[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[   75.771252][   T27] audit: type=1800 audit(1580623921.581:25): pid=9665 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   75.791870][   T27] audit: type=1800 audit(1580623921.581:26): pid=9665 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   75.827508][   T27] audit: type=1800 audit(1580623921.581:27): pid=9665 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.102' (ECDSA) to the list of known hosts.
syzkaller login: [  401.641745][ T9830] IPVS: ftp: loaded support on port[0] = 21
[  401.645023][ T9832] IPVS: ftp: loaded support on port[0] = 21
[  401.651364][ T9826] IPVS: ftp: loaded support on port[0] = 21
[  401.670930][ T9833] IPVS: ftp: loaded support on port[0] = 21
[  401.678857][ T9831] IPVS: ftp: loaded support on port[0] = 21
[  401.687796][ T9834] IPVS: ftp: loaded support on port[0] = 21
executing program
executing program
executing program
executing program
executing program
executing program
[  562.017840][ T1099] INFO: task syz-executor410:9836 blocked for more than 143 seconds.
[  562.017861][ T1099]       Not tainted 5.5.0-syzkaller #0
[  562.017867][ T1099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.017875][ T1099] syz-executor410 D28040  9836   9826 0x20020004
[  562.017900][ T1099] Call Trace:
[  562.018067][ T1099]  __schedule+0x934/0x1f90
[  562.018097][ T1099]  ? __sched_text_start+0x8/0x8
[  562.018145][ T1099]  ? lock_downgrade+0x920/0x920
[  562.018163][ T1099]  ? rwlock_bug.part.0+0x90/0x90
[  562.018192][ T1099]  schedule+0xdc/0x2b0
[  562.018214][ T1099]  schedule_preempt_disabled+0x13/0x20
[  562.018239][ T1099]  __mutex_lock+0x7ab/0x13c0
[  562.018294][ T1099]  ? fb_open+0xd7/0x450
[  562.018320][ T1099]  ? mutex_trylock+0x2d0/0x2d0
[  562.018371][ T1099]  ? __kasan_check_write+0x14/0x20
[  562.018387][ T1099]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  562.018440][ T1099]  ? chrdev_open+0xca/0x6b0
[  562.018486][ T1099]  mutex_lock_nested+0x16/0x20
[  562.018502][ T1099]  ? mutex_lock_nested+0x16/0x20
[  562.018517][ T1099]  fb_open+0xd7/0x450
[  562.018540][ T1099]  ? get_fb_info.part.0+0x80/0x80
[  562.018555][ T1099]  chrdev_open+0x245/0x6b0
[  562.018578][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.018624][ T1099]  ? security_file_open+0x87/0x300
[  562.018647][ T1099]  do_dentry_open+0x4e6/0x1380
[  562.018662][ T1099]  ? __kasan_check_read+0x11/0x20
[  562.018680][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.018705][ T1099]  ? chown_common+0x5c0/0x5c0
[  562.018724][ T1099]  ? inode_permission+0xb4/0x520
[  562.018751][ T1099]  vfs_open+0xa0/0xd0
[  562.018769][ T1099]  path_openat+0x12ee/0x3490
[  562.018811][ T1099]  ? path_mountpoint.isra.0+0x370/0x370
[  562.018824][ T1099]  ? __lock_acquire+0x16f2/0x4a00
[  562.018883][ T1099]  ? __alloc_fd+0x487/0x620
[  562.018910][ T1099]  do_filp_open+0x192/0x260
[  562.018929][ T1099]  ? may_open_dev+0x100/0x100
[  562.018971][ T1099]  ? do_raw_spin_unlock+0x181/0x270
[  562.018992][ T1099]  ? _raw_spin_unlock+0x28/0x40
[  562.019010][ T1099]  ? __alloc_fd+0x487/0x620
[  562.019052][ T1099]  do_sys_openat2+0x5eb/0x7e0
[  562.019077][ T1099]  ? file_open_root+0x430/0x430
[  562.019138][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.019173][ T1099]  ? debug_smp_processor_id+0x33/0x18a
[  562.019235][ T1099]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  562.019261][ T1099]  do_sys_open+0xf2/0x180
[  562.019280][ T1099]  ? filp_open+0x80/0x80
[  562.019312][ T1099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  562.019330][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.019348][ T1099]  ? entry_SYSENTER_compat+0x70/0x7f
[  562.019365][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.019391][ T1099]  __ia32_compat_sys_openat+0x98/0xf0
[  562.019416][ T1099]  do_fast_syscall_32+0x27b/0xe16
[  562.019445][ T1099]  entry_SYSENTER_compat+0x70/0x7f
[  562.019457][ T1099] RIP: 0023:0xf7f24e39
[  562.019515][ T1099] Code: Bad RIP value.
