[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.337614] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.562743] random: sshd: uninitialized urandom read (32 bytes read) [ 22.897163] random: sshd: uninitialized urandom read (32 bytes read) [ 23.770666] random: sshd: uninitialized urandom read (32 bytes read) [ 559.924194] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts. [ 565.344229] random: sshd: uninitialized urandom read (32 bytes read) 2018/07/30 07:10:48 parsed 1 programs [ 566.578906] random: cc1: uninitialized urandom read (8 bytes read) 2018/07/30 07:10:50 executed programs: 0 [ 567.474064] IPVS: ftp: loaded support on port[0] = 21 [ 567.666245] bridge0: port 1(bridge_slave_0) entered blocking state [ 567.672738] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.682439] device bridge_slave_0 entered promiscuous mode [ 567.698724] bridge0: port 2(bridge_slave_1) entered blocking state [ 567.705141] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.712572] device bridge_slave_1 entered promiscuous mode [ 567.727589] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 567.743101] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 567.781733] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 567.798400] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 567.855628] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 567.862935] team0: Port device team_slave_0 added [ 567.876517] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 567.883564] team0: Port device team_slave_1 added [ 567.898117] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 567.913749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 567.929846] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 567.945585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 568.056277] bridge0: port 2(bridge_slave_1) entered blocking state [ 568.062731] bridge0: port 2(bridge_slave_1) entered forwarding state [ 568.069576] bridge0: port 1(bridge_slave_0) entered blocking state [ 568.075950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 568.466366] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 568.472488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 568.512057] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 568.551737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 568.560360] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 568.594797] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 568.600925] 8021q: adding VLAN 0 to HW filter on device team0 [ 568.610234] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 2018/07/30 07:10:55 executed programs: 5 2018/07/30 07:11:00 executed programs: 11 2018/07/30 07:11:06 executed programs: 17 2018/07/30 07:11:11 executed programs: 23 2018/07/30 07:11:16 executed programs: 29 [ 861.151196] INFO: task syz-executor0:4946 blocked for more than 140 seconds. [ 861.158580] Not tainted 4.18.0-rc6+ #168 [ 861.163231] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.171289] syz-executor0 D25544 4946 4413 0x00000004 [ 861.177038] Call Trace: [ 861.179762] __schedule+0x87c/0x1ec0 [ 861.183566] ? __sched_text_start+0x8/0x8 [ 861.187764] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.192400] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 861.197554] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 861.202627] ? trace_hardirqs_on+0xd/0x10 [ 861.206831] ? prepare_to_wait_event+0x396/0xc70 [ 