[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?2[   30.888897] kauditd_printk_skb: 9 callbacks suppressed
5l[?1c7[1G[[[   30.888909] audit: type=1800 audit(1541599583.304:33): pid=5649 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
32m ok [39;49m[   30.917717] audit: type=1800 audit(1541599583.304:34): pid=5649 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0
8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   35.881203] audit: type=1400 audit(1541599588.294:35): avc:  denied  { map } for  pid=5824 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.68' (ECDSA) to the list of known hosts.
executing program
[  292.134865] audit: type=1400 audit(1541599844.544:36): avc:  denied  { map } for  pid=5838 comm="syz-executor611" path="/root/syz-executor611813425" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  436.445611] INFO: task syz-executor611:5839 blocked for more than 140 seconds.
[  436.453083]       Not tainted 4.20.0-rc1+ #102
[  436.457712] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  436.465705] syz-executor611 D24216  5839   5838 0x00000004
[  436.471331] Call Trace:
[  436.473975]  __schedule+0x8cf/0x21d0
[  436.477779]  ? __sched_text_start+0x8/0x8
[  436.481958]  ? perf_trace_sched_process_exec+0x860/0x860
[  436.487557]  ? zap_class+0x640/0x640
[  436.491270]  ? zap_class+0x640/0x640
[  436.494970]  ? zap_class+0x640/0x640
[  436.498733]  schedule+0xfe/0x460
[  436.502095]  ? __schedule+0x21d0/0x21d0
[  436.506107]  ? find_held_lock+0x36/0x1c0
[  436.510163]  ? mark_held_locks+0xc7/0x130
[  436.514333]  schedule_timeout+0x1cc/0x260
[  436.518536]  ? usleep_range+0x1a0/0x1a0
[  436.522505]  ? wait_for_completion+0x41f/0x8a0
[  436.527167]  ? trace_hardirqs_off_caller+0x310/0x310
[  436.532279]  wait_for_completion+0x427/0x8a0
[  436.536730]  ? wait_for_completion_interruptible+0x840/0x840
[  436.542528]  ? wake_up_q+0x100/0x100
[  436.546305]  ? lock_release+0xa00/0xa00
[  436.550308]  ? __init_waitqueue_head+0x9e/0x150
[  436.555041]  ? init_wait_entry+0x1c0/0x1c0
[  436.559372]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  436.565061]  flush_workqueue+0x742/0x1e10
[  436.569302]  ? print_usage_bug+0xc0/0xc0
[  436.573362]  ? cancel_delayed_work+0x3e0/0x3e0
[  436.578041]  ? is_bpf_text_address+0xac/0x170
[  436.582547]  ? lock_downgrade+0x900/0x900
[  436.586774]  ? check_preemption_disabled+0x48/0x280
[  436.591815]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  436.596906]  ? __lock_acquire+0x62f/0x4c20
[  436.601247]  ? rcu_softirq_qs+0x20/0x20
[  436.605263]  ? unwind_dump+0x190/0x190
[  436.609307]  ? zap_class+0x640/0x640
[  436.613033]  ? mark_held_locks+0x130/0x130
[  436.617313]  ? __kernel_text_address+0xd/0x40
[  436.621909]  ? lock_acquire+0x1ed/0x520
[  436.626009]  ? vim2m_release+0xbc/0x150
[  436.629994]  ? lock_release+0xa00/0xa00
[  436.633961]  ? perf_trace_sched_process_exec+0x860/0x860
[  436.639489]  ? v4l2_ctrl_handler_free.part.12+0x742/0xb80
[  436.645039]  ? lock_downgrade+0x900/0x900
[  436.649271]  ? kfree+0xcf/0x230
[  436.652553]  ? __mutex_lock+0x85e/0x16f0
[  436.656706]  ? zap_class+0x640/0x640
[  436.660429]  vim2m_stop_streaming+0x7c/0x2c0
[  436.664826]  ? vim2m_stop_streaming+0x7c/0x2c0
[  436.669459]  ? mark_held_locks+0xc7/0x130
[  436.673604]  ? vim2m_buf_queue+0xa0/0xa0
[  436.677756]  __vb2_queue_cancel+0x171/0xd20
[  436.682080]  ? trace_hardirqs_on+0xbd/0x310
[  436.686445]  ? kasan_check_read+0x11/0x20
[  436.690639]  ? vb2_buffer_done+0xb90/0xb90
[  436.695026]  ? kasan_check_read+0x11/0x20
[  436.699234]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  436.704333]  ? v4l2_m2m_cancel_job+0x2f8/0x650
[  436.708960]  ? v4l2_m2m_job_finish+0x4c0/0x4c0
[  436.713542]  ? kasan_check_read+0x11/0x20
[  436.717720]  ? mutex_destroy+0x103/0x200
[  436.721889]  ? percpu_down_write+0x540/0x540
[  436.726350]  ? vidioc_querycap+0xd0/0xd0
[  436.730408]  vb2_core_queue_release+0x26/0x80
[  436.734891]  vb2_queue_release+0x15/0x20
