last executing test programs: 14.960943736s ago: executing program 1 (id=229): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20) recvmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0) recvfrom$inet6(r0, &(0x7f00000000c0)=""/53, 0x35, 0x40010102, 0x0, 0x0) 12.391300838s ago: executing program 1 (id=230): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x200000000000000) 12.271517454s ago: executing program 1 (id=231): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) r0 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x4000, 0x13100, 0x2, 0x2de}, &(0x7f0000000180)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0xa0}}) io_uring_enter(r0, 0x2def, 0xb80c, 0xe, 0x0, 0x0) 12.081028385s ago: executing program 1 (id=232): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioprio_set$pid(0x2, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0) sendfile(r4, r4, 0x0, 0x40008) 1.241743131s ago: executing program 0 (id=240): sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, 0x0, 0x4000810) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40002}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x60, 0x2c, 0xd27, 0x70bd25, 0x8007, {0x0, 0x0, 0x0, r3, {0xc, 0x5}, {}, {0xffe0, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x30, 0x2, [@TCA_FLOW_EMATCHES={0x2c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xb132, 0x3, 0xfffc}, {0x5, 0x5, 0x100, 0x3}}}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x24000841}, 0x800) 601.199617ms ago: executing program 0 (id=241): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000100)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 501.886732ms ago: executing program 0 (id=242): r0 = socket$inet(0x2, 0x3, 0x5) recvfrom$inet(r0, &(0x7f00000000c0)=""/75, 0x4b, 0x20012142, 0x0, 0x0) 431.250526ms ago: executing program 0 (id=243): socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0xa, 0x300) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@random="cf599d3baed5", @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f200", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x0, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x1000}}}}}}}, 0x0) 351.14208ms ago: executing program 0 (id=244): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x28, 0x3, 0x6, 0x301, 0x0, 0x0, {0x3, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x100000c1}, 0x0) 271.757825ms ago: executing program 1 (id=245): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="b5", 0x1, 0xfffffffffffffffb) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x100000000000f7) close_range(r0, r2, 0x0) keyctl$revoke(0x3, r1) 414.119µs ago: executing program 1 (id=246): syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x40}, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000000340)=ANY=[], 0x2b08}}, 0x4004006) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x304}, "2697312e4e898ca7", "35e23ca3a988def7dfbd438c536346cd", "11398f4a", "50cc97386065eda9"}, 0x28) recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/106, 0x6a}], 0x1}, 0x4}], 0x2, 0x40000002, 0x0) 0s ago: executing program 0 (id=247): r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=0x0, &(0x7f0000000600)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x1, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): [ 37.508936][ T31] audit: type=1400 audit(37.460:58): avc: denied { read write } for pid=3092 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 37.522699][ T31] audit: type=1400 audit(37.470:59): avc: denied { open } for pid=3092 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 Warning: Permanently added '[localhost]:53083' (ED25519) to the list of known hosts. [ 47.576044][ T31] audit: type=1400 audit(47.530:60): avc: denied { name_bind } for pid=3095 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 48.676126][ T31] audit: type=1400 audit(48.630:61): avc: denied { execute } for pid=3096 comm="sh" name="syz-executor" dev="vda" ino=805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 48.688322][ T31] audit: type=1400 audit(48.640:62): avc: denied { execute_no_trans } for pid=3096 