[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 43.423737][ T26] audit: type=1800 audit(1563595366.786:25): pid=7916 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 43.444754][ T26] audit: type=1800 audit(1563595366.796:26): pid=7916 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.464847][ T26] audit: type=1800 audit(1563595366.796:27): pid=7916 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.203' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 70.548680][ T8067] IPVS: ftp: loaded support on port[0] = 21 [ 70.731208][ T8070] ------------[ cut here ]------------ [ 70.737476][ T8070] WARNING: CPU: 0 PID: 8070 at kernel/sched/deadline.c:627 enqueue_task_dl+0x20e1/0x22b0 [ 70.747362][ T8070] Kernel panic - not syncing: panic_on_warn set ... [ 70.754055][ T8070] CPU: 0 PID: 8070 Comm: syz-executor388 Not tainted 5.2.0+ #35 [ 70.761660][ T8070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.771780][ T8070] Call Trace: [ 70.781506][ T8070] dump_stack+0x1d8/0x2f8 [ 70.785833][ T8070] panic+0x29b/0x7d9 [ 70.789725][ T8070] ? trace_hardirqs_off+0x74/0x80 [ 70.795099][ T8070] ? __warn+0x126/0x230 [ 70.799332][ T8070] ? nmi_panic+0x97/0x97 [ 70.803682][ T8070] ? __probe_kernel_read+0x14b/0x1a0 [ 70.808953][ T8070] ? enqueue_task_dl+0x20e1/0x22b0 [ 70.814470][ T8070] ? is_valid_bugaddr+0x81/0x100 [ 70.819509][ T8070] __warn+0x22f/0x230 [ 70.823489][ T8070] ? enqueue_task_dl+0x20e1/0x22b0 [ 70.828597][ T8070] report_bug+0x190/0x290 [ 70.833131][ T8070] ? enqueue_task_dl+0x20e1/0x22b0 [ 70.838362][ T8070] do_error_trap+0xd7/0x440 [ 70.843105][ T8070] do_invalid_op+0x36/0x40 [ 70.847720][ T8070] ? enqueue_task_dl+0x20e1/0x22b0 [ 70.852832][ T8070] invalid_op+0x14/0x20 [ 70.857005][ T8070] RIP: 0010:enqueue_task_dl+0x20e1/0x22b0 [ 70.862699][ T8070] Code: be 00 00 00 00 00 fc ff df f6 03 02 0f 84 d6 e7 ff ff 48 c7 c7 e5 90 7a 88 31 c0 e8 fc 1e 07 00 48 be 00 00 00 00 00 fc ff df <0f> 0b e9 b7 e7 ff ff 48 c7 c1 60 03 fe 88 80 e1 07 80 c1 03 38 c1 [ 70.882410][ T8070] RSP: 0018:ffff88808c9d7bc0 EFLAGS: 00010046 [ 70.888462][ T8070] RAX: 0000000000000024 RBX: ffff88809fefc60c RCX: 56d2332b4b4c3500 [ 70.896432][ T8070] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000000000 [ 70.904386][ T8070] RBP: ffff88808c9d7c50 R08: ffffffff81604d94 R09: ffffed1015d46068 [ 70.912527][ T8070] R10: ffffed1015d46068 R11: 0000000000000000 R12: ffff88809fefc340 [ 70.920497][ T8070] R13: ffff8880aea35bd0 R14: ffff8880aea35b18 R15: ffff88809fefc37c [ 70.928636][ T8070] ? vprintk_emit+0x2d4/0x3a0 [ 70.933680][ T8070] __sched_setscheduler+0x155e/0x1c70 [ 70.939153][ T8070] ? sched_setattr+0x20/0x20 [ 70.943746][ T8070] ? check_preemption_disabled+0x47/0x2a0 [ 70.949453][ T8070] __se_sys_sched_setattr+0x3eb/0x520 [ 70.954807][ T8070] ? __x64_sys_sched_setattr+0x80/0x80 [ 70.960262][ T8070] ? prepare_exit_to_usermode+0x1f7/0x580 [ 70.965959][ T8070] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 70.971655][ T8070] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 70.977088][ T8070] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 