[  436.738990]  v4l2_m2m_ctx_release+0x1e/0x35
[  436.743305]  vim2m_release+0xe6/0x150
[  436.747178]  v4l2_release+0x224/0x3a0
[  436.750978]  ? dev_debug_store+0x140/0x140
[  436.755244]  __fput+0x385/0xa30
[  436.758582]  ? get_max_files+0x20/0x20
[  436.762466]  ? trace_hardirqs_on+0xbd/0x310
[  436.766824]  ? kasan_check_read+0x11/0x20
[  436.770971]  ? task_work_run+0x1af/0x2a0
[  436.775056]  ? trace_hardirqs_off_caller+0x310/0x310
[  436.780218]  ? filp_close+0x1cd/0x250
[  436.784016]  ____fput+0x15/0x20
[  436.787335]  task_work_run+0x1e8/0x2a0
[  436.791230]  ? task_work_cancel+0x240/0x240
[  436.795633]  ? copy_fd_bitmaps+0x210/0x210
[  436.799902]  ? do_syscall_64+0x9a/0x820
[  436.803869]  exit_to_usermode_loop+0x318/0x380
[  436.808506]  ? __bpf_trace_sys_exit+0x30/0x30
[  436.812997]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  436.818575]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  436.824106]  do_syscall_64+0x6be/0x820
[  436.828042]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  436.833407]  ? syscall_return_slowpath+0x5e0/0x5e0
[  436.838384]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  436.843249]  ? trace_hardirqs_on_caller+0x310/0x310
[  436.848322]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  436.853334]  ? prepare_exit_to_usermode+0x291/0x3b0
[  436.858398]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  436.863253]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  436.868491] RIP: 0033:0x401010
[  436.871691] Code: 00 00 00 00 00 00 00 00 00 00 c4 04 00 00 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cd 01 00 00 12 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 12 00
[  436.890636] RSP: 002b:00007fff234b5948 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  436.898363] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000401010
[  436.905664] RDX: 0000000000444bb9 RSI: 0000000000000000 RDI: 0000000000000003
[  436.912926] RBP: 0000000000000000 R08: 00000000004002e0 R09: 00000000004002e0
[  436.920264] R10: 00000000004002e0 R11: 0000000000000246 R12: 0000000000401f20
[  436.927671] R13: 0000000000401fb0 R14: 0000000000000000 R15: 0000000000000000
[  436.935045] 
[  436.935045] Showing all locks held in the system:
[  436.941414] 1 lock held by khungtaskd/1007:
[  436.945768]  #0: 000000002e0331b1 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424
[  436.954371] 2 locks held by kworker/0:2/2881:
[  436.958935]  #0: 00000000078d9039 ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40
[  436.968272]  #1: 00000000f078aaa2 ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40
[  436.979143] 1 lock held by rsyslogd/5687:
[  436.983281]  #0: 00000000c647e6e7 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200
[  436.991315] 2 locks held by getty/5810:
[  436.995276]  #0: 000000003d7d6040 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.003611]  #1: 000000008ac92458 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.012528] 2 locks held by getty/5811:
[  437.016524]  #0: 000000009b7104d4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.024754]  #1: 0000000016c3d5ed (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.033659] 2 locks held by getty/5812:
[  437.037653]  #0: 000000009123291c (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.045941]  #1: 00000000aea2787f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.054787] 2 locks held by getty/5813:
[  437.058916]  #0: 00000000992b284e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.067400]  #1: 000000009bdfd77d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.076291] 2 locks held by getty/5814:
[  437.080254]  #0: 00000000837c3129 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.088535]  #1: 00000000c2dc8f22 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.097488] 2 locks held by getty/5815:
[  437.101458]  #0: 0000000045e1641d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.109908]  #1: 00000000cadbf83b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.118776] 2 locks held by getty/5816:
