Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 31.172236] audit: type=1400 audit(1589626913.623:8): avc: denied { execmem } for pid=6348 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 31.459402] IPVS: ftp: loaded support on port[0] = 21 [ 32.678930] can: request_module (can-proto-0) failed. [ 32.687273] can: request_module (can-proto-0) failed. [ 32.695553] can: request_module (can-proto-0) failed. [ 32.721666] audit: type=1400 audit(1589626915.174:9): avc: denied { create } for pid=6327 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.10.36' (ECDSA) to the list of known hosts. 2020/05/16 11:02:02 parsed 1 programs 2020/05/16 11:02:02 executed programs: 0 [ 40.461245] audit: type=1400 audit(1589626922.917:10): avc: denied { execmem } for pid=6473 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 40.754932] IPVS: ftp: loaded support on port[0] = 21 [ 41.542853] IPVS: ftp: loaded support on port[0] = 21 [ 41.608114] chnl_net:caif_netlink_parms(): no params data found [ 41.656643] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.656882] IPVS: ftp: loaded support on port[0] = 21 [ 41.663325] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.678911] device bridge_slave_0 entered promiscuous mode [ 41.686752] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.693131] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.702639] device bridge_slave_1 entered promiscuous mode [ 41.742938] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.766668] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.782410] chnl_net:caif_netlink_parms(): no params data found [ 41.809416] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.817961] team0: Port device team_slave_0 added [ 41.826541] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.833602] team0: Port device team_slave_1 added [ 41.846084] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.858177] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.875994] IPVS: ftp: loaded support on port[0] = 21 [ 41.946107] device hsr_slave_0 entered promiscuous mode [ 41.984010] device hsr_slave_1 entered promiscuous mode [ 42.025924] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.047716] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.096105] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.102448] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.110481] device bridge_slave_0 entered promiscuous mode [ 42.117748] chnl_net:caif_netlink_parms(): no params data found [ 42.135796] IPVS: ftp: loaded support on port[0] = 21 [ 42.145083] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.151458] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.159626] device bridge_slave_1 entered promiscuous mode [ 42.214938] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.274446] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.299971] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.307318] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.315352] device bridge_slave_0 entered promiscuous mode [ 42.326691] chnl_net:caif_netlink_parms(): no params data found [ 42.342632] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.349128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.356120] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.362502] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.370235] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.377335] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.384550] device bridge_slave_1 entered promiscuous mode [ 42.428708] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.436379] team0: Port device team_slave_0 added [ 42.442071] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.449899] team0: Port device team_slave_1 added [ 42.459562] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.471873] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.486137] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.502391] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.509679] team0: Port device team_slave_0 added [ 42.522899] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.530333] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.537611] team0: Port device team_slave_1 added [ 42.542997] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.551356] IPVS: ftp: loaded support on port[0] = 21 [ 42.616967] device hsr_slave_0 entered promiscuous mode [ 42.653798] device hsr_slave_1 entered promiscuous mode [ 42.703994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.711526] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.718752] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.735146] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.742297] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.827014] device hsr_slave_0 entered promiscuous mode [ 42.853615] device hsr_slave_1 entered promiscuous mode [ 42.894386] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.903232] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.915661] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.921993] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.929332] device