[ 34.625634] audit: type=1800 audit(1576529440.757:28): pid=6775 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.384766] audit: type=1800 audit(1576529441.517:29): pid=6775 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 35.406094] audit: type=1800 audit(1576529441.537:30): pid=6775 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 47.580852] IPVS: Creating netns size=2712 id=1 [ 47.585934] IPVS: ftp: loaded support on port[0] = 21 Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts. 2019/12/16 20:51:01 parsed 1 programs 2019/12/16 20:51:01 executed programs: 0 [ 55.263774] IPv6: ADDRCONF(NETDEV_CHANGE): nr0: link becomes ready [ 55.275261] IPv6: ADDRCONF(NETDEV_CHANGE): nr5: link becomes ready [ 55.282955] IPv6: ADDRCONF(NETDEV_CHANGE): nr3: link becomes ready [ 55.290930] IPv6: ADDRCONF(NETDEV_CHANGE): nr4: link becomes ready [ 55.299474] IPv6: ADDRCONF(NETDEV_CHANGE): nr2: link becomes ready [ 55.307356] IPv6: ADDRCONF(NETDEV_CHANGE): nr1: link becomes ready [ 55.325283] IPVS: Creating netns size=2712 id=2 [ 55.330034] IPVS: ftp: loaded support on port[0] = 21 [ 55.398969] IPVS: Creating netns size=2712 id=3 [ 55.403852] IPVS: ftp: loaded support on port[0] = 21 [ 55.529443] chnl_net:caif_netlink_parms(): no params data found [ 55.552343] IPVS: Creating netns size=2712 id=4 [ 55.558206] IPVS: ftp: loaded support on port[0] = 21 [ 55.760932] IPVS: Creating netns size=2712 id=5 [ 55.766463] IPVS: ftp: loaded support on port[0] = 21 [ 55.782230] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.788982] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.797794] device bridge_slave_0 entered promiscuous mode [ 55.818357] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.824812] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.834052] device bridge_slave_1 entered promiscuous mode [ 55.840570] chnl_net:caif_netlink_parms(): no params data found [ 55.921154] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 55.966691] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.139240] IPVS: Creating netns size=2712 id=6 [ 56.144131] IPVS: ftp: loaded support on port[0] = 21 [ 56.206541] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 56.214176] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.220533] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.229452] device bridge_slave_0 entered promiscuous mode [ 56.254340] chnl_net:caif_netlink_parms(): no params data found [ 56.269041] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 56.276450] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.282795] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.291735] device bridge_slave_1 entered promiscuous mode [ 56.481305] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 56.528292] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 56.536896] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 56.549660] chnl_net:caif_netlink_parms(): no params data found [ 56.575688] IPVS: Creating netns size=2712 id=7 [ 56.580519] IPVS: ftp: loaded support on port[0] = 21 [ 56.615923] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 56.686530] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.693174] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.701977] device bridge_slave_0 entered promiscuous mode [ 56.738838] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.745573] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.754701] device bridge_slave_1 entered promiscuous mode [ 56.822605] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 56.898038] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 56.912578] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.000145] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.045049] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.051705] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.060772] device bridge_slave_0 entered promiscuous mode [ 57.070039] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.115266] chnl_net:caif_netlink_parms(): no params data found [ 57.129541] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.136242] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.145328] device bridge_slave_1 entered promiscuous mode [ 57.268359] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.280015] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.305852] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.313437] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.322761] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.388995] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.573860] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 57.590363] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.596875] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.605831] device bridge_slave_0 entered promiscuous mode [ 57.621597] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 57.642541] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 57.649237] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.656582] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.666175] device bridge_slave_1 entered promiscuous mode [ 57.718938] chnl_net:caif_netlink_parms(): no params data found [ 