INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes [ 730.712571] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.42' (ECDSA) to the list of known hosts. [ 736.353829] random: sshd: uninitialized urandom read (32 bytes read) [ 736.451422] audit: type=1400 audit(1540605987.937:7): avc: denied { map } for pid=1886 comm="syz-executor310" path="/root/syz-executor310017849" dev="sda1" ino=16461 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes [ 1001.440154] INFO: task syz-executor310:1960 blocked for more than 140 seconds. [ 1001.447551] Not tainted 4.14.78+ #26 [ 1001.452756] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.461752] syz-executor310 D29160 1960 1887 0x00000004 [ 1001.467368] Call Trace: [ 1001.469934] ? __schedule+0x729/0x1ed0 [ 1001.473982] ? __sched_text_start+0x8/0x8 [ 1001.478183] ? mark_held_locks+0xc2/0x130 [ 1001.482624] schedule+0x7f/0x1b0 [ 1001.485996] ? rwsem_down_read_failed+0x21a/0x3d0 [ 1001.491066] rwsem_down_read_failed+0x21a/0x3d0 [ 1001.496141] ? rt_mutex_futex_unlock+0xd0/0xd0 [ 1001.500966] ? dentry_free+0xc5/0x120 [ 1001.504792] call_rwsem_down_read_failed+0x14/0x30 [ 1001.509720] down_read+0x45/0xa0 [ 1001.513342] ? __do_page_fault+0x868/0xb60 [ 1001.517575] __do_page_fault+0x868/0xb60 [ 1001.521874] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 1001.527249] ? bad_area_access_error+0x330/0x330 [ 1001.532255] ? page_fault+0x2c/0x50 [ 1001.535883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1001.541024] ? page_fault+0x2c/0x50 [ 1001.544655] page_fault+0x42/0x50 [ 1001.548096] RIP: 6e0340:0x2d [ 1001.551357] RSP: 0001:00007fff041db9e0 EFLAGS: 00000001 [ 1001.551387] INFO: task syz-executor310:1961 blocked for more than 140 seconds. [ 1001.564320] Not tainted 4.14.78+ #26 [ 1001.568547] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.576721] syz-executor310 D28472 1961 1887 0x80000004 [ 1001.583202] Call Trace: [ 1001.585796] ? __schedule+0x729/0x1ed0 [ 1001.589680] ? __sched_text_start+0x8/0x8 [ 1001.594065] ? mark_held_locks+0xc2/0x130 [ 1001.598219] schedule+0x7f/0x1b0 [ 1001.601812] ? rwsem_down_read_failed+0x21a/0x3d0 [ 1001.606656] rwsem_down_read_failed+0x21a/0x3d0 [ 1001.611554] ? rt_mutex_futex_unlock+0xd0/0xd0 [ 1001.616156] ? SyS_futex+0x1c0/0x2b5 [ 1001.619884] call_rwsem_down_read_failed+0x14/0x30 [ 1001.625105] down_read+0x45/0xa0 [ 1001.628483] ? do_exit+0x512/0x2800 [ 1001.632363] do_exit+0x512/0x2800 [ 1001.635831] ? mm_update_next_owner+0x670/0x670 [ 1001.640720] ? __kernel_text_address+0x9/0x30 [ 1001.645214] ? unwind_get_return_address+0x51/0x90 [ 1001.650461] ? get_signal+0x547/0x1470 [ 1001.654350] ? recalc_sigpending+0x17/0x90 [ 1001.658575] ? lock_downgrade+0x560/0x560 [ 1001.663012] ? get_signal+0x1da/0x1470 [ 1001.666907] do_group_exit+0x100/0x2e0 [ 1001.671018] get_signal+0x4e5/0x1470 [ 1001.674733] ? kasan_kmalloc.part.1+0xa9/0xd0 [ 1001.679239] do_signal+0x8f/0x1660 [ 1001.683062] ? __fd_install+0x20b/0x5e0 [ 1001.687042] ? setup_sigcontext+0x810/0x810 [ 1001.691573] ? fs_reclaim_acquire+0x10/0x10 [ 1001.695920] ? do_futex+0x17b0/0x17b0 [ 1001.699713] ? commit_creds+0x3fa/0x9c0 [ 1001.703960] ? exit_to_usermode_loop+0xc6/0x150 [ 1001.708636] exit_to_usermode_loop+0x116/0x150 [ 1001.714048] do_syscall_64+0x35d/0x4b0 [ 1001.717943] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1001.723351] RIP: 0033:0x446789 [ 1001.726541] RSP: 002b:00007f11d64eadb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1001.734468] RAX: fffffffffffffe00 RBX: 00000000006dbc48 