last executing test programs: 13.700006898s ago: executing program 0 (id=60): r0 = socket(0x400000000010, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0xffff}, {0xffe0, 0xf}}}, 0x24}}, 0x0) 13.549660086s ago: executing program 0 (id=61): r0 = socket(0xa, 0x3, 0x3a) setsockopt$inet6_mtu(r0, 0x29, 0x17, 0x0, 0x0) 13.470055791s ago: executing program 0 (id=62): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18) r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain) 13.410003425s ago: executing program 0 (id=63): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x5885, 0x1f, 0xfffffffd, 0x216}, &(0x7f0000000340), &(0x7f0000000280)) 4.8988164s ago: executing program 0 (id=66): epoll_create1(0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) munlockall() madvise(&(0x7f00001a1000/0x4000)=nil, 0x4000, 0x8) 3.939478575s ago: executing program 1 (id=74): r0 = socket$l2tp6(0xa, 0x2, 0x73) sendto$l2tp6(r0, 0x0, 0x0, 0x4890, &(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @local, 0x2, 0x4}, 0x20) 3.879951788s ago: executing program 1 (id=75): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000380)={@ipv4={'\x00', '\xff\xff', @remote}, 0x8, 0x0, 0x2, 0x0, 0x0, 0xfffe}, 0x20) 3.879700818s ago: executing program 1 (id=76): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='freezer.self_freezing\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x8, 0x0, &(0x7f0000000440)) 3.759963795s ago: executing program 1 (id=77): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_vs_stats_percpu\x00') read$FUSE(r0, &(0x7f0000004140)={0x2020}, 0x2020) lseek(r0, 0xfffffffffffffffd, 0x1) 3.759661225s ago: executing program 1 (id=78): r0 = socket$inet6(0xa, 0x8000000000080001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000540)={0x1, {{0xa, 0x4204, 0xffffffff, @mcast1, 0xd57a}}}, 0x8c) 3.66720476s ago: executing program 1 (id=79): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fsopen(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) unshare(0x26020480) unshare(0x22020400) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff) 0s ago: executing program 0 (id=80): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=0x0, &(0x7f0000000600)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r1, 0x0, 0x0, 0x0, 0x242, 0x1, {0x1}}) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): [ 37.807413][ T31] audit: type=1400 audit(37.760:58): avc: denied { read write } for pid=3091 comm="sftp-server" name="null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 37.820369][ T31] audit: type=1400 audit(37.780:59): avc: denied { open } for pid=3091 comm="sftp-server" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 Warning: Permanently added '[localhost]:65479' (ED25519) to the list of known hosts. [ 46.592051][ T31] audit: type=1400 audit(46.540:60): avc: denied { name_bind } for pid=3094 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 47.677656][ T31] audit: type=1400 audit(47.630:61): avc: denied { execute } for pid=3095 comm="sh" name="syz-executor" dev="vda" ino=805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.682074][ T31] audit: type=1400 audit(47.640:62): avc: denied { execute_no_trans } for pid=3095 comm="sh" path="/syz-executor" dev="vda" ino=805 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 50.254368][ T31] audit: type=1400 audit(50.210:63): avc: denied { mounton } for pid=3095 comm="syz-executor" path="/syzcgroup/unified" dev="vda" ino=806 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 50.257773][ T31] audit: type=1400 audit(50.210:64): avc: denied { mount } for pid=3095 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.270066][ T3095] cgroup: Unknown subsys name 'net' [ 50.276200][ T31] audit: type=1400 audit(50.230:65): avc: denied { unmount } for pid=3095 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.480538][ T3095] cgroup: Unknown subsys name 'cpuset' [ 50.483648][ T3095] cgroup: Unknown subsys name 'hugetlb' [ 50.485783][ T3095] cgroup: Unknown subsys name 'rlimit' [ 50.707439][ T31] audit: type=1400 audit(50.660:66): avc: denied { setattr } for pid=3095 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.711529][ T31] audit: type=1400 audit(50.670:67): avc: denied { mounton } for