[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   70.703892][   T27] audit: type=1800 audit(1578754707.609:25): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   70.724072][   T27] audit: type=1800 audit(1578754707.609:26): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   70.777653][   T27] audit: type=1800 audit(1578754707.609:27): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.189' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [  578.012352][ T1129] INFO: task syz-executor333:9667 blocked for more than 143 seconds.
[  578.012376][ T1129]       Not tainted 5.5.0-rc5-syzkaller #0
[  578.012382][ T1129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  578.012389][ T1129] syz-executor333 D28160  9667   9666 0x00004004
[  578.012414][ T1129] Call Trace:
[  578.012507][ T1129]  __schedule+0x934/0x1f90
[  578.012532][ T1129]  ? __sched_text_start+0x8/0x8
[  578.012599][ T1129]  ? lock_downgrade+0x920/0x920
[  578.012640][ T1129]  ? rwlock_bug.part.0+0x90/0x90
[  578.012663][ T1129]  schedule+0xdc/0x2b0
[  578.012683][ T1129]  schedule_preempt_disabled+0x13/0x20
[  578.012699][ T1129]  __mutex_lock+0x7ab/0x13c0
[  578.012756][ T1129]  ? fb_open+0xd7/0x450
[  578.012778][ T1129]  ? mutex_trylock+0x2d0/0x2d0
[  578.012797][ T1129]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  578.012830][ T1129]  ? chrdev_open+0xca/0x6b0
[  578.012863][ T1129]  mutex_lock_nested+0x16/0x20
[  578.012879][ T1129]  ? mutex_lock_nested+0x16/0x20
[  578.012894][ T1129]  fb_open+0xd7/0x450
[  578.012914][ T1129]  ? get_fb_info.part.0+0x80/0x80
[  578.012927][ T1129]  chrdev_open+0x245/0x6b0
[  578.012945][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.012986][ T1129]  ? security_file_open+0x87/0x300
[  578.013040][ T1129]  do_dentry_open+0x4e6/0x1380
[  578.013095][ T1129]  ? __kasan_check_read+0x11/0x20
[  578.013111][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.013133][ T1129]  ? chown_common+0x5c0/0x5c0
[  578.013151][ T1129]  ? inode_permission+0xb4/0x520
[  578.013171][ T1129]  vfs_open+0xa0/0xd0
[  578.013189][ T1129]  path_openat+0x10df/0x4500
[  578.013201][ T1129]  ? save_stack+0x23/0x90
[  578.013216][ T1129]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  578.013229][ T1129]  ? kasan_slab_alloc+0xf/0x20
[  578.013243][ T1129]  ? kmem_cache_alloc+0x121/0x710
[  578.013258][ T1129]  ? getname_flags+0xd6/0x5b0
[  578.013272][ T1129]  ? getname+0x1a/0x20
[  578.013303][ T1129]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  578.013317][ T1129]  ? __lock_acquire+0x16f2/0x4a00
[  578.013357][ T1129]  ? __alloc_fd+0x487/0x620
[  578.013380][ T1129]  do_filp_open+0x1a1/0x280
[  578.013399][ T1129]  ? may_open_dev+0x100/0x100
[  578.013429][ T1129]  ? do_raw_spin_unlock+0x181/0x270
[  578.013464][ T1129]  do_sys_open+0x3fe/0x5d0
[  578.013487][ T1129]  ? filp_open+0x80/0x80
[  578.013537][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.013558][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.013575][ T1129]  ? do_syscall_64+0x26/0x790
[  578.013616][ T1129]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.013631][ T1129]  ? do_syscall_64+0x26/0x790
[  578.013719][ T1129]  __x64_sys_openat+0x9d/0x100
[  578.013741][ T1129]  do_syscall_64+0xfa/0x790
[  578.013765][ T1129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.013777][ T1129] RIP: 0033:0x441419
[  578.013828][ T1129] Code: Bad RIP value.
[  578.013840][ T1129] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.013856][ T1129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.013866][ T1129] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  578.013874][ T1129] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  578.013884][ T1129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  578.013893][ T1129] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.013924][ T1129] INFO: task syz-executor333:9668 blocked for more than 143 seconds.