70.982792][ T8070] ? do_syscall_64+0x1d/0x140 [ 70.987445][ T8070] __x64_sys_sched_setattr+0x76/0x80 [ 70.992886][ T8070] do_syscall_64+0xfe/0x140 [ 70.997371][ T8070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.003325][ T8070] RIP: 0033:0x446809 [ 71.007198][ T8070] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 71.026796][ T8070] RSP: 002b:00007f157cc16db8 EFLAGS: 00000246 ORIG_RAX: 000000000000013a [ 71.035543][ T8070] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446809 [ 71.044273][ T8070] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000 [ 71.052484][ T8070] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000 [ 71.060535][ T8070] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c [ 71.068509][ T8070] R13: 00007fff5192261f R14: 00007f157cc179c0 R15: 0000000000000001 [ 71.076495][ T8070] [ 71.076499][ T8070] ====================================================== [ 71.076501][ T8070] WARNING: possible circular locking dependency detected [ 71.076503][ T8070] 5.2.0+ #35 Not tainted [ 71.076506][ T8070] ------------------------------------------------------ [ 71.076509][ T8070] syz-executor388/8070 is trying to acquire lock: [ 71.076511][ T8070] 00000000108fba14 ((console_sem).lock){-.-.}, at: down_trylock+0x1f/0xa0 [ 71.076518][ T8070] [ 71.076520][ T8070] but task is already holding lock: [ 71.076521][ T8070] 00000000083820fb (&rq->lock){-.-.}, at: task_rq_lock+0x1d3/0x2a0 [ 71.076528][ T8070] [ 71.076531][ T8070] which lock already depends on the new lock. [ 71.076532][ T8070] [ 71.076533][ T8070] [ 71.076536][ T8070] the existing dependency chain (in reverse order) is: [ 71.076537][ T8070] [ 71.076538][ T8070] -> #2 (&rq->lock){-.-.}: [ 71.076545][ T8070] _raw_spin_lock+0x2d/0x40 [ 71.076547][ T8070] task_fork_fair+0x55/0x440 [ 71.076549][ T8070] sched_fork+0x556/0xcf0 [ 71.076550][ T8070] copy_process+0x179e/0x5bc0 [ 71.076552][ T8070] _do_fork+0x179/0x630 [ 71.076554][ T8070] kernel_thread+0x149/0x1b0 [ 71.076556][ T8070] rest_init+0x24/0x2b0 [ 71.076558][ T8070] arch_call_rest_init+0xe/0x10 [ 71.076560][ T8070] start_kernel+0x751/0x871 [ 71.076562][ T8070] x86_64_start_reservations+0x18/0x2e [ 71.076564][ T8070] x86_64_start_kernel+0x7a/0x7d [ 71.076566][ T8070] secondary_startup_64+0xa4/0xb0 [ 71.076567][ T8070] [ 71.076568][ T8070] -> #1 (&p->pi_lock){-.-.}: [ 71.076575][ T8070] _raw_spin_lock_irqsave+0xa1/0xc0 [ 71.076577][ T8070] try_to_wake_up+0xba/0xf50 [ 71.076579][ T8070] wake_up_process+0x10/0x20 [ 71.076580][ T8070] __up+0x12c/0x150 [ 71.076582][ T8070] up+0x70/0x90 [ 71.076584][ T8070] __up_console_sem+0xac/0x170 [ 71.076586][ T8070] console_unlock+0xcd4/0xf70 [ 71.076588][ T8070] vprintk_emit+0x239/0x3a0 [ 71.076590][ T8070] vprintk_default+0x28/0x30 [ 71.076591][ T8070] vprintk_func+0x158/0x170 [ 71.076593][ T8070] printk+0xc4/0x11d [ 71.076595][ T8070] do_exit+0x1945/0x2310 [ 71.076597][ T8070] do_group_exit+0x15c/0x2b0 [ 71.076599][ T8070] __do_sys_exit_group+0x17/0x20 [ 71.076601][ T8070] __se_sys_exit_group+0x14/0x20 [ 71.076603][ T8070] __x64_sys_exit_group+0x3b/0x40 [ 71.076605][ T8070] do_syscall_64+0xfe/0x140 [ 71.076607][ T8070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.076608][ T8070] [ 71.076609][ T8070] -> #0 ((console_sem).lock){-.