syzkaller login: [ 35.586663] kauditd_printk_skb: 9 callbacks suppressed [ 35.586668] audit: type=1400 audit(1584061742.118:35): avc: denied { map } for pid=6991 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 41.966945] audit: type=1400 audit(1584061748.498:36): avc: denied { map } for pid=7002 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16480 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 44.167976] IPVS: ftp: loaded support on port[0] = 21 [ 44.605855] can: request_module (can-proto-0) failed. [ 45.578292] can: request_module (can-proto-0) failed. [ 45.749622] audit: type=1400 audit(1584061752.288:37): avc: denied { create } for pid=7002 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 45.773381] audit: type=1400 audit(1584061752.288:38): avc: denied { create } for pid=7002 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 45.796993] audit: type=1400 audit(1584061752.288:39): avc: denied { create } for pid=7002 comm="syz-fuzzer" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Warning: Permanently added '10.128.0.75' (ECDSA) to the list of known hosts. 2020/03/13 01:09:19 parsed 1 programs 2020/03/13 01:09:20 executed programs: 0 [ 54.115492] IPVS: ftp: loaded support on port[0] = 21 [ 54.118477] IPVS: ftp: loaded support on port[0] = 21 [ 54.131904] IPVS: ftp: loaded support on port[0] = 21 [ 54.139110] IPVS: ftp: loaded support on port[0] = 21 [ 54.149290] IPVS: ftp: loaded support on port[0] = 21 [ 54.168096] IPVS: ftp: loaded support on port[0] = 21 [ 54.328303] chnl_net:caif_netlink_parms(): no params data found [ 54.392032] chnl_net:caif_netlink_parms(): no params data found [ 54.425275] chnl_net:caif_netlink_parms(): no params data found [ 54.436361] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.443594] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.450848] device bridge_slave_0 entered promiscuous mode [ 54.489911] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.496464] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.503691] device bridge_slave_1 entered promiscuous mode [ 54.530499] chnl_net:caif_netlink_parms(): no params data found [ 54.559273] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.565714] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.573008] device bridge_slave_0 entered promiscuous mode [ 54.582513] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.589059] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.596159] device bridge_slave_1 entered promiscuous mode [ 54.614509] chnl_net:caif_netlink_parms(): no params data found [ 54.623717] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.630128] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.637264] device bridge_slave_0 entered promiscuous mode [ 54.649997] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.660361] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.672217] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.678726] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.685647] device bridge_slave_1 entered promiscuous mode [ 54.701865] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.710944] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.743900] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.755987] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.782645] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.790289] team0: Port device team_slave_0 added [ 54.803326] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.809749] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.816643] device bridge_slave_0 entered promiscuous mode [ 54.826788] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.833143] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.840379] device bridge_slave_1 entered promiscuous mode [ 54.861398] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.869162] team0: Port device team_slave_1 added [ 54.874622] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.881867] team0: Port device team_slave_0 added [ 54.890991] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.898552] team0: Port device team_slave_1 added [ 54.903619] chnl_net:caif_netlink_parms(): no params data found [ 54.912146] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.921384] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.929472] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.935815] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.943393] device bridge_slave_0 entered promiscuous mode [ 54.950267] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.960025] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.967615] team0: Port device team_slave_0 added [ 54.972780] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.984194] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.994685] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.003600] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.010678] device bridge_slave_1 entered promiscuous mode [ 55.016995] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.029605] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 55.036872] team0: Port device team_slave_1 added [ 55.044705] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.055866] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.101781] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 55.109009] team0: Port device team_slave_0 added [ 55.115122] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 55.158543] device hsr_slave_0 entered promiscuous mode [ 55.197102] device hsr_slave_1 entered promiscuous mode [ 55.237473] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.244232] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.250765] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.257955] device bridge_slave_0 entered promiscuous mode [ 55.298439] device hsr_slave_0 entered promiscuous mode [ 55.357104] device hsr_slave_1 entered promiscuous mode [ 55.417418] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 55.424734] team0: Port device team_slave_1 added [ 55.430896] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 55.478749] device hsr_slave_0 entered promiscuous mode [ 55.517138] device hsr_slave_1 entered promiscuous mode [ 55.557421] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.564552] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.575183] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.582567] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.590116] device bridge_slave_1 entered promiscuous mode [ 55.601156] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.608646] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.616517] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.633055] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.641278] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.670723] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 55.678439] team0: Port device team_slave_0 added [ 55.686023] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 55.693631] team0: Port device team_slave_1 added [ 55.748533] device hsr_slave_0 entered promiscuous mode [ 55.787140] device hsr_slave_1 entered promiscuous mode [ 55.827622] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 55.835851] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 55.844450] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.858311] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 55.866153] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.880049] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 