[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts. executing program executing program executing program syzkaller login: [ 488.256980][ T5] Bluetooth: hci0: command 0x0409 tx timeout [ 490.336380][ T5] Bluetooth: hci0: command 0x041b tx timeout [ 492.416390][ T5] Bluetooth: hci0: command 0x040f tx timeout [ 494.496341][ T5] Bluetooth: hci0: command 0x0419 tx timeout [ 496.576363][ T5] Bluetooth: hci0: command 0x0401 tx timeout [ 610.256685][ T5] Bluetooth: hci0: command 0x0406 tx timeout [ 715.696654][ T1635] INFO: task syz-executor446:8489 blocked for more than 143 seconds. [ 715.705191][ T1635] Not tainted 5.14.0-rc4-syzkaller #0 [ 715.711936][ T1635] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 715.720959][ T1635] task:syz-executor446 state:D stack:28712 pid: 8489 ppid: 8452 flags:0x00000000 [ 715.730229][ T1635] Call Trace: [ 715.733503][ T1635] __schedule+0x93a/0x26f0 [ 715.737985][ T1635] ? io_schedule_timeout+0x140/0x140 [ 715.743270][ T1635] schedule+0xd3/0x270 [ 715.747846][ T1635] schedule_preempt_disabled+0xf/0x20 [ 715.753222][ T1635] __mutex_lock+0x7b6/0x10a0 [ 715.757866][ T1635] ? lock_downgrade+0x6e0/0x6e0 [ 715.762722][ T1635] ? hci_req_sync+0x33/0xd0 [ 715.767268][ T1635] ? mutex_lock_io_nested+0xf00/0xf00 [ 715.772651][ T1635] ? __mutex_unlock_slowpath+0xe2/0x610 [ 715.778352][ T1635] ? wait_for_completion_io+0x280/0x280 [ 715.784009][ T1635] ? adv_instance_rpa_expired+0x70/0x70 [ 715.789665][ T1635] hci_req_sync+0x33/0xd0 [ 715.793997][ T1635] hci_inquiry+0x6f4/0x9e0 [ 715.798447][ T1635] ? lock_downgrade+0x6e0/0x6e0 [ 715.803298][ T1635] ? rwlock_bug.part.0+0x90/0x90 [ 715.808274][ T1635] ? hci_inquiry_cache_update_resolve+0x490/0x490 [ 715.814696][ T1635] ? __local_bh_enable_ip+0xa0/0x120 [ 715.820245][ T1635] hci_sock_ioctl+0x1a7/0x910 [ 715.824941][ T1635] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 715.831522][ T1635] ? create_monitor_event+0x820/0x820 [ 715.836984][ T1635] sock_do_ioctl+0xcb/0x2d0 [ 715.841513][ T1635] ? compat_ifr_data_ioctl+0x150/0x150 [ 715.847018][ T1635] ? find_held_lock+0x2d/0x110 [ 715.851787][ T1635] sock_ioctl+0x477/0x6a0 [ 715.856189][ T1635] ? vlan_ioctl_set+0x30/0x30 [ 715.860961][ T1635] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 715.867262][ T1635] ? vlan_ioctl_set+0x30/0x30 [ 715.871940][ T1635] __x64_sys_ioctl+0x193/0x200 [ 715.876878][ T1635] do_syscall_64+0x35/0xb0 [ 715.881295][ T1635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 715.887271][ T1635] RIP: 0033:0x446449 [ 715.891258][ T1635] RSP: 002b:00007f36ab8342e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 715.900144][ T1635] RAX: ffffffffffffffda RBX: 00000000004cb400 RCX: 0000000000446449 [ 715.908306][ T1635] RDX: 00000000200000c0 RSI: 00000000800448f0 RDI: 0000000000000004 [ 715.908330][ T1635] RBP: 00000000004cb40c R08: 0000000000000000 R09: 0000000000000000 [ 715.908343][ T1635] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000003 [ 715.908354][ T1635] R13: 0000000000000004 R14: 00007f36ab8346b8 R15: 00000000004cb408 [ 715.908437][ T1635] INFO: task syz-executor446:8491 blocked for more than 143 seconds. [ 715.948962][ T1635] Not tainted 5.14.0-rc4-syzkaller #0 [ 715.954861][ T1635] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 715.964110][ T1635] task:syz-executor446 state:D stack:28176 pid: 8491 ppid: 8452 flags:0x00000004 [ 715.973427][ T1635] Call Trace: [ 715.976760][ T1635] __schedule+0x93a/0x26f0 [ 715.981183][ T1635] ? io_schedule_timeout+0x140/0x140 [ 715.986535][ T1635] schedule+0xd3/0x270 [ 715.990600][ T1635] schedule_preempt_disabled+0xf/0x20 [ 715.995952][ T1635] __mutex_lock+0x7b6/0x10a0 [ 716.000572][ T1635] ? lock_downgrade+0x6e0/0x6e0 [ 716.005424][ T1635] ? hci_req_sync+0x33/0xd0 [ 716.010084][ T1635] ? mutex_lock_io_nested+0xf00/0xf00 [ 716.015457][ T1635] ? __mutex_unlock_slowpath+0xe2/0x610 [ 716.021053][ T1635] ? wait_for_completion_io+0x280/0x280 [ 716.026895][ T1635] ? adv_instance_rpa_expired+0x70/0x70 [ 716.032442][ T1635] hci_req_sync+0x33/0xd0 [ 716.036808][ T1635] hci_inquiry+0x6f4/0x9e0 [ 716.041231][ T1635] ? lock_downgrade+0x6e0/0x6e0 [ 716.046240][ T1635] ? rwlock_bug.part.0+0x90/0x90 [ 716.051225][ T1635] ? hci_inquiry_cache_update_resolve+0x490/0x490 [ 716.057693][ T1635] ? __local_bh_enable_ip+0xa0/0x120 [ 716.062980][ T1635] hci_sock_ioctl+0x1a7/0x910 [ 716.067891][ T1635] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 716.073715][ T1635] ? create_monitor_event+0x820/0x820 [ 716.079143][ T1635] sock_do_ioctl+0xcb/0x2d0 [ 716.083646][ T1635] ? compat_ifr_data_ioctl+0x150/0x150 [ 716.089160][ T1635] ? lock_downgrade+0x6e0/0x6e0 [ 716.094009][ T1635] sock_ioctl+0x477/0x6a0 [ 716.098463][ T1635] ? vlan_ioctl_set+0x30/0x30 [ 716.103224][ T1635] ? __fget_files+0x23d/0x3e0 [ 716.107949][ T1635] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.114263][ T1635] ? vlan_ioctl_set+0x30/0x30 [ 716.119047][ T1635] __x64_sys_ioctl+0x193/0x200 [ 716.123905][ T1635] do_syscall_64+0x35/0xb0 [ 716.128543][ T1635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 716.134435][ T1635] RIP: 0033:0x446449 [ 716.138353][ T1635] RSP: 002b:00007f36ab8342e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 716.146818][ T1635] RAX: ffffffffffffffda RBX: 00000000004cb400 RCX: 0000000000446449 [ 716.154785][ T1635] RDX: 00000000200000c0 RSI: 00000000800448f0 RDI: 0000000000000004 [ 716.162787][ T1635] RBP: 00000000004cb40c R08: 0000000000000000 R09: 0000000000000000 [ 716.170981][ T1635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 716.178993][ T1635] R13: 0000000000000004 R14: 00007f36ab8346b8 R15: 00000000004cb408 [ 716.187177][ T1635] [ 716.187177][ T1635] Showing all locks held in the system: [ 716.194889][ T1635] 6 locks held by kworker/u4:0/8: [ 716.199957][ T1635] 1 lock held by khungtaskd/1635: [ 716.204974][ T1635] #0: ffffffff8b97c180 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 716.214910][ T1635] 1 lock held by in:imklog/8352: [ 716.219958][ T1635] #0: ffff888033e1d4f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 716.229160][ T1635] 1 lock held by syz-executor446/8486: [ 716.234668][ T1635] #0: ffff8880349c4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_req_sync+0x33/0xd0 [ 716.244098][ T1635] 1 lock held by syz-executor446/8489: [ 716.249726][ T1635] #0: ffff8880349c4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_req_sync+0x33/0xd0 [ 716.258982][ T1635] 1 lock held by syz-executor446/8491: [ 716.264456][ T1635] #0: ffff8880349c4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_req_sync+0x33/0xd0 [ 716.273717][ T1635] [ 716.276031][ T1635] ============================================= [ 716.276031][ T1635] [ 716.284551][ T1635] NMI backtrace for cpu 1 [ 716.288923][ T1635] CPU: 1 PID: 1635 Comm: khungtaskd Not tainted 5.14.0-rc4-syzkaller #0 [ 716.297448][ T1635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.307482][ T1635] Call Trace: [ 716.310746][ T1635] dump_stack_lvl+0xcd/0x134 [ 716.315330][ T1635] nmi_cpu_backtrace.cold+0x44/0xd7 [ 716.320513][ T1635] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.325700][ T1635] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 716.331672][ T1635] watchdog+0xd0a/0xfc0 [ 716.335816][ T1635] ? reset_hung_task_detector+0x30/0x30 [ 716.341364][ T1635] kthread+0x3e5/0x4d0 [ 716.345418][ T1635] ? set_kthread_struct+0x130/0x130 [ 716.350606][ T1635] ret_from_fork+0x1f/0x30 [ 716.355115][ T1635] Sending NMI from CPU 1 to CPUs 0: [ 716.360672][ C0] NMI backtrace for cpu 0 [ 716.360681][ C0] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 5.14.0-rc4-syzkaller #0 [ 716.360689][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.360696][ C0] Workqueue: events_unbound toggle_allocation_gate [ 716.360707][ C0] RIP: 0010:smp_call_function_many_cond+0x452/0xc20 [ 716.360716][ C0] Code: 0b 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 d0 47 0b 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 33 06 00 00 8b 43 08 31 [ 716.360727][ C0] RSP: 0018:ffffc90000cd7a00 EFLAGS: 00000293 [ 716.360735][ C0] RAX: 0000000000000000 RBX: ffff8880b9d570c0 RCX: 0000000000000000 [ 716.360742][ C0] RDX: ffff88813fe6d4c0 RSI: ffffffff816a6400 RDI: 0000000000000003 [ 716.360748][ C0] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000001 [ 716.360755][ C0] R10: ffffffff816a6426 R11: 0000000000000000 R12: ffffed10173aae19 [ 716.360761][ C0] R13: 0000000000000001 R14: ffff8880b9d570c8 R15: 0000000000000001 [ 716.360768][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 716.360775][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 716.360780][ C0] CR2: 00007f56e8f43000 CR3: 000000000b68e000 CR4: 0000000000350ef0 [ 716.360786][ C0] Call Trace: [ 716.360789][ C0] ? __text_poke+0x8c0/0x8c0 [ 716.360793][ C0] ? __text_poke+0x8c0/0x8c0 [ 716.360797][ C0] on_each_cpu_cond_mask+0x56/0xa0 [ 716.360801][ C0] text_poke_bp_batch+0x47d/0x560 [ 716.360806][ C0] ? alternatives_enable_smp+0xf0/0xf0 [ 716.360810][ C0] ? mutex_lock_io_nested+0xf00/0xf00 [ 716.360815][ C0] ? __jump_label_patch+0x159/0x1b0 [ 716.360819][ C0] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 716.360824][ C0] ? __jump_label_update+0x351/0x400 [ 716.360829][ C0] text_poke_finish+0x16/0x30 [ 716.360833][ C0] arch_jump_label_transform_apply+0x13/0x20 [ 716.360838][ C0] jump_label_update+0x1d5/0x430 [ 716.360842][ C0] static_key_enable_cpuslocked+0x1b1/0x260 [ 716.360847][ C0] static_key_enable+0x16/0x20 [ 716.360851][ C0] toggle_allocation_gate+0x100/0x390 [ 716.360855][ C0] ? lock_release+0x720/0x720 [ 716.360859][ C0] ? wake_up_kfence_timer+0x20/0x20 [ 716.360864][ C0] process_one_work+0x98d/0x1630 [ 716.360868][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 716.360872][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 716.360876][ C0] ? _raw_spin_lock_irq+0x41/0x50 [ 716.360881][ C0] worker_thread+0x658/0x11f0 [ 716.360885][ C0] ? process_one_work+0x1630/0x1630 [ 716.360889][ C0] kthread+0x3e5/0x4d0 [ 716.360893][ C0] ? set_kthread_struct+0x130/0x130 [ 716.360897][ C0] ret_from_fork+0x1f/0x30 [ 716.376062][ T1635] Kernel panic - not syncing: hung_task: blocked tasks [ 716.628240][ T1635] CPU: 1 PID: 1635 Comm: khungtaskd Not tainted 5.14.0-rc4-syzkaller #0 [ 716.636555][ T1635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.646598][ T1635] Call Trace: [ 716.649867][ T1635] dump_stack_lvl+0xcd/0x134 [ 716.654454][ T1635] panic+0x306/0x73d [ 716.658512][ T1635] ? __warn_printk+0xf3/0xf3 [ 716.663093][ T1635] ? lapic_can_unplug_cpu+0x80/0x80 [ 716.668284][ T1635] ? preempt_schedule_thunk+0x16/0x18 [ 716.673650][ T1635] ? nmi_trigger_cpumask_backtrace+0x196/0x230 [ 716.679795][ T1635] ? watchdog.cold+0x5/0x158 [ 716.684378][ T1635] watchdog.cold+0x16/0x158 [ 716.688870][ T1635] ? reset_hung_task_detector+0x30/0x30 [ 716.694403][ T1635] kthread+0x3e5/0x4d0 [ 716.698459][ T1635] ? set_kthread_struct+0x130/0x130 [ 716.703646][ T1635] ret_from_fork+0x1f/0x30 [ 716.714911][ T1635] Kernel Offset: disabled [ 716.719539][ T1635] Rebooting in 86400 seconds..