last executing test programs: 12.432670009s ago: executing program 2 (id=428): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72) 12.157517395s ago: executing program 0 (id=432): r0 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0xa, 0x0, 0x0, 0xfffffffc, 0x4}) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 11.889096997s ago: executing program 0 (id=435): r0 = socket$alg(0x26, 0x5, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008080)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000030c0)={0x10, 0x34, 0x810, 0x70bd25, 0x25dfdbff}, 0x10}], 0x1}, 0x0) mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4, 0x400, @loopback, 0x4}, 0x1c) setsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000040)=0x7fff, 0x4) sendmmsg$inet6(r1, &(0x7f0000007e40), 0x4000000000000aa, 0x0) 11.743288913s ago: executing program 3 (id=436): preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000240)=""/11, 0xb}}, 0x120) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0c000000a9"], 0xaf) 11.675533746s ago: executing program 0 (id=437): prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000028000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002f81c461b3fea834ceb0e17d9838c2830ca7ce46e581a192326a36"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 11.617767925s ago: executing program 2 (id=438): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000500)='\x00\x00\x00\x00\x00', 0x17, 0x0, 0x0, 0x37) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "d2b584550d22bf58", "c0b67cb29ca2b838d41ac2fc7ddf972d", "e9be1eae", "0daf7461cfccf6ce"}, 0x28) 11.588731762s ago: executing program 4 (id=439): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = syz_io_uring_setup(0x6905, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) r4 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="479374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) 11.334861573s ago: executing program 2 (id=440): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/oops_count', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 11.142136246s ago: executing program 4 (id=441): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246) 10.891498726s ago: executing program 4 (id=442): r0 = socket(0x1, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20) bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x5452, &(0x7f0000000000)={'syztnl1\x00', 0x0}) recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000440)=""/103, 0x67}], 0x1}, 0x0) sendmmsg$unix(r0, &(0x7f0000002100)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0) 10.496948564s ago: executing program 0 (id=443): openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000040)={{&(0x7f000030e000/0x1000)=nil, 0x1000}}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) futimesat(0xffffffffffffffff, 0x0, 0x0) 10.452418374s ago: executing program 2 (id=444): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67a}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r1, &(0x7f0000000b80)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r1, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) 10.418571544s ago: executing program 4 (id=445): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r1, r3, 0x3, 0x0, @void}, 0x62) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) 10.134671411s ago: executing program 0 (id=446): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@delpolicy={0x50, 0x27, 0x1, 0x0, 0x0, {{@in=@private=0xa010100, @in6=@remote}}}, 0x50}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0) 10.051764383s ago: executing program 2 (id=447): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42802, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = syz_io_uring_setup(0x1188, &(0x7f0000000080)={0x0, 0x57f1, 0x10100, 0x4}, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0) 6.145582991s ago: executing program 2 (id=448): open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', 0x0, 0x1001, 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='exfat\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEFRAG(r0, 0x1261, 0x3) 5.019517388s ago: executing program 1 (id=449): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000005c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x6, 0x0, 0x0) 4.981506661s ago: executing program 1 (id=450): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 4.981355979s ago: executing program 4 (id=451): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) getpeername$llc(r2, 0x0, 0x0) 4.981021076s ago: executing program 4 (id=452): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd090328fdb100300000006000000001002f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 4.902839175s ago: executing program 0 (id=453): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f913", 0x11}], 0x1}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x0) 4.639992341s ago: executing program 1 (id=454): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)) ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(r2, 0x80184153, &(0x7f0000000540)={0x0, &(0x7f0000000500)}) 4.53726775s ago: executing program 1 (id=455): syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000a00)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001a40)=ANY=[@ANYBLOB="1c0000006800e9a0e7000000000000000a00000000000000040004"], 0x1c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8}]}, 0x2c}}, 0x0) 4.333200219s ago: executing program 3 (id=456): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0) clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x4}) 4.224869602s ago: executing program 1 (id=457): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000ac0)={{r0}, &(0x7f0000000a40), &(0x7f0000000a80)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 4.131600387s ago: executing program 1 (id=458): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r2, 0x8, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="0300ffff0000", 0x6}]) 2.202485808s ago: executing program 3 (id=459): getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) mincore(&(0x7f0000f0c000/0x3000)=nil, 0x3000, 0x0) 1.797917671s ago: executing program 3 (id=460): socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000001600), 0x4) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 1.618128187s ago: executing program 3 (id=461): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000340)=0x9) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x0) connect$unix(r0, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 0s ago: executing program 3 (id=462): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000240)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/73, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001a80)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af13, &(0x7f0000000980)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.26' (ED25519) to the list of known hosts. [ 97.668164][ T940] cfg80211: failed to load regulatory.db [ 99.408170][ T30] audit: type=1400 audit(1724287829.636:88): avc: denied { mounton } for pid=5208 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 99.420213][ T5208] cgroup: Unknown subsys name 'net' [ 99.431150][ T30] audit: type=1400 audit(1724287829.636:89): avc: denied { mount } for pid=5208 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 99.458604][ T30] audit: type=1400 audit(1724287829.676:90): avc: denied { unmount } for pid=5208 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 99.678914][ T5208] cgroup: Unknown subsys name 'rlimit' [ 99.819281][ T30] audit: type=1400 audit(1724287830.046:91): avc: denied { setattr } for pid=5208 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 99.853969][ T30] audit: type=1400 audit(1724287830.046:92): avc: denied { create } for pid=5208 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 99.876041][ T30] audit: type=1400 audit(1724287830.046:93): avc: denied { write } for pid=5208 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 99.898023][ T30] audit: type=1400 audit(1724287830.046:94): avc: denied { read } for pid=5208 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 99.919514][ T30] audit: type=1400 audit(1724287830.066:95): avc: denied { mounton } for pid=5208 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 99.944727][ T30] audit: type=1400 audit(1724287830.066:96): avc: denied { mount } for pid=5208 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 99.968410][ T30] audit: type=1400 audit(1724287830.086:97): avc: denied { read } for pid=4884 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 100.015193][ T5212] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 101.884320][ T5208] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 104.705250][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 104.705273][ T30] audit: type=1400 audit(1724287834.936:103): avc: denied { mounton } for pid=5219 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 104.803238][ T30] audit: type=1400 audit(1724287834.966:104): avc: denied { mount } for pid=5219 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 104.883250][ T30] audit: type=1400 audit(1724287834.966:105): avc: denied { create } for pid=5219 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 104.938366][ T5221] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.963912][ T30] audit: type=1400 audit(1724287834.966:106): avc: denied { read write } for pid=5219 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1078 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 104.964006][ T5221] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.013382][ T5221] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.037874][ T5225] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 105.046164][ T30] audit: type=1400 audit(1724287834.966:107): avc: denied { open } for pid=5219 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1078 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 105.071018][ T30] audit: type=1400 audit(1724287835.046:108): avc: denied { ioctl } for pid=5219 comm="syz-executor" path="socket:[3561]" dev="sockfs" ino=3561 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 105.071163][ T5227] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 105.106927][ T5227] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 105.125612][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 105.134869][ T5231] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 105.144905][ T5231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 105.154231][ T5231] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 105.162156][ T5231] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 105.171974][ T5231] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 105.179852][ T5231] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 105.199208][ T5226] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.203535][ T5231] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 105.207840][ T5226] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 105.222901][ T5226] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 105.232945][ T5226] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 105.253183][ T30] audit: type=1400 audit(1724287835.476:109): avc: denied { read } for pid=5219 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 105.278582][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 105.279453][ T4608] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 105.287175][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 105.294563][ T4608] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 105.300692][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 105.307768][ T4608] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 105.336069][ T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 105.351816][ T4608] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 105.376932][ T4608] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 105.391191][ T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 105.400716][ T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 105.409399][ T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 105.433241][ T30] audit: type=1400 audit(1724287835.476:110): avc: denied { open } for pid=5219 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 105.461370][ T30] audit: type=1400 audit(1724287835.476:111): avc: denied { mounton } for pid=5219 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 106.142287][ T30] audit: type=1400 audit(1724287836.366:112): avc: denied { module_request } for pid=5222 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 106.288667][ T5222] chnl_net:caif_netlink_parms(): no params data found [ 106.418815][ T5230] chnl_net:caif_netlink_parms(): no params data found [ 106.656975][ T5229] chnl_net:caif_netlink_parms(): no params data found [ 106.784201][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.791930][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.799533][ T5222] bridge_slave_0: entered allmulticast mode [ 106.809172][ T5222] bridge_slave_0: entered promiscuous mode [ 106.867207][ T5223] chnl_net:caif_netlink_parms(): no params data found [ 106.880490][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.888484][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.896390][ T5222] bridge_slave_1: entered allmulticast mode [ 106.904659][ T5222] bridge_slave_1: entered promiscuous mode [ 106.948172][ T5219] chnl_net:caif_netlink_parms(): no params data found [ 107.055944][ T5230] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.063517][ T5230] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.070759][ T5230] bridge_slave_0: entered allmulticast mode [ 107.078723][ T5230] bridge_slave_0: entered promiscuous mode [ 107.124033][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.141605][ T5230] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.150354][ T5230] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.157722][ T5230] bridge_slave_1: entered allmulticast mode [ 107.166240][ T5230] bridge_slave_1: entered promiscuous mode [ 107.235179][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 107.282721][ T5230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.344458][ T54] Bluetooth: hci0: command tx timeout [ 107.353658][ T5227] Bluetooth: hci3: command tx timeout [ 107.363946][ T54] Bluetooth: hci1: command tx timeout [ 107.367743][ T5230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 107.423693][ T54] Bluetooth: hci2: command tx timeout [ 107.503280][ T54] Bluetooth: hci4: command tx timeout [ 107.552308][ T5222] team0: Port device team_slave_0 added [ 107.559108][ T5229] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.567180][ T5229] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.574563][ T5229] bridge_slave_0: entered allmulticast mode [ 107.582224][ T5229] bridge_slave_0: entered promiscuous mode [ 107.596493][ T5230] team0: Port device team_slave_0 added [ 107.622219][ T5223] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.629570][ T5223] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.636934][ T5223] bridge_slave_0: entered allmulticast mode [ 107.644825][ T5223] bridge_slave_0: entered promiscuous mode [ 107.655233][ T5223] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.662454][ T5223] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.670512][ T5223] bridge_slave_1: entered allmulticast mode [ 107.683220][ T5223] bridge_slave_1: entered promiscuous mode [ 107.693686][ T5222] team0: Port device team_slave_1 added [ 107.722029][ T5229] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.729492][ T5229] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.736920][ T5229] bridge_slave_1: entered allmulticast mode [ 107.745030][ T5229] bridge_slave_1: entered promiscuous mode [ 107.758071][ T5230] team0: Port device team_slave_1 added [ 107.764556][ T5219] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.771754][ T5219] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.780868][ T5219] bridge_slave_0: entered allmulticast mode [ 107.788660][ T5219] bridge_slave_0: entered promiscuous mode [ 107.896710][ T5219] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.904183][ T5219] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.911418][ T5219] bridge_slave_1: entered allmulticast mode [ 107.920424][ T5219] bridge_slave_1: entered promiscuous mode [ 107.951855][ T5223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.963637][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.970633][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.996897][ T5222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.073711][ T5219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.089645][ T5223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.100059][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.107590][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.133689][ T5222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.160088][ T5229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.176282][ T5229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.186858][ T5230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.193938][ T5230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.220087][ T5230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.235071][ T5219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.310368][ T5223] team0: Port device team_slave_0 added [ 108.337940][ T5230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.346670][ T5230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.372963][ T5230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.431523][ T5223] team0: Port device team_slave_1 added [ 108.506717][ T5219] team0: Port device team_slave_0 added [ 108.518548][ T5219] team0: Port device team_slave_1 added [ 108.546158][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.553272][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.579653][ T5223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.597798][ T5229] team0: Port device team_slave_0 added [ 108.689084][ T5223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.696152][ T5223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.729823][ T5223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.745538][ T5229] team0: Port device team_slave_1 added [ 108.787086][ T5222] hsr_slave_0: entered promiscuous mode [ 108.795092][ T5222] hsr_slave_1: entered promiscuous mode [ 108.810801][ T5230] hsr_slave_0: entered promiscuous mode [ 108.818495][ T5230] hsr_slave_1: entered promiscuous mode [ 108.825395][ T5230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 108.834401][ T5230] Cannot create hsr debugfs directory [ 108.862811][ T5219] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.870098][ T5219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.897176][ T5219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.911724][ T5219] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.919195][ T5219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.946223][ T5219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.014788][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.021777][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.048342][ T5229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.062536][ T5229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.070411][ T5229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.096933][ T5229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.207945][ T5223] hsr_slave_0: entered promiscuous mode [ 109.215208][ T5223] hsr_slave_1: entered promiscuous mode [ 109.221712][ T5223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.229701][ T5223] Cannot create hsr debugfs directory [ 109.305984][ T5219] hsr_slave_0: entered promiscuous mode [ 109.313802][ T5219] hsr_slave_1: entered promiscuous mode [ 109.320683][ T5219] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.328887][ T5219] Cannot create hsr debugfs directory [ 109.424780][ T5227] Bluetooth: hci3: command tx timeout [ 109.424846][ T5233] Bluetooth: hci0: command tx timeout [ 109.430512][ T54] Bluetooth: hci1: command tx timeout [ 109.461452][ T5229] hsr_slave_0: entered promiscuous mode [ 109.468526][ T5229] hsr_slave_1: entered promiscuous mode [ 109.477330][ T5229] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.485183][ T5229] Cannot create hsr debugfs directory [ 109.503379][ T54] Bluetooth: hci2: command tx timeout [ 109.584516][ T54] Bluetooth: hci4: command tx timeout [ 110.262024][ T5230] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 110.295112][ T5230] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 110.309751][ T5230] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 110.322658][ T5230] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 110.433717][ T5222] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 110.452985][ T5222] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 110.486202][ T5222] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 110.499712][ T5222] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 110.659032][ T5229] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 110.689998][ T5229] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 110.725720][ T5229] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 110.741975][ T5229] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 110.918735][ T5219] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.939544][ T5219] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.970772][ T5219] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 110.985224][ T5219] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.017241][ T5230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.136111][ T5230] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.228692][ T5223] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 111.242932][ T5223] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 111.257914][ T5223] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 111.285022][ T2577] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.293172][ T2577] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.320567][ T5223] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 111.402056][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.409364][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.428395][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.506963][ T54] Bluetooth: hci0: command tx timeout [ 111.507052][ T5233] Bluetooth: hci1: command tx timeout [ 111.512754][ T5227] Bluetooth: hci3: command tx timeout [ 111.565135][ T5222] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.585599][ T5227] Bluetooth: hci2: command tx timeout [ 111.615792][ T2577] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.623126][ T2577] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.643005][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.650322][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.664412][ T5227] Bluetooth: hci4: command tx timeout [ 111.808175][ T5229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.962452][ T30] audit: type=1400 audit(1724287842.186:113): avc: denied { sys_module } for pid=5230 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 112.002787][ T5229] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.114292][ T5219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.127601][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.135004][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.162117][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.169487][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.320222][ T5223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.409823][ T5219] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.489384][ T5223] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.530659][ T5230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.548791][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.556116][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.587872][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.595211][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.650027][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.657437][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.716391][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.723695][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.856203][ T5222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.191453][ T5229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.256695][ T5230] veth0_vlan: entered promiscuous mode [ 113.370199][ T5230] veth1_vlan: entered promiscuous mode [ 113.594903][ T5227] Bluetooth: hci3: command tx timeout [ 113.600494][ T5227] Bluetooth: hci0: command tx timeout [ 113.610714][ T54] Bluetooth: hci1: command tx timeout [ 113.663649][ T5227] Bluetooth: hci2: command tx timeout [ 113.680025][ T5230] veth0_macvtap: entered promiscuous mode [ 113.744374][ T54] Bluetooth: hci4: command tx timeout [ 113.746872][ T5230] veth1_macvtap: entered promiscuous mode [ 113.781945][ T5229] veth0_vlan: entered promiscuous mode [ 113.850966][ T5229] veth1_vlan: entered promiscuous mode [ 113.871440][ T5219] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.899702][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.952012][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.016658][ T5230] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.026446][ T5230] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.036410][ T5230] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.046193][ T5230] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.082969][ T5223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.161810][ T5222] veth0_vlan: entered promiscuous mode [ 114.184952][ T5229] veth0_macvtap: entered promiscuous mode [ 114.236583][ T5229] veth1_macvtap: entered promiscuous mode [ 114.261398][ T5222] veth1_vlan: entered promiscuous mode [ 114.379559][ T5219] veth0_vlan: entered promiscuous mode [ 114.475824][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.488076][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.495602][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.506902][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.519684][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.549500][ T5219] veth1_vlan: entered promiscuous mode [ 114.575932][ T5229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.586639][ T5229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.598916][ T5229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.648017][ T5223] veth0_vlan: entered promiscuous mode [ 114.697517][ T5229] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.708701][ T5229] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.718617][ T5229] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.727880][ T5229] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.771211][ T5222] veth0_macvtap: entered promiscuous mode [ 114.799976][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.808534][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.817271][ T5222] veth1_macvtap: entered promiscuous mode [ 114.847440][ T5223] veth1_vlan: entered promiscuous mode [ 114.880018][ T30] audit: type=1400 audit(1724287845.106:114): avc: denied { mounton } for pid=5230 comm="syz-executor" path="/root/syzkaller.eZ4iPQ/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 114.913675][ T30] audit: type=1400 audit(1724287845.106:115): avc: denied { mount } for pid=5230 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 114.938983][ T30] audit: type=1400 audit(1724287845.116:116): avc: denied { mounton } for pid=5230 comm="syz-executor" path="/root/syzkaller.eZ4iPQ/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 114.969533][ T30] audit: type=1400 audit(1724287845.126:117): avc: denied { mount } for pid=5230 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 115.008746][ T30] audit: type=1400 audit(1724287845.196:118): avc: denied { unmount } for pid=5230 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 115.038641][ T30] audit: type=1400 audit(1724287845.226:119): avc: denied { mounton } for pid=5230 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 115.070791][ T5223] veth0_macvtap: entered promiscuous mode [ 115.108312][ T30] audit: type=1400 audit(1724287845.266:120): avc: denied { mount } for pid=5230 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 115.150270][ T5219] veth0_macvtap: entered promiscuous