[  578.013933][ T1129]       Not tainted 5.5.0-rc5-syzkaller #0
[  578.013940][ T1129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  578.013947][ T1129] syz-executor333 D28160  9668   9663 0x00000004
[  578.013970][ T1129] Call Trace:
[  578.013991][ T1129]  __schedule+0x934/0x1f90
[  578.014014][ T1129]  ? __sched_text_start+0x8/0x8
[  578.014029][ T1129]  ? lock_downgrade+0x920/0x920
[  578.014047][ T1129]  ? rwlock_bug.part.0+0x90/0x90
[  578.014070][ T1129]  schedule+0xdc/0x2b0
[  578.014090][ T1129]  schedule_preempt_disabled+0x13/0x20
[  578.014106][ T1129]  __mutex_lock+0x7ab/0x13c0
[  578.014126][ T1129]  ? fb_open+0xd7/0x450
[  578.014147][ T1129]  ? mutex_trylock+0x2d0/0x2d0
[  578.014167][ T1129]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  578.014181][ T1129]  ? chrdev_open+0xca/0x6b0
[  578.014214][ T1129]  mutex_lock_nested+0x16/0x20
[  578.014230][ T1129]  ? mutex_lock_nested+0x16/0x20
[  578.014246][ T1129]  fb_open+0xd7/0x450
[  578.014266][ T1129]  ? get_fb_info.part.0+0x80/0x80
[  578.014280][ T1129]  chrdev_open+0x245/0x6b0
[  578.014298][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.014320][ T1129]  ? security_file_open+0x87/0x300
[  578.014343][ T1129]  do_dentry_open+0x4e6/0x1380
[  578.014359][ T1129]  ? __kasan_check_read+0x11/0x20
[  578.014375][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.014397][ T1129]  ? chown_common+0x5c0/0x5c0
[  578.014417][ T1129]  ? inode_permission+0xb4/0x520
[  578.014438][ T1129]  vfs_open+0xa0/0xd0
[  578.014458][ T1129]  path_openat+0x10df/0x4500
[  578.014472][ T1129]  ? save_stack+0x23/0x90
[  578.014487][ T1129]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  578.014501][ T1129]  ? kasan_slab_alloc+0xf/0x20
[  578.014519][ T1129]  ? kmem_cache_alloc+0x121/0x710
[  578.014535][ T1129]  ? getname_flags+0xd6/0x5b0
[  578.014550][ T1129]  ? getname+0x1a/0x20
[  578.014582][ T1129]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  578.014597][ T1129]  ? __lock_acquire+0x16f2/0x4a00
[  578.014621][ T1129]  ? __alloc_fd+0x487/0x620
[  578.014645][ T1129]  do_filp_open+0x1a1/0x280
[  578.014665][ T1129]  ? may_open_dev+0x100/0x100
[  578.014702][ T1129]  ? do_raw_spin_unlock+0x181/0x270
[  578.014737][ T1129]  do_sys_open+0x3fe/0x5d0
[  578.014756][ T1129]  ? filp_open+0x80/0x80
[  578.014776][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.014794][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.014811][ T1129]  ? do_syscall_64+0x26/0x790
[  578.014827][ T1129]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.014844][ T1129]  ? do_syscall_64+0x26/0x790
[  578.014864][ T1129]  __x64_sys_openat+0x9d/0x100
[  578.014884][ T1129]  do_syscall_64+0xfa/0x790
[  578.014905][ T1129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.014916][ T1129] RIP: 0033:0x441419
[  578.014925][ T1129] Code: Bad RIP value.
[  578.014934][ T1129] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.014948][ T1129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.014958][ T1129] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  578.014968][ T1129] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  578.014978][ T1129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  578.014987][ T1129] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.015016][ T1129] INFO: task syz-executor333:9669 blocked for more than 143 seconds.
