last executing test programs: 16.462807572s ago: executing program 1 (id=246): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x80, 0x103ba, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000002000000000000000000818110000", @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'geneve0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@delchain={0x24, 0x11, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r4, {0x10, 0xf}, {0xffff, 0x5}, {0x7, 0xfff2}}}, 0x24}}, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="60000000020601046c0001000000000000000000050005000a000000050001000600000005000400000000000900020073797a300000000014000300686173683a69702c706f72742c697000140007800800084000002f5408000640"], 0x60}}, 0x0) 13.817167603s ago: executing program 1 (id=252): r0 = socket$nl_rdma(0x10, 0x3, 0x14) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) r5 = socket(0x23, 0x805, 0x0) connect$vsock_stream(r5, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, 0x0, 0x0) 12.995979137s ago: executing program 3 (id=256): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x400002}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x40c0080) 12.75186492s ago: executing program 1 (id=259): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace(0x8, r0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, 0x0, 0x0) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = socket$inet(0x2, 0xa, 0x5) setsockopt$sock_int(r5, 0x1, 0x2e, 0x0, 0x0) recvmmsg(r5, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 11.225364147s ago: executing program 1 (id=261): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x3, 0x0, {{0xe, 0x4, 0x0, 0x0, 0x38, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0x1c, 0xc0, 0x3, 0x1, [{@multicast1, 0x5}, {@remote}, {@broadcast}]}, @noop, @lsrr={0x83, 0x7, 0xdc, [@multicast1]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 9.388340065s ago: executing program 1 (id=265): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = epoll_create1(0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x20, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) syz_open_dev$usbmon(&(0x7f0000000080), 0xfffffffffffffffd, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$rtc(0xffffffffffffff9c, 0x0, 0x80, 0x0) ioctl$RTC_WKALM_RD(r2, 0x80287010, &(0x7f0000000080)) getdents(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r4, 0x400454c9, 0xba98575a95aeb713) ioctl$TUNATTACHFILTER(r4, 0x401054d5, 0x0) read(0xffffffffffffffff, &(0x7f0000000600)=""/4096, 0x1000) timer_create(0x3, 0x0, &(0x7f0000000780)=0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) gettid() timer_settime(r5, 0x1, &(0x7f00000007c0)={{0x77359400}}, &(0x7f0000000800)) 7.060203582s ago: executing program 0 (id=268): sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) syz_genetlink_get_family_id$mptcp(&(0x7f0000004d80), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x10) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) accept$inet6(r0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r3, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0) 6.664268793s ago: executing program 0 (id=271): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x159c}}, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) r0 = open(&(0x7f00000002c0)='./file0\x00', 0x14937e, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0) pwrite64(r1, &(0x7f0000000200)="c6", 0x1, 0x4007fff) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={r0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r5 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_FMT(r5, 0xc0d05604, &(0x7f0000000380)={0x2, @vbi={0x97, 0x3, 0x101, 0x56544943, [0x6, 0x3], [0x2, 0x10000], 0x1}}) ioctl$VIDIOC_EXPBUF(r5, 0xc0405610, &(0x7f0000000040)={0x7, 0x7, 0xff, 0x80000}) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 5.722965224s ago: executing program 0 (id=273): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000200)={0x0, 0x35}, 0x0, 0x0}) 5.586777008s ago: executing program 2 (id=275): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x3, 0x88) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f00000003c0)=0x1c00) 5.586032623s ago: executing program 3 (id=276): openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x949902, 0x0) setresgid(0x0, 0xee00, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 5.304077882s ago: executing program 3 (id=277): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00') pread64(r5, &(0x7f00000001c0)=""/73, 0x49, 0x400000000000000) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), r4) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)={0x30, r6, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}, @L2TP_ATTR_SEND_SEQ={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0) ptrace(0x10, r3) ptrace$ARCH_MAP_VDSO_X32(0x1e, r3, 0x1000200000000, 0x2001) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000cc0)={{0xffffffffffffffff, 0x3, 0x3, 0x2, 0x9}}) 4.579482728s ago: executing program 2 (id=279): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={0x0}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000048000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000408000140000000000900010073797a300000000008000a400000000284000000060a010400000000000000000100000008000b40000000000900010073797a30"], 0x124}}, 0x0) 4.461198508s ago: executing program 3 (id=280): mkdir(&(0x7f00000001c0)='./file1\x00', 0x117) mkdir(&(0x7f0000000100)='./file0\x00', 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000000000832cd3ac6e00000000008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_freezer_state(r4, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r5, &(0x7f0000000280)='FROZEN\x00', 0x7) socket$packet(0x11, 0x2, 0x300) write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0x22a) close(0x3) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x2200410, &(0x7f00000003c0)={[{@redirect_dir_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 4.368129372s ago: executing program 2 (id=281): r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000800)='9', 0x1}], 0x1f) 4.262827315s ago: executing program 4 (id=282): r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmmsg(r0, &(0x7f0000003f40)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)="fe", 0x1}], 0x1}}], 0x1, 0x40002) 3.619092648s ago: executing program 4 (id=283): socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) memfd_create(&(0x7f0000000300)='/dev/snd/seq\x00', 0x1) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) clock_adjtime(0x0, &(0x7f0000000100)={0x5f0827ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff}) recvmmsg(r2, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x0, 0x989680}) r4 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r4) 3.559391746s ago: executing program 3 (id=284): setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x4d, 0x0, 0x8) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40080000000008b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x22402, 0x0) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14) 2.266414085s ago: executing program 4 (id=285): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) dup3(r0, r1, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x229, 0x0) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x14) 2.169280992s ago: executing program 3 (id=286): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x310, 0x97, 0x89, 0x59, 0x20, 0x1110, 0x9000, 0xf411, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7f, 0x6, 0xb0, 0x5, [{{0x9, 0x4, 0x19, 0x9, 0x0, 0xb4, 0xa7, 0xd5}}]}}]}}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0}) syz_usb_disconnect(r0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, 0x0, 0x0) syz_usb_connect$printer(0x6, 0x2d, 0x0, 0x0) syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x311, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x6, 0x70, 0x4, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x7, 0x1, 0x2, 0x4, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x1, 0x0, 0xe}}}}}]}}]}}, 0x0) 2.068153385s ago: executing program 2 (id=287): sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) openat$vsock(0xffffffffffffff9c, 0x0, 0x20000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) 1.612974625s ago: executing program 4 (id=288): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x5, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000080)={0xd, 0x1, 0x0, "bb1e000064000080007f28becf0500063475de71000077a16c80b6db943400"}) r6 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa441, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r7, 0x4038ae7a, &(0x7f0000001440)={0x0, 0x87e, 0x0, 0x0}) ioctl$KVM_XEN_HVM_CONFIG(r7, 0x4038ae7a, &(0x7f00000025c0)={0x2, 0x371, 0x0, 0x0}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x28, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100), 0x7c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=ANY=[@ANYBLOB], 0x64}}, 0x40) 1.425067027s ago: executing program 0 (id=289): r0 = socket(0x10, 0x3, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000002c0)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f000015e000/0x3000)=nil, &(0x7f000096e000/0x1000)=nil, &(0x7f00007ca000/0x1000)=nil, &(0x7f00009cb000/0x2000)=nil, &(0x7f0000379000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000697000/0x1000)=nil, &(0x7f00001d1000/0x1000)=nil, &(0x7f00003ab000/0x1000)=nil, &(0x7f0000625000/0x3000)=nil, &(0x7f0000000480)="97f999b1af165e27c277880685a356b2a1d7ee8545c237055612e31d2591f349ad5c7c6df12aa768f5d51aa4c83315cb7da186002847fe0e230d5c1944efba0fb92840e9ac86b74076cc4a35bc569dfaabaadb62d2552debd729813afbccc04ed097aaeb840768b825596c53ed323591f1615325a3c8ab0493e5d99cb87d554b394dd61d78a8c0e2c9f998ea983a9e8c54f31336653be62a30fe292bd6ab3dd3a06d3934df9688b036b90b289b71e98c091327aa6de4a1d913f5a25d06f0298342f9819b348a5b4a17ba9763ca", 0xcd, r0}, 0x68) 672.228812ms ago: executing program 0 (id=290): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000003c0)=0x1c00) 576.535686ms ago: executing program 4 (id=291): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={0x0}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000048000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000408000140000000000900010073797a300000000008000a400000000284000000060a010400000000000000000100000008000b40000000000900010073797a30"], 0x124}}, 0x0) 500.12653ms ago: executing program 2 (id=292): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f00000005c0), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'pim6reg0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="270e000000170000000004"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x40000}, 0x0) 420.074055ms ago: executing program 4 (id=293): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) listen(r2, 0x0) accept4$rose(r2, 0x0, 0x0, 0x0) 395.772366ms ago: executing program 0 (id=294): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}]}, 0x40}}, 0x20000080) 242.07624ms ago: executing program 1 (id=295): clock_settime(0x0, &(0x7f0000000040)={0x77359400}) r0 = socket$alg(0x26, 0x5, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$xdp(0x2c, 0x3, 0x0) r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340), &(0x7f0000000500)) io_uring_enter(r4, 0x3b79, 0x3137, 0x8, 0x0, 0x0) bind$alg(r0, &(0x7f0000001c40)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r5 = accept4(r0, 0x0, 0x0, 0x80000) sendmsg$TIPC_NL_NET_SET(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x48800) r6 = accept$alg(r5, 0x0, 0x0) read$alg(r6, &(0x7f00000004c0)=""/4096, 0x1000) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 0s ago: executing program 2 (id=296): socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000600)=@security={'security\x00', 0x44, 0x4, 0x3c0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x2f0, 0x2f0, 0x2f0, 0xffffffff, 0x6, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @empty, [], [], 'nr0\x00', 'nr0\x00'}, 0x203, 0xe0, 0x108, 0x8502, {0x700}, [@common=@unspec=@quota={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x3}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x4}}}, {{@ipv6={@local, @mcast1, [], [], 'ip6erspan0\x00', 'veth1_macvtap\x00'}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@CLASSIFY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x420) close(r0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x20000007}) syz_init_net_socket$rose(0xb, 0x5, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.62' (ED25519) to the list of known hosts. [ 50.284988][ T29] audit: type=1400 audit(1737147440.039:88): avc: denied { mounton } for pid=5802 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 50.288963][ T5802] cgroup: Unknown subsys name 'net' [ 50.307767][ T29] audit: type=1400 audit(1737147440.039:89): avc: denied { mount } for pid=5802 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.335247][ T29] audit: type=1400 audit(1737147440.069:90): avc: denied { unmount } for pid=5802 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.460605][ T5802] cgroup: Unknown subsys name 'cpuset' [ 50.468007][ T5802] cgroup: Unknown subsys name 'rlimit' [ 50.600581][ T29] audit: type=1400 audit(1737147440.359:91): avc: denied { setattr } for pid=5802 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.630836][ T29] audit: type=1400 audit(1737147440.359:92): avc: denied { create } for pid=5802 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.651546][ T29] audit: type=1400 audit(1737147440.359:93): avc: denied { write } for pid=5802 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.672075][ T29] audit: type=1400 audit(1737147440.359:94): avc: denied { read } for pid=5802 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.690706][ T5804] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 50.701250][ T29] audit: type=1400 audit(1737147440.369:95): avc: denied { mounton } for pid=5802 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 50.726195][ T29] audit: type=1400 audit(1737147440.369:96): avc: denied { mount } for pid=5802 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 50.749623][ T29] audit: type=1400 audit(1737147440.399:97): avc: denied { read } for pid=5484 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 51.536744][ T5802] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.847377][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 55.847396][ T29] audit: type=1400 audit(1737147445.589:103): avc: denied { create } for pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.901159][ T29] audit: type=1400 audit(1737147445.609:104): avc: denied { read write } for pid=5813 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.925224][ T29] audit: type=1400 audit(1737147445.609:105): avc: denied { open } for pid=5813 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.944968][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.951477][ T29] audit: type=1400 audit(1737147445.639:106): avc: denied { ioctl } for pid=5813 comm="syz-executor" path="socket:[4001]" dev="sockfs" ino=4001 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.978919][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.988707][ T5827] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.998254][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 56.003641][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 56.006694][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 56.014074][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 56.020845][ T5826] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 56.027611][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.035836][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 56.042529][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.049176][ T5826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 56.056369][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.062783][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 56.069602][ T5832] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 56.076765][ T5826] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 56.083279][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.090772][ T5827] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 56.097463][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 56.104484][ T5826] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 56.118852][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 56.120965][ T5129] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 56.126876][ T5826] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.133889][ T5129] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 56.149096][ T5129] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 56.156579][ T5129] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 56.171231][ T5129] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 56.184464][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 56.195666][ T5829] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 56.204499][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 56.205865][ T29] audit: type=1400 audit(1737147445.899:107): avc: denied { read } for pid=5812 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.249931][ T29] audit: type=1400 audit(1737147445.899:108): avc: denied { open } for pid=5812 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.285486][ T29] audit: type=1400 audit(1737147445.899:109): avc: denied { mounton } for pid=5812 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 56.429350][ T29] audit: type=1400 audit(1737147446.189:110): avc: denied { module_request } for pid=5812 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 56.498610][ T5812] chnl_net:caif_netlink_parms(): no params data found [ 56.553677][ T5816] chnl_net:caif_netlink_parms(): no params data found [ 56.562154][ T5813] chnl_net:caif_netlink_parms(): no params data found [ 56.647778][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 56.662042][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.669382][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.676669][ T5812] bridge_slave_0: entered allmulticast mode [ 56.683619][ T5812] bridge_slave_0: entered promiscuous mode [ 56.725795][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.733288][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.740502][ T5812] bridge_slave_1: entered allmulticast mode [ 56.747700][ T5812] bridge_slave_1: entered promiscuous mode [ 56.774918][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.782477][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.789713][ T5813] bridge_slave_0: entered allmulticast mode [ 56.796380][ T5813] bridge_slave_0: entered promiscuous mode [ 56.811547][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.818881][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.826062][ T5816] bridge_slave_0: entered allmulticast mode [ 56.833147][ T5816] bridge_slave_0: entered promiscuous mode [ 56.852653][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.860022][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.867130][ T5813] bridge_slave_1: entered allmulticast mode [ 56.873905][ T5813] bridge_slave_1: entered promiscuous mode [ 56.889753][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.899122][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.906248][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.914088][ T5816] bridge_slave_1: entered allmulticast mode [ 56.920867][ T5816] bridge_slave_1: entered promiscuous mode [ 56.953264][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.978914][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.007617][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.016820][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.024739][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.032545][ T5825] bridge_slave_0: entered allmulticast mode [ 57.039617][ T5825] bridge_slave_0: entered promiscuous mode [ 57.048258][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.068201][ T5812] team0: Port device team_slave_0 added [ 57.075702][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.087690][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.094788][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.102109][ T5825] bridge_slave_1: entered allmulticast mode [ 57.109079][ T5825] bridge_slave_1: entered promiscuous mode [ 57.124763][ T5813] team0: Port device team_slave_0 added [ 57.132093][ T5812] team0: Port device team_slave_1 added [ 57.153956][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 57.165810][ T5813] team0: Port device team_slave_1 added [ 57.178284][ T5816] team0: Port device team_slave_0 added [ 57.196385][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.216781][ T5816] team0: Port device team_slave_1 added [ 57.223146][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.230402][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.256390][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.269393][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.276425][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.302395][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.314471][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.358139][ T5825] team0: Port device team_slave_0 added [ 57.364484][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.371586][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.397647][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.413854][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.421067][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.447055][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.473654][ T5825] team0: Port device team_slave_1 added [ 57.485931][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.492935][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.519271][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.542527][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.549549][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.575599][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.597875][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.604839][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.635243][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.649764][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.656736][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.682743][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.729199][ T5813] hsr_slave_0: entered promiscuous mode [ 57.735340][ T5813] hsr_slave_1: entered promiscuous mode [ 57.753437][ T5812] hsr_slave_0: entered promiscuous mode [ 57.761009][ T5812] hsr_slave_1: entered promiscuous mode [ 57.767002][ T5812] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.775050][ T5812] Cannot create hsr debugfs directory [ 57.786247][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.793588][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.800822][ T5814] bridge_slave_0: entered allmulticast mode [ 57.807198][ T5814] bridge_slave_0: entered promiscuous mode [ 57.822861][ T5816] hsr_slave_0: entered promiscuous mode [ 57.829526][ T5816] hsr_slave_1: entered promiscuous mode [ 57.835859][ T5816] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.843602][ T5816] Cannot create hsr debugfs directory [ 57.855040][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.862393][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.869737][ T5814] bridge_slave_1: entered allmulticast mode [ 57.876158][ T5814] bridge_slave_1: entered promiscuous mode [ 57.905927][ T5825] hsr_slave_0: entered promiscuous mode [ 57.912158][ T5825] hsr_slave_1: entered promiscuous mode [ 57.920002][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.927737][ T5825] Cannot create hsr debugfs directory [ 57.941249][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.962823][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.008477][ T5814] team0: Port device team_slave_0 added [ 58.030938][ T5814] team0: Port device team_slave_1 added [ 58.081276][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.088436][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.114505][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.143145][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.150634][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 58.176623][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.178213][ T5829] Bluetooth: hci0: command tx timeout [ 58.187282][ T5822] Bluetooth: hci3: command tx timeout [ 58.196149][ T5129] Bluetooth: hci1: command tx timeout [ 58.218927][ T5814] hsr_slave_0: entered promiscuous mode [ 58.225860][ T5814] hsr_slave_1: entered promiscuous mode [ 58.232168][ T5814] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.239812][ T5814] Cannot create hsr debugfs directory [ 58.257644][ T5829] Bluetooth: hci4: command tx timeout [ 58.338030][ T5829] Bluetooth: hci2: command tx timeout [ 58.363321][ T5812] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.374835][ T5812] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.394176][ T5812] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.415508][ T5812] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.438617][ T5813] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.451745][ T5813] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.462417][ T5813] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.480958][ T5813] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.521489][ T5816] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 58.542250][ T5816] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 58.553951][ T5816] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 58.575000][ T5816] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 58.626871][ T5825] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.636360][ T5825] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.670838][ T5825] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.681909][ T5825] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.695024][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.719443][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.766154][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.775461][ T5814] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.785632][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.800984][ T5814] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.810968][ T5814] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.823636][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.831508][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.841789][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.848922][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.862190][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.869332][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.880900][ T5814] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.900818][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.907945][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.046564][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.053949][ T29] audit: type=1400 audit(1737147448.799:111): avc: denied { sys_module } for pid=5812 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 59.093405][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.131896][ T5816] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.154569][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.170704][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.188647][ T3652] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.195718][ T3652] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.216222][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.240135][ T3652] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.247303][ T3652] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.256112][ T3652] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.263242][ T3652] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.292656][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.299767][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.319501][ T981] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.326593][ T981] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.349291][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.371248][ T981] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.378459][ T981] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.399959][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.502323][ T5812] veth0_vlan: entered promiscuous mode [ 59.530097][ T5813] veth0_vlan: entered promiscuous mode [ 59.556918][ T5812] veth1_vlan: entered promiscuous mode [ 59.573198][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.586806][ T5813] veth1_vlan: entered promiscuous mode [ 59.678423][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.710534][ T5812] veth0_macvtap: entered promiscuous mode [ 59.734572][ T5813] veth0_macvtap: entered promiscuous mode [ 59.744584][ T5812] veth1_macvtap: entered promiscuous mode [ 59.755378][ T5813] veth1_macvtap: entered promiscuous mode [ 59.772915][ T5825] veth0_vlan: entered promiscuous mode [ 59.785677][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.809132][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.823653][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.835247][ T5813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.846708][ T5813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.860652][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.870169][ T5813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.880733][ T5813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.891819][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.903530][ T5813] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.913104][ T5813] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.922099][ T5813] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.932697][ T5813] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.945494][ T5812] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.954579][ T5812] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.963491][ T5812] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.973046][ T5812] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.987465][ T5825] veth1_vlan: entered promiscuous mode [ 60.058937][ T5825] veth0_macvtap: entered promiscuous mode [ 60.082551][ T5825] veth1_macvtap: entered promiscuous mode [ 60.163605][ T5814] veth0_vlan: entered promiscuous mode [ 60.173147][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.187088][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.191968][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.203245][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.222193][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.233837][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.244074][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.255035][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.258188][ T5829] Bluetooth: hci0: command tx timeout [ 60.266806][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.270375][ T5829] Bluetooth: hci1: command tx timeout [ 60.277980][ T5129] Bluetooth: hci3: command tx timeout [ 60.288279][ T5816] veth0_vlan: entered promiscuous mode [ 60.302087][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.302382][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.323062][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.333200][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.333735][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.344468][ T5129] Bluetooth: hci4: command tx timeout [ 60.357049][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.368603][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.377044][ T5814] veth1_vlan: entered promiscuous mode [ 60.393855][ T5816] veth1_vlan: entered promiscuous mode [ 60.404301][ T29] audit: type=1400 audit(1737147450.149:112): avc: denied { mounton } for pid=5812 comm="syz-executor" path="/root/syzkaller.7R4lmu/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 60.406706][ T5825] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.441266][ T5129] Bluetooth: hci2: command tx timeout [ 60.446794][ T5825] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.455597][ T5825] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.467952][ T5825] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.492963][ T5812] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 60.499571][ T5816] veth0_macvtap: entered promiscuous mode [ 60.515939][ T5816] veth1_macvtap: entered promiscuous mode [ 60.528900][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.539435][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.549337][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.559820][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.569640][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.580208][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.590894][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.637728][ T981] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.645727][ T981] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.686658][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.704379][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.715033][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.744596][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.763303][ T5899] FAULT_INJECTION: forcing a failure. [ 60.763303][ T5899] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 60.776547][ T5899] CPU: 1 UID: 0 PID: 5899 Comm: syz.1.2 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 60.786980][ T5899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 60.797053][ T5899] Call Trace: [ 60.800327][ T5899] [ 60.803256][ T5899] dump_stack_lvl+0x16c/0x1f0 [ 60.807934][ T5899] should_fail_ex+0x497/0x5b0 [ 60.812619][ T5899] _copy_from_user+0x2e/0xd0 [ 60.817199][ T5899] copy_msghdr_from_user+0x99/0x160 [ 60.822391][ T5899] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 60.828205][ T5899] ___sys_sendmsg+0xff/0x1e0 [ 60.832794][ T5899] ? __pfx____sys_sendmsg+0x10/0x10 [ 60.837989][ T5899] ? __pfx_lock_release+0x10/0x10 [ 60.843014][ T5899] ? trace_lock_acquire+0x14e/0x1f0 [ 60.848210][ T5899] ? __fget_files+0x206/0x3a0 [ 60.852881][ T5899] __sys_sendmsg+0x16e/0x220 [ 60.857458][ T5899] ? __pfx___sys_sendmsg+0x10/0x10 [ 60.862573][ T5899] do_syscall_64+0xcd/0x250 [ 60.867073][ T5899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.872959][ T5899] RIP: 0033:0x7f40db385d29 [ 60.877362][ T5899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.896954][ T5899] RSP: 002b:00007f40dc250038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.905354][ T5899] RAX: ffffffffffffffda RBX: 00007f40db576160 RCX: 00007f40db385d29 [ 60.913403][ T5899] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 60.921363][ T5899] RBP: 00007f40dc250090 R08: 0000000000000000 R09: 0000000000000000 [ 60.929323][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.937285][ T5899] R13: 0000000000000001 R14: 00007f40db576160 R15: 00007ffcfd8d3aa8 [ 60.945254][ T5899] [ 61.007387][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 61.007422][ T29] audit: type=1400 audit(1737147450.749:130): avc: denied { read } for pid=5896 comm="syz.1.2" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.046532][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.098906][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.160252][ T29] audit: type=1400 audit(1737147450.749:131): avc: denied { open } for pid=5896 comm="syz.1.2" path="/dev/iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.204650][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.356948][ T5814] veth0_macvtap: entered promiscuous mode [ 61.360856][ T29] audit: type=1400 audit(1737147450.749:132): avc: denied { ioctl } for pid=5896 comm="syz.1.2" path="/dev/iommu" dev="devtmpfs" ino=624 ioctlcmd=0x3b81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 61.396159][ T5816] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.405295][ T5816] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.414172][ T5816] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.423618][ T5816] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.440149][ T5814] veth1_macvtap: entered promiscuous mode [ 61.453571][ T3684] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.467614][ T3684] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.524906][ T3684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.686484][ T3684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.705914][ T29] audit: type=1400 audit(1737147451.339:133): avc: denied { write } for pid=5900 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 61.748922][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.787807][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.891441][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.036574][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.057195][ T29] audit: type=1400 audit(1737147451.809:134): avc: denied { create } for pid=5906 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 62.060348][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.087529][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.098094][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.108874][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.114546][ T29] audit: type=1400 audit(1737147451.819:135): avc: denied { prog_load } for pid=5906 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 62.125913][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.152032][ T29] audit: type=1400 audit(1737147451.819:136): avc: denied { bpf } for pid=5906 comm="syz.1.6" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 62.177111][ T29] audit: type=1400 audit(1737147451.819:137): avc: denied { perfmon } for pid=5906 comm="syz.1.6" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 62.209494][ T29] audit: type=1400 audit(1737147451.819:138): avc: denied { prog_run } for pid=5906 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 62.296639][ T29] audit: type=1400 audit(1737147452.049:139): avc: denied { mounton } for pid=5825 comm="syz-executor" path="/root/syzkaller.f0vXtR/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 62.299801][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.340214][ T5129] Bluetooth: hci3: command tx timeout [ 62.347660][ T5822] Bluetooth: hci1: command tx timeout [ 62.353162][ T5822] Bluetooth: hci0: command tx timeout [ 62.423250][ T5129] Bluetooth: hci4: command tx timeout [ 62.507416][ T5129] Bluetooth: hci2: command tx timeout [ 62.543207][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.587561][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.675976][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.765849][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.854348][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.900400][ T5814] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.914547][ T5814] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.929827][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.953374][ T5814] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.966586][ T5814] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.006582][ T5814] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.018933][ T5814] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.092906][ T5966] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.118454][ T5966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.212184][ T5947] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.235497][ T5947] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.255276][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.279154][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.391438][ T5947] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.392595][ T5988] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.408391][ T5988] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.412637][ T5947] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.417075][ T5988] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 63.433253][ T5988] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.535079][ T5129] Bluetooth: hci0: command tx timeout [ 64.540910][ T5129] Bluetooth: hci1: command tx timeout [ 64.678084][ T5829] Bluetooth: hci4: command tx timeout [ 64.684317][ T5829] Bluetooth: hci2: command tx timeout [ 64.693290][ T5129] Bluetooth: hci3: command tx timeout [ 65.198271][ T6039] process 'syz.0.14' launched './file0' with NULL argv: empty string added [ 65.331812][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.364836][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 66.045455][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 66.120337][ T29] kauditd_printk_skb: 24 callbacks suppressed [ 66.120354][ T29] audit: type=1400 audit(1737147455.879:164): avc: denied { create } for pid=6070 comm="syz.3.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 67.123645][ T29] audit: type=1400 audit(1737147456.559:165): avc: denied { read } for pid=6070 comm="syz.3.18" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 67.369629][ T29] audit: type=1400 audit(1737147456.559:166): avc: denied { open } for pid=6070 comm="syz.3.18" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 67.403754][ T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 67.409383][ T29] audit: type=1400 audit(1737147456.719:167): avc: denied { ioctl } for pid=6070 comm="syz.3.18" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 67.463119][ T6076] binder: BINDER_SET_CONTEXT_MGR already set [ 67.469370][ T6076] binder: 6070:6076 ioctl 4018620d 20004a80 returned -16 [ 67.883551][ T5866] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 67.891177][ T9] usb 5-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 67.902186][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 67.911365][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 67.922589][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24947, setting to 1024 [ 67.942240][ T29] audit: type=1400 audit(1737147456.719:168): avc: denied { set_context_mgr } for pid=6070 comm="syz.3.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 67.963122][ T29] audit: type=1400 audit(1737147456.719:169): avc: denied { setopt } for pid=6067 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 67.983802][ T29] audit: type=1400 audit(1737147456.869:170): avc: denied { write } for pid=6067 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 68.003655][ T29] audit: type=1400 audit(1737147457.129:171): avc: denied { create } for pid=6072 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.023928][ T29] audit: type=1400 audit(1737147457.139:172): avc: denied { ioctl } for pid=6072 comm="syz.0.17" path="socket:[8382]" dev="sockfs" ino=8382 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.035059][ T6085] netlink: 'syz.3.21': attribute type 1 has an invalid length. [ 68.049159][ T29] audit: type=1400 audit(1737147457.199:173): avc: denied { bind } for pid=6067 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 68.093723][ T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 68.105528][ T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 68.113720][ T9] usb 5-1: Product: syz [ 68.118206][ T9] usb 5-1: Manufacturer: syz [ 68.136634][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 68.142460][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 68.146835][ T6086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21'. [ 68.150988][ T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 68.245050][ T9] cdc_wdm 5-1:1.0: Unknown control protocol [ 68.287349][ T5866] usb 2-1: Using ep0 maxpacket: 16 [ 68.294857][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 68.306006][ T5866] usb 2-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00 [ 68.315362][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.330493][ T5866] usb 2-1: config 0 descriptor?? [ 68.400133][ T6092] FAULT_INJECTION: forcing a failure. [ 68.400133][ T6092] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.414107][ T6092] CPU: 1 UID: 0 PID: 6092 Comm: syz.3.24 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 68.424727][ T6092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 68.434791][ T6092] Call Trace: [ 68.438058][ T6092] [ 68.440975][ T6092] dump_stack_lvl+0x16c/0x1f0 [ 68.445669][ T6092] should_fail_ex+0x497/0x5b0 [ 68.450359][ T6092] _copy_from_user+0x2e/0xd0 [ 68.454942][ T6092] copy_msghdr_from_user+0x99/0x160 [ 68.460141][ T6092] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 68.465939][ T6092] ? __lock_acquire+0xcc5/0x3c40 [ 68.467593][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 68.470878][ T6092] ___sys_sendmsg+0xff/0x1e0 [ 68.483712][ T6092] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.488947][ T6092] ? trace_lock_acquire+0x14e/0x1f0 [ 68.494181][ T6092] __sys_sendmmsg+0x201/0x420 [ 68.498841][ T6092] ? __pfx___sys_sendmmsg+0x10/0x10 [ 68.504035][ T6092] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 68.510044][ T6092] ? fput+0x67/0x440 [ 68.513936][ T6092] ? ksys_write+0x1ba/0x250 [ 68.518445][ T6092] ? __pfx_ksys_write+0x10/0x10 [ 68.523311][ T6092] __x64_sys_sendmmsg+0x9c/0x100 [ 68.528254][ T6092] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.533476][ T6092] do_syscall_64+0xcd/0x250 [ 68.538021][ T6092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.543981][ T6092] RIP: 0033:0x7fb31c385d29 [ 68.548421][ T6092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.550860][ T6075] Bluetooth: MGMT ver 1.23 [ 68.568127][ T6092] RSP: 002b:00007fb31d119038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 68.568159][ T6092] RAX: ffffffffffffffda RBX: 00007fb31c575fa0 RCX: 00007fb31c385d29 [ 68.568170][ T6092] RDX: 0000000000000001 RSI: 0000000020000400 RDI: 0000000000000007 [ 68.568181][ T6092] RBP: 00007fb31d119090 R08: 0000000000000000 R09: 0000000000000000 [ 68.568192][ T6092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.568203][ T6092] R13: 0000000000000000 R14: 00007fb31c575fa0 R15: 00007ffe74a16a48 [ 68.568225][ T6092] [ 68.657711][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 68.670352][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 68.706408][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 68.710247][ T1911] usb 5-1: USB disconnect, device number 2 [ 68.713501][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 68.725882][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 68.787569][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 68.798227][ T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!! [ 68.857484][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 68.897446][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.164698][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 69.219055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.649492][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.663783][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.673803][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c286, bcdDevice= 0.00 [ 69.685511][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.702845][ T5866] usbhid 2-1:0.0: can't add hid device: -71 [ 69.709230][ T5866] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 69.811117][ T5866] usb 2-1: USB disconnect, device number 2 [ 69.826998][ T9] usb 4-1: config 0 descriptor?? [ 70.013017][ T6108] netlink: 220 bytes leftover after parsing attributes in process `syz.0.27'. [ 71.469640][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.476051][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.578140][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 71.578157][ T29] audit: type=1400 audit(1737147461.339:200): avc: denied { create } for pid=6116 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 71.603447][ C1] vkms_vblank_simulate: vblank timer overrun [ 71.705967][ T6119] netlink: 40 bytes leftover after parsing attributes in process `syz.4.31'. [ 71.715185][ T29] audit: type=1400 audit(1737147461.339:201): avc: denied { bind } for pid=6116 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 71.826712][ T29] audit: type=1400 audit(1737147461.339:202): avc: denied { node_bind } for pid=6116 comm="syz.1.30" saddr=ff01::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 72.057344][ T6127] netlink: 16 bytes leftover after parsing attributes in process `syz.0.32'. [ 72.547340][ T29] audit: type=1400 audit(1737147461.339:203): avc: denied { connect } for pid=6116 comm="syz.1.30" laddr=ff01::1 lport=46473 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 72.611032][ T29] audit: type=1400 audit(1737147461.339:204): avc: denied { name_connect } for pid=6116 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 72.674557][ T6121] warning: `syz.1.33' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 73.001045][ T5980] IPVS: starting estimator thread 0... [ 73.029736][ T29] audit: type=1400 audit(1737147462.789:205): avc: denied { create } for pid=6142 comm="syz.2.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 73.130163][ T6145] IPVS: using max 53 ests per chain, 127200 per kthread [ 73.177354][ T5980] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 73.329417][ T29] audit: type=1400 audit(1737147463.089:206): avc: denied { create } for pid=6148 comm="syz.2.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 73.368568][ T6150] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6150 comm=syz.2.38 [ 73.401637][ T29] audit: type=1400 audit(1737147463.119:207): avc: denied { setopt } for pid=6148 comm="syz.2.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 73.484330][ T29] audit: type=1400 audit(1737147463.129:208): avc: denied { ioctl } for pid=6148 comm="syz.2.38" path="socket:[8060]" dev="sockfs" ino=8060 ioctlcmd=0x941f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 73.522733][ T29] audit: type=1400 audit(1737147463.139:209): avc: denied { ioctl } for pid=6149 comm="syz.4.39" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 73.537815][ T5980] usb 2-1: Using ep0 maxpacket: 32 [ 73.600608][ T5980] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 73.614567][ T5980] usb 2-1: config 0 has no interfaces? [ 73.632542][ T5980] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 73.692867][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.737422][ T5980] usb 2-1: config 0 descriptor?? [ 73.794146][ T9] usbhid 4-1:0.0: can't add hid device: -71 [ 73.832161][ T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 74.023224][ T9] usb 4-1: USB disconnect, device number 2 [ 74.142177][ T969] IPVS: starting estimator thread 0... [ 74.244206][ T6165] IPVS: using max 25 ests per chain, 60000 per kthread [ 76.497828][ T6194] netlink: 36 bytes leftover after parsing attributes in process `syz.0.47'. [ 76.581008][ T25] cfg80211: failed to load regulatory.db [ 76.604288][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 76.604306][ T29] audit: type=1400 audit(1737147466.349:228): avc: denied { create } for pid=6184 comm="syz.3.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 76.693579][ T29] audit: type=1400 audit(1737147466.349:229): avc: denied { connect } for pid=6184 comm="syz.3.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 77.035056][ T29] audit: type=1400 audit(1737147466.789:230): avc: denied { create } for pid=6207 comm="syz.2.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 77.054454][ C1] vkms_vblank_simulate: vblank timer overrun [ 77.168601][ T5980] usb 2-1: string descriptor 0 read error: -71 [ 77.209900][ T5980] usb 2-1: USB disconnect, device number 3 [ 77.800751][ T6218] sctp: [Deprecated]: syz.1.53 (pid 6218) Use of int in max_burst socket option. [ 77.800751][ T6218] Use struct sctp_assoc_value instead [ 78.438883][ T29] audit: type=1400 audit(1737147467.989:231): avc: denied { bind } for pid=6209 comm="syz.1.53" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 78.798152][ T29] audit: type=1400 audit(1737147467.989:232): avc: denied { name_bind } for pid=6209 comm="syz.1.53" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 78.823262][ T29] audit: type=1400 audit(1737147467.989:233): avc: denied { node_bind } for pid=6209 comm="syz.1.53" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 78.845404][ T29] audit: type=1400 audit(1737147468.059:234): avc: denied { connect } for pid=6209 comm="syz.1.53" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 78.867574][ T29] audit: type=1400 audit(1737147468.059:235): avc: denied { name_connect } for pid=6209 comm="syz.1.53" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 78.889673][ T29] audit: type=1400 audit(1737147468.069:236): avc: denied { ioctl } for pid=6209 comm="syz.1.53" path="socket:[8657]" dev="sockfs" ino=8657 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 79.637332][ T5980] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 79.907536][ T5980] usb 2-1: Using ep0 maxpacket: 32 [ 79.919473][ T5980] usb 2-1: config 0 has an invalid interface number: 215 but max is 0 [ 79.927842][ T5980] usb 2-1: config 0 has no interface number 0 [ 79.936582][ T5980] usb 2-1: New USB device found, idVendor=1608, idProduct=0301, bcdDevice=f1.24 [ 80.100845][ T25] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 80.108559][ T5980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.116759][ T5980] usb 2-1: Product: syz [ 80.121810][ T5980] usb 2-1: Manufacturer: syz [ 80.126537][ T5980] usb 2-1: SerialNumber: syz [ 80.139571][ T5980] usb 2-1: config 0 descriptor?? [ 80.149337][ T5980] io_ti 2-1:0.215: required endpoints missing [ 80.297408][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 80.314082][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.321778][ T29] audit: type=1400 audit(1737147470.069:237): avc: denied { sys_module } for pid=6247 comm="syz.3.62" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 80.325362][ T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 80.359410][ T25] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 80.369189][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.385413][ T25] usb 3-1: config 0 descriptor?? [ 80.417140][ T6255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.444035][ T6255] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 80.519854][ T1911] usb 2-1: USB disconnect, device number 4 [ 80.563959][ T6259] netlink: 68 bytes leftover after parsing attributes in process `syz.1.63'. [ 80.668502][ T5866] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 80.682929][ T6261] sctp: [Deprecated]: syz.3.62 (pid 6261) Use of int in max_burst socket option. [ 80.682929][ T6261] Use struct sctp_assoc_value instead [ 80.907834][ T5866] usb 5-1: Using ep0 maxpacket: 8 [ 80.917981][ T5866] usb 5-1: config 1 interface 0 has no altsetting 0 [ 80.927053][ T5866] usb 5-1: New USB device found, idVendor=056a, idProduct=006a, bcdDevice= 0.40 [ 80.936685][ T5866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.969577][ T5866] usb 5-1: Product: syz [ 80.999133][ T5866] usb 5-1: Manufacturer: syz [ 81.016041][ T25] microsoft 0003:045E:07DA.0001: invalid report_count 1087535805 [ 81.024312][ T25] microsoft 0003:045E:07DA.0001: item 0 4 1 9 parsing failed [ 81.032346][ T25] microsoft 0003:045E:07DA.0001: parse failed [ 81.038772][ T25] microsoft 0003:045E:07DA.0001: probe with driver microsoft failed with error -22 [ 81.052964][ T5866] usb 5-1: SerialNumber: syz [ 81.130829][ T6266] fuse: Bad value for 'fd' [ 81.144964][ T6234] Zero length message leads to an empty skb [ 81.291070][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.321539][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.343556][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.362756][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.406289][ T5866] usbhid 5-1:1.0: can't add hid device: -71 [ 81.418111][ T5866] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 81.429220][ T969] usb 3-1: USB disconnect, device number 2 [ 81.432816][ T5866] usb 5-1: USB disconnect, device number 3 [ 81.638439][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 81.638453][ T29] audit: type=1400 audit(1737147471.399:239): avc: denied { create } for pid=6271 comm="syz.1.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 81.957681][ T6278] infiniband syz2: set active [ 81.962639][ T6278] infiniband syz2: added team_slave_1 [ 82.666770][ T29] audit: type=1400 audit(1737147471.629:240): avc: denied { create } for pid=6271 comm="syz.1.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 82.686727][ C1] vkms_vblank_simulate: vblank timer overrun [ 82.857584][ T29] audit: type=1400 audit(1737147471.629:241): avc: denied { write } for pid=6271 comm="syz.1.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 83.007479][ T6285] sctp: [Deprecated]: syz.3.66 (pid 6285) Use of int in max_burst socket option. [ 83.007479][ T6285] Use struct sctp_assoc_value instead [ 83.167863][ T6278] RDS/IB: syz2: added [ 83.174336][ T6278] smc: adding ib device syz2 with port count 1 [ 83.181785][ T6278] smc: ib device syz2 port 1 has pnetid [ 83.633069][ T6287] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.65'. [ 83.642813][ T6287] openvswitch: netlink: Flow actions attr not present in new flow. [ 83.672242][ T29] audit: type=1400 audit(1737147473.419:242): avc: denied { read write } for pid=6271 comm="syz.1.65" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 83.696449][ T29] audit: type=1400 audit(1737147473.419:243): avc: denied { open } for pid=6271 comm="syz.1.65" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 83.719599][ C1] vkms_vblank_simulate: vblank timer overrun [ 83.792146][ T29] audit: type=1400 audit(1737147473.549:244): avc: denied { create } for pid=6297 comm="syz.3.