[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 68.696683][ T27] audit: type=1800 audit(1580933000.163:25): pid=9446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 68.717745][ T27] audit: type=1800 audit(1580933000.163:26): pid=9446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 68.754266][ T27] audit: type=1800 audit(1580933000.163:27): pid=9446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.53' (ECDSA) to the list of known hosts. 2020/02/05 20:03:28 fuzzer started 2020/02/05 20:03:30 dialing manager at 10.128.0.26:35493 2020/02/05 20:03:30 syscalls: 2939 2020/02/05 20:03:30 code coverage: enabled 2020/02/05 20:03:30 comparison tracing: enabled 2020/02/05 20:03:30 extra coverage: enabled 2020/02/05 20:03:30 setuid sandbox: enabled 2020/02/05 20:03:30 namespace sandbox: enabled 2020/02/05 20:03:30 Android sandbox: /sys/fs/selinux/policy does not exist 2020/02/05 20:03:30 fault injection: enabled 2020/02/05 20:03:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/02/05 20:03:30 net packet injection: enabled 2020/02/05 20:03:30 net device setup: enabled 2020/02/05 20:03:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/02/05 20:03:30 devlink PCI setup: PCI device 0000:00:10.0 is not available syzkaller login: [ 316.935640][ C0] [ 316.938140][ C0] ================================ [ 316.943240][ C0] WARNING: inconsistent lock state [ 316.948337][ C0] 5.5.0-rc6-next-20200116-syzkaller #0 Not tainted [ 316.954822][ C0] -------------------------------- [ 316.959927][ C0] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. [ 316.966766][ C0] swapper/0/0 [HC0[0]:SC1[1]:HE1:SE0] takes: [ 316.972747][ C0] ffffffff8a03ce58 (ima_keys_lock){+.?.}, at: ima_process_queued_keys+0x4f/0x320 [ 316.981947][ C0] {SOFTIRQ-ON-W} state was registered at: [ 316.987678][ C0] lock_acquire+0x190/0x410 [ 316.992337][ C0] _raw_spin_lock+0x2f/0x40 [ 316.996924][ C0] ima_post_key_create_or_update+0x234/0x470 [ 317.003043][ C0] key_create_or_update+0x6b8/0xcb0 [ 317.008411][ C0] load_system_certificate_list+0x1ba/0x25e [ 317.014424][ C0] do_one_initcall+0x120/0x820 [ 317.019312][ C0] kernel_init_freeable+0x522/0x5d0 [ 317.024619][ C0] kernel_init+0x12/0x1bf [ 317.029034][ C0] ret_from_fork+0x24/0x30 [ 317.033530][ C0] irq event stamp: 2948584 [ 317.037942][ C0] hardirqs last enabled at (2948584): [] _raw_spin_unlock_irq+0x23/0x80 [ 317.047913][ C0] hardirqs last disabled at (2948583): [] _raw_spin_lock_irq+0x3a/0x80 [ 317.057885][ C0] softirqs last enabled at (2948580): [] _local_bh_enable+0x1c/0x30 [ 317.067773][ C0] softirqs last disabled at (2948581): [] irq_exit+0x19b/0x1e0 [ 317.076964][ C0] [ 317.076964][ C0] other info that might help us debug this: [ 317.085015][ C0] Possible unsafe locking scenario: [ 317.085015][ C0] [ 317.092453][ C0] CPU0 [ 317.095724][ C0] ---- [ 317.099019][ C0] lock(ima_keys_lock); [ 317.103255][ C0] [ 317.106703][ C0] lock(ima_keys_lock); [ 317.111134][ C0] [ 317.111134][ C0] *** DEADLOCK *** [ 317.111134][ C0] [ 317.119280][ C0] 1 lock held by swapper/0/0: [ 317.123944][ C0] #0: ffffc90000007d50 ((&ima_key_queue_timer)){+.-.