[  578.015025][ T1129]       Not tainted 5.5.0-rc5-syzkaller #0
[  578.015031][ T1129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  578.015037][ T1129] syz-executor333 D28160  9669   9665 0x00000004
[  578.015060][ T1129] Call Trace:
[  578.015081][ T1129]  __schedule+0x934/0x1f90
[  578.015104][ T1129]  ? __sched_text_start+0x8/0x8
[  578.015118][ T1129]  ? lock_downgrade+0x920/0x920
[  578.015136][ T1129]  ? rwlock_bug.part.0+0x90/0x90
[  578.015161][ T1129]  schedule+0xdc/0x2b0
[  578.015180][ T1129]  schedule_preempt_disabled+0x13/0x20
[  578.015197][ T1129]  __mutex_lock+0x7ab/0x13c0
[  578.015216][ T1129]  ? fb_open+0xd7/0x450
[  578.015238][ T1129]  ? mutex_trylock+0x2d0/0x2d0
[  578.015257][ T1129]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  578.015271][ T1129]  ? chrdev_open+0xca/0x6b0
[  578.015304][ T1129]  mutex_lock_nested+0x16/0x20
[  578.015320][ T1129]  ? mutex_lock_nested+0x16/0x20
[  578.015336][ T1129]  fb_open+0xd7/0x450
[  578.015357][ T1129]  ? get_fb_info.part.0+0x80/0x80
[  578.015371][ T1129]  chrdev_open+0x245/0x6b0
[  578.015389][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.015411][ T1129]  ? security_file_open+0x87/0x300
[  578.015433][ T1129]  do_dentry_open+0x4e6/0x1380
[  578.015447][ T1129]  ? __kasan_check_read+0x11/0x20
[  578.015463][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.015485][ T1129]  ? chown_common+0x5c0/0x5c0
[  578.015504][ T1129]  ? inode_permission+0xb4/0x520
[  578.015526][ T1129]  vfs_open+0xa0/0xd0
[  578.015544][ T1129]  path_openat+0x10df/0x4500
[  578.015557][ T1129]  ? save_stack+0x23/0x90
[  578.015573][ T1129]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  578.015587][ T1129]  ? kasan_slab_alloc+0xf/0x20
[  578.015601][ T1129]  ? kmem_cache_alloc+0x121/0x710
[  578.015616][ T1129]  ? getname_flags+0xd6/0x5b0
[  578.015631][ T1129]  ? getname+0x1a/0x20
[  578.015663][ T1129]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  578.015763][ T1129]  ? __lock_acquire+0x16f2/0x4a00
[  578.015799][ T1129]  ? __alloc_fd+0x487/0x620
[  578.015840][ T1129]  do_filp_open+0x1a1/0x280
[  578.015859][ T1129]  ? may_open_dev+0x100/0x100
[  578.015890][ T1129]  ? do_raw_spin_unlock+0x181/0x270
[  578.015928][ T1129]  do_sys_open+0x3fe/0x5d0
[  578.015946][ T1129]  ? filp_open+0x80/0x80
[  578.015966][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.015984][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.016000][ T1129]  ? do_syscall_64+0x26/0x790
[  578.016016][ T1129]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.016032][ T1129]  ? do_syscall_64+0x26/0x790
[  578.016052][ T1129]  __x64_sys_openat+0x9d/0x100
[  578.016071][ T1129]  do_syscall_64+0xfa/0x790
[  578.016091][ T1129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.016103][ T1129] RIP: 0033:0x441419
[  578.016116][ T1129] Code: Bad RIP value.
[  578.016125][ T1129] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.016140][ T1129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.016150][ T1129] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  578.016159][ T1129] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  578.016169][ T1129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  578.016178][ T1129] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.016208][ T1129] INFO: task syz-executor333:9670 blocked for more than 143 seconds.
