Warning: Permanently added '10.128.0.18' (ED25519) to the list of known hosts. [ 210.625357][ T29] audit: type=1400 audit(1716331570.282:87): avc: denied { execmem } for pid=5095 comm="syz-executor144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 210.653650][ T29] audit: type=1400 audit(1716331570.302:88): avc: denied { mounton } for pid=5099 comm="syz-executor144" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 210.695224][ T29] audit: type=1400 audit(1716331570.302:89): avc: denied { mount } for pid=5099 comm="syz-executor144" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 210.740790][ T29] audit: type=1400 audit(1716331570.332:90): avc: denied { create } for pid=5099 comm="syz-executor144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 210.765254][ T29] audit: type=1400 audit(1716331570.332:91): avc: denied { read write } for pid=5099 comm="syz-executor144" name="vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 210.779689][ T5117] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.789959][ T29] audit: type=1400 audit(1716331570.332:92): avc: denied { open } for pid=5099 comm="syz-executor144" path="/dev/vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 210.800097][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 210.829387][ T5119] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 210.829638][ T29] audit: type=1400 audit(1716331570.372:93): avc: denied { ioctl } for pid=5103 comm="syz-executor144" path="socket:[2026]" dev="sockfs" ino=2026 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 210.837310][ T5119] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 210.863396][ T5120] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 210.870080][ T5117] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.877233][ T5120] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 210.884433][ T5117] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 210.891132][ T5120] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 210.897240][ T5119] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.906318][ T5117] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 210.911353][ T5119] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 210.918331][ T5117] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 210.925110][ T5122] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 210.933499][ T5121] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.940870][ T5117] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 210.953137][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.961412][ T5121] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 210.961997][ T5117] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.968893][ T5121] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.976803][ T5117] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 210.986353][ T5121] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 210.991751][ T5117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.998097][ T5121] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 211.011160][ T5121] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 211.020749][ T5121] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 211.021440][ T29] audit: type=1400 audit(1716331570.662:94): avc: denied { mounton } for pid=5099 comm="syz-executor144" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 211.039749][ T5121] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 211.062957][ T5121] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 211.095347][ T5115] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 211.102928][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 211.302862][ T29] audit: type=1400 audit(1716331570.952:95): avc: denied { mounton } for pid=5104 comm="syz-executor144" path="/dev/binderfs" dev="devtmpfs" ino=2322 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 executing program [ 211.336935][ T29] audit: type=1400 audit(1716331570.982:96): avc: denied { mount } for pid=5104 comm="syz-executor144" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 316.503041][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 316.510038][ C0] rcu: (detected by 0, t=10502 jiffies, g=7689, q=16 ncpus=2) [ 316.517613][ C0] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294968695-4294958193), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 316.531001][ C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g7689 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 316.542127][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 316.552106][ C0] rcu: RCU grace-period kthread stack dump: [ 316.558001][ C0] task:rcu_preempt state:R running task stack:28752 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 316.569766][ C0] Call Trace: [ 316.573068][ C0] [ 316.576015][ C0] __schedule+0xf15/0x5d00 [ 316.580612][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 316.585924][ C0] ? __pfx___schedule+0x10/0x10 [ 316.590807][ C0] ? schedule+0x298/0x350 [ 316.595160][ C0] ? __pfx_lock_release+0x10/0x10 [ 316.600215][ C0] ? __pfx___mod_timer+0x10/0x10 [ 316.605208][ C0] ? lock_acquire+0x1b1/0x560 [ 316.609909][ C0] ? lockdep_init_map_type+0x16d/0x7d0 [ 316.615400][ C0] schedule+0xe7/0x350 [ 316.619501][ C0] schedule_timeout+0x136/0x2a0 [ 316.624376][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 316.629767][ C0] ? __pfx_process_timeout+0x10/0x10 [ 316.635084][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 316.640978][ C0] ? prepare_to_swait_event+0xf0/0x470 [ 316.646472][ C0] rcu_gp_fqs_loop+0x1eb/0xb00 [ 316.651283][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 316.656600][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 316.661830][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 316.667658][ C0] rcu_gp_kthread+0x271/0x380 [ 316.672361][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 316.677598][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 316.682905][ C0] ? __kthread_parkme+0x148/0x220 [ 316.687989][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 316.693216][ C0] kthread+0x2c1/0x3a0 [ 316.697309][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.702532][ C0] ? __pfx_kthread+0x10/0x10 [ 316.707147][ C0] ret_from_fork+0x45/0x80 [ 316.711624][ C0] ? __pfx_kthread+0x10/0x10 [ 316.716241][ C0] ret_from_fork_asm+0x1a/0x30 [ 316.721063][ C0] [ 316.724096][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 316.730423][ C0] Sending NMI from CPU 0 to CPUs 1: [ 316.735646][ C1] NMI backtrace for cpu 1 [ 316.735656][ C1] CPU: 1 PID: 5124 Comm: syz-executor144 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 316.735679][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 316.735689][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 316.735751][ C1] Code: bf 06 00 00 00 e9 b8 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 <40> 0f b6 d6 40 0f b6 f7 bf 01 00 00 00 e9 86 fe ff ff 66 0f 1f 44 [ 316.735771][ C1] RSP: 0018:ffffc90000a18e28 EFLAGS: 00000046 [ 316.735788][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff817b0720 [ 316.735802][ C1] RDX: fffffbfff1fc88bb RSI: 0000000000000001 RDI: 0000000000000000 [ 316.735816][ C1] RBP: 000000000003d94c R08: 0000000000000000 R09: fffffbfff1fc88ba [ 316.735830][ C1] R10: ffffffff8fe445d7 R11: 0000000000000001 R12: ffff8880b932ca40 [ 316.735845][ C1] R13: ffff888077db40b0 R14: ffff8880b932c9c0 R15: ffff8880b932c9c0 [ 316.735860][ C1] FS: 000055555f66a3c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 316.735882][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 316.735898][ C1] CR2: 000000002006b000 CR3: 000000002ad1e000 CR4: 00000000003506f0 [ 316.735911][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 316.735923][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 316.735937][ C1] Call Trace: [ 316.735944][ C1] [ 316.735951][ C1] ? show_regs+0x8c/0xa0 [ 316.735988][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 316.736063][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 316.736089][ C1] ? nmi_handle+0x1a9/0x5c0 [ 316.736116][ C1] ? __sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 316.736146][ C1] ? default_do_nmi+0x6a/0x160 [ 316.736168][ C1] ? exc_nmi+0x170/0x1e0 [ 316.736189][ C1] ? end_repeat_nmi+0xf/0x53 [ 316.736251][ C1] ? __hrtimer_run_queues+0x4e0/0xcc0 [ 316.736275][ C1] ? __sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 316.736305][ C1] ? __sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 316.736335][ C1] ? __sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 316.736366][ C1] [ 316.736372][ C1] [ 316.736378][ C1] __hrtimer_run_queues+0x4e0/0xcc0 [ 316.736402][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 316.736425][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 316.736456][ C1] hrtimer_interrupt+0x31b/0x800 [ 316.736482][ C1] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 316.736512][ C1] sysvec_apic_timer_interrupt+0x90/0xb0 [ 316.736539][ C1] [ 316.736545][ C1] [ 316.736551][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 316.736575][ C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 316.736601][ C1] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 0a bc 7e f6 48 89 df e8 f2 38 7f f6 e8 8d 29 a8 f6 fb bf 01 00 00 00 e2 78 70 f6 65 8b 05 53 c5 16 75 85 c0 74 06 5b c3 cc cc cc cc [ 316.736619][ C1] RSP: 0018:ffffc900032efcf0 EFLAGS: 00000202 [ 316.736640][ C1] RAX: 000000000398729b RBX: ffff888027e22e40 RCX: 1ffffffff1fc8069 [ 316.736655][ C1] RDX: 0000000000000000 RSI: ffffffff8b2cab60 RDI: 0000000000000001 [ 316.736668][ C1] RBP: ffff888027e23240 R08: 0000000000000001 R09: 0000000000000001 [ 316.736681][ C1] R10: ffffffff8fe445d7 R11: 0000000000000000 R12: 0000000000000000 [ 316.736694][ C1] R13: 0000000000000021 R14: ffff888027e22e40 R15: ffff888027e22e40 [ 316.736716][ C1] get_signal+0x1e3e/0x2710 [ 316.736747][ C1] ? __pfx_get_signal+0x10/0x10 [ 316.736770][ C1] ? do_sigaltstack.constprop.0+0x547/0x800 [ 316.736799][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 316.736824][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 316.736847][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.736872][ C1] ? __do_sys_rt_sigreturn+0x167/0x230 [ 316.736896][ C1] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 316.736921][ C1] syscall_exit_to_user_mode+0x14a/0x2a0 [ 316.736950][ C1] do_syscall_64+0xdc/0x260 [ 316.736997][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.737020][ C1] RIP: 0033:0x7f0c759e1e79 [ 316.737035][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 316.737054][ C1] RSP: 002b:00007ffd655b3088 EFLAGS: 00000246 [ 316.737069][ C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f0c759e1e79 [ 316.737082][ C1] RDX: 000000002006b000 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.737095][ C1] RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 [ 316.737107][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.737120][ C1] R13: 0000000000000003 R14: 00007ffd655b3100 R15: 00007ffd655b30f0 [ 316.737154][ C1] [ 316.737162][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.516 msecs