[  562.019524][ T1099] RSP: 002b:00000000ffc652bc EFLAGS: 00000207 ORIG_RAX: 0000000000000127
[  562.019539][ T1099] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  562.019548][ T1099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000080bc867
[  562.019557][ T1099] RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
[  562.019567][ T1099] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.019576][ T1099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.019619][ T1099] INFO: task syz-executor410:9837 blocked for more than 143 seconds.
[  562.019628][ T1099]       Not tainted 5.5.0-syzkaller #0
[  562.019634][ T1099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.019640][ T1099] syz-executor410 D28056  9837   9832 0x20020004
[  562.019663][ T1099] Call Trace:
[  562.019685][ T1099]  __schedule+0x934/0x1f90
[  562.019713][ T1099]  ? __sched_text_start+0x8/0x8
[  562.019726][ T1099]  ? lock_downgrade+0x920/0x920
[  562.019740][ T1099]  ? rwlock_bug.part.0+0x90/0x90
[  562.019767][ T1099]  schedule+0xdc/0x2b0
[  562.019789][ T1099]  schedule_preempt_disabled+0x13/0x20
[  562.019804][ T1099]  __mutex_lock+0x7ab/0x13c0
[  562.019825][ T1099]  ? fb_open+0xd7/0x450
[  562.019850][ T1099]  ? mutex_trylock+0x2d0/0x2d0
[  562.019871][ T1099]  ? __kasan_check_write+0x14/0x20
[  562.019887][ T1099]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  562.019903][ T1099]  ? chrdev_open+0xca/0x6b0
[  562.019948][ T1099]  mutex_lock_nested+0x16/0x20
[  562.019964][ T1099]  ? mutex_lock_nested+0x16/0x20
[  562.019979][ T1099]  fb_open+0xd7/0x450
[  562.020002][ T1099]  ? get_fb_info.part.0+0x80/0x80
[  562.020016][ T1099]  chrdev_open+0x245/0x6b0
[  562.020039][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.020063][ T1099]  ? security_file_open+0x87/0x300
[  562.020086][ T1099]  do_dentry_open+0x4e6/0x1380
[  562.020100][ T1099]  ? __kasan_check_read+0x11/0x20
[  562.020118][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.020143][ T1099]  ? chown_common+0x5c0/0x5c0
[  562.020161][ T1099]  ? inode_permission+0xb4/0x520
[  562.020189][ T1099]  vfs_open+0xa0/0xd0
[  562.020206][ T1099]  path_openat+0x12ee/0x3490
[  562.020255][ T1099]  ? path_mountpoint.isra.0+0x370/0x370
[  562.020268][ T1099]  ? __lock_acquire+0x16f2/0x4a00
[  562.020300][ T1099]  ? __alloc_fd+0x487/0x620
[  562.020326][ T1099]  do_filp_open+0x192/0x260
[  562.020345][ T1099]  ? may_open_dev+0x100/0x100
[  562.020387][ T1099]  ? do_raw_spin_unlock+0x181/0x270
[  562.020408][ T1099]  ? _raw_spin_unlock+0x28/0x40
[  562.020426][ T1099]  ? __alloc_fd+0x487/0x620
[  562.020467][ T1099]  do_sys_openat2+0x5eb/0x7e0
[  562.020492][ T1099]  ? file_open_root+0x430/0x430
[  562.020515][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.020531][ T1099]  ? debug_smp_processor_id+0x33/0x18a
[  562.020551][ T1099]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  562.020576][ T1099]  do_sys_open+0xf2/0x180
[  562.020596][ T1099]  ? filp_open+0x80/0x80
[  562.020621][ T1099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  562.020640][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.020657][ T1099]  ? entry_SYSENTER_compat+0x70/0x7f
[  562.020674][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.020700][ T1099]  __ia32_compat_sys_openat+0x98/0xf0
[  562.020725][ T1099]  do_fast_syscall_32+0x27b/0xe16
[  562.020752][ T1099]  entry_SYSENTER_compat+0x70/0x7f
[  562.020763][ T1099] RIP: 0023:0xf7f24e39
[  562.020777][ T1099] Code: Bad RIP value.
