[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.123' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [  853.924916][   T35] audit: type=1400 audit(1612865695.605:8): avc:  denied  { execmem } for  pid=8451 comm="syz-executor541" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  853.930713][ T8453] netlink: 32 bytes leftover after parsing attributes in process `syz-executor541'.
[ 1008.122623][ T1620] INFO: task syz-executor541:8453 blocked for more than 143 seconds.
[ 1008.130900][ T1620]       Not tainted 5.11.0-rc7-syzkaller #0
[ 1008.139239][ T1620] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1008.150258][ T1620] task:syz-executor541 state:D stack:25216 pid: 8453 ppid:  8451 flags:0x00004004
[ 1008.161001][ T1620] Call Trace:
[ 1008.165738][ T1620]  __schedule+0x90c/0x21a0
[ 1008.170346][ T1620]  ? io_schedule_timeout+0x140/0x140
[ 1008.177606][ T1620]  schedule+0xcf/0x270
[ 1008.181717][ T1620]  schedule_preempt_disabled+0xf/0x20
[ 1008.188928][ T1620]  __mutex_lock+0x81a/0x1110
[ 1008.194777][ T1620]  ? tcf_action_init_1+0x743/0x990
[ 1008.200086][ T1620]  ? mutex_lock_io_nested+0xf60/0xf60
[ 1008.207147][ T1620]  ? tc_lookup_action_n+0xcd/0xf0
[ 1008.212262][ T1620]  ? lock_downgrade+0x6d0/0x6d0
[ 1008.218898][ T1620]  ? generic_xdp_install+0x7b0/0x7b0
[ 1008.225566][ T1620]  tcf_action_init_1+0x743/0x990
[ 1008.230543][ T1620]  ? tcf_action_dump_old+0x80/0x80
[ 1008.237353][ T1620]  ? find_held_lock+0x2d/0x110
[ 1008.242181][ T1620]  tcf_action_init+0x265/0x4b0
[ 1008.248618][ T1620]  ? tcf_action_init_1+0x990/0x990
[ 1008.255039][ T1620]  ? avc_has_perm_noaudit+0x1ee/0x390
[ 1008.260634][ T1620]  tcf_action_add+0xd9/0x360
[ 1008.267144][ T1620]  ? tca_action_gd+0xe20/0xe20
[ 1008.271990][ T1620]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1008.281264][ T1620]  ? __nla_parse+0x3d/0x50
[ 1008.286970][ T1620]  tc_ctl_action+0x33a/0x440
[ 1008.291593][ T1620]  ? tcf_action_add+0x360/0x360
[ 1008.298109][ T1620]  ? rtnetlink_rcv_msg+0x3c3/0xad0
[ 1008.304430][ T1620]  ? tcf_action_add+0x360/0x360
[ 1008.309829][ T1620]  rtnetlink_rcv_msg+0x44e/0xad0
[ 1008.316510][ T1620]  ? rtnetlink_put_metrics+0x510/0x510
[ 1008.322029][ T1620]  netlink_rcv_skb+0x153/0x420
[ 1008.328555][ T1620]  ? rtnetlink_put_metrics+0x510/0x510
[ 1008.335511][ T1620]  ? netlink_ack+0xaa0/0xaa0
[ 1008.340130][ T1620]  ? netlink_deliver_tap+0x227/0xb70
[ 1008.347365][ T1620]  netlink_unicast+0x533/0x7d0
[ 1008.353792][ T1620]  ? netlink_attachskb+0x870/0x870
[ 1008.359650][ T1620]  ? _copy_from_iter_full+0x275/0x850
[ 1008.368506][ T1620]  netlink_sendmsg+0x856/0xd90
[ 1008.374657][ T1620]  ? netlink_unicast+0x7d0/0x7d0
[ 1008.379647][ T1620]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1008.387768][ T1620]  ? netlink_unicast+0x7d0/0x7d0
[ 1008.394835][ T1620]  sock_sendmsg+0xcf/0x120
[ 1008.399383][ T1620]  ____sys_sendmsg+0x6e8/0x810
[ 1008.407685][ T1620]  ? kernel_sendmsg+0x50/0x50
[ 1008.413632][ T1620]  ? do_recvmmsg+0x6c0/0x6c0
[ 1008.418785][ T1620]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1008.426495][ T1620]  ___sys_sendmsg+0xf3/0x170
[ 1008.431124][ T1620]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1008.438004][ T1620]  ? __fget_files+0x266/0x3d0
