[ 75.512314][ T26] audit: type=1800 audit(1583100039.349:26): pid=9784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 76.469745][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 76.469755][ T26] audit: type=1800 audit(1583100040.329:29): pid=9784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 76.496413][ T26] audit: type=1800 audit(1583100040.329:30): pid=9784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.11' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 86.806617][ T9935] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 86.817034][ T9935] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 86.830411][ T9935] netlink: 'syz-executor749': attribute type 1 has an invalid length. [ 86.874198][ T9935] 8021q: adding VLAN 0 to HW filter on device bond1 [ 86.931307][ T9935] bond1: (slave gretap1): making interface the new active one [ 86.941512][ T9935] [ 86.943888][ T9935] ====================================================== [ 86.950901][ T9935] WARNING: possible circular locking dependency detected [ 86.957916][ T9935] 5.6.0-rc3-syzkaller #0 Not tainted [ 86.963192][ T9935] ------------------------------------------------------ [ 86.970293][ T9935] syz-executor749/9935 is trying to acquire lock: [ 86.976698][ T9935] ffffffff8a5d2ee0 (lock#3){+.+.}, at: cma_netdev_callback+0xc6/0x380 [ 86.984865][ T9935] [ 86.984865][ T9935] but task is already holding lock: [ 86.992229][ T9935] ffffffff8a74de80 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 87.000653][ T9935] [ 87.000653][ T9935] which lock already depends on the new lock. [ 87.000653][ T9935] [ 87.011142][ T9935] [ 87.011142][ T9935] the existing dependency chain (in reverse order) is: [ 87.020240][ T9935] [ 87.020240][ T9935] -> #1 (rtnl_mutex){+.+.}: [ 87.026931][ T9935] __mutex_lock+0x156/0x13c0 [ 87.032055][ T9935] mutex_lock_nested+0x16/0x20 [ 87.037340][ T9935] rtnl_lock+0x17/0x20 [ 87.042213][ T9935] siw_create_listen+0x329/0xed0 [ 87.047678][ T9935] iw_cm_listen+0x16e/0x1f0 [ 87.052794][ T9935] rdma_listen+0x613/0x970 [ 87.057738][ T9935] cma_listen_on_dev+0x530/0x6a0 [ 87.063212][ T9935] cma_add_one+0x6fe/0xbf0 [ 87.068153][ T9935] add_client_context+0x3dd/0x550 [ 87.073700][ T9935] enable_device_and_get+0x1df/0x3c0 [ 87.079509][ T9935] ib_register_device+0xa89/0xe40 [ 87.085057][ T9935] siw_newlink+0xdef/0x1310 [ 87.090175][ T9935] nldev_newlink+0x28a/0x430 [ 87.095288][ T9935] rdma_nl_rcv+0x5d9/0x980 [ 87.100228][ T9935] netlink_unicast+0x59e/0x7e0 [ 87.105513][ T9935] netlink_sendmsg+0x91c/0xea0 [ 87.110797][ T9935] sock_sendmsg+0xd7/0x130 [ 87.115743][ T9935] ____sys_sendmsg+0x753/0x880 [ 87.121031][ T9935] ___sys_sendmsg+0x100/0x170 [ 87.126354][ T9935] __sys_sendmsg+0x105/0x1d0 [ 87.131466][ T9935] __x64_sys_sendmsg+0x78/0xb0 [ 87.136754][ T9935] do_syscall_64+0xfa/0x790 [ 87.141786][ T9935] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.148369][ T9935] [ 87.148369][ T9935] -> #0 (lock#3){+.+.