[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.94' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program *** stack smashing detected ***: terminated executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 1719.209635][ T1651] INFO: task kworker/u4:0:8 blocked for more than 143 seconds. [ 1719.217381][ T1651] Not tainted 5.14.0-rc2-syzkaller #0 [ 1719.224660][ T1651] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1719.234597][ T1651] task:kworker/u4:0 state:D stack:24104 pid: 8 ppid: 2 flags:0x00004000 [ 1719.244535][ T1651] Workqueue: events_unbound flush_to_ldisc [ 1719.250984][ T1651] Call Trace: [ 1719.254263][ T1651] __schedule+0x93a/0x26f0 [ 1719.258689][ T1651] ? io_schedule_timeout+0x140/0x140 [ 1719.265184][ T1651] schedule+0xd3/0x270 [ 1719.269256][ T1651] schedule_preempt_disabled+0xf/0x20 [ 1719.275535][ T1651] __mutex_lock+0x7b6/0x10a0 [ 1719.280734][ T1651] ? flush_to_ldisc+0x3e/0x380 [ 1719.285499][ T1651] ? mutex_lock_io_nested+0xf00/0xf00 [ 1719.291845][ T1651] ? lock_release+0x720/0x720 [ 1719.296525][ T1651] flush_to_ldisc+0x3e/0x380 [ 1719.302011][ T1651] process_one_work+0x98d/0x1630 [ 1719.306963][ T1651] ? pwq_dec_nr_in_flight+0x320/0x320 [ 1719.313332][ T1651] ? rwlock_bug.part.0+0x90/0x90 [ 1719.318359][ T1651] ? _raw_spin_lock_irq+0x41/0x50 [ 1719.324776][ T1651] worker_thread+0x658/0x11f0 [ 1719.329469][ T1651] ? process_one_work+0x1630/0x1630 [ 1719.335761][ T1651] kthread+0x3e5/0x4d0 [ 1719.340442][ T1651] ? set_kthread_struct+0x130/0x130 [ 1719.345645][ T1651] ret_from_fork+0x1f/0x30 [ 1719.351135][ T1651] INFO: task syz-executor035:8505 blocked for more than 143 seconds. [ 1719.359192][ T1651] Not tainted 5.14.0-rc2-syzkaller #0 [ 1719.366794][ T1651] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1719.376084][ T1651] task:syz-executor035 state:D stack:28176 pid: 8505 ppid: 8447 flags:0x00004004 [ 1719.386294][ T1651] Call Trace: [ 1719.390184][ T1651] __schedule+0x93a/0x26f0 [ 1719.394605][ T1651] ? io_schedule_timeout+0x140/0x140 [ 1719.400867][ T1651] schedule+0xd3/0x270 [ 1719.405128][ T1651] schedule_preempt_disabled+0xf/0x20 [ 1719.411488][ T1651] __mutex_lock+0x7b6/0x10a0 [ 1719.416086][ T1651] ? set_selection_user+0x9f/0x1b0 [ 1719.422104][ T1651] ? mutex_lock_io_nested+0xf00/0xf00 [ 1719.427493][ T1651] set_selection_user+0x9f/0x1b0 [ 1719.433329][ T1651] ? sel_loadlut+0xe0/0xe0 [ 1719.437771][ T1651] tioclinux+0x114/0x560 [ 1719.442891][ T1651] vt_ioctl+0x225f/0x2ac0 [ 1719.447226][ T1651] ? vt_waitactive+0x350/0x350 [ 1719.452966][ T1651] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1719.459212][ T1651] ? tomoyo_path_number_perm+0x24e/0x590 [ 1719.465926][ T1651] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1719.472375][ T1651] ? __lock_acquire+0x162f/0x54a0 [ 1719.477403][ T1651] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 1719.484401][ T1651] ? vt_waitactive+0x350/0x350 [ 1719.489174][ T1651] tty_ioctl+0xe4d/0x1600 [ 1719.495322][ T1651] ? tty_lookup_driver+0x550/0x550 [ 1719.501098][ T1651] ? find_held_lock+0x2d/0x110 [ 1719.505870][ T1651] ? __context_tracking_exit+0xb8/0xe0 [ 1719.512249][ T1651] ? lock_downgrade+0x6e0/0x6e0 [ 1719.517103][ T1651] ? lock_downgrade+0x6e0/0x6e0 [ 1719.523051][ T1651] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1719.529300][ T1651] ? tty_lookup_driver+0x550/0x550 [ 