[ 25.251736] audit: type=1800 audit(1568640874.036:23): pid=6834 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rsyslog" dev="sda1" ino=2442 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 46.983843] IPVS: ftp: loaded support on port[0] = 21 [ 47.399580] can: request_module (can-proto-0) failed. [ 48.376805] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.10.56' (ECDSA) to the list of known hosts. 2019/09/16 13:35:03 parsed 1 programs 2019/09/16 13:35:04 executed programs: 0 [ 55.690983] IPVS: ftp: loaded support on port[0] = 21 [ 55.690985] IPVS: ftp: loaded support on port[0] = 21 [ 55.737142] IPVS: ftp: loaded support on port[0] = 21 [ 55.739604] IPVS: ftp: loaded support on port[0] = 21 [ 55.747799] IPVS: ftp: loaded support on port[0] = 21 [ 55.751829] IPVS: ftp: loaded support on port[0] = 21 [ 55.954617] chnl_net:caif_netlink_parms(): no params data found [ 55.971861] chnl_net:caif_netlink_parms(): no params data found [ 55.994122] chnl_net:caif_netlink_parms(): no params data found [ 56.067220] chnl_net:caif_netlink_parms(): no params data found [ 56.126795] chnl_net:caif_netlink_parms(): no params data found [ 56.143875] chnl_net:caif_netlink_parms(): no params data found [ 56.158553] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.165899] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.173347] device bridge_slave_0 entered promiscuous mode [ 56.181052] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.187408] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.194680] device bridge_slave_1 entered promiscuous mode [ 56.201522] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.207875] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.218527] device bridge_slave_0 entered promiscuous mode [ 56.227680] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.234650] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.241730] device bridge_slave_1 entered promiscuous mode [ 56.258698] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.265393] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.272733] device bridge_slave_0 entered promiscuous mode [ 56.283564] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.290569] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.297582] device bridge_slave_1 entered promiscuous mode [ 56.321387] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.327742] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.334985] device bridge_slave_0 entered promiscuous mode [ 56.358745] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.370894] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.377266] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.384341] device bridge_slave_1 entered promiscuous mode [ 56.394033] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.406323] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.418239] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.427601] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.450205] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.456597] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.463715] device bridge_slave_0 entered promiscuous mode [ 56.470444] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.476798] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.483838] device bridge_slave_1 entered promiscuous mode [ 56.495418] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.511435] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.517808] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.524827] device bridge_slave_0 entered promiscuous mode [ 56.535093] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.541614] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.548673] device bridge_slave_1 entered promiscuous mode [ 56.571363] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.580722] team0: Port device team_slave_0 added [ 56.586611] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.599622] team0: Port device team_slave_0 added [ 56.605724] team0: Port device team_slave_1 added [ 56.616376] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.625013] team0: Port device team_slave_1 added [ 56.643243] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.652054] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.664555] team0: Port device team_slave_0 added [ 56.670467] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.722756] device hsr_slave_0 entered promiscuous mode [ 56.760358] device hsr_slave_1 entered promiscuous mode [ 56.818253] team0: Port device team_slave_1 added [ 56.827779] team0: Port device team_slave_0 added [ 56.837181] team0: Port device team_slave_0 added [ 56.892340] device hsr_slave_0 entered promiscuous mode [ 56.950304] device hsr_slave_1 entered promiscuous mode [ 57.031278] team0: Port device team_slave_1 added [ 57.037324] team0: Port device team_slave_1 added [ 57.047368] team0: Port device team_slave_0 added [ 57.054274] team0: Port device team_slave_1 added [ 57.121651] device hsr_slave_0 entered promiscuous mode [ 57.160243] device hsr_slave_1 entered promiscuous mode [ 57.262621] device hsr_slave_0 entered promiscuous mode [ 57.330314] device hsr_slave_1 entered promiscuous mode [ 57.432643] device hsr_slave_0 entered promiscuous mode [ 57.471037] device hsr_slave_1 entered promiscuous mode [ 57.592856] device hsr_slave_0 entered