[ 42.688680] audit: type=1800 audit(1560319012.103:30): pid=7837 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 47.135141] kauditd_printk_skb: 4 callbacks suppressed [ 47.135167] audit: type=1400 audit(1560319016.603:35): avc: denied { map } for pid=8010 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts. [ 968.918666] audit: type=1400 audit(1560319938.383:36): avc: denied { map } for pid=8022 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/06/12 06:12:19 parsed 1 programs [ 969.792566] audit: type=1400 audit(1560319939.253:37): avc: denied { map } for pid=8022 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=407 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 2019/06/12 06:12:21 executed programs: 0 [ 971.600724] IPVS: ftp: loaded support on port[0] = 21 [ 971.666168] chnl_net:caif_netlink_parms(): no params data found [ 971.699382] bridge0: port 1(bridge_slave_0) entered blocking state [ 971.706499] bridge0: port 1(bridge_slave_0) entered disabled state [ 971.713913] device bridge_slave_0 entered promiscuous mode [ 971.721473] bridge0: port 2(bridge_slave_1) entered blocking state [ 971.727992] bridge0: port 2(bridge_slave_1) entered disabled state [ 971.735031] device bridge_slave_1 entered promiscuous mode [ 971.751977] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 971.761586] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 971.778988] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 971.786814] team0: Port device team_slave_0 added [ 971.792354] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 971.800507] team0: Port device team_slave_1 added [ 971.805868] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 971.813134] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 971.895733] device hsr_slave_0 entered promiscuous mode [ 971.934011] device hsr_slave_1 entered promiscuous mode [ 971.974245] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 971.981293] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 971.995506] bridge0: port 2(bridge_slave_1) entered blocking state [ 972.002003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 972.009078] bridge0: port 1(bridge_slave_0) entered blocking state [ 972.015521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 972.048221] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 972.054874] 8021q: adding VLAN 0 to HW filter on device bond0 [ 972.062980] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 972.072276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 972.092397] bridge0: port 1(bridge_slave_0) entered disabled state [ 972.099938] bridge0: port 2(bridge_slave_1) entered disabled state [ 972.108315] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 972.118404] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 972.124785] 8021q: adding VLAN 0 to HW filter on device team0 [ 972.134616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 972.142526] bridge0: port 1(bridge_slave_0) entered blocking state [ 972.148951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 972.164625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 972.172338] bridge0: port 2(bridge_slave_1) entered blocking state [ 972.178819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 972.188334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 972.197254] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 972.211351] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 972.222352] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 972.233067] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 972.240984] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 972.248831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 