comm="sh" path="/syz-executor" dev="vda" ino=805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 51.252835][ T31] audit: type=1400 audit(51.210:63): avc: denied { mounton } for pid=3096 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=806 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 51.254885][ T31] audit: type=1400 audit(51.210:64): avc: denied { mount } for pid=3096 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 51.267348][ T3096] cgroup: Unknown subsys name 'net' [ 51.273652][ T31] audit: type=1400 audit(51.230:65): avc: denied { unmount } for pid=3096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 51.398520][ T3096] cgroup: Unknown subsys name 'cpuset' [ 51.404642][ T3096] cgroup: Unknown subsys name 'hugetlb' [ 51.405553][ T3096] cgroup: Unknown subsys name 'rlimit' [ 51.669438][ T31] audit: type=1400 audit(51.620:66): avc: denied { setattr } for pid=3096 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 51.669666][ T31] audit: type=1400 audit(51.620:67): avc: denied { mounton } for pid=3096 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 51.669844][ T31] audit: type=1400 audit(51.620:68): avc: denied { mount } for pid=3096 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 51.824982][ T3098] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 51.827377][ T31] audit: type=1400 audit(51.780:69): avc: denied { relabelto } for pid=3098 comm="mkswap" name="swap-file" dev="vda" ino=809 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 56.091691][ T3096] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 57.237627][ T31] kauditd_printk_skb: 3 callbacks suppressed [ 57.238161][ T31] audit: type=1400 audit(57.190:73): avc: denied { execmem } for pid=3099 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 57.300488][ T31] audit: type=1400 audit(57.260:74): avc: denied { read } for pid=3101 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 57.301133][ T31] audit: type=1400 audit(57.260:75): avc: denied { open } for pid=3101 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 57.306476][ T31] audit: type=1400 audit(57.260:76): avc: denied { mounton } for pid=3101 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 57.334462][ T31] audit: type=1400 audit(57.290:77): avc: denied { module_request } for pid=3101 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 57.403154][ T31] audit: type=1400 audit(57.360:78): avc: denied { sys_module } for pid=3101 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 57.708667][ T31] audit: type=1400 audit(57.660:79): avc: denied { ioctl } for pid=3102 comm="syz-executor" path="/dev/net/tun" dev="devtmpfs" ino=675 ioctlcmd=0x54ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 58.426033][ T3102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.434722][ T3102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.594646][ T3101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.597248][ T3101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.013645][ T3102] hsr_slave_0: entered promiscuous mode [ 59.017134][ T3102] hsr_slave_1: entered promiscuous mode [ 59.313924][ T3101] hsr_slave_0: entered promiscuous mode [ 59.315375][ T3101] hsr_slave_1: entered promiscuous mode [ 59.318144][ T3101] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.321574][ T3101] Cannot create hsr debugfs directory [ 59.395861][ T31] audit: type=1400 audit(59.350:80): avc: denied { create } for pid=3102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 59.396959][ T31] audit: type=1400 audit(59.350:81): avc: denied { write } for pid=3102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 59.400208][ T31] audit: type=1400 audit(59.350:82): avc: denied { read } for pid=3102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 59.416134][ T3102] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 59.431938][ T3102] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 59.443066][ T3102] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 59.464523][ T3102] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 59.581945][ T3101] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 59.587311][ T3101] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 59.594143][ T3101] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 59.600766][ T3101] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 59.932737][ T3101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.227049][ T3102] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.268564][ T3101] veth0_vlan: entered promiscuous mode [ 61.281514][ T3101] veth1_vlan: entered promiscuous mode [ 61.314788][ T3101] veth0_macvtap: entered promiscuous mode [ 61.320037][ T3101] veth1_macvtap: entered promiscuous mode [ 61.352853][ T3101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.353233][ T3101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.353293][ T3101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.353334][ T3101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.537139][ T3101] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 61.811858][ T3102] veth0_vlan: entered promiscuous mode [ 61.825817][ T3102] veth1_vlan: entered promiscuous mode [ 61.862552][ T3102] veth0_macvtap: entered promiscuous mode [ 61.867754][ T3102] veth1_macvtap: entered promiscuous mode [ 61.896898][ T3102] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.897652][ T3102] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.900144][ T3102] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.901284][ T3102] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.310379][ T3803] tc_dump_action: action bad kind [ 62.392606][ T31] kauditd_printk_skb: 25 callbacks suppressed [ 62.399832][ T31] audit: type=1400 audit(62.340:108): avc: denied { prog_load } for pid=3804 comm="syz.1.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 62.400442][ T31] audit: type=1400 audit(62.350:109): avc: denied { bpf } for pid=3804 comm="syz.1.11" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 62.400802][ T31] audit: type=1400 audit(62.350:110): avc: denied { perfmon } for pid=3804 comm="syz.1.11" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 62.452680][ T31] audit: type=1400 audit(62.400:111): avc: denied { prog_run } for pid=3804 comm="syz.1.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 62.866974][ T3809] netlink: 348 bytes leftover after parsing attributes in process `syz.0.13'. [ 63.291672][ T3817] capability: warning: `syz.0.16' uses deprecated v2 capabilities in a way that may be insecure [ 63.302795][ T31] audit: type=1400 audit(63.260:112): avc: denied { create } for pid=3815 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 63.310441][ T3816] netlink: 104 bytes leftover after parsing attributes in process `syz.1.17'. [ 63.317418][ T31] audit: type=1400 audit(63.270:113): avc: denied { write } for pid=3815 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 63.318440][ T31] audit: type=1400 audit(63.270:114): avc: denied { nlmsg_write } for pid=3815 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 63.913397][ T31] audit: type=1400 audit(63.870:115): avc: denied { create } for pid=3833 comm="syz.1.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 63.916366][ T31] audit: type=1400 audit(63.870:116): avc: denied { bind } for pid=3833 comm="syz.1.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 63.920424][ T31] audit: type=1400 audit(63.880:117): avc: denied { accept } for pid=3833 comm="syz.1.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 64.134586][ T9] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0 [ 64.134977][ T9] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0 [ 64.155224][ T9] hid-generic 0000:0003:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 68.695329][ T31] kauditd_printk_skb: 11 callbacks suppressed [ 68.695966][ T31] audit: type=1400 audit(68.650:129): avc: denied { bind } for pid=3891 comm="syz.1.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 69.108495][ T31] audit: type=1400 audit(69.060:130): avc: denied { append } for pid=3893 comm="syz.1.37" name="001" dev="devtmpfs" ino=687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 69.350207][ T31] audit: type=1400 audit(69.310:131): avc: denied { create } for pid=3898 comm="syz.1.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 69.391323][ T31] audit: type=1400 audit(69.350:132): avc: denied { write } for pid=3898 comm="syz.1.