[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.15' (ECDSA) to the list of known hosts.
2020/07/29 18:03:05 parsed 1 programs
2020/07/29 18:03:06 executed programs: 0
syzkaller login: [ 1045.543362][ T6828] IPVS: ftp: loaded support on port[0] = 21
[ 1045.638379][ T6828] chnl_net:caif_netlink_parms(): no params data found
[ 1045.691094][ T6828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1045.698689][ T6828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1045.707583][ T6828] device bridge_slave_0 entered promiscuous mode
[ 1045.717171][ T6828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1045.724772][ T6828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1045.732852][ T6828] device bridge_slave_1 entered promiscuous mode
[ 1045.753106][ T6828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1045.764295][ T6828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1045.787229][ T6828] team0: Port device team_slave_0 added
[ 1045.794750][ T6828] team0: Port device team_slave_1 added
[ 1045.812599][ T6828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1045.819563][ T6828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1045.845982][ T6828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1045.858947][ T6828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1045.865995][ T6828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1045.892034][ T6828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1045.973472][ T6828] device hsr_slave_0 entered promiscuous mode
[ 1046.022214][ T6828] device hsr_slave_1 entered promiscuous mode
[ 1046.167567][ T6828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1046.233746][ T6828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1046.303260][ T6828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1046.363608][ T6828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1046.447288][ T6828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1046.454713][ T6828] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1046.462857][ T6828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1046.469939][ T6828] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1046.515434][ T6828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1046.528174][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1046.539021][ T6797] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1046.548173][ T6797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1046.557200][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1046.570267][ T6828] 8021q: adding VLAN 0 to HW filter on device team0
[ 1046.582695][ T6798] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1046.592064][ T6798] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1046.599152][ T6798] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1046.623819][ T7040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1046.634016][ T7040] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1046.641162][ T7040] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1046.649432][ T7040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1046.660082][ T7040] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1046.677896][ T6828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1046.688533][ T6828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1046.702529][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1046.710471][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1046.719298][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1046.728329][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1046.737256][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1046.746963][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1046.767347][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1046.776158][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1046.789527][ T6828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1046.809531][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1046.818916][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1046.840096][ T6828] device veth0_vlan entered promiscuous mode
[ 1046.847084][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1046.855702][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1046.865365][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1046.873471][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1046.885693][ T6828] device veth1_vlan entered promiscuous mode
[ 1046.906827][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1046.917095][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1046.925534][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1046.934511][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1046.945326][ T6828] device veth0_macvtap entered promiscuous mode
[ 1046.957027][ T6828] device veth1_macvtap entered promiscuous mode
[ 1046.972778][ T6828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1046.980149][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1046.989054][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1046.997390][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1047.006185][ T6797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1047.018053][ T6828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1047.025558][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1047.034852][ T2631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1056.112039][    T0] NOHZ: local_softirq_pending 08
[ 1076.587549][    T0] NOHZ: local_softirq_pending 08
[ 1158.495875][    T0] NOHZ: local_softirq_pending 08
[ 1178.974549][    T0] NOHZ: local_softirq_pending 08
[ 1199.452005][    T0] NOHZ: local_softirq_pending 08
[ 1210.328784][ T1153] INFO: task syz-executor.0:7075 blocked for more than 143 seconds.
[ 1210.337291][ T1153]       Not tainted 5.8.0-rc7-syzkaller #0
[ 1210.357748][ T1153] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1210.368203][ T1153] syz-executor.0  D28288  7075   6828 0x00000004
[ 1210.379086][ T1153] Call Trace:
[ 1210.383006][ T1153]  __schedule+0x8ea/0x2210
[ 1210.387876][ T1153]  ? io_schedule_timeout+0x140/0x140
[ 1210.395111][ T1153]  schedule+0xd0/0x2a0
[ 1210.401343][ T1153]  schedule_preempt_disabled+0xf/0x20
[ 1210.407784][ T1153]  __mutex_lock+0x3e2/0x10d0
[ 1210.417868][ T1153]  ? pipe_release+0x49/0x320
[ 1210.426503][ T1153]  ? mutex_lock_io_nested+0xf60/0xf60
[ 1210.432948][ T1153]  ? lockdep_hardirqs_on+0x6a/0xe0
[ 1210.438140][ T1153]  ? fsnotify+0x7ec/0xb30
[ 1210.445712][ T1153]  ? fsnotify_parent+0xb7/0x2b0
[ 1210.458411][ T1153]  ? fsnotify_first_mark+0x1f0/0x1f0
[ 1210.466913][ T1153]  ? fcntl_setlk+0xf60/0xf60
[ 1210.472659][ T1153]  ? lock_is_held_type+0xb0/0xe0
[ 1210.477615][ T1153]  ? free_pipe_info+0x390/0x390
[ 1210.484928][ T1153]  pipe_release+0x49/0x320
[ 1210.490451][ T1153]  __fput+0x33c/0x880
[ 1210.495178][ T1153]  task_work_run+0xdd/0x190
[ 1210.502652][ T1153]  __prepare_exit_to_usermode+0x1e9/0x1f0
[ 1210.509528][ T1153]  do_syscall_64+0x6c/0xe0
[ 1210.514034][ T1153]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1210.522883][ T1153] RIP: 0033:0x415ee1
[ 1210.526897][ T1153] Code: Bad RIP value.