pid=3095 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 50.712660][ T31] audit: type=1400 audit(50.670:68): avc: denied { mount } for pid=3095 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 50.829684][ T3097] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 50.832563][ T31] audit: type=1400 audit(50.790:69): avc: denied { relabelto } for pid=3097 comm="mkswap" name="swap-file" dev="vda" ino=809 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" Setting up swapspace version 1, size = 127995904 bytes [ 54.908480][ T3095] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 56.033400][ T31] kauditd_printk_skb: 3 callbacks suppressed [ 56.038915][ T31] audit: type=1400 audit(55.990:73): avc: denied { execmem } for pid=3098 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 56.075122][ T31] audit: type=1400 audit(56.030:74): avc: denied { read } for pid=3100 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.076708][ T31] audit: type=1400 audit(56.030:75): avc: denied { open } for pid=3100 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 56.080416][ T31] audit: type=1400 audit(56.040:76): avc: denied { mounton } for pid=3100 comm="syz-executor" path="/" dev="vda" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 56.092078][ T31] audit: type=1400 audit(56.050:77): avc: denied { module_request } for pid=3100 comm="syz-executor" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 56.135746][ T31] audit: type=1400 audit(56.090:78): avc: denied { sys_module } for pid=3100 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 56.491781][ T31] audit: type=1400 audit(56.450:79): avc: denied { ioctl } for pid=3100 comm="syz-executor" path="/dev/net/tun" dev="devtmpfs" ino=675 ioctlcmd=0x54ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.174465][ T3101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.195899][ T3101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.203460][ T3100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.242099][ T3100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.806887][ T3101] hsr_slave_0: entered promiscuous mode [ 57.813015][ T3101] hsr_slave_1: entered promiscuous mode [ 58.044318][ T3100] hsr_slave_0: entered promiscuous mode [ 58.045460][ T3100] hsr_slave_1: entered promiscuous mode [ 58.045923][ T3100] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.047945][ T3100] Cannot create hsr debugfs directory [ 58.223858][ T31] audit: type=1400 audit(58.180:80): avc: denied { create } for pid=3101 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.225844][ T31] audit: type=1400 audit(58.180:81): avc: denied { write } for pid=3101 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.227450][ T31] audit: type=1400 audit(58.180:82): avc: denied { read } for pid=3101 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.233260][ T3101] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.246731][ T3101] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.257619][ T3101] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.269456][ T3101] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.383585][ T3100] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.395081][ T3100] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.407992][ T3100] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.432901][ T3100] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.925762][ T3101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.991496][ T3100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.453659][ T3101] veth0_vlan: entered promiscuous mode [ 60.465761][ T3101] veth1_vlan: entered promiscuous mode [ 60.501802][ T3101] veth0_macvtap: entered promiscuous mode [ 60.516232][ T3101] veth1_macvtap: entered promiscuous mode [ 60.596841][ T3101] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.600053][ T3101] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.600324][ T3101] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.600478][ T3101] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.608400][ T3100] veth0_vlan: entered promiscuous mode [ 60.668163][ T3100] veth1_vlan: entered promiscuous mode [ 60.798239][ T3100] veth0_macvtap: entered promiscuous mode [ 60.815300][ T3100] veth1_macvtap: entered promiscuous mode [ 60.872154][ T3101] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 60.924754][ T3100] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.925134][ T3100] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.925228][ T3100] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.925360][ T3100] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.148002][ T31] kauditd_printk_skb: 14 callbacks suppressed [ 61.148332][ T31] audit: type=1400 audit(61.100:97): avc: denied { name_bind } for pid=3781 comm="syz.0.1" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 61.153070][ T31] audit: type=1400 audit(61.110:98): avc: denied { node_bind } for pid=3781 comm="syz.0.1" saddr=224.0.0.1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 61.173011][ T31] audit: type=1400 audit(61.130:99): avc: denied { unmount } for pid=3780 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 61.288283][ T31] audit: type=1400 audit(61.240:100): avc: denied { mounton } for pid=3786 comm="syz.1.4" path="/1/file0" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 61.385517][ T31] audit: type=1400 audit(61.340:101): avc: denied { execute } for pid=3791 comm="syz.1.5" path="/2/net_prio.prioidx" dev="tmpfs" ino=30 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 61.448003][ T31] audit: type=1400 audit(61.400:102): avc: denied { prog_load } for pid=3793 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.457214][ T31] audit: type=1400 audit(61.410:103): avc: denied { bpf } for pid=3793 comm="syz.1.6" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 61.481361][ T31] audit: type=1400 audit(61.440:104): avc: denied { perfmon } for pid=3793 comm="syz.1.6" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 61.509832][ T95] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 61.673982][ T95] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 61.674259][ T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 61.674478][ T95] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 61.674668][ T95] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 61.674816][ T95] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 61.674877][ T95] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.677212][ T95] usb 1-1: config 0 descriptor?? [ 61.883004][ T31] audit: type=1400 audit(61.840:105): avc: denied { create } for pid=3803 comm="syz.1.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 61.890921][ T31] audit: type=1400 audit(61.850:106): avc: denied { ioctl } for pid=3803 comm="syz.1.10" path="socket:[2419]" dev="sockfs" ino=2419 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 61.982268][ T3806] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.132559][ T95] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 62.151688][ T95] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 66.605794][ T95] usb 1-1: USB disconnect, device number 2 [ 66.703485][ T31] kauditd_printk_skb: 9 callbacks suppressed [ 66.703736][ T31] audit: type=1400 audit(66.660:116): avc: denied { setopt } for pid=3832 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 70.060866][ T31] audit: type=1400 audit(70.010:117): avc: denied { prog_run } for pid=3841 comm="syz.1.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 70.063019][ T31] audit: type=1400 audit(70.020:118): avc: denied { map_read map_write } for pid=3841 comm="syz.1.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 79.237428][ T31] audit: type=1400 audit(79.190:119): avc: denied { unmount } for pid=3100 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 79.270941][ T31] audit: type=1400 audit(79.230:120): avc: denied { getopt } for pid=3857 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 79.272066][ T31] audit: type=1400 audit(79.230:121): avc: denied { connect } for pid=3857 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 79.274665][ T31] audit: type=1400 audit(79.230:122): avc: denied { name_connect } for pid=3857 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 79.346188][ T31] audit: type=1400 audit(79.300:123): avc: denied { create } for pid=3861 comm="syz.0.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 79.361161][ T31] audit: type=1400 audit(79.320:124): avc: denied { setopt } for pid=3861 comm="syz.0.