Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 29.766175] audit: type=1400 audit(1585627496.491:8): avc: denied { execmem } for pid=6292 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 30.000241] IPVS: ftp: loaded support on port[0] = 21 [ 31.190305] can: request_module (can-proto-0) failed. [ 31.199509] can: request_module (can-proto-0) failed. [ 31.207825] can: request_module (can-proto-0) failed. [ 31.235076] audit: type=1400 audit(1585627497.962:9): avc: denied { create } for pid=6271 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 Warning: Permanently added '10.128.10.62' (ECDSA) to the list of known hosts. 2020/03/31 04:05:05 parsed 1 programs 2020/03/31 04:05:05 executed programs: 0 [ 39.076726] audit: type=1400 audit(1585627505.817:10): avc: denied { execmem } for pid=6412 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 39.117007] IPVS: ftp: loaded support on port[0] = 21 [ 39.794556] IPVS: ftp: loaded support on port[0] = 21 [ 39.856499] chnl_net:caif_netlink_parms(): no params data found [ 39.918287] IPVS: ftp: loaded support on port[0] = 21 [ 39.929904] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.937592] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.944965] device bridge_slave_0 entered promiscuous mode [ 39.960997] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.969900] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.976989] device bridge_slave_1 entered promiscuous mode [ 40.001173] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.017617] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.025804] chnl_net:caif_netlink_parms(): no params data found [ 40.064478] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.072533] team0: Port device team_slave_0 added [ 40.081933] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.089463] team0: Port device team_slave_1 added [ 40.099735] IPVS: ftp: loaded support on port[0] = 21 [ 40.109137] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 40.129429] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.136250] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.143299] device bridge_slave_0 entered promiscuous mode [ 40.152941] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.160282] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.168061] device bridge_slave_1 entered promiscuous mode [ 40.174945] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 40.231915] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.242631] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.317573] device hsr_slave_0 entered promiscuous mode [ 40.353982] device hsr_slave_1 entered promiscuous mode [ 40.395996] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 40.416604] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 40.426604] chnl_net:caif_netlink_parms(): no params data found [ 40.436245] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 40.443412] team0: Port device team_slave_0 added [ 40.449360] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 40.456927] team0: Port device team_slave_1 added [ 40.462684] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 40.476260] IPVS: ftp: loaded support on port[0] = 21 [ 40.485568] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.492036] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.499002] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.505407] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.530235] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 40.657548] device hsr_slave_0 entered promiscuous mode [ 40.673987] device hsr_slave_1 entered promiscuous mode [ 40.714283] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 40.721981] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 40.746852] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.753265] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.755025] device bridge_slave_0 entered promiscuous mode [ 40.770843] chnl_net:caif_netlink_parms(): no params data found [ 40.787741] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 40.794481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.806026] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.812382] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.820767] device bridge_slave_1 entered promiscuous mode [ 40.846708] IPVS: ftp: loaded support on port[0] = 21 [ 40.860041] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 40.872314] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.878747] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.885560] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.891893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.918572] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 40.938786] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 40.955986] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.965559] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.982597] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.989913] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 40.999096] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.006391] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.014959] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.022024] team0: Port device team_slave_0 added [ 41.028339] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.035788] team0: Port device team_slave_1 added [ 41.040880] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.047752] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.056281] device bridge_slave_0 entered promiscuous mode [ 41.063176] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.070057] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.077475] device bridge_slave_1 entered promiscuous mode [ 41.098238] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.106451] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 41.112529] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.121710] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 41.150455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.159400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 41.167696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.176061] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.182464] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.192687] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 41.221859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.230851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.239016] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.245484] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.256926] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 41.267597] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 41.327309] device hsr_slave_0 entered promiscuous mode [ 41.373619] device hsr_slave_1 entered promiscuous mode [ 41.415347] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 41.449517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.457725] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.466332] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 41.473537] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.488510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 41.521313] chnl_net:caif_netlink_parms(): no params data found [ 41.530174] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 