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 84.114008][ T6278] syz.1.65 (6278) used greatest stack depth: 21536 bytes left [ 84.212069][ T6300] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 84.281075][ T6300] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.68'. [ 84.290268][ T6300] openvswitch: netlink: Flow actions attr not present in new flow. [ 84.390145][ T29] audit: type=1400 audit(1737147474.139:245): avc: denied { listen } for pid=6294 comm="syz.4.71" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 84.446795][ T29] audit: type=1400 audit(1737147474.169:246): avc: denied { read } for pid=6297 comm="syz.3.70" name="usbmon6" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 84.470825][ T29] audit: type=1400 audit(1737147474.169:247): avc: denied { open } for pid=6297 comm="syz.3.70" path="/dev/usbmon6" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 84.494958][ T29] audit: type=1400 audit(1737147474.179:248): avc: denied { append } for pid=6297 comm="syz.3.70" name="dlm-monitor" dev="devtmpfs" ino=95 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 84.794020][ T6310] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 85.029248][ T6313] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 85.076219][ T6322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'. [ 85.492149][ T6336] sctp: [Deprecated]: syz.2.80 (pid 6336) Use of int in max_burst socket option. [ 85.492149][ T6336] Use struct sctp_assoc_value instead [ 86.129001][ T6330] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 86.634617][ T6352] Illegal XDP return value 7 on prog (id 26) dev N/A, expect packet loss! [ 86.660438][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 86.660456][ T29] audit: type=1400 audit(1737147476.419:253): avc: denied { create } for pid=6353 comm="syz.2.87" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 86.667694][ T969] usb 1-1: new low-speed USB device number 2 using dummy_hcd [ 86.720435][ T29] audit: type=1400 audit(1737147476.459:254): avc: denied { read write } for pid=6351 comm="syz.1.86" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 86.764540][ T29] audit: type=1400 audit(1737147476.459:255): avc: denied { open } for pid=6351 comm="syz.1.86" path="/dev/input/event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 86.824358][ T6358] sctp: [Deprecated]: syz.3.84 (pid 6358) Use of int in max_burst socket option. [ 86.824358][ T6358] Use struct sctp_assoc_value instead [ 86.875705][ T969] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 86.887288][ T969] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 86.928987][ T969] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 86.956893][ T969] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 86.990205][ T969] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84 [ 87.022518][ T969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 87.047408][ T969] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 87.083808][ T969] usb 1-1: string descriptor 0 read error: -22 [ 87.090249][ T969] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 87.107542][ T969] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.137407][ T5980] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 87.155260][ T969] usb 1-1: config 0 descriptor?? [ 87.168268][ T6349] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 87.194580][ T969] hub 1-1:0.0: bad descriptor, ignoring hub [ 87.200741][ T969] hub 1-1:0.0: probe with driver hub failed with error -5 [ 87.210908][ T969] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input7 [ 87.273843][ T29] audit: type=1400 audit(1737147477.029:256): avc: denied { create } for pid=6368 comm="syz.3.89" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 87.334479][ T29] audit: type=1400 audit(1737147477.079:257): avc: denied { read } for pid=5175 comm="acpid" name="mouse1" dev="devtmpfs" ino=2754 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 87.417416][ T29] audit: type=1400 audit(1737147477.079:258): avc: denied { open } for pid=5175 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2754 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 87.427753][ T5980] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 87.463182][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.503907][ T29] audit: type=1400 audit(1737147477.079:259): avc: denied { ioctl } for pid=5175 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2754 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 87.528779][ C1] vkms_vblank_simulate: vblank timer overrun [ 87.540081][ T5980] usb 2-1: config 0 descriptor?? [ 88.092491][ T6359] syz.1.86: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 88.108718][ T29] audit: type=1400 audit(1737147477.739:260): avc: denied { create } for pid=6351 comm="syz.1.86" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 88.142239][ T6359] CPU: 0 UID: 0 PID: 6359 Comm: syz.1.86 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 88.152807][ T6359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 88.162880][ T6359] Call Trace: [ 88.166164][ T6359] [ 88.169110][ T6359] dump_stack_lvl+0x16c/0x1f0 [ 88.173807][ T6359] warn_alloc+0x24d/0x3a0 [ 88.178153][ T6359] ? __pfx_warn_alloc+0x10/0x10 [ 88.183062][ T6359] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 88.188902][ T6359] ? kasan_save_stack+0x42/0x60 [ 88.193869][ T6359] ? kasan_save_stack+0x33/0x60 [ 88.198754][ T6359] ? kasan_save_track+0x14/0x30 [ 88.203645][ T6359] ? __kasan_kmalloc+0xaa/0xb0 [ 88.208433][ T6359] ? xskq_create+0x52/0x1d0 [ 88.212960][ T6359] ? do_sock_setsockopt+0x222/0x480 [ 88.218192][ T6359] ? __sys_setsockopt+0x1a0/0x230 [ 88.223242][ T6359] ? __x64_sys_setsockopt+0xbd/0x160 [ 88.228560][ T6359] __vmalloc_node_range_noprof+0x10df/0x1530 [ 88.234569][ T6359] ? xskq_create+0xfb/0x1d0 [ 88.239095][ T6359] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 88.245479][ T6359] ? xskq_create+0xfb/0x1d0 [ 88.250022][ T6359] vmalloc_user_noprof+0x6b/0x90 [ 88.255002][ T6359] ? xskq_create+0xfb/0x1d0 [ 88.258451][ T5822] Bluetooth: hci2: command tx timeout [ 88.259512][ T6359] xskq_create+0xfb/0x1d0 [ 88.269290][ T6359] xsk_setsockopt+0x757/0xa10 [ 88.273990][ T6359] ? __pfx_xsk_setsockopt+0x10/0x10 [ 88.279225][ T6359] ? selinux_socket_setsockopt+0x6a/0x80 [ 88.284890][ T6359] ? __pfx_xsk_setsockopt+0x10/0x10 [ 88.290111][ T6359] do_sock_setsockopt+0x222/0x480 [ 88.295164][ T6359] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 88.300734][ T6359] ? lock_acquire+0x2f/0xb0 [ 88.305274][ T6359] __sys_setsockopt+0x1a0/0x230 [ 88.310151][ T6359] __x64_sys_setsockopt+0xbd/0x160 [ 88.315275][ T6359] ? do_syscall_64+0x91/0x250 [ 88.319975][ T6359] ? lockdep_hardirqs_on+0x7c/0x110 [ 88.325193][ T6359] do_syscall_64+0xcd/0x250 [ 88.329720][ T6359] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.335635][ T6359] RIP: 0033:0x7f40db385d29 [ 88.340117][ T6359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.359762][ T6359] RSP: 002b:00007f40dc250038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 88.368188][ T6359] RAX: ffffffffffffffda RBX: 00007f40db576160 RCX: 00007f40db385d29 [ 88.376174][ T6359] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000d [ 88.384244][ T6359] RBP: 00007f40db401b08 R08: 0000000000000020 R09: 0000000000000000 [ 88.392319][ T6359] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 88.400301][ T6359] R13: 0000000000000000 R14: 00007f40db576160 R15: 00007ffcfd8d3aa8 [ 88.408320][ T6359] [ 88.434751][ T6359] Mem-Info: [ 88.443132][ T6359] active_anon:13791 inactive_anon:0 isolated_anon:0 [ 88.443132][ T6359] active_file:11835 inactive_file:38506 isolated_file:0 [ 88.443132][ T6359] unevictable:768 dirty:641 writeback:0 [ 88.443132][ T6359] slab_reclaimable:11070 slab_unreclaimable:101161 [ 88.443132][ T6359] mapped:38519 shmem:9240 pagetables:860 [ 88.443132][ T6359] sec_pagetables:0 bounce:0 [ 88.443132][ T6359] kernel_misc_reclaimable:0 [ 88.443132][ T6359] free:1319681 free_pcp:1152 free_cma:0 [ 88.563951][ T6359] Node 0 active_anon:58364kB inactive_anon:0kB active_file:47340kB inactive_file:153944kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:161076kB dirty:2564kB writeback:0kB shmem:38524kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:12224kB pagetables:3440kB sec_pagetables:0kB all_unreclaimable? no [ 88.567273][ T29] audit: type=1400 audit(1737147478.319:261): avc: denied { write } for pid=6348 comm="syz.0.85" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.596806][ C1] vkms_vblank_simulate: vblank timer overrun [ 88.659189][ T5980] ath6kl: Failed to submit usb control message: -110 [ 88.666044][ T5980] ath6kl: unable to send the bmi data to the device: -110 [ 88.673309][ T5980] ath6kl: Unable to send get target info: -110 [ 88.714531][ T6359] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 88.776180][ T9] usb 1-1: USB disconnect, device number 2 [ 88.782113][ C0] usb_acecad 1-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -19 [ 88.810974][ T6359] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 88.855858][ T6359] lowmem_reserve[]: 0 2459 2459 0 0 [ 88.864114][ T6359] Node 0 DMA32 free:1365680kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:46864kB inactive_anon:0kB active_file:47340kB inactive_file:153844kB unevictable:1536kB writepending:2564kB present:3129332kB managed:2547148kB mlocked:0kB bounce:0kB free_pcp:5404kB local_pcp:5032kB free_cma:0kB [ 88.901271][ T6359] lowmem_reserve[]: 0 0 0 0 0 [ 88.906117][ T6359] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:100kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 88.937889][ T6359] lowmem_reserve[]: 0 0 0 0 0 [ 88.942684][ T6359] Node 1 Normal free:3904732kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 88.984274][ T6359] lowmem_reserve[]: 0 0 0 0 0 [ 88.990292][ T6359] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 89.006712][ T6359] Node 0 DMA32: 12*4kB (UM) 10*8kB (UME) 378*16kB (ME) 42*32kB (UME) 207*64kB (ME) 84*128kB (M) 56*256kB (UME) 21*512kB (M) 6*1024kB (UM) 6*2048kB (M) 315*4096kB (UME) = 1365280kB [ 89.029360][ T6359] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 89.043264][ T6359] Node 1 Normal: 205*4kB (UE) 55*8kB (UME) 45*16kB (UME) 229*32kB (UME) 96*64kB (UME) 35*128kB (UME) 15*256kB (UME) 12*512kB (UME) 4*1024kB (UME) 2*2048kB (U) 944*4096kB (M) = 3904732kB [ 89.066440][ T6359] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.088487][ T6359] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.102493][ T6359] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.112597][ T6359] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.126563][ T6359] 57539 total pagecache pages [ 89.131807][ T6359] 0 pages in swap cache [ 89.136101][ T6359] Free swap = 124728kB [ 89.155027][ T6359] Total swap = 124996kB [ 89.159905][ T6359] 2097051 pages RAM [ 89.163769][ T6359] 0 pages HighMem/MovableOnly [ 89.175013][ T6359] 428606 pages reserved [ 89.179482][ T6359] 0 pages cma reserved [ 89.447829][ T5980] ath6kl: Failed to init ath6kl core: -110 [ 89.454834][ T5980] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -110 [ 89.903670][ T29] audit: type=1400 audit(1737147479.279:262): avc: denied { create } for pid=6387 comm="syz.2.93" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 90.275570][ T5980] usb 2-1: USB disconnect, device number 5 [ 90.558177][ T6398] libceph: resolve '. [ 90.558177][ T6398] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 90.558177][ T6398] ' (ret=-3): failed [ 91.025988][ T6409] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 91.154149][ T6414] netlink: 36 bytes leftover after parsing attributes in process `syz.4.96'. [ 92.096597][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 92.096616][ T29] audit: type=1400 audit(1737147481.849:264): avc: denied { write } for pid=6439 comm="syz.0.106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 92.385973][ T6444] pim6reg: entered allmulticast mode [ 92.436499][ T6444] pim6reg: left allmulticast mode [ 92.947317][ T25] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 93.849060][ T6458] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 94.159604][ T25] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 94.187556][ T29] audit: type=1800 audit(1737147483.739:265): pid=6461 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.111" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 94.385534][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.400954][ T25] usb 4-1: config 0 descriptor?? [ 94.411489][ T25] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 94.655316][ T25] gp8psk: usb in 128 operation failed. [ 94.666249][ T25] gp8psk: usb in 137 operation failed. [ 94.671949][ T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 94.682316][ T25] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 94.691509][ T25] usb 4-1: media controller created [ 94.711169][ T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 94.743799][ T25] gp8psk_fe: Frontend attached [ 94.749296][ T25] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 94.760938][ T25] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 94.867128][ T6474] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 95.147780][ T29] audit: type=1400 audit(1737147484.619:266): avc: denied { read } for pid=6467 comm="syz.4.115" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 95.206732][ T29] audit: type=1400 audit(1737147484.619:267): avc: denied { open } for pid=6467 comm="syz.4.115" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 95.230191][ C0] vkms_vblank_simulate: vblank timer overrun [ 95.259997][ T29] audit: type=1400 audit(1737147484.639:268): avc: denied { ioctl } for pid=6467 comm="syz.4.115" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 95.363358][ T29] audit: type=1400 audit(1737147484.769:269): avc: denied { write } for pid=6437 comm="syz.3.105" path="socket:[9103]" dev="sockfs" ino=9103 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 95.429186][ T29] audit: type=1400 audit(1737147484.919:270): avc: denied { unlink } for pid=6473 comm="syz.0.114" name="#1" dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 95.451889][ T29] audit: type=1400 audit(1737147484.949:271): avc: denied { mount } for pid=6473 comm="syz.0.114" name="/" dev="overlay" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 95.651883][ T6484] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 95.738150][ T29] audit: type=1400 audit(1737147485.489:272): avc: denied { connect } for pid=6483 comm="syz.4.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 96.047872][ T29] audit: type=1400 audit(1737147485.809:273): avc: denied { listen } for pid=6483 comm="syz.4.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 96.836398][ T25] gp8psk: usb in 137 operation failed. [ 96.847271][ T25] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 96.857032][ T25] gp8psk: found Genpix USB device pID = 203 (hex) [ 96.904854][ T25] usb 4-1: USB disconnect, device number 3 [ 96.910869][ T5980] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 97.667008][ T25] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 97.897077][ T6496] fuse: root generation should be zero [ 97.907478][ T5980] usb 5-1: Using ep0 maxpacket: 8 [ 97.914638][ T5980] usb 5-1: config 0 has no interfaces? [ 97.924301][ T5980] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 97.946533][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.958607][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 97.958627][ T29] audit: type=1400 audit(1737147487.699:275): avc: denied { bind } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 98.054821][ T5980] usb 5-1: config 0 descriptor?? [ 98.069800][ T29] audit: type=1400 audit(1737147487.699:276): avc: denied { listen } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 98.091402][ T29] audit: type=1400 audit(1737147487.699:277): avc: denied { setopt } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 98.115162][ T29] audit: type=1400 audit(1737147487.699:278): avc: denied { connect } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 98.119912][ T6508] veth0_to_team: entered promiscuous mode [ 98.140560][ T6508] veth0_to_team: entered allmulticast mode [ 98.143211][ T29] audit: type=1400 audit(1737147487.699:279): avc: denied { getopt } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 98.225768][ T29] audit: type=1400 audit(1737147487.759:280): avc: denied { accept } for pid=6502 comm="syz.0.