[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.122774] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   21.984222] random: sshd: uninitialized urandom read (32 bytes read)
[   22.311561] random: sshd: uninitialized urandom read (32 bytes read)
[   23.223895] random: sshd: uninitialized urandom read (32 bytes read)
[  486.522321] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts.
[  492.061440] random: sshd: uninitialized urandom read (32 bytes read)
2018/07/14 02:06:56 parsed 1 programs
[  493.969538] random: cc1: uninitialized urandom read (8 bytes read)
2018/07/14 02:06:58 executed programs: 0
[  495.389094] IPVS: ftp: loaded support on port[0] = 21
[  717.791201] INFO: task syz-executor0:4555 blocked for more than 140 seconds.
[  717.798667]       Not tainted 4.18.0-rc4+ #48
[  717.803211] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  717.811603] syz-executor0   D24984  4555   4535 0x20020004
[  717.817343] Call Trace:
[  717.819998]  __schedule+0x87c/0x1ed0
[  717.823749]  ? __sched_text_start+0x8/0x8
[  717.827921]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  717.832551]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  717.837682]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  717.842739]  ? trace_hardirqs_on+0xd/0x10
[  717.846904]  ? prepare_to_wait_event+0x396/0xc70
[  717.851696]  ? prepare_to_wait_exclusive+0x550/0x550
[  717.856826]  schedule+0xfb/0x450
[  717.860234]  ? __schedule+0x1ed0/0x1ed0
[  717.864226]  ? check_same_owner+0x340/0x340
[  717.868574]  ? do_raw_spin_unlock+0xa7/0x2f0
[  717.873006]  ? replenish_dl_entity.cold.53+0x37/0x37
[  717.878153]  request_wait_answer+0x4c8/0x920
[  717.882595]  ? fuse_read_forget.isra.22+0xdc0/0xdc0
[  717.887647]  ? finish_wait+0x430/0x430
[  717.891570]  ? finish_wait+0x430/0x430
[  717.895505]  ? finish_wait+0x430/0x430
[  717.899432]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  717.904054]  ? fuse_dev_ioctl+0x430/0x430
[  717.908232]  ? kasan_check_write+0x14/0x20
[  717.912493]  ? do_raw_spin_lock+0xc1/0x200
[  717.916764]  __fuse_request_send+0x12a/0x1d0
[  717.921207]  fuse_request_send+0x62/0xa0
[  717.925292]  fuse_simple_request+0x33d/0x730
[  717.929719]  fuse_lookup_name+0x3ee/0x830
[  717.933910]  ? fuse_valid_type+0xb0/0xb0
[  717.938010]  ? mutex_lock_nested+0x16/0x20
[  717.942302]  fuse_lookup+0xf9/0x4c0
[  717.945956]  ? do_raw_spin_unlock+0xa7/0x2f0
[  717.950397]  ? fuse_lookup_name+0x830/0x830
[  717.954754]  ? kasan_check_write+0x14/0x20
[  717.959040]  ? do_raw_spin_lock+0xc1/0x200
[  717.963319]  __lookup_hash+0x12e/0x190
[  717.967229]  filename_create+0x1e5/0x5b0
[  717.971326]  ? kern_path_mountpoint+0x40/0x40
[  717.975854]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  717.981428]  ? getname_flags+0x26e/0x5a0
[  717.985962]  do_mkdirat+0xda/0x310
[  717.989526]  ? __ia32_sys_mknod+0xb0/0xb0
[  717.993685]  ? kasan_check_read+0x11/0x20
[  717.997865]  __ia32_sys_mkdirat+0x74/0xb0
[  718.002049]  do_fast_syscall_32+0x34d/0xfb2
[  718.006403]  ? do_int80_syscall_32+0x890/0x890
[  718.011013]  ? kasan_check_write+0x14/0x20
[  718.015289]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.020869]  ? syscall_return_slowpath+0x31d/0x5e0
[  718.025882]  ? sysret32_from_system_call+0x5/0x46
[  718.030763]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  718.035629]  entry_SYSENTER_compat+0x70/0x7f
[  718.040058] RIP: 0023:0xf7fe8cb9
[  718.043430] Code: Bad RIP value.
[  718.046834] RSP: 002b:00000000f7fc30ac EFLAGS: 00000282 ORIG_RAX: 0000000000000128
[  718.054581] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000500
[  718.061882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  718.069184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  718.076496] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  718.083785] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  718.091101] INFO: task syz-executor0:4556 blocked for more than 140 seconds.
[  718.098302]       Not tainted 4.18.0-rc4+ #48
[  718.102828] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.110827] syz-executor0   D22360  4556   4535 0x20020004
[  718.116489] Call Trace:
[  718.119087]  __schedule+0x87c/0x1ed0
[  718.122826]  ? __sched_text_start+0x8/0x8
[  718.126995]  ? graph_lock+0x170/0x170
[  718.130825]  ? trace_hardirqs_on+0x10/0x10
[  718.135088]  schedule+0xfb/0x450
[  718.138479]  ? lock_downgrade+0x8f0/0x8f0
[  718.142636]  ? __schedule+0x1ed0/0x1ed0
[  718.146642]  ? mark_held_locks+0xc9/0x160
[  718.150794]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  718.155398]  ? _raw_spin_unlock_irq+0x27/0x70
[  718.159996]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  718.165056]  rwsem_down_read_failed+0x362/0x600
[  718.169739]  ? rwsem_down_write_failed_killable+0x10/0x10
[  718.175300]  ? lock_acquire+0x1e4/0x540
[  718.179286]  ? lookup_slow+0x49/0x80
[  718.183041]  ? lock_release+0xa30/0xa30
[  718.187044]  ? check_same_owner+0x340/0x340
[  718.191389]  call_rwsem_down_read_failed+0x18/0x30
[  718.196329]  down_read+0xc3/0x1d0
[  718.199798]  ? lookup_slow+0x49/0x80
[  718.203518]  ? __down_interruptible+0x700/0x700
[  718.208202]  ? lookup_fast+0x470/0x12a0
[  718.212196]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  718.218108]  lookup_slow+0x49/0x80
[  718.221661]  walk_component+0x94a/0x2630
[  718.225743]  ? inode_permission+0xb2/0x560
[  718.230000]  ? path_init+0x2340/0x2340
[  718.233939]  ? walk_component+0x2630/0x2630
[  718.238291]  ? trace_hardirqs_on+0xd/0x10
[  718.242480]  ? depot_save_stack+0x291/0x470
[  718.246839]  ? save_stack+0xa9/0xd0
[  718.250486]  ? save_stack+0x43/0xd0
[  718.254138]  ? kmem_cache_alloc+0x12e/0x760
[  718.258475]  ? getname_flags+0xd0/0x5a0
[  718.262469]  ? user_path_at_empty+0x2d/0x50
[  718.266799]  ? vfs_statx+0x129/0x210
[  718.270549]  path_lookupat.isra.45+0x202/0xbf0
[  718.275139]  ? find_held_lock+0x36/0x1c0
[  718.279222]  ? path_parentat.isra.43+0x160/0x160
[  718.283988]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  718.289204]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  718.294231]  ? __check_object_size+0x9d/0x5f2
[  718.298758]  ? usercopy_warn+0x120/0x120
[  718.302828]  ? kasan_check_read+0x11/0x20
[  718.306997]  ? do_raw_spin_unlock+0xa7/0x2f0
[  718.311434]  filename_lookup+0x264/0x510
[  718.315519]  ? filename_parentat.isra.58+0x570/0x570
[  718.320632]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  718.326196]  ? mpi_free.cold.1+0x19/0x19
[  718.330272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.335840]  ? getname_flags+0x26e/0x5a0
[  718.339928]  user_path_at_empty+0x40/0x50
[  718.344108]  vfs_statx+0x129/0x210
[  718.347656]  ? vfs_statx_fd+0xc0/0xc0
[  718.351482]  __do_compat_sys_newstat+0x8f/0x110
[  718.356254]  ? cp_compat_stat+0xcf0/0xcf0
[  718.360425]  ? lock_downgrade+0x8f0/0x8f0
[  718.364586]  ? finish_task_switch+0x18a/0x870
[  718.369102]  ? kasan_check_read+0x11/0x20
[  718.373252]  ? do_fast_syscall_32+0x150/0xfb2
[  718.377764]  __ia32_compat_sys_newstat+0x52/0x70
[  718.382525]  do_fast_syscall_32+0x34d/0xfb2
[  718.386859]  ? do_int80_syscall_32+0x890/0x890
[  718.391466]  ? _raw_spin_unlock_irq+0x27/0x70
[  718.395982]  ? finish_task_switch+0x1d3/0x870
[  718.400487]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.406044]  ? syscall_return_slowpath+0x31d/0x5e0
[  718.410986]  ? sysret32_from_system_call+0x5/0x46
[  718.415860]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  718.420717]  entry_SYSENTER_compat+0x70/0x7f
[  718.425143] RIP: 0023:0xf7fe8cb9
[  718.428504] Code: Bad RIP value.