promiscuous mode [ 57.650254] device hsr_slave_1 entered promiscuous mode [ 57.768321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.786590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.807676] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.824284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.832027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.847273] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.858421] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.871965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.879061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.890851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.897695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.915305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.926932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.935698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.944099] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.950631] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.957751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.966676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.974317] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.980697] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.987430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.995422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.003113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.011064] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.018843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.026183] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.036085] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.045676] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.055296] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.067609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.074930] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.084033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.092265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.099799] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.106196] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.113244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.136032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.144371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.152499] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.158837] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.166520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.174826] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.182534] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.188968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.195769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.204138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.212042] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.219549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.226576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.234586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.242055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.250172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.257769] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.264166] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.277857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.285357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.293195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.301727] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.309316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.317682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.325579] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.332012] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.339029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.347289] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.355276] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.365379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.385964] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.392494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.402436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.410336] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.416692] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.424668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.432429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.440429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.448337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.456241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.464000] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.471613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.479361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.487000] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.494743] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.502405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.510539] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.518191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.525928] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.534026] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.547328] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.555946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.566297] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 58.579296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.589202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.599525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.608180] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.616260] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.639349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.661341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.668067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.677773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.688971] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.698558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.706625] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.713210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.720548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.728308] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.735953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.743802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.751596] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.757936] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.764813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.773059] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.780800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.788522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.796147] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.804767] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.812208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.819188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.827137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.851153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.862919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.883062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.894352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.902521] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.910670] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.917036] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.923858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.932233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.940106] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.947594] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.955432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.963541] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.970832] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.978950] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.993536] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.005816] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 59.018173] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.046047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.054462] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.063920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.071871] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.079456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.087789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.096510] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.103010] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.110929] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 59.118756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 59.127275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.135166] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.151386] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.159785] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.183895] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.195499] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.209006] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 59.219337] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.242511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.254761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.264914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.273934] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.282137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.289817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.299793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.328674] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.167880] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 60.176849] in_atomic(): 1, irqs_disabled(): 0, pid: 7148, name: syz-executor.5 [ 60.184707] 2 locks held by syz-executor.5/7148: [ 60.189460] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 60.197876] #1: 00000000c0de33e4 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 60.206724] Preemption disabled at: [ 60.206735] [] sfb_change+0x1b2/0xb20 [ 60.215758] CPU: 0 PID: 7148 Comm: syz-executor.5 Not tainted 5.0.0-rc5+ #0 [ 60.222851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.232373] Call Trace: [ 60.234969] dump_stack+0x113/0x167 [ 60.238582] ? sfb_change+0x1b2/0xb20 [ 60.242374] ___might_sleep.cold.87+0x1bb/0x1f4 [ 60.247036] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 60.252128] __might_sleep+0x95/0x190 [ 60.255933] ? rtnetlink_rcv+0x10/0x20 [ 60.259811] ? netlink_unicast+0x43f/0x630 [ 60.264042] __mutex_lock+0xc7/0x1210 [ 60.267832] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.273186] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 60.278537] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 60.283479] ? lock_downgrade+0x7f0/0x7f0 [ 60.287733] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 60.292925] ? quarantine_put+0x11b/0x1c0 [ 60.297065] ? kasan_check_read+0x11/0x20 [ 60.301246] ? refcount_dec_not_one+0x72/0x160 [ 60.305836] ? refcount_dec_checked+0x40/0x40 [ 60.310363] ? tcf_block_owner_del+0x19b/0x270 [ 60.314939] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 60.320561] mutex_lock_nested+0x16/0x20 [ 60.324705] ? mutex_lock_nested+0x16/0x20 [ 60.328944] refcount_dec_and_mutex_lock+0x29/0x50 [ 60.333861] __tcf_block_put+0x29/0x5e0 [ 60.337824] ? tcf_block_owner_del+0x19b/0x270 [ 60.342412] ? quarantine_put+0x11b/0x1c0 [ 60.346657] tcf_block_put_ext.part.51+0x57/0x70 [ 60.351552] tcf_block_put+0xae/0xf0 [ 60.355267] ? tcf_block_put_ext+0x20/0x20 [ 60.359705] ? prandom_u32+0x5c/0x90 [ 60.363429] sfb_destroy+0x32/0x70 [ 60.366976] qdisc_destroy+0xe4/0x610 [ 60.370879] ? rtnl_is_locked+0x15/0x30 [ 60.374858] qdisc_put+0x47/0x60 [ 60.378209] sfb_change+0x270/0xb20 [ 60.381838] ? sfb_graft+0x290/0x290 [ 60.385561] ? nla_strcmp+0x9b/0xe0 [ 60.389174] tc_modify_qdisc+0xc31/0x1950 [ 60.393304] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 60.397765] ? qdisc_create+0xf10/0xf10 [ 60.401725] ? find_held_lock+0x36/0x1d0 [ 60.405884] rtnetlink_rcv_msg+0x34f/0x8f0 [ 60.410100] ? rtnetlink_put_metrics+0x490/0x490 [ 60.414869] ? find_held_lock+0x36/0x1d0 [ 60.418932] netlink_rcv_skb+0x13c/0x380 [ 60.422984] ? lock_downgrade+0x7f0/0x7f0 [ 60.427124] ? rtnetlink_put_metrics+0x490/0x490 [ 60.431878] ? netlink_ack+0x970/0x970 [ 60.435766] ? netlink_deliver_tap+0x182/0xad0 [ 60.440343] rtnetlink_rcv+0x10/0x20 [ 60.444048] netlink_unicast+0x43f/0x630 [ 60.448102] ? netlink_attachskb+0x6d0/0x6d0 [ 60.452585] ? __check_object_size+0x1ea/0x31c [ 60.457151] netlink_sendmsg+0x765/0xc50 [ 60.461196] ? netlink_unicast+0x630/0x630 [ 60.465421] ? copy_msghdr_from_user+0x20b/0x3e0 [ 60.470256] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 60.475351] ? netlink_unicast+0x630/0x630 [ 60.479609] sock_sendmsg+0xb5/0xf0 [ 60.483239] ___sys_sendmsg+0x647/0x950 [ 60.487224] ? find_held_lock+0x36/0x1d0 [ 60.491292] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 60.496141] ? __fget+0x278/0x400 [ 60.499602] ? kasan_check_read+0x11/0x20 [ 60.503811] ? __fget+0x295/0x400 [ 60.507390] ? ksys_dup3+0x2e0/0x2e0 [ 60.511232] ? find_held_lock+0x36/0x1d0 [ 60.515291] ? __fget_light+0x174/0x1e0 [ 60.519357] ? lock_downgrade+0x7f0/0x7f0 [ 60.523532] ? __fdget+0xe/0x10 [ 60.526832] __sys_sendmsg+0xd9/0x180 [ 60.530624] ? __ia32_sys_shutdown+0x70/0x70 [ 60.535024] ? kasan_check_read+0x11/0x20 [ 60.539159] ? _copy_to_user+0x91/0xb0 [ 60.543030] ? put_timespec64+0xa9/0x100 [ 60.547073] ? nsecs_to_jiffies+0x20/0x20 [ 60.551229] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.556602] __x64_sys_sendmsg+0x73/0xb0 [ 60.560912] do_syscall_64+0xd0/0x4d0 [ 60.568517] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.573688] RIP: 0033:0x4598e9 [ 60.576872] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 60.595901] RSP: 002b:00007f237013cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.603597] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 60.610951] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 2019/09/16 13:35:09 executed programs: 10 [ 60.618208] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 60.625836] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f237013d6d4 [ 60.633104] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff [ 61.475945] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 61.484759] in_atomic(): 1, irqs_disabled(): 0, pid: 7192, name: syz-executor.0 [ 61.492480] 2 locks held by syz-executor.0/7192: [ 61.497351] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 61.505549] #1: 00000000fab55196 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 61.514307] Preemption disabled at: [ 61.514316] [] sfb_change+0x1b2/0xb20 [ 61.523356] CPU: 0 PID: 7192 Comm: syz-executor.0 Tainted: G W 5.0.0-rc5+ #0 [ 61.532059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 61.541427] Call Trace: [ 61.544013] dump_stack+0x113/0x167 [ 61.547646] ? sfb_change+0x1b2/0xb20 [ 61.551441] ___might_sleep.cold.87+0x1bb/0x1f4 [ 61.556112] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 61.561237] __might_sleep+0x95/0x190 [ 61.565040] ? rtnetlink_rcv+0x10/0x20 [ 61.568917] ? netlink_unicast+0x43f/0x630 [ 61.573138] __mutex_lock+0xc7/0x1210 [ 61.576926] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.582294] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 61.587402] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 61.592319] ? lock_downgrade+0x7f0/0x7f0 [ 61.597412] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 61.602510] ? quarantine_put+0x11b/0x1c0 [ 61.606656] ? kasan_check_read+0x11/0x20 [ 61.610789] ? refcount_dec_not_one+0x72/0x160 [ 61.615475] ? refcount_dec_checked+0x40/0x40 [ 61.619952] ? tcf_block_owner_del+0x19b/0x270 [ 61.624653] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 61.629326] mutex_lock_nested+0x16/0x20 [ 61.633478] ? mutex_lock_nested+0x16/0x20 [ 61.637703] refcount_dec_and_mutex_lock+0x29/0x50 [ 61.642641] __tcf_block_put+0x29/0x5e0 [ 61.646707] ? tcf_block_owner_del+0x19b/0x270 [ 61.651268] ? quarantine_put+0x11b/0x1c0 [ 61.655407] tcf_block_put_ext.part.51+0x57/0x70 [ 61.660254] tcf_block_put+0xae/0xf0 [ 61.663953] ? tcf_block_put_ext+0x20/0x20 [ 61.668195] ? prandom_u32+0x5c/0x90 [ 61.672348] sfb_destroy+0x32/0x70 [ 61.675873] qdisc_destroy+0xe4/0x610 [ 61.679667] ? rtnl_is_locked+0x15/0x30 [ 61.683626] qdisc_put+0x47/0x60 [ 61.687001] sfb_change+0x270/0xb20 [ 61.690613] ? sfb_graft+0x290/0x290 [ 61.694323] ? nla_strcmp+0x9b/0xe0 [ 61.697930] tc_modify_qdisc+0xc31/0x1950 [ 61.702057] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 61.706447] ? qdisc_create+0xf10/0xf10 [ 61.710410] ? find_held_lock+0x36/0x1d0 [ 61.714530] rtnetlink_rcv_msg+0x34f/0x8f0 [ 61.718765] ? rtnetlink_put_metrics+0x490/0x490 [ 61.723523] ? find_held_lock+0x36/0x1d0 [ 61.727665] netlink_rcv_skb+0x13c/0x380 [ 61.731712] ? lock_downgrade+0x7f0/0x7f0 [ 61.735852] ? rtnetlink_put_metrics+0x490/0x490 [ 61.740947] ? netlink_ack+0x970/0x970 [ 61.745264] ? netlink_deliver_tap+0x182/0xad0 [ 61.749845] rtnetlink_rcv+0x10/0x20 [ 61.753545] netlink_unicast+0x43f/0x630 [ 61.757707] ? netlink_attachskb+0x6d0/0x6d0 [ 61.762137] ? __check_object_size+0x1ea/0x31c [ 61.766716] netlink_sendmsg+0x765/0xc50 [ 61.770869] ? netlink_unicast+0x630/0x630 [ 61.775090] ? copy_msghdr_from_user+0x20b/0x3e0 [ 61.780021] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 61.785283] ? netlink_unicast+0x630/0x630 [ 61.789625] sock_sendmsg+0xb5/0xf0 [ 61.793364] ___sys_sendmsg+0x647/0x950 [ 61.797322] ? find_held_lock+0x36/0x1d0 [ 61.801387] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 61.806133] ? __fget+0x278/0x400 [ 61.809625] ? kasan_check_read+0x11/0x20 [ 61.813795] ? __fget+0x295/0x400 [ 61.817237] ? ksys_dup3+0x2e0/0x2e0 [ 61.820937] ? find_held_lock+0x36/0x1d0 [ 61.824982] ? __fget_light+0x174/0x1e0 [ 61.828941] ? lock_downgrade+0x7f0/0x7f0 [ 61.833072] ? __fdget+0xe/0x10 [ 61.836343] __sys_sendmsg+0xd9/0x180 [ 61.840134] ? __ia32_sys_shutdown+0x70/0x70 [ 61.844542] ? kasan_check_read+0x11/0x20 [ 61.848666] ? _copy_to_user+0x91/0xb0 [ 61.852545] ? put_timespec64+0xa9/0x100 [ 61.858689] ? nsecs_to_jiffies+0x20/0x20 [ 61.862837] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.868196] __x64_sys_sendmsg+0x73/0xb0 [ 61.872256] do_syscall_64+0xd0/0x4d0 [ 61.876227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 61.881691] RIP: 0033:0x4598e9 [ 61.884958] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 61.904293] RSP: 002b:00007fb0eacc0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 61.912104] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 61.919357] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 61.926802] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 61.934063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0eacc16d4 [ 61.941721] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff [ 62.779028] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 62.787812] in_atomic(): 1, irqs_disabled(): 0, pid: 7241, name: syz-executor.2 [ 62.795447] 2 locks held by syz-executor.2/7241: [ 62.800580] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 62.808938] #1: 00000000ce2672a5 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 62.817602] Preemption disabled at: [ 62.817614] [] sfb_change+0x1b2/0xb20 [ 62.826643] CPU: 1 PID: 7241 Comm: syz-executor.2 Tainted: G W 5.0.0-rc5+ #0 [ 62.835127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.844848] Call Trace: [ 62.847589] dump_stack+0x113/0x167 [ 62.851211] ? sfb_change+0x1b2/0xb20 [ 62.855009] ___might_sleep.cold.87+0x1bb/0x1f4 [ 62.859805] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 62.865167] __might_sleep+0x95/0x190 [ 62.868965] ? rtnetlink_rcv+0x10/0x20 [ 62.873620] ? netlink_unicast+0x43f/0x630 [ 62.877844] __mutex_lock+0xc7/0x1210 [ 62.881629] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 62.887081] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 62.892179] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 62.897039] ? lock_downgrade+0x7f0/0x7f0 [ 62.901185] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 62.906373] ? quarantine_put+0x11b/0x1c0 [ 62.910502] ? kasan_check_read+0x11/0x20 [ 62.914632] ? refcount_dec_not_one+0x72/0x160 [ 62.919207] ? refcount_dec_checked+0x40/0x40 [ 62.923681] ? tcf_block_owner_del+0x19b/0x270 [ 62.928254] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 62.932824] mutex_lock_nested+0x16/0x20 [ 62.936877] ? mutex_lock_nested+0x16/0x20 [ 62.941093] refcount_dec_and_mutex_lock+0x29/0x50 [ 62.946008] __tcf_block_put+0x29/0x5e0 [ 62.949974] ? tcf_block_owner_del+0x19b/0x270 [ 62.954544] ? quarantine_put+0x11b/0x1c0 [ 62.958671] tcf_block_put_ext.part.51+0x57/0x70 [ 62.963430] tcf_block_put+0xae/0xf0 [ 62.967235] ? tcf_block_put_ext+0x20/0x20 [ 62.971546] ? prandom_u32+0x5c/0x90 [ 62.975255] sfb_destroy+0x32/0x70 [ 62.978793] qdisc_destroy+0xe4/0x610 [ 62.982585] ? rtnl_is_locked+0x15/0x30 [ 62.982612] qdisc_put+0x47/0x60 [ 62.982620] sfb_change+0x270/0xb20 [ 62.982628] ? sfb_graft+0x290/0x290 [ 62.982638] ? nla_strcmp+0x9b/0xe0 [ 62.982646] tc_modify_qdisc+0xc31/0x1950 [ 62.982650] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 62.982660] ? qdisc_create+0xf10/0xf10 [ 62.982666] ? find_held_lock+0x36/0x1d0 [ 62.982680] rtnetlink_rcv_msg+0x34f/0x8f0 [ 62.982686] ? rtnetlink_put_metrics+0x490/0x490 [ 62.982690] ? find_held_lock+0x36/0x1d0 [ 62.982698] netlink_rcv_skb+0x13c/0x380 [ 62.982702] ? lock_downgrade+0x7f0/0x7f0 [ 62.982706] ? rtnetlink_put_metrics+0x490/0x490 [ 62.982710] ? netlink_ack+0x970/0x970 [ 62.982717] ? netlink_deliver_tap+0x182/0xad0 [ 62.982726] rtnetlink_rcv+0x10/0x20 [ 62.990118] netlink_unicast+0x43f/0x630 [ 62.990126] ? netlink_attachskb+0x6d0/0x6d0 [ 62.990137] ? __check_object_size+0x1ea/0x31c [ 62.990145] netlink_sendmsg+0x765/0xc50 [ 62.990154] ? netlink_unicast+0x630/0x630 [ 62.990161] ? copy_msghdr_from_user+0x20b/0x3e0 [ 62.990168] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 62.990177] ? netlink_unicast+0x630/0x630 [ 62.990181] sock_sendmsg+0xb5/0xf0 [ 62.990186] ___sys_sendmsg+0x647/0x950 [ 62.990191] ? find_held_lock+0x36/0x1d0 [ 62.990197] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 62.990204] ? __fget+0x278/0x400 [ 62.990213] ? kasan_check_read+0x11/0x20 [ 62.990220] ? __fget+0x295/0x400 [ 63.120622] ? ksys_dup3+0x2e0/0x2e0 [ 63.124669] ? find_held_lock+0x36/0x1d0 [ 63.128728] ? __fget_light+0x174/0x1e0 [ 63.132684] ? lock_downgrade+0x7f0/0x7f0 [ 63.137162] ? __fdget+0xe/0x10 [ 63.140425] __sys_sendmsg+0xd9/0x180 [ 63.144209] ? __ia32_sys_shutdown+0x70/0x70 [ 63.148604] ? kasan_check_read+0x11/0x20 [ 63.152910] ? _copy_to_user+0x91/0xb0 [ 63.156787] ? put_timespec64+0xa9/0x100 [ 63.160848] ? nsecs_to_jiffies+0x20/0x20 [ 63.165523] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 63.170896] __x64_sys_sendmsg+0x73/0xb0 [ 63.174982] do_syscall_64+0xd0/0x4d0 [ 63.178778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 63.183963] RIP: 0033:0x4598e9 [ 63.187143] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 63.187147] RSP: 002b:00007fb00f5f4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 63.187153] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 63.187157] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 63.187160] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 63.187163] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00f5f56d4 [ 63.187166] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff [ 64.815036] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 64.824039] in_atomic(): 1, irqs_disabled(): 0, pid: 7333, name: syz-executor.3 [ 64.831683] 2 locks held by syz-executor.3/7333: [ 64.837410] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 64.845613] #1: 00000000d5a7c725 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 64.854557] Preemption disabled at: [ 64.854568] [] sfb_change+0x1b2/0xb20 [ 64.864074] CPU: 1 PID: 7333 Comm: syz-executor.3 Tainted: G W 5.0.0-rc5+ #0 [ 64.872561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.882026] Call Trace: [ 64.884606] dump_stack+0x113/0x167 [ 64.888245] ? sfb_change+0x1b2/0xb20 [ 64.892044] ___might_sleep.cold.87+0x1bb/0x1f4 [ 64.896715] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 64.901812] __might_sleep+0x95/0x190 [ 64.905608] ? rtnetlink_rcv+0x10/0x20 [ 64.909480] ? netlink_unicast+0x43f/0x630 [ 64.913725] __mutex_lock+0xc7/0x1210 [ 64.917547] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 64.922929] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 64.928034] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 64.932875] ? lock_downgrade+0x7f0/0x7f0 [ 64.937019] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 64.942130] ? quarantine_put+0x11b/0x1c0 [ 64.946423] ? kasan_check_read+0x11/0x20 [ 64.950573] ? refcount_dec_not_one+0x72/0x160 [ 64.955150] ? refcount_dec_checked+0x40/0x40 [ 64.959642] ? tcf_block_owner_del+0x19b/0x270 [ 64.964412] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 64.969082] mutex_lock_nested+0x16/0x20 [ 64.973130] ? mutex_lock_nested+0x16/0x20 [ 64.977349] refcount_dec_and_mutex_lock+0x29/0x50 [ 64.982291] __tcf_block_put+0x29/0x5e0 [ 64.986248] ? tcf_block_owner_del+0x19b/0x270 [ 64.990820] ? quarantine_put+0x11b/0x1c0 [ 64.994979] tcf_block_put_ext.part.51+0x57/0x70 [ 64.999733] tcf_block_put+0xae/0xf0 [ 65.003433] ? tcf_block_put_ext+0x20/0x20 [ 65.007648] ? prandom_u32+0x5c/0x90 [ 65.011344] sfb_destroy+0x32/0x70 [ 65.014869] qdisc_destroy+0xe4/0x610 [ 65.018651] ? rtnl_is_locked+0x15/0x30 [ 65.023414] qdisc_put+0x47/0x60 [ 65.026776] sfb_change+0x270/0xb20 [ 65.030471] ? sfb_graft+0x290/0x290 [ 65.034184] ? nla_strcmp+0x9b/0xe0 [ 65.037799] tc_modify_qdisc+0xc31/0x1950 [ 65.043769] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 65.048167] ? qdisc_create+0xf10/0xf10 [ 65.052126] ? find_held_lock+0x36/0x1d0 [ 65.056191] rtnetlink_rcv_msg+0x34f/0x8f0 [ 65.060408] ? rtnetlink_put_metrics+0x490/0x490 [ 65.065145] ? find_held_lock+0x36/0x1d0 [ 65.069407] netlink_rcv_skb+0x13c/0x380 [ 65.073468] ? lock_downgrade+0x7f0/0x7f0 [ 65.077610] ? rtnetlink_put_metrics+0x490/0x490 [ 65.082348] ? netlink_ack+0x970/0x970 [ 65.086315] ? netlink_deliver_tap+0x182/0xad0 [ 65.090916] rtnetlink_rcv+0x10/0x20 [ 65.094630] netlink_unicast+0x43f/0x630 [ 65.098724] ? netlink_attachskb+0x6d0/0x6d0 [ 65.103114] ? __check_object_size+0x1ea/0x31c [ 65.107714] netlink_sendmsg+0x765/0xc50 [ 65.111775] ? netlink_unicast+0x630/0x630 [ 65.116010] ? copy_msghdr_from_user+0x20b/0x3e0 [ 65.120749] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 