[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts.
executing program
executing program
syzkaller login: [  721.598160][ T1659] INFO: task kworker/u4:0:8 blocked for more than 143 seconds.
[  721.606686][ T1659]       Not tainted 5.11.0-rc5-syzkaller #0
[  721.617143][ T1659] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  721.626752][ T1659] task:kworker/u4:0    state:D stack:23440 pid:    8 ppid:     2 flags:0x00004000
[  721.638127][ T1659] Workqueue: tc_filter_workqueue rsvp_delete_filter_work
[  721.645330][ T1659] Call Trace:
[  721.650025][ T1659]  __schedule+0x90c/0x21a0
[  721.654510][ T1659]  ? io_schedule_timeout+0x140/0x140
[  721.661600][ T1659]  schedule+0xcf/0x270
[  721.665907][ T1659]  schedule_preempt_disabled+0xf/0x20
[  721.674299][ T1659]  __mutex_lock+0x81a/0x1110
[  721.679955][ T1659]  ? rsvp_delete_filter_work+0xe/0x20
[  721.685427][ T1659]  ? mutex_lock_io_nested+0xf60/0xf60
[  721.692679][ T1659]  ? lock_release+0x710/0x710
[  721.697500][ T1659]  rsvp_delete_filter_work+0xe/0x20
[  721.704223][ T1659]  process_one_work+0x98d/0x15f0
[  721.710323][ T1659]  ? pwq_dec_nr_in_flight+0x320/0x320
[  721.715744][ T1659]  ? rwlock_bug.part.0+0x90/0x90
[  721.722356][ T1659]  ? _raw_spin_lock_irq+0x41/0x50
[  721.727511][ T1659]  worker_thread+0x64c/0x1120
[  721.733789][ T1659]  ? process_one_work+0x15f0/0x15f0
[  721.741268][ T1659]  kthread+0x3b1/0x4a0
[  721.745385][ T1659]  ? __kthread_bind_mask+0xc0/0xc0
[  721.752246][ T1659]  ret_from_fork+0x1f/0x30
[  721.756916][ T1659] INFO: task kworker/0:3:3217 blocked for more than 143 seconds.
[  721.766305][ T1659]       Not tainted 5.11.0-rc5-syzkaller #0
[  721.773316][ T1659] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  721.782859][ T1659] task:kworker/0:3     state:D stack:26720 pid: 3217 ppid:     2 flags:0x00004000
[  721.793166][ T1659] Workqueue: ipv6_addrconf addrconf_verify_work
[  721.800382][ T1659] Call Trace:
[  721.803689][ T1659]  __schedule+0x90c/0x21a0
[  721.810188][ T1659]  ? io_schedule_timeout+0x140/0x140
[  721.815526][ T1659]  ? _raw_spin_unlock_irq+0x1f/0x40
[  721.823260][ T1659]  ? lockdep_hardirqs_on+0x79/0x100
[  721.829499][ T1659]  schedule+0xcf/0x270
[  721.833635][ T1659]  schedule_preempt_disabled+0xf/0x20
[  721.840562][ T1659]  __mutex_lock+0x81a/0x1110
[  721.845189][ T1659]  ? addrconf_verify_work+0xa/0x20
[  721.851831][ T1659]  ? mutex_lock_io_nested+0xf60/0xf60
[  721.857246][ T1659]  ? lock_release+0x710/0x710
[  721.863520][ T1659]  ? lock_downgrade+0x6d0/0x6d0
[  721.870921][ T1659]  addrconf_verify_work+0xa/0x20
[  721.876068][ T1659]  process_one_work+0x98d/0x15f0
[  721.882698][ T1659]  ? pwq_dec_nr_in_flight+0x320/0x320
[  721.889436][ T1659]  ? rwlock_bug.part.0+0x90/0x90
[  721.894440][ T1659]  ? _raw_spin_lock_irq+0x41/0x50
[  721.901067][ T1659]  worker_thread+0x64c/0x1120
[  721.905832][ T1659]  ? __kthread_parkme+0x13f/0x1e0
[  721.912605][ T1659]  ? process_one_work+0x15f0/0x15f0
[  721.917865][ T1659]  kthread+0x3b1/0x4a0
[  721.923318][ T1659]  ? __kthread_bind_mask+0xc0/0xc0
[  721.929410][ T1659]  ret_from_fork+0x1f/0x30
[  721.934020][ T1659] 
