Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts. 2020/12/13 14:30:03 parsed 1 programs 2020/12/13 14:30:03 executed programs: 0 syzkaller login: [ 1584.424676] IPVS: ftp: loaded support on port[0] = 21 [ 1584.518767] chnl_net:caif_netlink_parms(): no params data found [ 1584.598611] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.605702] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.612832] device bridge_slave_0 entered promiscuous mode [ 1584.620001] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.627372] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.634467] device bridge_slave_1 entered promiscuous mode [ 1584.650985] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1584.659932] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1584.677356] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1584.684813] team0: Port device team_slave_0 added [ 1584.690137] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1584.697582] team0: Port device team_slave_1 added [ 1584.712396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1584.718744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.744740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1584.756306] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1584.762545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.789033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1584.799751] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1584.807356] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1584.826733] device hsr_slave_0 entered promiscuous mode [ 1584.832334] device hsr_slave_1 entered promiscuous mode [ 1584.838564] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1584.845671] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1584.906885] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.913294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1584.920527] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.927126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1584.956810] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 1584.962888] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1584.972182] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1584.980759] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1584.990096] bridge0: port 1(bridge_slave_0) entered disabled state [ 1585.007411] bridge0: port 2(bridge_slave_1) entered disabled state [ 1585.018240] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1585.024424] 8021q: adding VLAN 0 to HW filter on device team0 [ 1585.032617] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1585.041022] bridge0: port 1(bridge_slave_0) entered blocking state [ 1585.047423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1585.057265] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1585.064968] bridge0: port 2(bridge_slave_1) entered blocking state [ 1585.071318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1585.090527] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1585.100476] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1585.111079] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1585.119165] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1585.127073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1585.134794] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1585.142356] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1585.150068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1585.156936] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1585.169414] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1585.176883] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1585.184611] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1585.196176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1585.247192] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1585.256711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1585.287349] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1585.297511] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1585.304126] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1585.312887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1585.320743] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1585.327743] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1585.336991] device