[ 42.996185][ T26] audit: type=1800 audit(1555039289.253:29): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 43.018415][ T26] audit: type=1800 audit(1555039289.253:30): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Starting mcstransd:
[....] Starting file context maintaining daemon: restorecond�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.97' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 552.765242][ T26] kauditd_printk_skb: 5 callbacks suppressed
[ 552.765254][ T26] audit: type=1400 audit(1555039799.023:36): avc: denied { map } for pid=8311 comm="syz-executor612" path="/root/syz-executor612582119" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[ 552.851371][ T26] audit: type=1804 audit(1555039799.103:37): pid=8311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor612" name="/root/bus" dev="sda1" ino=2339 res=1
[ 552.862071][ C1] hrtimer: interrupt took 22548 ns
[ 716.062092][ C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 163s!
[ 716.071357][ C0] Showing busy workqueues and worker pools:
[ 716.077364][ C0] workqueue events: flags=0x0
[ 716.082132][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256
[ 716.090258][ C0] pending: cache_reap, psi_update_work
[ 716.096091][ C0]
[ 716.096096][ C0] ======================================================
[ 716.096099][ C0] WARNING: possible circular locking dependency detected
[ 716.096101][ C0] 5.1.0-rc4+ #64 Not tainted
[ 716.096104][ C0] ------------------------------------------------------
[ 716.096107][ C0] swapper/0/0 is trying to acquire lock:
[ 716.096109][ C0] 00000000100a811d (console_owner){-.-.}, at: console_unlock+0x3fc/0xeb0
[ 716.096117][ C0]
[ 716.096119][ C0] but task is already holding lock:
[ 716.096121][ C0] 00000000e8b641a8 (&(&pool->lock)->rlock){-.-.}, at: show_workqueue_state.cold+0x879/0x11dc
[ 716.096129][ C0]
[ 716.096132][ C0] which lock already depends on the new lock.
[ 716.096133][ C0]
[ 716.096135][ C0]
[ 716.096138][ C0] the existing dependency chain (in reverse order) is:
[ 716.096139][ C0]
[ 716.096140][ C0] -> #4 (&(&pool->lock)->rlock){-.-.}:
[ 716.096148][ C0] lock_acquire+0x16f/0x3f0
[ 716.096150][ C0] _raw_spin_lock+0x2f/0x40
[ 716.096152][ C0] __queue_work+0x23d/0x1180
[ 716.096154][ C0] queue_work_on+0x192/0x200
[ 716.096156][ C0] put_pwq+0x178/0x1d0
[ 716.096159][ C0] put_pwq_unlocked.part.0+0x34/0x70
[ 716.096161][ C0] destroy_workqueue+0x623/0x700
[ 716.096164][ C0] floppy_async_init+0x2031/0x2183
[ 716.096166][ C0] async_run_entry_fn+0x126/0x570
[ 716.096168][ C0] process_one_work+0x98e/0x1790
[ 716.096171][ C0] worker_thread+0x98/0xe40
[ 716.096172][ C0] kthread+0x357/0x430
[ 716.096175][ C0] ret_from_fork+0x3a/0x50
[ 716.096176][ C0]
[ 716.096177][ C0] -> #3 (&pool->lock/1){..-.}:
[ 716.096185][ C0] lock_acquire+0x16f/0x3f0
[ 716.096188][ C0] _raw_spin_lock+0x2f/0x40
[ 716.096190][ C0] __queue_work+0x23d/0x1180
[ 716.096192][ C0] queue_work_on+0x192/0x200
[ 716.096195][ C0] tty_flip_buffer_push+0xc5/0x100
[ 716.096197][ C0] pty_write+0x1a6/0x200
[ 716.096199][ C0] n_tty_write+0xb06/0x1150
[ 716.096202][ C0] tty_write+0x45b/0x7a0
[ 716.096204][ C0] __vfs_write+0x8d/0x110
