Warning: Permanently added '10.128.1.5' (ECDSA) to the list of known hosts.
executing program
[ 54.982864] audit: type=1400 audit(1584782115.713:36): avc: denied { map } for pid=8008 comm="syz-executor403" path="/root/syz-executor403079043" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 55.000487] IPVS: ftp: loaded support on port[0] = 21
[ 55.044191] ------------[ cut here ]------------
[ 55.049948] ODEBUG: activate active (active state 1) object type: rcu_head hint: (null)
[ 55.059155] WARNING: CPU: 0 PID: 8010 at lib/debugobjects.c:325 debug_print_object+0x160/0x250
[ 55.067888] Kernel panic - not syncing: panic_on_warn set ...
[ 55.067888]
[ 55.075350] CPU: 0 PID: 8010 Comm: syz-executor403 Not tainted 4.19.112-syzkaller #0
[ 55.083254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 55.092602] Call Trace:
[ 55.095198] dump_stack+0x188/0x20d
[ 55.098819] panic+0x26a/0x50e
[ 55.101995] ? __warn_printk+0xf3/0xf3
[ 55.105870] ? debug_print_object+0x160/0x250
[ 55.110671] ? __probe_kernel_read+0x16c/0x1b0
[ 55.115253] ? __warn.cold+0x5/0x46
[ 55.118864] ? __warn+0xe4/0x1c0
[ 55.122215] ? debug_print_object+0x160/0x250
[ 55.126707] __warn.cold+0x20/0x46
[ 55.130230] ? debug_print_object+0x160/0x250
[ 55.134709] report_bug+0x262/0x2a0
[ 55.138323] do_error_trap+0x1d7/0x310
[ 55.142195] ? math_error+0x310/0x310
[ 55.145978] ? irq_work_claim+0xa6/0xc0
[ 55.149941] ? irq_work_queue+0x2b/0x80
[ 55.153920] ? wake_up_klogd+0x8c/0xc0
[ 55.157791] ? trace_hardirqs_off_caller+0x55/0x210
[ 55.162843] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 55.167670] invalid_op+0x14/0x20
[ 55.171110] RIP: 0010:debug_print_object+0x160/0x250
[ 55.176204] Code: dd 60 0f ab 87 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd 60 0f ab 87 48 c7 c7 a0 04 ab 87 e8 9b f6 e6 fd <0f> 0b 83 05 23 a5 37 06 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89
[ 55.195087] RSP: 0018:ffff888095147268 EFLAGS: 00010086
[ 55.200429] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 55.207769] RDX: 0000000000000000 RSI: ffffffff8152d3a1 RDI: ffffed1012a28e3f
[ 55.215107] RBP: 0000000000000001 R08: ffff888097816380 R09: ffffed1015cc3ee3
[ 55.222362] R10: ffffed1015cc3ee2 R11: ffff8880ae61f717 R12: ffffffff88b928c0
[ 55.229612] R13: 0000000000000000 R14: ffff888096e2cac8 R15: 1ffff11012a28e5a
[ 55.236874] ? vprintk_func+0x81/0x17e
[ 55.240759] ? debug_print_object+0x160/0x250
[ 55.245240] debug_object_activate+0x357/0x4e0
[ 55.249805] ? debug_object_free+0x3e0/0x3e0
[ 55.254196] ? lockdep_hardirqs_on+0x40b/0x5d0
[ 55.258759] ? route4_change+0xbab/0x2210
[ 55.262894] ? delayed_work_timer_fn+0x90/0x90
[ 55.267478] __call_rcu.constprop.0+0x31/0x7e0
[ 55.272043] ? mark_held_locks+0xa6/0xf0
[ 55.276088] queue_rcu_work+0x75/0x90
[ 55.279869] route4_change+0xe6a/0x2210
[ 55.283827] ? route4_init+0xa0/0xa0
