last executing test programs: 80.612613ms ago: executing program 4 (id=5): openat$sysfs(0xffffffffffffff9c, &(0x7f0000002180)='/sys/kernel/fscaps', 0xa82, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x0, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(r1, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}]}}}]}, 0x40}}, 0x0) 60.892915ms ago: executing program 1 (id=2): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@mpls_delroute={0x1b, 0x19, 0x1}, 0x1c}}, 0x0) 827.059µs ago: executing program 1 (id=6): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x34, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0x18, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x34}}, 0x0) 503.019µs ago: executing program 4 (id=7): mkdir(0x0, 0x0) setxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100000000004038101014000000000001090224000100000000090400000103000000092100001d0122030009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000004c0)={0x2c, &(0x7f0000000880)=ANY=[@ANYBLOB="000003"], 0x0, 0x0, 0x0, 0x0}, 0x0) 266.549µs ago: executing program 2 (id=3): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) read(r1, &(0x7f00000002c0)=""/196, 0xc4) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, 0x0, 0x0) 0s ago: executing program 1 (id=8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @empty}, 0x1c) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000019000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0xa, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.60' (ED25519) to the list of known hosts. [ 19.398798][ T23] audit: type=1400 audit(1720006061.089:66): avc: denied { mounton } for pid=326 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.400255][ T326] cgroup1: Unknown subsys name 'net' [ 19.402149][ T23] audit: type=1400 audit(1720006061.089:67): avc: denied { mount } for pid=326 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.403160][ T326] cgroup1: Unknown subsys name 'net_prio' [ 19.407305][ T326] cgroup1: Unknown subsys name 'devices' [ 19.408769][ T23] audit: type=1400 audit(1720006061.099:68): avc: denied { unmount } for pid=326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.499691][ T326] cgroup1: Unknown subsys name 'hugetlb' [ 19.505315][ T326] cgroup1: Unknown subsys name 'rlimit' [ 19.668451][ T23] audit: type=1400 audit(1720006061.359:69): avc: denied { setattr } for pid=326 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.691676][ T23] audit: type=1400 audit(1720006061.359:70): avc: denied { mounton } for pid=326 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 19.700942][ T342] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 19.716162][ T23] audit: type=1400 audit(1720006061.359:71): avc: denied { mount } for pid=326 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.747589][ T23] audit: type=1400 audit(1720006061.409:72): avc: denied { relabelto } for pid=342 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.772768][ T23] audit: type=1400 audit(1720006061.409:73): avc: denied { write } for pid=342 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.798126][ T23] audit: type=1400 audit(1720006061.429:74): avc: denied { read } for pid=326 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.798160][ T326] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.823365][ T23] audit: type=1400 audit(1720006061.429:75): avc: denied { open } for pid=326 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.223855][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.230736][ T351] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.238108][ T351] device bridge_slave_0 entered promiscuous mode [ 20.246999][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.253820][ T351] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.261357][ T351] device bridge_slave_1 entered promiscuous mode [ 20.317416][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.324254][ T350] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.331937][ T350] device bridge_slave_0 entered promiscuous mode [ 20.349153][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.355979][ T350] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.363360][ T350] device bridge_slave_1 entered promiscuous mode [ 20.400097][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.407248][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.414462][ T352] device bridge_slave_0 entered promiscuous mode [ 20.424930][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.431875][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.439207][ T352] device bridge_slave_1 entered promiscuous mode [ 20.445683][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.452566][ T354] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.459747][ T354] device bridge_slave_0 entered promiscuous mode [ 20.470101][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.476960][ T354] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.484136][ T354] device bridge_slave_1 entered promiscuous mode [ 20.558204][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.565043][ T353] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.572461][ T353] device bridge_slave_0 entered promiscuous mode [ 20.579371][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.586192][ T353] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.593650][ T353] device bridge_slave_1 entered promiscuous mode [ 20.744954][ T351] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.751860][ T351] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.758938][ T351] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.765673][ T351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.776429][ T350] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.783275][ T350] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.790401][ T350] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.797157][ T350] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.819099][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.825931][ T354] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.833085][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.839830][ T354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.848987][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.855813][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.863055][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.869806][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.911593][ T353] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.918444][ T353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.925544][ T353] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.932346][ T353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.957497][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.964642][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.972031][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.980150][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.987201][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.994190][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.001630][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.008782][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.015704][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.022959][ T341] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.029929][ T341] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.047854][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.055269][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.069394][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.078067][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.084883][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.092324][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.100313][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.107151][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.114298][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.122327][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.129152][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.136294][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.144237][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.151074][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.167034][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.174406][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.182721][ T341] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.189568][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.227027][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.234419][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.242950][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.251949][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.260187][ T124] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.267039][ T124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.274271][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.282653][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.290721][ T124] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.297552][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.304762][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.313168][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.321212][ T124] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.328043][ T124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.335186][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.343175][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.350938][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.359009][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.366737][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.374750][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.397114][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.405065][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.415180][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.423144][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.431196][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.439196][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.446916][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.454847][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.472537][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.480518][ T74] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.498562][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.506770][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.515195][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.523740][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.557426][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.565190][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.573180][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.581638][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.589927][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.598065][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.605635][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.613479][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.620753][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.628221][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.636283][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.644447][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.652514][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.660667][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.667503][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.674619][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.682701][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.690677][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.697510][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.704723][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.712733][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.744927][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.755761][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.763998][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.772473][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.780741][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.789033][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.797038][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.804979][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.813465][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.821370][ T341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.850269][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.858311][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.866327][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.874863][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.883157][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.891155][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.899329][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.907660][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.915764][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.924010][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.946503][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.986234][ T374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.027129][ T376] syz.4.5 (376) used greatest