55.892556] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.901707] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.958849] device hsr_slave_0 entered promiscuous mode [ 56.008144] device hsr_slave_1 entered promiscuous mode [ 56.094116] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.101978] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 56.109799] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 56.118786] team0: Port device team_slave_0 added [ 56.125141] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 56.133263] team0: Port device team_slave_1 added [ 56.140913] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.151805] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 56.159647] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 56.191438] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 56.224138] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.239434] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.278560] device hsr_slave_0 entered promiscuous mode [ 56.337122] device hsr_slave_1 entered promiscuous mode [ 56.379131] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 56.386456] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 56.400208] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.421976] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.429557] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.438386] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.451133] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.462474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.471185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.480487] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 56.487591] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.498414] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.515780] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.523499] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.532153] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 56.538634] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.550269] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 56.560567] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 56.573738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.580663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.589443] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.598502] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.605843] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.614532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 56.623052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.630801] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.637746] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.645511] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.654268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 56.663858] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 56.678761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.687061] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 56.694905] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.703602] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.713690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.722193] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.728617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.735949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 56.744693] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.752457] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.758985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.769770] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 56.781884] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 56.791310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.800823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 56.810503] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 56.820964] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 56.830189] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.840563] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 56.852220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.860156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.867443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.874308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 56.884350] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 56.894509] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 56.900937] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.913317] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 56.921570] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 56.928174] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.939783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.947747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 56.955452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.963715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.970866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.980058] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 56.991163] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.002332] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 57.010451] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.018319] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.025322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.033593] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.041345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.049399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.057178] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.063723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.070676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.078789] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.089398] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 57.104863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.112973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.120697] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.130999] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 57.144149] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 57.151351] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.161321] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.172803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.179293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.187433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.195106] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.201488] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.209177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.217087] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.224754] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.231158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.238350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.251372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.258512] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 57.267184] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 57.276561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.285378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.293376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.302627] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 57.310912] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 57.320037] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 