[ 32.344004] audit: type=1800 audit(1555825475.528:33): pid=6911 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 32.376885] audit: type=1800 audit(1555825475.558:34): pid=6911 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 37.384319] random: sshd: uninitialized urandom read (32 bytes read) [ 37.746393] audit: type=1400 audit(1555825480.928:35): avc: denied { map } for pid=7087 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 37.798937] random: sshd: uninitialized urandom read (32 bytes read) [ 38.401239] random: sshd: uninitialized urandom read (32 bytes read) [ 831.680167] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.238' (ECDSA) to the list of known hosts. [ 837.207609] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program executing program executing program executing program executing program [ 837.330322] audit: type=1400 audit(1555826280.508:36): avc: denied { map } for pid=7100 comm="syz-executor454" path="/root/syz-executor454145995" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 1001.430380] INFO: task syz-executor454:7556 blocked for more than 140 seconds. [ 1001.438279] Not tainted 4.14.113 #3 [ 1001.442630] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.451138] syz-executor454 D28848 7556 7105 0x00000004 [ 1001.456828] Call Trace: [ 1001.459614] __schedule+0x7be/0x1cf0 [ 1001.463810] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1001.469035] schedule+0x92/0x1c0 [ 1001.472619] schedule_timeout+0x93d/0xe10 [ 1001.476774] ? wait_for_completion+0x274/0x420 [ 1001.481550] ? find_held_lock+0x35/0x130 [ 1001.485701] ? usleep_range+0x130/0x130 [ 1001.489667] ? wait_for_completion+0x274/0x420 [ 1001.494342] ? _raw_spin_unlock_irq+0x28/0x90 [ 1001.498847] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.503944] wait_for_completion+0x27c/0x420 [ 1001.508431] ? wait_for_completion_interruptible+0x490/0x490 [ 1001.514325] ? wake_up_q+0xf0/0xf0 [ 1001.517875] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.522961] flush_work+0x3eb/0x730 [ 1001.526599] ? insert_work+0x320/0x320 [ 1001.530801] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1001.535921] ? __cancel_work_timer+0x166/0x480 [ 1001.540675] __cancel_work_timer+0x2f0/0x480 [ 1001.545201] ? cancel_delayed_work+0x20/0x20 [ 1001.549625] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1001.555009] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.560193] cancel_work_sync+0x18/0x20 [ 1001.564263] p9_fd_close+0x2a1/0x450 [ 1001.568367] p9_client_create+0x793/0x1130 [ 1001.572902] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1001.579010] ? __kmalloc_track_caller+0x375/0x790 [ 1001.583950] ? __lockdep_init_map+0x10c/0x570 [ 1001.588452] ? lockdep_init_map+0x9/0x10 [ 1001.593300] ? __raw_spin_lock_init+0x2d/0x100 [ 1001.597899] v9fs_session_init+0x1dc/0x1630 [ 1001.602745] ? check_preemption_disabled+0x3c/0x250 [ 1001.607794] ? v9fs_show_options+0x730/0x730 [ 1001.612291] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1001.617747] ? v9fs_mount+0x5e/0x870 [ 1001.621518] ? rcu_read_lock_sched_held+0x110/0x130 [ 1001.626599] ? kmem_cache_alloc_trace+0x626/0x790 [ 1001.631668] ? free_pages+0x46/0x50 [ 1001.635307] v9fs_mount+0x7d/0x870 [ 1001.638839] mount_fs+0x9d/0x2a7 [ 1001.642451] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1001.646960] do_mount+0x417/0x27d0 [ 1001.650652] ? copy_mount_options+0x5c/0x2f0 [ 1001.655067] ? rcu_read_lock_sched_held+0x110/0x130 [ 1001.660160] ? copy_mount_string+0x40/0x40 [ 