[  721.934020][ T1659] Showing all locks held in the system:
[  721.943376][ T1659] 3 locks held by kworker/u4:0/8:
[  721.949446][ T1659]  #0: ffff88814156a938 ((wq_completion)tc_filter_workqueue){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0
[  721.962072][ T1659]  #1: ffffc90000cd7da8 ((work_completion)(&(rwork)->work)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0
[  721.974680][ T1659]  #2: ffffffff8ca5a488 (rtnl_mutex){+.+.}-{3:3}, at: rsvp_delete_filter_work+0xe/0x20
[  721.985600][ T1659] 1 lock held by khungtaskd/1659:
[  721.992093][ T1659]  #0: ffffffff8b373d20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  722.004307][ T1659] 3 locks held by kworker/0:3/3217:
[  722.010401][ T1659]  #0: ffff8881472c5138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0
[  722.022472][ T1659]  #1: ffffc90001e1fda8 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0
[  722.033777][ T1659]  #2: ffffffff8ca5a488 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20
[  722.044225][ T1659] 1 lock held by in:imklog/8196:
[  722.050073][ T1659]  #0: ffff888012330370 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[  722.060936][ T1659] 1 lock held by syz-executor200/8491:
[  722.066472][ T1659] 
[  722.070710][ T1659] =============================================
[  722.070710][ T1659] 
[  722.080465][ T1659] NMI backtrace for cpu 1
[  722.084809][ T1659] CPU: 1 PID: 1659 Comm: khungtaskd Not tainted 5.11.0-rc5-syzkaller #0
[  722.093149][ T1659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.103219][ T1659] Call Trace:
[  722.106532][ T1659]  dump_stack+0x107/0x163
[  722.110945][ T1659]  nmi_cpu_backtrace.cold+0x44/0xd7
[  722.116172][ T1659]  ? lapic_can_unplug_cpu+0x80/0x80
[  722.121434][ T1659]  nmi_trigger_cpumask_backtrace+0x1b3/0x230
[  722.127493][ T1659]  watchdog+0xd43/0xfa0
[  722.131759][ T1659]  ? reset_hung_task_detector+0x30/0x30
[  722.137321][ T1659]  kthread+0x3b1/0x4a0
[  722.141403][ T1659]  ? __kthread_bind_mask+0xc0/0xc0
[  722.146536][ T1659]  ret_from_fork+0x1f/0x30
[  722.151181][ T1659] Sending NMI from CPU 1 to CPUs 0:
[  722.158055][    C0] NMI backtrace for cpu 0
[  722.158065][    C0] CPU: 0 PID: 8491 Comm: syz-executor200 Not tainted 5.11.0-rc5-syzkaller #0
[  722.158075][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.158085][    C0] RIP: 0010:match_held_lock+0x0/0x150
[  722.158096][    C0] Code: cc cc cc cc cc cc cc cc cc cc 0f 1f 44 00 00 48 8b 34 24 48 c7 c7 c0 25 4a 89 e8 b8 2a bf ff cc cc cc cc cc cc cc cc cc cc cc <48> 39 77 10 0f 84 97 00 00 00 66 f7 47 22 f0 ff 74 4b 48 83 ec 08
[  722.158112][    C0] RSP: 0018:ffffc9000197ecd8 EFLAGS: 00000002
[  722.158127][    C0] RAX: 0000000000000005 RBX: 0000000000000002 RCX: ffffc9000197ed68
[  722.158136][    C0] RDX: 0000000000000002 RSI: ffff8880212a6c68 RDI: ffff888022122570
[  722.158145][    C0] RBP: 1ffff9200032fda5 R08: 0000000000000000 R09: 0000000000000000
[  722.158154][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888022122570
[  722.158163][    C0] R13: ffff8880212a6c68 R14: ffffc9000197ed68 R15: 0000000000000001
[  722.158173][    C0] FS:  0000000001643880(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
