[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.252' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 535.608298] audit: type=1400 audit(1602693360.141:8): avc: denied { execmem } for pid=6487 comm="syz-executor304" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 540.609094] block nbd0: shutting down sockets [ 565.789614] block nbd0: Connection timed out [ 565.794585] print_req_error: I/O error, dev nbd0, sector 0 [ 565.800504] Buffer I/O error on dev nbd0, logical block 0, async page read [ 565.807580] block nbd0: Connection timed out [ 565.812099] print_req_error: I/O error, dev nbd0, sector 2 [ 565.817754] Buffer I/O error on dev nbd0, logical block 1, async page read [ 565.825030] block nbd0: Connection timed out [ 565.829560] print_req_error: I/O error, dev nbd0, sector 4 [ 565.836434] Buffer I/O error on dev nbd0, logical block 2, async page read [ 565.843666] block nbd0: Connection timed out [ 565.848085] print_req_error: I/O error, dev nbd0, sector 6 [ 565.853858] Buffer I/O error on dev nbd0, logical block 3, async page read [ 565.861742] print_req_error: I/O error, dev nbd0, sector 0 [ 565.868416] Buffer I/O error on dev nbd0, logical block 0, async page read [ 565.875662] print_req_error: I/O error, dev nbd0, sector 2 [ 565.881608] Buffer I/O error on dev nbd0, logical block 1, async page read [ 565.888684] Buffer I/O error on dev nbd0, logical block 2, async page read [ 565.895972] Buffer I/O error on dev nbd0, logical block 3, async page read [ 565.903792] print_req_error: I/O error, dev nbd0, sector 0 [ 565.909530] Buffer I/O error on dev nbd0, logical block 0, async page read [ 565.916618] print_req_error: I/O error, dev nbd0, sector 2 [ 565.922385] Buffer I/O error on dev nbd0, logical block 1, async page read [ 565.929677] print_req_error: I/O error, dev nbd0, sector 0 executing program [ 565.935494] print_req_error: I/O error, dev nbd0, sector 2 [ 565.942424] ldm_validate_partition_table(): Disk read failed. [ 565.950102] Dev nbd0: unable to read RDB block 0 [ 565.956009] nbd0: unable to read partition table [ 565.968644] ldm_validate_partition_table(): Disk read failed. [ 565.975713] Dev nbd0: unable to read RDB block 0 [ 565.982625] nbd0: unable to read partition table [ 565.988014] block nbd0: Device being setup by another task [ 565.991543] ldm_validate_partition_table(): Disk read failed. [ 566.003878] Dev nbd0: unable to read RDB block 0 [ 566.010655] nbd0: unable to read partition table [ 566.020060] ldm_validate_partition_table(): Disk read failed. [ 566.027150] Dev nbd0: unable to read RDB block 0 [ 566.035068] nbd0: unable to read partition table executing program [ 566.044379] ldm_validate_partition_table(): Disk read failed. [ 566.052195] Dev nbd0: unable to read RDB block 0 [ 566.058246] nbd0: unable to read partition table [ 571.070976] block nbd0: shutting down sockets [ 720.029470] INFO: task systemd-udevd:6492 blocked for more than 140 seconds. [ 720.036805] Not tainted 4.19.150-syzkaller #0 [ 720.043122] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 720.051242] systemd-udevd D26184 6492 3729 0x00000100 [ 720.056948] Call Trace: [ 720.059889] __schedule+0x8e5/0x22e0 [ 720.063658] ? io_schedule_timeout+0x140/0x140 [ 720.068354] ? mark_held_locks+0xa6/0xf0 [ 720.072560] schedule+0x8d/0x1b0 [ 720.075946] io_schedule+0xb5/0x120 [ 720.080469] wait_on_page_bit+0x312/0x4c0 [ 720.084652] ? wake_page_function+0x1b0/0x1b0 [ 720.089230] ? __bread_gfp+0x300/0x300 [ 720.093263] ? page_cache_free_page+0x4b0/0x4b0 [ 