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 69.786769][ T31] audit: type=1400 audit(69.740:133): avc: denied { unmount } for pid=3894 comm="syz.0.38" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 70.612718][ T31] audit: type=1400 audit(70.570:134): avc: denied { unmount } for pid=3102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 71.640818][ T31] audit: type=1400 audit(71.600:135): avc: denied { name_bind } for pid=3917 comm="syz.1.45" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 73.214383][ T3928] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 73.216654][ T3928] syzkaller0: entered promiscuous mode [ 73.220421][ T3928] syzkaller0: entered allmulticast mode [ 73.840849][ T3942] ======================================================= [ 73.840849][ T3942] WARNING: The mand mount option has been deprecated and [ 73.840849][ T3942] and is ignored by this kernel. Remove the mand [ 73.840849][ T3942] option from the mount to silence this warning. [ 73.840849][ T3942] ======================================================= [ 74.493987][ T31] audit: type=1400 audit(74.450:136): avc: denied { allowed } for pid=3947 comm="syz.0.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 74.512475][ T31] audit: type=1400 audit(74.470:137): avc: denied { create } for pid=3947 comm="syz.0.56" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 74.514040][ T31] audit: type=1400 audit(74.470:138): avc: denied { map } for pid=3947 comm="syz.0.56" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=2698 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 74.520006][ T31] audit: type=1400 audit(74.470:139): avc: denied { read write } for pid=3947 comm="syz.0.56" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=2698 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 74.657544][ T31] audit: type=1400 audit(74.610:140): avc: denied { create } for pid=3947 comm="syz.0.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 74.666329][ T31] audit: type=1400 audit(74.620:141): avc: denied { setopt } for pid=3947 comm="syz.0.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 76.990587][ T3967] mmap: syz.1.62 (3967) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 78.005416][ T31] audit: type=1400 audit(77.960:142): avc: denied { create } for pid=3983 comm="syz.0.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 78.158613][ T31] audit: type=1400 audit(78.110:143): avc: denied { ioctl } for pid=3983 comm="syz.0.70" path="socket:[2744]" dev="sockfs" ino=2744 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 78.566943][ T31] audit: type=1400 audit(78.520:144): avc: denied { create } for pid=3993 comm="syz.1.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 79.233744][ T31] audit: type=1400 audit(79.190:145): avc: denied { setopt } for pid=3998 comm="syz.0.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 80.213297][ T4021] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.233204][ T31] kauditd_printk_skb: 1 callbacks suppressed [ 80.235131][ T31] audit: type=1400 audit(80.190:147): avc: denied { getopt } for pid=4020 comm="syz.0.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 80.471248][ T31] audit: type=1400 audit(80.430:148): avc: denied { setopt } for pid=4023 comm="syz.0.84" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 80.671501][ T31] audit: type=1400 audit(80.630:149): avc: denied { create } for pid=4026 comm="syz.0.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 80.696637][ T31] audit: type=1400 audit(80.630:150): avc: denied { connect } for pid=4026 comm="syz.0.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 80.821960][ T4027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.85'. [ 80.976627][ T31] audit: type=1400 audit(80.930:151): avc: denied { ioctl } for pid=4032 comm="syz.1.86" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=2792 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 82.124477][ T31] audit: type=1400 audit(82.080:152): avc: denied { write } for pid=4043 comm="syz.1.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 82.176306][ T31] audit: type=1400 audit(82.130:153): avc: denied { create } for pid=4045 comm="syz.0.