last executing test programs: 0s ago: executing program 1 (id=2): r0 = syz_open_dev$dvb_frontend(&(0x7f00000002c0), 0x0, 0x2) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc03064ca, &(0x7f0000000480)={&(0x7f00000003c0)=[r4], &(0x7f0000000040)=[0x81], 0x2000000000ea25, 0x3fffffffffffff19, 0x3}) sendfile(r1, r0, 0x0, 0x6) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r2, 0xc01864c1, &(0x7f0000000040)={r4}) ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x301, 0x100, 0x0, 0x0, 0x0}) r5 = syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00') getdents(r5, &(0x7f0000000040)=""/30, 0x44) getdents64(r5, &(0x7f0000000840)=""/217, 0xd9) ioctl$EVIOCGKEYCODE_V2(r5, 0x80284504, &(0x7f0000000300)=""/143) ioctl$FE_SET_FRONTEND(r0, 0x40246f4c, &(0x7f0000000080)={0xd, 0x0, @ofdm={0x6, 0x13, 0x16, 0x9, 0x2, 0xb, 0x4}}) r6 = fsopen(&(0x7f00000002c0)='iso9660\x00', 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0) ioctl$DRM_IOCTL_DMA(r7, 0xc0406429, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000180)=[0x8], &(0x7f00000001c0)=[0x9], 0x42, 0x5, 0x8, &(0x7f0000000200)=[0x80000001, 0x9, 0xeaf9, 0x1000, 0x6], &(0x7f0000000240)=[0x53, 0x1, 0x0, 0x1, 0x400, 0x4, 0x1, 0xffff7fff, 0x2]}) kernel console output (not intermixed with test programs): [ 73.975627][ T40] audit: type=1400 audit(1774062558.908:72): avc: denied { rlimitinh } for pid=5848 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 73.984217][ T40] audit: type=1400 audit(1774062558.908:73): avc: denied { siginh } for pid=5848 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 86.532545][ T10] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:57078' (ED25519) to the list of known hosts. [ 415.028449][ T40] audit: type=1400 audit(1774062899.978:74): avc: denied { name_bind } for pid=5975 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 415.056256][ T40] audit: type=1400 audit(1774062900.008:75): avc: denied { execute } for pid=5976 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 415.063642][ T40] audit: type=1400 audit(1774062900.008:76): avc: denied { execute_no_trans } for pid=5976 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 417.198567][ T40] audit: type=1400 audit(1774062902.148:77): avc: denied { mounton } for pid=5976 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 417.210769][ T40] audit: type=1400 audit(1774062902.158:78): avc: denied { mount } for pid=5976 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 417.219303][ T5976] cgroup: Unknown subsys name 'net' [ 417.222274][ T40] audit: type=1400 audit(1774062902.178:79): avc: denied { unmount } for pid=5976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 417.395254][ T5976] cgroup: Unknown subsys name 'cpuset' [ 417.399525][ T5976] cgroup: Unknown subsys name 'rlimit' [ 417.554888][ T40] audit: type=1400 audit(1774062902.508:80): avc: denied { setattr } for pid=5976 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 417.564254][ T40] audit: type=1400 audit(1774062902.508:81): avc: denied { create } for pid=5976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 417.572937][ T40] audit: type=1400 audit(1774062902.508:82): avc: denied { write } for pid=5976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 417.580971][ T40] audit: type=1400 audit(1774062902.508:83): avc: denied { read } for pid=5976 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 417.607588][ T5978] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 418.381270][ T5976] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 421.669516][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 421.669531][ T40] audit: type=1400 audit(1774062906.618:90): avc: denied { execmem } for pid=5983 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 421.820741][ T40] audit: type=1400 audit(1774062906.768:91): avc: denied { create } for pid=5987 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 421.828594][ T40] audit: type=1400 audit(1774062906.768:92): avc: denied { read write } for pid=5987 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 421.838698][ T40] audit: type=1400 audit(1774062906.768:93): avc: denied { open } for pid=5987 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 421.848356][ T40] audit: type=1400 audit(1774062906.798:94): avc: denied { ioctl } for pid=5988 comm="syz-executor" path="socket:[3977]" dev="sockfs" ino=3977 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 421.858855][ T40] audit: type=1400 audit(1774062906.798:95): avc: denied { ioctl } for pid=5991 comm="syz-executor" path="socket:[6459]" dev="sockfs" ino=6459 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 421.865700][ T6000] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 421.871019][ T6000] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 421.875031][ T6000] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 