1001.664608] ? copy_mount_options+0x1fe/0x2f0 [ 1001.669137] SyS_mount+0xab/0x120 [ 1001.672760] ? copy_mnt_ns+0x8c0/0x8c0 [ 1001.676762] do_syscall_64+0x1eb/0x630 [ 1001.680711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1001.685652] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1001.690924] RIP: 0033:0x4469a9 [ 1001.694114] RSP: 002b:00007f42d1314db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1001.702116] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004469a9 [ 1001.709495] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1001.716841] RBP: 00000000006dbc40 R08: 0000000020000140 R09: 0000000000000000 [ 1001.724644] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1001.732028] R13: 00007ffd4ac815bf R14: 00007f42d13159c0 R15: 0000000000000000 [ 1001.739538] INFO: task syz-executor454:7614 blocked for more than 140 seconds. [ 1001.746952] Not tainted 4.14.113 #3 [ 1001.751209] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1001.759277] syz-executor454 D28848 7614 7106 0x00000004 [ 1001.765132] Call Trace: [ 1001.767733] __schedule+0x7be/0x1cf0 [ 1001.771671] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1001.776694] schedule+0x92/0x1c0 [ 1001.780109] schedule_timeout+0x93d/0xe10 [ 1001.784359] ? wait_for_completion+0x274/0x420 [ 1001.789054] ? find_held_lock+0x35/0x130 [ 1001.793200] ? usleep_range+0x130/0x130 [ 1001.797681] ? wait_for_completion+0x274/0x420 [ 1001.802348] ? _raw_spin_unlock_irq+0x28/0x90 [ 1001.806848] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.811957] wait_for_completion+0x27c/0x420 [ 1001.816381] ? wait_for_completion_interruptible+0x490/0x490 [ 1001.822326] ? wake_up_q+0xf0/0xf0 [ 1001.825882] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.830976] flush_work+0x3eb/0x730 [ 1001.834621] ? insert_work+0x320/0x320 [ 1001.838550] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1001.843729] ? __cancel_work_timer+0x166/0x480 [ 1001.848307] __cancel_work_timer+0x2f0/0x480 [ 1001.853325] ? cancel_delayed_work+0x20/0x20 [ 1001.857825] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1001.862995] ? trace_hardirqs_on_caller+0x400/0x590 [ 1001.868016] cancel_work_sync+0x18/0x20 [ 1001.872057] p9_fd_close+0x2a1/0x450 [ 1001.875832] p9_client_create+0x793/0x1130 [ 1001.880141] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1001.885808] ? __kmalloc_track_caller+0x375/0x790 [ 1001.890807] ? __lockdep_init_map+0x10c/0x570 [ 1001.895314] ? lockdep_init_map+0x9/0x10 [ 1001.899363] ? __raw_spin_lock_init+0x2d/0x100 [ 1001.904014] v9fs_session_init+0x1dc/0x1630 [ 1001.908346] ? check_preemption_disabled+0x3c/0x250 [ 1001.913427] ? v9fs_show_options+0x730/0x730 [ 1001.917834] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1001.923370] ? v9fs_mount+0x5e/0x870 [ 1001.927095] ? rcu_read_lock_sched_held+0x110/0x130 [ 1001.932258] ? kmem_cache_alloc_trace+0x626/0x790 [ 1001.937113] ? free_pages+0x46/0x50 [ 1001.940811] v9fs_mount+0x7d/0x870 [ 1001.944362] mount_fs+0x9d/0x2a7 [ 1001.947722] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1001.952314] do_mount+0x417/0x27d0 [ 1001.955859] ? copy_mount_options+0x5c/0x2f0 [ 1001.960389] ? rcu_read_lock_sched_held+0x110/0x130 [ 1001.965414] ? copy_mount_string+0x40/0x40 [ 1001.969632] ? copy_mount_options+0x1fe/0x2f0 [ 1001.974203] SyS_mount+0xab/0x120 [ 1001.977720] ? copy_mnt_ns+0x8c0/0x8c0 [ 1001.982198] do_syscall_64+0x1eb/0x630 [ 1001.986087] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1001.990998] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1001.996306] RIP: 