Warning: Permanently added '10.128.1.4' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 760.369812] audit: type=1400 audit(1595328646.933:8): avc: denied { execmem } for pid=6341 comm="syz-executor043" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 1001.393525] INFO: task syz-executor043:6342 blocked for more than 140 seconds. [ 1001.401024] Not tainted 4.14.184-syzkaller #0 [ 1001.406886] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.414919] syz-executor043 D28672 6342 6335 0x00000004 [ 1001.420642] Call Trace: [ 1001.423371] __schedule+0x8a6/0x1d70 [ 1001.427159] ? rwsem_down_read_failed+0x1c3/0x380 [ 1001.431994] ? firmware_map_remove+0x18f/0x18f [ 1001.436960] ? mark_held_locks+0xa6/0xf0 [ 1001.441033] ? _raw_spin_unlock_irq+0x24/0x90 [ 1001.445583] ? rwsem_down_read_failed+0x1fc/0x380 [ 1001.450434] schedule+0x8d/0x1b0 [ 1001.453901] rwsem_down_read_failed+0x1fc/0x380 [ 1001.458578] ? rt_mutex_futex_unlock+0xb0/0xb0 [ 1001.463149] call_rwsem_down_read_failed+0x14/0x30 [ 1001.468175] down_read+0x45/0xa0 [ 1001.471631] ? __get_super.part.0+0x1c6/0x280 [ 1001.476206] __get_super.part.0+0x1c6/0x280 [ 1001.480536] get_super+0x2b/0x50 [ 1001.484025] fsync_bdev+0x14/0xd0 [ 1001.487575] invalidate_partition+0x31/0x60 [ 1001.491897] rescan_partitions+0xe1/0x860 [ 1001.496119] __blkdev_reread_part+0x140/0x1d0 [ 1001.500632] blkdev_reread_part+0x23/0x40 [ 1001.504919] loop_reread_partitions+0x72/0x80 [ 1001.509493] loop_set_status+0xbfd/0x11f0 [ 1001.513715] loop_set_status64+0x92/0xe0 [ 1001.517852] ? loop_set_status_old+0x2c0/0x2c0 [ 1001.522454] ? lo_ioctl+0x87/0x1c00 [ 1001.526233] ? wait_for_completion_io+0x10/0x10 [ 1001.530974] lo_ioctl+0x587/0x1c00 [ 1001.534624] ? loop_clr_fd+0xac0/0xac0 [ 1001.538599] blkdev_ioctl+0x91d/0x17c0 [ 1001.542730] ? blkpg_ioctl+0x8d0/0x8d0 [ 1001.546744] ? trace_hardirqs_on+0x10/0x10 [ 1001.551017] block_ioctl+0xd9/0x120 [ 1001.554730] ? blkdev_fallocate+0x3a0/0x3a0 [ 1001.559090] do_vfs_ioctl+0x75a/0xfe0 [ 1001.563015] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 1001.568913] ? ioctl_preallocate+0x1a0/0x1a0 [ 1001.573510] ? security_file_ioctl+0x76/0xb0 [ 1001.577934] ? security_file_ioctl+0x83/0xb0 [ 1001.582338] SyS_ioctl+0x7f/0xb0 [ 1001.585867] ? do_vfs_ioctl+0xfe0/0xfe0 [ 1001.590022] do_syscall_64+0x1d5/0x640 [ 1001.593990] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1001.599201] RIP: 0033:0x445b27 [ 1001.602378] RSP: 002b:00007fd982950b68 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 1001.610180] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000445b27 [ 1001.617568] RDX: 00007fd982950c00 RSI: 0000000000004c04 RDI: 0000000000000004 [ 1001.624933] RBP: 00007fd9829516d0 R08: 0000000000000000 R09: 000000000000000a [ 1001.632225] R10: 0000000000000075 R11: 0000000000000202 R12: 00000000006dac2c [ 1001.639589] R13: 00007ffe324e52cf R14: 0000000000000004 R15: 20c49ba5e353f7cf [ 1001.647154] INFO: task syz-executor043:6346 blocked for more than 140 seconds. [ 1001.654622] Not tainted 4.14.184-syzkaller #0 [ 1001.659657] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.667704] syz-executor043 D29312 6346 6335 0x80000004 [ 1001.673434] Call Trace: [ 1001.676050] __schedule+0x8a6/0x1d70 [ 1001.679762] ? firmware_map_remove+0x18f/0x18f [ 1001.684409] ? lock_downgrade+0x6e0/0x6e0 [ 1001.688590] schedule+0x8d/0x1b0 [ 1001.691954] schedule_preempt_disabled+0xf/0x20 [ 1001.696724] __mutex_lock+0x5f0/0x1430 [ 1001.700632] ? lo_ioctl+0x87/0x1c00 [ 1001.704357] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 1001.709909] ? kasan_kmalloc.part.0+0xa6/0xd0 [ 1001.714493] ? kasan_kmalloc.part.0+0x4f/0xd0 [ 1001.719017] ? kmem_cache_alloc_trace+0x14d/0x3f0 [ 1001.724030] ? isofs_fill_super+0xc6/0x25b0 [ 1001.728375] ? mount_bdev+0x2b3/0x360 [ 1001.732172] ? mount_fs+0x92/0x2a0 [ 1001.735794] ? lo_ioctl+0x87/0x1c00 [ 1001.739432] lo_ioctl+0x87/0x1c00 [ 1001.742978] ? format_decode+0x8c0/0x8c0 [ 1001.747240] ? save_trace+0xd6/0x290 [ 1001.750975] ? loop_clr_fd+0xac0/0xac0 [ 1001.754942] blkdev_ioctl+0x91d/0x17c0 [ 1001.758863] ? blkpg_ioctl+0x8d0/0x8d0 [ 1001.762841] ? filemap_check_errors+0x8d/0xc0 [ 1001.767584] ? filemap_write_and_wait+0x7e/0xa0 [ 1001.772266] ? kill_bdev+0x7c/0xe0 [ 1001.775887] ioctl_by_bdev+0xa0/0x110 [ 1001.779754] ? sb_set_blocksize+0xca/0xf0 [ 1001.783958] isofs_fill_super+0x1cb5/0x25b0 [ 1001.788319] ? set_precision+0x150/0x150 [ 1001.792416] ? vsnprintf+0x25e/0x1350 [ 1001.796299] ? __isofs_iget+0x1dd0/0x1dd0 [ 1001.800486] ? pointer+0xa00/0xa00 [ 1001.804528] ? lock_downgrade+0x6e0/0x6e0 [ 1001.808724] ? snprintf+0xa5/0xd0 [ 1001.812172] ? vsprintf+0x30/0x30 [ 1001.815707] ? ns_test_super+0x50/0x50 [ 1001.819605] ? set_blocksize+0x24b/0x2e0 [ 1001.823716] mount_bdev+0x2b3/0x360 [ 1001.827342] ? __isofs_iget+0x1dd0/0x1dd0 [ 1001.831510] mount_fs+0x92/0x2a0 [ 1001.835009] vfs_kern_mount.part.0+0x5b/0x3c0 [ 1001.839587] do_mount+0x3c9/0x25e0 [ 1001.843126] ? copy_mount_string+0x40/0x40 [ 1001.847556] ? __might_fault+0x177/0x1b0 [ 1001.851708] ? _copy_from_user+0x94/0x100 [ 1001.856022] ? memdup_user+0x54/0xa0 [ 1001.859771] ? copy_mount_options+0x1ec/0x2e0 [ 1001.864402] ? copy_mnt_ns+0x8a0/0x8a0 [ 1001.868309] SyS_mount+0xa8/0x120 [ 1001.871759] ? copy_mnt_ns+0x8a0/0x8a0 [ 1001.875788] do_syscall_64+0x1d5/0x640 [ 1001.879704] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1001.884954] RIP: 0033:0x445c19 [ 1001.888158] RSP: 002b:00007fd98292fdb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1001.895948] RAX: ffffffffffffffda RBX: 00000000006dac38 RCX: 0000000000445c19 [ 1001.903245] RDX: 0000000020000080 RSI: 0000000020000200 RDI: 0000000020000340 [ 1001.910595] RBP: 00000000006dac30 R08: 0000000000000000 R09: 0000000000000000 [ 1001.917959] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac3c [ 1001.925321] R13: 00007ffe324e52cf R14: 00007fd9829309c0 R15: 20c49ba5e353f7cf [ 1001.932634] [ 1001.932634] Showing all locks held in the system: [ 1001.939064] 1 lock held by khungtaskd/1057: [ 1001.943556] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a [ 1001.955327] 3 locks held by syz-executor043/6342: [ 1001.960166] #0: (&lo->lo_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c00 [ 1001.968906] #1: (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 1001.977980] #2: (&type->s_umount_key#57){.+.+}, at: [] __get_super.part.0+0x1c6/0x280 [ 1001.987979] 2 locks held by syz-executor043/6346: [ 1001.992848] #0: (&type->s_umount_key#56/1){+.+.}, at: [] sget_userns+0x556/0xc30 [ 1002.002412] #1: (&lo->lo_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c00 [ 1002.011131] [ 1002.012759] ============================================= [ 1002.012759] [ 1002.019862] NMI backtrace for cpu 0 [ 1002.023601] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.184-syzkaller #0 [ 1002.031053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.040420] Call Trace: [ 1002.043006] dump_stack+0x1b2/0x283 [ 1002.046642] nmi_cpu_backtrace.cold+0x57/0x93 [ 1002.051267] ? irq_force_complete_move.cold+0x7b/0x7b [ 1002.056478] nmi_trigger_cpumask_backtrace+0x13a/0x17f [ 1002.061828] watchdog+0x5e2/0xb80 [ 1002.065285] ? hungtask_pm_notify+0x50/0x50 [ 