57.733811] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.797281] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.809151] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 57.817986] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 57.830798] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 57.839471] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 57.917247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.980974] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.022473] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.031819] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.040294] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.049472] device bridge_slave_0 entered promiscuous mode [ 58.057471] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 58.078009] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.086355] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.092755] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.102243] device bridge_slave_1 entered promiscuous mode [ 58.109133] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 58.175508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.250010] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 58.279095] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.289566] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 58.301170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.310250] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.316633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.326923] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.363640] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.370801] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.379029] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.385403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.460037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.471387] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 58.487318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 58.496102] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.504463] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.520389] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.578333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.599449] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.641384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.649762] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 58.672202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.689562] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 58.719644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.726318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.735031] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.741411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.758997] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.767295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.785692] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.796435] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.814127] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.821817] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.828185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.848057] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.879325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.887616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.907910] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 58.921529] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.949702] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.974302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.000822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.014626] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.021023] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.032049] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.056190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.065254] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.071632] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.081947] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.090304] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.096682] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.104017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.133583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.141555] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.147938] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.181100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.240992] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.254725] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.271550] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.286749] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.298671] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.316143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.350276] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.366101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.398854] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.407194] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.424215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.513806] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.521792] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.528206] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.561184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.568853] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.577619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.578286] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.578341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.605726] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 