mode [ 115.178491][ T5223] veth1_macvtap: entered promiscuous mode [ 115.248893][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.260332][ T5219] veth1_macvtap: entered promiscuous mode [ 115.272498][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.311801][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.328429][ T30] audit: type=1400 audit(1724287845.556:121): avc: denied { read write } for pid=5230 comm="syz-executor" name="loop1" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 115.349808][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.364368][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.397153][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.412444][ T30] audit: type=1400 audit(1724287845.596:122): avc: denied { open } for pid=5230 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 115.441390][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.499310][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.517315][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.527867][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.540061][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.574604][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.607481][ T5304] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.2'. [ 115.685850][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.696626][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.712849][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.734715][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.747097][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.758963][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.776792][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.798535][ T5222] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.810854][ T2968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.830516][ T5222] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.836694][ T5306] Falling back ldisc for ttyS3. [ 115.839547][ T2968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.853099][ T5222] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.861871][ T5222] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.927174][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.955553][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.967813][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.978813][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.989279][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.001522][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.035427][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.054215][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.071660][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.083021][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.109138][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.119137][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.130093][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.141625][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.154174][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.167240][ T5219] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.200011][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.212155][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.223423][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.238027][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.256587][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.284045][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.306517][ T5219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.317944][ T5219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.331049][ T5219] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.357996][ T5219] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.368139][ T5219] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.377747][ T5219] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.388332][ T5219] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.412484][ T5223] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.427923][ T5223] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.453753][ T5223] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.462614][ T5223] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.933849][ T2577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.941743][ T2577] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.136052][ T2577] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.167369][ T2577] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.265554][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 117.266001][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.282707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 117.282715][ T5301] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 117.293707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 117.538047][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.576731][ T5301] usb 3-1: Using ep0 maxpacket: 16 [ 117.600158][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.627699][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.641937][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.666133][ T5301] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 117.717549][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.813449][ T5301] usb 3-1: Product: syz [ 117.817709][ T5301] usb 3-1: Manufacturer: syz [ 117.822423][ T5301] usb 3-1: SerialNumber: syz [ 117.912245][ T5301] r8152-cfgselector 3-1: Unknown version 0x0000 [ 117.931178][ T5301] r8152-cfgselector 3-1: config 0 descriptor?? [ 117.945194][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.964324][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.145541][ T2532] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.180087][ T2532] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.216569][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 118.216592][ T30] audit: type=1400 audit(1724287848.436:130): avc: denied { write } for pid=5323 comm="syz.1.10" name="usbmon0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 118.392560][ T30] audit: type=1400 audit(1724287848.436:131): avc: denied { open } for pid=5323 comm="syz.1.10" path="/dev/usbmon0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 118.608619][ T30] audit: type=1400 audit(1724287848.836:132): avc: denied { prog_load } for pid=5327 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 118.747604][ T30] audit: type=1400 audit(1724287848.836:133): avc: denied { bpf } for pid=5327 comm="syz.4.5" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 118.903306][ T30] audit: type=1400 audit(1724287848.836:134): avc: denied { perfmon } for pid=5327 comm="syz.4.5" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 119.040235][ T30] audit: type=1400 audit(1724287848.896:135): avc: denied { prog_run } for pid=5327 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 119.087478][ T30] audit: type=1400 audit(1724287849.166:136): avc: denied { execute } for pid=5327 comm="syz.4.5" path="/0/cpu.stat" dev="tmpfs" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 119.154506][ T5336] sg_read: process 3 (syz.3.4) changed security contexts after opening file descriptor, this is not allowed. [ 119.174617][ T30] audit: type=1400 audit(1724287849.266:137): avc: denied { read } for pid=5330 comm="syz.3.4" name="sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 119.242596][ T30] audit: type=1400 audit(1724287849.266:138): avc: denied { open } for pid=5330 comm="syz.3.4" path="/dev/sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 119.329870][ T8] libceph: connect (1)[c::]:6789 error -101 [ 119.361943][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 119.381434][ T30] audit: type=1400 audit(1724287849.606:139): avc: denied { map_create } for pid=5315 comm="syz.2.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 119.400567][ T5332] ceph: No mds server is up or the cluster is laggy [ 119.419384][ T9] r8152-cfgselector 3-1: USB disconnect, device number 2 [ 120.118945][ T5347] netlink: 'syz.0.14': attribute type 11 has an invalid length. [ 121.200130][ T5369] syz.1.24: attempt to access beyond end of device [ 121.200130][ T5369] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 121.243593][ T5369] exFAT-fs (nbd1): unable to read boot sector [ 121.255560][ T5369] exFAT-fs (nbd1): failed to read boot sector [ 121.308885][ T5369] exFAT-fs (nbd1): failed to recognize exfat type [ 122.413711][ T940] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 122.633666][ T940] usb 3-1: Using ep0 maxpacket: 32 [ 122.646099][ T940] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 122.646178][ T940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.657335][ T940] usb 3-1: config 0 descriptor?? [ 122.695214][ T940] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 123.185134][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 123.327935][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 123.532730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 123.942668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 123.956482][ T940] gspca_nw80x: reg_r err -110 [ 124.050888][ T940] nw80x 3-1:0.0: probe with driver nw80x failed with error -110 [ 124.388958][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 124.388982][ T30] audit: type=1400 audit(1724287854.616:168): avc: denied { create } for pid=5408 comm="syz.0.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 124.455908][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 124.501333][ T30] audit: type=1400 audit(1724287854.656:169): avc: denied { setopt } for pid=5408 comm="syz.0.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 124.580080][ T30] audit: type=1400 audit(1724287854.666:170): avc: denied { mount } for pid=5410 comm="syz.4.39" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 124.673199][ T30] audit: type=1400 audit(1724287854.676:171): avc: denied { mounton } for pid=5410 comm="syz.4.39" path="/6/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1 [ 124.704747][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 124.890173][ T5419] netlink: 24 bytes leftover after parsing attributes in process `syz.1.42'. [ 124.996220][ T30] audit: type=1400 audit(1724287855.226:172): avc: denied { listen } for pid=5422 comm="syz.4.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 125.051752][ T30] audit: type=1400 audit(1724287855.226:173): avc: denied { accept } for pid=5422 comm="syz.4.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 125.094224][ T30] audit: type=1400 audit(1724287855.286:174): avc: denied { map_read map_write } for pid=5424 comm="syz.0.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 125.186252][ T5272] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 125.393282][ T5272] usb 4-1: Using ep0 maxpacket: 8 [ 125.404921][ T5272] usb 4-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=b6.14 [ 125.418170][ T30] audit: type=1400 audit(1724287855.646:175): avc: denied { read } for pid=5433 comm="syz.0.49" name="mice" dev="devtmpfs" ino=833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 125.424528][ T5272] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.440930][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.518421][ T30] audit: type=1400 audit(1724287855.646:176): avc: denied { open } for pid=5433 comm="syz.0.49" path="/dev/input/mice" dev="devtmpfs" ino=833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 125.541910][ T5272] usb 4-1: selecting invalid altsetting 1 [ 125.542393][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.555341][ T5272] comedi comedi0: could not switch to alternate setting 1 [ 125.572548][ T8] usb 3-1: USB disconnect, device number 3 [ 125.601696][ T5272] usbduxfast 4-1:17.0: driver 'usbduxfast' failed to auto-configure device. [ 125.607837][ T30] audit: type=1400 audit(1724287855.646:177): avc: denied { read write } for pid=5433 comm="syz.0.49" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 125.677521][ T46] kernel read not supported for file /input/mice (pid: 46 comm: kworker/1:1) [ 125.959588][ T8] usb 4-1: USB disconnect, device number 2 [ 127.056979][ T5469] Invalid option length (1048436) for dns_resolver key [ 127.201320][ T5472] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.639049][ T5478] mmap: syz.1.65 (5478) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 129.045598][ T5502] process 'syz.0.74' launched './file0' with NULL argv: empty string added [ 129.806551][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 129.806576][ T30] audit: type=1400 audit(1724287860.036:205): avc: denied { create } for pid=5511 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 129.978241][ T5515] IPVS: Error connecting to the multicast addr [ 130.121278][ T30] audit: type=1400 audit(1724287860.346:206): avc: denied { connect } for pid=5518 comm="syz.0.81" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 130.153937][ T5519] netlink: 72 bytes leftover after parsing attributes in process `syz.4.80'. [ 130.216326][ T5519] Zero length message leads to an empty skb [ 130.950316][ T46] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 131.173998][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 131.194825][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.214399][ T46] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 131.233737][ T46] usb 3-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00 [ 131.243000][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.264578][ T46] usb 3-1: config 0 descriptor?? [ 131.324883][ T5270] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 131.484052][ T5547] syz_tun: entered allmulticast mode [ 131.513353][ T5270] usb 2-1: Using ep0 maxpacket: 8 [ 131.548130][ T5270] usb 2-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice= 0.06 [ 131.567354][ T5546] syz_tun: left allmulticast mode [ 131.570214][ T5270] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 131.602333][ T5270] usb 2-1: SerialNumber: syz [ 131.635429][ T5270] usb 2-1: config 0 descriptor?? [ 131.653403][ T5270] gspca_main: vc032x-2.14.0 probing 046d:0896 [ 131.841723][ T46] a4tech 0003:09DA:022B.0001: item fetching failed at offset 5/7 [ 131.937397][ T46] a4tech 0003:09DA:022B.0001: parse failed [ 132.005661][ T46] a4tech 0003:09DA:022B.0001: probe with driver a4tech failed with error -22 [ 132.054662][ T46] usb 3-1: USB disconnect, device number 4 [ 132.360875][ T30] audit: type=1400 audit(1724287862.586:207): avc: denied { unmount } for pid=5219 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 132.630022][ T5270] gspca_vc032x: reg_w err -71 [ 132.636371][ T30] audit: type=1400 audit(1724287862.846:208): avc: denied { create } for pid=5542 comm="syz.1.