[   41.038723] audit: type=1800 audit(1574541147.016:31): pid=7560 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   45.318514] kauditd_printk_skb: 3 callbacks suppressed
[   45.318527] audit: type=1400 audit(1574541151.356:35): avc:  denied  { map } for  pid=7734 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.90' (ECDSA) to the list of known hosts.
executing program
[  403.245579] audit: type=1400 audit(1574541509.276:36): avc:  denied  { map } for  pid=7746 comm="syz-executor835" path="/root/syz-executor835116742" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  403.286405] print_req_error: I/O error, dev loop0, sector 64
[  403.294894] print_req_error: I/O error, dev loop0, sector 256
[  403.301579] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  403.311065] print_req_error: I/O error, dev loop0, sector 512
[  403.317051] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  403.326486] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  403.333806] UDF-fs: Scanning with blocksize 512 failed
[  403.340320] print_req_error: I/O error, dev loop0, sector 64
[  549.537609] INFO: task syz-executor835:7750 blocked for more than 140 seconds.
[  549.545199]       Not tainted 4.19.85-syzkaller #0
[  549.550565] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  549.558842] syz-executor835 D28112  7750   7746 0x00000004
[  549.564560] Call Trace:
[  549.567269]  __schedule+0x866/0x1dc0
[  549.571588]  ? pci_mmcfg_check_reserved+0x170/0x170
[  549.576673]  ? rwsem_down_read_failed+0x1e3/0x3c0
[  549.581865]  ? _raw_spin_unlock_irq+0x28/0x90
[  549.586441]  ? lockdep_hardirqs_on+0x415/0x5d0
[  549.591365]  schedule+0x92/0x1c0
[  549.594742]  rwsem_down_read_failed+0x21b/0x3c0
[  549.599707]  ? rwsem_down_write_failed_killable+0xe30/0xe30
[  549.605539]  call_rwsem_down_read_failed+0x18/0x30
[  549.610776]  ? __lock_acquire+0x231b/0x49c0
[  549.615161]  down_read+0x49/0xb0
[  549.619062]  ? __get_super.part.0+0x203/0x2e0
[  549.623825]  __get_super.part.0+0x203/0x2e0
[  549.628600]  get_super+0x2e/0x50
[  549.632030]  fsync_bdev+0x19/0xd0
[  549.635561]  invalidate_partition+0x36/0x60
[  549.640341]  rescan_partitions+0xef/0xa20
[  549.644516]  ? __lock_is_held+0xb6/0x140
[  549.649125]  __blkdev_reread_part+0x1a2/0x230
[  549.653633]  blkdev_reread_part+0x27/0x40
[  549.658134]  loop_reread_partitions+0x1c/0x40
[  549.662646]  loop_set_status+0xe54/0x1370
[  549.666804]  loop_set_status64+0xc2/0x120
[  549.671369]  ? loop_set_status_old+0x330/0x330
[  549.676182]  ? avc_has_extended_perms+0xa78/0x10f0
[  549.681514]  lo_ioctl+0x432/0x20e0
[  549.685073]  ? lo_rw_aio+0x1470/0x1470
[  549.689313]  blkdev_ioctl+0xc38/0x1ab6
[  549.693231]  ? blkpg_ioctl+0xa90/0xa90
[  549.697121]  ? find_held_lock+0x35/0x130
[  549.701579]  ? debug_check_no_obj_freed+0x200/0x464
[  549.706709]  ? __fget+0x340/0x540
[  549.710806]  block_ioctl+0xee/0x130
[  549.714444]  ? blkdev_fallocate+0x410/0x410