[ 55.287545] ? route4_init+0xa0/0xa0
[ 55.291255] tc_new_tfilter+0xa6b/0x1450
[ 55.295315] ? tc_del_tfilter+0xd40/0xd40
[ 55.301464] ? __mutex_lock+0x3cd/0x1300
[ 55.305521] ? selinux_ipv4_output+0x50/0x50
[ 55.309932] ? rtnetlink_rcv_msg+0x3fe/0xaf0
[ 55.314344] ? tc_del_tfilter+0xd40/0xd40
[ 55.318500] rtnetlink_rcv_msg+0x453/0xaf0
[ 55.322733] ? rtnetlink_put_metrics+0x520/0x520
[ 55.327477] ? find_held_lock+0x2d/0x110
[ 55.331698] netlink_rcv_skb+0x160/0x410
[ 55.335742] ? rtnetlink_put_metrics+0x520/0x520
[ 55.340476] ? netlink_ack+0xa60/0xa60
[ 55.344349] netlink_unicast+0x4d7/0x6a0
[ 55.348391] ? netlink_attachskb+0x710/0x710
[ 55.352785] netlink_sendmsg+0x80b/0xcd0
[ 55.356843] ? netlink_unicast+0x6a0/0x6a0
[ 55.361059] ? move_addr_to_kernel.part.0+0x110/0x110
[ 55.366232] ? netlink_unicast+0x6a0/0x6a0
[ 55.370445] sock_sendmsg+0xcf/0x120
[ 55.374224] ___sys_sendmsg+0x803/0x920
[ 55.378176] ? copy_msghdr_from_user+0x410/0x410
[ 55.382913] ? __fget+0x319/0x510
[ 55.386362] ? lock_downgrade+0x740/0x740
[ 55.390506] ? check_preemption_disabled+0x41/0x280
[ 55.395504] ? __fget+0x340/0x510
[ 55.398941] ? iterate_fd+0x350/0x350
[ 55.402723] ? find_held_lock+0x2d/0x110
[ 55.406762] ? __fd_install+0x1b4/0x610
[ 55.410716] ? __fget_light+0x1d1/0x230
[ 55.414697] __sys_sendmsg+0xec/0x1b0
[ 55.418479] ? __ia32_sys_shutdown+0x70/0x70
[ 55.422883] ? __x64_sys_futex+0x386/0x4f0
[ 55.427106] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 55.431843] ? trace_hardirqs_off_caller+0x55/0x210
[ 55.436842] ? do_syscall_64+0x21/0x620
[ 55.440807] do_syscall_64+0xf9/0x620
[ 55.444600] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 55.449771] RIP: 0033:0x4466c9
[ 55.452948] Code: e8 1c ba 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 55.471845] RSP: 002b:00007f1ac981bd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.479536] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 00000000004466c9
[ 55.486798] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[ 55.494050] RBP: 00000000006dbc60 R08: 0000000000000000 R09: 0000000000000000
[ 55.501312] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc6c
[ 55.508561] R13: 0000000000000005 R14: 00a3a20740000000 R15: 0507002400000038
[ 55.515821]
[ 55.515824] ======================================================
[ 55.515827] WARNING: possible circular locking dependency detected
[ 55.515829] 4.19.112-syzkaller #0 Not tainted
[ 55.515832] ------------------------------------------------------
[ 55.515834] syz-executor403/8010 is trying to acquire lock:
[ 55.515836] 0000000013d5f1c1 ((console_sem).lock){-...}, at: down_trylock+0xe/0x60
[ 55.515843]
[ 55.515846] but task is already holding lock:
[ 55.515847] 000000005c14d598 (&obj_hash[i].lock){-.-.}, at: debug_object_activate+0x131/0x4e0
[ 55.515855]
[ 55.515857] which lock already depends on the new lock.