}, at: call_timer_fn+0xe0/0x780 [ 317.133469][ C0] [ 317.133469][ C0] stack backtrace: [ 317.139469][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.5.0-rc6-next-20200116-syzkaller #0 [ 317.148565][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.158618][ C0] Call Trace: [ 317.161902][ C0] [ 317.164845][ C0] dump_stack+0x197/0x210 [ 317.169353][ C0] print_usage_bug.cold+0x327/0x378 [ 317.174557][ C0] mark_lock+0xbb4/0x1220 [ 317.178885][ C0] ? check_usage_backwards+0x330/0x330 [ 317.184341][ C0] __lock_acquire+0x1e8e/0x4a00 [ 317.189190][ C0] ? alloc_list_entry+0xc0/0xc0 [ 317.194082][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 317.200388][ C0] ? find_first_zero_bit+0x9a/0xc0 [ 317.205497][ C0] ? mark_held_locks+0xf0/0xf0 [ 317.210256][ C0] lock_acquire+0x190/0x410 [ 317.214858][ C0] ? ima_process_queued_keys+0x4f/0x320 [ 317.220415][ C0] _raw_spin_lock+0x2f/0x40 [ 317.224914][ C0] ? ima_process_queued_keys+0x4f/0x320 [ 317.230459][ C0] ima_process_queued_keys+0x4f/0x320 [ 317.235840][ C0] ima_timer_handler+0x15/0x20 [ 317.240602][ C0] call_timer_fn+0x1ac/0x780 [ 317.245188][ C0] ? ima_process_queued_keys+0x320/0x320 [ 317.250904][ C0] ? msleep_interruptible+0x150/0x150 [ 317.256268][ C0] ? run_timer_softirq+0x6b1/0x1790 [ 317.261527][ C0] ? trace_hardirqs_on+0x67/0x240 [ 317.266634][ C0] ? ima_process_queued_keys+0x320/0x320 [ 317.272281][ C0] ? ima_process_queued_keys+0x320/0x320 [ 317.277930][ C0] run_timer_softirq+0x6c3/0x1790 [ 317.282947][ C0] ? add_timer+0x930/0x930 [ 317.287404][ C0] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 317.293580][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 317.299122][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 317.305103][ C0] ? trace_hardirqs_on+0x67/0x240 [ 317.310184][ C0] __do_softirq+0x262/0x98c [ 317.314719][ C0] ? sched_clock_cpu+0x1b/0x1b0 [ 317.319590][ C0] irq_exit+0x19b/0x1e0 [ 317.323742][ C0] smp_apic_timer_interrupt+0x1a3/0x610 [ 317.329280][ C0] apic_timer_interrupt+0xf/0x20 [ 317.334199][ C0] [ 317.337134][ C0] RIP: 0010:native_safe_halt+0xe/0x10 [ 317.342497][ C0] Code: a8 3a c6 f9 eb 8a cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d 14 92 5a 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 04 92 5a 00 fb f4 cc 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 de 0b 75 f9 e8 89 [ 317.362213][ C0] RSP: 0018:ffffffff89a07cd0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 317.370720][ C0] RAX: 1ffffffff1367752 RBX: ffffffff89a7a780 RCX: 0000000000000000 [ 317.378711][ C0] RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffffffff89a7b01c [ 317.386677][ C0] RBP: ffffffff89a07d00 R08: ffffffff89a7a780 R09: 0000000000000000 [ 317.394646][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 317.402614][ C0] R13: ffffffff8aa52e40 R14: 0000000000000000 R15: 0000000000000000 [ 317.410605][ C0] ? default_idle+0x4e/0x360 [ 317.415258][ C0] arch_cpu_idle+0xa/0x10 [ 317.419613][ C0] default_idle_call+0x84/0xb0 [ 317.424396][ C0] do_idle+0x3c8/0x6e0 [ 317.428464][ C0] ? arch_cpu_idle_exit+0x80/0x80 [ 317.433506][ C0] ? trace_hardirqs_on+0x67/0x240 [ 317.438734][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.445006][ C0] ? debug_smp_processor_id+0x33/0x18a [ 317.450449][ C0] cpu_startup_entry+0x1b/0x20 [ 317.455197][ C0] rest_init+0x23b/0x371 [ 317.459425][ C0] arch_call_rest_init+0xe/0x1b [ 317.464260][ C0] start_kernel+0xd24/0xd63 [ 317.468866][ C0] ? mem_encrypt_init+0xb/0xb [ 317.473531][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.479756][ C0] ? x86_family+0x41/0x50 [ 317.484077][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 317.490304][ C0] x86_64_start_reservations+0x29/0x2b [ 317.495772][ C0] x86_64_start_kernel+0x77/0x7b [ 317.500696][ C0] secondary_startup_64+0xa4/0xb0