[ 44.063088][ T40] audit: type=1400 audit(1768867630.428:60): avc: denied { rlimitinh } for pid=5839 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.069464][ T40] audit: type=1400 audit(1768867630.428:61): avc: denied { siginh } for pid=5839 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:31430' (ED25519) to the list of known hosts. [ 49.585341][ T40] audit: type=1400 audit(1768867635.968:62): avc: denied { execute } for pid=5923 comm="sh" name="syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 49.592283][ T40] audit: type=1400 audit(1768867635.968:63): avc: denied { execute_no_trans } for pid=5923 comm="sh" path="/syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 2026/01/20 00:07:17 parsed 1 programs [ 50.677837][ T40] audit: type=1400 audit(1768867637.058:64): avc: denied { node_bind } for pid=5923 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 52.473188][ T40] audit: type=1400 audit(1768867638.858:65): avc: denied { mounton } for pid=5936 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 52.481086][ T40] audit: type=1400 audit(1768867638.868:66): avc: denied { mount } for pid=5936 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 52.483009][ T5936] cgroup: Unknown subsys name 'net' [ 52.492152][ T40] audit: type=1400 audit(1768867638.878:67): avc: denied { unmount } for pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 52.672534][ T5936] cgroup: Unknown subsys name 'cpuset' [ 52.677644][ T5936] cgroup: Unknown subsys name 'rlimit' [ 52.932705][ T40] audit: type=1400 audit(1768867639.318:68): avc: denied { setattr } for pid=5936 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 52.942179][ T40] audit: type=1400 audit(1768867639.318:69): avc: denied { create } for pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 52.950840][ T40] audit: type=1400 audit(1768867639.318:70): avc: denied { write } for pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 52.958482][ T40] audit: type=1400 audit(1768867639.318:71): avc: denied { read } for pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 52.998286][ T5938] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 53.665644][ T5936] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.207596][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 55.207606][ T40] audit: type=1400 audit(1768867641.588:82): avc: denied { execmem } for pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 55.260186][ T40] audit: type=1400 audit(1768867641.648:83): avc: denied { read } for pid=5944 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.266800][ T40] audit: type=1400 audit(1768867641.648:84): avc: denied { open } for pid=5944 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.275436][ T40] audit: type=1400 audit(1768867641.648:85): avc: denied { mounton } for pid=5944 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 55.318798][ T40] audit: type=1400 audit(1768867641.708:86): avc: denied { mount } for pid=5944 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 55.338074][ T40] audit: type=1400 audit(1768867641.718:87): avc: denied { mounton } for pid=5944 comm="syz-executor" path="/syzkaller.wqwHuv/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 55.347786][ T40] audit: type=1400 audit(1768867641.718:88): avc: denied { mount } for pid=5944 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 55.356963][ T40] audit: type=1400 audit(1768867641.718:89): avc: denied { mounton } for pid=5944 comm="syz-executor" path="/syzkaller.wqwHuv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 55.367017][ T40] audit: type=1400 audit(1768867641.718:90): avc: denied { mounton } for pid=5944 comm="syz-executor" path="/syzkaller.wqwHuv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7394 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 55.377848][ T40] audit: type=1400 audit(1768867641.728:91): avc: denied { unmount } for pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 55.383361][ T5944] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 56.007855][ T5291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.012297][ T5291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.015109][ T5291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.018819][ T5291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.021928][ T5291] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 56.850389][ T160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.852968][ T160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.874286][ T160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.876881][ T160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.273764][ T6013] chnl_net:caif_netlink_parms(): no params data found [ 57.343819][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.346543][ T6013] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.349159][ T6013] bridge_slave_0: entered allmulticast mode [ 57.352956][ T6013] bridge_slave_0: entered promiscuous mode [ 57.359382][ T6013] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.364698][ T6013] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.367011][ T6013] bridge_slave_1: entered allmulticast mode [ 57.371365][ T6013] bridge_slave_1: entered promiscuous mode [ 57.393930][ T6013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.398542][ T6013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.412726][ T6013] team0: Port device team_slave_0 added [ 57.415881][ T6013] team0: Port device team_slave_1 added [ 57.431130][ T6013] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.433267][ T6013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 57.442214][ T6013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.447113][ T6013] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.449536][ T6013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 57.457557][ T6013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.489356][ T6013] hsr_slave_0: entered promiscuous mode [ 57.492868][ T6013] hsr_slave_1: entered promiscuous mode [ 57.621489][ T6013] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.628655][ T6013] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.633030][ T6013] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.637272][ T6013] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.656474][ T6013] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.658904][ T6013] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.661781][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.664049][ T6013] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.696237][ T6013] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.701092][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.704652][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.724474][ T6013] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.731251][ T1213] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.733488][ T1213] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.740351][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.742717][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.855690][ T6013] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.877694][ T6013] veth0_vlan: entered promiscuous mode [ 57.882941][ T6013] veth1_vlan: entered promiscuous mode [ 57.897290][ T6013] veth0_macvtap: entered promiscuous mode [ 57.901910][ T6013] veth1_macvtap: entered promiscuous mode [ 57.910519][ T6013] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.917374][ T6013] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.925594][ T1213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.930430][ T1213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.933975][ T1213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.937281][ T1213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.035141][ T72] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.096348][ T72] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.176619][ T72] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/01/20 00:07:24 executed programs: 0 [ 58.230366][ T5291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.233617][ T5291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.236435][ T5291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.239884][ T5291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.242806][ T5291] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.260018][ T72] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.349235][ T6040] chnl_net:caif_netlink_parms(): no params data found [ 58.394879][ T6040] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.397233][ T6040] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.399549][ T6040] bridge_slave_0: entered allmulticast mode [ 58.402041][ T6040] bridge_slave_0: entered promiscuous mode [ 58.405297][ T6040] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.407497][ T6040] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.411734][ T6040] bridge_slave_1: entered