[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   56.674173][   T26] audit: type=1800 audit(1563974726.196:25): pid=8517 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   56.695552][   T26] audit: type=1800 audit(1563974726.206:26): pid=8517 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   56.716888][   T26] audit: type=1800 audit(1563974726.206:27): pid=8517 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts.
2019/07/24 13:40:49 parsed 1 programs
2019/07/24 13:40:51 executed programs: 0
syzkaller login: [  982.026605][ T8686] IPVS: ftp: loaded support on port[0] = 21
[  982.090145][ T8686] chnl_net:caif_netlink_parms(): no params data found
[  982.117873][ T8686] bridge0: port 1(bridge_slave_0) entered blocking state
[  982.125636][ T8686] bridge0: port 1(bridge_slave_0) entered disabled state
[  982.133578][ T8686] device bridge_slave_0 entered promiscuous mode
[  982.142157][ T8686] bridge0: port 2(bridge_slave_1) entered blocking state
[  982.149735][ T8686] bridge0: port 2(bridge_slave_1) entered disabled state
[  982.158034][ T8686] device bridge_slave_1 entered promiscuous mode
[  982.174896][ T8686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  982.185718][ T8686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  982.203912][ T8686] team0: Port device team_slave_0 added
[  982.211291][ T8686] team0: Port device team_slave_1 added
[  982.277324][ T8686] device hsr_slave_0 entered promiscuous mode
[  982.306743][ T8686] device hsr_slave_1 entered promiscuous mode
[  982.353251][ T8686] bridge0: port 2(bridge_slave_1) entered blocking state
[  982.360507][ T8686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  982.368358][ T8686] bridge0: port 1(bridge_slave_0) entered blocking state
[  982.375496][ T8686] bridge0: port 1(bridge_slave_0) entered forwarding state
[  982.410345][ T8686] 8021q: adding VLAN 0 to HW filter on device bond0
[  982.421724][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  982.441721][   T22] bridge0: port 1(bridge_slave_0) entered disabled state
[  982.450214][   T22] bridge0: port 2(bridge_slave_1) entered disabled state
[  982.459443][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  982.470572][ T8686] 8021q: adding VLAN 0 to HW filter on device team0
[  982.481245][ T2818] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  982.490323][ T2818] bridge0: port 1(bridge_slave_0) entered blocking state
[  982.497408][ T2818] bridge0: port 1(bridge_slave_0) entered forwarding state
[  982.508168][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  982.517438][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  982.524665][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  982.546129][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  982.554687][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  982.564518][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  982.578345][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  982.586780][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  982.597928][ T8686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  982.616771][ T8686] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/07/24 13:40:56 executed programs: 29
2019/07/24 13:41:01 executed programs: 62
2019/07/24 13:41:06 executed programs: 95
2019/07/24 13:41:12 executed programs: 128
2019/07/24 13:41:17 executed programs: 161
2019/07/24 13:41:22 executed programs: 193
2019/07/24 13:41:27 executed programs: 225
2019/07/24 13:41:32 executed programs: 257
2019/07/24 13:41:37 executed programs: 289
2019/07/24 13:41:42 executed programs: 320
2019/07/24 13:41:47 executed programs: 351
2019/07/24 13:41:52 executed programs: 385
2019/07/24 13:41:57 executed programs: 419
2019/07/24 13:42:03 executed programs: 453
2019/07/24 13:42:08 executed programs: 486
2019/07/24 13:42:13 executed programs: 519
2019/07/24 13:42:18 executed programs: 553
2019/07/24 13:42:23 executed programs: 587
2019/07/24 13:42:28 executed programs: 620
2019/07/24 13:42:33 executed programs: 652
2019/07/24 13:42:38 executed programs: 684
2019/07/24 13:42:43 executed programs: 717
2019/07/24 13:42:48 executed programs: 750
[ 1260.415535][ T1053] INFO: task syz-executor.0:13247 can't die for more than 143 seconds.
