[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   30.688656] kauditd_printk_skb: 9 callbacks suppressed
[   30.688669] audit: type=1800 audit(1537922759.553:33): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   30.717876] audit: type=1800 audit(1537922759.553:34): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   35.694568] audit: type=1400 audit(1537922764.553:35): avc:  denied  { map } for  pid=5522 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts.
executing program
[  390.347366] audit: type=1400 audit(1537923119.213:36): avc:  denied  { map } for  pid=5536 comm="syz-executor814" path="/root/syz-executor814259453" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  538.896309] INFO: task jbd2/sda1-8:3081 blocked for more than 140 seconds.
[  538.903659]       Not tainted 4.19.0-rc5+ #33
[  538.908992] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  538.917177] jbd2/sda1-8     D18264  3081      2 0x80000000
[  538.922846] Call Trace:
[  538.925590]  __schedule+0x86c/0x1ed0
[  538.929529]  ? __sched_text_start+0x8/0x8
[  538.933780]  ? mark_held_locks+0xc7/0x130
[  538.938111]  ? graph_lock+0x170/0x170
[  538.941973]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  538.947300]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  538.952429]  ? lockdep_hardirqs_on+0x421/0x5c0
[  538.957207]  ? trace_hardirqs_on+0xbd/0x310
[  538.961591]  ? kasan_check_read+0x11/0x20
[  538.965786]  ? prepare_to_wait+0x1b3/0x3f0
[  538.970229]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  538.975700]  ? find_held_lock+0x36/0x1c0
[  538.979957]  schedule+0xfe/0x460
[  538.983340]  ? lock_downgrade+0x900/0x900
[  538.987630]  ? __schedule+0x1ed0/0x1ed0
[  538.991625]  ? kasan_check_read+0x11/0x20
[  538.995807]  ? do_raw_spin_unlock+0xa7/0x2f0
[  539.000417]  ? do_raw_write_trylock+0x1c0/0x1c0
[  539.005110]  ? kasan_check_write+0x14/0x20
[  539.009492]  ? do_raw_spin_lock+0xc1/0x200
[  539.013827]  jbd2_journal_commit_transaction+0xd42/0x89f8
[  539.019522]  ? print_usage_bug+0xc0/0xc0
[  539.023623]  ? journal_submit_commit_record+0xb60/0xb60
[  539.029133]  ? __lock_acquire+0x7ec/0x4ec0
[  539.033383]  ? mark_held_locks+0x130/0x130
[  539.037771]  ? __update_load_avg_blocked_se+0x730/0x730
[  539.043153]  ? __update_load_avg_se+0xb90/0xb90
[  539.047983]  ? __lock_is_held+0xb5/0x140
[  539.052124]  ? update_load_avg+0x387/0x2470
[  539.056616]  ? print_usage_bug+0xc0/0xc0
[  539.060699]  ? kasan_check_write+0x14/0x20
[  539.064969]  ? native_queued_spin_lock_slowpath+0x1de/0x1120
[  539.070949]  ? __bfs+0xb0/0x7a0
[  539.074245]  ? finish_wait+0x430/0x430
[  539.078294]  ? __pv_queued_spin_lock_slowpath+0x15d0/0x15d0
[  539.084037]  ? __lock_acquire+0x7ec/0x4ec0
[  539.088417]  ? graph_lock+0x170/0x170
[  539.092243]  ? print_usage_bug+0xc0/0xc0
[  539.096451]  ? mark_held_locks+0x130/0x130
[  539.100704]  ? find_held_lock+0x36/0x1c0
[  539.104782]  ? print_usage_bug+0xc0/0xc0
[  539.109011]  ? __lock_acquire+0x7ec/0x4ec0
[  539.113338]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[  539.119303]  ? kasan_check_read+0x11/0x20
[  539.123469]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[  539.128908]  ? rcu_bh_qs+0xc0/0xc0
[  539.132490]  ? __lock_acquire+0x7ec/0x4ec0
[  539.136868]  ? mark_held_locks+0x130/0x130
[  539.141121]  ? update_curr+0x4ec/0xbe0
[  539.145015]  ? print_usage_bug+0xc0/0xc0
[  539.149254]  ? graph_lock+0x170/0x170
[  539.153068]  ? __account_cfs_rq_runtime+0x790/0x790