bridge_slave_0 entered promiscuous mode [ 42.952852] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.961039] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.969165] device bridge_slave_1 entered promiscuous mode [ 43.049232] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.074949] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.092631] chnl_net:caif_netlink_parms(): no params data found [ 43.123795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.149970] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.160757] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 43.171279] team0: Port device team_slave_0 added [ 43.178036] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.193038] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 43.201071] team0: Port device team_slave_1 added [ 43.208597] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 43.219246] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.231808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.241580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.249388] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 43.266257] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.328634] chnl_net:caif_netlink_parms(): no params data found [ 43.346707] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.352801] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.415638] device hsr_slave_0 entered promiscuous mode [ 43.453480] device hsr_slave_1 entered promiscuous mode [ 43.494128] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.509126] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.531472] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.544360] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 43.564882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.572562] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.580476] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.586882] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.594542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.602193] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.609829] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.616303] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.640459] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.647296] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.654664] device bridge_slave_0 entered promiscuous mode [ 43.662939] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.669624] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.676911] device bridge_slave_1 entered promiscuous mode [ 43.689785] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.704724] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.711094] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.718517] device bridge_slave_0 entered promiscuous mode [ 43.731137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.745043] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.757090] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.765121] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.771509] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.779324] device bridge_slave_1 entered promiscuous mode [ 43.799022] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.813697] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.822798] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 43.831231] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 43.841553] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.849365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.857940] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.866171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 43.874156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 43.881682] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.891103] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.910287] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 43.921171] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.935728] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 43.961484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.969673] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.979291] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.992320] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.000687] team0: Port device team_slave_0 added [ 44.006844] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.014279] team0: Port device team_slave_1 added [ 44.019450] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 44.028589] team0: Port device team_slave_0 added [ 44.034779] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.041593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.050454] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.059163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.068726] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.076568] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 