59.640944] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.660340] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 59.682468] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 59.701687] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.726035] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.864428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.865135] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.865192] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.866114] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.915962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.916646] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.916700] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.994320] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 60.002739] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 60.019201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.038300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 2019/12/16 20:51:06 executed programs: 7 [ 282.513120] INFO: task login:6903 blocked for more than 140 seconds. [ 282.519655] Not tainted 4.6.0-syzkaller #0 [ 282.527554] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 282.536284] login D ffff8800b45ef968 25776 6903 1 0x00000002 [ 282.547388] ffff8800b45ef968 ffffed0000000001 ffff88012c120d90 ffff88012c120d68 [ 282.555452] ffff88012c120418 ffff8801298ca048 ffff880100000000 ffff8800b104c7c0 [ 282.563502] ffff8801298ca040 ffff8800b45e8000 ffffed00168bd001 ffff8800b45e8008 [ 282.573909] Call Trace: [ 282.576581] [] schedule+0x9a/0x1c0 [ 282.581753] [] schedule_timeout+0x457/0x670 [ 282.587791] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 282.594538] [] ? usleep_range+0x130/0x130 [ 282.600314] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 282.607104] [] ? mark_held_locks+0xc8/0x120 [ 282.613145] [] ? __ldsem_down_write_nested+0xde/0x370 [ 282.619962] [] ? _raw_spin_unlock_irq+0x27/0x80 [ 282.626271] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 282.633097] [] __ldsem_down_write_nested+0x1be/0x370 [ 282.639829] [] ? ldsem_down_write+0x2d/0x32 [ 282.645795] [] ? tty_set_lock_subclass+0x60/0x60 [ 282.652181] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 282.658973] [] ? ___might_sleep+0x331/0x440 [ 282.664947] [] ? __might_sleep+0x90/0x1a0 [ 282.670727] [] ldsem_down_write+0x2d/0x32 [ 282.676520] [] tty_ldisc_lock+0x11/0x30 [ 282.682121] [] tty_ldisc_hangup+0x173/0x540 [ 282.688123] [] __tty_hangup+0x596/0xab0 [ 282.693741] [] disassociate_ctty.part.23+0x8f/0x6c0 [ 282.700387] [] disassociate_ctty+0x6e/0x90 [ 282.706321] [] do_exit+0x18f3/0x2dc0 [ 282.711702] [] ? apparmor_file_permission+0x13/0x20 [ 282.718376] [] ? mm_update_next_owner+0x720/0x720 [ 282.724923] [] ? rw_verify_area+0xb9/0x290 [ 282.730791] [] ? vfs_write+0x2f2/0x4a0 [ 282.736325] [] ? SyS_write+0xcb/0x1a0 [ 282.741757] [] do_group_exit+0xf4/0x2f0 [ 282.747379] [] SyS_exit_group+0x18/0x20 [ 282.753000] [] entry_SYSCALL_64_fastpath+0x23/0xc1 [ 282.759601] 2 locks held by login/6903: [ 282.763571] #0: (&tty->legacy_mutex){+.+.+.}, at: [] tty_lock+0x55/0xb0 [ 282.772769] #1: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_write+0x2d/0x32 [ 282.782377] Sending NMI to all CPUs: [ 282.787323] NMI backtrace for cpu 0 [ 282.790949] CPU: 0 PID: 6813 Comm: rsyslogd Not tainted 4.6.0-syzkaller #0 [ 282.797961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.807309] task: ffff8800b44dc7c0 ti: ffff8800b4e28000 task.ti: ffff8800b4e28000 [ 282.814925] RIP: 0010:[] [] is_module_text_address+0x0/0x50 [ 282.823839] RSP: 0018:ffff8800b4e2f798 EFLAGS: 00000202 [ 282.829271] RAX: 0000000000000001 RBX: ffffffff86ff9900 RCX: ffffffff85c52ea0 [ 282.836540] RDX: 0000000000000000 RSI: ffff8800b4e2f858 RDI: ffffffff86ff9900 [ 282.843805] RBP: ffff8800b4e2f7a8 R08: ffff8800b4e2f8b0 R09: 0000000000000000 [ 282.851062] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8800b4e2f888 [ 282.858338] R13: ffff8800b4e2f858 R14: ffffffff85c52ea0 R15: ffffffff86ff9900 [ 282.865597] FS: 00007fb8be059700(0000) GS:ffff88012c000000(0000) knlGS:0000000000000000 [ 282.873811] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.879674] CR2: 00007f24f853adb8 CR3: 00000000b78f4000 CR4: 00000000001406f0 [ 282.886949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 282.894216] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 282.901469] Stack: [ 282.903623] ffffffff8139f131 0000000000000000 ffff8800b4e2f808 ffffffff811e569b [ 282.911134] ffff8800b4e2fff8 ffff8800b4e28000 ffff8800b4e2f888 ffffffffffff8000 [ 282.918661] ffff8800b4e2f8b0 ffff8800b44dc7c0 ffff8800b4e2f858 ffff8800b4e2f8b0 [ 282.926184] Call Trace: [ 282.928751] [] ? __kernel_text_address+0x61/0xa0 [ 282.935144] [] print_context_stack+0x7b/0xc0 [ 282.941179] [] dump_trace+0x11d/0x320 [ 282.946623] [] save_stack_trace+0x26/0x50 [ 282.952397] [] save_stack+0x46/0xd0 [ 282.957662] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 282.964400] [] ? __lock_acquire+0x1985/0x5560 [ 282.970525] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 282.977531] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 282.984539] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 282.991268] [] ? mark_held_locks+0xc8/0x120 [ 282.997237] [] ? kasan_unpoison_shadow+0x36/0x50 [ 283.003640] [] kasan_kmalloc+0xc9/0xe0 [ 283.009160] [] kasan_slab_alloc+0x12/0x20 [ 283.014947] [] kmem_cache_alloc_trace+0x12b/0x6b0 [ 283.021416] [] ? _raw_spin_unlock_irqrestore+0xa6/0xd0 [ 283.028342] [] do_syslog+0x47b/0x980 [ 283.033711] [] ? log_buf_kexec_setup+0x120/0x120 [ 283.040091] [] ? wake_atomic_t_function+0x210/0x210 [ 283.046748] [] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 283.053758] [] kmsg_read+0x65/0x80 [ 283.058927] [] proc_reg_read+0xbc/0x180 [ 283.064547] [] __vfs_read+0xdb/0x4e0 [ 283.069887] [] ? default_llseek+0x260/0x260 [ 283.075851] [] ? __fsnotify_update_child_dentry_flags.part.1+0x260/0x260 [ 283.084327] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 283.091145] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 283.097890] [] ? common_file_perm+0x17e/0x410 [ 283.104030] [] ? security_file_permission+0x148/0x1a0 [ 283.110854] [] ? rw_verify_area+0xb9/0x290 [ 283.116747] [] vfs_read+0xd9/0x2c0 [ 283.121920] [] SyS_read+0xcb/0x1a0 [ 283.127115] [] ? vfs_copy_file_range+0x650/0x650 [ 283.133514] [] ? trace_hardirqs_on_caller+0x44c/0x5e0 [ 283.140329] [] ? trace_hardirqs_on_thunk+0x1b/0x1d [ 283.146904] [] entry_SYSCALL_64_fastpath+0x23/0xc1 [ 283.153482] Code: e8 d6 9d ec ff 65 8b 05 af 92 b2 7e 85 c0 74 05 89 d8 5b 5d c3 e8 63 6e b1 ff 89 d8 5b 5d c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 <55> 48 89 e5 53 48 89 fb bf 01 00 00 00 e8 6e 82 ec ff 48 89 df [ 283.172486] NMI backtrace for cpu 1 [ 283.176104] CPU: 1 PID: 948 Comm: khungtaskd Not tainted 4.6.0-syzkaller #0 [ 283.183196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.192533] task: ffff8800bbb70700 ti: ffff88012b318000 task.ti: ffff88012b318000 [ 283.200152] RIP: 0010:[] [] native_write_msr_safe+0x6/0x40 [ 283.208978] RSP: 0018:ffff88012b31fc48 EFLAGS: 00000086 [ 283.214423] RAX: 0000000000000400 RBX: 0000000100000400 RCX: 0000000000000830 [ 283.221674] RDX: 0000000000000001 RSI: 0000000000000400 RDI: 0000000000000830 [ 283.228938] RBP: ffff88012b31fc60 R08: 0000000000000400 R09: 0000000000000000 [ 283.236196] R10: 0000000000000000 R11: 0000000000000001 R12: fffffbfff0eca430 [ 283.243457] R13: ffffffff876551c0 R14: 0000000000080000 R15: dffffc0000000000 [ 283.250712] FS: 0000000000000000(0000) GS:ffff88012c100000(0000) knlGS:0000000000000000 [ 283.258931] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 283.264814] CR2: 00007f988e56c008 CR3: 00000000b78f4000 CR4: 00000000001406e0 [ 283.272063] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 283.279327] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 283.286593] Stack: [ 283.288722] ffffffff81254bc0 ffff88012b31fc60 0000000000000007 ffff88012b31fcc8 [ 283.296257] ffffffff81254d7a ffff88012b31fd20 ffffffff00000010 0000000000000286 [ 283.303784] 000000022b31fcb8 0000000000000001 0000000000000001 ffffffff86ca7e80 [ 283.311297] Call Trace: [ 283.313874] [] ? __x2apic_send_IPI_dest.constprop.7+0x60/0x80 [ 283.321386] [] __x2apic_send_IPI_mask+0x19a/0x2d0 [ 283.327871] [] x2apic_send_IPI_mask+0xe/0x10 [ 283.333917] [] nmi_raise_cpu_backtrace+0x5b/0x70 [ 283.340301] [] nmi_trigger_all_cpu_backtrace+0x4d6/0x640 [ 283.347398] [] ? print_lock+0xab/0xae [ 283.352824] [] ? irq_force_complete_move+0x3e0/0x3e0 [ 283.359569] [] arch_trigger_all_cpu_backtrace+0x14/0x20 [ 283.366570] [] watchdog+0x661/0xa00 [ 283.371823] [] ? watchdog+0x109/0xa00 [ 283.377269] [] ? reset_hung_task_detector+0x10/0x10 [ 283.384029] [] kthread+0x209/0x2d0 [ 283.389200] [] ? kthread_create_on_node+0x390/0x390 [ 283.395869] [] ret_from_fork+0x22/0x50 [ 283.401385] [] ? kthread_create_on_node+0x390/0x390 [ 283.408058] Code: 5b 5d c3 48 c1 e2 20 48 89 d3 31 d2 48 09 c3 48 89 de e8 1e 62 ab 01 48 89 d8 5b 5d c3 0f 1f 84 00 00 00 00 00 89 f0 89 f9 0f 30 <31> c0 0f 1f 44 00 00 c3 41 89 f0 48 89 d6 55 89 c2 48 c1 e6 20 [ 283.427381] Kernel panic - not syncing: hung_task: blocked tasks [ 283.433518] CPU: 1 PID: 948 Comm: khungtaskd Not tainted 4.6.0-syzkaller #0 [ 283.440594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.449928] 1ffffffff0d9577e ffff88012b31fcb0 ffffffff82c4dd46 ffffffff85cc5a60 [ 283.457963] ffff88012b31fd88 00000000003fff59 dffffc0000000000 ffff88012b31fd78 [ 283.465990] ffffffff81614a3e 0000000041b58ab3 ffffffff868f56fc ffffffff8161488f [ 283.474022] Call Trace: [ 283.476592] [] dump_stack+0xe6/0x120 [ 283.481944] [] panic+0x1af/0x348 [ 283.486939] [] ? set_ti_thread_flag+0xf/0xf [ 283.492890] [] ? nmi_trigger_all_cpu_backtrace+0x3cd/0x640 [ 283.500147] [] watchdog+0x672/0xa00 [ 283.505403] [] ? watchdog+0x109/0xa00 [ 283.510833] [] ? reset_hung_task_detector+0x10/0x10 [ 283.517481] [] kthread+0x209/0x2d0 [ 283.522651] [] ? kthread_create_on_node+0x390/0x390 [ 283.529301] [] ret_from_fork+0x22/0x50 [ 283.534821] [] ? kthread_create_on_node+0x390/0x390 [ 283.546497] Kernel Offset: disabled