861.211650] ? prepare_to_wait_exclusive+0x550/0x550 [ 861.216823] schedule+0xfb/0x450 [ 861.220235] ? __schedule+0x1ec0/0x1ec0 [ 861.224254] ? check_same_owner+0x340/0x340 [ 861.228645] ? do_raw_spin_unlock+0xa7/0x2f0 [ 861.233111] ? replenish_dl_entity.cold.53+0x37/0x37 [ 861.238280] request_wait_answer+0x4c8/0x920 [ 861.242737] ? fuse_read_forget.isra.22+0xdc0/0xdc0 [ 861.247808] ? finish_wait+0x430/0x430 [ 861.251761] ? finish_wait+0x430/0x430 [ 861.255702] ? finish_wait+0x430/0x430 [ 861.259645] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.264300] ? fuse_dev_ioctl+0x430/0x430 [ 861.268517] ? kasan_check_write+0x14/0x20 [ 861.272803] ? do_raw_spin_lock+0xc1/0x200 [ 861.277114] __fuse_request_send+0x12a/0x1d0 [ 861.281592] fuse_request_send+0x62/0xa0 [ 861.285707] fuse_simple_request+0x33d/0x730 [ 861.290171] fuse_do_setattr+0xb03/0x1c90 [ 861.294368] ? fuse_flush_times+0x6f0/0x6f0 [ 861.298764] ? mark_held_locks+0xc9/0x160 [ 861.302983] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 861.308238] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.313828] ? timespec64_trunc+0xea/0x180 [ 861.318124] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 861.323371] fuse_setattr+0x244/0x570 [ 861.327219] ? fuse_do_setattr+0x1c90/0x1c90 [ 861.331680] notify_change+0xc0c/0x10f0 [ 861.335705] ? setattr_prepare+0x830/0x830 [ 861.339994] ? down_read+0x1d0/0x1d0 [ 861.343802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.349421] chmod_common+0x2a0/0x590 [ 861.353293] ? filp_close+0x250/0x250 [ 861.357155] do_fchmodat+0xc3/0x160 [ 861.360865] ? __ia32_sys_fchmod+0x80/0x80 [ 861.365176] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.369752] __x64_sys_chmod+0x5c/0x80 [ 861.373709] do_syscall_64+0x1b9/0x820 [ 861.377675] ? syscall_return_slowpath+0x5e0/0x5e0 [ 861.382675] ? syscall_return_slowpath+0x31d/0x5e0 [ 861.387700] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 861.393139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.398072] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 861.403322] RIP: 0033:0x456a09 [ 861.406581] Code: 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 <07> 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 [ 861.426155] RSP: 002b:00007f4ca23d2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000005a [ 861.433934] RAX: ffffffffffffffda RBX: 00007f4ca23d36d4 RCX: 0000000000456a09 [ 861.441296] RDX: 0000000000000000 RSI: 0000000000000150 RDI: 0000000020000140 [ 861.448629] RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000 [ 861.455970] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 861.463306] R13: 00000000004ca568 R14: 00000000004c1c78 R15: 0000000000000001 [ 861.470652] INFO: task syz-executor0:4947 blocked for more than 140 seconds. [ 861.477896] Not tainted 4.18.0-rc6+ #168 [ 861.482538] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.490554] syz-executor0 D25800 4947 4413 0x00000004 [ 861.496257] Call Trace: [ 861.498891] __schedule+0x87c/0x1ec0 [ 861.502672] ? __sched_text_start+0x8/0x8 [ 861.506874] ? trace_hardirqs_on+0x10/0x10 [ 861.511186] ? graph_lock+0x170/0x170 [ 861.515046] ? trace_hardirqs_on+0x10/0x10 [ 861.519343] schedule+0xfb/0x450 [ 861.522756] ? lock_downgrade+0x8f0/0x8f0 [ 861.526993] ? __schedule+0x1ec0/0x1ec0 [ 861.531049] ? mark_held_locks+0xc9/0x160 [ 861.535258] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.539901] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.544460] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 