[  539.158265]  ? mark_held_locks+0x130/0x130
[  539.162525]  ? graph_lock+0x170/0x170
[  539.166477]  ? print_usage_bug+0xc0/0xc0
[  539.170568]  ? pick_next_task_fair+0xbad/0x17c0
[  539.175260]  ? lock_downgrade+0x900/0x900
[  539.179589]  ? graph_lock+0x170/0x170
[  539.183416]  ? print_usage_bug+0xc0/0xc0
[  539.187629]  ? lock_is_held_type+0x210/0x210
[  539.192067]  ? __lock_acquire+0x7ec/0x4ec0
[  539.196478]  ? find_held_lock+0x36/0x1c0
[  539.200576]  ? find_held_lock+0x36/0x1c0
[  539.204674]  ? __lock_acquire+0x7ec/0x4ec0
[  539.209101]  ? __lock_acquire+0x7ec/0x4ec0
[  539.213349]  ? kasan_check_read+0x11/0x20
[  539.217703]  ? finish_task_switch+0x1f5/0x900
[  539.222239]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  539.227909]  ? compat_start_thread+0x80/0x80
[  539.232343]  ? mark_held_locks+0x130/0x130
[  539.237156]  ? mark_held_locks+0x130/0x130
[  539.241410]  ? kasan_check_write+0x14/0x20
[  539.245662]  ? finish_task_switch+0x2f5/0x900
[  539.250383]  ? graph_lock+0x170/0x170
[  539.254245]  ? preempt_notifier_register+0x200/0x200
[  539.259520]  ? __switch_to_asm+0x34/0x70
[  539.263604]  ? __switch_to_asm+0x34/0x70
[  539.267853]  ? __switch_to_asm+0x34/0x70
[  539.271927]  ? __switch_to_asm+0x40/0x70
[  539.276001]  ? __switch_to_asm+0x34/0x70
[  539.280270]  ? __switch_to_asm+0x40/0x70
[  539.284351]  ? __switch_to_asm+0x34/0x70
[  539.288583]  ? __switch_to_asm+0x34/0x70
[  539.292675]  ? __switch_to_asm+0x40/0x70
[  539.296920]  ? __switch_to_asm+0x34/0x70
[  539.301008]  ? graph_lock+0x170/0x170
[  539.304824]  ? lock_acquire+0x1ed/0x520
[  539.309077]  ? lock_timer_base+0xbb/0x2b0
[  539.313256]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  539.318539]  ? find_held_lock+0x36/0x1c0
[  539.322629]  ? try_to_del_timer_sync+0xec/0x140
[  539.327481]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  539.332605]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  539.337889]  ? lockdep_hardirqs_on+0x421/0x5c0
[  539.342497]  ? trace_hardirqs_on+0xbd/0x310
[  539.347540]  ? kasan_check_read+0x11/0x20
[  539.351730]  ? try_to_del_timer_sync+0xec/0x140
[  539.356585]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  539.362064]  ? stub_timer+0x10/0x10
[  539.365702]  ? del_timer_sync+0xf8/0x270
[  539.369940]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  539.375073]  ? try_to_del_timer_sync+0xec/0x140
[  539.379903]  ? del_timer+0x150/0x150
[  539.383718]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  539.389433]  kjournald2+0x26d/0xb30
[  539.393090]  ? __bpf_trace_jbd2_end_commit+0x30/0x30
[  539.398390]  ? __kthread_parkme+0xce/0x1a0
[  539.402648]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  539.407900]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  539.413024]  ? lockdep_hardirqs_on+0x421/0x5c0
[  539.417768]  ? trace_hardirqs_on+0xbd/0x310
[  539.422109]  ? finish_wait+0x430/0x430
[  539.426010]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  539.431642]  ? kasan_check_write+0x14/0x20
[  539.435900]  ? do_raw_spin_lock+0xc1/0x200
[  539.440350]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  539.445473]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  539.451227]  ? __kthread_parkme+0xfb/0x1a0
[  539.455484]  kthread+0x35a/0x420
[  539.458997]  ? __bpf_trace_jbd2_end_commit+0x30/0x30
[  539.464117]  ? kthread_bind+0x40/0x40
[  539.468069]  ret_from_fork+0x3a/0x50
[  539.471819] INFO: task restorecond:5463 blocked for more than 140 seconds.