[ 716.096206][ C0] vfs_write+0x20c/0x580
[ 716.096208][ C0] ksys_write+0x14f/0x2d0
[ 716.096210][ C0] __x64_sys_write+0x73/0xb0
[ 716.096213][ C0] do_syscall_64+0x103/0x610
[ 716.096215][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 716.096217][ C0]
[ 716.096218][ C0] -> #2 (&(&port->lock)->rlock){-.-.}:
[ 716.096228][ C0] lock_acquire+0x16f/0x3f0
[ 716.096230][ C0] _raw_spin_lock_irqsave+0x95/0xcd
[ 716.096232][ C0] tty_port_tty_get+0x22/0x80
[ 716.096235][ C0] tty_port_default_wakeup+0x16/0x40
[ 716.096237][ C0] tty_port_tty_wakeup+0x5d/0x70
[ 716.096240][ C0] uart_write_wakeup+0x46/0x70
[ 716.096242][ C0] serial8250_tx_chars+0x4a4/0xb20
[ 716.096245][ C0] serial8250_handle_irq.part.0+0x1be/0x2e0
[ 716.096248][ C0] serial8250_default_handle_irq+0xc5/0x150
[ 716.096250][ C0] serial8250_interrupt+0xfb/0x1a0
[ 716.096253][ C0] __handle_irq_event_percpu+0x146/0x900
[ 716.096256][ C0] handle_irq_event_percpu+0x74/0x160
[ 716.096258][ C0] handle_irq_event+0xa7/0x134
[ 716.096260][ C0] handle_edge_irq+0x264/0x8e0
[ 716.096262][ C0] handle_irq+0x252/0x3d8
[ 716.096264][ C0] do_IRQ+0x99/0x1d0
[ 716.096266][ C0] ret_from_intr+0x0/0x1e
[ 716.096269][ C0] native_safe_halt+0x2/0x10
[ 716.096271][ C0] arch_cpu_idle+0x10/0x20
[ 716.096273][ C0] default_idle_call+0x36/0x90
[ 716.096275][ C0] do_idle+0x386/0x570
[ 716.096277][ C0] cpu_startup_entry+0x1b/0x20
[ 716.096280][ C0] start_secondary+0x360/0x4d0
[ 716.096282][ C0] secondary_startup_64+0xa4/0xb0
[ 716.096283][ C0]
[ 716.096284][ C0] -> #1 (&port_lock_key){-.-.}:
[ 716.096292][ C0] lock_acquire+0x16f/0x3f0
[ 716.096294][ C0] _raw_spin_lock_irqsave+0x95/0xcd
[ 716.096297][ C0] serial8250_console_write+0x253/0x9c0
[ 716.096299][ C0] univ8250_console_write+0x5f/0x70
[ 716.096301][ C0] console_unlock+0xb1e/0xeb0
[ 716.096303][ C0] vprintk_emit+0x280/0x6d0
[ 716.096306][ C0] vprintk_default+0x28/0x30
[ 716.096308][ C0] vprintk_func+0x7e/0x189
[ 716.096310][ C0] printk+0xba/0xed
[ 716.096312][ C0] register_console+0x74d/0xb50
[ 716.096314][ C0] univ8250_console_init+0x3e/0x4b
[ 716.096317][ C0] console_init+0x4f7/0x761
[ 716.096319][ C0] start_kernel+0x574/0x84f
[ 716.096321][ C0] x86_64_start_reservations+0x29/0x2b
[ 716.096324][ C0] x86_64_start_kernel+0x77/0x7b
[ 716.096326][ C0] secondary_startup_64+0xa4/0xb0
[ 716.096327][ C0]
[ 716.096328][ C0] -> #0 (console_owner){-.-.}:
[ 716.096336][ C0] __lock_acquire+0x239c/0x3fb0
[ 716.096338][ C0] lock_acquire+0x16f/0x3f0
[ 716.096340][ C0] console_unlock+0x466/0xeb0
[ 716.096342][ C0] vprintk_emit+0x280/0x6d0
[ 716.096344][ C0] vprintk_default+0x28/0x30
[ 716.096347][ C0] vprintk_func+0x7e/0x189
[ 716.096349][ C0] printk+0xba/0xed
[ 716.096351][ C0] show_workqueue_state.cold+0x9e4/0x11dc
[ 716.096354][ C0] wq_watchdog_timer_fn+0x516/0x5a0
[ 716.096356][ C0] call_timer_fn+0x190/0x720
[ 716.096358][ C0] run_timer_softirq+0xd03/0x1700
[ 716.096360][ C0] __do_softirq+0x266/0x95a
[ 716.096362][ C0] irq_exit+0x180/0x1d0
[ 716.096365][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 716.096367][ C0] apic_timer_interrupt+0xf/0x20
[ 716.096369][ C0] native_safe_halt+0x2/0x10
[ 716.096372][ C0] arch_cpu_idle+0x10/0x20
[ 716.096374][ C0] default_idle_call+0x36/0x90