421.876389][ T6002] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 421.879098][ T6000] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 421.881313][ T6002] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 421.884480][ T6000] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 421.887074][ T6002] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 421.892339][ T6000] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 421.892750][ T6002] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 421.895531][ T6000] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 421.895661][ T6003] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 421.896534][ T6003] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 421.896810][ T6003] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 421.903825][ T6005] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 421.904790][ T40] audit: type=1400 audit(1774062906.858:96): avc: denied { read } for pid=5991 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 421.908448][ T6005] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 421.910101][ T40] audit: type=1400 audit(1774062906.858:97): avc: denied { open } for pid=5991 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 421.912864][ T6000] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 421.921723][ T40] audit: type=1400 audit(1774062906.858:98): avc: denied { mounton } for pid=5991 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 421.924333][ T6005] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 421.941095][ T6000] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 421.943057][ T6005] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 422.158485][ T40] audit: type=1400 audit(1774062907.108:99): avc: denied { module_request } for pid=5990 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 422.212060][ T5990] chnl_net:caif_netlink_parms(): no params data found [ 422.286427][ T5991] chnl_net:caif_netlink_parms(): no params data found [ 422.303549][ T5987] chnl_net:caif_netlink_parms(): no params data found [ 422.374934][ T5990] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.377756][ T5990] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.380106][ T5990] bridge_slave_0: entered allmulticast mode [ 422.383490][ T5990] bridge_slave_0: entered promiscuous mode [ 422.396341][ T5988] chnl_net:caif_netlink_parms(): no params data found [ 422.413662][ T5990] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.415984][ T5990] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.418295][ T5990] bridge_slave_1: entered allmulticast mode [ 422.421059][ T5990] bridge_slave_1: entered promiscuous mode [ 422.447232][ T5990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.482875][ T5990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.544501][ T5987] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.547761][ T5987] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.551055][ T5987] bridge_slave_0: entered allmulticast mode [ 422.555043][ T5987] bridge_slave_0: entered promiscuous mode [ 422.564539][ T5987] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.567712][ T5987] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.571965][ T5987] bridge_slave_1: entered allmulticast mode [ 422.576015][ T5987] bridge_slave_1: entered promiscuous mode [ 422.582704][ T5990] team0: Port device team_slave_0 added [ 422.590855][ T5991] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.593198][ T5991] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.595580][ T5991] bridge_slave_0: entered allmulticast mode [ 422.598280][ T5991] bridge_slave_0: entered promiscuous mode [ 422.601506][ T5991] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.603852][ T5991] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.606189][ T5991] bridge_slave_1: entered allmulticast mode [ 422.608839][ T5991] bridge_slave_1: entered promiscuous mode [ 422.617076][ T5988] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.619415][ T5988] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.621878][ T5988] bridge_slave_0: entered allmulticast mode [ 422.624861][ T5988] bridge_slave_0: entered promiscuous mode [ 422.629467][ T5990] team0: Port device team_slave_1 added [ 422.657414][ T5991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.660679][ T5988] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.663011][ T5988] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.665426][ T5988] bridge_slave_1: entered allmulticast mode [ 422.668080][ T5988] bridge_slave_1: entered promiscuous mode [ 422.684244][ T5987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.688521][ T5991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.702939][ T5990] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.705230][ T5990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.713480][ T5990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.719008][ T5987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.734721][ T5988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.737920][ T5990] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.740146][ T5990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.748516][ T5990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.763391][ T5991] team0: Port device team_slave_0 added [ 422.778102][ T5988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.782847][ T5987] team0: Port device team_slave_0 added [ 422.786872][ T5991] team0: Port device team_slave_1 added [ 422.791791][ T5990] hsr_slave_0: entered promiscuous mode [ 422.794105][ T5990] hsr_slave_1: entered promiscuous mode [ 422.803752][ T5987] team0: Port device team_slave_1 added [ 422.843187][ T5987] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.846306][ T5987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.855650][ T5987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.860408][ T5988] team0: Port device team_slave_0 added [ 422.873121][ T5988] team0: Port device team_slave_1 added [ 422.875793][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.878130][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.886816][ T5991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.891177][ T5987] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.893474][ T5987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.901807][ T5987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.927831][ T5991] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.930887][ T5991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.939752][ T5991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.976566][ T5988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.979653][ T5988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 422.990988][ T5988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.997130][ T5988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 423.000194][ T5988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 423.011895][ T5988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 423.049281][ T5987] hsr_slave_0: entered promiscuous mode [ 423.051754][ T5987] hsr_slave_1: entered promiscuous mode [ 423.053925][ T5987] debugfs: 'hsr0' already exists in 'hsr' [ 423.055891][ T5987] Cannot create hsr debugfs directory [ 423.086942][ T5991] hsr_slave_0: entered promiscuous mode [ 423.090303][ T5991] hsr_slave_1: entered promiscuous mode [ 423.093434][ T5991] debugfs: 'hsr0' already exists in 'hsr' [ 423.095925][ T5991] Cannot create hsr debugfs directory [ 423.174236][ T5988] hsr_slave_0: entered promiscuous mode [ 423.177525][ T5988] hsr_slave_1: entered promiscuous mode [ 423.180630][ T5988] debugfs: 'hsr0' already exists in 'hsr' [ 423.183157][ T5988] Cannot create hsr debugfs directory [ 423.403571][ T5990] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 423.431956][ T5990] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 423.453333][ T5990] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 423.474065][ T5990] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 423.527552][ T5987] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 423.531925][ T5987] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 423.535679][ T5987] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 423.540357][ T5987] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 423.601884][ T5991] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 423.612425][ T5991] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 423.619609][ T5991] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 423.641709][ T5991] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 423.678072][ T5990] 8021q: adding VLAN 0 to HW filter on device bond0 [ 423.696863][ T5988] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 423.704650][ T5988] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 423.715432][ T5988] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 423.721771][ T5990] 8021q: adding VLAN 0 to HW filter on device team0 [ 423.727106][ T5988] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 423.742763][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.745908][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 423.761740][ T5987] 8021q: adding VLAN 0 to HW filter on device bond0 [ 423.771128][ T6044] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.773589][ T6044] bridge0: port 2(bridge_slave_1) entered forwarding state [ 423.809318][ T5987] 8021q: adding VLAN 0 to HW filter on device team0 [ 423.824705][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.827044][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 