-.}: [ 71.076616][ T8070] __lock_acquire+0x2531/0x4750 [ 71.076618][ T8070] lock_acquire+0x158/0x250 [ 71.076620][ T8070] _raw_spin_lock_irqsave+0xa1/0xc0 [ 71.076622][ T8070] down_trylock+0x1f/0xa0 [ 71.076624][ T8070] __down_trylock_console_sem+0x9c/0x1b0 [ 71.076626][ T8070] console_trylock_spinning+0x1c/0x390 [ 71.076628][ T8070] vprintk_emit+0x21c/0x3a0 [ 71.076630][ T8070] vprintk_default+0x28/0x30 [ 71.076631][ T8070] vprintk_func+0x158/0x170 [ 71.076633][ T8070] printk+0xc4/0x11d [ 71.076635][ T8070] enqueue_task_dl+0x20d7/0x22b0 [ 71.076637][ T8070] __sched_setscheduler+0x155e/0x1c70 [ 71.076639][ T8070] __se_sys_sched_setattr+0x3eb/0x520 [ 71.076641][ T8070] __x64_sys_sched_setattr+0x76/0x80 [ 71.076643][ T8070] do_syscall_64+0xfe/0x140 [ 71.076645][ T8070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.076646][ T8070] [ 71.076649][ T8070] other info that might help us debug this: [ 71.076650][ T8070] [ 71.076651][ T8070] Chain exists of: [ 71.076652][ T8070] (console_sem).lock --> &p->pi_lock --> &rq->lock [ 71.076661][ T8070] [ 71.076663][ T8070] Possible unsafe locking scenario: [ 71.076664][ T8070] [ 71.076666][ T8070] CPU0 CPU1 [ 71.076668][ T8070] ---- ---- [ 71.076669][ T8070] lock(&rq->lock); [ 71.076674][ T8070] lock(&p->pi_lock); [ 71.076679][ T8070] lock(&rq->lock); [ 71.076682][ T8070] lock((console_sem).lock); [ 71.076686][ T8070] [ 71.076688][ T8070] *** DEADLOCK *** [ 71.076689][ T8070] [ 71.076692][ T8070] 2 locks held by syz-executor388/8070: [ 71.076693][ T8070] #0: 000000009be2cbbb (&p->pi_lock){-.-.}, at: task_rq_lock+0x178/0x2a0 [ 71.076701][ T8070] #1: 00000000083820fb (&rq->lock){-.-.}, at: task_rq_lock+0x1d3/0x2a0 [ 71.076709][ T8070] [ 71.076715][ T8070] stack backtrace: [ 71.076717][ T8070] CPU: 0 PID: 8070 Comm: syz-executor388 Not tainted 5.2.0+ #35 [ 71.076720][ T8070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.076722][ T8070] Call Trace: [ 71.076723][ T8070] dump_stack+0x1d8/0x2f8 [ 71.076725][ T8070] print_circular_bug+0xd64/0xf50 [ 71.076727][ T8070] ? check_path+0x5b0/0x5b0 [ 71.076729][ T8070] ? stack_trace_save+0x111/0x1e0 [ 71.076731][ T8070] ? __lock_acquire+0x4750/0x4750 [ 71.076733][ T8070] ? stack_trace_snprint+0x150/0x150 [ 71.076735][ T8070] check_noncircular+0x30d/0x560 [ 71.076736][ T8070] ? check_prevs_add+0x5950/0x5950 [ 71.076738][ T8070] ? arch_stack_walk+0x98/0xe0 [ 71.076740][ T8070] check_prevs_add+0x560/0x5950 [ 71.076742][ T8070] ? match_held_lock+0x270/0x270 [ 71.076744][ T8070] ? match_held_lock+0x270/0x270 [ 71.076745][ T8070] ? __lock_acquire+0xd9a/0x4750 [ 71.076747][ T8070] ? __bfs+0x5a0/0x5a0 [ 71.076749][ T8070] ? trace_lock_acquire+0x1d0/0x1d0 [ 71.076751][ T8070] ? rcu_lock_release+0x4/0x20 [ 71.076753][ T8070] ? __lock_acquire+0x4750/0x4750 [ 71.076755][ T8070] ? finish_lock_switch+0x31/0x40 [ 71.076756][ T8070] ? __kasan_check_read+0x11/0x20 [ 71.076758][ T8070] ? mark_lock+0x152/0x1850 [ 71.076760][ T8070] ? _raw_spin_unlock_irq+0x27/0x80 [ 71.076762][ T8070] ? __bfs+0x5a0/0x5a0 [ 71.076764][ T8070] ? __kasan_check_write+0x14/0x20 [ 71.076765][ T8070] ? graph_lock+0x9a/0x280 [ 71.076767][ T8070] ? lockdep_register_key+0x410/0x410 [ 71.076769][ T8070] __lock_acquire+0x2531/0x4750 [ 71.076771][ T8070] ? __kasan_check_write+0x14/0x20 [ 71.076773][ T8070] ? __kasan_check_read+0x11/0x20 [ 71.076775][ T8070] ? trace_lock_acquire+0x1d0/0x1d0 [ 71.076776][ T8070] ? trace_lock_acquire+0x1d0/0x1d0 [ 71.076778][ T8070] ? format_decode+0x454/0x1b20 [ 71.076780][ T8070] ? vsnprintf+0x1f3/0x1c50 [ 71.076782][ T8070] ? trace_lock_acquire+0x159/0x1d0 [ 71.076784][ T8070] lock_acquire+0x158/0x250 [ 71.076785][ T8070] ? down_trylock+0x1f/0xa0 [ 71.076787][ T8070] _raw_spin_lock_irqsave+0xa1/0xc0 [ 71.076789][ T8070] ? down_trylock+0x1f/0xa0 [ 71.076791][ T8070] ? vprintk_emit+0x21c/0x3a0 [ 71.076792][ T8070] down_trylock+0x1f/0xa0 [ 71.076794][ T8070] ? vprintk_emit+0x21c/0x3a0 [ 71.076796][ T8070] __down_trylock_console_sem+0x9c/0x1b0 [ 71.076798][ T8070] ? vprintk_emit+0x21c/0x3a0 [ 71.076800][ T8070] console_trylock_spinning+0x1c/0x390 [ 71.076801][ T8070] vprintk_emit+0x21c/0x3a0 [ 71.076803][ T8070] vprintk_default+0x28/0x30 [ 71.076805][ T8070] vprintk_func+0x158/0x170 [ 71.076806][ T8070] printk+0xc4/0x11d [ 71.076809][ T8070] ? check_preemption_disabled+0x3a/0x2a0 [ 71.076811][ T8070] ? log_buf_vmcoreinfo_setup+0x153/0x153 [ 71.076813][ T8070] enqueue_task_dl+0x20d7/0x22b0 [ 71.076814][ T8070] __sched_setscheduler+0x155e/0x1c70 [ 71.076816][ T8070] ? sched_setattr+0x20/0x20 [ 71.076818][ T8070] ? check_preemption_disabled+0x47/0x2a0 [ 71.076820][ T8070] __se_sys_sched_setattr+0x3eb/0x520 [ 71.076822][ T8070] ? __x64_sys_sched_setattr+0x80/0x80 [ 71.076824][ T8070] ? prepare_exit_to_usermode+0x1f7/0x580 [ 71.076826][ T8070] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 71.076828][ T8070] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 71.076830][ T8070] ? trace_irq_disable_rcuidle+0x23/0x1e0 [ 71.076832][ T8070] ? do_syscall_64+0x1d/0x140 [ 71.076834][ T8070] __x64_sys_sched_setattr+0x76/0x80 [ 71.076836][ T8070] do_syscall_64+0xfe/0x140 [ 71.076838][ T8070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 71.076839][ T8070] RIP: 0033:0x446809 [ 71.076845][ T8070] Code: e8 bc b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 71.076847][ T8070] RSP: 002b:00007f157cc16db8 EFLAGS: 00000246 ORIG_RAX: 000000000000013a [ 71.076853][ T8070] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000446809 [ 71.076855][ T8070] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000 [ 71.076858][ T8070] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000 [ 71.076861][ T8070] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c [ 71.076863][ T8070] R13: 00007fff5192261f R14: 00007f157cc179c0 R15: 0000000000000001 [ 72.176941][ T8070] Shutting down cpus with NMI [ 73.042786][ T8070] Kernel Offset: disabled [ 73.047114][ T8070] Rebooting in 86400 seconds..