[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.3' (ECDSA) to the list of known hosts. 2021/05/28 09:01:26 parsed 1 programs 2021/05/28 09:01:26 executed programs: 0 syzkaller login: [ 1584.282228][ T8441] chnl_net:caif_netlink_parms(): no params data found [ 1584.327240][ T8441] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.336186][ T8441] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.344695][ T8441] device bridge_slave_0 entered promiscuous mode [ 1584.353610][ T8441] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.362839][ T8441] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.371486][ T8441] device bridge_slave_1 entered promiscuous mode [ 1584.388359][ T8441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1584.399755][ T8441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1584.420482][ T8441] team0: Port device team_slave_0 added [ 1584.427625][ T8441] team0: Port device team_slave_1 added [ 1584.442798][ T8441] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1584.450038][ T8441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.450075][ T8441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1584.451982][ T8441] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1584.497409][ T8441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1584.524991][ T8441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1584.548044][ T8441] device hsr_slave_0 entered promiscuous mode [ 1584.555622][ T8441] device hsr_slave_1 entered promiscuous mode [ 1584.635407][ T8441] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1584.645879][ T8441] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1584.655646][ T8441] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1584.663899][ T8441] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1584.681981][ T8441] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.689108][ T8441] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1584.696823][ T8441] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.704009][ T8441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1584.741350][ T8441] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1584.756446][ T8584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1584.766625][ T8584] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.775274][ T8584] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.782902][ T8584] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1584.794728][ T8441] 8021q: adding VLAN 0 to HW filter on device team0 [ 1584.806022][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1584.814662][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.821878][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1584.834827][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1584.844475][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.851519][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1584.876524][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1584.885208][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1584.893460][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1584.901765][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1584.910676][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1584.920675][ T8441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1584.941662][ T8441] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1584.951447][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1584.959060][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1584.975828][ T8664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1584.994109][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1585.002665][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1585.010442][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1585.019509][ T8441] device veth0_vlan entered promiscuous mode [ 1585.031518][ T8441] device veth1_vlan entered promiscuous mode [ 