[ 1008.443917][ T1620]  ? lock_downgrade+0x6d0/0x6d0
[ 1008.448800][ T1620]  ? do_huge_pmd_anonymous_page+0x8f1/0x2390
[ 1008.456580][ T1620]  ? __fget_files+0x288/0x3d0
[ 1008.461305][ T1620]  ? __fget_light+0xea/0x280
[ 1008.468765][ T1620]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1008.476172][ T1620]  __sys_sendmsg+0xe5/0x1b0
[ 1008.481930][ T1620]  ? __sys_sendmsg_sock+0xb0/0xb0
[ 1008.488792][ T1620]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1008.496144][ T1620]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1008.502143][ T1620]  do_syscall_64+0x2d/0x70
[ 1008.508168][ T1620]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1008.515198][ T1620] RIP: 0033:0x446b19
[ 1008.519115][ T1620] RSP: 002b:00007f6c74c20208 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1008.529206][ T1620] RAX: ffffffffffffffda RBX: 00000000004cb428 RCX: 0000000000446b19
[ 1008.539486][ T1620] RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000003
[ 1008.548598][ T1620] RBP: 00000000004cb420 R08: 0000000000000000 R09: 0000000000000000
[ 1008.557721][ T1620] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004cb42c
[ 1008.567008][ T1620] R13: 00007ffc49ded21f R14: 00007f6c74c20300 R15: 0000000000022000
[ 1008.576500][ T1620] 
[ 1008.576500][ T1620] Showing all locks held in the system:
[ 1008.585461][ T1620] 3 locks held by kworker/1:1/34:
[ 1008.590508][ T1620]  #0: ffff8880230ca538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0
[ 1008.603441][ T1620]  #1: ffffc90000e37da8 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0
[ 1008.617712][ T1620]  #2: ffffffff8d45c228 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20
[ 1008.628331][ T1620] 1 lock held by khungtaskd/1620:
[ 1008.634722][ T1620]  #0: ffffffff8bd73da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 1008.645750][ T1620] 1 lock held by in:imklog/8163:
[ 1008.650707][ T1620]  #0: ffff888013a36170 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[ 1008.661975][ T1620] 1 lock held by syz-executor541/8453:
[ 1008.669850][ T1620]  #0: ffffffff8d45c228 (rtnl_mutex){+.+.}-{3:3}, at: tcf_action_init_1+0x743/0x990
[ 1008.680510][ T1620] 1 lock held by syz-executor541/8455:
[ 1008.688335][ T1620] 
[ 1008.690675][ T1620] =============================================
[ 1008.690675][ T1620] 
[ 1008.700877][ T1620] NMI backtrace for cpu 0
[ 1008.705314][ T1620] CPU: 0 PID: 1620 Comm: khungtaskd Not tainted 5.11.0-rc7-syzkaller #0
[ 1008.713655][ T1620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1008.723801][ T1620] Call Trace:
[ 1008.727091][ T1620]  dump_stack+0x107/0x163
[ 1008.731512][ T1620]  nmi_cpu_backtrace.cold+0x44/0xd7
[ 1008.736746][ T1620]  ? lapic_can_unplug_cpu+0x80/0x80
[ 1008.742009][ T1620]  nmi_trigger_cpumask_backtrace+0x1b3/0x230
[ 1008.748070][ T1620]  watchdog+0xd43/0xfa0
[ 1008.752254][ T1620]  ? reset_hung_task_detector+0x30/0x30
[ 1008.757824][ T1620]  kthread+0x3b1/0x4a0
[ 1008.762301][ T1620]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[ 1008.768213][ T1620]  ret_from_fork+0x1f/0x30
[ 1008.772976][ T1620] Sending NMI from CPU 0 to CPUs 1:
[ 1008.780004][    C1] NMI backtrace for cpu 1
[ 1008.780017][    C1] CPU: 1 PID: 8455 Comm: syz-executor541 Not tainted 5.11.0-rc7-syzkaller #0