[ 716.096376][ C0] do_idle+0x386/0x570
[ 716.096378][ C0] cpu_startup_entry+0x1b/0x20
[ 716.096381][ C0] rest_init+0x245/0x37b
[ 716.096383][ C0] arch_call_rest_init+0xe/0x1b
[ 716.096385][ C0] start_kernel+0x816/0x84f
[ 716.096388][ C0] x86_64_start_reservations+0x29/0x2b
[ 716.096390][ C0] x86_64_start_kernel+0x77/0x7b
[ 716.096393][ C0] secondary_startup_64+0xa4/0xb0
[ 716.096394][ C0]
[ 716.096396][ C0] other info that might help us debug this:
[ 716.096398][ C0]
[ 716.096399][ C0] Chain exists of:
[ 716.096400][ C0] console_owner --> &pool->lock/1 --> &(&pool->lock)->rlock
[ 716.096411][ C0]
[ 716.096413][ C0] Possible unsafe locking scenario:
[ 716.096414][ C0]
[ 716.096417][ C0] CPU0 CPU1
[ 716.096419][ C0] ---- ----
[ 716.096420][ C0] lock(&(&pool->lock)->rlock);
[ 716.096426][ C0] lock(&pool->lock/1);
[ 716.096432][ C0] lock(&(&pool->lock)->rlock);
[ 716.096436][ C0] lock(console_owner);
[ 716.096440][ C0]
[ 716.096442][ C0] *** DEADLOCK ***
[ 716.096443][ C0]
[ 716.096445][ C0] 4 locks held by swapper/0/0:
[ 716.096446][ C0] #0: 00000000e47d4186 ((&wq_watchdog_timer)){+.-.}, at: call_timer_fn+0xda/0x720
[ 716.096455][ C0] #1: 00000000841dfacf (rcu_read_lock_sched){....}, at: show_workqueue_state+0x0/0x120
[ 716.096465][ C0] #2: 00000000e8b641a8 (&(&pool->lock)->rlock){-.-.}, at: show_workqueue_state.cold+0x879/0x11dc
[ 716.096474][ C0] #3: 000000006d1ed1ba (console_lock){+.+.}, at: vprintk_emit+0x267/0x6d0
[ 716.096483][ C0]
[ 716.096485][ C0] stack backtrace:
[ 716.096488][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.1.0-rc4+ #64
[ 716.096492][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 716.096493][ C0] Call Trace:
[ 716.096495][ C0]
[ 716.096496][ C0] dump_stack+0x172/0x1f0
[ 716.096499][ C0] print_circular_bug.isra.0.cold+0x1cc/0x28f
[ 716.096501][ C0] check_prev_add.constprop.0+0xf11/0x23c0
[ 716.096503][ C0] ? check_usage+0x570/0x570
[ 716.096505][ C0] ? graph_lock+0x7b/0x200
[ 716.096508][ C0] ? __lockdep_reset_lock+0x450/0x450
[ 716.096510][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 716.096513][ C0] ? find_first_zero_bit+0x9a/0xc0
[ 716.096515][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 716.096517][ C0] __lock_acquire+0x239c/0x3fb0
[ 716.096520][ C0] ? __sanitizer_cov_trace_switch+0x49/0x80
[ 716.096522][ C0] ? mark_held_locks+0xf0/0xf0
[ 716.096524][ C0] ? kasan_check_write+0x14/0x20
[ 716.096526][ C0] lock_acquire+0x16f/0x3f0
[ 716.096528][ C0] ? console_unlock+0x3fc/0xeb0
[ 716.096530][ C0] console_unlock+0x466/0xeb0
[ 716.096532][ C0] ? console_unlock+0x3fc/0xeb0
[ 716.096534][ C0] vprintk_emit+0x280/0x6d0
[ 716.096536][ C0] vprintk_default+0x28/0x30
[ 716.096538][ C0] vprintk_func+0x7e/0x189
[ 716.096540][ C0] ? printk+0xba/0xed
[ 716.096542][ C0] printk+0xba/0xed
[ 716.096544][ C0] ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 716.096546][ C0] ? show_workqueue_state.cold+0x879/0x11dc
[ 716.096549][ C0] show_workqueue_state.cold+0x9e4/0x11dc
[ 716.096551][ C0] ? wq_watchdog_timer_fn+0x3f9/0x5a0
[ 716.096553][ C0] ? idr_get_next+0x1a6/0x230
[ 716.096555][ C0] ? print_worker_info+0x280/0x280
