last executing test programs: 2.938538036s ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e002200850000006d000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000040)=0xb3a, 0x4) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000140), 0x4) sendto$inet(r1, &(0x7f0000000300)="9a", 0x1, 0x0, 0x0, 0x0) 2.827324533s ago: executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c) 2.790771599s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pK \x00'}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) umount2(0x0, 0x0) 2.600283958s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000300)={r2, &(0x7f0000000400), &(0x7f00000006c0)=""/168}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r3}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) 2.556437395s ago: executing program 2: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{}, &(0x7f0000000940), &(0x7f0000000980)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 2.52269261s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x8, 0x0, 0x1}, 0x48) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x66060680) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) 1.591639034s ago: executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x0, 0x10000, 0x9}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1.551475461s ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x23, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x0) creat(0x0, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002780), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000002800)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x2000}}, 0x0, 0x0, 0x0) 1.550714351s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x7, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4 \x00'}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='tlb_flush\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.517523296s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x8, 0x0, 0x1}, 0x48) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) unshare(0x66060680) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) setregid(0x0, 0xee01) 1.459399315s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100), 0x8) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1) 421.980905ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdir(&(0x7f0000000e40)='./file0\x00', 0x0) mount$incfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) 382.661971ms ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e002200850000006d000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000040)=0xb3a, 0x4) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000140), 0x4) sendto$inet(r1, &(0x7f0000000300)="9a", 0x1, 0x0, 0x0, 0x0) 291.174925ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = creat(&(0x7f0000000100)='./file1\x00', 0x147) ioctl$HIDIOCGREPORTINFO(r2, 0xc00c4809, &(0x7f00000001c0)={0x1, 0x0, 0x183}) syz_open_dev$tty20(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000140)) r5 = dup3(r4, r3, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r5, 0xc020662a, &(0x7f0000000540)={0x4010040c000, 0xeb0}) sched_setscheduler(0x0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f0000000740)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000400)=[{&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000640)=""/251, 0xfb}], 0x2}}], 0x40002db, 0x2, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=@can_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_DST_IF={0x8}, @CGW_SRC_IF={0x8}]}, 0x24}}, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f04000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) ioprio_set$pid(0x0, 0x0, 0x0) r10 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r10, 0x800) lseek(r10, 0x200, 0x0) r11 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) sendfile(r10, r11, 0x0, 0xf800) 242.066993ms ago: executing program 3: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x301243, 0x10, 0x1}, 0x18) faccessat2(r3, &(0x7f0000000400)='./file0\x00', 0x1bc, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r4, &(0x7f0000000000), 0x100000008) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) 220.544506ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0) 169.259604ms ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000300)={r2, &(0x7f0000000400), &(0x7f00000006c0)=""/168}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r3}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) 111.120013ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pK \x00'}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) umount2(0x0, 0x0) 59.490852ms ago: executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010400a000090400000103010100093700086ce822"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x9}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r1}, &(0x7f0000000940), &(0x7f0000000980)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c) kernel console output (not intermixed with test programs): [ 8.678451][ T30] audit: type=1400 audit(1717037084.817:29): avc: denied { getattr } for pid=121 comm="dbus-daemon" path="/run/messagebus.pid" dev="tmpfs" ino=287 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 19.520359][ T30] kauditd_printk_skb: 31 callbacks suppressed [ 19.520390][ T30] audit: type=1400 audit(1717037095.697:61): avc: denied { transition } for pid=226 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.530072][ T30] audit: type=1400 audit(1717037095.697:62): avc: denied { noatsecure } for pid=226 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.536261][ T30] audit: type=1400 audit(1717037095.717:63): avc: denied { write } for pid=226 comm="sh" path="pipe:[477]" dev="pipefs" ino=477 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 19.552825][ T30] audit: type=1400 audit(1717037095.717:64): avc: denied { rlimitinh } for pid=226 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 19.571370][ T30] audit: type=1400 audit(1717037095.717:65): avc: denied { siginh } for pid=226 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.193' (ED25519) to the list of known hosts. 