423.832791][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.835942][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 423.853205][ T5991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 423.883429][ T5991] 8021q: adding VLAN 0 to HW filter on device team0 [ 423.897750][ T6044] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.900980][ T6044] bridge0: port 1(bridge_slave_0) entered forwarding state [ 423.909966][ T181] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.912414][ T181] bridge0: port 2(bridge_slave_1) entered forwarding state [ 423.946372][ T5988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 423.958037][ T5988] 8021q: adding VLAN 0 to HW filter on device team0 [ 423.966083][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.968450][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 423.971764][ T6000] Bluetooth: hci1: command tx timeout [ 423.973775][ T5290] Bluetooth: hci2: command tx timeout [ 423.973779][ T6000] Bluetooth: hci3: command tx timeout [ 423.973997][ T5290] Bluetooth: hci0: command tx timeout [ 423.978828][ T6061] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.982891][ T6061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 424.017504][ T5990] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 424.051807][ T5987] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 424.074780][ T5990] veth0_vlan: entered promiscuous mode [ 424.093121][ T5991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 424.096475][ T5990] veth1_vlan: entered promiscuous mode [ 424.132089][ T5987] veth0_vlan: entered promiscuous mode [ 424.140610][ T5990] veth0_macvtap: entered promiscuous mode [ 424.146396][ T5990] veth1_macvtap: entered promiscuous mode [ 424.157427][ T5987] veth1_vlan: entered promiscuous mode [ 424.168943][ T5991] veth0_vlan: entered promiscuous mode [ 424.185227][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.190139][ T5991] veth1_vlan: entered promiscuous mode [ 424.196988][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.214914][ T5988] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 424.219174][ T5987] veth0_macvtap: entered promiscuous mode [ 424.228696][ T6061] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.236594][ T5987] veth1_macvtap: entered promiscuous mode [ 424.240104][ T6061] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.243230][ T6061] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.252150][ T6061] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.282479][ T5991] veth0_macvtap: entered promiscuous mode [ 424.291477][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.309180][ T5987] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.319815][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.321827][ T5991] veth1_macvtap: entered promiscuous mode [ 424.323646][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.335971][ T6061] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.340176][ T6061] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.345803][ T5988] veth0_vlan: entered promiscuous mode [ 424.355693][ T6061] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.358558][ T6061] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.369289][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.376987][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.380363][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.384535][ T5988] veth1_vlan: entered promiscuous mode [ 424.389635][ T5991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.396712][ T181] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.410341][ T181] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.416860][ T181] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.420100][ T181] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.446720][ T5990] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 424.475534][ T5988] veth0_macvtap: entered promiscuous mode [ 424.484171][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.486032][ T5988] veth1_macvtap: entered promiscuous mode [ 424.487312][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.508148][ T1230] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.514369][ T1230] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.526624][ T5988] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.538185][ T181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.543064][ T181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.548065][ T5988] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.560936][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.563390][ T6078] ------------[ cut here ]------------ [ 424.563526][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.565323][ T6078] 1 [ 424.565328][ T6078] WARNING: mm/page_alloc.c:5226 at __alloc_frozen_pages_noprof+0x23ea/0x2ba0, CPU#1: syz.1.2/6078 [ 424.572011][ T6078] Modules linked in: [ 424.574186][ T6078] CPU: 1 UID: 0 PID: 6078 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT(full) [ 424.577344][ T6078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 424.580751][ T6078] RIP: 0010:__alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.582981][ T6078] Code: 00 45 31 c9 49 83 bc 24 70 05 00 00 00 4c 89 4c 24 50 0f 85 5f f8 ff ff c6 44 24 10 00 e9 f3 ea ff ff c6 05 66 84 5a 0e 01 90 <0f> 0b 90 e9 69 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41 [ 424.589323][ T6078] RSP: 0018:ffffc9000474f790 EFLAGS: 00010246 [ 424.591558][ T6078] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 424.594269][ T6078] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0 [ 424.596866][ T6078] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009 [ 424.599743][ T6078] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0 [ 424.602741][ T6078] R13: 1ffff920008e9f41 R14: 0000000000000016 R15: 1ffff920008e9f0b [ 424.605338][ T6078] FS: 00007fd7a7a756c0(0000) GS:ffff8880d6442000(0000) knlGS:0000000000000000 [ 424.608257][ T6078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 424.611408][ T6078] CR2: 000000110c39a294 CR3: 000000005705c000 CR4: 0000000000352ef0 [ 424.614948][ T6078] Call Trace: [ 424.616063][ T6078] [ 424.617048][ T6078] ? is_bpf_text_address+0x8a/0x1a0 [ 424.618756][ T6078] ? bpf_ksym_find+0x128/0x1c0 [ 424.620337][ T6078] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 424.622429][ T6078] ? is_bpf_text_address+0x94/0x1a0 [ 424.624143][ T6078] ? kernel_text_address+0x8d/0x100 [ 424.625964][ T6078] ? __kernel_text_address+0xd/0x30 [ 424.627687][ T6078] ? unwind_get_return_address+0x59/0xa0 [ 424.629807][ T6078] ? arch_stack_walk+0xa6/0xf0 [ 424.630434][ T6083] i2c i2c-1: DVB: adapter 0 frontend 0 frequency 13 out of range (51000000..2150000000) [ 424.631459][ T6078] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 424.636651][ T6078] ? tomoyo_path_number_perm+0x46d/0x580 [ 424.638472][ T6078] ? stack_trace_save+0x8e/0xc0 [ 424.640042][ T6078] ? stack_depot_save_flags+0x27/0x9d0 [ 424.642057][ T6078] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.643998][ T6078] ? policy_nodemask+0xed/0x4f0 [ 424.645588][ T6078] alloc_pages_mpol+0x1fb/0x550 [ 424.647190][ T6078] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 424.649458][ T6078] ? find_held_lock+0x2b/0x80 [ 424.651095][ T6078] ? avc_has_extended_perms+0x33a/0x1080 [ 424.652888][ T6078] ? drm_syncobj_array_find+0x34/0x3b0 [ 424.654688][ T6078] ___kmalloc_large_node+0x104/0x150 [ 424.656406][ T6078] __kmalloc_large_node_noprof+0x1c/0x70 [ 424.658232][ T6078] __kmalloc_noprof+0x5be/0x850 [ 424.659861][ T6078] ? __lock_acquire+0x4a5/0x2630 [ 424.661625][ T6078] drm_syncobj_array_find+0x34/0x3b0 [ 424.663392][ T6078] drm_syncobj_timeline_wait_ioctl+0x236/0x390 [ 424.665415][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.667588][ T6078] ? find_held_lock+0x2b/0x80 [ 424.669122][ T6078] ? drm_dev_exit+0x41/0x60 [ 424.670671][ T6078] ? drm_dev_exit+0x41/0x60 [ 424.672138][ T6078] drm_ioctl_kernel+0x1f3/0x3e0 [ 424.673733][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.675861][ T6078] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 424.677761][ T6078] drm_ioctl+0x5e6/0xc60 [ 424.679136][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.681443][ T6078] ? __pfx_drm_ioctl+0x10/0x10 [ 424.682979][ T6078] ? selinux_file_ioctl+0x139/0x290 [ 424.684679][ T6078] ? selinux_file_ioctl+0xb4/0x290 [ 424.686356][ T6078] ? __pfx_drm_ioctl+0x10/0x10 [ 424.687925][ T6078] __x64_sys_ioctl+0x18e/0x210 [ 424.689508][ T6078] do_syscall_64+0x106/0xf80 [ 424.691431][ T6078] ? clear_bhb_loop+0x40/0x90 [ 424.692986][ T6078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.694938][ T6078] RIP: 0033:0x7fd7a6b9c799 [ 424.696382][ T6078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.702669][ T6078] RSP: 002b:00007fd7a7a75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 424.705408][ T6078] RAX: ffffffffffffffda RBX: 00007fd7a6e15fa0 RCX: 00007fd7a6b9c799 [ 424.707960][ T6078] RDX: 0000200000000480 RSI: 00000000c03064ca RDI: 0000000000000006 [ 424.710573][ T6078] RBP: 00007fd7a6c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 424.713126][ T6078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.715712][ T6078] R13: 00007fd7a6e16038 R14: 00007fd7a6e15fa0 R15: 00007ffc795f8218 [ 424.718298][ T6078] [ 424.719340][ T6078] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 424.721710][ T6078] CPU: 1 UID: 0 PID: 6078 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT(full) [ 424.724635][ T6078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 424.727877][ T6078] Call Trace: [ 424.728968][ T6078] [ 424.729942][ T6078] dump_stack_lvl+0x100/0x190 [ 424.731496][ T6078] vpanic+0x552/0x970 [ 424.732820][ T6078] ? __pfx_vpanic+0x10/0x10 [ 424.734338][ T6078] panic+0xd1/0xe0 [ 424.735549][ T6078] ? __pfx_panic+0x10/0x10 [ 424.736957][ T6078] check_panic_on_warn.cold+0x19/0x34 [ 424.738712][ T6078] ? __alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.740710][ T6078] __warn.cold+0x191/0x348 [ 424.742176][ T6078] __report_bug+0x296/0x3d0 [ 424.743710][ T6078] ? __alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.745735][ T6078] ? __pfx___report_bug+0x10/0x10 [ 424.747375][ T6078] ? __lock_acquire+0x4a5/0x2630 [ 424.748971][ T6078] ? __lock_acquire+0x4a5/0x2630 [ 424.750514][ T6078] ? __alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.752471][ T6078] report_bug+0xb2/0x220 [ 424.753834][ T6078] ? __alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.755829][ T6078] handle_bug+0x16a/0x2a0 [ 424.757250][ T6078] exc_invalid_op+0x17/0x50 [ 424.758762][ T6078] asm_exc_invalid_op+0x1a/0x20 [ 424.760350][ T6078] RIP: 0010:__alloc_frozen_pages_noprof+0x23ea/0x2ba0 [ 424.762533][ T6078] Code: 00 45 31 c9 49 83 bc 24 70 05 00 00 00 4c 89 4c 24 50 0f 85 5f f8 ff ff c6 44 24 10 00 e9 f3 ea ff ff c6 05 66 84 5a 0e 01 90 <0f> 0b 90 e9 69 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41 [ 424.768910][ T6078] RSP: 0018:ffffc9000474f790 EFLAGS: 00010246 [ 424.770888][ T6078] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 424.773466][ T6078] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0 [ 424.776030][ T6078] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009 [ 424.778586][ T6078] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0 [ 424.781129][ T6078] R13: 1ffff920008e9f41 R14: 0000000000000016 R15: 1ffff920008e9f0b [ 424.783691][ T6078] ? is_bpf_text_address+0x8a/0x1a0 [ 424.785401][ T6078] ? bpf_ksym_find+0x128/0x1c0 [ 424.786973][ T6078] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 424.788970][ T6078] ? is_bpf_text_address+0x94/0x1a0 [ 424.790674][ T6078] ? kernel_text_address+0x8d/0x100 [ 424.792375][ T6078] ? __kernel_text_address+0xd/0x30 [ 424.794100][ T6078] ? unwind_get_return_address+0x59/0xa0 [ 424.795929][ T6078] ? arch_stack_walk+0xa6/0xf0 [ 424.797490][ T6078] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 424.799542][ T6078] ? tomoyo_path_number_perm+0x46d/0x580 [ 424.801367][ T6078] ? stack_trace_save+0x8e/0xc0 [ 424.802963][ T6078] ? stack_depot_save_flags+0x27/0x9d0 [ 424.804742][ T6078] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.806672][ T6078] ? policy_nodemask+0xed/0x4f0 [ 424.808254][ T6078] alloc_pages_mpol+0x1fb/0x550 [ 424.809842][ T6078] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 424.811599][ T6078] ? find_held_lock+0x2b/0x80 [ 424.813140][ T6078] ? avc_has_extended_perms+0x33a/0x1080 [ 424.814999][ T6078] ? drm_syncobj_array_find+0x34/0x3b0 [ 424.816768][ T6078] ___kmalloc_large_node+0x104/0x150 [ 424.818493][ T6078] __kmalloc_large_node_noprof+0x1c/0x70 [ 424.820309][ T6078] __kmalloc_noprof+0x5be/0x850 [ 424.821892][ T6078] ? __lock_acquire+0x4a5/0x2630 [ 424.823523][ T6078] drm_syncobj_array_find+0x34/0x3b0 [ 424.825278][ T6078] drm_syncobj_timeline_wait_ioctl+0x236/0x390 [ 424.827283][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.829429][ T6078] ? find_held_lock+0x2b/0x80 [ 424.830977][ T6078] ? drm_dev_exit+0x41/0x60 [ 424.832463][ T6078] ? drm_dev_exit+0x41/0x60 [ 424.833972][ T6078] drm_ioctl_kernel+0x1f3/0x3e0 [ 424.835565][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.837716][ T6078] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 424.839474][ T6078] drm_ioctl+0x5e6/0xc60 [ 424.841041][ T6078] ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10 [ 424.843358][ T6078] ? __pfx_drm_ioctl+0x10/0x10 [ 424.844953][ T6078] ? selinux_file_ioctl+0x139/0x290 [ 424.846672][ T6078] ? selinux_file_ioctl+0xb4/0x290 [ 424.848341][ T6078] ? __pfx_drm_ioctl+0x10/0x10 [ 424.849901][ T6078] __x64_sys_ioctl+0x18e/0x210 [ 424.851480][ T6078] do_syscall_64+0x106/0xf80 [ 424.852996][ T6078] ? clear_bhb_loop+0x40/0x90 [ 424.854543][ T6078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.856461][ T6078] RIP: 0033:0x7fd7a6b9c799 [ 424.857925][ T6078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.864081][ T6078] RSP: 002b:00007fd7a7a75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 424.866778][ T6078] RAX: ffffffffffffffda RBX: 00007fd7a6e15fa0 RCX: 00007fd7a6b9c799 [ 424.869321][ T6078] RDX: 0000200000000480 RSI: 00000000c03064ca RDI: 0000000000000006 [ 424.871878][ T6078] RBP: 00007fd7a6c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 424.874435][ T6078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.876985][ T6078] R13: 00007fd7a6e16038 R14: 00007fd7a6e15fa0 R15: 00007ffc795f8218 [ 424.879548][ T6078] [ 424.881296][ T6078] Kernel Offset: disabled [ 424.882726][ T6078] Rebooting in 86400 seconds..