[  562.020786][ T1099] RSP: 002b:00000000ffc652bc EFLAGS: 00000207 ORIG_RAX: 0000000000000127
[  562.020800][ T1099] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  562.020809][ T1099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000080bc867
[  562.020818][ T1099] RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
[  562.020827][ T1099] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.020835][ T1099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.020877][ T1099] INFO: task syz-executor410:9838 blocked for more than 143 seconds.
[  562.020885][ T1099]       Not tainted 5.5.0-syzkaller #0
[  562.020891][ T1099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.020897][ T1099] syz-executor410 D28056  9838   9834 0x20024004
[  562.020917][ T1099] Call Trace:
[  562.020939][ T1099]  __schedule+0x934/0x1f90
[  562.020968][ T1099]  ? __sched_text_start+0x8/0x8
[  562.020980][ T1099]  ? lock_downgrade+0x920/0x920
[  562.020998][ T1099]  ? rwlock_bug.part.0+0x90/0x90
[  562.021026][ T1099]  schedule+0xdc/0x2b0
[  562.021048][ T1099]  schedule_preempt_disabled+0x13/0x20
[  562.021063][ T1099]  __mutex_lock+0x7ab/0x13c0
[  562.021084][ T1099]  ? fb_open+0xd7/0x450
[  562.021110][ T1099]  ? mutex_trylock+0x2d0/0x2d0
[  562.021130][ T1099]  ? __kasan_check_write+0x14/0x20
[  562.021146][ T1099]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  562.021162][ T1099]  ? chrdev_open+0xca/0x6b0
[  562.021208][ T1099]  mutex_lock_nested+0x16/0x20
[  562.021224][ T1099]  ? mutex_lock_nested+0x16/0x20
[  562.021244][ T1099]  fb_open+0xd7/0x450
[  562.021266][ T1099]  ? get_fb_info.part.0+0x80/0x80
[  562.021281][ T1099]  chrdev_open+0x245/0x6b0
[  562.021304][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.021327][ T1099]  ? security_file_open+0x87/0x300
[  562.021351][ T1099]  do_dentry_open+0x4e6/0x1380
[  562.021365][ T1099]  ? __kasan_check_read+0x11/0x20
[  562.021384][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.021408][ T1099]  ? chown_common+0x5c0/0x5c0
[  562.021427][ T1099]  ? inode_permission+0xb4/0x520
[  562.021455][ T1099]  vfs_open+0xa0/0xd0
[  562.021472][ T1099]  path_openat+0x12ee/0x3490
[  562.021514][ T1099]  ? path_mountpoint.isra.0+0x370/0x370
[  562.021527][ T1099]  ? __lock_acquire+0x16f2/0x4a00
[  562.021559][ T1099]  ? __alloc_fd+0x487/0x620
[  562.021585][ T1099]  do_filp_open+0x192/0x260
[  562.021604][ T1099]  ? may_open_dev+0x100/0x100
[  562.021647][ T1099]  ? do_raw_spin_unlock+0x181/0x270
[  562.021667][ T1099]  ? _raw_spin_unlock+0x28/0x40
[  562.021685][ T1099]  ? __alloc_fd+0x487/0x620
[  562.021726][ T1099]  do_sys_openat2+0x5eb/0x7e0
[  562.021751][ T1099]  ? file_open_root+0x430/0x430
[  562.021774][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.021790][ T1099]  ? debug_smp_processor_id+0x33/0x18a
[  562.021815][ T1099]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  562.021840][ T1099]  do_sys_open+0xf2/0x180
[  562.021859][ T1099]  ? filp_open+0x80/0x80
[  562.021885][ T1099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  562.021903][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.021920][ T1099]  ? entry_SYSENTER_compat+0x70/0x7f
[  562.021937][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.021964][ T1099]  __ia32_compat_sys_openat+0x98/0xf0
[  562.021988][ T1099]  do_fast_syscall_32+0x27b/0xe16
[  562.022016][ T1099]  entry_SYSENTER_compat+0x70/0x7f
[  562.022026][ T1099] RIP: 0023:0xf7f24e39
[  562.022040][ T1099] Code: Bad RIP value.
