[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.214' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 571.281086] INFO: task syz-executor309:6323 blocked for more than 140 seconds. [ 571.288641] Not tainted 4.14.175-syzkaller #0 [ 571.295250] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 571.303288] syz-executor309 D28304 6323 6316 0x00000004 [ 571.308952] Call Trace: [ 571.311655] ? __schedule+0x7b8/0x1ca0 [ 571.315543] ? rwsem_down_read_failed+0x1c3/0x390 [ 571.320375] ? __sched_text_start+0x8/0x8 [ 571.324586] ? mark_held_locks+0xa6/0xf0 [ 571.328642] ? _raw_spin_unlock_irq+0x24/0x80 [ 571.333167] schedule+0x8d/0x1b0 [ 571.336527] rwsem_down_read_failed+0x1f6/0x390 [ 571.341218] ? rwsem_down_write_failed_killable+0xd90/0xd90 [ 571.346933] call_rwsem_down_read_failed+0x14/0x30 [ 571.351901] down_read+0x45/0xa0 [ 571.355358] ? __get_super.part.0+0x1c6/0x280 [ 571.359834] __get_super.part.0+0x1c6/0x280 [ 571.364177] get_super+0x2b/0x50 [ 571.367580] fsync_bdev+0x14/0xd0 [ 571.371134] invalidate_partition+0x31/0x60 [ 571.375460] rescan_partitions+0xde/0x850 [ 571.379590] ? __lock_is_held+0xad/0x140 [ 571.383703] __blkdev_reread_part+0x157/0x1e0 [ 571.388192] blkdev_reread_part+0x23/0x40 [ 571.392397] loop_reread_partitions+0x72/0x80 [ 571.396885] loop_set_status+0xbfc/0x11f0 [ 571.401075] loop_set_status64+0x92/0xe0 [ 571.405129] ? loop_set_status_old+0x2c0/0x2c0 [ 571.409702] ? lock_acquire+0x170/0x3f0 [ 571.413722] ? wait_for_completion+0x390/0x390 [ 571.418300] lo_ioctl+0x590/0x1c40 [ 571.421865] ? loop_probe+0x160/0x160 [ 571.425862] blkdev_ioctl+0x91d/0x17d0 [ 571.429727] ? blkpg_ioctl+0x8e0/0x8e0 [ 571.433637] ? trace_hardirqs_on+0x10/0x10 [ 571.437866] block_ioctl+0xd9/0x120 [ 571.441509] ? blkdev_fallocate+0x3a0/0x3a0 [ 571.445845] do_vfs_ioctl+0x75a/0xfe0 [ 571.449676] ? selinux_file_mprotect+0x5c0/0x5c0 [ 571.454502] ? ioctl_preallocate+0x1a0/0x1a0 [ 571.459024] ? security_file_ioctl+0x76/0xb0 [ 571.463453] ? security_file_ioctl+0x83/0xb0 [ 571.467849] SyS_ioctl+0x7f/0xb0 [ 571.471365] ? do_vfs_ioctl+0xfe0/0xfe0 [ 571.475333] do_syscall_64+0x1d5/0x640 [ 571.479198] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 571.484402] RIP: 0033:0x445ad7 [ 571.487587] RSP: 002b:00007f00f7f0cb68 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 571.495364] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000445ad7 [ 571.502658] RDX: 00007f00f7f0cc00 RSI: 0000000000004c04 RDI: 0000000000000005 [ 571.509931] RBP: 00007f00f7f0d6d0 R08: 0000000000000000 R09: 000000000000000a [ 571.517222] R10: 0000000000000075 R11: 0000000000000202 R12: 00000000006dbc2c [ 571.524534] R13: 00007ffeca2b48df R14: 0000000000000005 R15: 0000000000000000 [ 571.531847] INFO: task syz-executor309:6327 blocked for more than 140 seconds. [ 571.539189] Not tainted 4.14.175-syzkaller #0 [ 571.544227] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 571.552215] syz-executor309 D29360 6327 6316 0x80000004 [ 571.557834] Call Trace: [ 