[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   60.959282][   T26] audit: type=1800 audit(1569630565.145:25): pid=8621 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   61.004063][   T26] audit: type=1800 audit(1569630565.145:26): pid=8621 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   61.043517][   T26] audit: type=1800 audit(1569630565.155:27): pid=8621 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.85' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [  360.957435][ T8778] block nbd0: shutting down sockets
[  507.044196][ T1066] INFO: task syz-executor390:8778 can't die for more than 143 seconds.
[  507.052745][ T1066] syz-executor390 D27432  8778   8777 0x00004004
[  507.059443][ T1066] Call Trace:
[  507.062834][ T1066]  __schedule+0x828/0x1c20
[  507.067419][ T1066]  ? __sched_text_start+0x8/0x8
[  507.072287][ T1066]  ? __kasan_check_read+0x11/0x20
[  507.077410][ T1066]  ? __lock_acquire+0x16f2/0x4a00
[  507.082442][ T1066]  schedule+0xd9/0x260
[  507.086586][ T1066]  schedule_timeout+0x717/0xc50
[  507.091452][ T1066]  ? find_held_lock+0x35/0x130
[  507.096367][ T1066]  ? usleep_range+0x170/0x170
[  507.101186][ T1066]  ? lock_downgrade+0x920/0x920
[  507.106224][ T1066]  ? _raw_spin_unlock_irq+0x28/0x90
[  507.111470][ T1066]  ? wait_for_completion+0x294/0x440
[  507.116863][ T1066]  ? _raw_spin_unlock_irq+0x28/0x90
[  507.122082][ T1066]  ? lockdep_hardirqs_on+0x421/0x5e0
[  507.127476][ T1066]  ? trace_hardirqs_on+0x67/0x240
[  507.132697][ T1066]  ? __kasan_check_read+0x11/0x20
[  507.137833][ T1066]  wait_for_completion+0x29c/0x440
[  507.142978][ T1066]  ? wait_for_completion_interruptible+0x470/0x470
[  507.149624][ T1066]  ? wake_up_q+0xf0/0xf0
[  507.154003][ T1066]  ? flush_workqueue_prep_pwqs+0x352/0x590
[  507.159852][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.166202][ T1066]  flush_workqueue+0x40f/0x14c0
[  507.171372][ T1066]  ? __dev_printk+0x202/0x20e
[  507.176209][ T1066]  ? _dev_warn+0xd7/0x109
[  507.180575][ T1066]  ? pwq_unbound_release_workfn+0x2f0/0x2f0
[  507.186625][ T1066]  ? sock_shutdown+0x194/0x200
[  507.191404][ T1066]  ? sock_shutdown+0x83/0x200
[  507.196208][ T1066]  nbd_ioctl+0xb2e/0xc44
[  507.200471][ T1066]  ? nbd_ioctl+0xb2e/0xc44
[  507.204969][ T1066]  ? nbd_release+0x150/0x150
[  507.209565][ T1066]  ? finish_wait+0x260/0x260
[  507.214264][ T1066]  ? nbd_release+0x150/0x150
[  507.218881][ T1066]  blkdev_ioctl+0xedb/0x1c20
[  507.223454][ T1066]  ? blkpg_ioctl+0xa90/0xa90
[  507.228125][ T1066]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  507.234030][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.240298][ T1066]  block_ioctl+0xee/0x130
[  507.244736][ T1066]  ? blkdev_fallocate+0x410/0x410
[  507.249843][ T1066]  do_vfs_ioctl+0xdb6/0x13e0
[  507.254556][ T1066]  ? compat_ioctl_preallocate+0x210/0x210
[  507.260294][ T1066]  ? kmem_cache_free+0x26b/0x320
[  507.265346][ T1066]  ? putname+0xf4/0x130
[  507.269504][ T1066]  ? do_sys_open+0x31d/0x5d0
[  507.274286][ T1066]  ? tomoyo_file_ioctl+0x23/0x30
[  507.279249][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.285584][ T1066]  ? security_file_ioctl+0x8d/0xc0
[  507.290710][ T1066]  ksys_ioctl+0xab/0xd0
[  507.294968][ T1066]  __x64_sys_ioctl+0x73/0xb0
[  507.299592][ T1066]  do_syscall_64+0xfa/0x760
[  507.304189][ T1066]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  507.310282][ T1066] RIP: 0033:0x4452d9
[  507.314331][ T1066] Code: Bad RIP value.