[  718.431892] RSP: 002b:00000000f7fa20ac EFLAGS: 00000282 ORIG_RAX: 000000000000006a
[  718.439621] RAX: ffffffffffffffda RBX: 00000000200006c0 RCX: 0000000020000700
[  718.446908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  718.454187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  718.461474] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  718.468755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  718.476065] INFO: task syz-executor0:4557 blocked for more than 140 seconds.
[  718.483267]       Not tainted 4.18.0-rc4+ #48
[  718.487780] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.495766] syz-executor0   D25720  4557   4535 0x20020004
[  718.501439] Call Trace:
[  718.504040]  __schedule+0x87c/0x1ed0
[  718.507783]  ? __sched_text_start+0x8/0x8
[  718.511961]  ? trace_hardirqs_on+0x10/0x10
[  718.516226]  ? graph_lock+0x170/0x170
[  718.520041]  ? trace_hardirqs_on+0x10/0x10
[  718.524302]  schedule+0xfb/0x450
[  718.527676]  ? lock_downgrade+0x8f0/0x8f0
[  718.531841]  ? __schedule+0x1ed0/0x1ed0
[  718.535822]  ? mark_held_locks+0xc9/0x160
[  718.539982]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  718.544574]  ? _raw_spin_unlock_irq+0x27/0x70
[  718.549090]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  718.554122]  rwsem_down_read_failed+0x362/0x600
[  718.558835]  ? rwsem_down_write_failed_killable+0x10/0x10
[  718.564410]  ? find_held_lock+0x36/0x1c0
[  718.568500]  ? lock_acquire+0x1e4/0x540
[  718.572499]  ? lookup_slow+0x49/0x80
[  718.576240]  ? lock_release+0xa30/0xa30
[  718.580222]  ? check_same_owner+0x340/0x340
[  718.584576]  call_rwsem_down_read_failed+0x18/0x30
[  718.589515]  down_read+0xc3/0x1d0
[  718.592980]  ? lookup_slow+0x49/0x80
[  718.596701]  ? __down_interruptible+0x700/0x700
[  718.601384]  ? lookup_fast+0x470/0x12a0
[  718.605372]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  718.611274]  lookup_slow+0x49/0x80
[  718.614845]  walk_component+0x94a/0x2630
[  718.618942]  ? inode_permission+0xb2/0x560
[  718.623225]  ? path_init+0x2340/0x2340
[  718.627140]  ? walk_component+0x2630/0x2630
[  718.631483]  ? trace_hardirqs_on+0xd/0x10
[  718.635660]  ? depot_save_stack+0x291/0x470
[  718.640009]  ? save_stack+0xa9/0xd0
[  718.643672]  ? save_stack+0x43/0xd0
[  718.647317]  ? kmem_cache_alloc+0x12e/0x760
[  718.651650]  ? getname_flags+0xd0/0x5a0
[  718.655659]  ? user_path_at_empty+0x2d/0x50
[  718.659994]  ? vfs_statx+0x129/0x210
[  718.663734]  path_lookupat.isra.45+0x202/0xbf0
[  718.668331]  ? find_held_lock+0x36/0x1c0
[  718.672419]  ? path_parentat.isra.43+0x160/0x160
[  718.677187]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  718.682399]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  718.687429]  ? __check_object_size+0x9d/0x5f2
[  718.691944]  ? usercopy_warn+0x120/0x120
[  718.696041]  ? kasan_check_read+0x11/0x20
[  718.700214]  ? do_raw_spin_unlock+0xa7/0x2f0
[  718.704642]  filename_lookup+0x264/0x510
[  718.708726]  ? filename_parentat.isra.58+0x570/0x570
[  718.713847]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  718.719413]  ? mpi_free.cold.1+0x19/0x19
[  718.723492]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.729233]  ? getname_flags+0x26e/0x5a0
[  718.733319]  user_path_at_empty+0x40/0x50
[  718.737520]  vfs_statx+0x129/0x210
[  718.741082]  ? vfs_statx_fd+0xc0/0xc0
[  718.744924]  __do_compat_sys_newlstat+0x8f/0x110
[  718.749695]  ? __do_compat_sys_newstat+0x110/0x110
[  718.754687]  ? lock_downgrade+0x8f0/0x8f0
[  718.758851]  ? finish_task_switch+0x18a/0x870
[  718.763379]  ? kasan_check_read+0x11/0x20
[  718.767551]  ? do_fast_syscall_32+0x150/0xfb2
[  718.772073]  __ia32_compat_sys_newlstat+0x52/0x70
[  718.776949]  do_fast_syscall_32+0x34d/0xfb2
[  718.781417]  ? do_int80_syscall_32+0x890/0x890
[  718.786030]  ? kasan_check_write+0x14/0x20
[  718.790418]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.795984]  ? syscall_return_slowpath+0x31d/0x5e0
[  718.800946]  ? sysret32_from_system_call+0x5/0x46
[  718.805803]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  718.810668]  entry_SYSENTER_compat+0x70/0x7f
[  718.815085] RIP: 0023:0xf7fe8cb9
[  718.818463] Code: Bad RIP value.
[  718.821854] RSP: 002b:00000000f7f810ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  718.829594] RAX: ffffffffffffffda RBX: 0000000020000900 RCX: 0000000020000940
[  718.836875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  718.844171] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  718.851460] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  718.858752] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  718.866055] INFO: task syz-executor0:4559 blocked for more than 140 seconds.
