[   23.779689] audit: type=1800 audit(1542471442.464:21): pid=5778 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0
[   23.813482] audit: type=1800 audit(1542471442.464:22): pid=5778 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   24.832737] startpar (5778) used greatest stack depth: 15744 bytes left

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.59' (ECDSA) to the list of known hosts.
2018/11/17 16:18:42 parsed 1 programs
2018/11/17 16:18:43 executed programs: 0
syzkaller login: [  105.284501] IPVS: ftp: loaded support on port[0] = 21
[  105.512083] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.519113] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.526311] device bridge_slave_0 entered promiscuous mode
[  105.543766] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.550268] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.557239] device bridge_slave_1 entered promiscuous mode
[  105.573147] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  105.589308] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  105.635877] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  105.655579] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  105.729595] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  105.736994] team0: Port device team_slave_0 added
[  105.752580] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  105.759782] team0: Port device team_slave_1 added
[  105.776746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  105.799341] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  105.818639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  105.837607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  105.970172] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.976726] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.983679] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.990703] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.478146] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.526494] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  106.577012] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  106.583141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.591722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.637568] 8021q: adding VLAN 0 to HW filter on device team0
[  107.069396] hrtimer: interrupt took 33411 ns
[  107.397501] sched: DL replenish lagged too much
2018/11/17 16:18:49 executed programs: 14
[  112.967221] WARNING: CPU: 1 PID: 6351 at kernel/sched/deadline.c:628 enqueue_task_dl+0x22da/0x38a0
[  112.968401] PM: Basic memory bitmaps freed
[  112.981821] Kernel panic - not syncing: panic_on_warn set ...
[  112.987743] CPU: 1 PID: 6351 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #338
[  112.995014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  113.004362] Call Trace:
[  113.006947]  dump_stack+0x244/0x39d
[  113.010607]  ? dump_stack_print_info.cold.1+0x20/0x20
[  113.015795]  panic+0x2ad/0x55c
[  113.018982]  ? add_taint.cold.5+0x16/0x16
[  113.023130]  ? __warn.cold.8+0x5/0x45
[  113.026958]  ? __warn+0xe8/0x1d0
[  113.030323]  ? enqueue_task_dl+0x22da/0x38a0
[  113.034731]  __warn.cold.8+0x20/0x45
[  113.038437]  ? rcu_softirq_qs+0x20/0x20
[  113.042406]  ? enqueue_task_dl+0x22da/0x38a0
[  113.046811]  report_bug+0x254/0x2d0
[  113.050471]  do_error_trap+0x11b/0x200
[  113.054352]  do_invalid_op+0x36/0x40
[  113.058059]  ? enqueue_task_dl+0x22da/0x38a0
[  113.062463]  invalid_op+0x14/0x20
[  113.065910] RIP: 0010:enqueue_task_dl+0x22da/0x38a0
[  113.070954] Code: ff 48 8b 8d c8 fe ff ff 48 c1 e6 2a 4c 8b 9d d0 fe ff ff 8b 95 d8 fe ff ff 48 8b 85 e0 fe ff ff e9 16 e4 ff ff e8 16 d0 ea ff <0f> 0b e9 17 f1 ff ff 48 8b bd e8 fe ff ff 4c 89 95 c8 fe ff ff 48
[  113.089850] RSP: 0018:ffff8881ba39fa18 EFLAGS: 00010002
[  113.095209] RAX: 0000000000000000 RBX: ffff8881b9d6c000 RCX: ffff8881b9d6c278
[  113.102472] RDX: ffff8881b9d6c03c RSI: 0000000000000002 RDI: ffff8881daf2d710
[  113.109735] RBP: ffff8881ba39fb78 R08: 0000000000000001 R09: ffff8881daf00000
[  113.117003] R10: 0000001a4d4f1987 R11: ffff8881daf2db3b R12: 1ffff11037473f4e
