[ 32.944089] audit: type=1800 audit(1581621195.632:34): pid=7114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 36.273428] random: sshd: uninitialized urandom read (32 bytes read) [ 36.629167] audit: type=1400 audit(1581621199.332:35): avc: denied { map } for pid=7287 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 36.679134] random: sshd: uninitialized urandom read (32 bytes read) [ 37.368775] random: sshd: uninitialized urandom read (32 bytes read) [ 259.321665] audit: type=1400 audit(1581621422.032:36): avc: denied { map } for pid=7295 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 890.761733] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.201' (ECDSA) to the list of known hosts. [ 896.352464] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program executing program executing program executing program executing program [ 896.475769] audit: type=1400 audit(1581622059.182:37): avc: denied { map } for pid=7302 comm="syz-executor484" path="/root/syz-executor484995355" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 899.828794] xt_HMARK: hash modulus can't be zero [ 899.828850] xt_HMARK: hash modulus can't be zero [ 899.834276] xt_HMARK: hash modulus can't be zero [ 899.838647] xt_HMARK: hash modulus can't be zero [ 899.849566] xt_HMARK: hash modulus can't be zero [ 899.849589] xt_HMARK: hash modulus can't be zero [ 899.855185] xt_HMARK: hash modulus can't be zero [ 899.859382] xt_HMARK: hash modulus can't be zero [ 899.866503] xt_HMARK: hash modulus can't be zero [ 899.873900] xt_HMARK: hash modulus can't be zero executing program executing program executing program executing program executing program executing program [ 899.873915] xt_HMARK: hash modulus can't be zero [ 899.884183] xt_HMARK: hash modulus can't be zero [ 899.885956] xt_HMARK: hash modulus can't be zero [ 899.898078] xt_HMARK: hash modulus can't be zero [ 899.901164] xt_HMARK: hash modulus can't be zero [ 899.908714] xt_HMARK: hash modulus can't be zero [ 899.909302] xt_HMARK: hash modulus can't be zero [ 899.916931] xt_HMARK: hash modulus can't be zero executing program executing program executing program executing program executing program executing program executing program [ 899.925908] xt_HMARK: hash modulus can't be zero [ 899.927123] xt_HMARK: hash modulus can't be zero [ 899.932297] xt_HMARK: hash modulus can't be zero [ 899.939653] xt_HMARK: hash modulus can't be zero [ 899.944053] xt_HMARK: hash modulus can't be zero [ 899.946589] xt_HMARK: hash modulus can't be zero [ 899.952767] xt_HMARK: hash modulus can't be zero [ 899.959629] xt_HMARK: hash modulus can't be zero [ 899.966297] xt_HMARK: hash modulus can't be zero [ 899.974162] xt_HMARK: hash modulus can't be zero [ 1144.790210] INFO: task syz-executor484:7365 blocked for more than 140 seconds. [ 1144.797773] Not tainted 4.14.170-syzkaller #0 [ 1144.804501] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1144.812551] syz-executor484 D28192 7365 7307 0x00000004 [ 1144.818253] Call Trace: [ 1144.824749] __schedule+0x7b8/0x1cd0 [ 1144.828483] ? __mutex_lock+0x737/0x1470 [ 1144.832888] ? firmware_map_remove+0x196/0x196 [ 1144.837484] schedule+0x92/0x1c0 [ 1144.841154] schedule_preempt_disabled+0x13/0x20 [ 1144.845905] __mutex_lock+0x73c/0x1470 [ 1144.849885] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1144.856039] ? mutex_trylock+0x1c0/0x1c0 [ 1144.860259] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1144.865288] mutex_lock_nested+0x16/0x20 [ 1144.869344] ? mutex_lock_nested+0x16/0x20 [ 1144.873984] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1144.879629] hashlimit_mt_check_v1+0x302/0x389 [ 1144.884673] ? hashlimit_mt_check_v2+0x390/0x390 [ 1144.889507] ? xt_find_match+0x3e/0x1e0 [ 1144.893826] ? hashlimit_mt_check_v2+0x390/0x390 [ 1144.898600] xt_check_match+0x254/0x530 [ 1144.903565] ? xt_check_target+0x510/0x510 [ 1144.907807] ? wait_for_completion+0x420/0x420 [ 1144.912896] ? mutex_unlock+0xd/0x10 [ 1144.916628] ? xt_find_match+0x178/0x1e0 [ 1144.921042] ? xt_request_find_match+0x4b/0xe0 [ 1144.925713] find_check_entry.isra.0+0x2f9/0x920 [ 1144.930926] ? ipt_do_table+0x1770/0x1770 [ 1144.935147] ? kfree+0x183/0x270 [ 1144.938511] ? kvfree+0x4d/0x60 [ 1144.942220] ? trace_hardirqs_on_caller+0x400/0x590 [ 1144.947262] ? trace_hardirqs_on+0xd/0x10 [ 1144.951747] translate_table+0xb3f/0x15a0 [ 1144.955920] ? __do_replace+0x5b0/0x5b0 [ 1144.959958] ? _copy_from_user+0x99/0x110 [ 1144.964444] do_ipt_set_ctl+0x268/0x3ee [ 1144.968433] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1144.973606] ? mutex_unlock+0xd/0x10 [ 1144.977402] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1144.983027] nf_setsockopt+0x67/0xc0 [ 1144.986804] ip_setsockopt+0x9b/0xb0 [ 1144.990814] tcp_setsockopt+0x84/0xd0 [ 1144.994649] sock_common_setsockopt+0x94/0xd0 [ 1144.999198] SyS_setsockopt+0x13c/0x210 [ 1145.003486] ? SyS_recv+0x40/0x40 [ 