last executing test programs: 2.979794296s ago: executing program 2 (id=3): syz_usb_connect(0x0, 0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) write(r5, &(0x7f0000000040)="2400000021002551241c0165ff00fc020200000000100f000ee1000c08000b0000000000", 0x24) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, 0x0, 0x0) connect$inet(r4, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10) 2.922374401s ago: executing program 4 (id=5): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc\x00s/\x92ync_\x00u\x02\x00\x00\x00\x00\x00\x00\x00\xd4\xa2\x88\xd4\xa6\xe8J\x00'/44}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000004a00)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000380)=@abs={0x1, 0x30}, 0x6e, 0x0}}], 0x2, 0x440e0) 370.625599ms ago: executing program 0 (id=1): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5011, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x394}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect$uac1(0x3, 0x0, 0x0, 0x0) syz_open_dev$evdev(0x0, 0x5e, 0x41ac40) 201.468042ms ago: executing program 3 (id=4): setrlimit(0x9, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x24, 0x2, 0x8, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @icmpv6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000080}, 0xc000) 54.784577ms ago: executing program 1 (id=2): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002600)=ANY=[@ANYBLOB="33074a5eb333fcc2e67984dc9e140507e5c16d1fd3e15d713d7bea0a927613f53c5e47d21cdb9ed2a0bf83c60acde344e8cb16db6ade73113818ac60a998325dfd2464bdf7a8890fe4e8e4a424cf42aef21ed58e04a40f15b2274bd88ad92fb12a598bf3b6c24b1034c6b59e9c5a57272ab3a3ed84ad3aa810fc2b94d8c3d56f56586fdaba72a7404554b102f23028309f1dc24faab5b0d025b0f79cdf0e", @ANYRES8=r2, @ANYRES16=r0, @ANYRESDEC=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000040)='binder\x00', 0x2200892, 0x0) read$FUSE(r4, &(0x7f00000005c0)={0x2020}, 0x2020) 0s ago: executing program 3 (id=6): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x756}) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@enable_nested={0x12c, 0x18}, @nested_create_vm={0x12d, 0x18}, @nested_load_code={0x12e, 0x4d, {0x0, "48b800800000000000000f23c80f21f8350c0020000f23f86d3266b864000f00d03500010000b8050002000f006080000f01b00f30"}}], 0x7d}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000000)=0x4) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000000040)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.143' (ED25519) to the list of known hosts. [ 54.563210][ T30] audit: type=1400 audit(1764273025.928:62): avc: denied { mounton } for pid=5793 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 54.586555][ T30] audit: type=1400 audit(1764273025.948:63): avc: denied { mount } for pid=5793 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 54.589215][ T5793] cgroup: Unknown subsys name 'net' [ 54.615477][ T30] audit: type=1400 audit(1764273025.988:64): avc: denied { unmount } for pid=5793 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 54.743325][ T5793] cgroup: Unknown subsys name 'cpuset' [ 54.751429][ T5793] cgroup: Unknown subsys name 'rlimit' [ 54.926316][ T30] audit: type=1400 audit(1764273026.288:65): avc: denied { setattr } for pid=5793 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 54.950073][ T30] audit: type=1400 audit(1764273026.288:66): avc: denied { create } for pid=5793 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 54.977122][ T30] audit: type=1400 audit(1764273026.288:67): avc: denied { write } for pid=5793 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 54.998756][ T30] audit: type=1400 audit(1764273026.288:68): avc: denied { read } for pid=5793 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 55.019471][ T30] audit: type=1400 audit(1764273026.318:69): avc: denied { mounton } for pid=5793 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 55.044351][ T30] audit: type=1400 audit(1764273026.318:70): avc: denied { mount } for pid=5793 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 55.067573][ T30] audit: type=1400 audit(1764273026.338:71): avc: denied { read } for pid=5476 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 55.102204][ T5796] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 56.047929][ T5793] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.242336][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.251051][ T5816] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.252038][ T5814] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.259146][ T5816] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.265971][ T5814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.273606][ T5816] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.279723][ T5814] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.289128][ T5816] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.293479][ T5814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.300762][ T5816] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.307716][ T5814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.315032][ T5821] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.321514][ T5814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.329130][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.342304][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.360848][ T5811] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 58.364937][ T5814] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.376213][ T5814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.384177][ T5814] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.391666][ T5814] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 58.400880][ T5814] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.408538][ T5814] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.416418][ T5814] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 58.431407][ T5814] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 58.439051][ T5814] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 58.737103][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 58.815691][ T5804] chnl_net:caif_netlink_parms(): no params data found [ 58.881659][ T5806] chnl_net:caif_netlink_parms(): no params data found [ 58.927217][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.934379][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.941722][ T5805] bridge_slave_0: entered allmulticast mode [ 58.948355][ T5805] bridge_slave_0: entered promiscuous mode [ 58.970268][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.977606][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.984784][ T5805] bridge_slave_1: entered allmulticast mode [ 58.991524][ T5805] bridge_slave_1: entered promiscuous mode [ 59.047976][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.055289][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.062752][ T5804] bridge_slave_0: entered allmulticast mode [ 59.069351][ T5804] bridge_slave_0: entered promiscuous mode [ 59.109317][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.116590][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.123798][ T5804] bridge_slave_1: entered allmulticast mode [ 59.130383][ T5804] bridge_slave_1: entered promiscuous mode [ 59.145398][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.197155][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.205669][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.212874][ T5806] bridge_slave_0: entered allmulticast mode [ 59.219514][ T5806] bridge_slave_0: entered promiscuous mode [ 59.228186][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.258287][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.267504][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.275074][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.282306][ T5806] bridge_slave_1: entered allmulticast mode [ 59.289026][ T5806] bridge_slave_1: entered promiscuous mode [ 59.306622][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 59.316560][ T5805] team0: Port device team_slave_0 added [ 59.323807][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.333259][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 59.355004][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.365145][ T5805] team0: Port device team_slave_1 added [ 59.395521][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.454341][ T5804] team0: Port device team_slave_0 added [ 59.461218][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.468152][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.494566][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.512710][ T5806] team0: Port device team_slave_0 added [ 59.519555][ T5804] team0: Port device team_slave_1 added [ 59.525951][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.532992][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.559409][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.577327][ T5806] team0: Port device team_slave_1 added [ 59.614834][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.622334][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.648593][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.682952][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.689890][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.715836][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.727769][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.734723][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.760582][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.797766][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.804871][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 59.830819][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.846033][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.853218][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.860304][ T5817] bridge_slave_0: entered allmulticast mode [ 59.869315][ T5817] bridge_slave_0: entered promiscuous mode [ 59.876720][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.884151][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.891267][ T5817] bridge_slave_1: entered allmulticast mode [ 59.898408][ T5817] bridge_slave_1: entered promiscuous mode [ 59.905047][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.912209][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.919301][ T5819] bridge_slave_0: entered allmulticast mode [ 59.926061][ T5819] bridge_slave_0: entered promiscuous mode [ 59.961511][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.968644][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.976110][ T5819] bridge_slave_1: entered allmulticast mode [ 59.983054][ T5819] bridge_slave_1: entered promiscuous mode [ 59.993378][ T5805] hsr_slave_0: entered promiscuous mode [ 59.999382][ T5805] hsr_slave_1: entered promiscuous mode [ 60.048183][ T5806] hsr_slave_0: entered promiscuous mode [ 60.054357][ T5806] hsr_slave_1: entered promiscuous mode [ 60.060173][ T5806] debugfs: 'hsr0' already exists in 'hsr' [ 60.066022][ T5806] Cannot create hsr debugfs directory [ 60.073470][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.098572][ T5804] hsr_slave_0: entered promiscuous mode [ 60.104623][ T5804] hsr_slave_1: entered promiscuous mode [ 60.110454][ T5804] debugfs: 'hsr0' already exists in 'hsr' [ 60.116702][ T5804] Cannot create hsr debugfs directory [ 60.134080][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.145004][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.176900][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.232863][ T5817] team0: Port device team_slave_0 added [ 60.255039][ T5819] team0: Port device team_slave_0 added [ 60.269785][ T5817] team0: Port device team_slave_1 added [ 60.287301][ T5819] team0: Port device team_slave_1 added [ 60.327111][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.334259][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.360323][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.389632][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.396823][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.421330][ T51] Bluetooth: hci2: command tx timeout [ 60.423568][ T5132] Bluetooth: hci0: command tx timeout [ 60.428470][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.433943][ T5814] Bluetooth: hci1: command tx timeout [ 60.449478][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.456489][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.482598][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.500651][ T5814] Bluetooth: hci3: command tx timeout [ 60.506328][ T5132] Bluetooth: hci4: command tx timeout [ 60.531474][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.538400][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.564533][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.627595][ T5817] hsr_slave_0: entered promiscuous mode [ 60.633827][ T5817] hsr_slave_1: entered promiscuous mode [ 60.639644][ T5817] debugfs: 'hsr0' already exists in 'hsr' [ 60.645441][ T5817] Cannot create hsr debugfs directory [ 60.695982][ T5819] hsr_slave_0: entered promiscuous mode [ 60.702656][ T5819] hsr_slave_1: entered promiscuous mode [ 60.709539][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 60.715535][ T5819] Cannot create hsr debugfs directory [ 60.829773][ T5805] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.865220][ T5805] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.892485][ T5805] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.908507][ T5805] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.957356][ T5806] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 60.968015][ T5806] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 60.980345][ T5806] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 60.991763][ T5806] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 61.063490][ T5804] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 61.075849][ T5804] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 61.099682][ T5804] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 61.112491][ T5804] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 61.175358][ T5817] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 61.189010][ T5817] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 61.198884][ T5817] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 61.208766][ T5817] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 61.237173][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.268160][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.305892][ T5819] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 61.318106][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.325896][ T5819] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 61.334989][ T5819] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 61.344920][ T5819] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 