[  578.016218][ T1129]       Not tainted 5.5.0-rc5-syzkaller #0
[  578.016224][ T1129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  578.016231][ T1129] syz-executor333 D28160  9670   9661 0x00004004
[  578.016255][ T1129] Call Trace:
[  578.016276][ T1129]  __schedule+0x934/0x1f90
[  578.016299][ T1129]  ? __sched_text_start+0x8/0x8
[  578.016312][ T1129]  ? lock_downgrade+0x920/0x920
[  578.016328][ T1129]  ? rwlock_bug.part.0+0x90/0x90
[  578.016349][ T1129]  schedule+0xdc/0x2b0
[  578.016370][ T1129]  schedule_preempt_disabled+0x13/0x20
[  578.016386][ T1129]  __mutex_lock+0x7ab/0x13c0
[  578.016405][ T1129]  ? fb_open+0xd7/0x450
[  578.016426][ T1129]  ? mutex_trylock+0x2d0/0x2d0
[  578.016446][ T1129]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  578.016461][ T1129]  ? chrdev_open+0xca/0x6b0
[  578.016495][ T1129]  mutex_lock_nested+0x16/0x20
[  578.016510][ T1129]  ? mutex_lock_nested+0x16/0x20
[  578.016529][ T1129]  fb_open+0xd7/0x450
[  578.016549][ T1129]  ? get_fb_info.part.0+0x80/0x80
[  578.016563][ T1129]  chrdev_open+0x245/0x6b0
[  578.016581][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.016602][ T1129]  ? security_file_open+0x87/0x300
[  578.016624][ T1129]  do_dentry_open+0x4e6/0x1380
[  578.016638][ T1129]  ? __kasan_check_read+0x11/0x20
[  578.016654][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.016676][ T1129]  ? chown_common+0x5c0/0x5c0
[  578.016695][ T1129]  ? inode_permission+0xb4/0x520
[  578.016716][ T1129]  vfs_open+0xa0/0xd0
[  578.016734][ T1129]  path_openat+0x10df/0x4500
[  578.016748][ T1129]  ? save_stack+0x23/0x90
[  578.016763][ T1129]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  578.016777][ T1129]  ? kasan_slab_alloc+0xf/0x20
[  578.016791][ T1129]  ? kmem_cache_alloc+0x121/0x710
[  578.016806][ T1129]  ? getname_flags+0xd6/0x5b0
[  578.016827][ T1129]  ? getname+0x1a/0x20
[  578.016859][ T1129]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  578.016873][ T1129]  ? __lock_acquire+0x16f2/0x4a00
[  578.016896][ T1129]  ? __alloc_fd+0x487/0x620
[  578.016918][ T1129]  do_filp_open+0x1a1/0x280
[  578.016937][ T1129]  ? may_open_dev+0x100/0x100
[  578.016968][ T1129]  ? do_raw_spin_unlock+0x181/0x270
[  578.017004][ T1129]  do_sys_open+0x3fe/0x5d0
[  578.017023][ T1129]  ? filp_open+0x80/0x80
[  578.017041][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.017059][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.017076][ T1129]  ? do_syscall_64+0x26/0x790
[  578.017091][ T1129]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.017107][ T1129]  ? do_syscall_64+0x26/0x790
[  578.017128][ T1129]  __x64_sys_openat+0x9d/0x100
[  578.017148][ T1129]  do_syscall_64+0xfa/0x790
[  578.017169][ T1129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.017179][ T1129] RIP: 0033:0x441419
[  578.017190][ T1129] Code: Bad RIP value.
[  578.017198][ T1129] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.017213][ T1129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.017223][ T1129] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  578.017232][ T1129] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  578.017241][ T1129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  578.017251][ T1129] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.017279][ T1129] INFO: task syz-executor333:9671 blocked for more than 143 seconds.
[  578.017292][ T1129]       Not tainted 5.5.0-rc5-syzkaller #0
[  578.017298][ T1129] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  578.017304][ T1129] syz-executor333 D28160  9671   9664 0x00000004
[  578.017327][ T1129] Call Trace:
[  578.017347][ T1129]  __schedule+0x934/0x1f90
[  578.017370][ T1129]  ? __sched_text_start+0x8/0x8
[  578.017383][ T1129]  ? lock_downgrade+0x920/0x920
[  578.017400][ T1129]  ? rwlock_bug.part.0+0x90/0x90
[  578.017423][ T1129]  schedule+0xdc/0x2b0
[  578.017443][ T1129]  schedule_preempt_disabled+0x13/0x20
[  578.017458][ T1129]  __mutex_lock+0x7ab/0x13c0
[  578.017478][ T1129]  ? fb_open+0xd7/0x450
[  578.017499][ T1129]  ? mutex_trylock+0x2d0/0x2d0