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 82.444192][ T31] audit: type=1400 audit(82.400:154): avc: denied { connect } for pid=4050 comm="syz.0.93" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.459442][ T31] audit: type=1400 audit(82.410:155): avc: denied { write } for pid=4050 comm="syz.0.93" path="socket:[3127]" dev="sockfs" ino=3127 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 83.231944][ T31] audit: type=1400 audit(83.190:156): avc: denied { shutdown } for pid=4059 comm="syz.1.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 87.445469][ T4086] netlink: 12 bytes leftover after parsing attributes in process `syz.1.104'. [ 88.627036][ T31] kauditd_printk_skb: 4 callbacks suppressed [ 88.629892][ T31] audit: type=1400 audit(88.580:161): avc: denied { bind } for pid=4101 comm="syz.0.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 89.153566][ T31] audit: type=1400 audit(89.110:162): avc: denied { wake_alarm } for pid=4103 comm="syz.0.110" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 90.242685][ T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 90.400586][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 90.435043][ T23] usb 2-1: config 0 has no interfaces? [ 90.441529][ T23] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 90.443989][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.444715][ T23] usb 2-1: Product: syz [ 90.445152][ T23] usb 2-1: Manufacturer: syz [ 90.445939][ T23] usb 2-1: SerialNumber: syz [ 90.460211][ T23] usb 2-1: config 0 descriptor?? [ 90.809474][ T10] usb 2-1: USB disconnect, device number 2 [ 91.875307][ T31] audit: type=1400 audit(91.830:163): avc: denied { mounton } for pid=4136 comm="syz.0.121" path="/66/file0" dev="tmpfs" ino=353 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 91.953297][ T1785] Process accounting resumed [ 95.250609][ T4157] netlink: 'syz.0.129': attribute type 10 has an invalid length. [ 95.259463][ T4157] netlink: 40 bytes leftover after parsing attributes in process `syz.0.129'. [ 95.304637][ T4157] A link change request failed with some changes committed already. Interface netdevsim3 may have been left with an inconsistent configuration, please check. [ 100.888271][ T31] audit: type=1400 audit(100.840:164): avc: denied { create } for pid=4182 comm="syz.0.140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 101.656712][ T4189] tmpfs: Unsupported parameter 'huge' [ 101.680025][ T31] audit: type=1400 audit(101.630:165): avc: denied { execute } for pid=4187 comm="syz.1.141" path="/59/file0/bus" dev="tmpfs" ino=320 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 101.771522][ T4192] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.593642][ T31] audit: type=1400 audit(104.550:166): avc: denied { create } for pid=4208 comm="syz.1.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 104.687492][ T4212] netlink: 'syz.0.151': attribute type 10 has an invalid length. [ 108.201687][ T4245] block nbd1: shutting down sockets [ 108.243267][ T4245] block nbd1: NBD_DISCONNECT [ 108.244552][ T4245] block nbd1: Send disconnect failed -32 [ 111.692584][ T31] audit: type=1400 audit(111.650:167): avc: denied { create } for pid=4255 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 111.695124][ T31] audit: type=1400 audit(111.650:168): avc: denied { write } for pid=4255 comm="syz.0.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 112.200811][ T4264] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 113.756725][ T4287] process 'syz.1.182' launched './file1' with NULL argv: empty string added [ 113.757895][ T31] audit: type=1400 audit(113.710:169): avc: denied { execute_no_trans } for pid=4285 comm="syz.1.182" path="/79/file1" dev="tmpfs" ino=423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 116.250487][ T4311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.252173][ T4311] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.280017][ T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 117.374308][ T31] audit: type=1400 audit(117.330:170): avc: denied { bind } for pid=4336 