[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 16.061059][ C1] random: crng init done [ 16.065363][ C1] random: 7 urandom warning(s) missed due to ratelimiting Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program [ 832.744470][ T315] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 832.764669][ T21] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 832.772334][ T73] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 832.784278][ T71] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 832.791926][ T12] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 832.799508][ T333] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 832.984286][ T315] usb 1-1: Using ep0 maxpacket: 8 [ 833.004352][ T21] usb 6-1: Using ep0 maxpacket: 8 [ 833.014576][ T73] usb 5-1: Using ep0 maxpacket: 8 [ 833.074427][ T71] usb 2-1: Using ep0 maxpacket: 8 [ 833.094319][ T333] usb 4-1: Using ep0 maxpacket: 8 [ 833.099498][ T12] usb 3-1: Using ep0 maxpacket: 8 [ 833.105517][ T315] usb 1-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.113959][ T315] usb 1-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.122848][ T315] usb 1-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.133758][ T315] usb 1-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.143052][ T21] usb 6-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.151924][ T21] usb 6-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.160937][ T21] usb 6-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.171411][ T21] usb 6-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.180649][ T73] usb 5-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.189060][ T73] usb 5-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.197881][ T73] usb 5-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.204367][ T71] usb 2-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.208191][ T73] usb 5-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.216637][ T71] usb 2-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.225758][ T315] usb 1-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.234514][ T71] usb 2-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.245572][ T315] usb 1-1: config 118 interface 0 has no altsetting 0 [ 833.255863][ T71] usb 2-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.262622][ T315] usb 1-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.272705][ T333] usb 4-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.280836][ T315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.280891][ T21] usb 6-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.280907][ T21] usb 6-1: config 118 interface 0 has no altsetting 0 [ 833.280933][ T21] usb 6-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.280949][ T21] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.282047][ T73] usb 5-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.289387][ T333] usb 4-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.289411][ T333] usb 4-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.297422][ T73] usb 5-1: config 118 interface 0 has no altsetting 0 [ 833.308468][ T333] usb 4-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.309277][ T12] usb 3-1: config index 0 descriptor too short (expected 35867, got 27) [ 833.315353][ T73] usb 5-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.315369][ T73] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.355187][ T21] hub 6-1:118.0: bad descriptor, ignoring hub [ 833.363815][ T12] usb 3-1: config 118 has too many interfaces: 91, using maximum allowed: 32 [ 833.376318][ T21] hub: probe of 6-1:118.0 failed with error -5 [ 833.379886][ T12] usb 3-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 833.392379][ T315] hub 1-1:118.0: bad descriptor, ignoring hub [ 833.397342][ T12] usb 3-1: config 118 has 1 interface, different from the descriptor's value: 91 [ 833.415934][ T333] usb 