[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.228' (ECDSA) to the list of known hosts.
syzkaller login: [  289.082401][ T6823] IPVS: ftp: loaded support on port[0] = 21
[  289.171545][ T6823] chnl_net:caif_netlink_parms(): no params data found
[  289.222205][ T6823] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.229868][ T6823] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.239393][ T6823] device bridge_slave_0 entered promiscuous mode
[  289.248250][ T6823] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.255944][ T6823] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.264167][ T6823] device bridge_slave_1 entered promiscuous mode
[  289.284993][ T6823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.295996][ T6823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.317257][ T6823] team0: Port device team_slave_0 added
[  289.325252][ T6823] team0: Port device team_slave_1 added
[  289.344043][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.351035][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.378519][ T6823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.391807][ T6823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.398770][ T6823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.424915][ T6823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.452496][ T6823] device hsr_slave_0 entered promiscuous mode
[  289.459182][ T6823] device hsr_slave_1 entered promiscuous mode
[  289.554604][ T6823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  289.565083][ T6823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  289.575385][ T6823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  289.586224][ T6823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  289.609956][ T6823] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.617108][ T6823] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.624854][ T6823] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.631988][ T6823] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.676879][ T6823] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.689397][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  289.700008][ T6535] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.709539][ T6535] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.717628][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  289.730306][ T6823] 8021q: adding VLAN 0 to HW filter on device team0
[  289.742396][ T2583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  289.751000][ T2583] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.758040][ T2583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.782799][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  289.791687][ T7030] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.798798][ T7030] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.808156][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  289.818949][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  289.834782][ T6823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.845371][ T6823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.859067][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  289.867095][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  289.876486][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  289.886496][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  289.904242][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  289.911702][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  289.926889][ T6823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.945336][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  289.965643][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  289.974346][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  289.982786][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  289.993692][ T6823] device veth0_vlan entered promiscuous mode
[  290.007206][ T6823] device veth1_vlan entered promiscuous mode
[  290.028089][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  290.036205][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  290.044789][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  290.056091][ T6823] device veth0_macvtap entered promiscuous mode
[  290.065637][ T6823] device veth1_macvtap entered promiscuous mode
