last executing test programs: 407.828244ms ago: executing program 0 (id=18): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a010100000000000000000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0) 325.652017ms ago: executing program 1 (id=20): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000020000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 325.290902ms ago: executing program 2 (id=21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae03, 0x3c) 319.061004ms ago: executing program 3 (id=22): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc1100001200010200"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000f504010007c01c000a"], 0x11fc}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) 253.113414ms ago: executing program 0 (id=23): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000100)={0xf0f004, 0x2}) 252.830887ms ago: executing program 2 (id=24): mbind(&(0x7f0000000000/0x600000)=nil, 0x600006, 0x8003, &(0x7f0000000000)=0x6, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f00003c9000/0x3000)=nil, 0x2) 251.097273ms ago: executing program 3 (id=25): r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000002700)={0x53, 0x0, 0x6, 0x7, @buffer={0x0, 0x0, 0x0}, &(0x7f0000002680)="a1cea1791a1a", 0x0, 0x1000, 0x0, 0x1, 0x0}) 241.878644ms ago: executing program 1 (id=26): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x60) 241.698567ms ago: executing program 0 (id=27): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000100)={0xf0f016, 0x2}) 198.454347ms ago: executing program 1 (id=28): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x1}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0) 194.0921ms ago: executing program 3 (id=29): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x103901, 0x0) ioctl$COMEDI_CANCEL(r0, 0x6407) 193.878242ms ago: executing program 0 (id=30): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x40187013, &(0x7f0000000140)={0x1, 0x0, {0x0, 0x0, 0x0, 0x15}}) 190.963814ms ago: executing program 2 (id=31): r0 = socket$netlink(0x10, 0x3, 0x15) writev(r0, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) 145.043023ms ago: executing program 1 (id=32): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x180) close(r0) 144.799311ms ago: executing program 3 (id=33): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc458}, [@IFLA_PORT_SELF={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4604}, 0x0) 143.395348ms ago: executing program 0 (id=34): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r0, &(0x7f0000000080), &(0x7f00000000c0)=""/102}, 0x20) 74.211954ms ago: executing program 2 (id=35): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x34, 0x13, 0x1, 0x4, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004010}, 0x0) 73.961222ms ago: executing program 1 (id=36): r0 = syz_open_dev$vim2m(&(0x7f0000000180), 0x8008, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x8, 0x1, 0x1, "7e0efe3287fdaced3d4fd6e8c46a2ca55aab2500000000b482b200", 0x50313459}) 71.9986ms ago: executing program 3 (id=37): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x10, 0x4, 0x0, 0x0, @str='\xca\xb1\x89: \xb8\xd2\xa95!\x80\n'}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) 61.397378ms ago: executing program 0 (id=38): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r0, 0x6, 0x2c, 0x0, &(0x7f0000000080)) 4.18973ms ago: executing program 2 (id=39): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000100)={0x2, @win={{0xe36a, 0x5, 0xfffff9b6, 0x4}, 0x0, 0xffffffa5, 0x0, 0x10, 0x0, 0x60}}) 4.004778ms ago: executing program 1 (id=40): syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0xff, 0x1, 0x428}}}, 0x7) map_shadow_stack(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) 191.25µs ago: executing program 3 (id=41): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000045000900000000000200000002000000080002"], 0x1c}}, 0x0) 0s ago: executing program 2 (id=42): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x20000000}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040080}, 0x0) kernel console output (not intermixed with test programs): [ 44.077988][ T40] audit: type=1400 audit(1764680214.832:60): avc: denied { rlimitinh } for pid=5840 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.084267][ T40] audit: type=1400 audit(1764680214.832:61): avc: denied { siginh } for pid=5840 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:38860' (ED25519) to the list of known hosts. [ 45.563100][ T40] audit: type=1400 audit(1764680216.332:62): avc: denied { name_bind } for pid=5874 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.586934][ T40] audit: type=1400 audit(1764680216.352:63): avc: denied { write } for pid=5876 comm="sh" path="pipe:[6134]" dev="pipefs" ino=6134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.599903][ T40] audit: type=1400 audit(1764680216.372:64): avc: denied { execute } for pid=5876 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.611131][ T40] audit: type=1400 audit(1764680216.372:65): avc: denied { execute_no_trans } for pid=5876 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.942363][ T40] audit: type=1400 audit(1764680218.712:66): avc: denied { mounton } for pid=5876 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.956352][ T5876] cgroup: Unknown subsys name 'net' [ 48.147848][ T5876] cgroup: Unknown subsys name 'cpuset' [ 48.152049][ T5876] cgroup: Unknown subsys name 'rlimit' [ 48.409109][ T5922] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.273098][ T5876] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.567027][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 52.567043][ T40] audit: type=1400 audit(1764680223.342:80): avc: denied { execmem } for pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.730572][ T40] audit: type=1400 audit(1764680223.502:81): avc: denied { create } for pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.744639][ T40] audit: type=1400 audit(1764680223.502:82): avc: denied { read write } for pid=5935 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.753691][ T40] audit: type=1400 audit(1764680223.502:83): avc: denied { open } for pid=5935 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.762225][ T40] audit: type=1400 audit(1764680223.512:84): avc: denied { ioctl } for pid=5935 comm="syz-executor" path="socket:[6276]" dev="sockfs" ino=6276 