[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 52.624823][ T26] audit: type=1800 audit(1566447998.550:25): pid=8370 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 52.668600][ T26] audit: type=1800 audit(1566447998.550:26): pid=8370 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 52.695225][ T26] audit: type=1800 audit(1566447998.550:27): pid=8370 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.240' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program syzkaller login: [ 929.259779][ T1063] INFO: task syz-executor948:8525 can't die for more than 143 seconds. [ 929.268144][ T1063] syz-executor948 R running task 27424 8525 8523 0x00004006 [ 929.329602][ T1063] Call Trace: [ 929.332908][ T1063] __schedule+0x776/0x17d0 [ 929.337311][ T1063] ? __ioremap_caller.constprop.0+0x498/0x710 [ 929.379623][ T1063] ? __sched_text_start+0x8/0x8 [ 929.384471][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 929.419625][ T1063] ? trace_hardirqs_on_caller+0x8c/0x240 [ 929.425281][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 929.469616][ T1063] ? preempt_schedule_irq+0xb5/0x160 [ 929.474905][ T1063] ? retint_kernel+0x1b/0x2b [ 929.479495][ T1063] ? copy_user_enhanced_fast_string+0xe/0x20 [ 929.529616][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 929.534556][ T1063] ? write_mem+0x137/0x210 [ 929.538963][ T1063] ? do_loop_readv_writev.part.0+0x2ac/0x460 [ 929.579615][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 929.585865][ T1063] ? do_iter_write+0x2fa/0x380 [ 929.619619][ T1063] ? vfs_writev+0x1b3/0x2f0 [ 929.624139][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 929.628803][ T1063] ? find_held_lock+0x35/0x130 [ 929.669617][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 929.674654][ T1063] ? lock_downgrade+0x920/0x920 [ 929.679524][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 929.719637][ T1063] ? __fget_light+0x1a9/0x230 [ 929.724318][ T1063] ? do_pwritev+0x1c4/0x280 [ 929.728827][ T1063] ? do_writev+0x330/0x330 [ 929.779609][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 929.785054][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 929.819611][ T1063] ? do_syscall_64+0x26/0x760 [ 929.824281][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 929.869610][ T1063] ? do_syscall_64+0x26/0x760 [ 929.874288][ T1063] ? __x64_sys_pwritev+0x9a/0xf0 [ 929.879213][ T1063] ? do_syscall_64+0xfa/0x760 [ 929.919632][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 929.925706][ T1063] INFO: task syz-executor948:8530 can't die for more than 144 seconds. [ 929.969620][ T1063] syz-executor948 R running task 28168 8530 8529 0x00004006 [ 929.977610][ T1063] Call Trace: [ 930.009621][ T1063] __schedule+0x76e/0x17d0 [ 930.014052][ T1063] ? __sched_text_start+0x8/0x8 [ 930.018891][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 930.049639][ T1063] ? lockdep_hardirqs_on+0x418/0x5d0 [ 930.054919][ T1063] ? trace_hardirqs_on+0x67/0x240 [ 930.089634][ T1063] preempt_schedule_irq+0xb5/0x160 [ 930.094742][ T1063] retint_kernel+0x1b/0x2b [ 930.099146][ T1063] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 930.169609][ T1063] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 930.229605][ T1063] RSP: 0018:ffff88808ddbfb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13 [ 930.238184][ T1063] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000cf6 [ 930.279606][ T1063] RDX: 0000000000001000 RSI: 000000002060ac38 RDI: ffffc900067979b7 [ 930.287830][ T1063] RBP: ffff88808ddbfb48 R08: fffff52000cf3000 R09: 0000000000000000 [ 930.349610][ T1063] R10: fffff52000cf47ff R11: ffffc900067a3fff R12: 000000002060b281 [ 930.357578][ T1063] R13: 000000002060c281 R14: ffffc900067a3000 R15: 00007ffffffff000 [ 930.399632][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 930.404572][ T1063] write_mem+0x137/0x210 [ 930.408811][ T1063] do_loop_readv_writev.part.0+0x2ac/0x460 [ 930.439616][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 930.445861][ T1063] do_iter_write+0x2fa/0x380 [ 930.489616][ T1063] vfs_writev+0x1b3/0x2f0 [ 930.493945][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 930.498775][ T1063] ? find_held_lock+0x35/0x130 [ 