[ 1260.423993][ T1053] syz-executor.0  D28968 13247   8686 0x00004006
[ 1260.430974][ T1053] Call Trace:
[ 1260.434522][ T1053]  __schedule+0x755/0x1580
[ 1260.439040][ T1053]  ? __sched_text_start+0x8/0x8
[ 1260.443899][ T1053]  ? prepare_to_wait_event+0x12b/0x730
[ 1260.449594][ T1053]  schedule+0xa8/0x270
[ 1260.453685][ T1053]  perf_event_free_task+0x50d/0x6d0
[ 1260.458945][ T1053]  ? trace_hardirqs_off+0x62/0x240
[ 1260.464074][ T1053]  ? perf_event_exit_task+0xbc0/0xbc0
[ 1260.469517][ T1053]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1260.475020][ T1053]  ? init_wait_var_entry+0x1b0/0x1b0
[ 1260.480405][ T1053]  ? security_task_free+0x90/0xf0
[ 1260.485515][ T1053]  copy_process+0x45d4/0x6b00
[ 1260.490303][ T1053]  ? __cleanup_sighand+0x60/0x60
[ 1260.495363][ T1053]  ? find_held_lock+0x35/0x130
[ 1260.500146][ T1053]  _do_fork+0x146/0xfa0
[ 1260.504888][ T1053]  ? copy_init_mm+0x20/0x20
[ 1260.514646][ T1053]  ? __kasan_check_read+0x11/0x20
[ 1260.519716][ T1053]  ? _copy_to_user+0x118/0x160
[ 1260.524472][ T1053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1260.530781][ T1053]  ? put_timespec64+0xda/0x140
[ 1260.535565][ T1053]  __x64_sys_clone+0x18d/0x250
[ 1260.540357][ T1053]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1260.545418][ T1053]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1260.550738][ T1053]  ? trace_hardirqs_on+0x67/0x240
[ 1260.556572][ T1053]  do_syscall_64+0xfa/0x760
[ 1260.561079][ T1053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1260.567010][ T1053] RIP: 0033:0x459829
[ 1260.570920][ T1053] Code: dd fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 48 83 ec 28 48 89 6c 24 20 48 <8d> 6c 24 20 48 8b 44 24 30 48 89 04 24 48 8b 4c 24 38 48 89 4c 24
[ 1260.590751][ T1053] RSP: 002b:00007f5228ecec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1260.599220][ T1053] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459829
[ 1260.607229][ T1053] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000002102001ffe
[ 1260.615202][ T1053] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1260.623427][ T1053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5228ecf6d4
[ 1260.631442][ T1053] R13: 00000000004bfce6 R14: 00000000004d17f8 R15: 00000000ffffffff
[ 1260.639559][ T1053] INFO: task syz-executor.0:13247 blocked for more than 143 seconds.
[ 1260.647715][ T1053]       Not tainted 5.3.0-rc1-next-20190724 #50
[ 1260.653956][ T1053] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1260.662712][ T1053] syz-executor.0  D28968 13247   8686 0x00004006
[ 1260.669095][ T1053] Call Trace:
[ 1260.672388][ T1053]  __schedule+0x755/0x1580
[ 1260.676961][ T1053]  ? __sched_text_start+0x8/0x8
[ 1260.681827][ T1053]  ? prepare_to_wait_event+0x12b/0x730
[ 1260.688544][ T1053]  schedule+0xa8/0x270
[ 1260.692682][ T1053]  perf_event_free_task+0x50d/0x6d0
[ 1260.698078][ T1053]  ? trace_hardirqs_off+0x62/0x240
[ 1260.703194][ T1053]  ? perf_event_exit_task+0xbc0/0xbc0
[ 1260.708614][ T1053]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1260.713912][ T1053]  ? init_wait_var_entry+0x1b0/0x1b0
[ 1260.719277][ T1053]  ? security_task_free+0x90/0xf0
[ 1260.724331][ T1053]  copy_process+0x45d4/0x6b00
[ 1260.729203][ T1053]  ? __cleanup_sighand+0x60/0x60
[ 1260.734281][ T1053]  ? find_held_lock+0x35/0x130
[ 1260.739359][ T1053]  _do_fork+0x146/0xfa0
[ 1260.743585][ T1053]  ? copy_init_mm+0x20/0x20
[ 1260.748235][ T1053]  ? __kasan_check_read+0x11/0x20
[ 1260.753409][ T1053]  ? _copy_to_user+0x118/0x160
[ 1260.758604][ T1053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1260.765043][ T1053]  ? put_timespec64+0xda/0x140
[ 1260.770084][ T1053]  __x64_sys_clone+0x18d/0x250
[ 1260.774853][ T1053]  ? __ia32_sys_vfork+0xc0/0xc0
[ 1260.779782][ T1053]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1260.785274][ T1053]  ? trace_hardirqs_on+0x67/0x240
[ 1260.790440][ T1053]  do_syscall_64+0xfa/0x760
[ 1260.795263][ T1053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1260.801347][ T1053] RIP: 0033:0x459829
[ 1260.805394][ T1053] Code: dd fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff 48 3b 61 10 76 68 48 83 ec 28 48 89 6c 24 20 48 <8d> 6c 24 20 48 8b 44 24 30 48 89 04 24 48 8b 4c 24 38 48 89 4c 24
[ 1260.826312][ T1053] RSP: 002b:00007f5228ecec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1260.834862][ T1053] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459829
[ 1260.842989][ T1053] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000002102001ffe