veth0_vlan entered promiscuous mode [ 1585.345811] device veth1_vlan entered promiscuous mode [ 1585.351662] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1585.360849] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1585.373193] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1585.383694] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1585.390827] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1585.398453] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1585.408460] device veth0_macvtap entered promiscuous mode [ 1585.415111] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1585.423574] device veth1_macvtap entered promiscuous mode [ 1585.432230] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1585.441278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1585.451896] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1585.459215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1585.468030] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1585.477666] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1585.485117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1585.503754] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1586.454923] Bluetooth: hci0 command 0x0409 tx timeout [ 1588.534004] Bluetooth: hci0 command 0x041b tx timeout 2020/12/13 14:30:09 executed programs: 4 [ 1590.613632] Bluetooth: hci0 command 0x040f tx timeout [ 1592.693619] Bluetooth: hci0 command 0x0419 tx timeout 2020/12/13 14:30:14 executed programs: 10 2020/12/13 14:30:19 executed programs: 16 2020/12/13 14:30:24 executed programs: 22 2020/12/13 14:30:29 executed programs: 28 [ 1710.053717] Bluetooth: hci0 command 0x0406 tx timeout [ 1861.574235] INFO: task syz-executor.0:8477 blocked for more than 140 seconds. [ 1861.581682] Not tainted 4.14.212-syzkaller #0 [ 1861.588310] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1861.596734] syz-executor.0 D28456 8477 8008 0x00000004 [ 1861.602474] Call Trace: [ 1861.605685] __schedule+0x88b/0x1de0 [ 1861.609404] ? io_schedule_timeout+0x140/0x140 [ 1861.614619] ? trace_hardirqs_on+0x10/0x10 [ 1861.618858] schedule+0x8d/0x1b0 [ 1861.622216] schedule_timeout+0x80a/0xe90 [ 1861.627267] ? _raw_spin_unlock_irq+0x24/0x80 [ 1861.631774] ? usleep_range+0x130/0x130 [ 1861.636451] ? wait_for_common+0x26a/0x430 [ 1861.640688] ? lock_acquire+0x170/0x3f0 [ 1861.645352] ? lock_downgrade+0x740/0x740 [ 1861.649522] ? _raw_spin_unlock_irq+0x24/0x80 [ 1861.654692] wait_for_common+0x272/0x430 [ 1861.658747] ? out_of_line_wait_on_atomic_t+0x1a0/0x1a0 [ 1861.665099] ? preempt_schedule_common+0x45/0xc0 [ 1861.669854] ? wake_up_q+0xd0/0xd0 [ 1861.673376] flush_work+0x3fe/0x770 [ 1861.677882] ? worker_thread+0xff0/0xff0 [ 1861.681947] ? flush_workqueue_prep_pwqs+0x470/0x470 [ 1861.687647] ? __cancel_work_timer+0x2c1/0x460 [ 1861.692232] __cancel_work_timer+0x321/0x460 [ 1861.697355] ? work_on_cpu_safe+0x70/0x70 [ 1861.701495] ? lock_acquire+0x170/0x3f0 [ 1861.706118] ? lock_downgrade+0x740/0x740 [ 1861.710262] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 1861.716074] p9_fd_close+0x299/0x420 [ 1861.719789] p9_client_create+0x736/0x12c0 [ 1861.724681] ? p9_client_flush+0x4c0/0x4c0 [ 1861.728935] ? __lockdep_init_map+0x100/0x560 [ 1861.733412] ? __raw_spin_lock_init+0x28/0x100 [ 1861.738094] v9fs_session_init+0x1c5/0x1540 [ 1861.742419] ? pcpu_alloc+0xbe0/0xf50 [ 1861.746314] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1861.751177] ? v9fs_show_options+0x6b0/0x6b0 [ 1861.755672] ? v9fs_mount+0x54/0x860 [ 1861.759406] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1861.764962] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1861.769978] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 1861.774885] v9fs_mount+0x73/0x860 [ 1861.778426] ? alloc_pages_current+0x15d/0x260 [ 1861.782989] ? __lockdep_init_map+0x100/0x560 [ 1861.788116] mount_fs+0x92/0x2a0 [ 1861.791502] vfs_kern_mount.part.0+0x5b/0x470 [ 1861.796077] do_mount+0xe53/0x2a00 [ 1861.799619] ? do_raw_spin_unlock+0x164/0x220 [ 1861.804196] ? copy_mount_string+0x40/0x40 [ 1861.808439] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1861.813435] ? copy_mnt_ns+0xa30/0xa30 [ 1861.817725] ? copy_mount_options+0x1fa/0x2f0 [ 1861.822224] ? copy_mnt_ns+0xa30/0xa30 [ 1861.826200] SyS_mount+0xa8/0x120 [ 