[ 53.064152][ T40] audit: type=1400 audit(1769780741.747:61): avc: denied { siginh } for pid=5907 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:50338' (ED25519) to the list of known hosts. [ 60.308507][ T40] audit: type=1400 audit(1769780749.017:62): avc: denied { execute } for pid=5925 comm="sh" name="syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 60.315331][ T40] audit: type=1400 audit(1769780749.027:63): avc: denied { execute_no_trans } for pid=5925 comm="sh" path="/syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 2026/01/30 13:45:50 parsed 1 programs [ 61.948096][ T40] audit: type=1400 audit(1769780750.657:64): avc: denied { node_bind } for pid=5925 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 64.380039][ T40] audit: type=1400 audit(1769780753.097:65): avc: denied { mounton } for pid=5934 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 64.387919][ T40] audit: type=1400 audit(1769780753.097:66): avc: denied { mount } for pid=5934 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 64.389833][ T5934] cgroup: Unknown subsys name 'net' [ 64.398779][ T40] audit: type=1400 audit(1769780753.107:67): avc: denied { unmount } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 64.613626][ T5934] cgroup: Unknown subsys name 'cpuset' [ 64.619550][ T5934] cgroup: Unknown subsys name 'rlimit' [ 64.762642][ T40] audit: type=1400 audit(1769780753.477:68): avc: denied { setattr } for pid=5934 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 64.772516][ T40] audit: type=1400 audit(1769780753.477:69): avc: denied { create } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 64.780326][ T40] audit: type=1400 audit(1769780753.477:70): avc: denied { write } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 64.787543][ T40] audit: type=1400 audit(1769780753.477:71): avc: denied { read } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 64.813402][ T5938] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 65.639858][ T5934] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.387094][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 67.387106][ T40] audit: type=1400 audit(1769780756.097:82): avc: denied { execmem } for pid=5944 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 67.396377][ T40] audit: type=1400 audit(1769780756.107:83): avc: denied { read } for pid=5945 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 67.404604][ T40] audit: type=1400 audit(1769780756.107:84): avc: denied { open } for pid=5945 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 67.413487][ T40] audit: type=1400 audit(1769780756.107:85): avc: denied { mounton } for pid=5945 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 67.431772][ T40] audit: type=1400 audit(1769780756.147:86): avc: denied { mount } for pid=5945 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 67.441035][ T40] audit: type=1400 audit(1769780756.157:87): avc: denied { mounton } for pid=5945 comm="syz-executor" path="/syzkaller.vTXXOa/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 67.450347][ T40] audit: type=1400 audit(1769780756.157:88): avc: denied { mount } for pid=5945 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 67.458599][ T40] audit: type=1400 audit(1769780756.157:89): avc: denied { mounton } for pid=5945 comm="syz-executor" path="/syzkaller.vTXXOa/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 67.468409][ T40] audit: type=1400 audit(1769780756.157:90): avc: denied { mounton } for pid=5945 comm="syz-executor" path="/syzkaller.vTXXOa/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7398 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 67.478073][ T40] audit: type=1400 audit(1769780756.157:91): avc: denied { unmount } for pid=5945 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 67.489623][ T5945] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 68.459774][ T5986] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.464035][ T5986] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.467473][ T5986] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.473736][ T5986] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.477249][ T5986] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.944482][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.947010][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.967546][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.971535][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.402314][ T6017] chnl_net:caif_netlink_parms(): no