Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 70.343553][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 70.343572][ T26] audit: type=1800 audit(1560014780.114:33): pid=9615 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 70.374593][ T26] audit: type=1800 audit(1560014780.114:34): pid=9615 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 75.063014][ T26] audit: type=1400 audit(1560014784.834:35): avc: denied { map } for pid=9791 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts. [ 218.978145][ T26] audit: type=1400 audit(1560014928.754:36): avc: denied { map } for pid=9803 comm="syz-executor129" path="/root/syz-executor129958700" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 219.016871][ T9804] IPVS: ftp: loaded support on port[0] = 21 [ 219.079620][ T9804] chnl_net:caif_netlink_parms(): no params data found [ 219.105862][ T9804] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.114117][ T9804] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.122294][ T9804] device bridge_slave_0 entered promiscuous mode [ 219.131163][ T9804] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.138581][ T9804] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.146706][ T9804] device bridge_slave_1 entered promiscuous mode [ 219.163223][ T9804] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 219.173584][ T9804] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 219.192231][ T9804] team0: Port device team_slave_0 added [ 219.199496][ T9804] team0: Port device team_slave_1 added [ 219.246353][ T9804] device hsr_slave_0 entered promiscuous mode [ 219.284308][ T9804] device hsr_slave_1 entered promiscuous mode [ 219.362976][ T9804] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.370588][ T9804] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.378341][ T9804] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.385642][ T9804] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.420421][ T9804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.433732][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 219.445141][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.453590][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.462125][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 219.474928][ T9804] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.485480][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.493869][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.501013][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.523705][ T9804] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 219.536363][ T9804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 219.549220][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 219.558256][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.565876][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.574671][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 219.583328][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 219.591944][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 219.600840][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 219.610007][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 219.617714][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready executing program [ 219.636053][ T9804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.894218][ T1043] INFO: task syz-executor129:9804 blocked for more than 143 seconds. [ 371.902875][ T1043] Not tainted 5.2.0-rc3+ #16 [ 371.910220][ T1043] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.919541][ T1043] syz-executor129 D24064 9804 9803 0x00000000 [ 371.927309][ T1043] Call Trace: [ 371.930759][ T1043] __schedule+0x7cb/0x1560 [ 371.935829][ T1043] ? __sched_text_start+0x8/0x8 [ 371.940714][ T1043] ? _raw_spin_unlock_irq+0x28/0x90 [ 371.947125][ T1043] ? _raw_spin_unlock_irq+0x28/0x90 [ 371.952408][ T1043] ? lockdep_hardirqs_on+0x418/0x5d0 [ 371.957998][ T1043] schedule+0xa8/0x260 [ 371.962196][ T1043] rwsem_down_read_failed+0x213/0x460 [ 371.969100][ T1043] ? rwsem_down_write_failed+0xc60/0xc60 [ 371.976411][ T1043] ? __do_page_fault+0x9e9/0xda0 [ 371.985895][ T1043] down_read+0xa5/0x1e0 [ 371.990206][ T1043] __do_page_fault+0x9e9/0xda0 [ 371.996053][ T1043] ? trace_hardirqs_off_caller+0x65/0x220 [ 372.002875][ T1043] do_page_fault+0x71/0x57d [ 372.008816][ T1043] ? page_fault+0x8/0x30 [ 372.013100][ T1043] page_fault+0x1e/0x30 [ 372.017564][ T1043] RIP: 0033:0x4aeb60 [ 372.032125][ T1043] Code: Bad RIP value. [ 372.037267][ T1043] RSP: 002b:00007ffc9783bac8 EFLAGS: 00010206 [ 372.043726][ T1043] RAX: 00000000004aeb60 RBX: 0000000000000001 RCX: 00000000006e47b0 [ 372.053037][ T1043] RDX: 0000000000409e30 RSI: 0000000000000001 RDI: 00000000004d03f0 [ 372.061312][ T1043] RBP: 00007ffc9783bad0 R08: 00007ffc9783bfc9 R09: 00007ffc9783bfc9 [ 372.070868][ T1043] R10: 00007ffc9783bb50 R11: 0000000000000000 R12: 0000000000000001 [ 372.079484][ T1043] R13: 00000000006e47a0 R14: 000000000000002d R15: 0000000000000007 [ 372.090397][ T1043] [ 372.090397][ T1043] Showing all locks held in the system: [ 372.098489][ T1043] 1 lock held by khungtaskd/1043: [ 372.103538][ T1043] #0: 00000000d16f79fa (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e [ 372.114342][ T1043] 1 lock held by rsyslogd/9654: [ 372.119218][ T1043] #0: 000000003bea6959 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 372.128227][ T1043] 2 locks held by getty/9775: [ 372.132918][ T1043] #0: 000000008a87c338 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.143222][ T1043] #1: 00000000ce6c0e96 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.153272][ T1043] 2 locks held by getty/9776: [ 372.159275][ T1043] #0: 0000000020c2c156 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.169321][ T1043] #1: 0000000056419b08 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.180225][ T1043] 2 locks held by getty/9777: [ 372.185129][ T1043] #0: 000000004f534afe (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.195311][ T1043] #1: 00000000f0b1021a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.205427][ T1043] 2 locks held by getty/9778: [ 372.210289][ T1043] #0: 0000000019b5048d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.220572][ T1043] #1: 00000000199c7d4c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.230430][ T1043] 2 locks held by getty/9779: [ 372.236392][ T1043] #0: 000000002b1a05c2 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.245730][ T1043] #1: 00000000b0d9c475 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.256510][ T1043] 2 locks held by getty/9780: [ 372.261213][ T1043] #0: 000000003b2dbc1a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.270471][ T1043] #1: 00000000a0a9f8bb (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.281283][ T1043] 2 locks held by getty/9781: [ 372.286225][ T1043] #0: 00000000af78495b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 372.297213][ T1043] #1: 00000000a4053ebd (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 [ 372.307056][ T1043] 1 lock held by syz-executor129/9804: [ 372.312526][ T1043] #0: 000000006610202f (&mm->mmap_sem#2){++++}, at: __do_page_fault+0x9e9/0xda0 [ 372.322903][ T1043] 1 lock held by syz-executor129/9814: [ 372.328608][ T1043] [ 372.331038][ T1043] ============================================= [ 372.331038][ T1043] [ 372.340864][ T1043] NMI backtrace for cpu 0 [ 372.345302][ T1043] CPU: 0 PID: 1043 Comm: khungtaskd Not tainted 5.2.0-rc3+ #16 [ 372.352863][ T1043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.362956][ T1043] Call Trace: [ 372.366359][ T1043] dump_stack+0x172/0x1f0 [ 372.370725][ T1043] nmi_cpu_backtrace.cold+0x63/0xa4 [ 372.375950][ T1043] ? lapic_can_unplug_cpu.cold+0x38/0x38 [ 372.381605][ T1043] nmi_trigger_cpumask_backtrace+0x1be/0x236 [ 372.387700][ T1043] arch_trigger_cpumask_backtrace+0x14/0x20 [ 372.393643][ T1043] watchdog+0x9b7/0xec0 [ 372.397829][ T1043] kthread+0x354/0x420 [ 372.401913][ T1043] ? reset_hung_task_detector+0x30/0x30 [ 372.407480][ T1043] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 372.413747][ T1043] ret_from_fork+0x24/0x30 [ 372.418330][ T1043] Sending NMI from CPU 0 to CPUs 1: [ 372.424099][ C1] NMI backtrace for cpu 1 [ 372.424106][ C1] CPU: 1 PID: 9814 Comm: syz-executor129 Not tainted 5.2.0-rc3+ #16 [ 372.424112][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.424116][ C1] RIP: 0010:lock_release+0x1dd/0xa00 [ 372.424128][ C1] Code: d0 7c 08 84 d2 0f 85 33 06 00 00 8b 