[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.200' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
syzkaller login: [ 1094.582681][   T27] INFO: task syz-executor846:6550 blocked for more than 143 seconds.
[ 1094.590887][   T27]       Not tainted 5.15.0-rc5-syzkaller #0
[ 1094.642550][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1094.651349][   T27] task:syz-executor846 state:D stack:28808 pid: 6550 ppid:  6532 flags:0x00004000
[ 1094.732540][   T27] Call Trace:
[ 1094.735884][   T27]  __schedule+0xb44/0x5960
[ 1094.740435][   T27]  ? find_held_lock+0x2d/0x110
[ 1094.792544][   T27]  ? __mutex_lock+0x9a2/0x12f0
[ 1094.797339][   T27]  ? io_schedule_timeout+0x140/0x140
[ 1094.852545][   T27]  ? rwlock_bug.part.0+0x90/0x90
[ 1094.857615][   T27]  schedule+0xd3/0x270
[ 1094.861690][   T27]  schedule_preempt_disabled+0xf/0x20
[ 1094.932539][   T27]  __mutex_lock+0xa34/0x12f0
[ 1094.937170][   T27]  ? io_uring_del_tctx_node+0x105/0x350
[ 1094.992546][   T27]  ? mutex_lock_io_nested+0x1150/0x1150
[ 1094.998120][   T27]  ? xa_erase+0xec/0x170
[ 1095.002444][   T27]  ? __xa_alloc_cyclic+0x340/0x340
[ 1095.052551][   T27]  io_uring_del_tctx_node+0x105/0x350
[ 1095.057937][   T27]  io_uring_cancel_generic+0x5cb/0x760
[ 1095.112548][   T27]  ? __io_uring_free+0x170/0x170
[ 1095.117513][   T27]  ? down_read_trylock+0x350/0x350
[ 1095.162539][   T27]  ? finish_wait+0x270/0x270
[ 1095.167229][   T27]  ? mark_lock+0xef/0x17b0
[ 1095.171645][   T27]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1095.252539][   T27]  ? __validate_process_creds+0x20c/0x370
[ 1095.258584][   T27]  do_exit+0x265/0x2a30
[ 1095.302550][   T27]  ? find_held_lock+0x2d/0x110
[ 1095.307438][   T27]  ? mm_update_next_owner+0x7a0/0x7a0
[ 1095.352534][   T27]  ? lock_downgrade+0x6e0/0x6e0
[ 1095.357663][   T27]  do_group_exit+0x125/0x310
[ 1095.362256][   T27]  get_signal+0x47f/0x2160
[ 1095.412555][   T27]  arch_do_signal_or_restart+0x2a9/0x1c40
[ 1095.418407][   T27]  ? find_held_lock+0x2d/0x110
[ 1095.472554][   T27]  ? get_sigframe_size+0x10/0x10
[ 1095.477539][   T27]  ? __do_sys_futex+0xdc/0x3b0
[ 1095.482306][   T27]  ? do_futex+0x1770/0x1770
[ 1095.552544][   T27]  exit_to_user_mode_prepare+0x17d/0x290
[ 1095.558733][   T27]  syscall_exit_to_user_mode+0x19/0x60
[ 1095.612538][   T27]  do_syscall_64+0x42/0xb0
[ 1095.616965][   T27]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1095.672537][   T27] RIP: 0033:0x7faacc5dc9b9
[ 1095.676960][   T27] RSP: 002b:00007faacc565318 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1095.732536][   T27] RAX: fffffffffffffe00 RBX: 00007faacc65e3f8 RCX: 00007faacc5dc9b9
[ 1095.740620][   T27] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faacc65e3f8
[ 1095.812536][   T27] RBP: 00007faacc65e3f0 R08: 0000000000000000 R09: 0000000000000000
[ 1095.820708][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faacc62b2bc
[ 1095.892539][   T27] R13: 00007ffdc30891ef R14: 00007faacc565400 R15: 0000000000022000
[ 1095.942578][   T27] 
[ 1095.942578][   T27] Showing all locks held in the system:
[ 1095.950480][   T27] 1 lock held by khungtaskd/27:
[ 1096.002571][   T27]  #0: ffffffff8b981ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 1096.052588][   T27] 1 lock held by in:imklog/6166:
[ 1096.057876][   T27]  #0: ffff88807affa5f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[ 1096.122573][   T27] 1 lock held by syz-executor846/6538:
[ 1096.128289][   T27] 1 lock held by syz-executor846/6550:
[ 1096.182583][   T27]  #0: ffff8880155c40a8 (&ctx->uring_lock){+.+.}-{3:3}, at: io_uring_del_tctx_node+0x105/0x350
[ 1096.252541][   T27] 1 lock held by syz-executor846/6551:
[ 1096.258092][   T27] 2 locks held by syz-executor846/6543:
[ 1096.302539][   T27] 1 lock held by syz-executor846/6545:
[ 1096.308195][   T27] 2 locks held by syz-executor846/6554:
[ 1096.362540][   T27] 3 locks held by syz-executor846/6547:
[ 1096.368102][   T27] 1 lock held by syz-executor846/6548:
[ 1096.412538][   T27] 2 locks held by syz-executor846/6549:
[ 1096.418100][   T27] 1 lock held by syz-executor846/6562:
[ 1096.472586][   T27] 
[ 1096.474926][   T27] =============================================
[ 1096.474926][   T27] 
[ 1096.522581][   T27] NMI backtrace for cpu 0
[ 1096.526992][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.0-rc5-syzkaller #0
[ 1096.535215][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1096.545283][   T27] Call Trace:
[ 1096.548552][   T27]  dump_stack_lvl+0xcd/0x134
[ 1096.553227][   T27]  nmi_cpu_backtrace.cold+0x47/0x144
[ 1096.558507][   T27]  ? lapic_can_unplug_cpu+0x80/0x80
[ 1096.563712][   T27]  nmi_trigger_cpumask_backtrace+0x1ae/0x220
[ 1096.569685][   T27]  watchdog+0xc1d/0xf50
[ 1096.573921][   T27]  ? reset_hung_task_detector+0x30/0x30
[ 1096.580932][   T27]  kthread+0x3e5/0x4d0
[ 1096.584991][   T27]  ? set_kthread_struct+0x130/0x130
[ 1096.590177][   T27]  ret_from_fork+0x1f/0x30
[ 1096.594656][   T27] Sending NMI from CPU 0 to CPUs 1:
[ 1096.599864][    C1] NMI backtrace for cpu 1
[ 1096.599874][    C1] CPU: 1 PID: 6551 Comm: syz-executor846 Not tainted 5.15.0-rc5-syzkaller #0
[ 1096.599891][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1096.599899][    C1] RIP: 0010:unwind_next_frame+0x14bf/0x1ce0
[ 1096.599918][    C1] Code: 8d 7e 08 49 8b 6e 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 05 00 00 49 8d 7e 10 4d 8b 66 08 <48> b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f
[ 1096.599931][    C1] RSP: 0018:ffffc90002dff340 EFLAGS: 00000246
[ 1096.599944][    C1] RAX: dffffc0000000000 RBX: 1ffff920005bfe70 RCX: 1ffff920005bfe8b
[ 1096.599954][    C1] RDX: 1ffff920005bfe84 RSI: ffffc90002dff830 RDI: ffffc90002dff428
[ 1096.599963][    C1] RBP: ffffc90002dff860 R08: ffffffff8df39274 R09: 0000000000000001
[ 1096.599972][    C1] R10: fffff520005bfe8e R11: 0000000000086089 R12: ffffc90002df8000
[ 1096.599982][    C1] R13: ffffc90002dff44d R14: ffffc90002dff418 R15: ffffc90002dff44c
[ 1096.599994][    C1] FS:  00007faacc544700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 1096.600008][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1096.600017][    C1] CR2: 0000561548f8a6f8 CR3: 00000000745f3000 CR4: 0000000000350ee0
[ 1096.600027][    C1] Call Trace:
[ 1096.600031][    C1]  ? get_page_from_freelist+0xa72/0x2f80
[ 1096.600049][    C1]  ? deref_stack_reg+0x150/0x150
[ 1096.600062][    C1]  ? __unwind_start+0x51b/0x800
[ 1096.600075][    C1]  ? create_prof_cpu_mask+0x20/0x20
[ 1096.600092][    C1]  arch_stack_walk+0x7d/0xe0
[ 1096.600107][    C1]  ? __alloc_pages+0x1b2/0x500
[ 1096.600123][    C1]  stack_trace_save+0x8c/0xc0
[ 1096.600138][    C1]  ? stack_trace_consume_entry+0x160/0x160
[ 1096.600155][    C1]  ? find_held_lock+0x2d/0x110
[ 1096.600169][    C1]  save_stack+0x151/0x1e0
[ 1096.600183][    C1]  ? register_early_stack+0xb0/0xb0
[ 1096.600202][    C1]  ? get_page_from_freelist+0xa72/0x2f80
[ 1096.600218][    C1]  ? get_page_from_freelist+0xa51/0x2f80
[ 1096.600234][    C1]  ? mark_held_locks+0x9f/0xe0
[ 1096.600250][    C1]  ? bad_range+0x252/0x300
[ 1096.600263][    C1]  ? lockdep_hardirqs_on+0x79/0x100
[ 1096.600278][    C1]  ? preempt_count_add+0x74/0x140
[ 1096.600293][    C1]  __set_page_owner+0x50/0x290
[ 1096.600307][    C1]  ? post_alloc_hook+0x145/0x1e0
[ 1096.600322][    C1]  get_page_from_freelist+0xa72/0x2f80