720.097953] do_read_cache_page+0x905/0x11d0 [ 720.102566] ? blkdev_writepages+0x20/0x20 [ 720.107448] read_dev_sector+0xbf/0x520 [ 720.111521] adfspart_check_ICS+0x114/0xea0 [ 720.115888] ? adfspart_check_ADFS+0x900/0x900 [ 720.120656] ? snprintf+0xbb/0xf0 [ 720.124120] ? vsprintf+0x30/0x30 [ 720.127569] ? _raw_spin_unlock+0x29/0x40 [ 720.131863] ? __get_vm_area_node+0x2e2/0x3b0 [ 720.136386] check_partition+0x40f/0x86d [ 720.140580] rescan_partitions+0x14d/0x910 [ 720.144966] ? nbd_open+0x38a/0x6f0 [ 720.148635] bdev_disk_changed+0x179/0x1b0 [ 720.152987] __blkdev_get+0x128e/0x1490 [ 720.156999] ? lock_acquire+0x170/0x3f0 [ 720.161149] ? bdev_disk_changed+0x1b0/0x1b0 [ 720.165596] ? mark_held_locks+0xf0/0xf0 [ 720.169931] blkdev_get+0xb0/0x9b0 [ 720.173498] ? bd_acquire+0x245/0x440 [ 720.177305] ? __blkdev_get+0x1490/0x1490 [ 720.181574] ? lock_downgrade+0x750/0x750 [ 720.185753] ? lock_acquire+0x170/0x3f0 [ 720.189821] ? bd_acquire+0x21/0x440 [ 720.193558] ? do_raw_spin_unlock+0x171/0x240 [ 720.198063] blkdev_open+0x202/0x290 [ 720.202047] do_dentry_open+0x4aa/0x1160 [ 720.206146] ? blkdev_get_by_dev+0x70/0x70 [ 720.211201] ? chmod_common+0x3f0/0x3f0 [ 720.215275] ? inode_permission+0x10c/0x540 [ 720.219729] ? unlazy_walk+0x1f6/0x520 [ 720.223651] path_openat+0x7d5/0x2e90 [ 720.227458] ? path_lookupat+0x8d0/0x8d0 [ 720.231625] ? mark_held_locks+0xf0/0xf0 [ 720.235707] ? find_held_lock+0x2d/0x110 [ 720.239868] do_filp_open+0x18c/0x3f0 [ 720.243690] ? may_open_dev+0xf0/0xf0 [ 720.247505] ? lock_downgrade+0x750/0x750 [ 720.251727] ? lock_acquire+0x170/0x3f0 [ 720.255725] ? do_raw_spin_unlock+0x171/0x240 [ 720.260346] ? _raw_spin_unlock+0x29/0x40 [ 720.264532] ? __alloc_fd+0x2ab/0x590 [ 720.268333] do_sys_open+0x3b3/0x520 [ 720.272136] ? filp_open+0x70/0x70 [ 720.275712] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 720.281268] ? trace_hardirqs_off_caller+0x6e/0x210 [ 720.286369] ? do_syscall_64+0x21/0x670 [ 720.290453] do_syscall_64+0xf9/0x670 [ 720.294295] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.299576] RIP: 0033:0x7f074e8b8840 [ 720.303332] Code: Bad RIP value. [ 720.306684] RSP: 002b:00007ffec2a9c4e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 720.314499] RAX: ffffffffffffffda RBX: 000055d298f44a30 RCX: 00007f074e8b8840 [ 720.321895] RDX: 000055d29871dfe3 RSI: 0000000000080000 RDI: 000055d298f57160 [ 720.329179] RBP: 0000000000000001 R08: 000055d29871d670 R09: 0000000000000110 [ 720.336619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.344465] R13: 0000000000000000 R14: 000055d298f45dd0 R15: 00000000ffffffff [ 720.351862] INFO: task syz-executor304:6496 blocked for more than 140 seconds. [ 720.359333] Not tainted 4.19.150-syzkaller #0 [ 720.364357] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 720.372495] syz-executor304 D28024 6496 6487 0x80000006 [ 720.378141] Call Trace: [ 720.380810] __schedule+0x8e5/0x22e0 [ 720.384567] ? find_held_lock+0x2d/0x110 [ 720.388642] ? io_schedule_timeout+0x140/0x140 [ 720.393365] ? lock_downgrade+0x750/0x750 [ 720.397546] ? __mutex_lock+0x46d/0x13f0 [ 720.401702] schedule+0x8d/0x1b0 [ 720.405083] schedule_preempt_disabled+0xf/0x20 [ 720.409862] __mutex_lock+0x6a9/0x13f0 [ 720.413785] ? blkdev_put+0x30/0x550 [ 720.417518] ? ww_mutex_unlock+0x2f0/0x2f0 [ 720.421854] ? lock_acquire+0x170/0x3f0 [ 720.425923] ? locks_remove_file+0x286/0x450 [ 720.430500] ? locks_check_ctx_file_list+0x1d/0x280 [ 720.435537] ? _raw_spin_unlock+0x29/0x40 [ 720.439779] ? locks_remove_file+0x2cd/0x450 [ 720.444209] ? blkdev_put+0x550/0x550 [ 720.448007] blkdev_put+0x30/0x550 [ 720.451652] ? blkdev_put+0x550/0x550 [ 720.456437] blkdev_close+0x86/0xb0 [ 720.460146] __fput+0x2ce/0x8a0 [ 720.463528] task_work_run+0x141/0x1c0 [ 720.467806] do_exit+0xc09/0x2d80 [ 720.472117] ? mm_update_next_owner+0x660/0x660 [ 720.476874] ? get_signal+0x389/0x2270 [ 720.480860] ? lock_downgrade+0x750/0x750 [ 720.485048] do_group_exit+0x125/0x320 [ 720.488950] get_signal+0x3f3/0x2270 [ 720.492880] ? debug_check_no_obj_freed+0x201/0x482 [ 720.498002] do_signal+0x8f/0x1690 [ 720.501627] ? block_ioctl+0xe9/0x130 [ 720.505440] ? blkdev_fallocate+0x3f0/0x3f0 [ 720.509868] ? do_vfs_ioctl+0x110/0x12e0 [ 720.513952] ? setup_sigcontext+0x820/0x820 [ 720.518345] ? selinux_file_ioctl+0x44f/0x5e0 [ 720.522920] ? ioctl_preallocate+0x200/0x200 [ 720.527361] ? selinux_parse_skb.constprop.0+0x1f0/0x1f0 [ 720.532928] ? putname+0xe1/0x130 [ 720.536488] ? rcu_read_lock_sched_held+0x174/0x1e0 [ 720.541610] ? putname+0xe1/0x130 [ 720.545089] ? exit_to_usermode_loop+0x36/0x2c0 [ 720.549922] exit_to_usermode_loop+0x204/0x2c0 [ 720.554537] do_syscall_64+0x57c/0x670 [ 720.558420] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.563813] RIP: 0033:0x445039 [ 720.567028] Code: Bad RIP value. [ 720.570534] RSP: 002b:00007ffe152eb988 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 720.578270] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 0000000000445039 [ 720.585642] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006 [ 720.593008] RBP: 000000000008a2d6 R08: 00000000004002e0 R09: 00000000004002e0 [ 720.601060] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402200 [ 720.608358] R13: 0000000000402290 R14: 0000000000000000 R15: 0000000000000000 [ 720.615778] [ 720.615778] Showing all locks held in the system: [ 720.622195] 1 lock held by khungtaskd/1092: [ 720.626521] #0: 00000000d87dd293 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x291 [ 720.635266] 1 lock held by in:imklog/6165: [ 720.639575] #0: 0000000031b47300 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xe3/0x100 [ 720.647493] 1 lock held by systemd-udevd/6492: [ 720.652154] #0: 000000009506c922 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1490 [ 720.660484] 1 lock held by syz-executor304/6496: [ 720.665236] #0: 000000009506c922 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x550 [ 720.673243] [ 720.674874] ============================================= [ 720.674874] [ 720.681974] NMI backtrace for cpu 1 [ 720.685627] CPU: 1 PID: 1092 Comm: khungtaskd Not tainted 4.19.150-syzkaller #0 [ 720.693067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.702414] Call Trace: [ 720.705005] dump_stack+0x22c/0x33e [ 720.708627] nmi_cpu_backtrace.cold+0x18/0x3d [ 720.713283] ? nmi_cpu_backtrace_handler+0x10/0x10 [ 720.718213] nmi_trigger_cpumask_backtrace+0x1a6/0x1eb [ 720.723564] watchdog+0xa62/0x1020 [ 720.727116] ? reset_hung_task_detector+0x30/0x30 [ 720.732041] kthread+0x33f/0x460 [ 720.735412] ? kthread_park+0x180/0x180 [ 720.739405] ret_from_fork+0x24/0x30 [ 720.743239] Sending NMI from CPU 1 to CPUs 0: [ 720.748453] NMI backtrace for cpu 0 [ 720.748460] CPU: 0 PID: 3720 Comm: systemd-journal Not tainted 4.19.150-syzkaller #0 [ 720.748467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.748471] RIP: 0010:debug_smp_processor_id+0x5/0x20 [ 720.748490] Code: fe e9 68 fe ff ff 48 89 de 48 c7 c7 00 4a 18 8a e8 c0 7b 13 00 e9 18 fe ff ff 90 66 2e 0f 1f 84 00 00 00 00 00 e8 4b 2c cf fd <48> c7 c6 00 f3 51 88 48 c7 c7 40 f3 51 88 e9 38 fd ff ff 0f 1f 84 [ 