[  539.478972]       Not tainted 4.19.0-rc5+ #33
[  539.483477] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  539.491604] restorecond     D23512  5463      1 0x00000000
[  539.497374] Call Trace:
[  539.499989]  __schedule+0x86c/0x1ed0
[  539.503710]  ? __switch_to_asm+0x34/0x70
[  539.507926]  ? __switch_to_asm+0x40/0x70
[  539.512005]  ? __switch_to_asm+0x34/0x70
[  539.516229]  ? __sched_text_start+0x8/0x8
[  539.520399]  ? __schedule+0x874/0x1ed0
[  539.524297]  ? rwsem_spin_on_owner+0x264/0xa30
[  539.529044]  ? graph_lock+0x170/0x170
[  539.532863]  ? print_usage_bug+0xc0/0xc0
[  539.537153]  ? __sched_text_start+0x8/0x8
[  539.541328]  ? kasan_check_read+0x11/0x20
[  539.545492]  ? rcu_bh_qs+0xc0/0xc0
[  539.549212]  ? find_held_lock+0x36/0x1c0
[  539.553299]  schedule+0xfe/0x460
[  539.556825]  ? __schedule+0x1ed0/0x1ed0
[  539.560820]  ? lockdep_hardirqs_on+0x421/0x5c0
[  539.565417]  ? trace_hardirqs_on+0xbd/0x310
[  539.569914]  ? kasan_check_read+0x11/0x20
[  539.574082]  ? __rwsem_down_write_failed_common+0x8db/0x1670
[  539.580025]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  539.585491]  ? kasan_check_write+0x14/0x20
[  539.589904]  ? do_raw_spin_lock+0xc1/0x200
[  539.594164]  __rwsem_down_write_failed_common+0xbb9/0x1670
[  539.599937]  ? find_held_lock+0x36/0x1c0
[  539.604026]  ? rwsem_spin_on_owner+0xa30/0xa30
[  539.608767]  ? find_held_lock+0x36/0x1c0
[  539.612859]  ? mark_held_locks+0x130/0x130
[  539.617265]  ? rcu_bh_qs+0xc0/0xc0
[  539.620884]  ? unwind_dump+0x190/0x190
[  539.624852]  ? is_bpf_text_address+0xd3/0x170
[  539.629528]  ? kernel_text_address+0x79/0xf0
[  539.633955]  ? __kernel_text_address+0xd/0x40
[  539.638598]  ? unwind_get_return_address+0x61/0xa0
[  539.643563]  ? graph_lock+0x170/0x170
[  539.647508]  ? save_stack+0xa9/0xd0
[  539.651157]  ? graph_lock+0x170/0x170
[  539.655035]  ? kvmalloc_node+0x65/0xf0
[  539.659123]  ? graph_lock+0x170/0x170
[  539.663012]  ? do_syscall_64+0x1b9/0x820
[  539.667240]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  539.672631]  ? __lock_is_held+0xb5/0x140
[  539.676860]  ? lock_acquire+0x1ed/0x520
[  539.680916]  ? vfs_setxattr+0x96/0x100
[  539.684831]  ? lock_release+0x970/0x970
[  539.689003]  ? arch_local_save_flags+0x40/0x40
[  539.693678]  ? __might_fault+0x12b/0x1e0
[  539.697997]  rwsem_down_write_failed+0xe/0x10
[  539.702537]  ? rwsem_down_write_failed+0xe/0x10
[  539.707431]  call_rwsem_down_write_failed+0x17/0x30
[  539.712488]  down_write+0xa5/0x130
[  539.716041]  ? vfs_setxattr+0x96/0x100
[  539.720157]  ? down_read+0x1d0/0x1d0
[  539.723902]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  539.729631]  ? xattr_permission+0x261/0x310
[  539.733985]  vfs_setxattr+0x96/0x100
[  539.737953]  setxattr+0x2ea/0x450
[  539.741429]  ? vfs_setxattr+0x100/0x100
[  539.745510]  ? check_preemption_disabled+0x48/0x200
[  539.750758]  ? check_preemption_disabled+0x48/0x200
[  539.755809]  ? __lock_is_held+0xb5/0x140
[  539.760070]  ? preempt_count_add+0x7d/0x160
[  539.764418]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  539.770267]  ? __mnt_want_write+0x327/0x420
[  539.774623]  ? may_umount_tree+0x210/0x210
[  539.779029]  ? rcu_read_lock_sched_held+0x108/0x120