stack depth: 21720 bytes left [ 22.027587][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.055121][ T386] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 22.076141][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.084467][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.092975][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.101442][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.110460][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.110659][ T386] BUG: kernel NULL pointer dereference, address: 0000000000000086 [ 22.118971][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.126058][ T386] #PF: supervisor instruction fetch in kernel mode [ 22.134583][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.140200][ T386] #PF: error_code(0x0010) - not-present page [ 22.140205][ T386] PGD 1f57ec067 P4D 1f57ec067 PUD 1f57e2067 PMD 0 [ 22.140220][ T386] Oops: 0010 [#1] PREEMPT SMP KASAN [ 22.140230][ T386] CPU: 1 PID: 386 Comm: syz.1.8 Not tainted 5.4.276-syzkaller-00021-g58de09405d1e #0 [ 22.140234][ T386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 22.140260][ T386] RIP: 0010:0x86 [ 22.140268][ T386] Code: Bad RIP value. [ 22.140274][ T386] RSP: 0018:ffff8881f05f7308 EFLAGS: 00010086 [ 22.140282][ T386] RAX: ffff8881f05f7338 RBX: dffffc0000000000 RCX: 0000000000040000 [ 22.140289][ T386] RDX: ffffc90000540000 RSI: 00000000000017b4 RDI: 00000000000017b5 [ 22.140295][ T386] RBP: 0000000000000fd0 R08: ffffffff82316961 R09: ffffffff811c8ff5 [ 22.140300][ T386] R10: ffff8881f32e8000 R11: 0000000000000002 R12: ffffffff846015d0 [ 22.140306][ T386] R13: fffffe0000000fd8 R14: ffff8881d9050000 R15: fffffe0000000fdb [ 22.140313][ T386] FS: 00007f76194de6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 22.140318][ T386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.140324][ T386] CR2: 000000000000005c CR3: 00000001f0b69000 CR4: 00000000003426a0 [ 22.140329][ T386] Call Trace: [ 22.140344][ T386] ? __die+0xb4/0x100 [ 22.140355][ T386] ? no_context+0xbda/0xe50 [ 22.140367][ T386] ? is_prefetch+0x4b0/0x4b0 [ 22.140376][ T386] ? rcu_preempt_deferred_qs+0xa4/0x2b0 [ 22.140384][ T386] ? __do_page_fault+0xa7d/0xbb0 [ 22.140399][ T386] ? vmx_spec_ctrl_restore_host+0x83/0xfd [ 22.150057][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.154071][ T386] ? __bad_area_nosemaphore+0xc0/0x460 [ 22.160948][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.165437][ T386] ? page_fault+0x2f/0x40 [ 22.317502][ T386] ? call_function_interrupt+0x20/0x20 [ 22.322794][ T386] ? vmx_handle_exit_irqoff+0x45/0x220 [ 22.328072][ T386] ? check_preemption_disabled+0x91/0x320 [ 22.333805][ T386] ? handle_external_interrupt_irqoff+0x148/0x2f0 [ 22.340052][ T386] ? handle_external_interrupt_irqoff+0x12a/0x2f0 [ 22.346303][ T386] ? call_function_interrupt+0x20/0x20 [ 22.351591][ T386] ? vcpu_enter_guest+0x2d06/0x9f70 [ 22.356624][ T386] ? unwind_next_frame+0x176a/0x1ea0 [ 22.361751][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.367304][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.372519][ T386] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 22.378419][ T386] ? local_bh_enable+0x20/0x20 [ 22.383008][ T386] ? rcu_preempt_deferred_qs+0xa4/0x2b0 [ 22.388656][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.394205][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.399428][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.404973][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.410527][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.415735][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.420938][ T386] ? switch_mm_irqs_off+0x325/0xab0 [ 22.425972][ T386] ? _raw_spin_unlock_irq+0x4a/0x60 [ 22.431005][ T386] ? finish_task_switch+0x130/0x590 [ 22.436129][ T386] ? __schedule+0xb0d/0x1320 [ 22.440565][ T386] ? is_mmconf_reserved+0x430/0x430 [ 22.445594][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.450802][ T386] ? preempt_schedule+0xd9/0xe0 [ 22.455482][ T386] ? preempt_schedule_common+0xa6/0xd0 [ 22.460772][ T386] ? preempt_schedule+0xd9/0xe0 [ 22.465459][ T386] ? schedule_preempt_disabled+0x20/0x20 [ 22.470953][ T386] ? check_preempt_wakeup+0x4f6/0x9f0 [ 22.476138][ T386] ? vmx_vcpu_load_vmcs+0x655/0x8b0 [ 22.481182][ T386] ? ___preempt_schedule+0x16/0x20 [ 22.486148][ T386] ? read_msr+0x40/0x40 [ 22.490120][ T386] ? try_to_wake_up+0x9d3/0x14f0 [ 22.494900][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.500442][ T386] ? cpus_share_cache+0x110/0x110 [ 22.505300][ T386] ? check_preemption_disabled+0x9f/0x320 [ 22.510856][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.516062][ T386] ? kvm_check_async_pf_completion+0x387/0x3a0 [ 22.522053][ T386] ? kvm_arch_vcpu_ioctl_run+0x748/0x18d0 [ 22.527607][ T386] ? kvm_vcpu_ioctl+0x7f9/0xd10 [ 22.532296][ T386] ? debug_smp_processor_id+0x20/0x20 [ 22.537511][ T386] ? create_vcpu_fd+0x120/0x120 [ 22.542185][ T386] ? do_futex+0x13fe/0x19f0 [ 22.546525][ T386] ? __lru_cache_add+0x206/0x2b0 [ 22.551303][ T386] ? _raw_spin_unlock+0x49/0x60 [ 22.555984][ T386] ? handle_mm_fault+0x1d03/0x4990 [ 22.560942][ T386] ? create_vcpu_fd+0x120/0x120 [ 22.565618][ T386] ? do_vfs_ioctl+0x742/0x1720 [ 22.570222][ T386] ? ioctl_preallocate+0x250/0x250 [ 22.575166][ T386] ? __fget+0x407/0x490 [ 22.579158][ T386] ? fget_many+0x20/0x20 [ 22.583239][ T386] ? switch_fpu_return+0x1d4/0x410 [ 22.588186][ T386] ? security_file_ioctl+0x7d/0xa0 [ 22.593132][ T386] ? __x64_sys_ioctl+0xd4/0x110 [ 22.597822][ T386] ? do_syscall_64+0xca/0x1c0 [ 22.602336][ T386] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 22.608231][ T386] Modules linked in: [ 22.611980][ T386] CR2: 0000000000000086 [ 22.615976][ T386] ---[ end trace 570e2fca12006420 ]--- [ 22.621261][ T386] RIP: 0010:0x86 [ 22.624640][ T386] Code: Bad RIP value. [ 22.628539][ T386] RSP: 0018:ffff8881f05f7308 EFLAGS: 00010086 [ 22.634440][ T386] RAX: ffff8881f05f7338 RBX: dffffc0000000000 RCX: 0000000000040000 [ 22.642255][ T386] RDX: ffffc90000540000 RSI: 00000000000017b4 RDI: 00000000000017b5 [ 22.650067][ T386] RBP: 0000000000000fd0 R08: ffffffff82316961 R09: ffffffff811c8ff5 [ 22.657874][ T386] R10: ffff8881f32e8000 R11: 0000000000000002 R12: ffffffff846015d0 [ 22.665686][ T386] R13: fffffe0000000fd8 R14: ffff8881d9050000 R15: fffffe0000000fdb [ 22.673499][ T386] FS: 00007f76194de6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 22.682261][ T386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.688685][ T386] CR2: 000000000000005c CR3: 00000001f0b69000 CR4: 00000000003426a0 [ 22.696498][ T386] Kernel panic - not syncing: Fatal exception [ 22.702600][ T386] Kernel Offset: disabled [ 22.706718][ T386] Rebooting in 86400 seconds..