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.797082][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.801433][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.805285][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.805683][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.809496][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.812554][ T5940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.815321][ T5939] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.818162][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.821270][ T5939] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.822741][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.826109][ T5939] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.828099][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.831494][ T5939] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.834754][ T5297] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.835740][ T5939] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.841016][ T40] audit: type=1400 audit(1764680223.612:85): avc: denied { read } for pid=5935 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.849522][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.853917][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.856330][ T40] audit: type=1400 audit(1764680223.622:86): avc: denied { open } for pid=5943 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.857644][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.864276][ T40] audit: type=1400 audit(1764680223.622:87): avc: denied { mounton } for pid=5943 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.868025][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.877671][ T5297] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.050630][ T40] audit: type=1400 audit(1764680223.822:88): avc: denied { module_request } for pid=5943 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 53.112106][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 53.152653][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 53.236239][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 53.254186][ T5934] chnl_net:caif_netlink_parms(): no params data found [ 53.298739][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.301961][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.305521][ T5943] bridge_slave_0: entered allmulticast mode [ 53.308314][ T5943] bridge_slave_0: entered promiscuous mode [ 53.356742][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.359552][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.362772][ T5943] bridge_slave_1: entered allmulticast mode [ 53.366338][ T5943] bridge_slave_1: entered promiscuous mode [ 53.451218][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.486284][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.489854][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.493242][ T5935] bridge_slave_0: entered allmulticast mode [ 53.498404][ T5935] bridge_slave_0: entered promiscuous mode [ 53.506339][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.539937][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.543202][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.547110][ T5935] bridge_slave_1: entered allmulticast mode [ 53.551472][ T5935] bridge_slave_1: entered promiscuous mode [ 53.555756][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.559251][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.562562][ T5947] bridge_slave_0: entered allmulticast mode [ 53.567550][ T5947] bridge_slave_0: entered promiscuous mode [ 53.591278][ T5943] team0: Port device team_slave_0 added [ 53.603892][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.606665][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.609181][ T5947] bridge_slave_1: entered allmulticast mode [ 53.612326][ T5947] bridge_slave_1: entered promiscuous mode [ 53.615075][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.617696][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.620420][ T5934] bridge_slave_0: entered allmulticast mode [ 53.623757][ T5934] bridge_slave_0: entered promiscuous mode [ 53.628137][ T5943] team0: Port device team_slave_1 added [ 53.644297][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.646928][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.649449][ T5934] bridge_slave_1: entered allmulticast mode [ 53.652224][ T5934] bridge_slave_1: entered promiscuous mode [ 53.667793][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.688498][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.690993][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.699407][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.704830][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.709853][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.714249][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.719044][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.722104][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.733255][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.745339][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.750658][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.789671][ T5947] team0: Port device team_slave_0 added [ 53.799576][ T5935] team0: Port device team_slave_0 added [ 53.803049][ T5947] team0: Port device team_slave_1 added [ 53.806360][ T5934] team0: Port device team_slave_0 added [ 53.819135][ T5934] team0: Port device team_slave_1 added [ 53.822683][ T5935] team0: Port device team_slave_1 added [ 53.871357][ T5943] hsr_slave_0: entered promiscuous mode [ 53.873765][ T5943] hsr_slave_1: entered promiscuous mode [ 53.877200][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.879245][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.888102][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.898966][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.901266][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.909720][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.914054][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.916239][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.923730][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.927679][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.930083][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.939454][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.945354][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.947658][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.956525][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.971184][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.973618][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.982158][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.042210][ T5947] hsr_slave_0: entered promiscuous mode [ 54.045049][ T5947] hsr_slave_1: entered promiscuous mode [ 54.047297][ T5947] debugfs: 'hsr0' already exists in 'hsr' [ 54.049289][ T5947] Cannot create hsr debugfs directory [ 54.079125][ T5935] hsr_slave_0: entered promiscuous mode [ 54.081536][ T5935] hsr_slave_1: entered promiscuous mode [ 54.083966][ T5935] debugfs: 'hsr0' already exists in 'hsr' [ 54.086179][ T5935] Cannot create hsr debugfs directory [ 54.097956][ T5934] hsr_slave_0: entered promiscuous mode [ 54.100285][ T5934] hsr_slave_1: entered promiscuous mode [ 54.103056][ T5934] debugfs: 'hsr0' already exists in 'hsr' [ 54.105586][ T5934] Cannot create hsr debugfs directory [ 54.397502][ T5943] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.411282][ T5943] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.418023][ T5943] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.430410][ T5943] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.480803][ T5947] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.490484][ T5947] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.498432][ T5947] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.517105][ T5947] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.578656][ T5934] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.583501][ T5934] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.588525][ T5934] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.596302][ T5934] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.673251][ T5935] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.680881][ T5935] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.693981][ T5935] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.702022][ T5935] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.747630][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.766312][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.783237][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.803400][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.807134][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.820639][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.829269][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.831705][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.842726][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.845259][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.858121][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.860528][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.883485][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.885302][ T5944] Bluetooth: hci1: command tx timeout [ 54.886688][ T5940] Bluetooth: hci2: command tx timeout [ 54.886729][ T5948] Bluetooth: hci0: command tx timeout [ 54.887062][ T5297] Bluetooth: hci3: command tx timeout [ 54.913567][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.960275][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.969013][ T5934] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.976115][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.978544][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.981985][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.984560][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.991687][ T40] audit: type=1400 audit(1764680225.762:89): avc: denied { sys_module } for pid=5943 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 55.006865][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.010091][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.019416][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.022532][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.054293][ T5935] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 55.059385][ T5935] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 55.109345][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.150799][ T5943] veth0_vlan: entered promiscuous mode [ 55.166132][ T5943] veth1_vlan: entered promiscuous mode [ 55.185625][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.217509][ T5943] veth0_macvtap: entered promiscuous mode [ 55.223339][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.231909][ T5943] veth1_macvtap: entered promiscuous mode [ 55.254922][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.260927][ T5947] veth0_vlan: entered promiscuous mode [ 55.267611][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.282042][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.290583][ T5947] veth1_vlan: entered promiscuous mode [ 55.308989][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.316252][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.325934][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.339034][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.366037][ T5935] veth0_vlan: entered promiscuous mode [ 55.396077][ T5934] veth0_vlan: entered promiscuous mode [ 55.415899][ T5947] veth0_macvtap: entered promiscuous mode [ 55.420068][ T5935] veth1_vlan: entered promiscuous mode [ 55.433177][ T5934] veth1_vlan: entered promiscuous mode [ 55.440572][ T5947] veth1_macvtap: entered promiscuous mode [ 55.441172][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.446301][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.478779][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.493372][ T5934] veth0_macvtap: entered promiscuous mode [ 55.498519][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.501082][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.506858][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.515834][ T5934] veth1_macvtap: entered promiscuous mode [ 55.534913][ T1149] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.538903][ T1149] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.547592][ T1149] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.551506][ T1149] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.556918][ T5935] veth0_macvtap: entered promiscuous mode [ 55.565117][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.577672][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.585016][ T5935] veth1_macvtap: entered promiscuous mode [ 55.591087][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.638982][ T514] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.656456][ T514] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.660523][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.663104][ T514] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.674644][ T514] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.683332][ T514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.686817][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.691089][ T514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.710438][ T93] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.713514][ T93] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.719237][ T93] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.728146][ T93] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.769296][ T514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.773629][ T514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.824433][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.841876][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.861310][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.867858][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.882474][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.892042][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.917129][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.919811][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.977340][ T6037] nftables ruleset with unbound set [ 56.126825][ T6053] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 56.128060][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18'. [ 56.401074][ T6089] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 56.539313][ T6106] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI [ 56.544684][ T6106] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 56.548445][ T6106] CPU: 3 UID: 0 PID: 6106 Comm: syz.3.41 Not tainted syzkaller #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 56.552500][ T6106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.557541][ T6106] RIP: 0010:handshake_complete+0x31/0x390 [ 56.560194][ T6106] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 34 e9 6d f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 5c 22 0e 00 48 b8 00 [ 56.568701][ T6106] RSP: 0018:ffffc9000443f4f8 EFLAGS: 00010206 [ 56.571402][ T6106] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90005749000 [ 56.574978][ T6106] RDX: 0000000000000005 RSI: ffffffff8b4fc5dc RDI: 0000000000000028 [ 56.578516][ T6106] RBP: ffffc9000443f5c0 R08: 0000000000000000 R09: ffffed1005005d90 [ 56.582010][ T6106] R10: ffff88802802ec83 R11: 0000000000000001 R12: 00000000fffffffb [ 56.585516][ T6106] R13: 0000000000000000 R14: ffff888055b14000 R15: ffff888025958000 [ 56.589159][ T6106] FS: 00007f7f481826c0(0000) GS:ffff8880d6ca3000(0000) knlGS:0000000000000000 [ 56.593126][ T6106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.596067][ T6106] CR2: 0000200000000000 CR3: 00000000586aa000 CR4: 0000000000352ef0 [ 56.598917][ T6106] Call Trace: [ 56.600059][ T6106] [ 56.601087][ T6106] handshake_nl_accept_doit+0x2dc/0x910 [ 56.602932][ T6106] genl_family_rcv_msg_doit+0x209/0x2f0 [ 56.604924][ T6106] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 56.607405][ T6106] ? bpf_lsm_capable+0x9/0x10 [ 56.609367][ T6106] ? security_capable+0x7e/0x260 [ 56.611341][ T6106] genl_rcv_msg+0x55c/0x800 [ 56.613199][ T6106] ? __pfx_genl_rcv_msg+0x10/0x10 [ 56.615282][ T6106] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 56.617838][ T6106] netlink_rcv_skb+0x158/0x420 [ 56.619844][ T6106] ? __pfx_genl_rcv_msg+0x10/0x10 [ 56.621955][ T6106] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 56.624150][ T6106] ? netlink_deliver_tap+0x1ae/0xd30 [ 56.626380][ T6106] genl_rcv+0x28/0x40 [ 56.628052][ T6106] netlink_unicast+0x5aa/0x870 [ 56.630058][ T6106] ? __pfx_netlink_unicast+0x10/0x10 [ 56.632246][ T6106] netlink_sendmsg+0x8c8/0xdd0 [ 56.634250][ T6106] ? __pfx_netlink_sendmsg+0x10/0x10 [ 56.636458][ T6106] ____sys_sendmsg+0xa5d/0xc30 [ 56.638447][ T6106] ? copy_msghdr_from_user+0x10a/0x160 [ 56.640701][ T6106] ? __pfx_____sys_sendmsg+0x10/0x10 [ 56.642898][ T6106] ? __pfx_futex_wake_mark+0x10/0x10 [ 56.645109][ T6106] ___sys_sendmsg+0x134/0x1d0 [ 56.647120][ T6106] ? find_held_lock+0x2b/0x80 [ 56.649105][ T6106] ? __pfx____sys_sendmsg+0x10/0x10 [ 56.651260][ T6106] ? __lock_acquire+0x433/0x22f0 [ 56.653371][ T6106] __sys_sendmsg+0x16d/0x220 [ 56.655299][ T6106] ? __pfx___sys_sendmsg+0x10/0x10 [ 56.657594][ T6106] ? __x64_sys_futex+0x1e0/0x4c0 [ 56.659717][ T6106] do_syscall_64+0xcd/0xf80 [ 56.661667][ T6106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.664134][ T6106] RIP: 0033:0x7f7f4738f7c9 [ 56.666012][ T6106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.673954][ T6106] RSP: 002b:00007f7f48182038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 56.677509][ T6106] RAX: ffffffffffffffda RBX: 00007f7f475e5fa0 RCX: 00007f7f4738f7c9 [ 56.680816][ T6106] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 56.684093][ T6106] RBP: 00007f7f47413f91 R08: 0000000000000000 R09: 0000000000000000 [ 56.687430][ T6106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.690738][ T6106] R13: 00007f7f475e6038 R14: 00007f7f475e5fa0 R15: 00007ffddcc61108 [ 56.694050][ T6106] [ 56.695393][ T6106] Modules linked in: [ 56.697358][ T6106] ---[ end trace 0000000000000000 ]--- [ 56.714443][ T6106] RIP: 0010:handshake_complete+0x31/0x390 [ 56.718983][ T6106] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 34 e9 6d f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 5c 22 0e 00 48 b8 00 [ 56.728061][ T6106] RSP: 0018:ffffc9000443f4f8 EFLAGS: 00010206 [ 56.730121][ T6106] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90005749000 [ 56.732775][ T6106] RDX: 0000000000000005 RSI: ffffffff8b4fc5dc RDI: 0000000000000028 [ 56.736060][ T6106] RBP: ffffc9000443f5c0 R08: 0000000000000000 R09: ffffed1005005d90 [ 56.738683][ T6106] R10: ffff88802802ec83 R11: 0000000000000001 R12: 00000000fffffffb [ 56.741298][ T6106] R13: 0000000000000000 R14: ffff888055b14000 R15: ffff888025958000 [ 56.743951][ T6106] FS: 00007f7f481826c0(0000) GS:ffff8880d6aa3000(0000) knlGS:0000000000000000 [ 56.748010][ T6106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.750620][ T6106] CR2: 0000563715b48ad0 CR3: 00000000586aa000 CR4: 0000000000352ef0 [ 56.753242][ T6106] Kernel panic - not syncing: Fatal exception [ 56.755941][ T6106] Kernel Offset: disabled [ 56.757428][ T6106] Rebooting in 86400 seconds..