571.560401] ? __schedule+0x7b8/0x1ca0 [ 571.564300] ? __mutex_lock+0x737/0x1470 [ 571.568364] ? __sched_text_start+0x8/0x8 [ 571.572551] ? lock_downgrade+0x6e0/0x6e0 [ 571.576694] schedule+0x8d/0x1b0 [ 571.580042] schedule_preempt_disabled+0xf/0x20 [ 571.584740] __mutex_lock+0x73c/0x1470 [ 571.588621] ? trace_hardirqs_on_caller+0x3f6/0x590 [ 571.593686] ? lo_ioctl+0x87/0x1c40 [ 571.597302] ? mutex_trylock+0x1a0/0x1a0 [ 571.601452] ? kasan_kmalloc+0xbf/0xe0 [ 571.605330] ? kmem_cache_alloc_trace+0x14d/0x7b0 [ 571.610332] ? udf_fill_super+0x211/0x14f6 [ 571.614586] ? mount_bdev+0x2bc/0x370 [ 571.618374] ? mount_fs+0x92/0x2a0 [ 571.622015] ? vfs_kern_mount.part.0+0x5b/0x3c0 [ 571.626691] ? do_mount+0x3c9/0x24f0 [ 571.630387] ? lo_ioctl+0x87/0x1c40 [ 571.634034] lo_ioctl+0x87/0x1c40 [ 571.637478] ? save_trace+0x290/0x290 [ 571.641294] ? save_trace+0x290/0x290 [ 571.645210] ? loop_probe+0x160/0x160 [ 571.648995] blkdev_ioctl+0x91d/0x17d0 [ 571.652899] ? blkpg_ioctl+0x8e0/0x8e0 [ 571.656781] ? udf_parse_options+0xde3/0x10a0 [ 571.661307] ? kmem_cache_alloc_trace+0x593/0x7b0 [ 571.666144] ioctl_by_bdev+0xa0/0x110 [ 571.669939] udf_get_last_session+0x7c/0xd0 [ 571.674289] ? udf_bread+0x1f0/0x1f0 [ 571.678056] ? __rwlock_init+0x28/0x140 [ 571.682056] udf_fill_super+0x10f9/0x14f6 [ 571.686197] ? udf_load_vrs+0xa80/0xa80 [ 571.690151] ? lock_downgrade+0x6e0/0x6e0 [ 571.694351] ? snprintf+0xa5/0xd0 [ 571.697803] ? vsprintf+0x30/0x30 [ 571.701294] mount_bdev+0x2bc/0x370 [ 571.704913] ? udf_load_vrs+0xa80/0xa80 [ 571.708875] mount_fs+0x92/0x2a0 [ 571.712387] vfs_kern_mount.part.0+0x5b/0x3c0 [ 571.716876] do_mount+0x3c9/0x24f0 [ 571.720394] ? copy_mount_string+0x40/0x40 [ 571.724700] ? __might_fault+0x177/0x1b0 [ 571.728794] ? _copy_from_user+0x94/0x100 [ 571.732984] ? memdup_user+0x54/0xa0 [ 571.736687] ? copy_mount_options+0x1ec/0x2e0 [ 571.741197] ? copy_mnt_ns+0x8a0/0x8a0 [ 571.745077] SyS_mount+0xa8/0x120 [ 571.748504] ? copy_mnt_ns+0x8a0/0x8a0 [ 571.752407] do_syscall_64+0x1d5/0x640 [ 571.756285] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 571.761482] RIP: 0033:0x445be9 [ 571.764659] RSP: 002b:00007f00f7eebdb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 571.772388] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 0000000000445be9 [ 571.779647] RDX: 00000000200003c0 RSI: 0000000020000380 RDI: 0000000020000340 [ 571.786964] RBP: 00000000006dbc30 R08: 0000000000000000 R09: 0000000000000000 [ 571.794282] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dbc3c [ 571.801589] R13: 00007ffeca2b48df R14: 00007f00f7eec9c0 R15: 0000000000000002 [ 571.808871] [ 571.808871] Showing all locks held in the system: [ 571.815228] 1 lock held by khungtaskd/1057: [ 571.819666] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a [ 571.828752] 3 locks held by syz-executor309/6323: [ 571.833625] #0: (&lo->lo_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c40 [ 571.842253] #1: (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 571.851253] #2: (&type->s_umount_key#57){.