2024/05/30 02:45:05 fuzzer started 2024/05/30 02:45:06 dialing manager at 10.128.0.163:30008 [ 29.979543][ T30] audit: type=1400 audit(1717037106.157:66): avc: denied { node_bind } for pid=287 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 30.002858][ T30] audit: type=1400 audit(1717037106.187:67): avc: denied { name_bind } for pid=287 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 30.070651][ T30] audit: type=1400 audit(1717037106.247:68): avc: denied { integrity } for pid=298 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 30.083422][ T298] cgroup: Unknown subsys name 'net' [ 30.118842][ T30] audit: type=1400 audit(1717037106.257:70): avc: denied { mounton } for pid=298 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 30.141910][ T298] cgroup: Unknown subsys name 'devices' [ 30.142434][ T30] audit: type=1400 audit(1717037106.257:71): avc: denied { mount } for pid=298 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.171025][ T30] audit: type=1400 audit(1717037106.247:69): avc: denied { integrity } for pid=297 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 30.187836][ T306] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 30.193732][ T30] audit: type=1400 audit(1717037106.287:72): avc: denied { setattr } for pid=300 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 30.225908][ T30] audit: type=1400 audit(1717037106.297:73): avc: denied { mounton } for pid=299 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 30.251126][ T30] audit: type=1400 audit(1717037106.297:74): avc: denied { mount } for pid=299 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 30.274908][ T30] audit: type=1400 audit(1717037106.307:75): avc: denied { unmount } for pid=298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 30.301801][ T301] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 30.376335][ T298] cgroup: Unknown subsys name 'hugetlb' [ 30.382115][ T298] cgroup: Unknown subsys name 'rlimit' 2024/05/30 02:45:06 starting 5 executor processes [ 32.570416][ T316] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.577429][ T316] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.585738][ T316] device bridge_slave_0 entered promiscuous mode [ 32.596941][ T316] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.604325][ T316] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.612262][ T316] device bridge_slave_1 entered promiscuous mode [ 32.775712][ T315] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.782926][ T315] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.790815][ T315] device bridge_slave_0 entered promiscuous mode [ 32.818439][ T315] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.825589][ T315] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.833694][ T315] device bridge_slave_1 entered promiscuous mode [ 32.934979][ T314] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.941938][ T314] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.950832][ T314] device bridge_slave_0 entered promiscuous mode [ 32.959079][ T314] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.966405][ T314] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.974625][ T314] device bridge_slave_1 entered promiscuous mode [ 32.981866][ T318] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.988958][ T318] bridge0: port 1(bridge_slave_0) entered disabled state [ 32.997162][ T318] device bridge_slave_0 entered promiscuous mode [ 33.025146][ T318] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.032142][ T318] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.040078][ T318] device bridge_slave_1 entered promiscuous mode [ 33.151798][ T317] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.158841][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.167759][ T317] device bridge_slave_0 entered promiscuous mode [ 33.204267][ T317] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.211288][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.223922][ T317] device bridge_slave_1 entered promiscuous mode [ 33.797581][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.805854][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.829071][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.837915][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.846642][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.853722][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.861910][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.870684][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.879328][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.886337][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.893945][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 33.911507][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 33.919261][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 33.927942][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 33.936727][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 33.946271][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.953225][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.960824][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 33.969754][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 33.978513][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.985522][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.007589][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 34.046998][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.055051][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.083193][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 34.092125][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 34.100798][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.107903][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.115701][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 34.124972][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 34.133362][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.140339][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.147866][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.156723][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.165193][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 34.205904][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 34.214742][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.224728][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 34.233527][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.243163][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.251759][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.259531][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.267662][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 34.275687][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 34.283672][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.316806][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 