[  539.784066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  539.789827]  ? __sb_start_write+0x1b2/0x370
[  539.794179]  path_setxattr+0x1e3/0x230
[  539.798250]  ? setxattr+0x450/0x450
[  539.801895]  ? trace_hardirqs_on+0xbd/0x310
[  539.806382]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  539.811763]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  539.817398]  __x64_sys_lsetxattr+0xc1/0x150
[  539.821745]  do_syscall_64+0x1b9/0x820
[  539.825648]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  539.831260]  ? syscall_return_slowpath+0x5e0/0x5e0
[  539.836354]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  539.841224]  ? trace_hardirqs_on_caller+0x310/0x310
[  539.846420]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  539.851455]  ? prepare_exit_to_usermode+0x291/0x3b0
[  539.856640]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  539.861558]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  539.866904] RIP: 0033:0x7f90394afffa
[  539.870647] Code: Bad RIP value.
[  539.874016] RSP: 002b:00007ffea9e66758 EFLAGS: 00000202 ORIG_RAX: 00000000000000bd
[  539.881968] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f90394afffa
[  539.889432] RDX: 000055665ed3faf0 RSI: 00007f9039edbf69 RDI: 000055665e9a72e0
[  539.896887] RBP: 000055665e9a72e0 R08: 0000000000000000 R09: 73753a725f746365
[  539.904178] R10: 0000000000000025 R11: 0000000000000202 R12: 000055665ed97700
[  539.911703] R13: 000055665e9a83f0 R14: 00007ffea9e667a0 R15: 0000000000000000
[  539.919178] 
[  539.919178] Showing all locks held in the system:
[  539.925552] 4 locks held by kworker/u4:4/363:
[  539.930267]  #0: 0000000073bdca6d ((wq_completion)"writeback"){+.+.}, at: process_one_work+0xb43/0x1b90
[  539.940026]  #1: 00000000df09446e ((work_completion)(&(&wb->dwork)->work)){+.+.}, at: process_one_work+0xb9a/0x1b90
[  539.950849]  #2: 000000004637b529 (&type->s_umount_key#45){++++}, at: trylock_super+0x22/0x110
[  539.959846]  #3: 00000000a415550e (&sbi->s_journal_flag_rwsem){.+.+}, at: do_writepages+0x9a/0x1a0
[  539.969256] 1 lock held by khungtaskd/988:
[  539.973496]  #0: 00000000ae271898 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424
[  539.982404] 3 locks held by rs:main Q:Reg/5381:
[  539.987211]  #0: 00000000efe19302 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200
[  539.995247]  #1: 00000000a3ee7daf (sb_writers#4){.+.+}, at: vfs_write+0x42a/0x560
[  540.003217]  #2: 00000000305011bf (&sb->s_type->i_mutex_key#9){+.+.}, at: ext4_file_write_iter+0x2a1/0x1420
[  540.013388] 1 lock held by rsyslogd/5383:
[  540.017669]  #0: 00000000987001e3 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200
[  540.025706] 2 locks held by restorecond/5463:
[  540.030397]  #0: 00000000a3ee7daf (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0
[  540.038504]  #1: 0000000029e06ab6 (&sb->s_type->i_mutex_key#9){+.+.}, at: vfs_setxattr+0x96/0x100
[  540.047762] 2 locks held by getty/5505:
[  540.051745]  #0: 000000007fb8c255 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.060214]  #1: 000000006425178e (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.069415] 2 locks held by getty/5506:
[  540.073392]  #0: 000000009b7ac44b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.081851]  #1: 00000000f0a64dd1 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.090924] 2 locks held by getty/5507:
[  540.094907]  #0: 00000000c556fc2d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.103376]  #1: 00000000e6f5453a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.112427] 2 locks held by getty/5508:
[  540.116544]  #0: 000000001d81ca20 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.124839]  #1: 000000000042f33f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.133932] 2 locks held by getty/5509:
[  540.138027]  #0: 00000000393324f5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.146438]  #1: 0000000092cc7995 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.155332] 2 locks held by getty/5510:
[  540.159448]  #0: 00000000630ab07f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.167851]  #1: 00000000064b0278 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.176901] 2 locks held by getty/5511:
[  540.180884]  #0: 00000000a2bae924 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40
[  540.189314]  #1: 000000003594154b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  540.198349] 6 locks held by syz-executor814/5536:
[  540.203221] 
[  540.204866] =============================================
[  540.204866] 
[  540.212035] NMI backtrace for cpu 0
[  540.215675] CPU: 0 PID: 988 Comm: khungtaskd Not tainted 4.19.0-rc5+ #33
[  540.222517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.231871] Call Trace:
[  540.234605]  dump_stack+0x1c4/0x2b4
[  540.238246]  ? dump_stack_print_info.cold.2+0x52/0x52
[  540.243429]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.249007]  nmi_cpu_backtrace.cold.3+0x63/0xa2
[  540.253736]  ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f
[  540.258944]  nmi_trigger_cpumask_backtrace+0x1b3/0x1ed
[  540.264233]  arch_trigger_cpumask_backtrace+0x14/0x20
[  540.269432]  watchdog+0xb3e/0x1050
[  540.273001]  ? reset_hung_task_detector+0xd0/0xd0
[  540.277863]  ? __kthread_parkme+0xce/0x1a0
[  540.282110]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  540.287224]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  540.292339]  ? lockdep_hardirqs_on+0x421/0x5c0
[  540.296934]  ? trace_hardirqs_on+0xbd/0x310
[  540.301263]  ? kasan_check_read+0x11/0x20
[  540.305420]  ? __kthread_parkme+0xce/0x1a0
[  540.309678]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  540.315138]  ? kasan_check_write+0x14/0x20
[  540.319388]  ? do_raw_spin_lock+0xc1/0x200
[  540.323639]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  540.328753]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  540.334297]  ? __kthread_parkme+0xfb/0x1a0
[  540.338546]  kthread+0x35a/0x420
[  540.341920]  ? reset_hung_task_detector+0xd0/0xd0
[  540.346772]  ? kthread_bind+0x40/0x40
[  540.350593]  ret_from_fork+0x3a/0x50
[  540.354429] Sending NMI from CPU 0 to CPUs 1:
[  540.360377] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.239 msecs
[  540.360997] NMI backtrace for cpu 1
[  540.361005] CPU: 1 PID: 5536 Comm: syz-executor814 Not tainted 4.19.0-rc5+ #33
[  540.361014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.361020] RIP: 0010:__sanitizer_cov_trace_pc+0x4c/0x50
