[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   71.264093][   T27] audit: type=1800 audit(1583203004.997:25): pid=9668 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   71.284924][   T27] audit: type=1800 audit(1583203005.007:26): pid=9668 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   71.357896][   T27] audit: type=1800 audit(1583203005.007:27): pid=9668 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.255' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [  558.137494][ T1123] INFO: task syz-executor187:9828 blocked for more than 143 seconds.
[  558.137515][ T1123]       Not tainted 5.6.0-rc3-syzkaller #0
[  558.137521][ T1123] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  558.137529][ T1123] syz-executor187 D28072  9828   9824 0x00000004
[  558.137555][ T1123] Call Trace:
[  558.137706][ T1123]  __schedule+0x934/0x1f90
[  558.137739][ T1123]  ? firmware_map_remove+0x1a3/0x1a3
[  558.137787][ T1123]  ? lock_downgrade+0x920/0x920
[  558.137806][ T1123]  ? rwlock_bug.part.0+0x90/0x90
[  558.137835][ T1123]  schedule+0xdc/0x2b0
[  558.137856][ T1123]  schedule_preempt_disabled+0x13/0x20
[  558.137870][ T1123]  __mutex_lock+0x7ab/0x13c0
[  558.137921][ T1123]  ? fb_open+0xd7/0x450
[  558.137947][ T1123]  ? mutex_trylock+0x2d0/0x2d0
[  558.138022][ T1123]  ? __kasan_check_write+0x14/0x20
[  558.138039][ T1123]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  558.138082][ T1123]  ? chrdev_open+0xca/0x6b0
[  558.138128][ T1123]  mutex_lock_nested+0x16/0x20
[  558.138143][ T1123]  ? mutex_lock_nested+0x16/0x20
[  558.138157][ T1123]  fb_open+0xd7/0x450
[  558.138178][ T1123]  ? get_fb_info.part.0+0x80/0x80
[  558.138193][ T1123]  chrdev_open+0x245/0x6b0
[  558.138216][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.138286][ T1123]  ? security_file_open+0x87/0x300
[  558.138333][ T1123]  do_dentry_open+0x4e6/0x1380
[  558.138349][ T1123]  ? __kasan_check_read+0x11/0x20
[  558.138368][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.138393][ T1123]  ? chown_common+0x5c0/0x5c0
[  558.138438][ T1123]  ? inode_permission+0xb4/0x520
[  558.138467][ T1123]  vfs_open+0xa0/0xd0
[  558.138486][ T1123]  path_openat+0x12ee/0x3490
[  558.138529][ T1123]  ? path_mountpoint.isra.0+0x370/0x370
[  558.138542][ T1123]  ? __lock_acquire+0x16f2/0x4a00
[  558.138607][ T1123]  ? __alloc_fd+0x487/0x620
[  558.138635][ T1123]  do_filp_open+0x192/0x260
[  558.138654][ T1123]  ? may_open_dev+0x100/0x100
[  558.138697][ T1123]  ? do_raw_spin_unlock+0x181/0x270
[  558.138716][ T1123]  ? _raw_spin_unlock+0x28/0x40
[  558.138734][ T1123]  ? __alloc_fd+0x487/0x620
[  558.138782][ T1123]  do_sys_openat2+0x5eb/0x7e0
[  558.138807][ T1123]  ? file_open_root+0x430/0x430
[  558.138872][ T1123]  ? debug_smp_processor_id+0x33/0x18a
[  558.138945][ T1123]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  558.138975][ T1123]  do_sys_open+0xf2/0x180
[  558.138995][ T1123]  ? filp_open+0x80/0x80
[  558.139029][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.139047][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.139084][ T1123]  ? do_syscall_64+0x26/0x790
[  558.139100][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.139115][ T1123]  ? do_syscall_64+0x26/0x790
[  558.139141][ T1123]  __x64_sys_openat+0x9d/0x100
[  558.139164][ T1123]  do_syscall_64+0xfa/0x790
[  558.139188][ T1123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.139200][ T1123] RIP: 0033:0x441419
[  558.139250][ T1123] Code: Bad RIP value.
[  558.139259][ T1123] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  558.139274][ T1123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.139284][ T1123] RDX: 0000000000000000 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  558.139293][ T1123] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  558.139303][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  558.139312][ T1123] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.139356][ T1123] INFO: task syz-executor187:9829 blocked for more than 143 seconds.