[  562.022049][ T1099] RSP: 002b:00000000ffc652bc EFLAGS: 00000207 ORIG_RAX: 0000000000000127
[  562.022063][ T1099] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  562.022072][ T1099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000080bc867
[  562.022081][ T1099] RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
[  562.022090][ T1099] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.022099][ T1099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.022140][ T1099] INFO: task syz-executor410:9839 blocked for more than 143 seconds.
[  562.022148][ T1099]       Not tainted 5.5.0-syzkaller #0
[  562.022154][ T1099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.022160][ T1099] syz-executor410 D28056  9839   9833 0x20020004
[  562.022180][ T1099] Call Trace:
[  562.022202][ T1099]  __schedule+0x934/0x1f90
[  562.022234][ T1099]  ? __sched_text_start+0x8/0x8
[  562.022247][ T1099]  ? lock_downgrade+0x920/0x920
[  562.022265][ T1099]  ? rwlock_bug.part.0+0x90/0x90
[  562.022293][ T1099]  schedule+0xdc/0x2b0
[  562.022315][ T1099]  schedule_preempt_disabled+0x13/0x20
[  562.022330][ T1099]  __mutex_lock+0x7ab/0x13c0
[  562.022352][ T1099]  ? fb_open+0xd7/0x450
[  562.022377][ T1099]  ? mutex_trylock+0x2d0/0x2d0
[  562.022397][ T1099]  ? __kasan_check_write+0x14/0x20
[  562.022413][ T1099]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  562.022429][ T1099]  ? chrdev_open+0xca/0x6b0
[  562.022474][ T1099]  mutex_lock_nested+0x16/0x20
[  562.022490][ T1099]  ? mutex_lock_nested+0x16/0x20
[  562.022506][ T1099]  fb_open+0xd7/0x450
[  562.022528][ T1099]  ? get_fb_info.part.0+0x80/0x80
[  562.022543][ T1099]  chrdev_open+0x245/0x6b0
[  562.022566][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.022589][ T1099]  ? security_file_open+0x87/0x300
[  562.022613][ T1099]  do_dentry_open+0x4e6/0x1380
[  562.022627][ T1099]  ? __kasan_check_read+0x11/0x20
[  562.022645][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.022670][ T1099]  ? chown_common+0x5c0/0x5c0
[  562.022688][ T1099]  ? inode_permission+0xb4/0x520
[  562.022715][ T1099]  vfs_open+0xa0/0xd0
[  562.022732][ T1099]  path_openat+0x12ee/0x3490
[  562.022774][ T1099]  ? path_mountpoint.isra.0+0x370/0x370
[  562.022787][ T1099]  ? __lock_acquire+0x16f2/0x4a00
[  562.022819][ T1099]  ? __alloc_fd+0x487/0x620
[  562.022845][ T1099]  do_filp_open+0x192/0x260
[  562.022864][ T1099]  ? may_open_dev+0x100/0x100
[  562.022906][ T1099]  ? do_raw_spin_unlock+0x181/0x270
[  562.022927][ T1099]  ? _raw_spin_unlock+0x28/0x40
[  562.022944][ T1099]  ? __alloc_fd+0x487/0x620
[  562.022986][ T1099]  do_sys_openat2+0x5eb/0x7e0
[  562.023011][ T1099]  ? file_open_root+0x430/0x430
[  562.023033][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.023049][ T1099]  ? debug_smp_processor_id+0x33/0x18a
[  562.023070][ T1099]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  562.023095][ T1099]  do_sys_open+0xf2/0x180
[  562.023114][ T1099]  ? filp_open+0x80/0x80
[  562.023139][ T1099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  562.023158][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.023175][ T1099]  ? entry_SYSENTER_compat+0x70/0x7f
[  562.023191][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.023218][ T1099]  __ia32_compat_sys_openat+0x98/0xf0
[  562.023247][ T1099]  do_fast_syscall_32+0x27b/0xe16
[  562.023275][ T1099]  entry_SYSENTER_compat+0x70/0x7f
[  562.023286][ T1099] RIP: 0023:0xf7f24e39
[  562.023300][ T1099] Code: Bad RIP value.