[  290.084819][ T6823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.092537][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  290.102708][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  290.115341][ T6823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.123422][ T7030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  290.134575][ T6823] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[  290.144462][ T6823] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.153255][ T6823] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.162372][ T6823] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.273351][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  320.031607][    T0] NOHZ: local_softirq_pending 08
[  401.952107][    T0] NOHZ: local_softirq_pending 08
[  442.911774][    T0] NOHZ: local_softirq_pending 08
[  452.510615][ T1165] INFO: task syz-executor227:6823 blocked for more than 143 seconds.
[  452.518827][ T1165]       Not tainted 5.9.0-rc1-syzkaller #0
[  452.526683][ T1165] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  452.537304][ T1165] task:syz-executor227 state:D stack:23912 pid: 6823 ppid:  6822 flags:0x00000000
[  452.547445][ T1165] Call Trace:
[  452.551400][ T1165]  __schedule+0x8e5/0x21e0
[  452.555823][ T1165]  ? io_schedule_timeout+0x140/0x140
[  452.562027][ T1165]  schedule+0xd0/0x2a0
[  452.566119][ T1165]  schedule_timeout+0x1d8/0x250
[  452.571813][ T1165]  ? usleep_range+0x170/0x170
[  452.576636][ T1165]  ? mark_held_locks+0x9f/0xe0
[  452.582400][ T1165]  ? _raw_spin_unlock_irq+0x1f/0x80
[  452.587621][ T1165]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[  452.594541][ T1165]  ? trace_hardirqs_on+0x5f/0x220
[  452.599567][ T1165]  wait_for_completion+0x163/0x260
[  452.605468][ T1165]  ? wait_for_completion_interruptible+0x2e0/0x2e0
[  452.612513][ T1165]  ? _raw_spin_unlock_irq+0x1f/0x80
[  452.617702][ T1165]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[  452.624502][ T1165]  __flush_work+0x51f/0xab0
[  452.629012][ T1165]  ? queue_work_node+0x370/0x370
[  452.634784][ T1165]  ? debug_object_init_on_stack+0x20/0x20
[  452.640989][ T1165]  ? flush_workqueue_prep_pwqs+0x4f0/0x4f0
[  452.646794][ T1165]  ? mark_held_locks+0x9f/0xe0
[  452.652501][ T1165]  ? __cancel_work_timer+0x516/0x700
[  452.657802][ T1165]  ? lockdep_hardirqs_on_prepare+0x354/0x530
[  452.664695][ T1165]  __cancel_work_timer+0x5de/0x700
[  452.669812][ T1165]  ? try_to_grab_pending.part.0+0x7d0/0x7d0
[  452.676858][ T1165]  ? lock_acquire+0x1f1/0xad0
[  452.682272][ T1165]  ? __sock_release+0x86/0x280
[  452.687040][ T1165]  ? lock_release+0x8e0/0x8e0
[  452.692572][ T1165]  tls_sk_proto_close+0x4a7/0xaf0
[  452.697611][ T1165]  ? wait_on_pending_writer+0x3f0/0x3f0
[  452.704066][ T1165]  ? ip_mc_drop_socket+0x16/0x260
[  452.709093][ T1165]  inet_release+0x12e/0x280
[  452.714427][ T1165]  inet6_release+0x4c/0x70
[  452.718853][ T1165]  __sock_release+0xcd/0x280
[  452.724218][ T1165]  sock_close+0x18/0x20
[  452.728479][ T1165]  __fput+0x285/0x920
[  452.733774][ T1165]  ? __sock_release+0x280/0x280
[  452.738649][ T1165]  task_work_run+0xdd/0x190
[  452.743987][ T1165]  exit_to_user_mode_prepare+0x195/0x1c0
[  452.749614][ T1165]  syscall_exit_to_user_mode+0x59/0x2b0
[  452.756156][ T1165]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  452.762551][ T1165] RIP: 0033:0x403960
[  452.766453][ T1165] Code: Bad RIP value.
[  452.771207][ T1165] RSP: 002b:00007fffa20ee098 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  452.779620][ T1165] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000403960
[  452.788504][ T1165] RDX: 00000000000000d8 RSI: 00000000200005c0 RDI: 0000000000000004
[  452.796959][ T1165] RBP: 00007fffa20ee0a0 R08: 0000000000000000 R09: 00000000000000d8
[  452.805430][ T1165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffa20ee0b0
[  452.813865][ T1165] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.822353][ T1165] 
[  452.822353][ T1165] Showing all locks held in the system:
[  452.830077][ T1165] 1 lock held by khungtaskd/1165:
[  452.835965][ T1165]  #0: ffffffff89bd6b40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  452.846315][ T1165] 1 lock held by in:imklog/6531:
[  452.851778][ T1165]  #0: ffff888094c50b70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[  452.861444][ T1165] 1 lock held by syz-executor227/6823:
[  452.866885][ T1165]  #0: ffff8880850f7c90 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[  452.878512][ T1165] 3 locks held by kworker/0:3/7030:
[  452.884163][ T1165]  #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670
[  452.895001][ T1165]  #1: ffffc90006007da8 ((work_completion)(&(&sw_ctx_tx->tx_work.work)->work)){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670
[  452.908620][ T1165]  #2: ffff88809704d4d8 (&ctx->tx_lock){+.+.}-{3:3}, at: tx_work_handler+0x127/0x190
[  452.918610][ T1165] 
[  452.921597][ T1165] =============================================
[  452.921597][ T1165] 
[  452.930016][ T1165] NMI backtrace for cpu 1
[  452.934447][ T1165] CPU: 1 PID: 1165 Comm: khungtaskd Not tainted 5.9.0-rc1-syzkaller #0
[  452.942681][ T1165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  452.952756][ T1165] Call Trace:
[  452.956115][ T1165]  dump_stack+0x18f/0x20d
[  452.960457][ T1165]  nmi_cpu_backtrace.cold+0x70/0xb1
[  452.965673][ T1165]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[  452.971284][ T1165]  nmi_trigger_cpumask_backtrace+0x1b3/0x223
[  452.977310][ T1165]  watchdog+0xd7d/0x1000
[  452.981553][ T1165]  ? reset_hung_task_detector+0x30/0x30
[  452.987619][ T1165]  kthread+0x3b5/0x4a0
[  452.991675][ T1165]  ? __kthread_bind_mask+0xc0/0xc0
[  452.996757][ T1165]  ? __kthread_bind_mask+0xc0/0xc0
[  453.001918][ T1165]  ret_from_fork+0x1f/0x30
[  453.006571][ T1165] Sending NMI from CPU 1 to CPUs 0:
[  453.012202][    C0] NMI backtrace for cpu 0
[  453.012208][    C0] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.9.0-rc1-syzkaller #0
[  453.012214][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  453.012219][    C0] Workqueue: events_power_efficient gc_worker
[  453.012225][    C0] RIP: 0010:lockdep_hardirqs_on+0x7b/0xf0
[  453.012236][    C0] Code: 00 8b 83 a0 08 00 00 48 89 ab a8 08 00 00 83 c0 01 89 83 a0 08 00 00 89 83 b8 08 00 00 5b 5d c3 e8 ea ab 64 f9 f6 c4 02 75 44 <8b> 15 3f f5 a2 04 85 d2 75 c2 48 8b 83 f8 08 00 00 48 39 83 e0 08
[  453.012240][    C0] RSP: 0018:ffffc90000cbfc60 EFLAGS: 00000046
[  453.012248][    C0] RAX: 0000000000000086 RBX: ffff8880a95d6140 RCX: 0000000000000006
[  453.012253][    C0] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffffff867af1f9
[  453.012258][    C0] RBP: ffffffff867af1f9 R08: 0000000000000001 R09: ffffffff8c5fca67
[  453.012263][    C0] R10: fffffbfff18bf94c R11: 0000000000000000 R12: dffffc0000000000
[  453.012269][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000200
[  453.012274][    C0] FS:  0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  453.012279][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  453.012284][    C0] CR2: 00007fb592bfa000 CR3: 00000000931b7000 CR4: 00000000001506f0
[  453.012289][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  453.012294][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  453.012297][    C0] Call Trace:
[  453.012308][    C0]  read_seqcount_t_begin.constprop.0+0xd9/0x1f0
[  453.012312][    C0]  gc_worker+0x176/0xb70
[  453.012316][    C0]  process_one_work+0x94c/0x1670
[  453.012319][    C0]  ? lock_release+0x8e0/0x8e0
[  453.012323][    C0]  ? pwq_dec_nr_in_flight+0x2d0/0x2d0
[  453.012327][    C0]  ? rwlock_bug.part.0+0x90/0x90
[  453.012330][    C0]  worker_thread+0x64c/0x1120
[  453.012334][    C0]  ? process_one_work+0x1670/0x1670
[  453.012337][    C0]  kthread+0x3b5/0x4a0
[  453.012341][    C0]  ? __kthread_bind_mask+0xc0/0xc0
[  453.012345][    C0]  ? __kthread_bind_mask+0xc0/0xc0
[  453.012348][    C0]  ret_from_fork+0x1f/0x30
[  453.013463][ T1165] Kernel panic - not syncing: hung_task: blocked tasks
[  453.220167][ T1165] CPU: 1 PID: 1165 Comm: khungtaskd Not tainted 5.9.0-rc1-syzkaller #0
[  453.228389][ T1165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  453.238437][ T1165] Call Trace:
[  453.241730][ T1165]  dump_stack+0x18f/0x20d
[  453.246097][ T1165]  panic+0x2e3/0x75c
[  453.249974][ T1165]  ? __warn_printk+0xf3/0xf3
[  453.254729][ T1165]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[  453.260346][ T1165]  ? preempt_schedule_thunk+0x16/0x18
[  453.265702][ T1165]  ? watchdog.cold+0x5/0x16b
[  453.270299][ T1165]  ? watchdog+0xa82/0x1000
[  453.274700][ T1165]  watchdog.cold+0x16/0x16b
[  453.279180][ T1165]  ? reset_hung_task_detector+0x30/0x30
[  453.284720][ T1165]  kthread+0x3b5/0x4a0
[  453.288768][ T1165]  ? __kthread_bind_mask+0xc0/0xc0
[  453.293855][ T1165]  ? __kthread_bind_mask+0xc0/0xc0
[  453.298946][ T1165]  ret_from_fork+0x1f/0x30
[  453.304745][ T1165] Kernel Offset: disabled
[  453.309066][ T1165] Rebooting in 86400 seconds..