[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 484.549874][ T1068] Bluetooth: hci0: command 0x0409 tx timeout [ 486.629540][ T1068] Bluetooth: hci0: command 0x041b tx timeout [ 488.709280][ T1068] Bluetooth: hci0: command 0x040f tx timeout [ 490.788852][ T1068] Bluetooth: hci0: command 0x0419 tx timeout [ 492.868500][ T1068] Bluetooth: hci0: command 0x0405 tx timeout [ 605.494038][ T1068] Bluetooth: hci0: command 0x0406 tx timeout [ 716.044351][ T26] INFO: task krfcommd:2892 blocked for more than 143 seconds. [ 716.051830][ T26] Not tainted 5.14.0-rc5-next-20210816-syzkaller #0 [ 716.060072][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.068840][ T26] task:krfcommd state:D stack:29640 pid: 2892 ppid: 2 flags:0x00004000 [ 716.078496][ T26] Call Trace: [ 716.081811][ T26] __schedule+0x93a/0x26f0 [ 716.086697][ T26] ? io_schedule_timeout+0x140/0x140 [ 716.092139][ T26] ? rwlock_bug.part.0+0x90/0x90 [ 716.097377][ T26] schedule+0xd3/0x270 [ 716.101463][ T26] schedule_preempt_disabled+0xf/0x20 [ 716.107072][ T26] __mutex_lock+0xa46/0x1300 [ 716.111682][ T26] ? rfcomm_run+0x2ed/0x4a20 [ 716.116563][ T26] ? mutex_lock_io_nested+0x1160/0x1160 [ 716.122127][ T26] ? lock_downgrade+0x6e0/0x6e0 [ 716.127275][ T26] rfcomm_run+0x2ed/0x4a20 [ 716.131703][ T26] ? find_held_lock+0x2d/0x110 [ 716.136690][ T26] ? rfcomm_check_accept+0x240/0x240 [ 716.141988][ T26] ? lock_downgrade+0x6e0/0x6e0 [ 716.147141][ T26] ? __init_waitqueue_head+0xd0/0xd0 [ 716.152475][ T26] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 716.158533][ T26] ? lockdep_hardirqs_on+0x79/0x100 [ 716.163746][ T26] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 716.170306][ T26] ? __kthread_parkme+0x15f/0x220 [ 716.175500][ T26] ? rfcomm_check_accept+0x240/0x240 [ 716.180808][ T26] kthread+0x3e5/0x4d0 [ 716.185118][ T26] ? set_kthread_struct+0x130/0x130 [ 716.190446][ T26] ret_from_fork+0x1f/0x30 [ 716.195148][ T26] INFO: task syz-executor698:6597 blocked for more than 143 seconds. [ 716.203211][ T26] Not tainted 5.14.0-rc5-next-20210816-syzkaller #0 [ 716.210507][ T26] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.219300][ T26] task:syz-executor698 state:D stack:28040 pid: 6597 ppid: 6565 flags:0x00004006 [ 716.228615][ T26] Call Trace: [ 716.231914][ T26] __schedule+0x93a/0x26f0 [ 716.236591][ T26] ? io_schedule_timeout+0x140/0x140 [ 716.241889][ T26] ? trace_hardirqs_on+0x5b/0x1c0 [ 716.247226][ T26] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 716.253048][ T26] schedule+0xd3/0x270 [ 716.257450][ T26] __lock_sock+0x13d/0x260 [ 716.261928][ T26] ? sock_omalloc+0x180/0x180 [ 716.266850][ T26] ? __rfcomm_dlc_close+0x162/0x8a0 [ 716.272063][ T26] ? finish_wait+0x270/0x270 [ 716.276872][ T26] ? rwlock_bug.part.0+0x90/0x90 [ 716.281824][ T26] lock_sock_nested+0xf6/0x120 [ 716.286842][ T26] rfcomm_sk_state_change+0xb4/0x390 [ 716.292146][ T26] __rfcomm_dlc_close+0x1b6/0x8a0 [ 716.297406][ T26] rfcomm_dlc_close+0x1ea/0x240 [ 716.302280][ T26] __rfcomm_sock_close+0xac/0x260 [ 716.307340][ T26] rfcomm_sock_shutdown+0xe9/0x210 [ 716.312453][ T26] rfcomm_sock_release+0x5f/0x140 [ 716.317493][ T26] __sock_release+0xcd/0x280 [ 716.322146][ T26] sock_close+0x18/0x20 [ 716.326316][ T26] __fput+0x288/0x9f0 [ 716.330348][ T26] ? __sock_release+0x280/0x280 [ 716.335228][ T26] task_work_run+0xdd/0x1a0 [ 716.339732][ T26] do_exit+0xbae/0x2a30 [ 716.343912][ T26] ? lock_acquire+0x442/0x510 [ 716.348617][ T26] ? rcu_read_lock_sched_held+0xd/0x70 [ 716.354170][ T26] ? lock_release+0x522/0x720 [ 716.358866][ T26] ? mm_update_next_owner+0x7a0/0x7a0 [ 716.364274][ T26] ? lock_downgrade+0x6e0/0x6e0 [ 716.369133][ T26] ? do_raw_spin_lock+0x120/0x2b0 [ 716.374180][ T26] ? rwlock_bug.part.0+0x90/0x90 [ 716.379115][ T26] do_group_exit+0x125/0x310 [ 716.383705][ T26] get_signal+0x47f/0x2160 [ 716.388182][ T26] ? lock_downgrade+0x6e0/0x6e0 [ 716.393035][ T26] ? wake_up_q+0xf0/0xf0 [ 716.397361][ T26] arch_do_signal_or_restart+0x2a9/0x1c40 [ 716.403156][ T26] ? rfcomm_sock_connect+0x15f/0x460 [ 716.408463][ T26] ? rfcomm_sock_getname+0x300/0x300 [ 716.413839][ T26] ? __sys_connect_file+0x4e/0x1a0 [ 716.418992][ T26] ? get_sigframe_size+0x10/0x10 [ 716.423941][ T26] ? __sys_connect_file+0x1a0/0x1a0 [ 716.429192][ T26] exit_to_user_mode_prepare+0x17d/0x290 [ 716.434914][ T26] syscall_exit_to_user_mode+0x19/0x60 [ 716.440420][ T26] do_syscall_64+0x42/0xb0 [ 716.444950][ T26] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 716.450852][ T26] RIP: 0033:0x445ff9 [ 716.454762][ T26] RSP: 002b:00007fffd5c30fa8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 716.463174][ T26] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000445ff9 [ 716.471319][ T26] RDX: 0000000000000080 RSI: 00000000200001c0 RDI: 0000000000000004 [ 716.479421][ T26] RBP: 0000000000000003 R08: 000000ff00000001 R09: 000000ff00000001 [ 716.487432][ T26] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000f4f2b8 [ 716.495428][ T26] R13: 0000000000000009 R14: 00007fffd5c31000 R15: 0000000000000003 [ 716.503437][ T26] INFO: lockdep is turned off. [ 716.508216][ T26] NMI backtrace for cpu 1 [ 716.512547][ T26] CPU: 1 PID: 26 Comm: khungtaskd Not tainted 5.14.0-rc5-next-20210816-syzkaller #0 [ 716.521901][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.531936][ T26] Call Trace: [ 716.535200][ T26] dump_stack_lvl+0xcd/0x134 [ 716.539841][ T26] nmi_cpu_backtrace.cold+0x47/0x144 [ 716.545113][ T26] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.550370][ T26] nmi_trigger_cpumask_backtrace+0x1ae/0x220 [ 716.556398][ T26] watchdog+0xcb7/0xed0 [ 716.560572][ T26] ? trace_sched_process_hang+0x280/0x280 [ 716.566291][ T26] kthread+0x3e5/0x4d0 [ 716.570370][ T26] ? set_kthread_struct+0x130/0x130 [ 716.575568][ T26] ret_from_fork+0x1f/0x30 [ 716.580072][ T26] Sending NMI from CPU 1 to CPUs 0: [ 716.585387][ C0] NMI backtrace for cpu 0 [ 716.585398][ C0] CPU: 0 PID: 1113 Comm: kworker/u4:4 Not tainted 5.14.0-rc5-next-20210816-syzkaller #0 [ 716.585422][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.585436][ C0] Workqueue: events_unbound toggle_allocation_gate [ 716.585533][ C0] RIP: 0010:insn_get_opcode.part.0+0x425/0x990 [ 716.585565][ C0] Code: c3 e8 bf 8c 80 fd 45 89 f7 41 be 01 00 00 00 41 83 e7 03 e9 60 fe ff ff e8 a8 8c 80 fd 48 89 df e8 e0 e9 ff ff e9 2a fd ff ff 96 8c 80 fd 4c 8d 6b 4c 89 ef e8 1b 92 ff ff 4c 89 ea 48 c1 ea [ 716.585584][ C0] RSP: 0018:ffffc9000458f8f8 EFLAGS: 00000246 [ 716.585600][ C0] RAX: 0000000000000000 RBX: ffffc9000458fa68 RCX: 0000000000000000 [ 716.585619][ C0] RDX: 0000000000000000 RSI: ffff88801bfdb900 RDI: 0000000000000003 [ 716.585632][ C0] RBP: 00000000000000e9 R08: 0000000000000000 R09: 0000000000000001 [ 716.585645][ C0] R10: ffffffff83f530ec R11: 0000000000000000 R12: 0000000000000000 [ 716.585659][ C0] R13: 00000000000000e9 R14: 0000000000000000 R15: 0000000000000000 [ 