Warning: Permanently added '10.128.0.137' (ECDSA) to the list of known hosts. 2019/02/18 16:21:15 parsed 1 programs 2019/02/18 16:21:17 executed programs: 0 [ 99.855521] IPVS: ftp: loaded support on port[0] = 21 [ 99.911968] chnl_net:caif_netlink_parms(): no params data found [ 99.943186] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.950238] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.957370] device bridge_slave_0 entered promiscuous mode [ 99.966158] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.972622] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.980513] device bridge_slave_1 entered promiscuous mode [ 99.995922] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 100.004771] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 100.021342] team0: Port device team_slave_0 added [ 100.027940] team0: Port device team_slave_1 added [ 100.076147] device hsr_slave_0 entered promiscuous mode [ 100.114211] device hsr_slave_1 entered promiscuous mode [ 100.161134] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.167621] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.174773] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.181111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.210334] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.221351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.240437] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.248464] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.256405] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 100.266487] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.275800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.283338] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.289748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.299143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.307421] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.313945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.329281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 100.337090] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 100.348092] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 100.360308] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 100.370875] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.382175] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.390243] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.398632] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 100.413478] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.661265] [ 102.662920] ===================================== [ 102.667739] WARNING: bad unlock balance detected! [ 102.672558] 5.0.0-rc6+ #77 Not tainted [ 102.676440] ------------------------------------- [ 102.681259] syz-executor.0/8256 is trying to release lock (&file->mut) at: [ 102.688281] [] ucma_destroy_id+0x24c/0x4a0 [ 102.694255] but there are no more locks to release! [ 102.699249] [ 102.699249] other info that might help us debug this: [ 102.705894] 1 lock held by syz-executor.0/8256: [ 102.710536] #0: 0000000074494fb5 (&file->mut){+.+.}, at: ucma_destroy_id+0x1e9/0x4a0 [ 102.718496] [ 102.718496] stack backtrace: [ 102.722971] CPU: 0 PID: 8256 Comm: syz-executor.0 Not tainted 5.0.0-rc6+ #77 [ 102.730137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.739470] Call Trace: [ 102.742047] dump_stack+0x172/0x1f0 [ 102.745659] ? ucma_destroy_id+0x24c/0x4a0 [ 102.749884] print_unlock_imbalance_bug.cold+0x114/0x123 [ 102.755320] ? ucma_destroy_id+0x24c/0x4a0 [ 102.759549] lock_release+0x67e/0xa00 [ 102.763331] ? lock_downgrade+0x810/0x810 [ 102.767482] ? mutex_trylock+0x1e0/0x1e0 [ 102.771618] __mutex_unlock_slowpath+0x8e/0x6b0 [ 102.776271] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 102.781789] ? wait_for_completion+0x440/0x440 [ 102.786473] mutex_unlock+0xd/0x10 [ 102.790002] ucma_destroy_id+0x24c/0x4a0 [ 102.794053] ? ucma_close+0x320/0x320 [ 102.797836] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 102.803358] ? _copy_from_user+0xdd/0x150 [ 102.807494] ucma_write+0x2da/0x3c0 [ 102.811101] ? ucma_close+0x320/0x320 [ 102.814884] ? ucma_open+0x290/0x290 [ 102.818583] ? __fget+0x340/0x540 [ 102.822029] __vfs_write+0x116/0x8e0 [ 102.825729] ? lock_downgrade+0x810/0x810 [ 102.829858] ? ucma_open+0x290/0x290 [ 102.833554] ? kernel_read+0x120/0x120 [ 102.837439] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 102.842354] ? common_file_perm+0x1d6/0x6f0 [ 102.846672] ? apparmor_file_permission+0x25/0x30 [ 102.851497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 102.857026] ? security_file_permission+0x94/0x320 [ 102.861953] ? rw_verify_area+0x118/0x360 [ 102.866200] vfs_write+0x20c/0x580 [ 102.869724] ksys_write+0xea/0x1f0 [ 102.873258] ? __ia32_sys_read+0xb0/0xb0 [ 102.877402] ? do_syscall_64+0x26/0x610 [ 102.881365] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 102.886709] ? do_syscall_64+0x26/0x610 [ 102.891514] __x64_sys_write+0x73/0xb0 [ 102.895387] do_syscall_64+0x103/0x610 [ 102.899259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 102.904428] RIP: 0033:0x457e29 [ 102.907599] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 102.926482] RSP: 002b:00007fa3b5be6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 102.934176] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 102.941425] RDX: 0000000000000018 RSI: 0000000020000180 RDI: 0000000000000005 [ 102.948676] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 102.955930] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa3b5be76d4 [ 102.963272] R13: 00000000004cd790 R14: 00000000004dc9d0 R15: 00000000ffffffff