Warning: Permanently added '10.128.0.201' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 49.762062] kauditd_printk_skb: 2 callbacks suppressed
[ 49.762076] audit: type=1400 audit(1584740218.465:36): avc: denied { map } for pid=7994 comm="syz-executor252" path="/root/syz-executor252921433" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 49.780667] IPVS: ftp: loaded support on port[0] = 21
[ 49.830186] ------------[ cut here ]------------
[ 49.835957] ODEBUG: activate active (active state 1) object type: rcu_head hint: (null)
[ 49.845157] WARNING: CPU: 0 PID: 7998 at lib/debugobjects.c:325 debug_print_object+0x160/0x250
[ 49.853887] Kernel panic - not syncing: panic_on_warn set ...
[ 49.853887]
[ 49.861234] CPU: 0 PID: 7998 Comm: syz-executor252 Not tainted 4.19.112-syzkaller #0
[ 49.869092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.878427] Call Trace:
[ 49.881002] dump_stack+0x188/0x20d
[ 49.884616] panic+0x26a/0x50e
[ 49.887793] ? __warn_printk+0xf3/0xf3
[ 49.891674] ? debug_print_object+0x160/0x250
[ 49.896164] ? __probe_kernel_read+0x16c/0x1b0
[ 49.900728] ? __warn.cold+0x5/0x46
[ 49.904334] ? __warn+0xe4/0x1c0
[ 49.907685] ? debug_print_object+0x160/0x250
[ 49.912159] __warn.cold+0x20/0x46
[ 49.915683] ? debug_print_object+0x160/0x250
[ 49.920159] report_bug+0x262/0x2a0
[ 49.923771] do_error_trap+0x1d7/0x310
[ 49.927639] ? math_error+0x310/0x310
[ 49.931459] ? irq_work_claim+0xa6/0xc0
[ 49.935420] ? irq_work_queue+0x2b/0x80
[ 49.939375] ? wake_up_klogd+0x8c/0xc0
[ 49.943249] ? trace_hardirqs_off_caller+0x55/0x210
[ 49.948249] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 49.953073] invalid_op+0x14/0x20
[ 49.956509] RIP: 0010:debug_print_object+0x160/0x250
[ 49.961591] Code: dd 60 0f ab 87 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd 60 0f ab 87 48 c7 c7 a0 04 ab 87 e8 9b f6 e6 fd <0f> 0b 83 05 23 a5 37 06 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89
[ 49.980471] RSP: 0018:ffff88808fcaf268 EFLAGS: 00010086
[ 49.985901] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 49.993156] RDX: 0000000000000000 RSI: ffffffff8152d3a1 RDI: ffffed1011f95e3f
[ 50.000409] RBP: 0000000000000001 R08: ffff8880928025c0 R09: ffffed1015cc3ee3
[ 50.007678] R10: ffffed1015cc3ee2 R11: ffff8880ae61f717 R12: ffffffff88b928c0
[ 50.014926] R13: 0000000000000000 R14: ffff8880a4ea69e8 R15: 1ffff11011f95e5a
[ 50.022209] ? vprintk_func+0x81/0x17e
[ 50.026085] ? debug_print_object+0x160/0x250
[ 50.030560] debug_object_activate+0x357/0x4e0
[ 50.035124] ? debug_object_free+0x3e0/0x3e0
[ 50.039517] ? lockdep_hardirqs_on+0x40b/0x5d0
[ 50.044092] ? route4_change+0xbab/0x2210
[ 50.048227] ? delayed_work_timer_fn+0x90/0x90
[ 50.052792] __call_rcu.constprop.0+0x31/0x7e0
[ 50.057363] ? mark_held_locks+0xa6/0xf0
[ 50.061403] queue_rcu_work+0x75/0x90
[ 50.065198] route4_change+0xe6a/0x2210