[ 55.515858]
[ 55.515859]
[ 55.515862] the existing dependency chain (in reverse order) is:
[ 55.515863]
[ 55.515864] -> #5 (&obj_hash[i].lock){-.-.}:
[ 55.515871] debug_object_activate+0x131/0x4e0
[ 55.515873] enqueue_hrtimer+0x27/0x3f0
[ 55.515876] hrtimer_start_range_ns+0x580/0xbe0
[ 55.515878] schedule_hrtimeout_range_clock+0x17a/0x360
[ 55.515880] wait_task_inactive+0x443/0x550
[ 55.515882] __kthread_bind_mask+0x1f/0xb0
[ 55.515885] init_rescuer.part.0+0xf2/0x190
[ 55.515887] workqueue_init+0x504/0x7e9
[ 55.515889] kernel_init_freeable+0x2bd/0x5bb
[ 55.515891] kernel_init+0xd/0x1c2
[ 55.515893] ret_from_fork+0x24/0x30
[ 55.515894]
[ 55.515895] -> #4 (hrtimer_bases.lock){-.-.}:
[ 55.515902] lock_hrtimer_base.isra.0+0x6d/0x120
[ 55.515904] hrtimer_start_range_ns+0xf5/0xbe0
[ 55.515907] enqueue_task_rt+0x97f/0xdf0
[ 55.515909] __sched_setscheduler.constprop.0+0xc79/0x1df0
[ 55.515911] _sched_setscheduler+0xee/0x180
[ 55.515913] watchdog_dev_init+0xdd/0x1ae
[ 55.515915] watchdog_init+0x14/0x17e
[ 55.515917] do_one_initcall+0xf1/0x734
[ 55.515920] kernel_init_freeable+0x4c9/0x5bb
[ 55.515921] kernel_init+0xd/0x1c2
[ 55.515923] ret_from_fork+0x24/0x30
[ 55.515924]
[ 55.515926] -> #3 (&rt_b->rt_runtime_lock){-...}:
[ 55.515933] rq_online_rt+0xaf/0x390
[ 55.515935] set_rq_online.part.0+0xe3/0x140
[ 55.515937] sched_cpu_activate+0x17f/0x270
[ 55.515939] cpuhp_invoke_callback+0x213/0x1bb0
[ 55.515941] cpuhp_thread_fun+0x440/0x840
[ 55.515943] smpboot_thread_fn+0x653/0x9d0
[ 55.515945] kthread+0x34a/0x420
[ 55.515947] ret_from_fork+0x24/0x30
[ 55.515948]
[ 55.515949] -> #2 (&rq->lock){-.-.}:
[ 55.515956] task_fork_fair+0x6a/0x520
[ 55.515958] sched_fork+0x3a7/0x8b0
[ 55.515960] copy_process.part.0+0x187d/0x7a60
[ 55.515962] _do_fork+0x22f/0xf40
[ 55.515964] kernel_thread+0x2f/0x40
[ 55.515966] rest_init+0x1f/0x212
[ 55.515968] start_kernel+0x7e4/0x81c
[ 55.515970] secondary_startup_64+0xa4/0xb0
[ 55.515971]
[ 55.515972] -> #1 (&p->pi_lock){-.-.}:
[ 55.515979] try_to_wake_up+0x80/0xe90
[ 55.515981] up+0x92/0xe0
[ 55.515983] __up_console_sem+0xb3/0x1c0
[ 55.515985] console_unlock+0x64d/0xfe0
[ 55.515987] vprintk_emit+0x282/0x6e0
[ 55.515989] vprintk_func+0x79/0x17e
[ 55.515990] printk+0xba/0xed
[ 55.515993] kauditd_hold_skb.cold+0x41/0x50
[ 55.515995] kauditd_send_queue+0x12d/0x170
[ 55.515997] kauditd_thread+0x6f4/0xa20
[ 55.515999] kthread+0x34a/0x420
[ 55.516001] ret_from_fork+0x24/0x30
[ 55.516002]
[ 55.516003] -> #0 ((console_sem).lock){-...}:
[ 55.516010] _raw_spin_lock_irqsave+0x8c/0xbf
[ 55.516012] down_trylock+0xe/0x60
[ 55.516014] __down_trylock_console_sem+0xa3/0x210
[ 55.516016] console_trylock+0x12/0x90
[ 55.516018] vprintk_emit+0x269/0x6e0
[ 55.516020] vprintk_func+0x79/0x17e
[ 55.516022] printk+0xba/0xed