1145.006941] ? do_syscall_64+0x53/0x640 [ 1145.011281] ? SyS_recv+0x40/0x40 [ 1145.014742] do_syscall_64+0x1e8/0x640 [ 1145.018630] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1145.023955] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1145.029146] RIP: 0033:0x4472c9 [ 1145.033555] RSP: 002b:00007fe1126d3d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1145.041304] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 00000000004472c9 [ 1145.049171] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 1145.056808] RBP: 00000000006dbc30 R08: 0000000000000318 R09: 0000000000000000 [ 1145.064129] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc3c [ 1145.071741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1145.079045] INFO: task syz-executor484:7368 blocked for more than 140 seconds. [ 1145.086752] Not tainted 4.14.170-syzkaller #0 [ 1145.091805] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1145.099774] syz-executor484 D28392 7368 7305 0x00000004 [ 1145.105762] Call Trace: [ 1145.108388] __schedule+0x7b8/0x1cd0 [ 1145.112419] ? __mutex_lock+0x737/0x1470 [ 1145.116610] ? firmware_map_remove+0x196/0x196 [ 1145.121571] schedule+0x92/0x1c0 [ 1145.124942] schedule_preempt_disabled+0x13/0x20 [ 1145.129815] __mutex_lock+0x73c/0x1470 [ 1145.134042] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.139840] ? mutex_trylock+0x1c0/0x1c0 [ 1145.144406] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1145.149444] mutex_lock_nested+0x16/0x20 [ 1145.153927] ? mutex_lock_nested+0x16/0x20 [ 1145.158185] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.164869] hashlimit_mt_check_v1+0x302/0x389 [ 1145.169465] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.174540] ? xt_find_match+0x3e/0x1e0 [ 1145.178527] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.183574] xt_check_match+0x254/0x530 [ 1145.187563] ? xt_check_target+0x510/0x510 [ 1145.192080] ? wait_for_completion+0x420/0x420 [ 1145.196675] ? mutex_unlock+0xd/0x10 [ 1145.200699] ? xt_find_match+0x178/0x1e0 [ 1145.204764] ? xt_request_find_match+0x4b/0xe0 [ 1145.209354] find_check_entry.isra.0+0x2f9/0x920 [ 1145.214473] ? ipt_do_table+0x1770/0x1770 [ 1145.218632] ? kfree+0x183/0x270 [ 1145.222298] ? kvfree+0x4d/0x60 [ 1145.225589] ? trace_hardirqs_on_caller+0x400/0x590 [ 1145.230918] ? trace_hardirqs_on+0xd/0x10 [ 1145.235194] translate_table+0xb3f/0x15a0 [ 1145.239360] ? __do_replace+0x5b0/0x5b0 [ 1145.243649] ? _copy_from_user+0x99/0x110 [ 1145.247810] do_ipt_set_ctl+0x268/0x3ee [ 1145.252087] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1145.256854] ? mutex_unlock+0xd/0x10 [ 1145.260883] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1145.266185] nf_setsockopt+0x67/0xc0 [ 1145.269896] ip_setsockopt+0x9b/0xb0 [ 1145.274028] tcp_setsockopt+0x84/0xd0 [ 1145.277848] sock_common_setsockopt+0x94/0xd0 [ 1145.282640] SyS_setsockopt+0x13c/0x210 [ 1145.286637] ? SyS_recv+0x40/0x40 [ 1145.291034] ? do_syscall_64+0x53/0x640 [ 1145.295007] ? SyS_recv+0x40/0x40 [ 1145.298461] do_syscall_64+0x1e8/0x640 [ 1145.302666] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1145.307521] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1145.313018] RIP: 0033:0x4472c9 [ 1145.316205] RSP: 002b:00007fe1126b2d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1145.324223] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004472c9 [ 1145.331532] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 1145.338913] RBP: 00000000006dbc40 R08: 0000000000000318 R09: 0000000000000000 [ 1145.346639] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc4c [ 1145.353958] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1145.361567] INFO: task syz-executor484:7364 blocked for more than 140 seconds. [ 1145.368944] Not tainted 4.14.170-syzkaller #0 [ 1145.374268] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1145.382279] syz-executor484 D28976 7364 7308 0x00000004 [ 1145.387914] Call Trace: [ 1145.390857] __schedule+0x7b8/0x1cd0 [ 1145.394586] ? __mutex_lock+0x737/0x1470 [ 1145.399102] ? firmware_map_remove+0x196/0x196 [ 1145.404112] schedule+0x92/0x1c0 [ 1145.407483] schedule_preempt_disabled+0x13/0x20 [ 1145.412595] __mutex_lock+0x73c/0x1470 [ 1145.416494] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.423398] ? mutex_trylock+0x1c0/0x1c0 [ 1145.427463] ? lock_acquire+0x16f/0x430 [ 1145.431689] ? find_next_bit+0x28/0x30 [ 1145.435613] mutex_lock_nested+0x16/0x20 [ 1145.440382] ? mutex_lock_nested+0x16/0x20 [ 1145.444748] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.450713] hashlimit_mt_check_v1+0x302/0x389 [ 1145.455306] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.460398] ? xt_find_match+0x3e/0x1e0 [ 1145.464536] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.469293] xt_check_match+0x254/0x530 [ 1145.473654] ? xt_check_target+0x510/0x510 [ 1145.477908] ? wait_for_completion+0x420/0x420 [ 1145.482999] ? mutex_unlock+0xd/0x10 [ 1145.486727] ? xt_find_match+0x178/0x1e0 [ 1145.491123] ? xt_request_find_match+0x4b/0xe0 [ 1145.495720] find_check_entry.isra.0+0x2f9/0x920 [ 1145.500808] ? ipt_do_table+0x1770/0x1770 [ 1145.504963] ? kfree+0x183/0x270 [ 1145.508345] ? kvfree+0x4d/0x60 [ 1145.511977] ? trace_hardirqs_on_caller+0x400/0x590 [ 1145.517006] ? trace_hardirqs_on+0xd/0x10 [ 1145.521557] translate_table+0xb3f/0x15a0 [ 1145.525720] ? __do_replace+0x5b0/0x5b0 [ 1145.529715] ? _copy_from_user+0x99/0x110 [ 1145.534234] do_ipt_set_ctl+0x268/0x3ee [ 1145.538216] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1145.543311] ? mutex_unlock+0xd/0x10 [ 1145.547041] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1145.553318] nf_setsockopt+0x67/0xc0 [ 1145.557043] ip_setsockopt+0x9b/0xb0 [ 1145.561182] tcp_setsockopt+0x84/0xd0 [ 1145.564995] sock_common_setsockopt+0x94/0xd0 [ 1145.569504] SyS_setsockopt+0x13c/0x210 [ 1145.573879] ? SyS_recv+0x40/0x40 [ 1145.577362] ? do_syscall_64+0x53/0x640 [ 1145.581720] ? SyS_recv+0x40/0x40 [ 1145.585211] do_syscall_64+0x1e8/0x640 [ 1145.589115] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1145.594314] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1145.599646] RIP: 0033:0x4472c9 [ 1145.603155] RSP: 002b:00007fe1126f4d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1145.610923] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004472c9 [ 1145.618195] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1145.625829] RBP: 00000000006dbc20 R08: 0000000000000318 R09: 0000000000000000 [ 1145.633135] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc2c [ 1145.640771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1145.648063] INFO: task syz-executor484:7372 blocked for more than 140 seconds. [ 1145.655753] Not tainted 4.14.170-syzkaller #0 [ 1145.660788] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1145.668753] syz-executor484 D28976 7372 7308 0x00000004 [ 1145.674784] Call Trace: [ 1145.677381] __schedule+0x7b8/0x1cd0 [ 1145.682144] ? __mutex_lock+0x737/0x1470 [ 1145.686226] ? firmware_map_remove+0x196/0x196 [ 1145.691175] schedule+0x92/0x1c0 [ 1145.694546] schedule_preempt_disabled+0x13/0x20 [ 1145.699307] __mutex_lock+0x73c/0x1470 [ 1145.703524] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.709330] ? mutex_trylock+0x1c0/0x1c0 [ 1145.713822] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1145.718872] mutex_lock_nested+0x16/0x20 [ 1145.723233] ? mutex_lock_nested+0x16/0x20 [ 1145.727469] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.733367] hashlimit_mt_check_v1+0x302/0x389 [ 1145.738091] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.743171] ? xt_find_match+0x3e/0x1e0 [ 1145.747287] ? hashlimit_mt_check_v2+0x390/0x390 [ 1145.752356] xt_check_match+0x254/0x530 [ 1145.756334] ? xt_check_target+0x510/0x510 [ 1145.760799] ? wait_for_completion+0x420/0x420 [ 1145.765408] ? mutex_unlock+0xd/0x10 [ 1145.769129] ? xt_find_match+0x178/0x1e0 [ 1145.773580] ? xt_request_find_match+0x4b/0xe0 [ 1145.778178] find_check_entry.isra.0+0x2f9/0x920 [ 1145.783247] ? ipt_do_table+0x1770/0x1770 [ 1145.787405] ? kfree+0x183/0x270 [ 1145.791079] ? kvfree+0x4d/0x60 [ 1145.794359] ? trace_hardirqs_on_caller+0x400/0x590 [ 1145.799581] ? trace_hardirqs_on+0xd/0x10 [ 1145.804060] translate_table+0xb3f/0x15a0 [ 1145.808336] ? __do_replace+0x5b0/0x5b0 [ 1145.813313] ? _copy_from_user+0x99/0x110 [ 1145.817473] do_ipt_set_ctl+0x268/0x3ee [ 1145.821761] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1145.826527] ? mutex_unlock+0xd/0x10 [ 1145.830555] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1145.835846] nf_setsockopt+0x67/0xc0 [ 1145.839568] ip_setsockopt+0x9b/0xb0 [ 1145.843623] tcp_setsockopt+0x84/0xd0 [ 1145.847426] sock_common_setsockopt+0x94/0xd0 [ 1145.852252] SyS_setsockopt+0x13c/0x210 [ 1145.856241] ? SyS_recv+0x40/0x40 [ 1145.859702] ? do_syscall_64+0x53/0x640 [ 1145.864055] ? SyS_recv+0x40/0x40 [ 1145.867523] do_syscall_64+0x1e8/0x640 [ 1145.871726] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1145.876593] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1145.882201] RIP: 0033:0x4472c9 [ 1145.885408] RSP: 002b:00007fe1126b2d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1145.893454] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004472c9 [ 1145.900763] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1145.908146] RBP: 00000000006dbc40 R08: 0000000000000318 R09: 0000000000000000 [ 1145.916021] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc4c [ 1145.923343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1145.931096] INFO: task syz-executor484:7361 blocked for more than 140 seconds. [ 1145.938461] Not tainted 4.14.170-syzkaller #0 [ 1145.944762] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1145.952874] syz-executor484 D28976 7361 7306 0x00000004 [ 1145.958514] Call Trace: [ 1145.961455] __schedule+0x7b8/0x1cd0 [ 1145.965286] ? __mutex_lock+0x737/0x1470 [ 1145.969468] ? firmware_map_remove+0x196/0x196 [ 1145.974409] schedule+0x92/0x1c0 [ 1145.977816] schedule_preempt_disabled+0x13/0x20 [ 1145.982926] __mutex_lock+0x73c/0x1470 [ 1145.986823] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1145.993045] ? mutex_trylock+0x1c0/0x1c0 [ 1145.997123] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1146.002518] mutex_lock_nested+0x16/0x20 [ 1146.006602] ? mutex_lock_nested+0x16/0x20 [ 1146.011163] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.016921] hashlimit_mt_check_v1+0x302/0x389 [ 1146.021849] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.026624] ? xt_find_match+0x3e/0x1e0 [ 1146.031005] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.035779] xt_check_match+0x254/0x530 [ 1146.039761] ? xt_check_target+0x510/0x510 [ 1146.044344] ? wait_for_completion+0x420/0x420 [ 1146.048949] ? mutex_unlock+0xd/0x10 [ 1146.053068] ? xt_find_match+0x178/0x1e0 [ 1146.057158] ? xt_request_find_match+0x4b/0xe0 [ 1146.062237] find_check_entry.isra.0+0x2f9/0x920 [ 1146.067012] ? ipt_do_table+0x1770/0x1770 [ 1146.072316] ? kfree+0x183/0x270 [ 1146.075694] ? kvfree+0x4d/0x60 [ 1146.078976] ? trace_hardirqs_on_caller+0x400/0x590 [ 1146.084424] ? trace_hardirqs_on+0xd/0x10 [ 1146.088601] translate_table+0xb3f/0x15a0 [ 1146.093093] ? __do_replace+0x5b0/0x5b0 [ 1146.097089] ? _copy_from_user+0x99/0x110 [ 1146.101789] do_ipt_set_ctl+0x268/0x3ee [ 1146.105771] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1146.110896] ? mutex_unlock+0xd/0x10 [ 1146.114772] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1146.120378] nf_setsockopt+0x67/0xc0 [ 1146.124114] ip_setsockopt+0x9b/0xb0 [ 1146.127841] tcp_setsockopt+0x84/0xd0 [ 1146.131993] sock_common_setsockopt+0x94/0xd0 [ 1146.136518] SyS_setsockopt+0x13c/0x210 [ 1146.140813] ? SyS_recv+0x40/0x40 [ 1146.144277] ? do_syscall_64+0x53/0x640 [ 1146.148249] ? SyS_recv+0x40/0x40 [ 1146.152191] do_syscall_64+0x1e8/0x640 [ 1146.156082] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1146.161360] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1146.166554] RIP: 0033:0x4472c9 [ 1146.169748] RSP: 002b:00007fe1126f4d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1146.177806] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004472c9 [ 1146.185159] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1146.192903] RBP: 00000000006dbc20 R08: 0000000000000318 R09: 0000000000000000 [ 1146.200871] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc2c [ 1146.208158] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1146.215818] INFO: task syz-executor484:7370 blocked for more than 140 seconds. [ 1146.223228] Not tainted 4.14.170-syzkaller #0 [ 1146.228233] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1146.236542] syz-executor484 D28392 7370 7306 0x00000004 [ 1146.242215] Call Trace: [ 1146.244818] __schedule+0x7b8/0x1cd0 [ 1146.248542] ? __mutex_lock+0x737/0x1470 [ 1146.252966] ? firmware_map_remove+0x196/0x196 [ 1146.257558] schedule+0x92/0x1c0 [ 1146.261158] schedule_preempt_disabled+0x13/0x20 [ 1146.265928] __mutex_lock+0x73c/0x1470 [ 1146.269827] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.276027] ? mutex_trylock+0x1c0/0x1c0 [ 1146.280124] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1146.285146] mutex_lock_nested+0x16/0x20 [ 1146.289241] ? mutex_lock_nested+0x16/0x20 [ 1146.293961] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.299610] hashlimit_mt_check_v1+0x302/0x389 [ 1146.305056] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.309824] ? xt_find_match+0x3e/0x1e0 [ 1146.314080] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.318856] xt_check_match+0x254/0x530 [ 1146.323153] ? xt_check_target+0x510/0x510 [ 1146.327389] ? wait_for_completion+0x420/0x420 [ 1146.333035] ? mutex_unlock+0xd/0x10 [ 1146.336785] ? xt_find_match+0x178/0x1e0 [ 1146.341197] ? xt_request_find_match+0x4b/0xe0 [ 1146.345782] find_check_entry.isra.0+0x2f9/0x920 [ 1146.350856] ? ipt_do_table+0x1770/0x1770 [ 1146.355026] ? kfree+0x183/0x270 [ 1146.358390] ? kvfree+0x4d/0x60 [ 1146.361990] ? trace_hardirqs_on_caller+0x400/0x590 [ 1146.367014] ? trace_hardirqs_on+0xd/0x10 [ 1146.371411] translate_table+0xb3f/0x15a0 [ 1146.375583] ? __do_replace+0x5b0/0x5b0 [ 1146.379556] ? _copy_from_user+0x99/0x110 [ 1146.384131] do_ipt_set_ctl+0x268/0x3ee [ 1146.388141] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1146.393237] ? mutex_unlock+0xd/0x10 [ 1146.396958] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1146.402492] nf_setsockopt+0x67/0xc0 [ 1146.406212] ip_setsockopt+0x9b/0xb0 [ 1146.410357] tcp_setsockopt+0x84/0xd0 [ 1146.414167] sock_common_setsockopt+0x94/0xd0 [ 1146.418676] SyS_setsockopt+0x13c/0x210 [ 1146.422972] ? SyS_recv+0x40/0x40 [ 1146.426434] ? do_syscall_64+0x53/0x640 [ 1146.430631] ? SyS_recv+0x40/0x40 [ 1146.434086] do_syscall_64+0x1e8/0x640 [ 1146.437990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1146.443279] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1146.448499] RIP: 0033:0x4472c9 [ 1146.451988] RSP: 002b:00007fe1126b2d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1146.459714] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004472c9 [ 1146.468001] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 1146.475344] RBP: 00000000006dbc40 R08: 0000000000000318 R09: 0000000000000000 [ 1146.482982] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc4c [ 1146.490320] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1146.497614] INFO: task syz-executor484:7362 blocked for more than 140 seconds. [ 1146.505349] Not tainted 4.14.170-syzkaller #0 [ 1146.510406] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1146.518381] syz-executor484 D28976 7362 7304 0x00000004 [ 1146.524503] Call Trace: [ 1146.527098] __schedule+0x7b8/0x1cd0 [ 1146.531068] ? __mutex_lock+0x737/0x1470 [ 1146.535146] ? firmware_map_remove+0x196/0x196 [ 1146.539736] schedule+0x92/0x1c0 [ 1146.543510] schedule_preempt_disabled+0x13/0x20 [ 1146.548391] __mutex_lock+0x73c/0x1470 [ 1146.552641] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.558456] ? mutex_trylock+0x1c0/0x1c0 [ 1146.562871] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1146.567911] mutex_lock_nested+0x16/0x20 [ 1146.572376] ? mutex_lock_nested+0x16/0x20 [ 1146.576633] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.582589] hashlimit_mt_check_v1+0x302/0x389 [ 1146.587175] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.592921] ? xt_find_match+0x3e/0x1e0 [ 1146.596918] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.602107] xt_check_match+0x254/0x530 [ 1146.606095] ? xt_check_target+0x510/0x510 [ 1146.610703] ? wait_for_completion+0x420/0x420 [ 1146.615305] ? mutex_unlock+0xd/0x10 [ 1146.619032] ? xt_find_match+0x178/0x1e0 [ 1146.623413] ? xt_request_find_match+0x4b/0xe0 [ 1146.628109] find_check_entry.isra.0+0x2f9/0x920 [ 1146.633187] ? ipt_do_table+0x1770/0x1770 [ 1146.637490] ? kfree+0x183/0x270 [ 1146.641152] ? kvfree+0x4d/0x60 [ 1146.644447] ? trace_hardirqs_on_caller+0x400/0x590 [ 1146.649510] ? trace_hardirqs_on+0xd/0x10 [ 1146.654014] translate_table+0xb3f/0x15a0 [ 1146.658205] ? __do_replace+0x5b0/0x5b0 [ 1146.662478] ? _copy_from_user+0x99/0x110 [ 1146.666639] do_ipt_set_ctl+0x268/0x3ee [ 1146.670910] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1146.675685] ? mutex_unlock+0xd/0x10 [ 1146.679400] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1146.685057] nf_setsockopt+0x67/0xc0 [ 1146.688775] ip_setsockopt+0x9b/0xb0 [ 1146.692835] tcp_setsockopt+0x84/0xd0 [ 1146.696659] sock_common_setsockopt+0x94/0xd0 [ 1146.701426] SyS_setsockopt+0x13c/0x210 [ 1146.705419] ? SyS_recv+0x40/0x40 [ 1146.708881] ? do_syscall_64+0x53/0x640 [ 1146.713234] ? SyS_recv+0x40/0x40 [ 1146.716695] do_syscall_64+0x1e8/0x640 [ 1146.721665] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1146.726626] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1146.732128] RIP: 0033:0x4472c9 [ 1146.735316] RSP: 002b:00007fe1126f4d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1146.743466] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004472c9 [ 1146.750784] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1146.758052] RBP: 00000000006dbc20 R08: 0000000000000318 R09: 0000000000000000 [ 1146.765817] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc2c [ 1146.773157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1146.780875] INFO: task syz-executor484:7374 blocked for more than 140 seconds. [ 1146.788237] Not tainted 4.14.170-syzkaller #0 [ 1146.793543] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1146.801547] syz-executor484 D28192 7374 7304 0x00000004 [ 1146.807185] Call Trace: [ 1146.809779] __schedule+0x7b8/0x1cd0 [ 1146.813916] ? __mutex_lock+0x737/0x1470 [ 1146.818000] ? firmware_map_remove+0x196/0x196 [ 1146.822906] schedule+0x92/0x1c0 [ 1146.826277] schedule_preempt_disabled+0x13/0x20 [ 1146.831496] __mutex_lock+0x73c/0x1470 [ 1146.835405] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.841616] ? mutex_trylock+0x1c0/0x1c0 [ 1146.845704] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1146.851685] mutex_lock_nested+0x16/0x20 [ 1146.855766] ? mutex_lock_nested+0x16/0x20 [ 1146.860000] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1146.865935] hashlimit_mt_check_v1+0x302/0x389 [ 1146.870795] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.875553] ? xt_find_match+0x3e/0x1e0 [ 1146.879641] ? hashlimit_mt_check_v2+0x390/0x390 [ 1146.884704] xt_check_match+0x254/0x530 [ 1146.888715] ? xt_check_target+0x510/0x510 [ 1146.893240] ? wait_for_completion+0x420/0x420 [ 1146.897840] ? mutex_unlock+0xd/0x10 [ 1146.901828] ? xt_find_match+0x178/0x1e0 [ 1146.905900] ? xt_request_find_match+0x4b/0xe0 [ 1146.910816] find_check_entry.isra.0+0x2f9/0x920 [ 1146.915603] ? ipt_do_table+0x1770/0x1770 [ 1146.919844] ? kfree+0x183/0x270 [ 1146.923517] ? kvfree+0x4d/0x60 [ 1146.926820] ? trace_hardirqs_on_caller+0x400/0x590 [ 1146.932274] ? trace_hardirqs_on+0xd/0x10 [ 1146.936442] translate_table+0xb3f/0x15a0 [ 1146.940892] ? __do_replace+0x5b0/0x5b0 [ 1146.944880] ? _copy_from_user+0x99/0x110 [ 1146.949038] do_ipt_set_ctl+0x268/0x3ee [ 1146.953398] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1146.958183] ? mutex_unlock+0xd/0x10 [ 1146.962213] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1146.967644] nf_setsockopt+0x67/0xc0 [ 1146.971684] ip_setsockopt+0x9b/0xb0 [ 1146.975412] tcp_setsockopt+0x84/0xd0 [ 1146.979225] sock_common_setsockopt+0x94/0xd0 [ 1146.984732] SyS_setsockopt+0x13c/0x210 [ 1146.988715] ? SyS_recv+0x40/0x40 [ 1146.992594] ? do_syscall_64+0x53/0x640 [ 1146.996582] ? SyS_recv+0x40/0x40 [ 1147.000340] do_syscall_64+0x1e8/0x640 [ 1147.004239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1147.009095] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1147.014743] RIP: 0033:0x4472c9 [ 1147.017931] RSP: 002b:00007fe1126b2d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1147.026044] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004472c9 [ 1147.033757] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 1147.041468] RBP: 00000000006dbc40 R08: 0000000000000318 R09: 0000000000000000 [ 1147.048779] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc4c [ 1147.056412] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1147.063853] INFO: task syz-executor484:7366 blocked for more than 140 seconds. [ 1147.071546] Not tainted 4.14.170-syzkaller #0 [ 1147.076563] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1147.084819] syz-executor484 D28392 7366 7303 0x00000004 [ 1147.090515] Call Trace: [ 1147.093106] __schedule+0x7b8/0x1cd0 [ 1147.096810] ? __mutex_lock+0x737/0x1470 [ 1147.101248] ? firmware_map_remove+0x196/0x196 [ 1147.105841] schedule+0x92/0x1c0 [ 1147.109218] schedule_preempt_disabled+0x13/0x20 [ 1147.114952] __mutex_lock+0x73c/0x1470 [ 1147.118847] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.124880] ? mutex_trylock+0x1c0/0x1c0 [ 1147.128961] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1147.134332] mutex_lock_nested+0x16/0x20 [ 1147.138395] ? mutex_lock_nested+0x16/0x20 [ 1147.143030] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.148674] hashlimit_mt_check_v1+0x302/0x389 [ 1147.153561] ? hashlimit_mt_check_v2+0x390/0x390 [ 1147.158445] ? xt_find_match+0x3e/0x1e0 [ 1147.162747] ? hashlimit_mt_check_v2+0x390/0x390 [ 1147.167513] xt_check_match+0x254/0x530 [ 1147.171744] ? xt_check_target+0x510/0x510 [ 1147.175982] ? wait_for_completion+0x420/0x420 [ 1147.181102] ? mutex_unlock+0xd/0x10 [ 1147.184819] ? xt_find_match+0x178/0x1e0 [ 1147.188918] ? xt_request_find_match+0x4b/0xe0 [ 1147.193811] find_check_entry.isra.0+0x2f9/0x920 [ 1147.198592] ? ipt_do_table+0x1770/0x1770 [ 1147.203010] ? kfree+0x183/0x270 [ 1147.206385] ? kvfree+0x4d/0x60 [ 1147.209675] ? trace_hardirqs_on_caller+0x400/0x590 [ 1147.214999] ? trace_hardirqs_on+0xd/0x10 [ 1147.219164] translate_table+0xb3f/0x15a0 [ 1147.223764] ? __do_replace+0x5b0/0x5b0 [ 1147.227760] ? _copy_from_user+0x99/0x110 [ 1147.232306] do_ipt_set_ctl+0x268/0x3ee [ 1147.236293] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1147.242002] ? mutex_unlock+0xd/0x10 [ 1147.245733] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1147.251318] nf_setsockopt+0x67/0xc0 [ 1147.255045] ip_setsockopt+0x9b/0xb0 [ 1147.258755] tcp_setsockopt+0x84/0xd0 [ 1147.262868] sock_common_setsockopt+0x94/0xd0 [ 1147.267367] SyS_setsockopt+0x13c/0x210 [ 1147.271789] ? SyS_recv+0x40/0x40 [ 1147.275258] ? do_syscall_64+0x53/0x640 [ 1147.279254] ? SyS_recv+0x40/0x40 [ 1147.283301] do_syscall_64+0x1e8/0x640 [ 1147.288504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1147.293683] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1147.298891] RIP: 0033:0x4472c9 [ 1147.302367] RSP: 002b:00007fe1126f4d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1147.310236] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004472c9 [ 1147.317511] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1147.325155] RBP: 00000000006dbc20 R08: 0000000000000318 R09: 0000000000000000 [ 1147.332473] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc2c [ 1147.339765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1147.347409] INFO: task syz-executor484:7376 blocked for more than 140 seconds. [ 1147.354842] Not tainted 4.14.170-syzkaller #0 [ 1147.359849] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1147.369185] syz-executor484 D28976 7376 7303 0x00000004 [ 1147.375554] Call Trace: [ 1147.378160] __schedule+0x7b8/0x1cd0 [ 1147.382287] ? __mutex_lock+0x737/0x1470 [ 1147.386359] ? firmware_map_remove+0x196/0x196 [ 1147.391290] schedule+0x92/0x1c0 [ 