1861.829674] ? copy_mnt_ns+0xa30/0xa30 [ 1861.833559] do_syscall_64+0x1d5/0x640 [ 1861.837536] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1861.842740] RIP: 0033:0x45e159 [ 1861.846015] RSP: 002b:00007f9a01b29c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1861.853806] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e159 [ 1861.861085] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 1861.869025] RBP: 000000000119c1c8 R08: 0000000020000580 R09: 0000000000000000 [ 1861.876354] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119c184 [ 1861.883623] R13: 00007ffda0ec82af R14: 00007f9a01b2a9c0 R15: 000000000119c184 [ 1861.891039] [ 1861.891039] Showing all locks held in the system: [ 1861.897497] 1 lock held by khungtaskd/1531: [ 1861.901905] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a [ 1861.911046] 2 locks held by kworker/1:2/2612: [ 1861.915629] #0: ("events"){+.+.}, at: [] process_one_work+0x6b0/0x14a0 [ 1861.924237] #1: ((&m->wq)){+.+.}, at: [] process_one_work+0x6e6/0x14a0 [ 1861.932699] 1 lock held by in:imklog/7686: [ 1861.937013] #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0x1fb/0x2b0 [ 1861.945605] [ 1861.947228] ============================================= [ 1861.947228] [ 1861.954868] NMI backtrace for cpu 0 [ 1861.958521] CPU: 0 PID: 1531 Comm: khungtaskd Not tainted 4.14.212-syzkaller #0 [ 1861.965947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1861.975290] Call Trace: [ 1861.977868] dump_stack+0x1b2/0x283 [ 1861.981486] nmi_cpu_backtrace.cold+0x57/0x93 [ 1861.985962] ? irq_force_complete_move.cold+0x89/0x89 [ 1861.991140] nmi_trigger_cpumask_backtrace+0x13a/0x17f [ 1861.996405] watchdog+0x5b9/0xb40 [ 1861.999849] ? hungtask_pm_notify+0x50/0x50 [ 1862.004163] kthread+0x30d/0x420 [ 1862.007508] ? kthread_create_on_node+0xd0/0xd0 [ 1862.012431] ret_from_fork+0x24/0x30 [ 1862.016292] Sending NMI from CPU 0 to CPUs 1: [ 1862.021184] NMI backtrace for cpu 1 [ 1862.021189] CPU: 1 PID: 4618 Comm: systemd-journal Not tainted 4.14.212-syzkaller #0 [ 1862.021193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1862.021196] task: ffff8880a1b946c0 task.stack: ffff8880a1b98000 [ 1862.021199] RIP: 0010:lock_is_held_type+0x81/0x210 [ 1862.021202] RSP: 0018:ffff8880a1b9fde0 EFLAGS: 00000286 [ 1862.021208] RAX: 1ffffffff11e1250 RBX: ffff8880a1b946c0 RCX: 0000000000000001 [ 1862.021211] RDX: dffffc0000000000 RSI: 00000000ffffffff RDI: ffff8880a1b94f44 [ 1862.021215] RBP: ffff8880a21e88d8 R08: ffffffff8b9acdd8 R09: 00000000000400a1 [ 1862.021218] R10: ffff8880a1b94f48 R11: ffff8880a1b946c0 R12: ffff8880a21e8858 [ 1862.021222] R13: ffff8880a21e8800 R14: fffffffffffffffe R15: 0000564372f70680 [ 1862.021225] FS: 00007f384cf818c0(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 1862.021229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1862.021232] CR2: 00007f384a360010 CR3: 00000000a1be7000 CR4: 00000000001406e0 [ 1862.021235] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1862.021239] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1862.021241] Call Trace: [ 1862.021244] ? __put_unused_fd+0x100/0x170 [ 1862.021246] ? put_unused_fd+0x55/0x70 [ 1862.021248] ? do_sys_open+0x3e3/0x410 [ 1862.021251] ? filp_open+0x60/0x60 [ 1862.021253] ? do_syscall_64+0x4c/0x640 [ 1862.021256] ? do_sys_open+0x410/0x410 [ 1862.021258] ? do_syscall_64+0x1d5/0x640 [ 1862.021261] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1862.021263] Code: 80 92 f0 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 6a 01 00 00 48 83 3d 06 48 ae 07 00 0f 84 1d 01 00 00 9c <58> 0f 1f 44 00 00 48 ba 00 00 00 00 00 fc ff df 48 89 c3 48 c7 [ 1862.021813] Kernel panic - not syncing: hung_task: blocked tasks [ 1862.195280] CPU: 0 PID: 1531 Comm: khungtaskd Not tainted 4.14.212-syzkaller #0 [ 1862.202711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1862.212056] Call Trace: [ 1862.214668] dump_stack+0x1b2/0x283 [ 1862.218275] panic+0x1f9/0x42d [ 1862.221452] ? add_taint.cold+0x16/0x16 [ 1862.225406] ? printk_safe_flush+0xa9/0x110 [ 1862.229724] watchdog+0x5ca/0xb40 [ 1862.233178] ? hungtask_pm_notify+0x50/0x50 [ 1862.237487] kthread+0x30d/0x420 [ 1862.240841] ? kthread_create_on_node+0xd0/0xd0 [ 1862.245488] ret_from_fork+0x24/0x30 [ 1862.249831] Kernel Offset: disabled [ 1862.253465] Rebooting in 86400 seconds..