Warning: Permanently added '10.128.0.236' (ED25519) to the list of known hosts.
2023/12/02 23:37:34 ignoring optional flag "sandboxArg"="0"
2023/12/02 23:37:34 parsed 1 programs
2023/12/02 23:37:34 executed programs: 0
[   41.681229][   T26] audit: type=1400 audit(1701560254.116:169): avc:  denied  { getattr } for  pid=1934 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.706727][   T26] audit: type=1400 audit(1701560254.116:170): avc:  denied  { read } for  pid=1934 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.728826][   T26] audit: type=1400 audit(1701560254.116:171): avc:  denied  { open } for  pid=1934 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   41.753355][   T26] audit: type=1400 audit(1701560254.116:172): avc:  denied  { mounton } for  pid=1939 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   41.780542][   T26] audit: type=1400 audit(1701560254.116:173): avc:  denied  { mount } for  pid=1939 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   42.716771][ T1284] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   42.718724][   T26] audit: type=1400 audit(1701560255.156:174): avc:  denied  { ioctl } for  pid=1943 comm="syz-executor.0" path="socket:[2706]" dev="sockfs" ino=2706 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   42.724067][ T1284] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   42.758398][ T1284] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   42.766074][ T1284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   42.773240][ T1284] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   42.780369][ T1284] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   42.825951][ T1943] chnl_net:caif_netlink_parms(): no params data found
[   43.041546][   T26] audit: type=1400 audit(1701560255.476:175): avc:  denied  { write } for  pid=1943 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.062568][   T26] audit: type=1400 audit(1701560255.486:176): avc:  denied  { read } for  pid=1943 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.233750][ T1943] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.491828][ T1943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   43.996408][ T2341] nbd0: detected capacity change from 0 to 137438953472
[   44.795125][   T44] Bluetooth: hci0: command 0x0409 tx timeout
[   44.820166][ T2341] block nbd0: shutting down sockets
[   44.825886][    C1] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   44.835265][    C1] Buffer I/O error on dev nbd0, logical block 0, async page read
[   44.843064][ T1944] Dev nbd0: unable to read RDB block 0
[   44.848897][ T1944]  nbd0: unable to read partition table
[   44.854589][ T1944] nbd0: partition table beyond EOD, truncated
[   44.925238][ T2344] nbd0: detected capacity change from 0 to 137438953472
[   45.699971][ T1284] block nbd0: Receive control failed (result -104)
[   45.700189][ T2344] block nbd0: shutting down sockets
[   45.711952][    C1] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   45.721225][    C1] Buffer I/O error on dev nbd0, logical block 0, async page read
[   45.728996][ T1944] Dev nbd0: unable to read RDB block 0
[   45.734452][ T1944]  nbd0: unable to read partition table
[   45.740118][ T1944] nbd0: partition table beyond EOD, truncated
[   45.785507][ T2346] nbd0: detected capacity change from 0 to 137438953472
[   46.583326][ T1284] block nbd0: Receive control failed (result -104)
[   46.875037][ T1284] Bluetooth: hci0: command 0x041b tx timeout
[   48.955066][ T1284] Bluetooth: hci0: command 0x040f tx timeout
[   51.035047][ T1284] Bluetooth: hci0: command 0x0419 tx timeout
