[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts. 2021/08/01 15:29:04 parsed 1 programs 2021/08/01 15:29:04 executed programs: 0 syzkaller login: [ 1584.288318][ T6596] chnl_net:caif_netlink_parms(): no params data found [ 1584.360140][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.368461][ T6596] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.377601][ T6596] device bridge_slave_0 entered promiscuous mode [ 1584.387745][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.395645][ T6596] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.404288][ T6596] device bridge_slave_1 entered promiscuous mode [ 1584.435658][ T6596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1584.448387][ T6596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1584.482857][ T6596] team0: Port device team_slave_0 added [ 1584.490714][ T6596] team0: Port device team_slave_1 added [ 1584.519041][ T6596] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1584.526160][ T6596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.553575][ T6596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1584.566867][ T6596] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1584.573840][ T6596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.600269][ T6596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1584.639683][ T6596] device hsr_slave_0 entered promiscuous mode [ 1584.648073][ T6596] device hsr_slave_1 entered promiscuous mode [ 1584.777128][ T6596] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1584.790584][ T6596] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1584.799973][ T6596] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1584.811515][ T6596] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1584.839672][ T6596] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.847099][ T6596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1584.855083][ T6596] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.862338][ T6596] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1584.908755][ T6596] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1584.922941][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1584.936284][ T6920] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.945466][ T6920] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.954626][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1584.970047][ T6596] 8021q: adding VLAN 0 to HW filter on device team0 [ 1584.982273][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1584.991184][ T6920] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.998519][ T6920] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1585.010178][ T1068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1585.019061][ T1068] bridge0: port 2(bridge_slave_1) entered blocking state [ 1585.026645][ T1068] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1585.048095][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1585.069772][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1585.078293][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1585.087147][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1585.095758][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1585.108297][ T6596] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1585.126704][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1585.134260][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1585.149900][ T6596] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1585.170559][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1585.192735][ T6596] device veth0_vlan entered promiscuous mode [ 1585.201179][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1585.211193][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1585.219629][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1585.235300][ T6596] device veth1_vlan entered promiscuous mode [ 