[ 55.516024] __warn_printk+0x9b/0xf3
[ 55.516026] debug_print_object+0x160/0x250
[ 55.516028] debug_object_activate+0x357/0x4e0
[ 55.516031] __call_rcu.constprop.0+0x31/0x7e0
[ 55.516032] queue_rcu_work+0x75/0x90
[ 55.516035] route4_change+0xe6a/0x2210
[ 55.516037] tc_new_tfilter+0xa6b/0x1450
[ 55.516039] rtnetlink_rcv_msg+0x453/0xaf0
[ 55.516041] netlink_rcv_skb+0x160/0x410
[ 55.516043] netlink_unicast+0x4d7/0x6a0
[ 55.516045] netlink_sendmsg+0x80b/0xcd0
[ 55.516047] sock_sendmsg+0xcf/0x120
[ 55.516049] ___sys_sendmsg+0x803/0x920
[ 55.516051] __sys_sendmsg+0xec/0x1b0
[ 55.516053] do_syscall_64+0xf9/0x620
[ 55.516055] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 55.516056]
[ 55.516059] other info that might help us debug this:
[ 55.516060]
[ 55.516061] Chain exists of:
[ 55.516062] (console_sem).lock --> hrtimer_bases.lock --> &obj_hash[i].lock
[ 55.516071]
[ 55.516074] Possible unsafe locking scenario:
[ 55.516075]
[ 55.516077] CPU0 CPU1
[ 55.516079] ---- ----
[ 55.516080] lock(&obj_hash[i].lock);
[ 55.516085] lock(hrtimer_bases.lock);
[ 55.516090] lock(&obj_hash[i].lock);
[ 55.516094] lock((console_sem).lock);
[ 55.516097]
[ 55.516099] *** DEADLOCK ***
[ 55.516100]
[ 55.516102] 2 locks held by syz-executor403/8010:
[ 55.516103] #0: 00000000ae89d9bf (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x3fe/0xaf0
[ 55.516112] #1: 000000005c14d598 (&obj_hash[i].lock){-.-.}, at: debug_object_activate+0x131/0x4e0
[ 55.516120]
[ 55.516122] stack backtrace:
[ 55.516125] CPU: 0 PID: 8010 Comm: syz-executor403 Not tainted 4.19.112-syzkaller #0
[ 55.516129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 55.516131] Call Trace:
[ 55.516133] dump_stack+0x188/0x20d
[ 55.516135] print_circular_bug.isra.0.cold+0x1c4/0x282
[ 55.516137] __lock_acquire+0x2e19/0x49c0
[ 55.516139] ? add_lock_to_list.isra.0+0x179/0x330
[ 55.516141] ? save_trace+0xd6/0x290
[ 55.516143] ? mark_held_locks+0xf0/0xf0
[ 55.516145] ? format_decode+0x230/0xad0
[ 55.516147] ? kvm_clock_read+0x14/0x30
[ 55.516149] lock_acquire+0x170/0x400
[ 55.516151] ? down_trylock+0xe/0x60
[ 55.516153] _raw_spin_lock_irqsave+0x8c/0xbf
[ 55.516155] ? down_trylock+0xe/0x60
[ 55.516157] down_trylock+0xe/0x60
[ 55.516159] ? vprintk_emit+0x269/0x6e0
[ 55.516162] __down_trylock_console_sem+0xa3/0x210
[ 55.516163] console_trylock+0x12/0x90
[ 55.516165] vprintk_emit+0x269/0x6e0
[ 55.516167] vprintk_func+0x79/0x17e
[ 55.516169] printk+0xba/0xed
[ 55.516171] ? kmsg_dump_rewind_nolock+0xd9/0xd9
[ 55.516173] ? __warn_printk+0x8f/0xf3
[ 55.516175] __warn_printk+0x9b/0xf3
[ 55.516177] ? add_taint.cold+0x16/0x16
[ 55.516179] ? do_syscall_64+0xf9/0x620
[ 55.516182] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 55.516184] debug_print_object+0x160/0x250
[ 55.516186] debug_object_activate+0x357/0x4e0