allmulticast mode [ 58.414252][ T6040] bridge_slave_1: entered promiscuous mode [ 58.430786][ T6040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.435480][ T6040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.451540][ T6040] team0: Port device team_slave_0 added [ 58.454709][ T6040] team0: Port device team_slave_1 added [ 58.468571][ T6040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.470849][ T6040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 58.479204][ T6040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.483686][ T6040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.485936][ T6040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 58.494367][ T6040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.517705][ T6040] hsr_slave_0: entered promiscuous mode [ 58.521105][ T6040] hsr_slave_1: entered promiscuous mode [ 58.523320][ T6040] debugfs: 'hsr0' already exists in 'hsr' [ 58.525251][ T6040] Cannot create hsr debugfs directory [ 60.281296][ T64] Bluetooth: hci0: command tx timeout [ 61.171900][ T72] bridge_slave_1: left allmulticast mode [ 61.174523][ T72] bridge_slave_1: left promiscuous mode [ 61.177689][ T72] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.185787][ T72] bridge_slave_0: left allmulticast mode [ 61.189966][ T72] bridge_slave_0: left promiscuous mode [ 61.192552][ T72] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.231443][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 61.231457][ T40] audit: type=1400 audit(1768867647.618:112): avc: denied { create } for pid=6050 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.249282][ T40] audit: type=1400 audit(1768867647.628:113): avc: denied { write } for pid=6050 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth2.link" dev="tmpfs" ino=2028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.257272][ T40] audit: type=1400 audit(1768867647.628:114): avc: denied { append } for pid=6050 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" dev="tmpfs" ino=2028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.293575][ T40] audit: type=1400 audit(1768867647.678:115): avc: denied { unlink } for pid=6053 comm="rm" name="resolv.conf.eth2.link" dev="tmpfs" ino=2028 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 61.397763][ T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.402450][ T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.405809][ T72] bond0 (unregistering): Released all slaves [ 61.601288][ T72] hsr_slave_0: left promiscuous mode [ 61.603712][ T72] hsr_slave_1: left promiscuous mode [ 61.606005][ T72] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 61.608654][ T72] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.612287][ T72] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.615242][ T72] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.625281][ T72] veth1_macvtap: left promiscuous mode [ 61.627528][ T72] veth0_macvtap: left promiscuous mode [ 61.631123][ T72] veth1_vlan: left promiscuous mode [ 61.633172][ T72] veth0_vlan: left promiscuous mode [ 61.845604][ T72] team0 (unregistering): Port device team_slave_1 removed [ 61.864387][ T72] team0 (unregistering): Port device team_slave_0 removed [ 62.228840][ T6040] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.234491][ T6040] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.244792][ T6040] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.256195][ T6040] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.332640][ T6040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.345179][ T6040] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.353611][ T160] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.355887][ T160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.359015][ T64] Bluetooth: hci0: command tx timeout [ 62.365381][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.367808][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.536761][ T6040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.595420][ T6040] veth0_vlan: entered promiscuous mode [ 62.601497][ T6040] veth1_vlan: entered promiscuous mode [ 62.616100][ T6040] veth0_macvtap: entered promiscuous mode [ 62.620816][ T6040] veth1_macvtap: entered promiscuous mode [ 62.633143][ T6040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.643868][ T6040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.651780][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.655440][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.659733][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.663319][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.707348][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.711558][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.728765][ T160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.732103][ T160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.758418][ T40] audit: type=1400 audit(1768867649.148:116): avc: denied { read write } for pid=6091 comm="syz.0.17" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 62.762703][ T6091] [ 62.765804][ T40] audit: type=1400 audit(1768867649.148:117): avc: denied { open } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 62.766768][ T6091] ====================================================== [ 62.775363][ T40] audit: type=1400 audit(1768867649.148:118): avc: denied { map } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 62.776997][ T6091] WARNING: possible circular locking dependency detected [ 62.777007][ T6091] syzkaller #0 Not tainted [ 62.777014][ T6091] ------------------------------------------------------ [ 62.777040][ T6091] syz.0.17/6091 is trying to acquire lock: [ 62.777049][ T6091] ffff8881061287a8 ( [ 62.784449][ T40] audit: type=1400 audit(1768867649.148:119): avc: denied { execute } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 62.787161][ T6091] &sb->s_type->i_mutex_key#8){++++}-{4:4}, at: blkdev_read_iter+0x19e/0x500 [ 62.807633][ T6091] [ 62.807633][ T6091] but task is already holding lock: [ 62.810668][ T6091] ffff888012aa0448 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x10e/0xed0 [ 62.814173][ T6091] [ 62.814173][ T6091] which lock already depends on the new lock. [ 62.814173][ T6091] [ 62.818480][ T6091] [ 62.818480][ T6091] the existing dependency chain (in reverse order) is: [ 62.822189][ T6091] [ 62.822189][ T6091] -> #2 (vm_lock){++++}-{0:0}: [ 62.824939][ T6091] __vma_enter_locked+0x260/0x770 [ 62.826722][ T6091] __vma_start_write+0x21/0x160 [ 62.828397][ T6091] mprotect_fixup+0x4e3/0xb80 [ 62.830016][ T6091] setup_arg_pages+0x4a2/0xbb0 [ 62.831678][ T6091] load_elf_binary+0xb5b/0x4fe0 [ 62.833343][ T6091] bprm_execve+0x8c2/0x1620 [ 62.834907][ T6091] kernel_execve+0x2ef/0x3b0 [ 62.836525][ T6091] kernel_init+0x14a/0x2b0 [ 62.838115][ T6091] ret_from_fork+0x983/0xb10 [ 62.839739][ T6091] ret_from_fork_asm+0x1a/0x30 [ 62.841471][ T6091] [ 62.841471][ T6091] -> #1 (&mm->mmap_lock){++++}-{4:4}: [ 62.843891][ T6091] __might_fault+0x113/0x190 [ 62.845547][ T6091] _copy_to_iter+0x1c2/0x1710 [ 62.847214][ T6091] copy_page_to_iter+0x12a/0x1e0 [ 62.848940][ T6091] filemap_read+0x6b1/0xe40 [ 62.850544][ T6091] blkdev_read_iter+0x1ac/0x500 [ 62.852242][ T6091] vfs_read+0x8bf/0xcf0 [ 62.853724][ T6091] ksys_read+0x12a/0x250 [ 62.855187][ T6091] do_syscall_64+0xcd/0xf80 [ 62.856739][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.858711][ T6091] [ 62.858711][ T6091] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{4:4}: [ 62.861403][ T6091] __lock_acquire+0x1669/0x2890 [ 62.863055][ T6091] lock_acquire+0x179/0x330 [ 62.864619][ T6091] down_read+0x9b/0x460 [ 62.866091][ T6091] blkdev_read_iter+0x19e/0x500 [ 62.867750][ T6091] __kernel_read+0x3f3/0xbf0 [ 62.869360][ T6091] freader_fetch+0x1d7/0x9d0 [ 62.870982][ T6091] __build_id_parse.isra.0+0xdd/0x6c0 [ 62.872816][ T6091] do_procmap_query+0xb0e/0x1080 [ 62.874490][ T6091] procfs_procmap_ioctl+0x9d/0xe0 [ 62.876175][ T6091] __x64_sys_ioctl+0x18e/0x210 [ 62.877798][ T6091] do_syscall_64+0xcd/0xf80 [ 62.879346][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.881352][ T6091] [ 62.881352][ T6091] other info that might help us debug this: [ 62.881352][ T6091] [ 62.884463][ T6091] Chain exists of: [ 62.884463][ T6091] &sb->s_type->i_mutex_key#8 --> &mm->mmap_lock --> vm_lock [ 62.884463][ T6091] [ 62.888493][ T6091] Possible unsafe locking scenario: [ 62.888493][ T6091] [ 62.890781][ T6091] CPU0 CPU1 [ 62.892462][ T6091] ---- ---- [ 62.894142][ T6091] rlock(vm_lock); [ 62.895333][ T6091] lock(&mm->mmap_lock); [ 62.897464][ T6091] lock(vm_lock); [ 62.899368][ T6091] rlock(&sb->s_type->i_mutex_key#8); [ 62.901076][ T6091] [ 62.901076][ T6091] *** DEADLOCK *** [ 62.901076][ T6091] [ 62.903547][ T6091] 1 lock held by syz.0.17/6091: [ 62.905067][ T6091] #0: ffff888012aa0448 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x10e/0xed0 [ 62.907787][ T6091] [ 62.907787][ T6091] stack backtrace: [ 