4-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.429610][ T21] cdc_wdm 6-1:118.0: cdc-wdm0: USB WDM device [ 833.437020][ T333] usb 4-1: config 118 interface 0 has no altsetting 0 [ 833.437057][ T333] usb 4-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.437072][ T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.445257][ T71] usb 2-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.453101][ T73] hub 5-1:118.0: bad descriptor, ignoring hub [ 833.463622][ T71] usb 2-1: config 118 interface 0 has no altsetting 0 [ 833.463653][ T71] usb 2-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.463668][ T71] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.495485][ T333] hub 4-1:118.0: bad descriptor, ignoring hub [ 833.505080][ T315] hub: probe of 1-1:118.0 failed with error -5 [ 833.526151][ T333] hub: probe of 4-1:118.0 failed with error -5 [ 833.530427][ T73] hub: probe of 5-1:118.0 failed with error -5 [ 833.542624][ T12] usb 3-1: config 118 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.547923][ T315] cdc_wdm 1-1:118.0: cdc-wdm1: USB WDM device [ 833.553467][ T12] usb 3-1: config 118 interface 0 has no altsetting 0 [ 833.553504][ T12] usb 3-1: New USB device found, idVendor=20ff, idProduct=4200, bcdDevice=16.ef [ 833.553525][ T12] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.606922][ T71] hub 2-1:118.0: bad descriptor, ignoring hub [ 833.613089][ T71] hub: probe of 2-1:118.0 failed with error -5 [ 833.665931][ T73] cdc_wdm 5-1:118.0: cdc-wdm2: USB WDM device [ 833.673235][ T333] cdc_wdm 4-1:118.0: cdc-wdm3: USB WDM device [ 833.684448][ T12] hub 3-1:118.0: bad descriptor, ignoring hub [ 833.690664][ T12] hub: probe of 3-1:118.0 failed with error -5 [ 833.698310][ T71] cdc_wdm 2-1:118.0: cdc-wdm4: USB WDM device [ 837.489797][ T12] cdc_wdm 3-1:118.0: cdc-wdm5: USB WDM device [ 984.954574][ T23] INFO: task syz-executor109:325 blocked for more than 143 seconds. [ 984.962654][ T23] Not tainted 5.8.0-syzkaller #0 [ 984.968267][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 984.977392][ T23] syz-executor109 D28160 325 323 0x80004006 [ 984.983748][ T23] Call Trace: [ 984.988153][ T23] __schedule+0x889/0x1f70 [ 984.992576][ T23] ? io_schedule_timeout+0x140/0x140 [ 984.998682][ T23] ? prepare_to_wait_event+0x129/0x650 [ 985.004246][ T23] schedule+0xcd/0x2b0 [ 985.008624][ T23] wdm_flush+0x2e9/0x3c0 [ 985.012890][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.017413][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 985.023243][ T23] ? find_held_lock+0x2d/0x110 [ 985.028831][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.033523][ T23] filp_close+0xb4/0x170 [ 985.038019][ T23] put_files_struct+0x1d0/0x350 [ 985.043598][ T23] exit_files+0x7e/0xa0 [ 985.047964][ T23] do_exit+0xb75/0x2890 [ 985.052191][ T23] ? lock_acquire+0x183/0x950 [ 985.056970][ T23] ? find_held_lock+0x2d/0x110 [ 985.061749][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 985.067248][ T23] ? get_signal+0x337/0x1ef0 [ 985.071966][ T23] ? lock_downgrade+0x740/0x740 [ 985.078179][ T23] ? do_raw_spin_lock+0x120/0x260 [ 985.083234][ T23] do_group_exit+0x125/0x310 [ 985.087914][ T23] get_signal+0x410/0x1ef0 [ 985.092773][ T23] ? kmem_cache_free+0x82/0x490 [ 985.097712][ T23] ? putname+0xe1/0x120 [ 985.101962][ T23] arch_do_signal+0x88/0x1a00 [ 985.106717][ T23] ? putname+0xe1/0x120 [ 985.111000][ T23] ? do_sys_openat2+0xa1/0x420 [ 985.116403][ T23] ? restore_sigcontext+0x620/0x620 [ 985.121632][ T23] ? build_open_flags+0x650/0x650 [ 985.127372][ T23] ? put_timespec64+0x120/0x120 [ 985.132305][ T23] ? raw_ioctl+0x1df/0x2513 [ 985.136920][ T23] ? __x64_sys_open+0x119/0x1c0 [ 985.141859][ T23] ? exit_to_user_mode_prepare+0x112/0x190 [ 985.147750][ T23] ? lockdep_hardirqs_on_prepare+0x322/0x4f0 [ 985.153751][ T23] exit_to_user_mode_prepare+0x137/0x190 [ 985.159509][ T23] syscall_exit_to_user_mode+0x36/0x260 [ 