[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 28.572627] kauditd_printk_skb: 8 callbacks suppressed [ 28.572639] audit: type=1800 audit(1543870785.759:29): pid=5872 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 28.598048] audit: type=1800 audit(1543870785.759:30): pid=5872 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 30.251322] sshd (6009) used greatest stack depth: 15440 bytes left Warning: Permanently added '10.128.15.203' (ECDSA) to the list of known hosts. executing program [ 36.724157] [ 36.725905] ==================================== [ 36.730653] WARNING: syz-executor002/6026 still has locks held! [ 36.736959] 4.20.0-rc5+ #264 Not tainted [ 36.741040] ------------------------------------ [ 36.745838] 1 lock held by syz-executor002/6026: [ 36.750601] #0: 00000000d49175a2 (&sig->cred_guard_mutex){+.+.}, at: prepare_bprm_creds+0x53/0x120 [ 36.759847] [ 36.759847] stack backtrace: [ 36.764383] CPU: 0 PID: 6026 Comm: syz-executor002 Not tainted 4.20.0-rc5+ #264 [ 36.771813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.781143] Call Trace: [ 36.783714] dump_stack+0x244/0x39d [ 36.787333] ? dump_stack_print_info.cold.1+0x20/0x20 [ 36.792524] ? vprintk_func+0x85/0x181 [ 36.796396] debug_check_no_locks_held.cold.49+0x93/0x9f [ 36.801825] flush_old_exec+0x1ea2/0x2480 [ 36.805954] ? save_stack+0x43/0xd0 [ 36.809560] ? __kmalloc+0x15b/0x760 [ 36.813256] ? copy_strings_kernel+0x110/0x110 [ 36.817817] ? iov_iter_init+0xe5/0x210 [ 36.821774] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 36.827294] ? __vfs_read+0x11f/0x9b0 [ 36.831088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.836620] ? fsnotify+0x50e/0xef0 [ 36.840248] ? fsnotify+0xef0/0xef0 [ 36.843856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.849376] ? fsnotify_first_mark+0x350/0x350 [ 36.853941] ? __fsnotify_parent+0xcc/0x430 [ 36.858241] ? fsnotify+0xef0/0xef0 [ 36.861850] ? rw_verify_area+0x118/0x360 [ 36.865983] ? vfs_read+0x1ce/0x3c0 [ 36.869594] ? kernel_read+0xab/0x120 [ 36.873382] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 36.878378] ? load_elf_phdrs+0x1e4/0x270 [ 36.882505] ? writenote+0x3d0/0x3d0 [ 36.886202] ? __kasan_slab_free+0x119/0x150 [ 36.890593] load_elf_binary+0xa9a/0x5cf0 [ 36.894731] ? find_held_lock+0x36/0x1c0 [ 36.898777] ? notesize.isra.6+0x80/0x80 [ 36.902817] ? ima_file_mmap+0x160/0x160 [ 36.906860] ? lock_downgrade+0x900/0x900 [ 36.910996] ? kasan_check_write+0x14/0x20 [ 36.915212] search_binary_handler+0x17d/0x570 [ 36.919779] __do_execve_file.isra.33+0x1661/0x25d0 [ 36.924780] ? prepare_bprm_creds+0x120/0x120 [ 36.929259] ? usercopy_warn+0x110/0x110 [ 36.933301] ? kmem_cache_alloc+0x58f/0x730 [ 36.937606] ? check_preemption_disabled+0x48/0x280 [ 36.942605] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 36.948125] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 36.953650] ? strncpy_from_user+0x411/0x5a0 [ 36.958039] ? digsig_verify+0x1530/0x1530 [ 36.962250] ? kmem_cache_alloc+0x33a/0x730 [ 36.966555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.972074] __ia32_compat_sys_execveat+0xf3/0x140 [ 36.976993] do_fast_syscall_32+0x34d/0xfb2 [ 36.981312] ? do_int80_syscall_32+0x890/0x890 [ 36.985881] ? entry_SYSENTER_compat+0x68/0x7f [ 36.990444] ? trace_hardirqs_off_caller+0xbb/0x310 [ 36.995439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.000260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.005083] ? trace_hardirqs_on_caller+0x310/0x310 [ 37.010079] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 37.015093] ? prepare_exit_to_usermode+0x291/0x3b0 [ 37.020094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.024921] entry_SYSENTER_compat+0x70/0x7f [ 37.029311] RIP: 0023:0xf7f8aa29 [ 37.032656] Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 37.051538] RSP: 002b:00000000f7f861ec EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 37.059240] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 37.066491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000 [ 37.073931] RBP: 00