[  718.873262]       Not tainted 4.18.0-rc4+ #48
[  718.877761] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  718.885754] syz-executor0   D25720  4559   4535 0x20020004
[  718.891407] Call Trace:
[  718.894035]  __schedule+0x87c/0x1ed0
[  718.897768]  ? __sched_text_start+0x8/0x8
[  718.901942]  ? trace_hardirqs_on+0x10/0x10
[  718.906190]  ? graph_lock+0x170/0x170
[  718.910038]  ? trace_hardirqs_on+0x10/0x10
[  718.914292]  schedule+0xfb/0x450
[  718.917676]  ? lock_downgrade+0x8f0/0x8f0
[  718.921832]  ? __schedule+0x1ed0/0x1ed0
[  718.925821]  ? mark_held_locks+0xc9/0x160
[  718.929994]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  718.934605]  ? _raw_spin_unlock_irq+0x27/0x70
[  718.939116]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  718.944197]  rwsem_down_read_failed+0x362/0x600
[  718.948882]  ? rwsem_down_write_failed_killable+0x10/0x10
[  718.954446]  ? find_held_lock+0x36/0x1c0
[  718.958523]  ? lock_acquire+0x1e4/0x540
[  718.962515]  ? lookup_slow+0x49/0x80
[  718.966245]  ? lock_release+0xa30/0xa30
[  718.970228]  ? check_same_owner+0x340/0x340
[  718.974560]  call_rwsem_down_read_failed+0x18/0x30
[  718.979516]  down_read+0xc3/0x1d0
[  718.982971]  ? lookup_slow+0x49/0x80
[  718.986705]  ? __down_interruptible+0x700/0x700
[  718.991386]  ? lookup_fast+0x470/0x12a0
[  718.995388]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  719.001291]  lookup_slow+0x49/0x80
[  719.004852]  walk_component+0x94a/0x2630
[  719.008929]  ? inode_permission+0xb2/0x560
[  719.013202]  ? path_init+0x2340/0x2340
[  719.017109]  ? walk_component+0x2630/0x2630
[  719.021811]  ? save_stack+0xa9/0xd0
[  719.025444]  ? save_stack+0x43/0xd0
[  719.029084]  ? kmem_cache_alloc+0x12e/0x760
[  719.033408]  ? getname_flags+0xd0/0x5a0
[  719.037392]  ? user_path_at_empty+0x2d/0x50
[  719.041720]  ? vfs_statx+0x129/0x210
[  719.045447]  path_lookupat.isra.45+0x202/0xbf0
[  719.050038]  ? find_held_lock+0x36/0x1c0
[  719.054110]  ? path_parentat.isra.43+0x160/0x160
[  719.058874]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  719.064074]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  719.069103]  ? __check_object_size+0x9d/0x5f2
[  719.073712]  ? usercopy_warn+0x120/0x120
[  719.077786]  ? kasan_check_read+0x11/0x20
[  719.081970]  ? do_raw_spin_unlock+0xa7/0x2f0
[  719.086394]  filename_lookup+0x264/0x510
[  719.090471]  ? filename_parentat.isra.58+0x570/0x570
[  719.095588]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  719.101147]  ? mpi_free.cold.1+0x19/0x19
[  719.105222]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.110805]  ? getname_flags+0x26e/0x5a0
[  719.114890]  user_path_at_empty+0x40/0x50
[  719.119073]  vfs_statx+0x129/0x210
[  719.122623]  ? vfs_statx_fd+0xc0/0xc0
[  719.126450]  __do_compat_sys_newlstat+0x8f/0x110
[  719.131221]  ? __do_compat_sys_newstat+0x110/0x110
[  719.136175]  ? lock_downgrade+0x8f0/0x8f0
[  719.140338]  ? finish_task_switch+0x18a/0x870
[  719.144863]  ? kasan_check_read+0x11/0x20
[  719.149029]  ? do_fast_syscall_32+0x150/0xfb2
[  719.153554]  __ia32_compat_sys_newlstat+0x52/0x70
[  719.158413]  do_fast_syscall_32+0x34d/0xfb2
[  719.162756]  ? do_int80_syscall_32+0x890/0x890
[  719.167347]  ? kasan_check_write+0x14/0x20
[  719.171606]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.177165]  ? syscall_return_slowpath+0x31d/0x5e0
[  719.182123]  ? sysret32_from_system_call+0x5/0x46
[  719.186988]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  719.192245]  entry_SYSENTER_compat+0x70/0x7f
[  719.196684] RIP: 0023:0xf7fe8cb9
[  719.200060] Code: Bad RIP value.
[  719.203488] RSP: 002b:00000000f7f3f0ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  719.211222] RAX: ffffffffffffffda RBX: 0000000020007700 RCX: 0000000020007740
[  719.218523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  719.225829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.233122] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  719.240420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.247720] INFO: task syz-executor0:4560 blocked for more than 140 seconds.
[  719.254933]       Not tainted 4.18.0-rc4+ #48
[  719.259434] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  719.267426] syz-executor0   D25720  4560   4535 0x20020004
[  719.273074] Call Trace:
[  719.275685]  __schedule+0x87c/0x1ed0
[  719.279416]  ? __sched_text_start+0x8/0x8
[  719.283590]  ? trace_hardirqs_on+0x10/0x10
[  719.287837]  ? graph_lock+0x170/0x170
[  719.291669]  ? trace_hardirqs_on+0x10/0x10
[  719.295924]  schedule+0xfb/0x450
[  719.299311]  ? lock_downgrade+0x8f0/0x8f0
[  719.303475]  ? __schedule+0x1ed0/0x1ed0
[  719.307472]  ? mark_held_locks+0xc9/0x160
[  719.311626]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  719.316226]  ? _raw_spin_unlock_irq+0x27/0x70
[  719.320737]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  719.325779]  rwsem_down_read_failed+0x362/0x600
[  719.330473]  ? rwsem_down_write_failed_killable+0x10/0x10
[  719.336051]  ? find_held_lock+0x36/0x1c0
[  719.340148]  ? lock_acquire+0x1e4/0x540
[  719.344143]  ? lookup_slow+0x49/0x80
[  719.347881]  ? lock_release+0xa30/0xa30
[  719.351883]  ? check_same_owner+0x340/0x340
[  719.356234]  call_rwsem_down_read_failed+0x18/0x30
[  719.361202]  down_read+0xc3/0x1d0
[  719.364665]  ? lookup_slow+0x49/0x80
[  719.368393]  ? __down_interruptible+0x700/0x700
[  719.373065]  ? lookup_fast+0x470/0x12a0
[  719.377053]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  719.382944]  lookup_slow+0x49/0x80
[  719.386499]  walk_component+0x94a/0x2630
[  719.390578]  ? inode_permission+0xb2/0x560
[  719.394828]  ? path_init+0x2340/0x2340
[  719.398729]  ? walk_component+0x2630/0x2630
[  719.403072]  ? save_stack+0xa9/0xd0
[  719.406715]  ? save_stack+0x43/0xd0
[  719.410362]  ? kmem_cache_alloc+0x12e/0x760
[  719.414691]  ? getname_flags+0xd0/0x5a0
[  719.418679]  ? user_path_at_empty+0x2d/0x50
[  719.423027]  ? vfs_statx+0x129/0x210
[  719.426767]  path_lookupat.isra.45+0x202/0xbf0
[  719.431358]  ? find_held_lock+0x36/0x1c0
[  719.435451]  ? path_parentat.isra.43+0x160/0x160
[  719.440214]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  719.445416]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  719.450449]  ? __check_object_size+0x9d/0x5f2
[  719.454959]  ? usercopy_warn+0x120/0x120
[  719.459037]  ? kasan_check_read+0x11/0x20
[  719.463204]  ? do_raw_spin_unlock+0xa7/0x2f0
[  719.467643]  filename_lookup+0x264/0x510
[  719.471727]  ? filename_parentat.isra.58+0x570/0x570
[  719.476936]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  719.482506]  ? mpi_free.cold.1+0x19/0x19
[  719.486580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.492133]  ? getname_flags+0x26e/0x5a0
[  719.496213]  user_path_at_empty+0x40/0x50
[  719.500383]  vfs_statx+0x129/0x210
[  719.503931]  ? vfs_statx_fd+0xc0/0xc0
[  719.507753]  __do_compat_sys_newlstat+0x8f/0x110
[  719.512518]  ? __do_compat_sys_newstat+0x110/0x110
[  719.517480]  ? lock_downgrade+0x8f0/0x8f0
[  719.521664]  ? finish_task_switch+0x18a/0x870
[  719.526181]  ? kasan_check_read+0x11/0x20
[  719.530345]  ? do_fast_syscall_32+0x150/0xfb2
[  719.534853]  __ia32_compat_sys_newlstat+0x52/0x70
[  719.539706]  do_fast_syscall_32+0x34d/0xfb2
[  719.544050]  ? do_int80_syscall_32+0x890/0x890
[  719.548651]  ? kasan_check_write+0x14/0x20
[  719.552919]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.558486]  ? syscall_return_slowpath+0x31d/0x5e0
[  719.563441]  ? sysret32_from_system_call+0x5/0x46
[  719.568302]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  719.573254]  entry_SYSENTER_compat+0x70/0x7f
[  719.577680] RIP: 0023:0xf7fe8cb9
[  719.581054] Code: Bad RIP value.
