[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 61.276031][ T27] audit: type=1800 audit(1563606023.082:25): pid=8870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 61.324525][ T27] audit: type=1800 audit(1563606023.082:26): pid=8870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 61.350496][ T27] audit: type=1800 audit(1563606023.092:27): pid=8870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.223' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 72.091950][ T9024] IPVS: ftp: loaded support on port[0] = 21 [ 72.279546][ T9027] ------------[ cut here ]------------ [ 72.286521][ T9027] WARNING: CPU: 0 PID: 9027 at kernel/sched/deadline.c:627 enqueue_task_dl.cold+0x103/0x4c2 [ 72.296701][ T9027] Kernel panic - not syncing: panic_on_warn set ... [ 72.303432][ T9027] CPU: 0 PID: 9027 Comm: syz-executor199 Not tainted 5.2.0-next-20190718 #41 [ 72.312195][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.322264][ T9027] Call Trace: [ 72.325730][ T9027] dump_stack+0x172/0x1f0 [ 72.330075][ T9027] ? enqueue_task_dl.cold+0x9d/0x4c2 [ 72.335370][ T9027] panic+0x2dc/0x755 [ 72.339271][ T9027] ? add_taint.cold+0x16/0x16 [ 72.343963][ T9027] ? __kasan_check_write+0x14/0x20 [ 72.349196][ T9027] ? __warn.cold+0x5/0x4c [ 72.353542][ T9027] ? __warn+0xe7/0x1e0 [ 72.357619][ T9027] ? enqueue_task_dl.cold+0x103/0x4c2 [ 72.362994][ T9027] __warn.cold+0x20/0x4c [ 72.367338][ T9027] ? enqueue_task_dl.cold+0x103/0x4c2 [ 72.372720][ T9027] report_bug+0x263/0x2b0 [ 72.377058][ T9027] do_error_trap+0x11b/0x200 [ 72.381748][ T9027] do_invalid_op+0x37/0x50 [ 72.386170][ T9027] ? enqueue_task_dl.cold+0x103/0x4c2 [ 72.391553][ T9027] invalid_op+0x14/0x20 [ 72.395722][ T9027] RIP: 0010:enqueue_task_dl.cold+0x103/0x4c2 [ 72.401709][ T9027] Code: d0 48 8b 55 c8 4c 8b 4d b8 e9 64 7a ff ff 48 c7 c7 60 a7 8b 87 4c 89 4d b0 48 89 55 b8 4c 89 45 c8 4c 89 55 d0 e8 6e 76 06 00 <0f> 0b 4c 8b 55 d0 b8 ff ff 37 00 48 c1 e0 2a 4c 8b 45 c8 48 8b 55 [ 72.421321][ T9027] RSP: 0018:ffff88808db67c88 EFLAGS: 00010082 [ 72.427552][ T9027] RAX: 0000000000000024 RBX: ffffffff89a551f4 RCX: 0000000000000000 [ 72.435530][ T9027] RDX: 0000000000000000 RSI: ffffffff815c3a26 RDI: ffffed1011b6cf83 [ 72.443732][ T9027] RBP: ffff88808db67d00 R08: 0000000000000024 R09: ffffed1015d060b1 [ 72.451698][ T9027] R10: ffffed1015d060b0 R11: ffff8880ae830587 R12: ffff8880a0720380 [ 72.459674][ T9027] R13: ffff8880ae835540 R14: ffff8880ae835540 R15: 0000000000000000 [ 72.467997][ T9027] ? vprintk_func+0x86/0x189 [ 72.472936][ T9027] ? enqueue_task_dl.cold+0x103/0x4c2 [ 72.478322][ T9027] enqueue_task+0xb3/0x370 [ 72.482748][ T9027] __sched_setscheduler+0xc58/0x2030 [ 72.488161][ T9027] ? cpu_cgroup_fork+0xd0/0xd0 [ 72.492933][ T9027] ? __kasan_check_read+0x11/0x20 [ 72.498162][ T9027] __x64_sys_sched_setattr+0x1a1/0x280 [ 72.503627][ T9027] ? __ia32_sys_sched_setparam+0x80/0x80 [ 72.509271][ T9027] ? do_syscall_64+0x26/0x6a0 [ 72.514046][ T9027] ? lockdep_hardirqs_on+0x418/0x5d0 [ 72.519341][ T9027] ? trace_hardirqs_on+0x67/0x240 [ 72.524373][ T9027] do_syscall_64+0xfd/0x6a0 [ 72.529057][ T9027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.534968][ T9027] RIP: 0033:0x446809 [ 72.538875][ T9027] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.558489][ T9027] RSP: 002b:00007f4abe4fbdb8 EFLAGS: 00000246 ORIG_RAX: 000000000000013a [ 72.566909][ T9027] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446809 [ 72.574883][ T9027] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000 [ 72.583172][ T9027] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000 [ 72.591239][ T9027] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c [ 72.599216][ T9027] R13: 00007ffe00978edf R14: 00007f4abe4fc9c0 R15: 0000000000000001 [ 72.607257][ T9027] [ 72.607264][ T9027] ====================================================== [ 72.607270][ T9027] WARNING: possible circular locking dependency detected [ 72.607274][ T9027] 5.2.0-next-20190718 #41 Not tainted [ 72.607280][ T9027] ------------------------------------------------------ [ 72.607286][ T9027] syz-executor199/9027 is trying to acquire lock: [ 72.607290][ T9027] 00000000061b1238 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70 [ 72.607306][ T9027] [ 72.607310][ T9027] but task is already holding lock: [ 72.607314][ T9027] 000000005292750d (&rq->lock){-.-.}, at: task_rq_lock+0xc5/0x2c0 [ 72.607329][ T9027] [ 72.607334][ T9027] which lock already depends on the new lock. [ 72.607337][ T9027] [ 72.607340][ T9027] [ 72.607345][ T9027] the existing dependency chain (in reverse order) is: [ 72.607348][ T9027] [ 72.607351][ T9027] -> #2 (&rq->lock){-.-.}: [ 72.607365][ T9027] _raw_spin_lock+0x2f/0x40 [ 72.607370][ T9027] task_fork_fair+0x6a/0x520 [ 72.607374][ T9027] sched_fork+0x3af/0x900 [ 72.607378][ T9027] copy_process+0x1b04/0x6b00 [ 72.607382][ T9027] _do_fork+0x146/0xfa0 [ 72.607387][ T9027] kernel_thread+0xbb/0xf0 [ 72.607391][ T9027] rest_init+0x28/0x37b [ 72.607395][ T9027] arch_call_rest_init+0xe/0x1b [ 72.607399][ T9027] start_kernel+0x912/0x951 [ 72.607404][ T9027] x86_64_start_reservations+0x29/0x2b [ 72.607409][ T9027] x86_64_start_kernel+0x77/0x7b [ 72.607413][ T9027] secondary_startup_64+0xa4/0xb0 [ 72.607416][ T9027] [ 72.607419][ T9027] -> #1 (&p->pi_lock){-.-.}: [ 72.607434][ T9027] _raw_spin_lock_irqsave+0x95/0xcd [ 72.607438][ T9027] try_to_wake_up+0xb0/0x1aa0 [ 72.607443][ T9027] wake_up_process+0x10/0x20 [ 72.607447][ T9027] __up.isra.0+0x136/0x1a0 [ 72.607451][ T9027] up+0x9c/0xe0 [ 72.607455][ T9027] __up_console_sem+0xb7/0x1c0 [ 72.607459][ T9027] console_unlock+0x695/0xf10 [ 72.607464][ T9027] vprintk_emit+0x2a0/0x700 [ 72.607468][ T9027] vprintk_default+0x28/0x30 [ 72.607472][ T9027] vprintk_func+0x7e/0x189 [ 72.607476][ T9027] printk+0xba/0xed [ 72.607480][ T9027] do_exit.cold+0x18b/0x314 [ 72.607485][ T9027] do_group_exit+0x135/0x360 [ 72.607489][ T9027] __x64_sys_exit_group+0x44/0x50 [ 72.607494][ T9027] do_syscall_64+0xfd/0x6a0 [ 72.607499][ T9027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.607501][ T9027] [ 72.607504][ T9027] -> #0 ((console_sem).lock){-.-.}: [ 72.607520][ T9027] __lock_acquire+0x25a9/0x4c30 [ 72.607524][ T9027] lock_acquire+0x190/0x410 [ 72.607528][ T9027] _raw_spin_lock_irqsave+0x95/0xcd [ 72.607533][ T9027] down_trylock+0x13/0x70 [ 72.607538][ T9027] __down_trylock_console_sem+0xa8/0x210 [ 72.607542][ T9027] console_trylock+0x15/0xa0 [ 72.607546][ T9027] vprintk_emit+0x283/0x700 [ 72.607551][ T9027] vprintk_default+0x28/0x30 [ 72.607555][ T9027] vprintk_func+0x7e/0x189 [ 72.607559][ T9027] printk+0xba/0xed [ 72.607563][ T9027] enqueue_task_dl.cold+0x103/0x4c2 [ 72.607567][ T9027] enqueue_task+0xb3/0x370 [ 72.607572][ T9027] __sched_setscheduler+0xc58/0x2030 [ 72.607577][ T9027] __x64_sys_sched_setattr+0x1a1/0x280 [ 72.607581][ T9027] do_syscall_64+0xfd/0x6a0 [ 72.607587][ T9027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.607589][ T9027] [ 72.607594][ T9027] other info that might help us debug this: [ 72.607597][ T9027] [ 72.607600][ T9027] Chain exists of: [ 72.607603][ T9027] (console_sem).lock --> &p->pi_lock --> &rq->lock [ 72.607622][ T9027] [ 72.607627][ T9027] Possible unsafe locking scenario: [ 72.607630][ T9027] [ 72.607634][ T9027] CPU0 CPU1 [ 72.607639][ T9027] ---- ---- [ 72.607641][ T9027] lock(&rq->lock); [ 72.607652][ T9027] lock(&p->pi_lock); [ 72.607662][ T9027] lock(&rq->lock); [ 72.607670][ T9027] lock((console_sem).lock); [ 72.607679][ T9027] [ 72.607682][ T9027] *** DEADLOCK *** [ 72.607685][ T9027] [ 72.607690][ T9027] 2 locks held by syz-executor199/9027: [ 72.607692][ T9027] #0: 00000000f9ff51be (&p->pi_lock){-.