1147.394661] schedule_preempt_disabled+0x13/0x20 [ 1147.399413] __mutex_lock+0x73c/0x1470 [ 1147.403625] ? hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.409433] ? mutex_trylock+0x1c0/0x1c0 [ 1147.413849] ? pcpu_next_md_free_region+0x14c/0x2f0 [ 1147.418902] mutex_lock_nested+0x16/0x20 [ 1147.423387] ? mutex_lock_nested+0x16/0x20 [ 1147.427850] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.433803] hashlimit_mt_check_v1+0x302/0x389 [ 1147.438486] ? hashlimit_mt_check_v2+0x390/0x390 [ 1147.443595] ? xt_find_match+0x3e/0x1e0 [ 1147.447598] ? hashlimit_mt_check_v2+0x390/0x390 [ 1147.452685] xt_check_match+0x254/0x530 [ 1147.456676] ? xt_check_target+0x510/0x510 [ 1147.461285] ? wait_for_completion+0x420/0x420 [ 1147.465894] ? mutex_unlock+0xd/0x10 [ 1147.469609] ? xt_find_match+0x178/0x1e0 [ 1147.474103] ? xt_request_find_match+0x4b/0xe0 [ 1147.478704] find_check_entry.isra.0+0x2f9/0x920 [ 1147.483811] ? ipt_do_table+0x1770/0x1770 [ 1147.487974] ? kfree+0x183/0x270 [ 1147.491687] ? kvfree+0x4d/0x60 [ 1147.495087] ? trace_hardirqs_on_caller+0x400/0x590 [ 1147.501069] ? trace_hardirqs_on+0xd/0x10 [ 1147.505228] translate_table+0xb3f/0x15a0 [ 1147.509486] ? __do_replace+0x5b0/0x5b0 [ 1147.513944] ? _copy_from_user+0x99/0x110 [ 1147.518117] do_ipt_set_ctl+0x268/0x3ee [ 1147.522621] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1147.528104] ? mutex_unlock+0xd/0x10 [ 1147.532313] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1147.537606] nf_setsockopt+0x67/0xc0 [ 1147.541648] ip_setsockopt+0x9b/0xb0 [ 1147.545366] tcp_setsockopt+0x84/0xd0 [ 1147.549196] sock_common_setsockopt+0x94/0xd0 [ 1147.554068] SyS_setsockopt+0x13c/0x210 [ 1147.558070] ? SyS_recv+0x40/0x40 [ 1147.561883] ? do_syscall_64+0x53/0x640 [ 1147.565871] ? SyS_recv+0x40/0x40 [ 1147.569333] do_syscall_64+0x1e8/0x640 [ 1147.573598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1147.578459] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1147.583987] RIP: 0033:0x4472c9 [ 1147.587189] RSP: 002b:00007fe1126b2d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1147.595342] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 00000000004472c9 [ 1147.602681] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1147.609957] RBP: 00000000006dbc40 R08: 0000000000000318 R09: 0000000000000000 [ 1147.617757] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc4c [ 1147.625144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1147.633525] [ 1147.633525] Showing all locks held in the system: [ 1147.639884] 1 lock held by khungtaskd/1055: [ 1147.644330] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7f/0x21f [ 1147.653468] 2 locks held by getty/7275: [ 1147.657434] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.666173] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.675617] 2 locks held by getty/7276: [ 1147.679595] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.688356] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.697733] 2 locks held by getty/7277: [ 1147.701767] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.710498] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.719806] 2 locks held by getty/7278: [ 1147.723830] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.732597] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.741946] 2 locks held by getty/7279: [ 1147.745921] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.754796] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.764168] 2 locks held by getty/7280: [ 1147.768134] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.776896] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.786274] 2 locks held by getty/7281: [ 1147.790275] #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 [ 1147.798971] #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1e6/0x17d0 [ 1147.808334] 1 lock held by syz-executor484/7365: [ 1147.813163] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.823656] 1 lock held by syz-executor484/7368: [ 1147.828420] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.838958] 1 lock held by syz-executor484/7364: [ 1147.843762] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.854274] 1 lock held by syz-executor484/7372: [ 1147.859034] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.869678] 1 lock held by syz-executor484/7361: [ 1147.874522] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.885077] 1 lock held by syz-executor484/7370: [ 1147.889835] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.900327] 1 lock held by syz-executor484/7362: [ 1147.905078] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.916484] 1 lock held by syz-executor484/7374: [ 1147.921290] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.931777] 1 lock held by syz-executor484/7366: [ 1147.936537] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.947074] 1 lock held by syz-executor484/7376: [ 1147.951872] #0: (hashlimit_mutex){+.