[ 55.516188] ? debug_object_free+0x3e0/0x3e0
[ 55.516190] ? lockdep_hardirqs_on+0x40b/0x5d0
[ 55.516192] ? route4_change+0xbab/0x2210
[ 55.516195] ? delayed_work_timer_fn+0x90/0x90
[ 55.516197] __call_rcu.constprop.0+0x31/0x7e0
[ 55.516199] ? mark_held_locks+0xa6/0xf0
[ 55.516201] queue_rcu_work+0x75/0x90
[ 55.516203] route4_change+0xe6a/0x2210
[ 55.516205] ? route4_init+0xa0/0xa0
[ 55.516207] ? route4_init+0xa0/0xa0
[ 55.516209] tc_new_tfilter+0xa6b/0x1450
[ 55.516211] ? tc_del_tfilter+0xd40/0xd40
[ 55.516213] ? __mutex_lock+0x3cd/0x1300
[ 55.516215] ? selinux_ipv4_output+0x50/0x50
[ 55.516217] ? rtnetlink_rcv_msg+0x3fe/0xaf0
[ 55.516219] ? tc_del_tfilter+0xd40/0xd40
[ 55.516221] rtnetlink_rcv_msg+0x453/0xaf0
[ 55.516223] ? rtnetlink_put_metrics+0x520/0x520
[ 55.516225] ? find_held_lock+0x2d/0x110
[ 55.516227] netlink_rcv_skb+0x160/0x410
[ 55.516230] ? rtnetlink_put_metrics+0x520/0x520
[ 55.516232] ? netlink_ack+0xa60/0xa60
[ 55.516234] netlink_unicast+0x4d7/0x6a0
[ 55.516236] ? netlink_attachskb+0x710/0x710
[ 55.516238] netlink_sendmsg+0x80b/0xcd0
[ 55.516240] ? netlink_unicast+0x6a0/0x6a0
[ 55.516243] ? move_addr_to_kernel.part.0+0x110/0x110
[ 55.516245] ? netlink_unicast+0x6a0/0x6a0
[ 55.516247] sock_sendmsg+0xcf/0x120
[ 55.516249] ___sys_sendmsg+0x803/0x920
[ 55.516251] ? copy_msghdr_from_user+0x410/0x410
[ 55.516253] ? __fget+0x319/0x510
[ 55.516255] ? lock_downgrade+0x740/0x740
[ 55.516257] ? check_preemption_disabled+0x41/0x280
[ 55.516260] ? __fget+0x340/0x510
[ 55.516263] ? iterate_fd+0x350/0x350
[ 55.516265] ? find_held_lock+0x2d/0x110
[ 55.516268] ? __fd_install+0x1b4/0x610
[ 55.516270] ? __fget_light+0x1d1/0x230
[ 55.516272] __sys_sendmsg+0xec/0x1b0
[ 55.516274] ? __ia32_sys_shutdown+0x70/0x70
[ 55.516276] ? __x64_sys_futex+0x386/0x4f0
[ 55.516278] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 55.516281] ? trace_hardirqs_off_caller+0x55/0x210
[ 55.516283] ? do_syscall_64+0x21/0x620
[ 55.516284] do_syscall_64+0xf9/0x620
[ 55.516287] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 55.516289] RIP: 0033:0x4466c9
[ 55.516296] Code: e8 1c ba 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 0e fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 55.516298] RSP: 002b:00007f1ac981bd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.516303] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 00000000004466c9
[ 55.516307] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[ 55.516310] RBP: 00000000006dbc60 R08: 0000000000000000 R09: 0000000000000000
[ 55.516313] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc6c
[ 55.516316] R13: 0000000000000005 R14: 00a3a20740000000 R15: 0507002400000038
[ 55.517918] Kernel Offset: disabled
[ 56.443113] Rebooting in 86400 seconds..