0033:0x4469a9 [ 1001.999483] RSP: 002b:00007f42d12d2db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1002.007270] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 00000000004469a9 [ 1002.014578] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1002.021904] RBP: 00000000006dbc60 R08: 0000000020000140 R09: 0000000000000000 [ 1002.029173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc6c [ 1002.036628] R13: 00007ffd4ac815bf R14: 00007f42d12d39c0 R15: 0000000000000000 [ 1002.043955] INFO: task syz-executor454:7606 blocked for more than 140 seconds. [ 1002.051387] Not tainted 4.14.113 #3 [ 1002.055531] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1002.063554] syz-executor454 D28848 7606 7103 0x00000004 [ 1002.069288] Call Trace: [ 1002.072090] __schedule+0x7be/0x1cf0 [ 1002.075822] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1002.080914] schedule+0x92/0x1c0 [ 1002.084500] schedule_timeout+0x93d/0xe10 [ 1002.088636] ? wait_for_completion+0x274/0x420 [ 1002.093319] ? find_held_lock+0x35/0x130 [ 1002.097389] ? usleep_range+0x130/0x130 [ 1002.101403] ? wait_for_completion+0x274/0x420 [ 1002.106091] ? _raw_spin_unlock_irq+0x28/0x90 [ 1002.111174] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.116195] wait_for_completion+0x27c/0x420 [ 1002.120672] ? wait_for_completion_interruptible+0x490/0x490 [ 1002.126742] ? wake_up_q+0xf0/0xf0 [ 1002.130345] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.135407] flush_work+0x3eb/0x730 [ 1002.139067] ? insert_work+0x320/0x320 [ 1002.143027] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1002.148193] ? __cancel_work_timer+0x166/0x480 [ 1002.152879] __cancel_work_timer+0x2f0/0x480 [ 1002.157407] ? cancel_delayed_work+0x20/0x20 [ 1002.162115] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1002.167281] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.172438] cancel_work_sync+0x18/0x20 [ 1002.176464] p9_fd_close+0x2a1/0x450 [ 1002.180247] p9_client_create+0x793/0x1130 [ 1002.184497] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1002.190248] ? __kmalloc_track_caller+0x375/0x790 [ 1002.195102] ? __lockdep_init_map+0x10c/0x570 [ 1002.199606] ? lockdep_init_map+0x9/0x10 [ 1002.203781] ? __raw_spin_lock_init+0x2d/0x100 [ 1002.208377] v9fs_session_init+0x1dc/0x1630 [ 1002.212770] ? check_preemption_disabled+0x3c/0x250 [ 1002.217782] ? v9fs_show_options+0x730/0x730 [ 1002.222246] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1002.227704] ? v9fs_mount+0x5e/0x870 [ 1002.231509] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.236540] ? kmem_cache_alloc_trace+0x626/0x790 [ 1002.241808] ? free_pages+0x46/0x50 [ 1002.245439] v9fs_mount+0x7d/0x870 [ 1002.248966] mount_fs+0x9d/0x2a7 [ 1002.252450] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1002.256999] do_mount+0x417/0x27d0 [ 1002.260599] ? copy_mount_options+0x5c/0x2f0 [ 1002.265052] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.270152] ? copy_mount_string+0x40/0x40 [ 1002.274396] ? copy_mount_options+0x1fe/0x2f0 [ 1002.279009] SyS_mount+0xab/0x120 [ 1002.282587] ? copy_mnt_ns+0x8c0/0x8c0 [ 1002.286551] do_syscall_64+0x1eb/0x630 [ 1002.290503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1002.295354] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1002.300719] RIP: 0033:0x4469a9 [ 1002.303909] RSP: 002b:00007f42d1314db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1002.311694] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004469a9 [ 