[ 50.069153] ? route4_init+0xa0/0xa0
[ 50.072850] ? route4_init+0xa0/0xa0
[ 50.076544] tc_new_tfilter+0xa6b/0x1450
[ 50.080589] ? tc_del_tfilter+0xd40/0xd40
[ 50.084751] ? __mutex_lock+0x3cd/0x1300
[ 50.088795] ? selinux_ipv4_output+0x50/0x50
[ 50.093189] ? rtnetlink_rcv_msg+0x3fe/0xaf0
[ 50.097598] ? tc_del_tfilter+0xd40/0xd40
[ 50.101726] rtnetlink_rcv_msg+0x453/0xaf0
[ 50.105997] ? rtnetlink_put_metrics+0x520/0x520
[ 50.110746] ? find_held_lock+0x2d/0x110
[ 50.114799] netlink_rcv_skb+0x160/0x410
[ 50.118852] ? rtnetlink_put_metrics+0x520/0x520
[ 50.123605] ? netlink_ack+0xa60/0xa60
[ 50.127480] netlink_unicast+0x4d7/0x6a0
[ 50.131523] ? netlink_attachskb+0x710/0x710
[ 50.135935] netlink_sendmsg+0x80b/0xcd0
[ 50.139987] ? netlink_unicast+0x6a0/0x6a0
[ 50.144204] ? move_addr_to_kernel.part.0+0x110/0x110
[ 50.149392] ? netlink_unicast+0x6a0/0x6a0
[ 50.153618] sock_sendmsg+0xcf/0x120
[ 50.157324] ___sys_sendmsg+0x803/0x920
[ 50.161288] ? copy_msghdr_from_user+0x410/0x410
[ 50.166032] ? __fget+0x319/0x510
[ 50.169470] ? lock_downgrade+0x740/0x740
[ 50.173615] ? check_preemption_disabled+0x41/0x280
[ 50.178614] ? __fget+0x340/0x510
[ 50.182061] ? iterate_fd+0x350/0x350
[ 50.185850] ? find_held_lock+0x2d/0x110
[ 50.189901] ? __fd_install+0x1b4/0x610
[ 50.193864] ? __fget_light+0x1d1/0x230
[ 50.197822] __sys_sendmsg+0xec/0x1b0
[ 50.201607] ? __ia32_sys_shutdown+0x70/0x70
[ 50.205997] ? __x64_sys_futex+0x386/0x4f0
[ 50.210214] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 50.214952] ? trace_hardirqs_off_caller+0x55/0x210
[ 50.219953] ? do_syscall_64+0x21/0x620
[ 50.223912] do_syscall_64+0xf9/0x620
[ 50.227697] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 50.232871] RIP: 0033:0x446e09
[ 50.236047] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 50.254929] RSP: 002b:00007ff1473f6d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.262616] RAX: ffffffffffffffda RBX: 00000000006dbc78 RCX: 0000000000446e09
[ 50.269863] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006
[ 50.277128] RBP: 00000000006dbc70 R08: 0000000000000000 R09: 0000000000000000
[ 50.284378] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc7c
[ 50.291627] R13: 0000000000000005 R14: 00a3a20740000000 R15: 0507002400000038
[ 50.298888]
[ 50.298891] ======================================================
[ 50.298894] WARNING: possible circular locking dependency detected
[ 50.298896] 4.19.112-syzkaller #0 Not tainted
[ 50.298899] ------------------------------------------------------
[ 50.298901] syz-executor252/7998 is trying to acquire lock:
[ 50.298903] 000000009521e6f5 ((console_sem).lock){-...}, at: down_trylock+0xe/0x60
[ 50.298910]
[ 50.298912] but task is already holding lock:
[ 50.298914] 0000000047c6526a (&obj_hash[i].lock){-.-.}, at: debug_object_activate+0x131/0x4e0
[ 50.298921]
[ 50.298924] which lock already depends on the new lock.