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 98.279746][ T29] audit: type=1400 audit(1737147487.879:281): avc: denied { rename } for pid=5172 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 98.311955][ T29] audit: type=1400 audit(1737147487.879:282): avc: denied { unlink } for pid=5172 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 98.334328][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.342794][ T5980] hid-generic 97F0:0007:0005.0002: collection stack underflow [ 98.348803][ T29] audit: type=1400 audit(1737147487.879:283): avc: denied { create } for pid=5172 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 98.366469][ T5980] hid-generic 97F0:0007:0005.0002: item 0 1 0 12 parsing failed [ 98.403479][ T5980] hid-generic 97F0:0007:0005.0002: probe with driver hid-generic failed with error -22 [ 98.441234][ T29] audit: type=1400 audit(1737147488.119:284): avc: denied { write } for pid=6483 comm="syz.4.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 98.463671][ T5866] usb 5-1: USB disconnect, device number 4 [ 98.626618][ T6519] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 99.255279][ T6542] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 99.976674][ T5980] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 100.285990][ T6565] sctp: [Deprecated]: syz.0.138 (pid 6565) Use of int in max_burst socket option. [ 100.285990][ T6565] Use struct sctp_assoc_value instead [ 100.943682][ T5980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.968656][ T5980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.994736][ T6568] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 101.026745][ T5980] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 101.047515][ T6568] CIFS: Unable to determine destination address [ 101.066568][ T5980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.229395][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 101.239697][ T5980] usb 2-1: config 0 descriptor?? [ 101.288117][ T6568] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 101.367414][ T25] usb 3-1: device descriptor read/64, error -71 [ 101.431337][ T6575] netlink: 36 bytes leftover after parsing attributes in process `syz.0.141'. [ 101.850201][ T6576] sp0: Synchronizing with TNC [ 101.953798][ T25] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 102.085790][ T6584] netlink: 188 bytes leftover after parsing attributes in process `syz.0.142'. [ 102.097385][ T6584] netlink: 'syz.0.142': attribute type 1 has an invalid length. [ 102.177454][ T25] usb 3-1: device descriptor read/64, error -71 [ 102.409759][ T25] usb usb3-port1: attempt power cycle [ 102.477337][ T51] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 102.798014][ T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 102.828046][ T51] usb 1-1: Using ep0 maxpacket: 32 [ 102.989095][ T25] usb 3-1: device descriptor read/8, error -71 [ 103.034815][ T51] usb 1-1: config 0 has an invalid interface number: 16 but max is 0 [ 103.044141][ T51] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 103.056564][ T51] usb 1-1: config 0 has no interface number 0 [ 103.063232][ T51] usb 1-1: config 0 interface 16 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 103.074888][ T51] usb 1-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 103.090811][ T51] usb 1-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 103.184720][ T51] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.192950][ T51] usb 1-1: Product: syz [ 103.200634][ T51] usb 1-1: Manufacturer: syz [ 103.205456][ T51] usb 1-1: SerialNumber: syz [ 103.212938][ T51] usb 1-1: config 0 descriptor?? [ 103.224171][ T51] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 103.617409][ T6597] sctp: [Deprecated]: syz.2.146 (pid 6597) Use of int in max_burst socket option. [ 103.617409][ T6597] Use struct sctp_assoc_value instead [ 104.320899][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 104.320919][ T29] audit: type=1400 audit(1737147494.079:297): avc: denied { read } for pid=6583 comm="syz.0.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 104.351805][ T51] snd-usb-audio 1-1:0.16: probe with driver snd-usb-audio failed with error -2 [ 104.413698][ T6302] udevd[6302]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 104.516130][ T5980] hid-led 0003:1D34:000A.0003: probe with driver hid-led failed with error -71 [ 104.545854][ T5980] usb 2-1: USB disconnect, device number 6 [ 104.696970][ T6603] netlink: 36 bytes leftover after parsing attributes in process `syz.2.147'. [ 104.777668][ T6610] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 105.186658][ T6616] FAULT_INJECTION: forcing a failure. [ 105.186658][ T6616] name failslab, interval 1, probability 0, space 0, times 0 [ 105.201188][ T6615] IPVS: set_ctl: invalid protocol: 51 10.1.1.1:20001 [ 105.217717][ T6616] CPU: 0 UID: 0 PID: 6616 Comm: syz.1.149 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 105.228351][ T6616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 105.238389][ T6616] Call Trace: [ 105.241652][ T6616] [ 105.244574][ T6616] dump_stack_lvl+0x16c/0x1f0 [ 105.249243][ T6616] should_fail_ex+0x497/0x5b0 [ 105.253910][ T6616] ? fs_reclaim_acquire+0xae/0x150 [ 105.259003][ T6616] should_failslab+0xc2/0x120 [ 105.263694][ T6616] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 105.270028][ T6616] ? kstrdup_const+0x63/0x80 [ 105.274622][ T6616] kstrdup+0x53/0x100 [ 105.278584][ T6616] kstrdup_const+0x63/0x80 [ 105.282981][ T6616] alloc_vfsmnt+0xfe/0x710 [ 105.287394][ T6616] clone_mnt+0x6d/0xf90 [ 105.291561][ T6616] ? trace_lock_acquire+0x14e/0x1f0 [ 105.296774][ T6616] copy_tree+0xeb/0x9c0 [ 105.300923][ T6616] ? down_write+0x14e/0x200 [ 105.305421][ T6616] __do_loopback+0x2f3/0x3f0 [ 105.310005][ T6616] open_detached_copy+0xd6/0x500 [ 105.314943][ T6616] __x64_sys_open_tree+0x3a6/0x440 [ 105.320054][ T6616] ? __pfx___x64_sys_open_tree+0x10/0x10 [ 105.325675][ T6616] ? __might_fault+0xe3/0x190 [ 105.330351][ T6616] ? rcu_is_watching+0x12/0xc0 [ 105.335112][ T6616] do_syscall_64+0xcd/0x250 [ 105.339628][ T6616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.345519][ T6616] RIP: 0033:0x7f40db385d29 [ 105.349922][ T6616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.369733][ T6616] RSP: 002b:00007f40dc292038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 105.378154][ T6616] RAX: ffffffffffffffda RBX: 00007f40db575fa0 RCX: 00007f40db385d29 [ 105.386119][ T6616] RDX: 0000000000089901 RSI: 0000000020000640 RDI: ffffffffffffff9c [ 105.394082][ T6616] RBP: 00007f40dc292090 R08: 0000000000000000 R09: 0000000000000000 [ 105.402044][ T6616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.410022][ T6616] R13: 0000000000000000 R14: 00007f40db575fa0 R15: 00007ffcfd8d3aa8 [ 105.418023][ T6616] [ 105.897478][ T6626] netlink: 36 bytes leftover after parsing attributes in process `syz.1.152'. [ 106.383104][ T6625] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 106.420703][ T1911] usb 1-1: USB disconnect, device number 3 [ 106.584026][ T29] audit: type=1400 audit(1737147496.339:298): avc: denied { watch } for pid=6636 comm="syz.2.153" path="/proc/124/task" dev="proc" ino=9958 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 106.819012][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 107.472369][ T6661] sctp: [Deprecated]: syz.1.157 (pid 6661) Use of int in max_burst socket option. [ 107.472369][ T6661] Use struct sctp_assoc_value instead [ 109.108117][ T6667] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 109.121619][ T9] usb 5-1: unable to read config index 0 descriptor/all [ 109.123629][ T6667] fuse: Unknown parameter 'fda [ 109.123629][ T6667] ' [ 109.139025][ T9] usb 5-1: can't read configurations, error -71 [ 109.203852][ T29] audit: type=1400 audit(1737147498.959:299): avc: denied { unmount } for pid=5813 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 109.313711][ T29] audit: type=1400 audit(1737147499.069:300): avc: denied { name_bind } for pid=6669 comm="syz.1.163" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 109.841160][ T6680] netlink: 36 bytes leftover after parsing attributes in process `syz.2.164'. [ 109.991648][ T29] audit: type=1400 audit(1737147499.749:301): avc: denied { read } for pid=6689 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.053077][ T29] audit: type=1400 audit(1737147499.779:302): avc: denied { open } for pid=6689 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.189094][ T29] audit: type=1400 audit(1737147499.779:303): avc: denied { getattr } for pid=6689 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.399972][ T29] audit: type=1400 audit(1737147500.029:304): avc: denied { read write } for pid=6687 comm="syz.1.166" name="virtual_nci" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 110.886432][ T6698] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_tx_wq": -EINTR [ 110.902132][ T6700] netlink: 36 bytes leftover after parsing attributes in process `syz.1.166'. [ 110.965265][ T29] audit: type=1400 audit(1737147500.029:305): avc: denied { open } for pid=6687 comm="syz.1.166" path="/dev/virtual_nci" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 111.174252][ T6711] syz.4.170 uses obsolete (PF_INET,SOCK_PACKET) [ 111.321352][ T29] audit: type=1400 audit(1737147501.079:306): avc: denied { ioctl } for pid=6710 comm="syz.1.169" path="/dev/iommu" dev="devtmpfs" ino=624 ioctlcmd=0x3b81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 111.380076][ T6721] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.388183][ T6712] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 111.394311][ T6721] netlink: 'syz.4.170': attribute type 9 has an invalid length. [ 111.834126][ T29] audit: type=1400 audit(1737147501.459:307): avc: denied { write } for pid=6682 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 111.857458][ T29] audit: type=1400 audit(1737147501.459:308): avc: denied { add_name } for pid=6682 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 111.880181][ T29] audit: type=1400 audit(1737147501.459:309): avc: denied { create } for pid=6682 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 111.921580][ T29] audit: type=1400 audit(1737147501.459:310): avc: denied { write } for pid=6682 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.sl0.link" dev="tmpfs" ino=2515 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 111.957977][ T5867] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 112.185841][ T5867] usb 3-1: Using ep0 maxpacket: 8 [ 112.263110][ T5867] usb 3-1: config 0 has no interfaces? [ 112.274447][ T5867] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 112.297377][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.321690][ T5867] usb 3-1: config 0 descriptor?? [ 112.565172][ T6745] sctp: [Deprecated]: syz.1.174 (pid 6745) Use of int in max_burst socket option. [ 112.565172][ T6745] Use struct sctp_assoc_value instead [ 113.116559][ T5867] usb 3-1: USB disconnect, device number 7 [ 113.318215][ T5866] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 113.467409][ T5866] usb 5-1: device descriptor read/64, error -71 [ 113.867739][ T5866] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 114.004074][ T6771] netlink: 36 bytes leftover after parsing attributes in process `syz.2.180'. [ 114.044945][ T5866] usb 5-1: device descriptor read/64, error -71 [ 114.220287][ T5866] usb usb5-port1: attempt power cycle [ 114.857678][ T5866] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 115.125951][ T5866] usb 5-1: device descriptor read/8, error -71 [ 115.161339][ T6784] cgroup: fork rejected by pids controller in /syz0 [ 115.194712][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 115.194729][ T29] audit: type=1400 audit(1737147504.949:323): avc: denied { connect } for pid=6781 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 115.221832][ T29] audit: type=1400 audit(1737147504.949:324): avc: denied { bind } for pid=6781 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 115.241228][ T29] audit: type=1400 audit(1737147504.979:325): avc: denied { write } for pid=6781 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 115.419480][ T5866] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 115.450659][ T5866] usb 5-1: device descriptor read/8, error -71 [ 115.555538][ T6893] netlink: 284 bytes leftover after parsing attributes in process `syz.3.184'. [ 116.469269][ T5866] usb usb5-port1: unable to enumerate USB device [ 116.539271][ T29] audit: type=1400 audit(1737147506.299:326): avc: denied { map } for pid=6816 comm="syz.3.184" path="socket:[10680]" dev="sockfs" ino=10680 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 116.567441][ T29] audit: type=1400 audit(1737147506.299:327): avc: denied { read } for pid=6816 comm="syz.3.184" path="socket:[10680]" dev="sockfs" ino=10680 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 117.167929][ T6914] netlink: 16 bytes leftover after parsing attributes in process `syz.2.191'. [ 117.191775][ T3673] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.340159][ T3673] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.528431][ T3673] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.752592][ T3673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.321322][ T5129] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 118.358265][ T5129] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 118.366552][ T5129] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 118.385334][ T5129] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 118.394658][ T5129] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 118.403967][ T5129] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 118.427272][ T29] audit: type=1400 audit(1737147508.179:328): avc: denied { mounton } for pid=6927 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 118.517450][ T5866] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 118.707597][ T5866] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 118.716305][ T5866] usb 4-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 118.828591][ T3673] bridge_slave_1: left allmulticast mode [ 118.834640][ T3673] bridge_slave_1: left promiscuous mode [ 118.935586][ T3673] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.940582][ T5866] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 119.052544][ T5866] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 103, changing to 10 [ 119.069957][ T6982] netlink: 40 bytes leftover after parsing attributes in process `syz.1.197'. [ 119.119115][ T3673] bridge_slave_0: left allmulticast mode [ 119.124839][ T3673] bridge_slave_0: left promiscuous mode [ 119.127864][ T5866] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24947, setting to 1024 [ 119.134013][ T3673] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.154015][ T5866] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 119.170036][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 119.182554][ T5866] usb 4-1: Product: syz [ 119.200049][ T5866] usb 4-1: Manufacturer: syz [ 119.215918][ T5866] cdc_wdm 4-1:1.0: skipping garbage [ 119.221806][ T5866] cdc_wdm 4-1:1.0: skipping garbage [ 119.231303][ T5866] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 119.240474][ T5866] cdc_wdm 4-1:1.0: Unknown control protocol [ 119.497746][ T969] usb 4-1: USB disconnect, device number 4 [ 119.498180][ C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71 [ 119.510241][ C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes [ 119.516341][ C0] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 119.518678][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.2.198'. [ 119.622686][ T6994] netlink: 12 bytes leftover after parsing attributes in process `syz.2.198'. [ 120.113472][ T5866] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 120.186811][ T3673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 120.202415][ T3673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 120.212210][ T3673] bond0 (unregistering): Released all slaves [ 120.298735][ T5866] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 120.387349][ T5866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.395379][ T5866] usb 5-1: Product: syz [ 120.470824][ T5866] usb 5-1: Manufacturer: syz [ 120.475567][ T5866] usb 5-1: SerialNumber: syz [ 120.527376][ T5129] Bluetooth: hci2: command tx timeout [ 120.533681][ T5866] usb 5-1: config 0 descriptor?? [ 120.620498][ T6927] chnl_net:caif_netlink_parms(): no params data found [ 120.688706][ T51] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 120.787963][ T25] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 120.804852][ T6927] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.828605][ T6927] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.838545][ T6927] bridge_slave_0: entered allmulticast mode [ 120.845648][ T6927] bridge_slave_0: entered promiscuous mode [ 120.849052][ T51] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 120.868171][ T6927] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.880193][ T51] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 120.890162][ T6927] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.892657][ T51] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 120.899856][ T6927] bridge_slave_1: entered allmulticast mode [ 120.937158][ T51] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 120.953320][ T5866] usb 5-1: Firmware: major: 0, minor: 11, hardware type: UNKNOWN (7) [ 120.961712][ T51] usb 3-1: SerialNumber: syz [ 120.969628][ T6927] bridge_slave_1: entered promiscuous mode [ 120.975381][ T51] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 120.997916][ T25] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 121.006986][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.020944][ T51] usb-storage 3-1:1.0: USB Mass Storage device detected [ 121.028302][ T25] usb 2-1: Product: syz [ 121.032508][ T25] usb 2-1: Manufacturer: syz [ 121.037138][ T25] usb 2-1: SerialNumber: syz [ 121.052476][ T25] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 121.099280][ T51] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 121.113273][ T51] scsi host1: usb-storage 3-1:1.0 [ 121.151125][ T5980] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 121.163596][ T5866] usb 5-1: no permanent extended address found, random address set [ 121.183165][ T5866] usb 5-1: atusb_probe: initialization failed, error = -524 [ 121.184491][ T6927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.198072][ T5866] atusb 5-1:0.0: probe with driver atusb failed with error -524 [ 121.238966][ T3673] hsr_slave_0: left promiscuous mode [ 121.245705][ T3673] hsr_slave_1: left promiscuous mode [ 121.263086][ T3673] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 121.274864][ T3673] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 121.291982][ T3673] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.303480][ T3673] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.341349][ T3673] veth1_macvtap: left promiscuous mode [ 121.399202][ T51] usb 5-1: USB disconnect, device number 11 [ 121.403385][ T3673] veth0_macvtap: left promiscuous mode [ 121.411480][ T3673] veth1_vlan: left promiscuous mode [ 121.417389][ T3673] veth0_vlan: left promiscuous mode [ 121.755276][ T5866] usb 3-1: USB disconnect, device number 8 [ 121.812740][ T7044] netlink: 36 bytes leftover after parsing attributes in process `syz.3.204'. [ 122.190208][ T5980] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 122.217590][ T5980] ath9k_htc: Failed to initialize the device [ 122.260794][ T5980] usb 2-1: ath9k_htc: USB layer deinitialized [ 122.562683][ T7051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.205'. [ 122.577597][ T7053] netlink: 40 bytes leftover after parsing attributes in process `syz.4.206'. [ 122.581437][ T5129] Bluetooth: hci2: command tx timeout [ 123.395005][ T3673] team0 (unregistering): Port device team_slave_1 removed [ 123.443693][ T29] audit: type=1400 audit(1737147513.199:329): avc: denied { search } for pid=5172 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 123.529835][ T3673] team0 (unregistering): Port device team_slave_0 removed [ 123.905328][ T6927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.012619][ T7050] netlink: 16 bytes leftover after parsing attributes in process `syz.2.205'. [ 124.033321][ T51] usb 2-1: USB disconnect, device number 7 [ 124.072793][ T6927] team0: Port device team_slave_0 added [ 124.100065][ T6927] team0: Port device team_slave_1 added [ 124.104011][ T7068] FAULT_INJECTION: forcing a failure. [ 124.104011][ T7068] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 124.119122][ T7068] CPU: 0 UID: 0 PID: 7068 Comm: syz.1.208 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 124.129739][ T7068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 124.139822][ T7068] Call Trace: [ 124.143132][ T7068] [ 124.146065][ T7068] dump_stack_lvl+0x16c/0x1f0 [ 124.150788][ T7068] should_fail_ex+0x497/0x5b0 [ 124.155500][ T7068] _copy_from_user+0x2e/0xd0 [ 124.160129][ T7068] copy_msghdr_from_user+0x99/0x160 [ 124.165375][ T7068] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 124.171222][ T7068] ___sys_sendmsg+0xff/0x1e0 [ 124.175841][ T7068] ? __pfx____sys_sendmsg+0x10/0x10 [ 124.181074][ T7068] ? __pfx_lock_release+0x10/0x10 [ 124.186124][ T7068] ? trace_lock_acquire+0x14e/0x1f0 [ 124.191356][ T7068] ? __fget_files+0x206/0x3a0 [ 124.196061][ T7068] __sys_sendmsg+0x16e/0x220 [ 124.200673][ T7068] ? __pfx___sys_sendmsg+0x10/0x10 [ 124.205902][ T7068] do_syscall_64+0xcd/0x250 [ 124.210427][ T7068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.216363][ T7068] RIP: 0033:0x7f40db385d29 [ 124.220807][ T7068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.240443][ T7068] RSP: 002b:00007f40dc292038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 124.248888][ T7068] RAX: ffffffffffffffda RBX: 00007f40db575fa0 RCX: 00007f40db385d29 [ 124.256861][ T7068] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003 [ 124.264820][ T7068] RBP: 00007f40dc292090 R08: 0000000000000000 R09: 0000000000000000 [ 124.272784][ T7068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.280754][ T7068] R13: 0000000000000000 R14: 00007f40db575fa0 R15: 00007ffcfd8d3aa8 [ 124.288742][ T7068] [ 124.569284][ T7072] netlink: 36 bytes leftover after parsing attributes in process `syz.3.207'. [ 124.657324][ T5129] Bluetooth: hci2: command tx timeout [ 124.915551][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.994392][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.026990][ T6927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 125.039839][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 125.046816][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.073018][ T6927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.072188][ T7115] No such timeout policy "syz0" [ 127.077699][ T5129] Bluetooth: hci2: command tx timeout [ 127.314335][ T7118] netlink: 16 bytes leftover after parsing attributes in process `syz.3.214'. [ 127.421876][ T6927] hsr_slave_0: entered promiscuous mode [ 127.633631][ T6927] hsr_slave_1: entered promiscuous mode [ 127.702653][ T6927] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.727977][ T7128] random: crng reseeded on system resumption [ 127.737112][ T29] audit: type=1400 audit(1737147517.489:330): avc: denied { write } for pid=7127 comm="syz.2.217" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 127.782442][ T29] audit: type=1400 audit(1737147517.489:331): avc: denied { open } for pid=7127 comm="syz.2.217" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 127.786291][ T6927] Cannot create hsr debugfs directory [ 127.821471][ T29] audit: type=1400 audit(1737147517.539:332): avc: denied { write } for pid=7129 comm="syz.3.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 128.002782][ T7138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.221'. [ 128.026142][ T29] audit: type=1400 audit(1737147517.779:333): avc: denied { mount } for pid=7137 comm="syz.1.221" name="/" dev="rpc_pipefs" ino=12307 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 128.200680][ T29] audit: type=1400 audit(1737147517.879:334): avc: denied { map } for pid=7132 comm="syz.3.219" path="/dev/video4" dev="devtmpfs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 128.882918][ T7141] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 128.898745][ T29] audit: type=1400 audit(1737147517.919:335): avc: denied { open } for pid=7132 comm="syz.3.219" path="/dev/ptyqb" dev="devtmpfs" ino=130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 128.978224][ T29] audit: type=1400 audit(1737147517.929:336): avc: denied { ioctl } for pid=7132 comm="syz.3.219" path="/dev/ptyqb" dev="devtmpfs" ino=130 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 129.014702][ T29] audit: type=1400 audit(1737147518.699:337): avc: denied { watch } for pid=7137 comm="syz.1.221" path="/41/file0" dev="rpc_pipefs" ino=12307 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1 [ 129.042453][ T29] audit: type=1400 audit(1737147518.699:338): avc: denied { unmount } for pid=7137 comm="syz.1.221" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 129.381791][ T29] audit: type=1400 audit(1737147519.139:339): avc: denied { watch watch_reads } for pid=7153 comm="syz.2.223" path="/53" dev="tmpfs" ino=285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 130.329817][ T29] audit: type=1400 audit(1737147519.479:340): avc: denied { ioctl } for pid=7164 comm="syz.1.226" path="/dev/sg0" dev="devtmpfs" ino=744 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 130.385815][ T29] audit: type=1400 audit(1737147519.979:341): avc: denied { setopt } for pid=7169 comm="syz.2.227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 131.533899][ T29] audit: type=1400 audit(1737147521.259:342): avc: denied { execute } for pid=7187 comm="syz.1.231" name="file1" dev="tmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 131.556211][ T29] audit: type=1400 audit(1737147521.259:343): avc: denied { execute_no_trans } for pid=7187 comm="syz.1.231" path="/43/file1" dev="tmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 133.598457][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.604808][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.770380][ T29] audit: type=1400 audit(1737147522.719:344): avc: denied { create } for pid=7198 comm="syz.4.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 134.225531][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 134.225550][ T29] audit: type=1400 audit(1737147523.879:346): avc: denied { getopt } for pid=7207 comm="syz.1.235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 134.333176][ T29] audit: type=1400 audit(1737147523.949:347): avc: denied { write } for pid=7207 comm="syz.1.235" path="socket:[12376]" dev="sockfs" ino=12376 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 134.436498][ T29] audit: type=1400 audit(1737147524.079:348): avc: denied { map } for pid=7217 comm="syz.2.237" path="socket:[12378]" dev="sockfs" ino=12378 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 134.979796][ T7214] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 134.991678][ T7214] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 135.021042][ T7214] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 135.121670][ T6927] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 135.146370][ T7214] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 135.289056][ T6927] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 135.302124][ T7214] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 135.309515][ T7214] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 136.154330][ T7237] netlink: 92 bytes leftover after parsing attributes in process `syz.3.241'. [ 136.245647][ T6927] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 136.263691][ T6927] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 136.500850][ T7244] binder: 7243:7244 ioctl 4018620d 0 returned -22 [ 136.894911][ T7250] binder: 7243:7250 ioctl 4018620d 0 returned -22 [ 137.354543][ T7214] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 137.383068][ T7214] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 137.403423][ T7261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.246'. [ 138.235305][ T7271] netlink: 36 bytes leftover after parsing attributes in process `syz.3.247'. [ 138.993508][ T29] audit: type=1400 audit(1737147528.709:349): avc: denied { write } for pid=7281 comm="syz.4.250" name="ipv6_route" dev="proc" ino=4026532973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 139.292801][ T6927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.452154][ T6927] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.465887][ T29] audit: type=1400 audit(1737147529.199:350): avc: denied { shutdown } for pid=7290 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 139.501546][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.508731][ T5949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.552568][ T29] audit: type=1400 audit(1737147529.199:351): avc: denied { name_connect } for pid=7290 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 139.662963][ T29] audit: type=1400 audit(1737147529.379:352): avc: denied { connect } for pid=7293 comm="syz.1.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 139.892323][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.899511][ T5949] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.137825][ T29] audit: type=1400 audit(1737147529.899:353): avc: denied { bind } for pid=7297 comm="syz.4.255" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 140.192126][ T29] audit: type=1400 audit(1737147529.899:354): avc: denied { node_bind } for pid=7297 comm="syz.4.255" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 141.292817][ T7317] Bluetooth: hci1: Opcode 0x080f failed: -4 [ 141.952850][ T6927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.987331][ T29] audit: type=1400 audit(1737147531.729:355): avc: denied { listen } for pid=7326 comm="syz.4.