61.357653][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.373852][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.381123][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.390609][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.397767][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.417249][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.424358][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.444727][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.451820][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.522883][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.587106][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.594362][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 61.594375][ T30] audit: type=1400 audit(1764273032.958:86): avc: denied { sys_module } for pid=5806 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 61.657857][ T1322] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.664975][ T1322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.703743][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.717394][ T4315] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.724495][ T4315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.810064][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.828943][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.844045][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.876364][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.883502][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.908082][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.926811][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.933919][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.954985][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.980304][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.987459][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.001452][ T4315] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.008594][ T4315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.190245][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.226000][ T5805] veth0_vlan: entered promiscuous mode [ 62.265985][ T5805] veth1_vlan: entered promiscuous mode [ 62.296383][ T5806] veth0_vlan: entered promiscuous mode [ 62.337164][ T5806] veth1_vlan: entered promiscuous mode [ 62.356622][ T5805] veth0_macvtap: entered promiscuous mode [ 62.376095][ T5804] veth0_vlan: entered promiscuous mode [ 62.399917][ T5804] veth1_vlan: entered promiscuous mode [ 62.419830][ T5805] veth1_macvtap: entered promiscuous mode [ 62.456827][ T5806] veth0_macvtap: entered promiscuous mode [ 62.468565][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.479845][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.491237][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.499324][ T5806] veth1_macvtap: entered promiscuous mode [ 62.502472][ T5132] Bluetooth: hci2: command tx timeout [ 62.506114][ T5814] Bluetooth: hci1: command tx timeout [ 62.510402][ T51] Bluetooth: hci0: command tx timeout [ 62.525715][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.544762][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.556830][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.578997][ T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.580974][ T51] Bluetooth: hci4: command tx timeout [ 62.592203][ T60] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.593749][ T5132] Bluetooth: hci3: command tx timeout [ 62.608477][ T60] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.625302][ T5804] veth0_macvtap: entered promiscuous mode [ 62.636550][ T1132] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.646422][ T1132] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.667843][ T5804] veth1_macvtap: entered promiscuous mode [ 62.675578][ T60] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.684882][ T60] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.695718][ T60] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.773413][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.792830][ T5817] veth0_vlan: entered promiscuous mode [ 62.808992][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.814706][ T5817] veth1_vlan: entered promiscuous mode [ 62.822890][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.826030][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.839764][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.840713][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.855593][ T5819] veth0_vlan: entered promiscuous mode [ 62.893322][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.907880][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.909783][ T1132] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.924722][ T1132] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.945782][ T1132] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.949041][ T30] audit: type=1400 audit(1764273034.308:87): avc: denied { mounton } for pid=5806 comm="syz-executor" path="/root/syzkaller.Dd2nuX/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 62.955161][ T1132] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.000024][ T30] audit: type=1400 audit(1764273034.348:88): avc: denied { mount } for pid=5806 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 