[  113.124289] R13: ffff8881b9d6c2cc R14: ffff8881daf2ccc0 R15: ffff8881daf2ccc0
[  113.131564]  ? enqueue_task_dl+0x1ae3/0x38a0
[  113.135973]  ? switched_from_dl+0xf70/0xf70
[  113.140290]  ? do_raw_spin_unlock+0xa7/0x330
[  113.144725]  ? do_raw_spin_trylock+0x270/0x270
[  113.149304]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  113.154317]  ? find_next_and_bit+0x183/0x1e0
[  113.158725]  enqueue_task+0x184/0x390
[  113.162521]  __sched_setscheduler+0xe99/0x2190
[  113.167096]  ? lock_downgrade+0x900/0x900
[  113.171253]  ? cpu_cgroup_fork+0x130/0x130
[  113.175484]  ? __x64_sys_sched_setattr+0x146/0x2f0
[  113.180411]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  113.185947]  ? check_preemption_disabled+0x48/0x280
[  113.190963]  ? kasan_check_read+0x11/0x20
[  113.195111]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  113.200383]  ? rcu_softirq_qs+0x20/0x20
[  113.204353]  ? _copy_from_user+0xdf/0x150
[  113.208502]  __x64_sys_sched_setattr+0x1b2/0x2f0
[  113.213269]  ? __ia32_sys_sched_setparam+0x80/0x80
[  113.218190]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.223555]  do_syscall_64+0x1b9/0x820
[  113.227436]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  113.232795]  ? syscall_return_slowpath+0x5e0/0x5e0
[  113.237722]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  113.242559]  ? trace_hardirqs_on_caller+0x310/0x310
[  113.247569]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  113.252582]  ? prepare_exit_to_usermode+0x291/0x3b0
[  113.257595]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  113.262432]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.267614] RIP: 0033:0x457569
[  113.270807] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  113.289712] RSP: 002b:00007f05ce0a2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000013a
[  113.297446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  113.304707] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000
[  113.312008] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  113.319272] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f05ce0a36d4
[  113.326533] R13: 00000000004c369f R14: 00000000004d5730 R15: 00000000ffffffff
[  113.333808] 
[  113.333813] ======================================================
[  113.333818] WARNING: possible circular locking dependency detected
[  113.333821] 4.20.0-rc2+ #338 Not tainted
[  113.333826] ------------------------------------------------------
[  113.333830] syz-executor0/6351 is trying to acquire lock:
[  113.333833] 00000000b2b97155 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70
[  113.333845] 
[  113.333849] but task is already holding lock:
[  113.333851] 000000004cd5557e (&rq->lock){-.-.}, at: task_rq_lock+0xc5/0x2a0
[  113.333862] 
[  113.333866] which lock already depends on the new lock.
[  113.333868] 
[  113.333870] 
[  113.333874] the existing dependency chain (in reverse order) is:
[  113.333877] 
[  113.333879] -> #2 (&rq->lock){-.-.}:
[  113.333889]        _raw_spin_lock+0x2d/0x40
[  113.333892]        task_fork_fair+0xb0/0x6d0
[  113.333895]        sched_fork+0x443/0xba0
[  113.333899]        copy_process+0x25b8/0x87a0
[  113.333903]        _do_fork+0x1cb/0x11d0
[  113.333906]        kernel_thread+0x34/0x40
[  113.333909]        rest_init+0x28/0x372
[  113.333912]        arch_call_rest_init+0xe/0x1b
[  113.333915]        start_kernel+0x9f0/0xa2b
[  113.333919]        x86_64_start_reservations+0x2e/0x30
[  113.333923]        x86_64_start_kernel+0x76/0x79
[  113.333926]        secondary_startup_64+0xa4/0xb0
[  113.333928] 
[  113.333930] -> #1 (&p->pi_lock){-.-.}:
[  113.333941]        _raw_spin_lock_irqsave+0x99/0xd0
[  113.333945]        try_to_wake_up+0xdc/0x1490
[  113.333948]        wake_up_process+0x10/0x20
[  113.333952]        __up.isra.1+0x1c0/0x2a0
[  113.333955]        up+0x13c/0x1c0
[  113.333958]        __up_console_sem+0xbe/0x1b0
[  113.333961]        console_unlock+0x811/0x1190
[  113.333965]        do_con_write+0x1356/0x23b0
[  113.333968]        con_write+0x25/0xc0
[  113.333971]        n_tty_write+0x6c1/0x11a0