[  719.584435] RSP: 002b:00000000f7f1e0ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  719.592160] RAX: ffffffffffffffda RBX: 0000000020007b40 RCX: 0000000020007b80
[  719.599444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  719.606740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.614043] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  719.621346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.628638] INFO: task syz-executor0:4563 blocked for more than 140 seconds.
[  719.635839]       Not tainted 4.18.0-rc4+ #48
[  719.640350] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  719.648349] syz-executor0   D23456  4563   4535 0x20020004
[  719.653984] Call Trace:
[  719.656589]  __schedule+0x87c/0x1ed0
[  719.660312]  ? lock_downgrade+0x8f0/0x8f0
[  719.664521]  ? __sched_text_start+0x8/0x8
[  719.668678]  ? print_usage_bug+0xc0/0xc0
[  719.672753]  ? graph_lock+0x170/0x170
[  719.676558]  ? graph_lock+0x170/0x170
[  719.680375]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  719.685418]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.691508]  schedule+0xfb/0x450
[  719.694888]  ? lock_downgrade+0x8f0/0x8f0
[  719.699058]  ? __schedule+0x1ed0/0x1ed0
[  719.703045]  ? mark_held_locks+0xc9/0x160
[  719.707210]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  719.711807]  ? _raw_spin_unlock_irq+0x27/0x70
[  719.716333]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  719.721377]  __rwsem_down_write_failed_common+0x95d/0x1630
[  719.727046]  ? rwsem_spin_on_owner+0xa40/0xa40
[  719.731649]  ? __lock_acquire+0x7fc/0x5020
[  719.735917]  ? trace_hardirqs_on+0x10/0x10
[  719.740181]  ? find_held_lock+0x36/0x1c0
[  719.744272]  ? find_held_lock+0x36/0x1c0
[  719.748355]  ? lock_downgrade+0x8f0/0x8f0
[  719.752566]  ? kasan_check_read+0x11/0x20
[  719.756739]  ? dput.part.26+0x276/0x7a0
[  719.760750]  ? graph_lock+0x170/0x170
[  719.764572]  ? shrink_dcache_sb+0x350/0x350
[  719.768920]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  719.773962]  ? mntput+0x74/0xa0
[  719.777273]  ? lock_acquire+0x1e4/0x540
[  719.781266]  ? filename_create+0x1b2/0x5b0
[  719.785534]  ? mnt_want_write+0x3f/0xc0
[  719.789529]  ? lock_release+0xa30/0xa30
[  719.793534]  ? check_same_owner+0x340/0x340
[  719.797882]  rwsem_down_write_failed+0xe/0x10
[  719.802412]  ? rwsem_down_write_failed+0xe/0x10
[  719.807099]  call_rwsem_down_write_failed+0x17/0x30
[  719.812153]  down_write_nested+0xae/0x130
[  719.816325]  ? filename_create+0x1b2/0x5b0
[  719.820593]  ? _down_write_nest_lock+0x130/0x130
[  719.825387]  ? __sb_start_write+0x17f/0x300
[  719.829741]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.835305]  filename_create+0x1b2/0x5b0
[  719.839401]  ? kern_path_mountpoint+0x40/0x40
[  719.843929]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.849505]  ? getname_flags+0x26e/0x5a0
[  719.853596]  do_mkdirat+0xda/0x310
[  719.857167]  ? __ia32_sys_mknod+0xb0/0xb0
[  719.861335]  ? syscall_slow_exit_work+0x500/0x500
[  719.866225]  __ia32_sys_mkdirat+0x74/0xb0
[  719.870398]  do_fast_syscall_32+0x34d/0xfb2
[  719.874749]  ? do_int80_syscall_32+0x890/0x890
[  719.879353]  ? _raw_spin_unlock_irq+0x27/0x70
[  719.883880]  ? finish_task_switch+0x1d3/0x870
[  719.888404]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  719.893979]  ? syscall_return_slowpath+0x31d/0x5e0
[  719.898951]  ? sysret32_from_system_call+0x5/0x46
[  719.903829]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  719.908714]  entry_SYSENTER_compat+0x70/0x7f
[  719.913157] RIP: 0023:0xf7fe8cb9
[  719.916541] Code: Bad RIP value.
[  719.919944] RSP: 002b:00000000f7ebb0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000128
[  719.927683] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000500
[  719.934992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  719.942291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.949589] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  719.956877] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.964190] INFO: task syz-executor0:4564 blocked for more than 140 seconds.