[  578.017519][ T1129]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  578.017533][ T1129]  ? chrdev_open+0xca/0x6b0
[  578.017567][ T1129]  mutex_lock_nested+0x16/0x20
[  578.017583][ T1129]  ? mutex_lock_nested+0x16/0x20
[  578.017598][ T1129]  fb_open+0xd7/0x450
[  578.017619][ T1129]  ? get_fb_info.part.0+0x80/0x80
[  578.017632][ T1129]  chrdev_open+0x245/0x6b0
[  578.017650][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.017671][ T1129]  ? security_file_open+0x87/0x300
[  578.017693][ T1129]  do_dentry_open+0x4e6/0x1380
[  578.017707][ T1129]  ? __kasan_check_read+0x11/0x20
[  578.017722][ T1129]  ? cdev_put.part.0+0x50/0x50
[  578.017744][ T1129]  ? chown_common+0x5c0/0x5c0
[  578.017763][ T1129]  ? inode_permission+0xb4/0x520
[  578.017783][ T1129]  vfs_open+0xa0/0xd0
[  578.017801][ T1129]  path_openat+0x10df/0x4500
[  578.017815][ T1129]  ? save_stack+0x23/0x90
[  578.017836][ T1129]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  578.017850][ T1129]  ? kasan_slab_alloc+0xf/0x20
[  578.017863][ T1129]  ? kmem_cache_alloc+0x121/0x710
[  578.017879][ T1129]  ? getname_flags+0xd6/0x5b0
[  578.017894][ T1129]  ? getname+0x1a/0x20
[  578.017926][ T1129]  ? path_lookupat.isra.0+0x8d0/0x8d0
[  578.017940][ T1129]  ? __lock_acquire+0x16f2/0x4a00
[  578.017964][ T1129]  ? __alloc_fd+0x487/0x620
[  578.017987][ T1129]  do_filp_open+0x1a1/0x280
[  578.018005][ T1129]  ? may_open_dev+0x100/0x100
[  578.018034][ T1129]  ? do_raw_spin_unlock+0x181/0x270
[  578.018070][ T1129]  do_sys_open+0x3fe/0x5d0
[  578.018088][ T1129]  ? filp_open+0x80/0x80
[  578.018107][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.018124][ T1129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  578.018141][ T1129]  ? do_syscall_64+0x26/0x790
[  578.018156][ T1129]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.018172][ T1129]  ? do_syscall_64+0x26/0x790
[  578.018192][ T1129]  __x64_sys_openat+0x9d/0x100
[  578.018212][ T1129]  do_syscall_64+0xfa/0x790
[  578.018231][ T1129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.018242][ T1129] RIP: 0033:0x441419
[  578.018252][ T1129] Code: Bad RIP value.
[  578.018261][ T1129] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.018275][ T1129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.018285][ T1129] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[  578.018294][ T1129] RBP: 00000000006cb018 R08: 0000000000000004 R09: 00000000004002c8
[  578.018304][ T1129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402190
[  578.018313][ T1129] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.018373][ T1129] 
[  578.018373][ T1129] Showing all locks held in the system:
[  578.018394][ T1129] 1 lock held by khungtaskd/1129:
[  578.018399][ T1129]  #0: ffffffff899a5340 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279
[  578.018469][ T1129] 1 lock held by rsyslogd/9543:
[  578.018475][ T1129]  #0: ffff8880a8d001a0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  578.018508][ T1129] 2 locks held by getty/9634:
[  578.018513][ T1129]  #0: ffff8880a4a68090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.018543][ T1129]  #1: ffffc9000178b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.018693][ T1129] 2 locks held by getty/9635:
[  578.018698][ T1129]  #0: ffff8880a6904090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.018727][ T1129]  #1: ffffc900017cb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.018762][ T1129] 2 locks held by getty/9636:
[  578.018767][ T1129]  #0: ffff8880a705c090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.018795][ T1129]  #1: ffffc900017db2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.018829][ T1129] 2 locks held by getty/9637:
[  578.018834][ T1129]  #0: ffff8880a85a6090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.018864][ T1129]  #1: ffffc9000179b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.018898][ T1129] 2 locks held by getty/9638:
