[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 71.563371][ T26] audit: type=1800 audit(1583379403.389:25): pid=9729 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 71.583582][ T26] audit: type=1800 audit(1583379403.389:26): pid=9729 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 71.611207][ T26] audit: type=1800 audit(1583379403.399:27): pid=9729 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.125' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 83.289071][ T9883] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 83.299094][ T9883] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 83.312366][ T9883] netlink: 'syz-executor715': attribute type 1 has an invalid length. [ 83.354042][ T9883] bond1: (slave gretap1): making interface the new active one [ 83.372207][ T9883] [ 83.374576][ T9883] ====================================================== [ 83.381598][ T9883] WARNING: possible circular locking dependency detected [ 83.388619][ T9883] 5.6.0-rc2-syzkaller #0 Not tainted [ 83.393898][ T9883] ------------------------------------------------------ [ 83.400923][ T9883] syz-executor715/9883 is trying to acquire lock: [ 83.407358][ T9883] ffffffff8a5d2a60 (lock#3){+.+.}, at: cma_netdev_callback+0xc6/0x380 [ 83.415568][ T9883] [ 83.415568][ T9883] but task is already holding lock: [ 83.422937][ T9883] ffffffff8a74da00 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 83.431370][ T9883] [ 83.431370][ T9883] which lock already depends on the new lock. [ 83.431370][ T9883] [ 83.441909][ T9883] [ 83.441909][ T9883] the existing dependency chain (in reverse order) is: [ 83.450922][ T9883] [ 83.450922][ T9883] -> #1 (rtnl_mutex){+.+.}: [ 83.457616][ T9883] __mutex_lock+0x156/0x13c0 [ 83.462748][ T9883] mutex_lock_nested+0x16/0x20 [ 83.468045][ T9883] rtnl_lock+0x17/0x20 [ 83.472644][ T9883] siw_create_listen+0x329/0xed0 [ 83.478115][ T9883] iw_cm_listen+0x16e/0x1f0 [ 83.483147][ T9883] rdma_listen+0x613/0x970 [ 83.488091][ T9883] cma_listen_on_dev+0x530/0x6a0 [ 83.493556][ T9883] cma_add_one+0x6fe/0xbf0 [ 83.498502][ T9883] add_client_context+0x3dd/0x550 [ 83.504058][ T9883] enable_device_and_get+0x1df/0x3c0 [ 83.509866][ T9883] ib_register_device+0xa89/0xe40 [ 83.515415][ T9883] siw_newlink+0xdef/0x1310 [ 83.520445][ T9883] nldev_newlink+0x28a/0x430 [ 83.525567][ T9883] rdma_nl_rcv+0x5d9/0x980 [ 83.530511][ T9883] netlink_unicast+0x59e/0x7e0 [ 83.535810][ T9883] netlink_sendmsg+0x91c/0xea0 [ 83.541097][ T9883] sock_sendmsg+0xd7/0x130 [ 83.546038][ T9883] ____sys_sendmsg+0x753/0x880 [ 83.551329][ T9883] ___sys_sendmsg+0x100/0x170 [ 83.556536][ T9883] __sys_sendmsg+0x105/0x1d0 [ 83.561657][ T9883] __x64_sys_sendmsg+0x78/0xb0 [ 83.566958][ T9883] do_syscall_64+0xfa/0x790 [ 83.571992][ T9883] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 83.578393][ T9883] [ 83.578393][ T9883] -> #0 (lock#3){+.+.