[   44.448422] audit: type=1800 audit(1583096212.539:29): pid=8010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   44.484587] audit: type=1800 audit(1583096212.539:30): pid=8010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
Starting mcstransd: 
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts.
syzkaller login: [   53.089746] kauditd_printk_skb: 5 callbacks suppressed
[   53.089761] audit: type=1400 audit(1583096221.179:36): avc:  denied  { map } for  pid=8196 comm="syz-executor235" path="/root/syz-executor235643199" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   53.122568] IPVS: ftp: loaded support on port[0] = 21
[   53.178871] chnl_net:caif_netlink_parms(): no params data found
[   53.231581] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.238584] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.245927] device bridge_slave_0 entered promiscuous mode
[   53.253386] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.259907] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.266991] device bridge_slave_1 entered promiscuous mode
[   53.284827] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   53.294172] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   53.311441] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   53.318919] team0: Port device team_slave_0 added
[   53.324770] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   53.332065] team0: Port device team_slave_1 added
[   53.346753] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.353037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.379434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.391087] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.397475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.422843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.434261] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   53.442045] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   53.505658] device hsr_slave_0 entered promiscuous mode
[   53.554334] device hsr_slave_1 entered promiscuous mode
[   53.594597] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   53.601877] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   53.657000] audit: type=1400 audit(1583096221.749:37): avc:  denied  { create } for  pid=8197 comm="syz-executor235" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   53.681166] audit: type=1400 audit(1583096221.749:38): avc:  denied  { write } for  pid=8197 comm="syz-executor235" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   53.684497] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.705461] audit: type=1400 audit(1583096221.749:39): avc:  denied  { read } for  pid=8197 comm="syz-executor235" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   53.711564] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.742399] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.748842] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.786907] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   53.793045] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.802777] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   53.811979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.830636] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.838446] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.846210] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   53.858111] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   53.864341] 8021q: adding VLAN 0 to HW filter on device team0
[   53.884156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.891804] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.898218] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.924221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.932010] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.938441] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.947566] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   53.955422] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   53.962980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.970539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.978485] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   53.987679] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   53.993888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   54.008409] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   54.016082] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   54.022733] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   54.034660] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.048287] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready
[   54.058173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   54.101295] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready
[   54.108341] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready
[   54.115359] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready
[   54.125016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.132681] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   54.139825] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   54.148822] device veth0_vlan entered promiscuous mode
[   54.158556] device veth1_vlan entered promiscuous mode
[   54.165375] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready
[   54.175255] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready
[   54.182224] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   54.189452] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   54.203264] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready
[   54.212468] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready
[   54.219755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   54.228566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.238085] device veth0_macvtap entered promiscuous mode