[  558.139365][ T1123]       Not tainted 5.6.0-rc3-syzkaller #0
[  558.139371][ T1123] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  558.139378][ T1123] syz-executor187 D28072  9829   9827 0x00000004
[  558.139401][ T1123] Call Trace:
[  558.139424][ T1123]  __schedule+0x934/0x1f90
[  558.139453][ T1123]  ? firmware_map_remove+0x1a3/0x1a3
[  558.139466][ T1123]  ? lock_downgrade+0x920/0x920
[  558.139483][ T1123]  ? rwlock_bug.part.0+0x90/0x90
[  558.139511][ T1123]  schedule+0xdc/0x2b0
[  558.139532][ T1123]  schedule_preempt_disabled+0x13/0x20
[  558.139546][ T1123]  __mutex_lock+0x7ab/0x13c0
[  558.139566][ T1123]  ? fb_open+0xd7/0x450
[  558.139591][ T1123]  ? mutex_trylock+0x2d0/0x2d0
[  558.139611][ T1123]  ? __kasan_check_write+0x14/0x20
[  558.139626][ T1123]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  558.139643][ T1123]  ? chrdev_open+0xca/0x6b0
[  558.139687][ T1123]  mutex_lock_nested+0x16/0x20
[  558.139702][ T1123]  ? mutex_lock_nested+0x16/0x20
[  558.139716][ T1123]  fb_open+0xd7/0x450
[  558.139737][ T1123]  ? get_fb_info.part.0+0x80/0x80
[  558.139752][ T1123]  chrdev_open+0x245/0x6b0
[  558.139781][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.139807][ T1123]  ? security_file_open+0x87/0x300
[  558.139831][ T1123]  do_dentry_open+0x4e6/0x1380
[  558.139845][ T1123]  ? __kasan_check_read+0x11/0x20
[  558.139861][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.139886][ T1123]  ? chown_common+0x5c0/0x5c0
[  558.139905][ T1123]  ? inode_permission+0xb4/0x520
[  558.139933][ T1123]  vfs_open+0xa0/0xd0
[  558.139951][ T1123]  path_openat+0x12ee/0x3490
[  558.139994][ T1123]  ? path_mountpoint.isra.0+0x370/0x370
[  558.140007][ T1123]  ? __lock_acquire+0x16f2/0x4a00
[  558.140039][ T1123]  ? __alloc_fd+0x487/0x620
[  558.140066][ T1123]  do_filp_open+0x192/0x260
[  558.140085][ T1123]  ? may_open_dev+0x100/0x100
[  558.140127][ T1123]  ? do_raw_spin_unlock+0x181/0x270
[  558.140147][ T1123]  ? _raw_spin_unlock+0x28/0x40
[  558.140164][ T1123]  ? __alloc_fd+0x487/0x620
[  558.140207][ T1123]  do_sys_openat2+0x5eb/0x7e0
[  558.140232][ T1123]  ? file_open_root+0x430/0x430
[  558.140251][ T1123]  ? debug_smp_processor_id+0x33/0x18a
[  558.140270][ T1123]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  558.140299][ T1123]  do_sys_open+0xf2/0x180
[  558.140318][ T1123]  ? filp_open+0x80/0x80
[  558.140340][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.140356][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.140373][ T1123]  ? do_syscall_64+0x26/0x790
[  558.140388][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.140402][ T1123]  ? do_syscall_64+0x26/0x790
[  558.140428][ T1123]  __x64_sys_openat+0x9d/0x100
[  558.140450][ T1123]  do_syscall_64+0xfa/0x790
[  558.140474][ T1123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.140485][ T1123] RIP: 0033:0x441419
[  558.140504][ T1123] Code: Bad RIP value.
[  558.140513][ T1123] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  558.140527][ T1123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.140537][ T1123] RDX: 0000000000000000 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  558.140546][ T1123] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  558.140556][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  558.140565][ T1123] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.140607][ T1123] INFO: task syz-executor187:9830 blocked for more than 143 seconds.