[  719.971415]       Not tainted 4.18.0-rc4+ #48
[  719.975945] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  719.983938] syz-executor0   D25720  4564   4535 0x20020004
[  719.989634] Call Trace:
[  719.992245]  __schedule+0x87c/0x1ed0
[  719.996010]  ? __sched_text_start+0x8/0x8
[  720.000204]  ? trace_hardirqs_on+0x10/0x10
[  720.004477]  ? graph_lock+0x170/0x170
[  720.008301]  ? trace_hardirqs_on+0x10/0x10
[  720.012568]  schedule+0xfb/0x450
[  720.015948]  ? lock_downgrade+0x8f0/0x8f0
[  720.020127]  ? __schedule+0x1ed0/0x1ed0
[  720.024113]  ? mark_held_locks+0xc9/0x160
[  720.028278]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  720.032870]  ? _raw_spin_unlock_irq+0x27/0x70
[  720.037384]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  720.042415]  rwsem_down_read_failed+0x362/0x600
[  720.047107]  ? rwsem_down_write_failed_killable+0x10/0x10
[  720.052648]  ? find_held_lock+0x36/0x1c0
[  720.056727]  ? lock_acquire+0x1e4/0x540
[  720.060706]  ? lookup_slow+0x49/0x80
[  720.064441]  ? lock_release+0xa30/0xa30
[  720.068433]  ? check_same_owner+0x340/0x340
[  720.072776]  call_rwsem_down_read_failed+0x18/0x30
[  720.077716]  down_read+0xc3/0x1d0
[  720.081182]  ? lookup_slow+0x49/0x80
[  720.084917]  ? __down_interruptible+0x700/0x700
[  720.089603]  ? lookup_fast+0x470/0x12a0
[  720.093596]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  720.099508]  lookup_slow+0x49/0x80
[  720.103062]  walk_component+0x94a/0x2630
[  720.107145]  ? inode_permission+0xb2/0x560
[  720.111394]  ? path_init+0x2340/0x2340
[  720.115326]  ? walk_component+0x2630/0x2630
[  720.119677]  ? save_stack+0xa9/0xd0
[  720.123325]  ? save_stack+0x43/0xd0
[  720.126966]  ? kmem_cache_alloc+0x12e/0x760
[  720.131306]  ? getname_flags+0xd0/0x5a0
[  720.135301]  ? user_path_at_empty+0x2d/0x50
[  720.139645]  ? vfs_statx+0x129/0x210
[  720.143369]  path_lookupat.isra.45+0x202/0xbf0
[  720.147966]  ? find_held_lock+0x36/0x1c0
[  720.152039]  ? path_parentat.isra.43+0x160/0x160
[  720.156823]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  720.162040]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  720.167068]  ? __check_object_size+0x9d/0x5f2
[  720.171578]  ? usercopy_warn+0x120/0x120
[  720.175668]  ? kasan_check_read+0x11/0x20
[  720.179826]  ? do_raw_spin_unlock+0xa7/0x2f0
[  720.184254]  filename_lookup+0x264/0x510
[  720.188334]  ? filename_parentat.isra.58+0x570/0x570
[  720.193453]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  720.199037]  ? mpi_free.cold.1+0x19/0x19
[  720.203112]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  720.208672]  ? getname_flags+0x26e/0x5a0
[  720.212743]  user_path_at_empty+0x40/0x50
[  720.216918]  vfs_statx+0x129/0x210
[  720.220471]  ? vfs_statx_fd+0xc0/0xc0
[  720.224294]  __do_compat_sys_newstat+0x8f/0x110
[  720.229028]  ? cp_compat_stat+0xcf0/0xcf0
[  720.233198]  ? lock_downgrade+0x8f0/0x8f0
[  720.237350]  ? finish_task_switch+0x18a/0x870
[  720.241868]  ? kasan_check_read+0x11/0x20
[  720.246035]  ? do_fast_syscall_32+0x150/0xfb2
[  720.250555]  __ia32_compat_sys_newstat+0x52/0x70
[  720.255325]  do_fast_syscall_32+0x34d/0xfb2
[  720.259672]  ? do_int80_syscall_32+0x890/0x890
[  720.264297]  ? kasan_check_write+0x14/0x20
[  720.268559]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  720.274106]  ? syscall_return_slowpath+0x31d/0x5e0
[  720.279068]  ? sysret32_from_system_call+0x5/0x46
[  720.283928]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  720.288795]  entry_SYSENTER_compat+0x70/0x7f
[  720.293209] RIP: 0023:0xf7fe8cb9
[  720.296581] Code: Bad RIP value.
[  720.299970] RSP: 002b:00000000f7e9a0ac EFLAGS: 00000282 ORIG_RAX: 000000000000006a
[  720.307693] RAX: ffffffffffffffda RBX: 00000000200006c0 RCX: 0000000020000700
[  720.314978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  720.322261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  720.329536] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  720.336824] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  720.344126] INFO: task syz-executor0:4565 blocked for more than 140 seconds.
[  720.351332]       Not tainted 4.18.0-rc4+ #48
[  720.355830] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  720.363816] syz-executor0   D25720  4565   4535 0x20020004
[  720.369454] Call Trace:
[  720.372061]  __schedule+0x87c/0x1ed0
[  720.375782]  ? __sched_text_start+0x8/0x8
[  720.379950]  ? trace_hardirqs_on+0x10/0x10
[  720.384221]  ? graph_lock+0x170/0x170
[  720.388044]  ? trace_hardirqs_on+0x10/0x10
[  720.392293]  schedule+0xfb/0x450
[  720.395672]  ? lock_downgrade+0x8f0/0x8f0
[  720.399825]  ? __schedule+0x1ed0/0x1ed0
[  720.403810]  ? mark_held_locks+0xc9/0x160
[  720.407970]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  720.412565]  ? _raw_spin_unlock_irq+0x27/0x70
[  720.417071]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  720.422114]  rwsem_down_read_failed+0x362/0x600
[  720.426794]  ? rwsem_down_write_failed_killable+0x10/0x10
[  720.432351]  ? find_held_lock+0x36/0x1c0
[  720.437726]  ? lock_acquire+0x1e4/0x540
[  720.441731]  ? lookup_slow+0x49/0x80
[  720.445451]  ? lock_release+0xa30/0xa30
[  720.449448]  ? check_same_owner+0x340/0x340
[  720.453787]  call_rwsem_down_read_failed+0x18/0x30
[  720.458737]  down_read+0xc3/0x1d0
[  720.462191]  ? lookup_slow+0x49/0x80
[  720.465925]  ? __down_interruptible+0x700/0x700
[  720.470601]  ? lookup_fast+0x470/0x12a0
[  720.474647]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  720.480579]  lookup_slow+0x49/0x80
[  720.484145]  walk_component+0x94a/0x2630
[  720.488239]  ? inode_permission+0xb2/0x560
[  720.492521]  ? path_init+0x2340/0x2340
[  720.496452]  ? walk_component+0x2630/0x2630
[  720.500810]  ? save_stack+0xa9/0xd0
[  720.504465]  ? save_stack+0x43/0xd0
[  720.508127]  ? kmem_cache_alloc+0x12e/0x760
[  720.512479]  ? getname_flags+0xd0/0x5a0
[  720.516480]  ? user_path_at_empty+0x2d/0x50
[  720.520823]  ? vfs_statx+0x129/0x210
[  720.524566]  path_lookupat.isra.45+0x202/0xbf0
[  720.529174]  ? find_held_lock+0x36/0x1c0
[  720.533267]  ? path_parentat.isra.43+0x160/0x160
[  720.538058]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  720.543284]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  720.548333]  ? __check_object_size+0x9d/0x5f2
[  720.552857]  ? usercopy_warn+0x120/0x120
[  720.556944]  ? kasan_check_read+0x11/0x20
[  720.561114]  ? do_raw_spin_unlock+0xa7/0x2f0
[  720.565566]  filename_lookup+0x264/0x510
[  720.569668]  ? filename_parentat.isra.58+0x570/0x570
[  720.574793]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  720.580361]  ? mpi_free.cold.1+0x19/0x19
[  720.584450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  720.590009]  ? getname_flags+0x26e/0x5a0
[  720.594113]  user_path_at_empty+0x40/0x50
[  720.598287]  vfs_statx+0x129/0x210
[  720.601857]  ? vfs_statx_fd+0xc0/0xc0
[  720.605688]  __do_compat_sys_newlstat+0x8f/0x110
[  720.610473]  ? __do_compat_sys_newstat+0x110/0x110
[  720.615431]  ? lock_downgrade+0x8f0/0x8f0
[  720.619650]  ? finish_task_switch+0x18a/0x870
[  720.624175]  ? kasan_check_read+0x11/0x20
[  720.628372]  ? do_fast_syscall_32+0x150/0xfb2
[  720.632890]  __ia32_compat_sys_newlstat+0x52/0x70
[  720.637753]  do_fast_syscall_32+0x34d/0xfb2
[  720.642096]  ? do_int80_syscall_32+0x890/0x890
[  720.646698]  ? kasan_check_write+0x14/0x20
[  720.650960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  720.656522]  ? syscall_return_slowpath+0x31d/0x5e0
[  720.661473]  ? sysret32_from_system_call+0x5/0x46
[  720.666345]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  720.671214]  entry_SYSENTER_compat+0x70/0x7f
[  720.675640] RIP: 0023:0xf7fe8cb9
[  720.679029] Code: Bad RIP value.