[  562.023309][ T1099] RSP: 002b:00000000ffc652bc EFLAGS: 00000207 ORIG_RAX: 0000000000000127
[  562.023323][ T1099] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  562.023332][ T1099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000080bc867
[  562.023341][ T1099] RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
[  562.023350][ T1099] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.023358][ T1099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.023399][ T1099] INFO: task syz-executor410:9840 blocked for more than 143 seconds.
[  562.023408][ T1099]       Not tainted 5.5.0-syzkaller #0
[  562.023414][ T1099] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  562.023420][ T1099] syz-executor410 D28056  9840   9831 0x20024004
[  562.023440][ T1099] Call Trace:
[  562.023461][ T1099]  __schedule+0x934/0x1f90
[  562.023490][ T1099]  ? __sched_text_start+0x8/0x8
[  562.023502][ T1099]  ? lock_downgrade+0x920/0x920
[  562.023520][ T1099]  ? rwlock_bug.part.0+0x90/0x90
[  562.023549][ T1099]  schedule+0xdc/0x2b0
[  562.023570][ T1099]  schedule_preempt_disabled+0x13/0x20
[  562.023586][ T1099]  __mutex_lock+0x7ab/0x13c0
[  562.023607][ T1099]  ? fb_open+0xd7/0x450
[  562.023632][ T1099]  ? mutex_trylock+0x2d0/0x2d0
[  562.023652][ T1099]  ? __kasan_check_write+0x14/0x20
[  562.023669][ T1099]  ? __mutex_unlock_slowpath+0xf0/0x6a0
[  562.023685][ T1099]  ? chrdev_open+0xca/0x6b0
[  562.023730][ T1099]  mutex_lock_nested+0x16/0x20
[  562.023746][ T1099]  ? mutex_lock_nested+0x16/0x20
[  562.023762][ T1099]  fb_open+0xd7/0x450
[  562.023784][ T1099]  ? get_fb_info.part.0+0x80/0x80
[  562.023799][ T1099]  chrdev_open+0x245/0x6b0
[  562.023822][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.023845][ T1099]  ? security_file_open+0x87/0x300
[  562.023869][ T1099]  do_dentry_open+0x4e6/0x1380
[  562.023883][ T1099]  ? __kasan_check_read+0x11/0x20
[  562.023901][ T1099]  ? cdev_put.part.0+0x50/0x50
[  562.023926][ T1099]  ? chown_common+0x5c0/0x5c0
[  562.023944][ T1099]  ? inode_permission+0xb4/0x520
[  562.023972][ T1099]  vfs_open+0xa0/0xd0
[  562.023989][ T1099]  path_openat+0x12ee/0x3490
[  562.024032][ T1099]  ? path_mountpoint.isra.0+0x370/0x370
[  562.024045][ T1099]  ? __lock_acquire+0x16f2/0x4a00
[  562.024077][ T1099]  ? __alloc_fd+0x487/0x620
[  562.024103][ T1099]  do_filp_open+0x192/0x260
[  562.024122][ T1099]  ? may_open_dev+0x100/0x100
[  562.024164][ T1099]  ? do_raw_spin_unlock+0x181/0x270
[  562.024185][ T1099]  ? _raw_spin_unlock+0x28/0x40
[  562.024202][ T1099]  ? __alloc_fd+0x487/0x620
[  562.024250][ T1099]  do_sys_openat2+0x5eb/0x7e0
[  562.024275][ T1099]  ? file_open_root+0x430/0x430
[  562.024297][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.024313][ T1099]  ? debug_smp_processor_id+0x33/0x18a
[  562.024334][ T1099]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  562.024359][ T1099]  do_sys_open+0xf2/0x180
[  562.024378][ T1099]  ? filp_open+0x80/0x80
[  562.024403][ T1099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  562.024421][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.024438][ T1099]  ? entry_SYSENTER_compat+0x70/0x7f
[  562.024455][ T1099]  ? do_fast_syscall_32+0xd1/0xe16
[  562.024482][ T1099]  __ia32_compat_sys_openat+0x98/0xf0
[  562.024506][ T1099]  do_fast_syscall_32+0x27b/0xe16