[ 716.096558][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 716.096560][ C0] ? kasan_check_read+0x11/0x20
[ 716.096562][ C0] wq_watchdog_timer_fn+0x516/0x5a0
[ 716.096565][ C0] ? show_workqueue_state+0x120/0x120
[ 716.096567][ C0] call_timer_fn+0x190/0x720
[ 716.096569][ C0] ? show_workqueue_state+0x120/0x120
[ 716.096571][ C0] ? process_timeout+0x40/0x40
[ 716.096573][ C0] ? run_timer_softirq+0xcf8/0x1700
[ 716.096575][ C0] ? trace_hardirqs_on+0x67/0x230
[ 716.096577][ C0] ? kasan_check_read+0x11/0x20
[ 716.096580][ C0] ? show_workqueue_state+0x120/0x120
[ 716.096582][ C0] run_timer_softirq+0xd03/0x1700
[ 716.096584][ C0] ? add_timer+0xbe0/0xbe0
[ 716.096586][ C0] ? retint_kernel+0x2d/0x2d
[ 716.096589][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 716.096592][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 716.096594][ C0] __do_softirq+0x266/0x95a
[ 716.096596][ C0] ? sched_clock_cpu+0x1b/0x1b0
[ 716.096598][ C0] irq_exit+0x180/0x1d0
[ 716.096600][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 716.096603][ C0] apic_timer_interrupt+0xf/0x20
[ 716.096604][ C0]
[ 716.096606][ C0] RIP: 0010:native_safe_halt+0x2/0x10
[ 716.096615][ C0] Code: ff ff ff 48 89 c7 48 89 45 d8 e8 79 ef 97 fa 48 8b 45 d8 e9 ce fe ff ff 48 89 df e8 68 ef 97 fa eb 82 90 90 90 90 90 90 fb f4 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f4 c3 90 90 90 90 90 90
[ 716.096617][ C0] RSP: 0018:ffffffff88807d08 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[ 716.096623][ C0] RAX: 1ffffffff11252d1 RBX: ffffffff8887e080 RCX: 0000000000000000
[ 716.096626][ C0] RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffffffff8887e8fc
[ 716.096629][ C0] RBP: ffffffff88807d38 R08: ffffffff8887e080 R09: 0000000000000000
[ 716.096633][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 716.096636][ C0] R13: ffffffff88929678 R14: 0000000000000000 R15: 0000000000000000
[ 716.096638][ C0] ? default_idle+0x4e/0x330
[ 716.096640][ C0] arch_cpu_idle+0x10/0x20
[ 716.096642][ C0] default_idle_call+0x36/0x90
[ 716.096644][ C0] do_idle+0x386/0x570
[ 716.096646][ C0] ? arch_cpu_idle_exit+0x80/0x80
[ 716.096648][ C0] ? trace_hardirqs_on+0x67/0x230
[ 716.096651][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 716.096653][ C0] ? debug_smp_processor_id+0x3c/0x280
[ 716.096655][ C0] cpu_startup_entry+0x1b/0x20
[ 716.096657][ C0] rest_init+0x245/0x37b
[ 716.096659][ C0] arch_call_rest_init+0xe/0x1b
[ 716.096661][ C0] start_kernel+0x816/0x84f
[ 716.096663][ C0] ? mem_encrypt_init+0xb/0xb
[ 716.096666][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 716.096668][ C0] ? x86_family+0x41/0x50
[ 716.096670][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 716.096672][ C0] x86_64_start_reservations+0x29/0x2b
[ 716.096675][ C0] x86_64_start_kernel+0x77/0x7b
[ 716.096677][ C0] secondary_startup_64+0xa4/0xb0
[ 717.266965][ C0] workqueue events_power_efficient: flags=0x80
[ 717.273129][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256
[ 717.279990][ C0] pending: gc_worker, do_cache_clean, check_lifetime
[ 717.287064][ C0] workqueue mm_percpu_wq: flags=0x8
[ 717.292269][ C0] pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256
[ 717.299125][ C0] pending: vmstat_update