params data found [ 69.498484][ T6017] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.501992][ T6017] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.504911][ T6017] bridge_slave_0: entered allmulticast mode [ 69.508753][ T6017] bridge_slave_0: entered promiscuous mode [ 69.513455][ T6017] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.516524][ T6017] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.520004][ T6017] bridge_slave_1: entered allmulticast mode [ 69.523832][ T6017] bridge_slave_1: entered promiscuous mode [ 69.555618][ T6017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.581176][ T6017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.610882][ T6017] team0: Port device team_slave_0 added [ 69.615573][ T6017] team0: Port device team_slave_1 added [ 69.657960][ T6017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.661510][ T6017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.672717][ T6017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.680112][ T6017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.683203][ T6017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 69.696345][ T6017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.744717][ T6017] hsr_slave_0: entered promiscuous mode [ 69.748169][ T6017] hsr_slave_1: entered promiscuous mode [ 69.906088][ T6017] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.912231][ T6017] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.916774][ T6017] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.921242][ T6017] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.939377][ T6017] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.941776][ T6017] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.944600][ T6017] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.946888][ T6017] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.976133][ T6017] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.986067][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.989642][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.997525][ T6017] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.004512][ T88] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.007577][ T88] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.015509][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.018453][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.163197][ T6017] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.197406][ T6017] veth0_vlan: entered promiscuous mode [ 70.204807][ T6017] veth1_vlan: entered promiscuous mode [ 70.226230][ T6017] veth0_macvtap: entered promiscuous mode [ 70.233523][ T6017] veth1_macvtap: entered promiscuous mode [ 70.243467][ T6017] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.252120][ T6017] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.259740][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.263674][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.268093][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.271866][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.342940][ T88] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.431592][ T88] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.540169][ T88] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.628402][ T88] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/01/30 13:45:59 executed programs: 0 [ 70.654664][ T5986] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.658460][ T5986] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.662616][ T5986] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.665420][ T5986] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.667878][ T5986] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.758490][ T6043] chnl_net:caif_netlink_parms(): no params data found [ 70.802999][ T6043] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.805228][ T6043] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.807339][ T6043] bridge_slave_0: entered allmulticast mode [ 70.810533][ T6043] bridge_slave_0: entered promiscuous mode [ 70.813816][ T6043] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.815968][ T6043] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.818034][ T6043] bridge_slave_1: entered allmulticast mode [ 70.820565][ T6043] bridge_slave_1: entered promiscuous mode [ 70.838703][ T6043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.845375][ T6043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.862421][ T6043] team0: Port device