[  722.158182][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  722.158190][    C0] CR2: 0000000020000080 CR3: 0000000020ad5000 CR4: 00000000001506f0
[  722.158199][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  722.158208][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  722.158215][    C0] Call Trace:
[  722.158220][    C0]  find_held_lock+0x2d/0x110
[  722.158226][    C0]  lock_release+0x1f2/0x710
[  722.158232][    C0]  ? tcf_idr_check_alloc+0x29e/0x3b0
[  722.158239][    C0]  ? lock_downgrade+0x6d0/0x6d0
[  722.158245][    C0]  ? tcf_idr_check_alloc+0x78/0x3b0
[  722.158251][    C0]  ? mutex_lock_io_nested+0xf60/0xf60
[  722.158258][    C0]  __mutex_unlock_slowpath+0x81/0x610
[  722.158265][    C0]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  722.158272][    C0]  ? wait_for_completion_io+0x260/0x260
[  722.158278][    C0]  ? __radix_tree_lookup+0x211/0x2a0
[  722.158285][    C0]  tcf_idr_check_alloc+0x29e/0x3b0
[  722.158291][    C0]  tcf_police_init+0x34f/0x1460
[  722.158297][    C0]  ? __kernel_text_address+0x9/0x30
[  722.158303][    C0]  ? tcf_police_cleanup+0x60/0x60
[  722.158310][    C0]  ? find_held_lock+0x2d/0x110
[  722.158316][    C0]  ? lock_downgrade+0x6d0/0x6d0
[  722.158322][    C0]  ? stack_trace_consume_entry+0x160/0x160
[  722.158329][    C0]  tcf_action_init_1+0x103/0x640
[  722.158335][    C0]  ? tc_action_load_ops+0x440/0x440
[  722.158341][    C0]  ? tcf_action_dump_old+0x80/0x80
[  722.158347][    C0]  ? find_held_lock+0x2d/0x110
[  722.158353][    C0]  tcf_exts_validate+0x1d7/0x540
[  722.158359][    C0]  ? tcf_exts_destroy+0xc0/0xc0
[  722.158365][    C0]  ? unpoison_range+0x3a/0x60
[  722.158371][    C0]  rsvp_change+0x291/0x2990
[  722.158377][    C0]  ? find_held_lock+0x2d/0x110
[  722.158383][    C0]  ? tcf_bind_filter.isra.0+0x490/0x490
[  722.158390][    C0]  ? lock_downgrade+0x6d0/0x6d0
[  722.158396][    C0]  ? blackhole_dequeue+0x10/0x10
[  722.158402][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  722.158410][    C0]  tc_new_tfilter+0x1394/0x2120
[  722.158417][    C0]  ? tcf_bind_filter.isra.0+0x490/0x490
[  722.158424][    C0]  ? tc_del_tfilter+0x15b0/0x15b0
[  722.158431][    C0]  ? lock_chain_count+0x20/0x20
[  722.158438][    C0]  ? kernel_text_address+0xbd/0xf0
[  722.158445][    C0]  ? tc_del_tfilter+0x15b0/0x15b0
[  722.158452][    C0]  rtnetlink_rcv_msg+0x80e/0xad0
[  722.158468][    C0]  ? rtnetlink_put_metrics+0x510/0x510
[  722.158475][    C0]  netlink_rcv_skb+0x153/0x420
[  722.158482][    C0]  ? rtnetlink_put_metrics+0x510/0x510
[  722.158489][    C0]  ? netlink_ack+0xaa0/0xaa0
[  722.158496][    C0]  ? netlink_deliver_tap+0x227/0xb70
[  722.158502][    C0]  netlink_unicast+0x533/0x7d0
[  722.158509][    C0]  ? netlink_attachskb+0x870/0x870
[  722.158516][    C0]  ? _copy_from_iter_full+0x275/0x850
[  722.158524][    C0]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  722.158531][    C0]  ? __phys_addr_symbol+0x2c/0x70
[  722.158538][    C0]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[  722.158546][    C0]  ? __check_object_size+0x171/0x3f0
[  722.158552][    C0]  netlink_sendmsg+0x856/0xd90