[  549.719127]  do_vfs_ioctl+0xd5f/0x1380
[  549.723092]  ? selinux_file_ioctl+0x46f/0x5e0
[  549.727883]  ? selinux_file_ioctl+0x125/0x5e0
[  549.732389]  ? ioctl_preallocate+0x210/0x210
[  549.736890]  ? selinux_file_mprotect+0x620/0x620
[  549.742305]  ? iterate_fd+0x360/0x360
[  549.746171]  ? do_sys_open+0x31d/0x550
[  549.750420]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  549.756097]  ? security_file_ioctl+0x8d/0xc0
[  549.760916]  ksys_ioctl+0xab/0xd0
[  549.764468]  __x64_sys_ioctl+0x73/0xb0
[  549.768844]  do_syscall_64+0xfd/0x620
[  549.772696]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  549.778289] RIP: 0033:0x446957
[  549.781592] Code: 64 20 64 65 62 75 67 20 6f 70 74 69 6f 6e 20 27 25 73 27 2c 20 76 61 6c 75 65 20 27 25 73 27 20 2d 20 69 67 6e 6f 72 65 64 0a <00> 61 6c 74 65 72 6e 61 74 65 20 64 65 62 75 67 20 66 69 6c 65 20
[  549.800945] RSP: 002b:00007fb8d64f1b68 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
[  549.809078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000446957
[  549.816375] RDX: 00007fb8d64f1c00 RSI: 0000000000004c04 RDI: 0000000000000004
[  549.823971] RBP: 00007fb8d64f26d0 R08: 0000000000000000 R09: 000000000000000a
[  549.831525] R10: 0000000000000075 R11: 0000000000000202 R12: 00000000006dbc3c
[  549.839051] R13: 00007ffdbc85e62f R14: 0000000000000004 R15: 20c49ba5e353f7cf
[  549.846459] INFO: task blkid:7752 blocked for more than 140 seconds.
[  549.853264]       Not tainted 4.19.85-syzkaller #0
[  549.858552] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  549.866629] blkid           D28200  7752   7729 0x00000004
[  549.872607] Call Trace:
[  549.875262]  __schedule+0x866/0x1dc0
[  549.879446]  ? __mutex_lock+0x721/0x1300
[  549.883613]  ? pci_mmcfg_check_reserved+0x170/0x170
[  549.889104]  ? kasan_check_read+0x11/0x20
[  549.893270]  schedule+0x92/0x1c0
[  549.896639]  schedule_preempt_disabled+0x13/0x20
[  549.901830]  __mutex_lock+0x726/0x1300
[  549.905819]  ? blkdev_put+0x34/0x560
[  549.909968]  ? __lock_acquire+0x6ee/0x49c0
[  549.914301]  ? mutex_trylock+0x1e0/0x1e0
[  549.918752]  ? mark_held_locks+0x100/0x100
[  549.922997]  ? fsnotify+0x8ba/0xf00
[  549.926635]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  549.932555]  ? blkdev_put+0x560/0x560
[  549.936424]  mutex_lock_nested+0x16/0x20
[  549.941123]  ? fcntl_setlk+0xcd0/0xcd0
[  549.945025]  ? mutex_lock_nested+0x16/0x20
[  549.949609]  blkdev_put+0x34/0x560
[  549.953158]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  549.959016]  ? blkdev_put+0x560/0x560
[  549.962834]  blkdev_close+0x8b/0xb0
[  549.966468]  __fput+0x2dd/0x8b0
[  549.970163]  ____fput+0x16/0x20
[  549.973511]  task_work_run+0x145/0x1c0
[  549.977425]  exit_to_usermode_loop+0x273/0x2c0
[  549.982412]  do_syscall_64+0x53d/0x620
[  549.986310]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  549.992120] RIP: 0033:0x7f0a3c0212b0
[  549.995933] Code: Bad RIP value.