team_slave_0 added [ 70.865448][ T6043] team0: Port device team_slave_1 added [ 70.877560][ T6043] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.879985][ T6043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.887924][ T6043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.892731][ T6043] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.894937][ T6043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 70.902995][ T6043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.923572][ T6043] hsr_slave_0: entered promiscuous mode [ 70.925825][ T6043] hsr_slave_1: entered promiscuous mode [ 70.927855][ T6043] debugfs: 'hsr0' already exists in 'hsr' [ 70.929815][ T6043] Cannot create hsr debugfs directory [ 72.720120][ T5986] Bluetooth: hci0: command tx timeout [ 73.448705][ T88] bridge_slave_1: left allmulticast mode [ 73.451693][ T88] bridge_slave_1: left promiscuous mode [ 73.454858][ T88] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.461973][ T88] bridge_slave_0: left allmulticast mode [ 73.463841][ T88] bridge_slave_0: left promiscuous mode [ 73.466111][ T88] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.505704][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 73.505721][ T40] audit: type=1400 audit(1769780762.217:112): avc: denied { create } for pid=6052 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.519354][ T40] audit: type=1400 audit(1769780762.217:113): avc: denied { write } for pid=6052 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth2.link" dev="tmpfs" ino=2102 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.528242][ T40] audit: type=1400 audit(1769780762.217:114): avc: denied { append } for pid=6052 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" dev="tmpfs" ino=2102 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.569162][ T40] audit: type=1400 audit(1769780762.277:115): avc: denied { unlink } for pid=6055 comm="rm" name="resolv.conf.eth2.link" dev="tmpfs" ino=2102 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 73.727910][ T88] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 73.732650][ T88] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 73.736538][ T88] bond0 (unregistering): Released all slaves [ 73.867004][ T88] hsr_slave_0: left promiscuous mode [ 73.870927][ T88] hsr_slave_1: left promiscuous mode [ 73.873751][ T88] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.876797][ T88] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 73.885069][ T88] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.887910][ T88] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 73.897010][ T88] veth1_macvtap: left promiscuous mode [ 73.899490][ T88] veth0_macvtap: left promiscuous mode [ 73.901291][ T88] veth1_vlan: left promiscuous mode [ 73.903125][ T88] veth0_vlan: left promiscuous mode [ 74.137152][ T88] team0 (unregistering): Port device team_slave_1 removed [ 74.158666][ T88] team0 (unregistering): Port device team_slave_0 removed [ 74.793999][ T6043] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.799017][ T6043] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.803640][ T6043] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.808618][ T6043] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.809352][ T5986] Bluetooth: hci0: command tx timeout [ 74.876457][ T6043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.894760][ T6043] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.901588][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.903820][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.914293][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.916597][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.092477][ T6043] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.111995][ T6043] veth0_vlan: entered promiscuous mode [ 75.118413][ T6043] veth1_vlan: entered promiscuous mode [ 75.131636][ T6043] veth0_macvtap: entered promiscuous mode [ 75.135504][ T6043] veth1_macvtap: entered promiscuous mode [ 75.142919][ T6043] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.151107][ T6043] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.162713][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.165905][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.170955][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.174107][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.201461][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.203960][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.215994][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.218543][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.244188][ T40] audit: type=1400 audit(1769780763.957:116): avc: denied { read write } for pid=6091 comm="syz.0.17" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 75.254326][ T40] audit: type=1400 audit(1769780763.957:117): avc: denied { open } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 75.254637][ T6091] [ 75.263090][ T40] audit: type=1400 audit(1769780763.957:118): avc: denied { map } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 75.263883][ T6091] ====================================================== [ 75.272610][ T40] audit: type=1400 audit(1769780763.957:119): avc: denied { execute } for pid=6091 comm="syz.0.17" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 75.275221][ T6091] WARNING: possible circular locking dependency detected [ 75.284019][ T40] audit: type=1400 audit(1769780763.957:120): avc: denied { allowed } for pid=6091 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 75.286586][ T6091] syzkaller #0 Not tainted [ 75.293915][ T40] audit: type=1400 audit(1769780763.967:121): avc: denied { create } for pid=6091 comm="syz.0.17" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 75.295510][ T6091] ------------------------------------------------------ [ 75.306136][ T6091] syz.0.17/6091 is trying to acquire lock: [ 75.308500][ T6091] ffff888106d71328 (&sb->s_type->i_mutex_key#8){++++}-{4:4}, at: blkdev_read_iter+0x2b6/0x4f0 [ 75.312585][ T6091] [ 75.312585][ T6091] but task is already holding lock: [ 75.315587][ T6091] ffff88803cd6c088 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x10a/0xf40 [ 75.318956][ T6091] [ 75.318956][ T6091] which lock already depends on the new lock. [ 75.318956][ T6091] [ 75.323124][ T6091] [ 75.323124][ T6091] the existing dependency chain (in reverse order) is: [ 75.326750][ T6091] [ 75.326750][ T6091] -> #2 (vm_lock){++++}-{0:0}: [ 75.329559][ T6091] __vma_enter_locked+0x23a/0x770 [ 75.331817][ T6091] __vma_start_write+0x21/0x170 [ 75.333970][ T6091] mprotect_fixup+0x345/0xb40 [ 75.336121][ T6091] setup_arg_pages+0x4b6/0xb60 [ 75.338328][ T6091] load_elf_binary+0xb75/0x5110 [ 75.340393][ T6091] bprm_execve+0x8fb/0x1620 [ 75.342487][ T6091] kernel_execve+0x32b/0x3d0 [ 75.344625][ T6091] try_to_run_init_process+0x14/0x60 [ 75.346705][ T6091] kernel_init+0x14b/0x1e0 [ 75.348257][ T6091] ret_from_fork+0x754/0xaf0 [ 75.349908][ T6091] ret_from_fork_asm+0x1a/0x30 [ 75.351589][ T6091] [ 75.351589][ T6091] -> #1 (&mm->mmap_lock){++++}-{4:4}: [ 75.354003][ T6091] __might_fault+0xde/0x140 [ 75.355615][ T6091] _copy_to_iter+0x117/0x1720 [ 75.357267][ T6091] copy_page_to_iter+0x12a/0x1e0 [ 75.359013][ T6091] filemap_read+0x7a9/0x10a0 [ 75.360665][ T6091] blkdev_read_iter+0x2c4/0x4f0 [ 75.362376][ T6091] vfs_read+0x825/0xb30 [ 75.363873][ T6091] ksys_read+0x12a/0x250 [ 75.365410][ T6091] do_syscall_64+0xc9/0xf80 [ 75.367035][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.369069][ T6091] [ 75.369069][ T6091] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{4:4}: [ 75.371759][ T6091] __lock_acquire+0x14b8/0x2630 [ 75.373476][ T6091] lock_acquire+0x17c/0x330 [ 75.375058][ T6091] down_read+0x99/0x460 [ 75.376566][ T6091] blkdev_read_iter+0x2b6/0x4f0 [ 75.378282][ T6091] __kernel_read+0x397/0xac0 [ 75.379916][ T6091] freader_fetch+0x1d3/0xa70 [ 75.381585][ T6091] __build_id_parse.isra.0+0xe4/0x6c0 [ 75.383489][ T6091] do_procmap_query+0xaf6/0x1050 [ 75.385225][ T6091] procfs_procmap_ioctl+0x9d/0xe0 [ 75.387017][ T6091] __x64_sys_ioctl+0x18e/0x210 [ 75.388694][ T6091] do_syscall_64+0xc9/0xf80 [ 75.390305][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.392463][ T6091] [ 75.392463][ T6091] other info that might help us debug this: [ 75.392463][ T6091] [ 75.395787][ T6091] Chain exists of: [ 75.395787][ T6091] &sb->s_type->i_mutex_key#8 --> &mm->mmap_lock --> vm_lock [ 75.395787][ T6091] [ 75.399922][ T6091] Possible unsafe locking scenario: [ 75.399922][ T6091] [ 75.402341][ T6091] CPU0 CPU1 [ 75.404121][ T6091] ---- ---- [ 75.405885][ T6091] rlock(vm_lock); [ 75.407133][ T6091] lock(&mm->mmap_lock); [ 75.409328][ T6091] lock(vm_lock); [ 75.411334][ T6091] rlock(&sb->s_type->i_mutex_key#8); [ 75.413089][ T6091] [ 75.413089][ T6091] *** DEADLOCK *** [ 75.413089][ T6091] [ 75.415822][ T6091] 1 lock held by syz.0.17/6091: [ 75.417417][ T6091] #0: ffff88803cd6c088 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x10a/0xf40 [ 75.420243][ T6091] [ 75.420243][ T6091] stack backtrace: [ 75.422158][ T6091] CPU: 1 UID: 0 PID: 6091 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) [ 75.422171][ T6091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 75.422177][ T6091] Call Trace: [ 75.422182][ T6091] [ 75.422186][ T6091] dump_stack_lvl+0x100/0x190 [ 75.422201][ T6091] print_circular_bug.cold+0x178/0x1c7 [ 75.422219][ T6091] check_noncircular+0x146/0x160 [ 75.422237][ T6091] __lock_acquire+0x14b8/0x2630 [ 75.422249][ T6091] lock_acquire+0x17c/0x330 [ 75.422259][ T6091] ? blkdev_read_iter+0x2b6/0x4f0 [ 75.422275][ T6091] ? __pfx___might_resched+0x10/0x10 [ 75.422288][ T6091] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 75.422305][ T6091] down_read+0x99/0x460 [ 75.422317][ T6091] ? blkdev_read_iter+0x2b6/0x4f0 [ 75.422328][ T6091] ? __pfx_down_read+0x10/0x10 [ 75.422339][ T6091] ? arch_stack_walk+0xa6/0xf0 [ 75.422354][ T6091] blkdev_read_iter+0x2b6/0x4f0 [ 75.422366][ T6091] __kernel_read+0x397/0xac0 [ 75.422378][ T6091] ? __pfx___kernel_read+0x10/0x10 [ 75.422391][ T6091] ? __pfx_vma_start_read+0x10/0x10 [ 75.422401][ T6091] freader_fetch+0x1d3/0xa70 [ 75.422439][ T6091] ? reacquire_held_locks+0xce/0x1e0 [ 75.422449][ T6091] ? lock_next_vma+0x10a/0xf40 [ 75.422459][ T6091] ? __pfx_freader_fetch+0x10/0x10 [ 75.422469][ T6091] ? __asan_memset+0x23/0x50 [ 75.422480][ T6091] __build_id_parse.isra.0+0xe4/0x6c0 [ 75.422490][ T6091] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 75.422505][ T6091] do_procmap_query+0xaf6/0x1050 [ 75.422521][ T6091] ? __pfx_do_procmap_query+0x10/0x10 [ 75.422536][ T6091] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 75.422552][ T6091] ? do_vfs_ioctl+0x226/0x13e0 [ 75.422562][ T6091] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 75.422578][ T6091] ? selinux_file_ioctl+0x139/0x290 [ 75.422588][ T6091] ? selinux_file_ioctl+0xb4/0x290 [ 75.422598][ T6091] procfs_procmap_ioctl+0x9d/0xe0 [ 75.422613][ T6091] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 75.422628][ T6091] __x64_sys_ioctl+0x18e/0x210 [ 75.422638][ T6091] do_syscall_64+0xc9/0xf80 [ 75.422649][ T6091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.422660][ T6091] RIP: 0033:0x7fe93fb9aeb9 [ 75.422669][ T6091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 75.422679][ T6091] RSP: 002b:00007fff4c053408 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.422689][ T6091] RAX: ffffffffffffffda RBX: 00007fe93fe15fa0 RCX: 00007fe93fb9aeb9 [ 75.422695][ T6091] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003 [ 75.422701][ T6091] RBP: 00007fe93fc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 75.422707][ T6091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.422713][ T6091] R13: 00007fe93fe15fac R14: 00007fe93fe15fa0 R15: 00007fe93fe15fa0 [ 75.422721][ T6091] [ 76.401339][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.404127][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.489091][ T1154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.272468][ T1154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.362951][ T1154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.424242][ T1154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.543086][ T1154] bridge_slave_1: left allmulticast mode [ 79.545462][ T1154] bridge_slave_1: left promiscuous mode [ 79.547790][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.554713][ T1154] bridge_slave_0: left allmulticast mode [ 79.557029][ T1154] bridge_slave_0: left promiscuous mode [ 79.559546][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.664278][ T1154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 79.669108][ T1154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 79.673692][ T1154] bond0 (unregistering): Released all slaves [ 80.056432][ T1154] hsr_slave_0: left promiscuous mode [ 80.058438][ T1154] hsr_slave_1: left promiscuous mode [ 80.062374][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.065484][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.068817][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.071492][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.076198][ T1154] veth1_macvtap: left promiscuous mode [ 80.077900][ T1154] veth0_macvtap: left promiscuous mode [ 80.079805][ T1154] veth1_vlan: left promiscuous mode [ 80.081501][ T1154] veth0_vlan: left promiscuous mode [ 80.166316][ T1154] team0 (unregistering): Port device team_slave_1 removed [ 80.174889][ T1154] team0 (unregistering): Port device team_slave_0 removed