1002.319036] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1002.326488] RBP: 00000000006dbc40 R08: 0000000020000140 R09: 0000000000000000 [ 1002.333811] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1002.341353] R13: 00007ffd4ac815bf R14: 00007f42d13159c0 R15: 0000000000000000 [ 1002.348682] INFO: task syz-executor454:7612 blocked for more than 140 seconds. [ 1002.356241] Not tainted 4.14.113 #3 [ 1002.360478] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1002.368542] syz-executor454 D28848 7612 7104 0x00000004 [ 1002.374676] Call Trace: [ 1002.377263] __schedule+0x7be/0x1cf0 [ 1002.381082] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1002.386112] schedule+0x92/0x1c0 [ 1002.389463] schedule_timeout+0x93d/0xe10 [ 1002.393690] ? wait_for_completion+0x274/0x420 [ 1002.398324] ? find_held_lock+0x35/0x130 [ 1002.402442] ? usleep_range+0x130/0x130 [ 1002.406520] ? wait_for_completion+0x274/0x420 [ 1002.411247] ? _raw_spin_unlock_irq+0x28/0x90 [ 1002.415791] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.420868] wait_for_completion+0x27c/0x420 [ 1002.425289] ? wait_for_completion_interruptible+0x490/0x490 [ 1002.431206] ? wake_up_q+0xf0/0xf0 [ 1002.434770] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.439773] flush_work+0x3eb/0x730 [ 1002.443525] ? insert_work+0x320/0x320 [ 1002.447522] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1002.452706] ? __cancel_work_timer+0x166/0x480 [ 1002.457339] __cancel_work_timer+0x2f0/0x480 [ 1002.461828] ? cancel_delayed_work+0x20/0x20 [ 1002.466256] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1002.471451] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.476536] cancel_work_sync+0x18/0x20 [ 1002.480820] p9_fd_close+0x2a1/0x450 [ 1002.484553] p9_client_create+0x793/0x1130 [ 1002.489305] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1002.494952] ? __kmalloc_track_caller+0x375/0x790 [ 1002.499803] ? __lockdep_init_map+0x10c/0x570 [ 1002.504959] ? lockdep_init_map+0x9/0x10 [ 1002.509027] ? __raw_spin_lock_init+0x2d/0x100 [ 1002.513698] v9fs_session_init+0x1dc/0x1630 [ 1002.518031] ? check_preemption_disabled+0x3c/0x250 [ 1002.523157] ? v9fs_show_options+0x730/0x730 [ 1002.527712] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1002.533306] ? v9fs_mount+0x5e/0x870 [ 1002.537042] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.542235] ? kmem_cache_alloc_trace+0x626/0x790 [ 1002.547085] ? free_pages+0x46/0x50 [ 1002.551077] v9fs_mount+0x7d/0x870 [ 1002.554623] mount_fs+0x9d/0x2a7 [ 1002.557988] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1002.562569] do_mount+0x417/0x27d0 [ 1002.566112] ? copy_mount_options+0x5c/0x2f0 [ 1002.570945] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.575981] ? copy_mount_string+0x40/0x40 [ 1002.580327] ? copy_mount_options+0x1fe/0x2f0 [ 1002.584838] SyS_mount+0xab/0x120 [ 1002.588277] ? copy_mnt_ns+0x8c0/0x8c0 [ 1002.592250] do_syscall_64+0x1eb/0x630 [ 1002.596147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1002.601078] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1002.606273] RIP: 0033:0x4469a9 [ 1002.609603] RSP: 002b:00007f42d1314db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1002.617717] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004469a9 [ 1002.625397] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1002.634051] RBP: 00000000006dbc40 R08: 0000000020000140 R09: 0000000000000000 [ 1002.641898] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1002.649496] R13: 00007ffd4ac815bf R14: 00007f42d13159c0 R15: 0000000000000000 [ 