62.909612][ T6091] CPU: 2 UID: 0 PID: 6091 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 62.909624][ T6091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.909630][ T6091] Call Trace: [ 62.909635][ T6091] [ 62.909640][ T6091] dump_stack_lvl+0x116/0x1f0 [ 62.909655][ T6091] print_circular_bug+0x275/0x340 [ 62.909667][ T6091] check_noncircular+0x146/0x160 [ 62.909679][ T6091] __lock_acquire+0x1669/0x2890 [ 62.909693][ T6091] lock_acquire+0x179/0x330 [ 62.909704][ T6091] ? blkdev_read_iter+0x19e/0x500 [ 62.909715][ T6091] ? __pfx___might_resched+0x10/0x10 [ 62.909724][ T6091] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 62.909737][ T6091] down_read+0x9b/0x460 [ 62.909746][ T6091] ? blkdev_read_iter+0x19e/0x500 [ 62.909755][ T6091] ? register_lock_class+0x41/0x4b0 [ 62.909767][ T6091] ? __pfx_down_read+0x10/0x10 [ 62.909776][ T6091] blkdev_read_iter+0x19e/0x500 [ 62.909787][ T6091] __kernel_read+0x3f3/0xbf0 [ 62.909800][ T6091] ? __pfx___kernel_read+0x10/0x10 [ 62.909815][ T6091] ? __pfx_vma_start_read+0x10/0x10 [ 62.909830][ T6091] freader_fetch+0x1d7/0x9d0 [ 62.909842][ T6091] ? reacquire_held_locks+0xcd/0x1f0 [ 62.909853][ T6091] ? lock_next_vma+0x10e/0xed0 [ 62.909867][ T6091] ? __pfx_freader_fetch+0x10/0x10 [ 62.909879][ T6091] ? __asan_memset+0x23/0x50 [ 62.909890][ T6091] __build_id_parse.isra.0+0xdd/0x6c0 [ 62.909902][ T6091] ? query_matching_vma+0x48e/0x7d0 [ 62.909914][ T6091] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 62.909931][ T6091] do_procmap_query+0xb0e/0x1080 [ 62.909944][ T6091] ? __pfx_do_procmap_query+0x10/0x10 [ 62.909955][ T6091] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 62.909967][ T6091] ? do_vfs_ioctl+0x128/0x14f0 [ 62.909979][ T6091] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 62.909998][ T6091] ? selinux_file_ioctl+0x180/0x270 [ 62.910011][ T6091] ? selinux_file_ioctl+0xb4/0x270 [ 62.910024][ T6091] procfs_procmap_ioctl+0x9d/0xe0 [ 62.910035][ T6091] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 62.910047][ T6091] __x64_sys_ioctl+0x18e/0x210 [ 62.910058][ T6091] do_syscall_64+0xcd/0xf80 [ 62.910073][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.910084][ T6091] RIP: 0033:0x7ff1a238f7c9 [ 62.910093][ T6091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.910102][ T6091] RSP: 002b:00007ffebbe538b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.910111][ T6091] RAX: ffffffffffffffda RBX: 00007ff1a25e5fa0 RCX: 00007ff1a238f7c9 [ 62.910117][ T6091] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000004 [ 62.910123][ T6091] RBP: 00007ff1a2413f91 R08: 0000000000000000 R09: 0000000000000000 [ 62.910128][ T6091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 62.910133][ T6091] R13: 00007ff1a25e5fa0 R14: 00007ff1a25e5fa0 R15: 0000000000000003 [ 62.910142][ T6091] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 65.113158][ T1213] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.590352][ T1213] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.660918][ T1213] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.703209][ T1213] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.798773][ T1213] bridge_slave_1: left allmulticast mode [ 66.801021][ T1213] bridge_slave_1: left promiscuous mode [ 66.802927][ T1213] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.806138][ T1213] bridge_slave_0: left allmulticast mode [ 66.808054][ T1213] bridge_slave_0: left promiscuous mode [ 66.809854][ T1213] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.884133][ T1213] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 66.888784][ T1213] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 66.893220][ T1213] bond0 (unregistering): Released all slaves [ 67.213442][ T1213] hsr_slave_0: left promiscuous mode [ 67.215458][ T1213] hsr_slave_1: left promiscuous mode [ 67.217404][ T1213] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.220080][ T1213] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.223200][ T1213] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.225554][ T1213] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.230414][ T1213] veth1_macvtap: left promiscuous mode [ 67.232246][ T1213] veth0_macvtap: left promiscuous mode [ 67.234520][ T1213] veth1_vlan: left promiscuous mode [ 67.236529][ T1213] veth0_vlan: left promiscuous mode [ 67.302226][ T1213] team0 (unregistering): Port device team_slave_1 removed [ 67.315632][ T1213] team0 (unregistering): Port device team_slave_0 removed