[ 50.298925]
[ 50.298926]
[ 50.298929] the existing dependency chain (in reverse order) is:
[ 50.298930]
[ 50.298931] -> #5 (&obj_hash[i].lock){-.-.}:
[ 50.298938] debug_object_activate+0x131/0x4e0
[ 50.298940] enqueue_hrtimer+0x27/0x3f0
[ 50.298943] hrtimer_start_range_ns+0x580/0xbe0
[ 50.298945] schedule_hrtimeout_range_clock+0x17a/0x360
[ 50.298947] wait_task_inactive+0x443/0x550
[ 50.298949] __kthread_bind_mask+0x1f/0xb0
[ 50.298951] init_rescuer.part.0+0xf2/0x190
[ 50.298953] workqueue_init+0x504/0x7e9
[ 50.298956] kernel_init_freeable+0x2bd/0x5bb
[ 50.298958] kernel_init+0xd/0x1c2
[ 50.298960] ret_from_fork+0x24/0x30
[ 50.298961]
[ 50.298962] -> #4 (hrtimer_bases.lock){-.-.}:
[ 50.298969] lock_hrtimer_base.isra.0+0x6d/0x120
[ 50.298971] hrtimer_start_range_ns+0xf5/0xbe0
[ 50.298973] enqueue_task_rt+0x97f/0xdf0
[ 50.298976] __sched_setscheduler.constprop.0+0xc79/0x1df0
[ 50.298978] _sched_setscheduler+0xee/0x180
[ 50.298980] watchdog_dev_init+0xdd/0x1ae
[ 50.298982] watchdog_init+0x14/0x17e
[ 50.298984] do_one_initcall+0xf1/0x734
[ 50.298986] kernel_init_freeable+0x4c9/0x5bb
[ 50.298988] kernel_init+0xd/0x1c2
[ 50.298990] ret_from_fork+0x24/0x30
[ 50.298991]
[ 50.298992] -> #3 (&rt_b->rt_runtime_lock){-.-.}:
[ 50.298999] rq_online_rt+0xaf/0x390
[ 50.299002] set_rq_online.part.0+0xe3/0x140
[ 50.299004] sched_cpu_activate+0x17f/0x270
[ 50.299006] cpuhp_invoke_callback+0x213/0x1bb0
[ 50.299008] cpuhp_thread_fun+0x440/0x840
[ 50.299010] smpboot_thread_fn+0x653/0x9d0
[ 50.299012] kthread+0x34a/0x420
[ 50.299014] ret_from_fork+0x24/0x30
[ 50.299015]
[ 50.299016] -> #2 (&rq->lock){-.-.}:
[ 50.299023] task_fork_fair+0x6a/0x520
[ 50.299025] sched_fork+0x3a7/0x8b0
[ 50.299027] copy_process.part.0+0x187d/0x7a60
[ 50.299029] _do_fork+0x22f/0xf40
[ 50.299031] kernel_thread+0x2f/0x40
[ 50.299033] rest_init+0x1f/0x212
[ 50.299035] start_kernel+0x7e4/0x81c
[ 50.299037] secondary_startup_64+0xa4/0xb0
[ 50.299038]
[ 50.299039] -> #1 (&p->pi_lock){-.-.}:
[ 50.299046] try_to_wake_up+0x80/0xe90
[ 50.299048] up+0x92/0xe0
[ 50.299050] __up_console_sem+0xb3/0x1c0
[ 50.299052] console_unlock+0x64d/0xfe0
[ 50.299054] vprintk_emit+0x282/0x6e0
[ 50.299055] vprintk_func+0x79/0x17e
[ 50.299057] printk+0xba/0xed
[ 50.299059] kauditd_hold_skb.cold+0x41/0x50
[ 50.299062] kauditd_send_queue+0x12d/0x170
[ 50.299064] kauditd_thread+0x6f4/0xa20
[ 50.299065] kthread+0x34a/0x420
[ 50.299067] ret_from_fork+0x24/0x30
[ 50.299068]
[ 50.299070] -> #0 ((console_sem).lock){-...}:
[ 50.299077] _raw_spin_lock_irqsave+0x8c/0xbf
[ 50.299079] down_trylock+0xe/0x60
[ 50.299081] __down_trylock_console_sem+0xa3/0x210
[ 50.299083] console_trylock+0x12/0x90
[ 50.299085] vprintk_emit+0x269/0x6e0
[ 50.299087] vprintk_func+0x79/0x17e