34.326189][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 34.336112][ T322] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.343911][ T322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.352206][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 34.362293][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 34.370832][ T322] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.378050][ T322] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.386206][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 34.394983][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 34.403502][ T322] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.410505][ T322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.417878][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 34.426841][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 34.435511][ T322] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.442490][ T322] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.449830][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.458399][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.467067][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 34.475843][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 34.502214][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.531570][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.540366][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.559043][ T315] device veth0_vlan entered promiscuous mode [ 34.566583][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.575737][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.584034][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.609398][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.618323][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.626679][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.634835][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 34.643547][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 34.672908][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 34.682197][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 34.690994][ T314] device veth0_vlan entered promiscuous mode [ 34.700476][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.710567][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.742979][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.752050][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.760863][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 34.770496][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 34.780132][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.788220][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.803986][ T318] device veth0_vlan entered promiscuous mode [ 34.814203][ T315] device veth1_macvtap entered promiscuous mode [ 34.821699][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.829486][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.837729][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.847278][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.856136][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 34.878691][ T317] device veth0_vlan entered promiscuous mode [ 34.890466][ T316] device veth0_vlan entered promiscuous mode [ 34.898470][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.907279][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.916326][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 34.925199][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 34.935042][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 34.943153][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 34.952050][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.959848][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.968787][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 34.976604][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 34.986633][ T314] device veth1_macvtap entered promiscuous mode [ 35.018302][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 35.026678][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 35.035740][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.044252][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.052859][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.061445][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 35.069794][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.081909][ T318] device veth1_macvtap entered promiscuous mode [ 35.101578][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 35.109626][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.118904][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.127967][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.137211][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.148706][ T317] device veth1_macvtap entered promiscuous mode [ 35.165362][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 35.174285][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.184742][ T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.219877][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 35.219910][ T30] audit: type=1400 audit(1717037111.397:91): avc: denied { mounton } for pid=314 comm="syz-executor.1" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 35.261474][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.270538][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.278906][ T30] audit: type=1400 audit(1717037111.397:92): avc: denied { mount } for pid=314 comm="syz-executor.1" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 35.280902][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 35.312125][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 35.320373][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.329025][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.343433][ T316] device veth1_macvtap entered promiscuous mode [ 35.369431][ T30] audit: type=1400 audit(1717037111.537:93): avc: denied { read write } for pid=314 comm="syz-executor.1" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 35.396143][ T30] audit: type=1400 audit(1717037111.537:94): avc: denied { open } for pid=314 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 35.402264][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 35.421909][ T30] audit: type=1400 audit(1717037111.537:95): avc: denied { ioctl } for pid=314 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=113 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 