1585.050923][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1585.059097][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1585.067909][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1585.079413][ T8441] device veth0_macvtap entered promiscuous mode [ 1585.088864][ T8441] device veth1_macvtap entered promiscuous mode [ 1585.105205][ T8441] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1585.113151][ T8664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1585.123076][ T8664] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1585.134455][ T8441] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1585.145525][ T8441] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.154784][ T8441] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.163599][ T8441] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.172659][ T8441] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1585.184905][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1585.256380][ T8483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1585.264902][ T8483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1585.287631][ T8547] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1585.293614][ T8584] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1585.297883][ T8547] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1585.319791][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1586.164897][ T8584] Bluetooth: hci0: command 0x0409 tx timeout [ 1588.244398][ T8664] Bluetooth: hci0: command 0x041b tx timeout 2021/05/28 09:01:32 executed programs: 4 [ 1590.323965][ T8584] Bluetooth: hci0: command 0x040f tx timeout [ 1592.403779][ T25] Bluetooth: hci0: command 0x0419 tx timeout 2021/05/28 09:01:37 executed programs: 10 2021/05/28 09:01:43 executed programs: 16 2021/05/28 09:01:48 executed programs: 22 [ 1606.564395][ T3246] ieee802154 phy0 wpan0: encryption failed: -22 [ 1606.571286][ T3246] ieee802154 phy1 wpan1: encryption failed: -22 2021/05/28 09:01:54 executed programs: 28 2021/05/28 09:01:59 executed programs: 34 2021/05/28 09:02:04 executed programs: 40 2021/05/28 09:02:10 executed programs: 46 2021/05/28 09:02:15 executed programs: 52 2021/05/28 09:02:21 executed programs: 58 2021/05/28 09:02:26 executed programs: 64 2021/05/28 09:02:31 executed programs: 70 2021/05/28 09:02:37 executed programs: 76 2021/05/28 09:02:42 executed programs: 82 2021/05/28 09:02:48 executed programs: 88 [ 1668.004378][ T3246] ieee802154 phy0 wpan0: encryption failed: -22 [ 1668.011025][ T3246] ieee802154 phy1 wpan1: encryption failed: -22 2021/05/28 09:02:53 executed programs: 94 2021/05/28 09:02:58 executed programs: 100 2021/05/28 09:03:04 executed programs: 106 2021/05/28 09:03:09 executed programs: 112 2021/05/28 09:03:15 executed programs: 118 2021/05/28 09:03:20 executed programs: 124 2021/05/28 09:03:25 executed programs: 130 2021/05/28 09:03:31 executed programs: 136 [ 1711.043832][ T25] Bluetooth: hci0: command 0x0406 tx timeout [ 1729.454727][ T3246] ieee802154 phy0 wpan0: encryption failed: -22 [ 1729.462106][ T3246] ieee802154 phy1 wpan1: encryption failed: -22 [ 1790.884699][ T3246] ieee802154 phy0 wpan0: encryption failed: -22 [ 1790.891263][ T3246] ieee802154 phy1 wpan1: encryption failed: -22 [ 1852.334840][ T3246] ieee802154 phy0 wpan0: encryption failed: -22 [ 1852.341626][ T3246] ieee802154 phy1 wpan1: encryption failed: -22 [ 1862.564068][ T1637] INFO: task syz-executor.0:9660 blocked for more than 143 seconds. [ 1862.572914][ T1637] Not tainted 5.13.0-rc3-syzkaller #0 [ 1862.579946][ T1637] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1862.589226][ T1637] task:syz-executor.0 state:D stack:28112 pid: 9660 ppid: 8441 flags:0x00004004 [ 1862.599497][ T1637] Call Trace: [ 1862.602923][ T1637] __schedule+0x916/0x23e0 [ 1862.607406][ T1637] ? io_schedule_timeout+0x140/0x140 [ 1862.612951][ T1637] ? get_vtime_delta+0x271/0x420 [ 1862.618681][ T1637] schedule+0xcf/0x270 [ 1862.622765][ T1637] schedule_timeout+0x1db/0x250 [ 1862.629441][ T1637] ? usleep_range+0x170/0x170 [ 