}: [ 87.154715][ T9935] __lock_acquire+0x2596/0x4a00 [ 87.160236][ T9935] lock_acquire+0x190/0x410 [ 87.165262][ T9935] __mutex_lock+0x156/0x13c0 [ 87.170427][ T9935] mutex_lock_nested+0x16/0x20 [ 87.175851][ T9935] cma_netdev_callback+0xc6/0x380 [ 87.181491][ T9935] notifier_call_chain+0xc2/0x230 [ 87.187039][ T9935] raw_notifier_call_chain+0x2e/0x40 [ 87.192851][ T9935] call_netdevice_notifiers_info+0xba/0x130 [ 87.199266][ T9935] call_netdevice_notifiers+0x79/0xa0 [ 87.205160][ T9935] bond_change_active_slave+0x185b/0x2050 [ 87.211421][ T9935] bond_select_active_slave+0x276/0xae0 [ 87.217596][ T9935] bond_enslave+0x44ef/0x4af0 [ 87.222922][ T9935] do_set_master+0x1dd/0x240 [ 87.228048][ T9935] __rtnl_newlink+0x13a3/0x1790 [ 87.233419][ T9935] rtnl_newlink+0x69/0xa0 [ 87.238372][ T9935] rtnetlink_rcv_msg+0x45e/0xaf0 [ 87.243844][ T9935] netlink_rcv_skb+0x177/0x450 [ 87.249129][ T9935] rtnetlink_rcv+0x1d/0x30 [ 87.254071][ T9935] netlink_unicast+0x59e/0x7e0 [ 87.259467][ T9935] netlink_sendmsg+0x91c/0xea0 [ 87.264754][ T9935] sock_sendmsg+0xd7/0x130 [ 87.269694][ T9935] ____sys_sendmsg+0x753/0x880 [ 87.274979][ T9935] ___sys_sendmsg+0x100/0x170 [ 87.280180][ T9935] __sys_sendmsg+0x105/0x1d0 [ 87.285289][ T9935] __x64_sys_sendmsg+0x78/0xb0 [ 87.290682][ T9935] do_syscall_64+0xfa/0x790 [ 87.295719][ T9935] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.302120][ T9935] [ 87.302120][ T9935] other info that might help us debug this: [ 87.302120][ T9935] [ 87.312465][ T9935] Possible unsafe locking scenario: [ 87.312465][ T9935] [ 87.319913][ T9935] CPU0 CPU1 [ 87.325287][ T9935] ---- ---- [ 87.330646][ T9935] lock(rtnl_mutex); [ 87.334809][ T9935] lock(lock#3); [ 87.340959][ T9935] lock(rtnl_mutex); [ 87.347482][ T9935] lock(lock#3); [ 87.351117][ T9935] [ 87.351117][ T9935] *** DEADLOCK *** [ 87.351117][ T9935] [ 87.359364][ T9935] 1 lock held by syz-executor749/9935: [ 87.364872][ T9935] #0: ffffffff8a74de80 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 87.373736][ T9935] [ 87.373736][ T9935] stack backtrace: [ 87.379634][ T9935] CPU: 1 PID: 9935 Comm: syz-executor749 Not tainted 5.6.0-rc3-syzkaller #0 [ 87.388298][ T9935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.398356][ T9935] Call Trace: [ 87.401657][ T9935] dump_stack+0x197/0x210 [ 87.405996][ T9935] print_circular_bug.isra.0.cold+0x163/0x172 [ 87.412086][ T9935] check_noncircular+0x32e/0x3e0 [ 87.417038][ T9935] ? print_circular_bug.isra.0+0x230/0x230 [ 87.422856][ T9935] ? alloc_list_entry+0xc0/0xc0 [ 87.427825][ T9935] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 87.434374][ T9935] ? find_first_zero_bit+0x9a/0xc0 [ 87.439506][ T9935] __lock_acquire+0x2596/0x4a00 [ 87.444387][ T9935] ? mark_held_locks+0xf0/0xf0 [ 87.449347][ T9935] lock_acquire+0x190/0x410 [ 87.453974][ T9935] ? cma_netdev_callback+0xc6/0x380 [ 87.459267][ T9935] __mutex_lock+0x156/0x13c0 [ 87.463966][ T9935] ? cma_netdev_callback+0xc6/0x380 [ 87.469211][ T9935] ? cfg80211_netdev_notifier_call+0x186/0x17bb [ 87.475452][ T9935] ? queue_work_on+0xef/0x210 [ 87.480139][ T9935] ? cma_netdev_callback+0xc6/0x380 [ 87.485457][ T9935] ? cfg80211_init_wdev+0x500/0x500 [ 87.490672][ T9935] ? mutex_trylock+0x2d0/0x2d0 [ 87.495546][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.500577][ T9935] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 