}: [ 83.584739][ T9883] __lock_acquire+0x2596/0x4a00 [ 83.590122][ T9883] lock_acquire+0x190/0x410 [ 83.595159][ T9883] __mutex_lock+0x156/0x13c0 [ 83.600276][ T9883] mutex_lock_nested+0x16/0x20 [ 83.605564][ T9883] cma_netdev_callback+0xc6/0x380 [ 83.611111][ T9883] notifier_call_chain+0xc2/0x230 [ 83.616675][ T9883] raw_notifier_call_chain+0x2e/0x40 [ 83.622486][ T9883] call_netdevice_notifiers_info+0xba/0x130 [ 83.628909][ T9883] call_netdevice_notifiers+0x79/0xa0 [ 83.634812][ T9883] bond_change_active_slave+0x8a8/0x2050 [ 83.640980][ T9883] bond_select_active_slave+0x276/0xae0 [ 83.647057][ T9883] bond_enslave+0x44ef/0x4af0 [ 83.652260][ T9883] do_set_master+0x1dd/0x240 [ 83.657401][ T9883] __rtnl_newlink+0x13a3/0x1790 [ 83.662776][ T9883] rtnl_newlink+0x69/0xa0 [ 83.667626][ T9883] rtnetlink_rcv_msg+0x45e/0xaf0 [ 83.673101][ T9883] netlink_rcv_skb+0x177/0x450 [ 83.678521][ T9883] rtnetlink_rcv+0x1d/0x30 [ 83.683496][ T9883] netlink_unicast+0x59e/0x7e0 [ 83.688787][ T9883] netlink_sendmsg+0x91c/0xea0 [ 83.694098][ T9883] sock_sendmsg+0xd7/0x130 [ 83.699040][ T9883] ____sys_sendmsg+0x753/0x880 [ 83.704334][ T9883] ___sys_sendmsg+0x100/0x170 [ 83.709540][ T9883] __sys_sendmsg+0x105/0x1d0 [ 83.714663][ T9883] __x64_sys_sendmsg+0x78/0xb0 [ 83.719956][ T9883] do_syscall_64+0xfa/0x790 [ 83.724992][ T9883] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 83.731398][ T9883] [ 83.731398][ T9883] other info that might help us debug this: [ 83.731398][ T9883] [ 83.741619][ T9883] Possible unsafe locking scenario: [ 83.741619][ T9883] [ 83.749085][ T9883] CPU0 CPU1 [ 83.754470][ T9883] ---- ---- [ 83.759828][ T9883] lock(rtnl_mutex); [ 83.763811][ T9883] lock(lock#3); [ 83.769964][ T9883] lock(rtnl_mutex); [ 83.776464][ T9883] lock(lock#3); [ 83.780095][ T9883] [ 83.780095][ T9883] *** DEADLOCK *** [ 83.780095][ T9883] [ 83.788241][ T9883] 1 lock held by syz-executor715/9883: [ 83.793690][ T9883] #0: ffffffff8a74da00 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x405/0xaf0 [ 83.802554][ T9883] [ 83.802554][ T9883] stack backtrace: [ 83.808448][ T9883] CPU: 1 PID: 9883 Comm: syz-executor715 Not tainted 5.6.0-rc2-syzkaller #0 [ 83.817119][ T9883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.827175][ T9883] Call Trace: [ 83.830825][ T9883] dump_stack+0x197/0x210 [ 83.835162][ T9883] print_circular_bug.isra.0.cold+0x163/0x172 [ 83.841245][ T9883] check_noncircular+0x32e/0x3e0 [ 83.846293][ T9883] ? print_circular_bug.isra.0+0x230/0x230 [ 83.852106][ T9883] ? alloc_list_entry+0xc0/0xc0 [ 83.856964][ T9883] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 83.863210][ T9883] ? find_first_zero_bit+0x9a/0xc0 [ 83.868323][ T9883] __lock_acquire+0x2596/0x4a00 [ 83.873184][ T9883] ? mark_held_locks+0xf0/0xf0 [ 83.878064][ T9883] lock_acquire+0x190/0x410 [ 83.882575][ T9883] ? cma_netdev_callback+0xc6/0x380 [ 83.887784][ T9883] __mutex_lock+0x156/0x13c0 [ 83.892378][ T9883] ? cma_netdev_callback+0xc6/0x380 [ 83.897589][ T9883] ? cfg80211_netdev_notifier_call+0x186/0x17bb [ 83.903864][ T9883] ? queue_work_on+0xef/0x210 [ 83.908544][ T9883] ? cma_netdev_callback+0xc6/0x380 [ 83.913749][ T9883] ? cfg80211_init_wdev+0x500/0x500 [ 83.918953][ T9883] ? mutex_trylock+0x2d0/0x2d0 [ 83.923729][ T9883] ? __kasan_check_read+0x11/0x20 [ 83.928758][ T9883] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 83.934653][ T9883] ? tun_device_event+0x76/0x10e0 [ 83.939683][ T9883] mutex_lock_nested+0x16/0x20 [ 83.944446][ T9883] ? mutex_lock_nested+0x16/0x20 [ 83.949385][ T9883] cma_netdev_callback+0xc6/0x380 [ 83.954415][ T9883] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 83.960329][ T9883] notifier_call_chain+0xc2/0x230 [ 83.965366][ T9883] raw_notifier_call_chain+0x2e/0x40 [ 83.970659][ T9883] call_netdevice_notifiers_info+0xba/0x130 [ 83.976560][ T9883] call_netdevice_notifiers+0x79/0xa0 [ 83.981944][ T9883] ? call_netdevice_notifiers_info+0x130/0x130 [ 83.988113][ T9883] ? queue_delayed_work_on+0x134/0x210 [ 83.993606][ T9883] bond_change_active_slave+0x8a8/0x2050 [ 83.999250][ T9883] ? bond_slave_link_status+0x70/0x70 [ 84.004731][ T9883] bond_select_active_slave+0x276/0xae0 [ 84.010291][ T9883] ? bond_change_active_slave+0x2050/0x2050 [ 84.016196][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.022449][ T9883] bond_enslave+0x44ef/0x4af0 [ 84.027147][ T9883] ? bond_update_slave_arr+0x880/0x880 [ 84.032612][ T9883] ? rtmsg_ifinfo+0x61/0xa0 [ 84.037126][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.043367][ T9883] ? __dev_notify_flags+0x183/0x2c0 [ 84.048573][ T9883] ? dev_change_name+0x930/0x930 [ 84.053520][ T9883] ? alloc_netdev_mqs+0xa78/0xe40 [ 84.058640][ T9883] ? __kasan_check_read+0x11/0x20 [ 84.063702][ T9883] ? mutex_is_locked+0x12/0x50 [ 84.068473][ T9883] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 84.074208][ T9883] ? bond_update_slave_arr+0x880/0x880 [ 84.079673][ T9883] do_set_master+0x1dd/0x240 [ 84.084273][ T9883] __rtnl_newlink+0x13a3/0x1790 [ 84.089131][ T9883] ? lock_downgrade+0x920/0x920 [ 84.093997][ T9883] ? rtnl_link_unregister+0x250/0x250 [ 84.099388][ T9883] ? is_bpf_image_address+0x1da/0x290 [ 84.104787][ T9883] ? __kernel_text_address+0xd/0x40 [ 84.110003][ T9883] ? unwind_get_return_address+0x61/0xa0 [ 84.115645][ T9883] ? profile_setup.cold+0xbb/0xbb [ 84.120677][ T9883] ? arch_stack_walk+0x97/0xf0 [ 84.125456][ T9883] ? stack_trace_save+0x8f/0xc0 [ 84.130312][ T9883] ? stack_trace_consume_entry+0x170/0x170 [ 84.136123][ T9883] ? is_bpf_image_address+0x1b8/0x290 [ 84.141526][ T9883] ? save_stack+0x5c/0x90 [ 84.145861][ T9883] ? save_stack+0x23/0x90 [ 84.150198][ T9883] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 84.156038][ T9883] ? rtnl_newlink+0x4b/0xa0 [ 84.160560][ T9883] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 84.166117][ T9883] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 84.172115][ T9883] rtnl_newlink+0x69/0xa0 [ 84.176449][ T9883] ? __rtnl_newlink+0x1790/0x1790 [ 84.181476][ T9883] rtnetlink_rcv_msg+0x45e/0xaf0 [ 84.186425][ T9883] ? rtnl_bridge_getlink+0x910/0x910 [ 84.191708][ T9883] ? lock_downgrade+0x920/0x920 [ 84.196569][ T9883] ? netlink_deliver_tap+0x226/0xbf0 [ 84.201884][ T9883] ? find_held_lock+0x35/0x130 [ 84.206668][ T9883] netlink_rcv_skb+0x177/0x450 [ 84.211443][ T9883] ? rtnl_bridge_getlink+0x910/0x910 [ 84.216744][ T9883] ? netlink_ack+0xb50/0xb50 [ 84.221345][ T9883] ? __kasan_check_read+0x11/0x20 [ 84.226389][ T9883] ? netlink_deliver_tap+0x248/0xbf0 [ 84.231690][ T9883] rtnetlink_rcv+0x1d/0x30 [ 84.236117][ T9883] netlink_unicast+0x59e/0x7e0 [ 84.240891][ T9883] ? netlink_attachskb+0x870/0x870 [ 84.246018][ T9883] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 84.251753][ T9883] ? __check_object_size+0x3d/0x437 [ 84.256964][ T9883] netlink_sendmsg+0x91c/0xea0 [ 84.261744][ T9883] ? netlink_unicast+0x7e0/0x7e0 [ 84.266706][ T9883] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 84.272275][ T9883] ? apparmor_socket_sendmsg+0x2a/0x30 [ 84.277743][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.283989][ T9883] ? security_socket_sendmsg+0x8d/0xc0 [ 84.289456][ T9883] ? netlink_unicast+0x7e0/0x7e0 [ 84.294404][ T9883] sock_sendmsg+0xd7/0x130 [ 84.298844][ T9883] ____sys_sendmsg+0x753/0x880 [ 84.303621][ T9883] ? kernel_sendmsg+0x50/0x50 [ 84.308307][ T9883] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 84.313885][ T9883] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 84.319875][ T9883] ___sys_sendmsg+0x100/0x170 [ 84.324572][ T9883] ? sendmsg_copy_msghdr+0x70/0x70 [ 84.329685][ T9883] ? __kasan_check_read+0x11/0x20 [ 84.334722][ T9883] ? __lock_acquire+0x8a0/0x4a00 [ 84.339669][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.345921][ T9883] ? __this_cpu_preempt_check+0x35/0x190 [ 84.351568][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.357820][ T9883] ? percpu_counter_add_batch+0x13c/0x190 [ 84.363548][ T9883] ? __fd_install+0x1bc/0x640 [ 84.368231][ T9883] ? find_held_lock+0x35/0x130 [ 84.373003][ T9883] ? __fd_install+0x1bc/0x640 [ 84.377696][ T9883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 84.383947][ T9883] ? __fget_light+0x1ad/0x270 [ 84.388634][ T9883] ? __fdget+0x1b/0x20 [ 84.392713][ T9883] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 84.398963][ T9883] __sys_sendmsg+0x105/0x1d0 [ 84.403564][ T9883] ? __sys_sendmsg_sock+0xc0/0xc0 [ 84.408602][ T9883] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 84.414599][ T9883] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 84.420074][ T9883] ? do_syscall_64+0x26/0x790 [ 84.424778][ T9883] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 84.430857][ T9883] ? do_syscall_64+0x26/0x790 [ 84.435547][ T9883] __x64_sys_sendmsg+0x78/0xb0 [ 84.440318][ T9883] do_syscall_64+0xfa/0x790 [ 84.444829][ T9883] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 84.450723][ T9883] RIP: 0033:0x440529 [ 84.454646][ T9883] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 84.474274][ T9883] RSP: 002b:00007ffd0ad87188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 84.482691][ T9883] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440529 [ 84.490665][ T9883] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 84.498643][ T9883] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 84.506617][ T9883] R10: 00