[  720.682424] RSP: 002b:00000000f7e790ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  720.690150] RAX: ffffffffffffffda RBX: 0000000020000900 RCX: 0000000020000940
[  720.697433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  720.704723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  720.712008] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  720.719324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  720.726629] INFO: task syz-executor0:4567 blocked for more than 140 seconds.
[  720.733829]       Not tainted 4.18.0-rc4+ #48
[  720.738340] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  720.746319] syz-executor0   D25216  4567   4535 0x20020004
[  720.751985] Call Trace:
[  720.754603]  __schedule+0x87c/0x1ed0
[  720.758343]  ? kasan_check_write+0x14/0x20
[  720.762604]  ? __sched_text_start+0x8/0x8
[  720.766777]  ? trace_hardirqs_on+0x10/0x10
[  720.771051]  ? graph_lock+0x170/0x170
[  720.774874]  ? trace_hardirqs_on+0x10/0x10
[  720.779141]  schedule+0xfb/0x450
[  720.782528]  ? lock_downgrade+0x8f0/0x8f0
[  720.786691]  ? __schedule+0x1ed0/0x1ed0
[  720.790693]  ? mark_held_locks+0xc9/0x160
[  720.794861]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  720.799467]  ? _raw_spin_unlock_irq+0x27/0x70
[  720.803988]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  720.809044]  rwsem_down_read_failed+0x362/0x600
[  720.813748]  ? rwsem_down_write_failed_killable+0x10/0x10
[  720.819305]  ? find_held_lock+0x36/0x1c0
[  720.823398]  ? lock_acquire+0x1e4/0x540
[  720.827397]  ? lookup_slow+0x49/0x80
[  720.831137]  ? lock_release+0xa30/0xa30
[  720.835129]  ? check_same_owner+0x340/0x340
[  720.839473]  call_rwsem_down_read_failed+0x18/0x30
[  720.844424]  down_read+0xc3/0x1d0
[  720.847896]  ? lookup_slow+0x49/0x80
[  720.851629]  ? __down_interruptible+0x700/0x700
[  720.856315]  ? lookup_fast+0x470/0x12a0
[  720.860315]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  720.866225]  lookup_slow+0x49/0x80
[  720.869789]  walk_component+0x94a/0x2630
[  720.873867]  ? inode_permission+0xb2/0x560
[  720.878126]  ? path_init+0x2340/0x2340
[  720.882054]  ? walk_component+0x2630/0x2630
[  720.886415]  ? save_stack+0xa9/0xd0
[  720.890053]  ? save_stack+0x43/0xd0
[  720.893696]  ? kmem_cache_alloc+0x12e/0x760
[  720.898036]  ? getname_flags+0xd0/0x5a0
[  720.902041]  ? user_path_at_empty+0x2d/0x50
[  720.906393]  ? vfs_statx+0x129/0x210
[  720.910132]  path_lookupat.isra.45+0x202/0xbf0
[  720.914737]  ? find_held_lock+0x36/0x1c0
[  720.918822]  ? path_parentat.isra.43+0x160/0x160
[  720.923604]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  720.928815]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  720.933848]  ? __check_object_size+0x9d/0x5f2
[  720.938374]  ? usercopy_warn+0x120/0x120
[  720.942454]  ? kasan_check_read+0x11/0x20
[  720.946621]  ? do_raw_spin_unlock+0xa7/0x2f0
[  720.951052]  filename_lookup+0x264/0x510
[  720.955135]  ? filename_parentat.isra.58+0x570/0x570
[  720.960269]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  720.965831]  ? mpi_free.cold.1+0x19/0x19
[  720.969919]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  720.975469]  ? getname_flags+0x26e/0x5a0
[  720.979554]  user_path_at_empty+0x40/0x50
[  720.983724]  vfs_statx+0x129/0x210
[  720.987289]  ? vfs_statx_fd+0xc0/0xc0
[  720.991117]  __do_compat_sys_newlstat+0x8f/0x110
[  720.995899]  ? __do_compat_sys_newstat+0x110/0x110
[  721.000860]  ? lock_downgrade+0x8f0/0x8f0
[  721.005046]  ? finish_task_switch+0x18a/0x870
[  721.009565]  ? kasan_check_read+0x11/0x20
[  721.013737]  ? do_fast_syscall_32+0x150/0xfb2
[  721.018253]  __ia32_compat_sys_newlstat+0x52/0x70
[  721.023118]  do_fast_syscall_32+0x34d/0xfb2
[  721.027466]  ? do_int80_syscall_32+0x890/0x890
[  721.032067]  ? _raw_spin_unlock_irq+0x27/0x70
[  721.036585]  ? finish_task_switch+0x1d3/0x870
[  721.041102]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  721.046673]  ? syscall_return_slowpath+0x31d/0x5e0
[  721.051631]  ? sysret32_from_system_call+0x5/0x46
[  721.056501]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  721.061377]  entry_SYSENTER_compat+0x70/0x7f
[  721.065802] RIP: 0023:0xf7fe8cb9
[  721.069176] Code: Bad RIP value.
[  721.072572] RSP: 002b:00000000f7e370ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  721.080300] RAX: ffffffffffffffda RBX: 0000000020007700 RCX: 0000000020007740
[  721.087591] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  721.094874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  721.102166] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  721.109448] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  721.116752] INFO: task syz-executor0:4568 blocked for more than 140 seconds.