44.084674] team0: Port device team_slave_1 added [ 44.090177] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 44.098046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.105865] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.114627] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.120608] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.128523] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.137716] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.144404] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.150620] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 44.167062] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.183893] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.192137] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.208297] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.215505] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.224173] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.232069] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.238481] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.250995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.260592] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.305624] device hsr_slave_0 entered promiscuous mode [ 44.354323] device hsr_slave_1 entered promiscuous mode [ 44.393913] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.401215] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.456306] device hsr_slave_0 entered promiscuous mode [ 44.493287] device hsr_slave_1 entered promiscuous mode [ 44.533599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.540471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.549080] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.558723] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.572131] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 44.580286] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 44.588114] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.596208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.604101] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.610426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.617255] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.624466] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.633194] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.642502] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.659820] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.665990] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.674174] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.680402] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.689308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.700031] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.721609] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.732134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.742288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.750027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.758122] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.765889] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.772205] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.779418] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.787321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.808598] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.840841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.849263] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.858902] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.867937] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.881171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.889413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.897159] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.905538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.913466] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.919901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.929278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.945806] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.961653] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 44.970576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.979051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.988128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.998830] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.007082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.019132] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 45.028085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.046162] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.054392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.064349] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 45.071564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 45.079428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.088132] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 45.096031] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.105323] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.116614] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.126829] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.133462] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.139593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.147716] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.155412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.162145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.170109] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.188521] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.195594] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.202283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 45.212435] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 45.221527] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 45.236939] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.245426] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.256102] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 45.263909] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.272713] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.282115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.292472] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 45.302602] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 45.309944] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 45.317184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.325181] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.332525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.340698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.348845] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.355239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.362007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 45.369944] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.377556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.388720] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 45.397365] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 45.403850] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 45.413404] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 45.421724] device veth0_vlan entered promiscuous mode [ 45.434189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.441880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.449584] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.459052] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.465441] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.472331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 45.480101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.489862] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 45.500087] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 45.509264] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 45.516607] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.528184] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.535494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 45.543394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 45.556050] device veth1_vlan entered promiscuous mode [ 45.561798] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 45.573499] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 45.580393] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 45.593693] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 45.601058] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.610039] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 45.619134] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 45.626850] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 45.634794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.641543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.648945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 45.656636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 45.664373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.671011] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 45.677787] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 45.686987] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 45.701848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.709922] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 45.727891] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 45.734242] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.746763] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 45.759553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 45.768802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 45.776830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 45.786128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.795852] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 45.806818] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 45.831551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.839086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 