3d 00 5c 29 08 85 ff 0f 84 78 02 00 00 49 8d 80 78 08 00 00 48 89 c2 48 89 85 58 ff ff ff <48> b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 84 c0 74 08 [ 372.424132][ C1] RSP: 0018:ffff888088b47910 EFLAGS: 00000002 [ 372.424141][ C1] RAX: ffff88809f80af78 RBX: 1ffff11011168f28 RCX: 1ffffffff13017ce [ 372.424146][ C1] RDX: ffff88809f80af78 RSI: 0000000000000000 RDI: 0000000000000001 [ 372.424152][ C1] RBP: ffff888088b479c8 R08: ffff88809f80a700 R09: ffffed1012110b66 [ 372.424157][ C1] R10: ffffed1012110b65 R11: ffff888090885b2b R12: ffff88809345b8d0 [ 372.424163][ C1] R13: ffffffff8187faa7 R14: ffff88809f80a700 R15: ffff888088b479a0 [ 372.424169][ C1] FS: 00007f110c4a7700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 372.424173][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 372.424179][ C1] CR2: ffffffffff600400 CR3: 0000000094fa3000 CR4: 00000000001406e0 [ 372.424182][ C1] Call Trace: [ 372.424186][ C1] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 372.424190][ C1] ? perf_mmap+0x746/0x17f0 [ 372.424194][ C1] ? lock_downgrade+0x880/0x880 [ 372.424197][ C1] ? mutex_trylock+0x1e0/0x1e0 [ 372.424201][ C1] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 372.424205][ C1] __mutex_unlock_slowpath+0x8e/0x6b0 [ 372.424209][ C1] ? wait_for_completion+0x440/0x440 [ 372.424213][ C1] ? perf_mmap+0x7af/0x17f0 [ 372.424216][ C1] mutex_unlock+0xd/0x10 [ 372.424220][ C1] perf_mmap+0x737/0x17f0 [ 372.424223][ C1] ? perf_release+0x50/0x50 [ 372.424226][ C1] ? memset+0x32/0x40 [ 372.424230][ C1] mmap_region+0xc35/0x1760 [ 372.424234][ C1] ? __x64_sys_brk+0x760/0x760 [ 372.424238][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 372.424242][ C1] ? get_unmapped_area+0x293/0x3b0 [ 372.424246][ C1] do_mmap+0x8e2/0x1080 [ 372.424249][ C1] vm_mmap_pgoff+0x1c5/0x230 [ 372.424253][ C1] ? vma_is_stack_for_current+0xd0/0xd0 [ 372.424257][ C1] ? ksys_dup3+0x3e0/0x3e0 [ 372.424261][ C1] ksys_mmap_pgoff+0x4aa/0x630 [ 372.424265][ C1] ? find_mergeable_anon_vma+0x2e0/0x2e0 [ 372.424269][ C1] ? rcu_read_lock_sched_held+0x110/0x130 [ 372.424273][ C1] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 372.424277][ C1] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 372.424281][ C1] ? do_syscall_64+0x26/0x680 [ 372.424285][ C1] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.424289][ C1] __x64_sys_mmap+0xe9/0x1b0 [ 372.424293][ C1] do_syscall_64+0xfd/0x680 [ 372.424297][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.424300][ C1] RIP: 0033:0x448c99 [ 372.424312][ C1] Code: e8 7c 1a 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 372.424316][ C1] RSP: 002b:00007f110c4a6cd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 372.424325][ C1] RAX: ffffffffffffffda RBX: 00000000006dfc48 RCX: 0000000000448c99 [ 372.424330][ C1] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000020fff000 [ 372.424336][ C1] RBP: 00000000006dfc40 R08: 0000000000000003 R09: 0000000000000000 [ 372.424341][ C1] R10: 0002000000001011 R11: 0000000000000246 R12: 00000000006dfc4c [ 372.424346][ C1] R13: 00007ffc9783baaf R14: 00007f110c4a79c0 R15: 0000000000000000 [ 372.426403][ T1043] Kernel panic - not syncing: hung_task: blocked tasks [ 372.775344][ T1043] CPU: 0 PID: 1043 Comm: khungtaskd Not tainted 5.2.0-rc3+ #16 [ 372.783006][ T1043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.793345][ T1043] Call Trace: [ 372.796742][ T1043] dump_stack+0x172/0x1f0 [ 372.801095][ T1043] panic+0x2cb/0x744 [ 372.805001][ T1043] ? __warn_printk+0xf3/0xf3 [ 372.809603][ T1043] ? lapic_can_unplug_cpu.cold+0x38/0x38 [ 372.815342][ T1043] ? ___preempt_schedule+0x16/0x18 [ 372.820572][ T1043] ? nmi_trigger_cpumask_backtrace+0x19e/0x236 [ 372.826743][ T1043] ? nmi_trigger_cpumask_backtrace+0x1fa/0x236 [ 372.832913][ T1043] ? nmi_trigger_cpumask_backtrace+0x204/0x236 [ 372.839350][ T1043] ? nmi_trigger_cpumask_backtrace+0x19e/0x236 [ 372.845541][ T1043] watchdog+0x9c8/0xec0 [ 372.849734][ T1043] kthread+0x354/0x420 [ 372.853994][ T1043] ? reset_hung_task_detector+0x30/0x30 [ 372.859566][ T1043] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 372.865842][ T1043] ret_from_fork+0x24/0x30 [ 372.871655][ T1043] Kernel Offset: disabled [ 372.875998][ T1043] Rebooting in 86400 seconds..