[  721.123952]       Not tainted 4.18.0-rc4+ #48
[  721.128464] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  721.136445] syz-executor0   D25216  4568   4535 0x20020004
[  721.142094] Call Trace:
[  721.144703]  __schedule+0x87c/0x1ed0
[  721.148456]  ? __sched_text_start+0x8/0x8
[  721.152634]  ? trace_hardirqs_on+0x10/0x10
[  721.156890]  ? graph_lock+0x170/0x170
[  721.160718]  ? trace_hardirqs_on+0x10/0x10
[  721.164988]  schedule+0xfb/0x450
[  721.168386]  ? lock_downgrade+0x8f0/0x8f0
[  721.172554]  ? __schedule+0x1ed0/0x1ed0
[  721.176554]  ? mark_held_locks+0xc9/0x160
[  721.180717]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  721.185320]  ? _raw_spin_unlock_irq+0x27/0x70
[  721.189842]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  721.194886]  rwsem_down_read_failed+0x362/0x600
[  721.199579]  ? rwsem_down_write_failed_killable+0x10/0x10
[  721.205137]  ? find_held_lock+0x36/0x1c0
[  721.209237]  ? lock_acquire+0x1e4/0x540
[  721.213236]  ? lookup_slow+0x49/0x80
[  721.216974]  ? lock_release+0xa30/0xa30
[  721.220967]  ? check_same_owner+0x340/0x340
[  721.225324]  call_rwsem_down_read_failed+0x18/0x30
[  721.230282]  down_read+0xc3/0x1d0
[  721.233753]  ? lookup_slow+0x49/0x80
[  721.237483]  ? __down_interruptible+0x700/0x700
[  721.242174]  ? lookup_fast+0x470/0x12a0
[  721.246182]  ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[  721.252089]  lookup_slow+0x49/0x80
[  721.255653]  walk_component+0x94a/0x2630
[  721.259736]  ? inode_permission+0xb2/0x560
[  721.263996]  ? path_init+0x2340/0x2340
[  721.267912]  ? walk_component+0x2630/0x2630
[  721.272275]  ? save_stack+0xa9/0xd0
[  721.275926]  ? save_stack+0x43/0xd0
[  721.279572]  ? kmem_cache_alloc+0x12e/0x760
[  721.283913]  ? getname_flags+0xd0/0x5a0
[  721.287908]  ? user_path_at_empty+0x2d/0x50
[  721.292258]  ? vfs_statx+0x129/0x210
[  721.295993]  path_lookupat.isra.45+0x202/0xbf0
[  721.300598]  ? find_held_lock+0x36/0x1c0
[  721.304685]  ? path_parentat.isra.43+0x160/0x160
[  721.309469]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  721.314695]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  721.319734]  ? __check_object_size+0x9d/0x5f2
[  721.324265]  ? usercopy_warn+0x120/0x120
[  721.328364]  ? kasan_check_read+0x11/0x20
[  721.332543]  ? do_raw_spin_unlock+0xa7/0x2f0
[  721.336982]  filename_lookup+0x264/0x510
[  721.341072]  ? filename_parentat.isra.58+0x570/0x570
[  721.346198]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  721.351761]  ? mpi_free.cold.1+0x19/0x19
[  721.355847]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  721.361405]  ? getname_flags+0x26e/0x5a0
[  721.365490]  user_path_at_empty+0x40/0x50
[  721.369662]  vfs_statx+0x129/0x210
[  721.373225]  ? vfs_statx_fd+0xc0/0xc0
[  721.377053]  __do_compat_sys_newlstat+0x8f/0x110
[  721.381825]  ? __do_compat_sys_newstat+0x110/0x110
[  721.386780]  ? lock_downgrade+0x8f0/0x8f0
[  721.390957]  ? finish_task_switch+0x18a/0x870
[  721.395475]  ? kasan_check_read+0x11/0x20
[  721.399640]  ? do_fast_syscall_32+0x150/0xfb2
[  721.404159]  __ia32_compat_sys_newlstat+0x52/0x70
[  721.409044]  do_fast_syscall_32+0x34d/0xfb2
[  721.413394]  ? do_int80_syscall_32+0x890/0x890
[  721.417998]  ? kasan_check_write+0x14/0x20
[  721.422275]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  721.427831]  ? syscall_return_slowpath+0x31d/0x5e0
[  721.432782]  ? sysret32_from_system_call+0x5/0x46
[  721.437650]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  721.442517]  entry_SYSENTER_compat+0x70/0x7f
[  721.446940] RIP: 0023:0xf7fe8cb9
[  721.450310] Code: Bad RIP value.
[  721.453703] RSP: 002b:00000000f7e160ac EFLAGS: 00000282 ORIG_RAX: 000000000000006b
[  721.461430] RAX: ffffffffffffffda RBX: 0000000020007b40 RCX: 0000000020007b80
[  721.468719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  721.476007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  721.483332] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  721.490622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  721.497916] 
[  721.497916] Showing all locks held in the system:
[  721.504269] 1 lock held by khungtaskd/901:
[  721.508507]  #0: (____ptrval____) (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x428
[  721.517159] 2 locks held by rsyslogd/4404:
[  721.521404]  #0: (____ptrval____) (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200
[  721.529440]  #1: (____ptrval____) (&rq->lock){-.-.}, at: finish_wait+0x119/0x430
[  721.537035] 2 locks held by getty/4494:
[  721.541032]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.549338]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.558239] 2 locks held by getty/4495:
[  721.562221]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.570490]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.579376] 2 locks held by getty/4496:
[  721.583362]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.591640]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.600522] 2 locks held by getty/4497:
[  721.604502]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.612776]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.621676] 2 locks held by getty/4498:
[  721.625657]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.633926]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.642828] 2 locks held by getty/4499:
[  721.646811]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.655076]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.663966] 2 locks held by getty/4500:
[  721.667951]  #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  721.676237]  #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  721.685137] 3 locks held by syz-executor0/4555:
[  721.689814]  #0: (____ptrval____) (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0
[  721.697831]  #1: (____ptrval____) (&type->i_mutex_dir_key#5/1){+.+.}, at: filename_create+0x1b2/0x5b0
[  721.707257]  #2: (____ptrval____) (&fi->mutex){+.+.}, at: fuse_lock_inode+0xaf/0xe0
[  721.715112] 1 lock held by syz-executor0/4556:
[  721.719714]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.728434] 1 lock held by syz-executor0/4557:
[  721.733037]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.742218] 1 lock held by syz-executor0/4559:
[  721.746807]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.755528] 1 lock held by syz-executor0/4560:
[  721.760122]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.768837] 2 locks held by syz-executor0/4563:
[  721.773514]  #0: (____ptrval____) (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0
[  721.781543]  #1: (____ptrval____) (&type->i_mutex_dir_key#5/1){+.+.}, at: filename_create+0x1b2/0x5b0