1002.656936] INFO: task syz-executor454:7616 blocked for more than 140 seconds. [ 1002.664353] Not tainted 4.14.113 #3 [ 1002.668549] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1002.676892] syz-executor454 D28976 7616 7102 0x00000004 [ 1002.682699] Call Trace: [ 1002.685303] __schedule+0x7be/0x1cf0 [ 1002.689024] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1002.694277] schedule+0x92/0x1c0 [ 1002.697669] schedule_timeout+0x93d/0xe10 [ 1002.701912] ? wait_for_completion+0x274/0x420 [ 1002.706516] ? find_held_lock+0x35/0x130 [ 1002.710842] ? usleep_range+0x130/0x130 [ 1002.714827] ? wait_for_completion+0x274/0x420 [ 1002.719732] ? _raw_spin_unlock_irq+0x28/0x90 [ 1002.724489] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.729524] wait_for_completion+0x27c/0x420 [ 1002.734036] ? wait_for_completion_interruptible+0x490/0x490 [ 1002.740001] ? wake_up_q+0xf0/0xf0 [ 1002.743720] ? _raw_spin_unlock_irq+0x54/0x90 [ 1002.748226] flush_work+0x3eb/0x730 [ 1002.751952] ? insert_work+0x320/0x320 [ 1002.755852] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1002.761625] ? __cancel_work_timer+0x166/0x480 [ 1002.766256] __cancel_work_timer+0x2f0/0x480 [ 1002.770761] ? cancel_delayed_work+0x20/0x20 [ 1002.775185] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1002.780465] ? trace_hardirqs_on_caller+0x400/0x590 [ 1002.785490] cancel_work_sync+0x18/0x20 [ 1002.789460] p9_fd_close+0x2a1/0x450 [ 1002.793325] p9_client_create+0x793/0x1130 [ 1002.797582] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1002.803255] ? __kmalloc_track_caller+0x375/0x790 [ 1002.808284] ? __lockdep_init_map+0x10c/0x570 [ 1002.812856] ? lockdep_init_map+0x9/0x10 [ 1002.816956] ? __raw_spin_lock_init+0x2d/0x100 [ 1002.821736] v9fs_session_init+0x1dc/0x1630 [ 1002.826315] ? check_preemption_disabled+0x3c/0x250 [ 1002.831432] ? v9fs_show_options+0x730/0x730 [ 1002.836279] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1002.841795] ? v9fs_mount+0x5e/0x870 [ 1002.845509] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.850616] ? kmem_cache_alloc_trace+0x626/0x790 [ 1002.855473] ? free_pages+0x46/0x50 [ 1002.859143] v9fs_mount+0x7d/0x870 [ 1002.862790] mount_fs+0x9d/0x2a7 [ 1002.866212] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1002.870812] do_mount+0x417/0x27d0 [ 1002.874403] ? copy_mount_options+0x5c/0x2f0 [ 1002.878812] ? rcu_read_lock_sched_held+0x110/0x130 [ 1002.883909] ? copy_mount_string+0x40/0x40 [ 1002.888165] ? copy_mount_options+0x1fe/0x2f0 [ 1002.893264] SyS_mount+0xab/0x120 [ 1002.896718] ? copy_mnt_ns+0x8c0/0x8c0 [ 1002.900667] do_syscall_64+0x1eb/0x630 [ 1002.904682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1002.909521] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1002.914790] RIP: 0033:0x4469a9 [ 1002.918026] RSP: 002b:00007f42d1314db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1002.925827] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004469a9 [ 1002.933249] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1002.940593] RBP: 00000000006dbc40 R08: 0000000020000140 R09: 0000000000000000 [ 1002.947941] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1002.955425] R13: 00007ffd4ac815bf R14: 00007f42d13159c0 R15: 0000000000000000 [ 1002.962806] INFO: task syz-executor454:7621 blocked for more than 140 seconds. [ 1002.970248] Not tainted 4.14.113 #3 [ 1002.974395] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1002.982439] syz-executor454 D28848 7621 7101 0x00000004 [ 1002.988208] Call Trace: [ 