1862.634839][ T1637] ? wait_for_completion+0x160/0x270 [ 1862.640522][ T1637] ? lock_downgrade+0x6e0/0x6e0 [ 1862.645891][ T1637] ? do_raw_spin_lock+0x120/0x2b0 [ 1862.650928][ T1637] ? rwlock_bug.part.0+0x90/0x90 [ 1862.656545][ T1637] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1862.661754][ T1637] wait_for_completion+0x168/0x270 [ 1862.667479][ T1637] ? __flush_work+0x4f9/0xac0 [ 1862.672174][ T1637] ? bit_wait_io_timeout+0x160/0x160 [ 1862.678191][ T1637] ? lockdep_hardirqs_off+0x90/0xd0 [ 1862.683587][ T1637] __flush_work+0x527/0xac0 [ 1862.688388][ T1637] ? queue_delayed_work_on+0x120/0x120 [ 1862.694259][ T1637] ? __flush_work+0x843/0xac0 [ 1862.698946][ T1637] ? flush_workqueue_prep_pwqs+0x510/0x510 [ 1862.705265][ T1637] ? try_to_grab_pending+0xbd/0xd0 [ 1862.710628][ T1637] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1862.717627][ T1637] __cancel_work_timer+0x3f9/0x570 [ 1862.722980][ T1637] ? try_to_grab_pending+0xd0/0xd0 [ 1862.728314][ T1637] ? p9_fd_close+0x280/0x520 [ 1862.733073][ T1637] ? lock_downgrade+0x6e0/0x6e0 [ 1862.738124][ T1637] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 1862.744110][ T1637] p9_fd_close+0x305/0x520 [ 1862.748700][ T1637] ? p9_client_create+0xa46/0x1110 [ 1862.754768][ T1637] p9_client_create+0x95a/0x1110 [ 1862.760176][ T1637] ? p9_client_flush+0x430/0x430 [ 1862.765717][ T1637] ? lockdep_init_map_type+0x2c3/0x7b0 [ 1862.771181][ T1637] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1862.776916][ T1637] ? __raw_spin_lock_init+0x36/0x110 [ 1862.782916][ T1637] v9fs_session_init+0x1dd/0x1770 [ 1862.788133][ T1637] ? v9fs_show_options+0x780/0x780 [ 1862.793245][ T1637] ? rcu_read_lock_sched_held+0x3a/0x70 [ 1862.798854][ T1637] v9fs_mount+0x79/0x9c0 [ 1862.803113][ T1637] ? v9fs_write_inode+0x60/0x60 [ 1862.808252][ T1637] legacy_get_tree+0x105/0x220 [ 1862.813020][ T1637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1862.819302][ T1637] vfs_get_tree+0x89/0x2f0 [ 1862.823985][ T1637] path_mount+0x132a/0x1fa0 [ 1862.828502][ T1637] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1862.835106][ T1637] ? strncpy_from_user+0x2a0/0x3e0 [ 1862.840219][ T1637] ? finish_automount+0xad0/0xad0 [ 1862.845294][ T1637] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1862.851537][ T1637] ? getname_flags.part.0+0x1dd/0x4f0 [ 1862.856969][ T1637] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 1862.863229][ T1637] __x64_sys_mount+0x27f/0x300 [ 1862.868663][ T1637] ? copy_mnt_ns+0xae0/0xae0 [ 1862.873260][ T1637] ? syscall_enter_from_user_mode+0x27/0x70 [ 1862.879410][ T1637] do_syscall_64+0x3a/0xb0 [ 1862.884005][ T1637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1862.889905][ T1637] RIP: 0033:0x4665d9 [ 1862.893898][ T1637] RSP: 002b:00007f93a0cf4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1862.902316][ T1637] RAX: ffffffffffffffda RBX: 000000000056c1a8 RCX: 00000000004665d9 [ 1862.910617][ T1637] RDX: 0000000020000240 RSI: 0000000020000200 RDI: 0000000000000000 [ 1862.919082][ T1637] RBP: 00000000004bfcb9 R08: 0000000020000580 R09: 0000000000000000 [ 1862.927250][ T1637] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c1a8 [ 1862.935454][ T1637] R13: 00007ffd792b21ef R14: 00007f93a0cf4300 R15: 0000000000022000 [ 1862.943549][ T1637] [ 1862.943549][ T1637] Showing all locks held in the system: [ 1862.951364][ T1637] 1 lock held by khungtaskd/1637: [ 1862.956475][ T1637] #0: ffffffff8bf79320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 1862.966475][ T1637] 2 locks held by in:imklog/8121: [ 1862.971503][ T1637] #0: ffff888019d665f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 1862.981389][ T1637] #1: ffff8880b9c35658 (&rq->lock){-.-.