Warning: Permanently added '10.128.15.212' (ECDSA) to the list of known hosts.
syzkaller login: [  482.324198][   T35] audit: type=1400 audit(1613649439.862:8): avc:  denied  { execmem } for  pid=8427 comm="syz-executor216" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  482.354321][ T8428] IPVS: ftp: loaded support on port[0] = 21
[  482.462591][ T8428] chnl_net:caif_netlink_parms(): no params data found
[  482.522348][ T8428] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.530064][ T8428] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.538780][ T8428] device bridge_slave_0 entered promiscuous mode
[  482.548206][ T8428] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.556373][ T8428] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.564632][ T8428] device bridge_slave_1 entered promiscuous mode
[  482.587130][ T8428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  482.598494][ T8428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  482.624254][ T8428] team0: Port device team_slave_0 added
[  482.632251][ T8428] team0: Port device team_slave_1 added
[  482.651020][ T8428] batman_adv: batadv0: Adding interface: batadv_slave_0
[  482.658016][ T8428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.684623][ T8428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  482.697584][ T8428] batman_adv: batadv0: Adding interface: batadv_slave_1
[  482.704669][ T8428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.730856][ T8428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.759675][ T8428] device hsr_slave_0 entered promiscuous mode
[  482.767013][ T8428] device hsr_slave_1 entered promiscuous mode
[  482.888136][ T8428] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  482.899839][ T8428] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  482.910101][ T8428] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  482.920527][ T8428] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  482.952529][ T8428] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.959860][ T8428] bridge0: port 2(bridge_slave_1) entered forwarding state
[  482.967705][ T8428] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.974855][ T8428] bridge0: port 1(bridge_slave_0) entered forwarding state
[  483.027075][ T8428] 8021q: adding VLAN 0 to HW filter on device bond0
[  483.042409][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  483.054984][ T8556] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.063647][ T8556] bridge0: port 2(bridge_slave_1) entered disabled state
[  483.073600][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  483.087482][ T8428] 8021q: adding VLAN 0 to HW filter on device team0
[  483.100703][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  483.109778][ T8636] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.116960][ T8636] bridge0: port 1(bridge_slave_0) entered forwarding state
[  483.141856][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  483.151925][ T8636] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.158989][ T8636] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.168059][ T8636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  483.183259][ T3846] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  483.191703][ T3846] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  483.206167][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  483.220393][ T8428] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  483.234151][ T8428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  483.243558][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  483.265415][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  483.273221][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  483.288464][ T8428] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.310160][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  483.331914][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  483.341947][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  483.349667][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  483.362705][ T8428] device veth0_vlan entered promiscuous mode
[  483.375979][ T8428] device veth1_vlan entered promiscuous mode
[  483.399249][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  483.408181][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  483.417125][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  483.428219][ T8428] device veth0_macvtap entered promiscuous mode
[  483.439095][ T8428] device veth1_macvtap entered promiscuous mode
[  483.453746][ T8637] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  483.468648][ T8428] batman_adv: batadv0: Interface activated: batadv_slave_0
[  483.476999][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  483.486640][ T8556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  483.499243][ T8428] batman_adv: batadv0: Interface activated: batadv_slave_1
[  483.507007][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  483.515958][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  483.530412][ T8428] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.542916][ T8428] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[  483.552275][ T8428] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  483.563142][ T8428] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  483.695955][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  721.521651][ T1647] INFO: task syz-executor216:8640 blocked for more than 143 seconds.