[  549.999603] RSP: 002b:00007ffceb9621b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  550.007320] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0a3c0212b0
[  550.015158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  550.022755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
[  550.030403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001fb0030
[  550.038151] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000005
[  550.048387] 
[  550.048387] Showing all locks held in the system:
[  550.055078] 1 lock held by khungtaskd/1039:
[  550.060054]  #0: 000000002f9f162f (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[  550.069257] 1 lock held by rsyslogd/7598:
[  550.073413]  #0: 00000000f3622aea (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  550.081869] 2 locks held by getty/7720:
[  550.086023]  #0: 000000004f7f6a36 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.094938]  #1: 00000000c13026a5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.104946] 2 locks held by getty/7721:
[  550.109406]  #0: 0000000065aa0841 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.118450]  #1: 00000000d62d4ff1 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.128023] 2 locks held by getty/7722:
[  550.132174]  #0: 00000000aaf56628 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.140860]  #1: 000000006ab44ba5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.150292] 2 locks held by getty/7723:
[  550.154298]  #0: 0000000051df3cfd (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.163075]  #1: 00000000771e63d5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.172319] 2 locks held by getty/7724:
[  550.176294]  #0: 000000009a043b30 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.185289]  #1: 0000000073e7baad (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.194759] 2 locks held by getty/7725:
[  550.199034]  #0: 00000000de60f5dd (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.207318]  #1: 000000000b33e3ef (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.216703] 2 locks held by getty/7726:
[  550.220956]  #0: 00000000a3ebd98b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  550.229503]  #1: 000000002846d69a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30
[  550.238841] 1 lock held by syz-executor835/7749:
[  550.243598] 2 locks held by syz-executor835/7750:
[  550.248754]  #0: 00000000436c088d (&bdev->bd_mutex){+.+.}, at: blkdev_reread_part+0x1f/0x40
[  550.258181]  #1: 00000000f23658fb (&type->s_umount_key#52){.+.+}, at: __get_super.part.0+0x203/0x2e0
[  550.267772] 1 lock held by blkid/7752:
[  550.271679]  #0: 00000000436c088d (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x34/0x560
[  550.279933] 
[  550.281568] =============================================
[  550.281568] 
[  550.288880] NMI backtrace for cpu 0
[  550.292702] CPU: 0 PID: 1039 Comm: khungtaskd Not tainted 4.19.85-syzkaller #0
[  550.300061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  550.309423] Call Trace:
[  550.312106]  dump_stack+0x197/0x210
[  550.315743]  nmi_cpu_backtrace.cold+0x63/0xa4
[  550.320279]  ? lapic_can_unplug_cpu.cold+0x47/0x47
[  550.325389]  nmi_trigger_cpumask_backtrace+0x1b0/0x1f8
[  550.330686]  arch_trigger_cpumask_backtrace+0x14/0x20
[  550.335882]  watchdog+0x9df/0xee0
[  550.339353]  kthread+0x354/0x420
[  550.342765]  ? reset_hung_task_detector+0x30/0x30
[  550.347654]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  550.353216]  ret_from_fork+0x24/0x30
[  550.357053] Sending NMI from CPU 0 to CPUs 1:
[  550.362262] NMI backtrace for cpu 1
[  550.362267] CPU: 1 PID: 7749 Comm: syz-executor835 Not tainted 4.19.85-syzkaller #0
[  550.362273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  550.362277] RIP: 0010:__sanitizer_cov_trace_pc+0x20/0x50
[  550.362294] Code: 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 48 8b 75 08 65 48 8b 04 25 40 ee 01 00 65 8b 15 f8 ce 96 7e 81 e2 00 01 1f 00 75 2b <8b> 90 d0 12 00 00 83 fa 02 75 20 48 8b 88 d8 12 00 00 8b 80 d4 12
[  550.362299] RSP: 0018:ffff888090c9f618 EFLAGS: 00000246