35.440341][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.462227][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.513279][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.529381][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.540071][ T30] audit: type=1400 audit(1717037111.727:96): avc: denied { read write } for pid=343 comm="syz-executor.3" name="uinput" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 35.540159][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 35.572087][ T30] audit: type=1400 audit(1717037111.727:97): avc: denied { open } for pid=343 comm="syz-executor.3" path="/dev/uinput" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 35.576041][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 35.599843][ T30] audit: type=1400 audit(1717037111.757:98): avc: denied { map_create } for pid=345 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 35.606563][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 35.625583][ T30] audit: type=1400 audit(1717037111.757:99): avc: denied { bpf } for pid=345 comm="syz-executor.1" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 35.656673][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 35.663295][ T30] audit: type=1400 audit(1717037111.757:100): avc: denied { map_read map_write } for pid=345 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 36.081975][ T60] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 36.331451][ T60] usb 3-1: Using ep0 maxpacket: 32 [ 36.451500][ T60] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 36.462776][ T60] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 36.473548][ T60] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 36.483396][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.534622][ T60] hub 3-1:4.0: USB hub found [ 36.801782][ T60] hub 3-1:4.0: 2 ports detected [ 37.101613][ T360] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 37.921497][ T60] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 37.927844][ T60] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 37.961967][ T60] usb 3-1: USB disconnect, device number 2 [ 37.997277][ T383] incfs: mount failed -22 [ 38.111509][ T360] usb 1-1: Using ep0 maxpacket: 32 [ 38.231614][ T360] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.262597][ T360] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 38.310437][ T360] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 138.331443][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 138.338106][ C1] rcu: 1-...!: (1 GPs behind) idle=f11/1/0x4000000000000000 softirq=2886/2891 fqs=0 last_accelerate: 9965/c081 dyntick_enabled: 1 [ 138.351377][ C1] (t=10001 jiffies g=2361 q=12) [ 138.356135][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g2361 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 138.368199][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=1014 [ 138.375839][ C1] rcu: rcu_preempt kthread starved for 10004 jiffies! g2361 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 138.387028][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 138.397010][ C1] rcu: RCU grace-period kthread stack dump: [ 138.402739][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 138.411889][ C1] Call Trace: [ 138.415003][ C1] [ 138.417811][ C1] __schedule+0xccc/0x1590 [ 138.422040][ C1] ? __sched_text_start+0x8/0x8 [ 138.426810][ C1] ? __kasan_check_write+0x14/0x20 [ 138.431751][ C1] schedule+0x11f/0x1e0 [ 138.435748][ C1] schedule_timeout+0x18c/0x370 [ 138.440433][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 138.445471][ C1] ? console_conditional_schedule+0x30/0x30 [ 138.451316][ C1] ? update_process_times+0x200/0x200 [ 138.456516][ C1] ? prepare_to_swait_event+0x308/0x320 [ 138.461998][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 138.466605][ C1] ? debug_smp_processor_id+0x17/0x20 [ 138.471807][ C1] ? __note_gp_changes+0x4ab/0x920 [ 138.477053][ C1] ? rcu_gp_init+0xc30/0xc30 [ 138.481476][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 138.486508][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 138.490945][ C1] rcu_gp_kthread+0xa4/0x350 [ 138.495377][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 138.500044][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 138.504563][ C1] ? __kasan_check_read+0x11/0x20 [ 138.509430][ C1] ? __kthread_parkme+0xb2/0x200 [ 138.514214][ C1] kthread+0x421/0x510 [ 138.518379][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 138.522974][ C1] ? kthread_blkcg+0xd0/0xd0 [ 138.527510][ C1] ret_from_fork+0x1f/0x30 [ 138.531745][ C1] [ 138.534613][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 138.540860][ C1] Sending NMI from CPU 1 to CPUs 0: [ 138.545940][ C0] NMI backtrace for cpu 0 [ 138.545985][ C0] CPU: 0 PID: 399 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 138.546035][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 138.546066][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 138.546117][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 138.546155][ C0] RSP: 0018:ffffc900052d7540 EFLAGS: 00000246 [ 138.546193][ C0] RAX: 0000000000000001 RBX: 1ffff92000a5aeac RCX: 1ffffffff0d1aa9c [ 138.546226][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 138.546256][ C0] RBP: ffffc900052d75f0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 138.546292][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 138.546325][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a5aeb0 [ 138.546359][ C0] FS: 00007fe8d61646c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 138.546401][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.546434][ C0] CR2: 0000001b2f424000 CR3: 000000012dc10000 CR4: 00000000003506b0 [ 138.546471][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 138.546520][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 138.546550][ C0] Call Trace: [ 138.546562][ C0] [ 138.546577][ C0] ? show_regs+0x58/0x60 [ 138.546625][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 138.546682][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 138.546743][ C0] ? kvm_wait+0x147/0x180 [ 138.546785][ C0] ? kvm_wait+0x147/0x180 [ 138.546829][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 138.546880][ C0] ? nmi_handle+0xa8/0x280 [ 138.546930][ C0] ? kvm_wait+0x147/0x180 [ 138.546973][ C0] ? default_do_nmi+0x69/0x160 [ 138.547024][ C0] ? exc_nmi+0xaf/0x120 [ 138.547070][ C0] ? end_repeat_nmi+0x16/0x31 [ 138.547121][ C0] ? kvm_wait+0x147/0x180 [ 138.547165][ C0] ? kvm_wait+0x147/0x180 [ 138.547209][ C0] ? kvm_wait+0x147/0x180 [ 138.547254][ C0] [ 138.547267][ C0] [ 138.547280][ C0] ? asm_common_interrupt+0x27/0x40 [ 138.547325][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 138.547378][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 138.547440][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 138.547511][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 138.547566][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 138.547622][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 138.547678][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 138.547731][ C0] ? kfree_const+0x39/0x40 [ 138.547775][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 138.547813][ C0] bpf_trace_run2+0xec/0x210 [ 138.547864][ C0] ? kvasprintf_const+0x5e/0x190 [ 138.547909][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 138.547959][ C0] ? kfree_const+0x39/0x40 [ 138.548002][ C0] ? kvasprintf+0x107/0x180 [ 138.548044][ C0] ? __x64_sys_write+0x7b/0x90 [ 138.548087][ C0] ? do_syscall_64+0x3d/0xb0 [ 138.548132][ C0] ? kfree_const+0x39/0x40 [ 138.548177][ C0] __bpf_trace_kfree+0x6f/0x90 [ 138.548222][ C0] ? kfree_const+0x39/0x40 [ 138.548265][ C0] kfree+0x1f3/0x220 [ 138.548317][ C0] kfree_const+0x39/0x40 [ 138.548360][ C0] kobject_set_name_vargs+0xce/0x120 [ 138.548414][ C0] dev_set_name+0xd1/0x120 [ 138.548462][ C0] ? __hrtimer_init+0x17c/0x260 [ 138.548514][ C0] ? input_allocate_device+0x1bb/0x220 [ 138.548566][ C0] ? get_device+0x30/0x30 [ 138.548611][ C0] ? hrtimer_init+0x30/0x160 [ 138.548655][ C0] ? pm_runtime_init+0x275/0x350 [ 138.548705][ C0] input_allocate_device+0x1dc/0x220 [ 138.548757][ C0] uinput_write+0x7bf/0x1310 [ 138.548805][ C0] ? __kasan_check_write+0x14/0x20 [ 138.548855][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 138.548911][ C0] ? avc_policy_seqno+0x1b/0x70 [ 138.548961][ C0] ? uinput_read+0xc40/0xc40 [ 138.549009][ C0] ? fsnotify_perm+0x6a/0x5d0 [ 138.549063][ C0] ? security_file_permission+0x86/0xb0 [ 138.549117][ C0] ? uinput_read+0xc40/0xc40 [ 138.549165][ C0] vfs_write+0x406/0x1110 [ 138.549207][ C0] ? map_freeze+0x370/0x370 [ 138.549259][ C0] ? file_end_write+0x1c0/0x1c0 [ 138.549306][ C0] ? __fget_files+0x31e/0x380 [ 138.549355][ C0] ? __fdget_pos+0x209/0x3a0 [ 138.549396][ C0] ? ksys_write+0x77/0x2c0 [ 138.549440][ C0] ksys_write+0x199/0x2c0 [ 138.549493][ C0] ? __ia32_sys_read+0x90/0x90 [ 138.549537][ C0] ? __kasan_check_read+0x11/0x20 [ 138.549590][ C0] __x64_sys_write+0x7b/0x90 [ 138.549635][ C0] do_syscall_64+0x3d/0xb0 [ 138.549697][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 138.549744][ C0] RIP: 0033:0x7fe8d73efee9 [ 138.549793][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 138.549831][ C0] RSP: 002b:00007fe8d61640c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 138.549874][ C0] RAX: ffffffffffffffda RBX: 00007fe8d7526fa0 RCX: 00007fe8d73efee9 [ 138.549909][ C0] RDX: 000000000000045c RSI: 0000000020000800 RDI: 0000000000000003 [ 138.549938][ C0] RBP: 00007fe8d743c47f R08: 0000000000000000 R09: 0000000000000000 [ 138.549968][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.549996][ C0] R13: 000000000000000b R14: 00007fe8d7526fa0 R15: 00007ffda94d0b58 [ 138.550039][ C0] [ 138.550969][ C1] Sending NMI from CPU 1 to CPUs 0: [ 139.077206][ C0] NMI backtrace for cpu 0 [ 139.077232][ C0] CPU: 0 PID: 399 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 139.077282][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 139.077307][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 139.077360][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 139.077397][ C0] RSP: 0018:ffffc900052d7540 EFLAGS: 00000246 [ 139.077435][ C0] RAX: 0000000000000001 RBX: 1ffff92000a5aeac RCX: 1ffffffff0d1aa9c [ 139.077469][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 139.077508][ C0] RBP: ffffc900052d75f0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 139.077545][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 139.077578][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a5aeb0 [ 139.077611][ C0] FS: 00007fe8d61646c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 139.077654][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.077687][ C0] CR2: 0000001b2f424000 CR3: 000000012dc10000 CR4: 00000000003506b0 [ 139.077724][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 139.077752][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 139.077782][ C0] Call Trace: [ 139.077795][ C0] [ 139.077811][ C0] ? show_regs+0x58/0x60 [ 139.077858][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 139.077915][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 139.077976][ C0] ? kvm_wait+0x147/0x180 [ 139.078018][ C0] ? kvm_wait+0x147/0x180 [ 139.078062][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 139.078113][ C0] ? nmi_handle+0xa8/0x280 [ 139.078163][ C0] ? kvm_wait+0x147/0x180 [ 139.078205][ C0] ? kvm_wait+0x147/0x180 [ 139.078250][ C0] ? default_do_nmi+0x69/0x160 [ 139.078301][ C0] ? exc_nmi+0xaf/0x120 [ 139.078347][ C0] ? end_repeat_nmi+0x16/0x31 [ 139.078398][ C0] ? kvm_wait+0x147/0x180 [ 139.078442][ C0] ? kvm_wait+0x147/0x180 [ 139.078494][ C0] ? kvm_wait+0x147/0x180 [ 139.078538][ C0] [ 139.078550][ C0] [ 139.078564][ C0] ? asm_common_interrupt+0x27/0x40 [ 139.078610][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 139.078662][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 139.078725][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 139.078787][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 139.078841][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 139.078898][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 139.078954][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 139.079007][ C0] ? kfree_const+0x39/0x40 [ 139.079052][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 139.079089][ C0] bpf_trace_run2+0xec/0x210 [ 139.079139][ C0] ? kvasprintf_const+0x5e/0x190 [ 139.079185][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 139.079235][ C0] ? kfree_const+0x39/0x40 [ 139.079278][ C0] ? kvasprintf+0x107/0x180 [ 139.079321][ C0] ? __x64_sys_write+0x7b/0x90 [ 139.079363][ C0] ? do_syscall_64+0x3d/0xb0 [ 139.079409][ C0] ? kfree_const+0x39/0x40 [ 139.079453][ C0] __bpf_trace_kfree+0x6f/0x90 [ 139.079506][ C0] ? kfree_const+0x39/0x40 [ 139.079549][ C0] kfree+0x1f3/0x220 [ 139.079601][ C0] kfree_const+0x39/0x40 [ 139.079644][ C0] kobject_set_name_vargs+0xce/0x120 [ 139.079697][ C0] dev_set_name+0xd1/0x120 [ 139.079746][ C0] ? __hrtimer_init+0x17c/0x260 [ 139.079790][ C0] ? input_allocate_device+0x1bb/0x220 [ 139.079841][ C0] ? get_device+0x30/0x30 [ 139.079887][ C0] ? hrtimer_init+0x30/0x160 [ 139.079931][ C0] ? pm_runtime_init+0x275/0x350 [ 139.079981][ C0] input_allocate_device+0x1dc/0x220 [ 139.080032][ C0] uinput_write+0x7bf/0x1310 [ 139.080080][ C0] ? __kasan_check_write+0x14/0x20 [ 139.080131][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 139.080187][ C0] ? avc_policy_seqno+0x1b/0x70 [ 139.080236][ C0] ? uinput_read+0xc40/0xc40 [ 139.080285][ C0] ? fsnotify_perm+0x6a/0x5d0 [ 139.080339][ C0] ? security_file_permission+0x86/0xb0 [ 139.080393][ C0] ? uinput_read+0xc40/0xc40 [ 139.080441][ C0] vfs_write+0x406/0x1110 [ 139.080490][ C0] ? map_freeze+0x370/0x370 [ 139.080541][ C0] ? file_end_write+0x1c0/0x1c0 [ 139.080588][ C0] ? __fget_files+0x31e/0x380 [ 139.080638][ C0] ? __fdget_pos+0x209/0x3a0 [ 139.080679][ C0] ? ksys_write+0x77/0x2c0 [ 139.080723][ C0] ksys_write+0x199/0x2c0 [ 139.080769][ C0] ? __ia32_sys_read+0x90/0x90 [ 139.080813][ C0] ? __kasan_check_read+0x11/0x20 [ 139.080866][ C0] __x64_sys_write+0x7b/0x90 [ 139.080911][ C0] do_syscall_64+0x3d/0xb0 [ 139.080958][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 139.081004][ C0] RIP: 0033:0x7fe8d73efee9 [ 139.081039][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 139.081076][ C0] RSP: 002b:00007fe8d61640c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 139.081120][ C0] RAX: ffffffffffffffda RBX: 00007fe8d7526fa0 RCX: 00007fe8d73efee9 [ 139.081154][ C0] RDX: 000000000000045c RSI: 0000000020000800 RDI: 0000000000000003 [ 139.081184][ C0] RBP: 00007fe8d743c47f R08: 0000000000000000 R09: 0000000000000000 [ 139.081214][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.081243][ C0] R13: 000000000000000b R14: 00007fe8d7526fa0 R15: 00007ffda94d0b58 [ 139.081286][ C0] [ 139.082178][ C1] NMI backtrace for cpu 1 [ 139.615382][ C1] CPU: 1 PID: 368 Comm: udevd Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 139.624579][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 139.634808][ C1] Call Trace: [ 139.637937][ C1] [ 139.640607][ C1] dump_stack_lvl+0x151/0x1b7 [ 139.645161][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 139.650597][ C1] ? cpumask_next+0x8a/0xb0 [ 139.654931][ C1] dump_stack+0x15/0x17 [ 139.659096][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 139.663869][ C1] ? init_x2apic_ldr+0x10/0x10 [ 139.668627][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 139.674815][ C1] ? irq_work_queue+0xd4/0x160 [ 139.679420][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 139.685538][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 139.691453][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 139.697631][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 139.703353][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 139.708616][ C1] print_cpu_stall+0x315/0x5f0 [ 139.714134][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 139.719227][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 139.725341][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 139.730376][ C1] update_process_times+0x198/0x200 [ 139.735566][ C1] tick_sched_timer+0x188/0x240 [ 139.740545][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 139.746303][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 139.751285][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 139.756217][ C1] ? clockevents_program_event+0x22f/0x300 [ 139.761857][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 139.767953][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 139.772721][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 139.778442][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 139.784085][ C1] [ 139.786855][ C1] [ 139.789634][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 139.795453][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 139.800395][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 139.819847][ C1] RSP: 0018:ffffc900055f7140 EFLAGS: 00000246 [ 139.825877][ C1] RAX: 0000000000000003 RBX: 1ffff92000abee2c RCX: ffffffff8154fa7f [ 139.833768][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881051ea258 [ 139.841581][ C1] RBP: ffffc900055f71f0 R08: dffffc0000000000 R09: ffffed1020a3d44c [ 139.849431][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 139.857214][ C1] R13: ffff8881051ea258 R14: 0000000000000003 R15: 1ffff92000abee30 [ 139.865036][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 139.871271][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 139.877262][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 139.882292][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 139.888460][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 139.894367][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 139.900618][ C1] ? arch_stack_walk+0xf3/0x140 [ 139.905298][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 139.910313][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 139.915372][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 139.920724][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 139.925754][ C1] ? sock_map_unref+0x352/0x4d0 [ 139.930438][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 139.936085][ C1] bpf_trace_run2+0xec/0x210 [ 139.940510][ C1] ? ____kasan_kmalloc+0xed/0x110 [ 139.945372][ C1] ? ____kasan_kmalloc+0xdb/0x110 [ 139.950268][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 139.954926][ C1] ? sock_alloc_send_pskb+0x915/0xa50 [ 139.960256][ C1] ? sock_map_unref+0x352/0x4d0 [ 139.964924][ C1] ? vfs_write+0xd5d/0x1110 [ 139.969270][ C1] ? ksys_write+0x199/0x2c0 [ 139.973601][ C1] ? do_syscall_64+0x3d/0xb0 [ 139.978042][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 139.983932][ C1] ? sock_map_unref+0x352/0x4d0 [ 139.988618][ C1] __bpf_trace_kfree+0x6f/0x90 [ 139.993224][ C1] ? sock_map_unref+0x352/0x4d0 [ 139.997905][ C1] kfree+0x1f3/0x220 [ 140.001651][ C1] sock_map_unref+0x352/0x4d0 [ 140.006154][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 140.011621][ C1] ? skb_release_data+0x8a9/0xa80 [ 140.016422][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 140.021802][ C1] bpf_trace_run2+0xec/0x210 [ 140.026336][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 140.031117][ C1] ? skb_release_data+0x8a9/0xa80 [ 140.036057][ C1] ? iov_iter_init+0x190/0x190 [ 140.040657][ C1] ? skb_release_data+0x8a9/0xa80 [ 140.045522][ C1] __bpf_trace_kfree+0x6f/0x90 [ 140.050142][ C1] ? skb_release_data+0x8a9/0xa80 [ 140.055000][ C1] kfree+0x1f3/0x220 [ 140.058929][ C1] skb_release_data+0x8a9/0xa80 [ 140.063619][ C1] consume_skb+0xac/0x250 [ 140.067790][ C1] skb_free_datagram+0x28/0xe0 [ 140.072373][ C1] netlink_recvmsg+0x5ef/0x1190 [ 140.077130][ C1] ? netlink_sendmsg+0xd20/0xd20 [ 140.081844][ C1] ? security_socket_recvmsg+0x87/0xb0 [ 140.087218][ C1] ? netlink_sendmsg+0xd20/0xd20 [ 140.092164][ C1] ____sys_recvmsg+0x286/0x530 [ 140.096857][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 140.101815][ C1] ? import_iovec+0xe5/0x120 [ 140.106316][ C1] ___sys_recvmsg+0x1ec/0x690 [ 140.110832][ C1] ? __sys_recvmsg+0x260/0x260 [ 140.115571][ C1] ? do_epoll_wait+0x1a50/0x1a50 [ 140.120325][ C1] ? __kasan_check_read+0x11/0x20 [ 140.125355][ C1] ? __fdget+0x179/0x240 [ 140.129506][ C1] __x64_sys_recvmsg+0x1dc/0x2b0 [ 140.134279][ C1] ? __kasan_check_write+0x14/0x20 [ 140.139311][ C1] ? ___sys_recvmsg+0x690/0x690 [ 140.144016][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 140.149479][ C1] do_syscall_64+0x3d/0xb0 [ 140.153816][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 140.159626][ C1] RIP: 0033:0x7fed5da1691e [ 140.164136][ C1] Code: ff 89 ef 48 89 04 24 e8 4f 57 f9 ff 48 8b 04 24 48 83 c4 30 5d c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 21 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 70 48 8b 15 db c4 0c 00 f7 d8 64 89 02 48 83 [ 140.184549][ C1] RSP: 002b:00007fff2c51ae48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 140.192963][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fed5da1691e [ 140.200778][ C1] RDX: 0000000000000000 RSI: 00007fff2c51ae78 RDI: 000000000000000c [ 140.209048][ C1] RBP: 0000555f4c1bed20 R08: 0000000000000007 R09: a36eb49893faee62 [ 140.217118][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000555f4c1bed20 [ 140.225026][ C1] R13: 00007fff2c51af38 R14: 0000000000000000 R15: 0000555f4a4414df [ 140.232962][ C1] [ 287.186886][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.2:399] [ 287.195362][ C0] Modules linked in: [ 287.199258][ C0] CPU: 0 PID: 399 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 287.209390][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.219323][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 287.224092][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 287.244972][ C0] RSP: 0018:ffffc900052d7540 EFLAGS: 00000246 [ 287.250957][ C0] RAX: 0000000000000001 RBX: 1ffff92000a5aeac RCX: 1ffffffff0d1aa9c [ 287.259160][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 287.267439][ C0] RBP: ffffc900052d75f0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 287.275331][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 287.284135][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a5aeb0 [ 287.292942][ C0] FS: 00007fe8d61646c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 287.304052][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.311373][ C0] CR2: 0000001b2f424000 CR3: 000000012dc10000 CR4: 00000000003506b0 [ 287.320016][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.327903][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.335719][ C0] Call Trace: [ 287.338856][ C0] [ 287.341624][ C0] ? show_regs+0x58/0x60 [ 287.345743][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 287.350780][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 287.355911][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 287.361206][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 287.366143][ C0] ? clockevents_program_event+0x22f/0x300 [ 287.371796][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 287.378074][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 287.383142][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 287.389046][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 287.395062][ C0] [ 287.397807][ C0] [ 287.400594][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.406623][ C0] ? kvm_wait+0x147/0x180 [ 287.410746][ C0] ? asm_common_interrupt+0x27/0x40 [ 287.415793][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 287.421173][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 287.427171][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 287.433435][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 287.438529][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 287.443534][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 287.448828][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 287.454223][ C0] ? kfree_const+0x39/0x40 [ 287.458646][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 287.464121][ C0] bpf_trace_run2+0xec/0x210 [ 287.468618][ C0] ? kvasprintf_const+0x5e/0x190 [ 287.473487][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 287.478340][ C0] ? kfree_const+0x39/0x40 [ 287.482594][ C0] ? kvasprintf+0x107/0x180 [ 287.487005][ C0] ? __x64_sys_write+0x7b/0x90 [ 287.491758][ C0] ? do_syscall_64+0x3d/0xb0 [ 287.496177][ C0] ? kfree_const+0x39/0x40 [ 287.500542][ C0] __bpf_trace_kfree+0x6f/0x90 [ 287.505140][ C0] ? kfree_const+0x39/0x40 [ 287.509399][ C0] kfree+0x1f3/0x220 [ 287.513120][ C0] kfree_const+0x39/0x40 [ 287.517577][ C0] kobject_set_name_vargs+0xce/0x120 [ 287.522763][ C0] dev_set_name+0xd1/0x120 [ 287.527020][ C0] ? __hrtimer_init+0x17c/0x260 [ 287.531718][ C0] ? input_allocate_device+0x1bb/0x220 [ 287.536998][ C0] ? get_device+0x30/0x30 [ 287.541163][ C0] ? hrtimer_init+0x30/0x160 [ 287.545593][ C0] ? pm_runtime_init+0x275/0x350 [ 287.550372][ C0] input_allocate_device+0x1dc/0x220 [ 287.555489][ C0] uinput_write+0x7bf/0x1310 [ 287.559912][ C0] ? __kasan_check_write+0x14/0x20 [ 287.564860][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 287.570173][ C0] ? avc_policy_seqno+0x1b/0x70 [ 287.574954][ C0] ? uinput_read+0xc40/0xc40 [ 287.579363][ C0] ? fsnotify_perm+0x6a/0x5d0 [ 287.583956][ C0] ? security_file_permission+0x86/0xb0 [ 287.589496][ C0] ? uinput_read+0xc40/0xc40 [ 287.594097][ C0] vfs_write+0x406/0x1110 [ 287.598462][ C0] ? map_freeze+0x370/0x370 [ 287.602805][ C0] ? file_end_write+0x1c0/0x1c0 [ 287.607493][ C0] ? __fget_files+0x31e/0x380 [ 287.612016][ C0] ? __fdget_pos+0x209/0x3a0 [ 287.616428][ C0] ? ksys_write+0x77/0x2c0 [ 287.620690][ C0] ksys_write+0x199/0x2c0 [ 287.625084][ C0] ? __ia32_sys_read+0x90/0x90 [ 287.630126][ C0] ? __kasan_check_read+0x11/0x20 [ 287.635694][ C0] __x64_sys_write+0x7b/0x90 [ 287.640917][ C0] do_syscall_64+0x3d/0xb0 [ 287.645454][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.651276][ C0] RIP: 0033:0x7fe8d73efee9 [ 287.655713][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 287.675637][ C0] RSP: 