[  721.529978][ T1647]       Not tainted 5.11.0-syzkaller #0
[  721.548636][ T1647] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  721.557568][ T1647] task:syz-executor216 state:D stack:26152 pid: 8640 ppid:  8428 flags:0x00000004
[  721.567372][ T1647] Call Trace:
[  721.570755][ T1647]  __schedule+0x90c/0x21a0
[  721.575451][ T1647]  ? io_schedule_timeout+0x140/0x140
[  721.580771][ T1647]  ? lock_chain_count+0x20/0x20
[  721.586914][ T1647]  schedule+0xcf/0x270
[  721.591216][ T1647]  schedule_timeout+0x1d8/0x250
[  721.596094][ T1647]  ? usleep_range+0x170/0x170
[  721.600761][ T1647]  ? wait_for_completion+0x15b/0x260
[  721.607624][ T1647]  ? mark_held_locks+0x9f/0xe0
[  721.612991][ T1647]  ? rwlock_bug.part.0+0x90/0x90
[  721.617974][ T1647]  ? _raw_spin_unlock_irq+0x1f/0x40
[  721.624311][ T1647]  wait_for_completion+0x163/0x260
[  721.629453][ T1647]  ? __flush_work+0x4f1/0xac0
[  721.634372][ T1647]  ? bit_wait_io_timeout+0x160/0x160
[  721.639707][ T1647]  ? _raw_spin_unlock_irq+0x1f/0x40
[  721.645982][ T1647]  __flush_work+0x51f/0xac0
[  721.650527][ T1647]  ? debug_object_assert_init+0x246/0x2e0
[  721.656941][ T1647]  ? queue_delayed_work_on+0xe0/0xe0
[  721.662828][ T1647]  ? is_bpf_text_address+0xcb/0x160
[  721.668166][ T1647]  ? flush_workqueue_prep_pwqs+0x510/0x510
[  721.674197][ T1647]  ? mark_held_locks+0x9f/0xe0
[  721.679008][ T1647]  __cancel_work_timer+0x3b3/0x520
[  721.685207][ T1647]  ? get_max_files+0x10/0x10
[  721.689904][ T1647]  ? try_to_grab_pending+0xd0/0xd0
[  721.696348][ T1647]  ? lock_release+0x710/0x710
[  721.701660][ T1647]  tls_sk_proto_close+0x4a7/0xaf0
[  721.706783][ T1647]  ? wait_on_pending_writer+0x430/0x430
[  721.713066][ T1647]  ? ip_mc_drop_socket+0x16/0x260
[  721.718210][ T1647]  inet_release+0x12e/0x280
[  721.723467][ T1647]  inet6_release+0x4c/0x70
[  721.727958][ T1647]  __sock_release+0xcd/0x280
[  721.733333][ T1647]  sock_close+0x18/0x20
[  721.737530][ T1647]  __fput+0x283/0x920
[  721.742252][ T1647]  ? __sock_release+0x280/0x280
[  721.747139][ T1647]  task_work_run+0xdd/0x190
[  721.752231][ T1647]  exit_to_user_mode_prepare+0x249/0x250
[  721.757976][ T1647]  syscall_exit_to_user_mode+0x19/0x50
[  721.764158][ T1647]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  721.770096][ T1647] RIP: 0033:0x405493
[  721.774712][ T1647] RSP: 002b:00007ffdd4021878 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  721.783406][ T1647] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000405493
[  721.791852][ T1647] RDX: 00000000000000d8 RSI: 00000000200005c0 RDI: 0000000000000004
[  721.799866][ T1647] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000000d8
[  721.808631][ T1647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdd4021890
[  721.817154][ T1647] R13: 00000000000f4240 R14: 00000000004b8018 R15: 00000000004004b8
[  721.825450][ T1647] 
[  721.825450][ T1647] Showing all locks held in the system:
[  721.833859][ T1647] 3 locks held by kworker/0:0/5:
[  721.838825][ T1647]  #0: ffff888010c63d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0
[  721.850114][ T1647]  #1: ffffc90000cbfda8 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0
[  721.863517][ T1647]  #2: ffff8880364df0d8 (&ctx->tx_lock){+.+.}-{3:3}, at: tx_work_handler+0x127/0x190
[  721.873634][ T1647] 1 lock held by khungtaskd/1647:
[  721.878692][ T1647]  #0: ffffffff8bd73da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  721.889366][ T1647] 1 lock held by in:imklog/8332:
[  721.894789][ T1647]  #0: ffff8880243e0b30 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[  721.904305][ T1647] 1 lock held by syz-executor216/8640:
[  721.909776][ T1647]  #0: ffff88803947f210 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[  721.921487][ T1647] 
[  721.923832][ T1647] =============================================
[  721.923832][ T1647] 
[  721.933222][ T1647] NMI backtrace for cpu 0
[  721.937563][ T1647] CPU: 0 PID: 1647 Comm: khungtaskd Not tainted 5.11.0-syzkaller #0