57.326104] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.338753] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.345308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.353263] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.362056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.370054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.378152] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.384493] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.394101] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.402398] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 57.411408] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 57.423469] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 57.432299] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.443217] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 57.449467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.460000] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.468297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.476028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.483866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.492051] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.501264] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 57.507631] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.515963] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 57.525903] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 57.538817] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.547938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.554796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.562367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.571898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.580522] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.588407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.595272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.603455] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 57.614770] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 57.623491] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 57.632454] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 57.639449] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.646038] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.653244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.662320] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.670605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.678500] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.686316] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.698343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.705496] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.714463] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 57.722713] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 57.733929] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 57.742579] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.750904] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.759438] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.765764] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.772685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.780500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.788309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.795970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.803773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.817552] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 57.825433] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 57.838605] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 57.849956] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 57.850593] audit: type=1400 audit(1584061764.388:40): avc: denied { associate } for pid=7104 comm="syz-executor.5" name="syz5" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 57.882930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.898045] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.905789] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.912376] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.919770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.928072] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.935882] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.942316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.949537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.957873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.965304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.973062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.980670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.988740] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 57.994792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.007287] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 58.014917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.026726] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 58.034954] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 58.046257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.054692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.066722] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.073134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.082738] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.090680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.101485] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.113724] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 58.124427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.134497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 58.142847] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.155108] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 58.162911] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 58.169871] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.177718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.186223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.194919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.203191] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.214376] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.229322] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.235840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.244665] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.269196] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 58.279677] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 58.293331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.301711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.310188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.320612] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 58.338657] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 58.345538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.363176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.374373] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 58.388697] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 58.395486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.406193] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.414849] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.426149] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 58.438818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.451120] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 