[  562.024534][ T1099]  entry_SYSENTER_compat+0x70/0x7f
[  562.024545][ T1099] RIP: 0023:0xf7f24e39
[  562.024559][ T1099] Code: Bad RIP value.
[  562.024567][ T1099] RSP: 002b:00000000ffc652bc EFLAGS: 00000207 ORIG_RAX: 0000000000000127
[  562.024581][ T1099] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000180
[  562.024590][ T1099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000080bc867
[  562.024599][ T1099] RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
[  562.024608][ T1099] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.024617][ T1099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.024654][ T1099] 
[  562.024654][ T1099] Showing all locks held in the system:
[  562.024669][ T1099] 1 lock held by khungtaskd/1099:
[  562.024674][ T1099]  #0: ffffffff89baa840 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279
[  562.024737][ T1099] 1 lock held by rsyslogd/9703:
[  562.024742][ T1099]  #0: ffff888091eb6da0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  562.024775][ T1099] 2 locks held by getty/9793:
[  562.024780][ T1099]  #0: ffff888097a77090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.024808][ T1099]  #1: ffffc9000616b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.024886][ T1099] 2 locks held by getty/9794:
[  562.024891][ T1099]  #0: ffff888094dbe090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.024918][ T1099]  #1: ffffc9000619b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.024952][ T1099] 2 locks held by getty/9795:
[  562.024957][ T1099]  #0: ffff888094bba090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.024984][ T1099]  #1: ffffc9000619f2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.025017][ T1099] 2 locks held by getty/9796:
[  562.025022][ T1099]  #0: ffff888094dbd090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.025050][ T1099]  #1: ffffc900061972e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.025083][ T1099] 2 locks held by getty/9797:
[  562.025088][ T1099]  #0: ffff888097a06090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.025116][ T1099]  #1: ffffc900061932e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.025149][ T1099] 2 locks held by getty/9798:
[  562.025154][ T1099]  #0: ffff8880979fd090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.025182][ T1099]  #1: ffffc9000617b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.025215][ T1099] 2 locks held by getty/9799:
[  562.025220][ T1099]  #0: ffff88808fb79090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  562.025253][ T1099]  #1: ffffc900061272e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0
[  562.025290][ T1099] 2 locks held by syz-executor410/9835:
[  562.025299][ T1099] 1 lock held by syz-executor410/9836:
[  562.025304][ T1099]  #0: ffff888218c5a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  562.025337][ T1099] 1 lock held by syz-executor410/9837:
[  562.025342][ T1099]  #0: ffff888218c5a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  562.025374][ T1099] 1 lock held by syz-executor410/9838:
[  562.025378][ T1099]  #0: ffff888218c5a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  562.025410][ T1099] 1 lock held by syz-executor410/9839:
[  562.025415][ T1099]  #0: ffff888218c5a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  562.025447][ T1099] 1 lock held by syz-executor410/9840:
[  562.025451][ T1099]  #0: ffff888218c5a070 (&fb_info->lock){+.+.}, at: fb_open+0xd7/0x450
[  562.025479][ T1099] 
[  562.025485][ T1099] =============================================
[  562.025485][ T1099] 
[  562.025492][ T1099] NMI backtrace for cpu 0
[  562.025507][ T1099] CPU: 0 PID: 1099 Comm: khungtaskd Not tainted 5.5.0-syzkaller #0
[  562.025516][ T1099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  562.025520][ T1099] Call Trace:
[  562.025586][ T1099]  dump_stack+0x197/0x210
[  562.025612][ T1099]  nmi_cpu_backtrace.cold+0x70/0xb2
[  562.025646][ T1099]  ? vprintk_func+0x86/0x189
[  562.025726][ T1099]  ? lapic_can_unplug_cpu.cold+0x3a/0x3a
[  562.025743][ T1099]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[  562.025769][ T1099]  arch_trigger_cpumask_backtrace+0x14/0x20
[  562.025785][ T1099]  watchdog+0xb11/0x10c0
[  562.025845][ T1099]  kthread+0x361/0x430
[  562.025877][ T1099]  ? reset_hung_task_detector+0x30/0x30
[  562.025894][ T1099]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  562.025916][ T1099]  ret_from_fork+0x24/0x30
[  562.025954][ T1099] Sending NMI from CPU 0 to CPUs 1:
[  562.026751][    C1] NMI backtrace for cpu 1
[  562.026757][    C1] CPU: 1 PID: 9835 Comm: syz-executor410 Not tainted 5.5.0-syzkaller #0
[  562.026764][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  562.026768][    C1] RIP: 0010:vga16fb_fillrect+0xa18/0x19b0
[  562.026781][    C1] Code: 2e 05 ac fd 31 ff 89 de 45 31 e4 e8 a2 06 ac fd 85 db 4d 89 f5 74 24 e8 16 05 ac fd 45 88 7d 00 41 83 c4 01 89 df 49 83 c5 01 <44> 89 e6 e8 00 06 ac fd 44 39 e3 75 e0 4c 03 75 c0 e8 f2 04 ac fd
[  562.026785][    C1] RSP: 0018:ffffc900062df468 EFLAGS: 00000286
[  562.026793][    C1] RAX: ffff8880a48621c0 RBX: 0000000000000050 RCX: ffffffff83c93040
[  562.026798][    C1] RDX: 0000000000000000 RSI: ffffffff83c9302a RDI: 0000000000000050
[  562.026804][    C1] RBP: ffffc900062df4c8 R08: ffff8880a48621c0 R09: ffffed10432f93b4
[  562.026809][    C1] R10: ffffed10432f93b3 R11: ffff8882197c9d9f R12: 0000000000000005
[  562.026814][    C1] R13: ffff8880000a0005 R14: ffff8880000a0000 R15: 0000000000000000
[  562.026821][    C1] FS:  0000000000000000(0000) GS:ffff8880ae900000(0063) knlGS:00000000099d3840
[  562.026825][    C1] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  562.026831][    C1] CR2: 0000000020000180 CR3: 000000009fdb8000 CR4: 00000000001406e0
[  562.026836][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  562.026841][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  562.026844][    C1] Call Trace:
[  562.026848][    C1]  bit_clear_margins+0x30b/0x530
[  562.026851][    C1]  ? bit_bmove+0x270/0x270
[  562.026855][    C1]  ? vesafb_probe.cold+0x1279/0x1279
[  562.026859][    C1]  fbcon_clear_margins+0x1e9/0x250
[  562.026862][    C1]  fbcon_switch+0xd7f/0x17f0
[  562.026866][    C1]  ? fbcon_set_def_font+0x360/0x360
[  562.026869][    C1]  ? fbcon_cursor+0x48c/0x660
[  562.026874][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.026877][    C1]  ? fbcon_set_origin+0x2b/0x50
[  562.026881][    C1]  ? fbcon_scrolldelta+0x1220/0x1220
[  562.026885][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.026889][    C1]  redraw_screen+0x2b6/0x7d0
[  562.026893][    C1]  ? vesafb_probe.cold+0x1279/0x1279
[  562.026896][    C1]  ? respond_string+0x2c0/0x2c0