1002.990891] __schedule+0x7be/0x1cf0 [ 1002.994618] ? pci_mmcfg_check_reserved+0x150/0x150 [ 1002.999619] schedule+0x92/0x1c0 [ 1003.003044] schedule_timeout+0x93d/0xe10 [ 1003.007201] ? wait_for_completion+0x274/0x420 [ 1003.011993] ? find_held_lock+0x35/0x130 [ 1003.016160] ? usleep_range+0x130/0x130 [ 1003.020772] ? wait_for_completion+0x274/0x420 [ 1003.025359] ? _raw_spin_unlock_irq+0x28/0x90 [ 1003.029845] ? trace_hardirqs_on_caller+0x400/0x590 [ 1003.034954] wait_for_completion+0x27c/0x420 [ 1003.039364] ? wait_for_completion_interruptible+0x490/0x490 [ 1003.045216] ? wake_up_q+0xf0/0xf0 [ 1003.048770] ? trace_hardirqs_on_caller+0x400/0x590 [ 1003.053895] flush_work+0x3eb/0x730 [ 1003.057618] ? insert_work+0x320/0x320 [ 1003.061712] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1003.066824] ? __cancel_work_timer+0x166/0x480 [ 1003.071535] __cancel_work_timer+0x2f0/0x480 [ 1003.075951] ? cancel_delayed_work+0x20/0x20 [ 1003.080416] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 1003.085563] ? trace_hardirqs_on_caller+0x400/0x590 [ 1003.090743] cancel_work_sync+0x18/0x20 [ 1003.094732] p9_fd_close+0x2a1/0x450 [ 1003.098440] p9_client_create+0x793/0x1130 [ 1003.102755] ? p9_client_zc_rpc.constprop.0+0x1130/0x1130 [ 1003.108323] ? __kmalloc_track_caller+0x375/0x790 [ 1003.113687] ? __lockdep_init_map+0x10c/0x570 [ 1003.118300] ? lockdep_init_map+0x9/0x10 [ 1003.122517] ? __raw_spin_lock_init+0x2d/0x100 [ 1003.127104] v9fs_session_init+0x1dc/0x1630 [ 1003.131496] ? check_preemption_disabled+0x3c/0x250 [ 1003.136527] ? v9fs_show_options+0x730/0x730 [ 1003.141095] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 1003.146595] ? v9fs_mount+0x5e/0x870 [ 1003.150871] ? rcu_read_lock_sched_held+0x110/0x130 [ 1003.155883] ? kmem_cache_alloc_trace+0x626/0x790 [ 1003.160793] ? free_pages+0x46/0x50 [ 1003.164426] v9fs_mount+0x7d/0x870 [ 1003.168000] mount_fs+0x9d/0x2a7 [ 1003.171446] vfs_kern_mount.part.0+0x5e/0x3d0 [ 1003.176027] do_mount+0x417/0x27d0 [ 1003.179587] ? copy_mount_options+0x5c/0x2f0 [ 1003.184120] ? rcu_read_lock_sched_held+0x110/0x130 [ 1003.189162] ? copy_mount_string+0x40/0x40 [ 1003.193585] ? copy_mount_options+0x1fe/0x2f0 [ 1003.198085] SyS_mount+0xab/0x120 [ 1003.201575] ? copy_mnt_ns+0x8c0/0x8c0 [ 1003.205470] do_syscall_64+0x1eb/0x630 [ 1003.209495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1003.214418] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1003.219611] RIP: 0033:0x4469a9 [ 1003.222889] RSP: 002b:00007f42d1314db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1003.231298] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004469a9 [ 1003.238563] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 1003.245887] RBP: 00000000006dbc40 R08: 0000000020000140 R09: 0000000000000000 [ 1003.253206] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc4c [ 1003.260535] R13: 00007ffd4ac815bf R14: 00007f42d13159c0 R15: 0000000000000000 [ 1003.267851] [ 1003.267851] Showing all locks held in the system: [ 1003.274286] 2 locks held by kworker/0:1/944: [ 1003.278779] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.287258] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.295770] 1 lock held by khungtaskd/1008: [ 1003.300212] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7f/0x21f [ 1003.309363] 2 locks held by kworker/1:2/2677: [ 1003.313923] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.322543] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.331272] 2 locks held by kworker/0:2/3144: [ 