58.458432] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.471548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.479728] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.490125] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 58.505586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.517628] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.541459] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.553557] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 58.561812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.570221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.600189] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 58.607377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.627605] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 58.662008] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 211.627007] INFO: task syz-executor.5:7120 blocked for more than 140 seconds. [ 211.634493] Not tainted 4.19.109-syzkaller #0 [ 211.639564] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 211.647572] syz-executor.5 D27336 7120 7104 0x00000004 [ 211.653191] Call Trace: [ 211.655766] __schedule+0x78c/0x1c10 [ 211.659541] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 211.664732] ? pci_mmcfg_check_reserved+0x120/0x120 [ 211.669819] ? autoremove_wake_function+0x160/0x160 [ 211.674841] schedule+0x7f/0x1b0 [ 211.678271] request_wait_answer+0x2fe/0x620 [ 211.682674] ? fuse_copy_one+0x130/0x130 [ 211.686920] ? lock_downgrade+0x860/0x860 [ 211.691120] ? finish_wait+0x290/0x290 [ 211.695006] ? do_raw_spin_unlock+0x177/0x260 [ 211.699621] __fuse_request_send+0xff/0x190 [ 211.703955] fuse_request_send+0x41/0x80 [ 211.708116] fuse_simple_request+0x2b4/0x610 [ 211.713499] fuse_lookup_name+0x244/0x590 [ 211.717734] ? fuse_create+0x10/0x10 [ 211.721568] ? mutex_lock_nested+0x16/0x20 [ 211.725790] fuse_lookup+0xf3/0x3b0 [ 211.730383] ? fuse_lookup_name+0x590/0x590 [ 211.734818] ? __d_lookup_rcu+0x8a0/0x8a0 [ 211.739389] ? __lockdep_init_map+0x105/0x590 [ 211.744088] __lookup_slow+0x216/0x400 [ 211.748381] ? vfs_unlink+0x450/0x450 [ 211.752188] lookup_slow+0x51/0x70 [ 211.755722] walk_component+0x694/0x2320 [ 211.759844] ? security_inode_permission+0x73/0xb0 [ 211.764961] ? path_init+0x1550/0x1550 [ 211.768892] ? link_path_walk.part.40+0x16d/0x1550 [ 211.773971] ? path_init+0xefe/0x1550 [ 211.777841] ? trace_hardirqs_on+0x28/0x190 [ 211.782160] ? walk_component+0x2320/0x2320 [ 211.786565] ? save_stack+0x43/0xd0 [ 211.790378] ? kasan_kmalloc+0xc7/0xe0 [ 211.794277] ? kasan_slab_alloc+0x12/0x20 [ 211.798479] path_lookupat.isra.43+0x180/0x850 [ 211.803056] ? path_parentat.isra.41+0x100/0x100 [ 211.807867] ? find_held_lock+0x36/0x1d0 [ 211.812042] filename_lookup.part.57+0x160/0x360 [ 211.816946] ? filename_parentat.isra.55.part.56+0x400/0x400 [ 211.822753] ? rcu_read_lock_sched_held+0x108/0x120 [ 211.827831] ? strncpy_from_user+0x80/0x260 [ 211.832161] ? getname_flags+0xf6/0x520 [ 211.836117] user_path_at_empty+0x39/0x40 [ 211.840317] vfs_statx+0xbe/0x150 [ 211.843767] ? vfs_statx_fd+0x90/0x90 [ 211.848713] ? kasan_check_read+0x11/0x20 [ 211.852891] __do_sys_newstat+0x85/0xe0 [ 211.856916] ? cp_new_stat+0x5b0/0x5b0 [ 211.860818] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 211.865579] ? do_syscall_64+0x21/0x4e0 [ 211.869606] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.875010] ? lockdep_hardirqs_on+0x421/0x5c0 [ 211.879669] ? do_syscall_64+0x21/0x4e0 [ 211.883685] __x64_sys_newstat+0x4f/0x70 [ 211.887846] do_syscall_64+0xd0/0x4e0 [ 211.891735] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 211.896990] RIP: 0033:0x4592c9 [ 211.900185] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 211.919144] RSP: 002b:00007fa6bcd3fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 211.926909] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004592c9 [ 211.934214] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000580 [ 211.941651] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 211.949090] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6bcd406d4 [ 211.956364] R13: 00000000004e52fb R14: 00000000004de648 R15: 00000000ffffffff [ 211.963779] INFO: task syz-executor.5:7121 blocked for more than 140 seconds. [ 211.971228] Not tainted 4.19.109-syzkaller #0 [ 211.976248] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 211.984290] syz-executor.5 D28616 7121 7104 0x00000004 [ 211.990097] Call Trace: [ 211.992676] __schedule+0x78c/0x1c10 [ 211.996375] ? pci_mmcfg_check_reserved+0x120/0x120 [ 212.001524] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 212.006513] ? lockdep_hardirqs_on+0x421/0x5c0 [ 212.011301] ? _raw_spin_unlock_irq+0x27/0x80 [ 212.015799] schedule+0x7f/0x1b0 [ 212.019272] rwsem_down_write_failed+0x5c6/0xbf0 [ 212.024110] ? rwsem_down_read_failed_killable+0x550/0x550 [ 212.029882] call_rwsem_down_write_failed+0x17/0x30 [ 212.034910] ? call_rwsem_down_write_failed+0x17/0x30 [ 212.040156] ? __lock_acquire+0x2631/0x4980 [ 212.044482] down_write+0x53/0x90 [ 212.048855] ? fuse_reverse_inval_entry+0x9a/0x5d0 [ 212.053790] fuse_reverse_inval_entry+0x9a/0x5d0 [ 212.058600] ? lock_acquire+0x1f1/0x3d0 [ 212.062569] ? fuse_update_attributes+0xa0/0xa0 [ 212.067289] fuse_dev_do_write+0xb7d/0x2350 [ 212.071640] ? fuse_dev_read+0x1b0/0x1b0 [ 212.075698] ? futex_wait_setup+0x310/0x310 [ 212.080056] ? fuse_dev_do_read.isra.28+0x13c8/0x1c10 [ 212.085271] ? memset+0x31/0x40 [ 212.088594] fuse_dev_write+0x12a/0x1b0 [ 212.092566] ? fuse_dev_splice_write+0xa20/0xa20 [ 212.097378] __vfs_write+0x443/0x890 [ 212.101087] ? kernel_read+0x130/0x130 [ 212.104962] ? selinux_file_permission+0x326/0x3f0 [ 212.109938] ? rw_verify_area+0xb8/0x2b0 [ 212.114002] vfs_write+0x150/0x4d0 [ 212.117572] ksys_write+0x103/0x260 [ 212.121188] ? __ia32_sys_read+0xa0/0xa0 [ 212.125227] ? do_syscall_64+0x21/0x4e0 [ 212.129305] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.134687] __x64_sys_write+0x6e/0xb0 [ 212.138739] do_syscall_64+0xd0/0x4e0 [ 212.142586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.147850] RIP: 0033:0x4592c9 [ 212.151056] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 212.170004] RSP: 002b:00007fa6bcd1ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 212.177769] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9 [ 212.185034] RDX: 000000000000002e RSI: 0000000020000000 RDI: 0000000000000003 [ 212.192433] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 212.199733] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6bcd1f6d4 [ 212.207049] R13: 00000000004c8aa3 R14: 00000000004df6e0 R15: 00000000ffffffff [ 212.214326] INFO: task syz-executor.5:7122 blocked for more than 140 seconds. [ 212.221637] Not tainted 4.19.109-syzkaller #0 [ 212.226639] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 212.234674] syz-executor.5 D28824 7122 7104 0x00000004 [ 212.240488] Call Trace: [ 212.243078] __schedule+0x78c/0x1c10 [ 212.246840] ? pci_mmcfg_check_reserved+0x120/0x120 [ 212.251954] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 212.256945] ? lockdep_hardirqs_on+0x421/0x5c0 [ 212.261528] ? _raw_spin_unlock_irq+0x27/0x80 [ 212.266016] schedule+0x7f/0x1b0 [ 212.269513] rwsem_down_write_failed+0x5c6/0xbf0 [ 212.274290] ? rwsem_down_read_failed_killable+0x550/0x550 [ 212.279989] ? avc_has_perm_noaudit+0x460/0x460 [ 212.284660] ? mark_held_locks+0x130/0x130 [ 212.288948] ? find_held_lock+0x36/0x1d0 [ 212.293006] call_rwsem_down_write_failed+0x17/0x30 [ 212.298050] ? call_rwsem_down_write_failed+0x17/0x30 [ 212.303232] down_write+0x53/0x90 [ 212.306667] ? lock_mount+0x82/0x290 [ 212.310407] lock_mount+0x82/0x290 [ 212.313938] do_add_mount+0x22/0x310 [ 212.317687] do_mount+0x1290/0x2410 [ 212.321649] ? __might_fault+0xf1/0x1b0 [ 212.325612] ? lock_downgrade+0x860/0x860 [ 212.329788] ? copy_mount_string+0x20/0x20 [ 212.334019] ? kasan_check_write+0x14/0x20 [ 212.338278] ? _copy_from_user+0x9c/0xd0 [ 212.342342] ? memdup_user+0x4a/0x80 [ 212.346048] ksys_mount+0xba/0xe0 [ 212.349718] __x64_sys_mount+0xb9/0x150 [ 212.353759] do_syscall_64+0xd0/0x4e0 [ 212.357631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.362828] RIP: 0033:0x4592c9 [ 212.366003] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 212.384980] RSP: 002b:00007fa6bccfdc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 212.392825] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 [ 212.400171] RDX: 0000000020000000 RSI: 0000000020000180 RDI: 0000000000000000 [ 212.407634] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 212.414904] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa6bccfe6d4 [ 212.422228] R13: 00000000004c570b R14: 00000000004d9aa0 R15: 00000000ffffffff [ 212.429568] INFO: task syz-executor.5:7148 blocked for more than 140 seconds. [ 212.436977] Not tainted 4.19.109-syzkaller #0 [ 212.441992] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 212.449996] syz-executor.5 D27960 7148 7104 0x00000004 [ 212.455621] Call Trace: [ 212.458244] __schedule+0x78c/0x1c10 [ 212.461955] ? pci_mmcfg_check_reserved+0x120/0x120 [ 212.467010] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 212.471933] ? lockdep_hardirqs_on+0x421/0x5c0 [ 212.476528] ? _raw_spin_unlock_irq+0x27/0x80 [ 212.481923] schedule+0x7f/0x1b0 [ 212.485316] rwsem_down_write_failed+0x5c6/0xbf0 [ 212.490145] ? rwsem_down_read_failed_killable+0x550/0x550 [ 212.495789] ? mark_held_locks+0x130/0x130 [ 212.500078] ? trace_hardirqs_on+0x28/0x190 [ 212.504399] ? find_held_lock+0x36/0x1d0 [ 212.508668] call_rwsem_down_write_failed+0x17/0x30 [ 212.513690] ? call_rwsem_down_write_failed+0x17/0x30 [ 212.518936] down_write+0x53/0x90 [ 212.522383] ? lock_mount+0x82/0x290 [ 212.526072] lock_mount+0x82/0x290 [ 212.529743] do_add_mount+0x22/0x310 [ 212.533454] do_mount+0x1290/0x2410 [ 212.537149] ? copy_mount_string+0x20/0x20 [ 212.541397] ? rcu_read_lock_sched_held+0x108/0x120 [ 212.546409] ? kmem_cache_alloc_trace+0x350/0x740 [ 212.551297] ? kasan_check_write+0x14/0x20 [ 212.555528] ? copy_mount_options+0x55/0x270 [ 212.560033] ksys_mount+0xba/0xe0 [ 212.563498] __x64_sys_mount+0xb9/0x150 [ 212.567766] do_syscall_64+0xd0/0x4e0 [ 212.571640] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.577073] RIP: 0033:0x4592c9 [ 212.580393] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 212.599716] RSP: 002b:00007fa6bccdcc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 212.607489] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 [ 212.614870] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 212.622414] RBP: 000000000075c118 R08: 0000000020000400 R09: 0000000000000000 [ 212.629761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6bccdd6d4 [ 212.637213] R13: 00000000004c56df R14: 00000000004d9b60 R15: 00000000ffffffff [ 212.644523] INFO: task syz-executor.5:7149 blocked for more than 140 seconds. [ 212.651904] Not tainted 4.19.109-syzkaller #0 [ 212.657079] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 212.665043] syz-executor.5 D29144 7149 7104 0x00000004 [ 212.670966] Call Trace: [ 212.673561] __schedule+0x78c/0x1c10 [ 212.677320] ? pci_mmcfg_check_reserved+0x120/0x120 [ 212.682527] ? rwsem_down_read_failed+0x203/0x3e0 [ 212.687436] ? lockdep_hardirqs_on+0x421/0x5c0 [ 212.692033] ? _raw_spin_unlock_irq+0x27/0x80 [ 212.696650] ? rwsem_down_read_failed+0x21c/0x3e0 [ 212.701662] schedule+0x7f/0x1b0 [ 212.705492] rwsem_down_read_failed+0x21c/0x3e0 [ 212.710255] ? rwsem_down_write_failed+0xbf0/0xbf0 [ 212.715194] ? unlazy_walk+0x143/0x450 [ 212.719167] ? lock_downgrade+0x860/0x860 [ 212.723336] ? teql_master_setup+0x310/0x375 [ 212.727930] call_rwsem_down_read_failed+0x18/0x30 [ 212.733088] down_read+0x49/0xb0 [ 212.736453] ? lookup_slow+0x43/0x70 [ 212.740241] lookup_slow+0x43/0x70 [ 212.743973] walk_component+0x694/0x2320 [ 212.748285] ? security_inode_permission+0x73/0xb0 [ 212.753229] ? path_init+0x1550/0x1550 [ 212.757316] ? link_path_walk.part.40+0x16d/0x1550 [ 212.762253] ? path_init+0xefe/0x1550 [ 212.766181] ? trace_hardirqs_on+0x28/0x190 [ 212.770579] ? walk_component+0x2320/0x2320 [ 212.774907] ? save_stack+0x43/0xd0 [ 212.778599] ? kasan_kmalloc+0xc7/0xe0 [ 212.782492] ? kasan_slab_alloc+0x12/0x20 [ 212.786652] path_lookupat.isra.43+0x180/0x850 [ 212.791312] ? path_parentat.isra.41+0x100/0x100 [ 212.796085] ? find_held_lock+0x36/0x1d0 [ 212.800210] filename_lookup.part.57+0x160/0x360 [ 212.804978] ? filename_parentat.isra.55.part.56+0x400/0x400 [ 212.810837] ? rcu_read_lock_sched_held+0x108/0x120 [ 212.815872] ? strncpy_from_user+0x80/0x260 [ 212.820251] ? getname_flags+0xf6/0x520 [ 212.824341] user_path_at_empty+0x39/0x40 [ 212.828558] vfs_statx+0xbe/0x150 [ 212.832013] ? vfs_statx_fd+0x90/0x90 [ 212.835817] ? kasan_check_read+0x11/0x20 [ 212.840116] __do_sys_newstat+0x85/0xe0 [ 212.844093] ? cp_new_stat+0x5b0/0x5b0 [ 212.848050] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 212.852902] ? do_syscall_64+0x21/0x4e0 [ 212.856937] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.862313] ? lockdep_hardirqs_on+0x421/0x5c0 [ 212.866962] ? do_syscall_64+0x21/0x4e0 [ 212.871012] __x64_sys_newstat+0x4f/0x70 [ 212.875121] do_syscall_64+0xd0/0x4e0 [ 212.879028] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 212.884257] RIP: 0033:0x4592c9 [ 212.887514] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 212.907561] RSP: 002b:00007fa6bccbbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 212.915273] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004592c9 [ 212.922611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000580 [ 212.929918] RBP: 000000000075c1c0 R08: 0000000000000000 R09: 0000000000000000 [ 212.937235] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6bccbc6d4 [ 212.944517] R13: 00000000004e52fb R14: 00000000004de648 R15: 00000000ffffffff [ 212.951875] INFO: task syz-executor.3:7124 blocked for more than 140 seconds. [ 212.959194] Not tainted 4.19.109-syzkaller #0 [ 212.964189] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 212.972246] syz-executor.3 D27272 7124 7100 0x00000004 [ 212.977922] Call Trace: [ 212.980502] __schedule+0x78c/0x1c10 [ 212.984206] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 212.989367] ? pci_mmcfg_check_reserved+0x120/0x120 [ 212.994400] ? autoremove_wake_function+0x160/0x160 [ 212.999485] schedule+0x7f/0x1b0 [ 213.002848] request_wait_answer+0x2fe/0x620 [ 213.007318] ? fuse_copy_one+0x130/0x130 [ 213.011386] ? lock_downgrade+0x860/0x860 [ 213.015516] ? finish_wait+0x290/0x290 [ 213.019464] ? do_raw_spin_unlock+0x177/0x260 [ 213.023975] __fuse_request_send+0xff/0x190 [ 213.028354] fuse_request_send+0x41/0x80 [ 213.032414] fuse_simple_request+0x2b4/0x610 [ 213.036986] fuse_lookup_name+0x244/0x590 [ 213.041144] ? fuse_create+0x10/0x10 [ 213.044856] ? mutex_lock_nested+0x16/0x20 [ 213.049212] fuse_lookup+0xf3/0x3b0 [ 213.052847] ? fuse_lookup_name+0x590/0x590 [ 213.057225] ? __d_lookup_rcu+0x8a0/0x8a0 [ 213.061408] ? __lockdep_init_map+0x105/0x590 [ 213.065995] __lookup_slow+0x216/0x400 [ 213.069978] ? vfs_unlink+0x450/0x450 [ 