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 79.367302][ T31] audit: type=1400 audit(79.320:125): avc: denied { write } for pid=3861 comm="syz.0.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 79.669512][ T3722] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 79.833996][ T3722] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.841593][ T3722] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 79.842313][ T3722] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.842604][ T3722] usb 1-1: Product: syz [ 79.842737][ T3722] usb 1-1: Manufacturer: syz [ 79.842776][ T3722] usb 1-1: SerialNumber: syz [ 80.879844][ T3722] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 80.880462][ T3722] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 80.880608][ T3722] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 81.083329][ T3722] cdc_ncm 1-1:1.0: setting tx_max = 184 [ 81.094569][ T3722] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 81.107816][ T3722] usb 1-1: USB disconnect, device number 3 [ 81.109750][ T3722] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP) [ 81.549297][ T3722] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 81.699720][ T3722] usb 1-1: Using ep0 maxpacket: 8 [ 81.715525][ T3722] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 81.715843][ T3722] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.716096][ T3722] usb 1-1: Product: syz [ 81.716277][ T3722] usb 1-1: Manufacturer: syz [ 81.716343][ T3722] usb 1-1: SerialNumber: syz [ 81.723794][ T3722] usb 1-1: config 0 descriptor?? [ 81.931993][ T31] audit: type=1400 audit(81.890:126): avc: denied { append } for pid=3893 comm="syz.0.28" name="i2c-1" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 82.363428][ T31] audit: type=1400 audit(82.320:127): avc: denied { allowed } for pid=3913 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 82.367787][ T31] audit: type=1400 audit(82.320:128): avc: denied { create } for pid=3913 comm="syz.1.35" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 84.449380][ T3928] Zero length message leads to an empty skb [ 90.035530][ T95] usb 1-1: USB disconnect, device number 4 [ 90.731164][ T31] kauditd_printk_skb: 2 callbacks suppressed [ 90.731896][ T31] audit: type=1326 audit(90.690:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=20 compat=0 ip=0x127d2c code=0x7ffc0000 [ 90.734051][ T31] audit: type=1326 audit(90.690:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=173 compat=0 ip=0xef178 code=0x7ffc0000 [ 90.737403][ T31] audit: type=1326 audit(90.690:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=20 compat=0 ip=0x127d2c code=0x7ffc0000 [ 90.748110][ T31] audit: type=1326 audit(90.700:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=173 compat=0 ip=0xef178 code=0x7ffc0000 [ 90.752850][ T31] audit: type=1326 audit(90.700:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=20 compat=0 ip=0x127d2c code=0x7ffc0000 [ 90.755039][ T31] audit: type=1326 audit(90.700:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=173 compat=0 ip=0xef178 code=0x7ffc0000 [ 90.757091][ T31] audit: type=1326 audit(90.700:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=20 compat=0 ip=0x127d2c code=0x7ffc0000 [ 90.758724][ T31] audit: type=1326 audit(90.700:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=173 compat=0 ip=0xef178 code=0x7ffc0000 [ 90.761151][ T31] audit: type=1326 audit(90.720:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=20 compat=0 ip=0x127d2c code=0x7ffc0000 [ 90.763161][ T31] audit: type=1326 audit(90.720:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3950 comm="syz.0.46" exe="/syz-executor" sig=0 arch=40000028 syscall=173 compat=0 ip=0xef178 code=0x7ffc0000 [ 96.865017][ T31] kauditd_printk_skb: 2656 callbacks suppressed [ 96.865339][ T31] audit: type=1400 audit(96.820:2797): avc: denied { bind } for pid=3962 comm="syz.0.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 96.865526][ T31] audit: type=1400 audit(96.820:2798): avc: denied { accept } for pid=3962 comm="syz.0.