[ 1210.532447][ T1153] RSP: 002b:00007ffd249bc0c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1210.542823][ T1153] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 0000000000415ee1
[ 1210.552873][ T1153] RDX: 0000000000000000 RSI: 00000000007904d0 RDI: 0000000000000006
[ 1210.563702][ T1153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1210.574234][ T1153] R10: 00007ffd249bc1b0 R11: 0000000000000293 R12: 00000000007905a8
[ 1210.585034][ T1153] R13: 00000000000ffc79 R14: ffffffffffffffff R15: 000000000078bfac
[ 1210.594529][ T1153] 
[ 1210.594529][ T1153] Showing all locks held in the system:
[ 1210.605992][ T1153] 1 lock held by khungtaskd/1153:
[ 1210.612353][ T1153]  #0: ffffffff89bc11c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 1210.624433][ T1153] 1 lock held by in:imklog/6695:
[ 1210.630383][ T1153]  #0: ffff8880979b6670 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[ 1210.641526][ T1153] 1 lock held by syz-executor.0/7075:
[ 1210.647522][ T1153]  #0: ffff8880a8e02068 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_release+0x49/0x320
[ 1210.658169][ T1153] 2 locks held by syz-executor.0/7077:
[ 1210.666082][ T1153] 
[ 1210.669356][ T1153] =============================================
[ 1210.669356][ T1153] 
[ 1210.678418][ T1153] NMI backtrace for cpu 0
[ 1210.682897][ T1153] CPU: 0 PID: 1153 Comm: khungtaskd Not tainted 5.8.0-rc7-syzkaller #0
[ 1210.691137][ T1153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1210.701276][ T1153] Call Trace:
[ 1210.704703][ T1153]  dump_stack+0x18f/0x20d
[ 1210.709060][ T1153]  nmi_cpu_backtrace.cold+0x70/0xb1
[ 1210.714522][ T1153]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[ 1210.720150][ T1153]  nmi_trigger_cpumask_backtrace+0x1b3/0x223
[ 1210.727156][ T1153]  watchdog+0xd7d/0x1000
[ 1210.731605][ T1153]  ? reset_hung_task_detector+0x30/0x30
[ 1210.737179][ T1153]  kthread+0x3b5/0x4a0
[ 1210.741720][ T1153]  ? __kthread_bind_mask+0xc0/0xc0
[ 1210.746914][ T1153]  ? __kthread_bind_mask+0xc0/0xc0
[ 1210.752407][ T1153]  ret_from_fork+0x1f/0x30
[ 1210.757446][ T1153] Sending NMI from CPU 0 to CPUs 1:
[ 1210.763640][    C1] NMI backtrace for cpu 1
[ 1210.763646][    C1] CPU: 1 PID: 7077 Comm: syz-executor.0 Not tainted 5.8.0-rc7-syzkaller #0
[ 1210.763652][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1210.763655][    C1] RIP: 0010:iov_iter_alignment+0x39e/0x850
[ 1210.763666][    C1] Code: 48 8b 44 24 18 80 38 00 0f 85 f4 03 00 00 4d 8b 7d 18 44 89 e3 48 89 d8 48 c1 e0 04 4c 01 f8 48 8d 78 0c 48 89 fa 48 c1 ea 03 <42> 0f b6 0c 32 48 89 fa 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85
[ 1210.763669][    C1] RSP: 0018:ffffc9000206f868 EFLAGS: 00000a07
[ 1210.763676][    C1] RAX: ffff8880a8124c00 RBX: 0000000000000000 RCX: ffffffff8395bf6f
[ 1210.763681][    C1] RDX: 1ffff11015024981 RSI: ffffffff8395be14 RDI: ffff8880a8124c0c
[ 1210.763685][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff8880994e63c7
[ 1210.763690][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1210.763694][    C1] R13: ffffc9000206fc68 R14: dffffc0000000000 R15: ffff8880a8124c00
[ 1210.763699][    C1] FS:  00007fba306d0700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
[ 1210.763703][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1210.763708][    C1] CR2: 00007f9573761000 CR3: 0000000091a0d000 CR4: 00000000001406e0
