Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.196' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 66.084272][ T8502] wlan1 speed is unknown, defaulting to 1000 [ 66.090603][ T8502] wlan1 speed is unknown, defaulting to 1000 [ 66.098641][ T8502] wlan1 speed is unknown, defaulting to 1000 [ 66.107237][ T8502] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 66.118074][ T8502] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 66.125316][ T8502] [ 66.127624][ T8502] ============================================ [ 66.133744][ T8502] WARNING: possible recursive locking detected [ 66.139875][ T8502] 5.10.0-rc4-next-20201118-syzkaller #0 Not tainted [ 66.146447][ T8502] -------------------------------------------- [ 66.152570][ T8502] syz-executor872/8502 is trying to acquire lock: [ 66.158968][ T8502] ffffffff8c684748 (lock#6){+.+.}-{3:3}, at: _destroy_id+0x299/0xa00 [ 66.167025][ T8502] [ 66.167025][ T8502] but task is already holding lock: [ 66.174365][ T8502] ffffffff8c684748 (lock#6){+.+.}-{3:3}, at: cma_add_one+0x55c/0xce0 [ 66.182423][ T8502] [ 66.182423][ T8502] other info that might help us debug this: [ 66.190480][ T8502] Possible unsafe locking scenario: [ 66.190480][ T8502] [ 66.197903][ T8502] CPU0 [ 66.201159][ T8502] ---- [ 66.204412][ T8502] lock(lock#6); [ 66.208111][ T8502] lock(lock#6); [ 66.211722][ T8502] [ 66.211722][ T8502] *** DEADLOCK *** [ 66.211722][ T8502] [ 66.219860][ T8502] May be due to missing lock nesting notation [ 66.219860][ T8502] [ 66.228153][ T8502] 6 locks held by syz-executor872/8502: [ 66.233665][ T8502] #0: ffffffff8fa76958 (&rdma_nl_types[idx].sem){.+.+}-{3:3}, at: rdma_nl_rcv_msg+0x15b/0x690 [ 66.244010][ T8502] #1: ffffffff8c66c490 (link_ops_rwsem){++++}-{3:3}, at: nldev_newlink+0x261/0x540 [ 66.253363][ T8502] #2: ffffffff8c65bd90 (devices_rwsem){++++}-{3:3}, at: enable_device_and_get+0xfc/0x3c0 [ 66.263238][ T8502] #3: ffffffff8c65bc50 (clients_rwsem){++++}-{3:3}, at: enable_device_and_get+0x163/0x3c0 [ 66.273199][ T8502] #4: ffff888026f28598 (&device->client_data_rwsem){++++}-{3:3}, at: add_client_context+0x3d0/0x5e0 [ 66.284049][ T8502] #5: ffffffff8c684748 (lock#6){+.+.}-{3:3}, at: cma_add_one+0x55c/0xce0 [ 66.292553][ T8502] [ 66.292553][ T8502] stack backtrace: [ 66.298434][ T8502] CPU: 1 PID: 8502 Comm: syz-executor872 Not tainted 5.10.0-rc4-next-20201118-syzkaller #0 [ 66.308479][ T8502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.318550][ T8502] Call Trace: [ 66.321826][ T8502] dump_stack+0x107/0x163 [ 66.326153][ T8502] __lock_acquire.cold+0x115/0x39f [ 66.331245][ T8502] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 66.337203][ T8502] lock_acquire+0x2a3/0x8c0 [ 66.341684][ T8502] ? _destroy_id+0x299/0xa00 [ 66.346249][ T8502] ? lock_release+0x710/0x710 [ 66.350901][ T8502] ? __lock_acquire+0x26cb/0x5c00 [ 66.355919][ T8502] __mutex_lock+0x134/0x1110 [ 66.360482][ T8502] ? _destroy_id+0x299/0xa00 [ 66.365046][ T8502] ? _destroy_id+0x299/0xa00 [ 66.369607][ T8502] ? lock_downgrade+0x6d0/0x6d0 [ 66.374430][ T8502] ? mutex_lock_io_nested+0xf60/0xf60 [ 66.379775][ T8502] ? find_held_lock+0x2d/0x110 [ 66.385208][ T8502] ? __mutex_unlock_slowpath+0xe2/0x610 [ 66.390726][ T8502] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 66.396689][ T8502] ? cma_cancel_operation+0x26/0xa60 [ 66.401968][ T8502] ? wait_for_completion_io+0x260/0x260 [ 66.407494][ T8502] _destroy_id+0x299/0xa00 [ 66.411943][ T8502] cma_listen_on_dev.cold+0x168/0x16d [ 66.417300][ T8502] cma_add_one+0x667/0xce0 [ 66.421715][ T8502] ? cma_remove_one+0x470/0x470 [ 66.426645][ T8502] ? do_raw_spin_unlock+0x171/0x230 [ 66.431820][ T8502] ? cma_remove_one+0x470/0x470 [ 66.436738][ T8502] add_client_context+0x405/0x5e0 [ 66.441751][ T8502] ? remove_client_context+0x110/0x110 [ 66.447185][ T8502] ? __raw_spin_lock_init+0x34/0x100 [ 66.452457][ T8502] enable_device_and_get+0x1d5/0x3c0 [ 66.457716][ T8502] ? add_one_compat_dev+0x800/0x800 [ 66.462887][ T8502] ? rdma_counter_init+0x205/0x400 [ 66.467976][ T8502] ib_register_device+0x7a0/0xa30 [ 66.472977][ T8502] ? enable_device_and_get+0x3c0/0x3c0 [ 66.478410][ T8502] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 66.484206][ T8502] ? lockdep_init_map_waits+0x26a/0x720 [ 66.489726][ T8502] siw_newlink+0xddb/0x1340 [ 66.494205][ T8502] ? siw_get_base_qp+0x490/0x490 [ 66.499116][ T8502] nldev_newlink+0x30e/0x540 [ 66.503679][ T8502] ? nldev_set_doit+0x430/0x430 [ 66.508516][ T8502] ? mark_lock+0xafe/0x24c0 [ 66.513007][ T8502] ? lock_release+0x710/0x710 [ 66.517678][ T8502] ? mark_lock+0xf7/0x24c0 [ 66.522086][ T8502] ? apparmor_capable+0x1d8/0x460 [ 66.527099][ T8502] ? ns_capable+0xde/0x100 [ 66.531515][ T8502] ? nldev_set_doit+0x430/0x430 [ 66.536345][ T8502] rdma_nl_rcv_msg+0x367/0x690 [ 66.541096][ T8502] ? rdma_nl_multicast+0x310/0x310 [ 66.546181][ T8502] rdma_nl_rcv+0x2f2/0x440 [ 66.550570][ T8502] ? rdma_nl_rcv_msg+0x690/0x690 [ 66.555481][ T8502] ? netlink_deliver_tap+0x227/0xb70 [ 66.560853][ T8502] netlink_unicast+0x533/0x7d0 [ 66.565613][ T8502] ? netlink_attachskb+0x870/0x870 [ 66.570707][ T8502] ? __phys_addr_symbol+0x2c/0x70 [ 66.575706][ T8502] ? __check_object_size+0x171/0x3f0 [ 66.580991][ T8502] netlink_sendmsg+0x856/0xd90 [ 66.585734][ T8502] ? netlink_unicast+0x7d0/0x7d0 [ 66.590647][ T8502] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 66.595919][ T8502] ? netlink_unicast+0x7d0/0x7d0 [ 66.600827][ T8502] sock_sendmsg+0xcf/0x120 [ 66.605235][ T8502] ____sys_sendmsg+0x6e8/0x810 [ 66.609985][ T8502] ? kernel_sendmsg+0x50/0x50 [ 66.614640][ T8502] ? do_recvmmsg+0x6c0/0x6c0 [ 66.619225][ T8502] ? find_held_lock+0x2d/0x110 [ 66.623976][ T8502] ___sys_sendmsg+0xf3/0x170 [ 66.628543][ T8502] ? sendmsg_copy_msghdr+0x160/0x160 [ 66.633820][ T8502] ? do_huge_pmd_anonymous_page+0x8bd/0x2000 [ 66.639782][ T8502] ? find_held_lock+0x2d/0x110 [ 66.644535][ T8502] ? __fget_light+0x215/0x280 [ 66.649204][ T8502] __sys_sendmsg+0xe5/0x1b0 [ 66.653683][ T8502] ? __sys_sendmsg_sock+0xb0/0xb0 [ 66.658688][ T8502] ? syscall_enter_from_user_mode+0x1d/0x50 [ 66.664557][ T8502] do_syscall_64+0x2d/0x70 [ 66.668950][ T8502] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 66.674830][ T8502] RIP: 0033:0x440339 [ 66.678714][ T8502] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.698290][ T8502] RSP: 002b:00007fff91ac9ae8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.706675][ T8502] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440339 [ 66.714636][ T8502] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 66.722596][ T8502] RBP: 00000000006ca018 R08: 0000000000000014 R09: 00000000004002c8 [ 66.730551][ T8502] R10: 0000000000000041 R11: 0000000000000246 R12: 0000000000401b40 [ 66.738511][ T8502] R13: 0000000000401bd0 R14: 0000000000000000 R15: 0000000000000000