1719.535849][ T1651] __x64_sys_ioctl+0x193/0x200 [ 1719.541205][ T1651] do_syscall_64+0x35/0xb0 [ 1719.545625][ T1651] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1719.552395][ T1651] RIP: 0033:0x4412a9 [ 1719.556287][ T1651] RSP: 002b:00007ffd8b8eef98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1719.565570][ T1651] RAX: ffffffffffffffda RBX: 0000000000172c20 RCX: 00000000004412a9 [ 1719.574273][ T1651] RDX: 0000000020000000 RSI: 000000000000541c RDI: 0000000000000003 [ 1719.582851][ T1651] RBP: 0000000000000000 R08: 000000000000000e R09: 0000000000000000 [ 1719.591407][ T1651] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd8b8eefdc [ 1719.599382][ T1651] R13: 00007ffd8b8ef010 R14: 00007ffd8b8eeff0 R15: 0000000000000015 [ 1719.608283][ T1651] [ 1719.608283][ T1651] Showing all locks held in the system: [ 1719.616595][ T1651] 3 locks held by kworker/u4:0/8: [ 1719.624029][ T1651] #0: ffff888010869138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x871/0x1630 [ 1719.635666][ T1651] #1: ffffc90000cd7db0 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1630 [ 1719.647304][ T1651] #2: ffff8880210310b8 (&buf->lock){+.+.}-{3:3}, at: flush_to_ldisc+0x3e/0x380 [ 1719.656947][ T1651] 1 lock held by khungtaskd/1651: [ 1719.662629][ T1651] #0: ffffffff8b97b9c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 1719.673159][ T1651] 1 lock held by in:imklog/8139: [ 1719.678086][ T1651] #0: ffff88802aa319f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 1719.688452][ T1651] 3 locks held by syz-executor035/8503: [ 1719.694536][ T1651] 1 lock held by syz-executor035/8505: [ 1719.700576][ T1651] #0: ffffffff8c3855c8 (vc_sel.lock){+.+.}-{3:3}, at: set_selection_user+0x9f/0x1b0 [ 1719.710728][ T1651] [ 1719.713046][ T1651] ============================================= [ 1719.713046][ T1651] [ 1719.722407][ T1651] NMI backtrace for cpu 0 [ 1719.726811][ T1651] CPU: 0 PID: 1651 Comm: khungtaskd Not tainted 5.14.0-rc2-syzkaller #0 [ 1719.735125][ T1651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1719.745166][ T1651] Call Trace: [ 1719.748433][ T1651] dump_stack_lvl+0xcd/0x134 [ 1719.753022][ T1651] nmi_cpu_backtrace.cold+0x44/0xd7 [ 1719.758219][ T1651] ? lapic_can_unplug_cpu+0x80/0x80 [ 1719.763414][ T1651] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 1719.769393][ T1651] watchdog+0xd0a/0xfc0 [ 1719.773540][ T1651] ? reset_hung_task_detector+0x30/0x30 [ 1719.779077][ T1651] kthread+0x3e5/0x4d0 [ 1719.783135][ T1651] ? set_kthread_struct+0x130/0x130 [ 1719.788326][ T1651] ret_from_fork+0x1f/0x30 [ 1719.792920][ T1651] Sending NMI from CPU 0 to CPUs 1: [ 1719.798467][ C1] NMI backtrace for cpu 1 [ 1719.798475][ C1] CPU: 1 PID: 8503 Comm: syz-executor035 Not tainted 5.14.0-rc2-syzkaller #0 [ 1719.798483][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1719.798490][ C1] RIP: 0010:paste_selection+0x2c1/0x4c0 [ 1719.798498][ C1] Code: be 08 00 00 00 48 89 df e8 3c 40 8d fd 41 80 3e 00 0f 85 c3 01 00 00 48 8b 03 31 ff 83 e0 04 49 89 c7 48 89 c6 e8 5f 11 47 fd <4d> 85 ff 0f 85 88 00 00 00 e8 f1 0b 47 fd 4d 8d bd 38 04 00 00 be [ 1719.798510][ C1] RSP: 0018:ffffc900016ffa88 EFLAGS: 00000246 [ 1719.798520][ C1] RAX: 0000000000000000 RBX: ffff8880246cd4c0 RCX: 0000000000000000 [ 1719.798526][ C1] RDX: 0000000000000000 RSI: ffff8880246cd4c0 RDI: 0000000000000003 [ 