}-{2:2}, at: __schedule+0x21c/0x23e0 [ 1862.990378][ T1637] 2 locks held by kworker/1:0/8584: [ 1862.995629][ T1637] #0: ffff888011064d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x871/0x1600 [ 1863.006029][ T1637] #1: ffffc90001c9fda8 ((work_completion)(&m->wq)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1600 [ 1863.016810][ T1637] 5 locks held by kworker/0:4/8668: [ 1863.022047][ T1637] [ 1863.024480][ T1637] ============================================= [ 1863.024480][ T1637] [ 1863.033204][ T1637] NMI backtrace for cpu 1 [ 1863.037605][ T1637] CPU: 1 PID: 1637 Comm: khungtaskd Not tainted 5.13.0-rc3-syzkaller #0 [ 1863.045927][ T1637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1863.055961][ T1637] Call Trace: [ 1863.059218][ T1637] dump_stack+0x141/0x1d7 [ 1863.063541][ T1637] nmi_cpu_backtrace.cold+0x44/0xd7 [ 1863.068720][ T1637] ? lapic_can_unplug_cpu+0x80/0x80 [ 1863.073905][ T1637] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 1863.079865][ T1637] watchdog+0xd48/0xfb0 [ 1863.084175][ T1637] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1863.090396][ T1637] ? reset_hung_task_detector+0x30/0x30 [ 1863.095920][ T1637] kthread+0x3b1/0x4a0 [ 1863.099965][ T1637] ? __kthread_bind_mask+0xc0/0xc0 [ 1863.105052][ T1637] ret_from_fork+0x1f/0x30 [ 1863.109643][ T1637] Sending NMI from CPU 1 to CPUs 0: [ 1863.115105][ C0] NMI backtrace for cpu 0 [ 1863.115114][ C0] CPU: 0 PID: 8547 Comm: kworker/u4:3 Not tainted 5.13.0-rc3-syzkaller #0 [ 1863.115122][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1863.115129][ C0] Workqueue: bat_events batadv_nc_worker [ 1863.115139][ C0] RIP: 0010:__rcu_read_lock+0x35/0xa0 [ 1863.115147][ C0] Code: 65 48 8b 1c 25 00 f0 01 00 48 8d bb cc 03 00 00 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 <75> 4f 83 83 cc 03 00 00 01 48 b8 00 00 00 00 00 fc ff df 65 48 8b [ 1863.115159][ C0] RSP: 0018:ffffc90001c6fc80 EFLAGS: 00000246 [ 1863.115168][ C0] RAX: 0000000000000007 RBX: ffff888028bfd4c0 RCX: ffff888021ac81c0 [ 1863.115174][ C0] RDX: 0000000000000000 RSI: ffffffff88b63235 RDI: ffff888028bfd88c [ 1863.115181][ C0] RBP: 0000000000000001 R08: 00000000000003ca R09: 0000000000000000 [ 1863.115187][ C0] R10: ffffffff88b63929 R11: 0000000000000000 R12: ffffc90001c6fda8 [ 1863.115194][ C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 00000000000003ca [ 1863.115201][ C0] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000 [ 1863.115207][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1863.115213][ C0] CR2: 00007f6f75fe9000 CR3: 0000000013fe6000 CR4: 0000000000350ef0 [ 1863.115219][ C0] Call Trace: [ 1863.115222][ C0] batadv_nc_worker+0x108/0xe50 [ 1863.115226][ C0] process_one_work+0x98d/0x1600 [ 1863.115231][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 1863.115235][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 1863.115239][ C0] ? _raw_spin_lock_irq+0x41/0x50 [ 1863.115244][ C0] worker_thread+0x64c/0x1120 [ 1863.115248][ C0] ? __kthread_parkme+0x13f/0x1e0 [ 1863.115252][ C0] ? process_one_work+0x1600/0x1600 [ 1863.115256][ C0] kthread+0x3b1/0x4a0 [ 1863.115260][ C0] ? __kthread_bind_mask+0xc0/0xc0 [ 1863.115264][ C0] ret_from_fork+0x1f/0x30 [ 1863.116409][ T1637] Kernel panic - not syncing: hung_task: blocked tasks [ 1863.306358][ T1637] CPU: 1 PID: 1637 Comm: khungtaskd Not tainted 5.13.0-rc3-syzkaller #0 [ 1863.314753][ T1637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1863.324786][ T1637] Call Trace: [ 1863.328060][ T1637] dump_stack+0x141/0x1d7 [ 1863.332370][ T1637] panic+0x306/0x73d [ 1863.336335][ T1637] ? __warn_printk+0xf3/0xf3 [ 1863.340920][ T1637] ? lapic_can_unplug_cpu+0x80/0x80 [ 1863.346099][ T1637] ? preempt_schedule_thunk+0x16/0x18 [ 1863.351451][ T1637] ? nmi_trigger_cpumask_backtrace+0x196/0x230 [ 1863.357599][ T1637] ? watchdog.cold+0x5/0x158 [ 1863.362346][ T1637] watchdog.cold+0x16/0x158 [ 1863.366831][ T1637] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1863.373054][ T1637] ? reset_hung_task_detector+0x30/0x30 [ 1863.378582][ T1637] kthread+0x3b1/0x4a0 [ 1863.382916][ T1637] ? __kthread_bind_mask+0xc0/0xc0 [ 1863.388194][ T1637] ret_from_fork+0x1f/0x30 [ 1863.399016][ T1637] Kernel Offset: disabled [ 1863.403510][ T1637] Rebooting in 86400 seconds..