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 132.649676][ T5560] netlink: 'syz.0.97': attribute type 4 has an invalid length. [ 132.665210][ T5270] vc032x 2-1:0.0: probe with driver vc032x failed with error -71 [ 132.703523][ T5270] usb 2-1: USB disconnect, device number 2 [ 132.712826][ T30] audit: type=1400 audit(1724287862.906:209): avc: denied { getopt } for pid=5561 comm="syz.3.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 133.178798][ T30] audit: type=1400 audit(1724287863.406:210): avc: denied { ioctl } for pid=5576 comm="syz.2.104" path="socket:[8494]" dev="sockfs" ino=8494 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 133.180605][ T5577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.104'. [ 133.527339][ T5582] mkiss: ax0: crc mode is auto. [ 133.847124][ T30] audit: type=1400 audit(1724287864.076:211): avc: denied { create } for pid=5592 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 133.876804][ T5591] netlink: 52 bytes leftover after parsing attributes in process `syz.1.109'. [ 133.900940][ T5591] unsupported nlmsg_type 40 [ 133.908402][ T30] audit: type=1400 audit(1724287864.076:212): avc: denied { create } for pid=5590 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 133.958400][ T30] audit: type=1400 audit(1724287864.106:213): avc: denied { write } for pid=5590 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 133.999148][ T30] audit: type=1400 audit(1724287864.106:214): avc: denied { nlmsg_write } for pid=5590 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 134.730629][ T5621] syz.3.120 uses obsolete (PF_INET,SOCK_PACKET) [ 134.926140][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 134.926163][ T30] audit: type=1400 audit(1724287865.156:228): avc: denied { sys_module } for pid=5615 comm="syz.3.120" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 135.012533][ T30] audit: type=1400 audit(1724287865.196:229): avc: denied { write } for pid=5622 comm="syz.0.122" name="ptp0" dev="devtmpfs" ino=1075 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 135.192252][ T5628] warning: `syz.1.123' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 135.377457][ T30] audit: type=1400 audit(1724287865.606:230): avc: denied { read write } for pid=5635 comm="syz.4.126" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 135.457157][ T30] audit: type=1400 audit(1724287865.636:231): avc: denied { open } for pid=5635 comm="syz.4.126" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 135.592956][ T30] audit: type=1400 audit(1724287865.816:232): avc: denied { unmount } for pid=5222 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 135.994221][ T5322] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 136.183367][ T5322] usb 2-1: Using ep0 maxpacket: 8 [ 136.257817][ T30] audit: type=1400 audit(1724287866.476:233): avc: denied { map } for pid=5650 comm="syz.0.132" path="/dev/sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 136.294156][ T5322] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 136.309094][ T5322] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 136.348193][ T5322] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 136.373151][ T30] audit: type=1400 audit(1724287866.476:234): avc: denied { execute } for pid=5650 comm="syz.0.132" path="/dev/sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 136.418592][ T5322] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 136.474572][ T5322] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 136.474711][ T5654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.133'. [ 136.513510][ T5322] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.839620][ T5322] usb 2-1: GET_CAPABILITIES returned 0 [ 136.870233][ T5322] usbtmc 2-1:16.0: can't read capabilities [ 137.195393][ T5272] usb 2-1: USB disconnect, device number 3 [ 137.286189][ T5673] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 137.644320][ T5679] Bluetooth: MGMT ver 1.23 [ 137.891943][ T30] audit: type=1400 audit(1724287868.116:235): avc: denied { mount } for pid=5682 comm="syz.2.145" name="/" dev="autofs" ino=7665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 138.049801][ T30] audit: type=1400 audit(1724287868.266:236): avc: denied { name_bind } for pid=5684 comm="syz.1.147" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 138.143686][ T30] audit: type=1400 audit(1724287868.276:237): avc: denied { unmount } for pid=5229 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 138.636138][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.644040][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.133164][ T5322] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 139.140631][ T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 139.343212][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 139.355453][ T5322] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 139.361109][ T46] usb 3-1: config index 0 descriptor too short (expected 5924, got 36) [ 139.390532][ T5322] usb 2-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 139.417458][ T46] usb 3-1: config 250 has an invalid interface number: 228 but max is -1 [ 139.428486][ T46] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 139.442053][ T46] usb 3-1: config 250 has no interface number 0 [ 139.451141][ T46] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 139.481550][ T5322] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.485689][ T46] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 139.542890][ T46] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 12592, setting to 1024 [ 139.546509][ T5322] usb 2-1: config 0 descriptor?? [ 139.589170][ T46] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024 [ 139.601081][ T5322] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 139.626306][ T46] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 139.673706][ T46] usb 3-1: config 250 interface 228 has no altsetting 0 [ 139.691670][ T46] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 139.701286][ T46] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 139.720448][ T46] usb 3-1: Product: syz [ 139.730068][ T46] usb 3-1: SerialNumber: syz [ 139.772937][ T46] hub 3-1:250.228: bad descriptor, ignoring hub [ 139.797212][ T46] hub 3-1:250.228: probe with driver hub failed with error -5 [ 140.059367][ T46] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 140.089472][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 140.089495][ T30] audit: type=1400 audit(1724287870.316:247): avc: denied { read } for pid=5711 comm="syz.1.157" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 140.148349][ T5322] usb 2-1: USB disconnect, device number 4 [ 140.167084][ T30] audit: type=1400 audit(1724287870.336:248): avc: denied { open } for pid=5711 comm="syz.1.157" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 140.405441][ T5270] usb 3-1: USB disconnect, device number 5 [ 140.430078][ T5270] usblp0: removed [ 140.475331][ T46] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 140.513215][ T30] audit: type=1400 audit(1724287870.736:249): avc: denied { read } for pid=5736 comm="syz.3.167" name="usbmon0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 140.588406][ T30] audit: type=1400 audit(1724287870.816:250): avc: denied { ioctl } for pid=5736 comm="syz.3.167" path="/dev/usbmon0" dev="devtmpfs" ino=707 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 140.676639][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 140.689686][ T46] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 140.700054][ T46] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 140.718481][ T46] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 140.731396][ T46] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 140.754999][ T46] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 140.770409][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.062628][ T46] usb 5-1: GET_CAPABILITIES returned 0 [ 141.083199][ T30] audit: type=1400 audit(1724287871.306:251): avc: denied { read } for pid=5743 comm="syz.1.170" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 141.091103][ T46] usbtmc 5-1:16.0: can't read capabilities [ 141.152870][ T30] audit: type=1400 audit(1724287871.306:252): avc: denied { open } for pid=5743 comm="syz.1.170" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 141.534889][ T5322] usb 5-1: USB disconnect, device number 2 [ 142.100983][ T5763] netlink: 1320 bytes leftover after parsing attributes in process `syz.2.177'. [ 142.189349][ T5762] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-61) [ 142.586837][ T30] audit: type=1400 audit(1724287872.816:253): avc: denied { bind } for pid=5768 comm="syz.4.180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 142.622329][ T5769] netlink: 8 bytes leftover after parsing attributes in process `syz.4.180'. [ 142.632088][ T5769] netlink: 16 bytes leftover after parsing attributes in process `syz.4.180'. [ 142.642817][ T30] audit: type=1400 audit(1724287872.816:254): avc: denied { node_bind } for pid=5768 comm="syz.4.180" saddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 143.113214][ T30] audit: type=1400 audit(1724287873.336:255): avc: denied { read } for pid=5778 comm="syz.3.187" laddr=fe80::12 lport=58 faddr=fe80:: scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 143.848690][ T30] audit: type=1400 audit(1724287874.006:256): avc: denied { create } for pid=5792 comm="syz.2.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 144.035241][ T5799] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 145.416978][ T5816] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 145.441559][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 145.441581][ T30] audit: type=1400 audit(1724287875.666:263): avc: denied { ioctl } for pid=5815 comm="syz.3.200" path="socket:[8839]" dev="sockfs" ino=8839 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 145.488111][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.496289][ T5816] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.597582][ T30] audit: type=1400 audit(1724287875.706:264): avc: denied { setopt } for pid=5814 comm="syz.0.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 145.737843][ T30] audit: type=1400 audit(1724287875.716:265): avc: denied { bind } for pid=5814 comm="syz.0.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 145.827120][ T30] audit: type=1400 audit(1724287875.716:266): avc: denied { name_bind } for pid=5814 comm="syz.0.199" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 145.943204][ T30] audit: type=1400 audit(1724287875.716:267): avc: denied { node_bind } for pid=5814 comm="syz.0.199" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 146.012441][ T30] audit: type=1326 audit(1724287875.796:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.2.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4c4a370e27 code=0x7fc00000 [ 146.086954][ T30] audit: type=1400 audit(1724287875.806:269): avc: denied { write } for pid=5814 comm="syz.0.199" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.150264][ T30] audit: type=1400 audit(1724287875.806:270): avc: denied { connect } for pid=5814 comm="syz.0.199" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.203217][ T30] audit: type=1400 audit(1724287875.806:271): avc: denied { name_connect } for pid=5814 comm="syz.0.199" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 146.264158][ T30] audit: type=1400 audit(1724287876.486:272): avc: denied { ioctl } for pid=5826 comm="syz.2.204" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 146.687929][ T5838] input: syz0 as /devices/virtual/input/input5 [ 147.043645][ T46] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 147.244180][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 147.269192][ T46] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 147.298081][ T46] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 147.337618][ T46] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 147.385456][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 147.385503][ T46] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 147.385546][ T46] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 147.385620][ T46] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 147.385661][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.394872][ T46] usb 3-1: config 0 descriptor?? [ 147.529131][ T5864] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 147.720253][ T46] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 148.099557][ T5270] usb 3-1: USB disconnect, device number 6 [ 148.105626][ T46] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 148.127148][ T5270] usblp0: removed [ 148.317428][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.356775][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 148.381508][ T46] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 148.421981][ T46] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 148.452094][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.496774][ T46] usb 1-1: config 0 descriptor?? [ 148.980222][ T46] logitech 0003:046D:C293.0002: item fetching failed at offset 5/7 [ 149.010681][ T46] logitech 0003:046D:C293.0002: parse failed [ 149.033412][ T46] logitech 0003:046D:C293.0002: probe with driver logitech failed with error -22 [ 149.475157][ T46] usb 1-1: USB disconnect, device number 2 [ 150.510479][ T5918] netlink: 'syz.3.236': attribute type 21 has an invalid length. [ 150.587801][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 150.587824][ T30] audit: type=1326 audit(1724287880.816:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.237" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5c7579e79 code=0x0 [ 151.604875][ T30] audit: type=1400 audit(1724287881.826:299): avc: denied { getopt } for pid=5926 comm="syz.4.