972.256692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 972.265013] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 972.277634] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 972.289160] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 972.300841] audit: type=1400 audit(1560319941.763:38): avc: denied { associate } for pid=8039 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2033/05/18 03:33:21 executed programs: 3 2033/05/18 03:33:21 executed programs: 9 2033/05/18 03:33:21 executed programs: 15 2033/05/18 03:33:21 executed programs: 21 2033/05/18 03:33:21 executed programs: 27 2033/05/18 03:33:21 executed programs: 33 2033/05/18 03:33:21 executed programs: 39 2033/05/18 03:33:21 executed programs: 45 2033/05/18 03:33:21 executed programs: 51 2033/05/18 03:33:21 executed programs: 57 2033/05/18 03:33:21 executed programs: 63 2033/05/18 03:33:21 executed programs: 69 2033/05/18 03:33:21 executed programs: 75 2033/05/18 03:33:21 executed programs: 81 2033/05/18 03:33:21 executed programs: 87 2033/05/18 03:33:21 executed programs: 93 2033/05/18 03:33:21 executed programs: 99 2033/05/18 03:33:21 executed programs: 105 2033/05/18 03:33:21 executed programs: 111 2033/05/18 03:33:21 executed programs: 117 2033/05/18 03:33:21 executed programs: 123 2033/05/18 03:33:21 executed programs: 129 2033/05/18 03:33:21 executed programs: 135 2033/05/18 03:33:21 executed programs: 141 2033/05/18 03:33:21 executed programs: 147 2033/05/18 03:33:21 executed programs: 153 2033/05/18 03:33:21 executed programs: 159 2033/05/18 03:33:21 executed programs: 165 2033/05/18 03:33:21 executed programs: 171 2033/05/18 03:33:21 executed programs: 177 2033/05/18 03:33:21 executed programs: 183 2033/05/18 03:33:21 executed programs: 189 2033/05/18 03:33:21 executed programs: 195 2033/05/18 03:33:21 executed programs: 201 [ 1144.963758] INFO: task kworker/u4:2:30 blocked for more than 140 seconds. [ 1144.970932] Not tainted 4.19.50 #22 [ 1144.976811] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1144.985307] kworker/u4:2 D25232 30 2 0x80000000 [ 1144.991301] Workqueue: events_unbound fsnotify_mark_destroy_workfn [ 1144.999558] Call Trace: [ 1145.002385] __schedule+0x80d/0x1c70 [ 1145.006647] ? pci_mmcfg_check_reserved+0x170/0x170 [ 1145.011993] ? mark_held_locks+0x100/0x100 [ 1145.017932] schedule+0x92/0x1c0 [ 1145.021721] schedule_timeout+0x8c8/0xfc0 [ 1145.026488] ? wait_for_completion+0x294/0x440 [ 1145.031237] ? find_held_lock+0x35/0x130 [ 1145.036988] ? usleep_range+0x170/0x170 [ 1145.041103] ? mark_held_locks+0xb1/0x100 [ 1145.045788] ? _raw_spin_unlock_irq+0x28/0x90 [ 1145.050432] ? wait_for_completion+0x294/0x440 [ 1145.056783] ? _raw_spin_unlock_irq+0x28/0x90 [ 1145.061460] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1145.066839] ? trace_hardirqs_on+0x67/0x220 [ 1145.071397] ? kasan_check_read+0x11/0x20 [ 1145.077283] wait_for_completion+0x29c/0x440 [ 1145.081967] ? wait_for_completion_interruptible+0x4b0/0x4b0 [ 1145.088320] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1145.094205] ? wake_up_q+0x100/0x100 [ 1145.098089] ? __lockdep_init_map+0x10c/0x5b0 [ 1145.103396] __synchronize_srcu+0x12e/0x210 [ 1145.109618] ? call_srcu+0x10/0x10 [ 1145.114254] ? rcu_unexpedite_gp+0x20/0x20 [ 1145.122280] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1145.130172] ? ktime_get_mono_fast_ns+0x172/0x200 [ 1145.135684] synchronize_srcu+0x2dc/0x3e8 [ 1145.140015] fsnotify_mark_destroy_workfn+0x110/0x3b0 [ 1145.146977] ? __lock_is_held+0xb6/0x140 [ 1145.152449] ? fsnotify_grab_connector+0x210/0x210 [ 1145.158927] process_one_work+0x989/0x1750 [ 1145.165648] ? pwq_dec_nr_in_flight+0x320/0x320 [ 1145.170796] ? lock_acquire+0x16f/0x3f0 [ 1145.175684] ? kasan_check_write+0x14/0x20 [ 1145.182907] ? do_raw_spin_lock+0xc8/0x240 [ 1145.189012] worker_thread+0x98/0xe40 [ 1145.193027] kthread+0x354/0x420 [ 1145.196999] ? process_one_work+0x1750/0x1750 [ 1145.201685] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 1145.209247] ret_from_fork+0x24/0x30 [ 1145.214375] [ 1145.214375] Showing all locks held in the system: [ 1145.220989] 2 locks held by kworker/u4:2/30: [ 1145.227138] #0: 000000003ba326e9 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x87e/0x1750 [ 1145.238403] #1: 00000000aafd8475 ((reaper_work).work){+.+.}, at: process_one_work+0x8b4/0x1750 [ 1145.248982] 1 lock held by khungtaskd/1029: [ 1145.253455] #0: 0000000038fcbee6 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e [ 1145.262728] 3 locks held by kworker/1:2/3214: [ 1145.268964] 1 lock held by rsyslogd/7875: [ 1145.274466] #0: 0000000007ed6743 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 1145.282724] 2 locks held by getty/7997: [ 1145.288735] #0: 00000000d4a87744 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.297591] #1: 0000000088e9178c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.308407] 2 locks held by getty/7998: [ 1145.314488] #0: 000000002f4c4d6e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.322960] #1: 00000000bd667851 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.333674] 2 locks held by getty/7999: [ 1145.337967] #0: 0000000023749852 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.347985] #1: 000000003a918e80 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.357475] 2 locks held by getty/8000: [ 1145.361618] #0: 00000000635f5376 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.372688] #1: 00000000d3d77d32 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.382185] 2 locks held by getty/8001: [ 1145.387771] #0: 0000000086f21582 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.396547] #1: 00000000d69edbb8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.407120] 2 locks held by getty/8002: [ 1145.411234] #0: 0000000039da8a50 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.420188] #1: 00000000373226c4 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.430894] 2 locks held by getty/8003: [ 1145.435333] #0: 000000002750c734 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 1145.445373] #1: 0000000090184871 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b30 [ 1145.454897] 1 lock held by syz-executor.0/8854: [ 1145.459732] #0: 0000000006496e6f (&rtc->ops_lock){+.+.}, at: rtc_dev_ioctl+0xf3/0x980 [ 1145.469682] [ 1145.471450] ============================================= [ 1145.471450] [ 1145.479162] NMI backtrace for cpu 0 [ 1145.482886] CPU: 0 PID: 1029 Comm: khungtaskd Not tainted 4.19.50 #22 [ 1145.489662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.499031] Call Trace: [ 1145.501752] dump_stack+0x172/0x1f0 [ 1145.505413] nmi_cpu_backtrace.cold+0x63/0xa4 [ 1145.510043] ? lapic_can_unplug_cpu.cold+0x38/0x38 [ 1145.515004] nmi_trigger_cpumask_backtrace+0x1b0/0x1f8 [ 1145.520320] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1145.525542] watchdog+0x9df/0xee0 [ 1145.529021] kthread+0x354/0x420 [ 1145.532409] ? reset_hung_task_detector+0x30/0x30 [ 1145.537273] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 1145.542838] ret_from_fork+0x24/0x30 [ 1145.546732] Sending NMI from CPU 0 to CPUs 1: [ 1145.551881] NMI backtrace for cpu 1 [ 1145.551888] CPU: 1 PID: 3214 Comm: kworker/1:2 Not tainted 4.19.50 #22 [ 1145.551895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.551899] Workqueue: events rtc_timer_do_work [ 1145.551906] RIP: 0010:__lock_acquire+0x48b/0x48f0 [ 1145.551918] Code: 48 ba 00 00 00 00 00 fc ff df 0f b6 0c 11 48 89 fa 