comm="syz.1.200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 117.381284][ T31] audit: type=1400 audit(117.340:171): avc: denied { name_bind } for pid=4336 comm="syz.1.200" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 117.381752][ T31] audit: type=1400 audit(117.340:172): avc: denied { node_bind } for pid=4336 comm="syz.1.200" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 120.393686][ T31] audit: type=1400 audit(120.350:173): avc: denied { create } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.405805][ T31] audit: type=1400 audit(120.360:174): avc: denied { bind } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.412981][ T31] audit: type=1400 audit(120.370:175): avc: denied { listen } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.418501][ T31] audit: type=1400 audit(120.370:176): avc: denied { connect } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.429197][ T31] audit: type=1400 audit(120.380:177): avc: denied { accept } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.493360][ T31] audit: type=1400 audit(120.450:178): avc: denied { read } for pid=4347 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 120.981344][ T4358] netlink: 'syz.0.209': attribute type 4 has an invalid length. [ 121.599885][ T31] audit: type=1400 audit(121.560:179): avc: denied { ioctl } for pid=4357 comm="syz.1.210" path="socket:[3510]" dev="sockfs" ino=3510 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 121.833410][ T4370] netlink: 'syz.0.213': attribute type 10 has an invalid length. [ 121.990600][ T4373] netlink: 'syz.1.214': attribute type 5 has an invalid length. [ 121.990909][ T4373] netlink: 'syz.1.214': attribute type 11 has an invalid length. [ 123.661712][ T31] audit: type=1326 audit(123.600:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.221" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 123.663579][ T31] audit: type=1326 audit(123.620:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.221" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 123.668219][ T31] audit: type=1326 audit(123.620:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.221" exe="/syz-executor" sig=0 arch=40000028 syscall=336 compat=0 ip=0x131f30 code=0x7ffc0000 [ 123.679546][ T31] audit: type=1326 audit(123.620:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.221" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 123.679983][ T31] audit: type=1326 audit(123.620:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4386 comm="syz.1.221" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 139.010886][ T4430] netlink: 96 bytes leftover after parsing attributes in process `syz.0.236'. [ 139.529369][ T31] audit: type=1400 audit(139.470:185): avc: denied { create } for pid=4435 comm="syz.0.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 140.676864][ T31] audit: type=1400 audit(140.630:186): avc: denied { read } for pid=4445 comm="syz.0.242" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 141.027271][ T31] audit: type=1400 audit(140.980:187): avc: denied { write } for pid=4452 comm="syz.1.245" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 141.287804][ T4457] 8<--- cut here --- [ 141.288148][ T4457] Unable to handle kernel NULL pointer dereference at virtual address 0000000e when read [ 141.300081][ T4457] [0000000e] *pgd=854be003, *pmd=df563003 [ 141.301431][ T4457] Internal error: Oops: 205 [#1] SMP ARM [ 141.302157][ T4457] Modules linked in: [ 141.302743][ T4457] CPU: 0 UID: 0 PID: 4457 Comm: syz.0.247 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT [ 141.303179][ T4457] Hardware name: ARM-Versatile Express [ 141.303488][ T4457] PC is at io_buffer_select+0x50/0x18c [ 141.304107][ T4457] LR is at xa_load+0x68/0xa4 [ 141.304276][ T4457] pc : [<8088999c>] lr : [<81a4c0b4>] psr: 20000013 [ 141.304690][ T4457] sp : df9b5d88 ip : df9b5d48 fp : df9b5da4 [ 141.305026][ T4457] r10: 00000362 r9 : 80000001 r8 : 00000000 [ 141.305257][ T4457] r7 : df9b5dc8 r6 : 00000000 r5 : 84de0900 r4 : 84e969c0 [ 141.305543][ T4457] r3 : 00000001 r2 : 00000000 r1 : 85530d00 r0 : 00000000 [ 141.305863][ T4457] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 141.306182][ T4457] Control: 30c5387d Table: 854dc3c0 DAC: fffffffd [ 141.306406][ T4457] Register r0 information: NULL pointer [ 141.306836][ T4457] Register r1 information: slab kmalloc-64 start 85530d00 pointer offset 0 size 64 [ 141.307564][ T4457] Register r2 information: NULL pointer [ 141.307761][ T4457] Register r3 information: non-paged memory [ 141.307999][ T4457] Register r4 information: slab io_kiocb start 84e969c0 pointer offset 0 size 192 [ 141.308420][ T4457] Register r5 information: slab kmalloc-2k start 84de0800 pointer offset 256 size 2048 [ 141.308779][ T4457] Register r6 information: NULL pointer [ 141.309035][ T4457] Register r7 information: 2-page vmalloc region starting at 0xdf9b4000 allocated at kernel_clone+0xac/0x3e4 [ 141.309657][ T4457] Register r8 information: NULL pointer [ 141.309887][ T4457] Register r9 information: non-slab/vmalloc memory [ 141.310187][ T4457] Register r10 information: non-paged memory [ 141.310528][ T4457] Register r11 information: 2-page vmalloc region starting at 0xdf9b4000 allocated at kernel_clone+0xac/0x3e4 [ 141.311036][ T4457] Register r12 information: 2-page vmalloc region starting at 0xdf9b4000 allocated at kernel_clone+0xac/0x3e4 [ 141.311387][ T4457] Process syz.0.247 (pid: 4457, stack limit = 0xdf9b4000) [ 141.311783][ T4457] Stack: (0xdf9b5d88 to 0xdf9b6000) [ 141.312150][ T4457] 5d80: 834f5400 84e969c0 8545a200 00000000 df9b5e0c df9b5da8 [ 141.312478][ T4457] 5da0: 80893204 80889958 80894888 00000000 00000000 aae7dd11 00010001 00000001 [ 141.312761][ T4457] 5dc0: df9b5df4 00000000 00000000 df9b5dd8 8022be54 8022ce4c 00000000 aae7dd11 [ 141.313107][ T4457] 5de0: 81a5be48 84e969c0 81cf0ca0 00000000 00000000 00000000 80000001 84e969c0 [ 141.313376][ T4457] 5e00: df9b5e34 df9b5e10 8088214c 80892ec4 84e969c0 80000001 0000001b 81cf0b5c [ 141.313645][ T4457] 5e20: 8607f180 df9b5ef8 df9b5e74 df9b5e38 80886c1c 8088210c 00000000 860079c0 [ 141.313965][ T4457] 5e40: c000004b 84de0a40 860047ec 84e969c0 86037f7c 84de0800 ffffffff 83a86c00 [ 141.314299][ T4457] 5e60: df9b5ef8 84e969c0 df9b5e8c df9b5e78 808871b4 80886be0 84e96a3c 86037f7c [ 141.314634][ T4457] 5e80: df9b5ecc df9b5e90 80885c00 8088717c 00000000 df9b5e90 8028cffc df9b5f34 [ 141.314962][ T4457] 5ea0: df9b5f10 8545a000 ffffffff 83a86c00 df9b5ef8 82a716d0 83a86c00 000001aa [ 141.315234][ T4457] 5ec0: df9b5ef4 df9b5ed0 80885cc4 80885b60 00000000 83a87464 83a87494 83a86c00 [ 141.315597][ T4457] 5ee0: 82a716d0 83a86c00 df9b5f0c df9b5ef8 80885e1c 80885c6c 00000000 aae7dd11 [ 141.315882][ T31] audit: type=1400 audit(141.260:188): avc: denied { read } for pid=2910 comm="syslogd" name="log" dev="vda" ino=795 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 141.315910][ T4457] 5f00: df9b5f34 df9b5f10 8028d014 80885df4 83a86c00 df9b5fb0 8020029c 000001aa [ 141.316795][ T31] audit: type=1400 audit(141.260:189): avc: denied { search } for pid=2910 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.317081][ T31] audit: type=1400 audit(141.260:190): avc: denied { write } for pid=2910 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.317316][ T31] audit: type=1400 audit(141.260:191): avc: denied { add_name } for pid=2910 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 141.317626][ T31] audi ** replaying previous printk message ** [ 141.317626][ T31] audit: type=1400 audit(141.260:192): avc: denied { create } for pid=2910 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 141.318157][ T31] audit: type=1400 audit(141.260:193): avc: denied { append open } for pid=2910 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 141.318546][ T31] audit: type=1400 audit(141.260:194): avc: denied { getattr } for pid=2910 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 141.322295][ T4457] 5f20: 8020029c 83a86c00 df9b5fac df9b5f38 8022bc08 8028cf90 8026b438 8029ce24 [ 141.322588][ T4457] 5f40: df9b5fb0 40000000 df9b5f84 df9b5f58 802229dc 8026b3f4 00000000 8281d05c [ 141.323046][ T4457] 5f60: df9b5fb0 0014c490 ecac8b10 80222930 00000000 aae7dd11 df9b5fac aae7dd11 [ 141.323415][ T4457] 5f80: 00000000 00000000 00000000 002e630c 000001aa 8020029c 83a86c00 000001aa [ 141.323843][ T4457] 5fa0: 