[  437.122735]  #0: 00000000f27b6290 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  437.131012]  #1: 0000000084a243bb (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80
[  437.140111] 2 locks held by syz-executor611/5839:
[  437.144941]  #0: 00000000356ef51e (&mdev->req_queue_mutex){+.+.}, at: v4l2_release+0x1d7/0x3a0
[  437.153932]  #1: 000000006a8dd9f3 (&dev->dev_mutex){+.+.}, at: vim2m_release+0xbc/0x150
[  437.162135] 
[  437.163752] =============================================
[  437.163752] 
[  437.170808] NMI backtrace for cpu 0
[  437.174535] CPU: 0 PID: 1007 Comm: khungtaskd Not tainted 4.20.0-rc1+ #102
[  437.181599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  437.190944] Call Trace:
[  437.193557]  dump_stack+0x244/0x39d
[  437.197184]  ? dump_stack_print_info.cold.1+0x20/0x20
[  437.202495]  ? check_preemption_disabled+0x48/0x280
[  437.207501]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  437.213051]  nmi_cpu_backtrace.cold.2+0x5c/0xa1
[  437.217752]  ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f
[  437.223014]  nmi_trigger_cpumask_backtrace+0x1e8/0x22a
[  437.228324]  arch_trigger_cpumask_backtrace+0x14/0x20
[  437.233506]  watchdog+0xb51/0x1060
[  437.237039]  ? hungtask_pm_notify+0xb0/0xb0
[  437.241453]  ? __kthread_parkme+0xce/0x1a0
[  437.245679]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  437.250770]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  437.255877]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  437.260462]  ? trace_hardirqs_on+0xbd/0x310
[  437.264769]  ? kasan_check_read+0x11/0x20
[  437.269015]  ? __kthread_parkme+0xce/0x1a0
[  437.273240]  ? trace_hardirqs_off_caller+0x310/0x310
[  437.278352]  ? trace_hardirqs_off_caller+0x310/0x310
[  437.283505]  ? lockdep_init_map+0x9/0x10
[  437.287630]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  437.292728]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  437.298313]  ? __kthread_parkme+0xfb/0x1a0
[  437.302541]  ? hungtask_pm_notify+0xb0/0xb0
[  437.306974]  kthread+0x35a/0x440
[  437.310333]  ? kthread_stop+0x900/0x900
[  437.314304]  ret_from_fork+0x3a/0x50
[  437.318190] Sending NMI from CPU 0 to CPUs 1:
[  437.322750] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10
[  437.323693] Kernel panic - not syncing: hung_task: blocked tasks
[  437.336557] CPU: 0 PID: 1007 Comm: khungtaskd Not tainted 4.20.0-rc1+ #102
[  437.343553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  437.352991] Call Trace:
[  437.355632]  dump_stack+0x244/0x39d
[  437.359248]  ? dump_stack_print_info.cold.1+0x20/0x20
[  437.364431]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  437.369476]  panic+0x2ad/0x55c
[  437.372660]  ? add_taint.cold.5+0x16/0x16
[  437.376798]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  437.382329]  ? nmi_trigger_cpumask_backtrace+0x1d1/0x22a
[  437.387767]  ? nmi_trigger_cpumask_backtrace+0x1c8/0x22a
[  437.393372]  watchdog+0xb62/0x1060
[  437.396909]  ? hungtask_pm_notify+0xb0/0xb0
[  437.401227]  ? __kthread_parkme+0xce/0x1a0
[  437.405452]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  437.410541]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  437.415696]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  437.420298]  ? trace_hardirqs_on+0xbd/0x310
[  437.424624]  ? kasan_check_read+0x11/0x20
[  437.428808]  ? __kthread_parkme+0xce/0x1a0
[  437.433035]  ? trace_hardirqs_off_caller+0x310/0x310
[  437.438124]  ? trace_hardirqs_off_caller+0x310/0x310
[  437.443229]  ? lockdep_init_map+0x9/0x10
[  437.447287]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  437.452379]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  437.457913]  ? __kthread_parkme+0xfb/0x1a0
[  437.462140]  ? hungtask_pm_notify+0xb0/0xb0
[  437.466447]  kthread+0x35a/0x440
[  437.469924]  ? kthread_stop+0x900/0x900
[  437.473888]  ret_from_fork+0x3a/0x50
[  437.478776] Kernel Offset: disabled
[  437.482404] Rebooting in 86400 seconds..