[  540.361034] Code: d0 12 00 00 83 fa 02 75 20 48 8b 88 d8 12 00 00 8b 80 d4 12 00 00 48 8b 11 48 83 c2 01 48 39 d0 76 07 48 89 34 d1 48 89 11 5d <c3> 0f 1f 00 55 40 0f b6 d6 40 0f b6 f7 31 ff 48 89 e5 48 8b 4d 08
[  540.361039] RSP: 0018:ffff8801d20ef148 EFLAGS: 00000293
[  540.361050] RAX: ffff8801c4ce05c0 RBX: ffff8801ba71a600 RCX: ffffffff8211649c
[  540.361056] RDX: 0000000000000000 RSI: ffffffff821165a8 RDI: 0000000000000003
[  540.361063] RBP: ffff8801d20ef1b0 R08: ffff8801c4ce05c0 R09: 1ffffffff12f45ed
[  540.361069] R10: ffffed003b5a4732 R11: ffff8801dad23993 R12: ffff8801b239e24c
[  540.361076] R13: ffff8801b239e258 R14: ffff8801b239e24c R15: ffff8801ba71a600
[  540.361083] FS:  00000000024de880(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000
[  540.361089] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  540.361095] CR2: ffffffffff600400 CR3: 00000001c3204000 CR4: 00000000001406e0
[  540.361099] Call Trace:
[  540.361104]  ? ext4_find_extent+0x5f8/0x9b0
[  540.361109]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  540.361114]  mext_check_coverage.constprop.13+0x2b0/0x510
[  540.361119]  ? mext_page_mkuptodate+0x12b0/0x12b0
[  540.361124]  ext4_move_extents+0x2784/0x3c20
[  540.361129]  ? ext4_double_up_write_data_sem+0x30/0x30
[  540.361133]  ? save_stack+0xa9/0xd0
[  540.361138]  ? save_stack+0x43/0xd0
[  540.361142]  ? __kasan_slab_free+0x102/0x150
[  540.361147]  ? kasan_slab_free+0xe/0x10
[  540.361151]  ? kmem_cache_free+0x83/0x290
[  540.361156]  ? print_usage_bug+0xc0/0xc0
[  540.361160]  ? ext4_fallocate+0xa33/0x2300
[  540.361165]  ? vfs_fallocate+0x4b4/0x940
[  540.361170]  ? ksys_fallocate+0x56/0x90
[  540.361174]  ? __lock_acquire+0x7ec/0x4ec0
[  540.361179]  ? do_raw_spin_unlock+0xa7/0x2f0
[  540.361184]  ? trace_hardirqs_on+0x310/0x310
[  540.361188]  ? kasan_check_write+0x14/0x20
[  540.361200]  ? mark_held_locks+0x130/0x130
[  540.361205]  ? graph_lock+0x170/0x170
[  540.361210]  ? print_usage_bug+0xc0/0xc0
[  540.361214]  ? print_usage_bug+0xc0/0xc0
[  540.361218]  ? graph_lock+0x170/0x170
[  540.361224]  ? check_preemption_disabled+0x48/0x200
[  540.361229]  ? check_preemption_disabled+0x48/0x200
[  540.361233]  ? __lock_is_held+0xb5/0x140
[  540.361238]  ? rcu_read_lock_sched_held+0x108/0x120
[  540.361243]  ? preempt_count_add+0x7d/0x160
[  540.361248]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.361253]  ? __mnt_want_write_file+0xa2/0xc0
[  540.361258]  ext4_ioctl+0x3154/0x4210
[  540.361262]  ? ext4_ioctl_group_add+0x560/0x560
[  540.361268]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[  540.361273]  ? kasan_check_read+0x11/0x20
[  540.361278]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[  540.361282]  ? rcu_bh_qs+0xc0/0xc0
[  540.361288]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.361293]  ? avc_has_extended_perms+0xab2/0x15a0
[  540.361297]  ? avc_ss_reset+0x190/0x190
[  540.361302]  ? find_held_lock+0x36/0x1c0
[  540.361306]  ? dput.part.26+0x241/0x790
[  540.361311]  ? kasan_check_read+0x11/0x20
[  540.361315]  ? ___might_sleep+0x1ed/0x300
[  540.361319]  ? rcu_bh_qs+0xc0/0xc0
[  540.361324]  ? arch_local_save_flags+0x40/0x40
[  540.361329]  ? kasan_check_write+0x14/0x20
[  540.361333]  ? do_raw_spin_lock+0xc1/0x200
[  540.361338]  ? ext4_ioctl_group_add+0x560/0x560