[   76.075383][   T48] block nbd0: Possible stuck request ffff888110240200: control (read@0,4096B). Runtime 30 seconds
2023/12/02 23:38:33 executed programs: 3
[  102.796551][   T44] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  102.803583][   T44] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  102.810729][   T44] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  102.817846][   T44] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  102.824823][   T44] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  102.832013][   T44] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  102.876514][ T2348] chnl_net:caif_netlink_parms(): no params data found
[  103.232318][ T2348] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.468148][ T2348] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.875131][ T1284] Bluetooth: hci1: command 0x0409 tx timeout
[  106.155097][   T48] block nbd0: Possible stuck request ffff888110240200: control (read@0,4096B). Runtime 60 seconds
[  106.955036][ T1284] Bluetooth: hci1: command 0x041b tx timeout
[  106.975066][ T1324] udevd[1324]: worker [1944] /devices/virtual/block/nbd0 is taking a long time
[  109.035068][ T1284] Bluetooth: hci1: command 0x040f tx timeout
[  111.115051][ T1284] Bluetooth: hci1: command 0x0419 tx timeout
[  136.235237][   T48] block nbd0: Possible stuck request ffff888110240200: control (read@0,4096B). Runtime 90 seconds
2023/12/02 23:39:31 executed programs: 4
[  161.036666][   T44] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  161.044371][   T44] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  161.051515][   T44] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  161.058743][   T44] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  161.066147][   T44] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  161.073316][   T44] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  161.118081][ T2746] chnl_net:caif_netlink_parms(): no params data found
[  161.476463][ T2746] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.646530][ T2955] modprobe (2955) used greatest stack depth: 12120 bytes left
[  161.714928][ T2746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.115036][ T1284] Bluetooth: hci2: command 0x0409 tx timeout
[  165.195013][ T1284] Bluetooth: hci2: command 0x041b tx timeout
[  166.315426][   T48] block nbd0: Possible stuck request ffff888110240200: control (read@0,4096B). Runtime 120 seconds
[  167.275063][ T1284] Bluetooth: hci2: command 0x040f tx timeout
[  169.355048][   T44] Bluetooth: hci2: command 0x0419 tx timeout
[  169.675056][   T44] Bluetooth: hci0: command 0x0406 tx timeout
[  196.405300][   T48] block nbd0: Possible stuck request ffff888110240200: control (read@0,4096B). Runtime 150 seconds
[  205.355075][   T28] INFO: task syz-executor.0:2346 blocked for more than 143 seconds.
[  205.363203][   T28]       Not tainted 6.7.0-rc3-syzkaller #0
[  205.369001][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  205.377869][   T28] task:syz-executor.0  state:D stack:14112 pid:2346  tgid:2345  ppid:1943   flags:0x00004006
[  205.388137][   T28] Call Trace:
[  205.391406][   T28]  <TASK>
[  205.394317][   T28]  __schedule+0x3a5/0x9d0
[  205.398650][   T28]  schedule+0x30/0xf0
[  205.402626][   T28]  schedule_preempt_disabled+0x13/0x20
[  205.408096][   T28]  __mutex_lock+0x53d/0x9f0
[  205.412586][   T28]  ? blkdev_put+0x38/0x1c0
[  205.417177][   T28]  ? blkdev_put+0x38/0x1c0
[  205.421862][   T28]  blkdev_put+0x38/0x1c0
[  205.426182][   T28]  bdev_release+0x14/0x20