[  562.026900][    C1]  ? fbcon_set_palette+0x3c4/0x4a0
[  562.026904][    C1]  fbcon_modechanged+0x5c3/0x790
[  562.026907][    C1]  fbcon_update_vcs+0x42/0x50
[  562.026910][    C1]  fb_set_var+0xb32/0xdd0
[  562.026914][    C1]  ? fb_blank+0x1a0/0x1a0
[  562.026917][    C1]  ? lock_acquire+0x190/0x410
[  562.026921][    C1]  ? __mutex_lock+0x458/0x13c0
[  562.026924][    C1]  ? down+0x50/0x90
[  562.026927][    C1]  ? do_fb_ioctl+0x335/0x7d0
[  562.026930][    C1]  do_fb_ioctl+0x390/0x7d0
[  562.026934][    C1]  ? fb_mmap+0x560/0x560
[  562.026938][    C1]  ? lockdep_hardirqs_on+0x421/0x5e0
[  562.026942][    C1]  ? tomoyo_path_number_perm+0x454/0x520
[  562.026946][    C1]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  562.026950][    C1]  ? tomoyo_path_number_perm+0x25e/0x520
[  562.026954][    C1]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  562.026957][    C1]  ? putname+0xef/0x130
[  562.026961][    C1]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  562.026966][    C1]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  562.026969][    C1]  ? do_vfs_ioctl+0x11b/0x1350
[  562.026972][    C1]  fb_compat_ioctl+0x305/0xc50
[  562.026974][    C1]  ? fb_release+0x150/0x150
[  562.026977][    C1]  ? do_sys_open+0xf2/0x180
[  562.026980][    C1]  ? tomoyo_file_ioctl+0x23/0x30
[  562.026984][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.026987][    C1]  ? fb_release+0x150/0x150
[  562.026990][    C1]  __ia32_compat_sys_ioctl+0x245/0x2c0
[  562.026993][    C1]  do_fast_syscall_32+0x27b/0xe16
[  562.026996][    C1]  entry_SYSENTER_compat+0x70/0x7f
[  562.026999][    C1] RIP: 0023:0xf7f24e39
[  562.027010][    C1] Code: 1d 00 00 00 89 d3 5b 5e 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  562.027013][    C1] RSP: 002b:00000000ffc652cc EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  562.027021][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[  562.027026][    C1] RDX: 0000000020000000 RSI: 000000000000000d RDI: 0000000000000001
[  562.027030][    C1] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000
[  562.027035][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  562.027040][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  562.027050][ T1099] Kernel panic - not syncing: hung_task: blocked tasks
[  562.027062][ T1099] CPU: 0 PID: 1099 Comm: khungtaskd Not tainted 5.5.0-syzkaller #0
[  562.027069][ T1099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  562.027072][ T1099] Call Trace:
[  562.027091][ T1099]  dump_stack+0x197/0x210
[  562.027138][ T1099]  panic+0x2e3/0x75c
[  562.027155][ T1099]  ? add_taint.cold+0x16/0x16
[  562.027176][ T1099]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  562.027193][ T1099]  ? printk_safe_flush+0xf2/0x140
[  562.027209][ T1099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.027235][ T1099]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[  562.027251][ T1099]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[  562.027275][ T1099]  watchdog+0xb22/0x10c0
[  562.027310][ T1099]  kthread+0x361/0x430
[  562.027327][ T1099]  ? reset_hung_task_detector+0x30/0x30
[  562.027344][ T1099]  ? kthread_mod_delayed_work+0x1f0/0x1f0
[  562.027365][ T1099]  ret_from_fork+0x24/0x30
[  562.029099][ T1099] Kernel Offset: disabled
[  564.539305][ T1099] Rebooting in 86400 seconds..