[  558.140616][ T1123]       Not tainted 5.6.0-rc3-syzkaller #0
[  558.140621][ T1123] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  558.140628][ T1123] syz-executor187 D28072  9830   9826 0x00000004
[  558.140651][ T1123] Call Trace:
[  558.140673][ T1123]  __schedule+0x934/0x1f90
[  558.140701][ T1123]  ? firmware_map_remove+0x1a3/0x1a3
[  558.140714][ T1123]  ? lock_downgrade+0x920/0x920
[  558.140731][ T1123]  ? rwlock_bug.part.0+0x90/0x90
[  558.140764][ T1123]  schedule+0xdc/0x2b0
[  558.140786][ T1123]  schedule_preempt_disabled+0x13/0x20
[  558.140800][ T1123]  __mutex_lock+0x7ab/0x13c0
[  558.140820][ T1123]  ? fb_open+0xd7/0x450
[  558.140844][ T1123]  ? mutex_trylock+0x2d0/0x2d0
[  558.140865][ T1123]  ? __kasan_check_write+0x14/0x20
[  558.140879][ T1123]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  558.140896][ T1123]  ? chrdev_open+0xca/0x6b0
[  558.140941][ T1123]  mutex_lock_nested+0x16/0x20
[  558.140955][ T1123]  ? mutex_lock_nested+0x16/0x20
[  558.140969][ T1123]  fb_open+0xd7/0x450
[  558.140990][ T1123]  ? get_fb_info.part.0+0x80/0x80
[  558.141005][ T1123]  chrdev_open+0x245/0x6b0
[  558.141028][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.141054][ T1123]  ? security_file_open+0x87/0x300
[  558.141077][ T1123]  do_dentry_open+0x4e6/0x1380
[  558.141092][ T1123]  ? __kasan_check_read+0x11/0x20
[  558.141110][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.141135][ T1123]  ? chown_common+0x5c0/0x5c0
[  558.141154][ T1123]  ? inode_permission+0xb4/0x520
[  558.141182][ T1123]  vfs_open+0xa0/0xd0
[  558.141199][ T1123]  path_openat+0x12ee/0x3490
[  558.141242][ T1123]  ? path_mountpoint.isra.0+0x370/0x370
[  558.141255][ T1123]  ? __lock_acquire+0x16f2/0x4a00
[  558.141286][ T1123]  ? __alloc_fd+0x487/0x620
[  558.141313][ T1123]  do_filp_open+0x192/0x260
[  558.141332][ T1123]  ? may_open_dev+0x100/0x100
[  558.141395][ T1123]  ? do_raw_spin_unlock+0x181/0x270
[  558.141415][ T1123]  ? _raw_spin_unlock+0x28/0x40
[  558.141432][ T1123]  ? __alloc_fd+0x487/0x620
[  558.141474][ T1123]  do_sys_openat2+0x5eb/0x7e0
[  558.141499][ T1123]  ? file_open_root+0x430/0x430
[  558.141518][ T1123]  ? debug_smp_processor_id+0x33/0x18a
[  558.141538][ T1123]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  558.141566][ T1123]  do_sys_open+0xf2/0x180
[  558.141586][ T1123]  ? filp_open+0x80/0x80
[  558.141607][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.141624][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.141640][ T1123]  ? do_syscall_64+0x26/0x790
[  558.141655][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.141670][ T1123]  ? do_syscall_64+0x26/0x790
[  558.141695][ T1123]  __x64_sys_openat+0x9d/0x100
[  558.141718][ T1123]  do_syscall_64+0xfa/0x790
[  558.141742][ T1123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.141752][ T1123] RIP: 0033:0x441419
[  558.141773][ T1123] Code: Bad RIP value.
[  558.141782][ T1123] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  558.141796][ T1123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.141806][ T1123] RDX: 0000000000000000 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  558.141815][ T1123] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  558.141824][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  558.141833][ T1123] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.141875][ T1123] INFO: task syz-executor187:9831 blocked for more than 143 seconds.