[ 1008.780027][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1008.780037][    C1] RIP: 0010:__lock_acquire+0x1e8/0x54f0
[ 1008.780048][    C1] Code: 4c 8d 14 92 49 c1 e2 03 85 d2 74 47 4a 8d 54 16 d8 48 b9 00 00 00 00 00 fc ff df 48 8d 7a 20 48 89 fe 48 c1 ee 03 0f b6 0c 0e <84> c9 74 09 80 f9 03 0f 8e ca 3b 00 00 0f b7 4a 20 81 e1 ff 1f 00
[ 1008.780064][    C1] RSP: 0018:ffffc90001736b70 EFLAGS: 00000806
[ 1008.780078][    C1] RAX: 0000000000000003 RBX: 0000000000000001 RCX: 0000000000000000
[ 1008.780087][    C1] RDX: ffff8880265daa88 RSI: 1ffff11004cbb555 RDI: ffff8880265daaa8
[ 1008.780096][    C1] RBP: ffff8880265da100 R08: 0000000000000001 R09: 0000000000000000
[ 1008.780105][    C1] R10: 0000000000000028 R11: 0000000000000000 R12: 0000000000000000
[ 1008.780114][    C1] R13: 0000000000000000 R14: ffff888023874068 R15: 0000000000000000
[ 1008.780130][    C1] FS:  00007f6c74bff700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 1008.780139][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1008.780147][    C1] CR2: 00007fc4efd5a000 CR3: 000000001af15000 CR4: 00000000001506e0
[ 1008.780156][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1008.780165][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1008.780173][    C1] Call Trace:
[ 1008.780178][    C1]  ? __schedule+0x914/0x21a0
[ 1008.780184][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1008.780191][    C1]  lock_acquire+0x1a8/0x720
[ 1008.780197][    C1]  ? tcf_idr_check_alloc+0x78/0x3b0
[ 1008.780203][    C1]  ? lock_release+0x710/0x710
[ 1008.780209][    C1]  ? asm_sysvec_reschedule_ipi+0x12/0x20
[ 1008.780216][    C1]  __mutex_lock+0x134/0x1110
[ 1008.780222][    C1]  ? tcf_idr_check_alloc+0x78/0x3b0
[ 1008.780229][    C1]  ? tcf_idr_check_alloc+0x78/0x3b0
[ 1008.780235][    C1]  ? mutex_lock_io_nested+0xf60/0xf60
[ 1008.780242][    C1]  ? __mutex_unlock_slowpath+0xe2/0x610
[ 1008.780248][    C1]  ? wait_for_completion_io+0x260/0x260
[ 1008.780255][    C1]  ? __radix_tree_lookup+0x211/0x2a0
[ 1008.780261][    C1]  tcf_idr_check_alloc+0x78/0x3b0
[ 1008.780267][    C1]  tcf_connmark_init+0x2de/0x910
[ 1008.780274][    C1]  ? tcf_connmark_act+0xb40/0xb40
[ 1008.780280][    C1]  ? tc_lookup_action_n+0xcd/0xf0
[ 1008.780286][    C1]  ? lock_downgrade+0x6d0/0x6d0
[ 1008.780292][    C1]  ? __kmalloc_track_caller+0x39/0x440
[ 1008.780299][    C1]  tcf_action_init_1+0x63b/0x990
[ 1008.780305][    C1]  ? tcf_action_dump_old+0x80/0x80
[ 1008.780311][    C1]  tcf_action_init+0x265/0x4b0
[ 1008.780317][    C1]  ? tcf_action_init_1+0x990/0x990
[ 1008.780324][    C1]  ? avc_has_perm_noaudit+0x1ee/0x390
[ 1008.780330][    C1]  tcf_action_add+0xd9/0x360
[ 1008.780336][    C1]  ? tca_action_gd+0xe20/0xe20
[ 1008.780342][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1008.780349][    C1]  ? __nla_parse+0x3d/0x50
[ 1008.780355][    C1]  tc_ctl_action+0x33a/0x440
[ 1008.780361][    C1]  ? tcf_action_add+0x360/0x360
[ 1008.780367][    C1]  ? rtnetlink_rcv_msg+0x3c3/0xad0
[ 1008.780373][    C1]  ? tcf_action_add+0x360/0x360
[ 1008.780379][    C1]  rtnetlink_rcv_msg+0x44e/0xad0
[ 1008.780386][    C1]  ? rtnetlink_put_metrics+0x510/0x510
[ 1008.780392][    C1]  netlink_rcv_skb+0x153/0x420
[ 1008.780398][    C1]  ? rtnetlink_put_metrics+0x510/0x510