[  205.430484][   T28]  blkdev_release+0x10/0x20
[  205.434977][   T28]  __fput+0x8d/0x2e0
[  205.438936][   T28]  task_work_run+0x55/0x80
[  205.443352][   T28]  get_signal+0x8b/0xb20
[  205.448068][   T28]  ? __mutex_unlock_slowpath+0x35/0x1f0
[  205.453820][   T28]  arch_do_signal_or_restart+0x39/0x290
[  205.459560][   T28]  exit_to_user_mode_prepare+0xc3/0x150
[  205.465103][   T28]  syscall_exit_to_user_mode+0x17/0x40
[  205.470541][   T28]  do_syscall_64+0x4d/0x110
[  205.475118][   T28]  entry_SYSCALL_64_after_hwframe+0x63/0x6b
[  205.481077][   T28] RIP: 0033:0x7fa45ac79b69
[  205.485509][   T28] RSP: 002b:00007fa45bde50c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  205.494800][   T28] RAX: 0000000000000000 RBX: 00007fa45ad8bf80 RCX: 00007fa45ac79b69
[  205.503152][   T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  205.511537][   T28] RBP: 00007fa45acd534e R08: 0000000000000000 R09: 0000000000000000
[  205.519976][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  205.528205][   T28] R13: 0000000000000006 R14: 00007fa45ad8bf80 R15: 00007fff26f37ce8
[  205.536250][   T28]  </TASK>
[  205.539255][   T28] 
[  205.539255][   T28] Showing all locks held in the system:
[  205.547231][   T28] 1 lock held by khungtaskd/28:
[  205.552137][   T28]  #0: ffffffff83581400 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x36/0x120
[  205.562145][   T28] 2 locks held by getty/1385:
[  205.566910][   T28]  #0: ffff88810baae0a0 (&tty->ldisc_sem){....}-{0:0}, at: tty_ldisc_ref_wait+0x23/0x50
[  205.576753][   T28]  #1: ffffc900003fb2f0 (&ldata->atomic_read_lock){....}-{3:3}, at: n_tty_read+0x54b/0x6a0
[  205.587908][   T28] 1 lock held by udevd/1944:
[  205.592738][   T28]  #0: ffff88810a6474c8 (&disk->open_mutex){....}-{3:3}, at: blkdev_get_by_dev.part.0+0x1a5/0x310
[  205.603898][   T28] 1 lock held by syz-executor.0/2346:
[  205.610359][   T28]  #0: ffff88810a6474c8 (&disk->open_mutex){....}-{3:3}, at: blkdev_put+0x38/0x1c0
[  205.620187][   T28] 1 lock held by syz-executor.0/2743:
[  205.625925][   T28]  #0: ffff88810a6474c8 (&disk->open_mutex){....}-{3:3}, at: blkdev_get_by_dev.part.0+0x1a5/0x310
[  205.637128][   T28] 1 lock held by syz-executor.0/3142:
[  205.643284][   T28]  #0: ffff88810a6474c8 (&disk->open_mutex){....}-{3:3}, at: blkdev_get_by_dev.part.0+0x1a5/0x310
[  205.654236][   T28] 
[  205.656923][   T28] =============================================
[  205.656923][   T28] 
[  205.665838][   T28] NMI backtrace for cpu 0
[  205.670153][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.7.0-rc3-syzkaller #0
[  205.678265][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  205.688466][   T28] Call Trace:
[  205.691719][   T28]  <TASK>
[  205.694622][   T28]  dump_stack_lvl+0x3d/0x60
[  205.699195][   T28]  nmi_cpu_backtrace+0xcc/0x110
[  205.704560][   T28]  ? lapic_can_unplug_cpu+0xa0/0xa0
[  205.709730][   T28]  nmi_trigger_cpumask_backtrace+0xd1/0x130
[  205.715615][   T28]  watchdog+0x615/0x640
[  205.719747][   T28]  ? watchdog+0x1f9/0x640
[  205.724143][   T28]  ? proc_dohung_task_timeout_secs+0x30/0x30
[  205.730261][   T28]  kthread+0xde/0x110
[  205.734345][   T28]  ? kthread_complete_and_exit+0x20/0x20
[  205.740465][   T28]  ret_from_fork+0x2c/0x40
[  205.745287][   T28]  ? kthread_complete_and_exit+0x20/0x20
[  205.750971][   T28]  ret_from_fork_asm+0x11/0x20
[  205.755703][   T28]  </TASK>
[  205.758718][   T28] Sending NMI from CPU 0 to CPUs 1:
[  205.764183][    C1] NMI backtrace for cpu 1
[  205.764187][    C1] CPU: 1 PID: 769 Comm: kworker/u4:6 Not tainted 6.7.0-rc3-syzkaller #0
