Warning: Permanently added '10.128.1.174' (ED25519) to the list of known hosts. 2023/10/05 14:20:56 ignoring optional flag "sandboxArg"="0" 2023/10/05 14:20:56 parsed 1 programs [ 137.092742][ T27] audit: type=1400 audit(1696515656.713:201): avc: denied { getattr } for pid=5383 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 137.117155][ T27] audit: type=1400 audit(1696515656.713:202): avc: denied { read } for pid=5383 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 137.140787][ T27] audit: type=1400 audit(1696515656.713:203): avc: denied { open } for pid=5383 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 137.192130][ T27] audit: type=1400 audit(1696515656.813:204): avc: denied { mounton } for pid=5388 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 2023/10/05 14:20:56 executed programs: 0 [ 137.229012][ T27] audit: type=1400 audit(1696515656.813:205): avc: denied { mount } for pid=5388 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 137.352553][ T5040] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 137.361914][ T5040] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 137.371301][ T5040] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 137.381160][ T5040] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 137.389488][ T5040] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 137.397668][ T5040] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 137.412254][ T27] audit: type=1400 audit(1696515657.033:206): avc: denied { mounton } for pid=5396 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 137.671467][ T5396] chnl_net:caif_netlink_parms(): no params data found [ 137.797869][ T5396] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.805418][ T5396] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.812928][ T5396] bridge_slave_0: entered allmulticast mode [ 137.821427][ T5396] bridge_slave_0: entered promiscuous mode [ 137.831573][ T5396] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.839428][ T5396] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.846745][ T5396] bridge_slave_1: entered allmulticast mode [ 137.854705][ T5396] bridge_slave_1: entered promiscuous mode [ 137.911425][ T5396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.926325][ T5396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.980822][ T5396] team0: Port device team_slave_0 added [ 137.992299][ T5396] team0: Port device team_slave_1 added [ 138.042330][ T5396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.049437][ T5396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.075930][ T5396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.091353][ T5396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.098510][ T5396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.126115][ T5396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.204299][ T5396] hsr_slave_0: entered promiscuous mode [ 138.211529][ T5396] hsr_slave_1: entered promiscuous mode [ 139.448384][ T5040] Bluetooth: hci0: command 0x0409 tx timeout [ 139.460243][ T5396] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 139.479999][ T5396] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 139.496558][ T5396] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 139.517296][ T5396] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 139.706633][ T5396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.752706][ T5396] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.772177][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.779614][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.813266][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.820725][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.004316][ T27] audit: type=1400 audit(1696515659.623:207): avc: denied { sys_module } for pid=5396 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 140.232254][ T5396] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 140.342941][ T5396] veth0_vlan: entered promiscuous mode [ 140.370882][ T5396] veth1_vlan: entered promiscuous mode [ 140.438276][ T5396] veth0_macvtap: entered promiscuous mode [ 140.455162][ T5396] veth1_macvtap: entered promiscuous mode [ 140.494054][ T5396] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.521432][ T5396] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.539951][ T5396] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.555559][ T5396] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.564350][ T5396] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.576527][ T5396] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.793230][ T5051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.823891][ T5051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.898966][ T780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.909036][ T780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.946914][ T27] audit: type=1400 audit(1696515660.563:208): avc: denied { mounton } for pid=5396 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 141.097136][ T27] audit: type=1400 audit(1696515660.723:209): avc: denied { mounton } for pid=5461 comm="syz-executor.0" path="/root/syzkaller-testdir1742243846/syzkaller.8XCNvB/0/file0" dev="sda1" ino=1937 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 141.539310][ T5040] Bluetooth: hci0: command 0x041b tx timeout [ 141.557521][ T27] audit: type=1400 audit(1696515661.183:210): avc: denied { search } for pid=4469 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 143.530355][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.538082][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.604685][ T5040] Bluetooth: hci0: command 0x040f tx timeout [ 145.685170][ T5040] Bluetooth: hci0: command 0x0419 tx timeout [ 204.980034][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.986933][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.366927][ T5040] Bluetooth: hci0: command 0x0406 tx timeout [ 266.412237][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.419449][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 284.325826][ T28] INFO: task syz-executor.0:5466 blocked for more than 143 seconds. [ 284.334798][ T28] Not tainted 6.6.0-rc4-syzkaller-00037-g3006adf3be79 #0 [ 284.343433][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 284.352572][ T28] task:syz-executor.0 state:D stack:27776 pid:5466 ppid:5396 flags:0x00000006 [ 284.362100][ T28] Call Trace: [ 284.365536][ T28] [ 284.368521][ T28] __schedule+0xee1/0x5a10 [ 284.373330][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 284.379554][ T28] ? print_usage_bug.part.0+0x670/0x670 [ 284.385444][ T28] ? io_schedule_timeout+0x150/0x150 [ 284.390893][ T28] ? rwsem_down_write_slowpath+0x48e/0x12a0 [ 284.396978][ T28] schedule+0xe7/0x1b0 [ 284.401306][ T28] schedule_preempt_disabled+0x13/0x20 [ 284.407511][ T28] rwsem_down_write_slowpath+0x53d/0x12a0 [ 284.414289][ T28] ? down_timeout+0x90/0x90 [ 284.427713][ T28] ? preempt_count_sub+0x150/0x150 [ 284.433032][ T28] ? fuse_init_file_inode+0x1f0/0x1f0 [ 284.438856][ T28] down_write_nested+0x1d7/0x200 [ 284.443959][ T28] ? _down_write_nest_lock+0x200/0x200 [ 284.449707][ T28] ? down_read+0x13e/0x470 [ 284.454401][ T28] fuse_reverse_inval_entry+0x59/0x580 [ 284.460547][ T28] fuse_dev_do_write+0xe94/0x2c90 [ 284.465778][ T28] ? print_usage_bug.part.0+0x670/0x670 [ 284.471667][ T28] ? fuse_dev_splice_read+0x720/0x720 [ 284.477658][ T28] ? try_to_wake_up+0x948/0x15b0 [ 284.482648][ T28] ? preempt_schedule_thunk+0x1a/0x30 [ 284.488290][ T28] ? preempt_schedule_common+0x45/0xc0 [ 284.493929][ T28] ? preempt_count_sub+0x150/0x150 [ 284.499438][ T28] fuse_dev_write+0x154/0x1e0 [ 284.504371][ T28] ? fuse_dev_splice_write+0xa40/0xa40 [ 284.510192][ T28] ? inode_security+0x101/0x130 [ 284.515358][ T28] ? security_file_permission+0x94/0x100 [ 284.521149][ T28] vfs_write+0x650/0xe40 [ 284.526549][ T28] ? kernel_write+0x6c0/0x6c0 [ 284.531570][ T28] ? __might_fault+0xe6/0x1a0 [ 284.537428][ T28] ? __fget_files+0x272/0x410 [ 284.542275][ T28] ? __fget_light+0xe6/0x260 [ 284.546977][ T28] ksys_write+0x12f/0x250 [ 284.551358][ T28] ? __ia32_sys_read+0xb0/0xb0 [ 284.556340][ T28] ? syscall_enter_from_user_mode+0x26/0x80 [ 284.562459][ T28] do_syscall_64+0x38/0xb0 [ 284.567086][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 284.573246][ T28] RIP: 0033:0x7f375867c859 [ 284.577946][ T28] RSP: 002b:00007f37593d20c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 284.586504][ T28] RAX: ffffffffffffffda RBX: 00007f375879c050 RCX: 00007f375867c859 [ 284.595237][ T28] RDX: 000000000000002c RSI: 00000000200000c0 RDI: 0000000000000003 [ 284.603781][ T28] RBP: 00007f37586d8ad0 R08: 0000000000000000 R09: 0000000000000000 [ 284.612618][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.621494][ T28] R13: 000000000000006e R14: 00007f375879c050 R15: 00007ffd1cd2eba8 [ 284.629918][ T28] [ 284.633203][ T28] [ 284.633203][ T28] Showing all locks held in the system: [ 284.641153][ T28] 1 lock held by khungtaskd/28: [ 284.646338][ T28] #0: ffffffff8cba7920 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 284.657004][ T28] 5 locks held by kworker/u4:3/42: [ 284.662388][ T28] 2 locks held by getty/4796: [ 284.667790][ T28] #0: ffff88814bd8c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 284.677778][ T28] #1: ffffc900020582f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc5/0x1480 [ 284.688043][ T28] 1 lock held by syz-executor.0/5396: [ 284.693605][ T28] #0: ffff88806c5f0850 (&type->i_mutex_dir_key#8){++++}-{3:3}, at: walk_component+0x33b/0x5a0 [ 284.704696][ T28] 2 locks held by syz-executor.0/5462: [ 284.710381][ T28] #0: ffff88806c5f0850 (&type->i_mutex_dir_key#8){++++}-{3:3}, at: walk_component+0x33b/0x5a0 [ 284.721059][ T28] #1: ffff88806c5f0cc8 (&fi->mutex){+.