[  578.018903][ T1129]  #0: ffff8880a7a4a090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.018932][ T1129]  #1: ffffc900017bb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.018967][ T1129] 2 locks held by getty/9639:
[  578.018972][ T1129]  #0: ffff888098293090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.019001][ T1129]  #1: ffffc9000175b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.019035][ T1129] 2 locks held by getty/9640:
[  578.019040][ T1129]  #0: ffff8880a699a090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  578.019077][ T1129]  #1: ffffc900016fb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  578.019113][ T1129] 2 locks held by syz-executor333/9662:
[  578.019124][ T1129] 1 lock held by syz-executor333/9667:
[  578.019128][ T1129]  #0: ffff888219046070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  578.019163][ T1129] 1 lock held by syz-executor333/9668:
[  578.019168][ T1129]  #0: ffff888219046070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  578.019201][ T1129] 1 lock held by syz-executor333/9669:
[  578.019206][ T1129]  #0: ffff888219046070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  578.019239][ T1129] 1 lock held by syz-executor333/9670:
[  578.019244][ T1129]  #0: ffff888219046070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  578.019277][ T1129] 1 lock held by syz-executor333/9671:
[  578.019282][ T1129]  #0: ffff888219046070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  578.019310][ T1129] 
[  578.019316][ T1129] =============================================
[  578.019316][ T1129] 
[  578.019325][ T1129] NMI backtrace for cpu 0
[  578.019341][ T1129] CPU: 0 PID: 1129 Comm: khungtaskd Not tainted 5.5.0-rc5-syzkaller #0
[  578.019350][ T1129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.019355][ T1129] Call Trace:
[  578.019404][ T1129]  dump_stack+0x197/0x210
[  578.019426][ T1129]  nmi_cpu_backtrace.cold+0x70/0xb2
[  578.019442][ T1129]  ? vprintk_func+0x86/0x189
[  578.019500][ T1129]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[  578.019518][ T1129]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  578.019539][ T1129]  arch_trigger_cpumask_backtrace+0x14/0x20
[  578.019590][ T1129]  watchdog+0xb11/0x10c0
[  578.019635][ T1129]  kthread+0x361/0x430
[  578.019653][ T1129]  ? reset_hung_task_detector+0x30/0x30
[  578.019669][ T1129]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  578.019687][ T1129]  ret_from_fork+0x24/0x30
[  578.019712][ T1129] Sending NMI from CPU 0 to CPUs 1:
[  578.020465][    C1] NMI backtrace for cpu 1
[  578.020472][    C1] CPU: 1 PID: 9662 Comm: syz-executor333 Not tainted 5.5.0-rc5-syzkaller #0
[  578.020479][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.020482][    C1] RIP: 0010:write_comp_data+0x9/0x70
[  578.020494][    C1] Code: 13 00 00 8b 80 84 13 00 00 48 8b 11 48 83 c2 01 48 39 d0 76 07 48 89 34 d1 48 89 11 5d c3 0f 1f 00 65 4c 8b 04 25 c0 1e 02 00 <65> 8b 05 38 f7 8c 7e a9 00 01 1f 00 75 51 41 8b 80 80 13 00 00 83
[  578.020498][    C1] RSP: 0018:ffffc90001b67390 EFLAGS: 00000286
[  578.020506][    C1] RAX: ffff888092702240 RBX: 0000000000000050 RCX: ffffffff83c58fa0
[  578.020511][    C1] RDX: 0000000000000005 RSI: 0000000000000050 RDI: 0000000000000004
[  578.020515][    C1] RBP: ffffc90001b67398 R08: ffff888092702240 R09: ffffed104319d9dc
[  578.020520][    C1] R10: ffffed104319d9db R11: ffff888218cecedf R12: 0000000000000005
[  578.020525][    C1] R13: ffff8880000a0005 R14: ffff8880000a0000 R15: 0000000000000000
[  578.020531][    C1] FS:  000000000189c880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  578.020535][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  578.020540][    C1] CR2: 00000000006cc080 CR3: 00000000915d3000 CR4: 00000000001406e0
[  578.020545][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  578.020550][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  578.020552][    C1] Call Trace:
[  578.020556][    C1]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  578.020559][    C1]  vga16fb_fillrect+0xa20/0x19b0
[  578.020563][    C1]  bit_clear_margins+0x30b/0x530
[  578.020566][    C1]  ? bit_bmove+0x270/0x270