[  558.141884][ T1123]       Not tainted 5.6.0-rc3-syzkaller #0
[  558.141890][ T1123] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  558.141896][ T1123] syz-executor187 D28056  9831   9822 0x00000004
[  558.141919][ T1123] Call Trace:
[  558.141941][ T1123]  __schedule+0x934/0x1f90
[  558.141968][ T1123]  ? firmware_map_remove+0x1a3/0x1a3
[  558.141981][ T1123]  ? lock_downgrade+0x920/0x920
[  558.141998][ T1123]  ? rwlock_bug.part.0+0x90/0x90
[  558.142026][ T1123]  schedule+0xdc/0x2b0
[  558.142046][ T1123]  schedule_preempt_disabled+0x13/0x20
[  558.142061][ T1123]  __mutex_lock+0x7ab/0x13c0
[  558.142081][ T1123]  ? fb_open+0xd7/0x450
[  558.142105][ T1123]  ? mutex_trylock+0x2d0/0x2d0
[  558.142126][ T1123]  ? __kasan_check_write+0x14/0x20
[  558.142141][ T1123]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  558.142157][ T1123]  ? chrdev_open+0xca/0x6b0
[  558.142202][ T1123]  mutex_lock_nested+0x16/0x20
[  558.142217][ T1123]  ? mutex_lock_nested+0x16/0x20
[  558.142231][ T1123]  fb_open+0xd7/0x450
[  558.142251][ T1123]  ? get_fb_info.part.0+0x80/0x80
[  558.142266][ T1123]  chrdev_open+0x245/0x6b0
[  558.142289][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.142315][ T1123]  ? security_file_open+0x87/0x300
[  558.142338][ T1123]  do_dentry_open+0x4e6/0x1380
[  558.142352][ T1123]  ? __kasan_check_read+0x11/0x20
[  558.142371][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.142396][ T1123]  ? chown_common+0x5c0/0x5c0
[  558.142415][ T1123]  ? inode_permission+0xb4/0x520
[  558.142442][ T1123]  vfs_open+0xa0/0xd0
[  558.142460][ T1123]  path_openat+0x12ee/0x3490
[  558.142504][ T1123]  ? path_mountpoint.isra.0+0x370/0x370
[  558.142517][ T1123]  ? __lock_acquire+0x16f2/0x4a00
[  558.142548][ T1123]  ? __alloc_fd+0x487/0x620
[  558.142575][ T1123]  do_filp_open+0x192/0x260
[  558.142594][ T1123]  ? may_open_dev+0x100/0x100
[  558.142641][ T1123]  ? do_raw_spin_unlock+0x181/0x270
[  558.142661][ T1123]  ? _raw_spin_unlock+0x28/0x40
[  558.142678][ T1123]  ? __alloc_fd+0x487/0x620
[  558.142721][ T1123]  do_sys_openat2+0x5eb/0x7e0
[  558.142746][ T1123]  ? file_open_root+0x430/0x430
[  558.142769][ T1123]  ? debug_smp_processor_id+0x33/0x18a
[  558.142790][ T1123]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  558.142818][ T1123]  do_sys_open+0xf2/0x180
[  558.142838][ T1123]  ? filp_open+0x80/0x80
[  558.142859][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.142876][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.142892][ T1123]  ? do_syscall_64+0x26/0x790
[  558.142907][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.142922][ T1123]  ? do_syscall_64+0x26/0x790
[  558.142948][ T1123]  __x64_sys_openat+0x9d/0x100
[  558.142970][ T1123]  do_syscall_64+0xfa/0x790
[  558.142994][ T1123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.143010][ T1123] RIP: 0033:0x441419
[  558.143026][ T1123] Code: Bad RIP value.
[  558.143035][ T1123] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  558.143049][ T1123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.143058][ T1123] RDX: 0000000000000000 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  558.143068][ T1123] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  558.143077][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  558.143086][ T1123] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.143128][ T1123] INFO: task syz-executor187:9832 blocked for more than 143 seconds.