861.549528] rwsem_down_read_failed+0x362/0x600 [ 861.554273] ? rwsem_down_write_failed_killable+0x10/0x10 [ 861.561359] ? find_held_lock+0x36/0x1c0 [ 861.565482] ? lock_acquire+0x1e4/0x540 [ 861.569502] ? lookup_slow+0x49/0x80 [ 861.573279] ? lock_release+0xa30/0xa30 [ 861.577306] ? check_same_owner+0x340/0x340 [ 861.581694] call_rwsem_down_read_failed+0x18/0x30 [ 861.586944] down_read+0xc3/0x1d0 [ 861.590470] ? lookup_slow+0x49/0x80 [ 861.594225] ? __down_interruptible+0x700/0x700 [ 861.598974] ? lookup_fast+0x470/0x12a0 [ 861.603015] ? __follow_mount_rcu.isra.36.part.37+0x890/0x890 [ 861.608999] lookup_slow+0x49/0x80 [ 861.612602] walk_component+0x94a/0x2630 [ 861.616715] ? inode_permission+0xb2/0x560 [ 861.621013] ? path_init+0x2340/0x2340 [ 861.624978] ? walk_component+0x2630/0x2630 [ 861.629381] ? save_stack+0xa9/0xd0 [ 861.633065] ? save_stack+0x43/0xd0 [ 861.636751] ? kmem_cache_alloc+0x12e/0x760 [ 861.641129] ? getname_flags+0xd0/0x5a0 [ 861.645166] ? user_path_at_empty+0x2d/0x50 [ 861.649547] ? vfs_statx+0x129/0x210 [ 861.653323] path_lookupat.isra.45+0x202/0xbf0 [ 861.657968] ? find_held_lock+0x36/0x1c0 [ 861.662089] ? path_parentat.isra.43+0x160/0x160 [ 861.666919] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 861.672184] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 861.677257] ? __check_object_size+0x9d/0x5f2 [ 861.681812] ? usercopy_warn+0x120/0x120 [ 861.685945] ? kasan_check_read+0x11/0x20 [ 861.690156] ? do_raw_spin_unlock+0xa7/0x2f0 [ 861.694627] filename_lookup+0x264/0x510 [ 861.698744] ? filename_parentat.isra.58+0x570/0x570 [ 861.703917] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 861.709529] ? mpi_free.cold.1+0x19/0x19 [ 861.713650] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.719248] ? getname_flags+0x26e/0x5a0 [ 861.723373] ? graph_lock+0x170/0x170 [ 861.727275] user_path_at_empty+0x40/0x50 [ 861.731483] vfs_statx+0x129/0x210 [ 861.735093] ? vfs_statx_fd+0xc0/0xc0 [ 861.738958] ? find_held_lock+0x36/0x1c0 [ 861.743075] __do_sys_newlstat+0x8f/0x110 [ 861.747269] ? __do_sys_newstat+0x110/0x110 [ 861.751644] ? finish_task_switch+0x18a/0x870 [ 861.756192] ? kasan_check_read+0x11/0x20 [ 861.760416] ? do_raw_spin_unlock+0xa7/0x2f0 [ 861.764875] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.769522] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.774079] ? do_syscall_64+0x9a/0x820 [ 861.778113] __x64_sys_newlstat+0x54/0x80 [ 861.782314] do_syscall_64+0x1b9/0x820 [ 861.786267] ? syscall_return_slowpath+0x5e0/0x5e0 [ 861.791252] ? syscall_return_slowpath+0x31d/0x5e0 [ 861.796247] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 861.801671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.806603] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 861.811846] RIP: 0033:0x456a09 [ 861.815103] Code: 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 <07> 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 [ 861.834391] RSP: 002b:00007f4ca23b1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 861.842165] RAX: ffffffffffffffda RBX: 00007f4ca23b26d4 RCX: 0000000000456a09 [ 861.849499] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000000 [ 861.856820] RBP: 00000000009301e0 R08: 0000000000000000 R09: 0000000000000000 [ 861.864150] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 861.871482] R13: 00000000004d14f8 R14: 00000000004c6d78 