985.165123][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.171022][ T23] RIP: 0033:0x4018e0 [ 985.174983][ T23] Code: Bad RIP value. [ 985.179067][ T23] RSP: 002b:00007fffaf603328 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 985.187548][ T23] RAX: 0000000000000005 RBX: 0000000000000000 RCX: 00000000004018e0 [ 985.195655][ T23] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fffaf603340 [ 985.203630][ T23] RBP: 00000000006d0018 R08: 0000000000000000 R09: 000000000000000f [ 985.211672][ T23] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000402900 [ 985.219734][ T23] R13: 0000000000402990 R14: 0000000000000000 R15: 0000000000000000 [ 985.228651][ T23] INFO: task syz-executor109:330 blocked for more than 143 seconds. [ 985.236888][ T23] Not tainted 5.8.0-syzkaller #0 [ 985.243986][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 985.256471][ T23] syz-executor109 D28216 330 326 0x80004006 [ 985.262812][ T23] Call Trace: [ 985.266163][ T23] __schedule+0x889/0x1f70 [ 985.270603][ T23] ? io_schedule_timeout+0x140/0x140 [ 985.275936][ T23] ? prepare_to_wait_event+0x129/0x650 [ 985.281421][ T23] schedule+0xcd/0x2b0 [ 985.285557][ T23] wdm_flush+0x2e9/0x3c0 [ 985.289822][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.294232][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 985.300780][ T23] ? find_held_lock+0x2d/0x110 [ 985.305603][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.310029][ T23] filp_close+0xb4/0x170 [ 985.314266][ T23] put_files_struct+0x1d0/0x350 [ 985.319372][ T23] exit_files+0x7e/0xa0 [ 985.323837][ T23] do_exit+0xb75/0x2890 [ 985.328070][ T23] ? lock_acquire+0x183/0x950 [ 985.332767][ T23] ? find_held_lock+0x2d/0x110 [ 985.337581][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 985.343075][ T23] ? get_signal+0x337/0x1ef0 [ 985.347817][ T23] ? lock_downgrade+0x740/0x740 [ 985.352673][ T23] ? do_raw_spin_lock+0x120/0x260 [ 985.357746][ T23] do_group_exit+0x125/0x310 [ 985.362343][ T23] get_signal+0x410/0x1ef0 [ 985.366846][ T23] ? kmem_cache_free+0x82/0x490 [ 985.371710][ T23] ? putname+0xe1/0x120 [ 985.375922][ T23] arch_do_signal+0x88/0x1a00 [ 985.380603][ T23] ? putname+0xe1/0x120 [ 985.384806][ T23] ? do_sys_openat2+0xa1/0x420 [ 985.389591][ T23] ? restore_sigcontext+0x620/0x620 [ 985.394826][ T23] ? build_open_flags+0x650/0x650 [ 985.399940][ T23] ? put_timespec64+0x120/0x120 [ 985.404833][ T23] ? raw_ioctl+0x1df/0x2513 [ 985.409350][ T23] ? __x64_sys_open+0x119/0x1c0 [ 985.414192][ T23] ? exit_to_user_mode_prepare+0x112/0x190 [ 985.420058][ T23] ? lockdep_hardirqs_on_prepare+0x322/0x4f0 [ 985.426472][ T23] exit_to_user_mode_prepare+0x137/0x190 [ 985.432110][ T23] syscall_exit_to_user_mode+0x36/0x260 [ 985.437726][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.443623][ T23] RIP: 0033:0x4018e0 [ 985.447552][ T23] Code: Bad RIP value. [ 985.451628][ T23] RSP: 002b:00007fffaf603328 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 985.462357][ T23] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 00000000004018e0 [ 985.470472][ T23] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fffaf603340 [ 985.478506][ T23] RBP: 00000000006d0018 R08: 0000000000000000 R09: 000000000000000f [ 985.486536][ T23] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000402900 [ 985.494565][ T23] R13: 0000000000402990 R14: 0000000000000000 R15: 0000000000000000 [ 985.502554][ T23] INFO: task syz-executor109:331 blocked for more than 143 seconds. [ 985.510618][ T23] Not tainted 5.8.0-syzkaller #0 [ 985.516171][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 985.524898][ T23] syz-executor109 D26248 331 329 0x80000002 [ 985.531376][ T23] Call Trace: [ 985.534736][ T23] __schedule+0x889/0x1f70 [ 985.539168][ T23] ? io_schedule_timeout+0x140/0x140 [ 985.544518][ T23] ? prepare_to_wait_event+0x129/0x650 [ 985.549993][ T23] schedule+0xcd/0x2b0 [ 985.554066][ T23] wdm_flush+0x2e9/0x3c0 [ 