[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.48' (ECDSA) to the list of known hosts. 2020/11/15 15:20:28 parsed 1 programs 2020/11/15 15:20:29 executed programs: 0 syzkaller login: [ 1066.023419][ T8500] IPVS: ftp: loaded support on port[0] = 21 [ 1066.168672][ T8500] chnl_net:caif_netlink_parms(): no params data found [ 1066.235976][ T8500] bridge0: port 1(bridge_slave_0) entered blocking state [ 1066.245834][ T8500] bridge0: port 1(bridge_slave_0) entered disabled state [ 1066.254987][ T8500] device bridge_slave_0 entered promiscuous mode [ 1066.264043][ T8500] bridge0: port 2(bridge_slave_1) entered blocking state [ 1066.271283][ T8500] bridge0: port 2(bridge_slave_1) entered disabled state [ 1066.278919][ T8500] device bridge_slave_1 entered promiscuous mode [ 1066.298739][ T8500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1066.312206][ T8500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1066.334249][ T8500] team0: Port device team_slave_0 added [ 1066.341973][ T8500] team0: Port device team_slave_1 added [ 1066.359081][ T8500] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1066.366299][ T8500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1066.393455][ T8500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1066.407664][ T8500] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1066.415224][ T8500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1066.441331][ T8500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1066.467976][ T8500] device hsr_slave_0 entered promiscuous mode [ 1066.475850][ T8500] device hsr_slave_1 entered promiscuous mode [ 1066.572648][ T8500] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1066.583247][ T8500] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1066.593888][ T8500] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1066.604029][ T8500] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1066.631324][ T8500] bridge0: port 2(bridge_slave_1) entered blocking state [ 1066.638473][ T8500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1066.646423][ T8500] bridge0: port 1(bridge_slave_0) entered blocking state [ 1066.653576][ T8500] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1066.698097][ T8500] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1066.712732][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1066.723930][ T8470] bridge0: port 1(bridge_slave_0) entered disabled state [ 1066.732722][ T8470] bridge0: port 2(bridge_slave_1) entered disabled state [ 1066.742022][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1066.756278][ T8500] 8021q: adding VLAN 0 to HW filter on device team0 [ 1066.767755][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1066.776365][ T8470] bridge0: port 1(bridge_slave_0) entered blocking state [ 1066.783497][ T8470] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1066.796119][ T8722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1066.806290][ T8722] bridge0: port 2(bridge_slave_1) entered blocking state [ 1066.813419][ T8722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1066.832629][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1066.842214][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1066.855648][ T8722] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1066.867934][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1066.879980][ T8722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1066.892191][ T8500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1066.912186][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1066.920370][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1066.933180][ T8500] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1066.953097][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1066.974026][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1066.983231][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1066.991494][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1067.002187][ T8500] device veth0_vlan entered promiscuous mode [ 1067.015754][ T8500] device veth1_vlan entered promiscuous mode [ 1067.037721][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1067.046810][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1067.055400][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1067.066558][ T8500] device veth0_macvtap entered promiscuous mode [ 1067.077120][ T8500] device veth1_macvtap entered promiscuous mode [ 1067.096269][ T8500] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1067.104444][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1067.114629][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1067.127711][ T8500] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1067.136458][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1067.149364][ T8500] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.161296][ T8500] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.171713][ T8500] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.180882][ T8500] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.269081][ T8567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.297893][ T8567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.315190][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1067.336276][ T8567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.344740][ T8567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.353472][ T8470] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1067.409293][ C0] hrtimer: interrupt took 35115 ns [ 1068.040657][ T8470] Bluetooth: hci0: command 0x0409 tx timeout 2020/11/15 15:20:34 executed programs: 54 [ 1070.119928][ T8470] Bluetooth: hci0: command 0x041b tx timeout [ 1072.206040][ T3003] Bluetooth: hci0: command 0x040f tx timeout [ 1074.278760][ T8470] Bluetooth: hci0: command 0x0419 tx timeout 2020/11/15 15:20:39 executed programs: 259 2020/11/15 15:20:44 executed programs: 494 2020/11/15 15:20:49 executed programs: 715 2020/11/15 15:20:54 executed programs: 943 2020/11/15 15:20:59 executed programs: 1166 2020/11/15 15:21:04 executed programs: 1381 2020/11/15 15:21:09 executed programs: 1592 2020/11/15 15:21:14 executed programs: 1781 2020/11/15 15:21:19 executed programs: 2000 2020/11/15 15:21:24 executed programs: 2211 2020/11/15 15:21:29 executed programs: 2427 2020/11/15 15:21:34 executed programs: 2638 2020/11/15 15:21:39 executed programs: 2840 2020/11/15 15:21:44 executed programs: 3045 2020/11/15 15:21:49 executed programs: 3255 2020/11/15 15:21:54 executed programs: 3457 2020/11/15 15:21:59 executed programs: 3651 2020/11/15 15:22:04 executed programs: 3852 [ 1189.468269][ T8720] Bluetooth: hci0: command 0x0406 tx timeout [ 1312.188909][ T1567] INFO: task syz-executor.0:26152 can't die for more than 143 seconds. [ 1312.197357][ T1567] task:syz-executor.0 state:D stack:28544 pid:26152 ppid: 8500 flags:0x00004004 [ 1312.207320][ T1567] Call Trace: [ 1312.210753][ T1567] __schedule+0x890/0x2030 [ 1312.215186][ T1567] ? io_schedule_timeout+0x140/0x140 [ 1312.220580][ T1567] ? prepare_to_wait_event+0x129/0x6a0 [ 1312.226058][ T1567] schedule+0xcf/0x270 [ 1312.231241][ T1567] perf_event_free_task+0x514/0x6b0 [ 1312.236505][ T1567] ? ____kasan_slab_free+0xec/0x110 [ 1312.241804][ T1567] ? perf_event_exit_task+0xf10/0xf10 [ 1312.247175][ T1567] ? init_wait_var_entry+0x200/0x200 [ 1312.252528][ T1567] ? kfree+0xdb/0x360 [ 1312.256550][ T1567] ? bpf_task_storage_free+0x3d6/0x460 [ 1312.262143][ T1567] copy_process+0x48e0/0x6f90 [ 1312.266830][ T1567] ? __cleanup_sighand+0xb0/0xb0 [ 1312.271869][ T1567] ? find_held_lock+0x2d/0x110 [ 1312.276640][ T1567] kernel_clone+0xe7/0xab0 [ 1312.281849][ T1567] ? copy_init_mm+0x20/0x20 [ 1312.286518][ T1567] ? ktime_get+0x90/0x1e0 [ 1312.291250][ T1567] ? ktime_get+0x154/0x1e0 [ 1312.295698][ T1567] ? lapic_next_event+0x4d/0x80 [ 1312.300663][ T1567] __do_sys_clone+0xc8/0x110 [ 1312.305250][ T1567] ? kernel_clone+0xab0/0xab0 [ 1312.310667][ T1567] ? hrtimer_interrupt+0x6f4/0x940 [ 1312.315804][ T1567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1312.322182][ T1567] do_syscall_64+0x2d/0x70 [ 1312.326639][ T1567] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1312.332625][ T1567] RIP: 0033:0x45deb9 [ 1312.336561][ T1567] Code: Unable to access opcode bytes at RIP 0x45de8f. [ 1312.343538][ T1567] RSP: 002b:00007ffb605e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1312.352158][ T1567] RAX: ffffffffffffffda RBX: 0000000000002040 RCX: 000000000045deb9 [ 1312.360185][ T1567] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000100 [ 1312.368157][ T1567] RBP: 000000000118bf70 R08: ffffffffffffffff R09: 0000000000000000 [ 1312.376217][ T1567] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c [ 1312.384373][ T1567] R13: 00007fff8d97524f R14: 00007ffb605e79c0 R15: 000000000118bf2c [ 1312.392619][ T1567] INFO: task syz-executor.0:26152 blocked for more than 143 seconds. [ 1312.400749][ T1567] Not tainted 5.10.0-rc3-next-20201113-syzkaller #0 [ 1312.407842][ T1567] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1312.417159][ T1567] task:syz-executor.0 state:D stack:28544 pid:26152 ppid: 8500 flags:0x00004004 [ 1312.426693][ T1567] Call Trace: [ 1312.430297][ T1567] __schedule+0x890/0x2030 [ 1312.434722][ T1567] ? io_schedule_timeout+0x140/0x140 [ 1312.440330][ T1567] ? prepare_to_wait_event+0x129/0x6a0 [ 1312.445797][ T1567] schedule+0xcf/0x270 [ 1312.449973][ T1567] perf_event_free_task+0x514/0x6b0 [ 1312.455173][ T1567] ? ____kasan_slab_free+0xec/0x110 [ 1312.460414][ T1567] ? perf_event_exit_task+0xf10/0xf10 [ 1312.465789][ T1567] ? init_wait_var_entry+0x200/0x200 [ 1312.471183][ T1567] ? kfree+0xdb/0x360 [ 1312.475172][ T1567] ? bpf_task_storage_free+0x3d6/0x460 [ 1312.480680][ T1567] copy_process+0x48e0/0x6f90 [ 1312.485365][ T1567] ? __cleanup_sighand+0xb0/0xb0 [ 1312.490398][ T1567] ? find_held_lock+0x2d/0x110 [ 1312.495264][ T1567] kernel_clone+0xe7/0xab0 [ 1312.499755][ T1567] ? copy_init_mm+0x20/0x20 [ 1312.504269][ T1567] ? ktime_get+0x90/0x1e0 [ 1312.508574][ T1567] ? ktime_get+0x154/0x1e0 [ 1312.513085][ T1567] ? lapic_next_event+0x4d/0x80 [ 1312.517941][ T1567] __do_sys_clone+0xc8/0x110 [ 1312.522599][ T1567] ? kernel_clone+0xab0/0xab0 [ 1312.527276][ T1567] ? hrtimer_interrupt+0x6f4/0x940 [ 1312.532501][ T1567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1312.538395][ T1567] do_syscall_64+0x2d/0x70 [ 1312.543510][ T1567] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1312.549723][ T1567] RIP: 0033:0x45deb9 [ 1312.553617][ T1567] Code: Unable to access opcode bytes at RIP 0x45de8f. [ 1312.560572][ T1567] RSP: 002b:00007ffb605e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1312.569051][ T1567] RAX: ffffffffffffffda RBX: 0000000000002040 RCX: 000000000045deb9 [ 1312.577010][ T1567] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000100 [ 1312.585065][ T1567] RBP: 000000000118bf70 R08: ffffffffffffffff R09: 0000000000000000 [ 1312.593224][ T1567] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c [ 1312.601433][ T1567] R13: 00007fff8d97524f R14: 00007ffb605e79c0 R15: 000000000118bf2c [ 1312.609531][ T1567] [ 1312.609531][ T1567] Showing all locks held in the system: [ 1312.617244][ T1567] 1 lock held by khungtaskd/1567: [ 1312.622300][ T1567] #0: ffffffff8b339ce0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 1312.632359][ T1567] 1 lock held by in:imklog/8178: [ 1312.637288][ T1567] #0: ffff88801c937c70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 1312.646563][ T1567] [ 1312.649692][ T1567] ============================================= [ 1312.649692][ T1567] [ 1312.658098][ T1567] NMI backtrace for cpu 0 [ 1312.662500][ T1567] CPU: 0 PID: 1567 Comm: khungtaskd Not tainted 5.10.0-rc3-next-20201113-syzkaller #0 [ 1312.672049][ T1567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1312.682083][ T1567] Call Trace: [ 1312.685371][ T1567] dump_stack+0x107/0x163 [ 1312.689683][ T1567] nmi_cpu_backtrace.cold+0x44/0xd7 [ 1312.694893][ T1567] ? lapic_can_unplug_cpu+0x80/0x80 [ 1312.700114][ T1567] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 1312.706107][ T1567] watchdog+0xd89/0xf30 [ 1312.710260][ T1567] ? trace_sched_process_hang+0x280/0x280 [ 1312.716008][ T1567] kthread+0x3af/0x4a0 [ 1312.720059][ T1567] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 1312.725943][ T1567] ret_from_fork+0x1f/0x30 [ 1312.730546][ T1567] Sending NMI from CPU 0 to CPUs 1: [ 1312.735818][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_idle_do_entry+0x1c9/0x250 [ 1312.737796][ T1567] Kernel panic - not syncing: hung_task: blocked tasks [ 1312.751324][ T1567] CPU: 0 PID: 1567 Comm: khungtaskd Not tainted 5.10.0-rc3-next-20201113-syzkaller #0 [ 1312.760837][ T1567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1312.770865][ T1567] Call Trace: [ 1312.774150][ T1567] dump_stack+0x107/0x163 [ 1312.778475][ T1567] panic+0x306/0x73d [ 1312.782349][ T1567] ? __warn_printk+0xf3/0xf3 [ 1312.787356][ T1567] ? lapic_can_unplug_cpu+0x80/0x80 [ 1312.792530][ T1567] ? preempt_schedule_thunk+0x16/0x18 [ 1312.797892][ T1567] ? watchdog.cold+0x22d/0x248 [ 1312.802644][ T1567] ? watchdog+0xc59/0xf30 [ 1312.806952][ T1567] watchdog.cold+0x23e/0x248 [ 1312.811534][ T1567] ? trace_sched_process_hang+0x280/0x280 [ 1312.817232][ T1567] kthread+0x3af/0x4a0 [ 1312.821280][ T1567] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 1312.827152][ T1567] ret_from_fork+0x1f/0x30 [ 1312.832331][ T1567] Kernel Offset: disabled [ 1312.836647][ T1567] Rebooting in 86400 seconds..