[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.157' (ECDSA) to the list of known hosts. 2021/07/14 20:27:27 parsed 1 programs syzkaller login: [ 410.535039][ T4394] [ 410.537429][ T4394] ====================================================== [ 410.544450][ T4394] WARNING: possible circular locking dependency detected [ 410.551489][ T4394] 5.14.0-rc1-syzkaller #0 Not tainted [ 410.556855][ T4394] ------------------------------------------------------ [ 410.563878][ T4394] syz-execprog/4394 is trying to acquire lock: [ 410.570036][ T4394] ffffffff87750940 (fs_reclaim){+.+.}-{0:0}, at: fs_reclaim_acquire+0xf7/0x160 [ 410.578991][ T4394] [ 410.578991][ T4394] but task is already holding lock: [ 410.586340][ T4394] ffff8881f694bee0 (lock#2){..-.}-{2:2}, at: __alloc_pages_bulk+0x406/0x1600 [ 410.595136][ T4394] [ 410.595136][ T4394] which lock already depends on the new lock. [ 410.595136][ T4394] [ 410.605530][ T4394] [ 410.605530][ T4394] the existing dependency chain (in reverse order) is: [ 410.614548][ T4394] [ 410.614548][ T4394] -> #3 (lock#2){..-.}-{2:2}: [ 410.621407][ T4394] get_page_from_freelist+0xc9b/0x28b0 [ 410.627403][ T4394] __alloc_pages+0x1b2/0x4e0 [ 410.632509][ T4394] alloc_pages+0x18c/0x2a0 [ 410.637463][ T4394] allocate_slab+0x32b/0x4c0 [ 410.642568][ T4394] ___slab_alloc+0x4ba/0x820 [ 410.647674][ T4394] __slab_alloc+0x68/0x80 [ 410.652517][ T4394] kmem_cache_alloc+0x339/0x360 [ 410.657879][ T4394] anon_vma_clone+0xe0/0x5f0 [ 410.662999][ T4394] anon_vma_fork+0x82/0x630 [ 410.668032][ T4394] dup_mm+0x8a6/0x11e0 [ 410.672648][ T4394] copy_process+0x5ec0/0x7040 [ 410.677843][ T4394] kernel_clone+0xe7/0xa70 [ 410.682790][ T4394] __do_sys_clone+0xc8/0x110 [ 410.687931][ T4394] do_syscall_64+0x35/0xb0 [ 410.692879][ T4394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 410.699303][ T4394] [ 410.699303][ T4394] -> #2 (&anon_vma->rwsem){++++}-{3:3}: [ 410.707135][ T4394] down_write+0x92/0x150 [ 410.711898][ T4394] __vma_adjust+0x2f5/0x26b0 [ 410.717011][ T4394] __split_vma+0x2b3/0x550 [ 410.721968][ T4394] split_vma+0x95/0xd0 [ 410.726563][ T4394] mprotect_fixup+0x6eb/0x8e0 [ 410.731796][ T4394] do_mprotect_pkey+0x558/0x9a0 [ 410.737170][ T4394] __x64_sys_mprotect+0x74/0xb0 [ 410.742569][ T4394] do_syscall_64+0x35/0xb0 [ 410.747523][ T4394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 410.753955][ T4394] [ 410.753955][ T4394] -> #1 (&mapping->i_mmap_rwsem){+.+.}-{3:3}: [ 410.762209][ T4394] down_write+0x92/0x150 [ 410.766978][ T4394] dma_resv_lockdep+0x348/0x540 [ 410.772378][ T4394] do_one_initcall+0x103/0x5d0 [ 410.777654][ T4394] kernel_init_freeable+0x6ae/0x737 [ 410.783371][ T4394] kernel_init+0x1a/0x1d0 [ 410.788220][ T4394] ret_from_fork+0x1f/0x30 [ 410.793163][ T4394] [ 410.793163][ T4394] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 410.800372][ T4394] __lock_acquire+0x2a07/0x54a0 [ 410.805755][ T4394] lock_acquire+0x19d/0x4d0 [ 410.810776][ T4394] fs_reclaim_acquire+0x117/0x160 [ 410.816321][ T4394] prepare_alloc_pages+0x155/0x4f0 [ 410.821978][ T4394] __alloc_pages+0x12f/0x4e0 [ 410.827096][ T4394] alloc_pages+0x18c/0x2a0 [ 410.832136][ T4394] stack_depot_save+0x39d/0x4e0 [ 410.837527][ T4394] save_stack+0x102/0x1d0 [ 410.842485][ T4394] __set_page_owner+0x50/0x290 [ 410.847773][ T4394] __alloc_pages_bulk+0x7ed/0x1600 [ 410.853406][ T4394] __vmalloc_node_range+0x39d/0x960 [ 410.859178][ T4394] vmalloc_user+0x67/0x80 [ 410.864042][ T4394] kcov_mmap+0x2b/0x140 [ 410.868738][ T4394] mmap_region+0xb55/0x1610 [ 410.873764][ T4394] do_mmap+0x86e/0x1180 [ 410.878460][ T4394] vm_mmap_pgoff+0x1b7/0x280 [ 410.883590][ T4394] ksys_mmap_pgoff+0x4a8/0x620 [ 410.888870][ T4394] do_syscall_64+0x35/0xb0 [ 410.893809][ T4394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 410.900241][ T4394] [ 410.900241][ T4394] other info that might help us debug this: [ 410.900241][ T4394] [ 410.910462][ T4394] Chain exists of: [ 410.910462][ T4394] fs_reclaim --> &anon_vma->rwsem --> lock#2 [ 410.910462][ T4394] [ 410.922353][ T4394] Possible unsafe locking scenario: [ 410.922353][ T4394] [ 410.929792][ T4394] CPU0 CPU1 [ 410.935156][ T4394] ---- ---- [ 410.940507][ T4394] lock(lock#2); [ 410.944138][ T4394] lock(&anon_vma->rwsem); [ 410.951143][ T4394] lock(lock#2); [ 410.957291][ T4394] lock(fs_reclaim); [ 410.961263][ T4394] [ 410.961263][ T4394] *** DEADLOCK *** [ 410.961263][ T4394] [ 410.969391][ T4394] 2 locks held by syz-execprog/4394: [ 410.974667][ T4394] #0: ffff888115905528 (&mm->mmap_lock#2){++++}-{3:3}, at: vm_mmap_pgoff+0x15c/0x280 [ 410.984252][ T4394] #1: ffff8881f694bee0 (lock#2){..-.}-{2:2}, at: __alloc_pages_bulk+0x406/0x1600 [ 410.993465][ T4394] [ 410.993465][ T4394] stack backtrace: [ 410.999344][ T4394] CPU: 1 PID: 4394 Comm: syz-execprog Not tainted 5.14.0-rc1-syzkaller #0 [ 411.007848][ T4394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.017896][ T4394] Call Trace: [ 411.021165][ T4394] dump_stack_lvl+0xcd/0x134 [ 411.025747][ T4394] check_noncircular+0x25f/0x2e0 [ 411.030694][ T4394] ? deref_stack_reg+0x150/0x150 [ 411.035652][ T4394] ? print_circular_bug+0x1e0/0x1e0 [ 411.040853][ T4394] ? __unwind_start+0x51b/0x800 [ 411.045708][ T4394] ? create_prof_cpu_mask+0x20/0x20 [ 411.050927][ T4394] ? lockdep_lock+0xba/0x200 [ 411.055539][ T4394] ? call_rcu_zapped+0xb0/0xb0 [ 411.060303][ T4394] __lock_acquire+0x2a07/0x54a0 [ 411.065161][ T4394] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 411.071135][ T4394] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 411.077382][ T4394] ? register_early_stack+0xb0/0xb0 [ 411.082593][ T4394] lock_acquire+0x19d/0x4d0 [ 411.087116][ T4394] ? fs_reclaim_acquire+0xf7/0x160 [ 411.092273][ T4394] ? lock_release+0x6e0/0x6e0 [ 411.096968][ T4394] ? lock_chain_count+0x20/0x20 [ 411.101823][ T4394] ? mark_lock+0xef/0x17b0 [ 411.106237][ T4394] ? deref_stack_reg+0xee/0x150 [ 411.111103][ T4394] fs_reclaim_acquire+0x117/0x160 [ 411.116284][ T4394] ? fs_reclaim_acquire+0xf7/0x160 [ 411.121401][ T4394] prepare_alloc_pages+0x155/0x4f0 [ 411.126654][ T4394] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.132728][ T4394] __alloc_pages+0x12f/0x4e0 [ 411.137339][ T4394] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 411.144103][ T4394] ? __unwind_start+0x51b/0x800 [ 411.148968][ T4394] ? __kernel_text_address+0x5a/0xc0 [ 411.154255][ T4394] alloc_pages+0x18c/0x2a0 [ 411.158675][ T4394] stack_depot_save+0x39d/0x4e0 [ 411.163553][ T4394] save_stack+0x102/0x1d0 [ 411.167946][ T4394] ? register_early_stack+0xb0/0xb0 [ 411.173162][ T4394] ? __alloc_pages_bulk+0x7ed/0x1600 [ 411.178448][ T4394] ? __vmalloc_node_range+0x39d/0x960 [ 411.183846][ T4394] ? vmalloc_user+0x67/0x80 [ 411.188354][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.192693][ T4394] ? mmap_region+0xb55/0x1610 [ 411.197391][ T4394] ? do_mmap+0x86e/0x1180 [ 411.201734][ T4394] ? vm_mmap_pgoff+0x1b7/0x280 [ 411.206530][ T4394] ? ksys_mmap_pgoff+0x4a8/0x620 [ 411.211496][ T4394] ? do_syscall_64+0x35/0xb0 [ 411.216087][ T4394] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.222348][ T4394] ? lock_release+0x6e0/0x6e0 [ 411.227025][ T4394] __set_page_owner+0x50/0x290 [ 411.231899][ T4394] ? post_alloc_hook+0x145/0x1e0 [ 411.236869][ T4394] __alloc_pages_bulk+0x7ed/0x1600 [ 411.242005][ T4394] ? __alloc_pages+0x4e0/0x4e0 [ 411.246780][ T4394] ? rwlock_bug.part.0+0x90/0x90 [ 411.251737][ T4394] ? rcu_read_lock_sched_held+0x3a/0x70 [ 411.257299][ T4394] ? trace_kmalloc_node+0x32/0xe0 [ 411.262341][ T4394] __vmalloc_node_range+0x39d/0x960 [ 411.267560][ T4394] ? vfree_atomic+0xe0/0xe0 [ 411.272082][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.276447][ T4394] vmalloc_user+0x67/0x80 [ 411.280777][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.285107][ T4394] kcov_mmap+0x2b/0x140 [ 411.289269][ T4394] ? memset+0x20/0x40 [ 411.293248][ T4394] mmap_region+0xb55/0x1610 [ 411.297757][ T4394] do_mmap+0x86e/0x1180 [ 411.301921][ T4394] vm_mmap_pgoff+0x1b7/0x280 [ 411.306511][ T4394] ? randomize_stack_top+0x100/0x100 [ 411.311808][ T4394] ? __fget_files+0x246/0x3e0 [ 411.316501][ T4394] ksys_mmap_pgoff+0x4a8/0x620 [ 411.321276][ T4394] ? mlock_future_check+0x120/0x120 [ 411.326498][ T4394] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 411.332490][ T4394] ? syscall_enter_from_user_mode+0x21/0x70 [ 411.338387][ T4394] do_syscall_64+0x35/0xb0 [ 411.342806][ T4394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.348698][ T4394] RIP: 0033:0x4b132a [ 411.352590][ T4394] Code: e8 db 57 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 411.372754][ T4394] RSP: 002b:000000c00019ba10 EFLAGS: 00000202 ORIG_RAX: 0000000000000009 [ 411.381164][ T4394] RAX: ffffffffffffffda RBX: 000000c000020800 RCX: 00000000004b132a [ 411.389137][ T4394] RDX: 0000000000000003 RSI: 0000000000080000 RDI: 0000000000000000 [ 411.397108][ T4394] RBP: 000000c00019ba70 R08: 0000000000000006 R09: 0000000000000000 [ 411.405110][ T4394] R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000727f1a [ 411.413076][ T4394] R13: 0000000000000198 R14: 0000000000000200 R15: 0000000000000100 [ 411.421065][ T4394] BUG: sleeping function called from invalid context at mm/page_alloc.c:5167 [ 411.429811][ T4394] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 4394, name: syz-execprog [ 411.439011][ T4394] INFO: lockdep is turned off. [ 411.443761][ T4394] irq event stamp: 5174 [ 411.447923][ T4394] hardirqs last enabled at (5173): [] _raw_spin_unlock_irqrestore+0x42/0x50 [ 411.458258][ T4394] hardirqs last disabled at (5174): [] __alloc_pages_bulk+0xebb/0x1600 [ 411.468057][ T4394] softirqs last enabled at (4516): [] __fpu_restore_sig+0x391/0xff0 [ 411.477701][ T4394] softirqs last disabled at (4514): [] __fpu_restore_sig+0x1eb/0xff0 [ 411.487333][ T4394] CPU: 1 PID: 4394 Comm: syz-execprog Not tainted 5.14.0-rc1-syzkaller #0 [ 411.495853][ T4394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.505911][ T4394] Call Trace: [ 411.509198][ T4394] dump_stack_lvl+0xcd/0x134 [ 411.513777][ T4394] ___might_sleep.cold+0x141/0x16f [ 411.518879][ T4394] prepare_alloc_pages+0x32d/0x4f0 [ 411.524000][ T4394] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.530086][ T4394] __alloc_pages+0x12f/0x4e0 [ 411.534701][ T4394] ? __alloc_pages_slowpath.constprop.0+0x20e0/0x20e0 [ 411.541499][ T4394] ? __unwind_start+0x51b/0x800 [ 411.546358][ T4394] ? __kernel_text_address+0x5a/0xc0 [ 411.551659][ T4394] alloc_pages+0x18c/0x2a0 [ 411.556079][ T4394] stack_depot_save+0x39d/0x4e0 [ 411.560943][ T4394] save_stack+0x102/0x1d0 [ 411.565327][ T4394] ? register_early_stack+0xb0/0xb0 [ 411.570559][ T4394] ? __alloc_pages_bulk+0x7ed/0x1600 [ 411.575867][ T4394] ? __vmalloc_node_range+0x39d/0x960 [ 411.581291][ T4394] ? vmalloc_user+0x67/0x80 [ 411.585829][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.590178][ T4394] ? mmap_region+0xb55/0x1610 [ 411.594901][ T4394] ? do_mmap+0x86e/0x1180 [ 411.599246][ T4394] ? vm_mmap_pgoff+0x1b7/0x280 [ 411.604018][ T4394] ? ksys_mmap_pgoff+0x4a8/0x620 [ 411.608974][ T4394] ? do_syscall_64+0x35/0xb0 [ 411.613566][ T4394] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.619650][ T4394] ? lock_release+0x6e0/0x6e0 [ 411.624329][ T4394] __set_page_owner+0x50/0x290 [ 411.629113][ T4394] ? post_alloc_hook+0x145/0x1e0 [ 411.634072][ T4394] __alloc_pages_bulk+0x7ed/0x1600 [ 411.639181][ T4394] ? __alloc_pages+0x4e0/0x4e0 [ 411.643938][ T4394] ? rwlock_bug.part.0+0x90/0x90 [ 411.648885][ T4394] ? rcu_read_lock_sched_held+0x3a/0x70 [ 411.654442][ T4394] ? trace_kmalloc_node+0x32/0xe0 [ 411.659467][ T4394] __vmalloc_node_range+0x39d/0x960 [ 411.664689][ T4394] ? vfree_atomic+0xe0/0xe0 [ 411.669196][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.673528][ T4394] vmalloc_user+0x67/0x80 [ 411.677886][ T4394] ? kcov_mmap+0x2b/0x140 [ 411.682227][ T4394] kcov_mmap+0x2b/0x140 [ 411.686387][ T4394] ? memset+0x20/0x40 [ 411.690383][ T4394] mmap_region+0xb55/0x1610 [ 411.694901][ T4394] do_mmap+0x86e/0x1180 [ 411.699092][ T4394] vm_mmap_pgoff+0x1b7/0x280 [ 411.703685][ T4394] ? randomize_stack_top+0x100/0x100 [ 411.708989][ T4394] ? __fget_files+0x246/0x3e0 [ 411.713701][ T4394] ksys_mmap_pgoff+0x4a8/0x620 [ 411.718469][ T4394] ? mlock_future_check+0x120/0x120 [ 411.723673][ T4394] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 411.729657][ T4394] ? syscall_enter_from_user_mode+0x21/0x70 [ 411.735575][ T4394] do_syscall_64+0x35/0xb0 [ 411.740014][ T4394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 411.745921][ T4394] RIP: 0033:0x4b132a [ 411.749816][ T4394] Code: e8 db 57 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 411.769431][ T4394] RSP: 002b:000000c00019ba10 EFLAGS: 00000202 ORIG_RAX: 0000000000000009 [ 411.777848][ T4394] RAX: ffffffffffffffda RBX: 000000c000020800 RCX: 00000000004b132a [ 411.785815][ T4394] RDX: 0000000000000003 RSI: 0000000000080000 RDI: 0000000000000000 [ 411.793786][ T4394] RBP: 000000c00019ba70 R08: 0000000000000006 R09: 0000000000000000 [ 411.801754][ T4394] R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000727f1a [ 411.809724][ T4394] R13: 0000000000000198 R14: 0000000000000200 R15: 0000000000000100 2021/07/14 20:27:30 executed programs: 0 [ 413.934454][ T4408] cgroup: Unknown subsys name 'perf_event' [ 413.954003][ T4408] cgroup: Unknown subsys name 'net_cls' [ 413.991135][ T4411] cgroup: Unknown subsys name 'perf_event' [ 413.998610][ T4411] cgroup: Unknown subsys name 'net_cls' [ 414.013564][ T4414] cgroup: Unknown subsys name 'perf_event' [ 414.028188][ T4414] cgroup: Unknown subsys name 'net_cls' [ 414.091272][ T4429] cgroup: Unknown subsys name 'perf_event' [ 414.102415][ T4431] cgroup: Unknown subsys name 'perf_event' [ 414.108751][ T4429] cgroup: Unknown subsys name 'net_cls' [ 414.122155][ T4431] cgroup: Unknown subsys name 'net_cls' [ 414.129969][ T4435] cgroup: Unknown subsys name 'perf_event' [ 414.136477][ T4435] cgroup: Unknown subsys name 'net_cls'