985.558402][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.562828][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 985.568601][ T23] ? find_held_lock+0x2d/0x110 [ 985.573369][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.577834][ T23] filp_close+0xb4/0x170 [ 985.582084][ T23] put_files_struct+0x1d0/0x350 [ 985.586984][ T23] exit_files+0x7e/0xa0 [ 985.591154][ T23] do_exit+0xb75/0x2890 [ 985.595338][ T23] ? down_write_nested+0x160/0x160 [ 985.600450][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 985.606289][ T23] do_group_exit+0x125/0x310 [ 985.610897][ T23] __x64_sys_exit_group+0x3a/0x50 [ 985.615977][ T23] do_syscall_64+0x2d/0x40 [ 985.620408][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.626329][ T23] RIP: 0033:0x444458 [ 985.630245][ T23] Code: Bad RIP value. [ 985.634285][ T23] RSP: 002b:00007fffaf603398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 985.642766][ T23] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000444458 [ 985.650825][ T23] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 985.658860][ T23] RBP: 00000000004c40b0 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 985.666909][ T23] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 985.674947][ T23] R13: 00000000006d9420 R14: 0000000000000000 R15: 0000000000000000 [ 985.683058][ T23] INFO: task syz-executor109:332 blocked for more than 144 seconds. [ 985.691160][ T23] Not tainted 5.8.0-syzkaller #0 [ 985.696668][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 985.705398][ T23] syz-executor109 D28544 332 324 0x80004006 [ 985.711754][ T23] Call Trace: [ 985.715204][ T23] __schedule+0x889/0x1f70 [ 985.719803][ T23] ? io_schedule_timeout+0x140/0x140 [ 985.725160][ T23] ? prepare_to_wait_event+0x129/0x650 [ 985.730625][ T23] schedule+0xcd/0x2b0 [ 985.734759][ T23] wdm_flush+0x2e9/0x3c0 [ 985.739007][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.743428][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 985.749244][ T23] ? find_held_lock+0x2d/0x110 [ 985.754021][ T23] ? wdm_probe+0x2d0/0x2d0 [ 985.758495][ T23] filp_close+0xb4/0x170 [ 985.762754][ T23] put_files_struct+0x1d0/0x350 [ 985.767665][ T23] exit_files+0x7e/0xa0 [ 985.771830][ T23] do_exit+0xb75/0x2890 [ 985.776056][ T23] ? lock_acquire+0x183/0x950 [ 985.780753][ T23] ? find_held_lock+0x2d/0x110 [ 985.785577][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 985.791832][ T23] ? get_signal+0x337/0x1ef0 [ 985.796592][ T23] ? lock_downgrade+0x740/0x740 [ 985.801487][ T23] ? do_raw_spin_lock+0x120/0x260 [ 985.806564][ T23] do_group_exit+0x125/0x310 [ 985.811194][ T23] get_signal+0x410/0x1ef0 [ 985.815652][ T23] ? kmem_cache_free+0x82/0x490 [ 985.820598][ T23] ? putname+0xe1/0x120 [ 985.824809][ T23] arch_do_signal+0x88/0x1a00 [ 985.829520][ T23] ? putname+0xe1/0x120 [ 985.833666][ T23] ? do_sys_openat2+0xa1/0x420 [ 985.838489][ T23] ? restore_sigcontext+0x620/0x620 [ 985.843696][ T23] ? build_open_flags+0x650/0x650 [ 985.848799][ T23] ? put_timespec64+0x120/0x120 [ 985.853663][ T23] ? raw_ioctl+0x1df/0x2513 [ 985.858214][ T23] ? __x64_sys_open+0x119/0x1c0 [ 985.863073][ T23] ? exit_to_user_mode_prepare+0x112/0x190 [ 985.869029][ T23] ? lockdep_hardirqs_on_prepare+0x322/0x4f0 [ 985.875185][ T23] exit_to_user_mode_prepare+0x137/0x190 [ 985.880841][ T23] syscall_exit_to_user_mode+0x36/0x260 [ 985.886464][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.892360][ T23] RIP: 0033:0x4018e0 [ 985.896291][ T23] Code: Bad RIP value. [ 985.900364][ T23] RSP: 002b:00007fffaf603328 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 985.908839][ T23] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 00000000004018e0 [ 985.916909][ T23] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fffaf603340 [ 985.924942][ T23] RBP: 00000000006d0018 R08: 0000000000000000 R09: 000000000000000f [ 985.932935][ T23] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000402900 [ 985.941073][ T23] R13: 0000000000402990 R14: 0000000000000000 R15: 0000000000000000 [ 985.949168][ T23] INFO: task syz-executor109:334 blocked for more than 144 seconds. [ 985.957207][ T23] Not tainted 5.8.0-syzkaller #0 [ 985.962655][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 985.973469][ T23] syz-executor109 D28816 334 327 0x80004006 [ 985.981071][ T23] Call Trace: [ 985.984527][ T23] __schedule+0x889/0x1f70 [ 985.988955][ T23] ? io_schedule_timeout+0x140/0x140 [ 985.994227][ T23] ? prepare_to_wait_event+0x129/0x650 [ 985.999756][ T23] schedule+0xcd/0x2b0 [ 986.003872][ T23] wdm_flush+0x2e9/0x3c0 [ 986.008172][ T23] ? wdm_probe+0x2d0/0x2d0 [ 986.012703][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 986.018472][ T23] ? find_held_lock+0x2d/0x110 [ 986.023244][ T23] ? wdm_probe+0x2d0/0x2d0 [ 986.027709][ T23] filp_close+0xb4/0x170 [ 986.031955][ T23] put_files_struct+0x1d0/0x350 [ 986.036852][ T23] exit_files+0x7e/0xa0 [ 986.041009][ T23] do_exit+0xb75/0x2890 [ 986.045212][ T23] ? lock_acquire+0x183/0x950 [ 986.049985][ T23] ? find_held_lock+0x2d/0x110 [ 986.054782][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 986.060157][ T23] ? get_signal+0x337/0x1ef0 [ 986.064791][ T23] ? lock_downgrade+0x740/0x740 [ 986.069655][ T23] ? do_raw_spin_lock+0x120/0x260 [ 986.074813][ T23] do_group_exit+0x125/0x310 [ 986.079397][ T23] get_signal+0x410/0x1ef0 [ 986.083800][ T23] ? kmem_cache_free+0x82/0x490 [ 986.088698][ T23] ? putname+0xe1/0x120 [ 986.098625][ T23] arch_do_signal+0x88/0x1a00 [ 986.103656][ T23] ? putname+0xe1/0x120 [ 986.107878][ T23] ? do_sys_openat2+0xa1/0x420 [ 986.112669][ T23] ? restore_sigcontext+0x620/0x620 [ 986.117934][ T23] ? build_open_flags+0x650/0x650 [ 986.122957][ T23] ? put_timespec64+0x120/0x120 [ 986.127851][ T23] ? raw_ioctl+0x1df/0x2513 [ 986.132360][ T23] ? __x64_sys_open+0x119/0x1c0 [ 986.137306][ T23] ? exit_to_user_mode_prepare+0x112/0x190 [ 986.143317][ T23] ? lockdep_hardirqs_on_prepare+0x322/0x4f0 [ 986.149585][ T23] exit_to_user_mode_prepare+0x137/0x190 [ 986.155316][ T23] syscall_exit_to_user_mode+0x36/0x260 [ 986.160869][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.166820][ T23] RIP: 0033:0x4018e0 [ 986.170832][ T23] Code: Bad RIP value. [ 986.174939][ T23] RSP: 002b:00007fffaf603328 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 986.183361][ T23] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 00000000004018e0 [ 986.191495][ T23] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007fffaf603340 [ 986.199525][ T23] RBP: 00000000006d0018 R08: 0000000000000000 R09: 000000000000000f [ 986.208113][ T23] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000402900 [ 986.216297][ T23] R13: 0000000000402990 R14: 0000000000000000 R15: 0000000000000000 [ 986.224297][ T23] INFO: task syz-executor109:336 blocked for more than 144 seconds. [ 986.232464][ T23] Not tainted 5.8.0-syzkaller #0 [ 986.238021][ T23] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 986.247224][ T23] syz-executor109 D28816 336 328 0x80004006 [ 986.253570][ T23] Call Trace: [ 986.256982][ T23] __schedule+0x889/0x1f70 [ 986.261459][ T23] ? io_schedule_timeout+0x140/0x140 [ 986.266915][ T23] ? prepare_to_wait_event+0x129/0x650 [ 986.272678][ T23] schedule+0xcd/0x2b0 [ 986.276855][ T23] wdm_flush+0x2e9/0x3c0 [ 986.281218][ T23] ? wdm_probe+0x2d0/0x2d0 [ 986.285678][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 986.291416][ T23] ? find_held_lock+0x2d/0x110 [ 986.296288][ T23] ? wdm_probe+0x2d0/0x2d0 [ 986.300711][ T23] filp_close+0xb4/0x170 [ 986.305006][ T23] put_files_struct+0x1d0/0x350 [ 986.309874][ T23] exit_files+0x7e/0xa0 [ 986.314024][ T23] do_exit+0xb75/0x2890 [ 986.318246][ T23] ? lock_acquire+0x183/0x950 [ 986.323027][ T23] ? find_held_lock+0x2d/0x110 [ 986.327928][ T23] ? mm_update_next_owner+0x7a0/0x7a0 [ 986.333309][ T23] ? get_signal+0x337/0x1ef0 [ 986.337951][ T23] ? lock_downgrade+0x740/0x740 [ 986.342816][ T23] ? do_raw_spin_lock+0x120/0x260 [ 986.347903][ T23] do_group_exit+0x125/0x310 [ 986.352597][ T23] get_signal+0x410/0x1ef0 [ 986.357165][ T23] ? rcu_read_lock_sched_held+0x3a/0x70 [ 986.362723][ T23] arch_do_signal+0x88/0x1a00 [ 986.367458][ T23] ? wdm_int_callback+0x7c0/0x7c0 [ 986.372517][ T23] ? add_wait_queue_exclusive+0x180/0x180 [ 986.378300][ T23] ? restore_sigcontext+0x620/0x620 [ 986.383538][ T23] ? wdm_int_callback+0x7c0/0x7c0 [ 986.388701][ T23] ? exit_to_user_mode_prepare+0x112/0x190 [ 986.394576][ T23] ? lockdep_hardirqs_on_prepare+0x322/0x4f0 [ 986.401282][ T23] exit_to_user_mode_prepare+0x137/0x190 [ 986.407092][ T23] syscall_exit_to_user_mode+0x36/0x260 [ 986.412790][ T23] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.420927][ T23] RIP: 0033:0x445809 [ 986.424868][ T23] Code: Bad RIP value. [ 986.428942][ T23] RSP: 002b:00007fffaf6033d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 986.437552][ T23] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 0000000000445809 [ 986.445784][ T23] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 986.453760][ T23] RBP: 00000000006d0018 R08: 000000000000000f R09: 00000000004002e0 [ 986.462003][ T23] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402900 [ 986.470059][ T23] R13: 0000000000402990 R14: 0000000000000000 R15: 0000000000000000 [ 986.478122][ T23] [ 986.478122][ T23] Showing all locks held in the system: [ 986.486050][ T23] 1 lock held by khungtaskd/23: [ 986.490900][ T23] #0: ffffffff87313660 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x264 [ 986.500888][ T23] 2 locks held by in:imklog/230: [ 986.505880][ T23] #0: ffff8881ca70aff0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 986.515082][ T23] #1: ffffffff873a3880 (fs_reclaim){+.+.}-{0:0}, at: do_syslog.part.0+0x4a0/0x1340 [ 986.524817][ T23] [ 986.527157][ T23] ============================================= [ 986.527157][ T23] [ 986.535600][ T23] NMI backtrace for cpu 0 [ 986.540036][ T23] CPU: 0 PID: 23 Comm: khungtaskd Not tainted 5.8.0-syzkaller #0 [ 986.547753][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 986.557982][ T23] Call Trace: [ 986.561401][ T23] dump_stack+0xf6/0x16e [ 986.565679][ T23] ? x86_vector_activate.cold+0x90/0xdd [ 986.571318][ T23] nmi_cpu_backtrace.cold+0x74/0xb6 [ 986.576529][ T23] ? lapic_can_unplug_cpu.cold+0x38/0x38 [ 986.582157][ T23] nmi_trigger_cpumask_backtrace+0x1da/0x1f4 [ 986.588205][ T23] watchdog+0xd6a/0xfd0 [ 986.592706][ T23] ? reset_hung_task_detector+0x30/0x30 [ 986.598303][ T23] kthread+0x392/0x470 [ 986.602365][ T23] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 986.608252][ T23] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 986.614173][ T23] ret_from_fork+0x1f/0x30 [ 986.618647][ T23] Sending NMI from CPU 0 to CPUs 1: [ 986.623938][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x72/0x90 [ 986.624867][ T23] Kernel panic - not syncing: hung_task: blocked tasks [ 986.638964][ T23] CPU: 0 PID: 23 Comm: khungtaskd Not tainted 5.8.0-syzkaller #0 [ 986.646674][ T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 986.656840][ T23] Call Trace: [ 986.660139][ T23] dump_stack+0xf6/0x16e [ 986.664384][ T23] panic+0x2aa/0x6e1 [ 986.668287][ T23] ? __warn_printk+0xf3/0xf3 [ 986.672875][ T23] ? cpumask_next+0x3c/0x40 [ 986.677362][ T23] ? printk_safe_flush+0xd6/0x120 [ 986.682381][ T23] ? watchdog.cold+0x5/0x16b [ 986.686970][ T23] ? watchdog+0xa8f/0xfd0 [ 986.691282][ T23] watchdog.cold+0x16/0x16b [ 986.695784][ T23] ? reset_hung_task_detector+0x30/0x30 [ 986.701384][ T23] kthread+0x392/0x470 [ 986.705438][ T23] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 986.711390][ T23] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 986.717285][ T23] ret_from_fork+0x1f/0x30 [ 986.722318][ T23] Kernel Offset: disabled [ 986.726818][ T23] Rebooting in 86400 seconds..