[ 1210.763712][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1210.763717][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1210.763719][    C1] Call Trace:
[ 1210.763723][    C1]  ext4_file_write_iter+0x345/0x13d0
[ 1210.763726][    C1]  ? mutex_spin_on_owner+0x1bb/0x320
[ 1210.763729][    C1]  ? lock_downgrade+0x820/0x820
[ 1210.763733][    C1]  ? ext4_buffered_write_iter+0x4a0/0x4a0
[ 1210.763736][    C1]  ? lock_is_held_type+0xb0/0xe0
[ 1210.763739][    C1]  do_iter_readv_writev+0x567/0x780
[ 1210.763742][    C1]  ? get_order+0x20/0x20
[ 1210.763745][    C1]  ? apparmor_file_permission+0x26e/0x4e0
[ 1210.763748][    C1]  do_iter_write+0x188/0x5f0
[ 1210.763751][    C1]  ? iter_file_splice_write+0x170/0xbe0
[ 1210.763755][    C1]  ? rcu_read_lock_sched_held+0x3a/0xb0
[ 1210.763758][    C1]  ? trace_kmalloc+0xfd/0x130
[ 1210.763761][    C1]  vfs_iter_write+0x70/0xa0
[ 1210.763764][    C1]  iter_file_splice_write+0x721/0xbe0
[ 1210.763767][    C1]  ? __do_compat_sys_vmsplice+0x260/0x260
[ 1210.763770][    C1]  ? lock_release+0x8d0/0x8d0
[ 1210.763774][    C1]  ? __sb_start_write+0x1d5/0x470
[ 1210.763777][    C1]  ? __do_compat_sys_vmsplice+0x260/0x260
[ 1210.763780][    C1]  do_splice+0xbcd/0x1820
[ 1210.763783][    C1]  ? lock_downgrade+0x820/0x820
[ 1210.763786][    C1]  ? __might_fault+0x190/0x1d0
[ 1210.763789][    C1]  ? splice_from_pipe+0x140/0x140
[ 1210.763792][    C1]  ? __fget_files+0x294/0x400
[ 1210.763795][    C1]  __x64_sys_splice+0x198/0x250
[ 1210.763798][    C1]  do_syscall_64+0x60/0xe0
[ 1210.763802][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 1210.763804][    C1] RIP: 0033:0x45c369
[ 1210.763814][    C1] Code: 8d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1210.763818][    C1] RSP: 002b:00007fba306cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 1210.763826][    C1] RAX: ffffffffffffffda RBX: 0000000000032240 RCX: 000000000045c369
[ 1210.763830][    C1] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000005
[ 1210.763835][    C1] RBP: 000000000078bff8 R08: 000000000000ffe0 R09: 0000000000000000
[ 1210.763839][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1210.763844][    C1] R13: 00007ffd249bc04f R14: 00007fba306d09c0 R15: 000000000078bfac
[ 1210.788999][ T1153] Kernel panic - not syncing: hung_task: blocked tasks
[ 1211.129076][ T1153] CPU: 0 PID: 1153 Comm: khungtaskd Not tainted 5.8.0-rc7-syzkaller #0
[ 1211.137539][ T1153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1211.148069][ T1153] Call Trace:
[ 1211.151363][ T1153]  dump_stack+0x18f/0x20d
[ 1211.155873][ T1153]  panic+0x2e3/0x75c
[ 1211.159942][ T1153]  ? __warn_printk+0xf3/0xf3
[ 1211.164545][ T1153]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[ 1211.170768][ T1153]  ? preempt_schedule_thunk+0x16/0x18
[ 1211.176138][ T1153]  ? watchdog.cold+0x5/0x16b
[ 1211.180816][ T1153]  ? watchdog+0xa82/0x1000
[ 1211.185323][ T1153]  watchdog.cold+0x16/0x16b
[ 1211.191121][ T1153]  ? reset_hung_task_detector+0x30/0x30
[ 1211.197934][ T1153]  kthread+0x3b5/0x4a0
[ 1211.202020][ T1153]  ? __kthread_bind_mask+0xc0/0xc0
[ 1211.207302][ T1153]  ? __kthread_bind_mask+0xc0/0xc0
[ 1211.212590][ T1153]  ret_from_fork+0x1f/0x30
[ 1211.219043][ T1153] Kernel Offset: disabled
[ 1211.223599][ T1153] Rebooting in 86400 seconds..