213.073791] lookup_slow+0x51/0x70 [ 213.077385] walk_component+0x694/0x2320 [ 213.081442] ? security_inode_permission+0x73/0xb0 [ 213.086375] ? path_init+0x1550/0x1550 [ 213.090313] ? link_path_walk.part.40+0x16d/0x1550 [ 213.095275] ? path_init+0xefe/0x1550 [ 213.099128] ? trace_hardirqs_on+0x28/0x190 [ 213.103502] ? walk_component+0x2320/0x2320 [ 213.107885] ? save_stack+0x43/0xd0 [ 213.111506] ? kasan_kmalloc+0xc7/0xe0 [ 213.115378] ? kasan_slab_alloc+0x12/0x20 [ 213.119611] path_lookupat.isra.43+0x180/0x850 [ 213.124373] ? path_parentat.isra.41+0x100/0x100 [ 213.129270] ? find_held_lock+0x36/0x1d0 [ 213.133332] filename_lookup.part.57+0x160/0x360 [ 213.138141] ? filename_parentat.isra.55.part.56+0x400/0x400 [ 213.144092] ? rcu_read_lock_sched_held+0x108/0x120 [ 213.149150] ? strncpy_from_user+0x80/0x260 [ 213.153465] ? getname_flags+0xf6/0x520 [ 213.157490] user_path_at_empty+0x39/0x40 [ 213.161630] vfs_statx+0xbe/0x150 [ 213.165075] ? vfs_statx_fd+0x90/0x90 [ 213.168926] ? kasan_check_read+0x11/0x20 [ 213.173087] __do_sys_newstat+0x85/0xe0 [ 213.177124] ? cp_new_stat+0x5b0/0x5b0 [ 213.181116] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 213.185870] ? do_syscall_64+0x21/0x4e0 [ 213.189887] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.195247] ? lockdep_hardirqs_on+0x421/0x5c0 [ 213.199884] ? do_syscall_64+0x21/0x4e0 [ 213.204033] __x64_sys_newstat+0x4f/0x70 [ 213.208186] do_syscall_64+0xd0/0x4e0 [ 213.212051] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.217298] RIP: 0033:0x4592c9 [ 213.220659] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 213.239693] RSP: 002b:00007f2cdb89cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 213.247448] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004592c9 [ 213.254708] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000580 [ 213.262011] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 213.269321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2cdb89d6d4 [ 213.276599] R13: 00000000004e52fb R14: 00000000004de648 R15: 00000000ffffffff [ 213.283922] INFO: task syz-executor.3:7126 blocked for more than 140 seconds. [ 213.291217] Not tainted 4.19.109-syzkaller #0 [ 213.296226] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 213.304236] syz-executor.3 D29608 7126 7100 0x00000004 [ 213.309944] Call Trace: [ 213.312530] __schedule+0x78c/0x1c10 [ 213.316243] ? pci_mmcfg_check_reserved+0x120/0x120 [ 213.321318] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 213.326250] ? lockdep_hardirqs_on+0x421/0x5c0 [ 213.330902] ? _raw_spin_unlock_irq+0x27/0x80 [ 213.335395] schedule+0x7f/0x1b0 [ 213.338819] rwsem_down_write_failed+0x5c6/0xbf0 [ 213.343587] ? rwsem_down_read_failed_killable+0x550/0x550 [ 213.349417] ? avc_has_perm_noaudit+0x460/0x460 [ 213.354137] ? mark_held_locks+0x130/0x130 [ 213.358445] ? find_held_lock+0x36/0x1d0 [ 213.362516] call_rwsem_down_write_failed+0x17/0x30 [ 213.367590] ? call_rwsem_down_write_failed+0x17/0x30 [ 213.373128] down_write+0x53/0x90 [ 213.376562] ? lock_mount+0x82/0x290 [ 213.380311] lock_mount+0x82/0x290 [ 213.383847] do_add_mount+0x22/0x310 [ 213.387618] do_mount+0x1290/0x2410 [ 213.391241] ? __might_fault+0xf1/0x1b0 [ 213.395197] ? lock_downgrade+0x860/0x860 [ 213.399407] ? copy_mount_string+0x20/0x20 [ 213.403670] ? kasan_check_write+0x14/0x20 [ 213.407945] ? _copy_from_user+0x9c/0xd0 [ 213.412067] ? memdup_user+0x4a/0x80 [ 213.415876] ksys_mount+0xba/0xe0 [ 213.419816] __x64_sys_mount+0xb9/0x150 [ 213.423813] do_syscall_64+0xd0/0x4e0 [ 213.427676] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.432857] RIP: 0033:0x4592c9 [ 213.436072] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 213.456253] RSP: 002b:00007f2cdb87bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 213.464020] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 [ 213.471361] RDX: 0000000020000000 RSI: 0000000020000180 RDI: 0000000000000000 [ 213.478839] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 213.486103] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f2cdb87c6d4 [ 213.493420] R13: 00000000004c570b R14: 00000000004d9aa0 R15: 00000000ffffffff [ 213.501468] INFO: task syz-executor.3:7128 blocked for more than 140 seconds. [ 213.509580] Not tainted 4.19.109-syzkaller #0 [ 213.514640] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 213.522679] syz-executor.3 D28920 7128 7100 0x00000004 [ 213.528341] Call Trace: [ 213.530919] __schedule+0x78c/0x1c10 [ 213.534627] ? pci_mmcfg_check_reserved+0x120/0x120 [ 213.539701] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 213.544631] ? lockdep_hardirqs_on+0x421/0x5c0 [ 213.549251] ? _raw_spin_unlock_irq+0x27/0x80 [ 213.553751] schedule+0x7f/0x1b0 [ 213.557168] rwsem_down_write_failed+0x5c6/0xbf0 [ 213.561922] ? rwsem_down_read_failed_killable+0x550/0x550 [ 213.567607] ? find_held_lock+0x36/0x1d0 [ 213.571668] ? __lock_is_held+0xb5/0x140 [ 213.575908] call_rwsem_down_write_failed+0x17/0x30 [ 213.581058] ? call_rwsem_down_write_failed+0x17/0x30 [ 213.586264] down_write+0x53/0x90 [ 213.589781] ? fuse_reverse_inval_entry+0x9a/0x5d0 [ 213.594711] fuse_reverse_inval_entry+0x9a/0x5d0 [ 213.599561] ? lock_acquire+0x173/0x3d0 [ 213.603616] ? fuse_update_attributes+0xa0/0xa0 [ 213.608358] fuse_dev_do_write+0xb7d/0x2350 [ 213.612689] ? _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 213.617852] ? try_to_wake_up+0xc2/0xf20 [ 213.622089] ? fuse_dev_read+0x1b0/0x1b0 [ 213.626318] ? migrate_swap_stop+0x930/0x930 [ 213.630787] ? futex_wake+0x338/0x590 [ 213.634602] ? lock_downgrade+0x860/0x860 [ 213.638840] ? kasan_check_write+0x14/0x20 [ 213.643094] ? wake_up_q+0xb3/0x100 [ 213.646713] ? get_futex_key+0x1030/0x1030 [ 213.651053] ? memset+0x31/0x40 [ 213.654339] fuse_dev_write+0x12a/0x1b0 [ 213.658383] ? fuse_dev_splice_write+0xa20/0xa20 [ 213.663270] __vfs_write+0x443/0x890 [ 213.667046] ? kernel_read+0x130/0x130 [ 213.670956] ? selinux_file_permission+0x326/0x3f0 [ 213.675891] ? rw_verify_area+0xb8/0x2b0 [ 213.680018] vfs_write+0x150/0x4d0 [ 213.683736] ksys_write+0x103/0x260 [ 213.687412] ? __ia32_sys_read+0xa0/0xa0 [ 213.691499] ? do_syscall_64+0x21/0x4e0 [ 213.695457] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.700868] __x64_sys_write+0x6e/0xb0 [ 213.704752] do_syscall_64+0xd0/0x4e0 [ 213.709033] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.714214] RIP: 0033:0x4592c9 [ 213.717448] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 213.736397] RSP: 002b:00007f2cdb85ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 213.744141] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004592c9 [ 213.752406] RDX: 000000000000002e RSI: 0000000020000000 RDI: 0000000000000003 [ 213.759782] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 213.767253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2cdb85b6d4 [ 213.774554] R13: 00000000004c8aa3 R14: 00000000004df6e0 R15: 00000000ffffffff [ 213.781897] INFO: task syz-executor.3:7153 blocked for more than 140 seconds. [ 213.789926] Not tainted 4.19.109-syzkaller #0 [ 213.794931] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 213.802969] syz-executor.3 D27880 7153 7100 0x00000004 [ 213.808646] Call Trace: [ 213.811251] __schedule+0x78c/0x1c10 [ 213.814952] ? pci_mmcfg_check_reserved+0x120/0x120 [ 213.820020] ? rwsem_down_write_failed+0x5c1/0xbf0 [ 213.824972] ? lockdep_hardirqs_on+0x421/0x5c0 [ 213.829612] ? _raw_spin_unlock_irq+0x27/0x80 [ 213.834121] schedule+0x7f/0x1b0 [ 213.837574] rwsem_down_write_failed+0x5c6/0xbf0 [ 