[ 50.299089] printk+0xba/0xed
[ 50.299091] __warn_printk+0x9b/0xf3
[ 50.299093] debug_print_object+0x160/0x250
[ 50.299095] debug_object_activate+0x357/0x4e0
[ 50.299097] __call_rcu.constprop.0+0x31/0x7e0
[ 50.299099] queue_rcu_work+0x75/0x90
[ 50.299101] route4_change+0xe6a/0x2210
[ 50.299103] tc_new_tfilter+0xa6b/0x1450
[ 50.299105] rtnetlink_rcv_msg+0x453/0xaf0
[ 50.299108] netlink_rcv_skb+0x160/0x410
[ 50.299110] netlink_unicast+0x4d7/0x6a0
[ 50.299112] netlink_sendmsg+0x80b/0xcd0
[ 50.299114] sock_sendmsg+0xcf/0x120
[ 50.299116] ___sys_sendmsg+0x803/0x920
[ 50.299118] __sys_sendmsg+0xec/0x1b0
[ 50.299120] do_syscall_64+0xf9/0x620
[ 50.299122] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 50.299123]
[ 50.299125] other info that might help us debug this:
[ 50.299126]
[ 50.299128] Chain exists of:
[ 50.299129] (console_sem).lock --> hrtimer_bases.lock --> &obj_hash[i].lock
[ 50.299138]
[ 50.299140] Possible unsafe locking scenario:
[ 50.299141]
[ 50.299144] CPU0 CPU1
[ 50.299146] ---- ----
[ 50.299147] lock(&obj_hash[i].lock);
[ 50.299152] lock(hrtimer_bases.lock);
[ 50.299156] lock(&obj_hash[i].lock);
[ 50.299160] lock((console_sem).lock);
[ 50.299164]
[ 50.299166] *** DEADLOCK ***
[ 50.299167]
[ 50.299169] 2 locks held by syz-executor252/7998:
[ 50.299170] #0: 0000000043bf1e9e (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x3fe/0xaf0
[ 50.299179] #1: 0000000047c6526a (&obj_hash[i].lock){-.-.}, at: debug_object_activate+0x131/0x4e0
[ 50.299187]
[ 50.299189] stack backtrace:
[ 50.299192] CPU: 0 PID: 7998 Comm: syz-executor252 Not tainted 4.19.112-syzkaller #0
[ 50.299196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.299197] Call Trace:
[ 50.299199] dump_stack+0x188/0x20d
[ 50.299202] print_circular_bug.isra.0.cold+0x1c4/0x282
[ 50.299204] __lock_acquire+0x2e19/0x49c0
[ 50.299206] ? add_lock_to_list.isra.0+0x179/0x330
[ 50.299208] ? save_trace+0xd6/0x290
[ 50.299210] ? mark_held_locks+0xf0/0xf0
[ 50.299212] ? format_decode+0x230/0xad0
[ 50.299214] ? kvm_clock_read+0x14/0x30
[ 50.299216] lock_acquire+0x170/0x400
[ 50.299218] ? down_trylock+0xe/0x60
[ 50.299220] _raw_spin_lock_irqsave+0x8c/0xbf
[ 50.299222] ? down_trylock+0xe/0x60
[ 50.299224] down_trylock+0xe/0x60
[ 50.299226] ? vprintk_emit+0x269/0x6e0
[ 50.299228] __down_trylock_console_sem+0xa3/0x210
[ 50.299230] console_trylock+0x12/0x90
[ 50.299232] vprintk_emit+0x269/0x6e0
[ 50.299234] vprintk_func+0x79/0x17e
[ 50.299236] printk+0xba/0xed
[ 50.299238] ? kmsg_dump_rewind_nolock+0xd9/0xd9
[ 50.299240] ? __warn_printk+0x8f/0xf3
[ 50.299242] __warn_printk+0x9b/0xf3
[ 50.299244] ? add_taint.cold+0x16/0x16
[ 50.299246] ? do_syscall_64+0xf9/0x620
[ 50.299248] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 50.299250] debug_print_object+0x160/0x250