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 107.279170][ T31] audit: type=1400 audit(107.220:2799): avc: denied { nlmsg_write } for pid=3973 comm="syz.0.54" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 107.279644][ T31] audit: type=1400 audit(107.220:2800): avc: denied { audit_write } for pid=3973 comm="syz.0.54" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 107.279905][ T31] audit: type=1107 audit(107.220:2801): pid=3973 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 110.890694][ T31] audit: type=1400 audit(110.850:2802): avc: denied { create } for pid=3977 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 110.896230][ T31] audit: type=1400 audit(110.850:2803): avc: denied { write } for pid=3977 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 110.899295][ T3978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.55'. [ 119.498939][ T31] audit: type=1326 audit(119.450:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.499195][ T31] audit: type=1326 audit(119.450:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.499337][ T31] audit: type=1326 audit(119.450:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=96 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.511522][ T31] audit: type=1326 audit(119.470:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.511772][ T31] audit: type=1326 audit(119.470:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.513459][ T31] audit: type=1326 audit(119.470:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=54 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.513644][ T31] audit: type=1326 audit(119.470:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 119.513777][ T31] audit: type=1326 audit(119.470:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000028 syscall=240 compat=0 ip=0x131f30 code=0x7ffc0000 [ 129.201157][ T31] audit: type=1400 audit(129.150:2812): avc: denied { sqpoll } for pid=4001 comm="syz.0.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 135.509584][ T31] audit: type=1400 audit(135.470:2813): avc: denied { name_bind } for pid=4007 comm="syz.1.64" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 135.849974][ T31] audit: type=1400 audit(135.810:2814): avc: denied { create } for pid=4018 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 135.853543][ T31] audit: type=1400 audit(135.810:2815): avc: denied { write } for pid=4018 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 135.854835][ T31] audit: type=1400 audit(135.810:2816): avc: denied { nlmsg_write } for pid=4018 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 135.864812][ T4019] netlink: 68 bytes leftover after parsing attributes in process `syz.1.68'. [ 135.870061][ T31] audit: type=1400 audit(135.820:2817): avc: denied { write } for pid=4018 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 135.872773][ T31] audit: type=1400 audit(135.830:2818): avc: denied { name_connect } for pid=4018 comm="syz.1.68" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 136.557418][ T31] audit: type=1400 audit(136.510:2819): avc: denied { create } for pid=4029 comm="syz.1.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 136.758142][ T31] audit: type=1400 audit(136.710:2820): avc: denied { getopt } for pid=4036 comm="syz.1.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 140.801279][ T4048] 8<--- cut here --- [ 140.802227][ T4048] Unable to handle kernel NULL pointer dereference at virtual address 0000000e when read [ 140.802958][ T4048] [0000000e] *pgd=85469003, *pmd=df5d5003 [ 140.805015][ T4048] Internal error: Oops: 205 [#1] SMP ARM [ 140.805456][ T4048] Modules linked in: [ 140.806287][ T4048] CPU: 1 UID: 0 PID: 4048 Comm: syz.0.80 Not tainted 6.15.0-rc5-syzkaller #0 PREEMPT [ 140.806941][ T4048] Hardware name: ARM-Versatile Express [ 140.807227][ T4048] PC is at io_ring_buffers_peek+0x24/0x258 [ 140.807800][ T4048] LR is at io_buffers_peek+0x68/0x8c [ 140.808014][ T4048] pc : [<8088956c>] lr : [<80889cb0>] psr: 20000013 [ 140.808257][ T4048] sp : df9f5dc0 ip : df9f5e08 fp : df9f5e04 [ 140.808553][ T4048] r10: 00000242 r9 : 00000000 r8 : 85461a80 [ 140.808859][ T4048] r7 : 8540150c r6 : 85401500 r5 : df9f5e44 r4 : 855ee000 [ 140.809115][ T4048] r3 : 00000001 r2 : 8540150c r1 : df9f5e44 r0 : 855ee000 [ 140.809673][ T4048] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none [ 140.809963][ T4048] Control: 30c5387d Table: 8545cb00 DAC: 00000000 [ 140.810354][ T4048] Register r0 information: slab io_kiocb start 855ee000 pointer offset 0 size 192 [ 140.811136][ T4048] Register r1 information: 2-page vmalloc region starting at 0xdf9f4000 allocated at kernel_clone+0xac/0x3e4 [ 140.811911][ T4048] Register r2 information: slab kmalloc-256 start 85401500 pointer offset 12 size 256 [ 140.812347][ T4048] Register r3 information: non-paged memory [ 140.812659][ T4048] Register r4 information: slab io_kiocb start 855ee000 pointer offset 0 size 192 [ 140.812985][ T4048] Register r5 information: 2-page vmalloc region starting at 0xdf9f4000 allocated at kernel_clone+0xac/0x3e4 [ 140.813564][ T4048] Register r6 information: slab kmalloc-256 start 85401500 pointer offset 0 size 256 [ 140.813963][ T4048] Register r7 information: slab kmalloc-256 start 85401500 pointer offset 12 size 256 [ 140.814294][ T4048] Register r8 information: slab kmalloc-64 start 85461a80 pointer offset 0 size 64 [ 140.814753][ T4048] Register r9 information: NULL pointer [ 140.815068][ T4048] Register r10 information: non-paged memory [ 140.815362][ T4048] Register r11 information: 2-page vmalloc region starting at 0xdf9f4000 allocated at kernel_clone+0xac/0x3e4 [ 140.815916][ T4048] Register r12 information: 2-page vmalloc region starting at 0xdf9f4000 allocated at kernel_clone+0xac/0x3e4 [ 140.816365][ T4048] Process syz.0.80 (pid: 4048, stack limit = 0xdf9f4000) [ 140.816805][ T4048] Stack: (0xdf9f5dc0 to 0xdf9f6000) [ 140.817331][ T4048] 5dc0: 81a4be54 8030cb0c 84baf100 00000001 00010000 8540150c 00000000 855ee000 [ 140.817672][ T4048] 5de0: df9f5e44 85401500 8540150c 00000000 80000001 00000242 df9f5e1c df9f5e08 [ 140.818009][ T4048] 5e00: 80889cb0 80889554 8365b400 855ee000 df9f5e84 df9f5e20 808931e0 80889c54 [ 140.818416][ T4048] 5e20: df9f5e4c df9f5e30 8089ec2c 8050a4c4 00010001 00000001 8057abbc 00000000 [ 140.818918][ T4048] 5e40: 00000000 8540150c 00000000 00000000 00010001 064be659 80886a40 855ee000 [ 140.819295][ T4048] 5e60: 81cf0ca0 00000000 80000001 81cf0b5c 0000001b 841ea400 df9f5ebc df9f5e88 [ 140.819587][ T4048] 5e80: 80886bd8 80892f38 855ee3c0 855ee480 855ee540 84baf000 855ee06c 855ee000 [ 140.819979][ T4048] 5ea0: 85640000 00000000 00000000 841ea400 df9f5f14 df9f5ec0 808877a8 80886b7c [ 140.820268][ T4048] 5ec0: 8088e164 81a4bdf8 00000000 00000000 00000800 00000800 81cf0b5c 00000800 [ 140.820554][ T4048] 5ee0: 84baf000 064be659 84f5f840 00000000 84baf000 00003516 84f5f840 00000000 [ 140.820802][ T4048] 5f00: 841ea400 00000000 df9f5fa4 df9f5f18 80888250 808875a8 ecac8b10 84baf040 [ 140.821329][ T4048] 5f20: 00000000 00000000 81a4fbd0 81a4faa0 df9f5f54 df9f5f40 8026b438 8029ce1c [ 140.821681][ T4048] 5f40: df9f5fb0 40000000 df9f5f84 df9f5f58 802229dc 8026b3f4 00000000 8281d05c [ 140.822091][ T4048] 5f60: df9f5fb0 0014c490 ecac8b10 80222930 00000000 064be659 df9f5fac 00000000 [ 140.822458][ T4048] 5f80: 00000000 002e630c 000001aa 8020029c 841ea400 000001aa 00000000 df9f5fa8 [ 140.822756][ T4048] 5fa0: 80200060 80888124 00000000 00000000 00000006 00003516 00000000 00000000 [ 140.823063][ T4048] 5fc0: 00000000 00000000 002e630c 000001aa 002d0000 00000000 00006364 76b0b0bc [ 140.823556][ T4048] 5fe0: 76b0aec0 76b0aeb0 0001939c 00131f30 60000010 00000006 00000000 00000000 [ 140.824034][ T4048] Call trace: [ 140.824390][ T4048] [<80889548>] (io_ring_buffers_peek) from [<80889cb0>] (io_buffers_peek+0x68/0x8c) [ 140.824867][ T4048] r10:00000242 r9:80000001 r8:00000000 r7:8540150c r6:85401500 r5:df9f5e44 [ 140.825240][ T4048] r4:855ee000 [ 140.825512][ T4048] [<80889c48>] (io_buffers_peek) from [<808931e0>] (io_recv+0x2b4/0x46c) [ 140.825881][ T4048] r5:855ee000 r4:8365b400 [ 140.826125][ T4048] [<80892f2c>] (io_recv) from [<80886bd8>] (io_issue_sqe+0x68/0x658) [ 140.826389][ T4048] r10:841ea400 r9:0000001b r8:81cf0b5c r7:80000001 r6:00000000 r5:81cf0ca0 [ 140.826639][ T4048] r4:855ee000 [ 140.826753][ T4048] [<80886b70>] (io_issue_sqe) from [<808877a8>] (io_submit_sqes+0x20c/0x938) [ 140.827050][ T4048] r10:841ea400 r9:00000000 r8:00000000 r7:85640000 r6:855ee000 r5:855ee06c [ 140.827538][ T4048] r4:84baf000 [ 140.827662][ T4048] [<8088759c>] (io_submit_sqes) from [<80888250>] (sys_io_uring_enter+0x138/0x780) [ 140.828008][ T4048] r10:00000000 r9:841ea400 r8:00000000 r7:84f5f840 r6:00003516 r5:84baf000 [ 140.828273][ T4048] r4:00000000 [ 140.828406][ T4048] [<80888118>] (sys_io_uring_enter) from [<80200060>] (ret_fast_syscall+0x0/0x1c) [ 140.828797][ T4048] Exception stack(0xdf9f5fa8 to 0xdf9f5ff0) [ 140.829159][ T4048] 5fa0: 00000000 00000000 00000006 00003516 00000000 00000000 [ 140.829501][ T4048] 5fc0: 00000000 00000000 002e630c 000001aa 002d0000 00000000 00006364 76b0b0bc [ 140.829871][ T4048] 5fe0: 76b0aec0 76b0aeb0 0001939c 00131f30 [ 140.830099][ T4048] r10:000001aa r9:841ea400 r8:8020029c r7:000001aa r6:002e630c r5:00000000 [ 140.830343][ T4048] r4:00000000 [ 140.830651][ T4048] Code: e1a08002 e5912000 e50b2030 e1a05001 (e1d920be) [ 140.831996][ T4048] ---[ end trace 0000000000000000 ]--- [ 140.833443][ T4048] Kernel panic - not syncing: Fatal exception [ 140.835034][ T4048] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:56:40 Registers: info registers vcpu 0 CPU#0 R00=829bc740 R01=0000ffcb R02=00000001 R03=81a50408 R04=82ab52c0 R05=98a67800 R06=00006bd8 R07=00000020 R08=845b8c00 R09=83bea400 R10=0000ffcb R11=df989e24 R12=df989e28 R13=df989e18 R14=812cbfb4 R15=81a50418 PSR=60010013 -ZC- A S svc32 s00=fb081c03 s01=ffffffff d00=fffffffffb081c03 s02=ffffffff s03=d2000001 d01=d2000001ffffffff s04=00078803 s05=98034808 d02=9803480800078803 s06=0208000f s07=000fa003 d03=000fa0030208000f s08=a8030008 s09=0008000f d04=0008000fa8030008 s10=000fb003 s11=02808008 d05=02808008000fb003 s12=060163f2 s13=00000806 d06=00000806060163f2 s14=80020100 s15=a008000f d07=a008000f80020100 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=b8030004 s33=0004000a d16=0004000ab8030004 s34=000abc03 s35=c0030004 d17=c0030004000abc03 s36=0004000a s37=000ac403 d18=000ac4030004000a s38=88030004 s39=48080007 d19=4808000788030004 s40=000f9803 s41=a0030208 d20=a0030208000f9803 s42=0008000f s43=000fa803 d21=000fa8030008000f s44=b0030008 s45=8008000f d22=8008000fb0030008 s46=63f20280 s47=08060601 d23=0806060163f20280 s48=674ac679 s49=7b889811 d24=7b889811674ac679 s50=1588bb77 s51=fefc01a9 d25=fefc01a91588bb77 s52=579163bb s53=a72e919b d26=a72e919b579163bb s54=8e5e4baf s55=78ae700e d27=78ae700e8e5e4baf s56=68ccab45 s57=913f86d7 d28=913f86d768ccab45 s58=5d719559 s59=5720790d d29=5720790d5d719559 s60=2514b7d6 s61=b73244f3 d30=b73244f32514b7d6 s62=affe6b85 s63=65902015 d31=65902015affe6b85 FPSCR: 00000000 info registers vcpu 1 CPU#1 R00=83e18840 R01=0000002d R02=eb2bd000 R03=eb2bd018 R04=84201054 R05=83e18840 R06=80a627e8 R07=8420106a R08=8282a2b8 R09=00000000 R10=000003ce R11=df9f598c R12=00000002 R13=df9f5980 R14=8295b2ec R15=80a627f8 PSR=80000093 N--- A S svc32 s00=00000000 s01=00000000 d00=0000000000000000 s02=00000000 s03=00000000 d01=0000000000000000 s04=00000000 s05=00000000 d02=0000000000000000 s06=00000000 s07=00000000 d03=0000000000000000 s08=00000000 s09=00000000 d04=0000000000000000 s10=00000000 s11=00000000 d05=0000000000000000 s12=00000000 s13=00000000 d06=0000000000000000 s14=00000000 s15=00000000 d07=0000000000000000 s16=00000000 s17=00000000 d08=0000000000000000 s18=00000000 s19=00000000 d09=0000000000000000 s20=00000000 s21=00000000 d10=0000000000000000 s22=00000000 s23=00000000 d11=0000000000000000 s24=00000000 s25=00000000 d12=0000000000000000 s26=00000000 s27=00000000 d13=0000000000000000 s28=00000000 s29=00000000 d14=0000000000000000 s30=00000000 s31=00000000 d15=0000000000000000 s32=00000000 s33=00000000 d16=0000000000000000 s34=00000000 s35=00000000 d17=0000000000000000 s36=00000000 s37=00000000 d18=0000000000000000 s38=00000000 s39=00000000 d19=0000000000000000 s40=00000000 s41=00000000 d20=0000000000000000 s42=00000000 s43=00000000 d21=0000000000000000 s44=00000000 s45=00000000 d22=0000000000000000 s46=00000000 s47=00000000 d23=0000000000000000 s48=00000000 s49=00000000 d24=0000000000000000 s50=00000000 s51=00000000 d25=0000000000000000 s52=00000000 s53=00000000 d26=0000000000000000 s54=00000000 s55=00000000 d27=0000000000000000 s56=00000000 s57=00000000 d28=0000000000000000 s58=00000000 s59=00000000 d29=0000000000000000 s60=00000000 s61=00000000 d30=0000000000000000 s62=00000000 s63=00000000 d31=0000000000000000 FPSCR: 00000000