213.842370] ? rwsem_down_read_failed_killable+0x550/0x550 [ 213.848072] ? mark_held_locks+0x130/0x130 [ 213.852316] ? trace_hardirqs_on+0x28/0x190 [ 213.856713] ? find_held_lock+0x36/0x1d0 [ 213.860867] call_rwsem_down_write_failed+0x17/0x30 [ 213.867778] ? call_rwsem_down_write_failed+0x17/0x30 [ 213.872977] down_write+0x53/0x90 [ 213.876432] ? lock_mount+0x82/0x290 [ 213.880182] lock_mount+0x82/0x290 [ 213.883715] do_add_mount+0x22/0x310 [ 213.887514] do_mount+0x1290/0x2410 [ 213.891154] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 213.895907] ? copy_mount_string+0x20/0x20 [ 213.900800] ? copy_mount_options+0x160/0x270 [ 213.905291] ? copy_mount_options+0x55/0x270 [ 213.909741] ksys_mount+0xba/0xe0 [ 213.913188] __x64_sys_mount+0xb9/0x150 [ 213.917218] do_syscall_64+0xd0/0x4e0 [ 213.921034] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 213.926217] RIP: 0033:0x4592c9 [ 213.929465] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 213.949375] RSP: 002b:00007f2cdb839c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 213.957947] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 [ 213.965234] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 213.973208] RBP: 000000000075c118 R08: 0000000020000400 R09: 0000000000000000 [ 213.980525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2cdb83a6d4 [ 213.987869] R13: 00000000004c56df R14: 00000000004d9b60 R15: 00000000ffffffff [ 213.996293] INFO: task syz-executor.3:7154 blocked for more than 140 seconds. [ 214.003660] Not tainted 4.19.109-syzkaller #0 [ 214.008722] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 214.016687] syz-executor.3 D29144 7154 7100 0x00000004 [ 214.022561] Call Trace: [ 214.025158] __schedule+0x78c/0x1c10 [ 214.028913] ? pci_mmcfg_check_reserved+0x120/0x120 [ 214.034036] ? rwsem_down_read_failed+0x203/0x3e0 [ 214.038935] ? lockdep_hardirqs_on+0x421/0x5c0 [ 214.043664] ? _raw_spin_unlock_irq+0x27/0x80 [ 214.048202] ? rwsem_down_read_failed+0x21c/0x3e0 [ 214.053128] schedule+0x7f/0x1b0 [ 214.056488] rwsem_down_read_failed+0x21c/0x3e0 [ 214.061202] ? rwsem_down_write_failed+0xbf0/0xbf0 [ 214.066137] ? unlazy_walk+0x143/0x450 [ 214.070212] ? lock_downgrade+0x860/0x860 [ 214.074394] ? intel_opregion_setup+0x418/0x11d0 [ 214.079332] call_rwsem_down_read_failed+0x18/0x30 [ 214.084606] down_read+0x49/0xb0 [ 214.088048] ? lookup_slow+0x43/0x70 [ 214.091762] lookup_slow+0x43/0x70 [ 214.095322] walk_component+0x694/0x2320 [ 214.099455] ? security_inode_permission+0x73/0xb0 [ 214.104460] ? path_init+0x1550/0x1550 [ 214.108391] ? link_path_walk.part.40+0x16d/0x1550 [ 214.113468] ? path_init+0xefe/0x1550 [ 214.117449] ? trace_hardirqs_on+0x28/0x190 [ 214.121769] ? walk_component+0x2320/0x2320 [ 214.126081] ? save_stack+0x43/0xd0 [ 214.129776] ? kasan_kmalloc+0xc7/0xe0 [ 214.133683] ? kasan_slab_alloc+0x12/0x20 [ 214.138035] path_lookupat.isra.43+0x180/0x850 [ 214.142616] ? mark_held_locks+0x130/0x130 [ 214.146901] ? path_parentat.isra.41+0x100/0x100 [ 214.151663] ? find_held_lock+0x36/0x1d0 [ 214.155773] filename_lookup.part.57+0x160/0x360 [ 214.160615] ? filename_parentat.isra.55.part.56+0x400/0x400 [ 214.166447] ? rcu_read_lock_sched_held+0x108/0x120 [ 214.171547] ? strncpy_from_user+0x80/0x260 [ 214.175885] ? getname_flags+0xf6/0x520 [ 214.179936] user_path_at_empty+0x39/0x40 [ 214.184081] vfs_statx+0xbe/0x150 [ 214.187594] ? vfs_statx_fd+0x90/0x90 [ 214.191411] ? kasan_check_read+0x11/0x20 [ 214.195700] __do_sys_newstat+0x85/0xe0 [ 214.199775] ? cp_new_stat+0x5b0/0x5b0 [ 214.203676] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 214.208500] ? do_syscall_64+0x21/0x4e0 [ 214.212486] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 214.221067] ? lockdep_hardirqs_on+0x421/0x5c0 [ 214.225657] ? do_syscall_64+0x21/0x4e0 [ 214.229792] __x64_sys_newstat+0x4f/0x70 [ 214.233875] do_syscall_64+0xd0/0x4e0 [ 214.237731] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 214.242912] RIP: 0033:0x4592c9 [ 214.246444] Code: 24 48 c7 44 24 10 09 00 00 00 e8 82 ad ff ff 0f b6 44 24 18 88 44 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 8a 8f ff ff eb a8 cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 [ 214.265626] RSP: 002b:00007f2cdb818c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 214.273506] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00000000004592c9 [ 214.280837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000580 [ 214.288144] RBP: 000000000075c1c0 R08: 0000000000000000 R09: 0000000000000000 [ 214.295414] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2cdb8196d4 [ 214.302732] R13: 00000000004e52fb R14: 00000000004de648 R15: 00000000ffffffff [ 214.310062] [ 214.310062] Showing all locks held in the system: [ 214.316396] 1 lock held by khungtaskd/1036: [ 214.320748] #0: 000000005321fbef (rcu_read_lock){....}, at: debug_show_all_locks+0x5b/0x27a [ 214.329401] 1 lock held by rsyslogd/6855: [ 214.333532] #0: 00000000051a577b (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xa7/0xd0 [ 214.341405] 2 locks held by getty/6977: [ 214.345363] #0: 00000000e3f32bb1 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.353704] #1: 00000000d0bb06a4 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.362596] 2 locks held by getty/6978: [ 214.366554] #0: 0000000030dca649 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.374921] #1: 00000000735a4304 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.383926] 2 locks held by getty/6979: [ 214.387948] #0: 00000000e539df20 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.396206] #1: 00000000e74001f8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.405162] 2 locks held by getty/6980: [ 214.409170] #0: 000000006d6f1f29 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.417455] #1: 000000009a73b4bb (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.426306] 2 locks held by getty/6981: [ 214.430421] #0: 0000000076746488 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.438865] #1: 0000000028051ad9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.447771] 2 locks held by getty/6982: [ 214.451733] #0: 00000000ede59928 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.460012] #1: 000000009b484acf (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.468892] 2 locks held by getty/6983: [ 214.472841] #0: 00000000536eb005 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 [ 214.481098] #1: 000000005af6d9a9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x1910 [ 214.489979] 2 locks held by syz-executor.5/7120: [ 214.494710] #0: 00000000a79c5211 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.503405] #1: 0000000074943b36 (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.511238] 2 locks held by syz-executor.5/7121: [ 214.515968] #0: 00000000c4323fd7 (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.526188] #1: 00000000a79c5211 (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.537482] 1 lock held by syz-executor.5/7122: [ 214.542147] #0: 00000000a79c5211 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.550890] 1 lock held by syz-executor.5/7148: [ 214.555554] #0: 00000000a79c5211 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.564326] 1 lock held by syz-executor.5/7149: [ 214.569036] #0: 00000000a79c5211 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.578164] 2 locks held by syz-executor.3/7124: [ 214.582911] #0: 000000006f5bf0ba (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.591755] #1: 000000007bc5602d (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.599881] 