R15: 0000000000000002 [ 861.878827] INFO: task syz-executor0:4949 blocked for more than 140 seconds. [ 861.886072] Not tainted 4.18.0-rc6+ #168 [ 861.890722] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.902066] syz-executor0 D22712 4949 4413 0x00000004 [ 861.907757] Call Trace: [ 861.910398] __schedule+0x87c/0x1ec0 [ 861.914183] ? preempt_notifier_register+0x200/0x200 [ 861.919340] ? __sched_text_start+0x8/0x8 [ 861.923553] ? trace_hardirqs_on+0x10/0x10 [ 861.927837] ? graph_lock+0x170/0x170 [ 861.931707] ? trace_hardirqs_on+0x10/0x10 [ 861.936011] schedule+0xfb/0x450 [ 861.939482] ? lock_downgrade+0x8f0/0x8f0 [ 861.943694] ? __schedule+0x1ec0/0x1ec0 [ 861.947724] ? mark_held_locks+0xc9/0x160 [ 861.951946] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.956583] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.961150] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 861.966233] rwsem_down_read_failed+0x362/0x600 [ 861.970965] ? rwsem_down_write_failed_killable+0x10/0x10 [ 861.976575] ? find_held_lock+0x36/0x1c0 [ 861.980696] ? lock_acquire+0x1e4/0x540 [ 861.984728] ? lookup_slow+0x49/0x80 [ 861.988511] ? lock_release+0xa30/0xa30 [ 861.992539] ? check_same_owner+0x340/0x340 [ 861.996932] call_rwsem_down_read_failed+0x18/0x30 [ 862.001938] down_read+0xc3/0x1d0 [ 862.005455] ? lookup_slow+0x49/0x80 [ 862.009217] ? __down_interruptible+0x700/0x700 [ 862.013967] ? lookup_fast+0x470/0x12a0 [ 862.018012] ? __follow_mount_rcu.isra.36.part.37+0x890/0x890 [ 862.024006] lookup_slow+0x49/0x80 [ 862.027624] walk_component+0x94a/0x2630 [ 862.031745] ? inode_permission+0xb2/0x560 [ 862.036052] ? path_init+0x2340/0x2340 [ 862.040000] ? walk_component+0x2630/0x2630 [ 862.044421] ? save_stack+0xa9/0xd0 [ 862.048105] ? save_stack+0x43/0xd0 [ 862.051783] ? kmem_cache_alloc+0x12e/0x760 [ 862.056167] ? getname_flags+0xd0/0x5a0 [ 862.060178] ? user_path_at_empty+0x2d/0x50 [ 862.064559] ? vfs_statx+0x129/0x210 [ 862.068326] path_lookupat.isra.45+0x202/0xbf0 [ 862.072983] ? find_held_lock+0x36/0x1c0 [ 862.077106] ? path_parentat.isra.43+0x160/0x160 [ 862.081935] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 862.087198] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 862.092283] ? __check_object_size+0x9d/0x5f2 [ 862.096836] ? usercopy_warn+0x120/0x120 [ 862.100980] ? kasan_check_read+0x11/0x20 [ 862.105189] ? do_raw_spin_unlock+0xa7/0x2f0 [ 862.109667] filename_lookup+0x264/0x510 [ 862.113783] ? filename_parentat.isra.58+0x570/0x570 [ 862.118955] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 862.124559] ? mpi_free.cold.1+0x19/0x19 [ 862.128682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.134288] ? getname_flags+0x26e/0x5a0 [ 862.138408] user_path_at_empty+0x40/0x50 [ 862.142614] vfs_statx+0x129/0x210 [ 862.146227] ? vfs_statx_fd+0xc0/0xc0 [ 862.150086] ? rw_verify_area+0x118/0x360 [ 862.154292] __do_sys_newlstat+0x8f/0x110 [ 862.158478] ? __do_sys_newstat+0x110/0x110 [ 862.162872] ? __x64_sys_futex+0x47f/0x6a0 [ 862.167161] ? do_futex+0x27d0/0x27d0 [ 862.171033] ? __ia32_sys_read+0xb0/0xb0 [ 862.175132] ? syscall_slow_exit_work+0x500/0x500 [ 862.180067] ? do_syscall_64+0x9a/0x820 [ 862.184098] __x64_sys_newlstat+0x54/0x80 [ 862.188311] do_syscall_64+0x1b9/0x820 [ 862.192243] ? finish_task_switch+0x1d3/0x870 [ 862.196795] ? syscall_return_slowpath+0x5e0/0x5e0 [ 862.201789] ? syscall_return_slowpath+0x31d/0x5e0 [ 862.206793] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 