[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   54.860800][   T26] audit: type=1800 audit(1568580997.396:25): pid=8554 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   54.883286][   T26] audit: type=1800 audit(1568580997.396:26): pid=8554 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   54.921307][   T26] audit: type=1800 audit(1568580997.396:27): pid=8554 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.86' (ECDSA) to the list of known hosts.
syzkaller login: [  226.259419][ T8708] IPVS: ftp: loaded support on port[0] = 21
[  226.312944][ T8708] chnl_net:caif_netlink_parms(): no params data found
[  226.339995][ T8708] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.347522][ T8708] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.355352][ T8708] device bridge_slave_0 entered promiscuous mode
[  226.363109][ T8708] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.370269][ T8708] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.377900][ T8708] device bridge_slave_1 entered promiscuous mode
[  226.393677][ T8708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  226.404485][ T8708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  226.423173][ T8708] team0: Port device team_slave_0 added
[  226.430486][ T8708] team0: Port device team_slave_1 added
[  226.506023][ T8708] device hsr_slave_0 entered promiscuous mode
[  226.573917][ T8708] device hsr_slave_1 entered promiscuous mode
[  226.632156][ T8708] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.639331][ T8708] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.647083][ T8708] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.655135][ T8708] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.687289][ T8708] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.698871][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  226.719190][ T3013] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.727553][ T3013] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.736720][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  226.747484][ T8708] 8021q: adding VLAN 0 to HW filter on device team0
[  226.757725][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  226.766315][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.773348][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.794701][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  226.803309][ T3013] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.810518][ T3013] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.818625][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  226.827177][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  226.835717][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
[  226.847325][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  226.855071][ T3013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  226.866095][ T8708] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  226.883234][ T8708] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.935785][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  378.474570][ T1056] INFO: task syz-executor208:8708 blocked for more than 143 seconds.
[  378.482839][ T1056]       Not tainted 5.3.0-rc7+ #0
[  378.488968][ T1056] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  378.497790][ T1056] syz-executor208 D23640  8708   8707 0x00000000
[  378.505218][ T1056] Call Trace:
[  378.508617][ T1056]  __schedule+0x755/0x1580
[  378.513084][ T1056]  ? __sched_text_start+0x8/0x8
[  378.518017][ T1056]  ? __kasan_check_read+0x11/0x20
[  378.523046][ T1056]  ? __lock_acquire+0x2b42/0x4c30
[  378.528833][ T1056]  schedule+0xd9/0x260
[  378.532895][ T1056]  schedule_timeout+0x717/0xc50
[  378.537819][ T1056]  ? __kasan_check_read+0x11/0x20
[  378.542864][ T1056]  ? usleep_range+0x170/0x170
[  378.548275][ T1056]  ? mark_held_locks+0xa4/0xf0
[  378.553026][ T1056]  ? _raw_spin_unlock_irq+0x28/0x90
[  378.558289][ T1056]  ? wait_for_completion+0x294/0x440
[  378.563573][ T1056]  ? _raw_spin_unlock_irq+0x28/0x90