[  721.790993] 1 lock held by syz-executor0/4564:
[  721.795606]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.804349] 1 lock held by syz-executor0/4565:
[  721.808943]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.817668] 1 lock held by syz-executor0/4567:
[  721.822259]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.830979] 1 lock held by syz-executor0/4568:
[  721.835589]  #0: (____ptrval____) (&type->i_mutex_dir_key#6){.+.+}, at: lookup_slow+0x49/0x80
[  721.844310] 
[  721.845950] =============================================
[  721.845950] 
[  721.852995] NMI backtrace for cpu 0
[  721.856650] CPU: 0 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc4+ #48
[  721.863471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  721.872802] Call Trace:
[  721.875467]  dump_stack+0x1c9/0x2b4
[  721.879076]  ? dump_stack_print_info.cold.2+0x52/0x52
[  721.884247]  ? vprintk_default+0x28/0x30
[  721.888292]  nmi_cpu_backtrace.cold.4+0x19/0xce
[  721.892937]  ? rcu_report_qs_rnp+0x7a0/0x7a0
[  721.897324]  ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f
[  721.902491]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  721.907745]  arch_trigger_cpumask_backtrace+0x14/0x20
[  721.912921]  watchdog+0x9c4/0xf80
[  721.916358]  ? reset_hung_task_detector+0xd0/0xd0
[  721.921184]  ? kasan_check_read+0x11/0x20
[  721.925311]  ? do_raw_spin_unlock+0xa7/0x2f0
[  721.929700]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  721.934782]  ? __kthread_parkme+0x58/0x1b0
[  721.938995]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  721.943988]  ? trace_hardirqs_on+0xd/0x10
[  721.948117]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  721.953632]  ? __kthread_parkme+0x106/0x1b0
[  721.957932]  kthread+0x345/0x410
[  721.961275]  ? reset_hung_task_detector+0xd0/0xd0
[  721.966095]  ? kthread_bind+0x40/0x40
[  721.969874]  ret_from_fork+0x3a/0x50
[  721.973637] Sending NMI from CPU 0 to CPUs 1:
[  721.978179] NMI backtrace for cpu 1
[  721.978190] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.18.0-rc4+ #48
[  721.978195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  721.978213] RIP: 0010:native_apic_msr_eoi_write+0x1/0x20
[  721.978215] Code: 48 ff ff ff e8 00 db 85 00 48 8b 85 48 ff ff ff e9 13 ff ff ff e8 8f db 85 00 e9 de fe ff ff e8 f5 27 13 00 90 90 90 90 90 55 <31> c0 b9 0b 08 00 00 89 c2 48 89 e5 0f 30 5d c3 0f 1f 44 00 00 66 
[  721.978339] RSP: 0018:ffff8801daf07e90 EFLAGS: 00000046
[  721.978346] RAX: ffffffff81340ac0 RBX: 1ffff1003b5e0fd4 RCX: 0000000000000000
[  721.978351] RDX: 1ffffffff11a2254 RSI: 0000000000000000 RDI: 00000000000000b0
[  721.978356] RBP: ffff8801daf07fe8 R08: 0000000000000000 R09: 0000000000000000
[  721.978361] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff88d112a0
[  721.978366] R13: ffff8801daf07fc0 R14: 0000000000000000 R15: 0000000000000000
[  721.978374] FS:  0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[  721.978379] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  721.978384] CR2: 0000000001cea000 CR3: 00000001cfd60000 CR4: 00000000001406e0
[  721.978392] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  721.978397] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  721.978399] Call Trace:
[  721.978402]  <IRQ>
[  721.978414]  ? smp_reschedule_interrupt+0xe4/0x670
[  721.978422]  ? smp_thermal_interrupt+0x820/0x820
[  721.978433]  ? _raw_spin_unlock+0x22/0x30
[  721.978444]  ? handle_edge_irq+0x330/0x870
[  721.978454]  ? task_prio+0x50/0x50
[  721.978466]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  721.978476]  reschedule_interrupt+0xf/0x20
[  721.978479]  </IRQ>
[  721.978489] RIP: 0010:native_safe_halt+0x6/0x10
[  721.978490] Code: c7 48 89 45 d8 e8 ba ff 25 fa 48 8b 45 d8 e9 d2 fe ff ff 48 89 df e8 a9 ff 25 fa eb 8a 90 90 90 90 90 90 90 55 48 89 e5 fb f4 <5d> c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 f4 5d c3 90 90 90 90 90 
[  721.978617] RSP: 0018:ffff8801d9af7c38 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff02
[  721.978625] RAX: dffffc0000000000 RBX: 1ffff1003b35ef8a RCX: 0000000000000000
[  721.978630] RDX: 1ffffffff11e3610 RSI: 0000000000000001 RDI: ffffffff88f1b080
[  721.978635] RBP: ffff8801d9af7c38 R08: ffffed003b5e46d7 R09: 0000000000000000
[  721.978640] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001
[  721.978645] R13: ffff8801d9af7cf0 R14: ffffffff899ed0e0 R15: 0000000000000000
[  721.978659]  ? trace_hardirqs_on+0xd/0x10
[  721.978667]  default_idle+0xc7/0x450
[  721.978676]  ? __sched_text_end+0x3/0x3
[  721.978685]  ? rcu_idle_enter+0x30a/0x480
[  721.978693]  ? rcu_eqs_special_set+0x1b0/0x1b0
[  721.978703]  ? tsc_verify_tsc_adjust+0x109/0x380
[  721.978713]  ? mark_tsc_async_resets+0x20/0x20
[  721.978721]  ? tick_nohz_idle_enter+0x219/0x320
[  721.978731]  arch_cpu_idle+0x10/0x20
[  721.978740]  default_idle_call+0x6d/0x90
[  721.978748]  do_idle+0x3aa/0x570
[  721.978757]  ? retint_kernel+0x10/0x10
[  721.978765]  ? arch_cpu_idle_exit+0x70/0x70
[  721.978775]  cpu_startup_entry+0x10c/0x120
[  721.978783]  ? cpu_in_idle+0x20/0x20
[  721.978794]  start_secondary+0x433/0x5d0
[  721.978803]  ? set_cpu_sibling_map+0x18b0/0x18b0
[  721.978814]  secondary_startup_64+0xa5/0xb0
[  721.979179] Kernel panic - not syncing: hung_task: blocked tasks
[  722.285865] CPU: 0 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc4+ #48
[  722.292680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.302012] Call Trace:
[  722.304591]  dump_stack+0x1c9/0x2b4
[  722.308200]  ? dump_stack_print_info.cold.2+0x52/0x52
[  722.313374]  ? printk_safe_log_store+0x2f0/0x2f0
[  722.318110]  panic+0x238/0x4e7
[  722.321283]  ? add_taint.cold.5+0x16/0x16
[  722.325414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  722.330932]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  722.336363]  ? printk_safe_flush+0xd7/0x130
[  722.340665]  watchdog+0x9d5/0xf80
[  722.344101]  ? reset_hung_task_detector+0xd0/0xd0
[  722.348927]  ? kasan_check_read+0x11/0x20
[  722.353063]  ? do_raw_spin_unlock+0xa7/0x2f0
[  722.357456]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  722.362537]  ? __kthread_parkme+0x58/0x1b0
[  722.366752]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  722.371748]  ? trace_hardirqs_on+0xd/0x10
[  722.375878]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  722.381838]  ? __kthread_parkme+0x106/0x1b0
[  722.386145]  kthread+0x345/0x410
[  722.389495]  ? reset_hung_task_detector+0xd0/0xd0
[  722.394316]  ? kthread_bind+0x40/0x40
[  722.398103]  ret_from_fork+0x3a/0x50
[  722.402443] Dumping ftrace buffer:
[  722.406020]    (ftrace buffer empty)
[  722.409709] Kernel Offset: disabled
[  722.413320] Rebooting in 86400 seconds..