RCX: 0000000000446789 [ 1001.741939] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dbc48 [ 1001.749211] RBP: 00000000006dbc40 R08: 0000000000000000 R09: 0000000000000000 [ 1001.756692] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1001.764187] R13: 00007fff041db9bf R14: 00007f11d64eb9c0 R15: 0000000000000000 [ 1001.771753] INFO: task syz-executor310:1962 blocked for more than 140 seconds. [ 1001.779112] Not tainted 4.14.78+ #26 [ 1001.783517] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.791652] syz-executor310 D28880 1962 1887 0x80000004 [ 1001.797292] Call Trace: [ 1001.799877] ? __schedule+0x729/0x1ed0 [ 1001.804053] ? __sched_text_start+0x8/0x8 [ 1001.808208] ? mark_held_locks+0xc2/0x130 [ 1001.812576] schedule+0x7f/0x1b0 [ 1001.815943] ? rwsem_down_read_failed+0x21a/0x3d0 [ 1001.821009] rwsem_down_read_failed+0x21a/0x3d0 [ 1001.825684] ? rt_mutex_futex_unlock+0xd0/0xd0 [ 1001.830560] ? SyS_futex+0x1c0/0x2b5 [ 1001.834297] call_rwsem_down_read_failed+0x14/0x30 [ 1001.839223] down_read+0x45/0xa0 [ 1001.843513] ? do_exit+0x512/0x2800 [ 1001.847149] do_exit+0x512/0x2800 [ 1001.850841] ? mm_update_next_owner+0x670/0x670 [ 1001.855524] ? get_signal+0x547/0x1470 [ 1001.859399] ? recalc_sigpending+0x17/0x90 [ 1001.863868] ? lock_downgrade+0x560/0x560 [ 1001.868018] ? get_signal+0x1da/0x1470 [ 1001.872119] do_group_exit+0x100/0x2e0 [ 1001.876022] get_signal+0x4e5/0x1470 [ 1001.879746] do_signal+0x8f/0x1660 [ 1001.883612] ? perf_event_set_output+0x450/0x450 [ 1001.888380] ? do_vfs_ioctl+0x1a0/0x1030 [ 1001.892643] ? perf_event_set_output+0x450/0x450 [ 1001.897396] ? do_vfs_ioctl+0x1b2/0x1030 [ 1001.901669] ? setup_sigcontext+0x810/0x810 [ 1001.905999] ? ioctl_preallocate+0x1d0/0x1d0 [ 1001.910671] ? selinux_parse_skb.constprop.42+0x1a90/0x1a90 [ 1001.916405] ? do_futex+0x17b0/0x17b0 [ 1001.920439] ? exit_to_usermode_loop+0xc6/0x150 [ 1001.925112] exit_to_usermode_loop+0x116/0x150 [ 1001.929696] do_syscall_64+0x35d/0x4b0 [ 1001.933836] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1001.939024] RIP: 0033:0x446789 [ 1001.942417] RSP: 002b:00007f11d64c9db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1001.950359] RAX: fffffffffffffe00 RBX: 00000000006dbc58 RCX: 0000000000446789 [ 1001.957625] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dbc58 [ 1001.965134] RBP: 00000000006dbc50 R08: 0000000000000000 R09: 0000000000000000 [ 1001.973240] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc5c [ 1001.980732] R13: 00007fff041db9bf R14: 00007f11d64ca9c0 R15: 0000000000000003 [ 1001.988024] [ 1001.988024] Showing all locks held in the system: [ 1001.994574] 1 lock held by khungtaskd/23: [ 1001.998726] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x74/0x20f [ 1002.007795] 2 locks held by getty/1757: [ 1002.011786] #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x20/0x80 [ 1002.020747] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1ff/0x15e0 [ 1002.030047] 1 lock held by syz-executor310/1960: [ 1002.034787] #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x868/0xb60 [ 1002.043542] 1 lock held by syz-executor310/1961: [ 1002.048280] #0: (&mm->mmap_sem){++++}, at: [] do_exit+0x512/0x2800 [ 1002.056367] 1 lock held by syz-executor310/1962: [ 1002.061140] #0: (&mm->mmap_sem){++++}, at: [] do_exit+0x512/0x2800 [ 1002.069206] [ 1002.070841] ============================================= [ 1002.070841] [ 1002.079796] NMI backtrace for cpu 1 [ 1002.083544] CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.78+ #26 [ 1002.090025] Call Trace: [ 1002.092607] dump_stack+0xb9/0x11b [ 1002.096146] ? irq_force_complete_move.cold.3+0x64/0x64 [ 1002.101502] nmi_cpu_backtrace.cold.0+0x47/0x85 [ 1002.106162] ? irq_force_complete_move.cold.3+0x64/0x64 [ 1002.111516] nmi_trigger_cpumask_backtrace+0x121/0x146 [ 1002.116787] watchdog+0x574/0xa70 [ 1002.120239] ? reset_hung_task_detector+0x10/0x10 [ 1002.125074] kthread+0x348/0x420 [ 1002.128430] ? kthread_create_on_node+0xe0/0xe0 [ 1002.133090] ret_from_fork+0x3a/0x50 [ 1002.136884] Sending NMI from CPU 1 to CPUs 0: [ 1002.141969] NMI backtrace for cpu 0 [ 1002.141973] CPU: 0 PID: 1963 Comm: syz-executor310 Not tainted 4.14.78+ #26 [ 1002.141976] task: ffff8801cc240000 task.stack: ffff8801cb7a0000 [ 1002.141978] RIP: 0010:__mutex_unlock_slowpath+0x61/0x770 [ 1002.141981] RSP: 0018:ffff8801cb7a7b90 EFLAGS: 00000a02 [ 1002.141986] RAX: ffffed00396f4f75 RBX: dffffc0000000000 RCX: 0000000000000000 [ 1002.141989] RDX: ffffffffba400435 RSI: 0000000000000001 RDI: ffff8801cb677a40 [ 1002.141993] RBP: ffff8801cb6779e0 R08: ffff8801cc240000 R09: ffffffffbd4e43d8 [ 1002.141996] R10: ffff8801cb7a7c40 R11: 0000000000000001 R12: 1ffff100396f4f75 [ 1002.141999] R13: ffff8801cb677700 R14: ffff8801cb7a7bc8 R15: ffffed00396cef4d [ 1002.142003] FS: 00007f11d64a9700(0000) GS:ffff8801db800000(0000) knlGS:0000000000000000 [ 1002.142005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1002.142009] CR2: 0000000000d3a308 CR3: 00000001cb09e001 CR4: 00000000001606b0 [ 1002.142012] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1002.142015] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1002.142017] Call Trace: [ 1002.142019] ? wait_for_completion_io+0x10/0x10 [ 1002.142021] perf_mmap+0x645/0x1370 [ 1002.142024] mmap_region+0x836/0xfb0 [ 1002.142026] do_mmap+0x551/0xb80 [ 1002.142028] vm_mmap_pgoff+0x180/0x1d0 [ 1002.142031] ? vma_is_stack_for_current+0xb0/0xb0 [ 1002.142033] ? __fget+0x22b/0x3a0 [ 1002.142035] SyS_mmap_pgoff+0xf8/0x1a0 [ 1002.142037] ? align_vdso_addr+0x50/0x50 [ 1002.142039] do_syscall_64+0x19b/0x4b0 [ 1002.142042] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1002.142044] RIP: 0033:0x446789 [ 1002.142047] RSP: 002b:00007f11d64a8da8 EFLAGS: 00000216 ORIG_RAX: 0000000000000009 [ 1002.142052] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 0000000000446789 [ 1002.142055] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffd000 [ 1002.142058] RBP: 00000000006dbc60 R08: 0000000000000003 R09: 0000000000000000 [ 1002.142062] R10: 0000000000000011 R11: 0000000000000216 R12: 00000000006dbc6c [ 1002.142065] R13: 00007fff041db9bf R14: 00007f11d64a99c0 R15: 0000000000000005 [ 1002.142066] Code: c7 44 24 20 3f 0e 26 bc 4c 8d 74 24 38 49 c1 ec 03 48 c7 44 24 28 40 a0 84 bb 49 8d 04 1c c7 00 f1 f1 f1 f1 c7 40 04 00 00 00 f2 <65> 48 8b 04 25 28 00 00 00 48 89 44 24 70 31 c0 4c 89 74 24 40 [ 1002.146989] Kernel panic - not syncing: hung_task: blocked tasks [ 1002.146997] CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.78+ #26 [ 1002.146999] Call Trace: [ 1002.147010] dump_stack+0xb9/0x11b [ 1002.147022] panic+0x1bf/0x3a4 [ 1002.147030] ? add_taint.cold.4+0x16/0x16 [ 1002.147057] watchdog+0x585/0xa70 [ 1002.147073] ? reset_hung_task_detector+0x10/0x10 [ 1002.147081] kthread+0x348/0x420 [ 1002.147088] ? kthread_create_on_node+0xe0/0xe0 [ 1002.147098] ret_from_fork+0x3a/0x50 [ 1002.401689] Kernel Offset: 0x39000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 1002.412603] Rebooting in 86400 seconds..