[  378.569555][ T1056]  ? lockdep_hardirqs_on+0x418/0x5d0
[  378.575558][ T1056]  ? trace_hardirqs_on+0x67/0x240
[  378.580665][ T1056]  ? __kasan_check_read+0x11/0x20
[  378.586489][ T1056]  wait_for_completion+0x29c/0x440
[  378.591595][ T1056]  ? wait_for_completion_interruptible+0x470/0x470
[  378.598180][ T1056]  ? wake_up_q+0xf0/0xf0
[  378.602426][ T1056]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  378.609443][ T1056]  ? __kasan_check_read+0x11/0x20
[  378.614547][ T1056]  __flush_work+0x508/0xa50
[  378.619051][ T1056]  ? alloc_unbound_pwq+0xcb0/0xcb0
[  378.624874][ T1056]  ? init_pwq+0x360/0x360
[  378.629198][ T1056]  ? __cancel_work_timer+0xc4/0x540
[  378.634463][ T1056]  ? __cancel_work_timer+0x1e0/0x540
[  378.639737][ T1056]  ? cancel_delayed_work_sync+0x1b/0x20
[  378.645992][ T1056]  ? __cancel_work_timer+0x1e0/0x540
[  378.651263][ T1056]  ? lockdep_hardirqs_on+0x418/0x5d0
[  378.656611][ T1056]  ? trace_hardirqs_on+0x67/0x240
[  378.661650][ T1056]  __cancel_work_timer+0x3d9/0x540
[  378.667524][ T1056]  ? mod_delayed_work_on+0x200/0x200
[  378.672792][ T1056]  ? debug_object_active_state+0x28a/0x350
[  378.679288][ T1056]  ? mark_held_locks+0xf0/0xf0
[  378.684111][ T1056]  cancel_delayed_work_sync+0x1b/0x20
[  378.689525][ T1056]  tls_sw_cancel_work_tx+0x68/0x80
[  378.694691][ T1056]  tls_sk_proto_close+0x4c9/0x9c0
[  378.699718][ T1056]  ? lock_acquire+0x190/0x410
[  378.705028][ T1056]  ? wait_on_pending_writer+0x420/0x420
[  378.710616][ T1056]  ? ip_mc_drop_socket+0x211/0x270
[  378.716102][ T1056]  ? down_write+0xdf/0x150
[  378.720507][ T1056]  inet_release+0xed/0x200
[  378.725269][ T1056]  inet6_release+0x53/0x80
[  378.729737][ T1056]  __sock_release+0xce/0x280
[  378.734422][ T1056]  sock_close+0x1e/0x30
[  378.738578][ T1056]  __fput+0x2ff/0x890
[  378.742581][ T1056]  ? __sock_release+0x280/0x280
[  378.747490][ T1056]  ____fput+0x16/0x20
[  378.751468][ T1056]  task_work_run+0x145/0x1c0
[  378.756123][ T1056]  exit_to_usermode_loop+0x316/0x380
[  378.761406][ T1056]  do_syscall_64+0x5a9/0x6a0
[  378.766076][ T1056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  378.771971][ T1056] RIP: 0033:0x401f40
[  378.775925][ T1056] Code: 00 00 07 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 38 a1 60 00 00 00 00 00 07 00 00 00 29 00 00 00 00 00 00 00 00 00 00 00 <40> a1 60 00 00 00 00 00 07 00 00 00 2a 00 00 00 00 00 00 00 00 00
[  378.795610][ T1056] RSP: 002b:00007ffd13dd2a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  378.804094][ T1056] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000401f40
[  378.812075][ T1056] RDX: ffffffffffffffc1 RSI: 1201000000003618 RDI: 0000000000000004
[  378.820109][ T1056] RBP: 00007ffd13dd2a80 R08: 0000000000000000 R09: 1201000000003618
[  378.828113][ T1056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  378.836726][ T1056] R13: 0000000000403170 R14: 0000000000000000 R15: 0000000000000000
[  378.844765][ T1056] 
[  378.844765][ T1056] Showing all locks held in the system:
[  378.852477][ T1056] 1 lock held by khungtaskd/1056:
[  378.857540][ T1056]  #0: 00000000198b1a76 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[  378.866877][ T1056] 2 locks held by kworker/1:2/3013:
[  378.872045][ T1056]  #0: 000000007e9d7ca3 ((wq_completion)events){+.+.}, at: process_one_work+0x88b/0x1740
[  378.881891][ T1056]  #1: 000000002abf4730 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}, at: process_one_work+0x8c1/0x1740
[  378.894459][ T1056] 3 locks held by kworker/u4:4/3078:
[  378.899748][ T1056]  #0: 000000002189dbfe (&rq->lock){-.-.}, at: __schedule+0x1f5/0x1580
[  378.908021][ T1056]  #1: 00000000198b1a76 (rcu_read_lock){....}, at: __update_idle_core+0x45/0x3f0
[  378.917180][ T1056]  #2: 00000000c2f77847 (&base->lock){..-.}, at: lock_timer_base+0x56/0x1b0
[  378.925921][ T1056] 1 lock held by rsyslogd/8592:
[  378.930761][ T1056]  #0: 00000000a318b75c (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  378.939429][ T1056] 2 locks held by getty/8682:
[  378.944132][ T1056]  #0: 00000000f199cd02 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  378.953068][ T1056]  #1: 00000000c41d0683 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  378.962725][ T1056] 2 locks held by getty/8683:
[  378.967924][ T1056]  #0: 000000007d9ae8cd (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  378.976910][ T1056]  #1: 0000000047654f3c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  378.986503][ T1056] 2 locks held by getty/8684:
[  378.991165][ T1056]  #0: 0000000008eb30f4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  379.000148][ T1056]  #1: 00000000ef44e31a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  379.009743][ T1056] 2 locks held by getty/8685:
[  379.014471][ T1056]  #0: 000000005a2b4e31 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  379.023407][ T1056]  #1: 000000005c1cdf51 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  379.033100][ T1056] 2 locks held by getty/8686:
[  379.037800][ T1056]  #0: 00000000a0f0c65e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  379.046769][ T1056]  #1: 0000000036b4aa10 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  379.056385][ T1056] 2 locks held by getty/8687:
[  379.061034][ T1056]  #0: 0000000049be7df6 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  379.070005][ T1056]  #1: 00000000da337521 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  379.079602][ T1056] 2 locks held by getty/8688:
[  379.084314][ T1056]  #0: 00000000a2250a65 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  379.093276][ T1056]  #1: 000000006e1ed1d3 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  379.103911][ T1056] 1 lock held by syz-executor208/8708:
[  379.109366][ T1056]  #0: 000000006980f162 (&sb->s_type->i_mutex_key#12){+.+.}, at: __sock_release+0x89/0x280
[  379.119429][ T1056] 
[  379.121749][ T1056] =============================================
[  379.121749][ T1056] 
[  379.130212][ T1056] NMI backtrace for cpu 1
[  379.134596][ T1056] CPU: 1 PID: 1056 Comm: khungtaskd Not tainted 5.3.0-rc7+ #0
[  379.142040][ T1056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.152076][ T1056] Call Trace:
[  379.155403][ T1056]  dump_stack+0x172/0x1f0
[  379.159717][ T1056]  nmi_cpu_backtrace.cold+0x70/0xb2
[  379.164895][ T1056]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  379.171113][ T1056]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[  379.176720][ T1056]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  379.182678][ T1056]  arch_trigger_cpumask_backtrace+0x14/0x20
[  379.188546][ T1056]  watchdog+0x9d0/0xef0
[  379.192680][ T1056]  kthread+0x361/0x430
[  379.196726][ T1056]  ? reset_hung_task_detector+0x30/0x30
[  379.202249][ T1056]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  379.208465][ T1056]  ret_from_fork+0x24/0x30
[  379.212978][ T1056] Sending NMI from CPU 1 to CPUs 0:
[  379.218267][    C0] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0xe/0x10
[  379.219207][ T1056] Kernel panic - not syncing: hung_task: blocked tasks
[  379.233327][ T1056] CPU: 1 PID: 1056 Comm: khungtaskd Not tainted 5.3.0-rc7+ #0
[  379.240756][ T1056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.250785][ T1056] Call Trace:
[  379.254056][ T1056]  dump_stack+0x172/0x1f0
[  379.258368][ T1056]  panic+0x2dc/0x755
[  379.262237][ T1056]  ? add_taint.cold+0x16/0x16
[  379.266893][ T1056]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  379.272593][ T1056]  ? printk_safe_flush+0xf2/0x140
[  379.277602][ T1056]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  379.283820][ T1056]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[  379.289944][ T1056]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[  379.296074][ T1056]  watchdog+0x9e1/0xef0
[  379.300208][ T1056]  kthread+0x361/0x430
[  379.304251][ T1056]  ? reset_hung_task_detector+0x30/0x30
[  379.309778][ T1056]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  379.316004][ T1056]  ret_from_fork+0x24/0x30
[  379.321789][ T1056] Kernel Offset: disabled
[  379.326115][ T1056] Rebooting in 86400 seconds..