[ 50.299252] debug_object_activate+0x357/0x4e0
[ 50.299254] ? debug_object_free+0x3e0/0x3e0
[ 50.299257] ? lockdep_hardirqs_on+0x40b/0x5d0
[ 50.299259] ? route4_change+0xbab/0x2210
[ 50.299261] ? delayed_work_timer_fn+0x90/0x90
[ 50.299263] __call_rcu.constprop.0+0x31/0x7e0
[ 50.299265] ? mark_held_locks+0xa6/0xf0
[ 50.299267] queue_rcu_work+0x75/0x90
[ 50.299269] route4_change+0xe6a/0x2210
[ 50.299271] ? route4_init+0xa0/0xa0
[ 50.299273] ? route4_init+0xa0/0xa0
[ 50.299275] tc_new_tfilter+0xa6b/0x1450
[ 50.299277] ? tc_del_tfilter+0xd40/0xd40
[ 50.299279] ? __mutex_lock+0x3cd/0x1300
[ 50.299285] ? selinux_ipv4_output+0x50/0x50
[ 50.299287] ? rtnetlink_rcv_msg+0x3fe/0xaf0
[ 50.299289] ? tc_del_tfilter+0xd40/0xd40
[ 50.299291] rtnetlink_rcv_msg+0x453/0xaf0
[ 50.299293] ? rtnetlink_put_metrics+0x520/0x520
[ 50.299295] ? find_held_lock+0x2d/0x110
[ 50.299297] netlink_rcv_skb+0x160/0x410
[ 50.299300] ? rtnetlink_put_metrics+0x520/0x520
[ 50.299302] ? netlink_ack+0xa60/0xa60
[ 50.299304] netlink_unicast+0x4d7/0x6a0
[ 50.299306] ? netlink_attachskb+0x710/0x710
[ 50.299308] netlink_sendmsg+0x80b/0xcd0
[ 50.299310] ? netlink_unicast+0x6a0/0x6a0
[ 50.299312] ? move_addr_to_kernel.part.0+0x110/0x110
[ 50.299314] ? netlink_unicast+0x6a0/0x6a0
[ 50.299316] sock_sendmsg+0xcf/0x120
[ 50.299318] ___sys_sendmsg+0x803/0x920
[ 50.299320] ? copy_msghdr_from_user+0x410/0x410
[ 50.299322] ? __fget+0x319/0x510
[ 50.299324] ? lock_downgrade+0x740/0x740
[ 50.299327] ? check_preemption_disabled+0x41/0x280
[ 50.299328] ? __fget+0x340/0x510
[ 50.299330] ? iterate_fd+0x350/0x350
[ 50.299332] ? find_held_lock+0x2d/0x110
[ 50.299334] ? __fd_install+0x1b4/0x610
[ 50.299336] ? __fget_light+0x1d1/0x230
[ 50.299338] __sys_sendmsg+0xec/0x1b0
[ 50.299341] ? __ia32_sys_shutdown+0x70/0x70
[ 50.299343] ? __x64_sys_futex+0x386/0x4f0
[ 50.299345] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 50.299347] ? trace_hardirqs_off_caller+0x55/0x210
[ 50.299349] ? do_syscall_64+0x21/0x620
[ 50.299351] do_syscall_64+0xf9/0x620
[ 50.299353] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 50.299355] RIP: 0033:0x446e09
[ 50.299363] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 50.299365] RSP: 002b:00007ff1473f6d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 50.299370] RAX: ffffffffffffffda RBX: 00000000006dbc78 RCX: 0000000000446e09
[ 50.299373] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006
[ 50.299376] RBP: 00000000006dbc70 R08: 0000000000000000 R09: 0000000000000000
[ 50.299379] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc7c
[ 50.299382] R13: 0000000000000005 R14: 00a3a20740000000 R15: 0507002400000038
[ 50.300609] Kernel Offset: disabled
[ 51.224698] Rebooting in 86400 seconds..