[ 64.868992][ T26] audit: type=1804 audit(1569364774.247:48): pid=9145 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="init" name="/run/utmp" dev="sda1" ino=1421 res=1 [ 64.869027][ T26] audit: type=1804 audit(1569364774.257:49): pid=9141 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="init" name="/run/utmp" dev="sda1" ino=1421 res=1 [ 64.869050][ T26] audit: type=1804 audit(1569364774.257:50): pid=9141 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="init" name="/run/utmp" dev="sda1" ino=1421 res=1 [ 64.880835][ T26] audit: type=1804 audit(1569364774.277:51): pid=9145 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="getty" name="/run/utmp" dev="sda1" ino=1421 res=1 [ 64.954356][ T26] audit: type=1804 audit(1569364774.327:52): pid=9141 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="getty" name="/run/utmp" dev="sda1" ino=1421 res=1 [ 64.975724][ T26] audit: type=1804 audit(1569364774.327:53): pid=9141 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="getty" name="/run/utmp" dev="sda1" ino=1421 res=1 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.240' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 75.864427][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 75.864443][ T26] audit: type=1400 audit(1569364785.267:64): avc: denied { map } for pid=9168 comm="syz-executor845" path="/root/syz-executor845810289" dev="sda1" ino=16504 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 75.908563][ T9169] IPVS: ftp: loaded support on port[0] = 21 [ 75.944431][ T9170] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:935 [ 75.953933][ T9170] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9170, name: syz-executor845 [ 75.963575][ T9170] 2 locks held by syz-executor845/9170: [ 75.969148][ T9170] #0: ffffffff899a12a0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 [ 75.978057][ T9170] #1: ffff8880a0d3f740 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x257/0xe90 [ 75.987407][ T9170] Preemption disabled at: [ 75.987434][ T9170] [] sfb_change+0x257/0xe90 [ 75.997853][ T9170] CPU: 1 PID: 9170 Comm: syz-executor845 Not tainted 5.3.0+ #0 [ 76.005661][ T9170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.015936][ T9170] Call Trace: [ 76.019232][ T9170] dump_stack+0x172/0x1f0 [ 76.023557][ T9170] ? sfb_change+0x257/0xe90 [ 76.028150][ T9170] ___might_sleep.cold+0x1fb/0x23e [ 76.033255][ T9170] __might_sleep+0x95/0x190 [ 76.037757][ T9170] __mutex_lock+0xc5/0x13c0 [ 76.042324][ T9170] ? tcf_chain0_head_change_cb_del.isra.0+0x34/0x3e0 [ 76.049099][ T9170] ? save_stack+0x5c/0x90 [ 76.053485][ T9170] ? save_stack+0x23/0x90 [ 76.057808][ T9170] ? mutex_trylock+0x2d0/0x2d0 [ 76.062868][ T9170] ? fifo_set_limit+0x1a9/0x210 [ 76.067711][ T9170] ? fifo_create_dflt+0x90/0xf0 [ 76.072754][ T9170] ? sfb_change+0x18d/0xe90 [ 76.077251][ T9170] ? tc_modify_qdisc+0xfcf/0x1c50 [ 76.082266][ T9170] ? rtnetlink_rcv_msg+0x463/0xb00 [ 76.087368][ T9170] ? netlink_rcv_skb+0x177/0x450 [ 76.092299][ T9170] ? rtnetlink_rcv+0x1d/0x30 [ 76.096877][ T9170] ? netlink_unicast+0x531/0x710 [ 76.101922][ T9170] ? netlink_sendmsg+0x8a5/0xd60 [ 76.106851][ T9170] ? sock_sendmsg+0xd7/0x130 [ 76.111426][ T9170] ? ___sys_sendmsg+0x803/0x920 [ 76.116259][ T9170] ? __sys_sendmsg+0x105/0x1d0 [ 76.121006][ T9170] ? __x64_sys_sendmsg+0x78/0xb0 [ 76.125929][ T9170] ? do_syscall_64+0xfa/0x760 [ 76.130715][ T9170] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.136784][ T9170] ? __kasan_check_read+0x11/0x20 [ 76.141966][ T9170] ? mark_lock+0xc2/0x1220 [ 76.146411][ T9170] mutex_lock_nested+0x16/0x20 [ 76.151167][ T9170] ? mutex_lock_nested+0x16/0x20 [ 76.156111][ T9170] tcf_chain0_head_change_cb_del.isra.0+0x34/0x3e0 [ 76.162761][ T9170] ? __kasan_check_read+0x11/0x20 [ 76.167828][ T9170] ? mark_lock+0xc2/0x1220 [ 76.172242][ T9170] tcf_block_put_ext.part.0+0x2a/0x80 [ 76.177603][ T9170] tcf_block_put+0xbf/0x110 [ 76.182092][ T9170] ? tcf_block_put_ext+0x40/0x40 [ 76.187017][ T9170] ? sfb_destroy+0x80/0x80 [ 76.191424][ T9170] ? sfb_destroy+0x80/0x80 [ 76.195826][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 76.204477][ T9170] ? prandom_u32+0x7d/0xb0 [ 76.208973][ T9170] ? sfb_zero_all_buckets+0x20/0x20 [ 76.214155][ T9170] sfb_destroy+0x37/0x80 [ 76.218398][ T9170] qdisc_destroy+0x11f/0x630 [ 76.223241][ T9170] qdisc_put+0x85/0xa0 [ 76.227296][ T9170] sfb_change+0x3d8/0xe90 [ 76.231616][ T9170] ? sfb_graft+0x5f0/0x5f0 [ 76.236017][ T9170] ? nla_strcmp+0xe3/0x120 [ 76.240436][ T9170] ? sfb_graft+0x5f0/0x5f0 [ 76.244839][ T9170] tc_modify_qdisc+0xfcf/0x1c50 [ 76.249718][ T9170] ? qdisc_create+0x1210/0x1210 [ 76.254565][ T9170] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.260791][ T9170] ? qdisc_create+0x1210/0x1210 [ 76.265630][ T9170] rtnetlink_rcv_msg+0x463/0xb00 [ 76.270678][ T9170] ? rtnetlink_put_metrics+0x580/0x580 [ 76.276126][ T9170] ? lock_downgrade+0x920/0x920 [ 76.280972][ T9170] ? netlink_deliver_tap+0x22d/0xbf0 [ 76.286309][ T9170] ? find_held_lock+0x35/0x130 [ 76.291071][ T9170] netlink_rcv_skb+0x177/0x450 [ 76.295847][ T9170] ? rtnetlink_put_metrics+0x580/0x580 [ 76.301293][ T9170] ? netlink_ack+0xb30/0xb30 [ 76.305881][ T9170] ? __kasan_check_read+0x11/0x20 [ 76.310897][ T9170] ? netlink_deliver_tap+0x254/0xbf0 [ 76.316181][ T9170] rtnetlink_rcv+0x1d/0x30 [ 76.320583][ T9170] netlink_unicast+0x531/0x710 [ 76.325337][ T9170] ? netlink_attachskb+0x7c0/0x7c0 [ 76.330613][ T9170] ? _copy_from_iter_full+0x25d/0x8a0 [ 76.336041][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 76.342396][ T9170] netlink_sendmsg+0x8a5/0xd60 [ 76.347184][ T9170] ? netlink_unicast+0x710/0x710 [ 76.352127][ T9170] ? tomoyo_socket_sendmsg+0x26/0x30 [ 76.357452][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 76.363713][ T9170] ? security_socket_sendmsg+0x8d/0xc0 [ 76.369168][ T9170] ? netlink_unicast+0x710/0x710 [ 76.374094][ T9170] sock_sendmsg+0xd7/0x130 [ 76.378558][ T9170] ___sys_sendmsg+0x803/0x920 [ 76.383661][ T9170] ? copy_msghdr_from_user+0x440/0x440 [ 76.389114][ T9170] ? __kasan_check_read+0x11/0x20 [ 76.394155][ T9170] ? __fget+0x384/0x560 [ 76.398296][ T9170] ? ksys_dup3+0x3e0/0x3e0 [ 76.402696][ T9170] ? __kasan_check_read+0x11/0x20 [ 76.407707][ T9170] ? __fget_light+0x1a9/0x230 [ 76.412370][ T9170] ? __fdget+0x1b/0x20 [ 76.416484][ T9170] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 76.422713][ T9170] __sys_sendmsg+0x105/0x1d0 [ 76.427292][ T9170] ? __sys_sendmsg_sock+0xd0/0xd0 [ 76.432343][ T9170] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 76.438329][ T9170] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 76.443815][ T9170] ? do_syscall_64+0x26/0x760 [ 76.448480][ T9170] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.454532][ T9170] ? do_syscall_64+0x26/0x760 [ 76.459203][ T9170] __x64_sys_sendmsg+0x78/0xb0 [ 76.463952][ T9170] do_syscall_64+0xfa/0x760 [ 76.468446][ T9170] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 76.474321][ T9170] RIP: 0033:0x446519 [ 76.478205][ T9170] Code: e8 1c ba 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 76.497830][ T9170] RSP: 002b:00007f62937ecdb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 76.506231][ T9170] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 0000000000446519 [ 76.514193][ T9170] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000006 [ 76.522268][ T9170] RBP: 00000000006dbc60 R08: 0000000000000000 R09: 0000000000000000 [ 76.530247][ T9170] R10: 00000000ffffffff R11: 0000000000000246 R12: 00000000006dbc6c [ 76.538208][ T9170] R13: 00007ffe074cdc2f R14: 00007f62937ed9c0 R15: 0000000000000000