63.005834][ T5817] veth0_macvtap: entered promiscuous mode [ 63.031627][ T5819] veth1_vlan: entered promiscuous mode [ 63.038336][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.041511][ T5817] veth1_macvtap: entered promiscuous mode [ 63.051287][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.062542][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.087950][ T5806] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 63.089436][ T30] audit: type=1400 audit(1764273034.348:89): avc: denied { mounton } for pid=5806 comm="syz-executor" path="/root/syzkaller.Dd2nuX/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 63.132202][ T30] audit: type=1400 audit(1764273034.348:90): avc: denied { mount } for pid=5806 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 63.164945][ T30] audit: type=1400 audit(1764273034.348:91): avc: denied { mounton } for pid=5806 comm="syz-executor" path="/root/syzkaller.Dd2nuX/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 63.195233][ T30] audit: type=1400 audit(1764273034.348:92): avc: denied { mounton } for pid=5806 comm="syz-executor" path="/root/syzkaller.Dd2nuX/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 63.202735][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.230607][ T30] audit: type=1400 audit(1764273034.358:93): avc: denied { unmount } for pid=5806 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 63.244205][ T5819] veth0_macvtap: entered promiscuous mode [ 63.255925][ T30] audit: type=1400 audit(1764273034.388:94): avc: denied { mounton } for pid=5806 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 63.317548][ T1322] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.328681][ T30] audit: type=1400 audit(1764273034.388:95): avc: denied { mount } for pid=5806 comm="syz-executor" name="/" dev="gadgetfs" ino=7787 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 63.350536][ T1322] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.530788][ T5819] veth1_macvtap: entered promiscuous mode [ 63.540072][ T1322] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.563659][ T1322] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.563318][ T4315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.601793][ T4315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.534448][ T51] Bluetooth: hci0: command tx timeout [ 65.539895][ T5132] Bluetooth: hci2: command tx timeout [ 65.539929][ T5811] Bluetooth: hci4: command tx timeout [ 65.545840][ T51] Bluetooth: hci3: command tx timeout [ 65.551366][ T5814] Bluetooth: hci1: command tx timeout [ 65.595991][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.619510][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.659357][ T4315] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.706307][ T4315] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.722967][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.731758][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.758116][ T4315] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.773297][ T4315] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.804175][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.828029][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.924615][ T5925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.950222][ T5925] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.977590][ T5925] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.999118][ T5925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.056306][ T4315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.084211][ T4315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.241486][ T5820] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 66.418202][ T5934] ------------[ cut here ]------------ [ 66.424349][ T5934] WARNING: CPU: 0 PID: 5934 at arch/x86/kvm/lapic.c:3483 kvm_apic_accept_events+0x444/0x4c0 [ 66.434688][ T5934] Modules linked in: [ 66.438674][ T5934] CPU: 0 UID: 0 PID: 5934 Comm: syz.3.6 Not tainted syzkaller #0 PREEMPT(full) [ 66.447792][ T5934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 66.458710][ T5934] RIP: 0010:kvm_apic_accept_events+0x444/0x4c0 [ 66.465646][ T5934] Code: 34 03 00 00 02 00 00 00 e9 ae fd ff ff 4c 89 ef e8 b1 af de 00 e9 33 fc ff ff e8 77 af de 00 e9 17 fd ff ff e8 ed 0b 76 00 90 <0f> 0b 90 e9 24 fd ff ff e8 8f af de 00 e9 de fb ff ff e8 55 af de [ 66.485370][ T5934] RSP: 0018:ffffc9000536fc38 EFLAGS: 00010283 [ 66.491647][ T5934] RAX: 0000000000000704 RBX: 0000000000000002 RCX: ffffc9000ca22000 [ 66.499633][ T5934] RDX: 0000000000080000 RSI: ffffffff8146dbf3 RDI: 0000000000000005 [ 66.507770][ T5934] RBP: ffff88802b96de00 R08: 0000000000000005 R09: 0000000000000002 [ 66.515789][ T5934] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000001 [ 66.523842][ T5934] R13: ffff88802b96dee0 R14: ffff88807eda8030 R15: 0000000000000001 [ 66.531905][ T5934] FS: 00007fe56c4526c0(0000) GS:ffff888124a05000(0000) knlGS:0000000000000000 [ 66.541068][ T5934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 