+.}-{3:3}, at: fuse_lock_inode+0xd2/0x110 [ 284.731150][ T28] 2 locks held by syz-executor.0/5466: [ 284.736858][ T28] #0: ffff88807d4c3b38 (&fc->killsb){.+.+}-{3:3}, at: fuse_dev_do_write+0xe74/0x2c90 [ 284.746743][ T28] #1: ffff88806c5f0850 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: fuse_reverse_inval_entry+0x59/0x580 [ 284.758328][ T28] [ 284.760689][ T28] ============================================= [ 284.760689][ T28] [ 284.769515][ T28] NMI backtrace for cpu 0 [ 284.773981][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.0-rc4-syzkaller-00037-g3006adf3be79 #0 [ 284.784013][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 284.794356][ T28] Call Trace: [ 284.797829][ T28] [ 284.800774][ T28] dump_stack_lvl+0xd9/0x1b0 [ 284.805446][ T28] nmi_cpu_backtrace+0x277/0x380 [ 284.810438][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 284.815780][ T28] nmi_trigger_cpumask_backtrace+0x299/0x300 [ 284.821790][ T28] watchdog+0xf87/0x1210 [ 284.826376][ T28] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 284.832437][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 284.837701][ T28] ? __kthread_parkme+0x14b/0x220 [ 284.843018][ T28] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 284.849222][ T28] kthread+0x33c/0x440 [ 284.853406][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 284.859060][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 284.864825][ T28] ret_from_fork+0x45/0x80 [ 284.869409][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 284.875074][ T28] ret_from_fork_asm+0x11/0x20 [ 284.879882][ T28] [ 284.883126][ T28] Sending NMI from CPU 0 to CPUs 1: [ 284.888444][ C1] NMI backtrace for cpu 1 [ 284.888457][ C1] CPU: 1 PID: 4476 Comm: klogd Not tainted 6.6.0-rc4-syzkaller-00037-g3006adf3be79 #0 [ 284.888484][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 284.888497][ C1] RIP: 0033:0x7f46dfc8e478 [ 284.888515][ C1] Code: 5f e9 75 fa ff ff 49 8b 44 24 f8 4d 8d 74 24 f0 45 31 ed 49 89 c7 49 83 e7 f8 a8 02 75 1e 48 8b 05 2d 79 12 00 64 48 83 38 00 <75> 05 e8 a9 f4 ff ff 4c 89 f7 e8 24 cb ff ff 49 89 c5 4c 89 f8 48 [ 284.888539][ C1] RSP: 002b:00007fff0a126ae0 EFLAGS: 00000202 [ 284.888558][ C1] RAX: ffffffffffffffb8 RBX: 00007fff0a126b90 RCX: 0000000000000840 [ 284.888574][ C1] RDX: 00007f46dfdb2860 RSI: 0000000000000089 RDI: 000055aebe868190 [ 284.888590][ C1] RBP: 000055aebe8612c0 R08: 0000000000000000 R09: 0000000000000000 [ 284.888605][ C1] R10: 0000000000000008 R11: 0000000000000000 R12: 000055aebe868190 [ 284.888620][ C1] R13: 0000000000000000 R14: 000055aebe868180 R15: 0000000000002010 [ 284.888636][ C1] FS: 00007f46dfb87380 GS: 0000000000000000 [ 284.889449][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 284.999446][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.0-rc4-syzkaller-00037-g3006adf3be79 #0 [ 285.009569][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 [ 285.019759][ T28] Call Trace: [ 285.023364][ T28] [ 285.026331][ T28] dump_stack_lvl+0xd9/0x1b0 [ 285.031061][ T28] panic+0x6a6/0x750 [ 285.034999][ T28] ? panic_smp_self_stop+0xa0/0xa0 [ 285.040177][ T28] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 285.045695][ T28] ? preempt_schedule_thunk+0x1a/0x30 [ 285.051200][ T28] ? watchdog+0xd3e/0x1210 [ 285.055659][ T28] watchdog+0xd4f/0x1210 [ 285.059950][ T28] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 285.066584][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 285.072005][ T28] ? __kthread_parkme+0x14b/0x220 [ 285.077092][ T28] ? proc_dohung_task_timeout_secs+0x90/0x90 [ 285.083202][ T28] kthread+0x33c/0x440 [ 285.087334][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.092663][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 285.098436][ T28] ret_from_fork+0x45/0x80 [ 285.103068][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 285.109343][ T28] ret_from_fork_asm+0x11/0x20 [ 285.114254][ T28] [ 285.117999][ T28] Kernel Offset: disabled [ 285.122381][ T28] Rebooting in 86400 seconds..