-.}, at: task_rq_lock+0x6a/0x2c0 [ 72.607710][ T9027] #1: 000000005292750d (&rq->lock){-.-.}, at: task_rq_lock+0xc5/0x2c0 [ 72.607728][ T9027] [ 72.607732][ T9027] stack backtrace: [ 72.607739][ T9027] CPU: 0 PID: 9027 Comm: syz-executor199 Not tainted 5.2.0-next-20190718 #41 [ 72.607746][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.607749][ T9027] Call Trace: [ 72.607753][ T9027] dump_stack+0x172/0x1f0 [ 72.607758][ T9027] print_circular_bug.cold+0x163/0x172 [ 72.607762][ T9027] check_noncircular+0x345/0x3e0 [ 72.607766][ T9027] ? print_circular_bug+0x200/0x200 [ 72.607771][ T9027] ? __lockdep_reset_lock+0x450/0x450 [ 72.607776][ T9027] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.607780][ T9027] ? find_first_zero_bit+0x9a/0xc0 [ 72.607785][ T9027] __lock_acquire+0x25a9/0x4c30 [ 72.607789][ T9027] ? format_decode+0x25f/0xbc0 [ 72.607793][ T9027] ? mark_held_locks+0xf0/0xf0 [ 72.607797][ T9027] ? kvm_clock_read+0x18/0x30 [ 72.607801][ T9027] ? vprintk_emit+0x14b/0x700 [ 72.607805][ T9027] lock_acquire+0x190/0x410 [ 72.607809][ T9027] ? down_trylock+0x13/0x70 [ 72.607814][ T9027] _raw_spin_lock_irqsave+0x95/0xcd [ 72.607818][ T9027] ? down_trylock+0x13/0x70 [ 72.607822][ T9027] ? vprintk_emit+0x283/0x700 [ 72.607826][ T9027] down_trylock+0x13/0x70 [ 72.607830][ T9027] ? vprintk_emit+0x283/0x700 [ 72.607835][ T9027] __down_trylock_console_sem+0xa8/0x210 [ 72.607839][ T9027] console_trylock+0x15/0xa0 [ 72.607843][ T9027] vprintk_emit+0x283/0x700 [ 72.607847][ T9027] vprintk_default+0x28/0x30 [ 72.607851][ T9027] vprintk_func+0x7e/0x189 [ 72.607854][ T9027] printk+0xba/0xed [ 72.607859][ T9027] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 72.607863][ T9027] enqueue_task_dl.cold+0x103/0x4c2 [ 72.607867][ T9027] enqueue_task+0xb3/0x370 [ 72.607872][ T9027] __sched_setscheduler+0xc58/0x2030 [ 72.607876][ T9027] ? cpu_cgroup_fork+0xd0/0xd0 [ 72.607880][ T9027] ? __kasan_check_read+0x11/0x20 [ 72.607884][ T9027] __x64_sys_sched_setattr+0x1a1/0x280 [ 72.607889][ T9027] ? __ia32_sys_sched_setparam+0x80/0x80 [ 72.607893][ T9027] ? do_syscall_64+0x26/0x6a0 [ 72.607898][ T9027] ? lockdep_hardirqs_on+0x418/0x5d0 [ 72.607902][ T9027] ? trace_hardirqs_on+0x67/0x240 [ 72.607906][ T9027] do_syscall_64+0xfd/0x6a0 [ 72.607911][ T9027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.607914][ T9027] RIP: 0033:0x446809 [ 72.607927][ T9027] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.607932][ T9027] RSP: 002b:00007f4abe4fbdb8 EFLAGS: 00000246 ORIG_RAX: 000000000000013a [ 72.607942][ T9027] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446809 [ 72.607949][ T9027] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000 [ 72.607955][ T9027] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000 [ 72.607961][ T9027] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c [ 72.607967][ T9027] R13: 00007ffe00978edf R14: 00007f4abe4fc9c0 R15: 0000000000000001 [ 73.716090][ T9027] Shutting down cpus with NMI [ 74.448038][ T9027] Kernel Offset: disabled [ 74.452375][ T9027] Rebooting in 86400 seconds..