65.125864] ? netlink_unicast+0x630/0x630 [ 65.130195] sock_sendmsg+0xb5/0xf0 [ 65.133810] ___sys_sendmsg+0x647/0x950 [ 65.137765] ? find_held_lock+0x36/0x1d0 [ 65.141931] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 65.146696] ? __fget+0x278/0x400 [ 65.150156] ? kasan_check_read+0x11/0x20 [ 65.154327] ? __fget+0x295/0x400 [ 65.157781] ? ksys_dup3+0x2e0/0x2e0 [ 65.161478] ? find_held_lock+0x36/0x1d0 [ 65.165529] ? __fget_light+0x174/0x1e0 [ 65.169509] ? lock_downgrade+0x7f0/0x7f0 [ 65.173653] ? __fdget+0xe/0x10 [ 65.176925] __sys_sendmsg+0xd9/0x180 [ 65.180732] ? __ia32_sys_shutdown+0x70/0x70 [ 65.185216] ? kasan_check_read+0x11/0x20 [ 65.189342] ? _copy_to_user+0x91/0xb0 [ 65.193829] ? put_timespec64+0xa9/0x100 [ 65.197873] ? nsecs_to_jiffies+0x20/0x20 [ 65.202017] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.207377] __x64_sys_sendmsg+0x73/0xb0 [ 65.211517] do_syscall_64+0xd0/0x4d0 [ 65.215309] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.220492] RIP: 0033:0x4598e9 [ 65.223691] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.243108] RSP: 002b:00007fbd0dbb1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 65.251206] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 65.258718] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 65.266094] RBP: 000000000075c1c0 R08: 0000000000000000 R09: 0000000000000000 [ 65.273448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbd0dbb26d4 [ 65.280713] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff 2019/09/16 13:35:15 executed programs: 43 [ 66.140317] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 66.148999] in_atomic(): 1, irqs_disabled(): 0, pid: 7374, name: syz-executor.5 [ 66.156655] 2 locks held by syz-executor.5/7374: [ 66.161652] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 66.169806] #1: 00000000ea9038c2 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 66.178482] Preemption disabled at: [ 66.178494] [] sfb_change+0x1b2/0xb20 [ 66.178505] CPU: 0 PID: 7374 Comm: syz-executor.5 Tainted: G W 5.0.0-rc5+ #0 [ 66.178509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.178512] Call Trace: [ 66.178520] dump_stack+0x113/0x167 [ 66.178525] ? sfb_change+0x1b2/0xb20 [ 66.215767] ___might_sleep.cold.87+0x1bb/0x1f4 [ 66.220439] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 66.225543] __might_sleep+0x95/0x190 [ 66.229340] ? rtnetlink_rcv+0x10/0x20 [ 66.233227] ? netlink_unicast+0x43f/0x630 [ 66.237735] __mutex_lock+0xc7/0x1210 [ 66.241536] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.241544] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 66.241553] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 66.241559] ? lock_downgrade+0x7f0/0x7f0 [ 66.241563] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 66.241578] ? quarantine_put+0x11b/0x1c0 [ 66.241586] ? kasan_check_read+0x11/0x20 [ 66.241590] ? refcount_dec_not_one+0x72/0x160 [ 66.241594] ? refcount_dec_checked+0x40/0x40 [ 66.241599] ? tcf_block_owner_del+0x19b/0x270 [ 66.241604] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 66.241610] mutex_lock_nested+0x16/0x20 [ 66.241613] ? mutex_lock_nested+0x16/0x20 [ 66.241617] refcount_dec_and_mutex_lock+0x29/0x50 [ 66.241623] __tcf_block_put+0x29/0x5e0 [ 66.241627] ? tcf_block_owner_del+0x19b/0x270 [ 66.241631] ? quarantine_put+0x11b/0x1c0 [ 66.241638] tcf_block_put_ext.part.51+0x57/0x70 [ 66.241643] tcf_block_put+0xae/0xf0 [ 66.241648] ? tcf_block_put_ext+0x20/0x20 [ 66.241657] ? prandom_u32+0x5c/0x90 [ 66.241665] sfb_destroy+0x32/0x70 [ 66.241670] qdisc_destroy+0xe4/0x610 [ 66.241675] ? rtnl_is_locked+0x15/0x30 [ 66.241683] qdisc_put+0x47/0x60 [ 66.241687] sfb_change+0x270/0xb20 [ 66.241693] ? sfb_graft+0x290/0x290 [ 66.241703] ? nla_strcmp+0x9b/0xe0 [ 66.241710] tc_modify_qdisc+0xc31/0x1950 [ 66.288986] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 66.289001] ? qdisc_create+0xf10/0xf10 [ 66.289009] ? find_held_lock+0x36/0x1d0 [ 66.289030] rtnetlink_rcv_msg+0x34f/0x8f0 [ 66.289039] ? rtnetlink_put_metrics+0x490/0x490 [ 66.289045] ? find_held_lock+0x36/0x1d0 [ 66.289058] netlink_rcv_skb+0x13c/0x380 [ 66.301921] ? lock_downgrade+0x7f0/0x7f0 [ 66.301931] ? rtnetlink_put_metrics+0x490/0x490 [ 66.301939] ? netlink_ack+0x970/0x970 [ 66.301948] ? netlink_deliver_tap+0x182/0xad0 [ 66.301959] rtnetlink_rcv+0x10/0x20 [ 66.301964] netlink_unicast+0x43f/0x630 [ 66.301972] ? netlink_attachskb+0x6d0/0x6d0 [ 66.301983] ? __check_object_size+0x1ea/0x31c [ 66.301988] netlink_sendmsg+0x765/0xc50 [ 66.301995] ? netlink_unicast+0x630/0x630 [ 66.302001] ? copy_msghdr_from_user+0x20b/0x3e0 [ 66.302007] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 66.302015] ? netlink_unicast+0x630/0x630 [ 66.302019] sock_sendmsg+0xb5/0xf0 [ 66.302026] ___sys_sendmsg+0x647/0x950 [ 66.302030] ? find_held_lock+0x36/0x1d0 [ 66.302035] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 66.302042] ? __fget+0x278/0x400 [ 66.302052] ? kasan_check_read+0x11/0x20 [ 66.302059] ? __fget+0x295/0x400 [ 66.302066] ? ksys_dup3+0x2e0/0x2e0 [ 66.485087] ? find_held_lock+0x36/0x1d0 [ 66.489402] ? __fget_light+0x174/0x1e0 [ 66.493360] ? lock_downgrade+0x7f0/0x7f0 [ 66.497489] ? __fdget+0xe/0x10 [ 66.500762] __sys_sendmsg+0xd9/0x180 [ 66.504746] ? __ia32_sys_shutdown+0x70/0x70 [ 66.509155] ? kasan_check_read+0x11/0x20 [ 66.513292] ? _copy_to_user+0x91/0xb0 [ 