45.848201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.866785] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.874907] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.882595] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.888929] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.898397] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 45.906175] ================================================================== [ 45.914335] BUG: KASAN: stack-out-of-bounds in update_stack_state+0x561/0x5d0 [ 45.921698] Read of size 8 at addr ffff888082f8f1b8 by task syz-executor.3/7530 [ 45.929160] [ 45.930776] CPU: 0 PID: 7530 Comm: syz-executor.3 Not tainted 4.14.180-syzkaller #0 [ 45.938627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.948305] Call Trace: [ 45.950878] dump_stack+0xf7/0x13b [ 45.954392] ? update_stack_state+0x561/0x5d0 [ 45.959034] print_address_description.cold.7+0x9/0x1c9 [ 45.964380] ? update_stack_state+0x561/0x5d0 [ 45.968845] kasan_report.cold.8+0x11a/0x2d3 [ 45.973227] __asan_report_load8_noabort+0x14/0x20 [ 45.978129] update_stack_state+0x561/0x5d0 [ 45.982425] ? __read_once_size_nocheck.constprop.9+0x10/0x10 [ 45.988282] ? perf_trace_run_bpf_submit+0xea/0x160 [ 45.993280] ? perf_trace_run_bpf_submit+0xea/0x160 [ 45.998269] __unwind_start+0x189/0x410 [ 46.002218] perf_callchain_kernel+0x23d/0x540 [ 46.006776] ? trace_hardirqs_off+0x10/0x10 [ 46.011068] ? SOFTIRQ_verbose+0x10/0x10 [ 46.015114] ? arch_perf_update_userpage+0x380/0x380 [ 46.020208] get_perf_callchain+0x2c8/0x7d0 [ 46.024510] ? put_callchain_buffers+0x50/0x50 [ 46.029088] ? kvm_sched_clock_read+0x9/0x20 [ 46.033470] ? sched_clock_cpu+0x1b/0x1c0 [ 46.037600] perf_callchain+0x125/0x170 [ 46.041557] ? kvm_is_in_guest+0x10/0x30 [ 46.045601] perf_prepare_sample+0xd1a/0x13c0 [ 46.050082] ? perf_output_sample+0x1920/0x1920 [ 46.054721] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.059453] perf_event_output_forward+0xdd/0x1d0 [ 46.064279] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.069006] ? perf_tp_event+0x42d/0x700 [ 46.073057] ? __this_cpu_preempt_check+0x13/0x20 [ 46.077872] ? __perf_event_account_interrupt+0x21/0x270 [ 46.083294] __perf_event_overflow+0x107/0x300 [ 46.087850] perf_swevent_overflow+0x165/0x210 [ 46.092405] perf_swevent_event+0x1f5/0x2f0 [ 46.096717] ___perf_sw_event+0x26b/0x3f0 [ 46.100850] ? trace_hardirqs_off+0x10/0x10 [ 46.105143] ? perf_pending_event+0xc0/0xc0 [ 46.109441] ? lock_release+0x518/0x830 [ 46.113391] ? set_next_entity+0x261/0x940 [ 46.117595] ? pick_next_entity+0x197/0x390 [ 46.121902] ? trace_hardirqs_off+0x10/0x10 [ 46.126204] ? trace_hardirqs_off+0x10/0x10 [ 46.130501] ? __lock_is_held+0xb5/0x140 [ 46.134554] __schedule+0xf9c/0x1d20 [ 46.138249] ? debug_smp_processor_id+0x17/0x20 [ 46.142887] ? __schedule+0xf9c/0x1d20 [ 46.146834] ? firmware_map_remove+0x177/0x177 [ 46.151389] ? lock_downgrade+0x7f0/0x7f0 [ 46.155511] ? plist_add+0x254/0x4f0 [ 46.159214] schedule+0x7f/0x1b0 [ 46.162554] futex_wait_queue_me+0x2d5/0x580 [ 46.166935] ? __unqueue_futex+0xd0/0xd0 [ 46.170969] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 46.176045] futex_wait+0x253/0x520 [ 46.179657] ? futex_wait_setup+0x2d0/0x2d0 [ 46.183960] ? lock_downgrade+0x7f0/0x7f0 [ 46.188082] ? wake_up_q+0x9c/0xe0 [ 46.191602] ? futex_wake+0x10d/0x570 [ 46.195383] do_futex+0x591/0x17f0 [ 46.198893] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.203889] ? perf_trace_lock+0x30e/0x500 [ 46.208118] ? futex_exit_release+0x60/0x60 [ 46.212422] ? trace_hardirqs_off+0x10/0x10 [ 46.216717] ? SOFTIRQ_verbose+0x10/0x10 [ 46.220765] ? perf_trace_lock+0x30e/0x500 [ 46.225030] ? __might_fault+0xf1/0x1b0 [ 46.228998] ? lock_downgrade+0x7f0/0x7f0 [ 46.233139] ? kasan_check_read+0x11/0x20 [ 46.239262] ? _copy_to_user+0x91/0xb0 [ 46.243242] ? do_futex+0x17f0/0x17f0 [ 46.247059] SyS_futex+0xf1/0x250 [ 46.250519] ? do_futex+0x17f0/0x17f0 [ 46.254323] ? SyS_clock_gettime+0x115/0x160 [ 46.258708] ? SyS_clock_settime+0x1a0/0x1a0 [ 46.263093] ? do_syscall_64+0x4c/0x5b0 [ 46.267041] ? do_futex+0x17f0/0x17f0 [ 46.270817] do_syscall_64+0x1c7/0x5b0 [ 46.274681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 46.279498] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.284659] RIP: 0033:0x45aff9 [ 46.287821] RSP: 002b:00007f41e7dc2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 46.295509] RAX: ffffffffffffffda RBX: 000000000075bf28 RCX: 000000000045aff9 [ 46.302766] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075bf28 [ 46.310040] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 46.317314] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf2c [ 46.324559] R13: 00007ffd2f58266f R14: 00007f41e7dc39c0 R15: 000000000075bf2c [ 46.331812] [ 46.333427] The buggy address belongs to the page: [ 46.338339] page:ffffea00020be3c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 46.346454] flags: 0xfffe0000000000() [ 46.350227] raw: 00fffe0000000000 0000000000000000 0000000000000000 00000000ffffffff [ 