[  578.020569][    C1]  ? efifb_probe.cold+0x181f/0x181f
[  578.020573][    C1]  fbcon_clear_margins+0x1e9/0x250
[  578.020576][    C1]  fbcon_switch+0xd7f/0x17f0
[  578.020580][    C1]  ? fbcon_set_def_font+0x360/0x360
[  578.020583][    C1]  ? fbcon_cursor+0x48c/0x660
[  578.020587][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.020591][    C1]  ? fbcon_set_origin+0x2b/0x50
[  578.020594][    C1]  ? fbcon_scrolldelta+0x1220/0x1220
[  578.020598][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.020601][    C1]  redraw_screen+0x2b6/0x7d0
[  578.020605][    C1]  ? efifb_probe.cold+0x181f/0x181f
[  578.020608][    C1]  ? respond_string+0x2c0/0x2c0
[  578.020612][    C1]  ? fbcon_set_palette+0x3c4/0x4a0
[  578.020615][    C1]  fbcon_modechanged+0x5c3/0x790
[  578.020619][    C1]  fbcon_update_vcs+0x42/0x50
[  578.020622][    C1]  fb_set_var+0xb32/0xdd0
[  578.020625][    C1]  ? fb_blank+0x1a0/0x1a0
[  578.020628][    C1]  ? lock_acquire+0x190/0x410
[  578.020632][    C1]  ? __mutex_lock+0x458/0x13c0
[  578.020635][    C1]  ? down+0x50/0x90
[  578.020638][    C1]  ? do_fb_ioctl+0x335/0x7d0
[  578.020641][    C1]  do_fb_ioctl+0x390/0x7d0
[  578.020644][    C1]  ? fb_mmap+0x520/0x520
[  578.020647][    C1]  ? tomoyo_path_number_perm+0x214/0x520
[  578.020651][    C1]  ? find_held_lock+0x35/0x130
[  578.020655][    C1]  ? tomoyo_path_number_perm+0x214/0x520
[  578.020658][    C1]  ? lock_downgrade+0x920/0x920
[  578.020661][    C1]  ? lockdep_hardirqs_on+0x421/0x5e0
[  578.020665][    C1]  ? tomoyo_path_number_perm+0x454/0x520
[  578.020669][    C1]  ? __do_page_fault+0x56a/0xd80
[  578.020672][    C1]  fb_ioctl+0xe6/0x130
[  578.020675][    C1]  ? do_fb_ioctl+0x7d0/0x7d0
[  578.020678][    C1]  do_vfs_ioctl+0x977/0x14e0
[  578.020682][    C1]  ? compat_ioctl_preallocate+0x220/0x220
[  578.020685][    C1]  ? __kasan_check_write+0x14/0x20
[  578.020688][    C1]  ? up_read+0x1cd/0x810
[  578.020692][    C1]  ? tomoyo_file_ioctl+0x23/0x30
[  578.020696][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.020699][    C1]  ? security_file_ioctl+0x8d/0xc0
[  578.020702][    C1]  ksys_ioctl+0xab/0xd0
[  578.020705][    C1]  __x64_sys_ioctl+0x73/0xb0
[  578.020708][    C1]  do_syscall_64+0xfa/0x790
[  578.020712][    C1]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.020715][    C1] RIP: 0033:0x441419
[  578.020726][    C1] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  578.020729][    C1] RSP: 002b:00007ffe6969fa98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  578.020736][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419
[  578.020741][    C1] RDX: 0000000020000000 RSI: 0000000000004601 RDI: 0000000000000003
[  578.020745][    C1] RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
[  578.020749][    C1] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000402190
[  578.020754][    C1] R13: 0000000000402220 R14: 0000000000000000 R15: 0000000000000000
[  578.020764][ T1129] Kernel panic - not syncing: hung_task: blocked tasks
[  578.020777][ T1129] CPU: 0 PID: 1129 Comm: khungtaskd Not tainted 5.5.0-rc5-syzkaller #0
[  578.020784][ T1129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.020787][ T1129] Call Trace:
[  578.020803][ T1129]  dump_stack+0x197/0x210
[  578.020859][ T1129]  panic+0x2e3/0x75c
[  578.020875][ T1129]  ? add_taint.cold+0x16/0x16
[  578.020894][ T1129]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  578.020910][ T1129]  ? printk_safe_flush+0xf2/0x140
[  578.020926][ T1129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.020946][ T1129]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[  578.020968][ T1129]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[  578.020988][ T1129]  watchdog+0xb22/0x10c0
[  578.021010][ T1129]  kthread+0x361/0x430
[  578.021027][ T1129]  ? reset_hung_task_detector+0x30/0x30
[  578.021040][ T1129]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  578.021056][ T1129]  ret_from_fork+0x24/0x30
[  578.022741][ T1129] Kernel Offset: disabled
[  580.512135][ T1129] Rebooting in 86400 seconds..