+.}, at: [] hashlimit_mt_check_common.isra.0+0x2b8/0x11b0 [ 1147.962363] [ 1147.964022] ============================================= [ 1147.964022] [ 1147.971797] NMI backtrace for cpu 1 [ 1147.975431] CPU: 1 PID: 1055 Comm: khungtaskd Not tainted 4.14.170-syzkaller #0 [ 1147.982882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1147.992339] Call Trace: [ 1147.995059] dump_stack+0x142/0x197 [ 1147.998687] nmi_cpu_backtrace.cold+0x57/0x94 [ 1148.003281] ? irq_force_complete_move.cold+0x7d/0x7d [ 1148.008470] nmi_trigger_cpumask_backtrace+0x141/0x189 [ 1148.013761] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1148.019029] watchdog+0x5e7/0xb90 [ 1148.022528] kthread+0x319/0x430 [ 1148.025896] ? hungtask_pm_notify+0x50/0x50 [ 1148.030226] ? kthread_create_on_node+0xd0/0xd0 [ 1148.034906] ret_from_fork+0x24/0x30 [ 1148.038826] Sending NMI from CPU 1 to CPUs 0: [ 1148.043934] NMI backtrace for cpu 0 [ 1148.043938] CPU: 0 PID: 7356 Comm: syz-executor484 Not tainted 4.14.170-syzkaller #0 [ 1148.043942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1148.043944] task: ffff88808df025c0 task.stack: ffff888071b88000 [ 1148.043947] RIP: 0010:trace_hardirqs_on_caller+0x6b/0x590 [ 1148.043949] RSP: 0018:ffff888071b8f820 EFLAGS: 00000803 [ 1148.043954] RAX: dffffc0000000000 RBX: ffff88808df025c0 RCX: 1ffffffff1067aa8 [ 1148.043957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88808df02e3c [ 1148.043959] RBP: ffff888071b8f830 R08: 0000000000000001 R09: 0000000000000001 [ 1148.043962] R10: 0000000000000000 R11: ffff88808df025c0 R12: ffffffff8138d779 [ 1148.043965] R13: dffffc0000000000 R14: ffffc90005e2c000 R15: ffffffff854f9a60 [ 1148.043969] FS: 00007fe1126f5700(0000) GS:ffff8880aec00000(0000) knlGS:0000000000000000 [ 1148.043972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1148.043975] CR2: 00007f4500005198 CR3: 000000009faeb000 CR4: 00000000001406f0 [ 1148.043978] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1148.043980] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1148.043982] Call Trace: [ 1148.043985] ? htable_selective_cleanup+0x204/0x300 [ 1148.043987] trace_hardirqs_on+0xd/0x10 [ 1148.043989] __local_bh_enable_ip+0x99/0x1a0 [ 1148.043991] _raw_spin_unlock_bh+0x31/0x40 [ 1148.043993] htable_selective_cleanup+0x204/0x300 [ 1148.043995] htable_put+0x164/0x210 [ 1148.043998] ? hashlimit_mt_destroy_v2+0x70/0x70 [ 1148.044000] hashlimit_mt_destroy_v1+0x50/0x70 [ 1148.044002] cleanup_match+0xc2/0x140 [ 1148.044004] ? icmp_checkentry+0x90/0x90 [ 1148.044006] ? xt_request_find_target+0x4b/0xe0 [ 1148.044008] find_check_entry.isra.0+0x3fe/0x920 [ 1148.044010] ? ipt_do_table+0x1770/0x1770 [ 1148.044012] ? kfree+0x183/0x270 [ 1148.044014] ? kvfree+0x4d/0x60 [ 1148.044016] translate_table+0xb3f/0x15a0 [ 1148.044018] ? __do_replace+0x5b0/0x5b0 [ 1148.044020] ? _copy_from_user+0x99/0x110 [ 1148.044022] do_ipt_set_ctl+0x268/0x3ee [ 1148.044024] ? compat_do_ipt_set_ctl+0x150/0x150 [ 1148.044026] ? mutex_unlock+0xd/0x10 [ 1148.044028] ? nf_sockopt_find.constprop.0+0x1b7/0x230 [ 1148.044030] nf_setsockopt+0x67/0xc0 [ 1148.044032] ip_setsockopt+0x9b/0xb0 [ 1148.044034] tcp_setsockopt+0x84/0xd0 [ 1148.044037] sock_common_setsockopt+0x94/0xd0 [ 1148.044039] SyS_setsockopt+0x13c/0x210 [ 1148.044040] ? SyS_recv+0x40/0x40 [ 1148.044042] ? do_syscall_64+0x53/0x640 [ 1148.044044] ? SyS_recv+0x40/0x40 [ 1148.044046] do_syscall_64+0x1e8/0x640 [ 1148.044054] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1148.044057] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1148.044058] RIP: 0033:0x4472c9 [ 1148.044061] RSP: 002b:00007fe1126f4d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1148.044069] RAX: ffffffffffffffda RBX: 00000000006dbc28 RCX: 00000000004472c9 [ 1148.044072] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 1148.044075] RBP: 00000000006dbc20 R08: 0000000000000318 R09: 0000000000000000 [ 1148.044078] R10: 0000000020000540 R11: 0000000000000246 R12: 00000000006dbc2c [ 1148.044081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000776172 [ 1148.044083] Code: 0f 84 68 02 00 00 65 48 8b 1c 25 40 ee 01 00 48 8d bb 7c 08 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19 04 00 00 [ 1148.044507] Kernel panic - not syncing: hung_task: blocked tasks [ 1148.369021] CPU: 1 PID: 1055 Comm: khungtaskd Not tainted 4.14.170-syzkaller #0 [ 1148.376487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1148.385849] Call Trace: [ 1148.388458] dump_stack+0x142/0x197 [ 1148.392100] panic+0x1f9/0x42d [ 1148.395297] ? add_taint.cold+0x16/0x16 [ 1148.399298] ? irq_force_complete_move.cold+0x7d/0x7d [ 1148.404589] watchdog+0x5f8/0xb90 [ 1148.408049] kthread+0x319/0x430 [ 1148.411426] ? hungtask_pm_notify+0x50/0x50 [ 1148.415741] ? kthread_create_on_node+0xd0/0xd0 [ 1148.420421] ret_from_fork+0x24/0x30 [ 1148.425813] Kernel Offset: disabled [ 1148.429549] Rebooting in 86400 seconds..