[  558.143137][ T1123]       Not tainted 5.6.0-rc3-syzkaller #0
[  558.143142][ T1123] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  558.143149][ T1123] syz-executor187 D28072  9832   9825 0x00000004
[  558.143172][ T1123] Call Trace:
[  558.143194][ T1123]  __schedule+0x934/0x1f90
[  558.143221][ T1123]  ? firmware_map_remove+0x1a3/0x1a3
[  558.143234][ T1123]  ? lock_downgrade+0x920/0x920
[  558.143252][ T1123]  ? rwlock_bug.part.0+0x90/0x90
[  558.143278][ T1123]  schedule+0xdc/0x2b0
[  558.143299][ T1123]  schedule_preempt_disabled+0x13/0x20
[  558.143313][ T1123]  __mutex_lock+0x7ab/0x13c0
[  558.143334][ T1123]  ? fb_open+0xd7/0x450
[  558.143358][ T1123]  ? mutex_trylock+0x2d0/0x2d0
[  558.143378][ T1123]  ? __kasan_check_write+0x14/0x20
[  558.143393][ T1123]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  558.143410][ T1123]  ? chrdev_open+0xca/0x6b0
[  558.143454][ T1123]  mutex_lock_nested+0x16/0x20
[  558.143469][ T1123]  ? mutex_lock_nested+0x16/0x20
[  558.143483][ T1123]  fb_open+0xd7/0x450
[  558.143504][ T1123]  ? get_fb_info.part.0+0x80/0x80
[  558.143519][ T1123]  chrdev_open+0x245/0x6b0
[  558.143542][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.143567][ T1123]  ? security_file_open+0x87/0x300
[  558.143591][ T1123]  do_dentry_open+0x4e6/0x1380
[  558.143605][ T1123]  ? __kasan_check_read+0x11/0x20
[  558.143623][ T1123]  ? cdev_put.part.0+0x50/0x50
[  558.143648][ T1123]  ? chown_common+0x5c0/0x5c0
[  558.143667][ T1123]  ? inode_permission+0xb4/0x520
[  558.143695][ T1123]  vfs_open+0xa0/0xd0
[  558.143712][ T1123]  path_openat+0x12ee/0x3490
[  558.143755][ T1123]  ? path_mountpoint.isra.0+0x370/0x370
[  558.143774][ T1123]  ? __lock_acquire+0x16f2/0x4a00
[  558.143806][ T1123]  ? __alloc_fd+0x487/0x620
[  558.143832][ T1123]  do_filp_open+0x192/0x260
[  558.143851][ T1123]  ? may_open_dev+0x100/0x100
[  558.143894][ T1123]  ? do_raw_spin_unlock+0x181/0x270
[  558.143913][ T1123]  ? _raw_spin_unlock+0x28/0x40
[  558.143930][ T1123]  ? __alloc_fd+0x487/0x620
[  558.143972][ T1123]  do_sys_openat2+0x5eb/0x7e0
[  558.143995][ T1123]  ? file_open_root+0x430/0x430
[  558.144014][ T1123]  ? debug_smp_processor_id+0x33/0x18a
[  558.144034][ T1123]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  558.144062][ T1123]  do_sys_open+0xf2/0x180
[  558.144081][ T1123]  ? filp_open+0x80/0x80
[  558.144103][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.144119][ T1123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  558.144136][ T1123]  ? do_syscall_64+0x26/0x790
[  558.144151][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.144165][ T1123]  ? do_syscall_64+0x26/0x790
[  558.144191][ T1123]  __x64_sys_openat+0x9d/0x100
[  558.144213][ T1123]  do_syscall_64+0xfa/0x790
[  558.144237][ T1123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.144248][ T1123] RIP: 0033:0x441419
[  558.144265][ T1123] Code: Bad RIP value.
[  558.144274][ T1123] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  558.144288][ T1123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.144297][ T1123] RDX: 0000000000000000 RSI: 0000000020000180 RDI: ffffffffffffff9c
[  558.144307][ T1123] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  558.144316][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  558.144325][ T1123] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.144362][ T1123] 
[  558.144362][ T1123] Showing all locks held in the system:
[  558.144377][ T1123] 1 lock held by khungtaskd/1123:
[  558.144383][ T1123]  #0: ffffffff89bac340 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279
[  558.144447][ T1123] 1 lock held by rsyslogd/9706:
[  558.144453][ T1123]  #0: ffff88809b7aa120 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  558.144487][ T1123] 2 locks held by getty/9796:
[  558.144492][ T1123]  #0: ffff888096ed9090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144519][ T1123]  #1: ffffc900061c32e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144617][ T1123] 2 locks held by getty/9797:
[  558.144622][ T1123]  #0: ffff8880a5393090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144650][ T1123]  #1: ffffc900062032e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144681][ T1123] 2 locks held by getty/9798:
[  558.144686][ T1123]  #0: ffff888092397090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144713][ T1123]  #1: ffffc900061b32e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144744][ T1123] 2 locks held by getty/9799:
[  558.144750][ T1123]  #0: ffff88809e712090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144783][ T1123]  #1: ffffc900061d32e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144815][ T1123] 2 locks held by getty/9800:
[  558.144820][ T1123]  #0: ffff88809300e090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144846][ T1123]  #1: ffffc900061832e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144878][ T1123] 2 locks held by getty/9801:
[  558.144883][ T1123]  #0: ffff88808d428090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144910][ T1123]  #1: ffffc900062072e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.144942][ T1123] 2 locks held by getty/9802:
[  558.144947][ T1123]  #0: ffff88808bb3b090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  558.144973][ T1123]  #1: ffffc9000616b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  558.145007][ T1123] 2 locks held by syz-executor187/9823:
[  558.145017][ T1123] 1 lock held by syz-executor187/9828:
[  558.145023][ T1123]  #0: ffff888218c1a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  558.145054][ T1123] 1 lock held by syz-executor187/9829:
[  558.145059][ T1123]  #0: ffff888218c1a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  558.145089][ T1123] 1 lock held by syz-executor187/9830:
[  558.145094][ T1123]  #0: ffff888218c1a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  558.145125][ T1123] 1 lock held by syz-executor187/9831:
[  558.145130][ T1123]  #0: ffff888218c1a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  558.145161][ T1123] 1 lock held by syz-executor187/9832:
[  558.145166][ T1123]  #0: ffff888218c1a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  558.145192][ T1123] 
[  558.145198][ T1123] =============================================
[  558.145198][ T1123] 
[  558.145205][ T1123] NMI backtrace for cpu 1
[  558.145220][ T1123] CPU: 1 PID: 1123 Comm: khungtaskd Not tainted 5.6.0-rc3-syzkaller #0
[  558.145228][ T1123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  558.145233][ T1123] Call Trace:
[  558.145305][ T1123]  dump_stack+0x197/0x210
[  558.145332][ T1123]  nmi_cpu_backtrace.cold+0x70/0xb2
[  558.145369][ T1123]  ? vprintk_func+0x86/0x189
[  558.145467][ T1123]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[  558.145486][ T1123]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  558.145510][ T1123]  arch_trigger_cpumask_backtrace+0x14/0x20
[  558.145570][ T1123]  watchdog+0xb11/0x10c0
[  558.145649][ T1123]  kthread+0x361/0x430
[  558.145667][ T1123]  ? reset_hung_task_detector+0x30/0x30
[  558.145680][ T1123]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  558.145700][ T1123]  ret_from_fork+0x24/0x30
[  558.145740][ T1123] Sending NMI from CPU 1 to CPUs 0:
[  558.146619][    C0] NMI backtrace for cpu 0
[  558.146627][    C0] CPU: 0 PID: 9823 Comm: syz-executor187 Not tainted 5.6.0-rc3-syzkaller #0
[  558.146633][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  558.146637][    C0] RIP: 0010:bitfill_aligned+0x60/0x210
[  558.146649][    C0] Code: 60 ad fd 43 8d 3c 3c 44 89 f9 31 d2 48 c7 c6 ff ff ff ff 89 7d c4 48 89 f0 48 d3 e0 48 89 45 d0 89 f8 41 f7 f5 89 d1 48 d3 e6 <48> f7 d6 48 89 75 c8 44 89 ee e8 e1 60 ad fd 8b 7d c4 44 39 ef 77
[  558.146653][    C0] RSP: 0018:ffffc9000626f468 EFLAGS: 00000246
[  558.146661][    C0] RAX: 0000000000000050 RBX: 0000000000000000 RCX: 0000000000000000
[  558.146666][    C0] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000001400
[  558.146672][    C0] RBP: ffffc9000626f4a8 R08: ffff888098b22000 R09: 0000000000000040
[  558.146677][    C0] R10: ffffed1043183603 R11: ffff888218c1b01f R12: 0000000000001400
[  558.146682][    C0] R13: 0000000000000040 R14: ffff8880000a0000 R15: 0000000000000000
[  558.146688][    C0] FS:  0000000002165880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