002b:00007fe8d61640c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 287.684056][ C0] RAX: ffffffffffffffda RBX: 00007fe8d7526fa0 RCX: 00007fe8d73efee9 [ 287.691868][ C0] RDX: 000000000000045c RSI: 0000000020000800 RDI: 0000000000000003 [ 287.699676][ C0] RBP: 00007fe8d743c47f R08: 0000000000000000 R09: 0000000000000000 [ 287.707540][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.715580][ C0] R13: 000000000000000b R14: 00007fe8d7526fa0 R15: 00007ffda94d0b58 [ 287.723661][ C0] [ 287.727068][ C0] Sending NMI from CPU 0 to CPUs 1: [ 287.732217][ C1] NMI backtrace for cpu 1 [ 287.732241][ C1] CPU: 1 PID: 368 Comm: udevd Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 287.732289][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 287.732314][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 287.732366][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 287.732404][ C1] RSP: 0018:ffffc900055f7140 EFLAGS: 00000246 [ 287.732441][ C1] RAX: 0000000000000003 RBX: 1ffff92000abee2c RCX: ffffffff8154fa7f [ 287.732474][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881051ea258 [ 287.732508][ C1] RBP: ffffc900055f71f0 R08: dffffc0000000000 R09: ffffed1020a3d44c [ 287.732543][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 287.732577][ C1] R13: ffff8881051ea258 R14: 0000000000000003 R15: 1ffff92000abee30 [ 287.732610][ C1] FS: 00007fed5d8ddc80(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 287.732652][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.732693][ C1] CR2: 0000000020110030 CR3: 000000012be93000 CR4: 00000000003506a0 [ 287.732730][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 287.732757][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 287.732787][ C1] Call Trace: [ 287.732799][ C1] [ 287.732815][ C1] ? show_regs+0x58/0x60 [ 287.732862][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 287.732919][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 287.732979][ C1] ? kvm_wait+0x147/0x180 [ 287.733022][ C1] ? kvm_wait+0x147/0x180 [ 287.733065][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 287.733116][ C1] ? nmi_handle+0xa8/0x280 [ 287.733172][ C1] ? kvm_wait+0x147/0x180 [ 287.733216][ C1] ? default_do_nmi+0x69/0x160 [ 287.733266][ C1] ? exc_nmi+0xaf/0x120 [ 287.733312][ C1] ? end_repeat_nmi+0x16/0x31 [ 287.733361][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 287.733418][ C1] ? kvm_wait+0x147/0x180 [ 287.733463][ C1] ? kvm_wait+0x147/0x180 [ 287.733507][ C1] ? kvm_wait+0x147/0x180 [ 287.733551][ C1] [ 287.733563][ C1] [ 287.733577][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 287.733626][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 287.733681][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 287.733740][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 287.733801][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 287.733858][ C1] ? arch_stack_walk+0xf3/0x140 [ 287.733915][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 287.733969][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 287.734026][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 287.734082][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 287.734135][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.734185][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 287.734222][ C1] bpf_trace_run2+0xec/0x210 [ 287.734273][ C1] ? ____kasan_kmalloc+0xed/0x110 [ 287.734318][ C1] ? ____kasan_kmalloc+0xdb/0x110 [ 287.734363][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 287.734413][ C1] ? sock_alloc_send_pskb+0x915/0xa50 [ 287.734467][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.734516][ C1] ? vfs_write+0xd5d/0x1110 [ 287.734557][ C1] ? ksys_write+0x199/0x2c0 [ 287.734599][ C1] ? do_syscall_64+0x3d/0xb0 [ 287.734643][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.734698][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.734749][ C1] __bpf_trace_kfree+0x6f/0x90 [ 287.734794][ C1] ? sock_map_unref+0x352/0x4d0 [ 287.734844][ C1] kfree+0x1f3/0x220 [ 287.734896][ C1] sock_map_unref+0x352/0x4d0 [ 287.734952][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 287.735005][ C1] ? skb_release_data+0x8a9/0xa80 [ 287.735052][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xbc0 [ 287.735088][ C1] bpf_trace_run2+0xec/0x210 [ 287.735140][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 287.735190][ C1] ? skb_release_data+0x8a9/0xa80 [ 287.735237][ C1] ? iov_iter_init+0x190/0x190 [ 287.735285][ C1] ? skb_release_data+0x8a9/0xa80 [ 287.735332][ C1] __bpf_trace_kfree+0x6f/0x90 [ 287.735376][ C1] ? skb_release_data+0x8a9/0xa80 [ 287.735422][ C1] kfree+0x1f3/0x220 [ 287.735474][ C1] skb_release_data+0x8a9/0xa80 [ 287.735526][ C1] consume_skb+0xac/0x250 [ 287.735571][ C1] skb_free_datagram+0x28/0xe0 [ 287.735624][ C1] netlink_recvmsg+0x5ef/0x1190 [ 287.735690][ C1] ? netlink_sendmsg+0xd20/0xd20 [ 287.735755][ C1] ? security_socket_recvmsg+0x87/0xb0 [ 287.735801][ C1] ? netlink_sendmsg+0xd20/0xd20 [ 287.735855][ C1] ____sys_recvmsg+0x286/0x530 [ 287.735907][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 287.735963][ C1] ? import_iovec+0xe5/0x120 [ 287.736017][ C1] ___sys_recvmsg+0x1ec/0x690 [ 287.736068][ C1] ? __sys_recvmsg+0x260/0x260 [ 287.736130][ C1] ? do_epoll_wait+0x1a50/0x1a50 [ 287.736183][ C1] ? __kasan_check_read+0x11/0x20 [ 287.736231][ C1] ? __fdget+0x179/0x240 [ 287.736274][ C1] __x64_sys_recvmsg+0x1dc/0x2b0 [ 287.736321][ C1] ? __kasan_check_write+0x14/0x20 [ 287.736372][ C1] ? ___sys_recvmsg+0x690/0x690 [ 287.736427][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 287.736481][ C1] do_syscall_64+0x3d/0xb0 [ 287.736527][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 287.736574][ C1] RIP: 0033:0x7fed5da1691e [ 287.736609][ C1] Code: ff 89 ef 48 89 04 24 e8 4f 57 f9 ff 48 8b 04 24 48 83 c4 30 5d c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 21 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 70 48 8b 15 db c4 0c 00 f7 d8 64 89 02 48 83 [ 287.736646][ C1] RSP: 002b:00007fff2c51ae48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 287.736697][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fed5da1691e [ 287.736729][ C1] RDX: 0000000000000000 RSI: 00007fff2c51ae78 RDI: 000000000000000c [ 287.736759][ C1] RBP: 0000555f4c1bed20 R08: 0000000000000007 R09: a36eb49893faee62 [ 287.736792][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000555f4c1bed20 [ 287.736823][ C1] R13: 00007fff2c51af38 R14: 0000000000000000 R15: 0000555f4a4414df [ 287.736865][ C1]