1585.260144][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1585.269679][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1585.278203][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1585.291217][ T6596] device veth0_macvtap entered promiscuous mode [ 1585.303571][ T6596] device veth1_macvtap entered promiscuous mode [ 1585.325071][ T6596] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1585.333487][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1585.342636][ T6920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1585.355741][ T6596] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1585.363827][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1585.373053][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1585.387053][ T6596] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.396815][ T6596] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.407119][ T6596] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.416092][ T6596] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.514002][ T6909] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1585.525244][ T6909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1585.553301][ T6568] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1585.555913][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1585.566411][ T6568] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1585.581035][ T6760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1586.106976][ T6760] Bluetooth: hci0: command 0x0409 tx timeout [ 1588.186456][ T6760] Bluetooth: hci0: command 0x041b tx timeout 2021/08/01 15:29:09 executed programs: 3 [ 1590.266324][ T6760] Bluetooth: hci0: command 0x040f tx timeout [ 1592.345575][ T6760] Bluetooth: hci0: command 0x0419 tx timeout 2021/08/01 15:29:15 executed programs: 9 2021/08/01 15:29:20 executed programs: 15 2021/08/01 15:29:26 executed programs: 21 [ 1607.055790][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.062581][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 2021/08/01 15:29:31 executed programs: 27 2021/08/01 15:29:37 executed programs: 33 2021/08/01 15:29:42 executed programs: 39 2021/08/01 15:29:48 executed programs: 45 2021/08/01 15:29:53 executed programs: 51 2021/08/01 15:29:59 executed programs: 57 2021/08/01 15:30:04 executed programs: 63 2021/08/01 15:30:09 executed programs: 69 2021/08/01 15:30:15 executed programs: 75 2021/08/01 15:30:20 executed programs: 81 2021/08/01 15:30:26 executed programs: 87 [ 1668.492395][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1668.499246][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 2021/08/01 15:30:31 executed programs: 93 2021/08/01 15:30:37 executed programs: 99 2021/08/01 15:30:42 executed programs: 105 2021/08/01 15:30:48 executed programs: 111 2021/08/01 15:30:53 executed programs: 117 2021/08/01 15:30:58 executed programs: 123 2021/08/01 15:31:04 executed programs: 129 [ 1706.409991][ T1068] Bluetooth: hci0: command 0x0406 tx timeout 2021/08/01 15:31:09 executed programs: 135 2021/08/01 15:31:15 executed programs: 141 2021/08/01 15:31:20 executed programs: 147 2021/08/01 15:31:26 executed programs: 153 [ 1729.929922][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1729.936409][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 1791.366971][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1791.373380][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 1852.803978][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 1852.810310][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 1883.521585][ T27] INFO: task syz-executor.0:8038 can't die for more than 143 seconds. [ 1883.530301][ T27] task:syz-executor.0 state:D stack:28120 pid: 8038 ppid: 6596 flags:0x00004004 [ 1883.541624][ T27] Call Trace: [ 1883.544934][ T27] __schedule+0x949/0x2710 [ 1883.549766][ T27] ? io_schedule_timeout+0x140/0x140 [ 1883.555583][ T27] schedule+0xd3/0x290 [ 1883.559776][ T27] schedule_timeout+0x1db/0x2a0 [ 1883.565167][ T27] ? usleep_range+0x170/0x170 [ 1883.569951][ T27] ? wait_for_completion+0x16e/0x280 [ 1883.575902][ T27] ? lock_downgrade+0x6e0/0x6e0 [ 1883.581048][ T27] ? do_raw_spin_lock+0x120/0x2b0 [ 1883.586568][ T27] ? rwlock_bug.part.0+0x90/0x90 [ 1883.591996][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1883.597220][ T27] wait_for_completion+0x176/0x280 [ 1883.603036][ T27] ? __flush_work+0x4e0/0xad0 [ 1883.608179][ T27] ? bit_wait_io_timeout+0x160/0x160 [ 1883.614968][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1883.620206][ T27] __flush_work+0x50e/0xad0 [ 1883.625218][ T27] ? queue_delayed_work_on+0x120/0x120 [ 1883.630710][ T27] ? __flush_work+0x815/0xad0 [ 1883.635911][ T27] ? flush_workqueue_prep_pwqs+0x510/0x510 [ 1883.641996][ T27] ? try_to_grab_pending+0xbd/0xd0 [ 1883.647149][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1883.653928][ T27] __cancel_work_timer+0x3f9/0x570 [ 1883.659078][ T27] ? try_to_grab_pending+0xd0/0xd0 [ 1883.664907][ T27] ? p9_fd_close+0x280/0x520 [ 1883.669605][ T27] ? lock_downgrade+0x6e0/0x6e0 [ 1883.675012][ T27] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 1883.681643][ T27] p9_fd_close+0x305/0x520 [ 1883.686070][ T27] ? p9_client_create+0xa46/0x1110 [ 1883.691174][ T27] p9_client_create+0x95a/0x1110 [ 1883.696270][ T27] ? p9_client_flush+0x430/0x430 [ 1883.701216][ T27] ? lockdep_init_map_type+0x2c3/0x7b0 [ 1883.706931][ T27] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1883.712673][ T27] ? __raw_spin_lock_init+0x36/0x110 [ 1883.717973][ T27] v9fs_session_init+0x1dd/0x17b0 [ 1883.724177][ T27] ? v9fs_show_options+0x780/0x780 [ 1883.729513][ T27] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1883.736032][ T27] v9fs_mount+0x79/0x9c0 [ 1883.740327][ T27] ? v9fs_write_inode+0x60/0x60 [ 1883.746282][ T27] legacy_get_tree+0x105/0x220 [ 1883.751129][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1883.759651][ T27] vfs_get_tree+0x89/0x2f0 [ 1883.764928][ T27] path_mount+0x132a/0x1fa0 [ 1883.769548][ T27] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1883.777421][ T27] ? strncpy_from_user+0x2a0/0x3e0 [ 1883.783251][ T27] ? finish_automount+0xaf0/0xaf0 [ 1883.788296][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1883.796579][ T27] ? getname_flags.part.0+0x1dd/0x4f0 [ 1883.802983][ T27] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1883.809231][ T27] __x64_sys_mount+0x27f/0x300 [ 1883.815693][ T27] ? copy_mnt_ns+0xae0/0xae0 [ 1883.820287][ T27] ? syscall_enter_from_user_mode+0x21/0x70 [ 1883.827151][ T27] do_syscall_64+0x35/0xb0 [ 1883.832941][ T27] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1883.838884][ T27] RIP: 0033:0x4665e9 [ 1883.843660][ T27] RSP: 002b:00007f5354ea6188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1883.853109][ T27] RAX: ffffffffffffffda RBX: 000000000056c1a8 RCX: 00000000004665e9 [ 1883.861190][ T27] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 1883.869777][ T27] RBP: 00000000004bfcc4 R08: 0000000020000580 R09: 0000000000000000 [ 1883.878471][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c1a8 [ 1883.887179][ T27] R13: 00007ffef8a19d3f R14: 00007f5354ea6300 R15: 0000000000022000 [ 1883.895927][ T27] INFO: task syz-executor.0:8038 blocked for more than 143 seconds. [ 1883.905000][ T27] Not tainted 5.14.0-rc3-next-20210730-syzkaller #0 [ 1883.912787][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1883.922487][ T27] task:syz-executor.0 state:D stack:28120 pid: 8038 ppid: 6596 flags:0x00004004 [ 1883.933141][ T27] Call Trace: [ 1883.936439][ T27] __schedule+0x949/0x2710 [ 1883.940863][ T27] ? io_schedule_timeout+0x140/0x140 [ 1883.947667][ T27] schedule+0xd3/0x290 [ 1883.952524][ T27] schedule_timeout+0x1db/0x2a0 [ 1883.957383][ T27] ? usleep_range+0x170/0x170 [ 1883.963270][ T27] ? wait_for_completion+0x16e/0x280 [ 1883.968572][ T27] ? lock_downgrade+0x6e0/0x6e0 [ 1883.974743][ T27] ? do_raw_spin_lock+0x120/0x2b0 [ 1883.979792][ T27] ? rwlock_bug.part.0+0x90/0x90 [ 1883.984908][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1883.990150][ T27] wait_for_completion+0x176/0x280 [ 1883.996230][ T27] ? __flush_work+0x4e0/0xad0 [ 1884.000950][ T27] ? bit_wait_io_timeout+0x160/0x160 [ 1884.007374][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1884.013271][ T27] __flush_work+0x50e/0xad0 [ 1884.017794][ T27] ? queue_delayed_work_on+0x120/0x120 [ 1884.024190][ T27] ? __flush_work+0x815/0xad0 [ 1884.028878][ T27] ? flush_workqueue_prep_pwqs+0x510/0x510 [ 1884.035598][ T27] ? try_to_grab_pending+0xbd/0xd0 [ 1884.040898][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1884.048179][ T27] __cancel_work_timer+0x3f9/0x570 [ 1884.054092][ T27] ? try_to_grab_pending+0xd0/0xd0 [ 1884.059471][ T27] ? p9_fd_close+0x280/0x520 [ 1884.064984][ T27] ? lock_downgrade+0x6e0/0x6e0 [ 1884.069843][ T27] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 1884.076561][ T27] p9_fd_close+0x305/0x520 [ 1884.080981][ T27] ? p9_client_create+0xa46/0x1110 [ 1884.087253][ T27] p9_client_create+0x95a/0x1110 [ 1884.092624][ T27] ? p9_client_flush+0x430/0x430 [ 1884.097592][ T27] ? lockdep_init_map_type+0x2c3/0x7b0 [ 1884.103620][ T27] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1884.109205][ T27] ? __raw_spin_lock_init+0x36/0x110 [ 1884.114653][ T27] v9fs_session_init+0x1dd/0x17b0 [ 1884.119882][ T27] ? v9fs_show_options+0x780/0x780 [ 1884.125079][ T27] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1884.130643][ T27] v9fs_mount+0x79/0x9c0 [ 1884.135819][ T27] ? v9fs_write_inode+0x60/0x60 [ 1884.140700][ T27] legacy_get_tree+0x105/0x220 [ 1884.146407][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1884.154064][ T27] vfs_get_tree+0x89/0x2f0 [ 1884.158489][ T27] path_mount+0x132a/0x1fa0 [ 1884.163897][ T27] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1884.170162][ T27] ? strncpy_from_user+0x2a0/0x3e0 [ 1884.176136][ T27] ? finish_automount+0xaf0/0xaf0 [ 1884.181191][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1884.187506][ T27] ? getname_flags.part.0+0x1dd/0x4f0 [ 1884.192964][ T27] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1884.199217][ T27] __x64_sys_mount+0x27f/0x300 [ 1884.204049][ T27] ? copy_mnt_ns+0xae0/0xae0 [ 1884.208668][ T27] ? syscall_enter_from_user_mode+0x21/0x70 [ 1884.214677][ T27] do_syscall_64+0x35/0xb0 [ 1884.219119][ T27] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1884.225279][ T27] RIP: 0033:0x4665e9 [ 1884.229188][ T27] RSP: 002b:00007f5354ea6188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1884.237808][ T27] RAX: ffffffffffffffda RBX: 000000000056c1a8 RCX: 00000000004665e9 [ 1884.245920][ T27] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 1884.254236][ T27] RBP: 00000000004bfcc4 R08: 0000000020000580 R09: 0000000000000000 [ 1884.262610][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c1a8 [ 1884.270601][ T27] R13: 00007ffef8a19d3f R14: 00007f5354ea6300 R15: 0000000000022000 [ 1884.280302][ T27] [ 1884.280302][ T27] Showing all locks held in the system: [ 1884.289086][ T27] 1 lock held by khungtaskd/27: [ 1884.295398][ T27] #0: ffffffff8b97e980 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 1884.307252][ T27] 2 locks held by kworker/1:2/1068: [ 1884.314146][ T27] #0: ffff888010864d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x871/0x1630 [ 1884.326329][ T27] #1: ffffc90004e5fdb0 ((work_completion)(&m->wq)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1630 [ 1884.338472][ T27] 1 lock held by in:imklog/6279: [ 1884.344385][ T27] #0: ffff8880220ab770 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 1884.355498][ T27] [ 1884.357916][ T27] ============================================= [ 1884.357916][ T27] [ 1884.367474][ T27] NMI backtrace for cpu 1 [ 1884.371865][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.14.0-rc3-next-20210730-syzkaller #0 [ 1884.381650][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1884.392123][ T27] Call Trace: [ 1884.395388][ T27] dump_stack_lvl+0xcd/0x134 [ 1884.400023][ T27] nmi_cpu_backtrace.cold+0x28/0x11b [ 1884.405294][ T27] ? lapic_can_unplug_cpu+0x80/0x80 [ 1884.410528][ T27] nmi_trigger_cpumask_backtrace+0x1ae/0x220 [ 1884.416563][ T27] watchdog+0xcb7/0xed0 [ 1884.420707][ T27] ? trace_sched_process_hang+0x280/0x280 [ 1884.426497][ T27] kthread+0x3e5/0x4d0 [ 1884.430647][ T27] ? set_kthread_struct+0x130/0x130 [ 1884.435895][ T27] ret_from_fork+0x1f/0x30 [ 1884.440778][ T27] Sending NMI from CPU 1 to CPUs 0: [ 1884.446219][ C0] NMI backtrace for cpu 0 [ 1884.446231][ C0] CPU: 0 PID: 2978 Comm: systemd-journal Not tainted 5.14.0-rc3-next-20210730-syzkaller #0 [ 1884.446253][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1884.446264][ C0] RIP: 0010:lockdep_hardirqs_on+0x53/0x100 [ 1884.446295][ C0] Code: fd 75 41 65 8b 05 8d 4e d4 76 85 c0 75 69 65 8b 05 5e 4b d4 76 85 c0 75 5e 8b 35 58 1c f5 06 85 f6 75 21 9c 58 f6 c4 02 75 7a <8b> 15 47 1c f5 06 85 d2 75 10 48 8b 83 e8 09 00 00 48 39 83 d0 09 [ 1884.446315][ C0] RSP: 0018:ffffc900012cfd68 EFLAGS: 00000046 [ 1884.446331][ C0] RAX: 0000000000000046 RBX: ffff88807c0fd580 RCX: 1ffffffff1ada649 [ 1884.446344][ C0] RDX: 1ffff1100f81fbee RSI: 0000000000000000 RDI: ffffffff81bacebf [ 1884.446358][ C0] RBP: ffffffff81bacebf R08: 0000000000000001 R09: 0000000000000001 [ 1884.446376][ C0] R10: ffffffff817bdce8 R11: 0000000000000000 R12: ffff88807cd3b300 [ 1884.446389][ C0] R13: 0000000000000cc0 R14: 00000000ffffffff R15: ffffffff81ca4770 [ 1884.446403][ C0] FS: 00007f64088918c0(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 1884.446423][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1884.446438][ C0] CR2: 00007f6405c78028 CR3: 000000001a424000 CR4: 00000000001506f0 [ 1884.446451][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1884.446463][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1884.446475][ C0] Call Trace: [ 1884.446481][ C0] __slab_alloc.constprop.0+0xaf/0xf0 [ 1884.446572][ C0] ? getname_flags.part.0+0x50/0x4f0 [ 1884.446596][ C0] kmem_cache_alloc+0x3e1/0x4a0 [ 1884.446621][ C0] getname_flags.part.0+0x50/0x4f0 [ 1884.446647][ C0] user_path_at_empty+0xa1/0x100 [ 1884.446671][ C0] do_faccessat+0x127/0x850 [ 1884.446695][ C0] ? stream_open+0x60/0x60 [ 1884.446718][ C0] ? __secure_computing+0x104/0x360 [ 1884.446744][ C0] do_syscall_64+0x35/0xb0 [ 1884.446763][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1884.446790][ C0] RIP: 0033:0x7f6407b4c9c7 [ 1884.446805][ C0] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 1884.446824][ C0] RSP: 002b:00007ffe829f5388 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 1884.446842][ C0] RAX: ffffffffffffffda RBX: 00007ffe829f82a0 RCX: 00007f6407b4c9c7 [ 1884.446855][ C0] RDX: 00007f64085bda00 RSI: 0000000000000000 RDI: 0000559b06fdf9a3 [ 1884.446868][ C0] RBP: 00007ffe829f53c0 R08: 0000000000000000 R09: 0000000000000000 [ 1884.446880][ C0] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 1884.446891][ C0] R13: 0000000000000000 R14: 00007ffe829f82a0 R15: 00007ffe829f58b0 [ 1884.464182][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 1884.464197][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.14.0-rc3-next-20210730-syzkaller #0 [ 1884.464219][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1884.464231][ T27] Call Trace: [ 1884.464239][ T27] dump_stack_lvl+0xcd/0x134 [ 1884.464272][ T27] panic+0x2b0/0x6dd [ 1884.464330][ T27] ? __warn_printk+0xf3/0xf3 [ 1884.464365][ T27] ? lapic_can_unplug_cpu+0x80/0x80 [ 1884.464395][ T27] ? preempt_schedule_thunk+0x16/0x18 [ 1884.464423][ T27] ? nmi_trigger_cpumask_backtrace+0x191/0x220 [ 1884.464453][ T27] ? watchdog.cold+0x1b9/0x1de [ 1884.464491][ T27] watchdog.cold+0x1ca/0x1de [ 1884.464520][ T27] ? trace_sched_process_hang+0x280/0x280 [ 1884.464550][ T27] kthread+0x3e5/0x4d0 [ 1884.464576][ T27] ? set_kthread_struct+0x130/0x130 [ 1884.464606][ T27] ret_from_fork+0x1f/0x30 [ 1884.466285][ T27] Kernel Offset: disabled [ 1884.808964][ T27] Rebooting in 86400 seconds..