[  113.333978]        tty_write+0x3f1/0x880
[  113.333981]        __vfs_write+0x119/0x9f0
[  113.333984]        vfs_write+0x1fc/0x560
[  113.333988]        ksys_write+0x101/0x260
[  113.333991]        __x64_sys_write+0x73/0xb0
[  113.333994]        do_syscall_64+0x1b9/0x820
[  113.333998]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.334000] 
[  113.334002] -> #0 ((console_sem).lock){-.-.}:
[  113.334014]        lock_acquire+0x1ed/0x520
[  113.334018]        _raw_spin_lock_irqsave+0x99/0xd0
[  113.334021]        down_trylock+0x13/0x70
[  113.334025]        __down_trylock_console_sem+0xae/0x1f0
[  113.334029]        console_trylock+0x15/0xa0
[  113.334032]        vprintk_emit+0x372/0x990
[  113.334035]        vprintk_default+0x28/0x30
[  113.334039]        vprintk_func+0x7e/0x181
[  113.334042]        printk+0xa7/0xcf
[  113.334045]        __warn+0x9e/0x1d0
[  113.334048]        report_bug+0x254/0x2d0
[  113.334051]        do_error_trap+0x11b/0x200
[  113.334054]        do_invalid_op+0x36/0x40
[  113.334057]        invalid_op+0x14/0x20
[  113.334061]        enqueue_task_dl+0x22da/0x38a0
[  113.334064]        enqueue_task+0x184/0x390
[  113.334068]        __sched_setscheduler+0xe99/0x2190
[  113.334072]        __x64_sys_sched_setattr+0x1b2/0x2f0
[  113.334075]        do_syscall_64+0x1b9/0x820
[  113.334080]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.334082] 
[  113.334085] other info that might help us debug this:
[  113.334087] 
[  113.334090] Chain exists of:
[  113.334092]   (console_sem).lock --> &p->pi_lock --> &rq->lock
[  113.334106] 
[  113.334110]  Possible unsafe locking scenario:
[  113.334112] 
[  113.334115]        CPU0                    CPU1
[  113.334118]        ----                    ----
[  113.334120]   lock(&rq->lock);
[  113.334127]                                lock(&p->pi_lock);
[  113.334135]                                lock(&rq->lock);
[  113.334140]   lock((console_sem).lock);
[  113.334147] 
[  113.334149]  *** DEADLOCK ***
[  113.334151] 
[  113.334155] 3 locks held by syz-executor0/6351:
[  113.334156]  #0: 000000001a0356c1 (rcu_read_lock){....}, at: __x64_sys_sched_setattr+0x146/0x2f0
[  113.334170]  #1: 000000000b71b478 (&p->pi_lock){-.-.}, at: task_rq_lock+0x62/0x2a0
[  113.334184]  #2: 000000004cd5557e (&rq->lock){-.-.}, at: task_rq_lock+0xc5/0x2a0
[  113.334197] 
[  113.334200] stack backtrace:
[  113.334205] CPU: 1 PID: 6351 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #338
[  113.334211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  113.334214] Call Trace:
[  113.334228]  dump_stack+0x244/0x39d
[  113.334232]  ? dump_stack_print_info.cold.1+0x20/0x20
[  113.334235]  ? vprintk_func+0x85/0x181
[  113.334239]  print_circular_bug.isra.35.cold.54+0x1bd/0x27d
[  113.334243]  ? save_trace+0xe0/0x290
[  113.334246]  __lock_acquire+0x3399/0x4c20
[  113.334249]  ? widen_string+0xe0/0x2e0
[  113.334253]  ? mark_held_locks+0x130/0x130
[  113.334256]  ? string+0x225/0x2d0
[  113.334259]  ? widen_string+0x2e0/0x2e0
[  113.334263]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334266]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334269]  ? flags_string+0x350/0x350
[  113.334273]  ? update_load_avg+0x387/0x2470
[  113.334276]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  113.334280]  ? trace_hardirqs_on_caller+0xc0/0x310
[  113.334284]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  113.334287]  ? put_dec_trunc8+0x273/0x300
[  113.334290]  ? put_dec+0x3b/0xf0
[  113.334294]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334297]  ? zap_class+0x640/0x640
[  113.334301]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  113.334304]  lock_acquire+0x1ed/0x520
[  113.334307]  ? down_trylock+0x13/0x70
[  113.334311]  ? lock_release+0xa00/0xa00
[  113.334314]  ? trace_hardirqs_off+0xb8/0x310
[  113.334318]  ? vprintk_emit+0x1de/0x990
[  113.334322]  ? trace_hardirqs_on+0x310/0x310
[  113.334325]  ? trace_hardirqs_off+0xb8/0x310
[  113.334328]  ? log_store+0x344/0x4c0
[  113.334332]  ? vprintk_emit+0x372/0x990
[  113.334336]  _raw_spin_lock_irqsave+0x99/0xd0
[  113.334339]  ? down_trylock+0x13/0x70