46.358078] raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000 [ 46.365937] page dumped because: kasan: bad access detected [ 46.372372] [ 46.373977] Memory state around the buggy address: [ 46.378904] ffff888082f8f080: f1 f1 00 00 00 00 00 00 00 00 00 00 00 00 f3 f3 [ 46.386246] ffff888082f8f100: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.393595] >ffff888082f8f180: f1 f1 f1 f1 00 00 00 f2 f3 f3 f3 f3 00 00 00 00 [ 46.400931] ^ [ 46.406109] ffff888082f8f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.413439] ffff888082f8f280: 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 f3 f3 f3 f3 [ 46.421115] ================================================================== [ 46.428544] Kernel panic - not syncing: panic_on_warn set ... [ 46.428544] [ 46.435877] CPU: 0 PID: 7530 Comm: syz-executor.3 Tainted: G B 4.14.180-syzkaller #0 [ 46.444859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.454374] Call Trace: [ 46.456952] dump_stack+0xf7/0x13b [ 46.460477] ? update_stack_state+0x561/0x5d0 [ 46.464955] panic+0x1b0/0x358 [ 46.468124] ? add_taint.cold.5+0x11/0x11 [ 46.472246] ? lock_downgrade+0x7f0/0x7f0 [ 46.476379] ? update_stack_state+0x561/0x5d0 [ 46.480846] kasan_end_report+0x47/0x4f [ 46.484791] kasan_report.cold.8+0x76/0x2d3 [ 46.489095] __asan_report_load8_noabort+0x14/0x20 [ 46.494004] update_stack_state+0x561/0x5d0 [ 46.498299] ? __read_once_size_nocheck.constprop.9+0x10/0x10 [ 46.504155] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.509143] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.514132] __unwind_start+0x189/0x410 [ 46.518081] perf_callchain_kernel+0x23d/0x540 [ 46.522643] ? trace_hardirqs_off+0x10/0x10 [ 46.526945] ? SOFTIRQ_verbose+0x10/0x10 [ 46.530980] ? arch_perf_update_userpage+0x380/0x380 [ 46.536059] get_perf_callchain+0x2c8/0x7d0 [ 46.540355] ? put_callchain_buffers+0x50/0x50 [ 46.544910] ? kvm_sched_clock_read+0x9/0x20 [ 46.549290] ? sched_clock_cpu+0x1b/0x1c0 [ 46.553510] perf_callchain+0x125/0x170 [ 46.557460] ? kvm_is_in_guest+0x10/0x30 [ 46.561496] perf_prepare_sample+0xd1a/0x13c0 [ 46.565964] ? perf_output_sample+0x1920/0x1920 [ 46.570623] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.575472] perf_event_output_forward+0xdd/0x1d0 [ 46.580302] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.585038] ? perf_tp_event+0x42d/0x700 [ 46.589095] ? __this_cpu_preempt_check+0x13/0x20 [ 46.593917] ? __perf_event_account_interrupt+0x21/0x270 [ 46.599354] __perf_event_overflow+0x107/0x300 [ 46.603911] perf_swevent_overflow+0x165/0x210 [ 46.608468] perf_swevent_event+0x1f5/0x2f0 [ 46.612762] ___perf_sw_event+0x26b/0x3f0 [ 46.616886] ? trace_hardirqs_off+0x10/0x10 [ 46.621179] ? perf_pending_event+0xc0/0xc0 [ 46.625804] ? lock_release+0x518/0x830 [ 46.629773] ? set_next_entity+0x261/0x940 [ 46.633985] ? pick_next_entity+0x197/0x390 [ 46.638285] ? trace_hardirqs_off+0x10/0x10 [ 46.642595] ? trace_hardirqs_off+0x10/0x10 [ 46.646905] ? __lock_is_held+0xb5/0x140 [ 46.650951] __schedule+0xf9c/0x1d20 [ 46.654641] ? debug_smp_processor_id+0x17/0x20 [ 46.659347] ? __schedule+0xf9c/0x1d20 [ 46.663217] ? firmware_map_remove+0x177/0x177 [ 46.667797] ? lock_downgrade+0x7f0/0x7f0 [ 46.671922] ? plist_add+0x254/0x4f0 [ 46.675611] schedule+0x7f/0x1b0 [ 46.678962] futex_wait_queue_me+0x2d5/0x580 [ 46.683355] ? __unqueue_futex+0xd0/0xd0 [ 46.687416] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 46.692511] futex_wait+0x253/0x520 [ 46.696115] ? futex_wait_setup+0x2d0/0x2d0 [ 46.700465] ? lock_downgrade+0x7f0/0x7f0 [ 46.704595] ? wake_up_q+0x9c/0xe0 [ 46.708122] ? futex_wake+0x10d/0x570 [ 46.711923] do_futex+0x591/0x17f0 [ 46.715439] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.720432] ? perf_trace_lock+0x30e/0x500 [ 46.724639] ? futex_exit_release+0x60/0x60 [ 46.728932] ? trace_hardirqs_off+0x10/0x10 [ 46.733223] ? SOFTIRQ_verbose+0x10/0x10 [ 46.737271] ? perf_trace_lock+0x30e/0x500 [ 46.741499] ? __might_fault+0xf1/0x1b0 [ 46.745475] ? lock_downgrade+0x7f0/0x7f0 [ 46.749614] ? kasan_check_read+0x11/0x20 [ 46.753746] ? _copy_to_user+0x91/0xb0 [ 46.757618] ? do_futex+0x17f0/0x17f0 [ 46.761391] SyS_futex+0xf1/0x250 [ 46.764818] ? do_futex+0x17f0/0x17f0 [ 46.768590] ? SyS_clock_gettime+0x115/0x160 [ 46.772979] ? SyS_clock_settime+0x1a0/0x1a0 [ 46.777361] ? do_syscall_64+0x4c/0x5b0 [ 46.781308] ? do_futex+0x17f0/0x17f0 [ 46.785090] do_syscall_64+0x1c7/0x5b0 [ 46.788968] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 46.793802] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.798974] RIP: 0033:0x45aff9 [ 46.802160] RSP: 002b:00007f41e7dc2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 46.809878] RAX: ffffffffffffffda RBX: 000000000075bf28 RCX: 000000000045aff9 [ 46.817337] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075bf28 [ 46.824580] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 46.831823] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf2c [ 46.839069] R13: 00007ffd2f58266f R14: 00007f41e7dc39c0 R15: 000000000075bf2c [ 46.846332] [ 46.846333] ====================================================== [ 46.846334] WARNING: possible circular locking dependency detected [ 46.846335] 4.14.180-syzkaller #0 Not tainted [ 46.846336] ------------------------------------------------------ [ 46.846337] syz-executor.3/7530 is trying to acquire lock: [ 46.846338] ((console_sem).lock){-...