[  507.318407][ T1066] RSP: 002b:00007ffde928d288 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  507.326937][ T1066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004452d9
[  507.334986][ T1066] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000004
[  507.342949][ T1066] RBP: 0000000000000000 R08: 00000000004025b0 R09: 00000000004025b0
[  507.351010][ T1066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402520
[  507.359145][ T1066] R13: 00000000004025b0 R14: 0000000000000000 R15: 0000000000000000
[  507.367375][ T1066] INFO: task syz-executor390:8778 blocked for more than 143 seconds.
[  507.375515][ T1066]       Not tainted 5.3.0-next-20190926 #0
[  507.381306][ T1066] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  507.390030][ T1066] syz-executor390 D27432  8778   8777 0x00004004
[  507.396424][ T1066] Call Trace:
[  507.399708][ T1066]  __schedule+0x828/0x1c20
[  507.404191][ T1066]  ? __sched_text_start+0x8/0x8
[  507.409058][ T1066]  ? __kasan_check_read+0x11/0x20
[  507.414280][ T1066]  ? __lock_acquire+0x16f2/0x4a00
[  507.419358][ T1066]  schedule+0xd9/0x260
[  507.423455][ T1066]  schedule_timeout+0x717/0xc50
[  507.428431][ T1066]  ? find_held_lock+0x35/0x130
[  507.433242][ T1066]  ? usleep_range+0x170/0x170
[  507.438180][ T1066]  ? lock_downgrade+0x920/0x920
[  507.443126][ T1066]  ? _raw_spin_unlock_irq+0x28/0x90
[  507.448467][ T1066]  ? wait_for_completion+0x294/0x440
[  507.453773][ T1066]  ? _raw_spin_unlock_irq+0x28/0x90
[  507.459106][ T1066]  ? lockdep_hardirqs_on+0x421/0x5e0
[  507.464470][ T1066]  ? trace_hardirqs_on+0x67/0x240
[  507.470277][ T1066]  ? __kasan_check_read+0x11/0x20
[  507.475383][ T1066]  wait_for_completion+0x29c/0x440
[  507.480636][ T1066]  ? wait_for_completion_interruptible+0x470/0x470
[  507.487215][ T1066]  ? wake_up_q+0xf0/0xf0
[  507.491467][ T1066]  ? flush_workqueue_prep_pwqs+0x352/0x590
[  507.497380][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.504461][ T1066]  flush_workqueue+0x40f/0x14c0
[  507.509300][ T1066]  ? __dev_printk+0x202/0x20e
[  507.514042][ T1066]  ? _dev_warn+0xd7/0x109
[  507.518486][ T1066]  ? pwq_unbound_release_workfn+0x2f0/0x2f0
[  507.524539][ T1066]  ? sock_shutdown+0x194/0x200
[  507.529300][ T1066]  ? sock_shutdown+0x83/0x200
[  507.534073][ T1066]  nbd_ioctl+0xb2e/0xc44
[  507.538315][ T1066]  ? nbd_ioctl+0xb2e/0xc44
[  507.542731][ T1066]  ? nbd_release+0x150/0x150
[  507.547579][ T1066]  ? finish_wait+0x260/0x260
[  507.552169][ T1066]  ? nbd_release+0x150/0x150
[  507.556860][ T1066]  blkdev_ioctl+0xedb/0x1c20
[  507.561447][ T1066]  ? blkpg_ioctl+0xa90/0xa90
[  507.566287][ T1066]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  507.572103][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.578426][ T1066]  block_ioctl+0xee/0x130
[  507.582769][ T1066]  ? blkdev_fallocate+0x410/0x410
[  507.587873][ T1066]  do_vfs_ioctl+0xdb6/0x13e0
[  507.592484][ T1066]  ? compat_ioctl_preallocate+0x210/0x210
[  507.598287][ T1066]  ? kmem_cache_free+0x26b/0x320
[  507.603227][ T1066]  ? putname+0xf4/0x130
[  507.607483][ T1066]  ? do_sys_open+0x31d/0x5d0
[  507.612075][ T1066]  ? tomoyo_file_ioctl+0x23/0x30
[  507.617175][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.623504][ T1066]  ? security_file_ioctl+0x8d/0xc0
[  507.628699][ T1066]  ksys_ioctl+0xab/0xd0
[  507.632880][ T1066]  __x64_sys_ioctl+0x73/0xb0
[  507.638262][ T1066]  do_syscall_64+0xfa/0x760
[  507.642792][ T1066]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  507.648737][ T1066] RIP: 0033:0x4452d9
[  507.652660][ T1066] Code: Bad RIP value.