[  113.334342]  down_trylock+0x13/0x70
[  113.334346]  __down_trylock_console_sem+0xae/0x1f0
[  113.334349]  console_trylock+0x15/0xa0
[  113.334353]  vprintk_emit+0x372/0x990
[  113.334356]  ? wake_up_klogd+0x180/0x180
[  113.334359]  ? __account_cfs_rq_runtime+0x790/0x790
[  113.334363]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  113.334367]  ? __check_object_size+0xb1/0x782
[  113.334370]  ? usercopy_warn+0x110/0x110
[  113.334374]  ? mark_held_locks+0x130/0x130
[  113.334377]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334381]  vprintk_default+0x28/0x30
[  113.334384]  vprintk_func+0x7e/0x181
[  113.334387]  printk+0xa7/0xcf
[  113.334391]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[  113.334395]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334398]  __warn+0x9e/0x1d0
[  113.334401]  ? rcu_softirq_qs+0x20/0x20
[  113.334404]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334407]  report_bug+0x254/0x2d0
[  113.334410]  do_error_trap+0x11b/0x200
[  113.334413]  do_invalid_op+0x36/0x40
[  113.334417]  ? enqueue_task_dl+0x22da/0x38a0
[  113.334420]  invalid_op+0x14/0x20
[  113.334423] RIP: 0010:enqueue_task_dl+0x22da/0x38a0
[  113.334435] Code: ff 48 8b 8d c8 fe ff ff 48 c1 e6 2a 4c 8b 9d d0 fe ff ff 8b 95 d8 fe ff ff 48 8b 85 e0 fe ff ff e9 16 e4 ff ff e8 16 d0 ea ff <0f> 0b e9 17 f1 ff ff 48 8b bd e8 fe ff ff 4c 89 95 c8 fe ff ff 48
[  113.334439] RSP: 0018:ffff8881ba39fa18 EFLAGS: 00010002
[  113.334446] RAX: 0000000000000000 RBX: ffff8881b9d6c000 RCX: ffff8881b9d6c278
[  113.334451] RDX: ffff8881b9d6c03c RSI: 0000000000000002 RDI: ffff8881daf2d710
[  113.334456] RBP: ffff8881ba39fb78 R08: 0000000000000001 R09: ffff8881daf00000
[  113.334462] R10: 0000001a4d4f1987 R11: ffff8881daf2db3b R12: 1ffff11037473f4e
[  113.334467] R13: ffff8881b9d6c2cc R14: ffff8881daf2ccc0 R15: ffff8881daf2ccc0
[  113.334470]  ? enqueue_task_dl+0x1ae3/0x38a0
[  113.334474]  ? switched_from_dl+0xf70/0xf70
[  113.334477]  ? do_raw_spin_unlock+0xa7/0x330
[  113.334481]  ? do_raw_spin_trylock+0x270/0x270
[  113.334485]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  113.334489]  ? find_next_and_bit+0x183/0x1e0
[  113.334492]  enqueue_task+0x184/0x390
[  113.334495]  __sched_setscheduler+0xe99/0x2190
[  113.334499]  ? lock_downgrade+0x900/0x900
[  113.334502]  ? cpu_cgroup_fork+0x130/0x130
[  113.334506]  ? __x64_sys_sched_setattr+0x146/0x2f0
[  113.334510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  113.334513]  ? check_preemption_disabled+0x48/0x280
[  113.334517]  ? kasan_check_read+0x11/0x20
[  113.334521]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  113.334524]  ? rcu_softirq_qs+0x20/0x20
[  113.334527]  ? _copy_from_user+0xdf/0x150
[  113.334531]  __x64_sys_sched_setattr+0x1b2/0x2f0
[  113.334535]  ? __ia32_sys_sched_setparam+0x80/0x80
[  113.334538]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.334542]  do_syscall_64+0x1b9/0x820
[  113.334546]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  113.334549]  ? syscall_return_slowpath+0x5e0/0x5e0
[  113.334553]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  113.334557]  ? trace_hardirqs_on_caller+0x310/0x310
[  113.334561]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  113.334565]  ? prepare_exit_to_usermode+0x291/0x3b0
[  113.334569]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  113.334573]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  113.334576] RIP: 0033:0x457569
[  113.334587] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  113.334591] RSP: 002b:00007f05ce0a2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000013a
[  113.334599] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  113.334604] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000000
[  113.334609] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  113.334614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f05ce0a36d4
[  113.334619] R13: 00000000004c369f R14: 00000000004d5730 R15: 00000000ffffffff
[  114.463096] Shutting down cpus with NMI
[  115.387724] Kernel Offset: disabled
[  115.391394] Rebooting in 86400 seconds..