[   54.244795] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready
[   54.252865] device veth1_macvtap entered promiscuous mode
[   54.259286] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready
[   54.268736] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready
[   54.279566] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready
[   54.289330] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready
[   54.296998] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.304129] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   54.311411] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   54.318854] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   54.326828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.340711] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready
[   54.348321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.355108] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   54.362938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   54.813617] 
[   54.815354] ============================================
[   54.820784] WARNING: possible recursive locking detected
[   54.826214] 4.19.107-syzkaller #0 Not tainted
[   54.830722] --------------------------------------------
[   54.836163] swapper/0/0 is trying to acquire lock:
[   54.841163] 0000000053c8769e (&port_lock_key){-.-.}, at: uart_write+0x1c7/0x680
[   54.848604] 
[   54.848604] but task is already holding lock:
[   54.854571] 0000000053c8769e (&port_lock_key){-.-.}, at: serial8250_handle_irq.part.0+0x21/0x290
[   54.863495] 
[   54.863495] other info that might help us debug this:
[   54.870139]  Possible unsafe locking scenario:
[   54.870139] 
[   54.876174]        CPU0
[   54.878750]        ----
[   54.881308]   lock(&port_lock_key);
[   54.884929]   lock(&port_lock_key);
[   54.888535] 
[   54.888535]  *** DEADLOCK ***
[   54.888535] 
[   54.894570]  May be due to missing lock nesting notation
[   54.894570] 
[   54.901476] 3 locks held by swapper/0/0:
[   54.905513]  #0: 0000000058c89ec8 (&(&i->lock)->rlock){-.-.}, at: serial8250_interrupt+0x2b/0x1d0
[   54.914517]  #1: 0000000053c8769e (&port_lock_key){-.-.}, at: serial8250_handle_irq.part.0+0x21/0x290
[   54.923860]  #2: 000000003d674e2f (&tty->ldisc_sem){++++}, at: tty_ldisc_ref+0x1d/0x80
[   54.931920] 
[   54.931920] stack backtrace:
[   54.936402] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.19.107-syzkaller #0
[   54.943483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.952857] Call Trace:
[   54.955540]  <IRQ>
[   54.957710]  dump_stack+0x188/0x20d
[   54.961343]  __lock_acquire.cold+0x20f/0x4a7
[   54.965752]  ? __save_stack_trace+0x7a/0xf0
[   54.970165]  ? mark_held_locks+0xf0/0xf0
[   54.974210]  ? __lock_acquire+0x23a3/0x49c0
[   54.978510]  ? __lock_acquire+0x6ee/0x49c0
[   54.982727]  ? mark_held_locks+0xf0/0xf0
[   54.987148]  ? mark_held_locks+0xf0/0xf0
[   54.991190]  lock_acquire+0x170/0x400
[   54.994976]  ? uart_write+0x1c7/0x680
[   54.998759]  _raw_spin_lock_irqsave+0x8c/0xbf
[   55.003246]  ? uart_write+0x1c7/0x680
[   55.007044]  uart_write+0x1c7/0x680
[   55.010651]  ? uart_proc_show+0x12d0/0x12d0
[   55.014953]  ? _raw_spin_unlock_irqrestore+0xa0/0xe0
[   55.020040]  ? n_hdlc_buf_get+0x1ab/0x240
[   55.024167]  ? uart_proc_show+0x12d0/0x12d0
[   55.028468]  n_hdlc_send_frames+0x276/0x450
[   55.032783]  n_hdlc_tty_wakeup+0xa0/0xc0
[   55.036839]  ? n_hdlc_tty_receive+0x2f0/0x2f0
[   55.041312]  tty_wakeup+0xd4/0x110
[   55.044844]  tty_port_default_wakeup+0x26/0x40
[   55.049407]  serial8250_tx_chars+0x48f/0xae0
[   55.053798]  serial8250_handle_irq.part.0+0x24b/0x290
[   55.058969]  serial8250_default_handle_irq+0xb5/0x140
[   55.064152]  serial8250_interrupt+0xf2/0x1d0
[   55.068555]  ? serial8250_backup_timeout+0x4d0/0x4d0
[   55.073650]  __handle_irq_event_percpu+0x144/0x8e0
[   55.078558]  handle_irq_event_percpu+0x76/0x160
[   55.083209]  ? __handle_irq_event_percpu+0x8e0/0x8e0
[   55.088306]  ? lock_acquire+0x170/0x400
[   55.092274]  ? handle_edge_irq+0x29/0x8c0
[   55.096414]  ? do_raw_spin_unlock+0x171/0x260
[   55.100888]  handle_irq_event+0xa2/0x12d
[   55.104929]  handle_edge_irq+0x24b/0x8c0
[   55.108974]  ? check_preemption_disabled+0x41/0x280
[   55.113971]  handle_irq+0x35/0x50
[   55.117419]  do_IRQ+0x93/0x1c0
[   55.120606]  common_interrupt+0xf/0xf
[   55.124385]  </IRQ>
[   55.126603] RIP: 0010:native_safe_halt+0xe/0x10
[   55.131251] Code: fa eb 82 90 90 90 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d f4 02 48 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d e4 02 48 00 fb f4 <c3> 90 41 56 41 55 41 54 55 53 e8 23 c2 36 fa e8 ce ce 35 fc 0f 1f
[   55.150154] RSP: 0018:ffffffff88a07d40 EFLAGS: 00000282 ORIG_RAX: ffffffffffffffd7
[   55.157845] RAX: 1ffffffff1164ad4 RBX: dffffc0000000000 RCX: 0000000000000000
[   55.165097] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff88a7a73c
[   55.172359] RBP: 0000000000000000 R08: ffffffff88a79ec0 R09: 0000000000000000
[   55.179609] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff88b25690
[   55.186859] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff88a79ec0
[   55.194127]  default_idle+0x49/0x320
[   55.197839]  do_idle+0x2ee/0x4b0
[   55.201187]  ? arch_cpu_idle_exit+0x70/0x70
[   55.205496]  ? check_preemption_disabled+0x41/0x280
[   55.210510]  cpu_startup_entry+0xc6/0xd0
[   55.214567]  ? cpu_in_idle+0x20/0x20
[   55.218269]  ? preempt_count_add+0xaf/0x190
[   55.222614]  ? trace_event_define_fields_vector_free_moved+0xab/0xab
[   55.229090]  start_kernel+0x7e4/0x81c
[   55.232878]  ? mem_encrypt_init+0x5/0x5
[   55.236836]  ? load_ucode_bsp+0x23d/0x27d
[   55.240968]  secondary_startup_64+0xa4/0xb0