[ 1260.851269][ T1053] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1260.859349][ T1053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5228ecf6d4
[ 1260.867387][ T1053] R13: 00000000004bfce6 R14: 00000000004d17f8 R15: 00000000ffffffff
[ 1260.875598][ T1053] 
[ 1260.875598][ T1053] Showing all locks held in the system:
[ 1260.883333][ T1053] 1 lock held by khungtaskd/1053:
[ 1260.888560][ T1053]  #0: 00000000e6a86c16 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[ 1260.897976][ T1053] 1 lock held by rsyslogd/8555:
[ 1260.902914][ T1053]  #0: 00000000044c6db8 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[ 1260.911617][ T1053] 2 locks held by getty/8645:
[ 1260.916396][ T1053]  #0: 00000000fcda5e60 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1260.925409][ T1053]  #1: 00000000d530c077 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1260.935102][ T1053] 2 locks held by getty/8646:
[ 1260.939947][ T1053]  #0: 000000009af8af26 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1260.949397][ T1053]  #1: 00000000a93f9fc7 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1260.959420][ T1053] 2 locks held by getty/8647:
[ 1260.964092][ T1053]  #0: 0000000006042b6f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1260.973109][ T1053]  #1: 0000000021e475b5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1260.982766][ T1053] 2 locks held by getty/8648:
[ 1260.987512][ T1053]  #0: 00000000e4fae33c (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1260.996563][ T1053]  #1: 00000000348a3306 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1261.006460][ T1053] 2 locks held by getty/8649:
[ 1261.011126][ T1053]  #0: 0000000046bb1a2d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1261.020454][ T1053]  #1: 000000008685a5d4 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1261.030424][ T1053] 2 locks held by getty/8650:
[ 1261.035213][ T1053]  #0: 000000005eb0d524 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1261.044517][ T1053]  #1: 00000000af61bedc (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1261.054198][ T1053] 2 locks held by getty/8651:
[ 1261.059260][ T1053]  #0: 0000000027ac4c91 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[ 1261.068285][ T1053]  #1: 00000000a75b3dc3 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10
[ 1261.077944][ T1053] 
[ 1261.080271][ T1053] =============================================
[ 1261.080271][ T1053] 
[ 1261.088892][ T1053] NMI backtrace for cpu 1
[ 1261.093349][ T1053] CPU: 1 PID: 1053 Comm: khungtaskd Not tainted 5.3.0-rc1-next-20190724 #50
[ 1261.102253][ T1053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1261.112378][ T1053] Call Trace:
[ 1261.115727][ T1053]  dump_stack+0x172/0x1f0
[ 1261.120117][ T1053]  nmi_cpu_backtrace.cold+0x70/0xb2
[ 1261.125343][ T1053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1261.131591][ T1053]  ? lapic_can_unplug_cpu.cold+0x45/0x45
[ 1261.137233][ T1053]  nmi_trigger_cpumask_backtrace+0x23b/0x28b
[ 1261.143449][ T1053]  arch_trigger_cpumask_backtrace+0x14/0x20
[ 1261.149487][ T1053]  watchdog+0xc54/0x1320
[ 1261.153930][ T1053]  kthread+0x361/0x430
[ 1261.157989][ T1053]  ? reset_hung_task_detector+0x30/0x30
[ 1261.163618][ T1053]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 1261.169960][ T1053]  ret_from_fork+0x24/0x30
[ 1261.174586][ T1053] Sending NMI from CPU 1 to CPUs 0:
[ 1261.179905][    C0] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0xe/0x10
[ 1261.180838][ T1053] Kernel panic - not syncing: hung_task: blocked tasks
[ 1261.195114][ T1053] CPU: 1 PID: 1053 Comm: khungtaskd Not tainted 5.3.0-rc1-next-20190724 #50
[ 1261.204004][ T1053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1261.214471][ T1053] Call Trace:
[ 1261.217848][ T1053]  dump_stack+0x172/0x1f0
[ 1261.222169][ T1053]  panic+0x2dc/0x755
[ 1261.226131][ T1053]  ? add_taint.cold+0x16/0x16
[ 1261.230905][ T1053]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1261.236687][ T1053]  ? printk_safe_flush+0xf2/0x140
[ 1261.241716][ T1053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1261.247957][ T1053]  ? nmi_trigger_cpumask_backtrace+0x224/0x28b
[ 1261.254107][ T1053]  ? nmi_trigger_cpumask_backtrace+0x21b/0x28b
[ 1261.260419][ T1053]  watchdog+0xc65/0x1320
[ 1261.264666][ T1053]  kthread+0x361/0x430
[ 1261.268720][ T1053]  ? reset_hung_task_detector+0x30/0x30
[ 1261.274263][ T1053]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 1261.280511][ T1053]  ret_from_fork+0x24/0x30
[ 1261.286594][ T1053] Kernel Offset: disabled
[ 1261.291119][ T1053] Rebooting in 86400 seconds..