00000000 df9b5fb0 80200088 8022b7cc 00000800 00003516 00000000 00000000 [ 141.324282][ T4457] 5fc0: 00000000 00000000 002e630c 000001aa 002d0000 00000000 00006364 76b790bc [ 141.324683][ T4457] 5fe0: 76b78ec0 76b78eb0 0001939c 00131f30 60000010 00000003 00000000 00000000 [ 141.325081][ T4457] Call trace: [ 141.325406][ T4457] [<8088994c>] (io_buffer_select) from [<80893204>] (io_recv+0x34c/0x46c) [ 141.326016][ T4457] r7:00000000 r6:8545a200 r5:84e969c0 r4:834f5400 [ 141.326379][ T4457] [<80892eb8>] (io_recv) from [<8088214c>] (__io_issue_sqe+0x4c/0x1c0) [ 141.326749][ T4457] r10:84e969c0 r9:80000001 r8:00000000 r7:00000000 r6:00000000 r5:81cf0ca0 [ 141.327012][ T4457] r4:84e969c0 [ 141.327139][ T4457] [<80882100>] (__io_issue_sqe) from [<80886c1c>] (io_issue_sqe+0x48/0x59c) [ 141.327532][ T4457] r9:df9b5ef8 r8:8607f180 r7:81cf0b5c r6:0000001b r5:80000001 r4:84e969c0 [ 141.327870][ T4457] [<80886bd4>] (io_issue_sqe) from [<808871b4>] (io_req_task_submit+0x44/0x64) [ 141.328226][ T4457] r10:84e969c0 r9:df9b5ef8 r8:83a86c00 r7:ffffffff r6:84de0800 r5:86037f7c [ 141.328519][ T4457] r4:84e969c0 [ 141.328828][ T4457] [<80887170>] (io_req_task_submit) from [<80885c00>] (io_handle_tw_list+0xac/0x10c) [ 141.329286][ T4457] r5:86037f7c r4:84e96a3c [ 141.329567][ T4457] [<80885b54>] (io_handle_tw_list) from [<80885cc4>] (tctx_task_work_run+0x64/0x188) [ 141.329874][ T4457] r10:000001aa r9:83a86c00 r8:82a716d0 r7:df9b5ef8 r6:83a86c00 r5:ffffffff [ 141.330150][ T4457] r4:8545a000 [ 141.330267][ T4457] [<80885c60>] (tctx_task_work_run) from [<80885e1c>] (tctx_task_work+0x34/0x94) [ 141.330553][ T4457] r9:83a86c00 r8:82a716d0 r7:83a86c00 r6:83a87494 r5:83a87464 r4:00000000 [ 141.330819][ T4457] [<80885de8>] (tctx_task_work) from [<8028d014>] (task_work_run+0x90/0xb8) [ 141.331193][ T4457] [<8028cf84>] (task_work_run) from [<8022bc08>] (do_work_pending+0x448/0x4f8) [ 141.331602][ T4457] r9:83a86c00 r8:8020029c r7:000001aa r6:8020029c r5:df9b5fb0 r4:83a86c00 [ 141.331859][ T4457] [<8022b7c0>] (do_work_pending) from [<80200088>] (slow_work_pending+0xc/0x24) [ 141.332211][ T4457] Exception stack(0xdf9b5fb0 to 0xdf9b5ff8) [ 141.332384][ T4457] 5fa0: 00000800 00003516 00000000 00000000 [ 141.332763][ T4457] 5fc0: 00000000 00000000 002e630c 000001aa 002d0000 00000000 00006364 76b790bc [ 141.333106][ T4457] 5fe0: 76b78ec0 76b78eb0 0001939c 00131f30 60000010 00000003 [ 141.333531][ T4457] r10:000001aa r9:83a86c00 r8:8020029c r7:000001aa r6:002e630c r5:00000000 [ 141.333950][ T4457] r4:00000000 [ 141.334309][ T4457] Code: e3130001 0a00002f e5910000 e1d120be (e1d030be) [ 141.335850][ T4457] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc [ 141.410753][ T4457] Kernel panic - not syncing: Fatal exception [ 141.412548][ T4457] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:47:51 Registers: info registers vcpu 0 CPU#0 R00=00000000 R01=00000000 R02=00000004 R03=81a50668 R04=00000006 R05=828fac48 R06=00000000 R07=828fac40 R08=83a96000 R09=00000028 R10=828fac48 R11=ec655d2c R12=ec655d30 R13=ec655d20 R14=803481fc R15=81a50678 PSR=60090093 -ZC- A S svc32 s00=206e6568 s01=64616572 d00=64616572206e6568 s02=54205b5d s03=37353434 d01=3735343454205b5d s04=6e55205d s05=656c6261 d02=656c62616e55205d s06=206f7420 s07=646e6168 d03=646e6168206f7420 s08=6b20656c s09=656e7265 d04=656e72656b20656c s10=554e206c s11=70204c4c d05=70204c4c554e206c s12=746e696f s13=64207265 d06=64207265746e696f s14=66657265 s15=6e657265 d07=6e65726566657265 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000 info registers vcpu 1 CPU#1 R00=02371760 R01=00000000 R02=00000040 R03=00000040 R04=00000040 R05=02371760 R06=00000001 R07=02371760 R08=00000000 R09=00000000 R10=7ed8ebc0 R11=00000000 R12=7ed8e73c R13=7ed8e6a8 R14=76dc2a34 R15=76d4b138 PSR=000f0010 ---- A S usr32 s00=206e614a s01=30203120 d00=30203120206e614a s02=3a725f6d s03=61737973 d01=617379733a725f6d s04=745f6d64 s05=6f637420 d02=6f637420745f6d64 s06=7865746e s07=79733d74 d03=79733d747865746e s08=6d657473 s09=733a755f d04=733a755f6d657473 s10=65747379 s11=3a725f6d d05=3a725f6d65747379 s12=6e72656b s13=745f6c65 d06=745f6c656e72656b s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000