930.549615][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 930.554647][ T1063] ? lock_downgrade+0x920/0x920 [ 930.559496][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 930.609612][ T1063] ? __fget_light+0x1a9/0x230 [ 930.614289][ T1063] do_pwritev+0x1c4/0x280 [ 930.618601][ T1063] ? do_writev+0x330/0x330 [ 930.669613][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 930.675078][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 930.709609][ T1063] ? do_syscall_64+0x26/0x760 [ 930.714367][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 930.739619][ T1063] ? do_syscall_64+0x26/0x760 [ 930.744293][ T1063] __x64_sys_pwritev+0x9a/0xf0 [ 930.749038][ T1063] do_syscall_64+0xfa/0x760 [ 930.779636][ T1063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 930.785640][ T1063] RIP: 0033:0x441329 [ 930.789520][ T1063] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 930.899606][ T1063] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 930.908019][ T1063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 930.979614][ T1063] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 930.987607][ T1063] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 931.019604][ T1063] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 931.027759][ T1063] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 931.079638][ T1063] INFO: task syz-executor948:8531 can't die for more than 145 seconds. [ 931.087862][ T1063] syz-executor948 R running task 28168 8531 8526 0x00004006 [ 931.129606][ T1063] Call Trace: [ 931.132916][ T1063] __schedule+0x76e/0x17d0 [ 931.137324][ T1063] ? __sched_text_start+0x8/0x8 [ 931.179622][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 931.184910][ T1063] ? lockdep_hardirqs_on+0x418/0x5d0 [ 931.219626][ T1063] ? trace_hardirqs_on+0x67/0x240 [ 931.224647][ T1063] preempt_schedule_irq+0xb5/0x160 [ 931.259626][ T1063] retint_kernel+0x1b/0x2b [ 931.264124][ T1063] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 931.299618][ T1063] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 931.379614][ T1063] RSP: 0018:ffff888090bcfb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13 [ 931.388149][ T1063] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000009 [ 931.439616][ T1063] RDX: 0000000000001000 RSI: 0000000020609735 RDI: ffffc900068114b4 [ 931.447588][ T1063] RBP: ffff888090bcfb48 R08: fffff52000d02400 R09: 0000000000000000 [ 931.479615][ T1063] R10: fffff52000d023ff R11: ffffc90006811fff R12: 0000000020609281 [ 931.487666][ T1063] R13: 000000002060a281 R14: ffffc90006811000 R15: 00007ffffffff000 [ 931.539644][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 931.544591][ T1063] write_mem+0x137/0x210 [ 931.548831][ T1063] do_loop_readv_writev.part.0+0x2ac/0x460 [ 931.579627][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 931.585884][ T1063] do_iter_write+0x2fa/0x380 [ 931.609626][ T1063] vfs_writev+0x1b3/0x2f0 [ 931.613948][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 931.618609][ T1063] ? find_held_lock+0x35/0x130 [ 931.649623][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 931.654561][ T1063] ? lock_downgrade+0x920/0x920 [ 931.659412][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 931.709611][ T1063] ? __fget_light+0x1a9/0x230 [ 931.714290][ T1063] do_pwritev+0x1c4/0x280 [ 931.718609][ T1063] ? do_writev+0x330/0x330 [ 931.749613][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 931.755178][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 931.779629][ T1063] ? do_syscall_64+0x26/0x760 [ 931.784298][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 931.809617][ T1063] ? do_syscall_64+0x26/0x760 [ 931.814292][ T1063] __x64_sys_pwritev+0x9a/0xf0 [ 931.819047][ T1063] do_syscall_64+0xfa/0x760 [ 931.850380][ T1063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 931.856259][ T1063] RIP: 0033:0x441329 [ 931.889610][ T1063] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 931.969625][ T1063] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 931.978037][ T1063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 932.029617][ T1063] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 932.037581][ T1063] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 932.069606][ T1063] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 932.077658][ T1063] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 932.119629][ T1063] INFO: task syz-executor948:8532 can't die for more than 146 seconds. [ 932.127848][ T1063] syz-executor948 R running task 28168 8532 8524 0x00004006 [ 932.189603][ T1063] Call Trace: [ 932.192898][ T1063] __schedule+0x776/0x17d0 [ 932.197309][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 932.229611][ T1063] ? __sched_text_start+0x8/0x8 [ 932.234461][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 932.269628][ T1063] ? lockdep_hardirqs_on+0x418/0x5d0 [ 932.275020][ T1063] ? trace_hardirqs_on+0x67/0x240 [ 932.299651][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 932.305194][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 932.329625][ T1063] preempt_schedule_irq+0xb5/0x160 [ 932.334899][ T1063] retint_kernel+0x1b/0x2b [ 932.339295][ T1063] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 932.379620][ T1063] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 932.459603][ T1063] RSP: 0018:ffff88809134fb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13 [ 932.468021][ T1063] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 00000000000007d0 [ 932.529607][ T1063] RDX: 0000000000001000 RSI: 000000002061d437 RDI: ffffc900068871b6 [ 932.537581][ T1063] RBP: ffff88809134fb48 R08: fffff52000d11000 R09: 0000000000000000 [ 932.569601][ T1063] R10: fffff52000d10fff R11: ffffc90006887fff R12: 000000002061d281 [ 932.577574][ T1063] R13: 000000002061e281 R14: ffffc90006887000 R15: 00007ffffffff000 [ 932.619705][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 932.624727][ T1063] write_mem+0x137/0x210 [ 932.628964][ T1063] do_loop_readv_writev.part.0+0x2ac/0x460 [ 932.669631][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 932.675963][ T1063] do_iter_write+0x2fa/0x380 [ 932.719623][ T1063] vfs_writev+0x1b3/0x2f0 [ 932.723949][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 932.728616][ T1063] ? find_held_lock+0x35/0x130 [ 932.769611][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 932.774552][ T1063] ? lock_downgrade+0x920/0x920 [ 932.779405][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 932.809611][ T1063] ? __fget_light+0x1a9/0x230 [ 932.814282][ T1063] do_pwritev+0x1c4/0x280 [ 932.818598][ T1063] ? do_writev+0x330/0x330 [ 932.869612][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 932.875065][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 932.919605][ T1063] ? do_syscall_64+0x26/0x760 [ 932.924276][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 932.949605][ T1063] ? do_syscall_64+0x26/0x760 [ 932.954279][ T1063] __x64_sys_pwritev+0x9a/0xf0 [ 932.959036][ T1063] do_syscall_64+0xfa/0x760 [ 932.989614][ T1063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 932.995499][ T1063] RIP: 0033:0x441329 [ 932.999390][ T1063] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 933.109601][ T1063] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 933.118219][ T1063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 933.179613][ T1063] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 933.187583][ T1063] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 933.229603][ T1063] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 933.237573][ T1063] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 933.280310][ T1063] INFO: task syz-executor948:8533 can't die for more than 147 seconds. [ 933.288654][ T1063] syz-executor948 R running task 28168 8533 8527 0x00004006 [ 933.329617][ T1063] Call Trace: [ 933.332906][ T1063] __schedule+0x76e/0x17d0 [ 933.337315][ T1063] ? __sched_text_start+0x8/0x8 [ 933.389614][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 933.394908][ T1063] ? lockdep_hardirqs_on+0x418/0x5d0 [ 933.429619][ T1063] ? trace_hardirqs_on+0x67/0x240 [ 933.434658][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 933.459623][ T1063] preempt_schedule_irq+0xb5/0x160 [ 933.464728][ T1063] retint_kernel+0x1b/0x2b [ 933.469132][ T1063] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 933.499684][ T1063] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 933.569600][ T1063] RSP: 0018:ffff88808dc87b10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13 [ 933.578013][ T1063] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000a14 [ 933.639596][ T1063] RDX: 0000000000001000 RSI: 0000000020628255 RDI: ffffc900068ebfd4 [ 933.647648][ T1063] RBP: ffff88808dc87b48 R08: fffff52000d1d800 R09: 0000000000000000 [ 933.709592][ T1063] R10: fffff52000d1f7ff R11: ffffc900068fbfff R12: 0000000020628281 [ 933.717638][ T1063] R13: 0000000020629281 R14: ffffc900068fb000 R15: 00007ffffffff000 [ 933.769629][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 933.774651][ T1063] write_mem+0x137/0x210 [ 933.778880][ T1063] do_loop_readv_writev.part.0+0x2ac/0x460 [ 933.829644][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 933.835899][ T1063] do_iter_write+0x2fa/0x380 [ 933.869609][ T1063] vfs_writev+0x1b3/0x2f0 [ 933.874044][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 933.878706][ T1063] ? find_held_lock+0x35/0x130 [ 933.909610][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 933.914627][ T1063] ? lock_downgrade+0x920/0x920 [ 933.919474][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 933.959642][ T1063] ? __fget_light+0x1a9/0x230 [ 933.964404][ T1063] do_pwritev+0x1c4/0x280 [ 933.968726][ T1063] ? do_writev+0x330/0x330 [ 934.009607][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 934.015056][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 934.049613][ T1063] ? do_syscall_64+0x26/0x760 [ 934.054277][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.099614][ T1063] ? do_syscall_64+0x26/0x760 [ 934.104289][ T1063] __x64_sys_pwritev+0x9a/0xf0 [ 934.109039][ T1063] do_syscall_64+0xfa/0x760 [ 934.159620][ T1063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.165588][ T1063] RIP: 0033:0x441329 [ 934.169468][ T1063] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 934.269610][ T1063] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 934.278111][ T1063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 934.349605][ T1063] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 934.357579][ T1063] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 934.399601][ T1063] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 934.407571][ T1063] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 934.459657][ T1063] INFO: task syz-executor948:8534 can't die for more than 148 seconds. [ 934.467892][ T1063] syz-executor948 R running task 28168 8534 8528 0x00004006 [ 934.499607][ T1063] Call Trace: [ 934.502898][ T1063] __schedule+0x76e/0x17d0 [ 934.507308][ T1063] ? __sched_text_start+0x8/0x8 [ 934.549610][ T1063] ? preempt_schedule_irq+0x8d/0x160 [ 934.554891][ T1063] ? lockdep_hardirqs_on+0x418/0x5d0 [ 934.599606][ T1063] ? trace_hardirqs_on+0x67/0x240 [ 934.604639][ T1063] preempt_schedule_irq+0xb5/0x160 [ 934.629626][ T1063] retint_kernel+0x1b/0x2b [ 934.634033][ T1063] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 934.669605][ T1063] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 934.739601][ T1063] RSP: 0018:ffff88808e357b10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13 [ 934.748011][ T1063] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000b58 [ 934.799597][ T1063] RDX: 0000000000001000 RSI: 0000000020628c53 RDI: ffffc9000696d9d2 [ 934.807555][ T1063] RBP: ffff88808e357b48 R08: fffff52000d2dc00 R09: 0000000000000000 [ 934.849603][ T1063] R10: fffff52000d2ebff R11: ffffc90006975fff R12: 0000000020629281 [ 934.857665][ T1063] R13: 000000002062a281 R14: ffffc90006975000 R15: 00007ffffffff000 [ 934.899623][ T1063] ? _copy_from_user+0x15a/0x1a0 [ 934.904575][ T1063] write_mem+0x137/0x210 [ 934.908808][ T1063] do_loop_readv_writev.part.0+0x2ac/0x460 [ 934.959615][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 934.965861][ T1063] do_iter_write+0x2fa/0x380 [ 935.009612][ T1063] vfs_writev+0x1b3/0x2f0 [ 935.013939][ T1063] ? vfs_iter_write+0xb0/0xb0 [ 935.018601][ T1063] ? find_held_lock+0x35/0x130 [ 935.049609][ T1063] ? __do_page_fault+0x56a/0xdd0 [ 935.054565][ T1063] ? lock_downgrade+0x920/0x920 [ 935.059413][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 