DUID 00:04:ce:8e:a7:1a:d5:92:ad:c3:fd:35:80:c9:2b:13:ab:38 forked to background, child pid 3181 [ 40.776425][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.795920][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.106' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 62.955439][ T3610] tipc: Started in network mode [ 62.960458][ T3610] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 62.970040][ T3610] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000 [ 62.978665][ T3610] tipc: Enabled bearer , priority 10 [ 62.985621][ T3610] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:230 [ 62.995206][ T3610] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3610, name: syz-executor933 [ 63.004764][ T3610] preempt_count: 201, expected: 0 [ 63.009818][ T3610] RCU nest depth: 0, expected: 0 [ 63.014754][ T3610] 4 locks held by syz-executor933/3610: [ 63.020337][ T3610] #0: ffffffff8d3a38d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 63.028612][ T3610] #1: ffffffff8d3a3988 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x3e0/0x580 [ 63.037578][ T3610] #2: ffffffff8d310e68 (rtnl_mutex){+.+.}-{3:3}, at: tipc_nl_node_set_key+0x7b/0xf70 [ 63.047241][ T3610] #3: ffff888023018068 (&tn->node_list_lock){+...}-{2:2}, at: tipc_node_create+0x179/0x1f60 [ 63.057507][ T3610] Preemption disabled at: [ 63.057520][ T3610] [<0000000000000000>] 0x0 [ 63.066416][ T3610] CPU: 0 PID: 3610 Comm: syz-executor933 Not tainted 5.16.0-rc4-syzkaller #0 [ 63.075165][ T3610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.085379][ T3610] Call Trace: [ 63.088646][ T3610] [ 63.091563][ T3610] dump_stack_lvl+0xcd/0x134 [ 63.096149][ T3610] __might_resched.cold+0x222/0x26b [ 63.101338][ T3610] kmem_cache_alloc_trace+0x25d/0x2c0 [ 63.106706][ T3610] tipc_crypto_start+0xc7/0xbe0 [ 63.111547][ T3610] ? tipc_crypto_key_flush+0x8b0/0x8b0 [ 63.117002][ T3610] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 63.123231][ T3610] ? tipc_nodeid2string+0x205/0x350 [ 63.128421][ T3610] tipc_node_create+0xb42/0x1f60 [ 63.133354][ T3610] tipc_nl_node_set_key+0xd6d/0xf70 [ 63.138542][ T3610] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 63.144776][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.151005][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 63.158366][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 63.165643][ T3610] genl_family_rcv_msg_doit+0x228/0x320 [ 63.171202][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 63.178558][ T3610] ? mutex_lock_io_nested+0x1150/0x1150 [ 63.184098][ T3610] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 63.190327][ T3610] ? __radix_tree_lookup+0x211/0x2a0 [ 63.195597][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.201823][ T3610] ? genl_get_cmd+0x3cf/0x480 [ 63.206577][ T3610] genl_rcv_msg+0x328/0x580 [ 63.211513][ T3610] ? genl_get_cmd+0x480/0x480 [ 63.216173][ T3610] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 63.222494][ T3610] ? lock_release+0x720/0x720 [ 63.227163][ T3610] netlink_rcv_skb+0x153/0x420 [ 63.231918][ T3610] ? genl_get_cmd+0x480/0x480 [ 63.236588][ T3610] ? netlink_ack+0xa60/0xa60 [ 63.241169][ T3610] ? netlink_deliver_tap+0x1b1/0xc30 [ 63.246436][ T3610] ? _copy_from_iter+0x12b/0x1320 [ 63.251454][ T3610] genl_rcv+0x24/0x40 [ 63.255422][ T3610] netlink_unicast+0x533/0x7d0 [ 63.260183][ T3610] ? netlink_attachskb+0x880/0x880 [ 63.265275][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.271502][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.277728][ T3610] ? __phys_addr_symbol+0x2c/0x70 [ 63.282736][ T3610] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 63.288444][ T3610] ? __check_object_size+0x16e/0x3f0 [ 63.293715][ T3610] netlink_sendmsg+0x904/0xdf0 [ 63.298469][ T3610] ? netlink_unicast+0x7d0/0x7d0 [ 63.303395][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.309621][ T3610] ? netlink_unicast+0x7d0/0x7d0 [ 63.314543][ T3610] sock_sendmsg+0xcf/0x120 [ 63.318954][ T3610] ____sys_sendmsg+0x6e8/0x810 [ 63.323706][ T3610] ? kernel_sendmsg+0x50/0x50 [ 63.328368][ T3610] ? do_recvmmsg+0x6d0/0x6d0 [ 63.332940][ T3610] ? lock_chain_count+0x20/0x20 [ 63.337775][ T3610] ? lock_downgrade+0x6e0/0x6e0 [ 63.342620][ T3610] ___sys_sendmsg+0xf3/0x170 [ 63.347281][ T3610] ? sendmsg_copy_msghdr+0x160/0x160 [ 63.352561][ T3610] ? __lock_acquire+0x162f/0x54a0 [ 63.357581][ T3610] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 63.363543][ T3610] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 63.369510][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.375735][ T3610] ? __fget_light+0x215/0x280 [ 63.380398][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.386628][ T3610] __sys_sendmsg+0xe5/0x1b0 [ 63.391119][ T3610] ? __sys_sendmsg_sock+0x30/0x30 [ 63.396140][ T3610] ? syscall_enter_from_user_mode+0x21/0x70 [ 63.402020][ T3610] do_syscall_64+0x35/0xb0 [ 63.406441][ T3610] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 63.412331][ T3610] RIP: 0033:0x7f956df9dd99 [ 63.416826][ T3610] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 63.436428][ T3610] RSP: 002b:00007ffe52219d48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 63.444931][ T3610] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f956df9dd99 [ 63.452888][ T3610] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 63.460930][ T3610] RBP: 00007f956df61800 R08: 0000000000000002 R09: 0000000000000000 [ 63.468887][ T3610] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f956df61890 [ 63.476845][ T3610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 63.484822][ T3610] [ 63.487995][ T3610] [ 63.490319][ T3610] ============================= [ 63.495153][ T3610] [ BUG: Invalid wait context ] [ 63.499981][ T3610] 5.16.0-rc4-syzkaller #0 Tainted: G W [ 63.506983][ T3610] ----------------------------- [ 63.511812][ T3610] syz-executor933/3610 is trying to lock: [ 63.517753][ T3610] ffffffff8bc8ac68 (pcpu_alloc_mutex){+.+.}-{3:3}, at: pcpu_alloc+0xb12/0x1350 [ 63.526710][ T3610] other info that might help us debug this: [ 63.532580][ T3610] context-{4:4} [ 63.536020][ T3610] 4 locks held by syz-executor933/3610: [ 63.541554][ T3610] #0: ffffffff8d3a38d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 63.549750][ T3610] #1: ffffffff8d3a3988 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x3e0/0x580 [ 63.558718][ T3610] #2: ffffffff8d310e68 (rtnl_mutex){+.+.}-{3:3}, at: tipc_nl_node_set_key+0x7b/0xf70 [ 63.568554][ T3610] #3: ffff888023018068 (&tn->node_list_lock){+...}-{2:2}, at: tipc_node_create+0x179/0x1f60 [ 63.578736][ T3610] stack backtrace: [ 63.582549][ T3610] CPU: 0 PID: 3610 Comm: syz-executor933 Tainted: G W 5.16.0-rc4-syzkaller #0 [ 63.592701][ T3610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.602749][ T3610] Call Trace: [ 63.606026][ T3610] [ 63.608950][ T3610] dump_stack_lvl+0xcd/0x134 [ 63.613549][ T3610] __lock_acquire.cold+0x213/0x3ab [ 63.618658][ T3610] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 63.624631][ T3610] ? __stack_depot_save+0x246/0x4f0 [ 63.629826][ T3610] lock_acquire+0x1ab/0x510 [ 63.634322][ T3610] ? pcpu_alloc+0xb12/0x1350 [ 63.638905][ T3610] ? lock_release+0x720/0x720 [ 63.643575][ T3610] ? __stack_depot_save+0x246/0x4f0 [ 63.648776][ T3610] __mutex_lock+0x12f/0x12f0 [ 63.653364][ T3610] ? pcpu_alloc+0xb12/0x1350 [ 63.657943][ T3610] ? netlink_unicast+0x533/0x7d0 [ 63.662875][ T3610] ? netlink_sendmsg+0x904/0xdf0 [ 63.667808][ T3610] ? sock_sendmsg+0xcf/0x120 [ 63.672400][ T3610] ? ___sys_sendmsg+0xf3/0x170 [ 63.677162][ T3610] ? __sys_sendmsg+0xe5/0x1b0 [ 63.681918][ T3610] ? pcpu_alloc+0xb12/0x1350 [ 63.686500][ T3610] ? lockdep_hardirqs_on+0x79/0x100 [ 63.691688][ T3610] ? mutex_lock_io_nested+0x1150/0x1150 [ 63.697231][ T3610] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 63.703382][ T3610] ? tipc_crypto_start+0xc7/0xbe0 [ 63.708594][ T3610] ? dump_stack_lvl+0x120/0x134 [ 63.713457][ T3610] pcpu_alloc+0xb12/0x1350 [ 63.717881][ T3610] tipc_crypto_start+0xf5/0xbe0 [ 63.722744][ T3610] ? tipc_crypto_key_flush+0x8b0/0x8b0 [ 63.728204][ T3610] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 63.734444][ T3610] ? tipc_nodeid2string+0x205/0x350 [ 63.739640][ T3610] tipc_node_create+0xb42/0x1f60 [ 63.744578][ T3610] tipc_nl_node_set_key+0xd6d/0xf70 [ 63.749776][ T3610] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 63.756015][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.762252][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290 [ 63.769617][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290 [ 63.776989][ T3610] genl_family_rcv_msg_doit+0x228/0x320 [ 63.782532][ T3610] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 63.789900][ T3610] ? mutex_lock_io_nested+0x1150/0x1150 [ 63.795474][ T3610] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 63.801714][ T3610] ? __radix_tree_lookup+0x211/0x2a0 [ 63.806991][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.813229][ T3610] ? genl_get_cmd+0x3cf/0x480 [ 63.817902][ T3610] genl_rcv_msg+0x328/0x580 [ 63.822403][ T3610] ? genl_get_cmd+0x480/0x480 [ 63.827076][ T3610] ? tipc_nl_node_dump_monitor_peer+0x590/0x590 [ 63.833319][ T3610] ? lock_release+0x720/0x720 [ 63.837997][ T3610] netlink_rcv_skb+0x153/0x420 [ 63.842755][ T3610] ? genl_get_cmd+0x480/0x480 [ 63.847430][ T3610] ? netlink_ack+0xa60/0xa60 [ 63.852015][ T3610] ? netlink_deliver_tap+0x1b1/0xc30 [ 63.857292][ T3610] ? _copy_from_iter+0x12b/0x1320 [ 63.862309][ T3610] genl_rcv+0x24/0x40 [ 63.866285][ T3610] netlink_unicast+0x533/0x7d0 [ 63.871044][ T3610] ? netlink_attachskb+0x880/0x880 [ 63.876149][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.882386][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.888630][ T3610] ? __phys_addr_symbol+0x2c/0x70 [ 63.893647][ T3610] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 63.899361][ T3610] ? __check_object_size+0x16e/0x3f0 [ 63.904654][ T3610] netlink_sendmsg+0x904/0xdf0 [ 63.909419][ T3610] ? netlink_unicast+0x7d0/0x7d0 [ 63.914353][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.920590][ T3610] ? netlink_unicast+0x7d0/0x7d0 [ 63.925521][ T3610] sock_sendmsg+0xcf/0x120 [ 63.929935][ T3610] ____sys_sendmsg+0x6e8/0x810 [ 63.934701][ T3610] ? kernel_sendmsg+0x50/0x50 [ 63.939371][ T3610] ? do_recvmmsg+0x6d0/0x6d0 [ 63.943964][ T3610] ? lock_chain_count+0x20/0x20 [ 63.948809][ T3610] ? lock_downgrade+0x6e0/0x6e0 [ 63.953655][ T3610] ___sys_sendmsg+0xf3/0x170 [ 63.958247][ T3610] ? sendmsg_copy_msghdr+0x160/0x160 [ 63.963524][ T3610] ? __lock_acquire+0x162f/0x54a0 [ 63.968546][ T3610] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 63.974518][ T3610] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 63.980496][ T3610] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 63.986731][ T3610] ? __fget_light+0x215/0x280 [ 63.991407][ T3610] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 63.997647][ T3610] __sys_sendmsg+0xe5/0x1b0 [ 64.002140][ T3610] ? __sys_sendmsg_sock+0x30/0x30 [ 64.007506][ T3610] ? syscall_enter_from_user_mode+0x21/0x70 [ 64.013479][ T3610] do_syscall_64+0x35/0xb0 [ 64.017891][ T3610] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 64.023780][ T3610] RIP: 0033:0x7f956df9dd99 [ 64.028182][ T3610] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 64.047776][ T3610] RSP: 002b:00007ffe52219d48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 64.056177][ T3610] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f956df9dd99 [ 64.064139][ T3610] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 64.072098][ T3610] RBP: 00007f956df61800 R08: 0000000000000002 R09: 0000000000000000 [ 64.080153][ T3610] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f956df61890 [ 64.088133][ T3610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.096101][ T3610] [ 64.099604][ T7] tipc: Node number set to 1