[  205.764190][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
[  205.764193][    C1] Workqueue: events_unbound toggle_allocation_gate
[  205.764202][    C1] RIP: 0010:__default_send_IPI_dest_field+0x3a/0x80
[  205.764210][    C1] Code: 53 89 d3 75 04 eb 28 f3 90 8b 04 25 00 c3 5f ff f6 c4 10 75 f2 44 89 e0 89 04 25 10 c3 5f ff 89 f0 09 d8 89 04 25 00 c3 5f ff <5b> 5d 41 5c c3 bd e8 03 00 00 eb 16 65 ff 05 af a8 fd 7e bf bc 8d
[  205.764212][    C1] RSP: 0018:ffffc900016c3c78 EFLAGS: 00000002
[  205.764214][    C1] RAX: 00000000000008fb RBX: 0000000000000800 RCX: 0000000000000001
[  205.764216][    C1] RDX: 0000000000000800 RSI: 00000000000000fb RDI: 0000000001000000
[  205.764218][    C1] RBP: 0000000000000000 R08: ffff888237c32dc0 R09: ffffffff813a06af
[  205.764219][    C1] R10: ffffc900016c3d8c R11: ffffffff8418aa4a R12: 0000000001000000
[  205.764221][    C1] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  205.764223][    C1] FS:  0000000000000000(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
[  205.764228][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  205.764230][    C1] CR2: 000055555588e938 CR3: 0000000003447000 CR4: 00000000003506f0
[  205.764231][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  205.764232][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  205.764234][    C1] Call Trace:
[  205.764236][    C1]  <NMI>
[  205.764238][    C1]  ? nmi_cpu_backtrace+0x8b/0x110
[  205.764244][    C1]  ? __default_send_IPI_dest_field+0x3a/0x80
[  205.764247][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x10
[  205.764251][    C1]  ? nmi_handle+0xb5/0x1a0
[  205.764257][    C1]  ? __default_send_IPI_dest_field+0x3a/0x80
[  205.764260][    C1]  ? default_do_nmi+0x6c/0x2b0
[  205.764263][    C1]  ? exc_nmi+0x160/0x190
[  205.764265][    C1]  ? end_repeat_nmi+0xf/0x2a
[  205.764271][    C1]  ? __kmem_cache_alloc_node+0xaf/0x310
[  205.764274][    C1]  ? __default_send_IPI_dest_field+0x3a/0x80
[  205.764278][    C1]  ? __default_send_IPI_dest_field+0x3a/0x80
[  205.764280][    C1]  ? __default_send_IPI_dest_field+0x3a/0x80
[  205.764283][    C1]  </NMI>
[  205.764284][    C1]  <TASK>
[  205.764285][    C1]  flat_send_IPI_mask+0x15/0x30
[  205.764288][    C1]  smp_call_function_many_cond+0x5ff/0x670
[  205.764294][    C1]  ? __text_poke+0x4b0/0x4b0
[  205.764298][    C1]  ? setup_data_read+0xe0/0xe0
[  205.764301][    C1]  ? __text_poke+0x4b0/0x4b0
[  205.764303][    C1]  on_each_cpu_cond_mask+0x3b/0x70
[  205.764306][    C1]  ? __kmem_cache_alloc_node+0xb0/0x310
[  205.764309][    C1]  text_poke_bp_batch+0x1fe/0x310
[  205.764313][    C1]  ? process_one_work+0x1a2/0x4c0
[  205.764319][    C1]  text_poke_finish+0x1a/0x30
[  205.764322][    C1]  arch_jump_label_transform_apply+0x17/0x30
[  205.764325][    C1]  static_key_disable_cpuslocked+0x4a/0x60
[  205.764333][    C1]  static_key_disable+0x15/0x20
[  205.764336][    C1]  toggle_allocation_gate+0x6d/0x120
[  205.764340][    C1]  ? cpuacct_percpu_seq_show+0x10/0x10
[  205.764345][    C1]  process_one_work+0x208/0x4c0
[  205.764354][    C1]  worker_thread+0x1c3/0x380
[  205.764358][    C1]  ? rescuer_thread+0x380/0x380
[  205.764361][    C1]  kthread+0xde/0x110
[  205.764365][    C1]  ? kthread_complete_and_exit+0x20/0x20
[  205.764368][    C1]  ret_from_fork+0x2c/0x40
[  205.764373][    C1]  ? kthread_complete_and_exit+0x20/0x20
[  205.764375][    C1]  ret_from_fork_asm+0x11/0x20
[  205.764380][    C1]  </TASK>
[  205.765176][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  205.769744][   T28] Kernel Offset: disabled
[  206.123095][   T28] Rebooting in 86400 seconds..