[  507.656966][ T1066] RSP: 002b:00007ffde928d288 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  507.669322][ T1066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004452d9
[  507.678387][ T1066] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000004
[  507.686417][ T1066] RBP: 0000000000000000 R08: 00000000004025b0 R09: 00000000004025b0
[  507.694472][ T1066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402520
[  507.702448][ T1066] R13: 00000000004025b0 R14: 0000000000000000 R15: 0000000000000000
[  507.710604][ T1066] 
[  507.710604][ T1066] Showing all locks held in the system:
[  507.718401][ T1066] 1 lock held by khungtaskd/1066:
[  507.723403][ T1066]  #0: ffffffff88faad80 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[  507.732781][ T1066] 2 locks held by kworker/u5:0/1525:
[  507.738145][ T1066]  #0: ffff8880923d0d28 ((wq_completion)knbd0-recv){+.+.}, at: process_one_work+0x88b/0x1740
[  507.748423][ T1066]  #1: ffff8880a63b7dc0 ((work_completion)(&args->work)){+.+.}, at: process_one_work+0x8c1/0x1740
[  507.759197][ T1066] 1 lock held by rsyslogd/8659:
[  507.764304][ T1066] 2 locks held by getty/8749:
[  507.768980][ T1066]  #0: ffff888098c08090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.778072][ T1066]  #1: ffffc90005f112e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.787868][ T1066] 2 locks held by getty/8750:
[  507.792526][ T1066]  #0: ffff88808f10b090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.801653][ T1066]  #1: ffffc90005f2d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.811272][ T1066] 2 locks held by getty/8751:
[  507.816019][ T1066]  #0: ffff88809a6be090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.825158][ T1066]  #1: ffffc90005f192e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.834892][ T1066] 2 locks held by getty/8752:
[  507.839652][ T1066]  #0: ffff8880a48af090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.848679][ T1066]  #1: ffffc90005f352e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.858319][ T1066] 2 locks held by getty/8753:
[  507.862974][ T1066]  #0: ffff88808c599090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.871970][ T1066]  #1: ffffc90005f212e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.881620][ T1066] 2 locks held by getty/8754:
[  507.886554][ T1066]  #0: ffff88808f1a8090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.896130][ T1066]  #1: ffffc90005f392e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.906080][ T1066] 2 locks held by getty/8755:
[  507.910760][ T1066]  #0: ffff88809ab33090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  507.920003][ T1066]  #1: ffffc90005f012e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[  507.929947][ T1066] 
[  507.932277][ T1066] =============================================
[  507.932277][ T1066] 
[  507.941057][ T1066] NMI backtrace for cpu 1
[  507.945533][ T1066] CPU: 1 PID: 1066 Comm: khungtaskd Not tainted 5.3.0-next-20190926 #0
[  507.953757][ T1066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  507.963956][ T1066] Call Trace:
[  507.967307][ T1066]  dump_stack+0x172/0x1f0
[  507.971637][ T1066]  nmi_cpu_backtrace.cold+0x70/0xb2
[  507.976997][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  507.983232][ T1066]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[  507.988845][ T1066]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  507.996024][ T1066]  arch_trigger_cpumask_backtrace+0x14/0x20
[  508.001897][ T1066]  watchdog+0xc99/0x1360
[  508.006152][ T1066]  kthread+0x361/0x430
[  508.010317][ T1066]  ? reset_hung_task_detector+0x30/0x30
[  508.016136][ T1066]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  508.022558][ T1066]  ret_from_fork+0x24/0x30
[  508.027130][ T1066] Sending NMI from CPU 1 to CPUs 0:
[  508.032413][    C0] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0xe/0x10
[  508.033341][ T1066] Kernel panic - not syncing: hung_task: blocked tasks
[  508.048535][ T1066] CPU: 1 PID: 1066 Comm: khungtaskd Not tainted 5.3.0-next-20190926 #0
[  508.057098][ T1066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  508.067142][ T1066] Call Trace:
[  508.070434][ T1066]  dump_stack+0x172/0x1f0
[  508.074746][ T1066]  panic+0x2dc/0x755
[  508.078634][ T1066]  ? add_taint.cold+0x16/0x16
[  508.083293][ T1066]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  508.088990][ T1066]  ? printk_safe_flush+0xf2/0x140
[  508.093992][ T1066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  508.100301][ T1066]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[  508.106519][ T1066]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[  508.112653][ T1066]  watchdog+0xcaa/0x1360
[  508.116882][ T1066]  kthread+0x361/0x430
[  508.120937][ T1066]  ? reset_hung_task_detector+0x30/0x30
[  508.126637][ T1066]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  508.132884][ T1066]  ret_from_fork+0x24/0x30
[  508.139233][ T1066] Kernel Offset: disabled
[  508.143573][ T1066] Rebooting in 86400 seconds..