}: [ 73.689227][ T3586] lock_acquire+0x1db/0x4f0 [ 73.694247][ T3586] cpuset_read_lock+0x40/0x150 [ 73.699525][ T3586] __sched_setscheduler+0x626/0x1df0 [ 73.705326][ T3586] sched_setscheduler_nocheck+0x187/0x2d0 [ 73.711562][ T3586] __kthread_create_on_node+0x31b/0x3f0 [ 73.717621][ T3586] kthread_create_on_node+0xda/0x120 [ 73.723423][ T3586] cryptomgr_notify+0x125/0xc70 [ 73.728787][ T3586] blocking_notifier_call_chain+0x104/0x1b0 [ 73.735222][ T3586] crypto_probing_notify+0x21/0x70 [ 73.740849][ T3586] crypto_wait_for_test+0x3e/0xd0 [ 73.746390][ T3586] crypto_register_alg+0x25b/0x330 [ 73.752011][ T3586] do_one_initcall+0x22b/0x7a0 [ 73.757286][ T3586] do_initcall_level+0x157/0x207 [ 73.762741][ T3586] do_initcalls+0x49/0x86 [ 73.767593][ T3586] kernel_init_freeable+0x43c/0x5c5 [ 73.773302][ T3586] kernel_init+0x19/0x290 [ 73.778137][ T3586] ret_from_fork+0x1f/0x30 [ 73.783059][ T3586] [ 73.783059][ T3586] -> #0 ((crypto_chain).rwsem){++++}-{3:3}: [ 73.791119][ T3586] validate_chain+0x1646/0x58b0 [ 73.796476][ T3586] __lock_acquire+0x1295/0x1ff0 [ 73.801836][ T3586] lock_acquire+0x1db/0x4f0 [ 73.806854][ T3586] down_read+0x3b/0x50 [ 73.811468][ T3586] blocking_notifier_call_chain+0x5e/0x1b0 [ 73.817798][ T3586] crypto_alg_mod_lookup+0x4e6/0x710 [ 73.823596][ T3586] crypto_has_alg+0x22/0x110 [ 73.828698][ T3586] ima_inode_setxattr+0x836/0xa10 [ 73.834235][ T3586] security_inode_setxattr+0x1b0/0x230 [ 73.840229][ T3586] __vfs_setxattr_locked+0xa6/0x240 [ 73.845932][ T3586] vfs_setxattr+0x21d/0x420 [ 73.850942][ T3586] setxattr+0x27e/0x2e0 [ 73.855623][ T3586] __se_sys_fsetxattr+0x194/0x210 [ 73.861157][ T3586] do_syscall_64+0x3d/0xb0 [ 73.866083][ T3586] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 73.872484][ T3586] [ 73.872484][ T3586] other info that might help us debug this: [ 73.872484][ T3586] [ 73.882694][ T3586] Chain exists of: [ 73.882694][ T3586] (crypto_chain).rwsem --> &mm->mmap_lock#2 --> &sb->s_type->i_mutex_key#19 [ 73.882694][ T3586] [ 73.897288][ T3586] Possible unsafe locking scenario: [ 73.897288][ T3586] [ 73.904723][ T3586] CPU0 CPU1 [ 73.910074][ T3586] ---- ---- [ 73.915422][ T3586] lock(&sb->s_type->i_mutex_key#19); [ 73.920884][ T3586] lock(&mm->mmap_lock#2); [ 73.927902][ T3586] lock(&sb->s_type->i_mutex_key#19); [ 73.935881][ T3586] lock((crypto_chain).rwsem); [ 73.940718][ T3586] [ 73.940718][ T3586] *** DEADLOCK *** [ 73.940718][ T3586] [ 73.948855][ T3586] 2 locks held by syz-executor337/3586: [ 73.954382][ T3586] #0: ffff888141b8c460 (sb_writers#11){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0 [ 73.964156][ T3586] #1: ffff888141b911b8 (&sb->s_type->i_mutex_key#19){+.+.}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 73.974584][ T3586] [ 73.974584][ T3586] stack backtrace: [ 73.980466][ T3586] CPU: 1 PID: 3586 Comm: syz-executor337 Not tainted 5.15.104-syzkaller #0 [ 73.989038][ T3586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 73.999092][ T3586] Call Trace: [ 74.002391][ T3586] [ 74.005666][ T3586] dump_stack_lvl+0x1e3/0x2cb [ 74.010346][ T3586] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 74.015971][ T3586] ? print_circular_bug+0x12b/0x1a0 [ 74.021259][ T3586] check_noncircular+0x2f8/0x3b0 [ 74.026195][ T3586] ? add_chain_block+0x850/0x850 [ 74.031122][ T3586] ? add_chain_block+0x850/0x850 [ 74.036050][ T3586] ? lockdep_lock+0x11f/0x2a0 [ 74.040737][ T3586] ? validate_chain+0x13b7/0x58b0 [ 74.045767][ T3586] validate_chain+0x1646/0x58b0 [ 74.050612][ T3586] ? mark_lock+0x98/0x340 [ 74.054933][ T3586] ? reacquire_held_locks+0x660/0x660 [ 74.060308][ T3586] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 74.066289][ T3586] ? reacquire_held_locks+0x660/0x660 [ 74.071672][ T3586] ? print_irqtrace_events+0x210/0x210 [ 74.077128][ T3586] ? do_raw_spin_unlock+0x137/0x8b0 [ 74.082323][ T3586] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 74.088206][ T3586] ? _raw_spin_unlock+0x40/0x40 [ 74.093044][ T3586] ? stack_trace_save+0x113/0x1c0 [ 74.098052][ T3586] ? mark_lock+0x98/0x340 [ 74.102385][ T3586] ? mark_lock+0x98/0x340 [ 74.106718][ T3586] __lock_acquire+0x1295/0x1ff0 [ 74.111571][ T3586] lock_acquire+0x1db/0x4f0 [ 74.116066][ T3586] ? blocking_notifier_call_chain+0x5e/0x1b0 [ 74.122041][ T3586] ? read_lock_is_recursive+0x10/0x10 [ 74.127410][ T3586] ? __might_sleep+0xc0/0xc0 [ 74.131997][ T3586] ? lockdep_init_map_type+0x9d/0x8d0 [ 74.137828][ T3586] ? up_write+0x133/0x4d0 [ 74.142154][ T3586] down_read+0x3b/0x50 [ 74.146214][ T3586] ? blocking_notifier_call_chain+0x5e/0x1b0 [ 74.152187][ T3586] blocking_notifier_call_chain+0x5e/0x1b0 [ 74.157987][ T3586] crypto_alg_mod_lookup+0x4e6/0x710 [ 74.163276][ T3586] crypto_has_alg+0x22/0x110 [ 74.167869][ T3586] ima_inode_setxattr+0x836/0xa10 [ 74.172897][ T3586] ? ima_inode_post_setattr+0x380/0x380 [ 74.178461][ T3586] security_inode_setxattr+0x1b0/0x230 [ 74.183930][ T3586] __vfs_setxattr_locked+0xa6/0x240 [ 74.189126][ T3586] vfs_setxattr+0x21d/0x420 [ 74.193620][ T3586] ? xattr_permission+0x4f0/0x4f0 [ 74.198634][ T3586] ? __might_fault+0xb4/0x110 [ 74.203306][ T3586] ? _copy_from_user+0x10f/0x170 [ 74.208233][ T3586] setxattr+0x27e/0x2e0 [ 74.212389][ T3586] ? path_setxattr+0x2a0/0x2a0 [ 74.217150][ T3586] ? preempt_count_add+0x8f/0x180 [ 74.222164][ T3586] ? __mnt_want_write+0x1e6/0x260 [ 74.227179][ T3586] __se_sys_fsetxattr+0x194/0x210 [ 74.232191][ T3586] do_syscall_64+0x3d/0xb0 [ 74.236602][ T3586] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 74.242493][ T3586] RIP: 0033:0x7f03d9a57e29 [ 74.246896][ T3586] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 74.266493][ T3586] RSP: 002b:00007ffe6af9dc28 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 74.274894][ T3586] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f03d9a57e29 [ 74.282953][ T3586] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000004 [ 74.290930][ T3586] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffe6af9dc50 [ 74.298899][ T3586] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe6af9dc4c [ 74.306861][ T3586] R13: 00007ffe6af9dc60 R14: 00007ffe6af9dca0 R15: 0000000000000000 [ 74.314828][ T3586] executing program [ 74.335560][ T26] audit: type=1800 audit(1679837391.992:2): pid=3586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=28238 res=0 errno=0 executing program [ 74.395294][ T26] audit: type=1800 audit(1679837392.052:3): pid=3590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27112 res=0 errno=0 executing program [ 74.453844][ T26] audit: type=1800 audit(1679837392.112:4): pid=3594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27114 res=0 errno=0 executing program [ 74.498977][ T26] audit: type=1800 audit(1679837392.162:5): pid=3598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27118 res=0 errno=0 executing program [ 74.545366][ T26] audit: type=1800 audit(1679837392.212:6): pid=3602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27122 res=0 errno=0 executing program [ 74.590801][ T26] audit: type=1800 audit(1679837392.252:7): pid=3606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27126 res=0 errno=0 executing program [ 74.636385][ T26] audit: type=1800 audit(1679837392.302:8): pid=3610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27130 res=0 errno=0 executing program [ 74.683270][ T26] audit: type=1800 audit(1679837392.342:9): pid=3614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27134 res=0 errno=0 executing program [ 74.731661][ T26] audit: type=1800 audit(1679837392.392:10): pid=3618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27138 res=0 errno=0 executing program executing program [ 74.777231][ T26] audit: type=1800 audit(1679837392.442:11): pid=3622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27142 res=0 errno=0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 76.196236][ T13] cfg80211: failed to load regulatory.db executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 79.361528][ T26] kauditd_printk_skb: 114 callbacks suppressed [ 79.361543][ T26] audit: type=1800 audit(1679837397.022:126): pid=4083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27388 res=0 errno=0 executing program [ 79.429762][ T26] audit: type=1800 audit(1679837397.092:127): pid=4087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27392 res=0 errno=0 executing program [ 79.490511][ T26] audit: type=1800 audit(1679837397.152:128): pid=4092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27396 res=0 errno=0 executing program [ 79.554221][ T26] audit: type=1800 audit(1679837397.212:129): pid=4096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27400 res=0 errno=0 executing program [ 79.597082][ T26] audit: type=1800 audit(1679837397.262:130): pid=4100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27404 res=0 errno=0 executing program [ 79.660340][ T26] audit: type=1800 audit(1679837397.322:131): pid=4104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27408 res=0 errno=0 executing program [ 79.703081][ T26] audit: type=1800 audit(1679837397.362:132): pid=4108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27412 res=0 errno=0 executing program [ 79.760882][ T26] audit: type=1800 audit(1679837397.422:133): pid=4112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27416 res=0 errno=0 executing program [ 79.808453][ T26] audit: type=1800 audit(1679837397.472:134): pid=4116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=27420 res=0 errno=0 executing program executing program [ 79.870039][ T26] audit: type=1800 audit(1679837397.532:135): pid=4120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz-executor337" name="/" dev="hugetlbfs" ino=28466 res=0 errno=0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program