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 151.887630][ T5933] netlink: 24 bytes leftover after parsing attributes in process `syz.2.241'. [ 152.414718][ T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 152.609761][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.638233][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.657188][ T8] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 152.670575][ T8] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 152.678878][ T8] usb 4-1: Product: syz [ 152.699886][ T8] usb 4-1: config 0 descriptor?? [ 152.984434][ T30] audit: type=1400 audit(1724287883.206:300): avc: denied { unmount } for pid=5222 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 153.264116][ T8] konepure 0003:1E7D:2DB4.0003: item fetching failed at offset 10/11 [ 153.281511][ T8] konepure 0003:1E7D:2DB4.0003: parse failed [ 153.287888][ T8] konepure 0003:1E7D:2DB4.0003: probe with driver konepure failed with error -22 [ 153.343492][ T5272] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 153.535008][ T5270] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 153.575143][ T5272] usb 2-1: Using ep0 maxpacket: 32 [ 153.592752][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.619067][ T5272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.631871][ T8] usb 4-1: USB disconnect, device number 3 [ 153.643390][ T5272] usb 2-1: New USB device found, idVendor=046d, idProduct=011c, bcdDevice= 0.40 [ 153.678398][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.703687][ T5272] usb 2-1: config 0 descriptor?? [ 153.718451][ T5272] hub 2-1:0.0: USB hub found [ 153.763434][ T5270] usb 1-1: Using ep0 maxpacket: 32 [ 153.788023][ T5270] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 153.802393][ T5270] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 153.816645][ T5270] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 153.829698][ T5270] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 153.844854][ T5270] usb 1-1: config 0 interface 0 has no altsetting 0 [ 153.861409][ T5270] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 153.871598][ T5270] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 153.881158][ T5270] usb 1-1: Product: syz [ 153.886106][ T5270] usb 1-1: Manufacturer: syz [ 153.890911][ T5270] usb 1-1: SerialNumber: syz [ 153.901232][ T5270] usb 1-1: config 0 descriptor?? [ 153.917858][ T5270] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 153.941373][ T5270] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 153.982422][ T5272] hub 2-1:0.0: 1 port detected [ 154.488313][ T5961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 154.544107][ T5961] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 154.598234][ T30] audit: type=1400 audit(1724287884.826:301): avc: denied { ioctl } for pid=5970 comm="syz.3.256" path="socket:[8169]" dev="sockfs" ino=8169 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 154.761483][ T30] audit: type=1400 audit(1724287884.986:302): avc: denied { read } for pid=5972 comm="syz.2.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 154.943574][ T5272] hub 2-1:0.0: activate --> -90 [ 155.340328][ T5272] hub 2-1:0.0: hub_ext_port_status failed (err = -71) [ 155.343901][ T940] usb 2-1: USB disconnect, device number 5 [ 155.356722][ T5272] usb 2-1-port1: connect-debounce failed [ 155.582840][ T30] audit: type=1400 audit(1724287885.806:303): avc: denied { create } for pid=5982 comm="syz.4.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 156.262503][ T940] usb 1-1: USB disconnect, device number 3 [ 156.291006][ T940] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 158.375248][ T5270] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 158.598528][ T5270] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.613595][ T5270] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.634158][ T5270] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.643953][ T5270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.657742][ T5270] usb 4-1: config 0 descriptor?? [ 158.870435][ T5999] bond_slave_0: entered promiscuous mode [ 158.882556][ T6001] bond_slave_0: left promiscuous mode [ 159.133979][ T5270] plantronics 0003:047F:FFFF.0004: ignoring exceeding usage max [ 159.173397][ T5270] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 159.197339][ T6022] netlink: 'syz.4.273': attribute type 4 has an invalid length. [ 159.217084][ T6022] netlink: 126052 bytes leftover after parsing attributes in process `syz.4.273'. [ 159.240061][ T5270] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 159.343677][ T6025] fuse: root generation should be zero [ 159.356755][ T5272] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 159.573436][ T5272] usb 2-1: Using ep0 maxpacket: 8 [ 159.593803][ T5272] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 159.612074][ T5272] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 159.625831][ T5272] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 159.636666][ T5272] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 159.653722][ T5272] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 159.662970][ T5272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.813035][ C0] hrtimer: interrupt took 47675 ns [ 159.926507][ T5270] usb 4-1: USB disconnect, device number 4 [ 159.931766][ T5272] usb 2-1: GET_CAPABILITIES returned 0 [ 159.938538][ T5272] usbtmc 2-1:16.0: can't read capabilities [ 160.233486][ T5272] usb 2-1: USB disconnect, device number 6 [ 160.831461][ T30] audit: type=1400 audit(1724287891.056:304): avc: denied { create } for pid=6047 comm="syz.3.285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 160.903456][ T30] audit: type=1400 audit(1724287891.066:305): avc: denied { getopt } for pid=6047 comm="syz.3.285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 161.181478][ T6058] capability: warning: `syz.1.288' uses 32-bit capabilities (legacy support in use) [ 161.445429][ T6050] ptrace attach of "./syz-executor exec"[6053] was attempted by ""[6050] [ 162.100531][ T30] audit: type=1400 audit(1724287892.326:306): avc: denied { create } for pid=6071 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 162.171348][ T30] audit: type=1400 audit(1724287892.356:307): avc: denied { create } for pid=6071 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 162.232862][ T30] audit: type=1400 audit(1724287892.376:308): avc: denied { connect } for pid=6071 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 162.270308][ T30] audit: type=1400 audit(1724287892.426:309): avc: denied { mount } for pid=6075 comm="syz.0.295" name="/" dev="ramfs" ino=9216 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 162.306234][ T30] audit: type=1400 audit(1724287892.456:310): avc: denied { write } for pid=6071 comm="syz.2.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 163.624447][ T30] audit: type=1400 audit(1724287893.846:311): avc: denied { shutdown } for pid=6100 comm="syz.2.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 163.951169][ T30] audit: type=1400 audit(1724287894.176:312): avc: denied { write } for pid=6107 comm="syz.1.308" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 164.315637][ T30] audit: type=1326 audit(1724287894.546:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6117 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc323179e79 code=0x7ffc0000 [ 165.766677][ T6156] netlink: 'syz.3.329': attribute type 3 has an invalid length. [ 165.795099][ T6156] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.329'. [ 165.968174][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 165.968196][ T30] audit: type=1400 audit(1724287896.196:341): avc: denied { create } for pid=6159 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 166.069533][ T30] audit: type=1400 audit(1724287896.276:342): avc: denied { name_bind } for pid=6160 comm="syz.4.332" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 166.241367][ T30] audit: type=1400 audit(1724287896.296:343): avc: denied { bind } for pid=6159 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 166.304345][ T30] audit: type=1400 audit(1724287896.356:344): avc: denied { write } for pid=6159 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 166.617648][ T30] audit: type=1400 audit(1724287896.846:345): avc: denied { read write } for pid=6172 comm="syz.2.336" name="raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 166.641042][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.733171][ T30] audit: type=1400 audit(1724287896.846:346): avc: denied { open } for pid=6172 comm="syz.2.336" path="/dev/raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 166.804277][ T30] audit: type=1400 audit(1724287896.846:347): avc: denied { ioctl } for pid=6172 comm="syz.2.336" path="/dev/raw-gadget" dev="devtmpfs" ino=734 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 166.829037][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.876631][ T30] audit: type=1400 audit(1724287896.956:348): avc: denied { getopt } for pid=6175 comm="syz.0.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 166.896018][ T25] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 167.093194][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 167.114082][ T25] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 167.136306][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.161416][ T25] usb 3-1: Product: syz [ 167.173194][ T25] usb 3-1: Manufacturer: syz [ 167.183757][ T25] usb 3-1: SerialNumber: syz [ 167.207089][ T25] usb 3-1: config 0 descriptor?? [ 167.496226][ T25] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 168.520483][ T25] gspca_sunplus: reg_w_riv err -71 [ 168.535413][ T54] Bluetooth: Wrong link type (-71) [ 168.543930][ T54] Bluetooth: hci0: link tx timeout [ 168.549795][ T54] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 168.570571][ T25] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 168.583689][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 168.585966][ T25] usb 3-1: USB disconnect, device number 7 [ 168.826781][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 168.848855][ T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.875972][ T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.905947][ T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 168.925026][ T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 168.941632][ T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 168.953495][ T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 168.987702][ T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 169.008851][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.017990][ T8] usb 2-1: Product: syz [ 169.022310][ T8] usb 2-1: Manufacturer: syz [ 169.027817][ T8] usb 2-1: SerialNumber: syz [ 169.365863][ T8] cdc_ncm 2-1:1.0: bind() failure [ 169.392087][ T8] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 169.427854][ T8] cdc_ncm 2-1:1.1: bind() failure [ 169.447255][ T8] usb 2-1: USB disconnect, device number 7 [ 170.359081][ T30] audit: type=1400 audit(1724287900.586:349): avc: denied { setopt } for pid=6208 comm="syz.1.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 170.625447][ T5227] Bluetooth: hci0: command 0x0406 tx timeout [ 170.799101][ T6193] netlink: 'syz.4.342': attribute type 11 has an invalid length. [ 171.185729][ T6221] syzkaller0: entered promiscuous mode [ 171.191292][ T6221] syzkaller0: entered allmulticast mode [ 171.382056][ T6230] syz.4.356: attempt to access beyond end of device [ 171.382056][ T6230] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 171.440358][ T6230] exFAT-fs (nbd4): unable to read boot sector [ 171.451868][ T6230] exFAT-fs (nbd4): failed to read boot sector [ 171.468508][ T6230] exFAT-fs (nbd4): failed to recognize exfat type [ 171.802840][ T30] audit: type=1400 audit(1724287902.026:350): avc: denied { ioctl } for pid=6238 comm="syz.3.361" path="socket:[9591]" dev="sockfs" ino=9591 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 171.882130][ T6236] syzkaller0: entered promiscuous mode [ 171.901416][ T6236] syzkaller0: entered allmulticast mode [ 171.970750][ T6239] bond0: entered promiscuous mode [ 171.993199][ T6239] bond_slave_0: entered promiscuous mode [ 172.036398][ T6239] bond_slave_1: entered promiscuous mode [ 172.080084][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.362'. [ 172.122236][ T6246] gtp0: entered promiscuous mode [ 172.141233][ T6246] gtp0: entered allmulticast mode [ 174.392771][ T30] audit: type=1400 audit(1724287904.626:351): avc: denied { read } for pid=6279 comm="syz.0.375" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 174.461323][ T30] audit: type=1400 audit(1724287904.626:352): avc: denied { open } for pid=6279 comm="syz.0.375" path="/82/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 174.684772][ T6287] evm: overlay not supported [ 174.805841][ T30] audit: type=1400 audit(1724287905.036:353): avc: denied { create } for pid=6290 comm="syz.2.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 174.889796][ T30] audit: type=1400 audit(1724287905.046:354): avc: denied { write } for pid=6290 comm="syz.2.