+.+}, at: [] __get_super.part.0+0x1c6/0x280 [ 571.861024] 2 locks held by syz-executor309/6327: [ 571.865847] #0: (&type->s_umount_key#56/1){+.+.}, at: [] sget_userns+0x556/0xc30 [ 571.875149] #1: (&lo->lo_ctl_mutex/1){+.+.}, at: [] lo_ioctl+0x87/0x1c40 [ 571.883787] [ 571.885413] ============================================= [ 571.885413] [ 571.892454] NMI backtrace for cpu 0 [ 571.896067] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.175-syzkaller #0 [ 571.903490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.912819] Call Trace: [ 571.915381] dump_stack+0x13e/0x194 [ 571.918987] nmi_cpu_backtrace.cold+0x57/0x93 [ 571.923462] ? irq_force_complete_move.cold+0x7b/0x7b [ 571.928628] nmi_trigger_cpumask_backtrace+0x139/0x17e [ 571.933937] watchdog+0x5e2/0xb80 [ 571.937368] ? hungtask_pm_notify+0x50/0x50 [ 571.941698] kthread+0x30d/0x420 [ 571.945058] ? kthread_create_on_node+0xd0/0xd0 [ 571.949718] ret_from_fork+0x24/0x30 [ 571.953518] Sending NMI from CPU 0 to CPUs 1: [ 571.958554] NMI backtrace for cpu 1 [ 571.958558] CPU: 1 PID: 3626 Comm: systemd-journal Not tainted 4.14.175-syzkaller #0 [ 571.958561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.958564] task: ffff8880944783c0 task.stack: ffff888094480000 [ 571.958566] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x50 [ 571.958569] RSP: 0018:ffff8880944876e8 EFLAGS: 00000286 [ 571.958573] RAX: ffff8880944783c0 RBX: 00007fa5a2bc7840 RCX: 1ffffffff0f419ad [ 571.958576] RDX: 0000000000000000 RSI: ffffffff86e45540 RDI: 00007fa5a2bc7840 [ 571.958579] RBP: 00007fa5a2bc7840 R08: 0000000000000000 R09: 0000000000020012 [ 571.958582] R10: ffff888094478c40 R11: ffff8880944783c0 R12: 0000000000000000 [ 571.958584] R13: 0000000000000000 R14: 00007fa5a2bc7840 R15: ffff88809ea722af [ 571.958587] FS: 00007fa5a36378c0(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 571.958590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 571.958593] CR2: 00007fa5a09e5000 CR3: 0000000094c85000 CR4: 00000000001406e0 [ 571.958595] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 571.958598] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 571.958600] Call Trace: [ 571.958602] bpf_prog_kallsyms_find+0x16/0x260 [ 571.958604] is_bpf_text_address+0x5e/0x120 [ 571.958606] kernel_text_address+0x6e/0xe0 [ 571.958608] __kernel_text_address+0x9/0x30 [ 571.958610] unwind_get_return_address+0x5a/0xa0 [ 571.958612] __save_stack_trace+0x7b/0xd0 [ 571.958613] save_stack+0x32/0xa0 [ 571.958615] ? save_stack+0x32/0xa0 [ 571.958617] ? kasan_kmalloc+0xbf/0xe0 [ 571.958619] ? kmem_cache_alloc+0x127/0x770 [ 571.958621] ? selinux_file_alloc_security+0xaf/0x190 [ 571.958623] ? security_file_alloc+0x66/0xa0 [ 571.958625] ? get_empty_filp+0x15c/0x3e0 [ 571.958627] ? path_openat+0x8d/0x3c50 [ 571.958629] ? do_filp_open+0x18e/0x250 [ 571.958631] ? do_sys_open+0x29d/0x3f0 [ 571.958632] ? do_syscall_64+0x1d5/0x640 [ 571.958635] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 