41.538375] team0: Port device team_slave_0 added [ 41.548456] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 41.567298] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 41.575037] team0: Port device team_slave_1 added [ 41.584332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 41.592108] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.602292] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 41.612296] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 41.624711] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 41.651909] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.658529] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.666291] device bridge_slave_0 entered promiscuous mode [ 41.700325] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 41.722178] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 41.730335] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.737874] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.745561] device bridge_slave_1 entered promiscuous mode [ 41.776970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 41.784877] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.846736] device hsr_slave_0 entered promiscuous mode [ 41.903352] device hsr_slave_1 entered promiscuous mode [ 41.943833] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 41.950988] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 41.973639] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 41.981768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.991887] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.004096] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.011785] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.021459] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 42.031235] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.046840] chnl_net:caif_netlink_parms(): no params data found [ 42.059552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.068411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.078732] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 42.085292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 42.093602] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.102238] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 42.112573] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 42.119237] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.138278] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.162312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.169267] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.177297] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.187291] team0: Port device team_slave_0 added [ 42.192882] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.200979] team0: Port device team_slave_1 added [ 42.218048] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.225819] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.233896] device bridge_slave_0 entered promiscuous mode [ 42.241028] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 42.248591] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.258783] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.273372] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.279940] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.287425] device bridge_slave_1 entered promiscuous mode [ 42.294122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.301977] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.310073] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.316667] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.326199] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 42.346026] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 42.385838] device hsr_slave_0 entered promiscuous mode [ 42.434386] device hsr_slave_1 entered promiscuous mode [ 42.484460] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.491033] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 42.502927] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 42.509916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 42.518017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.525767] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.532121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.545412] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 42.554828] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 42.564861] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 42.579245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 42.587106] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 42.595169] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 42.601860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 42.614787] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.622709] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 42.631813] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 42.640813] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 42.654473] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 42.665178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.674324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.681388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.689528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 42.697789] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.706100] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 42.715195] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 42.721260] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.733039] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 42.753772] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 42.762904] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 42.779027] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 42.786912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 42.797540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.806349] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.812877] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.820441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.828168] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.835800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 42.843418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.850851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 42.858722] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 42.867078] team0: Port device team_slave_0 added [ 42.876844] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 42.884497] team0: Port device team_slave_1 added [ 42.890179] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 42.901115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 42.920525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 42.928728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.938129] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 42.947191] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 42.953787] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 42.961702] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 42.973692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.981564] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 42.993650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.001401] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.010425] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.016864] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.034652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.042564] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 43.059680] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.076529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 43.091012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.101180] [ 43.102830] ====================================================== [ 43.109248] WARNING: possible circular locking dependency detected [ 43.115546] 4.14.174-syzkaller #0 Not tainted [ 43.120053] ------------------------------------------------------ [ 43.126568] syz-executor.3/7300 is trying to acquire lock: [ 43.132172] ((&strp->work)){+.