[  721.945542][ T1647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  721.955599][ T1647] Call Trace:
[  721.958869][ T1647]  dump_stack+0x107/0x163
[  721.963270][ T1647]  nmi_cpu_backtrace.cold+0x44/0xd7
[  721.968463][ T1647]  ? lapic_can_unplug_cpu+0x80/0x80
[  721.973707][ T1647]  nmi_trigger_cpumask_backtrace+0x1b3/0x230
[  721.979715][ T1647]  watchdog+0xd43/0xfa0
[  721.983891][ T1647]  ? reset_hung_task_detector+0x30/0x30
[  721.989439][ T1647]  kthread+0x3b1/0x4a0
[  721.993495][ T1647]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[  721.999394][ T1647]  ret_from_fork+0x1f/0x30
[  722.004025][ T1647] Sending NMI from CPU 0 to CPUs 1:
[  722.009717][    C1] NMI backtrace for cpu 1
[  722.009727][    C1] CPU: 1 PID: 4869 Comm: systemd-journal Not tainted 5.11.0-syzkaller #0
[  722.009738][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.009747][    C1] RIP: 0010:creds_are_invalid+0x0/0x50
[  722.009758][    C1] Code: e8 75 c5 26 00 4c 89 e0 5b 5d 41 5c c3 48 c7 c7 e0 b5 a3 8d e8 31 5d 69 00 e9 75 ff ff ff 49 c7 c4 ef ff ff ff eb a8 cc cc cc <53> 48 89 fb e8 47 c5 26 00 48 8d 7b 10 48 b8 00 00 00 00 00 fc ff
[  722.009774][    C1] RSP: 0018:ffffc90001337e88 EFLAGS: 00000213
[  722.009787][    C1] RAX: ffff888015549d00 RBX: 0000000000000000 RCX: ffffffff814c283c
[  722.009796][    C1] RDX: ffffed1002aa93a1 RSI: 0000000000000004 RDI: ffff888015423600
[  722.009805][    C1] RBP: ffff888015423600 R08: 0000000000000001 R09: ffff888015549d07
[  722.009814][    C1] R10: ffffed1002aa93a0 R11: 0000000000000000 R12: 0000000000000001
[  722.009823][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  722.009832][    C1] FS:  00007fd4f29068c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[  722.009841][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  722.009849][    C1] CR2: 00007fd4efcf2000 CR3: 0000000014301000 CR4: 00000000001506e0
[  722.009858][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  722.009867][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  722.009875][    C1] Call Trace:
[  722.009880][    C1]  do_faccessat+0x566/0x820
[  722.009885][    C1]  ? stream_open+0x60/0x60
[  722.009891][    C1]  ? __secure_computing+0x104/0x360
[  722.009897][    C1]  do_syscall_64+0x2d/0x70
[  722.009903][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  722.009910][    C1] RIP: 0033:0x7fd4f1bc19c7
[  722.009920][    C1] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48
[  722.009936][    C1] RSP: 002b:00007ffce21e98f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[  722.009950][    C1] RAX: ffffffffffffffda RBX: 00007ffce21ec810 RCX: 00007fd4f1bc19c7
[  722.009964][    C1] RDX: 00007fd4f2632a00 RSI: 0000000000000000 RDI: 000055fdcce029a3
[  722.009973][    C1] RBP: 00007ffce21e9930 R08: 0000000000000000 R09: 0000000000000000
[  722.009982][    C1] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000
[  722.009991][    C1] R13: 0000000000000000 R14: 00007ffce21ec810 R15: 00007ffce21e9e20
[  722.010278][ T1647] Kernel panic - not syncing: hung_task: blocked tasks
[  722.249546][ T1647] CPU: 0 PID: 1647 Comm: khungtaskd Not tainted 5.11.0-syzkaller #0
[  722.257523][ T1647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.267566][ T1647] Call Trace:
[  722.270836][ T1647]  dump_stack+0x107/0x163
[  722.275167][ T1647]  panic+0x306/0x73d
[  722.279061][ T1647]  ? __warn_printk+0xf3/0xf3
[  722.283684][ T1647]  ? cpumask_next+0x3c/0x40
[  722.288235][ T1647]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[  722.293945][ T1647]  ? printk_safe_flush+0xea/0x160
[  722.299042][ T1647]  ? watchdog.cold+0x5/0x158
[  722.303640][ T1647]  watchdog.cold+0x16/0x158
[  722.308174][ T1647]  ? reset_hung_task_detector+0x30/0x30
[  722.313721][ T1647]  kthread+0x3b1/0x4a0
[  722.317801][ T1647]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[  722.323697][ T1647]  ret_from_fork+0x1f/0x30
[  722.328851][ T1647] Kernel Offset: disabled
[  722.333200][ T1647] Rebooting in 86400 seconds..