935.089617][ T1063] ? __fget_light+0x1a9/0x230 [ 935.094308][ T1063] do_pwritev+0x1c4/0x280 [ 935.098624][ T1063] ? do_writev+0x330/0x330 [ 935.159607][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 935.165062][ T1063] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 935.199627][ T1063] ? do_syscall_64+0x26/0x760 [ 935.204294][ T1063] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 935.239605][ T1063] ? do_syscall_64+0x26/0x760 [ 935.244470][ T1063] __x64_sys_pwritev+0x9a/0xf0 [ 935.249228][ T1063] do_syscall_64+0xfa/0x760 [ 935.279609][ T1063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 935.285509][ T1063] RIP: 0033:0x441329 [ 935.289396][ T1063] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 935.399600][ T1063] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 935.408100][ T1063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 935.449608][ T1063] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 935.457682][ T1063] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 935.529602][ T1063] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 935.537588][ T1063] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 935.579631][ T1063] [ 935.579631][ T1063] Showing all locks held in the system: [ 935.587348][ T1063] 1 lock held by khungtaskd/1063: [ 935.620392][ T1063] #0: ffffffff88fa9ac0 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e [ 935.679667][ T1063] 1 lock held by rsyslogd/8408: [ 935.684508][ T1063] #0: ffff8880a1dc98e0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 935.729605][ T1063] 2 locks held by getty/8498: [ 935.734878][ T1063] #0: ffff888091b4e390 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 935.779623][ T1063] #1: ffffc90005f392e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 935.789175][ T1063] 2 locks held by getty/8499: [ 935.829593][ T1063] #0: ffff8880876b8410 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 935.838527][ T1063] #1: ffffc90005f352e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 935.899601][ T1063] 2 locks held by getty/8500: [ 935.904369][ T1063] #0: ffff888087ac2e10 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 935.949603][ T1063] #1: ffffc90005f532e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 935.959144][ T1063] 2 locks held by getty/8501: [ 936.009600][ T1063] #0: ffff888087ac3690 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 936.018541][ T1063] #1: ffffc90005f4f2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 936.089604][ T1063] 2 locks held by getty/8502: [ 936.094264][ T1063] #0: ffff888096e91650 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 936.139600][ T1063] #1: ffffc90005f4b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 936.149157][ T1063] 2 locks held by getty/8503: [ 936.179612][ T1063] #0: ffff88808f734490 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 936.188631][ T1063] #1: ffffc90005f432e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 936.259601][ T1063] 2 locks held by getty/8504: [ 936.264266][ T1063] #0: ffff8880942a4310 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 936.309601][ T1063] #1: ffffc90005f212e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 [ 936.319269][ T1063] [ 936.359596][ T1063] ============================================= [ 936.359596][ T1063] [ 936.368093][ T1063] NMI backtrace for cpu 0 [ 936.372453][ T1063] CPU: 0 PID: 1063 Comm: khungtaskd Not tainted 5.3.0-rc5-next-20190821 #70 [ 936.381102][ T1063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.391133][ T1063] Call Trace: [ 936.394407][ T1063] dump_stack+0x172/0x1f0 [ 936.398728][ T1063] nmi_cpu_backtrace.cold+0x70/0xb2 [ 936.403911][ T1063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 936.410137][ T1063] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 936.415761][ T1063] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 936.421731][ T1063] arch_trigger_cpumask_backtrace+0x14/0x20 [ 936.427695][ T1063] watchdog+0xc99/0x1360 [ 936.431930][ T1063] kthread+0x361/0x430 [ 936.436077][ T1063] ? reset_hung_task_detector+0x30/0x30 [ 936.441608][ T1063] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 