}, at: [] down_trylock+0x13/0x70 [ 46.846341] [ 46.846342] but task is already holding lock: [ 46.846343] (report_lock){....}, at: [] kasan_report+0x6b/0xe0 [ 46.846346] [ 46.846347] which lock already depends on the new lock. [ 46.846348] [ 46.846348] [ 46.846349] the existing dependency chain (in reverse order) is: [ 46.846350] [ 46.846351] -> #3 (report_lock){....}: [ 46.846354] lock_acquire+0x173/0x400 [ 46.846355] _raw_spin_lock_irqsave+0x99/0xd0 [ 46.846356] kasan_report+0x6b/0xe0 [ 46.846357] __asan_report_load8_noabort+0x14/0x20 [ 46.846358] update_stack_state+0x561/0x5d0 [ 46.846359] __unwind_start+0x189/0x410 [ 46.846360] perf_callchain_kernel+0x23d/0x540 [ 46.846361] get_perf_callchain+0x2c8/0x7d0 [ 46.846362] perf_callchain+0x125/0x170 [ 46.846363] perf_prepare_sample+0xd1a/0x13c0 [ 46.846364] perf_event_output_forward+0xdd/0x1d0 [ 46.846364] __perf_event_overflow+0x107/0x300 [ 46.846365] perf_swevent_overflow+0x165/0x210 [ 46.846366] perf_swevent_event+0x1f5/0x2f0 [ 46.846367] ___perf_sw_event+0x26b/0x3f0 [ 46.846368] __schedule+0xf9c/0x1d20 [ 46.846369] schedule+0x7f/0x1b0 [ 46.846370] futex_wait_queue_me+0x2d5/0x580 [ 46.846371] futex_wait+0x253/0x520 [ 46.846372] do_futex+0x591/0x17f0 [ 46.846373] SyS_futex+0xf1/0x250 [ 46.846373] do_syscall_64+0x1c7/0x5b0 [ 46.846374] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.846375] [ 46.846376] -> #2 (&rq->lock){-.-.}: [ 46.846379] lock_acquire+0x173/0x400 [ 46.846380] _raw_spin_lock+0x2d/0x40 [ 46.846381] task_fork_fair+0x62/0x5b0 [ 46.846382] sched_fork+0x3a6/0xbd0 [ 46.846383] copy_process.part.37+0x1656/0x66c0 [ 46.846383] _do_fork+0x155/0xbb0 [ 46.846384] kernel_thread+0x24/0x30 [ 46.846385] rest_init+0x1d/0x199 [ 46.846386] start_kernel+0x61d/0x642 [ 46.846387] x86_64_start_reservations+0x29/0x2b [ 46.846388] x86_64_start_kernel+0x76/0x79 [ 46.846389] secondary_startup_64+0xa5/0xb0 [ 46.846389] [ 46.846390] -> #1 (&p->pi_lock){-.-.}: [ 46.846393] lock_acquire+0x173/0x400 [ 46.846394] _raw_spin_lock_irqsave+0x99/0xd0 [ 46.846395] try_to_wake_up+0x82/0xf80 [ 46.846396] wake_up_process+0x10/0x20 [ 46.846397] __up.isra.1+0x136/0x1a0 [ 46.846398] up+0x95/0xe0 [ 46.846399] __up_console_sem+0xa0/0x150 [ 46.846399] console_unlock+0x569/0xe30 [ 46.846400] vt_ioctl+0x1ddb/0x21f0 [ 46.846401] tty_ioctl+0x434/0x1260 [ 46.846402] do_vfs_ioctl+0x180/0xfb0 [ 46.846403] SyS_ioctl+0x74/0x80 [ 46.846404] do_syscall_64+0x1c7/0x5b0 [ 46.846405] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.846405] [ 46.846406] -> #0 ((console_sem).lock){-...}: [ 46.846409] __lock_acquire+0x2e94/0x4500 [ 46.846410] lock_acquire+0x173/0x400 [ 46.846411] _raw_spin_lock_irqsave+0x99/0xd0 [ 46.846412] down_trylock+0x13/0x70 [ 46.846413] __down_trylock_console_sem+0x93/0x190 [ 46.846414] console_trylock+0x11/0x50 [ 46.846415] vprintk_emit+0x1ab/0x4e0 [ 46.846416] vprintk_default+0x1a/0x20 [ 46.846417] vprintk_func+0x49/0x12c [ 46.846417] printk+0x91/0xab [ 46.846418] kasan_report+0x7b/0xe0 [ 46.846419] __asan_report_load8_noabort+0x14/0x20 [ 46.846420] update_stack_state+0x561/0x5d0 [ 46.846421] __unwind_start+0x189/0x410 [ 46.846422] perf_callchain_kernel+0x23d/0x540 [ 46.846429] get_perf_callchain+0x2c8/0x7d0 [ 46.846430] perf_callchain+0x125/0x170 [ 46.846432] perf_prepare_sample+0xd1a/0x13c0 [ 46.846433] perf_event_output_forward+0xdd/0x1d0 [ 46.846433] __perf_event_overflow+0x107/0x300 [ 46.846434] perf_swevent_overflow+0x165/0x210 [ 46.846435] perf_swevent_event+0x1f5/0x2f0 [ 46.846436] ___perf_sw_event+0x26b/0x3f0 [ 46.846437] __schedule+0xf9c/0x1d20 [ 46.846438] schedule+0x7f/0x1b0 [ 46.846439] futex_wait_queue_me+0x2d5/0x580 [ 46.846440] futex_wait+0x253/0x520 [ 46.846441] do_futex+0x591/0x17f0 [ 46.846441] SyS_futex+0xf1/0x250 [ 46.846442] do_syscall_64+0x1c7/0x5b0 [ 46.846443] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.846444] [ 46.846445] other info that might help us debug this: [ 46.846445] [ 46.846446] Chain exists of: [ 46.846447] (console_sem).lock --> &rq->lock --> report_lock [ 46.846451] [ 46.846452] Possible unsafe locking scenario: [ 46.846453] [ 46.846454] CPU0 CPU1 [ 46.846455] ---- ---- [ 46.846455] lock(report_lock); [ 46.846457] lock(&rq->lock); [ 46.846460] lock(report_lock); [ 46.846462] lock((console_sem).lock); [ 46.846464] [ 46.846464] *** DEADLOCK *** [ 46.846465] [ 46.846466] 4 locks held by syz-executor.3/7530: [ 46.846467] #0: (&rq->lock){-.-.}, at: [] __schedule+0x1ed/0x1d20 [ 46.846470] #1: (rcu_read_lock){....}, at: [] ___perf_sw_event+0x10a/0x3f0 [ 46.846474] #2: (rcu_read_lock){....}, at: [] perf_event_output_forward+0x0/0x1d0 [ 46.846477] #3: (report_lock){....