1 lock held by syz-executor.3/7126: [ 214.604600] #0: 000000006f5bf0ba (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.613354] 2 locks held by syz-executor.3/7128: [ 214.618207] #0: 00000000c3fea2e1 (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.626642] #1: 000000006f5bf0ba (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.637180] 1 lock held by syz-executor.3/7153: [ 214.643954] #0: 000000006f5bf0ba (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.652692] 1 lock held by syz-executor.3/7154: [ 214.657403] #0: 000000006f5bf0ba (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.666075] 2 locks held by syz-executor.1/7130: [ 214.670877] #0: 0000000089efdaa9 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.679619] #1: 00000000667c1165 (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.687455] 1 lock held by syz-executor.1/7131: [ 214.692111] #0: 0000000089efdaa9 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.700828] 2 locks held by syz-executor.1/7132: [ 214.705591] #0: 00000000327e7763 (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.714488] #1: 0000000089efdaa9 (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.724442] 1 lock held by syz-executor.1/7157: [ 214.729213] #0: 0000000089efdaa9 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.738070] 1 lock held by syz-executor.1/7158: [ 214.742730] #0: 0000000089efdaa9 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.751486] 2 locks held by syz-executor.2/7135: [ 214.756236] #0: 00000000b1c777fa (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.764965] #1: 0000000039c8fdc6 (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.772830] 1 lock held by syz-executor.2/7136: [ 214.777548] #0: 00000000b1c777fa (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.786358] 2 locks held by syz-executor.2/7137: [ 214.791167] #0: 00000000479a6f9d (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.799731] #1: 00000000b1c777fa (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.809778] 1 lock held by syz-executor.2/7162: [ 214.814447] #0: 00000000b1c777fa (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.823433] 2 locks held by syz-executor.4/7140: [ 214.828353] #0: 00000000b3ffea66 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.837162] #1: 00000000c9c33d03 (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.844974] 1 lock held by syz-executor.4/7144: [ 214.849665] #0: 00000000b3ffea66 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.858371] 2 locks held by syz-executor.4/7146: [ 214.863103] #0: 00000000f3f6fe88 (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.871536] #1: 00000000b3ffea66 (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.881450] 1 lock held by syz-executor.4/7166: [ 214.886097] #0: 00000000b3ffea66 (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.894852] 1 lock held by syz-executor.4/7167: [ 214.899640] #0: 00000000b3ffea66 (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.908995] 2 locks held by syz-executor.0/7143: [ 214.917311] #0: 000000006cac915e (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.925998] #1: 0000000046a5668e (&fi->mutex){+.+.}, at: fuse_lock_inode+0x9a/0xc0 [ 214.933870] 1 lock held by syz-executor.0/7145: [ 214.938648] #0: 000000006cac915e (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.948411] 2 locks held by syz-executor.0/7147: [ 214.953157] #0: 00000000d2593a9d (&fc->killsb){.+.+}, at: fuse_dev_do_write+0x19c5/0x2350 [ 214.961603] #1: 000000006cac915e (&type->i_mutex_dir_key#8){++++}, at: fuse_reverse_inval_entry+0x9a/0x5d0 [ 214.971954] 1 lock held by syz-executor.0/7171: [ 214.976609] #0: 000000006cac915e (&type->i_mutex_dir_key#8){++++}, at: lock_mount+0x82/0x290 [ 214.985700] 1 lock held by syz-executor.0/7172: [ 214.990468] #0: 000000006cac915e (&type->i_mutex_dir_key#8){++++}, at: lookup_slow+0x43/0x70 [ 214.999436] [ 215.001060] ============================================= [ 215.001060] [ 215.008136] NMI backtrace for cpu 1 [ 215.012201] CPU: 1 PID: 1036 Comm: khungtaskd Not tainted 4.19.109-syzkaller #0 [ 215.019648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.028986] Call Trace: [ 215.031567] dump_stack+0x123/0x177 [ 215.035179] nmi_cpu_backtrace.cold.4+0x3e/0x76 [ 215.039848] ? lapic_can_unplug_cpu.cold.29+0x3f/0x3f [ 215.045735] nmi_trigger_cpumask_backtrace+0xe6/0x11a [ 215.050906] arch_trigger_cpumask_backtrace+0x14/0x20 [ 215.056079] watchdog+0x5c3/0xb40 [ 215.059518] kthread+0x324/0x3e0 [ 215.062862] ? hungtask_pm_notify+0x40/0x40 [ 215.067165] ? kthread_cancel_delayed_work_sync+0x10/0x10 [ 215.072683] ret_from_fork+0x24/0x30 [ 215.076453] Sending NMI from CPU 1 to CPUs 0: [ 215.081136] NMI backtrace for cpu 0 [ 215.081138] CPU: 0 PID: 23 Comm: kworker/u4:1 Not tainted 4.19.109-syzkaller #0 [ 215.081140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.081141] Workqueue: bat_events batadv_nc_worker [ 215.081144] RIP: 0010:__lock_acquire+0xd3a/0x4980 [ 215.081147] Code: 83 e2 07 38 d0 7f 08 84 c0 0f 85 c7 2b 00 00 45 32 7a 21 41 83 e7 60 0f 85 fc 03 00 00 4c 89 ea 44 89 e8 48 c1 ea 20 41 01 d5 <29> d3 c1 c2 04 31 d3 41 89 dc 42 8d 1c 2b e9 48 fb ff ff 85 d2 0f [ 215.081148] RSP: 0018:ffff8880a98dfa90 EFLAGS: 00000006 [ 215.081150] RAX: 00000000575f3026 RBX: 000000000000002b RCX: 1ffff110153199de [ 215.081152] RDX: 000000000ac62bb8 RSI: ffff8880a98cce80 RDI: ffff8880a98ccef1 [ 215.081154] RBP: ffff8880a98dfc80 R08: ffff8880a98ccef0 R09: 0000000000000002 [ 215.081155] R10: ffff8880a98cced0 R11: 0000000000000000 R12: 000000000000002b [ 215.081157] R13: 0000000062255bde R14: ffff8880a98cc600 R15: 0000000000000000 [ 215.081158] FS: 0000000000000000(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 215.081160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.081161] CR2: 0000000001cfc000 CR3: 0000000082c5b000 CR4: 00000000001406f0 [ 215.081163] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 215.081164] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 215.081165] Call Trace: [ 215.081166] ? __lock_acquire+0x792/0x4980 [ 215.081167] ? mark_held_locks+0x130/0x130 [ 215.081169] ? mark_held_locks+0x130/0x130 [ 215.081170] ? find_held_lock+0x36/0x1d0 [ 215.081171] lock_acquire+0x173/0x3d0 [ 215.081172] ? batadv_nc_worker+0xbc/0x630 [ 215.081173] batadv_nc_worker+0xec/0x630 [ 215.081174] ? batadv_nc_worker+0xbc/0x630 [ 215.081176] process_one_work+0x830/0x1670 [ 215.081177] ? pwq_dec_nr_in_flight+0x2c0/0x2c0 [ 215.081178] ? lock_acquire+0x173/0x3d0 [ 215.081179] ? kasan_check_write+0x14/0x20 [ 215.081180] ? do_raw_spin_lock+0xd0/0x240 [ 215.081181] worker_thread+0x85/0xb60 [ 215.081182] ? __kthread_parkme+0x47/0x190 [ 215.081183] kthread+0x324/0x3e0 [ 215.081185] ? process_one_work+0x1670/0x1670 [ 215.081186] ? kthread_cancel_delayed_work_sync+0x10/0x10 [ 215.081187] ret_from_fork+0x24/0x30 [ 215.081987] Kernel panic - not syncing: hung_task: blocked tasks [ 215.296031] CPU: 1 PID: 1036 Comm: khungtaskd Not tainted 4.19.109-syzkaller #0 [ 215.303457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.312802] Call Trace: [ 215.315396] dump_stack+0x123/0x177 [ 215.319109] panic+0x1cd/0x375 [ 215.322279] ? __warn_printk+0xd6/0xd6 [ 215.326166] watchdog+0x5d4/0xb40 [ 215.329638] kthread+0x324/0x3e0 [ 215.333152] ? hungtask_pm_notify+0x40/0x40 [ 215.337465] ? kthread_cancel_delayed_work_sync+0x10/0x10 [ 215.343041] ret_from_fork+0x24/0x30 [ 215.347716] Kernel Offset: disabled [ 215.351391] Rebooting in 86400 seconds..