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 174.958971][ T30] audit: type=1400 audit(1724287905.116:355): avc: denied { search } for pid=4652 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 175.202342][ T30] audit: type=1400 audit(1724288161.424:356): avc: denied { setopt } for pid=6295 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 175.222465][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.599612][ T30] audit: type=1326 audit(1724288161.824:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6310 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc323179e79 code=0x7ffc0000 [ 175.631032][ T30] audit: type=1326 audit(1724288161.824:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6310 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc323179e79 code=0x7ffc0000 [ 175.702435][ T30] audit: type=1326 audit(1724288161.824:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6310 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fc323179e79 code=0x7ffc0000 [ 177.960540][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807bc51400: rx timeout, send abort [ 177.971369][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807bc51400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 179.267486][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 180.028117][ C1] vcan0: j1939_tp_rxtimer: 0xffff888062f99000: rx timeout, send abort [ 180.536488][ C1] vcan0: j1939_tp_rxtimer: 0xffff888062f99000: abort rx timeout. Force session deactivation [ 180.693188][ T940] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 180.757951][ T942] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 180.808047][ T6370] netem: change failed [ 180.840301][ T6372] input: syz0 as /devices/virtual/input/input6 [ 180.883161][ T940] usb 1-1: Using ep0 maxpacket: 8 [ 180.908577][ T940] usb 1-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=94.07 [ 180.924990][ T940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.938225][ T940] usb 1-1: Product: syz [ 180.942606][ T940] usb 1-1: Manufacturer: syz [ 180.943346][ T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 180.948311][ T940] usb 1-1: SerialNumber: syz [ 180.981137][ T940] usb 1-1: config 0 descriptor?? [ 180.993165][ T942] usb 5-1: Using ep0 maxpacket: 32 [ 181.001777][ T942] usb 5-1: config 0 has an invalid interface number: 9 but max is 0 [ 181.021261][ T940] comedi comedi0: Wrong number of endpoints [ 181.027659][ T940] dt9812 1-1:0.0: driver 'dt9812' failed to auto-configure device. [ 181.031974][ T942] usb 5-1: config 0 has no interface number 0 [ 181.065028][ T942] usb 5-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 181.093098][ T942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.108403][ T942] usb 5-1: Product: syz [ 181.123119][ T942] usb 5-1: Manufacturer: syz [ 181.128008][ T942] usb 5-1: SerialNumber: syz [ 181.146829][ T942] usb 5-1: config 0 descriptor?? [ 181.177999][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.200175][ T942] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 181.228122][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 181.244872][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.273106][ T8] usb 3-1: Product: syz [ 181.277578][ T8] usb 3-1: Manufacturer: syz [ 181.282506][ T8] usb 3-1: SerialNumber: syz [ 181.325800][ T6378] misc userio: Begin command sent, but we're already running [ 181.393373][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 181.393396][ T30] audit: type=1804 audit(1724288167.614:368): pid=6380 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.414" name="/newroot/82/file0/bus" dev="ramfs" ino=10643 res=1 errno=0 [ 181.484492][ T30] audit: type=1800 audit(1724288167.704:369): pid=6380 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.414" name="bus" dev="ramfs" ino=10643 res=0 errno=0 [ 181.521480][ T5272] usb 1-1: USB disconnect, device number 4 [ 181.636381][ T30] audit: type=1400 audit(1724288167.864:370): avc: denied { unmount } for pid=5223 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 181.865630][ T6385] netlink: 'syz.1.416': attribute type 4 has an invalid length. [ 181.998053][ T6385] netlink: 'syz.1.416': attribute type 4 has an invalid length. [ 182.257740][ T30] audit: type=1400 audit(1724288168.484:371): avc: denied { mounton } for pid=6391 comm="syz.1.419" path="/76/file0" dev="tmpfs" ino=423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 182.403637][ T8] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 182.410194][ T8] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 182.440302][ T8] cdc_ncm 3-1:1.0: setting rx_max = 2048 [ 182.700240][ T942] gspca_topro: reg_r err -71 [ 182.857585][ T942] gspca_topro: Sensor soi763a [ 182.955180][ T8] cdc_ncm 3-1:1.0: setting tx_max = 88 [ 183.354233][ T942] usb 5-1: USB disconnect, device number 3 [ 183.396974][ T8] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 183.498907][ T8] usb 3-1: USB disconnect, device number 8 [ 183.542128][ T8] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP) [ 184.109563][ T6420] netlink: 'syz.1.430': attribute type 4 has an invalid length. [ 184.363139][ T30] audit: type=1400 audit(1724288170.584:372): avc: denied { map } for pid=6425 comm="syz.0.435" path="socket:[9961]" dev="sockfs" ino=9961 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 184.535433][ T30] audit: type=1400 audit(1724288170.754:373): avc: denied { read write } for pid=6431 comm="syz.3.436" name="uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 184.611455][ T5273] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 184.625742][ T8] usb 2-1: new low-speed USB device number 8 using dummy_hcd [ 184.633519][ T30] audit: type=1400 audit(1724288170.754:374): avc: denied { open } for pid=6431 comm="syz.3.436" path="/dev/uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 184.672436][ T5273] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 184.696818][ T5273] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 184.733162][ T5273] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 184.791658][ T5273] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 184.849370][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 184.881548][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.888774][ T30] audit: type=1400 audit(1724288171.104:375): avc: denied { ioctl } for pid=6438 comm="syz.4.439" path="/dev/sg0" dev="devtmpfs" ino=696 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 184.914079][ T942] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 184.933100][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 184.971844][ T8] usb 2-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00 [ 184.992507][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.028748][ T8] usb 2-1: config 0 descriptor?? [ 185.124333][ T30] audit: type=1326 audit(1724288171.354:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6442 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c7579e79 code=0x7ffc0000 [ 185.136462][ T5273] kernel write not supported for file /snd/seq (pid: 5273 comm: kworker/0:5) [ 185.190347][ T942] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 185.211478][ T942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.239397][ T942] usb 4-1: Product: syz [ 185.263402][ T942] usb 4-1: Manufacturer: syz [ 185.269111][ T30] audit: type=1326 audit(1724288171.354:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6442 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5c7579e79 code=0x7ffc0000 [ 185.317452][ T942] usb 4-1: SerialNumber: syz [ 185.358091][ T942] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 185.556945][ T8] a4tech 0003:09DA:022B.0006: item fetching failed at offset 5/7 [ 185.626234][ T8] a4tech 0003:09DA:022B.0006: parse failed [ 185.641700][ T5322] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 185.663444][ T8] a4tech 0003:09DA:022B.0006: probe with driver a4tech failed with error -22 [ 185.913850][ T940] usb 2-1: USB disconnect, device number 8 [ 186.569204][ T6458] syz.2.448: attempt to access beyond end of device [ 186.569204][ T6458] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 186.621919][ T6458] exFAT-fs (nbd2): unable to read boot sector [ 186.642142][ T6458] exFAT-fs (nbd2): failed to read boot sector [ 186.679707][ T6458] exFAT-fs (nbd2): failed to recognize exfat type [ 186.760240][ T6461] netlink: 52 bytes leftover after parsing attributes in process `syz.0.446'. [ 193.098116][ T5322] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 193.436550][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 197.585081][ T5227] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 197.588696][ T5227] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 197.591326][ T5227] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 197.594947][ T5227] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 197.600058][ T5227] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 197.600694][ T5227] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 197.629372][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 197.629394][ T30] audit: type=1400 audit(1724288183.854:387): avc: denied { mounton } for pid=6508 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 198.404988][ T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 198.413507][ T54] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 198.428864][ T54] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 198.431047][ T54] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 198.432292][ T54] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 198.432938][ T54] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 199.141592][ T5227] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 199.145968][ T5227] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 199.147233][ T5227] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 199.148978][ T5227] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 199.150861][ T5227] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 199.151464][ T5227] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 199.688288][ T5227] Bluetooth: hci6: command tx timeout [ 200.473423][ T5227] Bluetooth: hci7: command tx timeout [ 201.195671][ T5227] Bluetooth: hci8: command tx timeout [ 214.893170][ T54] Bluetooth: hci7: command tx timeout [ 214.898940][ T54] Bluetooth: hci8: command tx timeout [ 214.909415][ T5227] Bluetooth: hci6: command tx timeout [ 214.919674][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 214.928927][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 216.963171][ T4608] Bluetooth: hci6: command tx timeout [ 216.968674][ T4608] Bluetooth: hci8: command tx timeout [ 216.977614][ T4608] Bluetooth: hci7: command tx timeout [ 217.283336][ T5227] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 217.294721][ T5227] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 217.303862][ T5227] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 217.316094][ T5227] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 217.328022][ T5227] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 217.342299][ T5227] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 217.404872][ T5227] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 217.417547][ T5227] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 217.426711][ T5227] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 217.442097][ T5227] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 217.450568][ T5227] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 217.460092][ T5227] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 219.034146][ T5227] Bluetooth: hci7: command tx timeout [ 219.039633][ T5227] Bluetooth: hci8: command tx timeout [ 219.045325][ T4608] Bluetooth: hci6: command tx timeout [ 219.438541][ T5227] Bluetooth: hci5: command tx timeout [ 219.514016][ T5227] Bluetooth: hci9: command tx timeout [ 221.513488][ T5227] Bluetooth: hci5: command tx timeout [ 221.593647][ T5227] Bluetooth: hci9: command tx timeout [ 223.683209][ T54] Bluetooth: hci9: command tx timeout [ 223.691311][ T5227] Bluetooth: hci5: command tx timeout [ 225.754129][ T5233] Bluetooth: hci9: command tx timeout [ 225.759666][ T5227] Bluetooth: hci5: command tx timeout [ 227.762692][ T5227] Bluetooth: hci1: command 0x0406 tx timeout [ 227.768927][ T5226] Bluetooth: hci3: command 0x0406 tx timeout [ 228.321762][ T5226] Bluetooth: hci0: command 0x0406 tx timeout [ 228.328149][ T5227] Bluetooth: hci4: command 0x0406 tx timeout [ 238.522328][ T6519] chnl_net:caif_netlink_parms(): no params data found [ 238.542718][ T6513] chnl_net:caif_netlink_parms(): no params data found [ 258.333461][ T5226] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 258.354877][ T5226] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 258.371318][ T5226] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 258.385216][ T5226] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 258.396337][ T5226] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 258.404805][ T5226] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 259.874526][ T5231] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 259.889094][ T5231] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 259.899227][ T5231] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 259.908773][ T5231] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 259.921975][ T5231] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 259.933855][ T5231] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 260.164201][ T5221] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 260.175987][ T5221] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 260.185158][ T5221] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 260.208233][ T5221] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 260.219220][ T5221] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 260.227995][ T5221] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 264.997094][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.003790][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.173324][ T6510] chnl_net:caif_netlink_parms(): no params data found [ 270.918030][ T5221] Bluetooth: hci11: command tx timeout [ 271.994788][ T5221] Bluetooth: hci10: command tx timeout [ 272.001378][ T5221] Bluetooth: hci2: command tx timeout [ 272.955833][ T5221] Bluetooth: hci11: command tx timeout [ 274.068329][ T5221] Bluetooth: hci2: command tx timeout [ 274.073849][ T5225] Bluetooth: hci10: command tx timeout [ 275.033236][ T5221] Bluetooth: hci11: command tx timeout [ 276.162662][ T5221] Bluetooth: hci2: command tx timeout [ 276.168346][ T5225] Bluetooth: hci10: command tx timeout [ 277.113354][ T5225] Bluetooth: hci11: command tx timeout [ 277.428969][ T5226] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 277.441288][ T5226] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 277.450869][ T5226] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 277.462149][ T5226] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 277.470981][ T5226] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 277.482509][ T5226] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 277.526958][ T5225] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 277.537304][ T5225] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 277.555441][ T5225] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 277.566373][ T5225] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 277.574765][ T5225] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 277.582450][ T5225] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 278.233515][ T5225] Bluetooth: hci10: command tx timeout [ 278.239109][ T5225] Bluetooth: hci2: command tx timeout [ 279.593341][ T5225] Bluetooth: hci0: command tx timeout [ 279.673934][ T5225] Bluetooth: hci1: command tx timeout [ 281.674232][ T5225] Bluetooth: hci0: command tx timeout [ 281.753831][ T5225] Bluetooth: hci1: command tx timeout [ 283.753736][ T5225] Bluetooth: hci0: command tx timeout [ 283.833918][ T5225] Bluetooth: hci1: command tx timeout [ 285.839382][ T5225] Bluetooth: hci0: command tx timeout [ 285.913726][ T5225] Bluetooth: hci1: command tx timeout [ 318.662918][ T5221] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 318.684303][ T5221] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 318.692907][ T5221] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 318.712604][ T5221] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 318.722355][ T5221] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 318.730759][ T5221] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 320.335561][ T5225] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 320.349086][ T5225] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 320.371359][ T5225] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 320.380653][ T5225] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 320.390071][ T5225] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 320.400253][ T5225] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 320.494611][ T5221] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 320.505551][ T5221] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 320.517708][ T5221] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 320.527697][ T5221] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 320.544027][ T5221] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 320.554075][ T5221] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 320.793295][ T5225] Bluetooth: hci3: command tx timeout [ 322.480352][ T5225] Bluetooth: hci6: command tx timeout [ 322.645605][ T5225] Bluetooth: hci7: command tx timeout [ 322.877110][ T5225] Bluetooth: hci3: command tx timeout [ 324.543554][ T5225] Bluetooth: hci6: command tx timeout [ 324.713504][ T5225] Bluetooth: hci7: command tx timeout [ 324.955282][ T5225] Bluetooth: hci3: command tx timeout [ 326.633332][ T5225] Bluetooth: hci6: command tx timeout [ 326.812015][ T5225] Bluetooth: hci7: command tx timeout [ 327.033106][ T5225] Bluetooth: hci3: command tx timeout [ 328.595956][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 328.602370][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.713640][ T5225] Bluetooth: hci6: command tx timeout [ 328.873307][ T5225] Bluetooth: hci7: command tx timeout [ 337.204701][ T5221] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 337.215127][ T5221] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 337.223661][ T5221] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 337.233501][ T5221] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 337.243521][ T5221] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 337.251488][ T5221] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 337.586090][ T5225] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 337.602674][ T5225] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 337.635967][ T5225] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 337.645263][ T5225] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 337.656704][ T5225] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 337.666078][ T5225] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 339.353731][ T5231] Bluetooth: hci8: command tx timeout [ 339.753439][ T5231] Bluetooth: hci12: command tx timeout [ 340.406308][ T5225] Bluetooth: hci9: command 0x0406 tx timeout [ 340.412452][ T5231] Bluetooth: hci5: command 0x0406 tx timeout [ 341.433495][ T5231] Bluetooth: hci8: command tx timeout [ 341.833248][ T5231] Bluetooth: hci12: command tx timeout [ 343.513258][ T5231] Bluetooth: hci8: command tx timeout [ 343.913149][ T5231] Bluetooth: hci12: command tx timeout [ 344.721511][ T31] INFO: task syz.2.448:6460 blocked for more than 143 seconds. [ 344.737769][ T31] Not tainted 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 344.763217][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 344.771963][ T31] task:syz.2.448 state:D stack:29200 pid:6460 tgid:6457 ppid:5229 flags:0x00004004 [ 344.792564][ T31] Call Trace: [ 344.804978][ T31] [ 344.808083][ T31] __schedule+0xe37/0x5490 [ 344.812579][ T31] ? __pfx___lock_acquire+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 344.847742][ T31] ? hlock_class+0x4e/0x130 [ 344.852361][ T31] ? mark_lock+0xb5/0xc60 [ 344.889753][ T31] ? __pfx___schedule+0x10/0x10 [ 344.902092][ T31] ? schedule+0x298/0x350 [ 344.922733][ T31] ? __pfx_lock_release+0x10/0x10 [ 344.933454][ T31] ? __pfx_mark_lock+0x10/0x10 [ 344.938311][ T31] ? mark_lock+0xb5/0xc60 [ 344.942701][ T31] schedule+0xe7/0x350 [ 345.063380][ T31] schedule_timeout+0x258/0x2a0 [ 345.068342][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 345.144875][ T31] ? mark_held_locks+0x9f/0xe0 [ 345.149796][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 345.185442][ T31] __wait_for_common+0x3de/0x5f0 [ 345.190515][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 345.206860][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 345.212430][ T31] ? rcu_is_watching+0x12/0xc0 [ 345.224633][ T31] __flush_work+0x5bd/0xc60 [ 345.230338][ T31] ? __pfx___flush_work+0x10/0x10 [ 345.242999][ T31] ? __pfx_lock_release+0x10/0x10 [ 345.248122][ T31] ? __pfx_wq_barrier_func+0x10/0x10 [ 345.258883][ T31] ? mark_held_locks+0x9f/0xe0 [ 345.279779][ T31] ? __pfx___might_resched+0x10/0x10 [ 345.285714][ T31] ? queue_work_on+0xc6/0x140 [ 345.290476][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 345.314608][ T31] __lru_add_drain_all+0x52c/0x740 [ 345.319827][ T31] invalidate_bdev+0x77/0xa0 [ 345.339745][ T31] blkdev_common_ioctl+0x1ba3/0x2100 [ 345.347091][ T31] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 345.361476][ T31] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 345.372400][ T31] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470 [ 345.379986][ T31] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470 [ 345.392325][ T31] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 345.403208][ T31] ? find_held_lock+0x2d/0x110 [ 345.408078][ T31] blkdev_ioctl+0x1d3/0x6e0 [ 345.412659][ T31] ? __pfx_blkdev_ioctl+0x10/0x10 [ 345.427243][ T31] ? selinux_file_ioctl+0xb4/0x270 [ 345.432435][ T31] ? __pfx_blkdev_ioctl+0x10/0x10 [ 345.452368][ T30] audit: type=1400 audit(1724288331.684:388): avc: denied { write } for pid=4652 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 345.487384][ T31] __x64_sys_ioctl+0x193/0x220 [ 345.492248][ T31] do_syscall_64+0xcd/0x250 [ 345.511624][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.524160][ T31] RIP: 0033:0x7f4c4a379e79 [ 345.528668][ T31] RSP: 002b:00007f4c4b126038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.553099][ T30] audit: type=1400 audit(1724288331.684:389): avc: denied { remove_name } for pid=4652 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 345.583157][ T31] RAX: ffffffffffffffda RBX: 00007f4c4a516058 RCX: 00007f4c4a379e79 [ 345.596591][ T5231] Bluetooth: hci8: command tx timeout [ 345.602091][ T31] RDX: 0000000000000003 RSI: 0000000000001261 RDI: 0000000000000004 [ 345.612981][ T30] audit: type=1400 audit(1724288331.684:390): avc: denied { rename } for pid=4652 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 345.643009][ T31] RBP: 00007f4c4a3e7916 R08: 0000000000000000 R09: 0000000000000000 [ 345.651063][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.668914][ T31] R13: 0000000000000001 R14: 00007f4c4a516058 R15: 00007ffc3b461b48 [ 345.703141][ T30] audit: type=1400 audit(1724288331.684:391): avc: denied { add_name } for pid=4652 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 345.741591][ T31] [ 345.761934][ T31] [ 345.761934][ T31] Showing all locks held in the system: [ 345.773757][ T31] 6 locks held by kworker/0:0/8: [ 345.778857][ T31] 4 locks held by kworker/u8:2/29: [ 345.793599][ T30] audit: type=1400 audit(1724288331.684:392): avc: denied { unlink } for pid=4652 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 345.816428][ T31] #0: ffff8880166e3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 345.835755][ T31] #1: ffffc90000a57d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 345.859384][ T30] audit: type=1400 audit(1724288331.684:393): avc: denied { create } for pid=4652 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 345.887944][ T31] #2: ffffffff8fa0db50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbb0 [ 345.913590][ T31] #3: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1b/0x230 [ 345.940127][ T31] 1 lock held by khungtaskd/31: [ 345.951155][ T31] #0: ffffffff8ddb5be0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 345.972687][ T31] 6 locks held by kworker/0:2/942: [ 345.979760][ T31] 3 locks held by kworker/u8:9/2577: [ 345.985540][ T31] #0: ffff888015889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 345.997611][ T5231] Bluetooth: hci12: command tx timeout [ 346.013482][ T31] #1: ffffc90009227d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 346.027118][ T31] #2: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 [ 346.065913][ T31] 2 locks held by getty/4972: [ 346.083046][ T31] #0: ffff88802bf130a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 346.102557][ T31] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 346.117310][ T31] 5 locks held by kworker/u9:2/5221: [ 346.122663][ T31] #0: ffff88805d612948 ((wq_completion)hci9){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 346.148158][ T31] #1: ffffc900031dfd80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 346.170509][ T31] #2: ffff888024608d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x170/0x410 [ 346.185687][ T31] #3: ffff888024608078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x150/0xb50 [ 346.202780][ T31] #4: ffffffff8ddc1378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 346.243866][ T31] 5 locks held by kworker/u9:4/5226: [ 346.249237][ T31] #0: ffff88802508a948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 346.274823][ T31] #1: ffffc90003277d80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 346.298517][ T31] #2: ffff88802460cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x170/0x410 [ 346.319098][ T31] #3: ffff88802460c078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x150/0xb50 [ 346.329909][ T31] #4: ffffffff8ddc1378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 [ 346.349523][ T31] 2 locks held by kworker/0:6/5322: [ 346.377089][ T31] 1 lock held by syz.2.448/6460: [ 346.382112][ T31] #0: ffffffff8ded4bc8 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x69/0x740 [ 346.411655][ T31] 2 locks held by syz.4.452/6471: [ 346.422495][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.436117][ T31] #1: ffffffff8dc59990 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x53b/0x1e40 [ 346.462287][ T31] 1 lock held by syz.0.453/6476: [ 346.478388][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.497595][ T31] 1 lock held by syz.1.458/6491: [ 346.502602][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.514757][ T31] 1 lock held by syz-executor/6508: [ 346.520016][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.571005][ T31] 1 lock held by syz-executor/6510: [ 346.580898][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.596376][ T31] 1 lock held by syz-executor/6513: [ 346.601658][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x230 [ 346.620996][ T31] 1 lock held by syz-executor/6518: [ 346.629265][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.649878][ T31] 1 lock held by syz-executor/6519: [ 346.659605][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.676717][ T31] 2 locks held by syz-executor/6538: [ 346.682073][ T31] #0: ffffffff8fa0db50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2d6/0x700 [ 346.709663][ T31] #1: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x1b/0x70 [ 346.734821][ T31] 1 lock held by syz-executor/6542: [ 346.740099][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.765958][ T31] 1 lock held by syz-executor/6544: [ 346.771240][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.791248][ T31] 1 lock held by syz-executor/6554: [ 346.797461][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.819865][ T31] 1 lock held by syz-executor/6555: [ 346.831030][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.863040][ T31] 1 lock held by syz-executor/6559: [ 346.871786][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.911497][ T31] 1 lock held by syz-executor/6563: [ 346.917516][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.932990][ T31] 1 lock held by syz-executor/6565: [ 346.938250][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.952263][ T31] 1 lock held by syz-executor/6569: [ 346.974038][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 346.990623][ T31] 1 lock held by syz-executor/6571: [ 346.998884][ T31] #0: ffffffff8fa232e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 347.012985][ T31] [ 347.015390][ T31] ============================================= [ 347.015390][ T31] [ 347.030218][ T31] NMI backtrace for cpu 1 [ 347.034592][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 347.045141][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 347.055233][ T31] Call Trace: [ 347.058545][ T31] [ 347.061517][ T31] dump_stack_lvl+0x116/0x1f0 [ 347.066246][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 347.071245][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 347.077308][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 347.083358][ T31] watchdog+0xf0c/0x1240 [ 347.087659][ T31] ? __pfx_watchdog+0x10/0x10 [ 347.092389][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 347.097645][ T31] ? __kthread_parkme+0x148/0x220 [ 347.102734][ T31] ? __pfx_watchdog+0x10/0x10 [ 347.107465][ T31] kthread+0x2c1/0x3a0 [ 347.111577][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 347.116829][ T31] ? __pfx_kthread+0x10/0x10 [ 347.121464][ T31] ret_from_fork+0x45/0x80 [ 347.125946][ T31] ? __pfx_kthread+0x10/0x10 [ 347.130601][ T31] ret_from_fork_asm+0x1a/0x30 [ 347.135434][ T31] [ 347.139667][ T31] Sending NMI from CPU 1 to CPUs 0: [ 347.145458][ C0] NMI backtrace for cpu 0 [ 347.145473][ C0] CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 347.145505][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 347.145522][ C0] Workqueue: events nsim_dev_trap_report_work [ 347.145568][ C0] RIP: 0010:stack_access_ok+0x1e0/0x270 [ 347.145603][ C0] Code: 4d 00 48 39 eb 41 0f 93 c6 e9 30 ff ff ff e8 57 9a 4d 00 4c 8b 3c 24 4c 39 fd 0f 83 d3 fe ff ff e8 45 9a 4d 00 48 8b 44 24 08 <48> 01 e8 49 39 c6 48 89 04 24 0f 83 b9 fe ff ff e8 2b 9a 4d 00 48 [ 347.145627][ C0] RSP: 0018:ffffc900000061e0 EFLAGS: 00000006 [ 347.145646][ C0] RAX: 0000000000000008 RBX: ffffc900000062a8 RCX: ffffffff813cdd16 [ 347.145664][ C0] RDX: ffff8880176fda00 RSI: ffffffff813cde5b RDI: 0000000000000005 [ 347.145681][ C0] RBP: ffffc900000076f8 R08: 0000000000000005 R09: 0000000000000000 [ 347.145697][ C0] R10: 0000000000000002 R11: 0000000000000000 R12: ffffc900000062b0 [ 347.145713][ C0] R13: ffffc900000062b8 R14: ffffc90000000000 R15: ffffc90000008000 [ 347.145731][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 347.145756][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 347.145774][ C0] CR2: 0000001b32204ff8 CR3: 000000000db7c000 CR4: 00000000003506f0 [ 347.145791][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 347.145807][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 347.145823][ C0] Call Trace: [ 347.145831][ C0] [ 347.145839][ C0] ? show_regs+0x8c/0xa0 [ 347.145879][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 347.145916][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 347.145954][ C0] ? nmi_handle+0x1a9/0x5c0 [ 347.145977][ C0] ? stack_access_ok+0x1e0/0x270 [ 347.146002][ C0] ? default_do_nmi+0x6a/0x160 [ 347.146028][ C0] ? exc_nmi+0x170/0x1e0 [ 347.146053][ C0] ? end_repeat_nmi+0xf/0x53 [ 347.146082][ C0] ? stack_access_ok+0x96/0x270 [ 347.146106][ C0] ? stack_access_ok+0x1db/0x270 [ 347.146130][ C0] ? stack_access_ok+0x1e0/0x270 [ 347.146154][ C0] ? stack_access_ok+0x1e0/0x270 [ 347.146179][ C0] ? stack_access_ok+0x1e0/0x270 [ 347.146203][ C0] [ 347.146211][ C0] [ 347.146220][ C0] unwind_next_frame+0xa1a/0x23a0 [ 347.146246][ C0] ? cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 347.146278][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 347.146306][ C0] arch_stack_walk+0x100/0x170 [ 347.146337][ C0] ? cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 347.146369][ C0] stack_trace_save+0x95/0xd0 [ 347.146394][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 347.146420][ C0] ? hlock_class+0x4e/0x130 [ 347.146460][ C0] ? __lock_acquire+0x1620/0x3cb0 [ 347.146491][ C0] kasan_save_stack+0x33/0x60 [ 347.146520][ C0] ? kasan_save_stack+0x33/0x60 [ 347.146548][ C0] ? kasan_save_track+0x14/0x30 [ 347.146581][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 347.146608][ C0] ? dummy_urb_enqueue+0x8d/0x8a0 [ 347.146636][ C0] ? usb_hcd_submit_urb+0x2d1/0x2090 [ 347.146665][ C0] ? usb_submit_urb+0x87c/0x1730 [ 347.146699][ C0] ? ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 347.146737][ C0] ? __usb_hcd_giveback_urb+0x389/0x6e0 [ 347.146765][ C0] ? usb_hcd_giveback_urb+0x396/0x450 [ 347.146792][ C0] ? dummy_timer+0x17c3/0x38d0 [ 347.146818][ C0] ? __hrtimer_run_queues+0x20c/0xcc0 [ 347.146856][ C0] ? hrtimer_interrupt+0x31b/0x800 [ 347.146895][ C0] ? __sysvec_apic_timer_interrupt+0x10f/0x450 [ 347.146921][ C0] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 347.146954][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 347.146981][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 347.147018][ C0] ? unwind_next_frame+0xda7/0x23a0 [ 347.147042][ C0] ? arch_stack_walk+0x100/0x170 [ 347.147069][ C0] ? stack_trace_save+0x95/0xd0 [ 347.147093][ C0] ? kasan_save_stack+0x33/0x60 [ 347.147120][ C0] ? kasan_save_track+0x14/0x30 [ 347.147148][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 347.147175][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 347.147205][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 347.147239][ C0] ? ieee80211_inform_bss+0xfd/0x1100 [ 347.147270][ C0] ? cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 347.147308][ C0] kasan_save_track+0x14/0x30 [ 347.147337][ C0] __kasan_kmalloc+0xaa/0xb0 [ 347.147366][ C0] dummy_urb_enqueue+0x8d/0x8a0 [ 347.147393][ C0] ? usb_hcd_map_urb_for_dma+0x39e/0x1190 [ 347.147425][ C0] usb_hcd_submit_urb+0x2d1/0x2090 [ 347.147457][ C0] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 347.147487][ C0] ? lock_acquire+0x1b1/0x560 [ 347.147518][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 347.147549][ C0] ? find_held_lock+0x2d/0x110 [ 347.147595][ C0] ? ath9k_hif_usb_reg_in_cb+0x487/0x690 [ 347.147633][ C0] usb_submit_urb+0x87c/0x1730 [ 347.147669][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 347.147707][ C0] ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 347.147745][ C0] __usb_hcd_giveback_urb+0x389/0x6e0 [ 347.147776][ C0] usb_hcd_giveback_urb+0x396/0x450 [ 347.147806][ C0] dummy_timer+0x17c3/0x38d0 [ 347.147835][ C0] ? debug_object_deactivate+0x1f0/0x370 [ 347.147872][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 347.147906][ C0] ? __hrtimer_run_queues+0x5a7/0xcc0 [ 347.147944][ C0] ? __pfx_lock_release+0x10/0x10 [ 347.147975][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 347.148002][ C0] ? timerqueue_del+0x83/0x150 [ 347.148036][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 347.148062][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 347.148103][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 347.148141][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 347.148175][ C0] hrtimer_interrupt+0x31b/0x800 [ 347.148223][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 347.148251][ C0] sysvec_apic_timer_interrupt+0x43/0xb0 [ 347.148285][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 347.148313][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x8/0x20 [ 347.148353][ C0] Code: bf 06 00 00 00 e9 b8 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 0c 24 <40> 0f b6 d6 40 0f b6 f7 bf 01 00 00 00 e9 86 fe ff ff 66 0f 1f 44 [ 347.148377][ C0] RSP: 0018:ffffc90000006dd0 EFLAGS: 00000246 [ 347.148396][ C0] RAX: 0000000000000001 RBX: ffffc90000006e58 RCX: ffffffff813ceca7 [ 347.148413][ C0] RDX: ffff8880176fda00 RSI: 0000000000000001 RDI: 0000000000000000 [ 347.148429][ C0] RBP: 0000000000000002 R08: 0000000000000005 R09: 0000000000000000 [ 347.148444][ C0] R10: 0000000000000002 R11: ffff8880b9229418 R12: ffffffff90b00e58 [ 347.148461][ C0] R13: ffffc90000007238 R14: ffffffff90b00e5c R15: 0000000000000001 [ 347.148480][ C0] ? unwind_next_frame+0xda7/0x23a0 [ 347.148508][ C0] unwind_next_frame+0xda7/0x23a0 [ 347.148534][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 347.148564][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 347.148596][ C0] arch_stack_walk+0x100/0x170 [ 347.148625][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 347.148656][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 347.148689][ C0] stack_trace_save+0x95/0xd0 [ 347.148714][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 347.148740][ C0] ? get_stack_info_noinstr+0x18/0x120 [ 347.148768][ C0] ? get_stack_info+0xc1/0x150 [ 347.148804][ C0] kasan_save_stack+0x33/0x60 [ 347.148832][ C0] ? kasan_save_stack+0x33/0x60 [ 347.148860][ C0] ? kasan_save_track+0x14/0x30 [ 347.148887][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 347.148914][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 347.148957][ C0] kasan_save_track+0x14/0x30 [ 347.148985][ C0] __kasan_kmalloc+0xaa/0xb0 [ 347.149014][ C0] __kmalloc_noprof+0x1e8/0x400 [ 347.149046][ C0] ieee802_11_parse_elems_full+0xea/0x1680 [ 347.149080][ C0] ? _raw_spin_unlock+0x3e/0x50 [ 347.149111][ C0] ? nsim_dev_trap_report_work+0x8b0/0xc80 [ 347.149153][ C0] ? process_one_work+0x9c5/0x1b40 [ 347.149187][ C0] ? hlock_class+0x4e/0x130 [ 347.149226][ C0] ? mark_lock+0xb5/0xc60 [ 347.149254][ C0] ? lock_acquire+0x1b1/0x560 [ 347.149286][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 347.149318][ C0] ? __pfx_ieee802_11_parse_elems_full+0x10/0x10 [ 347.149355][ C0] ? cfg80211_update_known_bss+0x39f/0x1150 [ 347.149395][ C0] ? __pfx_lock_release+0x10/0x10 [ 347.149426][ C0] ? mark_held_locks+0x9f/0xe0 [ 347.149458][ C0] ieee80211_inform_bss+0xfd/0x1100 [ 347.149491][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 347.149524][ C0] ? trace_kmalloc+0x2d/0xe0 [ 347.149563][ C0] ? __kmalloc_noprof+0x207/0x400 [ 347.149599][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 347.149630][ C0] cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 347.149663][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 347.149699][ C0] ? hrtimer_start_range_ns+0x4a2/0xe60 [ 347.149740][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 347.149768][ C0] cfg80211_inform_bss_data+0x205/0x39c0 [ 347.149800][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 347.149832][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 347.149861][ C0] ? lock_acquire+0x1b1/0x560 [ 347.149891][ C0] ? find_held_lock+0x2d/0x110 [ 347.149930][ C0] ? hlock_class+0x4e/0x130 [ 347.149969][ C0] ? __lock_acquire+0xbdd/0x3cb0 [ 347.150005][ C0] ? hlock_class+0x4e/0x130 [ 347.150043][ C0] ? mark_lock+0xb5/0xc60 [ 347.150073][ C0] ? lock_acquire+0x1b1/0x560 [ 347.150103][ C0] ? find_held_lock+0x2d/0x110 [ 347.150143][ C0] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 347.150176][ C0] cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 347.150209][ C0] ieee80211_bss_info_update+0x311/0xab0 [ 347.150243][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 347.150278][ C0] ? ieee80211_scan_rx+0x151/0xac0 [ 347.150309][ C0] ? ieee80211_get_channel_khz+0x14d/0x1e0 [ 347.150351][ C0] ieee80211_scan_rx+0x474/0xac0 [ 347.150384][ C0] ieee80211_rx_list+0x1be3/0x2e90 [ 347.150421][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 347.150454][ C0] ? lock_acquire+0x1b1/0x560 [ 347.150489][ C0] ? skb_dequeue+0x126/0x180 [ 347.150526][ C0] ieee80211_rx_napi+0xdd/0x400 [ 347.150560][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 347.150599][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 347.150633][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 347.150668][ C0] ieee80211_handle_queued_frames+0xd5/0x130 [ 347.150699][ C0] tasklet_action_common.constprop.0+0x24c/0x3e0 [ 347.150745][ C0] handle_softirqs+0x216/0x8f0 [ 347.150784][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 347.150824][ C0] irq_exit_rcu+0xbb/0x120 [ 347.150862][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 347.150896][ C0] [ 347.150904][ C0] [ 347.150911][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 347.150940][ C0] RIP: 0010:__schedule+0xe3f/0x5490 [ 347.150973][ C0] Code: fa 48 c1 ea 03 80 3c 02 00 0f 85 ba 3f 00 00 48 8b bd 10 ff ff ff 4d 89 77 10 4c 89 f6 e8 09 2d ee f5 48 89 c7 e8 d1 e7 48 f6 <48> 8b 8d a0 fe ff ff 48 b8 00 00 00 00 00 fc ff df 48 01 c1 48 c7 [ 347.150997][ C0] RSP: 0018:ffffc900000d79e0 EFLAGS: 00000202 [ 347.151015][ C0] RAX: 0000000000070973 RBX: ffff8880176fda00 RCX: 1ffffffff28d1186 [ 347.151032][ C0] RDX: 0000000000000000 RSI: ffffffff8b4cc4c0 RDI: ffffffff8bb09880 [ 347.151049][ C0] RBP: ffffc900000d7b70 R08: 0000000000000001 R09: fffffbfff28c54fe [ 347.151066][ C0] R10: ffffffff9462a7f7 R11: 0000000000000000 R12: ffff8880b923f8c8 [ 347.151083][ C0] R13: 0000000000000000 R14: ffff8880176fda00 R15: ffff8880b923edc0 [ 347.151105][ C0] ? __pfx_mark_lock+0x10/0x10 [ 347.151138][ C0] ? __pfx___schedule+0x10/0x10 [ 347.151171][ C0] ? mark_held_locks+0x9f/0xe0 [ 347.151200][ C0] ? find_held_lock+0x2d/0x110 [ 347.151240][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 347.151267][ C0] preempt_schedule_common+0x44/0xc0 [ 347.151319][ C0] preempt_schedule_thunk+0x1a/0x30 [ 347.151348][ C0] _raw_spin_unlock+0x3e/0x50 [ 347.151380][ C0] nsim_dev_trap_report_work+0x8b0/0xc80 [ 347.151427][ C0] process_one_work+0x9c5/0x1b40 [ 347.151464][ C0] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 347.151506][ C0] ? __pfx_process_one_work+0x10/0x10 [ 347.151543][ C0] ? assign_work+0x1a0/0x250 [ 347.151578][ C0] worker_thread+0x6c8/0xf20 [ 347.151615][ C0] ? __pfx_worker_thread+0x10/0x10 [ 347.151649][ C0] kthread+0x2c1/0x3a0 [ 347.151670][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 347.151702][ C0] ? __pfx_kthread+0x10/0x10 [ 347.151725][ C0] ret_from_fork+0x45/0x80 [ 347.151764][ C0] ? __pfx_kthread+0x10/0x10 [ 347.151786][ C0] ret_from_fork_asm+0x1a/0x30 [ 347.151829][ C0] [ 348.490734][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 348.497656][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 348.508205][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 348.518298][ T31] Call Trace: [ 348.521603][ T31] [ 348.524561][ T31] dump_stack_lvl+0x3d/0x1f0 [ 348.529204][ T31] panic+0x6dc/0x7c0 [ 348.533153][ T31] ? __pfx_panic+0x10/0x10 [ 348.537611][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 348.543031][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 348.549064][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 348.554477][ T31] ? watchdog+0xd76/0x1240 [ 348.558944][ T31] ? watchdog+0xd69/0x1240 [ 348.563415][ T31] watchdog+0xd87/0x1240 [ 348.567711][ T31] ? __pfx_watchdog+0x10/0x10 [ 348.572453][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 348.577707][ T31] ? __kthread_parkme+0x148/0x220 [ 348.582792][ T31] ? __pfx_watchdog+0x10/0x10 [ 348.587526][ T31] kthread+0x2c1/0x3a0 [ 348.591638][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 348.596889][ T31] ? __pfx_kthread+0x10/0x10 [ 348.601519][ T31] ret_from_fork+0x45/0x80 [ 348.606003][ T31] ? __pfx_kthread+0x10/0x10 [ 348.610635][ T31] ret_from_fork_asm+0x1a/0x30 [ 348.615462][ T31] [ 348.621181][ T31] Kernel Offset: disabled [ 348.625556][ T31] Rebooting in 86400 seconds..