[  722.158559][    C0]  ? netlink_unicast+0x7d0/0x7d0
[  722.158566][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  722.158574][    C0]  ? netlink_unicast+0x7d0/0x7d0
[  722.158580][    C0]  sock_sendmsg+0xcf/0x120
[  722.158586][    C0]  ____sys_sendmsg+0x6e8/0x810
[  722.158593][    C0]  ? kernel_sendmsg+0x50/0x50
[  722.158599][    C0]  ? do_recvmmsg+0x6c0/0x6c0
[  722.158606][    C0]  ? fs_reclaim_release+0x9c/0xe0
[  722.158612][    C0]  ___sys_sendmsg+0xf3/0x170
[  722.158619][    C0]  ? sendmsg_copy_msghdr+0x160/0x160
[  722.158626][    C0]  ? lockdep_init_map_waits+0x26a/0x720
[  722.158633][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  722.158639][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  722.158646][    C0]  ? percpu_counter_add_batch+0xbd/0x180
[  722.158652][    C0]  ? find_held_lock+0x2d/0x110
[  722.158655][    C0]  ? fd_install+0x1e3/0x640
[  722.158658][    C0]  ? lock_downgrade+0x6d0/0x6d0
[  722.158662][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  722.158666][    C0]  ? __fget_light+0x215/0x280
[  722.158670][    C0]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  722.158674][    C0]  __sys_sendmsg+0xe5/0x1b0
[  722.158677][    C0]  ? __sys_sendmsg_sock+0xb0/0xb0
[  722.158681][    C0]  ? syscall_enter_from_user_mode+0x1d/0x50
[  722.158685][    C0]  do_syscall_64+0x2d/0x70
[  722.158689][    C0]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  722.158692][    C0] RIP: 0033:0x4417b9
[  722.158699][    C0] Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  722.158709][    C0] RSP: 002b:00007ffd5ed328c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  722.158718][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004417b9
[  722.158724][    C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[  722.158730][    C0] RBP: 0000000000076ec0 R08: 00000000004002c8 R09: 00000000004002c8
[  722.158735][    C0] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402560
[  722.158740][    C0] R13: 00000000004025f0 R14: 0000000000000000 R15: 0000000000000000
[  722.158746][    C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.607 msecs
[  722.178077][ T1659] Kernel panic - not syncing: hung_task: blocked tasks
[  722.774881][ T1659] CPU: 1 PID: 1659 Comm: khungtaskd Not tainted 5.11.0-rc5-syzkaller #0
[  722.783270][ T1659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  722.793713][ T1659] Call Trace:
[  722.797058][ T1659]  dump_stack+0x107/0x163
[  722.801433][ T1659]  panic+0x306/0x73d
[  722.805463][ T1659]  ? __warn_printk+0xf3/0xf3
[  722.810084][ T1659]  ? lapic_can_unplug_cpu+0x80/0x80
[  722.815324][ T1659]  ? preempt_schedule_thunk+0x16/0x18
[  722.820762][ T1659]  ? nmi_trigger_cpumask_backtrace+0x196/0x230
[  722.827049][ T1659]  ? watchdog.cold+0x5/0x158
[  722.831727][ T1659]  watchdog.cold+0x16/0x158
[  722.836274][ T1659]  ? reset_hung_task_detector+0x30/0x30
[  722.841856][ T1659]  kthread+0x3b1/0x4a0
[  722.845974][ T1659]  ? __kthread_bind_mask+0xc0/0xc0
[  722.851117][ T1659]  ret_from_fork+0x1f/0x30
[  722.856367][ T1659] Kernel Offset: disabled
[  722.860773][ T1659] Rebooting in 86400 seconds..