[ 1008.780405][    C1]  ? netlink_ack+0xaa0/0xaa0
[ 1008.780411][    C1]  ? netlink_deliver_tap+0x227/0xb70
[ 1008.780417][    C1]  netlink_unicast+0x533/0x7d0
[ 1008.780423][    C1]  ? netlink_attachskb+0x870/0x870
[ 1008.780429][    C1]  ? _copy_from_iter_full+0x275/0x850
[ 1008.780436][    C1]  netlink_sendmsg+0x856/0xd90
[ 1008.780442][    C1]  ? netlink_unicast+0x7d0/0x7d0
[ 1008.780448][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1008.780455][    C1]  ? netlink_unicast+0x7d0/0x7d0
[ 1008.780461][    C1]  sock_sendmsg+0xcf/0x120
[ 1008.780467][    C1]  ____sys_sendmsg+0x6e8/0x810
[ 1008.780473][    C1]  ? kernel_sendmsg+0x50/0x50
[ 1008.780479][    C1]  ? do_recvmmsg+0x6c0/0x6c0
[ 1008.780485][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1008.780492][    C1]  ___sys_sendmsg+0xf3/0x170
[ 1008.780498][    C1]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1008.780504][    C1]  ? __fget_files+0x266/0x3d0
[ 1008.780510][    C1]  ? lock_downgrade+0x6d0/0x6d0
[ 1008.780516][    C1]  ? __fget_files+0x288/0x3d0
[ 1008.780521][    C1]  ? __fget_light+0xea/0x280
[ 1008.780528][    C1]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1008.780535][    C1]  __sys_sendmsg+0xe5/0x1b0
[ 1008.780541][    C1]  ? __sys_sendmsg_sock+0xb0/0xb0
[ 1008.780547][    C1]  ? __do_sys_futex+0x2a2/0x470
[ 1008.780553][    C1]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1008.780560][    C1]  do_syscall_64+0x2d/0x70
[ 1008.780566][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1008.780572][    C1] RIP: 0033:0x446b19
[ 1008.780582][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1008.780598][    C1] RSP: 002b:00007f6c74bff208 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1008.780613][    C1] RAX: ffffffffffffffda RBX: 00000000004cb438 RCX: 0000000000446b19
[ 1008.780622][    C1] RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000004
[ 1008.780631][    C1] RBP: 00000000004cb430 R08: 0000000000000004 R09: 0000000000000000
[ 1008.780640][    C1] R10: 0000000000000004 R11: 0000000000000246 R12: 00000000004cb43c
[ 1008.780649][    C1] R13: 00007ffc49ded21f R14: 00007f6c74bff300 R15: 0000000000022000
[ 1008.780659][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.226 msecs
[ 1008.781301][ T1620] Kernel panic - not syncing: hung_task: blocked tasks
[ 1009.331888][ T1620] CPU: 0 PID: 1620 Comm: khungtaskd Not tainted 5.11.0-rc7-syzkaller #0
[ 1009.340246][ T1620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1009.352234][ T1620] Call Trace:
[ 1009.355534][ T1620]  dump_stack+0x107/0x163
[ 1009.359903][ T1620]  panic+0x306/0x73d
[ 1009.363846][ T1620]  ? __warn_printk+0xf3/0xf3
[ 1009.368471][ T1620]  ? lapic_can_unplug_cpu+0x80/0x80
[ 1009.373697][ T1620]  ? preempt_schedule_thunk+0x16/0x18
[ 1009.379110][ T1620]  ? nmi_trigger_cpumask_backtrace+0x196/0x230
[ 1009.385307][ T1620]  ? watchdog.cold+0x5/0x158
[ 1009.389989][ T1620]  watchdog.cold+0x16/0x158
[ 1009.394516][ T1620]  ? reset_hung_task_detector+0x30/0x30
[ 1009.400081][ T1620]  kthread+0x3b1/0x4a0
[ 1009.404278][ T1620]  ? kthread_create_worker_on_cpu+0xf0/0xf0
[ 1009.410450][ T1620]  ret_from_fork+0x1f/0x30
[ 1009.415567][ T1620] Kernel Offset: disabled
[ 1009.419952][ T1620] Rebooting in 86400 seconds..