+.}, at: [] flush_work+0x75/0x720 [ 43.139881] [ 43.139881] but task is already holding lock: [ 43.145937] (sk_lock-AF_INET){+.+.}, at: [] kcm_ioctl+0x6a2/0x13f0 [ 43.153893] [ 43.153893] which lock already depends on the new lock. [ 43.153893] [ 43.162197] [ 43.162197] the existing dependency chain (in reverse order) is: [ 43.169805] [ 43.169805] -> #1 (sk_lock-AF_INET){+.+.}: [ 43.175520] lock_acquire+0x173/0x400 [ 43.179816] lock_sock_nested+0xb3/0x100 [ 43.184377] strp_sock_lock+0x29/0x40 [ 43.188674] strp_work+0x3c/0xd0 [ 43.192535] process_one_work+0x79e/0x16c0 [ 43.197266] worker_thread+0xcc/0xee0 [ 43.201560] kthread+0x338/0x400 [ 43.205426] ret_from_fork+0x24/0x30 [ 43.209634] [ 43.209634] -> #0 ((&strp->work)){+.+.}: [ 43.215163] __lock_acquire+0x2e94/0x4500 [ 43.219817] lock_acquire+0x173/0x400 [ 43.224736] flush_work+0x9c/0x720 [ 43.228778] __cancel_work_timer+0x286/0x420 [ 43.233686] cancel_work_sync+0xb/0x10 [ 43.238088] strp_done+0x48/0xb0 [ 43.241950] kcm_ioctl+0x8ca/0x13f0 [ 43.246082] sock_do_ioctl+0x62/0xa0 [ 43.250288] sock_ioctl+0x251/0x430 [ 43.254426] do_vfs_ioctl+0x180/0xfb0 [ 43.259588] SyS_ioctl+0x74/0x80 [ 43.263454] do_syscall_64+0x1c7/0x5b0 [ 43.267854] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 43.273535] [ 43.273535] other info that might help us debug this: [ 43.273535] [ 43.281650] Possible unsafe locking scenario: [ 43.281650] [ 43.287686] CPU0 CPU1 [ 43.292521] ---- ---- [ 43.297188] lock(sk_lock-AF_INET); [ 43.300878] lock((&strp->work)); [ 43.306914] lock(sk_lock-AF_INET); [ 43.313122] lock((&strp->work)); [ 43.316639] [ 43.316639] *** DEADLOCK *** [ 43.316639] [ 43.322673] 1 lock held by syz-executor.3/7300: [ 43.327330] #0: (sk_lock-AF_INET){+.+.}, at: [] kcm_ioctl+0x6a2/0x13f0 [ 43.335718] [ 43.335718] stack backtrace: [ 43.341863] CPU: 0 PID: 7300 Comm: syz-executor.3 Not tainted 4.14.174-syzkaller #0 [ 43.349633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.359051] Call Trace: [ 43.361663] dump_stack+0xf7/0x13b [ 43.365204] print_circular_bug.isra.40.cold.67+0x1bd/0x27d [ 43.370889] ? save_trace+0xe0/0x290 [ 43.374582] __lock_acquire+0x2e94/0x4500 [ 43.378713] ? trace_hardirqs_on+0x10/0x10 [ 43.382925] ? is_bpf_text_address+0x60/0xe0 [ 43.387331] ? trace_hardirqs_on+0x10/0x10 [ 43.391690] ? find_held_lock+0x36/0x1d0 [ 43.395745] ? trace_hardirqs_off+0x10/0x10 [ 43.400051] ? trace_hardirqs_off+0x10/0x10 [ 43.404364] lock_acquire+0x173/0x400 [ 43.408146] ? flush_work+0x75/0x720 [ 43.411837] ? flush_work+0x511/0x720 [ 43.415634] flush_work+0x9c/0x720 [ 43.419160] ? flush_work+0x75/0x720 [ 43.422860] ? find_held_lock+0x36/0x1d0 [ 43.427094] ? insert_work+0x300/0x300 [ 43.431097] ? del_timer+0x6c/0xf0 [ 43.434616] ? trigger_dyntick_cpu.isra.24+0x1a0/0x1a0 [ 43.439882] ? mark_held_locks+0xc7/0x130 [ 43.444042] ? __cancel_work_timer+0x127/0x420 [ 43.448617] __cancel_work_timer+0x286/0x420 [ 43.453020] ? cancel_delayed_work+0x10/0x10 [ 43.457404] ? mark_held_locks+0xc7/0x130 [ 43.461530] ? kcm_ioctl+0x8b3/0x13f0 [ 43.465397] ? __local_bh_enable_ip+0x9c/0x180 [ 43.469960] ? trace_hardirqs_on_caller+0x40c/0x580 [ 43.474972] cancel_work_sync+0xb/0x10 [ 43.478836] strp_done+0x48/0xb0 [ 43.482186] kcm_ioctl+0x8ca/0x13f0 [ 43.485791] ? __lock_acquire+0x6a4/0x4500 [ 43.490018] ? kcm_done_work+0x20/0x20 [ 43.493893] sock_do_ioctl+0x62/0xa0 [ 43.497590] sock_ioctl+0x251/0x430 [ 43.501194] do_vfs_ioctl+0x180/0xfb0 [ 43.504977] ? __fget+0x1ad/0x2f0 [ 43.508402] ? ioctl_preallocate+0x1a0/0x1a0 [ 43.512790] ? __fget+0x1ca/0x2f0 [ 43.516239] ? security_file_ioctl+0x6a/0xa0 [ 43.520622] ? SyS_clock_settime+0x1a0/0x1a0 [ 43.525007] ? security_file_ioctl+0x6a/0xa0 [ 43.529390] SyS_ioctl+0x74/0x80 [ 43.532740] ? do_vfs_ioctl+0xfb0/0xfb0 [ 43.536698] do_syscall_64+0x1c7/0x5b0 [ 43.540570] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 43.545418] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 43.550705] RIP: 0033:0x45a919 [ 43.553878] RSP: 002b:00007f2980b00c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 43.561670] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a919 [ 43.568943] RDX: 0000000020000080 RSI: 00000000000089e0 RDI: 0000000000000004 [ 43.576204] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 43.583471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2980b016d4 [ 43.590738] R13: 00000000004c75f1 R14: 00000000004de198 R15: 00000000ffffffff [ 43.599707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.609106] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 43.655732] device hsr_slave_0 entered promiscuous mode [ 43.664307] device hsr_slave_1 entered promiscuous mode [ 43.713341] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 43.727115] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.736430] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.743979] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 43.751826] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 43.761304] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 43.770322] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 43.779703] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.787412] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 43.795571] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 43.802303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 43.812164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.820792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.829104] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.835586] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.844133] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 43.852010] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 43.858384] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.870137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.877413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 43.884642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.892009] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 43.904316] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 43.911924] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.919547] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 43.926956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 43.935695] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 43.944052] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 43.951675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.959846] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.966348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.973332] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 