936.447832][ T1063] ret_from_fork+0x24/0x30 [ 936.452298][ T1063] Sending NMI from CPU 0 to CPUs 1: [ 936.457849][ C1] NMI backtrace for cpu 1 [ 936.457854][ C1] CPU: 1 PID: 8530 Comm: syz-executor948 Not tainted 5.3.0-rc5-next-20190821 #70 [ 936.457859][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.457863][ C1] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 936.457872][ C1] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 936.457875][ C1] RSP: 0018:ffff88808ddbfb10 EFLAGS: 00010206 [ 936.457882][ C1] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000a1e [ 936.457886][ C1] RDX: 0000000000001000 RSI: 0000000020642863 RDI: ffffc90006a1f5e2 [ 936.457890][ C1] RBP: ffff88808ddbfb48 R08: fffff52000d44000 R09: 0000000000000000 [ 936.457894][ C1] R10: fffff52000d43fff R11: ffffc90006a1ffff R12: 0000000020642281 [ 936.457898][ C1] R13: 0000000020643281 R14: ffffc90006a1f000 R15: 00007ffffffff000 [ 936.457902][ C1] FS: 00005555566ee880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 936.457906][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 936.457910][ C1] CR2: 000000000221b000 CR3: 0000000094aa8000 CR4: 00000000001406e0 [ 936.457914][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 936.457918][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 936.457921][ C1] Call Trace: [ 936.457923][ C1] ? _copy_from_user+0x15a/0x1a0 [ 936.457926][ C1] write_mem+0x137/0x210 [ 936.457929][ C1] do_loop_readv_writev.part.0+0x2ac/0x460 [ 936.457933][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 936.457935][ C1] do_iter_write+0x2fa/0x380 [ 936.457938][ C1] vfs_writev+0x1b3/0x2f0 [ 936.457941][ C1] ? vfs_iter_write+0xb0/0xb0 [ 936.457944][ C1] ? find_held_lock+0x35/0x130 [ 936.457947][ C1] ? __do_page_fault+0x56a/0xdd0 [ 936.457949][ C1] ? lock_downgrade+0x920/0x920 [ 936.457953][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 936.457956][ C1] ? __fget_light+0x1a9/0x230 [ 936.457958][ C1] do_pwritev+0x1c4/0x280 [ 936.457961][ C1] ? do_writev+0x330/0x330 [ 936.457964][ C1] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 936.457968][ C1] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 936.457970][ C1] ? do_syscall_64+0x26/0x760 [ 936.457974][ C1] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 936.457977][ C1] ? do_syscall_64+0x26/0x760 [ 936.457980][ C1] __x64_sys_pwritev+0x9a/0xf0 [ 936.457983][ C1] do_syscall_64+0xfa/0x760 [ 936.457986][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 936.457988][ C1] RIP: 0033:0x441329 [ 936.457997][ C1] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 936.458000][ C1] RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 936.458008][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329 [ 936.458012][ C1] RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003 [ 936.458016][ C1] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 [ 936.458020][ C1] R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0 [ 936.458024][ C1] R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000 [ 936.649603][ T1063] Kernel panic - not syncing: hung_task: blocked tasks [ 936.784266][ T1063] CPU: 0 PID: 1063 Comm: khungtaskd Not tainted 5.3.0-rc5-next-20190821 #70 [ 936.792917][ T1063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.802961][ T1063] Call Trace: [ 936.806244][ T1063] dump_stack+0x172/0x1f0 [ 936.810558][ T1063] panic+0x2dc/0x755 [ 936.814433][ T1063] ? add_taint.cold+0x16/0x16 [ 936.819095][ T1063] ? lapic_can_unplug_cpu.cold+0x45/0x45 [ 936.824720][ T1063] ? ___preempt_schedule+0x16/0x20 [ 936.829814][ T1063] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 936.835963][ T1063] ? nmi_trigger_cpumask_backtrace+0x24c/0x28b [ 936.842270][ T1063] ? nmi_trigger_cpumask_backtrace+0x256/0x28b [ 936.848407][ T1063] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 936.854558][ T1063] watchdog+0xcaa/0x1360 [ 936.858787][ T1063] kthread+0x361/0x430 [ 936.862836][ T1063] ? reset_hung_task_detector+0x30/0x30 [ 936.868363][ T1063] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 936.874586][ T1063] ret_from_fork+0x24/0x30 [ 936.880396][ T1063] Kernel Offset: disabled [ 936.884713][ T1063] Rebooting in 86400 seconds..