716.585672][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 716.585692][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 716.585707][ C0] CR2: 00007f69e40f0000 CR3: 000000000b68e000 CR4: 00000000001506f0 [ 716.585721][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 716.585734][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 716.585747][ C0] Call Trace: [ 716.585754][ C0] ? kmem_cache_alloc_bulk+0xe0/0x710 [ 716.585783][ C0] insn_get_modrm+0x355/0x7c0 [ 716.585808][ C0] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 716.585833][ C0] ? cpumask_any_but+0x155/0x1a0 [ 716.585854][ C0] ? kmem_cache_alloc_bulk+0x188/0x710 [ 716.585879][ C0] insn_get_sib+0x29c/0x330 [ 716.585905][ C0] insn_get_displacement+0x31c/0x660 [ 716.585932][ C0] ? kmem_cache_alloc_bulk+0x179/0x710 [ 716.585958][ C0] ? kmem_cache_alloc_bulk+0x188/0x710 [ 716.585984][ C0] insn_decode+0x473/0x4e0 [ 716.586008][ C0] ? kmem_cache_alloc_bulk+0x179/0x710 [ 716.586033][ C0] arch_jump_entry_size+0xa0/0x110 [ 716.586081][ C0] ? arch_jump_entry_size.part.0+0x10/0x10 [ 716.586104][ C0] ? rcu_read_lock_sched_held+0xd/0x70 [ 716.586136][ C0] ? kmem_cache_alloc_bulk+0x179/0x710 [ 716.586162][ C0] ? kmem_cache_alloc_bulk+0x188/0x710 [ 716.586187][ C0] ? kmem_cache_alloc_bulk+0x17a/0x710 [ 716.586214][ C0] ? static_key_disable_cpuslocked+0x108/0x1b0 [ 716.586273][ C0] ? kmem_cache_alloc_bulk+0x3eb/0x710 [ 716.586298][ C0] __jump_label_patch+0x7c/0x1b0 [ 716.586321][ C0] arch_jump_label_transform_queue+0x63/0x100 [ 716.586345][ C0] ? lock_release+0x522/0x720 [ 716.586367][ C0] __jump_label_update+0x12e/0x400 [ 716.586391][ C0] jump_label_update+0x1d5/0x430 [ 716.586414][ C0] static_key_disable_cpuslocked+0x152/0x1b0 [ 716.586439][ C0] static_key_disable+0x16/0x20 [ 716.586460][ C0] toggle_allocation_gate+0x185/0x390 [ 716.586483][ C0] ? lock_release+0x720/0x720 [ 716.586504][ C0] ? wake_up_kfence_timer+0x20/0x20 [ 716.586529][ C0] ? read_word_at_a_time+0xe/0x20 [ 716.586548][ C0] ? strscpy+0xa1/0x2b0 [ 716.586568][ C0] process_one_work+0x98d/0x1630 [ 716.586598][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 716.586634][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 716.586661][ C0] worker_thread+0x658/0x11f0 [ 716.586692][ C0] ? process_one_work+0x1630/0x1630 [ 716.586720][ C0] kthread+0x3e5/0x4d0 [ 716.586743][ C0] ? set_kthread_struct+0x130/0x130 [ 716.586769][ C0] ret_from_fork+0x1f/0x30 [ 716.586799][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.411 msecs [ 716.587400][ T26] Kernel panic - not syncing: hung_task: blocked tasks [ 716.947733][ T26] CPU: 1 PID: 26 Comm: khungtaskd Not tainted 5.14.0-rc5-next-20210816-syzkaller #0 [ 716.957127][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.967167][ T26] Call Trace: [ 716.970451][ T26] dump_stack_lvl+0xcd/0x134 [ 716.975036][ T26] panic+0x2b0/0x6dd [ 716.978949][ T26] ? __warn_printk+0xf3/0xf3 [ 716.983541][ T26] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.988741][ T26] ? preempt_schedule_thunk+0x16/0x18 [ 716.994109][ T26] ? nmi_trigger_cpumask_backtrace+0x191/0x220 [ 717.000261][ T26] ? watchdog.cold+0x1b9/0x1de [ 717.005036][ T26] watchdog.cold+0x1ca/0x1de [ 717.009628][ T26] ? trace_sched_process_hang+0x280/0x280 [ 717.015346][ T26] kthread+0x3e5/0x4d0 [ 717.019422][ T26] ? set_kthread_struct+0x130/0x130 [ 717.024615][ T26] ret_from_fork+0x1f/0x30 [ 717.030353][ T26] Kernel Offset: disabled [ 717.034659][ T26] Rebooting in 86400 seconds..