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 fb 2b 00 00 41 8b 96 6c 08 00 00 <49> 8d 7a 24 31 c9 85 d2 48 89 fa 0f 95 c1 c1 e3 0f 01 c1 41 c1 e4 [ 1145.551923] RSP: 0018:ffff88809bd677c0 EFLAGS: 00000046 [ 1145.551931] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 1145.551937] RDX: 0000000000000000 RSI: 1ffff110137a81e6 RDI: ffff88809bd40eac [ 1145.551943] RBP: ffff88809bd67990 R08: 0000000000000001 R09: 0000000000000003 [ 1145.551948] R10: ffff88809bd40f38 R11: 00000000000005b7 R12: 0000000000000000 [ 1145.551954] R13: 0000000000000001 R14: ffff88809bd40640 R15: ffff88809bd40f50 [ 1145.551960] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 1145.551965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1145.551971] CR2: 00007f2b68fd5330 CR3: 00000000917a1000 CR4: 00000000001406e0 [ 1145.551974] Call Trace: [ 1145.551978] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1145.551982] ? trace_hardirqs_on+0x67/0x220 [ 1145.551986] ? kasan_check_read+0x11/0x20 [ 1145.551990] ? mark_held_locks+0x100/0x100 [ 1145.551994] ? __lock_acquire+0x6eb/0x48f0 [ 1145.551998] ? retint_kernel+0x2d/0x2d [ 1145.552010] ? trace_hardirqs_on_caller+0x6a/0x220 [ 1145.552015] ? __wake_up_common_lock+0xfe/0x190 [ 1145.552019] ? find_held_lock+0x35/0x130 [ 1145.552022] lock_acquire+0x16f/0x3f0 [ 1145.552027] ? __wake_up_common_lock+0xc7/0x190 [ 1145.552031] _raw_spin_lock_irqsave+0x95/0xcd [ 1145.552035] ? __wake_up_common_lock+0xc7/0x190 [ 1145.552040] __wake_up_common_lock+0xc7/0x190 [ 1145.552044] ? __wake_up_common+0x610/0x610 [ 1145.552048] ? mark_held_locks+0xb1/0x100 [ 1145.552052] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1145.552056] ? trace_hardirqs_on+0x67/0x220 [ 1145.552060] ? kasan_check_read+0x11/0x20 [ 1145.552064] __wake_up+0xe/0x10 [ 1145.552068] rtc_handle_legacy_irq+0x8f/0xd0 [ 1145.552072] rtc_uie_update_irq+0x20/0x30 [ 1145.552076] ? rtc_aie_update_irq+0x30/0x30 [ 1145.552080] rtc_timer_do_work+0x2c8/0xef0 [ 1145.552084] ? mark_held_locks+0x100/0x100 [ 1145.552088] ? kasan_check_read+0x11/0x20 [ 1145.552092] ? process_one_work+0x890/0x1750 [ 1145.552096] ? rtc_irq_set_freq+0x3a0/0x3a0 [ 1145.552100] ? __lock_is_held+0xb6/0x140 [ 1145.552104] process_one_work+0x989/0x1750 [ 1145.552109] ? process_one_work+0x989/0x1750 [ 1145.552113] ? pwq_dec_nr_in_flight+0x320/0x320 [ 1145.552117] ? lock_acquire+0x16f/0x3f0 [ 1145.552121] ? kasan_check_write+0x14/0x20 [ 1145.552125] ? do_raw_spin_lock+0xc8/0x240 [ 1145.552129] worker_thread+0x98/0xe40 [ 1145.552133] ? trace_hardirqs_on+0x67/0x220 [ 1145.552136] kthread+0x354/0x420 [ 1145.552141] ? process_one_work+0x1750/0x1750 [ 1145.552145] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 1145.552149] ret_from_fork+0x24/0x30 [ 1145.555601] Kernel panic - not syncing: hung_task: blocked tasks [ 1145.848027] CPU: 0 PID: 1029 Comm: khungtaskd Not tainted 4.19.50 #22 [ 1145.854623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1145.863990] Call Trace: [ 1145.866605] dump_stack+0x172/0x1f0 [ 1145.870317] panic+0x263/0x507 [ 1145.873530] ? __warn_printk+0xf3/0xf3 [ 1145.877443] ? lapic_can_unplug_cpu.cold+0x38/0x38 [ 1145.882410] ? ___preempt_schedule+0x16/0x18 [ 1145.886860] ? nmi_trigger_cpumask_backtrace+0x165/0x1f8 [ 1145.892409] ? nmi_trigger_cpumask_backtrace+0x1c1/0x1f8 [ 1145.897884] ? nmi_trigger_cpumask_backtrace+0x1cb/0x1f8 [ 1145.903366] ? nmi_trigger_cpumask_backtrace+0x165/0x1f8 [ 1145.908840] watchdog+0x9f0/0xee0 [ 1145.912312] kthread+0x354/0x420 [ 1145.915694] ? reset_hung_task_detector+0x30/0x30 [ 1145.920545] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 1145.926098] ret_from_fork+0x24/0x30 [ 1145.931076] Kernel Offset: disabled [ 1145.934717] Rebooting in 86400 seconds..