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 142.025890][ T6927] veth0_vlan: entered promiscuous mode [ 142.046850][ T29] audit: type=1400 audit(1737147531.729:356): avc: denied { accept } for pid=7326 comm="syz.4.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 142.094054][ T6927] veth1_vlan: entered promiscuous mode [ 142.151178][ T29] audit: type=1326 audit(1737147531.909:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7326 comm="syz.4.260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5c5985d29 code=0x0 [ 142.194592][ T6927] veth0_macvtap: entered promiscuous mode [ 142.203219][ T6927] veth1_macvtap: entered promiscuous mode [ 142.219103][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.229740][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.239672][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.250173][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.260130][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.270620][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.280602][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.291244][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.305325][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.315658][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.326245][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.336108][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.346595][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.356463][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.366928][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.376794][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.387298][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.397997][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.411073][ T6927] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.420029][ T6927] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.429361][ T6927] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.438170][ T6927] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.773155][ T5956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.781208][ T5956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.794430][ T7338] kvm: emulating exchange as write [ 143.045873][ T29] audit: type=1400 audit(1737147532.659:358): avc: denied { connect } for pid=7341 comm="syz.2.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 143.423598][ T5956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.494237][ T5956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.578582][ T5129] Bluetooth: hci1: command tx timeout [ 143.685362][ T29] audit: type=1400 audit(1737147533.429:359): avc: denied { mount } for pid=6927 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 144.215609][ T7373] netlink: 36 bytes leftover after parsing attributes in process `syz.0.193'. [ 144.700309][ T7372] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 144.917490][ T7363] evm: overlay not supported [ 145.934110][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 145.934130][ T29] audit: type=1400 audit(1737147534.659:364): avc: denied { setattr } for pid=7359 comm="syz.4.264" name="file0" dev="overlay" ino=283 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 146.060132][ T29] audit: type=1400 audit(1737147535.809:365): avc: denied { rename } for pid=7359 comm="syz.4.264" name="#7" dev="tmpfs" ino=284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 146.741941][ T7380] syzkaller0: tun_chr_ioctl cmd 1074812117 [ 146.850096][ T7407] netlink: 16 bytes leftover after parsing attributes in process `syz.0.271'. [ 147.586249][ T7304] Set syz1 is full, maxelem 65536 reached [ 147.653207][ T29] audit: type=1400 audit(1737147537.399:366): avc: denied { read write } for pid=7421 comm="syz.3.276" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 147.754095][ T29] audit: type=1400 audit(1737147537.399:367): avc: denied { open } for pid=7421 comm="syz.3.276" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 148.119801][ T29] audit: type=1326 audit(1737147537.709:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.427545][ T29] audit: type=1326 audit(1737147537.719:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.516539][ T29] audit: type=1326 audit(1737147537.719:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.610571][ T969] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 148.639736][ T29] audit: type=1326 audit(1737147537.719:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.663308][ T29] audit: type=1326 audit(1737147537.719:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.688145][ T29] audit: type=1326 audit(1737147537.719:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6b60585d29 code=0x7ffc0000 [ 148.842559][ T7450] random: crng reseeded on system resumption [ 149.189835][ T7457] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 149.199239][ T7457] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 149.245601][ T969] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 149.394107][ T969] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 149.587494][ T969] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.028423][ T969] usb 1-1: config 0 descriptor?? [ 150.066709][ T969] pwc: Askey VC010 type 2 USB webcam detected. [ 150.788333][ T969] pwc: recv_control_msg error -32 req 02 val 2b00 [ 150.795613][ T969] pwc: recv_control_msg error -32 req 02 val 2700 [ 150.802736][ T969] pwc: recv_control_msg error -32 req 02 val 2c00 [ 150.809760][ T969] pwc: recv_control_msg error -32 req 04 val 1000 [ 150.816901][ T969] pwc: recv_control_msg error -32 req 04 val 1300 [ 150.826586][ T969] pwc: recv_control_msg error -32 req 04 val 1400 [ 150.834622][ T969] pwc: recv_control_msg error -32 req 02 val 2000 [ 150.842986][ T969] pwc: recv_control_msg error -32 req 02 val 2100 [ 151.063395][ T969] pwc: recv_control_msg error -71 req 02 val 2500 [ 151.093076][ T969] pwc: recv_control_msg error -71 req 02 val 2400 [ 151.116233][ T969] pwc: recv_control_msg error -71 req 02 val 2600 [ 151.126052][ T969] pwc: recv_control_msg error -71 req 02 val 2900 [ 151.147956][ T969] pwc: recv_control_msg error -71 req 02 val 2800 [ 151.193949][ T969] pwc: recv_control_msg error -71 req 04 val 1100 [ 151.367385][ T969] pwc: recv_control_msg error -71 req 04 val 1200 [ 151.384380][ T969] pwc: Registered as video103. [ 151.391369][ T969] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9 [ 151.407689][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 151.415664][ T969] usb 1-1: USB disconnect, device number 4 [ 151.628947][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 151.652099][ T9] usb 4-1: unable to get BOS descriptor or descriptor too short [ 151.681535][ T9] usb 4-1: config 127 has an invalid interface number: 25 but max is 0 [ 151.699027][ T9] usb 4-1: config 127 has no interface number 0 [ 151.725837][ T9] usb 4-1: config 127 interface 25 has no altsetting 0 [ 151.744568][ T9] usb 4-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11 [ 152.351587][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.359781][ T9] usb 4-1: Product: syz [ 152.364034][ T9] usb 4-1: Manufacturer: syz [ 152.368874][ T9] usb 4-1: SerialNumber: syz [ 152.646974][ T9] usb 4-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930 [ 152.861907][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 152.861924][ T29] audit: type=1400 audit(1737147542.619:377): avc: denied { accept } for pid=7515 comm="syz.4.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 258.057186][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 258.064249][ C1] rcu: 0-...!: (0 ticks this GP) idle=630c/1/0x4000000000000000 softirq=21305/21305 fqs=0 [ 258.075324][ C1] rcu: (detected by 1, t=10506 jiffies, g=12413, q=825 ncpus=2) [ 258.083053][ C1] Sending NMI from CPU 1 to CPUs 0: [ 258.083083][ C0] NMI backtrace for cpu 0 [ 258.083095][ C0] CPU: 0 UID: 0 PID: 1911 Comm: kworker/0:2 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 258.083112][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 258.083123][ C0] Workqueue: rcu_gp process_srcu [ 258.083144][ C0] RIP: 0010:timerqueue_del+0x67/0x150 [ 258.083162][ C0] Code: af 73 f6 49 39 dc 0f 84 af 00 00 00 e8 42 b5 73 f6 4c 8d 65 08 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 80 3c 02 00 <0f> 85 a3 00 00 00 48 39 5d 08 74 58 e8 18 b5 73 f6 48 89 ee 48 89 [ 258.083175][ C0] RSP: 0018:ffffc90000007dd0 EFLAGS: 00000046 [ 258.083187][ C0] RAX: dffffc0000000000 RBX: ffff888144aee340 RCX: ffffffff8b266f50 [ 258.083196][ C0] RDX: 1ffff110170c596b RSI: ffffffff8b266f5e RDI: 0000000000000006 [ 258.083206][ C0] RBP: ffff8880b862cb50 R08: 0000000000000006 R09: 0000000000000001 [ 258.083215][ C0] R10: ffff888144aee340 R11: 0000000000000004 R12: ffff8880b862cb58 [ 258.083224][ C0] R13: 0000000000000000 R14: ffff8880b862ca00 R15: 0000000000000000 [ 258.083234][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 258.083250][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 258.083260][ C0] CR2: 00007fb01626c270 CR3: 00000000361f8000 CR4: 00000000003526f0 [ 258.083269][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 258.083277][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 258.083286][ C0] Call Trace: [ 258.083293][ C0] [ 258.083300][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 258.083317][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 258.083332][ C0] ? nmi_handle+0x1ac/0x5d0 [ 258.083348][ C0] ? timerqueue_del+0x67/0x150 [ 258.083368][ C0] ? default_do_nmi+0x6a/0x160 [ 258.083383][ C0] ? exc_nmi+0x170/0x1e0 [ 258.083396][ C0] ? end_repeat_nmi+0xf/0x53 [ 258.083419][ C0] ? timerqueue_del+0x40/0x150 [ 258.083432][ C0] ? timerqueue_del+0x4e/0x150 [ 258.083444][ C0] ? timerqueue_del+0x67/0x150 [ 258.083457][ C0] ? timerqueue_del+0x67/0x150 [ 258.083471][ C0] ? timerqueue_del+0x67/0x150 [ 258.083484][ C0] [ 258.083488][ C0] [ 258.083494][ C0] __remove_hrtimer+0x99/0x290 [ 258.083514][ C0] ? __pfx_advance_sched+0x10/0x10 [ 258.083530][ C0] __hrtimer_run_queues+0x50b/0xae0 [ 258.083550][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 258.083568][ C0] ? read_tsc+0x9/0x20 [ 258.083590][ C0] hrtimer_interrupt+0x392/0x8e0 [ 258.083614][ C0] __sysvec_apic_timer_interrupt+0x10f/0x400 [ 258.083631][ C0] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 258.083649][ C0] [ 258.083653][ C0] [ 258.083658][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 258.083677][ C0] RIP: 0010:delay_tsc+0x32/0xc0 [ 258.083692][ C0] Code: fd bf 01 00 00 00 41 54 55 53 e8 19 74 3f f6 e8 94 24 01 00 41 89 c4 0f 01 f9 66 90 48 c1 e2 20 48 09 c2 48 89 d5 eb 16 f3 90 01 00 00 00 e8 f4 73 3f f6 e8 6f 24 01 00 44 39 e0 75 36 0f 01 [ 258.083704][ C0] RSP: 0018:ffffc900058a7b38 EFLAGS: 00000286 [ 258.083716][ C0] RAX: 0000000080000000 RBX: 000000665279d484 RCX: 0000000000000000 [ 258.083725][ C0] RDX: 0000000000000001 RSI: ffffffff8bd1eee0 RDI: 0000000000000001 [ 258.083733][ C0] RBP: 000000665279baee R08: 0000000000000001 R09: ffffed10170e8d59 [ 258.083742][ C0] R10: ffff8880b8746acf R11: 0000000000000002 R12: 0000000000000000 [ 258.083751][ C0] R13: 00000000000036b1 R14: ffffffff9a882640 R15: 0000000000003374 [ 258.083766][ C0] ? delay_tsc+0x6a/0xc0 [ 258.083780][ C0] try_check_zero+0x3c6/0x5a0 [ 258.083800][ C0] process_srcu+0x575/0x1720 [ 258.083817][ C0] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 258.083833][ C0] ? rcu_is_watching+0x12/0xc0 [ 258.083851][ C0] ? trace_lock_acquire+0x14e/0x1f0 [ 258.083871][ C0] ? process_one_work+0x921/0x1ba0 [ 258.083887][ C0] ? lock_acquire+0x2f/0xb0 [ 258.083900][ C0] ? process_one_work+0x921/0x1ba0 [ 258.083916][ C0] process_one_work+0x9c5/0x1ba0 [ 258.083935][ C0] ? __pfx_process_srcu+0x10/0x10 [ 258.083951][ C0] ? __pfx_process_one_work+0x10/0x10 [ 258.083965][ C0] ? rcu_is_watching+0x12/0xc0 [ 258.083985][ C0] ? assign_work+0x1a0/0x250 [ 258.084000][ C0] worker_thread+0x6c8/0xf00 [ 258.084017][ C0] ? __kthread_parkme+0x148/0x220 [ 258.084037][ C0] ? __pfx_worker_thread+0x10/0x10 [ 258.084051][ C0] kthread+0x2c1/0x3a0 [ 258.084067][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 258.084084][ C0] ? __pfx_kthread+0x10/0x10 [ 258.084101][ C0] ret_from_fork+0x45/0x80 [ 258.084115][ C0] ? __pfx_kthread+0x10/0x10 [ 258.084132][ C0] ret_from_fork_asm+0x1a/0x30 [ 258.084157][ C0] [ 258.085077][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10505 jiffies! g12413 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 258.548880][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=8301 [ 258.556679][ C1] rcu: rcu_preempt kthread starved for 10506 jiffies! g12413 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 258.568043][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 258.578013][ C1] rcu: RCU grace-period kthread stack dump: [ 258.583896][ C1] task:rcu_preempt state:I stack:27872 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 258.594081][ C1] Call Trace: [ 258.597362][ C1] [ 258.600326][ C1] __schedule+0xe58/0x5ad0 [ 258.604764][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 258.609978][ C1] ? __pfx___schedule+0x10/0x10 [ 258.615097][ C1] ? schedule+0x298/0x350 [ 258.619431][ C1] ? __pfx_lock_release+0x10/0x10 [ 258.624465][ C1] ? lock_acquire+0x2f/0xb0 [ 258.628966][ C1] ? schedule+0x1fd/0x350 [ 258.633301][ C1] schedule+0xe7/0x350 [ 258.637378][ C1] schedule_timeout+0x124/0x280 [ 258.642241][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 258.647619][ C1] ? __pfx_process_timeout+0x10/0x10 [ 258.652914][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 258.658724][ C1] ? prepare_to_swait_event+0xf3/0x470 [ 258.664192][ C1] rcu_gp_fqs_loop+0x1eb/0xb00 [ 258.668962][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 258.674249][ C1] ? rcu_gp_init+0xc82/0x1630 [ 258.678938][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 258.684156][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 258.689972][ C1] rcu_gp_kthread+0x271/0x380 [ 258.694690][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 258.700071][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 258.705276][ C1] ? __kthread_parkme+0x148/0x220 [ 258.710394][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 258.715596][ C1] kthread+0x2c1/0x3a0 [ 258.719673][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 258.724962][ C1] ? __pfx_kthread+0x10/0x10 [ 258.729566][ C1] ret_from_fork+0x45/0x80 [ 258.733983][ C1] ? __pfx_kthread+0x10/0x10 [ 258.738579][ C1] ret_from_fork_asm+0x1a/0x30 [ 258.743370][ C1]