1719.798533][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff8880246cd4c7 [ 1719.798539][ C1] R10: ffffffff842e7cd1 R11: 0000000000000000 R12: dffffc0000000000 [ 1719.798546][ C1] R13: ffff888028323000 R14: ffffed10048d9a98 R15: 0000000000000000 [ 1719.798553][ C1] FS: 00000000016363c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 1719.798559][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1719.798565][ C1] CR2: 0000000001636384 CR3: 00000000211b9000 CR4: 0000000000350ee0 [ 1719.798570][ C1] Call Trace: [ 1719.798574][ C1] ? sel_pos+0x80/0x80 [ 1719.798577][ C1] ? wake_up_q+0xf0/0xf0 [ 1719.798581][ C1] tioclinux+0x126/0x560 [ 1719.798585][ C1] vt_ioctl+0x225f/0x2ac0 [ 1719.798589][ C1] ? vt_waitactive+0x350/0x350 [ 1719.798593][ C1] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 1719.798598][ C1] ? tomoyo_path_number_perm+0x24e/0x590 [ 1719.798603][ C1] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 1719.798607][ C1] ? __lock_acquire+0x162f/0x54a0 [ 1719.798612][ C1] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 1719.798617][ C1] ? vt_waitactive+0x350/0x350 [ 1719.798621][ C1] tty_ioctl+0xe4d/0x1600 [ 1719.798624][ C1] ? tty_lookup_driver+0x550/0x550 [ 1719.798629][ C1] ? find_held_lock+0x2d/0x110 [ 1719.798633][ C1] ? __context_tracking_exit+0xb8/0xe0 [ 1719.798637][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 1719.798642][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 1719.798646][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 1719.798651][ C1] ? tty_lookup_driver+0x550/0x550 [ 1719.798655][ C1] __x64_sys_ioctl+0x193/0x200 [ 1719.798659][ C1] do_syscall_64+0x35/0xb0 [ 1719.798664][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1719.798668][ C1] RIP: 0033:0x4412a9 [ 1719.798675][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c4 ff ff ff f7 d8 64 89 01 48 [ 1719.798687][ C1] RSP: 002b:00007ffd8b8eef98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1719.798697][ C1] RAX: ffffffffffffffda RBX: 0000000000000063 RCX: 00000000004412a9 [ 1719.798704][ C1] RDX: 0000000020000000 RSI: 000000000000541c RDI: 0000000000000003 [ 1719.798710][ C1] RBP: 0000000000000063 R08: 000000000000000e R09: 0000000000000000 [ 1719.798717][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd8b8eefdc [ 1719.798723][ C1] R13: 00007ffd8b8ef010 R14: 00007ffd8b8eeff0 R15: 0000000000000014 [ 1719.810280][ T1651] Kernel panic - not syncing: hung_task: blocked tasks [ 1720.108100][ T1651] CPU: 0 PID: 1651 Comm: khungtaskd Not tainted 5.14.0-rc2-syzkaller #0 [ 1720.116406][ T1651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1720.126445][ T1651] Call Trace: [ 1720.129706][ T1651] dump_stack_lvl+0xcd/0x134 [ 1720.134285][ T1651] panic+0x306/0x73d [ 1720.138168][ T1651] ? __warn_printk+0xf3/0xf3 [ 1720.142743][ T1651] ? lapic_can_unplug_cpu+0x80/0x80 [ 1720.147928][ T1651] ? preempt_schedule_thunk+0x16/0x18 [ 1720.153286][ T1651] ? nmi_trigger_cpumask_backtrace+0x196/0x230 [ 1720.159599][ T1651] ? watchdog.cold+0x5/0x158 [ 1720.164176][ T1651] watchdog.cold+0x16/0x158 [ 1720.168665][ T1651] ? reset_hung_task_detector+0x30/0x30 [ 1720.174201][ T1651] kthread+0x3e5/0x4d0 [ 1720.178256][ T1651] ? set_kthread_struct+0x130/0x130 [ 1720.183440][ T1651] ret_from_fork+0x1f/0x30 [ 1720.194017][ T1651] Kernel Offset: disabled [ 1720.198671][ T1651] Rebooting in 86400 seconds..