87.506519][ T9935] ? tun_device_event+0x76/0x10e0 [ 87.511574][ T9935] mutex_lock_nested+0x16/0x20 [ 87.516464][ T9935] ? mutex_lock_nested+0x16/0x20 [ 87.521468][ T9935] cma_netdev_callback+0xc6/0x380 [ 87.526502][ T9935] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 87.532496][ T9935] notifier_call_chain+0xc2/0x230 [ 87.537534][ T9935] raw_notifier_call_chain+0x2e/0x40 [ 87.542834][ T9935] call_netdevice_notifiers_info+0xba/0x130 [ 87.548745][ T9935] call_netdevice_notifiers+0x79/0xa0 [ 87.554134][ T9935] ? call_netdevice_notifiers_info+0x130/0x130 [ 87.560296][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.565436][ T9935] ? bond_should_notify_peers+0x1f0/0x400 [ 87.572123][ T9935] bond_change_active_slave+0x185b/0x2050 [ 87.578163][ T9935] ? lockdep_hardirqs_on+0x421/0x5e0 [ 87.583481][ T9935] ? bond_slave_link_status+0x70/0x70 [ 87.589063][ T9935] bond_select_active_slave+0x276/0xae0 [ 87.594633][ T9935] ? bond_change_active_slave+0x2050/0x2050 [ 87.601239][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.607729][ T9935] bond_enslave+0x44ef/0x4af0 [ 87.612513][ T9935] ? bond_update_slave_arr+0x880/0x880 [ 87.618099][ T9935] ? rtmsg_ifinfo+0x61/0xa0 [ 87.622729][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.628987][ T9935] ? __dev_notify_flags+0x183/0x2c0 [ 87.634202][ T9935] ? dev_change_name+0x930/0x930 [ 87.639182][ T9935] ? alloc_netdev_mqs+0xa78/0xe40 [ 87.644298][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.649338][ T9935] ? mutex_is_locked+0x12/0x50 [ 87.654106][ T9935] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 87.659864][ T9935] ? bond_update_slave_arr+0x880/0x880 [ 87.665331][ T9935] do_set_master+0x1dd/0x240 [ 87.670005][ T9935] __rtnl_newlink+0x13a3/0x1790 [ 87.674865][ T9935] ? lock_downgrade+0x920/0x920 [ 87.679727][ T9935] ? rtnl_link_unregister+0x250/0x250 [ 87.685107][ T9935] ? is_bpf_image_address+0x1da/0x290 [ 87.690491][ T9935] ? __kernel_text_address+0xd/0x40 [ 87.695701][ T9935] ? unwind_get_return_address+0x61/0xa0 [ 87.701428][ T9935] ? profile_setup.cold+0xbb/0xbb [ 87.706502][ T9935] ? arch_stack_walk+0x97/0xf0 [ 87.711283][ T9935] ? stack_trace_save+0x8f/0xc0 [ 87.716248][ T9935] ? stack_trace_consume_entry+0x170/0x170 [ 87.722061][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.727092][ T9935] ? __lock_acquire+0x16f2/0x4a00 [ 87.732126][ T9935] ? save_stack+0x5c/0x90 [ 87.736567][ T9935] ? save_stack+0x23/0x90 [ 87.740902][ T9935] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 87.746961][ T9935] ? rtnl_newlink+0x4b/0xa0 [ 87.751468][ T9935] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 87.757030][ T9935] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 87.763024][ T9935] rtnl_newlink+0x69/0xa0 [ 87.767355][ T9935] ? __rtnl_newlink+0x1790/0x1790 [ 87.772499][ T9935] rtnetlink_rcv_msg+0x45e/0xaf0 [ 87.777439][ T9935] ? rtnl_bridge_getlink+0x910/0x910 [ 87.782731][ T9935] ? lock_downgrade+0x920/0x920 [ 87.787586][ T9935] ? netlink_deliver_tap+0x226/0xbf0 [ 87.792880][ T9935] ? find_held_lock+0x35/0x130 [ 87.797656][ T9935] netlink_rcv_skb+0x177/0x450 [ 87.802432][ T9935] ? rtnl_bridge_getlink+0x910/0x910 [ 87.807721][ T9935] ? netlink_ack+0xb50/0xb50 [ 87.812349][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.817493][ T9935] ? netlink_deliver_tap+0x248/0xbf0 [ 87.822912][ T9935] rtnetlink_rcv+0x1d/0x30 [ 87.827334][ T9935] netlink_unicast+0x59e/0x7e0 [ 87.833149][ T9935] ? netlink_attachskb+0x870/0x870 [ 87.838307][ T9935] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 87.844090][ T9935] ? __check_object_size+0x3d/0x437 [ 87.849298][ T9935] netlink_sendmsg+0x91c/0xea0 [ 87.854212][ T9935] ? netlink_unicast+0x7e0/0x7e0 [ 87.859165][ T9935] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 87.864721][ T9935] ? apparmor_socket_sendmsg+0x2a/0x30 [ 87.870186][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.876437][ T9935] ? security_socket_sendmsg+0x8d/0xc0 [ 87.881908][ T9935] ? netlink_unicast+0x7e0/0x7e0 [ 87.886877][ T9935] sock_sendmsg+0xd7/0x130 [ 87.891309][ T9935] ____sys_sendmsg+0x753/0x880 [ 87.896203][ T9935] ? kernel_sendmsg+0x50/0x50 [ 87.900996][ T9935] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 87.906569][ T9935] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 87.912567][ T9935] ___sys_sendmsg+0x100/0x170 [ 87.917253][ T9935] ? sendmsg_copy_msghdr+0x70/0x70 [ 87.922375][ T9935] ? __kasan_check_read+0x11/0x20 [ 87.927413][ T9935] ? __lock_acquire+0x8a0/0x4a00 [ 87.932372][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.938622][ T9935] ? __this_cpu_preempt_check+0x35/0x190 [ 87.944271][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.950547][ T9935] ? percpu_counter_add_batch+0x13c/0x190 [ 87.956377][ T9935] ? __fd_install+0x1bc/0x640 [ 87.961064][ T9935] ? find_held_lock+0x35/0x130 [ 87.965836][ T9935] ? __fd_install+0x1bc/0x640 [ 87.970634][ T9935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.976881][ T9935] ? __fget_light+0x1ad/0x270 [ 87.981586][ T9935] ? __fdget+0x1b/0x20 [ 87.985757][ T9935] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 87.992005][ T9935] __sys_sendmsg+0x105/0x1d0 [ 87.996601][ T9935] ? __sys_sendmsg_sock+0xc0/0xc0 [ 88.001629][ T9935] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 88.007621][ T9935] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 88.013093][ T9935] ? do_syscall_64+0x26/0x790 [ 88.017803][ T9935] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 88.023886][ T9935] ? do_syscall_64+0x26/0x790 [ 88.029098][ T9935] __x64_sys_sendmsg+0x78/0xb0 [ 88.033875][ T9935] do_syscall_64+0xfa/0x790 [ 88.038487][ T9935] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 88.044383][ T9935] RIP: 0033:0x440509 [ 88.048283][ T9935] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 88.068044][ T9935] RSP: 002b:00007ffc45bf2c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.076464][ T9935] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440509 [ 88.084453][ T9935] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 88.092586][ T9935] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 88.100704][ T9935] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000401d90 [ 88.108703][ T9935] R13: 0000000000401e20 R14: 0000000000000000 R15: 0000000000000000