571.958637] ? get_empty_filp+0x86/0x3e0 [ 571.958638] ? path_openat+0x8d/0x3c50 [ 571.958640] ? do_filp_open+0x18e/0x250 [ 571.958642] ? trace_hardirqs_on+0x10/0x10 [ 571.958644] ? save_trace+0x290/0x290 [ 571.958646] ? find_held_lock+0x2d/0x110 [ 571.958648] ? find_held_lock+0x2d/0x110 [ 571.958650] ? fs_reclaim_acquire+0x10/0x10 [ 571.958652] ? kasan_unpoison_shadow+0x30/0x40 [ 571.958654] kasan_kmalloc+0xbf/0xe0 [ 571.958656] kmem_cache_alloc+0x127/0x770 [ 571.958658] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 571.958660] ? rcu_read_lock_sched_held+0x10a/0x130 [ 571.958662] selinux_file_alloc_security+0xaf/0x190 [ 571.958664] security_file_alloc+0x66/0xa0 [ 571.958666] ? selinux_is_enabled+0x5/0x50 [ 571.958668] get_empty_filp+0x15c/0x3e0 [ 571.958670] path_openat+0x8d/0x3c50 [ 571.958672] ? __lock_acquire+0x5f7/0x4620 [ 571.958674] ? trace_hardirqs_on+0x10/0x10 [ 571.958676] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 571.958678] ? __lock_is_held+0xad/0x140 [ 571.958680] do_filp_open+0x18e/0x250 [ 571.958682] ? may_open_dev+0xe0/0xe0 [ 571.958684] ? find_held_lock+0x2d/0x110 [ 571.958685] ? __alloc_fd+0x1bf/0x490 [ 571.958687] ? lock_downgrade+0x6e0/0x6e0 [ 571.958689] ? do_raw_spin_unlock+0x164/0x250 [ 571.958691] ? __alloc_fd+0x1bf/0x490 [ 571.958693] do_sys_open+0x29d/0x3f0 [ 571.958700] ? filp_open+0x60/0x60 [ 571.958702] ? do_syscall_64+0x4c/0x640 [ 571.958704] ? do_sys_open+0x3f0/0x3f0 [ 571.958706] do_syscall_64+0x1d5/0x640 [ 571.958708] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 571.958710] RIP: 0033:0x7fa5a2bc7840 [ 571.958712] RSP: 002b:00007ffc9865b3d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 571.958716] RAX: ffffffffffffffda RBX: 00007ffc9865b6e0 RCX: 00007fa5a2bc7840 [ 571.958719] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 0000562ca9857860 [ 571.958722] RBP: 000000000000000d R08: 000000000000c0c1 R09: 00000000ffffffff [ 571.958725] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 571.958727] R13: 0000562ca984a060 R14: 00007ffc9865b6a0 R15: 0000562ca9857680 [ 571.958729] Code: 00 48 c7 c7 c0 90 ad 86 4c 89 3d fc af fe 08 41 bd f4 ff ff ff e8 6c bd ee ff 48 c7 05 e6 af fe 08 00 00 00 00 e9 be ed ff ff 90 <65> 48 8b 04 25 40 ee 01 00 48 85 c0 74 1a 65 8b 15 1b a7 a7 7e [ 571.959022] Kernel panic - not syncing: hung_task: blocked tasks [ 572.364926] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.175-syzkaller #0 [ 572.372470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 572.381833] Call Trace: [ 572.384433] dump_stack+0x13e/0x194 [ 572.388127] panic+0x1f9/0x42d [ 572.391299] ? add_taint.cold+0x16/0x16 [ 572.395256] ? irq_force_complete_move.cold+0x7b/0x7b [ 572.400419] watchdog+0x5f3/0xb80 [ 572.403848] ? hungtask_pm_notify+0x50/0x50 [ 572.408141] kthread+0x30d/0x420 [ 572.411484] ? kthread_create_on_node+0xd0/0xd0 [ 572.416127] ret_from_fork+0x24/0x30 [ 572.421247] Kernel Offset: disabled [ 572.424869] Rebooting in 86400 seconds..