66.547661][ T5934] CR2: 0000200000650000 CR3: 000000007e3b7000 CR4: 00000000003526f0 [ 66.556500][ T5934] Call Trace: [ 66.559783][ T5934] [ 66.563361][ T5934] kvm_arch_vcpu_ioctl_get_mpstate+0x103/0x450 [ 66.569541][ T5934] kvm_vcpu_ioctl+0x7b8/0x1690 [ 66.574588][ T5934] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 66.579802][ T5934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 66.585853][ T5934] ? do_vfs_ioctl+0x128/0x14f0 [ 66.590679][ T5934] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 66.595721][ T5934] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 66.602651][ T5934] ? hook_file_ioctl_common+0x145/0x410 [ 66.608226][ T5934] ? selinux_file_ioctl+0x180/0x270 [ 66.613486][ T5934] ? selinux_file_ioctl+0xb4/0x270 [ 66.618617][ T5934] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 66.623900][ T5934] __x64_sys_ioctl+0x18e/0x210 [ 66.628679][ T5934] do_syscall_64+0xcd/0xfa0 [ 66.633238][ T5934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.639139][ T5934] RIP: 0033:0x7fe56b58f749 [ 66.643616][ T5934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.664338][ T5934] RSP: 002b:00007fe56c452038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.673460][ T5934] RAX: ffffffffffffffda RBX: 00007fe56b7e5fa0 RCX: 00007fe56b58f749 [ 66.681488][ T5934] RDX: 0000200000000040 RSI: 000000008004ae98 RDI: 0000000000000005 [ 66.689460][ T5934] RBP: 00007fe56b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 66.697486][ T5934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 66.705510][ T5934] R13: 00007fe56b7e6038 R14: 00007fe56b7e5fa0 R15: 00007ffc92e46038 [ 66.713562][ T5934] [ 66.716575][ T5934] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 66.723848][ T5934] CPU: 0 UID: 0 PID: 5934 Comm: syz.3.6 Not tainted syzkaller #0 PREEMPT(full) [ 66.732868][ T5934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 66.742921][ T5934] Call Trace: [ 66.746195][ T5934] [ 66.749123][ T5934] dump_stack_lvl+0x3d/0x1f0 [ 66.753713][ T5934] vpanic+0x640/0x6f0 [ 66.757706][ T5934] ? kvm_apic_accept_events+0x444/0x4c0 [ 66.763258][ T5934] panic+0xca/0xd0 [ 66.766992][ T5934] ? __pfx_panic+0x10/0x10 [ 66.771424][ T5934] check_panic_on_warn+0xab/0xb0 [ 66.776361][ T5934] __warn+0xf6/0x3c0 [ 66.780264][ T5934] ? kvm_apic_accept_events+0x444/0x4c0 [ 66.785821][ T5934] report_bug+0x3c3/0x580 [ 66.790159][ T5934] ? kvm_apic_accept_events+0x444/0x4c0 [ 66.795708][ T5934] handle_bug+0x184/0x210 [ 66.800037][ T5934] exc_invalid_op+0x17/0x50 [ 66.804537][ T5934] asm_exc_invalid_op+0x1a/0x20 [ 66.809384][ T5934] RIP: 0010:kvm_apic_accept_events+0x444/0x4c0 [ 66.815541][ T5934] Code: 34 03 00 00 02 00 00 00 e9 ae fd ff ff 4c 89 ef e8 b1 af de 00 e9 33 fc ff ff e8 77 af de 00 e9 17 fd ff ff e8 ed 0b 76 00 90 <0f> 0b 90 e9 24 fd ff ff e8 8f af de 00 e9 de fb ff ff e8 55 af de [ 66.835151][ T5934] RSP: 0018:ffffc9000536fc38 EFLAGS: 00010283 [ 66.841210][ T5934] RAX: 0000000000000704 RBX: 0000000000000002 RCX: ffffc9000ca22000 [ 66.849164][ T5934] RDX: 0000000000080000 RSI: ffffffff8146dbf3 RDI: 0000000000000005 [ 66.857119][ T5934] RBP: ffff88802b96de00 R08: 0000000000000005 R09: 0000000000000002 [ 66.865074][ T5934] R10: 0000000000000002 R11: 0000000000000001 R12: 0000000000000001 [ 66.873062][ T5934] R13: ffff88802b96dee0 R14: ffff88807eda8030 R15: 0000000000000001 [ 66.881116][ T5934] ? kvm_apic_accept_events+0x443/0x4c0 [ 66.886659][ T5934] ? kvm_apic_accept_events+0x443/0x4c0 [ 66.892190][ T5934] kvm_arch_vcpu_ioctl_get_mpstate+0x103/0x450 [ 66.898332][ T5934] kvm_vcpu_ioctl+0x7b8/0x1690 [ 66.903086][ T5934] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 66.908275][ T5934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 66.914158][ T5934] ? do_vfs_ioctl+0x128/0x14f0 [ 66.918911][ T5934] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 66.923924][ T5934] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 66.930767][ T5934] ? hook_file_ioctl_common+0x145/0x410 [ 66.936303][ T5934] ? selinux_file_ioctl+0x180/0x270 [ 66.941482][ T5934] ? selinux_file_ioctl+0xb4/0x270 [ 66.946577][ T5934] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 66.951761][ T5934] __x64_sys_ioctl+0x18e/0x210 [ 66.956513][ T5934] do_syscall_64+0xcd/0xfa0 [ 66.960997][ T5934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.966869][ T5934] RIP: 0033:0x7fe56b58f749 [ 66.971264][ T5934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.990849][ T5934] RSP: 002b:00007fe56c452038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.999243][ T5934] RAX: ffffffffffffffda RBX: 00007fe56b7e5fa0 RCX: 00007fe56b58f749 [ 67.007203][ T5934] RDX: 0000200000000040 RSI: 000000008004ae98 RDI: 0000000000000005 [ 67.015168][ T5934] RBP: 00007fe56b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 67.023126][ T5934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 67.031087][ T5934] R13: 00007fe56b7e6038 R14: 00007fe56b7e5fa0 R15: 00007ffc92e46038 [ 67.039051][ T5934] [ 67.042337][ T5934] Kernel Offset: disabled [ 67.046633][ T5934] Rebooting in 86400 seconds..