43.980145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 43.993455] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.001599] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.010594] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.020700] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.027775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.036852] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.045227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.053568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.061567] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.067970] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.074915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.082544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.089929] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.104097] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.113469] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.121721] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.130892] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.139430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.149045] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.156705] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.163073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.170059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.178338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.186125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.193565] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.202634] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.210222] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.220031] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.226695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.237397] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.243933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.251578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.259371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.266962] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.275439] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.284295] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.295303] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.302959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.311068] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 2020/03/31 04:05:11 executed programs: 13 [ 44.319614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.330038] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.341390] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.350276] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 44.358642] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.366948] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.376361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.383909] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.391305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.399921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.410096] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.418596] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.426017] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.433955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.441371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.448329] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.456969] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 44.464949] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.473848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.480649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.487766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.496597] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.504692] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.510767] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.521915] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.529536] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.537822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.548268] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.554408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.562699] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 44.568891] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.577400] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 44.584954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.594364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.602005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 44.610288] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.618098] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.624480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.631702] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 44.642824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 44.650482] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.658147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 44.667049] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.674686] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.681232] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.690818] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 44.700071] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.708140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 44.716177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.723341] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.731547] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 44.740342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 44.748869] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.758890] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 44.768373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.776836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 44.785190] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 44.793091] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 44.805142] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 44.821390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 44.833471] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 44.846415] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 44.860101] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 44.869520] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 44.878869] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 44.890191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 44.908877] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.918762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 44.928294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 44.942592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.953521] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 44.959538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 44.981576] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.988731] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 44.998170] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 45.005732] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 45.012700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 45.026280] 8021q: adding VLAN 0 to HW filter on device batadv0 2020/03/31 04:05:16 executed programs: 327