1003.335818] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.344326] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.352845] 1 lock held by rsyslogd/6949: [ 1003.356992] #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0xab/0xd0 [ 1003.365462] 2 locks held by getty/7072: [ 1003.369430] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.379013] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.388377] 2 locks held by getty/7073: [ 1003.392417] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.401239] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.410724] 2 locks held by getty/7074: [ 1003.414743] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.423518] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.432928] 2 locks held by getty/7075: [ 1003.436942] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.445701] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.455150] 2 locks held by getty/7076: [ 1003.459118] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.467847] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.477260] 2 locks held by getty/7077: [ 1003.481291] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.490124] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.499599] 2 locks held by getty/7078: [ 1003.503628] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1003.512373] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17b0 [ 1003.521728] 2 locks held by kworker/0:0/7201: [ 1003.526230] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.534771] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.543270] 2 locks held by kworker/0:3/7202: [ 1003.547885] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.556380] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.564983] 2 locks held by kworker/0:4/7381: [ 1003.569469] #0: ("events"){+.+.}, at: [] process_one_work+0x76e/0x1610 [ 1003.577945] #1: ((&m->rq)){+.+.}, at: [] process_one_work+0x7ab/0x1610 [ 1003.586422] [ 1003.588049] ============================================= [ 1003.588049] [ 1003.595540] NMI backtrace for cpu 1 [ 1003.599183] CPU: 1 PID: 1008 Comm: khungtaskd Not tainted 4.14.113 #3 [ 1003.605742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1003.615081] Call Trace: [ 1003.617797] dump_stack+0x138/0x19c [ 1003.621540] nmi_cpu_backtrace.cold+0x57/0x94 [ 1003.626085] ? irq_force_complete_move.cold+0x7d/0x7d [ 1003.631290] nmi_trigger_cpumask_backtrace+0x141/0x189 [ 1003.636713] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1003.642007] watchdog+0x5e7/0xb90 [ 1003.645453] kthread+0x31c/0x430 [ 1003.648869] ? hungtask_pm_notify+0x60/0x60 [ 1003.653189] ? kthread_create_on_node+0xd0/0xd0 [ 1003.657850] ret_from_fork+0x3a/0x50 [ 1003.662088] Sending NMI from CPU 1 to CPUs 0: [ 1003.666652] NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff861b0e02 [ 1003.667603] Kernel panic - not syncing: hung_task: blocked tasks [ 1003.680040] CPU: 1 PID: 1008 Comm: khungtaskd Not tainted 4.14.113 #3 [ 1003.686615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1003.696014] Call Trace: [ 1003.698599] dump_stack+0x138/0x19c [ 1003.702341] panic+0x1f2/0x438 [ 1003.705589] ? add_taint.cold+0x16/0x16 [ 1003.709563] ? irq_force_complete_move.cold+0x7d/0x7d [ 1003.714815] watchdog+0x5f8/0xb90 [ 1003.718273] kthread+0x31c/0x430 [ 1003.721746] ? hungtask_pm_notify+0x60/0x60 [ 1003.726756] ? kthread_create_on_node+0xd0/0xd0 [ 1003.731419] ret_from_fork+0x3a/0x50 [ 1003.735963] Kernel Offset: disabled [ 1003.739637] Rebooting in 86400 seconds..