66.517268] ? put_timespec64+0xa9/0x100 [ 66.521501] ? nsecs_to_jiffies+0x20/0x20 [ 66.525645] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.531013] __x64_sys_sendmsg+0x73/0xb0 [ 66.535175] do_syscall_64+0xd0/0x4d0 [ 66.538988] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.544168] RIP: 0033:0x4598e9 [ 66.547346] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.566278] RSP: 002b:00007f237013cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.574166] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 66.581455] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 66.588731] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 66.595987] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f237013d6d4 [ 66.603244] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff [ 67.456962] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:908 [ 67.465756] in_atomic(): 1, irqs_disabled(): 0, pid: 7441, name: syz-executor.3 [ 67.473236] 2 locks held by syz-executor.3/7441: [ 67.477988] #0: 0000000060b6dcca (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x301/0x8f0 [ 67.486201] #1: 0000000042c37553 (&(&sch->q.lock)->rlock){+...}, at: sfb_change+0x1b2/0xb20 [ 67.495073] Preemption disabled at: [ 67.495084] [] sfb_change+0x1b2/0xb20 [ 67.504386] CPU: 1 PID: 7441 Comm: syz-executor.3 Tainted: G W 5.0.0-rc5+ #0 [ 67.512881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.522227] Call Trace: [ 67.524830] dump_stack+0x113/0x167 [ 67.528446] ? sfb_change+0x1b2/0xb20 [ 67.532243] ___might_sleep.cold.87+0x1bb/0x1f4 [ 67.536914] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 67.542354] __might_sleep+0x95/0x190 [ 67.546236] ? rtnetlink_rcv+0x10/0x20 [ 67.550109] ? netlink_unicast+0x43f/0x630 [ 67.554337] __mutex_lock+0xc7/0x1210 [ 67.558129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.563974] ? refcount_dec_and_mutex_lock+0x29/0x50 [ 67.569083] ? mutex_lock_io_nested+0x10e0/0x10e0 [ 67.573924] ? lock_downgrade+0x7f0/0x7f0 [ 67.578196] ? _raw_spin_unlock_irqrestore+0x63/0xd0 [ 67.583283] ? quarantine_put+0x11b/0x1c0 [ 67.587676] ? kasan_check_read+0x11/0x20 [ 67.591966] ? refcount_dec_not_one+0x72/0x160 [ 67.596635] ? refcount_dec_checked+0x40/0x40 [ 67.601188] ? tcf_block_owner_del+0x19b/0x270 [ 67.606025] ? lockdep_hardirqs_on+0x19e/0x5c0 [ 67.610607] mutex_lock_nested+0x16/0x20 [ 67.614659] ? mutex_lock_nested+0x16/0x20 [ 67.619042] refcount_dec_and_mutex_lock+0x29/0x50 [ 67.623962] __tcf_block_put+0x29/0x5e0 [ 67.627927] ? tcf_block_owner_del+0x19b/0x270 [ 67.632504] ? quarantine_put+0x11b/0x1c0 [ 67.636657] tcf_block_put_ext.part.51+0x57/0x70 [ 67.641395] tcf_block_put+0xae/0xf0 [ 67.645109] ? tcf_block_put_ext+0x20/0x20 [ 67.649327] ? prandom_u32+0x5c/0x90 [ 67.653027] sfb_destroy+0x32/0x70 [ 67.656553] qdisc_destroy+0xe4/0x610 [ 67.660345] ? rtnl_is_locked+0x15/0x30 [ 67.664325] qdisc_put+0x47/0x60 [ 67.667675] sfb_change+0x270/0xb20 [ 67.671290] ? sfb_graft+0x290/0x290 [ 67.675001] ? nla_strcmp+0x9b/0xe0 [ 67.678612] tc_modify_qdisc+0xc31/0x1950 [ 67.682744] ? rtnetlink_rcv_msg+0x301/0x8f0 [ 67.687149] ? qdisc_create+0xf10/0xf10 [ 67.691319] ? find_held_lock+0x36/0x1d0 [ 67.695924] rtnetlink_rcv_msg+0x34f/0x8f0 [ 67.700151] ? rtnetlink_put_metrics+0x490/0x490 [ 67.704894] ? find_held_lock+0x36/0x1d0 [ 67.708959] netlink_rcv_skb+0x13c/0x380 [ 67.713067] ? lock_downgrade+0x7f0/0x7f0 [ 67.717209] ? rtnetlink_put_metrics+0x490/0x490 [ 67.721952] ? netlink_ack+0x970/0x970 [ 67.725835] ? netlink_deliver_tap+0x182/0xad0 [ 67.730414] rtnetlink_rcv+0x10/0x20 [ 67.734124] netlink_unicast+0x43f/0x630 [ 67.738219] ? netlink_attachskb+0x6d0/0x6d0 [ 67.742647] ? __check_object_size+0x1ea/0x31c [ 67.747227] netlink_sendmsg+0x765/0xc50 [ 67.751337] ? netlink_unicast+0x630/0x630 [ 67.755570] ? copy_msghdr_from_user+0x20b/0x3e0 [ 67.760320] ? move_addr_to_kernel.part.21+0xd0/0xd0 [ 67.766174] ? netlink_unicast+0x630/0x630 [ 67.770668] sock_sendmsg+0xb5/0xf0 [ 67.774296] ___sys_sendmsg+0x647/0x950 [ 67.778378] ? find_held_lock+0x36/0x1d0 [ 67.782529] ? copy_msghdr_from_user+0x3e0/0x3e0 [ 67.787645] ? __fget+0x278/0x400 [ 67.791098] ? kasan_check_read+0x11/0x20 [ 67.795299] ? __fget+0x295/0x400 [ 67.798752] ? ksys_dup3+0x2e0/0x2e0 [ 67.802543] ? find_held_lock+0x36/0x1d0 [ 67.806590] ? __fget_light+0x174/0x1e0 [ 67.810555] ? lock_downgrade+0x7f0/0x7f0 [ 67.814698] ? __fdget+0xe/0x10 [ 67.818010] __sys_sendmsg+0xd9/0x180 [ 67.821821] ? __ia32_sys_shutdown+0x70/0x70 [ 67.826310] ? kasan_check_read+0x11/0x20 [ 67.830449] ? _copy_to_user+0x91/0xb0 [ 67.834352] ? put_timespec64+0xa9/0x100 [ 67.838403] ? nsecs_to_jiffies+0x20/0x20 [ 67.842565] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.847914] __x64_sys_sendmsg+0x73/0xb0 [ 67.851972] do_syscall_64+0xd0/0x4d0 [ 67.855775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.860974] RIP: 0033:0x4598e9 [ 67.864154] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.883145] RSP: 002b:00007fbd0dbd2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.890895] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 67.898214] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000007 [ 67.906078] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 67.913346] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbd0dbd36d4 [ 67.920619] R13: 00000000004c77fb R14: 00000000004dd098 R15: 00000000ffffffff