[  558.146693][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  558.146698][    C0] CR2: ffffffffff600400 CR3: 00000000a8a28000 CR4: 00000000001406f0
[  558.146703][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  558.146708][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  558.146711][    C0] Call Trace:
[  558.146715][    C0]  cfb_fillrect+0x423/0x7c0
[  558.146718][    C0]  ? cfb_fillrect+0x7c0/0x7c0
[  558.146722][    C0]  vga16fb_fillrect+0x6ce/0x19b0
[  558.146726][    C0]  bit_clear_margins+0x30b/0x530
[  558.146729][    C0]  ? bit_bmove+0x270/0x270
[  558.146733][    C0]  ? vesafb_probe.cold+0x1279/0x1279
[  558.146737][    C0]  fbcon_clear_margins+0x1e9/0x250
[  558.146741][    C0]  fbcon_switch+0xd7f/0x17f0
[  558.146745][    C0]  ? fbcon_set_def_font+0x360/0x360
[  558.146748][    C0]  ? fbcon_cursor+0x48c/0x660
[  558.146753][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  558.146757][    C0]  ? fbcon_set_origin+0x2b/0x50
[  558.146760][    C0]  ? fbcon_scrolldelta+0x1220/0x1220
[  558.146765][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  558.146768][    C0]  redraw_screen+0x2b6/0x7d0
[  558.146772][    C0]  ? vesafb_probe.cold+0x1279/0x1279
[  558.146776][    C0]  ? respond_string+0x2c0/0x2c0
[  558.146780][    C0]  ? fbcon_set_palette+0x3c4/0x4a0
[  558.146784][    C0]  fbcon_modechanged+0x5c3/0x790
[  558.146788][    C0]  fbcon_update_vcs+0x42/0x50
[  558.146791][    C0]  fb_set_var+0xb32/0xdd0
[  558.146795][    C0]  ? fb_blank+0x1a0/0x1a0
[  558.146799][    C0]  ? lock_acquire+0x190/0x410
[  558.146803][    C0]  ? __mutex_lock+0x458/0x13c0
[  558.146806][    C0]  ? down+0x50/0x90
[  558.146810][    C0]  ? do_fb_ioctl+0x335/0x7d0
[  558.146813][    C0]  do_fb_ioctl+0x390/0x7d0
[  558.146817][    C0]  ? fb_mmap+0x560/0x560
[  558.146821][    C0]  ? do_wp_page+0x54b/0x1540
[  558.146825][    C0]  ? __sanitizer_cov_trace_switch+0x49/0x80
[  558.146830][    C0]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  558.146833][    C0]  ? do_vfs_ioctl+0x568/0x13b0
[  558.146837][    C0]  ? __kasan_check_write+0x14/0x20
[  558.146841][    C0]  ? up_read+0x1cd/0x810
[  558.146844][    C0]  fb_ioctl+0xe6/0x130
[  558.146848][    C0]  ? do_fb_ioctl+0x7d0/0x7d0
[  558.146852][    C0]  ksys_ioctl+0x123/0x180
[  558.146855][    C0]  __x64_sys_ioctl+0x73/0xb0
[  558.146859][    C0]  do_syscall_64+0xfa/0x790
[  558.146864][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.146867][    C0] RIP: 0033:0x441419
[  558.146878][    C0] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  558.146883][    C0] RSP: 002b:00007fff4d0fd738 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  558.146892][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  558.146898][    C0] RDX: 0000000020000000 RSI: 0000000000004601 RDI: 0000000000000003
[  558.146903][    C0] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
[  558.146909][    C0] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000402190
[  558.146914][    C0] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  558.146925][ T1123] Kernel panic - not syncing: hung_task: blocked tasks
[  558.146943][ T1123] CPU: 1 PID: 1123 Comm: khungtaskd Not tainted 5.6.0-rc3-syzkaller #0
[  558.146950][ T1123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  558.146955][ T1123] Call Trace:
[  558.146971][ T1123]  dump_stack+0x197/0x210
[  558.147053][ T1123]  panic+0x2e3/0x75c
[  558.147070][ T1123]  ? add_taint.cold+0x16/0x16
[  558.147088][ T1123]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  558.147102][ T1123]  ? printk_safe_flush+0xf2/0x140
[  558.147117][ T1123]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  558.147137][ T1123]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[  558.147152][ T1123]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[  558.147176][ T1123]  watchdog+0xb22/0x10c0
[  558.147208][ T1123]  kthread+0x361/0x430
[  558.147224][ T1123]  ? reset_hung_task_detector+0x30/0x30
[  558.147237][ T1123]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  558.147257][ T1123]  ret_from_fork+0x24/0x30
[  558.148826][ T1123] Kernel Offset: disabled
[  560.756679][ T1123] Rebooting in 86400 seconds..