[  540.361343]  do_vfs_ioctl+0x1de/0x1720
[  540.361347]  ? ioctl_preallocate+0x300/0x300
[  540.361352]  ? selinux_file_mprotect+0x620/0x620
[  540.361358]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.361362]  ? do_syscall_64+0x9a/0x820
[  540.361368]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.361372]  ? security_file_ioctl+0x94/0xc0
[  540.361376]  ksys_ioctl+0xa9/0xd0
[  540.361381]  __x64_sys_ioctl+0x73/0xb0
[  540.361385]  do_syscall_64+0x1b9/0x820
[  540.361391]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  540.361396]  ? syscall_return_slowpath+0x5e0/0x5e0
[  540.361401]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  540.361405]  ? trace_hardirqs_on_caller+0x310/0x310
[  540.361410]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  540.361415]  ? prepare_exit_to_usermode+0x291/0x3b0
[  540.361421]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  540.361426]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  540.361430] RIP: 0033:0x440169
[  540.361444] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  540.361449] RSP: 002b:00007ffd53fc8248 EFLAGS: 00000217 ORIG_RAX: 0000000000000010
[  540.361470] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440169
[  540.361477] RDX: 0000000020000040 RSI: 00000000c028660f RDI: 0000000000000003
[  540.361484] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
[  540.361490] R10: 00000000004002c8 R11: 0000000000000217 R12: 00000000004019f0
[  540.361497] R13: 0000000000401a80 R14: 0000000000000000 R15: 0000000000000000
[  540.362959] Kernel panic - not syncing: hung_task: blocked tasks
[  540.850463] CPU: 0 PID: 988 Comm: khungtaskd Not tainted 4.19.0-rc5+ #33
[  540.857313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.866666] Call Trace:
[  540.869268]  dump_stack+0x1c4/0x2b4
[  540.872907]  ? dump_stack_print_info.cold.2+0x52/0x52
[  540.878190]  panic+0x238/0x4e7
[  540.881401]  ? add_taint.cold.5+0x16/0x16
[  540.885568]  ? nmi_trigger_cpumask_backtrace+0x16a/0x1ed
[  540.891026]  ? nmi_trigger_cpumask_backtrace+0x1c4/0x1ed
[  540.896502]  ? nmi_trigger_cpumask_backtrace+0x173/0x1ed
[  540.901964]  ? nmi_trigger_cpumask_backtrace+0x16a/0x1ed
[  540.907429]  watchdog+0xb4f/0x1050
[  540.910998]  ? reset_hung_task_detector+0xd0/0xd0
[  540.915858]  ? __kthread_parkme+0xce/0x1a0
[  540.920115]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  540.925230]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  540.930344]  ? lockdep_hardirqs_on+0x421/0x5c0
[  540.934935]  ? trace_hardirqs_on+0xbd/0x310
[  540.939261]  ? kasan_check_read+0x11/0x20
[  540.943419]  ? __kthread_parkme+0xce/0x1a0
[  540.947667]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  540.953133]  ? kasan_check_write+0x14/0x20
[  540.957379]  ? do_raw_spin_lock+0xc1/0x200
[  540.961630]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  540.966744]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  540.972297]  ? __kthread_parkme+0xfb/0x1a0
[  540.976558]  kthread+0x35a/0x420
[  540.979933]  ? reset_hung_task_detector+0xd0/0xd0
[  540.984800]  ? kthread_bind+0x40/0x40
[  540.988620]  ret_from_fork+0x3a/0x50
[  540.993633] Kernel Offset: disabled
[  540.997268] Rebooting in 86400 seconds..