}, at: [] kasan_report+0x6b/0xe0 [ 46.846481] [ 46.846482] stack backtrace: [ 46.846483] CPU: 0 PID: 7530 Comm: syz-executor.3 Not tainted 4.14.180-syzkaller #0 [ 46.846484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.846485] Call Trace: [ 46.846486] dump_stack+0xf7/0x13b [ 46.846487] print_circular_bug.isra.40.cold.67+0x1bd/0x27d [ 46.846488] ? save_trace+0xe0/0x290 [ 46.846489] __lock_acquire+0x2e94/0x4500 [ 46.846489] ? add_lock_to_list.isra.32+0x193/0x340 [ 46.846490] ? trace_hardirqs_on+0x10/0x10 [ 46.846491] ? perf_trace_lock+0x30e/0x500 [ 46.846492] ? trace_hardirqs_off+0x10/0x10 [ 46.846493] ? kvm_clock_read+0x23/0x40 [ 46.846494] lock_acquire+0x173/0x400 [ 46.846495] ? down_trylock+0x13/0x70 [ 46.846496] ? vprintk_emit+0x1ab/0x4e0 [ 46.846496] _raw_spin_lock_irqsave+0x99/0xd0 [ 46.846497] ? down_trylock+0x13/0x70 [ 46.846498] down_trylock+0x13/0x70 [ 46.846499] ? vprintk_emit+0x1ab/0x4e0 [ 46.846500] __down_trylock_console_sem+0x93/0x190 [ 46.846501] console_trylock+0x11/0x50 [ 46.846502] vprintk_emit+0x1ab/0x4e0 [ 46.846502] ? update_stack_state+0x561/0x5d0 [ 46.846503] vprintk_default+0x1a/0x20 [ 46.846504] vprintk_func+0x49/0x12c [ 46.846505] ? update_stack_state+0x561/0x5d0 [ 46.846506] printk+0x91/0xab [ 46.846507] ? show_regs_print_info+0x5d/0x5d [ 46.846508] ? update_stack_state+0x561/0x5d0 [ 46.846508] kasan_report+0x7b/0xe0 [ 46.846509] __asan_report_load8_noabort+0x14/0x20 [ 46.846510] update_stack_state+0x561/0x5d0 [ 46.846511] ? __read_once_size_nocheck.constprop.9+0x10/0x10 [ 46.846512] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.846513] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.846514] __unwind_start+0x189/0x410 [ 46.846515] perf_callchain_kernel+0x23d/0x540 [ 46.846516] ? trace_hardirqs_off+0x10/0x10 [ 46.846517] ? SOFTIRQ_verbose+0x10/0x10 [ 46.846518] ? arch_perf_update_userpage+0x380/0x380 [ 46.846519] get_perf_callchain+0x2c8/0x7d0 [ 46.846520] ? put_callchain_buffers+0x50/0x50 [ 46.846521] ? kvm_sched_clock_read+0x9/0x20 [ 46.846521] ? sched_clock_cpu+0x1b/0x1c0 [ 46.846523] perf_callchain+0x125/0x170 [ 46.846523] ? kvm_is_in_guest+0x10/0x30 [ 46.846524] perf_prepare_sample+0xd1a/0x13c0 [ 46.846525] ? perf_output_sample+0x1920/0x1920 [ 46.846526] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.846527] perf_event_output_forward+0xdd/0x1d0 [ 46.846528] ? perf_prepare_sample+0x13c0/0x13c0 [ 46.846529] ? perf_tp_event+0x42d/0x700 [ 46.846530] ? __this_cpu_preempt_check+0x13/0x20 [ 46.846531] ? __perf_event_account_interrupt+0x21/0x270 [ 46.846532] __perf_event_overflow+0x107/0x300 [ 46.846533] perf_swevent_overflow+0x165/0x210 [ 46.846534] perf_swevent_event+0x1f5/0x2f0 [ 46.846535] ___perf_sw_event+0x26b/0x3f0 [ 46.846535] ? trace_hardirqs_off+0x10/0x10 [ 46.846536] ? perf_pending_event+0xc0/0xc0 [ 46.846537] ? lock_release+0x518/0x830 [ 46.846538] ? set_next_entity+0x261/0x940 [ 46.846539] ? pick_next_entity+0x197/0x390 [ 46.846540] ? trace_hardirqs_off+0x10/0x10 [ 46.846541] ? trace_hardirqs_off+0x10/0x10 [ 46.846542] ? __lock_is_held+0xb5/0x140 [ 46.846542] __schedule+0xf9c/0x1d20 [ 46.846543] ? debug_smp_processor_id+0x17/0x20 [ 46.846544] ? __schedule+0xf9c/0x1d20 [ 46.846545] ? firmware_map_remove+0x177/0x177 [ 46.846546] ? lock_downgrade+0x7f0/0x7f0 [ 46.846547] ? plist_add+0x254/0x4f0 [ 46.846548] schedule+0x7f/0x1b0 [ 46.846549] futex_wait_queue_me+0x2d5/0x580 [ 46.846550] ? __unqueue_futex+0xd0/0xd0 [ 46.846551] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 46.846551] futex_wait+0x253/0x520 [ 46.846552] ? futex_wait_setup+0x2d0/0x2d0 [ 46.846553] ? lock_downgrade+0x7f0/0x7f0 [ 46.846554] ? wake_up_q+0x9c/0xe0 [ 46.846555] ? futex_wake+0x10d/0x570 [ 46.846556] do_futex+0x591/0x17f0 [ 46.846557] ? perf_trace_run_bpf_submit+0xea/0x160 [ 46.846557] ? perf_trace_lock+0x30e/0x500 [ 46.846558] ? futex_exit_release+0x60/0x60 [ 46.846559] ? trace_hardirqs_off+0x10/0x10 [ 46.846560] ? SOFTIRQ_verbose+0x10/0x10 [ 46.846561] ? perf_trace_lock+0x30e/0x500 [ 46.846562] ? __might_fault+0xf1/0x1b0 [ 46.846563] ? lock_downgrade+0x7f0/0x7f0 [ 46.846564] ? kasan_check_read+0x11/0x20 [ 46.846564] ? _copy_to_user+0x91/0xb0 [ 46.846565] ? do_futex+0x17f0/0x17f0 [ 46.846566] SyS_futex+0xf1/0x250 [ 46.846567] ? do_futex+0x17f0/0x17f0 [ 46.846568] ? SyS_clock_gettime+0x115/0x160 [ 46.846569] ? SyS_clock_settime+0x1a0/0x1a0 [ 46.846570] ? do_syscall_64+0x4c/0x5b0 [ 46.846570] ? do_futex+0x17f0/0x17f0 [ 46.846571] do_syscall_64+0x1c7/0x5b0 [ 46.846572] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 46.846573] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.846574] RIP: 0033:0x45aff9 [ 46.846575] RSP: 002b:00007f41e7dc2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 46.846577] RAX: ffffffffffffffda RBX: 000000000075bf28 RCX: 000000000045aff9 [ 46.846578] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075bf28 [ 46.846579] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 46.846580] R10: 0000000000000000 R11: 000000000000024 [ 46.846582] Lost 1 message(s)! [ 47.945705] Shutting down cpus with NMI [ 49.000923] Kernel Offset: disabled [ 49.004561] Rebooting in 86400 seconds..