720.748495] RSP: 0018:ffff888093cdf9b0 EFLAGS: 00000093 [ 720.748504] RAX: ffff888093cd2240 RBX: ffffffff8a172e60 RCX: 0000000000000001 [ 720.748510] RDX: 0000000000000000 RSI: ffffffff83a2a615 RDI: ffff888093cd2ac4 [ 720.748515] RBP: ffff888093cd2240 R08: 0000000000000001 R09: fffff9400051ae96 [ 720.748521] R10: ffffea00028d74b7 R11: dffffc0000000000 R12: 0000000000000001 [ 720.748526] R13: ffffea00028d7488 R14: ffffea00028d7488 R15: ffffea00028d7480 [ 720.748532] FS: 00007f7f3100c8c0(0000) GS:ffff8880ae200000(0000) knlGS:0000000000000000 [ 720.748537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 720.748542] CR2: 00007f7f2e3c2000 CR3: 00000000943ba000 CR4: 00000000001406f0 [ 720.748548] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 720.748553] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 720.748556] Call Trace: [ 720.748560] rcu_is_watching+0xe/0x100 [ 720.748565] rcu_read_lock_sched_held+0xc6/0x1e0 [ 720.748569] __free_pages_ok+0xa81/0xe00 [ 720.748573] ? kmem_freepages+0x288/0x6f0 [ 720.748576] slabs_destroy+0x8b/0xc0 [ 720.748580] ___cache_free+0x2c3/0x420 [ 720.748584] qlist_free_all+0x79/0x170 [ 720.748588] quarantine_reduce+0x1ca/0x260 [ 720.748592] kasan_kmalloc+0xa2/0x160 [ 720.748596] ? mark_held_locks+0xf0/0xf0 [ 720.748600] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 720.748604] ? getname+0x20/0x20 [ 720.748608] ? find_held_lock+0x2d/0x110 [ 720.748612] ? cache_alloc_refill+0x351/0x410 [ 720.748616] ? lock_downgrade+0x750/0x750 [ 720.748620] ? do_raw_spin_lock+0xcb/0x220 [ 720.748624] ? do_raw_spin_unlock+0x171/0x240 [ 720.748628] ? _raw_spin_unlock+0x29/0x40 [ 720.748632] ? cache_alloc_refill+0x351/0x410 [ 720.748637] ? kmem_cache_alloc+0x2eb/0x4a0 [ 720.748641] kmem_cache_alloc+0x114/0x4a0 [ 720.748644] getname_flags+0xce/0x590 [ 720.748648] do_sys_open+0x26c/0x520 [ 720.748652] ? filp_open+0x70/0x70 [ 720.748656] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 720.748661] ? trace_hardirqs_off_caller+0x6e/0x210 [ 720.748665] ? do_syscall_64+0x21/0x670 [ 720.748668] do_syscall_64+0xf9/0x670 [ 720.748673] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.748677] RIP: 0033:0x7f7f3059c840 [ 720.748688] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 [ 720.748692] RSP: 002b:00007ffde78ffb78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 720.748702] RAX: ffffffffffffffda RBX: 00007ffde78ffe80 RCX: 00007f7f3059c840 [ 720.748707] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 0000564d079bf6b0 [ 720.748712] RBP: 000000000000000d R08: 000000000000ffc0 R09: 00000000ffffffff [ 720.748717] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 720.748723] R13: 0000564d079b3060 R14: 00007ffde78ffe40 R15: 0000564d079bdd90 [ 720.749608] Kernel panic - not syncing: hung_task: blocked tasks [ 721.069095] CPU: 1 PID: 1092 Comm: khungtaskd Not tainted 4.19.150-syzkaller #0 [ 721.076555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.085936] Call Trace: [ 721.088529] dump_stack+0x22c/0x33e [ 721.092218] panic+0x2ac/0x565 [ 721.095406] ? __warn_printk+0xf3/0xf3 [ 721.099309] ? nmi_cpu_backtrace_handler+0x10/0x10 [ 721.104249] ? ___preempt_schedule+0x16/0x18 [ 721.108658] ? watchdog+0xa62/0x1020 [ 721.112381] ? nmi_trigger_cpumask_backtrace+0x15e/0x1eb [ 721.117922] watchdog+0xa73/0x1020 [ 721.121465] ? reset_hung_task_detector+0x30/0x30 [ 721.126326] kthread+0x33f/0x460 [ 721.129694] ? kthread_park+0x180/0x180 [ 721.133684] ret_from_fork+0x24/0x30 [ 721.138714] Kernel Offset: disabled [ 721.142359] Rebooting in 86400 seconds..