1002.069605] kthread+0x30d/0x420 [ 1002.072998] ? kthread_create_on_node+0xd0/0xd0 [ 1002.077670] ret_from_fork+0x24/0x30 [ 1002.081527] Sending NMI from CPU 0 to CPUs 1: [ 1002.086772] NMI backtrace for cpu 1 [ 1002.086776] CPU: 1 PID: 8 Comm: rcu_preempt Not tainted 4.14.184-syzkaller #0 [ 1002.086781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.086784] task: ffff8880a9cde200 task.stack: ffff8880a9ce8000 [ 1002.086786] RIP: 0010:__lock_acquire+0x24c/0x42a0 [ 1002.086789] RSP: 0018:ffff8880a9cef8f0 EFLAGS: 00000002 [ 1002.086795] RAX: ffffffff89ea1230 RBX: 0000000000000000 RCX: 0000000000000000 [ 1002.086798] RDX: 1ffff11015da56b4 RSI: 0000000000000000 RDI: ffff8880aed2b5a0 [ 1002.086802] RBP: ffff8880a9cefaa0 R08: 0000000000000001 R09: 0000000000000001 [ 1002.086805] R10: 0000000000000000 R11: ffff8880a9cde200 R12: ffff8880aed2b598 [ 1002.086808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001 [ 1002.086812] FS: 0000000000000000(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000 [ 1002.086815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1002.086818] CR2: 00007fc245dcf000 CR3: 0000000094592000 CR4: 00000000001406e0 [ 1002.086822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1002.086825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1002.086827] Call Trace: [ 1002.086829] ? __lock_acquire+0x655/0x42a0 [ 1002.086832] ? __lock_acquire+0x655/0x42a0 [ 1002.086841] ? trace_hardirqs_on+0x10/0x10 [ 1002.086843] ? trace_hardirqs_on+0x10/0x10 [ 1002.086861] ? check_preemption_disabled+0x35/0x240 [ 1002.086864] ? __switch_to_xtra+0x9f/0x14e0 [ 1002.086867] ? pick_next_entity+0x190/0x3d0 [ 1002.086869] ? speculation_ctrl_update_current+0x40/0x40 [ 1002.086872] lock_acquire+0x170/0x3f0 [ 1002.086874] ? finish_task_switch+0x14d/0x610 [ 1002.086877] finish_task_switch+0x170/0x610 [ 1002.086879] ? finish_task_switch+0x14d/0x610 [ 1002.086882] ? switch_mm_irqs_off+0x2cd/0xec0 [ 1002.086884] __schedule+0x8ae/0x1d70 [ 1002.086886] ? schedule_timeout+0x4d5/0xe50 [ 1002.086889] ? firmware_map_remove+0x18f/0x18f [ 1002.086891] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 1002.086894] schedule+0x8d/0x1b0 [ 1002.086896] schedule_timeout+0x4df/0xe50 [ 1002.086899] ? usleep_range+0x130/0x130 [ 1002.086901] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1002.086904] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1002.086907] ? run_timer_softirq+0x5b0/0x5b0 [ 1002.086909] rcu_gp_kthread+0xb3d/0x1ce0 [ 1002.086912] ? force_qs_rnp+0x4f0/0x4f0 [ 1002.086914] ? force_qs_rnp+0x4f0/0x4f0 [ 1002.086916] kthread+0x30d/0x420 [ 1002.086919] ? kthread_create_on_node+0xd0/0xd0 [ 1002.086921] ret_from_fork+0x24/0x30 [ 1002.086923] Code: 4b 8d 7c ec 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ba 2b 00 00 4b 8b 44 ec 08 48 85 c0 0f 84 15 ff ff ff f0 ff 80 38 01 00 00 <49> 8d b3 80 08 00 00 48 ba 00 00 00 00 00 fc ff df 48 89 b4 24 [ 1002.087236] Kernel panic - not syncing: hung_task: blocked tasks [ 1002.349364] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.184-syzkaller #0 [ 1002.356797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.366157] Call Trace: [ 1002.368734] dump_stack+0x1b2/0x283 [ 1002.372361] panic+0x1f9/0x42d [ 1002.375534] ? add_taint.cold+0x16/0x16 [ 1002.379491] ? irq_force_complete_move.cold+0x7b/0x7b [ 1002.384676] watchdog+0x5f3/0xb80 [ 1002.388119] ? hungtask_pm_notify+0x50/0x50 [ 1002.392424] kthread+0x30d/0x420 [ 1002.395773] ? kthread_create_on_node+0xd0/0xd0 [ 1002.400548] ret_from_fork+0x24/0x30 [ 1002.405630] Kernel Offset: disabled [ 1002.409252] Rebooting in 86400 seconds..