[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 58.872805][ T27] audit: type=1800 audit(1582875902.104:25): pid=8960 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 58.892439][ T27] audit: type=1800 audit(1582875902.104:26): pid=8960 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 58.912650][ T27] audit: type=1800 audit(1582875902.114:27): pid=8960 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.28' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 69.692586][ T9110] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 69.703072][ T9110] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 69.720180][ T9110] netlink: 'syz-executor036': attribute type 1 has an invalid length. [ 69.763934][ T9110] 8021q: adding VLAN 0 to HW filter on device bond1 [ 69.822637][ T9110] bond1: (slave gretap1): making interface the new active one [ 69.831074][ T9110] [ 69.833429][ T9110] ====================================================== [ 69.840447][ T9110] WARNING: possible circular locking dependency detected [ 69.847656][ T9110] 5.6.0-rc3-syzkaller #0 Not tainted [ 69.852941][ T9110] ------------------------------------------------------ [ 69.860104][ T9110] syz-executor036/9110 is trying to acquire lock: [ 69.866511][ T9110] ffffffff89543120 (lock#3){+.+.}, at: cma_netdev_callback+0xfd/0x590 [ 69.874814][ T9110] [ 69.874814][ T9110] but task is already holding lock: [ 69.882185][ T9110] ffffffff89590da0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x83c/0xd40 [ 69.890610][ T9110] [ 69.890610][ T9110] which lock already depends on the new lock. [ 69.890610][ T9110] [ 69.901021][ T9110] [ 69.901021][ T9110] the existing dependency chain (in reverse order) is: [ 69.910203][ T9110] [ 69.910203][ T9110] -> #1 (rtnl_mutex){+.+.}: [ 69.916897][ T9110] lock_acquire+0x154/0x250 [ 69.922176][ T9110] __mutex_lock_common+0x16e/0x2f30 [ 69.927906][ T9110] mutex_lock_nested+0x1b/0x30 [ 69.933200][ T9110] rtnl_lock+0x17/0x20 [ 69.937796][ T9110] siw_create_listen+0x93a/0xdb0 [ 69.943268][ T9110] iw_cm_listen+0x3c9/0x4a0 [ 69.948309][ T9110] rdma_listen+0x698/0x9a0 [ 69.953360][ T9110] cma_listen_on_dev+0x678/0x8e0 [ 69.958827][ T9110] cma_add_one+0x5ef/0x6f0 [ 69.963879][ T9110] add_client_context+0x482/0x660 [ 69.969637][ T9110] enable_device_and_get+0x15b/0x370 [ 69.975458][ T9110] ib_register_device+0x124d/0x15b0 [ 69.981484][ T9110] siw_newlink+0xab9/0xfb0 [ 69.986431][ T9110] nldev_newlink+0x403/0x4a0 [ 69.991549][ T9110] rdma_nl_rcv+0x701/0xa20 [ 69.996639][ T9110] netlink_unicast+0x766/0x920 [ 70.002123][ T9110] netlink_sendmsg+0xa2b/0xd40 [ 70.007558][ T9110] ____sys_sendmsg+0x4f7/0x7f0 [ 70.012848][ T9110] __sys_sendmsg+0x1ed/0x290 [ 70.017977][ T9110] __x64_sys_sendmsg+0x7f/0x90 [ 70.023372][ T9110] do_syscall_64+0xf7/0x1c0 [ 70.028412][ T9110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.034825][ T9110] [ 70.034825][ T9110] -> #0 (lock#3){+.+.}: [ 70.041297][ T9110] validate_chain+0x1507/0x7be0 [ 70.046846][ T9110] __lock_acquire+0xc5a/0x1bc0 [ 70.052151][ T9110] lock_acquire+0x154/0x250 [ 70.057263][ T9110] __mutex_lock_common+0x16e/0x2f30 [ 70.063009][ T9110] mutex_lock_nested+0x1b/0x30 [ 70.068426][ T9110] cma_netdev_callback+0xfd/0x590 [ 70.073985][ T9110] raw_notifier_call_chain+0xe3/0x190 [ 70.080003][ T9110] call_netdevice_notifiers+0xf6/0x150 [ 70.086083][ T9110] bond_change_active_slave+0x1f32/0x2b20 [ 70.092649][ T9110] bond_select_active_slave+0x584/0xa80 [ 70.098726][ T9110] bond_enslave+0x42af/0x59c0 [ 70.104159][ T9110] rtnl_newlink+0x182f/0x1c00 [ 70.109504][ T9110] rtnetlink_rcv_msg+0x889/0xd40 [ 70.115118][ T9110] netlink_rcv_skb+0x19e/0x3e0 [ 70.120411][ T9110] rtnetlink_rcv+0x1c/0x20 [ 70.125368][ T9110] netlink_unicast+0x766/0x920 [ 70.130760][ T9110] netlink_sendmsg+0xa2b/0xd40 [ 70.136155][ T9110] ____sys_sendmsg+0x4f7/0x7f0 [ 70.141465][ T9110] __sys_sendmsg+0x1ed/0x290 [ 70.146853][ T9110] __x64_sys_sendmsg+0x7f/0x90 [ 70.152261][ T9110] do_syscall_64+0xf7/0x1c0 [ 70.157299][ T9110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.163821][ T9110] [ 70.163821][ T9110] other info that might help us debug this: [ 70.163821][ T9110] [ 70.174247][ T9110] Possible unsafe locking scenario: [ 70.174247][ T9110] [ 70.182266][ T9110] CPU0 CPU1 [ 70.187637][ T9110] ---- ---- [ 70.193005][ T9110] lock(rtnl_mutex); [ 70.196988][ T9110] lock(lock#3); [ 70.203145][ T9110] lock(rtnl_mutex); [ 70.209875][ T9110] lock(lock#3); [ 70.213506][ T9110] [ 70.213506][ T9110] *** DEADLOCK *** [ 70.213506][ T9110] [ 70.221659][ T9110] 1 lock held by syz-executor036/9110: [ 70.227123][ T9110] #0: ffffffff89590da0 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x83c/0xd40 [ 70.235996][ T9110] [ 70.235996][ T9110] stack backtrace: [ 70.241893][ T9110] CPU: 1 PID: 9110 Comm: syz-executor036 Not tainted 5.6.0-rc3-syzkaller #0 [ 70.250844][ T9110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.260904][ T9110] Call Trace: [ 70.264201][ T9110] dump_stack+0x1fb/0x318 [ 70.268554][ T9110] print_circular_bug+0xc3f/0xe70 [ 70.273601][ T9110] ? stack_trace_save+0xb1/0x150 [ 70.278562][ T9110] ? save_trace+0x4b/0x9f0 [ 70.283132][ T9110] check_noncircular+0x206/0x3a0 [ 70.288095][ T9110] validate_chain+0x1507/0x7be0 [ 70.292970][ T9110] ? __kasan_check_read+0x11/0x20 [ 70.298003][ T9110] ? mark_lock+0x107/0x1650 [ 70.302539][ T9110] ? check_preemption_disabled+0x44/0x260 [ 70.308280][ T9110] ? debug_smp_processor_id+0x9/0x20 [ 70.313582][ T9110] ? __kasan_check_write+0x14/0x20 [ 70.318712][ T9110] __lock_acquire+0xc5a/0x1bc0 [ 70.323514][ T9110] ? trace_lock_acquire+0x15b/0x1d0 [ 70.328752][ T9110] lock_acquire+0x154/0x250 [ 70.333271][ T9110] ? cma_netdev_callback+0xfd/0x590 [ 70.338662][ T9110] ? cma_netdev_callback+0xfd/0x590 [ 70.344081][ T9110] __mutex_lock_common+0x16e/0x2f30 [ 70.349295][ T9110] ? cma_netdev_callback+0xfd/0x590 [ 70.354505][ T9110] ? lockdep_hardirqs_on+0x4a5/0x7a0 [ 70.359809][ T9110] ? cfg80211_netdev_notifier_call+0x15f/0x12b0 [ 70.366082][ T9110] mutex_lock_nested+0x1b/0x30 [ 70.370853][ T9110] cma_netdev_callback+0xfd/0x590 [ 70.375925][ T9110] raw_notifier_call_chain+0xe3/0x190 [ 70.381312][ T9110] call_netdevice_notifiers+0xf6/0x150 [ 70.386905][ T9110] bond_change_active_slave+0x1f32/0x2b20 [ 70.392643][ T9110] ? trace_hardirqs_on+0x74/0x80 [ 70.397755][ T9110] ? mod_delayed_work_on+0x140/0x180 [ 70.403080][ T9110] bond_select_active_slave+0x584/0xa80 [ 70.408644][ T9110] bond_enslave+0x42af/0x59c0 [ 70.413349][ T9110] ? rtmsg_ifinfo+0xe6/0x120 [ 70.417966][ T9110] ? __dev_notify_flags+0x33c/0x4d0 [ 70.423179][ T9110] ? __kasan_check_read+0x11/0x20 [ 70.428323][ T9110] ? mutex_is_locked+0x12/0x40 [ 70.433096][ T9110] ? rtnl_is_locked+0x15/0x20 [ 70.437784][ T9110] rtnl_newlink+0x182f/0x1c00 [ 70.442663][ T9110] ? __mutex_lock_common+0x1907/0x2f30 [ 70.448134][ T9110] ? rtnetlink_rcv_msg+0x83c/0xd40 [ 70.453265][ T9110] ? rtnl_setlink+0x490/0x490 [ 70.457968][ T9110] rtnetlink_rcv_msg+0x889/0xd40 [ 70.462941][ T9110] ? rcu_lock_release+0x9/0x30 [ 70.467838][ T9110] netlink_rcv_skb+0x19e/0x3e0 [ 70.472758][ T9110] ? rtnetlink_bind+0x80/0x80 [ 70.477447][ T9110] rtnetlink_rcv+0x1c/0x20 [ 70.481870][ T9110] netlink_unicast+0x766/0x920 [ 70.486636][ T9110] netlink_sendmsg+0xa2b/0xd40 [ 70.491507][ T9110] ? netlink_getsockopt+0x9f0/0x9f0 [ 70.496716][ T9110] ____sys_sendmsg+0x4f7/0x7f0 [ 70.501498][ T9110] __sys_sendmsg+0x1ed/0x290 [ 70.506116][ T9110] ? rcu_read_lock_sched_held+0x10b/0x170 [ 70.511844][ T9110] ? __kasan_check_write+0x14/0x20 [ 70.516966][ T9110] ? __fpregs_load_activate+0x194/0x220 [ 70.522538][ T9110] ? switch_fpu_return+0xe/0x10 [ 70.527396][ T9110] ? prepare_exit_to_usermode+0x221/0x5b0 [ 70.533255][ T9110] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 70.538988][ T9110] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.544641][ T9110] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 70.550372][ T9110] ? do_syscall_64+0x1d/0x1c0 [ 70.555066][ T9110] __x64_sys_sendmsg+0x7f/0x90 [ 70.559842][ T9110] do_syscall_64+0xf7/0x1c0 [ 70.564354][ T9110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 70.570347][ T9110] RIP: 0033:0x440509 [ 70.574242][ T9110] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 70.593854][ T9110] RSP: 002b:00007ffc21dab118 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.602375][ T9110] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440509 [ 70.610349][ T9110] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 70.618325][ T9110] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [