[   39.357451][   T25] audit: type=1800 audit(1563971640.946:26): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   39.376829][   T25] audit: type=1800 audit(1563971640.956:27): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   39.396224][   T25] audit: type=1800 audit(1563971640.956:28): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   40.257902][   T25] audit: type=1800 audit(1563971641.866:29): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.219' (ECDSA) to the list of known hosts.
2019/07/24 12:49:33 parsed 1 programs
2019/07/24 12:49:35 executed programs: 0
syzkaller login: [  973.581884][ T7837] IPVS: ftp: loaded support on port[0] = 21
[  973.631435][ T7837] chnl_net:caif_netlink_parms(): no params data found
[  973.656930][ T7837] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.664402][ T7837] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.672233][ T7837] device bridge_slave_0 entered promiscuous mode
[  973.680520][ T7837] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.688074][ T7837] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.696067][ T7837] device bridge_slave_1 entered promiscuous mode
[  973.710574][ T7837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  973.720737][ T7837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  973.737310][ T7837] team0: Port device team_slave_0 added
[  973.743922][ T7837] team0: Port device team_slave_1 added
[  973.795291][ T7837] device hsr_slave_0 entered promiscuous mode
[  973.832876][ T7837] device hsr_slave_1 entered promiscuous mode
[  973.878850][ T7837] bridge0: port 2(bridge_slave_1) entered blocking state
[  973.886465][ T7837] bridge0: port 2(bridge_slave_1) entered forwarding state
[  973.894286][ T7837] bridge0: port 1(bridge_slave_0) entered blocking state
[  973.901559][ T7837] bridge0: port 1(bridge_slave_0) entered forwarding state
[  973.929305][ T7837] 8021q: adding VLAN 0 to HW filter on device bond0
[  973.941167][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  973.951019][   T23] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.959487][   T23] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.967469][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  973.979760][ T7837] 8021q: adding VLAN 0 to HW filter on device team0
[  973.989868][ T3008] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  973.998660][ T3008] bridge0: port 1(bridge_slave_0) entered blocking state
[  974.006158][ T3008] bridge0: port 1(bridge_slave_0) entered forwarding state
[  974.023196][ T7840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  974.031707][ T7840] bridge0: port 2(bridge_slave_1) entered blocking state
[  974.039529][ T7840] bridge0: port 2(bridge_slave_1) entered forwarding state
[  974.047588][ T7840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  974.056178][ T7840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  974.064808][ T7840] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  974.074699][ T3008] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  974.086083][ T7837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  974.097620][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  974.107226][ T7840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  974.122933][ T7837] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/24 12:49:40 executed programs: 30
2019/07/24 12:49:45 executed programs: 64
2019/07/24 12:49:50 executed programs: 99
2019/07/24 12:49:55 executed programs: 135
2019/07/24 12:50:00 executed programs: 169
2019/07/24 12:50:05 executed programs: 202
2019/07/24 12:50:10 executed programs: 236
2019/07/24 12:50:15 executed programs: 271
[ 1182.232701][ T1056] INFO: task syz-executor.0:9658 blocked for more than 143 seconds.
[ 1182.242166][ T1056]       Not tainted 5.2.0+ #37
[ 1182.247872][ T1056] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1182.257033][ T1056] syz-executor.0  D25992  9658   7837 0x00004006
[ 1182.264471][ T1056] Call Trace:
[ 1182.268126][ T1056]  __schedule+0x8b7/0xcd0
[ 1182.273108][ T1056]  ? is_mmconf_reserved+0x410/0x410
[ 1182.279058][ T1056]  ? autoremove_wake_function+0x110/0x110
[ 1182.285210][ T1056]  schedule+0x12f/0x1d0
[ 1182.289815][ T1056]  perf_event_free_task+0x52a/0x630
[ 1182.297843][ T1056]  ? rcu_irq_exit+0xe3/0x260
[ 1182.303418][ T1056]  ? perf_event_exit_task+0x23a0/0x23a0
[ 1182.309896][ T1056]  ? init_wait_var_entry+0x150/0x150
[ 1182.315825][ T1056]  copy_process+0x39bb/0x5a00
[ 1182.321034][ T1056]  ? fork_idle+0x290/0x290
[ 1182.325955][ T1056]  ? __lock_acquire+0x4750/0x4750
[ 1182.332316][ T1056]  ? lock_acquire+0x158/0x250
[ 1182.337330][ T1056]  _do_fork+0x179/0x630
[ 1182.341903][ T1056]  ? dup_mm+0x340/0x340
[ 1182.346594][ T1056]  ? __kasan_check_read+0x11/0x20
[ 1182.352246][ T1056]  ? _copy_to_user+0x104/0x150
[ 1182.359132][ T1056]  ? put_timespec64+0x106/0x150
[ 1182.364825][ T1056]  ? ktime_get_raw+0xf0/0xf0
[ 1182.370994][ T1056]  __x64_sys_clone+0x247/0x2b0
[ 1182.376533][ T1056]  ? __ia32_sys_vfork+0x110/0x110
[ 1182.383342][ T1056]  ? prepare_exit_to_usermode+0x1f7/0x580
[ 1182.390076][ T1056]  ? do_syscall_64+0x1d/0x140
[ 1182.395501][ T1056]  do_syscall_64+0xfe/0x140
[ 1182.400917][ T1056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1182.407651][ T1056] RIP: 0033:0x459829
[ 1182.411927][ T1056] Code: dd fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 48 83 ec 28 48 89 6c 24 20 48 <8d> 6c 24 20 48 8b 44 24 30 48 89 04 24 48 8b 4c 24 38 48 89 4c 24
[ 1182.436900][ T1056] RSP: 002b:00007f2b371d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1182.445706][ T1056] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459829
[ 1182.454373][ T1056] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000002102001ffe
[ 1182.462752][ T1056] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1182.471549][ T1056] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2b371d96d4
[ 1182.480818][ T1056] R13: 00000000004bfce6 R14: 00000000004d17f8 R15: 00000000ffffffff
[ 1182.489563][ T1056] 
[ 1182.489563][ T1056] Showing all locks held in the system:
[ 1182.498218][ T1056] 1 lock held by khungtaskd/1056:
[ 1182.515663][ T1056]  #0: 000000004ef21d86 (rcu_read_lock){....}, at: rcu_lock_acquire+0x4/0x30
[ 1182.525728][ T1056] 1 lock held by rsyslogd/7708:
[ 1182.531832][ T1056]  #0: 000000001dbc8cee (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x243/0x2e0
[ 1182.541640][ T1056] 2 locks held by getty/7798:
[ 1182.546668][ T1056]  #0: 00000000ad2eb6b3 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.557324][ T1056]  #1: 0000000067bda1b9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.568119][ T1056] 2 locks held by getty/7799:
[ 1182.574768][ T1056]  #0: 00000000e86f0102 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.587104][ T1056]  #1: 00000000f10c3522 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.599822][ T1056] 2 locks held by getty/7800:
[ 1182.606270][ T1056]  #0: 00000000f4a9ed02 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.617127][ T1056]  #1: 00000000759669da (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.628511][ T1056] 2 locks held by getty/7801:
[ 1182.633412][ T1056]  #0: 00000000c998e0d2 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.643468][ T1056]  #1: 000000007c9ea7de (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.653318][ T1056] 2 locks held by getty/7802:
[ 1182.657992][ T1056]  #0: 00000000398be820 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.667712][ T1056]  #1: 00000000deef3632 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.677874][ T1056] 2 locks held by getty/7803:
[ 1182.683198][ T1056]  #0: 00000000fa979d44 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.693267][ T1056]  #1: 000000003715a25d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.703439][ T1056] 2 locks held by getty/7804:
[ 1182.708392][ T1056]  #0: 000000009d01c162 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1182.718420][ T1056]  #1: 0000000010022d29 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x2ee/0x1c80
[ 1182.729738][ T1056] 
[ 1182.732248][ T1056] =============================================
[ 1182.732248][ T1056] 
[ 1182.742543][ T1056] NMI backtrace for cpu 0
[ 1182.747475][ T1056] CPU: 0 PID: 1056 Comm: khungtaskd Not tainted 5.2.0+ #37
[ 1182.755393][ T1056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1182.766642][ T1056] Call Trace:
[ 1182.770211][ T1056]  dump_stack+0x1d8/0x2f8
[ 1182.775784][ T1056]  nmi_cpu_backtrace+0xb0/0x1a0
[ 1182.780831][ T1056]  ? nmi_trigger_cpumask_backtrace+0x145/0x240
[ 1182.787384][ T1056]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1182.793458][ T1056]  nmi_trigger_cpumask_backtrace+0x14c/0x240
[ 1182.799921][ T1056]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1182.806506][ T1056]  trigger_all_cpu_backtrace+0x17/0x20
[ 1182.812283][ T1056]  watchdog+0xbcc/0xbe0
[ 1182.816612][ T1056]  kthread+0x332/0x350
[ 1182.821027][ T1056]  ? hungtask_pm_notify+0x50/0x50
[ 1182.827697][ T1056]  ? kthread_blkcg+0xe0/0xe0
[ 1182.833117][ T1056]  ret_from_fork+0x24/0x30
[ 1182.838464][ T1056] Sending NMI from CPU 0 to CPUs 1:
[ 1182.844892][    C1] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0xe/0x10
[ 1182.845808][ T1056] Kernel panic - not syncing: hung_task: blocked tasks
[ 1182.860923][ T1056] CPU: 0 PID: 1056 Comm: khungtaskd Not tainted 5.2.0+ #37
[ 1182.868631][ T1056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1182.881308][ T1056] Call Trace:
[ 1182.884768][ T1056]  dump_stack+0x1d8/0x2f8
[ 1182.889300][ T1056]  panic+0x29b/0x7d9
[ 1182.893425][ T1056]  ? find_next_bit+0x10c/0x120
[ 1182.898683][ T1056]  ? nmi_trigger_cpumask_backtrace+0x1d8/0x240
[ 1182.905630][ T1056]  ? nmi_panic+0x97/0x97
[ 1182.910237][ T1056]  ? __kasan_check_write+0x14/0x20
[ 1182.915966][ T1056]  ? nmi_trigger_cpumask_backtrace+0x1d8/0x240
[ 1182.922907][ T1056]  watchdog+0xbdf/0xbe0
[ 1182.927444][ T1056]  kthread+0x332/0x350
[ 1182.931885][ T1056]  ? hungtask_pm_notify+0x50/0x50
[ 1182.937091][ T1056]  ? kthread_blkcg+0xe0/0xe0
[ 1182.942100][ T1056]  ret_from_fork+0x24/0x30
[ 1182.949085][ T1056] Kernel Offset: disabled
[ 1182.954102][ T1056] Rebooting in 86400 seconds..