[  550.362306] RAX: ffff8880804e83c0 RBX: 01fffc0000001065 RCX: ffffffff818aaca6
[  550.362310] RDX: 0000000000000000 RSI: ffffffff818aacb5 RDI: 0000000000000007
[  550.362315] RBP: ffff888090c9f618 R08: ffff8880804e83c0 R09: 0000000000000001
[  550.362320] R10: ffffed1015d24732 R11: ffff8880ae923993 R12: ffffea000221dec0
[  550.362324] R13: ffffea000221dec8 R14: 0000000000000000 R15: ffffea00024489c8
[  550.362329] FS:  00007fb8d6513700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  550.362333] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  550.362338] CR2: ffffffffff600400 CR3: 00000000827a8000 CR4: 00000000001406e0
[  550.362342] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  550.362347] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  550.362350] Call Trace:
[  550.362353]  mark_page_accessed+0x705/0x1140
[  550.362356]  pagecache_get_page+0x572/0xa40
[  550.362360]  __getblk_gfp+0x284/0x970
[  550.362363]  __bread_gfp+0x2f/0x300
[  550.362365]  udf_tread+0xf1/0x140
[  550.362369]  udf_read_tagged+0x50/0x530
[  550.362372]  udf_check_anchor_block+0x1ef/0x680
[  550.362375]  ? blkpg_ioctl+0xa90/0xa90
[  550.362379]  ? udf_process_sequence+0x3e90/0x3e90
[  550.362382]  ? __lock_is_held+0xb6/0x140
[  550.362386]  udf_scan_anchors+0x1cf/0x680
[  550.362389]  ? udf_check_anchor_block+0x680/0x680
[  550.362393]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  550.362397]  ? udf_get_last_block+0x167/0x1d0
[  550.362400]  ? udf_get_last_session+0x120/0x120
[  550.362403]  udf_load_vrs+0x67f/0xc80
[  550.362406]  ? udf_scan_anchors+0x680/0x680
[  550.362410]  ? __udf_add_aext.cold+0x7f/0x7f
[  550.362413]  udf_fill_super+0x7cb/0x16f5
[  550.362416]  ? udf_load_vrs+0xc80/0xc80
[  550.362419]  ? vsprintf+0x40/0x40
[  550.362423]  ? set_blocksize+0x2bf/0x340
[  550.362426]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  550.362429]  mount_bdev+0x304/0x3c0
[  550.362432]  ? udf_load_vrs+0xc80/0xc80
[  550.362435]  udf_mount+0x35/0x40
[  550.362438]  mount_fs+0xa8/0x31f
[  550.362442]  vfs_kern_mount.part.0+0x6f/0x410
[  550.362445]  do_mount+0x53e/0x2bc0
[  550.362448]  ? copy_mount_string+0x40/0x40
[  550.362451]  ? _copy_from_user+0xdd/0x150
[  550.362455]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  550.362459]  ? copy_mount_options+0x280/0x3a0
[  550.362462]  ksys_mount+0xdb/0x150
[  550.362465]  __x64_sys_mount+0xbe/0x150
[  550.362468]  do_syscall_64+0xfd/0x620
[  550.362471]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  550.362474] RIP: 0033:0x446a49
[  550.362485] Code: dd 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  550.362489] RSP: 002b:00007fb8d6512db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  550.362497] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 0000000000446a49
[  550.362502] RDX: 0000000020000240 RSI: 0000000020000100 RDI: 0000000020000040
[  550.362506] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000
[  550.362511] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc2c
[  550.362516] R13: 00007ffdbc85e62f R14: 00007fb8d65139c0 R15: 20c49ba5e353f7cf
[  550.364704] Kernel panic - not syncing: hung_task: blocked tasks
[  550.718799] CPU: 0 PID: 1039 Comm: khungtaskd Not tainted 4.19.85-syzkaller #0
[  550.726175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  550.735528] Call Trace:
[  550.738134]  dump_stack+0x197/0x210
[  550.741842]  panic+0x26a/0x50e
[  550.745046]  ? __warn_printk+0xf3/0xf3
[  550.748936]  ? lapic_can_unplug_cpu.cold+0x47/0x47
[  550.753887]  ? ___preempt_schedule+0x16/0x18
[  550.758337]  ? nmi_trigger_cpumask_backtrace+0x165/0x1f8
[  550.763813]  ? nmi_trigger_cpumask_backtrace+0x1c1/0x1f8
[  550.769269]  ? nmi_trigger_cpumask_backtrace+0x1cb/0x1f8
[  550.774727]  ? nmi_trigger_cpumask_backtrace+0x165/0x1f8
[  550.780185]  watchdog+0x9f0/0xee0
[  550.783652]  kthread+0x354/0x420
[  550.787024]  ? reset_hung_task_detector+0x30/0x30
[  550.791873]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  550.797420]  ret_from_fork+0x24/0x30
[  550.803383] Kernel Offset: disabled
[  550.807202] Rebooting in 86400 seconds..