[ 1096.600341][    C1]  ? prepare_alloc_pages+0x164/0x580
[ 1096.600359][    C1]  ? __zone_watermark_ok+0x450/0x450
[ 1096.600374][    C1]  ? prepare_alloc_pages+0x17b/0x580
[ 1096.600389][    C1]  ? mark_lock+0xef/0x17b0
[ 1096.600404][    C1]  __alloc_pages+0x1b2/0x500
[ 1096.600419][    C1]  ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0
[ 1096.600440][    C1]  ? local_lock_release+0x1d/0x60
[ 1096.600457][    C1]  alloc_pages+0x1a7/0x300
[ 1096.600470][    C1]  new_slab+0x319/0x490
[ 1096.600486][    C1]  ___slab_alloc+0x921/0xfe0
[ 1096.600503][    C1]  ? io_issue_sqe+0x3289/0x7180
[ 1096.600520][    C1]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1096.600538][    C1]  ? io_issue_sqe+0x3289/0x7180
[ 1096.600552][    C1]  ? __slab_alloc.constprop.0+0x4d/0xa0
[ 1096.600569][    C1]  __slab_alloc.constprop.0+0x4d/0xa0
[ 1096.600587][    C1]  ? io_issue_sqe+0x3289/0x7180
[ 1096.600601][    C1]  kmem_cache_alloc_trace+0x293/0x2b0
[ 1096.600619][    C1]  io_issue_sqe+0x3289/0x7180
[ 1096.600638][    C1]  ? io_connect+0x6a0/0x6a0
[ 1096.600651][    C1]  ? mark_lock+0xef/0x17b0
[ 1096.600666][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1096.600682][    C1]  ? lock_chain_count+0x20/0x20
[ 1096.600698][    C1]  __io_queue_sqe+0x90/0xb50
[ 1096.600714][    C1]  ? io_timeout_prep+0x8b0/0x8b0
[ 1096.600729][    C1]  ? mark_held_locks+0x9f/0xe0
[ 1096.600743][    C1]  ? rwlock_bug.part.0+0x90/0x90
[ 1096.600760][    C1]  io_req_task_submit+0xbf/0x1b0
[ 1096.600775][    C1]  tctx_task_work+0x189/0x6c0
[ 1096.600791][    C1]  ? io_fallback_req_func+0x3e0/0x3e0
[ 1096.600805][    C1]  ? rwlock_bug.part.0+0x90/0x90
[ 1096.600820][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1096.600838][    C1]  task_work_run+0xdd/0x1a0
[ 1096.600853][    C1]  exit_to_user_mode_prepare+0x256/0x290
[ 1096.600868][    C1]  syscall_exit_to_user_mode+0x19/0x60
[ 1096.600883][    C1]  do_syscall_64+0x42/0xb0
[ 1096.600896][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1096.600912][    C1] RIP: 0033:0x7faacc5dc9b9
[ 1096.600925][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1096.600938][    C1] RSP: 002b:00007faacc544308 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1096.600951][    C1] RAX: 00000000000002ff RBX: 00007faacc65e408 RCX: 00007faacc5dc9b9
[ 1096.600960][    C1] RDX: 0000000000000000 RSI: 00000000000002ff RDI: 0000000000000005
[ 1096.600968][    C1] RBP: 00007faacc65e400 R08: 0000000000000000 R09: 0000000000000000
[ 1096.600977][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faacc62b2bc
[ 1096.600985][    C1] R13: 00007ffdc30891ef R14: 00007faacc544400 R15: 0000000000022000
[ 1096.932540][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 1097.085475][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.0-rc5-syzkaller #0
[ 1097.093707][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1097.103753][   T27] Call Trace:
[ 1097.107020][   T27]  dump_stack_lvl+0xcd/0x134
[ 1097.111612][   T27]  panic+0x2b0/0x6dd
[ 1097.115502][   T27]  ? __warn_printk+0xf3/0xf3
[ 1097.120176][   T27]  ? lapic_can_unplug_cpu+0x80/0x80
[ 1097.125457][   T27]  ? preempt_schedule_thunk+0x16/0x18
[ 1097.130828][   T27]  ? nmi_trigger_cpumask_backtrace+0x191/0x220
[ 1097.136982][   T27]  ? watchdog.cold+0x130/0x158
[ 1097.141747][   T27]  watchdog.cold+0x141/0x158
[ 1097.146337][   T27]  ? reset_hung_task_detector+0x30/0x30
[ 1097.151884][   T27]  kthread+0x3e5/0x4d0
[ 1097.155949][   T27]  ? set_kthread_struct+0x130/0x130
[ 1097.161145][   T27]  ret_from_fork+0x1f/0x30
[ 1097.166587][   T27] Kernel Offset: disabled
[ 1097.171139][   T27] Rebooting in 86400 seconds..