862.212229] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.217140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 862.222387] RIP: 0033:0x456a09 [ 862.225622] Code: 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 <07> 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 [ 862.244935] RSP: 002b:00007f4ca236fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 862.252716] RAX: ffffffffffffffda RBX: 00007f4ca23706d4 RCX: 0000000000456a09 [ 862.260056] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000000 [ 862.267367] RBP: 0000000000930320 R08: 0000000000000000 R09: 0000000000000000 [ 862.274697] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 862.282034] R13: 00000000004d14f8 R14: 00000000004c6d78 R15: 0000000000000004 [ 862.289384] INFO: task syz-executor0:4950 blocked for more than 140 seconds. [ 862.296707] Not tainted 4.18.0-rc6+ #168 [ 862.301347] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 862.309371] syz-executor0 D26168 4950 4413 0x00000004 [ 862.315062] Call Trace: [ 862.317706] __schedule+0x87c/0x1ec0 [ 862.321483] ? __lock_acquire+0x7fc/0x5020 [ 862.325777] ? __sched_text_start+0x8/0x8 [ 862.329998] ? graph_lock+0x170/0x170 [ 862.333880] ? graph_lock+0x170/0x170 [ 862.337738] ? print_usage_bug+0xc0/0xc0 [ 862.341878] schedule+0xfb/0x450 [ 862.345310] ? lock_downgrade+0x8f0/0x8f0 [ 862.349523] ? __schedule+0x1ec0/0x1ec0 [ 862.353566] ? mark_held_locks+0xc9/0x160 [ 862.357768] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 862.362415] ? _raw_spin_unlock_irq+0x27/0x70 [ 862.366960] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 862.372070] __rwsem_down_write_failed_common+0x95d/0x1630 [ 862.377763] ? rwsem_spin_on_owner+0xa40/0xa40 [ 862.382402] ? __lock_acquire+0x7fc/0x5020 [ 862.386692] ? trace_hardirqs_on+0x10/0x10 [ 862.390988] ? trace_hardirqs_on+0x10/0x10 [ 862.395288] ? kernel_text_address+0x79/0xf0 [ 862.399761] ? unwind_get_return_address+0x61/0xa0 [ 862.404765] ? __save_stack_trace+0x8d/0xf0 [ 862.409157] ? save_stack+0xa9/0xd0 [ 862.412829] ? save_stack+0x43/0xd0 [ 862.416516] ? __kasan_slab_free+0x11a/0x170 [ 862.420975] ? kasan_slab_free+0xe/0x10 [ 862.425008] ? kmem_cache_free+0x86/0x2d0 [ 862.429224] ? putname+0xf2/0x130 [ 862.432735] ? filename_lookup+0x397/0x510 [ 862.437007] ? user_path_at_empty+0x40/0x50 [ 862.441426] ? do_fchmodat+0xa3/0x160 [ 862.445283] ? __x64_sys_chmod+0x5c/0x80 [ 862.449395] ? graph_lock+0x170/0x170 [ 862.453252] ? do_raw_spin_unlock+0xa7/0x2f0 [ 862.457718] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 862.462378] ? lock_acquire+0x1e4/0x540 [ 862.466394] ? chmod_common+0x1b1/0x590 [ 862.470428] ? mnt_want_write+0x3f/0xc0 [ 862.474455] ? lock_release+0xa30/0xa30 [ 862.478484] ? check_same_owner+0x340/0x340 [ 862.482859] rwsem_down_write_failed+0xe/0x10 [ 862.487406] ? rwsem_down_write_failed+0xe/0x10 [ 862.492131] call_rwsem_down_write_failed+0x17/0x30 [ 862.497200] down_write+0xaa/0x130 [ 862.500796] ? chmod_common+0x1b1/0x590 [ 862.504839] ? down_read+0x1d0/0x1d0 [ 862.508608] ? __sb_start_write+0x17f/0x300 [ 862.513012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.518627] chmod_common+0x1b1/0x590 [ 862.522488] ? filp_close+0x250/0x250 [ 862.526346] ? find_held_lock+0x36/0x1c0 [ 862.530470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.536064] ? getname_flags+0x26e/0x5a0 [ 862.540181] do_fchmodat+0xc3/0x160 [ 862.543855] ? __ia32_sys_fchmod+0x80/0x80 [ 862.548161] ? _raw_spin_unlock_irq+0x27/0x70 [ 862.552709] __x64_sys_chmod+0x5c/0x80 [ 862.557368] do_syscall_64+0x1b9/0x820 [ 862.561318] ? finish_task_switch+0x1d3/0x870 [ 862.565893] ? syscall_return_slowpath+0x5e0/0x5e0 [ 862.570894] ? syscall_return_slowpath+0x31d/0x5e0 [ 862.575891] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 862.581314] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.586235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 862.591473] RIP: 0033:0x456a09 [ 862.594732] Code: 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 <07> 48 83 c7 10 0f 10 06 48 83 c6 10 0f 11 07 48 83 c7 10 0f 10 06 [ 862.614064] RSP: 002b:00007f4ca234ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000005a [ 862.621840] RAX: ffffffffffffffda RBX: 00007f4ca234f6d4 RCX: 0000000000456a09 [ 862.629201] RDX: 0000000000000000 RSI: 0000000000000150 RDI: 0000000020000140 [ 862.636525] RBP: 00000000009303c0 R08: 0000000000000000 R09: 0000000000000000 [ 862.643907] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 862.651248] R13: 00000000004ca568 R14: 00000000004c1c78 R15: 0000000000000005 [ 862.658592] [ 862.658592] Showing all locks held in the system: [ 862.664983] 1 lock held by khungtaskd/773: [ 862.669280] #0: (____ptrval____) (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x428 [ 862.677962] 1 lock held by rsyslogd/4281: [ 862.682159] 2 locks held by getty/4371: [ 862.686164] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.694481] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.703411] 2 locks held by getty/4372: [ 862.707428] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.715737] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.724664] 2 locks held by getty/4373: [ 862.728700] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.737036] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.745958] 2 locks held by getty/4374: [ 862.749987] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.758343] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.767271] 2 locks held by getty/4375: [ 862.771285] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.779600] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.788518] 2 locks held by getty/4376: [ 862.792536] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.800842] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.809764] 2 locks held by getty/4377: [ 862.813777] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 862.822100] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 862.831047] 2 locks held by syz-executor0/4946: [ 862.835762] #0: (____ptrval____) (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 862.843842] #1: (____ptrval____) (&type->i_mutex_dir_key#5){++++}, at: chmod_common+0x1b1/0x590 [ 862.852872] 1 lock held by syz-executor0/4947: [ 862.857521] #0: (____ptrval____) (&type->i_mutex_dir_key#5){++++}, at: lookup_slow+0x49/0x80 [ 862.866300] 1 lock held by syz-executor0/4949: [ 862.870929] #0: (____ptrval____) (&type->i_mutex_dir_key#5){++++}, at: lookup_slow+0x49/0x80 [ 862.879712] 2 locks held by syz-executor0/4950: [ 862.884433] #0: (____ptrval____) (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 862.892505] #1: (____ptrval____) (&type->i_mutex_dir_key#5){++++}, at: chmod_common+0x1b1/0x590 [ 862.901513] [ 862.903182] ============================================= [ 862.903182] [ 862.910244] NMI backtrace for cpu 0 [ 862.913930] CPU: 0 PID: 773 Comm: khungtaskd Not tainted 4.18.0-rc6+ #168 [ 862.920857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 862.930201] Call Trace: [ 862.932848] dump_stack+0x1c9/0x2b4 [ 862.936465] ? dump_stack_print_info.cold.2+0x52/0x52 [ 862.941646] ? vprintk_default+0x28/0x30 [ 862.945696] nmi_cpu_backtrace.cold.4+0x19/0xce [ 862.950353] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 862.954752] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f [ 862.959936] nmi_trigger_cpumask_backtrace+0x151/0x192 [ 862.965206] arch_trigger_cpumask_backtrace+0x14/0x20 [ 862.970397] watchdog+0x9c4/0xf80 [ 862.973843] ? reset_hung_task_detector+0xd0/0xd0 [ 862.978683] ? kasan_check_read+0x11/0x20 [ 862.982819] ? do_raw_spin_unlock+0xa7/0x2f0 [ 862.987220] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 862.992313] ? __kthread_parkme+0x58/0x1b0 [ 862.996540] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 863.001547] ? trace_hardirqs_on+0xd/0x10 [ 863.005685] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.011206] ? __kthread_parkme+0x106/0x1b0 [ 863.015523] kthread+0x345/0x410 [ 863.018902] ? reset_hung_task_detector+0xd0/0xd0 [ 863.023732] ? kthread_bind+0x40/0x40 [ 863.027524] ret_from_fork+0x3a/0x50 [ 863.031336] Sending NMI from CPU 0 to CPUs 1: [ 863.035877] NMI backtrace for cpu 1 [ 863.035893] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.18.0-rc6+ #168 [ 863.035897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.035911] RIP: 0010:__do_softirq+0x362/0xb17 [ 863.035912] Code: 58 fe ff ff 8b 8d 74 fe ff ff 48 01 9d 68 fe ff ff 0f bc c1 83 c0 01 89 85 70 fe ff ff 0f 84 a1 02 00 00 48 63 85 70 fe ff ff <48> 8b 8d 68 fe ff ff 48 c1 e0 03 48 8d 5c 01 f8 48 89 85 58 fe ff [ 863.036001] RSP: 0018:ffff8801db107af0 EFLAGS: 00000202 [ 863.036007] RAX: 0000000000000008 RBX: ffff8801d9ede380 RCX: 0000000000000000 [ 863.036011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801d9edebb4 [ 863.036016] RBP: ffff8801db107cc8 R08: 0000000000000000 R09: 0000000000000000 [ 863.036020] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d9ede380 [ 863.036024] R13: 1ffff1003b620fa1 R14: ffff8801db107e68 R15: dffffc0000000000 [ 863.036030] FS: 0000000000000000(0000) GS:ffff8801db100000(0000) knlGS:0000000000000000 [ 863.036034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 863.036038] CR2: 00000000012a7000 CR3: 00000001affc0000 CR4: 00000000001406e0 [ 863.036045] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 863.036049] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 863.036051] Call Trace: [ 863.036054] [ 863.036064] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 863.036072] ? rcu_is_watching+0x8c/0x150 [ 863.036078] ? rcu_pm_notify+0xc0/0xc0 [ 863.036086] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 863.036097] ? rcu_read_lock_sched_held+0x108/0x120 [ 863.036106] ? raise_softirq_irqoff+0x286/0x330 [ 863.036111] ? irq_exit+0x210/0x210 [ 863.036119] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.036128] ? sched_set_stop_task+0x290/0x290 [ 863.036135] irq_exit+0x1d4/0x210 [ 863.036142] scheduler_ipi+0x53c/0xa50 [ 863.036150] ? migration_cpu_stop+0x470/0x470 [ 863.036160] ? kasan_check_read+0x11/0x20 [ 863.036166] ? rcu_nmi_exit+0xe0/0x2d0 [ 863.036171] ? rcu_idle_enter+0x480/0x480 [ 863.036181] ? clockevents_program_event+0x140/0x370 [ 863.036188] ? kasan_check_read+0x11/0x20 [ 863.036194] ? rcu_is_watching+0x8c/0x150 [ 863.036201] ? task_prio+0x50/0x50 [ 863.036210] smp_reschedule_interrupt+0xf5/0x670 [ 863.036217] ? smp_thermal_interrupt+0x820/0x820 [ 863.036226] ? kvm_clock_read+0x25/0x30 [ 863.036232] ? kvm_sched_clock_read+0x9/0x20 [ 863.036239] ? sched_clock+0x31/0x40 [ 863.036245] ? sched_clock_cpu+0x1b/0x180 [ 863.036251] ? task_prio+0x50/0x50 [ 863.036261] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 863.036268] reschedule_interrupt+0xf/0x20 [ 863.036270] [ 863.036277] RIP: 0010:native_safe_halt+0x6/0x10 [ 863.036278] Code: c7 48 89 45 d8 e8 ca 0f 0f fb 48 8b 45 d8 e9 d2 fe ff ff 48 89 df e8 b9 0f 0f fb eb 8a 90 90 90 90 90 90 90 55 48 89 e5 fb f4 <5d> c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 f4 5d c3 90 90 90 90 90 [ 863.036363] RSP: 0018:ffff8801d9eefc38 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff02 [ 863.036369] RAX: dffffc0000000000 RBX: 1ffff1003b3ddf8a RCX: 0000000000000000 [ 863.036373] RDX: 1ffffffff0fe3618 RSI: 0000000000000001 RDI: ffffffff87f1b0c0 [ 863.036377] RBP: ffff8801d9eefc38 R08: ffffed003b6246d7 R09: 0000000000000000 [ 863.036380] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 863.036384] R13: ffff8801d9eefcf0 R14: ffffffff888a3560 R15: 0000000000000000 [ 863.036395] ? trace_hardirqs_on+0xd/0x10 [ 863.036400] default_idle+0xc7/0x450 [ 863.036406] ? __sched_text_end+0x3/0x3 [ 863.036412] ? rcu_idle_enter+0x30a/0x480 [ 863.036418] ? rcu_eqs_special_set+0x1b0/0x1b0 [ 863.036426] ? tsc_verify_tsc_adjust+0x109/0x380 [ 863.036433] ? mark_tsc_async_resets+0x20/0x20 [ 863.036439] ? tick_nohz_idle_enter+0x219/0x320 [ 863.036446] arch_cpu_idle+0x10/0x20 [ 863.036451] default_idle_call+0x6d/0x90 [ 863.036457] do_idle+0x3aa/0x570 [ 863.036463] ? retint_kernel+0x10/0x10 [ 863.036469] ? arch_cpu_idle_exit+0x70/0x70 [ 863.036476] cpu_startup_entry+0x10c/0x120 [ 863.036482] ? cpu_in_idle+0x20/0x20 [ 863.036490] start_secondary+0x433/0x5d0 [ 863.036498] ? set_cpu_sibling_map+0x18b0/0x18b0 [ 863.036506] secondary_startup_64+0xa5/0xb0 [ 863.036877] Kernel panic - not syncing: hung_task: blocked tasks [ 863.432855] CPU: 0 PID: 773 Comm: khungtaskd Not tainted 4.18.0-rc6+ #168 [ 863.439768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.449107] Call Trace: [ 863.451694] dump_stack+0x1c9/0x2b4 [ 863.455321] ? dump_stack_print_info.cold.2+0x52/0x52 [ 863.460516] ? printk_safe_log_store+0x2f0/0x2f0 [ 863.465267] panic+0x238/0x4e7 [ 863.468458] ? add_taint.cold.5+0x16/0x16 [ 863.472611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.478155] ? nmi_trigger_cpumask_backtrace+0x13a/0x192 [ 863.483608] ? printk_safe_flush+0xd7/0x130 [ 863.487936] watchdog+0x9d5/0xf80 [ 863.491396] ? reset_hung_task_detector+0xd0/0xd0 [ 863.496235] ? kasan_check_read+0x11/0x20 [ 863.500371] ? do_raw_spin_unlock+0xa7/0x2f0 [ 863.504775] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 863.509880] ? __kthread_parkme+0x58/0x1b0 [ 863.514106] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 863.519122] ? trace_hardirqs_on+0xd/0x10 [ 863.523262] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.528791] ? __kthread_parkme+0x106/0x1b0 [ 863.533114] kthread+0x345/0x410 [ 863.536472] ? reset_hung_task_detector+0xd0/0xd0 [ 863.541303] ? kthread_bind+0x40/0x40 [ 863.545095] ret_from_fork+0x3a/0x50 [ 863.549348] Dumping ftrace buffer: [ 863.552944] (ftrace buffer empty) [ 863.556646] Kernel Offset: disabled [ 863.560271] Rebooting in 86400 seconds..